last executing test programs: 7.971830034s ago: executing program 3 (id=1142): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x900, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) (async) memfd_create$auto(&(0x7f0000000000)='^[#@-\x00', 0x3) (async) r1 = fcntl$auto(0xff80000000000000, 0x409, 0x13) (async) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4) (async) mmap$auto(0x7ffffdfde000, 0x2020006, 0x9, 0x11, 0x8000000000000000, 0x8000) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) (async) madvise$auto(0x0, 0x200007, 0x19) unshare$auto(0x40000080) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) close_range$auto(0x2, r1, 0x0) (async) writev$auto(0x8000, &(0x7f0000000040)={0x0, 0x1000000000004}, 0x2bc) (async) r2 = io_uring_setup$auto(0x6, 0x0) (async) io_uring_register$auto(0x2, 0x16, &(0x7f0000000040), 0x1) io_uring_register$auto(0x2, 0x16, &(0x7f0000000040), 0x1) openat$auto_ftrace_event_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f00000040c0)='/sys/kernel/tracing/events/vmalloc/alloc_vmap_area/filter\x00', 0x100, 0x0) (async) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000002480)='/dev/midi2\x00', 0x2841, 0x0) ioctl$auto_SNDRV_RAWMIDI_IOCTL_PARAMS(r3, 0xc0305710, &(0x7f0000000040)={0x0, 0x73d, 0x4, 0x1, 0xff, "50b82e6c92b172b4cfaaca8e"}) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/power/pm_print_times\x00', 0x82942, 0x0) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) mmap$auto(0x401, 0x70, 0xdf, 0x9b72, 0x2, 0x80000000008000) (async) r4 = syz_genetlink_get_family_id$auto_ioam6(&(0x7f0000000600), 0xffffffffffffffff) (async) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_IOAM6_CMD_DEL_NAMESPACE(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c0000007b82b6b0dadf2a73e23a3630afc89ff86819803d2e57081f503a098baf17f843902d96d67b3f3dba0654305251dc11d767f4821d05f3dfb42c07d538541fd55f8af0efac319b36d85cc9aa44bf485e7c1f7b0dde5ad639cba0d196891dacf24d82135d2c42d95fa14a621627257460c917f44c415bece9ec", @ANYRES16=r4, @ANYBLOB="09002cbd7000fbdbdf25020000000600010003000000"], 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x808) sendmsg$auto_IOAM6_CMD_NS_SET_SCHEMA(r2, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x34, r4, 0x2, 0x70bd2a, 0x25dfdbff, {}, [@IOAM6_ATTR_SC_ID={0x8, 0x4, 0xa}, @IOAM6_ATTR_SC_ID={0x8, 0x4, 0xfffffff9}, @IOAM6_ATTR_SC_ID={0x8, 0x4, 0x5}, @IOAM6_ATTR_NS_ID={0x6, 0x1, 0x7}]}, 0x34}}, 0x14000001) (async) read$auto(0x3, 0x0, 0x80) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x182b02, 0x0) fallocate$auto(0x8000000000000003, 0x7, 0x5, 0x200000004) (async) ioctl$auto_BLKROGET(r0, 0x125e, 0xfdfdffffffffffff) 7.399319648s ago: executing program 3 (id=1146): r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x8100, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) read$auto(r0, 0x0, 0x800) openat$auto_transaction_log_fops_(0xffffffffffffff9c, 0x0, 0x100, 0x0) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, 0x0, 0x202041, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x101202, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xe0180, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x101242, 0x0) r1 = openat$auto_transactions_fops_(0xffffffffffffff9c, 0x0, 0x101600, 0x0) read$auto_transactions_fops_(r1, &(0x7f0000000080)=""/18, 0x12) socket(0x1f, 0x3, 0x6) ioctl$auto(0x4000000000000c8, 0x800454cf, 0x3) write$auto(0xffffffffffffffff, 0x0, 0x100000a3d7) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0) write$auto(r2, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) write$auto(r2, 0x0, 0x98c7) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/input/event2\x00', 0x20881, 0x0) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/kernel/watchdog_cpumask\x00', 0x141241, 0x0) mmap$auto(0x0, 0x2020007, 0xffffffffffffffff, 0xeb1, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x80201, 0x0) write$auto(r3, &(0x7f0000000000)='.%{\x00', 0x8000) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x20000800) 6.77421761s ago: executing program 3 (id=1148): mmap$auto(0x0, 0x4020009, 0xdf, 0x40000eb1, 0x401, 0x8000) clone$auto(0x100000008, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x4000006) clone$auto(0x1, 0x1, 0x0, 0x0, 0x2) madvise$auto(0x0, 0x200007, 0x19) mmap$auto(0x0, 0x5, 0xfff, 0x44eb2, 0x10006, 0x300000000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) move_pages$auto(0x0, 0x8, 0x0, 0x0, 0x0, 0x2) 6.599467602s ago: executing program 2 (id=1150): sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7fffe000) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000081, 0x8, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) syz_genetlink_get_family_id$auto_ovs_flow(0x0, 0xffffffffffffffff) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) r3 = socket(0x2, 0x801, 0x106) getsockopt$auto(r3, 0x11c, 0x2, 0x0, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) fdatasync$auto(r0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x143262, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000001500), r5) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000001540)={'netdevsim0\x00'}) sendmsg$auto_NET_SHAPER_CMD_GROUP(r5, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="30000000504010f26fcb0f125df1d380b05b246819a63a10fe0a3a6a7d2ee15de0a11bf19043e72434438bc9bc12fc1748ad2a79b41350ed2a3a0dade165b5d070d1b320bbed0d01cd086658b0303badf1273bd6b6364fb8050030f4f5811dd5eb1ac9aea40805ee8669a09a9e8aee5004abc2331581e4b697cbe04606d01c522c49a3bd2865c4b4a130f1df613eed2539", @ANYRES16=r6, @ANYBLOB="010029bd7000ffdbdf25040000000c000180080002003827000010000a800c0001800800010002000000"], 0xfffffd4b}, 0x1, 0x0, 0x0, 0x44000}, 0x14) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000440)=ANY=[@ANYBLOB="14000000", @ANYRES16=r2, @ANYBLOB="01002dbd7000fcdbdf257e0000000088a5cd5c95f378433574ede152d2d648077b925af91b9870c2840d680b779cf778bae59f330956285eeda8b5ebb445c178c810fb4b76eb172a16ee83c71a15873ce59b5248da9c06b8aaceb2e05fed6d1bc32338652010162b894df565abe850fbcfb8f030e77d32d9f2bb90c89762add386352e2379f957f4caf106cd272527caba4a62f73b22b60b0111717d721c"], 0x14}, 0x1, 0x68, 0x0, 0x4000000}, 0x0) r7 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) socketpair$auto(0x1, 0xffff812b, 0xfff, &(0x7f00000002c0)=0x800) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/platform/vivid.0/cec14/power/runtime_suspended_time\x00', 0x220080, 0x0) r8 = io_uring_setup$auto(0x5, 0x0) ioctl$auto_FS_IOC_ADD_ENCRYPTION_KEY2(r8, 0xc0506617, &(0x7f00000001c0)={{0x1, 0x0, @descriptor="ef468928639b7581"}, 0x9, 0x1, '\x00', "8733d93f746c67d97aaf5ad7d65eaf011a8da39983efb62af4074e85a1fc4eec9829da693a463ad339fd290e81e2357d6fe868a619b5ce6ab3a840fdb08e4c5f1c3cfae2f3808090b79c937c43c21c1ede4e0a805a099fa1a480ccdee2acb5a87b19abd4893ca1ae5fc774f371186ccbe17d"}) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000200)=""/55, 0x37) write$auto_console_fops_tty_io(r7, &(0x7f0000000340)="c80c1b5d399b588143e12632e16841dd73450e32ce65e99407334a998d5a7a5d14d75346a0f32c6924197ec30526fcb61c0b29024ebecfb9b357e5cd53c73d8692e5ae6aff889cf259f55be3697ee2428c633014880178d7f4fbeb2aacfb3a122387d3b9f3711d53b58246c61bfa7121f130194ec2808698195c2cdf9f6979df65efbb516b537ef1a005f87e6396a801ba8ddded61811d2d21c60d4c0d0074182bb38777fd", 0xa5) 5.481733033s ago: executing program 2 (id=1153): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r0 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x40080, 0x0) ioctl$auto_UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000400)={{0xc, 0x23, 0xa6, 0x83}, "66ac010005000000000068d190eb0d4a4cada7272464294b9183349eef4c1f028fdcc8ecc66fdd02316f064ebd893007abb4c0bbc3b822f66eaf240963110d61771552c03de65800", 0x2}) ioctl$auto_UI_DEV_CREATE(r0, 0x5501, 0x0) io_uring_setup$auto(0xa, 0x0) r1 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/debug_objects/stats\x00', 0x8000, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram1/integrity/tag_size\x00', 0x68e00, 0x0) recvmsg$auto(r1, &(0x7f00000000c0)={&(0x7f0000000180)="c4c2892c3b437db3f43374588b18162c6c5d63445e53e59022ef9c759f23c9b16eb064a536d684e3ae8d7ddf1705325656627eca1c3e6e6b1841408b5ab564487f4f34c716f5289bdd62e8a8106259214f7116c4e308b9726a57e4b6c6d0fcaeda093c95c4b7c961669e2b72cc9d75e912fa50af8cfde0ec5f7f8ca323f5506d9c34e568261a93b2ae6a71996a81c8c5682eb4243437cc45d09d017d9eb9f8e1b03dac25a4130372bb2cf9e954433a01c02964ed73ce5884769dcc373c59e7445e7e802da216c1", 0xeeee, &(0x7f0000000040)={&(0x7f00000002c0)="347c9f4c32527f2588904eb3d8a6574a106676506d9b7fb920bf0a262dacd5efb89d5221947d42eae3354b692808b4dc59a55123f2c61ab8cd3ce1871a3f4cb1b0a9543af16ee775d697d78b7a2fef53a5304dc9821189e92ef77a5bf8ba8b51df50f29d2f8a2db367fa1e1460d4e61f539c946f567d8aaccf53527188ad5b95d169eeb773f35342447862f02a3382df52ce67e48c46a2fef5402fceedd9bb53e5a0e218d9642d434edaaa96fe0b1b8c661eeab5c7e36e2f2d3d6ca1f28782374afce0774017f78019052b6e74c2b95ecde4eb3ef71230483b58c1ab3680f051bc6dee837f28458230329d001c442cab0882cf4c22f296c77ea18985", 0x81}, 0x8000, &(0x7f0000000480)="d2ca04fb19edfbd6142e65e754f12c40119ddeb9f05a596dca3ac2fe80a33f87eb54f19a44195bbb00f7e78764f29f16e13520f92981fe17a30617773e79710faaa767967c26b7dc770e642c11e3ea9740ba93d19273c26e436870356c755f242003be2d86ee78049ff0337169e244ac4fb5aa053100b24960fb34ad449f7c6919354b3687d114e6a2aba667acce5d8e8e5d8797c73ea5b3f8077be3179d1909e13c9d3d608abb24c5c767e10c5a530c01ec6189e6a9a48c56ce", 0x7, 0x1}, 0xfffffffb) connect$auto(0xffffffffffffffff, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0xdb) r2 = getpid() process_vm_readv$auto(r2, &(0x7f0000000000)={0x0, 0xfff}, 0x800000001, &(0x7f0000000280)={&(0x7f0000000080), 0x1ffffffff}, 0x6, 0x0) r3 = socket(0x11, 0x3, 0x2) ioctl$sock_SIOCGIFINDEX(r3, 0x8955, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL802154_CMD_SET_MAX_FRAME_RETRIES(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20040000}, 0x4000) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, r4, 0x8000) setrlimit$auto(0x7, 0x0) socket(0x23, 0x80805, 0x0) 4.53709291s ago: executing program 3 (id=1154): unshare$auto(0x40000080) (async) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000180)=""/196, 0xc4) ioctl$auto_XFS_IOC_SWAPEXT(0xffffffffffffffff, 0xc0c0586d, &(0x7f00000002c0)={0x9, @raw=0x3, @inferred, 0x6f1, 0xfffffffffffffffa, '\x00', {0x544f0d25, 0xff, 0xfe01, 0x0, 0xffffffffffffffff, 0x9, 0x7, 0x0, {0x400000000}, {0x4, 0x3}, {0x9, 0xffffff80}, 0x9, 0x1ff, 0x9, 0x6, 0x4, 0x8, 0xd96, 0x0, 0x9, 0x0, '\x00', 0x8000, 0x8c7, 0x6, 0xf}}) (async) msgctl$auto_IPC_SET(0xfffffffd, 0x1, &(0x7f00000003c0)={{0xffff3dbc, 0xee00, 0xffffffffffffffff, 0x9, 0x7, 0x94c, 0xfffa}, &(0x7f0000000080)=0x8, &(0x7f0000000380)=0x5, 0x7, 0x2, 0x1, 0xf29, 0xffffffffffffffff, 0x3ff, 0x0, 0x9, @inferred, @inferred=0xffffffffffffffff}) keyctl$auto(0xfff, 0xee00, r0, r1, 0x33) mmap$auto(0x10000000, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x0, 0x5, 0x0) r2 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408) r3 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000040), r2) sendmsg$auto_MACSEC_CMD_DEL_RXSA(r2, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000280)={0x20, r3, 0x800, 0x70bd27, 0x25dfdbff, {}, [@MACSEC_ATTR_OFFLOAD={0xc, 0x9, 0x0, 0x1, [@typed={0x8, 0xd, 0x0, 0x0, @fd=r2}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x4001}, 0x0) (async) getdents$auto(0x0, 0x0, 0x700) r4 = socket(0xa, 0x5, 0x0) ioctl$auto(r4, 0x8941, 0x8) 4.485157507s ago: executing program 2 (id=1155): r0 = inotify_init1$auto(0x3000000000000) inotify_add_watch$auto(r0, 0x0, 0x1000e6e) openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) socket(0x1e, 0x1, 0x0) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x521900, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80302, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe98, 0x0, 0x0, &(0x7f0000000040)={[0x54e, 0x10000000000005, 0x1, 0x8fd6, 0x948f, 0x5, 0x3392, 0x4, 0x3, 0x3, 0xffffffff, 0x9, 0x3, 0x4, 0x4, 0xfffffffffffffffe]}, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_tracing_stats_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/per_cpu/cpu1/stats\x00', 0x2000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r2 = open(0x0, 0x14d27e, 0x72) read$auto_usbfs_devices_fops_usb(r2, &(0x7f00000004c0)=""/25, 0x19) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) r5 = waitid$auto_P_PIDFD(0x3, r0, &(0x7f0000000340)={@siginfo_0_0={0x0, 0x81, 0x9, @_rt={0x0, 0x0, @sival_ptr=&(0x7f0000000640)="0de4c5c5ad0b640ec78439ac6411c4749553aa4b30690b7d3f60ff29aefb6c7efd524edaa13ddeb640bab7c382454cbc466445fc244d15491814637370085f124fc2dee5c7781db894d75954f4eafe9b33d1649f6c7555af6f39698035823f3666381e0f9f40ee"}}}, 0xd, &(0x7f0000000500)={{0x1000, 0x7ce}, {0x10001, 0x1}, 0x80000001, 0x9, 0x800, 0x0, 0x5, 0x9, 0x3ff, 0x200000000009, 0xbb, 0x8205, 0x3, 0xe, 0x0, 0xe}) msgctl$auto_MSG_INFO(0x5, 0xc, &(0x7f0000000280)={{0x9, 0xffffffffffffffff, 0xffffffffffffffff, 0x2, 0x287f, 0x2, 0x3}, 0x0, 0x0, 0x7fffffff, 0x9, 0x2, 0x20000000ffffffff, 0xfffffffffffffffe, 0x7fff, 0xfc2, 0x27f, @inferred=0xffffffffffffffff, @inferred=r5}) r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/fs/ecryptfs/version\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r7, &(0x7f0000000080)=""/150, 0x96) setresgid$auto(r6, 0xffffffffffffffff, r6) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYRES16=0x0, @ANYRES32=r4, @ANYBLOB="0a0005000180c200000e00000a0001000180c200000e00000a000100000000000000000008000200", @ANYRES32=r4, @ANYBLOB="060006ff050000"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x20000000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) 4.190441657s ago: executing program 0 (id=1156): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x51, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="01002dbd7000f9dbdf2501000000060002000100000005000700570000000800090108000000050004000300000014001f00fe88000000000000000000000000000114002000ff010000000000000000000000000001"], 0x5c}, 0x1, 0x0, 0x0, 0x40000}, 0x0) r1 = getpid() process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0xfff}, 0x800000001, &(0x7f0000000280)={&(0x7f0000000080), 0x1ffffffff}, 0x6, 0x0) write$auto(r0, &(0x7f0000000040)='S\x00\x00\x00\xfe\xff\xff\xff', 0x8587) r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r3, &(0x7f0000004240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={0xe4, r2, 0x1, 0x70bd25, 0x25dfdbfc, {}, [@HWSIM_ATTR_RADIO_NAME={0xd0, 0x11, 'u)(\xa0\xb66s\xec\xbe\f\x19\"\xbfW:L\x15\x94\x1a\x06\xb27\b\xb7;\x1eF\xe0 .\xdfB\xbb\xe11\xea\xfdX\x95\xa5\x01\xd62\xf4E\xa5O\x1a\x950\xacJkD\xa39\x11\x11\xb4\xb1,>\xc7\xf97=\xe7\x98\xa9\xefPq\'\xc9\x8doJ$2\xae\xd1\xeaF\xd7os7\xffr\n#\x00\x00\x04\x00\xc3\x9fx\a\xc3f\xb1\xc1i\xa4\xaf8y\xf2\x0f\xa3\xcaa\xaf%\xe1\xd3j;U\xd8t\xc9\xf7\xbf\xbf\xb4$\xbb\x8eM\x17c\x9c\xc2\xbfn\x83\r\xcbY\xb4O(\x05[\x90\x9di\xbb\xd3oC\x1f\a\xd7\x1f\xeb\xb1pBr\x8e\a<\xa7?\x05\xf7UI\x92\xa4pt\x9b\xee\x904\x91\xd8\xa4\xcb\x83o\\\xdf&\xae\xe8\xe9\x80nmy\xf0\r[:\xf2\xf3\x1f\x1d\xa4'}]}, 0xe4}, 0x1, 0x0, 0x0, 0x40c8}, 0x4048000) socket(0xa, 0x2, 0x0) setsockopt$auto(0x3, 0x0, 0x12, 0xffffffffffffffff, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r4 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x3, 0x3) fchdir$auto(r4) 3.646560835s ago: executing program 0 (id=1159): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r0 = socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) ioctl$auto(r0, 0x5, r0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) msync$auto(0x0, 0x2000000005, 0x6) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) membarrier$auto(0x2, 0x0, 0x9) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0xc02, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, r0, 0x300000000000) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4) acct$auto(&(0x7f0000000140)='/dev/ptmx\x00') r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000280)='/proc/thread-self/net/packet\x00', 0x2880, 0x0) read$auto_proc_reg_file_ops_compat_inode(r1, &(0x7f0000001300)=""/4096, 0x1000) socket(0xa, 0x3, 0x3b) statmount$auto(0x0, &(0x7f0000000180)={0xd0e, 0x1, 0x9, 0x2, 0x7, 0x100000006, 0x5, 0x3, 0x2000000000230006, 0x4, 0x7, 0x5, 0x2, 0x7, 0xaf, 0xfffffffffffffffa, 0x24, 0x3, 0x103, 0xfffffffffffffff7, 0x0, 0x0, 0x8000002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0xb, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7]}, 0x1fe, 0x81) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="d6000000", @ANYBLOB='p\x00', @ANYRES16=r2], 0x1ac}, 0x1, 0x0, 0x0, 0x24040840}, 0x1) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x1ac}}, 0x40000) openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0) mmap$auto(0x0, 0x9, 0x9cad, 0x8012, 0x3, 0x8000) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/radio6\x00', 0x8a240, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0xc8201, 0x0) 3.452490769s ago: executing program 2 (id=1160): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r0 = socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x8, 0x2020009, 0x3, 0x216, r0, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x5, 0x4000000000e2, 0xeb1, 0x401, 0x8000) ioctl$auto(0xffffffffffffffff, 0xc0045405, 0x3) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0xc02, 0x0) unshare$auto(0x20000) unshare$auto(0x20000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) mkdir$auto(&(0x7f00000002c0)='./file0\x00', 0x3) mkdir$auto(&(0x7f00000000c0)='./file1\x00', 0x9) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file1/file0\x00', 0x101040, 0x149) getxattrat$auto(r1, &(0x7f0000000300)='./file0\x00', 0xeb, &(0x7f0000000340)='/sys/kernel/debug/check_wx_pages\x00', 0x0, 0xffffffff) mmap$auto(0x200, 0x400008, 0x200, 0x9b72, 0xffffffffffffffff, 0x6) r2 = openat$auto_check_wx_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x400, 0x0) read$auto_check_wx_fops_(r2, &(0x7f0000000080)=""/228, 0xe4) r3 = socket(0x2, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) sendmmsg$auto(r3, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0x7, 0x0, &(0x7f0000000080)={[0x209c, 0xea0, 0x48, 0x15, 0x1000, 0xf, 0x200020000000000c, 0xf, 0x401, 0x0, 0xe, 0xd59, 0x101, 0xff, 0x2, 0x1]}, 0x0, 0x0) 2.92389048s ago: executing program 3 (id=1161): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_CONNECT(r0, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000000040)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010025bd7000fddbdf2503000003040007800c0002000500000000000000080001"], 0x2c}, 0x1, 0x0, 0x0, 0x20004080}, 0x8880) 2.796236016s ago: executing program 1 (id=1162): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r0 = socket(0x1a, 0x1, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0\x00', 0x14fa02, 0x0) r2 = openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, &(0x7f0000000080), 0x18b803, 0x0) ioctl$auto_IMADDTIMER(r2, 0x80044940, &(0x7f0000000000)=0x1) ioctl$auto_IMADDTIMER(r2, 0x80044940, &(0x7f00000000c0)=0x1) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x810004, 0x400000000ffb, 0x8000000008011, 0x3, 0x8000) write$auto(0x3, 0x0, 0xfffffdef) munmap$auto(0x8000, 0xffffffff) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) recvmmsg$auto(r1, &(0x7f00000000c0)={{0x0, 0x2, &(0x7f0000000080)={0x0, 0x100}, 0x9, 0x0, 0x8bed, 0x53}, 0x765}, 0xffbffffa, 0x5, 0x0) sendmsg$auto_ETHTOOL_MSG_TUNNEL_INFO_GET(r0, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="00012c9abee6529e7bbd700001dcdf251c00000075d5e5d012490901e8d5b9ab24736bdd327965368f84fbe16e61337c9e9f4f4bca54e97a53d778a21d8ec05079a73d51786cc3a01a6a9f093f355156f0d95d9bd507e22bf723dc9160612fbc636f3f133520eb99258446a7472d461c9e64de9f575c023386fe8aeb3c27e5ddb27c4ef8e16e5c7aea1a7a5a439ddcb201b52090102cd8ed227f2b269b5f6ddeee33182588c9d119d7ea75aca066dc2baea44ba2455bfc07eff2030c6959e430eb3f52ba498c9057ca1edbb78039c9ff8f8d103745f4b2821dec28a594191ed00be69173db17e98f561debeed18cb2aded60934e48336e463bc5b2265b2e8c0c6ebb10d10c0f38041035d145b67dfb578d"], 0x14}, 0x1, 0x0, 0x0, 0x4000001}, 0x1) pwrite64$auto(0xffffffffffffffff, 0x0, 0x4, 0x3) mount$auto(0x0, &(0x7f0000000040)='}[,&*}\x00\x0e\x15F\xf7\x1a\xd1K+\xedy\xc6\x9bb\x94\xb4^\xc2\x83%\xfbw}\xfb_P\"\x19\xdfi\xe9hA|Q\x8a_F\x04:Q\x90\'\x06', 0x0, 0x10000, 0x0) r3 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0) write$auto(r3, &(0x7f0000000040)='S\x00\x00\x00\xe8VV\x9e', 0x8587) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0xdb13, 0x1f, 0x4000000004df, 0x13, 0x401, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4) r4 = open(&(0x7f0000000000)='./file0\x00', 0x101800, 0xbf) ppoll$auto(&(0x7f0000000180)={r4, 0x4, 0x8}, 0x6, 0x0, 0x0, 0x8) open(&(0x7f0000000800)='./file0\x00', 0x183342, 0x154) close_range$auto(0x2, 0x8, 0x0) ioctl$auto(0x3, 0x400c4d05, 0x5) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) close_range$auto(0x2, 0xa, 0x0) 2.63832591s ago: executing program 0 (id=1163): r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x4000, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) getsockopt$auto_SO_SELECT_ERR_QUEUE(r0, 0x3, 0x2d, &(0x7f0000000040)='/dev/userio\x00', &(0x7f0000000380)=0x7) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) sysfs$auto(0x2, 0x23, 0x0) r1 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r1, 0x0, 0x3) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa}, 0x58) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) ioctl$auto(0x3, 0x40081271, 0x38) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x1, 0x2020009, 0x3, 0xebe, 0xfffffffffffffffa, 0x8000) socket(0xb, 0xa, 0xd9) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) r3 = socket(0xa, 0x1, 0x84) bind$auto(r3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) mq_timedsend$auto(0xffffffffffffffff, 0x0, 0xffffffffbffffff9, 0x5, 0x0) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) openat$auto_userio_fops_userio(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0) epoll_ctl$auto_EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f00000000c0)={0x4, 0x3}) write$auto(0x3, 0x0, 0xfdef) read$auto(0x3, 0x0, 0x1f40) 2.563148198s ago: executing program 3 (id=1164): r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x4000, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) getsockopt$auto_SO_SELECT_ERR_QUEUE(r0, 0x3, 0x2d, &(0x7f0000000040)='/dev/userio\x00', &(0x7f0000000380)=0x7) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) sysfs$auto(0x2, 0x23, 0x0) r1 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r1, 0x0, 0x3) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa}, 0x58) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) ioctl$auto(0x3, 0x40081271, 0x38) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x1, 0x2020009, 0x3, 0xebe, 0xfffffffffffffffa, 0x8000) socket(0xb, 0xa, 0xd9) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) r3 = socket(0xa, 0x1, 0x84) bind$auto(r3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) mq_timedsend$auto(0xffffffffffffffff, 0x0, 0xffffffffbffffff9, 0x5, 0x0) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) openat$auto_userio_fops_userio(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0) epoll_ctl$auto_EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f00000000c0)={0x4, 0x3}) write$auto(0x3, 0x0, 0xfdef) read$auto(0x3, 0x0, 0x1f40) 2.469306353s ago: executing program 1 (id=1165): pidfd_open$auto(0x1, 0x0) setresuid$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x24281, 0x0) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/binderfs/binder0\x00', 0x0, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/conf/netdevsim3/proxy_arp\x00', 0x88542, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/seq/oss\x00', 0x8042, 0x0) mmap$auto(0x4, 0x81, 0x3, 0x19, 0xffffffffffffffff, 0x8000) io_uring_setup$auto(0x6, 0x0) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/platform/dummy_hcd.5/usb6/6-0:1.0/usb6-port1/connect_type\x00', 0x103280, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000003800)=""/168, 0xa8) r2 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000001700), 0xffffffffffffffff) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000001840)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB, @ANYRES16=r2, @ANYBLOB], 0x14}, 0x1, 0xf0ffff, 0x0, 0x4005}, 0x28044004) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x1, 0x0) madvise$auto(0x0, 0xffffff7fffff0005, 0x8) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0x200007, 0x8) select$auto(0x10, 0x0, 0x0, &(0x7f0000000140)={[0x1ff, 0x4, 0xd3e, 0x1, 0x948b, 0x3, 0x800295f4da0a, 0x2, 0x3, 0x62, 0x80000001, 0x50a7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x203, 0x7f, 0xd, 0x8000000000000001, 0x40000000948f, 0x1005, 0x3, 0x6, 0xfffffffffffffff2, 0x7, 0x5, 0x79d, 0x6, 0x100000000000000, 0xfffffffffffffffe, 0xa]}, 0x0) mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x8000000000008000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mbind$auto(0x1fff, 0x4, 0x3, 0x0, 0x8, 0x2) mmap$auto(0x0, 0x4, 0xdf, 0x9b72, 0x2, 0x8000) 1.569367968s ago: executing program 0 (id=1166): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x51, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="01002dbd7000f9dbdf2501000000060002000100000005000700570000000800090108000000050004000300000014001f00fe88000000000000000000000000000114002000ff010000000000000000000000000001"], 0x5c}, 0x1, 0x0, 0x0, 0x40000}, 0x0) r1 = getpid() process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0xfff}, 0x800000001, &(0x7f0000000280)={&(0x7f0000000080), 0x1ffffffff}, 0x6, 0x0) write$auto(r0, &(0x7f0000000040)='S\x00\x00\x00\xfe\xff\xff\xff', 0x8587) r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r3, &(0x7f0000004240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={0xe4, r2, 0x1, 0x70bd25, 0x25dfdbfc, {}, [@HWSIM_ATTR_RADIO_NAME={0xd0, 0x11, 'u)(\xa0\xb66s\xec\xbe\f\x19\"\xbfW:L\x15\x94\x1a\x06\xb27\b\xb7;\x1eF\xe0 .\xdfB\xbb\xe11\xea\xfdX\x95\xa5\x01\xd62\xf4E\xa5O\x1a\x950\xacJkD\xa39\x11\x11\xb4\xb1,>\xc7\xf97=\xe7\x98\xa9\xefPq\'\xc9\x8doJ$2\xae\xd1\xeaF\xd7os7\xffr\n#\x00\x00\x04\x00\xc3\x9fx\a\xc3f\xb1\xc1i\xa4\xaf8y\xf2\x0f\xa3\xcaa\xaf%\xe1\xd3j;U\xd8t\xc9\xf7\xbf\xbf\xb4$\xbb\x8eM\x17c\x9c\xc2\xbfn\x83\r\xcbY\xb4O(\x05[\x90\x9di\xbb\xd3oC\x1f\a\xd7\x1f\xeb\xb1pBr\x8e\a<\xa7?\x05\xf7UI\x92\xa4pt\x9b\xee\x904\x91\xd8\xa4\xcb\x83o\\\xdf&\xae\xe8\xe9\x80nmy\xf0\r[:\xf2\xf3\x1f\x1d\xa4'}]}, 0xe4}, 0x1, 0x0, 0x0, 0x40c8}, 0x4048000) socket(0xa, 0x2, 0x0) setsockopt$auto(0x3, 0x0, 0x12, 0xffffffffffffffff, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) fchdir$auto(0xffffffffffffffff) 1.43153204s ago: executing program 2 (id=1167): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r0 = socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) ioctl$auto(r0, 0x5, r0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) msync$auto(0x0, 0x2000000005, 0x6) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) membarrier$auto(0x2, 0x0, 0x9) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0xc02, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, r0, 0x300000000000) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4) acct$auto(&(0x7f0000000140)='/dev/ptmx\x00') r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000280)='/proc/thread-self/net/packet\x00', 0x2880, 0x0) read$auto_proc_reg_file_ops_compat_inode(r1, &(0x7f0000001300)=""/4096, 0x1000) socket(0xa, 0x3, 0x3b) statmount$auto(0x0, &(0x7f0000000180)={0xd0e, 0x1, 0x9, 0x2, 0x7, 0x100000006, 0x5, 0x3, 0x2000000000230006, 0x4, 0x7, 0x5, 0x2, 0x7, 0xaf, 0xfffffffffffffffa, 0x24, 0x3, 0x103, 0xfffffffffffffff7, 0x0, 0x0, 0x8000002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0xb, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7]}, 0x1fe, 0x81) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="d6000000", @ANYBLOB='p\x00', @ANYRES16=r2], 0x1ac}, 0x1, 0x0, 0x0, 0x24040840}, 0x1) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x1ac}}, 0x40000) openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0) mmap$auto(0x0, 0x9, 0x9cad, 0x8012, 0x3, 0x8000) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/radio6\x00', 0x8a240, 0x0) swapon$auto(&(0x7f0000000140)='./cgroup.cpu/cgroup.clone_children\x00', 0x2) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0xc8201, 0x0) 1.302302503s ago: executing program 1 (id=1168): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zram0\x00', 0x6e642, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = socket(0xa, 0x801, 0x84) r1 = socket(0xa, 0x5, 0x84) getsockopt$auto(r1, 0x84, 0x9, 0x0, &(0x7f0000000000)=0x9b) ppoll$auto(0x0, 0x7f, 0x0, 0x0, 0x8) setsockopt$auto(r0, 0x10000000084, 0x9, 0x0, 0x9c) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0) mmap$auto(0x0, 0x810004, 0x400000000ffb, 0x8000000008011, 0x3, 0x8000) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82000, 0x0) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$auto_SO_RCVPRIORITY(0xffffffffffffffff, 0x2, 0x52, &(0x7f00000001c0)='/dev/virtual_nci\x00', 0x0) setresuid$auto(0x0, 0x0, 0x0) sendmsg$auto_NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000440)={&(0x7f0000001900)=ANY=[@ANYBLOB="58050000", @ANYRES16=0x0, @ANYBLOB="040029bd7000fedbdf25110000000a0018008765839be1d1000005009200050000002800c500d19f3b98daeb63ec0a45156a38993e14fc3f2accabf37e8c522d8058e434ecc56b0794e50800c400090000000500ee00340000000400e2001000b000d366b7db35437c4dea30f43b40046e8083001980f7b1840e10c37193057e77525de3f9ee243423a5a3239d46e4a7778f37773837bfa5e978c3c25f7bdd320deecd5cfa50088ab114ab2fb9047154a3339ddf60c125a3df53d0394875f6ce6dd05fa3d39e356b94000a8ffcb286df082954cc900f2b046574c181c70ebf2afac4aa68fdeba2d68045c51a120800f6000500000000e60025801400d600fe8000000000000000000000000000bb85f58c546fbbe9347ba3592fcfdb8d309a7fd803c613c6bdf8ab8f90167b7e03990ff504d46bcebc5c22b2052345531a063eb153e5abec3bbad9df4c3ea2e82692723a7b78761772bd869cfcdcc54fce8d2c66d5553d3d53c54f5883ecdfce9c0065075348e9790199ce598c68d37e116f2f22e0b10a511cacb063e9cb23c9479d1327dd03007eb2048a5ecda13d23ba2e95a13ba75404005f803c78c1722797b20255d296f37c20c1936ed1a83418d1abf888071530917573d373ea729d1951b38121cffba58307fa7b6bc4cb1000000800f400", @ANYRES32, @ANYBLOB="0c00598008002000", @ANYRES32=0x0, @ANYBLOB="04000d80a102eb8064aba5ec5f90e9fac103ed631d74a6cfba6bd220c97def1dcf2840e7550d84b02bc984ba3d650276d02d1c32e1fbd5f4a6196af2d442c534645a1c644f24e545511f55063d628381a3724fa186119459ce70eeabc2475bb40515a75479360cafb8c55b62a8b955d10b7b25722bc791312ce24e8df651b0a826ee6fe4fb780fada2a46acf82e27331ec50c3ed96e31fc2f7d5060434030b34f2bc7bc05aa7f024c1fbcc7af314178a1b3f115bf287243a1213ad33b376533f6e4dcdac84342a73e86b9525868eeab624ca0e8aecb7ad885fbaaaac342f89c953b7205f3d9610b7ed7561ddbee01d2c970e957e15e508669a0cd9eed4b0a172e9320f6fde0678cb8c37a994a9369a69cd1a3eadfa6c8f9b2d71c7f8d529ef75c4883a695c492c1cea554702da19d44cc2cbfb388feee942b58947b495383533056d6e75ab7aaecf4c5ebbdbb127c179c3c9e661d75268ad426e60151c82d09d3356f3b3bac0117367fd0ada0f35c8afcf1a6935fe2a576a6db95278d802292697e3ab6c53e2b05114fff8706bfb68c3ee56fbe5cede0a7561468966cbfd7de54214b7769aff377a858de3a294d73090822e392fec6f5777c2b0880044e6cb5f644249e69f8218f6abec8e15618a41f0ed6b2d85eeae7f5d1ac13734ee91b2576aa03733871645efebe468c0f8ce928b1879cc210e747ca7963a77b29fe259cf966dbc3761e0149e0f309c5f6ca4eb42f4c59824dd8b0a8f99426211182eed3c5f22083675b90b170a821ada334bd3c5eaae138a6f23b52c035f2fa40251573662d83daf7cd72a7eed723c4665302d28d64f45df5a7439bd4bc5abe8c56626e75a08a70dd4806237dd043a52f8dd1bac01386aecdaf7213b6fdc8506f5cc01fc650bf2d170d55f8e953e0c678342fc33d0519934d0a61a3c5bf4ed9eda1390dc00000014002300000000000000000000000000000000019a00020198433b45485b0d07f3af16801785094a6587d6303f241689b1d1c9c0c8398b54f43586f91d1324ce74406cf1b171de4a0068812e62f6ee82b56662a4f9f2b45fe2d5efe9c4222554921d37e9804a49ae94bd1ffbe0c245d2c015b1f89d9a5a826ccbd3cb8e7525cb9d7e46d2603719ba2441008a02c106d487e169bc205da6b217a386a17f197ef50047b281fd5b5062d60c793c2a1300000800230107ef00000000000000"], 0x558}, 0x1, 0x0, 0x0, 0x8805}, 0x8000) openat$auto_evm_xattr_ops_evm_secfs(0xffffffffffffff9c, &(0x7f0000000140), 0x189000, 0x0) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto_PR_SET_MM_START_STACK(0x80000000, 0x5, 0x0, 0x2, 0x1) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r3 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/anycast6\x00', 0x181500, 0x0) sched_setattr$auto(r3, 0x0, 0x7b) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) 1.106866921s ago: executing program 0 (id=1169): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r0 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x40080, 0x0) ioctl$auto_UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000400)={{0xc, 0x23, 0xa6, 0x83}, "66ac010005000000000068d190eb0d4a4cada7272464294b9183349eef4c1f028fdcc8ecc66fdd02316f064ebd893007abb4c0bbc3b822f66eaf240963110d61771552c03de65800", 0x2}) ioctl$auto_UI_DEV_CREATE(r0, 0x5501, 0x0) io_uring_setup$auto(0xa, 0x0) r1 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/debug_objects/stats\x00', 0x8000, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram1/integrity/tag_size\x00', 0x68e00, 0x0) recvmsg$auto(r1, &(0x7f00000000c0)={&(0x7f0000000180)="c4c2892c3b437db3f43374588b18162c6c5d63445e53e59022ef9c759f23c9b16eb064a536d684e3ae8d7ddf1705325656627eca1c3e6e6b1841408b5ab564487f4f34c716f5289bdd62e8a8106259214f7116c4e308b9726a57e4b6c6d0fcaeda093c95c4b7c961669e2b72cc9d75e912fa50af8cfde0ec5f7f8ca323f5506d9c34e568261a93b2ae6a71996a81c8c5682eb4243437cc45d09d017d9eb9f8e1b03dac25a4130372bb2cf9e954433a01c02964ed73ce5884769dcc373c59e7445e7e802da216c1", 0xeeee, &(0x7f0000000040)={&(0x7f00000002c0)="347c9f4c32527f2588904eb3d8a6574a106676506d9b7fb920bf0a262dacd5efb89d5221947d42eae3354b692808b4dc59a55123f2c61ab8cd3ce1871a3f4cb1b0a9543af16ee775d697d78b7a2fef53a5304dc9821189e92ef77a5bf8ba8b51df50f29d2f8a2db367fa1e1460d4e61f539c946f567d8aaccf53527188ad5b95d169eeb773f35342447862f02a3382df52ce67e48c46a2fef5402fceedd9bb53e5a0e218d9642d434edaaa96fe0b1b8c661eeab5c7e36e2f2d3d6ca1f28782374afce0774017f78019052b6e74c2b95ecde4eb3ef71230483b58c1ab3680f051bc6dee837f28458230329d001c442cab0882cf4c22f296c77ea18985", 0x81}, 0x8000, &(0x7f0000000480)="d2ca04fb19edfbd6142e65e754f12c40119ddeb9f05a596dca3ac2fe80a33f87eb54f19a44195bbb00f7e78764f29f16e13520f92981fe17a30617773e79710faaa767967c26b7dc770e642c11e3ea9740ba93d19273c26e436870356c755f242003be2d86ee78049ff0337169e244ac4fb5aa053100b24960fb34ad449f7c6919354b3687d114e6a2aba667acce5d8e8e5d8797c73ea5b3f8077be3179d1909e13c9d3d608abb24c5c767e10c5a530c01ec6189e6a9a48c56ce", 0x7, 0x1}, 0xfffffffb) connect$auto(0xffffffffffffffff, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0xdb) r2 = getpid() process_vm_readv$auto(r2, &(0x7f0000000000)={0x0, 0xfff}, 0x800000001, &(0x7f0000000280)={&(0x7f0000000080), 0x1ffffffff}, 0x6, 0x0) r3 = socket(0x11, 0x3, 0x2) ioctl$sock_SIOCGIFINDEX(r3, 0x8955, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL802154_CMD_SET_MAX_FRAME_RETRIES(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20040000}, 0x4000) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, r4, 0x8000) setrlimit$auto(0x7, 0x0) socket(0x23, 0x80805, 0x0) 918.849739ms ago: executing program 1 (id=1170): close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x2, 0x1, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_CONNECT(r0, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f00000001c0)={0x30, r1, 0x1, 0x703d25, 0x25dfdbfd, {}, [@NBD_ATTR_SOCKETS={0x10, 0x7, 0x0, 0x1, [@nested={0xc, 0x1, 0x0, 0x1, [@nested={0x8, 0x1, 0x0, 0x1, [@generic='\x00\x00\x00\x00']}]}]}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x6}]}, 0x30}, 0x1, 0x600000000000000, 0x0, 0x4}, 0x8880) prctl$auto(0x23, 0x6, 0x0, 0x0, 0x0) 598.992673ms ago: executing program 1 (id=1171): mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0xffffffffffffffff, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) msgctl$auto_MSG_INFO(0x1, 0xc, &(0x7f0000000280)={{0x2, 0xee00, 0xffffffffffffffff, 0x2, 0x1000, 0x8, 0x7662}, &(0x7f00000001c0), &(0x7f0000000240)=0xe9, 0xffffffff, 0x6b, 0x7fff, 0x7fffffff, 0x8, 0x401, 0xb833, 0x0, @raw=0x40}) r1 = setfsgid$auto(0xffffffffffffffff) lstat$auto(&(0x7f0000000180)='./file0\x00', &(0x7f0000000300)={0xfffffffffffffaf0, 0xa35, 0x1, 0xffffffe0, r0, r1, 0x0, 0x6, 0x2, 0x401, 0x2, 0x5439eebb, 0x9, 0x5, 0xb9, 0x3, 0x100000000}) mmap$auto(0x0, 0x400008, 0x5f, 0x9b72, 0x2, 0x8000) madvise$auto(0x8000, 0x87fff, 0xc) openat$auto_userio_fops_userio(0xffffffffffffff9c, &(0x7f0000000000), 0x62800, 0x0) read$auto(0x3, 0x0, 0x80) bpf$auto(0x0, 0x0, 0x6f4) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) openat$auto_proc_oom_score_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/oom_score_adj\x00', 0x19d403, 0x0) sendto$auto(0x3, 0x0, 0x18, 0x7, &(0x7f0000000180)=@hci={0x1f, 0xdd86, 0x7}, 0x22) socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x189401, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = getpid() ioprio_get$auto_IOPRIO_WHO_PGRP(0x2, r3) r4 = socketcall$auto(0x8000, 0x0) r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x0) r6 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000000), 0x2400, 0x0) mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000) ioctl$auto_UBI_IOCDET(r6, 0x40046f41, 0x0) migrate_pages$auto(0x0, 0xa, &(0x7f0000000100)=0x5, &(0x7f0000000140)=0x2) ioctl$auto(0x3, 0xae60, 0x10000000000402) ioctl$auto(0x3, 0xae41, r4) ioctl$auto_KVM_GET_MSRS(r2, 0x4400ae8f, &(0x7f00000000c0)={0xdd}) 382.703316ms ago: executing program 2 (id=1172): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r0 = socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) ioctl$auto(r0, 0x5, r0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) msync$auto(0x0, 0x2000000005, 0x6) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) membarrier$auto(0x2, 0x0, 0x9) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0xc02, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, r0, 0x300000000000) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4) acct$auto(&(0x7f0000000140)='/dev/ptmx\x00') r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000280)='/proc/thread-self/net/packet\x00', 0x2880, 0x0) read$auto_proc_reg_file_ops_compat_inode(r1, &(0x7f0000001300)=""/4096, 0x1000) socket(0xa, 0x3, 0x3b) statmount$auto(0x0, &(0x7f0000000180)={0xd0e, 0x1, 0x9, 0x2, 0x7, 0x100000006, 0x5, 0x3, 0x2000000000230006, 0x4, 0x7, 0x5, 0x2, 0x7, 0xaf, 0xfffffffffffffffa, 0x24, 0x3, 0x103, 0xfffffffffffffff7, 0x0, 0x0, 0x8000002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0xb, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7]}, 0x1fe, 0x81) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="d6000000", @ANYBLOB='p\x00', @ANYRES16=r2], 0x1ac}, 0x1, 0x0, 0x0, 0x24040840}, 0x1) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x1ac}}, 0x40000) openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0) mmap$auto(0x0, 0x9, 0x9cad, 0x8012, 0x3, 0x8000) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0xc8201, 0x0) 127.434532ms ago: executing program 0 (id=1173): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_CONNECT(r0, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000000040)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010025bd7000fddbdf2503000000040007800c0002000500030000000000080001"], 0x2c}, 0x1, 0x0, 0x0, 0x20004080}, 0x8880) 0s ago: executing program 1 (id=1174): pidfd_open$auto(0x1, 0x0) setresuid$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) poll$auto(0x0, 0x0, 0x9f) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0xfffd, 0x8000, 0x0) sendmmsg$auto(0x3, 0x0, 0x787b, 0x7000000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x4000845) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) bpf$auto(0x0, &(0x7f0000000340)=@bpf_attr_5={@target_fd=0x5, 0x7f, 0x9c, 0x7b2, 0x1, @relative_id=0xfa, 0x80}, 0x96) r0 = open(0x0, 0x80842, 0x91) write$auto_proc_clear_refs_operations_internal(r0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x8000000000008000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) mmap$auto(0x0, 0x4, 0xdf, 0x9b72, 0x2, 0x8000) mlockall$auto(0x7) kernel console output (not intermixed with test programs): aller #0 PREEMPT(full) [ 120.449707][ T6386] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 120.449721][ T6386] Call Trace: [ 120.449728][ T6386] [ 120.449738][ T6386] dump_stack_lvl+0x16c/0x1f0 [ 120.449767][ T6386] warn_alloc+0x248/0x3a0 [ 120.449797][ T6386] ? __pfx_warn_alloc+0x10/0x10 [ 120.449822][ T6386] ? kfree+0x2b8/0x6d0 [ 120.449840][ T6386] ? __get_vm_area_node+0x2cd/0x330 [ 120.449879][ T6386] ? __get_vm_area_node+0x2cd/0x330 [ 120.449911][ T6386] ? __get_vm_area_node+0x208/0x330 [ 120.449953][ T6386] __vmalloc_node_range_noprof+0xaf5/0x1480 [ 120.450002][ T6386] ? kernel_clone+0xfc/0x930 [ 120.450044][ T6386] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 120.450090][ T6386] ? rcu_is_watching+0x12/0xc0 [ 120.450129][ T6386] ? kernel_clone+0xfc/0x930 [ 120.450158][ T6386] __vmalloc_node_noprof+0xad/0xf0 [ 120.450195][ T6386] ? kernel_clone+0xfc/0x930 [ 120.450237][ T6386] copy_process+0x2c77/0x76a0 [ 120.450285][ T6386] ? __pfx_copy_process+0x10/0x10 [ 120.450316][ T6386] ? futex_private_hash_put+0x176/0x300 [ 120.450354][ T6386] ? futex_private_hash_put+0x18a/0x300 [ 120.450394][ T6386] kernel_clone+0xfc/0x930 [ 120.450425][ T6386] ? __pfx_futex_wake+0x10/0x10 [ 120.450463][ T6386] ? __pfx_kernel_clone+0x10/0x10 [ 120.450515][ T6386] __do_sys_clone+0xce/0x120 [ 120.450547][ T6386] ? __pfx___do_sys_clone+0x10/0x10 [ 120.450596][ T6386] ? xfd_validate_state+0x61/0x180 [ 120.450642][ T6386] do_syscall_64+0xcd/0xfa0 [ 120.450675][ T6386] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 120.450701][ T6386] RIP: 0033:0x7f65abb8efc9 [ 120.450721][ T6386] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 120.450745][ T6386] RSP: 002b:00007f65acb0efe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 120.450769][ T6386] RAX: ffffffffffffffda RBX: 00007f65abde5fa0 RCX: 00007f65abb8efc9 [ 120.450783][ T6386] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 120.450797][ T6386] RBP: 00007f65abc11f91 R08: 0000000000000000 R09: 0000000000000000 [ 120.450812][ T6386] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 120.450827][ T6386] R13: 00007f65abde6038 R14: 00007f65abde5fa0 R15: 00007ffe78e620c8 [ 120.450865][ T6386] syzkaller syzkaller login: [ 120.700488][ T6386] Mem-Info: [ 120.703759][ T6386] active_anon:16067 inactive_anon:0 isolated_anon:0 [ 120.703759][ T6386] active_file:12255 inactive_file:40268 isolated_file:0 [ 120.703759][ T6386] unevictable:768 dirty:287 writeback:0 [ 120.703759][ T6386] slab_reclaimable:10536 slab_unreclaimable:91600 [ 120.703759][ T6386] mapped:27731 shmem:5469 pagetables:1179 [ 120.703759][ T6386] sec_pagetables:0 bounce:0 [ 120.703759][ T6386] kernel_misc_reclaimable:0 [ 120.703759][ T6386] free:1305103 free_pcp:13773 free_cma:0 [ 120.809691][ T6386] Node 0 active_anon:70468kB inactive_anon:0kB active_file:49020kB inactive_file:160872kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:112924kB dirty:1144kB writeback:0kB shmem:25540kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11532kB pagetables:4592kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 120.949939][ T6386] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:124kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 121.060249][ T6386] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 121.144823][ T6386] lowmem_reserve[]: 0 2485 2487 2487 2487 [ 121.178871][ T6386] Node 0 DMA32 free:1293012kB boost:0kB min:34108kB low:42632kB high:51156kB reserved_highatomic:0KB free_highatomic:0KB active_anon:81540kB inactive_anon:0kB active_file:48956kB inactive_file:160872kB unevictable:1536kB writepending:1156kB zspages:368kB present:3129332kB managed:2545096kB mlocked:0kB bounce:0kB free_pcp:44412kB local_pcp:17636kB free_cma:0kB [ 121.219114][ T6386] lowmem_reserve[]: 0 0 1 1 1 [ 121.243688][ T6386] Node 0 Normal free:0kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 121.292649][ T6386] lowmem_reserve[]: 0 0 0 0 0 [ 121.299761][ T6386] Node 1 Normal free:3889148kB boost:0kB min:55768kB low:69708kB high:83648kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:4kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:22640kB local_pcp:10700kB free_cma:0kB [ 121.310756][ T6397] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 121.378240][ T6386] lowmem_reserve[]: 0 0 0 0 0 [ 121.394206][ T6386] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 121.420240][ T6386] Node 0 DMA32: 1*4kB (E) 2*8kB (ME) 0*16kB 1*32kB (E) 5*64kB (UE) 41*128kB (ME) 69*256kB (UM) 8*512kB (ME) 14*1024kB (UME) 10*2048kB (U) 300*4096kB (UM) = 1290996kB [ 121.457595][ T6386] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 121.489964][ T6386] Node 1 Normal: 199*4kB (UME) 64*8kB (UME) 40*16kB (UME) 55*32kB (UME) 22*64kB (UME) 8*128kB (UME) 4*256kB (UME) 2*512kB (UM) 2*1024kB (UE) 2*2048kB (UE) 946*4096kB (M) = 3889148kB [ 121.689850][ T6386] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 121.699736][ T6386] Node 0 hugepages_total=2 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 121.749853][ T6386] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 121.780553][ T6386] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 121.800213][ T6386] 67655 total pagecache pages [ 121.804927][ T6386] 30 pages in swap cache [ 121.862968][ T6386] Free swap = 124992kB [ 121.867231][ T6386] Total swap = 124996kB [ 121.879883][ T6386] 2097051 pages RAM [ 121.893141][ T6386] 0 pages HighMem/MovableOnly [ 121.897956][ T6386] 428687 pages reserved [ 121.940505][ T6386] 0 pages cma reserved [ 122.263383][ T6423] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input19 [ 122.442114][ T6429] random: crng reseeded on system resumption [ 122.543516][ T6426] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input20 [ 122.834952][ T6434] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 122.849758][ T6434] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 124.289619][ T6458] netlink: set zone limit has 8 unknown bytes [ 124.612315][ T6470] netlink: 'syz.1.150': attribute type 4 has an invalid length. [ 124.726283][ T6478] netlink: 25 bytes leftover after parsing attributes in process `syz.3.152'. [ 125.727230][ T6500] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input21 [ 125.809986][ T6501] capability: warning: `syz.2.159' uses 32-bit capabilities (legacy support in use) [ 126.148901][ T5843] block nbd0: Receive control failed (result -107) [ 126.272925][ T6503] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input22 [ 126.521225][ T6512] FAULT_INJECTION: forcing a failure. [ 126.521225][ T6512] name failslab, interval 1, probability 0, space 0, times 0 [ 126.550795][ T6512] CPU: 0 UID: 0 PID: 6512 Comm: syz.3.162 Not tainted syzkaller #0 PREEMPT(full) [ 126.550828][ T6512] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 126.550842][ T6512] Call Trace: [ 126.550858][ T6512] [ 126.550867][ T6512] dump_stack_lvl+0x16c/0x1f0 [ 126.550901][ T6512] should_fail_ex+0x512/0x640 [ 126.550937][ T6512] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 126.550963][ T6512] should_failslab+0xc2/0x120 [ 126.550989][ T6512] kmem_cache_alloc_noprof+0x75/0x6e0 [ 126.551012][ T6512] ? taskstats_exit+0x654/0xbe0 [ 126.551038][ T6512] ? taskstats_exit+0x654/0xbe0 [ 126.551054][ T6512] ? acct_update_integrals+0x2ce/0x4a0 [ 126.551074][ T6512] taskstats_exit+0x654/0xbe0 [ 126.551096][ T6512] ? __pfx_taskstats_exit+0x10/0x10 [ 126.551133][ T6512] ? exit_signals+0x38e/0xb40 [ 126.551164][ T6512] do_exit+0x5dc/0x2bf0 [ 126.551204][ T6512] ? __pfx_do_exit+0x10/0x10 [ 126.551235][ T6512] ? do_raw_spin_lock+0x12c/0x2b0 [ 126.551270][ T6512] ? find_held_lock+0x2b/0x80 [ 126.551300][ T6512] do_group_exit+0xd3/0x2a0 [ 126.551334][ T6512] get_signal+0x2671/0x26d0 [ 126.551362][ T6512] ? rds_connect+0xcb/0x740 [ 126.551395][ T6512] ? rcu_is_watching+0x12/0xc0 [ 126.551422][ T6512] ? __pfx_get_signal+0x10/0x10 [ 126.551449][ T6512] ? do_futex+0x122/0x350 [ 126.551482][ T6512] ? __pfx_do_futex+0x10/0x10 [ 126.551516][ T6512] arch_do_signal_or_restart+0x8f/0x790 [ 126.551549][ T6512] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 126.551591][ T6512] ? __pfx_do_writev+0x10/0x10 [ 126.551619][ T6512] exit_to_user_mode_loop+0x85/0x130 [ 126.551656][ T6512] do_syscall_64+0x426/0xfa0 [ 126.551687][ T6512] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 126.551711][ T6512] RIP: 0033:0x7f65abb8efc9 [ 126.551731][ T6512] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 126.551754][ T6512] RSP: 002b:00007f65acb0f0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 126.551778][ T6512] RAX: fffffffffffffe00 RBX: 00007f65abde5fa8 RCX: 00007f65abb8efc9 [ 126.551794][ T6512] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f65abde5fa8 [ 126.551808][ T6512] RBP: 00007f65abde5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 126.551823][ T6512] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 126.551835][ T6512] R13: 00007f65abde6038 R14: 00007ffe78e61fe0 R15: 00007ffe78e620c8 [ 126.551875][ T6512] [ 128.261953][ T6542] ubi0: attaching mtd0 [ 128.272218][ T6542] ubi0: scanning is finished [ 128.279993][ T6542] ubi0: empty MTD device detected [ 128.579147][ T6542] ubi0 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt0d", error -4 [ 129.010169][ T6554] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input23 [ 129.433711][ T6556] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input24 [ 129.567792][ T6565] __vm_enough_memory: pid: 6565, comm: syz.2.175, bytes: 4398046511104 not enough memory for the allocation syzkaller syzkaller login: [ 132.242400][ T5843] block nbd1: Receive control failed (result -107) [ 132.265703][ T6606] netlink: 28 bytes leftover after parsing attributes in process `syz.2.188'. [ 132.424090][ T6616] process 'syz.2.188' launched ':,' with NULL argv: empty string added [ 132.467419][ T6606] veth0_macvtap: left promiscuous mode [ 132.511129][ T6606] macvtap0: entered promiscuous mode [ 132.516501][ T6606] macvtap0: entered allmulticast mode [ 132.898662][ T6639] FAULT_INJECTION: forcing a failure. [ 132.898662][ T6639] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 132.920415][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.927439][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.131704][ T6639] CPU: 1 UID: 0 PID: 6639 Comm: syz.2.194 Not tainted syzkaller #0 PREEMPT(full) [ 133.131741][ T6639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 133.131756][ T6639] Call Trace: [ 133.131764][ T6639] [ 133.131774][ T6639] dump_stack_lvl+0x16c/0x1f0 [ 133.131810][ T6639] should_fail_ex+0x512/0x640 [ 133.131951][ T6639] should_fail_alloc_page+0xe7/0x130 [ 133.131989][ T6639] prepare_alloc_pages+0x3c2/0x610 [ 133.132029][ T6639] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 133.132065][ T6639] ? find_held_lock+0x2b/0x80 [ 133.132093][ T6639] ? is_bpf_text_address+0x8a/0x1a0 [ 133.132127][ T6639] ? bpf_ksym_find+0x124/0x1c0 [ 133.132155][ T6639] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 133.132180][ T6639] ? is_bpf_text_address+0x94/0x1a0 [ 133.132216][ T6639] ? kernel_text_address+0x8d/0x100 [ 133.132253][ T6639] ? __kernel_text_address+0xd/0x40 [ 133.132277][ T6639] ? unwind_get_return_address+0x59/0xa0 [ 133.132326][ T6639] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 133.132377][ T6639] ? policy_nodemask+0xea/0x4e0 [ 133.132414][ T6639] alloc_pages_mpol+0x1fb/0x550 [ 133.132446][ T6639] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 133.132479][ T6639] ? kasan_save_stack+0x33/0x60 [ 133.132509][ T6639] ? kasan_save_track+0x14/0x30 [ 133.132538][ T6639] ? __kasan_kmalloc+0xaa/0xb0 [ 133.132573][ T6639] ? __get_vm_area_node+0x101/0x330 [ 133.132624][ T6639] alloc_pages_noprof+0x131/0x390 [ 133.132663][ T6639] get_free_pages_noprof+0x10/0xb0 [ 133.132695][ T6639] kasan_populate_vmalloc+0x9f/0x2d0 [ 133.132721][ T6639] ? alloc_vmap_area+0x8b5/0x29e0 [ 133.132761][ T6639] alloc_vmap_area+0x960/0x29e0 [ 133.132812][ T6639] ? __pfx_alloc_vmap_area+0x10/0x10 [ 133.132849][ T6639] __get_vm_area_node+0x1ca/0x330 [ 133.132897][ T6639] __vmalloc_node_range_noprof+0x271/0x1480 [ 133.132937][ T6639] ? kernel_clone+0xfc/0x930 [ 133.132966][ T6639] ? kernel_clone+0xfc/0x930 [ 133.132987][ T6639] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 133.133010][ T6639] ? rcu_is_watching+0x12/0xc0 [ 133.133026][ T6639] ? kernel_clone+0xfc/0x930 [ 133.133041][ T6639] __vmalloc_node_noprof+0xad/0xf0 [ 133.133061][ T6639] ? kernel_clone+0xfc/0x930 [ 133.133080][ T6639] copy_process+0x2c77/0x76a0 [ 133.133097][ T6639] ? __pfx___futex_wait+0x10/0x10 [ 133.133124][ T6639] ? __pfx_copy_process+0x10/0x10 [ 133.133140][ T6639] ? futex_private_hash_put+0x176/0x300 [ 133.133160][ T6639] ? futex_private_hash_put+0x18a/0x300 [ 133.133180][ T6639] kernel_clone+0xfc/0x930 [ 133.133198][ T6639] ? __pfx_kernel_clone+0x10/0x10 [ 133.133224][ T6639] __do_sys_clone+0xce/0x120 [ 133.133241][ T6639] ? __pfx___do_sys_clone+0x10/0x10 [ 133.133266][ T6639] ? xfd_validate_state+0x61/0x180 [ 133.133291][ T6639] do_syscall_64+0xcd/0xfa0 [ 133.133312][ T6639] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 133.133326][ T6639] RIP: 0033:0x7f14fc58efc9 [ 133.133340][ T6639] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 133.133353][ T6639] RSP: 002b:00007f14fa7d4fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 133.133367][ T6639] RAX: ffffffffffffffda RBX: 00007f14fc7e6090 RCX: 00007f14fc58efc9 [ 133.133376][ T6639] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 133.133385][ T6639] RBP: 00007f14fc611f91 R08: 0000000000000000 R09: 0000000000000000 [ 133.133393][ T6639] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 133.133401][ T6639] R13: 00007f14fc7e6128 R14: 00007f14fc7e6090 R15: 00007ffea20d0098 [ 133.133421][ T6639] [ 133.139187][ T6639] syz.2.194: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 133.589113][ T6637] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input25 [ 133.659916][ T6639] ,cpuset=/,mems_allowed=0-1 [ 133.665369][ T6639] CPU: 1 UID: 0 PID: 6639 Comm: syz.2.194 Not tainted syzkaller #0 PREEMPT(full) [ 133.665405][ T6639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 133.665421][ T6639] Call Trace: [ 133.665429][ T6639] [ 133.665440][ T6639] dump_stack_lvl+0x16c/0x1f0 [ 133.665476][ T6639] warn_alloc+0x248/0x3a0 [ 133.665505][ T6639] ? __pfx_warn_alloc+0x10/0x10 [ 133.665533][ T6639] ? kfree+0x2b8/0x6d0 [ 133.665553][ T6639] ? __get_vm_area_node+0x2cd/0x330 [ 133.665594][ T6639] ? __get_vm_area_node+0x2cd/0x330 [ 133.665628][ T6639] ? __get_vm_area_node+0x208/0x330 [ 133.665670][ T6639] __vmalloc_node_range_noprof+0xaf5/0x1480 [ 133.665719][ T6639] ? kernel_clone+0xfc/0x930 [ 133.665760][ T6639] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 133.665805][ T6639] ? rcu_is_watching+0x12/0xc0 [ 133.665837][ T6639] ? kernel_clone+0xfc/0x930 [ 133.665868][ T6639] __vmalloc_node_noprof+0xad/0xf0 [ 133.665905][ T6639] ? kernel_clone+0xfc/0x930 [ 133.665933][ T6639] copy_process+0x2c77/0x76a0 [ 133.665958][ T6639] ? __pfx___futex_wait+0x10/0x10 [ 133.666002][ T6639] ? __pfx_copy_process+0x10/0x10 [ 133.666027][ T6639] ? futex_private_hash_put+0x176/0x300 [ 133.666060][ T6639] ? futex_private_hash_put+0x18a/0x300 [ 133.666098][ T6639] kernel_clone+0xfc/0x930 [ 133.666132][ T6639] ? __pfx_kernel_clone+0x10/0x10 [ 133.666184][ T6639] __do_sys_clone+0xce/0x120 [ 133.666216][ T6639] ? __pfx___do_sys_clone+0x10/0x10 [ 133.666267][ T6639] ? xfd_validate_state+0x61/0x180 [ 133.666334][ T6639] do_syscall_64+0xcd/0xfa0 [ 133.666366][ T6639] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 133.666394][ T6639] RIP: 0033:0x7f14fc58efc9 [ 133.666426][ T6639] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 133.666450][ T6639] RSP: 002b:00007f14fa7d4fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 133.666476][ T6639] RAX: ffffffffffffffda RBX: 00007f14fc7e6090 RCX: 00007f14fc58efc9 [ 133.666494][ T6639] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 133.666509][ T6639] RBP: 00007f14fc611f91 R08: 0000000000000000 R09: 0000000000000000 [ 133.666524][ T6639] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 133.666540][ T6639] R13: 00007f14fc7e6128 R14: 00007f14fc7e6090 R15: 00007ffea20d0098 [ 133.666577][ T6639] [ 133.979554][ T6639] Mem-Info: [ 133.995873][ T6639] active_anon:102262 inactive_anon:0 isolated_anon:0 [ 133.995873][ T6639] active_file:15824 inactive_file:40270 isolated_file:0 [ 133.995873][ T6639] unevictable:768 dirty:377 writeback:0 [ 133.995873][ T6639] slab_reclaimable:10862 slab_unreclaimable:93382 [ 133.995873][ T6639] mapped:50282 shmem:92426 pagetables:1251 [ 133.995873][ T6639] sec_pagetables:0 bounce:0 [ 133.995873][ T6639] kernel_misc_reclaimable:0 [ 133.995873][ T6639] free:1220651 free_pcp:24486 free_cma:0 [ 134.044301][ C0] vkms_vblank_simulate: vblank timer overrun [ 134.176176][ T6639] Node 0 active_anon:412048kB inactive_anon:0kB active_file:63296kB inactive_file:160880kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:174728kB dirty:1504kB writeback:0kB shmem:366968kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11572kB pagetables:4880kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 134.230794][ T6639] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:124kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 134.349890][ T6639] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 134.461874][ T6643] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input26 [ 134.479879][ T6639] lowmem_reserve[]: 0 2485 2487 2487 2487 [ 134.486643][ T6639] Node 0 DMA32 free:968380kB boost:0kB min:34108kB low:42632kB high:51156kB reserved_highatomic:0KB free_highatomic:0KB active_anon:393148kB inactive_anon:0kB active_file:63296kB inactive_file:160880kB unevictable:1536kB writepending:1504kB zspages:12kB present:3129332kB managed:2545096kB mlocked:0kB bounce:0kB free_pcp:101264kB local_pcp:37740kB free_cma:0kB [ 134.655867][ T6639] lowmem_reserve[]: 0 0 1 1 1 [ 134.714421][ T6639] Node 0 Normal free:0kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 134.745691][ C0] vkms_vblank_simulate: vblank timer overrun [ 134.763166][ T5843] block nbd2: Receive control failed (result -107) [ 134.890703][ T6639] lowmem_reserve[]: 0 0 0 0 0 [ 134.896054][ T6639] Node 1 Normal free:3891364kB boost:0kB min:55768kB low:69708kB high:83648kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:4kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:20436kB local_pcp:10932kB free_cma:0kB [ 134.932632][ C0] vkms_vblank_simulate: vblank timer overrun [ 135.053124][ T6639] lowmem_reserve[]: 0 0 0 0 0 [ 135.058217][ T6639] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 135.138445][ T6639] Node 0 DMA32: 1730*4kB (UE) 567*8kB (UE) 180*16kB (UE) 3*32kB (UME) 29*64kB (UM) 20*128kB (UME) 14*256kB (UME) 11*512kB (UME) 18*1024kB (UM) 8*2048kB (U) 221*4096kB (UM) = 968096kB [ 135.259914][ T6639] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 135.329987][ T6639] Node 1 Normal: 200*4kB (UME) 67*8kB (UME) 38*16kB (UME) 56*32kB (UME) 23*64kB (UME) 11*128kB (UME) 7*256kB (UME) 4*512kB (UM) 2*1024kB (UE) 2*2048kB (UE) 946*4096kB (M) = 3891416kB [ 135.383353][ T6639] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 135.428620][ T6639] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 135.508045][ T6639] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 135.541942][ T6639] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 135.542044][ T6671] FAULT_INJECTION: forcing a failure. [ 135.542044][ T6671] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 135.570156][ T6639] 131494 total pagecache pages [ 135.578093][ T6639] 0 pages in swap cache [ 135.600017][ T6639] Free swap = 124992kB [ 135.604638][ T6639] Total swap = 124996kB [ 135.610244][ T6671] CPU: 0 UID: 0 PID: 6671 Comm: syz.0.205 Not tainted syzkaller #0 PREEMPT(full) [ 135.610288][ T6671] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 135.610305][ T6671] Call Trace: [ 135.610314][ T6671] [ 135.610325][ T6671] dump_stack_lvl+0x16c/0x1f0 [ 135.610361][ T6671] should_fail_ex+0x512/0x640 [ 135.610406][ T6671] _copy_from_user+0x2e/0xd0 [ 135.610456][ T6671] kvm_dev_ioctl_get_cpuid+0x45a/0x720 [ 135.610498][ T6671] ? __might_fault+0xe3/0x190 [ 135.610524][ T6671] ? __pfx_kvm_dev_ioctl_get_cpuid+0x10/0x10 [ 135.610574][ T6671] kvm_arch_dev_ioctl+0x3f8/0x760 [ 135.610603][ T6671] ? __pfx_kvm_arch_dev_ioctl+0x10/0x10 [ 135.610639][ T6671] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 135.610687][ T6671] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 135.610722][ T6671] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 135.610766][ T6671] kvm_dev_ioctl+0x72d/0x1a80 [ 135.610802][ T6671] ? find_held_lock+0x2b/0x80 [ 135.610829][ T6671] ? hook_file_ioctl_common+0x145/0x410 [ 135.610858][ T6671] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 135.610892][ T6671] ? __fget_files+0x20e/0x3c0 [ 135.610923][ T6671] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 135.610955][ T6671] __x64_sys_ioctl+0x18e/0x210 [ 135.610996][ T6671] do_syscall_64+0xcd/0xfa0 [ 135.611028][ T6671] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 135.611055][ T6671] RIP: 0033:0x7f21ef38efc9 [ 135.611076][ T6671] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 135.611101][ T6671] RSP: 002b:00007f21f027d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 135.611126][ T6671] RAX: ffffffffffffffda RBX: 00007f21ef5e5fa0 RCX: 00007f21ef38efc9 [ 135.611144][ T6671] RDX: 0000000000000000 RSI: 00000000c008ae09 RDI: 0000000000000008 [ 135.611159][ T6671] RBP: 00007f21ef411f91 R08: 0000000000000000 R09: 0000000000000000 [ 135.611174][ T6671] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 135.611189][ T6671] R13: 00007f21ef5e6038 R14: 00007f21ef5e5fa0 R15: 00007ffd9c3f1548 [ 135.611226][ T6671] [ 135.647423][ T6639] 2097051 pages RAM [ 135.651274][ C0] vkms_vblank_simulate: vblank timer overrun [ 135.821817][ T30] audit: type=1800 audit(4294967323.190:2): pid=6677 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.206" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 136.067205][ T6639] 0 pages HighMem/MovableOnly [ 136.105573][ T6639] 428687 pages reserved [ 136.216412][ T6639] 0 pages cma reserved [ 136.306044][ T6680] FAULT_INJECTION: forcing a failure. [ 136.306044][ T6680] name fail_futex, interval 1, probability 0, space 0, times 0 [ 136.319409][ T6680] CPU: 0 UID: 0 PID: 6680 Comm: syz.0.207 Not tainted syzkaller #0 PREEMPT(full) [ 136.319447][ T6680] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 136.319463][ T6680] Call Trace: [ 136.319473][ T6680] [ 136.319483][ T6680] dump_stack_lvl+0x16c/0x1f0 [ 136.319518][ T6680] should_fail_ex+0x512/0x640 [ 136.319564][ T6680] get_futex_key+0x1d0/0x1560 [ 136.319603][ T6680] ? __pfx_get_futex_key+0x10/0x10 [ 136.319640][ T6680] ? import_iovec+0x86/0xb0 [ 136.319670][ T6680] futex_wake+0xea/0x530 [ 136.319705][ T6680] ? futex_wait+0x120/0x380 [ 136.319727][ T6680] ? __pfx_futex_wait+0x10/0x10 [ 136.319768][ T6680] ? __pfx_futex_wake+0x10/0x10 [ 136.319807][ T6680] ? __pfx_vfs_writev+0x10/0x10 [ 136.319834][ T6680] ? __might_fault+0xe3/0x190 [ 136.319858][ T6680] ? __might_fault+0x13b/0x190 [ 136.319892][ T6680] do_futex+0x1e3/0x350 [ 136.319927][ T6680] ? __pfx_do_futex+0x10/0x10 [ 136.319971][ T6680] __x64_sys_futex+0x1e0/0x4c0 [ 136.320010][ T6680] ? __pfx___x64_sys_futex+0x10/0x10 [ 136.320046][ T6680] ? __pfx_do_writev+0x10/0x10 [ 136.320082][ T6680] do_syscall_64+0xcd/0xfa0 [ 136.320115][ T6680] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 136.320142][ T6680] RIP: 0033:0x7f21ef38efc9 [ 136.320163][ T6680] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 136.320188][ T6680] RSP: 002b:00007f21f027d0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 136.320214][ T6680] RAX: ffffffffffffffda RBX: 00007f21ef5e5fa8 RCX: 00007f21ef38efc9 [ 136.320233][ T6680] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f21ef5e5fac [ 136.320250][ T6680] RBP: 00007f21ef5e5fa0 R08: 00007f21f027e000 R09: 0000000000000000 [ 136.320267][ T6680] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 136.320284][ T6680] R13: 00007f21ef5e6038 R14: 00007ffd9c3f1460 R15: 00007ffd9c3f1548 [ 136.320327][ T6680] [ 136.513960][ C0] vkms_vblank_simulate: vblank timer overrun [ 137.117955][ T6683] netlink: 28 bytes leftover after parsing attributes in process `syz.2.209'. [ 137.810327][ T6702] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input27 [ 138.092125][ T6704] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input28 [ 139.091800][ T6718] FAULT_INJECTION: forcing a failure. [ 139.091800][ T6718] name fail_futex, interval 1, probability 0, space 0, times 0 [ 139.112678][ T6718] CPU: 1 UID: 0 PID: 6718 Comm: syz.0.218 Not tainted syzkaller #0 PREEMPT(full) [ 139.112701][ T6718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 139.112709][ T6718] Call Trace: [ 139.112714][ T6718] [ 139.112720][ T6718] dump_stack_lvl+0x16c/0x1f0 [ 139.112740][ T6718] should_fail_ex+0x512/0x640 [ 139.112764][ T6718] get_futex_key+0x1d0/0x1560 [ 139.112802][ T6718] ? __pfx_get_futex_key+0x10/0x10 [ 139.112843][ T6718] ? import_iovec+0x86/0xb0 [ 139.112875][ T6718] futex_wake+0xea/0x530 [ 139.112907][ T6718] ? futex_wait+0x120/0x380 [ 139.112931][ T6718] ? __pfx_futex_wait+0x10/0x10 [ 139.112966][ T6718] ? __pfx_futex_wake+0x10/0x10 [ 139.113004][ T6718] ? __pfx_vfs_writev+0x10/0x10 [ 139.113032][ T6718] ? __might_fault+0xe3/0x190 [ 139.113057][ T6718] ? __might_fault+0x13b/0x190 [ 139.113090][ T6718] do_futex+0x1e3/0x350 [ 139.113125][ T6718] ? __pfx_do_futex+0x10/0x10 [ 139.113169][ T6718] __x64_sys_futex+0x1e0/0x4c0 [ 139.113207][ T6718] ? __pfx___x64_sys_futex+0x10/0x10 [ 139.113243][ T6718] ? __pfx_do_writev+0x10/0x10 [ 139.113279][ T6718] do_syscall_64+0xcd/0xfa0 [ 139.113312][ T6718] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 139.113339][ T6718] RIP: 0033:0x7f21ef38efc9 [ 139.113359][ T6718] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 139.113383][ T6718] RSP: 002b:00007f21f027d0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 139.113408][ T6718] RAX: ffffffffffffffda RBX: 00007f21ef5e5fa8 RCX: 00007f21ef38efc9 [ 139.113426][ T6718] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f21ef5e5fac [ 139.113442][ T6718] RBP: 00007f21ef5e5fa0 R08: 00007f21f027e000 R09: 0000000000000000 [ 139.113459][ T6718] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 139.113476][ T6718] R13: 00007f21ef5e6038 R14: 00007ffd9c3f1460 R15: 00007ffd9c3f1548 [ 139.113513][ T6718] [ 139.524981][ T5843] block nbd3: Receive control failed (result -107) [ 139.709285][ T6726] netlink: 16 bytes leftover after parsing attributes in process `syz.0.221'. [ 140.338789][ T6730] netlink: set zone limit has 8 unknown bytes [ 140.396579][ T6750] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 141.212519][ T6767] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(17) [ 141.297330][ T6772] sg_write: data in/out 825307660/34141 bytes for SCSI command 0x0-- guessing data in; [ 141.297330][ T6772] program syz.3.233 not setting count and/or reply_len properly [ 141.402037][ T6771] netlink: 334 bytes leftover after parsing attributes in process `syz.3.233'. [ 142.665510][ T6800] delete_channel: no stack [ 142.921559][ T6789] netlink: set zone limit has 8 unknown bytes [ 142.987009][ T6806] netlink: 16 bytes leftover after parsing attributes in process `syz.2.240'. [ 142.996294][ T6806] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 143.436646][ T6824] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input29 [ 143.450095][ T6825] FAULT_INJECTION: forcing a failure. [ 143.450095][ T6825] name fail_futex, interval 1, probability 0, space 0, times 0 [ 143.515102][ T6825] CPU: 1 UID: 0 PID: 6825 Comm: syz.2.245 Not tainted syzkaller #0 PREEMPT(full) [ 143.515138][ T6825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 143.515153][ T6825] Call Trace: [ 143.515162][ T6825] [ 143.515172][ T6825] dump_stack_lvl+0x16c/0x1f0 [ 143.515204][ T6825] should_fail_ex+0x512/0x640 [ 143.515245][ T6825] get_futex_key+0x1d0/0x1560 [ 143.515282][ T6825] ? __pfx_get_futex_key+0x10/0x10 [ 143.515315][ T6825] ? import_iovec+0x86/0xb0 [ 143.515343][ T6825] futex_wake+0xea/0x530 [ 143.515382][ T6825] ? __pfx_futex_wake+0x10/0x10 [ 143.515417][ T6825] ? __pfx_vfs_writev+0x10/0x10 [ 143.515457][ T6825] do_futex+0x1e3/0x350 [ 143.515491][ T6825] ? __pfx_do_futex+0x10/0x10 [ 143.515539][ T6825] __x64_sys_futex+0x1e0/0x4c0 [ 143.515577][ T6825] ? __pfx___x64_sys_futex+0x10/0x10 [ 143.515611][ T6825] ? __pfx_do_writev+0x10/0x10 [ 143.515642][ T6825] do_syscall_64+0xcd/0xfa0 [ 143.515671][ T6825] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 143.515697][ T6825] RIP: 0033:0x7f14fc58efc9 [ 143.515723][ T6825] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 143.515746][ T6825] RSP: 002b:00007f14fa7d50e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 143.515770][ T6825] RAX: ffffffffffffffda RBX: 00007f14fc7e6098 RCX: 00007f14fc58efc9 [ 143.515787][ T6825] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f14fc7e609c [ 143.515802][ T6825] RBP: 00007f14fc7e6090 R08: 00007f14fd32f000 R09: 0000000000000000 [ 143.515818][ T6825] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 143.515834][ T6825] R13: 00007f14fc7e6128 R14: 00007ffea20cffb0 R15: 00007ffea20d0098 [ 143.515870][ T6825] [ 143.717038][ T6831] random: crng reseeded on system resumption [ 144.224700][ T6829] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input30 [ 145.113394][ T6852] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input31 [ 145.379114][ T6854] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input32 [ 146.511423][ T6878] FAULT_INJECTION: forcing a failure. [ 146.511423][ T6878] name failslab, interval 1, probability 0, space 0, times 0 [ 146.603477][ T6878] CPU: 0 UID: 0 PID: 6878 Comm: syz.2.258 Not tainted syzkaller #0 PREEMPT(full) [ 146.603508][ T6878] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 146.603519][ T6878] Call Trace: [ 146.603526][ T6878] [ 146.603536][ T6878] dump_stack_lvl+0x16c/0x1f0 [ 146.603568][ T6878] should_fail_ex+0x512/0x640 [ 146.603601][ T6878] ? __kmalloc_noprof+0xca/0x880 [ 146.603644][ T6878] should_failslab+0xc2/0x120 [ 146.603679][ T6878] __kmalloc_noprof+0xdd/0x880 [ 146.603716][ T6878] ? kernfs_fop_write_iter+0x237/0x570 [ 146.603756][ T6878] ? kernfs_fop_write_iter+0x237/0x570 [ 146.603790][ T6878] kernfs_fop_write_iter+0x237/0x570 [ 146.603832][ T6878] do_iter_readv_writev+0x662/0x9e0 [ 146.603861][ T6878] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 146.603900][ T6878] vfs_writev+0x35f/0xde0 [ 146.603931][ T6878] ? __pfx_vfs_writev+0x10/0x10 [ 146.603953][ T6878] ? __mutex_lock+0x1c5/0x1060 [ 146.603990][ T6878] ? __pfx___mutex_lock+0x10/0x10 [ 146.604029][ T6878] ? __fget_files+0x20e/0x3c0 [ 146.604049][ T6878] ? __fget_files+0x200/0x3c0 [ 146.604079][ T6878] ? do_writev+0x132/0x340 [ 146.604097][ T6878] do_writev+0x132/0x340 [ 146.604120][ T6878] ? __pfx_do_writev+0x10/0x10 [ 146.604152][ T6878] do_syscall_64+0xcd/0xfa0 [ 146.604180][ T6878] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 146.604211][ T6878] RIP: 0033:0x7f14fc58efc9 [ 146.604231][ T6878] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 146.604251][ T6878] RSP: 002b:00007f14fa7f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 146.604273][ T6878] RAX: ffffffffffffffda RBX: 00007f14fc7e5fa0 RCX: 00007f14fc58efc9 [ 146.604299][ T6878] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000004 [ 146.604312][ T6878] RBP: 00007f14fa7f6090 R08: 0000000000000000 R09: 0000000000000000 [ 146.604325][ T6878] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 146.604337][ T6878] R13: 00007f14fc7e6038 R14: 00007f14fc7e5fa0 R15: 00007ffea20d0098 [ 146.604371][ T6878] [ 147.296680][ T6887] __vm_enough_memory: pid: 6887, comm: syz.3.261, bytes: 4398046511104 not enough memory for the allocation [ 147.741827][ T5843] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 147.741871][ T5843] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260 [ 147.757604][ T5843] Bluetooth: hci0: Unknown advertising packet type: 0x7f [ 147.757663][ T5843] Bluetooth: hci0: adv larger than maximum supported [ 147.765966][ T5843] Bluetooth: hci0: Malformed LE Event: 0x0d [ 147.955330][ T6908] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input33 [ 148.101035][ T6913] random: crng reseeded on system resumption [ 148.176281][ T6912] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input34 [ 150.118253][ T6944] netlink: zone id is out of range [ 150.161265][ T6944] netlink: del zone limit has 4 unknown bytes [ 150.161465][ T6940] netlink: set zone limit has 8 unknown bytes [ 150.846037][ T6965] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input35 [ 150.969687][ T6971] random: crng reseeded on system resumption [ 151.010505][ T6968] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input36 [ 152.165701][ T6986] could not allocate digest TFM handle [ 153.280702][ T7003] netlink: set zone limit has 8 unknown bytes [ 153.332602][ T7003] netlink: zone id is out of range [ 153.337755][ T7003] netlink: del zone limit has 4 unknown bytes [ 155.329956][ T30] audit: type=1800 audit(4294967342.790:3): pid=7043 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.303" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 155.629141][ T7054] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 156.051087][ T7064] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input37 [ 156.224840][ T7071] random: crng reseeded on system resumption [ 156.252130][ T7070] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input38 [ 157.264868][ T7094] vhci_hcd: invalid port number 16 [ 157.270119][ T7094] vhci_hcd: invalid port number 16 [ 157.405878][ T30] audit: type=1800 audit(4294967344.870:4): pid=7092 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.316" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 158.159142][ T7107] netlink: zone id is out of range [ 158.176876][ T7107] netlink: zone id is out of range [ 159.243289][ T7127] vivid-003: ================= START STATUS ================= [ 159.271967][ T7127] vivid-003: Radio HW Seek Mode: Bounded [ 159.278813][ T7127] vivid-003: Radio Programmable HW Seek: false [ 159.288988][ T7127] vivid-003: RDS Rx I/O Mode: Block I/O [ 159.309318][ T7127] vivid-003: Generate RBDS Instead of RDS: false [ 159.316229][ T7127] vivid-003: RDS Reception: true [ 159.367008][ T7127] vivid-003: RDS Program Type: 0 inactive [ 159.391842][ T7127] vivid-003: RDS PS Name: inactive [ 159.397803][ T7127] vivid-003: RDS Radio Text: inactive [ 159.403931][ T7127] vivid-003: RDS Traffic Announcement: false inactive [ 159.410988][ T7127] vivid-003: RDS Traffic Program: false inactive [ 159.417414][ T7127] vivid-003: RDS Music: false inactive [ 159.423516][ T7127] vivid-003: ================== END STATUS ================== [ 159.443556][ T7134] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input39 [ 159.551276][ T7134] random: crng reseeded on system resumption [ 159.644873][ T7139] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input40 [ 160.277202][ T7148] MTRR 1 not used [ 161.142386][ T7170] netlink: 268 bytes leftover after parsing attributes in process `syz.3.333'. [ 161.581448][ T7189] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input41 [ 161.708548][ T7191] random: crng reseeded on system resumption [ 161.803231][ T7190] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input42 [ 163.722661][ T7227] synth uevent: /module/printk: unknown uevent action string [ 165.114669][ T5843] block nbd4: Receive control failed (result -107) [ 165.352284][ T7276] netlink: 36 bytes leftover after parsing attributes in process `syz.0.356'. [ 165.378380][ T7276] FAULT_INJECTION: forcing a failure. [ 165.378380][ T7276] name failslab, interval 1, probability 0, space 0, times 0 [ 165.435079][ T7276] CPU: 1 UID: 0 PID: 7276 Comm: syz.0.356 Not tainted syzkaller #0 PREEMPT(full) [ 165.435115][ T7276] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 165.435139][ T7276] Call Trace: [ 165.435148][ T7276] [ 165.435157][ T7276] dump_stack_lvl+0x16c/0x1f0 [ 165.435193][ T7276] should_fail_ex+0x512/0x640 [ 165.435229][ T7276] ? __kmalloc_cache_noprof+0x5f/0x780 [ 165.435276][ T7276] should_failslab+0xc2/0x120 [ 165.435308][ T7276] __kmalloc_cache_noprof+0x72/0x780 [ 165.435337][ T7276] ? aa_get_newest_label+0xd2/0x250 [ 165.435357][ T7276] ? single_open+0x4d/0x1f0 [ 165.435377][ T7276] ? __pfx_mtrr_seq_show+0x10/0x10 [ 165.435396][ T7276] ? single_open+0x4d/0x1f0 [ 165.435414][ T7276] single_open+0x4d/0x1f0 [ 165.435432][ T7276] mtrr_open+0x94/0xe0 [ 165.435449][ T7276] ? __pfx_mtrr_open+0x10/0x10 [ 165.435465][ T7276] proc_reg_open+0x2ab/0x5f0 [ 165.435485][ T7276] do_dentry_open+0x982/0x1530 [ 165.435501][ T7276] ? __pfx_proc_reg_open+0x10/0x10 [ 165.435522][ T7276] vfs_open+0x82/0x3f0 [ 165.435543][ T7276] path_openat+0x1de4/0x2cb0 [ 165.435564][ T7276] ? __pfx_path_openat+0x10/0x10 [ 165.435579][ T7276] ? __lock_acquire+0xb8a/0x1c90 [ 165.435600][ T7276] do_filp_open+0x20b/0x470 [ 165.435615][ T7276] ? __pfx_do_filp_open+0x10/0x10 [ 165.435642][ T7276] ? alloc_fd+0x471/0x7d0 [ 165.435660][ T7276] do_sys_openat2+0x11b/0x1d0 [ 165.435679][ T7276] ? __pfx_do_sys_openat2+0x10/0x10 [ 165.435704][ T7276] __x64_sys_openat+0x174/0x210 [ 165.435724][ T7276] ? __pfx___x64_sys_openat+0x10/0x10 [ 165.435751][ T7276] do_syscall_64+0xcd/0xfa0 [ 165.435767][ T7276] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 165.435781][ T7276] RIP: 0033:0x7f21ef38efc9 [ 165.435793][ T7276] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 165.435805][ T7276] RSP: 002b:00007f21f027d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 165.435819][ T7276] RAX: ffffffffffffffda RBX: 00007f21ef5e5fa0 RCX: 00007f21ef38efc9 [ 165.435827][ T7276] RDX: 00000000000c0000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 165.435836][ T7276] RBP: 00007f21ef411f91 R08: 0000000000000000 R09: 0000000000000000 [ 165.435845][ T7276] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 165.435853][ T7276] R13: 00007f21ef5e6038 R14: 00007f21ef5e5fa0 R15: 00007ffd9c3f1548 [ 165.435874][ T7276] [ 166.406500][ T5843] block nbd5: Receive control failed (result -107) [ 166.530468][ T7307] netlink: zone id is out of range [ 166.600101][ T7307] netlink: del zone limit has 4 unknown bytes [ 166.609329][ T7300] netlink: set zone limit has 8 unknown bytes [ 167.026507][ T7328] netlink: 28 bytes leftover after parsing attributes in process `syz.0.368'. [ 167.522647][ T5843] block nbd6: Receive control failed (result -107) [ 167.997355][ T7350] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input43 [ 168.099116][ T7353] random: crng reseeded on system resumption [ 168.788455][ T7366] raw_sendmsg: syz.0.383 forgot to set AF_INET. Fix it! [ 169.128431][ T5843] block nbd7: Receive control failed (result -107) [ 170.414671][ T7404] ptrace attach of "./syz-executor exec"[7405] was attempted by "./syz-executor exec"[7404] [ 170.508366][ T7408] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input44 [ 171.880327][ T7432] netlink: zone id is out of range [ 171.899955][ T7432] netlink: del zone limit has 4 unknown bytes [ 171.917894][ T7425] netlink: set zone limit has 8 unknown bytes [ 172.756956][ T7457] zswap: compressor not available [ 172.893333][ T7457] syz.0.403 uses obsolete (PF_INET,SOCK_PACKET) [ 173.518958][ T7457] zswap: compressor not available [ 173.925682][ T7489] netlink: 338 bytes leftover after parsing attributes in process `syz.1.410'. [ 173.950239][ T7489] ipvlan1: entered allmulticast mode [ 173.955582][ T7489] veth0_vlan: entered allmulticast mode [ 174.224147][ T7501] netlink: 186 bytes leftover after parsing attributes in process `syz.3.414'. [ 174.263163][ T7502] netlink: 186 bytes leftover after parsing attributes in process `syz.3.414'. [ 174.565136][ T7496] netlink: set zone limit has 8 unknown bytes [ 175.340874][ T7523] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input45 [ 175.430062][ T7525] random: crng reseeded on system resumption [ 175.745913][ T7532] FAULT_INJECTION: forcing a failure. [ 175.745913][ T7532] name failslab, interval 1, probability 0, space 0, times 0 [ 175.789988][ T7532] CPU: 1 UID: 0 PID: 7532 Comm: syz.2.420 Not tainted syzkaller #0 PREEMPT(full) [ 175.790025][ T7532] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 175.790040][ T7532] Call Trace: [ 175.790049][ T7532] [ 175.790059][ T7532] dump_stack_lvl+0x16c/0x1f0 [ 175.790093][ T7532] should_fail_ex+0x512/0x640 [ 175.790129][ T7532] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 175.790151][ T7532] should_failslab+0xc2/0x120 [ 175.790170][ T7532] kmem_cache_alloc_noprof+0x75/0x6e0 [ 175.790184][ T7532] ? security_file_alloc+0x34/0x2b0 [ 175.790202][ T7532] ? security_file_alloc+0x34/0x2b0 [ 175.790215][ T7532] security_file_alloc+0x34/0x2b0 [ 175.790230][ T7532] init_file+0x93/0x4c0 [ 175.790248][ T7532] alloc_empty_file+0x73/0x1e0 [ 175.790267][ T7532] path_openat+0xda/0x2cb0 [ 175.790287][ T7532] ? __pfx_path_openat+0x10/0x10 [ 175.790303][ T7532] ? __lock_acquire+0xb8a/0x1c90 [ 175.790330][ T7532] do_filp_open+0x20b/0x470 [ 175.790346][ T7532] ? __pfx_do_filp_open+0x10/0x10 [ 175.790375][ T7532] ? alloc_fd+0x471/0x7d0 [ 175.790394][ T7532] do_sys_openat2+0x11b/0x1d0 [ 175.790415][ T7532] ? __pfx_do_sys_openat2+0x10/0x10 [ 175.790441][ T7532] __x64_sys_openat+0x174/0x210 [ 175.790461][ T7532] ? __pfx___x64_sys_openat+0x10/0x10 [ 175.790487][ T7532] do_syscall_64+0xcd/0xfa0 [ 175.790504][ T7532] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 175.790518][ T7532] RIP: 0033:0x7f14fc58efc9 [ 175.790530][ T7532] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 175.790543][ T7532] RSP: 002b:00007f14fa7d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 175.790557][ T7532] RAX: ffffffffffffffda RBX: 00007f14fc7e6090 RCX: 00007f14fc58efc9 [ 175.790566][ T7532] RDX: 0000000000014a00 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 175.790575][ T7532] RBP: 00007f14fc611f91 R08: 0000000000000000 R09: 0000000000000000 [ 175.790583][ T7532] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 175.790590][ T7532] R13: 00007f14fc7e6128 R14: 00007f14fc7e6090 R15: 00007ffea20d0098 [ 175.790609][ T7532] [ 178.773528][ T7602] ptrace attach of "./syz-executor exec"[7605] was attempted by "./syz-executor exec"[7602] [ 179.061294][ T7613] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input46 [ 181.375652][ T7667] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input47 [ 181.490363][ T7671] random: crng reseeded on system resumption [ 181.557360][ T7670] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input48 [ 182.544284][ T7690] FAULT_INJECTION: forcing a failure. [ 182.544284][ T7690] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 182.558087][ T7690] CPU: 0 UID: 0 PID: 7690 Comm: syz.3.458 Not tainted syzkaller #0 PREEMPT(full) [ 182.558125][ T7690] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 182.558141][ T7690] Call Trace: [ 182.558149][ T7690] [ 182.558160][ T7690] dump_stack_lvl+0x16c/0x1f0 [ 182.558197][ T7690] should_fail_ex+0x512/0x640 [ 182.558243][ T7690] should_fail_alloc_page+0xe7/0x130 [ 182.558282][ T7690] prepare_alloc_pages+0x3c2/0x610 [ 182.558322][ T7690] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 182.558358][ T7690] ? mark_held_locks+0x49/0x80 [ 182.558389][ T7690] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 182.558415][ T7690] ? lockdep_hardirqs_on+0x7c/0x110 [ 182.558444][ T7690] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 182.558472][ T7690] ? stack_depot_save_flags+0x3de/0x9c0 [ 182.558513][ T7690] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 182.558544][ T7690] ? kasan_save_stack+0x42/0x60 [ 182.558572][ T7690] ? kasan_save_stack+0x33/0x60 [ 182.558600][ T7690] ? kasan_save_track+0x14/0x30 [ 182.558627][ T7690] ? __kasan_kmalloc+0xaa/0xb0 [ 182.558654][ T7690] ? mon_bin_open+0x1a8/0x4a0 [ 182.558689][ T7690] ? do_sys_openat2+0x11b/0x1d0 [ 182.558724][ T7690] ? __x64_sys_openat+0x174/0x210 [ 182.558761][ T7690] ? do_syscall_64+0xcd/0xfa0 [ 182.558789][ T7690] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 182.558823][ T7690] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 182.558877][ T7690] ? policy_nodemask+0xea/0x4e0 [ 182.558916][ T7690] alloc_pages_mpol+0x1fb/0x550 [ 182.558953][ T7690] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 182.558999][ T7690] alloc_pages_noprof+0x131/0x390 [ 182.559038][ T7690] get_zeroed_page_noprof+0x18/0xb0 [ 182.559071][ T7690] mon_alloc_buff+0xce/0x1b0 [ 182.559101][ T7690] ? kasan_save_track+0x14/0x30 [ 182.559135][ T7690] mon_bin_open+0x207/0x4a0 [ 182.559168][ T7690] ? __pfx_mon_bin_open+0x10/0x10 [ 182.559199][ T7690] chrdev_open+0x234/0x6a0 [ 182.559232][ T7690] ? __pfx_chrdev_open+0x10/0x10 [ 182.559266][ T7690] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 182.559302][ T7690] do_dentry_open+0x982/0x1530 [ 182.559333][ T7690] ? __pfx_chrdev_open+0x10/0x10 [ 182.559371][ T7690] vfs_open+0x82/0x3f0 [ 182.559412][ T7690] path_openat+0x1de4/0x2cb0 [ 182.559471][ T7690] ? __pfx_path_openat+0x10/0x10 [ 182.559503][ T7690] ? __lock_acquire+0xb8a/0x1c90 [ 182.559544][ T7690] do_filp_open+0x20b/0x470 [ 182.559574][ T7690] ? __pfx_do_filp_open+0x10/0x10 [ 182.559628][ T7690] ? alloc_fd+0x471/0x7d0 [ 182.559665][ T7690] do_sys_openat2+0x11b/0x1d0 [ 182.559703][ T7690] ? __pfx_do_sys_openat2+0x10/0x10 [ 182.559754][ T7690] __x64_sys_openat+0x174/0x210 [ 182.559787][ T7690] ? __pfx___x64_sys_openat+0x10/0x10 [ 182.559833][ T7690] do_syscall_64+0xcd/0xfa0 [ 182.559869][ T7690] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 182.559894][ T7690] RIP: 0033:0x7f65abb8efc9 [ 182.559915][ T7690] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 182.559938][ T7690] RSP: 002b:00007f65acaee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 182.559970][ T7690] RAX: ffffffffffffffda RBX: 00007f65abde6090 RCX: 00007f65abb8efc9 [ 182.559988][ T7690] RDX: 0000000000002402 RSI: 0000200000000340 RDI: ffffffffffffff9c [ 182.560006][ T7690] RBP: 00007f65abc11f91 R08: 0000000000000000 R09: 0000000000000000 [ 182.560022][ T7690] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 182.560037][ T7690] R13: 00007f65abde6128 R14: 00007f65abde6090 R15: 00007ffe78e620c8 [ 182.560075][ T7690] [ 183.339340][ T5843] block nbd8: Receive control failed (result -107) [ 184.967318][ T7708] zswap: compressor not available [ 185.433676][ T7708] zswap: compressor not available [ 186.508608][ T30] audit: type=1800 audit(4294967373.970:5): pid=7757 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.471" name="lu_gp_id" dev="configfs" ino=16263 res=0 errno=0 [ 188.072604][ T5843] block nbd9: Receive control failed (result -107) [ 188.272394][ T7788] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input49 [ 188.388265][ T7792] random: crng reseeded on system resumption [ 188.674168][ T7789] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input50 [ 189.229084][ T7807] i2c i2c-0: new_device: Extra parameters [ 189.423777][ T7809] nvme_fabrics: missing parameter 'transport=%s' [ 189.433030][ T7809] nvme_fabrics: missing parameter 'nqn=%s' [ 189.667001][ T7817] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input51 [ 189.831650][ T7820] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input52 [ 189.833504][ T7817] random: crng reseeded on system resumption [ 190.048302][ T7799] netlink: set zone limit has 8 unknown bytes [ 190.494995][ T30] audit: type=1800 audit(4294967377.960:6): pid=7835 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.488" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 191.201324][ T7837] netlink: set zone limit has 8 unknown bytes [ 194.346240][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.352595][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.642902][ T5843] block nbd10: Receive control failed (result -107) [ 195.113964][ T7924] netlink: set zone limit has 8 unknown bytes [ 195.133001][ T7924] netlink: zone id is out of range [ 195.138184][ T7924] netlink: del zone limit has 4 unknown bytes [ 195.303837][ T7944] block nbd9: Cannot use ioctl interface on a netlink controlled device. [ 195.643286][ T7959] sp0: Synchronizing with TNC [ 195.804703][ T7959] sp0: Synchronizing with TNC [ 195.821188][ T7965] i2c i2c-0: new_device: Extra parameters [ 195.852364][ T5843] block nbd11: Receive control failed (result -107) [ 196.212461][ T7973] aoe: could not set interface list: too many interfaces [ 196.241799][ T7976] aoe: could not set interface list: too many interfaces [ 197.218020][ T7986] netlink: set zone limit has 8 unknown bytes [ 197.233446][ T7989] netlink: zone id is out of range [ 197.239258][ T7989] netlink: del zone limit has 4 unknown bytes [ 197.888144][ T7996] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 199.199107][ T8039] netlink: 8 bytes leftover after parsing attributes in process `syz.1.541'. [ 199.454138][ T8044] FAULT_INJECTION: forcing a failure. [ 199.454138][ T8044] name fail_futex, interval 1, probability 0, space 0, times 0 [ 199.503035][ T8044] CPU: 0 UID: 0 PID: 8044 Comm: syz.0.542 Not tainted syzkaller #0 PREEMPT(full) [ 199.503070][ T8044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 199.503084][ T8044] Call Trace: [ 199.503093][ T8044] [ 199.503103][ T8044] dump_stack_lvl+0x16c/0x1f0 [ 199.503137][ T8044] should_fail_ex+0x512/0x640 [ 199.503176][ T8044] get_futex_key+0x293/0x1560 [ 199.503213][ T8044] ? __pfx_get_futex_key+0x10/0x10 [ 199.503245][ T8044] ? __mutex_trylock_common+0xe9/0x250 [ 199.503290][ T8044] futex_wake+0xea/0x530 [ 199.503333][ T8044] ? __pfx_futex_wake+0x10/0x10 [ 199.503367][ T8044] ? __lock_acquire+0xb8a/0x1c90 [ 199.503410][ T8044] do_futex+0x1e3/0x350 [ 199.503445][ T8044] ? __pfx_do_futex+0x10/0x10 [ 199.503476][ T8044] ? __might_fault+0xe3/0x190 [ 199.503512][ T8044] mm_release+0x24e/0x300 [ 199.503542][ T8044] do_exit+0x68e/0x2bf0 [ 199.503584][ T8044] ? __pfx_do_exit+0x10/0x10 [ 199.503714][ T8044] ? do_raw_spin_lock+0x12c/0x2b0 [ 199.503758][ T8044] ? find_held_lock+0x2b/0x80 [ 199.503790][ T8044] do_group_exit+0xd3/0x2a0 [ 199.503828][ T8044] get_signal+0x2671/0x26d0 [ 199.503862][ T8044] ? __might_fault+0x13b/0x190 [ 199.503894][ T8044] ? __pfx_get_signal+0x10/0x10 [ 199.503922][ T8044] ? do_futex+0x122/0x350 [ 199.503956][ T8044] ? __pfx_do_futex+0x10/0x10 [ 199.503992][ T8044] arch_do_signal_or_restart+0x8f/0x790 [ 199.504026][ T8044] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 199.504068][ T8044] ? __pfx_do_writev+0x10/0x10 [ 199.504102][ T8044] exit_to_user_mode_loop+0x85/0x130 [ 199.504141][ T8044] do_syscall_64+0x426/0xfa0 [ 199.504174][ T8044] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 199.504200][ T8044] RIP: 0033:0x7f21ef38efc9 [ 199.504221][ T8044] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 199.504245][ T8044] RSP: 002b:00007f21f027d0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 199.504269][ T8044] RAX: fffffffffffffe00 RBX: 00007f21ef5e5fa8 RCX: 00007f21ef38efc9 [ 199.504287][ T8044] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f21ef5e5fa8 [ 199.504303][ T8044] RBP: 00007f21ef5e5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 199.504319][ T8044] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 199.504334][ T8044] R13: 00007f21ef5e6038 R14: 00007ffd9c3f1460 R15: 00007ffd9c3f1548 [ 199.504380][ T8044] [ 200.462180][ T8067] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input53 [ 200.653882][ T8069] random: crng reseeded on system resumption [ 200.713336][ T8068] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input54 [ 200.855888][ T8073] futex_wake_op: syz.3.551 tries to shift op by -2048; fix this program [ 200.971461][ T8073] futex_wake_op: syz.3.551 tries to shift op by -2048; fix this program [ 201.390343][ T984] smpboot: CPU 1 is now offline [ 202.172663][ T8103] FAULT_INJECTION: forcing a failure. [ 202.172663][ T8103] name fail_futex, interval 1, probability 0, space 0, times 0 [ 202.273744][ T8103] CPU: 0 UID: 0 PID: 8103 Comm: syz.3.554 Not tainted syzkaller #0 PREEMPT(full) [ 202.273766][ T8103] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 202.273774][ T8103] Call Trace: [ 202.273779][ T8103] [ 202.273785][ T8103] dump_stack_lvl+0x16c/0x1f0 [ 202.273805][ T8103] should_fail_ex+0x512/0x640 [ 202.273830][ T8103] get_futex_key+0x1d0/0x1560 [ 202.273851][ T8103] ? __pfx_get_futex_key+0x10/0x10 [ 202.273870][ T8103] ? import_iovec+0x86/0xb0 [ 202.273886][ T8103] futex_wake+0xea/0x530 [ 202.273908][ T8103] ? __pfx_futex_wake+0x10/0x10 [ 202.273928][ T8103] ? __pfx_vfs_writev+0x10/0x10 [ 202.273958][ T8103] do_futex+0x1e3/0x350 [ 202.273978][ T8103] ? __pfx_do_futex+0x10/0x10 [ 202.274002][ T8103] __x64_sys_futex+0x1e0/0x4c0 [ 202.274023][ T8103] ? __pfx___x64_sys_futex+0x10/0x10 [ 202.274042][ T8103] ? __pfx_do_writev+0x10/0x10 [ 202.274062][ T8103] do_syscall_64+0xcd/0xfa0 [ 202.274084][ T8103] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 202.274099][ T8103] RIP: 0033:0x7f65abb8efc9 [ 202.274112][ T8103] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 202.274125][ T8103] RSP: 002b:00007f65acaee0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 202.274143][ T8103] RAX: ffffffffffffffda RBX: 00007f65abde6098 RCX: 00007f65abb8efc9 [ 202.274152][ T8103] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f65abde609c [ 202.274161][ T8103] RBP: 00007f65abde6090 R08: 00007f65acb10000 R09: 0000000000000000 [ 202.274169][ T8103] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 202.274178][ T8103] R13: 00007f65abde6128 R14: 00007ffe78e61fe0 R15: 00007ffe78e620c8 [ 202.274197][ T8103] [ 203.322799][ T8132] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input55 [ 203.421646][ T8131] netlink: zone id is out of range [ 203.507726][ T8131] netlink: del zone limit has 4 unknown bytes [ 203.552943][ T8136] netlink: 8 bytes leftover after parsing attributes in process `syz.0.563'. [ 203.640993][ T8120] netlink: set zone limit has 8 unknown bytes [ 203.776661][ T8134] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input56 [ 206.263232][ T5840] Bluetooth: hci0: command 0x0406 tx timeout [ 206.269270][ T5840] Bluetooth: hci1: command 0x0406 tx timeout [ 206.662120][ T5833] Bluetooth: hci3: command 0x0406 tx timeout [ 206.678465][ T5843] Bluetooth: hci2: command 0x0406 tx timeout [ 206.920240][ T8193] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input57 [ 207.137131][ T8197] random: crng reseeded on system resumption [ 207.252906][ T8196] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input58 [ 208.107864][ T8201] netlink: zone id is out of range [ 208.126747][ T8214] Invalid ELF header magic: != ELF [ 208.166883][ T8201] netlink: del zone limit has 4 unknown bytes [ 208.200665][ T8199] netlink: set zone limit has 8 unknown bytes [ 208.440726][ T8214] Invalid ELF header magic: != ELF [ 208.490616][ T8214] Invalid ELF header magic: != ELF [ 208.543315][ T8214] Invalid ELF header magic: != ELF [ 208.607302][ T8214] Invalid ELF header magic: != ELF [ 208.673542][ T8214] Invalid ELF header magic: != ELF [ 208.743788][ T8214] Invalid ELF header magic: != ELF [ 208.797941][ T8214] Invalid ELF header magic: != ELF [ 208.854357][ T8214] Invalid ELF header magic: != ELF [ 208.916562][ T8214] Invalid ELF header magic: != ELF [ 208.987291][ T8214] Invalid ELF header magic: != ELF [ 208.997290][ T8224] netlink: 186 bytes leftover after parsing attributes in process `syz.0.579'. [ 209.044496][ T8214] Invalid ELF header magic: != ELF [ 209.122867][ T8214] Invalid ELF header magic: != ELF [ 209.213657][ T8214] Invalid ELF header magic: != ELF [ 209.289148][ T8214] Invalid ELF header magic: != ELF [ 209.657840][ T8234] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input59 [ 209.822521][ T8239] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input60 [ 210.056993][ T8242] netlink: 8 bytes leftover after parsing attributes in process `syz.3.584'. [ 210.862177][ T8252] netlink: set zone limit has 8 unknown bytes [ 211.315942][ T8238] netlink: zone id is out of range [ 211.354966][ T8238] netlink: del zone limit has 4 unknown bytes [ 213.223829][ T8297] netlink: zone id is out of range [ 213.319631][ T8297] netlink: del zone limit has 4 unknown bytes [ 213.372816][ T8292] netlink: set zone limit has 8 unknown bytes [ 213.927881][ T8311] ima: policy update failed [ 213.947543][ T30] audit: type=1802 audit(4294967401.410:7): pid=8311 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.602" res=0 errno=0 [ 213.972185][ T8308] netlink: 25 bytes leftover after parsing attributes in process `syz.0.602'. [ 214.351330][ T8319] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input61 [ 214.508442][ T8324] random: crng reseeded on system resumption [ 214.692163][ T8322] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input62 [ 215.505059][ T8335] syz.0.609 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 215.619954][ T8336] FAULT_INJECTION: forcing a failure. [ 215.619954][ T8336] name failslab, interval 1, probability 0, space 0, times 0 [ 215.722118][ T8336] CPU: 0 UID: 0 PID: 8336 Comm: syz.0.609 Not tainted syzkaller #0 PREEMPT(full) [ 215.722140][ T8336] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 215.722149][ T8336] Call Trace: [ 215.722155][ T8336] [ 215.722161][ T8336] dump_stack_lvl+0x16c/0x1f0 [ 215.722182][ T8336] should_fail_ex+0x512/0x640 [ 215.722204][ T8336] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0 [ 215.722221][ T8336] should_failslab+0xc2/0x120 [ 215.722240][ T8336] kmem_cache_alloc_lru_noprof+0x79/0x6e0 [ 215.722255][ T8336] ? __d_alloc+0x32/0xae0 [ 215.722274][ T8336] ? __d_alloc+0x32/0xae0 [ 215.722288][ T8336] __d_alloc+0x32/0xae0 [ 215.722306][ T8336] d_alloc_pseudo+0x1c/0xc0 [ 215.722326][ T8336] alloc_file_pseudo+0xcf/0x230 [ 215.722347][ T8336] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 215.722369][ T8336] ? alloc_fd+0x471/0x7d0 [ 215.722385][ T8336] sock_alloc_file+0x50/0x210 [ 215.722402][ T8336] __sys_socket+0x1c0/0x260 [ 215.722421][ T8336] ? __pfx___sys_socket+0x10/0x10 [ 215.722439][ T8336] ? xfd_validate_state+0x61/0x180 [ 215.722458][ T8336] ? __pfx_ksys_write+0x10/0x10 [ 215.722476][ T8336] __x64_sys_socket+0x72/0xb0 [ 215.722493][ T8336] ? lockdep_hardirqs_on+0x7c/0x110 [ 215.722509][ T8336] do_syscall_64+0xcd/0xfa0 [ 215.722525][ T8336] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 215.722540][ T8336] RIP: 0033:0x7f21ef38efc9 [ 215.722551][ T8336] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 215.722564][ T8336] RSP: 002b:00007f21f023b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 215.722578][ T8336] RAX: ffffffffffffffda RBX: 00007f21ef5e6180 RCX: 00007f21ef38efc9 [ 215.722587][ T8336] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 215.722595][ T8336] RBP: 00007f21ef411f91 R08: 0000000000000000 R09: 0000000000000000 [ 215.722603][ T8336] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 215.722611][ T8336] R13: 00007f21ef5e6218 R14: 00007f21ef5e6180 R15: 00007ffd9c3f1548 [ 215.722629][ T8336] [ 216.574586][ T5844] block nbd12: Receive control failed (result -107) [ 217.011561][ T8357] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input63 [ 217.158154][ T8362] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input64 [ 217.313350][ T8354] netlink: zone id is out of range [ 217.361725][ T8354] netlink: del zone limit has 4 unknown bytes [ 217.376899][ T8366] netlink: 8 bytes leftover after parsing attributes in process `syz.0.614'. [ 217.425524][ T8352] netlink: set zone limit has 8 unknown bytes [ 217.949232][ T5878] Process accounting resumed [ 218.275532][ T8379] FAULT_INJECTION: forcing a failure. [ 218.275532][ T8379] name fail_futex, interval 1, probability 0, space 0, times 0 [ 218.323092][ T8379] CPU: 0 UID: 0 PID: 8379 Comm: syz.2.619 Not tainted syzkaller #0 PREEMPT(full) [ 218.323114][ T8379] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 218.323122][ T8379] Call Trace: [ 218.323127][ T8379] [ 218.323133][ T8379] dump_stack_lvl+0x16c/0x1f0 [ 218.323161][ T8379] should_fail_ex+0x512/0x640 [ 218.323186][ T8379] get_futex_key+0x1d0/0x1560 [ 218.323209][ T8379] ? __pfx_get_futex_key+0x10/0x10 [ 218.323227][ T8379] ? import_iovec+0x86/0xb0 [ 218.323243][ T8379] futex_wake+0xea/0x530 [ 218.323262][ T8379] ? futex_wait+0x120/0x380 [ 218.323273][ T8379] ? __pfx_futex_wait+0x10/0x10 [ 218.323293][ T8379] ? __pfx_futex_wake+0x10/0x10 [ 218.323313][ T8379] ? __pfx_vfs_writev+0x10/0x10 [ 218.323329][ T8379] ? __might_fault+0xe3/0x190 [ 218.323341][ T8379] ? __might_fault+0x13b/0x190 [ 218.323358][ T8379] do_futex+0x1e3/0x350 [ 218.323376][ T8379] ? __pfx_do_futex+0x10/0x10 [ 218.323398][ T8379] __x64_sys_futex+0x1e0/0x4c0 [ 218.323418][ T8379] ? __pfx___x64_sys_futex+0x10/0x10 [ 218.323437][ T8379] ? __pfx_do_writev+0x10/0x10 [ 218.323455][ T8379] do_syscall_64+0xcd/0xfa0 [ 218.323472][ T8379] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 218.323486][ T8379] RIP: 0033:0x7f14fc58efc9 [ 218.323497][ T8379] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 218.323510][ T8379] RSP: 002b:00007f14fa7f60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 218.323524][ T8379] RAX: ffffffffffffffda RBX: 00007f14fc7e5fa8 RCX: 00007f14fc58efc9 [ 218.323533][ T8379] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f14fc7e5fac [ 218.323541][ T8379] RBP: 00007f14fc7e5fa0 R08: 00007f14fd32f000 R09: 0000000000000000 [ 218.323549][ T8379] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 218.323557][ T8379] R13: 00007f14fc7e6038 R14: 00007ffea20cffb0 R15: 00007ffea20d0098 [ 218.323576][ T8379] [ 218.562625][ T8375] netlink: set zone limit has 8 unknown bytes [ 218.574562][ T8375] netlink: zone id is out of range [ 218.580655][ T8375] netlink: del zone limit has 4 unknown bytes [ 218.662547][ T8383] netlink: 186 bytes leftover after parsing attributes in process `syz.1.620'. [ 218.732071][ T8368] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 218.749867][ T8368] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 219.004415][ T8368] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 219.030877][ T8368] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 219.062486][ T8368] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 219.093897][ T8368] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 219.137468][ T8368] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 219.157327][ T8368] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 219.252237][ T8368] Process accounting resumed [ 219.513414][ T8405] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input65 [ 219.628837][ T8408] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input66 [ 219.701092][ T5844] Bluetooth: hci0: command 0x0406 tx timeout [ 219.856593][ T8412] netlink: 8 bytes leftover after parsing attributes in process `syz.2.627'. [ 220.319390][ T8423] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input67 [ 220.504849][ T8425] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input68 [ 220.740821][ T8423] netlink: 8 bytes leftover after parsing attributes in process `syz.2.631'. [ 221.062771][ T5844] Bluetooth: hci2: command 0x0406 tx timeout [ 221.139854][ T5844] Bluetooth: hci3: command 0x0406 tx timeout [ 221.223022][ T5844] Bluetooth: hci1: command 0x0406 tx timeout [ 221.375087][ T8438] i2c i2c-0: new_device: Instantiated device card: at 0x01 [ 221.660524][ T8448] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE r҄y*"l-y– [ 221.783281][ T5844] Bluetooth: hci0: command 0x0406 tx timeout [ 222.805391][ T8474] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input69 [ 222.946917][ T8482] random: crng reseeded on system resumption [ 223.140786][ T5844] Bluetooth: hci2: command 0x0406 tx timeout [ 223.170995][ T8478] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input70 [ 223.220872][ T5844] Bluetooth: hci3: command 0x0406 tx timeout [ 223.299911][ T5844] Bluetooth: hci1: command 0x0406 tx timeout [ 223.527873][ T8489] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input71 [ 223.758628][ T8491] netlink: 8 bytes leftover after parsing attributes in process `syz.0.644'. [ 223.937601][ T8490] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input72 [ 224.230003][ T8501] futex_wake_op: syz.1.648 tries to shift op by -2048; fix this program [ 224.279551][ T8501] futex_wake_op: syz.1.648 tries to shift op by -2048; fix this program [ 224.439118][ T8507] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE r҄y*"l-y–L̓]' [ 224.532803][ T8507] CPU: 0 UID: 0 PID: 8507 Comm: syz.0.650 Not tainted syzkaller #0 PREEMPT(full) [ 224.532825][ T8507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 224.532834][ T8507] Call Trace: [ 224.532839][ T8507] [ 224.532845][ T8507] dump_stack_lvl+0x16c/0x1f0 [ 224.532868][ T8507] sysfs_warn_dup+0x7f/0xa0 [ 224.532887][ T8507] sysfs_do_create_link_sd+0x124/0x140 [ 224.532905][ T8507] sysfs_create_link+0x61/0xc0 [ 224.532922][ T8507] device_add+0x62c/0x1aa0 [ 224.532946][ T8507] ? __pfx_device_add+0x10/0x10 [ 224.532966][ T8507] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 224.532990][ T8507] ? ieee80211_set_bitrate_flags+0x243/0x6b0 [ 224.533010][ T8507] wiphy_register+0x1eb0/0x2b20 [ 224.533029][ T8507] ? netdev_run_todo+0x864/0x1320 [ 224.533050][ T8507] ? __pfx_wiphy_register+0x10/0x10 [ 224.533078][ T8507] ieee80211_register_hw+0x253d/0x4120 [ 224.533104][ T8507] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 224.533123][ T8507] ? __pfx___debug_object_init+0x10/0x10 [ 224.533144][ T8507] ? find_held_lock+0x2b/0x80 [ 224.533159][ T8507] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 224.533181][ T8507] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 224.533200][ T8507] ? __hrtimer_setup+0x176/0x280 [ 224.533222][ T8507] mac80211_hwsim_new_radio+0x32d8/0x50b0 [ 224.533249][ T8507] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 224.533269][ T8507] hwsim_new_radio_nl+0xba2/0x1330 [ 224.533286][ T8507] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 224.533313][ T8507] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 224.533335][ T8507] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 224.533358][ T8507] genl_family_rcv_msg_doit+0x209/0x2f0 [ 224.533377][ T8507] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 224.533402][ T8507] ? bpf_lsm_capable+0x9/0x10 [ 224.533419][ T8507] ? security_capable+0x7e/0x260 [ 224.533439][ T8507] ? ns_capable+0xd7/0x110 [ 224.533455][ T8507] genl_rcv_msg+0x55c/0x800 [ 224.533483][ T8507] ? __pfx_genl_rcv_msg+0x10/0x10 [ 224.533501][ T8507] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 224.533524][ T8507] netlink_rcv_skb+0x158/0x420 [ 224.533538][ T8507] ? __pfx_genl_rcv_msg+0x10/0x10 [ 224.533556][ T8507] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 224.533580][ T8507] ? netlink_deliver_tap+0x1ae/0xd30 [ 224.533597][ T8507] genl_rcv+0x28/0x40 [ 224.533612][ T8507] netlink_unicast+0x5aa/0x870 [ 224.533629][ T8507] ? __pfx_netlink_unicast+0x10/0x10 [ 224.533643][ T8507] ? __pfx___might_resched+0x10/0x10 [ 224.533664][ T8507] netlink_sendmsg+0x8c8/0xdd0 [ 224.533682][ T8507] ? __pfx_netlink_sendmsg+0x10/0x10 [ 224.533699][ T8507] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 224.533722][ T8507] ____sys_sendmsg+0xa98/0xc70 [ 224.533740][ T8507] ? copy_msghdr_from_user+0x10a/0x160 [ 224.533753][ T8507] ? __pfx_____sys_sendmsg+0x10/0x10 [ 224.533775][ T8507] ? __pfx_futex_wake_mark+0x10/0x10 [ 224.533799][ T8507] ___sys_sendmsg+0x134/0x1d0 [ 224.533810][ T8507] ? futex_private_hash_put+0x176/0x300 [ 224.533828][ T8507] ? __pfx____sys_sendmsg+0x10/0x10 [ 224.533839][ T8507] ? __lock_acquire+0x622/0x1c90 [ 224.533882][ T8507] __sys_sendmsg+0x16d/0x220 [ 224.533895][ T8507] ? __pfx___sys_sendmsg+0x10/0x10 [ 224.533908][ T8507] ? __x64_sys_futex+0x1e0/0x4c0 [ 224.533938][ T8507] do_syscall_64+0xcd/0xfa0 [ 224.533955][ T8507] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 224.533969][ T8507] RIP: 0033:0x7f21ef38efc9 [ 224.533982][ T8507] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 224.533995][ T8507] RSP: 002b:00007f21f027d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 224.534009][ T8507] RAX: ffffffffffffffda RBX: 00007f21ef5e5fa0 RCX: 00007f21ef38efc9 [ 224.534018][ T8507] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000003 [ 224.534027][ T8507] RBP: 00007f21ef411f91 R08: 0000000000000000 R09: 0000000000000000 [ 224.534036][ T8507] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 224.534044][ T8507] R13: 00007f21ef5e6038 R14: 00007f21ef5e5fa0 R15: 00007ffd9c3f1548 [ 224.534065][ T8507] [ 225.952284][ T8531] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input73 [ 226.061091][ T8532] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input74 [ 226.127245][ T8531] random: crng reseeded on system resumption [ 227.168498][ T8561] netlink: 8 bytes leftover after parsing attributes in process `syz.1.660'. [ 230.275401][ T5844] block nbd13: Receive control failed (result -107) [ 230.729160][ T8603] netlink: 334 bytes leftover after parsing attributes in process `syz.0.669'. [ 231.855993][ T8617] erspan0: entered allmulticast mode [ 232.877659][ T8621] netlink: set zone limit has 8 unknown bytes [ 232.983790][ T8624] netlink: zone id is out of range [ 232.989293][ T8624] netlink: del zone limit has 4 unknown bytes [ 233.161704][ T8640] netlink: 'syz.0.679': attribute type 4 has an invalid length. [ 234.856097][ T8668] FAULT_INJECTION: forcing a failure. [ 234.856097][ T8668] name fail_futex, interval 1, probability 0, space 0, times 0 [ 234.946134][ T8668] CPU: 0 UID: 0 PID: 8668 Comm: syz.3.688 Not tainted syzkaller #0 PREEMPT(full) [ 234.946157][ T8668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 234.946167][ T8668] Call Trace: [ 234.946172][ T8668] [ 234.946178][ T8668] dump_stack_lvl+0x16c/0x1f0 [ 234.946200][ T8668] should_fail_ex+0x512/0x640 [ 234.946225][ T8668] get_futex_key+0x1d0/0x1560 [ 234.946247][ T8668] ? __pfx_get_futex_key+0x10/0x10 [ 234.946267][ T8668] ? import_iovec+0x86/0xb0 [ 234.946283][ T8668] futex_wake+0xea/0x530 [ 234.946302][ T8668] ? futex_wait+0x120/0x380 [ 234.946313][ T8668] ? __pfx_futex_wait+0x10/0x10 [ 234.946334][ T8668] ? __pfx_futex_wake+0x10/0x10 [ 234.946354][ T8668] ? __pfx_vfs_writev+0x10/0x10 [ 234.946369][ T8668] ? __might_fault+0xe3/0x190 [ 234.946381][ T8668] ? __might_fault+0x13b/0x190 [ 234.946398][ T8668] do_futex+0x1e3/0x350 [ 234.946416][ T8668] ? __pfx_do_futex+0x10/0x10 [ 234.946439][ T8668] __x64_sys_futex+0x1e0/0x4c0 [ 234.946459][ T8668] ? __pfx___x64_sys_futex+0x10/0x10 [ 234.946478][ T8668] ? __pfx_do_writev+0x10/0x10 [ 234.946496][ T8668] do_syscall_64+0xcd/0xfa0 [ 234.946513][ T8668] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 234.946527][ T8668] RIP: 0033:0x7f65abb8efc9 [ 234.946539][ T8668] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 234.946551][ T8668] RSP: 002b:00007f65acb0f0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 234.946565][ T8668] RAX: ffffffffffffffda RBX: 00007f65abde5fa8 RCX: 00007f65abb8efc9 [ 234.946573][ T8668] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f65abde5fac [ 234.946581][ T8668] RBP: 00007f65abde5fa0 R08: 00007f65acb10000 R09: 0000000000000000 [ 234.946590][ T8668] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 234.946598][ T8668] R13: 00007f65abde6038 R14: 00007ffe78e61fe0 R15: 00007ffe78e620c8 [ 234.946616][ T8668] [ 236.211000][ T8687] netlink: 342 bytes leftover after parsing attributes in process `syz.1.694'. [ 236.395173][ T8698] netlink: 28 bytes leftover after parsing attributes in process `syz.0.698'. [ 236.822052][ T8711] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input75 [ 237.033788][ T8717] netlink: 8 bytes leftover after parsing attributes in process `syz.0.701'. [ 237.148585][ T8720] size and base must be multiples of 4 kiB [ 237.196587][ T8720] CPU: 0 UID: 0 PID: 8720 Comm: syz.3.702 Not tainted syzkaller #0 PREEMPT(full) [ 237.196609][ T8720] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 237.196618][ T8720] Call Trace: [ 237.196623][ T8720] [ 237.196629][ T8720] dump_stack_lvl+0x16c/0x1f0 [ 237.196650][ T8720] mtrr_add+0xdf/0x110 [ 237.196670][ T8720] mtrr_ioctl+0x7ef/0xcf0 [ 237.196689][ T8720] ? __pfx_mtrr_ioctl+0x10/0x10 [ 237.196712][ T8720] ? find_held_lock+0x2b/0x80 [ 237.196740][ T8720] ? __fget_files+0x20e/0x3c0 [ 237.196755][ T8720] ? __pfx_mtrr_ioctl+0x10/0x10 [ 237.196774][ T8720] proc_reg_unlocked_ioctl+0x229/0x320 [ 237.196795][ T8720] ? __pfx_proc_reg_unlocked_ioctl+0x10/0x10 [ 237.196816][ T8720] __x64_sys_ioctl+0x18e/0x210 [ 237.196838][ T8720] do_syscall_64+0xcd/0xfa0 [ 237.196858][ T8720] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 237.196872][ T8720] RIP: 0033:0x7f65abb8efc9 [ 237.196885][ T8720] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 237.196898][ T8720] RSP: 002b:00007f65acb0f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 237.196912][ T8720] RAX: ffffffffffffffda RBX: 00007f65abde5fa0 RCX: 00007f65abb8efc9 [ 237.196921][ T8720] RDX: 0000000000000000 RSI: 0000000040104d01 RDI: 0000000000000000 [ 237.196929][ T8720] RBP: 00007f65abc11f91 R08: 0000000000000000 R09: 0000000000000000 [ 237.196937][ T8720] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 237.196945][ T8720] R13: 00007f65abde6038 R14: 00007f65abde5fa0 R15: 00007ffe78e620c8 [ 237.196964][ T8720] [ 237.731575][ T8714] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input76 [ 237.891936][ T8732] netlink: 334 bytes leftover after parsing attributes in process `syz.1.706'. [ 240.000181][ T8775] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input77 [ 240.118125][ T8777] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input78 [ 240.210764][ T8775] random: crng reseeded on system resumption [ 240.464864][ T8781] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input79 [ 240.545349][ T8786] erspan0: entered allmulticast mode [ 240.574678][ T8779] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input80 [ 241.470323][ T8798] netlink: zone id is out of range [ 241.543879][ T8798] netlink: del zone limit has 4 unknown bytes [ 241.583876][ T8791] netlink: set zone limit has 8 unknown bytes [ 242.847574][ T8827] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input81 [ 243.014454][ T8832] random: crng reseeded on system resumption [ 243.091235][ T8831] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input82 [ 243.739721][ T8845] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input83 [ 243.989310][ T8851] netlink: 8 bytes leftover after parsing attributes in process `syz.0.735'. [ 244.227384][ T8841] netlink: zone id is out of range [ 244.246894][ T8847] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input84 [ 244.273673][ T8841] netlink: del zone limit has 4 unknown bytes [ 244.789327][ T8858] FAULT_INJECTION: forcing a failure. [ 244.789327][ T8858] name fail_futex, interval 1, probability 0, space 0, times 0 [ 244.857692][ T8858] CPU: 0 UID: 0 PID: 8858 Comm: syz.2.737 Not tainted syzkaller #0 PREEMPT(full) [ 244.857716][ T8858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 244.857729][ T8858] Call Trace: [ 244.857733][ T8858] [ 244.857739][ T8858] dump_stack_lvl+0x16c/0x1f0 [ 244.857762][ T8858] should_fail_ex+0x512/0x640 [ 244.857785][ T8858] get_futex_key+0x1d0/0x1560 [ 244.857807][ T8858] ? __pfx_get_futex_key+0x10/0x10 [ 244.857826][ T8858] ? import_iovec+0x86/0xb0 [ 244.857843][ T8858] futex_wake+0xea/0x530 [ 244.857862][ T8858] ? futex_wait+0x120/0x380 [ 244.857882][ T8858] ? __pfx_futex_wait+0x10/0x10 [ 244.857903][ T8858] ? __pfx_futex_wake+0x10/0x10 [ 244.857923][ T8858] ? __pfx_vfs_writev+0x10/0x10 [ 244.857940][ T8858] ? __might_fault+0xe3/0x190 [ 244.857954][ T8858] ? __might_fault+0x13b/0x190 [ 244.857971][ T8858] do_futex+0x1e3/0x350 [ 244.857990][ T8858] ? __pfx_do_futex+0x10/0x10 [ 244.858013][ T8858] __x64_sys_futex+0x1e0/0x4c0 [ 244.858033][ T8858] ? __pfx___x64_sys_futex+0x10/0x10 [ 244.858052][ T8858] ? __pfx_do_writev+0x10/0x10 [ 244.858070][ T8858] do_syscall_64+0xcd/0xfa0 [ 244.858086][ T8858] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 244.858100][ T8858] RIP: 0033:0x7f14fc58efc9 [ 244.858111][ T8858] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 244.858124][ T8858] RSP: 002b:00007f14fa7f60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 244.858138][ T8858] RAX: ffffffffffffffda RBX: 00007f14fc7e5fa8 RCX: 00007f14fc58efc9 [ 244.858147][ T8858] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f14fc7e5fac [ 244.858156][ T8858] RBP: 00007f14fc7e5fa0 R08: 00007f14fd32f000 R09: 0000000000000000 [ 244.858164][ T8858] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 244.858173][ T8858] R13: 00007f14fc7e6038 R14: 00007ffea20cffb0 R15: 00007ffea20d0098 [ 244.858191][ T8858] [ 245.646700][ T5844] block nbd14: Receive control failed (result -107) [ 245.895688][ T8879] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input85 [ 246.034632][ T8885] random: crng reseeded on system resumption [ 246.149487][ T8882] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input86 [ 247.375165][ T5844] block nbd15: Receive control failed (result -107) [ 249.250014][ T8961] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input87 [ 249.558823][ T8967] random: crng reseeded on system resumption [ 249.782259][ T8940] Process accounting paused [ 250.219141][ T8964] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input88 [ 250.981546][ T8990] block nbd0: Cannot use ioctl interface on a netlink controlled device. [ 255.328986][ T9082] TCP: TCP_TX_DELAY enabled [ 256.704091][ T9113] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input89 [ 257.041578][ T9124] scsi_strcpy_devinfo: vendor string '/&c~n] | [ 257.041578][ T9124] M' is too long [ 257.058947][ T9119] netlink: 8 bytes leftover after parsing attributes in process `syz.3.782'. [ 257.090107][ T9124] scsi_strcpy_devinfo: model string 'Dd5 K2b [ 257.090107][ T9124] W ' is too long [ 257.430873][ T9116] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input91 [ 257.985143][ T9137] netlink: zone id is out of range [ 258.049272][ T9131] netlink: set zone limit has 8 unknown bytes [ 258.089840][ T9137] netlink: del zone limit has 4 unknown bytes [ 260.290687][ T9181] netlink: 20 bytes leftover after parsing attributes in process `syz.2.797'. [ 260.361812][ T9181] nbd: must specify a device to reconfigure [ 261.435963][ T9203] netlink: 'syz.3.803': attribute type 1 has an invalid length. [ 261.496976][ T9206] netlink: 338 bytes leftover after parsing attributes in process `syz.1.805'. [ 261.981137][ T5844] block nbd16: Receive control failed (result -107) [ 262.323402][ T9226] netlink: 'syz.1.811': attribute type 5 has an invalid length. [ 264.342673][ T9260] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input92 [ 264.512832][ T9267] random: crng reseeded on system resumption [ 264.715459][ T9266] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input93 [ 264.979673][ T9278] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input94 [ 265.193264][ T9288] random: crng reseeded on system resumption [ 265.423183][ T5844] block nbd17: Receive control failed (result -107) [ 265.886664][ T9282] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input95 [ 266.794958][ T9333] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input96 [ 267.037524][ T9342] netlink: 8 bytes leftover after parsing attributes in process `syz.3.832'. [ 267.376658][ T9338] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input97 [ 268.446633][ T9344] kexec: Could not allocate control_code_buffer [ 268.809943][ T9365] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input98 [ 268.979123][ T9373] random: crng reseeded on system resumption [ 269.028777][ T9370] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input99 [ 269.688400][ T9382] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input100 [ 269.871021][ T9386] netlink: 8 bytes leftover after parsing attributes in process `syz.2.842'. [ 270.139345][ T9383] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input101 [ 270.518099][ T9392] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 270.539430][ T9392] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 270.567602][ T9392] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 270.606061][ T9392] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 270.623789][ T9392] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 270.904493][ T9397] netlink: zone id is out of range [ 270.935416][ T9394] netlink: set zone limit has 8 unknown bytes [ 270.966636][ T9397] netlink: del zone limit has 4 unknown bytes [ 271.006323][ T9404] nbd: must specify a device to reconfigure [ 272.506834][ T5844] Bluetooth: hci0: command 0x0406 tx timeout [ 272.579837][ T5844] Bluetooth: hci3: command 0x0406 tx timeout [ 272.585861][ T5844] Bluetooth: hci2: command 0x0406 tx timeout [ 272.660121][ T5844] Bluetooth: hci1: command 0x0406 tx timeout [ 273.064838][ T9444] cgroup: fork rejected by pids controller in /syz1 [ 273.464858][ T5844] block nbd18: Receive control failed (result -107) [ 273.821854][ T9504] random: crng reseeded on system resumption [ 274.659932][ T5844] Bluetooth: hci3: command 0x0406 tx timeout [ 274.685974][ T9544] vhci_hcd: USB_PORT_FEAT_BH_PORT_RESET req not supported for USB 2.0 roothub [ 275.143199][ T5844] block nbd19: Receive control failed (result -107) [ 276.065751][ T9608] size and base must be multiples of 4 kiB [ 276.110830][ T9608] CPU: 0 UID: 0 PID: 9608 Comm: syz.0.863 Not tainted syzkaller #0 PREEMPT(full) [ 276.110852][ T9608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 276.110861][ T9608] Call Trace: [ 276.110866][ T9608] [ 276.110872][ T9608] dump_stack_lvl+0x16c/0x1f0 [ 276.110892][ T9608] mtrr_del+0xd1/0x110 [ 276.110913][ T9608] mtrr_ioctl+0x922/0xcf0 [ 276.110931][ T9608] ? __pfx_mtrr_ioctl+0x10/0x10 [ 276.110953][ T9608] ? find_held_lock+0x2b/0x80 [ 276.110976][ T9608] ? __fget_files+0x20e/0x3c0 [ 276.110990][ T9608] ? __pfx_mtrr_ioctl+0x10/0x10 [ 276.111009][ T9608] proc_reg_unlocked_ioctl+0x229/0x320 [ 276.111027][ T9608] ? __pfx_proc_reg_unlocked_ioctl+0x10/0x10 [ 276.111047][ T9608] __x64_sys_ioctl+0x18e/0x210 [ 276.111068][ T9608] do_syscall_64+0xcd/0xfa0 [ 276.111085][ T9608] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 276.111099][ T9608] RIP: 0033:0x7f21ef38efc9 [ 276.111110][ T9608] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 276.111124][ T9608] RSP: 002b:00007f21f023b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 276.111138][ T9608] RAX: ffffffffffffffda RBX: 00007f21ef5e6180 RCX: 00007f21ef38efc9 [ 276.111147][ T9608] RDX: 0000000000000007 RSI: 0000000040104d04 RDI: 0000000000000003 [ 276.111155][ T9608] RBP: 00007f21ef411f91 R08: 0000000000000000 R09: 0000000000000000 [ 276.111163][ T9608] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 276.111172][ T9608] R13: 00007f21ef5e6218 R14: 00007f21ef5e6180 R15: 00007ffd9c3f1548 [ 276.111190][ T9608] [ 276.622038][ T9618] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input102 [ 276.766111][ T9622] random: crng reseeded on system resumption [ 276.889172][ T9625] nbd: must specify a device to reconfigure [ 277.247794][ T9621] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input103 [ 278.814185][ T5844] block nbd20: Receive control failed (result -107) [ 279.394511][ T9655] size and base must be multiples of 4 kiB [ 279.456827][ T9655] CPU: 0 UID: 0 PID: 9655 Comm: syz.3.876 Not tainted syzkaller #0 PREEMPT(full) [ 279.456850][ T9655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 279.456859][ T9655] Call Trace: [ 279.456864][ T9655] [ 279.456870][ T9655] dump_stack_lvl+0x16c/0x1f0 [ 279.456895][ T9655] mtrr_del+0xd1/0x110 [ 279.456914][ T9655] mtrr_ioctl+0x922/0xcf0 [ 279.456935][ T9655] ? __pfx_mtrr_ioctl+0x10/0x10 [ 279.456957][ T9655] ? find_held_lock+0x2b/0x80 [ 279.456976][ T9655] ? __fget_files+0x20e/0x3c0 [ 279.456991][ T9655] ? __pfx_mtrr_ioctl+0x10/0x10 [ 279.457009][ T9655] proc_reg_unlocked_ioctl+0x229/0x320 [ 279.457027][ T9655] ? __pfx_proc_reg_unlocked_ioctl+0x10/0x10 [ 279.457047][ T9655] __x64_sys_ioctl+0x18e/0x210 [ 279.457068][ T9655] do_syscall_64+0xcd/0xfa0 [ 279.457084][ T9655] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 279.457098][ T9655] RIP: 0033:0x7f65abb8efc9 [ 279.457110][ T9655] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 279.457123][ T9655] RSP: 002b:00007f65acaee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 279.457137][ T9655] RAX: ffffffffffffffda RBX: 00007f65abde6090 RCX: 00007f65abb8efc9 [ 279.457147][ T9655] RDX: 0000000000000007 RSI: 0000000040104d04 RDI: 0000000000000003 [ 279.457155][ T9655] RBP: 00007f65abc11f91 R08: 0000000000000000 R09: 0000000000000000 [ 279.457163][ T9655] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 279.457171][ T9655] R13: 00007f65abde6128 R14: 00007f65abde6090 R15: 00007ffe78e620c8 [ 279.457190][ T9655] [ 280.168643][ T9679] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input104 [ 280.310736][ T9683] random: crng reseeded on system resumption [ 280.535487][ T9682] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input105 [ 280.699082][ T9684] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input106 [ 280.853746][ T9687] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input107 [ 280.938781][ T9693] netlink: zone id is out of range [ 281.018434][ T9693] netlink: del zone limit has 4 unknown bytes [ 281.131319][ T9678] netlink: set zone limit has 8 unknown bytes [ 281.467274][ T9672] Process accounting resumed [ 281.671910][ T9707] netlink: 8 bytes leftover after parsing attributes in process `syz.1.887'. [ 281.923657][ T9700] netlink: set zone limit has 8 unknown bytes [ 282.526510][ T9722] FAULT_INJECTION: forcing a failure. [ 282.526510][ T9722] name fail_futex, interval 1, probability 0, space 0, times 0 [ 282.591248][ T9722] CPU: 0 UID: 0 PID: 9722 Comm: syz.0.893 Not tainted syzkaller #0 PREEMPT(full) [ 282.591272][ T9722] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 282.591282][ T9722] Call Trace: [ 282.591286][ T9722] [ 282.591292][ T9722] dump_stack_lvl+0x16c/0x1f0 [ 282.591312][ T9722] should_fail_ex+0x512/0x640 [ 282.591337][ T9722] get_futex_key+0x1d0/0x1560 [ 282.591359][ T9722] ? __pfx_get_futex_key+0x10/0x10 [ 282.591379][ T9722] ? import_iovec+0x86/0xb0 [ 282.591395][ T9722] futex_wake+0xea/0x530 [ 282.591414][ T9722] ? futex_wait+0x120/0x380 [ 282.591426][ T9722] ? __pfx_futex_wait+0x10/0x10 [ 282.591446][ T9722] ? __pfx_futex_wake+0x10/0x10 [ 282.591466][ T9722] ? __pfx_vfs_writev+0x10/0x10 [ 282.591482][ T9722] ? __might_fault+0xe3/0x190 [ 282.591498][ T9722] ? __might_fault+0x13b/0x190 [ 282.591515][ T9722] do_futex+0x1e3/0x350 [ 282.591533][ T9722] ? __pfx_do_futex+0x10/0x10 [ 282.591556][ T9722] __x64_sys_futex+0x1e0/0x4c0 [ 282.591576][ T9722] ? __pfx___x64_sys_futex+0x10/0x10 [ 282.591595][ T9722] ? __pfx_do_writev+0x10/0x10 [ 282.591613][ T9722] do_syscall_64+0xcd/0xfa0 [ 282.591630][ T9722] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 282.591644][ T9722] RIP: 0033:0x7f21ef38efc9 [ 282.591655][ T9722] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 282.591669][ T9722] RSP: 002b:00007f21f027d0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 282.591683][ T9722] RAX: ffffffffffffffda RBX: 00007f21ef5e5fa8 RCX: 00007f21ef38efc9 [ 282.591692][ T9722] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f21ef5e5fac [ 282.591700][ T9722] RBP: 00007f21ef5e5fa0 R08: 00007f21f027e000 R09: 0000000000000000 [ 282.591709][ T9722] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 282.591717][ T9722] R13: 00007f21ef5e6038 R14: 00007ffd9c3f1460 R15: 00007ffd9c3f1548 [ 282.591735][ T9722] [ 283.040532][ T5844] block nbd21: Receive control failed (result -107) [ 283.139488][ T9742] netlink: 8 bytes leftover after parsing attributes in process `syz.1.898'. [ 285.218258][ T9769] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 285.422555][ T9769] CIFS mount error: No usable UNC path provided in device string! [ 285.422555][ T9769] [ 285.591505][ T9769] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 286.025351][ T9778] random: crng reseeded on system resumption [ 286.126300][ T9791] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input108 [ 286.311859][ T9794] random: crng reseeded on system resumption [ 286.494208][ T5150] block nbd22: Receive control failed (result -107) [ 286.509592][ T9789] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input109 [ 287.147132][ T9815] Invalid ELF header magic: != ELF [ 287.204655][ T9817] Invalid ELF header magic: != ELF [ 287.259972][ T9807] netlink: zone id is out of range [ 287.265500][ T9807] netlink: del zone limit has 4 unknown bytes [ 287.312249][ T9804] netlink: set zone limit has 8 unknown bytes [ 288.602823][ T5150] block nbd23: Receive control failed (result -107) [ 288.884002][ T5150] block nbd24: Receive control failed (result -107) [ 288.936240][ T9859] netlink: 252 bytes leftover after parsing attributes in process `syz.1.926'. [ 288.988440][ T9859] unsupported nla_type 65535 [ 290.570705][ T9890] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 290.599412][ T9895] netlink: 346 bytes leftover after parsing attributes in process `syz.2.937'. [ 290.610679][ T9890] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 290.639264][ T9890] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 290.658466][ T9890] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 290.685990][ T9890] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 291.242168][ T9907] FAULT_INJECTION: forcing a failure. [ 291.242168][ T9907] name fail_futex, interval 1, probability 0, space 0, times 0 [ 291.284616][ T9907] CPU: 0 UID: 0 PID: 9907 Comm: syz.3.942 Not tainted syzkaller #0 PREEMPT(full) [ 291.284649][ T9907] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 291.284658][ T9907] Call Trace: [ 291.284663][ T9907] [ 291.284669][ T9907] dump_stack_lvl+0x16c/0x1f0 [ 291.284691][ T9907] should_fail_ex+0x512/0x640 [ 291.284715][ T9907] get_futex_key+0x1d0/0x1560 [ 291.284737][ T9907] ? __pfx_get_futex_key+0x10/0x10 [ 291.284757][ T9907] ? import_iovec+0x86/0xb0 [ 291.284772][ T9907] futex_wake+0xea/0x530 [ 291.284791][ T9907] ? futex_wait+0x120/0x380 [ 291.284803][ T9907] ? __pfx_futex_wait+0x10/0x10 [ 291.284823][ T9907] ? __pfx_futex_wake+0x10/0x10 [ 291.284843][ T9907] ? __pfx_vfs_writev+0x10/0x10 [ 291.284858][ T9907] ? __might_fault+0xe3/0x190 [ 291.284871][ T9907] ? __might_fault+0x13b/0x190 [ 291.284888][ T9907] do_futex+0x1e3/0x350 [ 291.284906][ T9907] ? __pfx_do_futex+0x10/0x10 [ 291.284928][ T9907] __x64_sys_futex+0x1e0/0x4c0 [ 291.284949][ T9907] ? __pfx___x64_sys_futex+0x10/0x10 [ 291.284968][ T9907] ? __pfx_do_writev+0x10/0x10 [ 291.284986][ T9907] do_syscall_64+0xcd/0xfa0 [ 291.285002][ T9907] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 291.285016][ T9907] RIP: 0033:0x7f65abb8efc9 [ 291.285028][ T9907] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 291.285042][ T9907] RSP: 002b:00007f65acb0f0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 291.285055][ T9907] RAX: ffffffffffffffda RBX: 00007f65abde5fa8 RCX: 00007f65abb8efc9 [ 291.285065][ T9907] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f65abde5fac [ 291.285073][ T9907] RBP: 00007f65abde5fa0 R08: 00007f65acb10000 R09: 0000000000000000 [ 291.285082][ T9907] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 291.285090][ T9907] R13: 00007f65abde6038 R14: 00007ffe78e61fe0 R15: 00007ffe78e620c8 [ 291.285108][ T9907] [ 291.481439][ C0] vkms_vblank_simulate: vblank timer overrun [ 291.574353][ T9904] netlink: set zone limit has 8 unknown bytes [ 291.588523][ T9904] netlink: zone id is out of range [ 291.593809][ T9904] netlink: del zone limit has 4 unknown bytes [ 292.501739][ T5150] Bluetooth: hci0: command 0x0406 tx timeout [ 292.660351][ T5844] Bluetooth: hci2: command 0x0406 tx timeout [ 292.666602][ T5150] Bluetooth: hci3: command 0x0406 tx timeout [ 292.742869][ T5150] Bluetooth: hci1: command 0x0406 tx timeout [ 293.423353][ T9948] input: 00 [ 293.423353][ T9948] as /devices/virtual/input/input110 [ 293.470749][ T9948] FAULT_INJECTION: forcing a failure. [ 293.470749][ T9948] name failslab, interval 1, probability 0, space 0, times 0 [ 293.537965][ T9948] CPU: 0 UID: 0 PID: 9948 Comm: syz.0.953 Not tainted syzkaller #0 PREEMPT(full) [ 293.537987][ T9948] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 293.537995][ T9948] Call Trace: [ 293.538001][ T9948] [ 293.538006][ T9948] dump_stack_lvl+0x16c/0x1f0 [ 293.538028][ T9948] should_fail_ex+0x512/0x640 [ 293.538052][ T9948] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 293.538069][ T9948] should_failslab+0xc2/0x120 [ 293.538089][ T9948] kmem_cache_alloc_noprof+0x75/0x6e0 [ 293.538103][ T9948] ? __kernfs_new_node+0xd2/0x8e0 [ 293.538125][ T9948] ? __kernfs_new_node+0xd2/0x8e0 [ 293.538140][ T9948] __kernfs_new_node+0xd2/0x8e0 [ 293.538160][ T9948] ? __pfx___kernfs_new_node+0x10/0x10 [ 293.538182][ T9948] ? find_held_lock+0x2b/0x80 [ 293.538197][ T9948] ? kernfs_root+0xee/0x2a0 [ 293.538217][ T9948] kernfs_new_node+0x13c/0x1e0 [ 293.538247][ T9948] __kernfs_create_file+0x53/0x350 [ 293.538265][ T9948] sysfs_add_file_mode_ns+0x207/0x3c0 [ 293.538288][ T9948] sysfs_merge_group+0x1aa/0x340 [ 293.538307][ T9948] ? __pfx_sysfs_merge_group+0x10/0x10 [ 293.538328][ T9948] ? __pfx_dev_add_physical_location+0x10/0x10 [ 293.538350][ T9948] ? bus_to_subsys+0x131/0x160 [ 293.538367][ T9948] dpm_sysfs_add+0x237/0x280 [ 293.538388][ T9948] device_add+0x9a6/0x1aa0 [ 293.538410][ T9948] ? __pfx_device_add+0x10/0x10 [ 293.538430][ T9948] ? __pfx_exact_lock+0x10/0x10 [ 293.538448][ T9948] ? kobject_get+0xbb/0x150 [ 293.538466][ T9948] cdev_device_add+0xc2/0x1e0 [ 293.538483][ T9948] evdev_connect+0x3a4/0x4c0 [ 293.538501][ T9948] input_attach_handler.isra.0+0x176/0x250 [ 293.538518][ T9948] input_register_device+0xab9/0x1180 [ 293.538536][ T9948] uinput_ioctl_handler.isra.0+0x1357/0x1df0 [ 293.538557][ T9948] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 293.538576][ T9948] ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10 [ 293.538600][ T9948] ? find_held_lock+0x2b/0x80 [ 293.538623][ T9948] ? __pfx_uinput_ioctl+0x10/0x10 [ 293.538643][ T9948] __x64_sys_ioctl+0x18e/0x210 [ 293.538664][ T9948] do_syscall_64+0xcd/0xfa0 [ 293.538681][ T9948] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 293.538695][ T9948] RIP: 0033:0x7f21ef38efc9 [ 293.538707][ T9948] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 293.538720][ T9948] RSP: 002b:00007f21f027d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 293.538734][ T9948] RAX: ffffffffffffffda RBX: 00007f21ef5e5fa0 RCX: 00007f21ef38efc9 [ 293.538743][ T9948] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000008 [ 293.538751][ T9948] RBP: 00007f21ef411f91 R08: 0000000000000000 R09: 0000000000000000 [ 293.538759][ T9948] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 293.538768][ T9948] R13: 00007f21ef5e6038 R14: 00007f21ef5e5fa0 R15: 00007ffd9c3f1548 [ 293.538788][ T9948] [ 293.817139][ C0] vkms_vblank_simulate: vblank timer overrun [ 294.304987][ T9948] input: failed to attach handler evdev to device input110, error: -12 [ 294.739784][ T5150] Bluetooth: hci3: command 0x0406 tx timeout [ 294.949182][ T9974] tipc: Enabling of bearer <@):^\/\> rejected, media not registered [ 295.529566][ T9994] netlink: 8 bytes leftover after parsing attributes in process `syz.1.964'. [ 295.704108][ T9991] Unable to find swap-space signature [ 296.264699][ T9997] zswap: compressor not available [ 296.996756][T10027] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input112 [ 297.129791][T10030] random: crng reseeded on system resumption [ 297.273273][T10029] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input113 [ 297.903943][ T5150] block nbd25: Receive control failed (result -107) [ 298.654964][T10056] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 298.672625][T10056] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 298.704541][T10056] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 298.732446][T10056] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 298.753910][T10056] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 298.772478][T10061] tipc: Enabling of bearer <@):^\/\> rejected, media not registered [ 298.789985][T10058] FAULT_INJECTION: forcing a failure. [ 298.789985][T10058] name fail_futex, interval 1, probability 0, space 0, times 0 [ 298.833925][T10058] CPU: 0 UID: 0 PID: 10058 Comm: syz.0.987 Not tainted syzkaller #0 PREEMPT(full) [ 298.833949][T10058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 298.833958][T10058] Call Trace: [ 298.833963][T10058] [ 298.833969][T10058] dump_stack_lvl+0x16c/0x1f0 [ 298.833989][T10058] should_fail_ex+0x512/0x640 [ 298.834014][T10058] get_futex_key+0x1d0/0x1560 [ 298.834035][T10058] ? __pfx_get_futex_key+0x10/0x10 [ 298.834054][T10058] ? import_iovec+0x86/0xb0 [ 298.834070][T10058] futex_wake+0xea/0x530 [ 298.834089][T10058] ? futex_wait+0x120/0x380 [ 298.834101][T10058] ? __pfx_futex_wait+0x10/0x10 [ 298.834122][T10058] ? __pfx_futex_wake+0x10/0x10 [ 298.834142][T10058] ? __pfx_vfs_writev+0x10/0x10 [ 298.834157][T10058] ? __might_fault+0xe3/0x190 [ 298.834179][T10058] ? __might_fault+0x13b/0x190 [ 298.834197][T10058] do_futex+0x1e3/0x350 [ 298.834216][T10058] ? __pfx_do_futex+0x10/0x10 [ 298.834241][T10058] __x64_sys_futex+0x1e0/0x4c0 [ 298.834262][T10058] ? __pfx___x64_sys_futex+0x10/0x10 [ 298.834281][T10058] ? __pfx_do_writev+0x10/0x10 [ 298.834300][T10058] do_syscall_64+0xcd/0xfa0 [ 298.834316][T10058] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 298.834330][T10058] RIP: 0033:0x7f21ef38efc9 [ 298.834342][T10058] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 298.834355][T10058] RSP: 002b:00007f21f027d0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 298.834369][T10058] RAX: ffffffffffffffda RBX: 00007f21ef5e5fa8 RCX: 00007f21ef38efc9 [ 298.834378][T10058] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f21ef5e5fac [ 298.834386][T10058] RBP: 00007f21ef5e5fa0 R08: 00007f21f027e000 R09: 0000000000000000 [ 298.834395][T10058] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 298.834403][T10058] R13: 00007f21ef5e6038 R14: 00007ffd9c3f1460 R15: 00007ffd9c3f1548 [ 298.834422][T10058] [ 299.031068][ C0] vkms_vblank_simulate: vblank timer overrun [ 299.203654][T10064] netlink: set zone limit has 8 unknown bytes [ 300.224171][ T5150] block nbd26: Receive control failed (result -107) [ 300.740563][ T5150] Bluetooth: hci3: command 0x0406 tx timeout [ 300.746784][ T5844] Bluetooth: hci2: command 0x0406 tx timeout [ 300.755757][ T5843] Bluetooth: hci0: command 0x0406 tx timeout [ 300.820016][ T5150] Bluetooth: hci1: command 0x0406 tx timeout [ 301.140505][T10096] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 301.159602][T10096] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 301.178558][T10096] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 301.201440][T10096] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 301.224620][T10096] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 301.248924][T10100] FAULT_INJECTION: forcing a failure. [ 301.248924][T10100] name failslab, interval 1, probability 0, space 0, times 0 [ 301.386020][T10100] CPU: 0 UID: 0 PID: 10100 Comm: syz.0.991 Not tainted syzkaller #0 PREEMPT(full) [ 301.386043][T10100] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 301.386053][T10100] Call Trace: [ 301.386058][T10100] [ 301.386063][T10100] dump_stack_lvl+0x16c/0x1f0 [ 301.386085][T10100] should_fail_ex+0x512/0x640 [ 301.386109][T10100] ? fs_reclaim_acquire+0xae/0x150 [ 301.386130][T10100] should_failslab+0xc2/0x120 [ 301.386148][T10100] __kmalloc_noprof+0xdd/0x880 [ 301.386169][T10100] ? __pfx_prepend_path+0x10/0x10 [ 301.386187][T10100] ? ima_alloc_init_template+0xb5/0x720 [ 301.386212][T10100] ? ima_alloc_init_template+0xb5/0x720 [ 301.386232][T10100] ima_alloc_init_template+0xb5/0x720 [ 301.386254][T10100] ? __pfx_d_absolute_path+0x10/0x10 [ 301.386274][T10100] ima_store_measurement+0x1eb/0x5c0 [ 301.386297][T10100] ? __pfx_ima_store_measurement+0x10/0x10 [ 301.386319][T10100] ? vfs_getxattr_alloc+0xec/0x350 [ 301.386338][T10100] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 301.386360][T10100] process_measurement+0x1ddb/0x23e0 [ 301.386387][T10100] ? __pfx_process_measurement+0x10/0x10 [ 301.386415][T10100] ? kasan_quarantine_put+0x10a/0x240 [ 301.386452][T10100] ima_bprm_check+0xe7/0x210 [ 301.386471][T10100] ? __pfx_ima_bprm_check+0x10/0x10 [ 301.386495][T10100] security_bprm_check+0xa5/0x1e0 [ 301.386515][T10100] bprm_execve+0x81a/0x1640 [ 301.386532][T10100] ? __pfx_bprm_execve+0x10/0x10 [ 301.386545][T10100] ? copy_string_kernel+0x460/0x520 [ 301.386562][T10100] do_execveat_common.isra.0+0x4a5/0x610 [ 301.386580][T10100] __x64_sys_execve+0x8e/0xb0 [ 301.386595][T10100] do_syscall_64+0xcd/0xfa0 [ 301.386612][T10100] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 301.386634][T10100] RIP: 0033:0x7f21ef38efc9 [ 301.386647][T10100] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 301.386661][T10100] RSP: 002b:00007f21f025c038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 301.386676][T10100] RAX: ffffffffffffffda RBX: 00007f21ef5e6090 RCX: 00007f21ef38efc9 [ 301.386685][T10100] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000 [ 301.386695][T10100] RBP: 00007f21ef411f91 R08: 0000000000000000 R09: 0000000000000000 [ 301.386703][T10100] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 301.386712][T10100] R13: 00007f21ef5e6128 R14: 00007f21ef5e6090 R15: 00007ffd9c3f1548 [ 301.386731][T10100] [ 301.632735][ C0] vkms_vblank_simulate: vblank timer overrun [ 301.994526][T10104] netlink: set zone limit has 8 unknown bytes [ 302.569039][ T30] audit: type=1804 audit(4294967343.650:8): pid=10100 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.0.991" name="/newroot/234/:," dev="tmpfs" ino=1239 res=0 errno=0 [ 303.126628][T10098] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 303.142733][ T5150] Bluetooth: hci0: command 0x0406 tx timeout [ 303.220427][ T5150] Bluetooth: hci3: command 0x0406 tx timeout [ 303.226661][ T5844] Bluetooth: hci2: command 0x0406 tx timeout [ 303.301451][ T5150] Bluetooth: hci1: command 0x0406 tx timeout [ 303.425235][ T5150] block nbd27: Receive control failed (result -107) [ 303.734963][ T5150] block nbd28: Receive control failed (result -107) [ 303.989209][T10153] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input115 [ 304.084725][T10156] random: crng reseeded on system resumption [ 304.249216][T10155] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input116 [ 304.410981][T10154] netlink: zone id is out of range [ 304.450064][T10154] netlink: del zone limit has 4 unknown bytes [ 304.519053][T10151] netlink: set zone limit has 8 unknown bytes [ 304.565407][T10162] mmap: syz.0.1008 (10162): VmData 46071808 exceed data ulimit 3. Update limits or use boot option ignore_rlimit_data. [ 304.679947][T10164] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 304.697206][T10164] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 304.722481][T10164] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 304.753023][T10164] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 304.779492][T10164] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 304.956162][T10170] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input117 [ 305.075327][T10171] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input118 [ 305.266178][T10173] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1011'. [ 305.723246][T10179] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input119 [ 305.834855][T10183] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input120 [ 305.985737][T10188] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1014'. [ 306.344284][ T5150] block nbd29: Receive control failed (result -107) [ 306.659851][ T5150] Bluetooth: hci0: command 0x0406 tx timeout [ 306.740086][ T5150] Bluetooth: hci3: command 0x0406 tx timeout [ 306.748096][ T5844] Bluetooth: hci2: command 0x0406 tx timeout [ 306.820432][ T5150] Bluetooth: hci1: command 0x0406 tx timeout [ 308.050228][T10215] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 308.061238][T10215] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 308.092504][T10215] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 308.105883][T10215] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 308.124455][T10215] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 308.422504][ T5150] block nbd30: Receive control failed (result -107) [ 308.629163][T10229] FAULT_INJECTION: forcing a failure. [ 308.629163][T10229] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 308.748053][T10229] CPU: 0 UID: 0 PID: 10229 Comm: syz.0.1025 Not tainted syzkaller #0 PREEMPT(full) [ 308.748074][T10229] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 308.748094][T10229] Call Trace: [ 308.748099][T10229] [ 308.748105][T10229] dump_stack_lvl+0x16c/0x1f0 [ 308.748126][T10229] should_fail_ex+0x512/0x640 [ 308.748151][T10229] _copy_from_user+0x2e/0xd0 [ 308.748174][T10229] copy_msghdr_from_user+0x98/0x160 [ 308.748189][T10229] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 308.748211][T10229] ___sys_sendmsg+0xfe/0x1d0 [ 308.748225][T10229] ? __pfx____sys_sendmsg+0x10/0x10 [ 308.748236][T10229] ? __lock_acquire+0x622/0x1c90 [ 308.748277][T10229] __sys_sendmsg+0x16d/0x220 [ 308.748291][T10229] ? __pfx___sys_sendmsg+0x10/0x10 [ 308.748315][T10229] do_syscall_64+0xcd/0xfa0 [ 308.748333][T10229] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 308.748347][T10229] RIP: 0033:0x7f21ef38efc9 [ 308.748359][T10229] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 308.748372][T10229] RSP: 002b:00007f21f027d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 308.748386][T10229] RAX: ffffffffffffffda RBX: 00007f21ef5e5fa0 RCX: 00007f21ef38efc9 [ 308.748395][T10229] RDX: 0000000000008880 RSI: 0000200000001e00 RDI: 0000000000000003 [ 308.748404][T10229] RBP: 00007f21f027d090 R08: 0000000000000000 R09: 0000000000000000 [ 308.748412][T10229] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 308.748420][T10229] R13: 00007f21ef5e6038 R14: 00007f21ef5e5fa0 R15: 00007ffd9c3f1548 [ 308.748438][T10229] [ 309.310480][T10238] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input121 [ 309.555133][T10243] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1028'. [ 309.601725][T10240] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input122 [ 310.020706][ T5150] Bluetooth: hci0: command 0x0406 tx timeout [ 310.102000][ T5150] Bluetooth: hci3: command 0x0406 tx timeout [ 310.108264][ T5844] Bluetooth: hci2: command 0x0406 tx timeout [ 310.180132][ T5150] Bluetooth: hci1: command 0x0406 tx timeout [ 311.170741][T10268] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 311.180920][T10268] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 311.222858][T10268] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 311.242466][T10268] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 311.270718][T10268] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 311.511967][T10273] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input123 [ 311.679326][T10280] random: crng reseeded on system resumption [ 311.809784][T10278] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input124 [ 311.927971][T10276] netlink: zone id is out of range [ 311.959453][T10272] netlink: set zone limit has 8 unknown bytes [ 312.003341][T10276] netlink: del zone limit has 4 unknown bytes [ 312.152058][T10270] Process accounting paused [ 313.219921][ T5150] Bluetooth: hci2: command 0x0406 tx timeout [ 313.225962][ T5844] Bluetooth: hci0: command 0x0406 tx timeout [ 313.299934][ T5844] Bluetooth: hci1: command 0x0406 tx timeout [ 313.305998][ T5150] Bluetooth: hci3: command 0x0406 tx timeout [ 314.928997][T10338] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input125 [ 315.074532][T10340] random: crng reseeded on system resumption [ 315.279480][T10339] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input126 [ 315.294417][T10332] netlink: set zone limit has 8 unknown bytes [ 315.379968][ T5844] Bluetooth: hci3: command 0x0406 tx timeout [ 316.168840][T10358] zswap: compressor not available [ 316.482441][ T5844] block nbd31: Receive control failed (result -107) [ 316.994764][T10382] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input127 [ 317.092850][T10388] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input128 [ 317.167140][T10382] random: crng reseeded on system resumption [ 317.252761][T10390] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1063'. [ 317.535318][T10394] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input129 [ 317.655786][T10398] random: crng reseeded on system resumption [ 317.667187][T10396] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1065'. [ 317.701909][T10396] netlink: 25 bytes leftover after parsing attributes in process `syz.3.1065'. [ 317.855606][T10397] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input130 [ 318.262658][T10415] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input131 [ 318.556763][T10422] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1068'. [ 318.941420][T10419] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input132 [ 320.116057][T10439] : Can't lookup blockdev [ 320.384959][T10442] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input133 [ 320.596878][T10448] random: crng reseeded on system resumption [ 320.728846][T10392] kexec: Could not allocate control_code_buffer [ 320.742207][T10446] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input134 [ 322.338027][T10467] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1077'. [ 324.685920][T10510] Unable to find swap-space signature [ 325.087668][ T5844] block nbd32: Receive control failed (result -107) [ 326.893009][T10553] FAULT_INJECTION: forcing a failure. [ 326.893009][T10553] name fail_futex, interval 1, probability 0, space 0, times 0 [ 326.942121][T10553] CPU: 0 UID: 0 PID: 10553 Comm: syz.3.1097 Not tainted syzkaller #0 PREEMPT(full) [ 326.942144][T10553] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 326.942152][T10553] Call Trace: [ 326.942158][T10553] [ 326.942164][T10553] dump_stack_lvl+0x16c/0x1f0 [ 326.942185][T10553] should_fail_ex+0x512/0x640 [ 326.942209][T10553] get_futex_key+0x1d0/0x1560 [ 326.942232][T10553] ? __pfx_get_futex_key+0x10/0x10 [ 326.942247][T10553] ? rcu_is_watching+0x12/0xc0 [ 326.942261][T10553] ? kfree+0x252/0x6d0 [ 326.942275][T10553] ? import_iovec+0x86/0xb0 [ 326.942290][T10553] futex_wake+0xea/0x530 [ 326.942313][T10553] ? __pfx_futex_wake+0x10/0x10 [ 326.942333][T10553] ? __pfx_vfs_writev+0x10/0x10 [ 326.942354][T10553] do_futex+0x1e3/0x350 [ 326.942373][T10553] ? __pfx_do_futex+0x10/0x10 [ 326.942395][T10553] __x64_sys_futex+0x1e0/0x4c0 [ 326.942416][T10553] ? __pfx___x64_sys_futex+0x10/0x10 [ 326.942434][T10553] ? __pfx_do_writev+0x10/0x10 [ 326.942452][T10553] do_syscall_64+0xcd/0xfa0 [ 326.942469][T10553] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 326.942483][T10553] RIP: 0033:0x7f65abb8efc9 [ 326.942495][T10553] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 326.942508][T10553] RSP: 002b:00007f65acaee0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 326.942523][T10553] RAX: ffffffffffffffda RBX: 00007f65abde6098 RCX: 00007f65abb8efc9 [ 326.942532][T10553] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f65abde609c [ 326.942541][T10553] RBP: 00007f65abde6090 R08: 00007f65acb10000 R09: 0000000000000000 [ 326.942549][T10553] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 326.942557][T10553] R13: 00007f65abde6128 R14: 00007ffe78e61fe0 R15: 00007ffe78e620c8 [ 326.942575][T10553] [ 327.131797][ C0] vkms_vblank_simulate: vblank timer overrun [ 327.212125][T10509] kexec: Could not allocate control_code_buffer [ 327.346975][T10554] Unable to find swap-space signature [ 327.815176][T10569] random: crng reseeded on system resumption [ 327.898962][T10563] Unable to find swap-space signature [ 329.029503][T10582] netlink: set zone limit has 8 unknown bytes [ 329.392191][ T5844] block nbd33: Receive control failed (result -107) [ 329.404485][T10594] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input135 [ 329.515266][T10598] random: crng reseeded on system resumption [ 329.815071][T10596] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input136 [ 330.291398][T10603] FAULT_INJECTION: forcing a failure. [ 330.291398][T10603] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 330.376330][T10603] CPU: 0 UID: 0 PID: 10603 Comm: syz.3.1111 Not tainted syzkaller #0 PREEMPT(full) [ 330.376351][T10603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 330.376359][T10603] Call Trace: [ 330.376364][T10603] [ 330.376369][T10603] dump_stack_lvl+0x16c/0x1f0 [ 330.376389][T10603] should_fail_ex+0x512/0x640 [ 330.376413][T10603] _copy_from_user+0x2e/0xd0 [ 330.376436][T10603] __x64_sys_epoll_ctl+0x131/0x1e0 [ 330.376459][T10603] ? __pfx___x64_sys_epoll_ctl+0x10/0x10 [ 330.376479][T10603] do_syscall_64+0xcd/0xfa0 [ 330.376497][T10603] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 330.376511][T10603] RIP: 0033:0x7f65abb8efc9 [ 330.376523][T10603] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 330.376536][T10603] RSP: 002b:00007f65acb0f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9 [ 330.376550][T10603] RAX: ffffffffffffffda RBX: 00007f65abde5fa0 RCX: 00007f65abb8efc9 [ 330.376559][T10603] RDX: 8000000000000000 RSI: 0000000000000001 RDI: 0000000000000005 [ 330.376568][T10603] RBP: 00007f65acb0f090 R08: 0000000000000000 R09: 0000000000000000 [ 330.376576][T10603] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 330.376584][T10603] R13: 00007f65abde6038 R14: 00007f65abde5fa0 R15: 00007ffe78e620c8 [ 330.376603][T10603] [ 330.578334][T10606] : Can't lookup blockdev [ 330.876190][T10611] netlink: zone id is out of range [ 332.154417][T10632] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 332.175225][T10632] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 332.205865][T10632] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 332.242729][T10632] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 332.277160][T10632] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 332.441877][T10638] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input137 [ 332.673104][T10644] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input138 [ 332.752510][T10650] random: crng reseeded on system resumption [ 333.077453][T10642] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input139 [ 333.371555][T10649] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input140 [ 333.917850][T10666] random: crng reseeded on system resumption [ 334.180572][ T5844] Bluetooth: hci2: command 0x0406 tx timeout [ 334.193516][ T5150] Bluetooth: hci0: command 0x0406 tx timeout [ 334.260562][ T5844] Bluetooth: hci3: command 0x0406 tx timeout [ 334.342550][ T5844] Bluetooth: hci1: command 0x0406 tx timeout [ 334.694430][T10681] Unable to find swap-space signature [ 334.814792][T10683] Unable to find swap-space signature [ 335.882759][T10700] Unable to find swap-space signature [ 335.907153][T10701] Unable to find swap-space signature [ 336.052228][T10706] Unable to find swap-space signature [ 336.340019][ T5844] Bluetooth: hci3: command 0x0406 tx timeout [ 337.379435][T10737] can: request_module (can-proto-0) failed. [ 337.389135][T10747] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input141 [ 337.556850][T10749] random: crng reseeded on system resumption [ 337.952647][T10759] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1149'. [ 338.103355][T10759] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 338.156989][T10759] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 338.237098][T10759] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 338.263132][T10759] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 339.270804][T10779] input: f as /devices/virtual/input/input142 [ 342.995921][T10809] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 343.646549][T10842] input: f as /devices/virtual/input/input143 [ 343.713389][T10840] Unable to find swap-space signature [ 343.905015][ T5844] block nbd34: Receive control failed (result -107) [ 344.659940][T10858] nbd0: detected capacity change from 0 to 384 [ 344.692968][ T5831] [ 344.695308][ T5831] ====================================================== [ 344.702540][ T5831] WARNING: possible circular locking dependency detected [ 344.709538][ T5831] syzkaller #0 Not tainted [ 344.713929][ T5831] ------------------------------------------------------ [ 344.720921][ T5831] udevd/5831 is trying to acquire lock: [ 344.726475][ T5831] ffff8880303a2670 (&nsock->tx_lock){+.+.}-{4:4}, at: nbd_queue_rq+0x423/0x12d0 [ 344.735522][ T5831] [ 344.735522][ T5831] but task is already holding lock: [ 344.742870][ T5831] ffff8880263be178 (&cmd->lock){+.+.}-{4:4}, at: nbd_queue_rq+0xbd/0x12d0 [ 344.751384][ T5831] [ 344.751384][ T5831] which lock already depends on the new lock. [ 344.751384][ T5831] [ 344.761979][ T5831] [ 344.761979][ T5831] the existing dependency chain (in reverse order) is: [ 344.770997][ T5831] [ 344.770997][ T5831] -> #6 (&cmd->lock){+.+.}-{4:4}: [ 344.778203][ T5831] __mutex_lock+0x193/0x1060 [ 344.783309][ T5831] nbd_queue_rq+0xbd/0x12d0 [ 344.788354][ T5831] blk_mq_dispatch_rq_list+0x416/0x1e20 [ 344.794431][ T5831] __blk_mq_sched_dispatch_requests+0xcb7/0x15f0 [ 344.801285][ T5831] blk_mq_sched_dispatch_requests+0xd8/0x1b0 [ 344.807799][ T5831] blk_mq_run_hw_queue+0x239/0x670 [ 344.813430][ T5831] blk_mq_dispatch_list+0x514/0x1310 [ 344.819223][ T5831] blk_mq_flush_plug_list+0x130/0x600 [ 344.825137][ T5831] __blk_flush_plug+0x2c4/0x4b0 [ 344.830513][ T5831] __submit_bio+0x545/0x690 [ 344.835633][ T5831] submit_bio_noacct_nocheck+0x53d/0xc10 [ 344.841773][ T5831] submit_bio_noacct+0x5bd/0x1f60 [ 344.847311][ T5831] block_read_full_folio+0x4db/0x850 [ 344.853113][ T5831] filemap_read_folio+0xc8/0x2a0 [ 344.858567][ T5831] do_read_cache_folio+0x263/0x5c0 [ 344.864194][ T5831] read_part_sector+0xd4/0x370 [ 344.869490][ T5831] adfspart_check_ICS+0x93/0x940 [ 344.875059][ T5831] bdev_disk_changed+0x723/0x1520 [ 344.880605][ T5831] blkdev_get_whole+0x187/0x290 [ 344.886002][ T5831] bdev_open+0x2c7/0xe40 [ 344.890768][ T5831] blkdev_open+0x34e/0x4f0 [ 344.895711][ T5831] do_dentry_open+0x982/0x1530 [ 344.901507][ T5831] vfs_open+0x82/0x3f0 [ 344.906410][ T5831] path_openat+0x1de4/0x2cb0 [ 344.911723][ T5831] do_filp_open+0x20b/0x470 [ 344.916750][ T5831] do_sys_openat2+0x11b/0x1d0 [ 344.921962][ T5831] __x64_sys_openat+0x174/0x210 [ 344.927342][ T5831] do_syscall_64+0xcd/0xfa0 [ 344.932384][ T5831] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 344.938832][ T5831] [ 344.938832][ T5831] -> #5 (set->srcu){.+.+}-{0:0}: [ 344.945951][ T5831] __synchronize_srcu+0xa1/0x290 [ 344.951403][ T5831] blk_mq_quiesce_queue+0x149/0x1b0 [ 344.957132][ T5831] elevator_switch+0x17d/0x810 [ 344.962504][ T5831] elevator_change+0x391/0x5d0 [ 344.967775][ T5831] elevator_set_default+0x2e9/0x380 [ 344.973563][ T5831] blk_register_queue+0x384/0x4e0 [ 344.979103][ T5831] __add_disk+0x74a/0xf00 [ 344.983961][ T5831] add_disk_fwnode+0x13f/0x5d0 [ 344.989246][ T5831] nbd_dev_add+0x783/0xbb0 [ 344.994179][ T5831] nbd_init+0x1a2/0x3c0 [ 344.998860][ T5831] do_one_initcall+0x123/0x6e0 [ 345.004133][ T5831] kernel_init_freeable+0x5c8/0x920 [ 345.009844][ T5831] kernel_init+0x1c/0x2b0 [ 345.014768][ T5831] ret_from_fork+0x675/0x7d0 [ 345.019869][ T5831] ret_from_fork_asm+0x1a/0x30 [ 345.025148][ T5831] [ 345.025148][ T5831] -> #4 (&q->elevator_lock){+.+.}-{4:4}: [ 345.033041][ T5831] __mutex_lock+0x193/0x1060 [ 345.038177][ T5831] elevator_change+0x17d/0x5d0 [ 345.043554][ T5831] elv_iosched_store+0x315/0x3c0 [ 345.049108][ T5831] queue_attr_store+0x26b/0x310 [ 345.054575][ T5831] sysfs_kf_write+0xf2/0x150 [ 345.059869][ T5831] kernfs_fop_write_iter+0x3af/0x570 [ 345.065694][ T5831] vfs_write+0x7d3/0x11d0 [ 345.070565][ T5831] ksys_write+0x12a/0x250 [ 345.075589][ T5831] do_syscall_64+0xcd/0xfa0 [ 345.080605][ T5831] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 345.087015][ T5831] [ 345.087015][ T5831] -> #3 (&q->q_usage_counter(io)#62){++++}-{0:0}: [ 345.095682][ T5831] blk_alloc_queue+0x619/0x760 [ 345.100950][ T5831] blk_mq_alloc_queue+0x172/0x280 [ 345.106475][ T5831] __blk_mq_alloc_disk+0x29/0x120 [ 345.112020][ T5831] nbd_dev_add+0x492/0xbb0 [ 345.116950][ T5831] nbd_init+0x1a2/0x3c0 [ 345.121637][ T5831] do_one_initcall+0x123/0x6e0 [ 345.126920][ T5831] kernel_init_freeable+0x5c8/0x920 [ 345.132707][ T5831] kernel_init+0x1c/0x2b0 [ 345.137550][ T5831] ret_from_fork+0x675/0x7d0 [ 345.142706][ T5831] ret_from_fork_asm+0x1a/0x30 [ 345.148047][ T5831] [ 345.148047][ T5831] -> #2 (fs_reclaim){+.+.}-{0:0}: [ 345.155244][ T5831] fs_reclaim_acquire+0x102/0x150 [ 345.160880][ T5831] kmem_cache_alloc_node_noprof+0x5e/0x770 [ 345.167295][ T5831] __alloc_skb+0x2b2/0x380 [ 345.172262][ T5831] tcp_stream_alloc_skb+0x34/0x560 [ 345.177988][ T5831] tcp_sendmsg_locked+0x12d9/0x42e0 [ 345.183715][ T5831] tcp_sendmsg+0x2e/0x50 [ 345.188472][ T5831] inet_sendmsg+0xb9/0x140 [ 345.193396][ T5831] sock_write_iter+0x509/0x610 [ 345.198709][ T5831] vfs_write+0x7d3/0x11d0 [ 345.203691][ T5831] ksys_write+0x1f8/0x250 [ 345.208540][ T5831] do_syscall_64+0xcd/0xfa0 [ 345.213557][ T5831] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 345.220218][ T5831] [ 345.220218][ T5831] -> #1 (sk_lock-AF_INET){+.+.}-{0:0}: [ 345.227949][ T5831] lock_sock_nested+0x41/0xf0 [ 345.233226][ T5831] inet_shutdown+0x67/0x440 [ 345.238257][ T5831] nbd_mark_nsock_dead+0xae/0x5d0 [ 345.243804][ T5831] recv_work+0x671/0xa80 [ 345.248574][ T5831] process_one_work+0x9cf/0x1b70 [ 345.254039][ T5831] worker_thread+0x6c8/0xf10 [ 345.259146][ T5831] kthread+0x3c5/0x780 [ 345.263725][ T5831] ret_from_fork+0x675/0x7d0 [ 345.268827][ T5831] ret_from_fork_asm+0x1a/0x30 [ 345.274190][ T5831] [ 345.274190][ T5831] -> #0 (&nsock->tx_lock){+.+.}-{4:4}: [ 345.281828][ T5831] __lock_acquire+0x126f/0x1c90 [ 345.287218][ T5831] lock_acquire+0x179/0x350 [ 345.292746][ T5831] __mutex_lock+0x193/0x1060 [ 345.297842][ T5831] nbd_queue_rq+0x423/0x12d0 [ 345.302958][ T5831] blk_mq_dispatch_rq_list+0x416/0x1e20 [ 345.309016][ T5831] __blk_mq_sched_dispatch_requests+0xcb7/0x15f0 [ 345.315841][ T5831] blk_mq_sched_dispatch_requests+0xd8/0x1b0 [ 345.322319][ T5831] blk_mq_run_hw_queue+0x239/0x670 [ 345.328024][ T5831] blk_mq_dispatch_list+0x514/0x1310 [ 345.333808][ T5831] blk_mq_flush_plug_list+0x130/0x600 [ 345.339692][ T5831] __blk_flush_plug+0x2c4/0x4b0 [ 345.345058][ T5831] __submit_bio+0x545/0x690 [ 345.350066][ T5831] submit_bio_noacct_nocheck+0x53d/0xc10 [ 345.356281][ T5831] submit_bio_noacct+0x5bd/0x1f60 [ 345.361816][ T5831] block_read_full_folio+0x4db/0x850 [ 345.367628][ T5831] filemap_read_folio+0xc8/0x2a0 [ 345.373078][ T5831] do_read_cache_folio+0x263/0x5c0 [ 345.378707][ T5831] read_part_sector+0xd4/0x370 [ 345.384003][ T5831] adfspart_check_ICS+0x93/0x940 [ 345.389485][ T5831] bdev_disk_changed+0x723/0x1520 [ 345.395209][ T5831] blkdev_get_whole+0x187/0x290 [ 345.400571][ T5831] bdev_open+0x2c7/0xe40 [ 345.405319][ T5831] blkdev_open+0x34e/0x4f0 [ 345.410233][ T5831] do_dentry_open+0x982/0x1530 [ 345.415496][ T5831] vfs_open+0x82/0x3f0 [ 345.420069][ T5831] path_openat+0x1de4/0x2cb0 [ 345.425159][ T5831] do_filp_open+0x20b/0x470 [ 345.430336][ T5831] do_sys_openat2+0x11b/0x1d0 [ 345.435516][ T5831] __x64_sys_openat+0x174/0x210 [ 345.440940][ T5831] do_syscall_64+0xcd/0xfa0 [ 345.445958][ T5831] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 345.452384][ T5831] [ 345.452384][ T5831] other info that might help us debug this: [ 345.452384][ T5831] [ 345.462592][ T5831] Chain exists of: [ 345.462592][ T5831] &nsock->tx_lock --> set->srcu --> &cmd->lock [ 345.462592][ T5831] [ 345.474650][ T5831] Possible unsafe locking scenario: [ 345.474650][ T5831] [ 345.482075][ T5831] CPU0 CPU1 [ 345.487475][ T5831] ---- ---- [ 345.492813][ T5831] lock(&cmd->lock); [ 345.496796][ T5831] lock(set->srcu); [ 345.503236][ T5831] lock(&cmd->lock); [ 345.509717][ T5831] lock(&nsock->tx_lock); [ 345.514109][ T5831] [ 345.514109][ T5831] *** DEADLOCK *** [ 345.514109][ T5831] [ 345.522240][ T5831] 3 locks held by udevd/5831: [ 345.526899][ T5831] #0: ffff8880262db358 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0x41a/0xe40 [ 345.536455][ T5831] #1: ffff888142f6e010 (set->srcu){.+.+}-{0:0}, at: blk_mq_run_hw_queue+0x22b/0x670 [ 345.545925][ T5831] #2: ffff8880263be178 (&cmd->lock){+.+.}-{4:4}, at: nbd_queue_rq+0xbd/0x12d0 [ 345.554867][ T5831] [ 345.554867][ T5831] stack backtrace: [ 345.560735][ T5831] CPU: 0 UID: 0 PID: 5831 Comm: udevd Not tainted syzkaller #0 PREEMPT(full) [ 345.560753][ T5831] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 345.560762][ T5831] Call Trace: [ 345.560768][ T5831] [ 345.560774][ T5831] dump_stack_lvl+0x116/0x1f0 [ 345.560792][ T5831] print_circular_bug+0x275/0x350 [ 345.560811][ T5831] check_noncircular+0x14c/0x170 [ 345.560830][ T5831] __lock_acquire+0x126f/0x1c90 [ 345.560851][ T5831] lock_acquire+0x179/0x350 [ 345.560868][ T5831] ? nbd_queue_rq+0x423/0x12d0 [ 345.560888][ T5831] ? __pfx___might_resched+0x10/0x10 [ 345.560903][ T5831] ? nbd_queue_rq+0x423/0x12d0 [ 345.560921][ T5831] __mutex_lock+0x193/0x1060 [ 345.560937][ T5831] ? nbd_queue_rq+0x423/0x12d0 [ 345.560958][ T5831] ? __pfx___mutex_lock+0x10/0x10 [ 345.560973][ T5831] ? __lock_acquire+0x622/0x1c90 [ 345.560992][ T5831] ? __bfs+0x148/0x290 [ 345.561007][ T5831] ? nbd_queue_rq+0x423/0x12d0 [ 345.561025][ T5831] nbd_queue_rq+0x423/0x12d0 [ 345.561044][ T5831] ? unwind_next_frame+0x3f4/0x20a0 [ 345.561060][ T5831] ? __pfx_nbd_queue_rq+0x10/0x10 [ 345.561081][ T5831] ? lockdep_unlock+0x64/0xe0 [ 345.561093][ T5831] ? __lock_acquire+0x1053/0x1c90 [ 345.561111][ T5831] blk_mq_dispatch_rq_list+0x416/0x1e20 [ 345.561126][ T5831] ? sbitmap_find_bit+0x420/0x6f0 [ 345.561145][ T5831] ? sbitmap_get+0x1e5/0x360 [ 345.561160][ T5831] ? __pfx_blk_mq_dispatch_rq_list+0x10/0x10 [ 345.561175][ T5831] ? __blk_mq_alloc_driver_tag+0x4f7/0x7a0 [ 345.561191][ T5831] __blk_mq_sched_dispatch_requests+0xcb7/0x15f0 [ 345.561208][ T5831] ? __pfx___blk_mq_sched_dispatch_requests+0x10/0x10 [ 345.561226][ T5831] blk_mq_sched_dispatch_requests+0xd8/0x1b0 [ 345.561240][ T5831] blk_mq_run_hw_queue+0x239/0x670 [ 345.561261][ T5831] ? blk_mq_run_hw_queue+0x22b/0x670 [ 345.561282][ T5831] blk_mq_dispatch_list+0x514/0x1310 [ 345.561298][ T5831] ? __pfx_blk_mq_dispatch_list+0x10/0x10 [ 345.561312][ T5831] ? find_held_lock+0x2b/0x80 [ 345.561338][ T5831] ? blk_add_trace_plug+0xf5/0x290 [ 345.561356][ T5831] blk_mq_flush_plug_list+0x130/0x600 [ 345.561371][ T5831] ? trace_block_plug+0x17f/0x200 [ 345.561391][ T5831] ? blk_add_rq_to_plug+0x30a/0x540 [ 345.561405][ T5831] ? __pfx_blk_mq_flush_plug_list+0x10/0x10 [ 345.561420][ T5831] ? blk_mq_submit_bio+0x9e6/0x3380 [ 345.561436][ T5831] __blk_flush_plug+0x2c4/0x4b0 [ 345.561451][ T5831] ? __pfx___blk_flush_plug+0x10/0x10 [ 345.561464][ T5831] ? __lock_acquire+0x622/0x1c90 [ 345.561484][ T5831] __submit_bio+0x545/0x690 [ 345.561497][ T5831] ? __pfx___submit_bio+0x10/0x10 [ 345.561514][ T5831] ? submit_bio_noacct_nocheck+0x53d/0xc10 [ 345.561528][ T5831] submit_bio_noacct_nocheck+0x53d/0xc10 [ 345.561542][ T5831] ? __pfx_submit_bio_noacct_nocheck+0x10/0x10 [ 345.561557][ T5831] ? __pfx___might_resched+0x10/0x10 [ 345.561572][ T5831] submit_bio_noacct+0x5bd/0x1f60 [ 345.561588][ T5831] block_read_full_folio+0x4db/0x850 [ 345.561607][ T5831] ? __pfx_blkdev_get_block+0x10/0x10 [ 345.561623][ T5831] ? __pfx_blkdev_read_folio+0x10/0x10 [ 345.561636][ T5831] filemap_read_folio+0xc8/0x2a0 [ 345.561650][ T5831] ? __pfx_filemap_read_folio+0x10/0x10 [ 345.561662][ T5831] ? __filemap_get_folio+0x32b/0xc30 [ 345.561679][ T5831] do_read_cache_folio+0x263/0x5c0 [ 345.561693][ T5831] ? __pfx_blkdev_read_folio+0x10/0x10 [ 345.561708][ T5831] read_part_sector+0xd4/0x370 [ 345.561729][ T5831] adfspart_check_ICS+0x93/0x940 [ 345.561741][ T5831] ? snprintf+0xc7/0x100 [ 345.561754][ T5831] ? __pfx_snprintf+0x10/0x10 [ 345.561766][ T5831] ? __pfx_adfspart_check_ICS+0x10/0x10 [ 345.561780][ T5831] ? __pfx_adfspart_check_ICS+0x10/0x10 [ 345.561793][ T5831] bdev_disk_changed+0x723/0x1520 [ 345.561816][ T5831] ? __pfx_bdev_disk_changed+0x10/0x10 [ 345.561838][ T5831] blkdev_get_whole+0x187/0x290 [ 345.561860][ T5831] bdev_open+0x2c7/0xe40 [ 345.561874][ T5831] blkdev_open+0x34e/0x4f0 [ 345.561889][ T5831] do_dentry_open+0x982/0x1530 [ 345.561904][ T5831] ? __pfx_blkdev_open+0x10/0x10 [ 345.561920][ T5831] vfs_open+0x82/0x3f0 [ 345.561939][ T5831] path_openat+0x1de4/0x2cb0 [ 345.561956][ T5831] ? __pfx_path_openat+0x10/0x10 [ 345.561971][ T5831] ? __lock_acquire+0xb8a/0x1c90 [ 345.561988][ T5831] do_filp_open+0x20b/0x470 [ 345.562002][ T5831] ? __pfx_do_filp_open+0x10/0x10 [ 345.562022][ T5831] ? alloc_fd+0x471/0x7d0 [ 345.562036][ T5831] do_sys_openat2+0x11b/0x1d0 [ 345.562055][ T5831] ? __pfx_do_sys_openat2+0x10/0x10 [ 345.562074][ T5831] ? __sys_recvmsg+0x189/0x220 [ 345.562088][ T5831] ? __pfx___sys_recvmsg+0x10/0x10 [ 345.562103][ T5831] __x64_sys_openat+0x174/0x210 [ 345.562122][ T5831] ? __pfx___x64_sys_openat+0x10/0x10 [ 345.562145][ T5831] do_syscall_64+0xcd/0xfa0 [ 345.562160][ T5831] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 345.562175][ T5831] RIP: 0033:0x7fa4c7ca7407 [ 345.562188][ T5831] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff [ 345.562201][ T5831] RSP: 002b:00007ffda4263a00 EFLAGS: 00000202 ORIG_RAX: 0000000000000101 [ 345.562214][ T5831] RAX: ffffffffffffffda RBX: 00007fa4c839a880 RCX: 00007fa4c7ca7407 [ 345.562223][ T5831] RDX: 00000000000a0800 RSI: 0000564ff04aa600 RDI: ffffffffffffff9c [ 345.562232][ T5831] RBP: 0000564ff04a9910 R08: 0000000000000000 R09: 0000000000000000 [ 345.562241][ T5831] R10: 0000000000000000 R11: 0000000000000202 R12: 0000564ff04bdba0 [ 345.562249][ T5831] R13: 0000564ff04c1410 R14: 0000000000000000 R15: 0000564ff04bdba0 [ 345.562262][ T5831] [ 346.302523][T10765] Process accounting resumed [ 346.606557][ T5831] block nbd0: Dead connection, failed to find a fallback [ 346.615095][ T5831] block nbd0: shutting down sockets [ 346.620676][ T5831] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 346.629980][ T5831] Buffer I/O error on dev nbd0, logical block 0, async page read [ 346.637885][ T5831] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 346.647297][ T5831] Buffer I/O error on dev nbd0, logical block 0, async page read [ 346.698445][ T5831] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 346.718166][ T5831] Buffer I/O error on dev nbd0, logical block 0, async page read [ 346.733719][ T5831] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 346.753126][ T5831] Buffer I/O error on dev nbd0, logical block 0, async page read [ 346.769364][ T5831] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 346.792201][ T5831] Buffer I/O error on dev nbd0, logical block 0, async page read [ 346.810359][ T5831] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 346.829202][ T5831] Buffer I/O error on dev nbd0, logical block 0, async page read [ 346.844700][ T5831] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 346.863732][ T5831] Buffer I/O error on dev nbd0, logical block 0, async page read [ 346.879858][ T5831] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 346.902401][ T5831] Buffer I/O error on dev nbd0, logical block 0, async page read [ 346.920595][ T5831] ldm_validate_partition_table(): Disk read failed. [ 346.928010][ T5831] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 346.937435][ T5831] Buffer I/O error on dev nbd0, logical block 0, async page read [ 346.945555][ T5831] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 346.954883][ T5831] Buffer I/O error on dev nbd0, logical block 0, async page read [ 346.963125][ T5831] Dev nbd0: unable to read RDB block 0 [ 346.968984][ T5831] nbd0: unable to read partition table [ 346.977813][ T5831] ldm_validate_partition_table(): Disk read failed. [ 346.986996][ T5831] Dev nbd0: unable to read RDB block 0 [ 346.993174][ T5831] nbd0: unable to read partition table