last executing test programs: 4.60601198s ago: executing program 0 (id=1907): pidfd_open$auto(0x1, 0x0) r0 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010026bd"], 0x50}, 0x1, 0x0, 0x0, 0x4048000}, 0x0) openat$auto_trace_options_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/tracing/options/blk_classic\x00', 0x4000, 0x0) r1 = socket(0x18, 0x2, 0x6) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)="ed9a3ea4c22168d94ed4dc6ef4fb55fa95f7a3b92ef10c53fd82a40400af09", 0xfc2}, 0x4, &(0x7f0000000040), 0x7, 0x3}, 0x800}, 0x5, 0x400a) setresuid$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x8000000000008000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) mmap$auto(0x0, 0x4, 0xdf, 0x9b72, 0x2, 0x8000) mlockall$auto(0x7) 4.208134173s ago: executing program 0 (id=1910): statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x401bf, 0x734f, 0x36, 0x67f, 0x1ffde, 0x7, 0x3, 0x20000002, 0xd, 0x3, 0x1, 0x2091, 0xb4, 0x9, 0x6, 0x6, 0x80, 0x4, 0x1cd7, 0x1000, 0x2000, 0x203, 0x0, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4]}, 0x1fe, 0xd) r0 = socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x200, 0xffffffff, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000040), r1) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'batadv0\x00', 0x0}) sendmsg$auto_BATADV_CMD_GET_HARDIF(0xffffffffffffffff, &(0x7f0000000980)={0x0, 0xf000, &(0x7f0000000940)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="f38327b97000fedbdf250500000008000300", @ANYRES32=r3], 0x1c}}, 0x4008000) read$auto(0x3, 0x0, 0xf34) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f0000000140), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 4.109833536s ago: executing program 2 (id=1912): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/platform/i8042/serio1/rate\x00', 0x2, 0x0) write$auto(0x3, 0x0, 0xfdef) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioperm$auto(0x4, 0x3, 0x7f) unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) socket(0x2, 0x2, 0x88) chmod$auto(&(0x7f0000000040)='./file0\x00', 0x5) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x200007, 0x19) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/cuse\x00', 0x41000, 0x0) r1 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x0, 0x0) unshare$auto(0x8) poll$auto(&(0x7f0000000180)={r1, 0xfff7, 0x9816}, 0x7f, 0x9) ioctl$auto(r2, 0x4008af24, r1) openat$auto_bm_status_operations_binfmt_misc(0xffffffffffffff9c, &(0x7f0000000380), 0x149200, 0x0) futex$auto(&(0x7f0000000080)=0xfffffff8, 0x7, 0xe000, &(0x7f0000000200)={0xffffffff, 0x88b}, &(0x7f00000002c0)=0x5, 0xf7c) socket(0x25, 0x5, 0x6) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) r4 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0) pread64$auto(r4, &(0x7f0000000240)='\x03W\x96l\x15\x00'/21, 0x100000002, 0x100000001) 3.238291131s ago: executing program 0 (id=1916): r0 = inotify_init1$auto(0x3000000000000) inotify_add_watch$auto(r0, 0x0, 0x1000e6e) openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) socket(0x1e, 0x1, 0x0) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x521900, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80302, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe98, 0x0, 0x0, &(0x7f0000000040)={[0x54e, 0x10000000000005, 0x1, 0x8fd6, 0x948f, 0x5, 0x3392, 0x4, 0x3, 0x3, 0xffffffff, 0x9, 0x3, 0x4, 0x4, 0xfffffffffffffffe]}, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_tracing_stats_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/per_cpu/cpu1/stats\x00', 0x2000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r2 = open(0x0, 0x14d27e, 0x72) read$auto_usbfs_devices_fops_usb(r2, &(0x7f00000004c0)=""/25, 0x19) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) r5 = waitid$auto_P_PIDFD(0x3, r0, &(0x7f0000000340)={@siginfo_0_0={0x0, 0x81, 0x9, @_rt={0x0, 0x0, @sival_ptr=&(0x7f0000000640)="0de4c5c5ad0b640ec78439ac6411c4749553aa4b30690b7d3f60ff29aefb6c7efd524edaa13ddeb640bab7c382454cbc466445fc244d15491814637370085f124fc2dee5c7781db894d75954f4eafe9b33d1649f6c7555af6f39698035823f3666381e0f9f40ee"}}}, 0xd, &(0x7f0000000500)={{0x1000, 0x7ce}, {0x10001, 0x1}, 0x80000001, 0x9, 0x800, 0x0, 0x5, 0x9, 0x3ff, 0x200000000009, 0xbb, 0x8205, 0x3, 0xe, 0x0, 0xe}) msgctl$auto_MSG_INFO(0x5, 0xc, &(0x7f0000000280)={{0x9, 0xffffffffffffffff, 0xffffffffffffffff, 0x2, 0x287f, 0x2, 0x3}, 0x0, 0x0, 0x7fffffff, 0x9, 0x2, 0x20000000ffffffff, 0xfffffffffffffffe, 0x7fff, 0xfc2, 0x27f, @inferred=0xffffffffffffffff, @inferred=r5}) r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/fs/ecryptfs/version\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r7, &(0x7f0000000080)=""/150, 0x96) setresgid$auto(r6, 0xffffffffffffffff, r6) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYRES16=0x0, @ANYRES32=r4, @ANYBLOB="0a0005000180c200000e00000a0001000180c200000e00000a0001000000", @ANYRES32=r4, @ANYBLOB="060006ff05000000080003009b"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x20000000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) 3.179597476s ago: executing program 1 (id=1917): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) madvise$auto(0x4, 0x7, 0x2) sendmmsg$auto(r0, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xfffffffd}, 0x10001}, 0x5, 0x20000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x400008, 0x80000000df, 0x9b72, 0x2, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000500)='/sys/fs/ext4/sda1/extent_max_zeroout_kb\x00', 0x4929c1, 0x0) sendmsg$auto_NL80211_CMD_ABORT_SCAN(0xffffffffffffffff, 0x0, 0x20000004) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000840), r1) sendmsg$auto_OVS_CT_LIMIT_CMD_SET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000006400)={0x2e20, r2, 0x1, 0x51bd2e, 0x25dfcbfb, {}, [@OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x4}, @OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x2e07}]}, 0x2e20}, 0x1, 0x0, 0x0, 0x2000c040}, 0x4) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_OVS_CT_LIMIT_CMD_DEL(r3, &(0x7f0000003480)={0x0, 0x0, &(0x7f0000003440)={&(0x7f00000002c0)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010029bd7000fedbdf250200000002000180200001801c002f8014004200fe8000000000000000000000000000aa0400f7801ed2df077a6ebf5ab41cfd88d0fbe4e78337621a4c2e6b443c70b58be01f62833bd11baab62134d5215739c28c80524acf2b3744ae61309baf02fd20d5ba031562959fe71d3d00a32efd42b2bbb7a788cb88610c0846e25773fb67cd38654d4ea09208a004c129dc1437ce16bf26c894f1752cf548cb967f27ccdc25e1247505089fba402a67542ee710a3b75f80443ed2d9820596f1607b3dd804cc45db330be8ccb3065751bad474572e04d0e6be8950152a24e7c29e529f37eb326cc519a0a3f50267eb50dcf4d0cef3f79003281497ae5392001719a81a769dff6458c8d6232ce205a0438a7887834c978607f20b9000bf7b77b3e1707f3e146df301fa18c75180b9f98e474addfa4e50460bea8fc30b2d4bf66e70c884e5b2306a158c82e0ab88792c16596477fa75152040f21c10c3b65866bf6775ff8c18cdcdf611484b05e010dad5ef38cb0edfcaaa27777bab2bd0b718133a9392d70bcb0363dcfde83b020860e1017e17"], 0x38}, 0x1, 0x0, 0x0, 0x40c4}, 0xc000) 2.830497522s ago: executing program 2 (id=1920): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810008, 0xff9, 0x8000000008011, 0x3, 0x40) mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, 0x401, 0xfffffffffffffffb) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/default/forwarding\x00', 0x141241, 0x0) pwrite64$auto(0xffffffffffffffff, &(0x7f0000000380)='./cgroup\'memory.pb\xe0/\x98f\xa5<\xb9K\xd3q\xb4\xb8\xb0.r\x1c\b\x80\x99\xbf7\x1e\xbbPf`\xa1\xbb/\x01\x8fd6\x06i\xc7 \x831\xefT\x16\"\xe1j\x82\xf4e\x17\r(\x11\xef\xf2', 0x6bc, 0x8) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_REQ_SET_REG(r2, &(0x7f0000002140)={0x0, 0x0, &(0x7f0000002100)={&(0x7f0000000280)=ANY=[@ANYBLOB="14000000", @ANYRES16=r3, @ANYBLOB="01002abd70e62a5bd70c16b797c8d41ece100a1b3843743491ffcd74dc9ec8c5239e72bd6da84d5c8b021aa9ef96667b42015b4d53c21cb8015d5b1706f4a224ec1895c35e078bf0a7866e41f8dd4ff2fe8e4f31caff025e7934f798d47bf317e1753964d0a8477f28ecfbddd1c18b47a4e12a5bcd970024bb9b6c4990a7c0961dfb6293954f7de44622f7c79c7727864a0dafd734f24f9bc89ff58ba95dde8e2cd20b097f7d0bdf17b34b965523cbf4ca8a260ee8c74e5eb64edb78d4a56675ebea1f225a5e267f2c33"], 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x40) readahead$auto(r1, 0x4, 0x4) sysfs$auto(0x3, 0x401, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) init_module$auto(0x0, 0xffff9, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x8000000000000000, 0x15) madvise$auto(0x0, 0x2000000080000001, 0x3) close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x2, 0x8, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{&(0x7f0000000180)="96d16fa3b0bb2bfe345513b1cb2dba7004dbfab0ba23378f34afda5e04b50b7aaef7de6f1d4be20faeceaed11f1f524cc55e4c3c8049df27d93df766c1b8b37a915add996e8c1387d9cd93cd6f9303924d804ef01e06eff2e7bf6268d4f73e3c16f7637d783bc1b1ef0ad07abc1cb548c101108c0ec6efcb94f421e1db8bd166c0e96ded92c92759ffdb0ce17860b52bb0a388aaeb37a571fd8cfde5ff5e3176d757b26fe8a4e85f3a4f92dc871bc806687493fdc1128705161e614e85b9563c669cdcfb", 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x4, 0x311) semtimedop$auto(0x200, &(0x7f0000000140)={0x8, 0x7e, 0x6e}, 0x1f4, 0x0) mprotect$auto(0x0, 0xe6a, 0x6) preadv2$auto(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x80000000}, 0x6, 0x8001, 0x9, 0x2e) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0x40, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) rseq$auto(0x0, 0xfffffff4, 0x0, 0x5) ioctl$auto_VHOST_SET_BACKEND_FEATURES(0xffffffffffffffff, 0x4008af25, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x25, 0x5, 0x0) 2.229413168s ago: executing program 0 (id=1923): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0xa, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) uname$auto(0x0) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x9, 0x3e, 0xfffffffffffffffa, 0x87, 0x7, 0x6, 0x4, 0x9, 0x3, 0x6, 0x4, 0xb4, 0x9, 0x2, 0x10000, 0x80, 0x7, 0x0, 0x9, 0x2000, 0x200, 0x0, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x1, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x4, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3]}, 0x1fe, 0x200d) uname$auto(&(0x7f0000000380)={"f9c14e80446b53e3a4b62ac45b324d3a938cbde97e9507a67dec97ce3f2e4145b69df3bdd16a0bd44556b8cd43bc49ee74a4a6890f81ae77d83f2a17fa1025c58e", "5b1e9ae1e9f02b833caa314c35a0e2545bb9dcc207c1c18794e1cf338f78b5b62cf33bde2184848fecb89a75568f2515f610ae0a0d9a45e9b68af1a53064a88d2a", "537d6705b5ae5f2b285c63c64615612d9fab1100dd8716bfced59dee0fe620c9698aed24dbe684f82a1df4dcb4ba6c3136cbacb780096cdf3f53a65f6d17a5b838", "d7883af7f794bc22b30104a5b0b8685658af2e1c8844015d0dfe0bac1615f4359d072ec9eecdf522527e9f2eab1dafdc795954a0155099dbcb1a3f596e026a247f", "9a4054d53d9eb1012e6b244fc90a5544bcd6e70269e6e2e6205e609a711a8aec5ebf22e93bfe3d36ff3f31f4c20e8f35c1528e6034a08eeb747ff5f532bbf7316c", "b94e6324127367c5e94d4b23612f66251ed83705f63835d607d6d5b32c206d0f9334c3f90bbb3ea087a4f081e33e353a78b3e624b9e3c32cd6022b06b8a769086f"}) r0 = socket(0x2, 0x1, 0x106) setsockopt$auto(r0, 0x1, 0xd, &(0x7f0000000000)='\'-+\x00\x10\xa4#\x92`\xdb\xafL\x0f\xfbUV\xa6KH]Cv\xbf\xf2a\v', 0x9) listen$auto(0x3, 0x81) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) close_range$auto(0x2, 0x8, 0x0) 2.112548553s ago: executing program 1 (id=1924): sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7fffe000) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000081, 0x8, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) syz_genetlink_get_family_id$auto_ovs_flow(0x0, 0xffffffffffffffff) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) r3 = socket(0x2, 0x801, 0x106) getsockopt$auto(r3, 0x11c, 0x2, 0x0, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) fdatasync$auto(r0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x143262, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000001500), r5) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000001540)={'netdevsim0\x00'}) sendmsg$auto_NET_SHAPER_CMD_GROUP(r5, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="30000000504010f26fcb0f125df1d380b05b246819a63a10fe0a3a6a7d2ee15de0a11bf19043e72434438bc9bc12fc1748ad2a79b41350ed2a3a0dade165b5d070d1b320bbed0d01cd086658b0303badf1273bd6b6364fb8050030f4f5811dd5eb1ac9aea40805ee8669a09a9e8aee5004abc2331581e4b697cbe04606d01c522c49a3bd2865c4b4a130f1df613eed2539", @ANYRES16=r6, @ANYBLOB="010029bd7000ffdbdf25040000000c000180080002003827000010000a800c0001800800010002000000"], 0xfffffd4b}, 0x1, 0x0, 0x0, 0x44000}, 0x14) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000440)=ANY=[@ANYBLOB="14009eff", @ANYRES16=r2, @ANYBLOB="01002dbd7000fcdbdf257e0000000088a5cd5c95f378433574ede152d2d648077b925af91b9870c2840d680b779cf778bae59f330956285eeda8b5ebb445c178c810fb4b76eb172a16ee83c71a15873ce59b5248da9c06b8aaceb2e05fed6d1bc32338652010162b894df565abe850fbcfb8f030e77d32d9f2bb90c89762add386352e2379f957f4caf106cd272527caba4a62f73b22b60b0111717d721c"], 0x14}, 0x1, 0x68, 0x0, 0x4000000}, 0x0) r7 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) socketpair$auto(0x1, 0xffff812b, 0xfff, &(0x7f00000002c0)=0x800) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/platform/vivid.0/cec14/power/runtime_suspended_time\x00', 0x220080, 0x0) r8 = io_uring_setup$auto(0x5, 0x0) ioctl$auto_FS_IOC_ADD_ENCRYPTION_KEY2(r8, 0xc0506617, &(0x7f00000001c0)={{0x1, 0x0, @descriptor="ef468928639b7581"}, 0x9, 0x1, '\x00', "8733d93f746c67d97aaf5ad7d65eaf011a8da39983efb62af4074e85a1fc4eec9829da693a463ad339fd290e81e2357d6fe868a619b5ce6ab3a840fdb08e4c5f1c3cfae2f3808090b79c937c43c21c1ede4e0a805a099fa1a480ccdee2acb5a87b19abd4893ca1ae5fc774f371186ccbe17d"}) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000200)=""/55, 0x37) write$auto_console_fops_tty_io(r7, &(0x7f0000000340)="c80c1b5d399b588143e12632e16841dd73450e32ce65e99407334a998d5a7a5d14d75346a0f32c6924197ec30526fcb61c0b29024ebecfb9b357e5cd53c73d8692e5ae6aff889cf259f55be3697ee2428c633014880178d7f4fbeb2aacfb3a122387d3b9f3711d53b58246c61bfa7121f130194ec2808698195c2cdf9f6979df65efbb516b537ef1a005f87e6396a801ba8ddded61811d2d21c60d4c0d0074182bb38777fd", 0xa5) 2.068133728s ago: executing program 3 (id=1925): statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x401bf, 0x734f, 0x36, 0x67f, 0x1ffde, 0x7, 0x3, 0x20000002, 0xd, 0x3, 0x1, 0x2091, 0xb4, 0x9, 0x6, 0x6, 0x80, 0x4, 0x1cd7, 0x1000, 0x2000, 0x203, 0x0, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4]}, 0x1fe, 0xd) r0 = socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x200, 0xffffffff, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000040), r1) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'batadv0\x00', 0x0}) sendmsg$auto_BATADV_CMD_GET_HARDIF(0xffffffffffffffff, &(0x7f0000000980)={0x0, 0xf000, &(0x7f0000000940)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="f38327b97000fedbdf250500000008000300", @ANYRES32=r3], 0x1c}}, 0x4008000) read$auto(0x3, 0x0, 0xf34) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f0000000140), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 2.021004075s ago: executing program 1 (id=1926): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r0 = openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/snd/pcmC0D0p\x00', 0x80000, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_PVERSION(r0, 0x80044100, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x0, 0x0) ioctl$auto_SNDRV_RAWMIDI_IOCTL_PARAMS(r1, 0xc0305710, 0x0) r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r2, 0xc1105517, &(0x7f0000000580)={{@raw=0x7fffffff, 0xf0ee, 0x20009, 0x3, "790eaa833e6fc65b6b3cf705001900ffff8eac2cdafc1f64010043eeb0b0530300000000000e00", @raw=0x1}, 0x4, 0x966, 0x3, @raw=0x404, @integer={0x800000000000400e, 0x2000000b752, 0x1}, "6cc1294d63a4f1b4285854c5368de438f8cc142ef6df12bf3373a1183bedbd31b642b4051b078fa1c1c61c329794e5311121c760cb9611c78e6947a99807bcc1"}) 1.905355507s ago: executing program 1 (id=1927): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r0 = socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) ioctl$auto(r0, 0x5, r0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) msync$auto(0x0, 0x2000000005, 0x6) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) membarrier$auto(0x2, 0x0, 0x9) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0xc02, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, r0, 0x300000000000) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4) acct$auto(&(0x7f0000000140)='/dev/ptmx\x00') r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000280)='/proc/thread-self/net/packet\x00', 0x2880, 0x0) read$auto_proc_reg_file_ops_compat_inode(r1, &(0x7f0000001300)=""/4096, 0x1000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0xc8201, 0x0) 1.860866252s ago: executing program 2 (id=1928): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000040)='/dev/usbmon17\x00', 0x80, 0x0) ioctl$auto_MON_IOCT_RING_SIZE(r0, 0x9204, 0x0) r1 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/usb/usbmon/9t\x00', 0x0, 0x0) read$auto_mon_fops_text_t_mon_text(r1, 0x0, 0x0) write$auto_safesetid_uid_file_fops_securityfs(0xffffffffffffffff, 0x0, 0x0) r2 = prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) socket(0x10, 0x4, 0xffffffc0) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, 0x0, 0x200, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) prctl$auto(0xbe, 0x7, 0x0, 0x96e, 0x4000000000000000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/vm/compaction_proactiveness\x00', 0x2800, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) read$auto_trace_time_stamp_mode_fops_trace(r2, &(0x7f00000005c0)=""/4096, 0x1000) r4 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x20881, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x0, 0x7355, 0x14003e, 0x1, 0x1ffde, 0x7, 0x3, 0xfffffffffffffffe, 0x9, 0x3, 0x2, 0x4, 0xb4, 0x9, 0x9, 0x10005, 0x7e, 0x4, 0xffefffff, 0x7, 0x2000, 0x203, 0x0, 0x20e9d17e, 0x400300000000000, 0xdb, 0x0, 0x80000000, 0xf04, [0xfffffffffffffffe, 0x0, 0x2, 0xfffffffffffffffd, 0x2, 0xfffffffffffffffe, 0xffffffffffffffff, 0x20000000000004, 0x80000001, 0x3, 0x0, 0x0, 0x4, 0x0, 0x0, 0x81, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0xff5b, 0xc72, 0x0, 0x9, 0x0, 0x66, 0x2, 0x1, 0x0, 0x0, 0x6, 0x40009, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x3, 0x1, 0x8c]}, 0x2, 0xd) ioctl$auto_EVIOCGRAB(r4, 0x40044590, &(0x7f0000000000)=0x2) mmap$auto(0x800000000, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/009/001\x00', 0xa101, 0x0) prctl$auto(0x1000000003b, 0x1, 0x0, 0x589b000, 0xb) mmap$auto(0x404, 0x0, 0xdf, 0x9b72, r3, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0x10, 0x0, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) connect$auto(0xffffffffffffffff, &(0x7f0000000140)=@tipc=@nameseq={0x1e, 0x1, 0x1, {0x43, 0x4, 0x3}}, 0x10) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) madvise$auto(0x0, 0xffffffffffff0005, 0x19) r5 = socket(0xa, 0x2, 0x0) ioctl$auto(r5, 0xb7, r5) madvise$auto(0x0, 0x2003f2, 0x15) 1.778648466s ago: executing program 0 (id=1929): openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x28082, 0x0) mmap$auto(0xfffffffffffffffd, 0x8, 0x3, 0xeb2, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xffffffffffffffff, 0x2) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000240)='/dev/admmidi2\x00', 0x101000, 0x0) ioctl$auto_SNDRV_RAWMIDI_IOCTL_INFO(r0, 0x810c5701, &(0x7f0000003380)={0xfffffffb, 0xb, 0x1, 0x7ff, 0x1, "eb6183a2c44a716ca16333e5d5d5351305a348104d4c2603478adc3fe84e9d879df7cbd09efda00b5ac99df1e1bbb3b8b5c55fcd284101dfb7554a5fbd869d2e", "0aa103434fc7dee45be80fe485a0977a1026393bf2eec447c39915b2aa33b88417240f775d9caf5bc2ce8df08cfcde40c156df5242859e388d35b287edc71aa0318a1964d2bc3e90fbb1535ca82b3e2d", "d34a080600e6ff1a59435c07000000b2ef3309cfb7fb0100000000000500", 0x0, 0x81}) r1 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/misc\x00', 0x10b402, 0x0) pread64$auto(r0, &(0x7f00000003c0)='Nproc\x00\x00\x00\x00i/sg/\xff\xffvicesR\x9b\xcd\xdc\x86\"\x00', 0xffffffffffffade7, 0x100) r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC1\x00', 0x2000, 0x0) r3 = ioctl$auto_TUNGETVNETHDRSZ2(0xffffffffffffffff, 0x800454d7, &(0x7f0000000180)=0x9) sendmsg$auto_NL80211_CMD_SET_PMK(r3, &(0x7f00000001c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)=ANY=[@ANYRES64=r1, @ANYRESDEC=r1, @ANYRES32=r3], 0x50}, 0x1, 0x0, 0x0, 0x50}, 0x4040984) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(r2, 0xc4c85512, &(0x7f00000006c0)={{@raw=0x1, 0x2, 0x2, 0x1, "162629e6b2259bee9878f8e7b039aa20b33e487d34917b4a9acce903cb72dd4cd8dde6d41c914d63af7a9de9", @raw}, 0x0, @integer=@value=[0x400000000006, 0x12d800000000000, 0x179, 0xfffffffffffff8ad, 0x5, 0x7, 0x89, 0x8, 0x4, 0x7, 0x6, 0x7, 0x100000001, 0x3, 0x9, 0x8, 0x81, 0x9f, 0x8, 0x9, 0xb1, 0x0, 0x3, 0x8, 0x2, 0x10001, 0x1, 0x80000000, 0x8000, 0xffffffff8db4d983, 0x0, 0x80000000, 0xf, 0xfffffffffffffffe, 0x4, 0x1, 0x3, 0x0, 0x804, 0x7, 0x3, 0x4f3, 0xc, 0x4, 0xe02, 0x0, 0xe4, 0x5, 0x6, 0x81, 0x401, 0x4, 0xa, 0x0, 0x6, 0x800, 0x0, 0x7, 0x101, 0x82, 0xc9d, 0x3fe, 0x9, 0x5, 0x640c, 0x3, 0x1000, 0x6, 0x201, 0x0, 0xec31, 0x9, 0x1ff, 0x0, 0xfff0000000000000, 0x4, 0xbd2a, 0x903, 0x80007, 0x7fffffffffffffff, 0x5, 0x1, 0xfffffffffffffffe, 0x0, 0x7eda8566, 0x7, 0x8000000000000001, 0x7, 0x401, 0xfffffffffffffff7, 0x9, 0x14000000000000, 0x6, 0xfffffffffffffffe, 0x0, 0x9, 0x8000000000000001, 0x5, 0x1ff, 0x1, 0x40, 0x1, 0x7, 0x2, 0x3, 0x8, 0x1f, 0x8001, 0xc13, 0x6, 0xbf5, 0x2, 0xff, 0x7, 0xf, 0xe0, 0x3, 0x8, 0x3, 0x80000000, 0x6, 0x2, 0x1, 0xa, 0x5, 0x1, 0x100, 0xffff], "54a5f1d1dd2f17b169e8263c3a740d6611142f4b3c69d0f6e967c91125d235ac53e1b00d9fddc53d8f56969329274a57d5f4213fb46616a4faa700873d91426befc561500a5391d522c480bd37f8e7f0050cedfc627c6702978a8f018ad9a7b04711dc3a5c6a755e7a506645ea28e2baa4a6786ca43b3d5d976157eb07c3cdb8"}) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/module/ati_remote2/parameters/mode_mask\x00', 0x80401, 0x0) socket(0x15, 0x5, 0x0) r4 = epoll_create$auto(0x12b8) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r5 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r5, 0xc004743e, 0x0) ioctl$auto_PPPIOCSPASS(r5, 0x40107447, &(0x7f0000000040)={0x6, 0x0}) ioctl$auto_PPPIOCSPASS(r5, 0x40107447, &(0x7f00000000c0)={0x9, &(0x7f0000000000)={0x28, 0xf3, 0xb0, @raw=0xfffff004}}) epoll_ctl$auto(r4, 0x1, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x4020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r6 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x20000, 0x0) read$auto(r7, 0x0, 0x20) writev$auto(r6, &(0x7f0000000200)={0x0, 0x3}, 0x3) accept$auto(r7, 0x0, 0x0) connect$auto(0x3, 0x0, 0x54) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, 0x0, 0x24008010) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7114}, 0x8) 1.216249348s ago: executing program 0 (id=1930): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x3f) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000200)='/dev/sg1\x00', 0x200000, 0x0) write$auto_ocfs2_control_fops_stack_user(r0, &(0x7f0000003900)='\t', 0x1) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) unshare$auto(0x40000080) socket(0x2, 0x80002, 0x73) mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x2, 0x8000) mount_setattr$auto(0x5, 0x0, 0x8000, 0x0, 0x283) bind$auto(0x3, &(0x7f0000000080), 0x6b) open(&(0x7f0000000100)='.\x00', 0x40000, 0x0) open(&(0x7f0000000800)='./file0\x00', 0x62240, 0x154) r1 = getpid() capset$auto(&(0x7f0000000140)={0x64f3, r1}, &(0x7f0000000180)={0x5, 0x101, 0x6}) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/block/ram1/trace/start_lba\x00', 0xa001, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/platform/dummy_hcd.2/usb3/bConfigurationValue\x00', 0x103941, 0x0) write$auto(r4, &(0x7f0000000000)='-0\xc7\xf9\r/\xeb7\x84)\r\xd2\x9d\x95\x8c\xc1\xb2HoTCC\x00', 0x3) write$auto(r3, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x3) sendfile$auto(r2, r2, 0x0, 0x7) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/workqueue/writeback/max_active\x00', 0x1a2b02, 0x0) sendfile$auto(r5, r5, 0x0, 0x3) 1.211038564s ago: executing program 2 (id=1931): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) socket(0x15, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) socket(0x11, 0x2, 0x73) pipe2$auto(0x0, 0x0) openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000240), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2000a, 0x4000000000df, 0x2eb1, 0x401, 0x8000) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0) read$auto(r2, 0x0, 0x20) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) io_uring_setup$auto(0x7e1b, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = socket(0xa, 0x3, 0x3a) mmap$auto(0x0, 0x2020009, 0x3, 0x80eb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) bind$auto(r3, &(0x7f0000000040)=@generic={0xa, "2c551d000000ff8000"}, 0x66) r4 = socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0xea241, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_INFO(r4, 0x81204101, &(0x7f0000000280)={0x3, 0x35, 0x10, 0x7, "1570331d89092686430ed5294ac82caf0a9872da0902174490d07df8af8a84cc1328b0b33d061971fbdb512c673cf22a734b61e847215ab83e5959b8bd13459a", "b4982f9f3aea13201f178960549c1a4db50b6bce7c16ba5be8d32a47f470bb407595fb075fb2a71afea807031283ea717f9e2e27b5b6c024c3298fdc5d436e3cb38f433b8f043d2309342dbbd1f99a89", "a3de8decd1e019972a3e61802182542720937587b8e1a09b8508309dbaeece11", 0x40, 0x1, 0xb, 0x41, '\x00', "3b9565ebd0db2c4a27717c5f99532f894a79a81a7293c4aba4ea42abac66c267c1f0686d5d73efc9d8a2815d8211a0518be9e8f2342e2885c88664c91db358b6"}) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyde\x00', 0xa0102, 0x0) timerfd_settime$auto(r0, 0x444934c1, &(0x7f0000000000)={{0xc, 0x1}, {0x3, 0xffffffffffffff7f}}, &(0x7f0000000080)={{0x5, 0xbd7}, {0xbffd, 0x4}}) 1.1084733s ago: executing program 3 (id=1932): r0 = inotify_init1$auto(0x3000000000000) inotify_add_watch$auto(r0, 0x0, 0x1000e6e) openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) socket(0x1e, 0x1, 0x0) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x521900, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80302, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe98, 0x0, 0x0, &(0x7f0000000040)={[0x54e, 0x10000000000005, 0x1, 0x8fd6, 0x948f, 0x5, 0x3392, 0x4, 0x3, 0x3, 0xffffffff, 0x9, 0x3, 0x4, 0x4, 0xfffffffffffffffe]}, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_tracing_stats_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/per_cpu/cpu1/stats\x00', 0x2000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r2 = open(0x0, 0x14d27e, 0x72) read$auto_usbfs_devices_fops_usb(r2, &(0x7f00000004c0)=""/25, 0x19) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) r5 = waitid$auto_P_PIDFD(0x3, r0, &(0x7f0000000340)={@siginfo_0_0={0x0, 0x81, 0x9, @_rt={0x0, 0x0, @sival_ptr=&(0x7f0000000640)="0de4c5c5ad0b640ec78439ac6411c4749553aa4b30690b7d3f60ff29aefb6c7efd524edaa13ddeb640bab7c382454cbc466445fc244d15491814637370085f124fc2dee5c7781db894d75954f4eafe9b33d1649f6c7555af6f39698035823f3666381e0f9f40ee"}}}, 0xd, &(0x7f0000000500)={{0x1000, 0x7ce}, {0x10001, 0x1}, 0x80000001, 0x9, 0x800, 0x0, 0x5, 0x9, 0x3ff, 0x200000000009, 0xbb, 0x8205, 0x3, 0xe, 0x0, 0xe}) msgctl$auto_MSG_INFO(0x5, 0xc, &(0x7f0000000280)={{0x9, 0xffffffffffffffff, 0xffffffffffffffff, 0x2, 0x287f, 0x2, 0x3}, 0x0, 0x0, 0x7fffffff, 0x9, 0x2, 0x20000000ffffffff, 0xfffffffffffffffe, 0x7fff, 0xfc2, 0x27f, @inferred=0xffffffffffffffff, @inferred=r5}) r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/fs/ecryptfs/version\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r7, &(0x7f0000000080)=""/150, 0x96) setresgid$auto(r6, 0xffffffffffffffff, r6) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYRES16=0x0, @ANYRES32=r4, @ANYBLOB="0a0005000180c200000e00000a0001000180c200000e00000a0001000000", @ANYRES32=r4, @ANYBLOB="060006ff05000000080003009b"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x20000000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) 929.179955ms ago: executing program 3 (id=1933): close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x2, 0x1, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_CONNECT(r0, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f00000001c0)={0x30, r1, 0x1, 0x703d25, 0x25dfdbfd, {}, [@NBD_ATTR_SOCKETS={0x10, 0x7, 0x0, 0x1, [@nested={0xc, 0x1, 0x0, 0x1, [@nested={0x8, 0x1, 0x0, 0x1, [@generic='\x00\x00\x00\x00']}]}]}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x6}]}, 0x30}, 0x1, 0x0, 0x97, 0x4}, 0x8880) prctl$auto(0x23, 0x6, 0x0, 0x0, 0x0) 827.414434ms ago: executing program 2 (id=1934): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) madvise$auto(0x4, 0x7, 0x2) sendmmsg$auto(r0, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xfffffffd}, 0x10001}, 0x5, 0x20000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x400008, 0x80000000df, 0x9b72, 0x2, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000500)='/sys/fs/ext4/sda1/extent_max_zeroout_kb\x00', 0x4929c1, 0x0) sendmsg$auto_NL80211_CMD_ABORT_SCAN(0xffffffffffffffff, 0x0, 0x20000004) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000840), r1) sendmsg$auto_OVS_CT_LIMIT_CMD_SET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000006400)={0x2e20, r2, 0x1, 0x51bd2e, 0x25dfcbfb, {}, [@OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x4}, @OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x2e07}]}, 0x2e20}, 0x1, 0x0, 0x0, 0x2000c040}, 0x4) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_OVS_CT_LIMIT_CMD_DEL(r3, &(0x7f0000003480)={0x0, 0x0, &(0x7f0000003440)={&(0x7f00000002c0)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010029bd7000fedbdf25021f000004000180200001801c002f8014004200fe8000000000000000000000000000aa0400f7801ed2df077a6ebf5ab41cfd88d0fbe4e78337621a4c2e6b443c70b58be01f62833bd11baab62134d5215739c28c80524acf2b3744ae61309baf02fd20d5ba031562959fe71d3d00a32efd42b2bbb7a788cb88610c0846e25773fb67cd38654d4ea09208a004c129dc1437ce16bf26c894f1752cf548cb967f27ccdc25e1247505089fba402a67542ee710a3b75f80443ed2d9820596f1607b3dd804cc45db330be8ccb3065751bad474572e04d0e6be8950152a24e7c29e529f37eb326cc519a0a3f50267eb50dcf4d0cef3f79003281497ae5392001719a81a769dff6458c8d6232ce205a0438a7887834c978607f20b9000bf7b77b3e1707f3e146df301fa18c75180b9f98e474addfa4e50460bea8fc30b2d4bf66e70c884e5b2306a158c82e0ab88792c16596477fa75152040f21c10c3b65866bf6775ff8c18cdcdf611484b05e010dad5ef38cb0edfcaaa27777bab2bd0b718133a9392d70bcb0363dcfde83b020860e1017e17"], 0x38}, 0x1, 0x0, 0x0, 0x40c4}, 0xc000) 621.075857ms ago: executing program 3 (id=1935): mknod$auto(&(0x7f0000000180)=':,\x00', 0xcb, 0xfffffffa) (async) execve$auto(&(0x7f00000001c0)=':,\x00', 0x0, 0x0) mknod$auto(&(0x7f0000000040)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00'/263, 0x1, 0x4) (async) link$auto(&(0x7f0000000000)=':,/file0\x00', &(0x7f0000000200)=':,/file0\x00') openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) unshare$auto(0x40000082) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) r0 = socket(0x2, 0x1, 0x0) (async) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000) (async) preadv$auto(0x40000000000003, 0x0, 0x6, 0x5ff4, 0x1) (async) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_wireguard(&(0x7f0000000080), r1) (async) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'wg0\x00', 0x0}) sendmsg$auto_WG_CMD_SET_DEVICE(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r2, 0x1, 0x60bd29, 0x25dfdbfb, {}, [@WGDEVICE_A_FWMARK={0x8, 0x7, 0x5}, @WGDEVICE_A_IFINDEX={0x8, 0x1, r3}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000811}, 0x810) (async) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty36\x00', 0x400201, 0x0) (async) write$auto(0x3, 0x0, 0x7fffffff) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/node/node0/cpulist\x00', 0x28000, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) (async) r4 = socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$auto_MACSEC_CMD_ADD_RXSC(r4, 0x0, 0x4000040) (async) r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) (async) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r5, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) (async) r6 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto_VHOST_SET_OWNER(r6, 0xaf01, 0x5) (async) ioctl$auto(r6, 0x4008af13, r6) (async) sendmsg$auto_NL80211_CMD_PROBE_MESH_LINK(r0, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000240)={&(0x7f00000000c0)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES32=r6, @ANYBLOB], 0x38}, 0x1, 0x0, 0x0, 0x24000000}, 0x400c080) 606.534795ms ago: executing program 1 (id=1936): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_CONNECT(r0, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000000040)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010025bd7000fddbdf2503000000040007800c0002000500000000000000080001"], 0x2c}, 0x1, 0x0, 0x3000000, 0x20004080}, 0x8880) 467.832256ms ago: executing program 3 (id=1937): sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7fffe000) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000081, 0x8, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) syz_genetlink_get_family_id$auto_ovs_flow(0x0, 0xffffffffffffffff) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) r3 = socket(0x2, 0x801, 0x106) getsockopt$auto(r3, 0x11c, 0x2, 0x0, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) fdatasync$auto(r0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x143262, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000001500), r5) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000001540)={'netdevsim0\x00'}) sendmsg$auto_NET_SHAPER_CMD_GROUP(r5, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="30000000504010f26fcb0f125df1d380b05b246819a63a10fe0a3a6a7d2ee15de0a11bf19043e72434438bc9bc12fc1748ad2a79b41350ed2a3a0dade165b5d070d1b320bbed0d01cd086658b0303badf1273bd6b6364fb8050030f4f5811dd5eb1ac9aea40805ee8669a09a9e8aee5004abc2331581e4b697cbe04606d01c522c49a3bd2865c4b4a130f1df613eed2539", @ANYRES16=r6, @ANYBLOB="010029bd7000ffdbdf25040000000c000180080002003827000010000a800c0001800800010002000000"], 0xfffffd4b}, 0x1, 0x0, 0x0, 0x44000}, 0x14) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000440)=ANY=[@ANYBLOB="1400f0ff", @ANYRES16=r2, @ANYBLOB="01002dbd7000fcdbdf257e0000000088a5cd5c95f378433574ede152d2d648077b925af91b9870c2840d680b779cf778bae59f330956285eeda8b5ebb445c178c810fb4b76eb172a16ee83c71a15873ce59b5248da9c06b8aaceb2e05fed6d1bc32338652010162b894df565abe850fbcfb8f030e77d32d9f2bb90c89762add386352e2379f957f4caf106cd272527caba4a62f73b22b60b0111717d721c"], 0x14}, 0x1, 0x68, 0x0, 0x4000000}, 0x0) r7 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) socketpair$auto(0x1, 0xffff812b, 0xfff, &(0x7f00000002c0)=0x800) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/platform/vivid.0/cec14/power/runtime_suspended_time\x00', 0x220080, 0x0) r8 = io_uring_setup$auto(0x5, 0x0) ioctl$auto_FS_IOC_ADD_ENCRYPTION_KEY2(r8, 0xc0506617, &(0x7f00000001c0)={{0x1, 0x0, @descriptor="ef468928639b7581"}, 0x9, 0x1, '\x00', "8733d93f746c67d97aaf5ad7d65eaf011a8da39983efb62af4074e85a1fc4eec9829da693a463ad339fd290e81e2357d6fe868a619b5ce6ab3a840fdb08e4c5f1c3cfae2f3808090b79c937c43c21c1ede4e0a805a099fa1a480ccdee2acb5a87b19abd4893ca1ae5fc774f371186ccbe17d"}) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000200)=""/55, 0x37) write$auto_console_fops_tty_io(r7, &(0x7f0000000340)="c80c1b5d399b588143e12632e16841dd73450e32ce65e99407334a998d5a7a5d14d75346a0f32c6924197ec30526fcb61c0b29024ebecfb9b357e5cd53c73d8692e5ae6aff889cf259f55be3697ee2428c633014880178d7f4fbeb2aacfb3a122387d3b9f3711d53b58246c61bfa7121f130194ec2808698195c2cdf9f6979df65efbb516b537ef1a005f87e6396a801ba8ddded61811d2d21c60d4c0d0074182bb38777fd", 0xa5) 466.925886ms ago: executing program 1 (id=1938): r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x4000, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) getsockopt$auto_SO_SELECT_ERR_QUEUE(r0, 0x3, 0x2d, &(0x7f0000000040)='/dev/userio\x00', &(0x7f0000000380)=0x7) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa}, 0x58) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) ioctl$auto(0x3, 0x40081271, 0x38) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x1, 0x2020009, 0x3, 0xebe, 0xfffffffffffffffa, 0x8000) socket(0xb, 0xa, 0xd9) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) r2 = socket(0xa, 0x1, 0x84) bind$auto(r2, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) mq_timedsend$auto(0xffffffffffffffff, 0x0, 0xffffffffbffffff9, 0x5, 0x0) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) openat$auto_userio_fops_userio(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0) epoll_ctl$auto_EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000000c0)={0x4, 0x3}) write$auto(0x3, 0x0, 0xfdef) read$auto(0x3, 0x0, 0x1f40) 369.645189ms ago: executing program 3 (id=1939): openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC2\x00', 0x400, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x14ba41, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x9, 0x0) mmap$auto(0x0, 0x7bf, 0x3, 0xeb4, 0xfffffffffffffffa, 0x8001) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC2\x00', 0xd4206816ab95f368, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) prctl$auto(0x1000000003b, 0x1, 0x0, 0x5, 0x7) madvise$auto(0x0, 0x200007, 0x19) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/virtual/net/rose7/flags\x00', 0x2262, 0x0) write$auto(r1, &(0x7f0000000140)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k\xfc\xb2\x00\x00\x00\x00y\x113!\x05\xa7\xd6M\xce\xd6\'\xdf@\x9f\xf5 \x8b_hw\x8em\xd0\b\xe7~1\xf5\xf8\x93*jH\x85H\x05\xae\xdf\xf0\x15A\xdb$\'\x87', 0x81) write$auto(r1, &(0x7f0000000640)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V98\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\x80\x04z\xd0I>\x8f\x00\xd7\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x97nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb6\x9f4[!\x0f3u\xaf\x97\x97\x9d\x1dp\xf3\xab\xdfE[5\x86\xa2\xb92\xc0\x15L\xda\xe3\x04\\M\x85}\xdfh\xd2\xd93e\xf61^\x04\x0f\x85\xc7_\xd0\x8d9\xbd\xc6\xf3R\xea\x10\xb9\xa2\x94]\xf2\r\t\xff$\xeb\xfd1\x8d\x97\x80\x81\x95]\xb2H\xf4\x1c\x8c\xcf\x8eM\x0eB\xb0\x83\xa3\bF\xc7\xae\x1a\xa7r\x9c\xfe\xa5\xa0~\xe4o+\x9d\xb0\xa6\xe8\a\x9a}\x88\x0eKd\xe07\xf0\x88\xf2\xb7\xe3\xe3\b\xac\x1e\xa2a0\x83\x0f\x06\x9eD\xd0\xc6\xba\xa4\x13(l\xf6\xbc\x982\xa0@\xda\xe0\x96\xdc0X\x9c\n\xb3fs\xe1\xf5 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 165.476296][ T7003] RSP: 002b:00007fed9b9dd0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 165.476311][ T7003] RAX: ffffffffffffffda RBX: 00007fed9ade5fa8 RCX: 00007fed9ab8efc9 [ 165.476321][ T7003] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fed9ade5fa8 [ 165.476330][ T7003] RBP: 00007fed9ade5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 165.476339][ T7003] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 165.476347][ T7003] R13: 00007fed9ade6038 R14: 00007ffee3bb7d70 R15: 00007ffee3bb7e58 [ 165.476367][ T7003] [ 166.009771][ T7008] FAULT_INJECTION: forcing a failure. [ 166.009771][ T7008] name fail_futex, interval 1, probability 0, space 0, times 0 [ 166.059349][ T7008] CPU: 1 UID: 0 PID: 7008 Comm: syz.0.275 Not tainted syzkaller #0 PREEMPT(full) [ 166.059387][ T7008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 166.059404][ T7008] Call Trace: [ 166.059412][ T7008] [ 166.059423][ T7008] dump_stack_lvl+0x16c/0x1f0 [ 166.059460][ T7008] should_fail_ex+0x512/0x640 [ 166.059506][ T7008] get_futex_key+0x1d0/0x1560 [ 166.059545][ T7008] ? __pfx_get_futex_key+0x10/0x10 [ 166.059581][ T7008] ? import_iovec+0x86/0xb0 [ 166.059612][ T7008] futex_wake+0xea/0x530 [ 166.059648][ T7008] ? futex_wait+0x120/0x380 [ 166.059672][ T7008] ? __pfx_futex_wait+0x10/0x10 [ 166.059712][ T7008] ? __pfx_futex_wake+0x10/0x10 [ 166.059750][ T7008] ? __pfx_vfs_writev+0x10/0x10 [ 166.059779][ T7008] ? __might_fault+0xe3/0x190 [ 166.059803][ T7008] ? __might_fault+0x13b/0x190 [ 166.059835][ T7008] do_futex+0x1e3/0x350 [ 166.059870][ T7008] ? __pfx_do_futex+0x10/0x10 [ 166.059915][ T7008] __x64_sys_futex+0x1e0/0x4c0 [ 166.059955][ T7008] ? __pfx___x64_sys_futex+0x10/0x10 [ 166.059990][ T7008] ? __pfx_do_writev+0x10/0x10 [ 166.060026][ T7008] do_syscall_64+0xcd/0xfa0 [ 166.060059][ T7008] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 166.060086][ T7008] RIP: 0033:0x7fed9ab8efc9 [ 166.060106][ T7008] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 166.060130][ T7008] RSP: 002b:00007fed9b9dd0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 166.060155][ T7008] RAX: ffffffffffffffda RBX: 00007fed9ade5fa8 RCX: 00007fed9ab8efc9 [ 166.060174][ T7008] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fed9ade5fac [ 166.060191][ T7008] RBP: 00007fed9ade5fa0 R08: 00007fed9b9de000 R09: 0000000000000000 [ 166.060208][ T7008] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 166.060230][ T7008] R13: 00007fed9ade6038 R14: 00007ffee3bb7d70 R15: 00007ffee3bb7e58 [ 166.060268][ T7008] [ 166.392391][ T7017] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input32 [ 166.664700][ T7027] netlink: 8 bytes leftover after parsing attributes in process `syz.2.279'. [ 167.018907][ T7019] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input33 [ 168.709723][ T7068] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input34 [ 170.640975][ T7120] FAULT_INJECTION: forcing a failure. [ 170.640975][ T7120] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 170.669043][ T7120] CPU: 1 UID: 0 PID: 7120 Comm: syz.0.304 Not tainted syzkaller #0 PREEMPT(full) [ 170.669081][ T7120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 170.669097][ T7120] Call Trace: [ 170.669106][ T7120] [ 170.669117][ T7120] dump_stack_lvl+0x16c/0x1f0 [ 170.669155][ T7120] should_fail_ex+0x512/0x640 [ 170.669200][ T7120] _copy_from_user+0x2e/0xd0 [ 170.669244][ T7120] kvm_dev_ioctl_get_cpuid+0x45a/0x720 [ 170.669285][ T7120] ? __might_fault+0xe3/0x190 [ 170.669313][ T7120] ? __pfx_kvm_dev_ioctl_get_cpuid+0x10/0x10 [ 170.669364][ T7120] kvm_arch_dev_ioctl+0x3f8/0x760 [ 170.669391][ T7120] ? __pfx_kvm_arch_dev_ioctl+0x10/0x10 [ 170.669426][ T7120] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 170.669475][ T7120] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 170.669510][ T7120] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 170.669553][ T7120] kvm_dev_ioctl+0x72d/0x1a80 [ 170.669589][ T7120] ? find_held_lock+0x2b/0x80 [ 170.669617][ T7120] ? hook_file_ioctl_common+0x145/0x410 [ 170.669646][ T7120] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 170.669681][ T7120] ? __fget_files+0x20e/0x3c0 [ 170.669713][ T7120] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 170.669745][ T7120] __x64_sys_ioctl+0x18e/0x210 [ 170.669786][ T7120] do_syscall_64+0xcd/0xfa0 [ 170.669830][ T7120] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 170.669860][ T7120] RIP: 0033:0x7fed9ab8efc9 [ 170.669885][ T7120] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 170.669911][ T7120] RSP: 002b:00007fed9b9dd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 170.669938][ T7120] RAX: ffffffffffffffda RBX: 00007fed9ade5fa0 RCX: 00007fed9ab8efc9 [ 170.669955][ T7120] RDX: 0000000000000000 RSI: 00000000c008ae09 RDI: 0000000000000006 [ 170.669971][ T7120] RBP: 00007fed9ac11f91 R08: 0000000000000000 R09: 0000000000000000 [ 170.669987][ T7120] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 170.670002][ T7120] R13: 00007fed9ade6038 R14: 00007fed9ade5fa0 R15: 00007ffee3bb7e58 [ 170.670039][ T7120] [ 173.054848][ T7148] sg_write: data in/out 3292/1 bytes for SCSI command 0xa3-- guessing data in; [ 173.054848][ T7148] program syz.1.313 not setting count and/or reply_len properly [ 176.969546][ T7198] FAULT_INJECTION: forcing a failure. [ 176.969546][ T7198] name fail_futex, interval 1, probability 0, space 0, times 0 [ 177.013180][ T7198] CPU: 1 UID: 0 PID: 7198 Comm: syz.0.325 Not tainted syzkaller #0 PREEMPT(full) [ 177.013225][ T7198] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 177.013241][ T7198] Call Trace: [ 177.013250][ T7198] [ 177.013260][ T7198] dump_stack_lvl+0x16c/0x1f0 [ 177.013297][ T7198] should_fail_ex+0x512/0x640 [ 177.013342][ T7198] get_futex_key+0x1d0/0x1560 [ 177.013381][ T7198] ? __pfx_get_futex_key+0x10/0x10 [ 177.013418][ T7198] ? import_iovec+0x86/0xb0 [ 177.013449][ T7198] futex_wake+0xea/0x530 [ 177.013492][ T7198] ? __pfx_futex_wake+0x10/0x10 [ 177.013532][ T7198] ? __pfx_vfs_writev+0x10/0x10 [ 177.013574][ T7198] do_futex+0x1e3/0x350 [ 177.013609][ T7198] ? __pfx_do_futex+0x10/0x10 [ 177.013656][ T7198] __x64_sys_futex+0x1e0/0x4c0 [ 177.013698][ T7198] ? __pfx___x64_sys_futex+0x10/0x10 [ 177.013735][ T7198] ? __pfx_do_writev+0x10/0x10 [ 177.013772][ T7198] do_syscall_64+0xcd/0xfa0 [ 177.013805][ T7198] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 177.013833][ T7198] RIP: 0033:0x7fed9ab8efc9 [ 177.013854][ T7198] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 177.013879][ T7198] RSP: 002b:00007fed9b9bc0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 177.013905][ T7198] RAX: ffffffffffffffda RBX: 00007fed9ade6098 RCX: 00007fed9ab8efc9 [ 177.013922][ T7198] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fed9ade609c [ 177.013938][ T7198] RBP: 00007fed9ade6090 R08: 00007fed9b9de000 R09: 0000000000000000 [ 177.013954][ T7198] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 177.013969][ T7198] R13: 00007fed9ade6128 R14: 00007ffee3bb7d70 R15: 00007ffee3bb7e58 [ 177.014006][ T7198] [ 177.913935][ T7209] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input35 [ 178.890182][ T7220] netlink: 20 bytes leftover after parsing attributes in process `syz.1.331'. [ 178.946783][ T7220] bridge_slave_1: left allmulticast mode [ 178.968833][ T7220] bridge_slave_1: left promiscuous mode [ 178.984754][ T7220] bridge0: port 2(bridge_slave_1) entered disabled state [ 179.018635][ T7220] bridge_slave_0: left allmulticast mode [ 179.028358][ T7220] bridge_slave_0: left promiscuous mode [ 179.075829][ T7220] bridge0: port 1(bridge_slave_0) entered disabled state [ 180.499110][ T7242] FAULT_INJECTION: forcing a failure. [ 180.499110][ T7242] name fail_futex, interval 1, probability 0, space 0, times 0 [ 180.537395][ T7242] CPU: 1 UID: 0 PID: 7242 Comm: syz.0.337 Not tainted syzkaller #0 PREEMPT(full) [ 180.537432][ T7242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 180.537447][ T7242] Call Trace: [ 180.537456][ T7242] [ 180.537466][ T7242] dump_stack_lvl+0x16c/0x1f0 [ 180.537500][ T7242] should_fail_ex+0x512/0x640 [ 180.537545][ T7242] get_futex_key+0x1d0/0x1560 [ 180.537583][ T7242] ? __pfx_get_futex_key+0x10/0x10 [ 180.537621][ T7242] ? import_iovec+0x86/0xb0 [ 180.537660][ T7242] futex_wake+0xea/0x530 [ 180.537697][ T7242] ? futex_wait+0x120/0x380 [ 180.537721][ T7242] ? __pfx_futex_wait+0x10/0x10 [ 180.537760][ T7242] ? do_raw_spin_lock+0x12c/0x2b0 [ 180.537799][ T7242] ? __pfx_futex_wake+0x10/0x10 [ 180.537838][ T7242] ? __pfx_vfs_writev+0x10/0x10 [ 180.537866][ T7242] ? rds_connect+0xcb/0x740 [ 180.537900][ T7242] ? rcu_is_watching+0x12/0xc0 [ 180.537936][ T7242] do_futex+0x1e3/0x350 [ 180.537971][ T7242] ? __pfx_do_futex+0x10/0x10 [ 180.538015][ T7242] __x64_sys_futex+0x1e0/0x4c0 [ 180.538055][ T7242] ? __pfx___x64_sys_futex+0x10/0x10 [ 180.538091][ T7242] ? __pfx_do_writev+0x10/0x10 [ 180.538127][ T7242] do_syscall_64+0xcd/0xfa0 [ 180.538158][ T7242] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 180.538185][ T7242] RIP: 0033:0x7fed9ab8efc9 [ 180.538206][ T7242] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 180.538230][ T7242] RSP: 002b:00007fed9b9dd0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 180.538262][ T7242] RAX: ffffffffffffffda RBX: 00007fed9ade5fa8 RCX: 00007fed9ab8efc9 [ 180.538280][ T7242] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fed9ade5fac [ 180.538297][ T7242] RBP: 00007fed9ade5fa0 R08: 00007fed9b9de000 R09: 0000000000000000 [ 180.538314][ T7242] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 180.538331][ T7242] R13: 00007fed9ade6038 R14: 00007ffee3bb7d70 R15: 00007ffee3bb7e58 [ 180.538368][ T7242] [ 183.240042][ T7303] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input36 [ 183.406878][ T7307] random: crng reseeded on system resumption [ 183.611900][ T7305] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input37 [ 184.304436][ T7318] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input38 [ 184.465971][ T7322] netlink: 8 bytes leftover after parsing attributes in process `syz.2.361'. [ 184.900678][ T7321] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input39 [ 186.149395][ T7353] netlink: 8 bytes leftover after parsing attributes in process `syz.1.369'. [ 186.977471][ T7361] FAULT_INJECTION: forcing a failure. [ 186.977471][ T7361] name failslab, interval 1, probability 0, space 0, times 0 [ 186.991175][ T7361] CPU: 0 UID: 0 PID: 7361 Comm: syz.2.371 Not tainted syzkaller #0 PREEMPT(full) [ 186.991208][ T7361] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 186.991221][ T7361] Call Trace: [ 186.991230][ T7361] [ 186.991239][ T7361] dump_stack_lvl+0x16c/0x1f0 [ 186.991276][ T7361] should_fail_ex+0x512/0x640 [ 186.991317][ T7361] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 186.991347][ T7361] should_failslab+0xc2/0x120 [ 186.991385][ T7361] kmem_cache_alloc_noprof+0x75/0x6e0 [ 186.991416][ T7361] ? net_alloc_generic+0x1e/0x70 [ 186.991444][ T7361] ? copy_net_ns+0xe9/0x690 [ 186.991479][ T7361] ? copy_net_ns+0xe9/0x690 [ 186.991507][ T7361] copy_net_ns+0xe9/0x690 [ 186.991535][ T7361] ? copy_cgroup_ns+0x71/0x6b0 [ 186.991566][ T7361] create_new_namespaces+0x3ea/0xa90 [ 186.991602][ T7361] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 186.991632][ T7361] ksys_unshare+0x45b/0xa40 [ 186.991665][ T7361] ? __pfx_ksys_unshare+0x10/0x10 [ 186.991701][ T7361] ? syscall_user_dispatch+0x78/0x140 [ 186.991749][ T7361] __x64_sys_unshare+0x31/0x40 [ 186.991782][ T7361] do_syscall_64+0xcd/0xfa0 [ 186.991812][ T7361] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 186.991838][ T7361] RIP: 0033:0x7f893238efc9 [ 186.991859][ T7361] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 186.991884][ T7361] RSP: 002b:00007f89331e4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 186.991907][ T7361] RAX: ffffffffffffffda RBX: 00007f89325e6090 RCX: 00007f893238efc9 [ 186.991926][ T7361] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 186.991942][ T7361] RBP: 00007f8932411f91 R08: 0000000000000000 R09: 0000000000000000 [ 186.991956][ T7361] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 186.991971][ T7361] R13: 00007f89325e6128 R14: 00007f89325e6090 R15: 00007ffff96952b8 [ 186.992006][ T7361] [ 187.997438][ T7360] kexec: Could not allocate control_code_buffer [ 188.118282][ T7381] netlink: 8 bytes leftover after parsing attributes in process `syz.1.375'. [ 188.646692][ T7397] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input40 [ 188.859792][ T7405] netlink: 8 bytes leftover after parsing attributes in process `syz.0.383'. [ 188.996313][ T7400] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input41 [ 189.690674][ T7416] FAULT_INJECTION: forcing a failure. [ 189.690674][ T7416] name fail_futex, interval 1, probability 0, space 0, times 0 [ 189.725024][ T7416] CPU: 1 UID: 0 PID: 7416 Comm: syz.0.389 Not tainted syzkaller #0 PREEMPT(full) [ 189.725072][ T7416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 189.725089][ T7416] Call Trace: [ 189.725097][ T7416] [ 189.725108][ T7416] dump_stack_lvl+0x16c/0x1f0 [ 189.725145][ T7416] should_fail_ex+0x512/0x640 [ 189.725191][ T7416] get_futex_key+0x1d0/0x1560 [ 189.725231][ T7416] ? __pfx_get_futex_key+0x10/0x10 [ 189.725268][ T7416] ? import_iovec+0x86/0xb0 [ 189.725299][ T7416] futex_wake+0xea/0x530 [ 189.725336][ T7416] ? futex_wait+0x120/0x380 [ 189.725360][ T7416] ? __pfx_futex_wait+0x10/0x10 [ 189.725398][ T7416] ? do_raw_spin_lock+0x12c/0x2b0 [ 189.725438][ T7416] ? __pfx_futex_wake+0x10/0x10 [ 189.725478][ T7416] ? __pfx_vfs_writev+0x10/0x10 [ 189.725507][ T7416] ? rds_connect+0xcb/0x740 [ 189.725544][ T7416] ? rcu_is_watching+0x12/0xc0 [ 189.725582][ T7416] do_futex+0x1e3/0x350 [ 189.725618][ T7416] ? __pfx_do_futex+0x10/0x10 [ 189.725663][ T7416] __x64_sys_futex+0x1e0/0x4c0 [ 189.725704][ T7416] ? __pfx___x64_sys_futex+0x10/0x10 [ 189.725741][ T7416] ? __pfx_do_writev+0x10/0x10 [ 189.725778][ T7416] do_syscall_64+0xcd/0xfa0 [ 189.725811][ T7416] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 189.725838][ T7416] RIP: 0033:0x7fed9ab8efc9 [ 189.725860][ T7416] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 189.725885][ T7416] RSP: 002b:00007fed9b9dd0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 189.725910][ T7416] RAX: ffffffffffffffda RBX: 00007fed9ade5fa8 RCX: 00007fed9ab8efc9 [ 189.725928][ T7416] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fed9ade5fac [ 189.725945][ T7416] RBP: 00007fed9ade5fa0 R08: 00007fed9b9de000 R09: 0000000000000000 [ 189.725961][ T7416] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 189.725978][ T7416] R13: 00007fed9ade6038 R14: 00007ffee3bb7d70 R15: 00007ffee3bb7e58 [ 189.726015][ T7416] [ 189.986516][ T7429] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input42 [ 190.110142][ T7435] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input43 [ 190.265916][ T7429] netlink: 8 bytes leftover after parsing attributes in process `syz.2.392'. [ 190.530907][ T7444] netlink: 8 bytes leftover after parsing attributes in process `syz.3.396'. [ 190.998505][ T7459] netlink: 8 bytes leftover after parsing attributes in process `syz.3.401'. [ 192.481109][ T7448] kexec: Could not allocate control_code_buffer [ 192.746141][ T7497] FAULT_INJECTION: forcing a failure. [ 192.746141][ T7497] name fail_futex, interval 1, probability 0, space 0, times 0 [ 192.787798][ T7497] CPU: 0 UID: 0 PID: 7497 Comm: syz.2.410 Not tainted syzkaller #0 PREEMPT(full) [ 192.787838][ T7497] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 192.787854][ T7497] Call Trace: [ 192.787863][ T7497] [ 192.787874][ T7497] dump_stack_lvl+0x16c/0x1f0 [ 192.787910][ T7497] should_fail_ex+0x512/0x640 [ 192.787955][ T7497] get_futex_key+0x1d0/0x1560 [ 192.787994][ T7497] ? __pfx_get_futex_key+0x10/0x10 [ 192.788026][ T7497] ? futex_private_hash_put+0x176/0x300 [ 192.788070][ T7497] futex_wake+0xea/0x530 [ 192.788106][ T7497] ? futex_wait+0x120/0x380 [ 192.788129][ T7497] ? __pfx_futex_wait+0x10/0x10 [ 192.788169][ T7497] ? __pfx_futex_wake+0x10/0x10 [ 192.788225][ T7497] do_futex+0x1e3/0x350 [ 192.788261][ T7497] ? __pfx_do_futex+0x10/0x10 [ 192.788296][ T7497] ? __pfx___do_sys_clone+0x10/0x10 [ 192.788336][ T7497] __x64_sys_futex+0x1e0/0x4c0 [ 192.788377][ T7497] ? __pfx___x64_sys_futex+0x10/0x10 [ 192.788426][ T7497] do_syscall_64+0xcd/0xfa0 [ 192.788458][ T7497] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 192.788485][ T7497] RIP: 0033:0x7f893238efc9 [ 192.788505][ T7497] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 192.788532][ T7497] RSP: 002b:00007f89331e40e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 192.788558][ T7497] RAX: ffffffffffffffda RBX: 00007f89325e6098 RCX: 00007f893238efc9 [ 192.788576][ T7497] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f89325e609c [ 192.788593][ T7497] RBP: 00007f89325e6090 R08: 00007f8933206000 R09: 0000000000000000 [ 192.788609][ T7497] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 192.788625][ T7497] R13: 00007f89325e6128 R14: 00007ffff96951d0 R15: 00007ffff96952b8 [ 192.788662][ T7497] [ 193.037438][ T7500] svc: failed to register nfsdv3 RPC service (errno 111). [ 193.049078][ T7500] svc: failed to register nfsaclv3 RPC service (errno 111). [ 193.186687][ T7503] FAULT_INJECTION: forcing a failure. [ 193.186687][ T7503] name fail_futex, interval 1, probability 0, space 0, times 0 [ 193.207529][ T7503] CPU: 1 UID: 0 PID: 7503 Comm: syz.2.414 Not tainted syzkaller #0 PREEMPT(full) [ 193.207568][ T7503] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 193.207584][ T7503] Call Trace: [ 193.207592][ T7503] [ 193.207603][ T7503] dump_stack_lvl+0x16c/0x1f0 [ 193.207640][ T7503] should_fail_ex+0x512/0x640 [ 193.207687][ T7503] get_futex_key+0x1d0/0x1560 [ 193.207726][ T7503] ? __pfx_get_futex_key+0x10/0x10 [ 193.207764][ T7503] ? import_iovec+0x86/0xb0 [ 193.207795][ T7503] futex_wake+0xea/0x530 [ 193.207829][ T7503] ? futex_wait+0x120/0x380 [ 193.207852][ T7503] ? __pfx_futex_wait+0x10/0x10 [ 193.207888][ T7503] ? __pfx_futex_wake+0x10/0x10 [ 193.207926][ T7503] ? __pfx_vfs_writev+0x10/0x10 [ 193.207954][ T7503] ? rds_connect+0xcb/0x740 [ 193.207990][ T7503] ? rcu_is_watching+0x12/0xc0 [ 193.208026][ T7503] do_futex+0x1e3/0x350 [ 193.208061][ T7503] ? __pfx_do_futex+0x10/0x10 [ 193.208106][ T7503] __x64_sys_futex+0x1e0/0x4c0 [ 193.208147][ T7503] ? __pfx___x64_sys_futex+0x10/0x10 [ 193.208183][ T7503] ? __pfx_do_writev+0x10/0x10 [ 193.208220][ T7503] do_syscall_64+0xcd/0xfa0 [ 193.208252][ T7503] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 193.208279][ T7503] RIP: 0033:0x7f893238efc9 [ 193.208300][ T7503] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 193.208326][ T7503] RSP: 002b:00007f89332050e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 193.208352][ T7503] RAX: ffffffffffffffda RBX: 00007f89325e5fa8 RCX: 00007f893238efc9 [ 193.208370][ T7503] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f89325e5fac [ 193.208386][ T7503] RBP: 00007f89325e5fa0 R08: 00007f8933206000 R09: 0000000000000000 [ 193.208403][ T7503] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 193.208419][ T7503] R13: 00007f89325e6038 R14: 00007ffff96951d0 R15: 00007ffff96952b8 [ 193.208450][ T7503] [ 193.708949][ T7512] random: crng reseeded on system resumption [ 194.398622][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.407938][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.204511][ T7542] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input44 [ 195.389977][ T7548] random: crng reseeded on system resumption [ 195.428062][ T7544] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input45 [ 197.326875][ T7586] svc: failed to register nfsdv3 RPC service (errno 111). [ 197.346545][ T7586] svc: failed to register nfsaclv3 RPC service (errno 111). [ 197.419734][ T7592] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input46 [ 197.657407][ T7599] random: crng reseeded on system resumption [ 197.811059][ T7596] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input47 [ 198.547410][ T7614] syz.3.445 uses obsolete (PF_INET,SOCK_PACKET) [ 200.603908][ T7659] FAULT_INJECTION: forcing a failure. [ 200.603908][ T7659] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 200.618655][ T7659] CPU: 0 UID: 0 PID: 7659 Comm: syz.0.459 Not tainted syzkaller #0 PREEMPT(full) [ 200.618694][ T7659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 200.618710][ T7659] Call Trace: [ 200.618718][ T7659] [ 200.618728][ T7659] dump_stack_lvl+0x16c/0x1f0 [ 200.618763][ T7659] should_fail_ex+0x512/0x640 [ 200.618806][ T7659] should_fail_alloc_page+0xe7/0x130 [ 200.618844][ T7659] prepare_alloc_pages+0x3c2/0x610 [ 200.618878][ T7659] ? rcu_is_watching+0x12/0xc0 [ 200.618911][ T7659] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 200.618945][ T7659] ? rcu_is_watching+0x12/0xc0 [ 200.618973][ T7659] ? trace_mm_page_alloc+0x11f/0x1a0 [ 200.619007][ T7659] ? __alloc_frozen_pages_noprof+0x292/0x2470 [ 200.619048][ T7659] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 200.619082][ T7659] ? is_bpf_text_address+0x8a/0x1a0 [ 200.619120][ T7659] ? bpf_ksym_find+0x124/0x1c0 [ 200.619153][ T7659] ? is_bpf_text_address+0x94/0x1a0 [ 200.619189][ T7659] ? kernel_text_address+0x8d/0x100 [ 200.619230][ T7659] ? __kernel_text_address+0xd/0x40 [ 200.619253][ T7659] ? unwind_get_return_address+0x59/0xa0 [ 200.619294][ T7659] alloc_pages_bulk_noprof+0x71c/0x1410 [ 200.619322][ T7659] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 200.619366][ T7659] ? policy_nodemask+0xea/0x4e0 [ 200.619403][ T7659] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 200.619433][ T7659] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 200.619484][ T7659] kasan_populate_vmalloc+0x112/0x2d0 [ 200.619513][ T7659] ? alloc_vmap_area+0x8b5/0x29e0 [ 200.619553][ T7659] alloc_vmap_area+0x960/0x29e0 [ 200.619601][ T7659] ? __pfx_alloc_vmap_area+0x10/0x10 [ 200.619644][ T7659] __get_vm_area_node+0x1ca/0x330 [ 200.619687][ T7659] __vmalloc_node_range_noprof+0x271/0x1480 [ 200.619725][ T7659] ? kernel_clone+0xfc/0x930 [ 200.619767][ T7659] ? kernel_clone+0xfc/0x930 [ 200.619806][ T7659] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 200.619851][ T7659] ? rcu_is_watching+0x12/0xc0 [ 200.619883][ T7659] ? kernel_clone+0xfc/0x930 [ 200.619912][ T7659] __vmalloc_node_noprof+0xad/0xf0 [ 200.619949][ T7659] ? kernel_clone+0xfc/0x930 [ 200.619984][ T7659] copy_process+0x2c77/0x76a0 [ 200.620038][ T7659] ? __pfx_copy_process+0x10/0x10 [ 200.620071][ T7659] ? futex_private_hash_put+0x176/0x300 [ 200.620111][ T7659] ? futex_private_hash_put+0x18a/0x300 [ 200.620152][ T7659] kernel_clone+0xfc/0x930 [ 200.620185][ T7659] ? __pfx_futex_wake+0x10/0x10 [ 200.620224][ T7659] ? __pfx_kernel_clone+0x10/0x10 [ 200.620276][ T7659] __do_sys_clone+0xce/0x120 [ 200.620308][ T7659] ? __pfx___do_sys_clone+0x10/0x10 [ 200.620357][ T7659] ? xfd_validate_state+0x61/0x180 [ 200.620406][ T7659] do_syscall_64+0xcd/0xfa0 [ 200.620439][ T7659] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 200.620465][ T7659] RIP: 0033:0x7fed9ab8efc9 [ 200.620487][ T7659] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 200.620512][ T7659] RSP: 002b:00007fed9b9dcfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 200.620539][ T7659] RAX: ffffffffffffffda RBX: 00007fed9ade5fa0 RCX: 00007fed9ab8efc9 [ 200.620556][ T7659] RDX: 0000000000000000 RSI: 0000000000020010 RDI: 0000000000000000 [ 200.620572][ T7659] RBP: 00007fed9ac11f91 R08: 0000000000000000 R09: 0000000000000000 [ 200.620589][ T7659] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 200.620629][ T7659] R13: 00007fed9ade6038 R14: 00007fed9ade5fa0 R15: 00007ffee3bb7e58 [ 200.620667][ T7659] [ 201.019002][ T7659] syz.0.459: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 201.089483][ T7659] CPU: 1 UID: 0 PID: 7659 Comm: syz.0.459 Not tainted syzkaller #0 PREEMPT(full) [ 201.089520][ T7659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 201.089535][ T7659] Call Trace: [ 201.089543][ T7659] [ 201.089553][ T7659] dump_stack_lvl+0x16c/0x1f0 [ 201.089588][ T7659] warn_alloc+0x248/0x3a0 [ 201.089618][ T7659] ? __pfx_warn_alloc+0x10/0x10 [ 201.089647][ T7659] ? kfree+0x2b8/0x6d0 [ 201.089666][ T7659] ? __get_vm_area_node+0x2cd/0x330 [ 201.089708][ T7659] ? __get_vm_area_node+0x2cd/0x330 [ 201.089750][ T7659] ? __get_vm_area_node+0x208/0x330 [ 201.089793][ T7659] __vmalloc_node_range_noprof+0xaf5/0x1480 [ 201.089843][ T7659] ? kernel_clone+0xfc/0x930 [ 201.089884][ T7659] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 201.089928][ T7659] ? rcu_is_watching+0x12/0xc0 [ 201.089959][ T7659] ? kernel_clone+0xfc/0x930 [ 201.089987][ T7659] __vmalloc_node_noprof+0xad/0xf0 [ 201.090023][ T7659] ? kernel_clone+0xfc/0x930 [ 201.090058][ T7659] copy_process+0x2c77/0x76a0 [ 201.090105][ T7659] ? __pfx_copy_process+0x10/0x10 [ 201.090136][ T7659] ? futex_private_hash_put+0x176/0x300 [ 201.090174][ T7659] ? futex_private_hash_put+0x18a/0x300 [ 201.090213][ T7659] kernel_clone+0xfc/0x930 [ 201.090244][ T7659] ? __pfx_futex_wake+0x10/0x10 [ 201.090282][ T7659] ? __pfx_kernel_clone+0x10/0x10 [ 201.090333][ T7659] __do_sys_clone+0xce/0x120 [ 201.090365][ T7659] ? __pfx___do_sys_clone+0x10/0x10 [ 201.090413][ T7659] ? xfd_validate_state+0x61/0x180 [ 201.090461][ T7659] do_syscall_64+0xcd/0xfa0 [ 201.090496][ T7659] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 201.090523][ T7659] RIP: 0033:0x7fed9ab8efc9 [ 201.090545][ T7659] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 201.090570][ T7659] RSP: 002b:00007fed9b9dcfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 201.090595][ T7659] RAX: ffffffffffffffda RBX: 00007fed9ade5fa0 RCX: 00007fed9ab8efc9 [ 201.090612][ T7659] RDX: 0000000000000000 RSI: 0000000000020010 RDI: 0000000000000000 [ 201.090628][ T7659] RBP: 00007fed9ac11f91 R08: 0000000000000000 R09: 0000000000000000 [ 201.090645][ T7659] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 201.090660][ T7659] R13: 00007fed9ade6038 R14: 00007fed9ade5fa0 R15: 00007ffee3bb7e58 [ 201.090697][ T7659] [ 201.090777][ T7659] Mem-Info: [ 201.397122][ T7659] active_anon:30331 inactive_anon:0 isolated_anon:0 [ 201.397122][ T7659] active_file:16104 inactive_file:40432 isolated_file:0 [ 201.397122][ T7659] unevictable:768 dirty:151 writeback:0 [ 201.397122][ T7659] slab_reclaimable:11342 slab_unreclaimable:95878 [ 201.397122][ T7659] mapped:31109 shmem:14151 pagetables:1196 [ 201.397122][ T7659] sec_pagetables:0 bounce:0 [ 201.397122][ T7659] kernel_misc_reclaimable:0 [ 201.397122][ T7659] free:1292997 free_pcp:22385 free_cma:0 [ 201.485049][ T7656] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 201.504980][ T7659] Node 0 active_anon:126424kB inactive_anon:0kB active_file:64416kB inactive_file:161596kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:125736kB dirty:604kB writeback:0kB shmem:57568kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11572kB pagetables:4756kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 201.527822][ T7663] netlink: set zone limit has 8 unknown bytes [ 201.554228][ T7659] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:132kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:128kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 201.655904][ T7659] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 201.729017][ T7659] lowmem_reserve[]: 0 2485 2487 2487 2487 [ 201.748812][ T7659] Node 0 DMA32 free:1261756kB boost:0kB min:34108kB low:42632kB high:51156kB reserved_highatomic:0KB free_highatomic:0KB active_anon:136524kB inactive_anon:0kB active_file:64416kB inactive_file:161596kB unevictable:1536kB writepending:604kB zspages:0kB present:3129332kB managed:2545096kB mlocked:0kB bounce:0kB free_pcp:52452kB local_pcp:19236kB free_cma:0kB [ 201.818741][ T7659] lowmem_reserve[]: 0 0 1 1 1 [ 201.823535][ T7659] Node 0 Normal free:0kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 201.860183][ T7672] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input48 [ 201.880204][ T7659] lowmem_reserve[]: 0 0 0 0 0 [ 201.884984][ T7659] Node 1 Normal free:3886272kB boost:0kB min:55768kB low:69708kB high:83648kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:132kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:26348kB local_pcp:16244kB free_cma:0kB [ 201.933540][ T7659] lowmem_reserve[]: 0 0 0 0 0 [ 201.943655][ T7659] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 201.958851][ T7659] Node 0 DMA32: 1120*4kB (UME) 708*8kB (UME) 397*16kB (UME) 468*32kB (UME) 163*64kB (UME) 194*128kB (UME) 116*256kB (UM) 87*512kB (UME) 54*1024kB (UM) 35*2048kB (UME) 242*4096kB (UM) = 1259184kB [ 202.011770][ T7659] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 202.052866][ T7659] Node 1 Normal: 108*4kB (UME) 44*8kB (UME) 13*16kB (UME) 71*32kB (UME) 36*64kB (UME) 8*128kB (UME) 5*256kB (UME) 3*512kB (UE) 0*1024kB 3*2048kB (UME) 945*4096kB (M) = 3886272kB [ 202.102006][ T7659] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 202.116844][ T7659] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 202.138785][ T7659] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 202.163751][ T7659] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 202.180551][ T7659] 76687 total pagecache pages [ 202.192185][ T7659] 0 pages in swap cache [ 202.202208][ T7659] Free swap = 124992kB [ 202.221526][ T7659] Total swap = 124996kB [ 202.231379][ T7659] 2097051 pages RAM [ 202.242895][ T7675] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input49 [ 202.256929][ T7659] 0 pages HighMem/MovableOnly [ 202.287388][ T7659] 428687 pages reserved [ 202.294466][ T7659] 0 pages cma reserved [ 204.034129][ T7709] FAULT_INJECTION: forcing a failure. [ 204.034129][ T7709] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 204.097477][ T7709] CPU: 1 UID: 0 PID: 7709 Comm: syz.2.471 Not tainted syzkaller #0 PREEMPT(full) [ 204.097515][ T7709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 204.097530][ T7709] Call Trace: [ 204.097539][ T7709] [ 204.097547][ T7709] dump_stack_lvl+0x16c/0x1f0 [ 204.097568][ T7709] should_fail_ex+0x512/0x640 [ 204.097594][ T7709] should_fail_alloc_page+0xe7/0x130 [ 204.097615][ T7709] prepare_alloc_pages+0x3c2/0x610 [ 204.097633][ T7709] ? rcu_is_watching+0x12/0xc0 [ 204.097649][ T7709] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 204.097666][ T7709] ? rcu_is_watching+0x12/0xc0 [ 204.097680][ T7709] ? trace_mm_page_alloc+0x11f/0x1a0 [ 204.097704][ T7709] ? __alloc_frozen_pages_noprof+0x292/0x2470 [ 204.097721][ T7709] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 204.097738][ T7709] ? is_bpf_text_address+0x8a/0x1a0 [ 204.097758][ T7709] ? bpf_ksym_find+0x124/0x1c0 [ 204.097774][ T7709] ? is_bpf_text_address+0x94/0x1a0 [ 204.097794][ T7709] ? kernel_text_address+0x8d/0x100 [ 204.097815][ T7709] ? __kernel_text_address+0xd/0x40 [ 204.097826][ T7709] ? unwind_get_return_address+0x59/0xa0 [ 204.097847][ T7709] alloc_pages_bulk_noprof+0x71c/0x1410 [ 204.097861][ T7709] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 204.097883][ T7709] ? policy_nodemask+0xea/0x4e0 [ 204.097903][ T7709] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 204.097918][ T7709] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 204.097943][ T7709] kasan_populate_vmalloc+0x112/0x2d0 [ 204.097958][ T7709] ? alloc_vmap_area+0x8b5/0x29e0 [ 204.097979][ T7709] alloc_vmap_area+0x960/0x29e0 [ 204.098003][ T7709] ? __pfx_alloc_vmap_area+0x10/0x10 [ 204.098024][ T7709] __get_vm_area_node+0x1ca/0x330 [ 204.098045][ T7709] __vmalloc_node_range_noprof+0x271/0x1480 [ 204.098065][ T7709] ? kernel_clone+0xfc/0x930 [ 204.098086][ T7709] ? kernel_clone+0xfc/0x930 [ 204.098106][ T7709] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 204.098129][ T7709] ? rcu_is_watching+0x12/0xc0 [ 204.098144][ T7709] ? kernel_clone+0xfc/0x930 [ 204.098159][ T7709] __vmalloc_node_noprof+0xad/0xf0 [ 204.098177][ T7709] ? kernel_clone+0xfc/0x930 [ 204.098199][ T7709] copy_process+0x2c77/0x76a0 [ 204.098223][ T7709] ? __pfx_copy_process+0x10/0x10 [ 204.098238][ T7709] ? futex_private_hash_put+0x176/0x300 [ 204.098258][ T7709] ? futex_private_hash_put+0x18a/0x300 [ 204.098278][ T7709] kernel_clone+0xfc/0x930 [ 204.098295][ T7709] ? __pfx_futex_wake+0x10/0x10 [ 204.098316][ T7709] ? __pfx_kernel_clone+0x10/0x10 [ 204.098342][ T7709] __do_sys_clone+0xce/0x120 [ 204.098359][ T7709] ? __pfx___do_sys_clone+0x10/0x10 [ 204.098383][ T7709] ? xfd_validate_state+0x61/0x180 [ 204.098407][ T7709] do_syscall_64+0xcd/0xfa0 [ 204.098425][ T7709] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 204.098439][ T7709] RIP: 0033:0x7f893238efc9 [ 204.098453][ T7709] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 204.098468][ T7709] RSP: 002b:00007f89331e3fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 204.098483][ T7709] RAX: ffffffffffffffda RBX: 00007f89325e6090 RCX: 00007f893238efc9 [ 204.098492][ T7709] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 204.098501][ T7709] RBP: 00007f8932411f91 R08: 0000000000000000 R09: 0000000000000000 [ 204.098510][ T7709] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 204.098518][ T7709] R13: 00007f89325e6128 R14: 00007f89325e6090 R15: 00007ffff96952b8 [ 204.098537][ T7709] [ 208.142657][ T30] audit: type=1800 audit(4294967313.410:2): pid=7767 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.488" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 208.183024][ T7768] netlink: 8 bytes leftover after parsing attributes in process `syz.2.489'. [ 209.542728][ T7791] FAULT_INJECTION: forcing a failure. [ 209.542728][ T7791] name failslab, interval 1, probability 0, space 0, times 0 [ 209.555537][ T7791] CPU: 0 UID: 0 PID: 7791 Comm: syz.2.495 Not tainted syzkaller #0 PREEMPT(full) [ 209.555557][ T7791] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 209.555566][ T7791] Call Trace: [ 209.555571][ T7791] [ 209.555576][ T7791] dump_stack_lvl+0x16c/0x1f0 [ 209.555597][ T7791] should_fail_ex+0x512/0x640 [ 209.555618][ T7791] ? __kmalloc_noprof+0xca/0x880 [ 209.555643][ T7791] should_failslab+0xc2/0x120 [ 209.555661][ T7791] __kmalloc_noprof+0xdd/0x880 [ 209.555681][ T7791] ? lsm_blob_alloc+0x68/0x90 [ 209.555700][ T7791] ? lsm_blob_alloc+0x68/0x90 [ 209.555715][ T7791] lsm_blob_alloc+0x68/0x90 [ 209.555731][ T7791] security_prepare_creds+0x30/0x270 [ 209.555748][ T7791] prepare_creds+0x56f/0x7d0 [ 209.555769][ T7791] copy_creds+0xa7/0xa50 [ 209.555791][ T7791] copy_process+0xffc/0x76a0 [ 209.555807][ T7791] ? __pfx___futex_wait+0x10/0x10 [ 209.555836][ T7791] ? __pfx_copy_process+0x10/0x10 [ 209.555851][ T7791] ? futex_private_hash_put+0x176/0x300 [ 209.555870][ T7791] ? futex_private_hash_put+0x18a/0x300 [ 209.555890][ T7791] kernel_clone+0xfc/0x930 [ 209.555908][ T7791] ? __pfx_kernel_clone+0x10/0x10 [ 209.555934][ T7791] __do_sys_clone+0xce/0x120 [ 209.555958][ T7791] ? __pfx___do_sys_clone+0x10/0x10 [ 209.555984][ T7791] ? xfd_validate_state+0x61/0x180 [ 209.556011][ T7791] do_syscall_64+0xcd/0xfa0 [ 209.556029][ T7791] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 209.556043][ T7791] RIP: 0033:0x7f893238efc9 [ 209.556054][ T7791] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 209.556067][ T7791] RSP: 002b:00007f8933204fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 209.556080][ T7791] RAX: ffffffffffffffda RBX: 00007f89325e5fa0 RCX: 00007f893238efc9 [ 209.556089][ T7791] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 209.556098][ T7791] RBP: 00007f8932411f91 R08: 0000000000000000 R09: 0000000000000000 [ 209.556106][ T7791] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 209.556115][ T7791] R13: 00007f89325e6038 R14: 00007f89325e5fa0 R15: 00007ffff96952b8 [ 209.556134][ T7791] [ 210.222715][ T7803] FAULT_INJECTION: forcing a failure. [ 210.222715][ T7803] name failslab, interval 1, probability 0, space 0, times 0 [ 210.257704][ T7803] CPU: 0 UID: 0 PID: 7803 Comm: syz.0.497 Not tainted syzkaller #0 PREEMPT(full) [ 210.257779][ T7803] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 210.257815][ T7803] Call Trace: [ 210.257835][ T7803] [ 210.257858][ T7803] dump_stack_lvl+0x16c/0x1f0 [ 210.257909][ T7803] should_fail_ex+0x512/0x640 [ 210.257947][ T7803] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0 [ 210.257980][ T7803] should_failslab+0xc2/0x120 [ 210.258015][ T7803] kmem_cache_alloc_lru_noprof+0x79/0x6e0 [ 210.258042][ T7803] ? _raw_spin_unlock+0x28/0x50 [ 210.258069][ T7803] ? sock_alloc_inode+0x25/0x1c0 [ 210.258105][ T7803] ? __pfx_sock_alloc_inode+0x10/0x10 [ 210.258133][ T7803] ? sock_alloc_inode+0x25/0x1c0 [ 210.258160][ T7803] sock_alloc_inode+0x25/0x1c0 [ 210.258190][ T7803] alloc_inode+0x64/0x240 [ 210.258225][ T7803] sock_alloc+0x40/0x280 [ 210.258254][ T7803] __sock_create+0xc1/0x8d0 [ 210.258293][ T7803] inet_ctl_sock_create+0x94/0x230 [ 210.258331][ T7803] ? __pfx_inet_ctl_sock_create+0x10/0x10 [ 210.258367][ T7803] ? ndisc_net_init+0x1bc/0x250 [ 210.258403][ T7803] ? __pfx_ndisc_net_init+0x10/0x10 [ 210.258446][ T7803] igmp6_net_init+0x1b2/0x470 [ 210.258484][ T7803] ? __pfx_igmp6_net_init+0x10/0x10 [ 210.258520][ T7803] ops_init+0x1e2/0x5f0 [ 210.258551][ T7803] setup_net+0x100/0x390 [ 210.258579][ T7803] ? __pfx_setup_net+0x10/0x10 [ 210.258608][ T7803] ? debug_mutex_init+0x37/0x70 [ 210.258641][ T7803] copy_net_ns+0x2f8/0x690 [ 210.258678][ T7803] create_new_namespaces+0x3ea/0xa90 [ 210.258713][ T7803] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 210.258742][ T7803] ksys_unshare+0x45b/0xa40 [ 210.258776][ T7803] ? __pfx_ksys_unshare+0x10/0x10 [ 210.258812][ T7803] ? xfd_validate_state+0x61/0x180 [ 210.258860][ T7803] __x64_sys_unshare+0x31/0x40 [ 210.258902][ T7803] do_syscall_64+0xcd/0xfa0 [ 210.258936][ T7803] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 210.258965][ T7803] RIP: 0033:0x7fed9ab8efc9 [ 210.258987][ T7803] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 210.259013][ T7803] RSP: 002b:00007fed9b9dd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 210.259039][ T7803] RAX: ffffffffffffffda RBX: 00007fed9ade5fa0 RCX: 00007fed9ab8efc9 [ 210.259056][ T7803] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 210.259071][ T7803] RBP: 00007fed9ac11f91 R08: 0000000000000000 R09: 0000000000000000 [ 210.259087][ T7803] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 210.259102][ T7803] R13: 00007fed9ade6038 R14: 00007fed9ade5fa0 R15: 00007ffee3bb7e58 [ 210.259138][ T7803] [ 210.629117][ T7803] socket: no more sockets [ 210.639049][ T7803] Failed to initialize the IGMP6 autojoin socket (err -23) [ 211.174355][ T7813] capability: warning: `syz.0.500' uses 32-bit capabilities (legacy support in use) [ 211.303193][ T5830] block nbd0: Receive control failed (result -107) [ 211.988922][ T5828] Bluetooth: hci0: command 0x0406 tx timeout [ 212.070790][ T5828] Bluetooth: hci2: command 0x0406 tx timeout [ 212.070826][ T5830] Bluetooth: hci3: command 0x0406 tx timeout [ 212.076935][ T5825] Bluetooth: hci1: command 0x0406 tx timeout [ 212.309663][ T7836] FAULT_INJECTION: forcing a failure. [ 212.309663][ T7836] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 212.432021][ T7836] CPU: 0 UID: 0 PID: 7836 Comm: syz.2.505 Not tainted syzkaller #0 PREEMPT(full) [ 212.432055][ T7836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 212.432074][ T7836] Call Trace: [ 212.432082][ T7836] [ 212.432096][ T7836] dump_stack_lvl+0x16c/0x1f0 [ 212.432138][ T7836] should_fail_ex+0x512/0x640 [ 212.432176][ T7836] _copy_to_user+0x32/0xd0 [ 212.432215][ T7836] simple_read_from_buffer+0xcb/0x170 [ 212.432254][ T7836] proc_fail_nth_read+0x197/0x240 [ 212.432283][ T7836] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 212.432312][ T7836] ? rw_verify_area+0xcf/0x6c0 [ 212.432334][ T7836] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 212.432359][ T7836] vfs_read+0x1e4/0xcf0 [ 212.432378][ T7836] ? __pfx___mutex_lock+0x10/0x10 [ 212.432396][ T7836] ? __pfx_vfs_read+0x10/0x10 [ 212.432415][ T7836] ? __fget_files+0x20e/0x3c0 [ 212.432435][ T7836] ksys_read+0x12a/0x250 [ 212.432449][ T7836] ? __pfx_ksys_read+0x10/0x10 [ 212.432471][ T7836] do_syscall_64+0xcd/0xfa0 [ 212.432488][ T7836] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 212.432503][ T7836] RIP: 0033:0x7f893238d9dc [ 212.432515][ T7836] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 212.432528][ T7836] RSP: 002b:00007f89331e4030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 212.432542][ T7836] RAX: ffffffffffffffda RBX: 00007f89325e6090 RCX: 00007f893238d9dc [ 212.432552][ T7836] RDX: 000000000000000f RSI: 00007f89331e40a0 RDI: 0000000000000003 [ 212.432560][ T7836] RBP: 00007f89331e4090 R08: 0000000000000000 R09: 0000000000000018 [ 212.432568][ T7836] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000001 [ 212.432576][ T7836] R13: 00007f89325e6128 R14: 00007f89325e6090 R15: 00007ffff96952b8 [ 212.432596][ T7836] [ 216.023910][ T5838] block nbd1: Receive control failed (result -107) [ 218.210597][ T7950] netlink: 12 bytes leftover after parsing attributes in process `syz.0.536'. [ 220.084967][ T7998] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input50 [ 220.371194][ T8001] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input51 [ 221.005458][ T8024] zram: Removed device: zram0 [ 222.351292][ T8060] netlink: 4 bytes leftover after parsing attributes in process `syz.2.564'. [ 223.019414][ T8067] FAULT_INJECTION: forcing a failure. [ 223.019414][ T8067] name fail_futex, interval 1, probability 0, space 0, times 0 [ 223.087729][ T8067] CPU: 0 UID: 0 PID: 8067 Comm: syz.2.566 Not tainted syzkaller #0 PREEMPT(full) [ 223.087764][ T8067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 223.087779][ T8067] Call Trace: [ 223.087787][ T8067] [ 223.087796][ T8067] dump_stack_lvl+0x16c/0x1f0 [ 223.087831][ T8067] should_fail_ex+0x512/0x640 [ 223.087875][ T8067] get_futex_key+0x1d0/0x1560 [ 223.087910][ T8067] ? __pfx_get_futex_key+0x10/0x10 [ 223.087946][ T8067] ? find_held_lock+0x2b/0x80 [ 223.087977][ T8067] futex_wake+0xea/0x530 [ 223.088016][ T8067] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 223.088047][ T8067] ? __pfx_futex_wake+0x10/0x10 [ 223.088087][ T8067] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 223.088114][ T8067] ? get_filter+0x146/0x1b0 [ 223.088145][ T8067] ? __pfx_get_filter+0x10/0x10 [ 223.088183][ T8067] do_futex+0x1e3/0x350 [ 223.088219][ T8067] ? __pfx_do_futex+0x10/0x10 [ 223.088256][ T8067] ? find_held_lock+0x2b/0x80 [ 223.088286][ T8067] __x64_sys_futex+0x1e0/0x4c0 [ 223.088327][ T8067] ? __fget_files+0x20e/0x3c0 [ 223.088351][ T8067] ? __pfx___x64_sys_futex+0x10/0x10 [ 223.088391][ T8067] ? fput+0x9b/0xd0 [ 223.088428][ T8067] do_syscall_64+0xcd/0xfa0 [ 223.088461][ T8067] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 223.088485][ T8067] RIP: 0033:0x7f893238efc9 [ 223.088507][ T8067] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 223.088532][ T8067] RSP: 002b:00007f89332050e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 223.088557][ T8067] RAX: ffffffffffffffda RBX: 00007f89325e5fa8 RCX: 00007f893238efc9 [ 223.088575][ T8067] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f89325e5fac [ 223.088591][ T8067] RBP: 00007f89325e5fa0 R08: 00007f8933206000 R09: 0000000000000000 [ 223.088608][ T8067] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 223.088624][ T8067] R13: 00007f89325e6038 R14: 00007ffff96951d0 R15: 00007ffff96952b8 [ 223.088661][ T8067] [ 223.957267][ T5838] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 223.957305][ T5838] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260 [ 223.973027][ T5838] Bluetooth: hci3: Unknown advertising packet type: 0x7f [ 223.973085][ T5838] Bluetooth: hci3: adv larger than maximum supported [ 223.980429][ T5838] Bluetooth: hci3: Malformed LE Event: 0x0d [ 224.355438][ T8086] netlink: set zone limit has 8 unknown bytes [ 224.366311][ T8086] netlink: zone id is out of range [ 224.372106][ T8086] netlink: del zone limit has 4 unknown bytes [ 225.590828][ T8152] __vm_enough_memory: pid: 8152, comm: syz.3.586, bytes: 4398046511104 not enough memory for the allocation [ 225.661454][ T8145] netlink: 28 bytes leftover after parsing attributes in process `syz.2.583'. [ 226.194022][ T8158] netlink: set zone limit has 8 unknown bytes [ 226.204033][ T8158] netlink: zone id is out of range [ 226.209854][ T8158] netlink: del zone limit has 4 unknown bytes [ 226.611163][ T8182] Â: entered promiscuous mode [ 226.622227][ T8182] netlink: 20 bytes leftover after parsing attributes in process `syz.2.592'. [ 226.977456][ T8189] zswap: compressor -Ž not available [ 227.581516][ T8210] netlink: zone id is out of range [ 227.588565][ T8212] netlink: 28 bytes leftover after parsing attributes in process `syz.1.601'. [ 227.628463][ T8210] netlink: del zone limit has 4 unknown bytes [ 227.660971][ T8205] netlink: set zone limit has 8 unknown bytes [ 228.987038][ T8239] could not allocate digest TFM handle [ 230.080375][ T8272] netlink: 4 bytes leftover after parsing attributes in process `syz.1.615'. [ 230.710011][ T8279] MTRR 1 not used [ 232.426013][ T8318] ptrace attach of "./syz-executor exec"[5831] was attempted by ""[8318] [ 232.619660][ T8326] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input52 [ 232.684662][ T8314] ======================================================= [ 232.684662][ T8314] WARNING: The mand mount option has been deprecated and [ 232.684662][ T8314] and is ignored by this kernel. Remove the mand [ 232.684662][ T8314] option from the mount to silence this warning. [ 232.684662][ T8314] ======================================================= [ 233.376193][ T8329] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input53 [ 234.862656][ T8379] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 235.767255][ T8387] netlink: 12 bytes leftover after parsing attributes in process `syz.1.641'. [ 236.407464][ T8393] netlink: set zone limit has 8 unknown bytes [ 237.295363][ T8415] netlink: 252 bytes leftover after parsing attributes in process `syz.2.648'. [ 237.403574][ T8393] netlink: zone id is out of range [ 237.419110][ T8393] netlink: del zone limit has 4 unknown bytes [ 238.338273][ T8430] netlink: 28 bytes leftover after parsing attributes in process `syz.0.651'. [ 239.444622][ T30] audit: type=1800 audit(4294967301.520:3): pid=8438 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.652" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0 [ 240.638582][ T8473] netlink: zone id is out of range [ 240.648590][ T8473] netlink: del zone limit has 4 unknown bytes [ 240.768325][ T8464] netlink: set zone limit has 8 unknown bytes [ 241.311342][ T8491] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input54 [ 241.467011][ T8492] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input55 [ 241.511889][ T8491] random: crng reseeded on system resumption [ 242.398421][ T30] audit: type=1800 audit(4294967304.470:4): pid=8508 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.669" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 243.315179][ T8507] FAULT_INJECTION: forcing a failure. [ 243.315179][ T8507] name fail_futex, interval 1, probability 0, space 0, times 0 [ 243.338209][ T8507] CPU: 1 UID: 0 PID: 8507 Comm: syz.0.670 Not tainted syzkaller #0 PREEMPT(full) [ 243.338249][ T8507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 243.338266][ T8507] Call Trace: [ 243.338275][ T8507] [ 243.338285][ T8507] dump_stack_lvl+0x16c/0x1f0 [ 243.338321][ T8507] should_fail_ex+0x512/0x640 [ 243.338366][ T8507] get_futex_key+0x1d0/0x1560 [ 243.338405][ T8507] ? __pfx_get_futex_key+0x10/0x10 [ 243.338437][ T8507] ? find_held_lock+0x2b/0x80 [ 243.338466][ T8507] ? percpu_ref_put_many.constprop.0+0xc4/0x2a0 [ 243.338508][ T8507] futex_wait_setup+0x9d/0x550 [ 243.338558][ T8507] __futex_wait+0x193/0x2f0 [ 243.338600][ T8507] ? __pfx___futex_wait+0x10/0x10 [ 243.338645][ T8507] ? __pfx_futex_wake_mark+0x10/0x10 [ 243.338692][ T8507] ? futex_private_hash_put+0x176/0x300 [ 243.338726][ T8507] ? futex_private_hash_put+0x18a/0x300 [ 243.338759][ T8507] futex_wait+0xe8/0x380 [ 243.338780][ T8507] ? __pfx_futex_wait+0x10/0x10 [ 243.338838][ T8507] ? css_rstat_updated+0x1c2/0x510 [ 243.338874][ T8507] do_futex+0x229/0x350 [ 243.338911][ T8507] ? __pfx_do_futex+0x10/0x10 [ 243.338945][ T8507] ? find_held_lock+0x2b/0x80 [ 243.338973][ T8507] ? handle_mm_fault+0x2ab/0xd10 [ 243.339016][ T8507] __x64_sys_futex+0x1e0/0x4c0 [ 243.339051][ T8507] ? exc_page_fault+0x64/0xc0 [ 243.339078][ T8507] ? __pfx___x64_sys_futex+0x10/0x10 [ 243.339126][ T8507] do_syscall_64+0xcd/0xfa0 [ 243.339158][ T8507] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 243.339182][ T8507] RIP: 0033:0x7fed9ab8efc9 [ 243.339202][ T8507] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 243.339226][ T8507] RSP: 002b:00007fed9b9dd0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 243.339252][ T8507] RAX: ffffffffffffffda RBX: 00007fed9ade5fa8 RCX: 00007fed9ab8efc9 [ 243.339271][ T8507] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fed9ade5fa8 [ 243.339288][ T8507] RBP: 00007fed9ade5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 243.339305][ T8507] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 243.339320][ T8507] R13: 00007fed9ade6038 R14: 00007ffee3bb7d70 R15: 00007ffee3bb7e58 [ 243.339357][ T8507] [ 244.011058][ T8517] netlink: zone id is out of range [ 244.061350][ T8517] netlink: del zone limit has 4 unknown bytes [ 244.147581][ T8530] netlink: set zone limit has 8 unknown bytes [ 244.417804][ T8545] netlink: 8 bytes leftover after parsing attributes in process `syz.3.678'. [ 244.556502][ T8549] i2c i2c-0: delete_device: Can't find device in list [ 246.111312][ T8588] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input56 [ 246.293309][ T8593] random: crng reseeded on system resumption [ 246.519003][ T8591] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input57 [ 247.091293][ T5838] block nbd2: Receive control failed (result -107) [ 247.611179][ T8635] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input58 [ 247.754238][ T8636] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input59 [ 248.116477][ T8630] netlink: set zone limit has 8 unknown bytes [ 249.164687][ T8651] zswap: compressor not available [ 249.598644][ T8651] zswap: compressor not available [ 249.850916][ T8695] netlink: 334 bytes leftover after parsing attributes in process `syz.3.713'. [ 250.601803][ T5838] block nbd3: Receive control failed (result -107) [ 251.359745][ T8729] netlink: 4 bytes leftover after parsing attributes in process `syz.0.722'. [ 253.369404][ T8788] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input60 [ 253.594208][ T8790] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input61 [ 255.465961][ T8834] ptrace attach of "./syz-executor exec"[8836] was attempted by "./syz-executor exec"[8834] [ 255.633017][ T8847] FAULT_INJECTION: forcing a failure. [ 255.633017][ T8847] name fail_futex, interval 1, probability 0, space 0, times 0 [ 255.646119][ T8847] CPU: 0 UID: 0 PID: 8847 Comm: syz.2.750 Not tainted syzkaller #0 PREEMPT(full) [ 255.646140][ T8847] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 255.646149][ T8847] Call Trace: [ 255.646154][ T8847] [ 255.646161][ T8847] dump_stack_lvl+0x16c/0x1f0 [ 255.646181][ T8847] should_fail_ex+0x512/0x640 [ 255.646206][ T8847] get_futex_key+0x1d0/0x1560 [ 255.646228][ T8847] ? __pfx_get_futex_key+0x10/0x10 [ 255.646247][ T8847] ? import_iovec+0x86/0xb0 [ 255.646263][ T8847] futex_wake+0xea/0x530 [ 255.646286][ T8847] ? __pfx_futex_wake+0x10/0x10 [ 255.646306][ T8847] ? __pfx_vfs_writev+0x10/0x10 [ 255.646327][ T8847] do_futex+0x1e3/0x350 [ 255.646345][ T8847] ? __pfx_do_futex+0x10/0x10 [ 255.646368][ T8847] __x64_sys_futex+0x1e0/0x4c0 [ 255.646388][ T8847] ? __pfx___x64_sys_futex+0x10/0x10 [ 255.646406][ T8847] ? __pfx_do_writev+0x10/0x10 [ 255.646425][ T8847] do_syscall_64+0xcd/0xfa0 [ 255.646442][ T8847] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 255.646456][ T8847] RIP: 0033:0x7f893238efc9 [ 255.646467][ T8847] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 255.646480][ T8847] RSP: 002b:00007f89331e40e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 255.646494][ T8847] RAX: ffffffffffffffda RBX: 00007f89325e6098 RCX: 00007f893238efc9 [ 255.646503][ T8847] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f89325e609c [ 255.646511][ T8847] RBP: 00007f89325e6090 R08: 00007f8933206000 R09: 0000000000000000 [ 255.646522][ T8847] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 255.646536][ T8847] R13: 00007f89325e6128 R14: 00007ffff96951d0 R15: 00007ffff96952b8 [ 255.646567][ T8847] [ 255.939420][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.945763][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.296207][ T8846] netlink: set zone limit has 8 unknown bytes [ 257.619291][ T8885] Invalid ELF header magic: != ELF [ 258.436024][ T8902] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input62 [ 258.566833][ T8907] random: crng reseeded on system resumption [ 258.666339][ T8905] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input63 [ 258.882403][ T8909] netlink: set zone limit has 8 unknown bytes [ 260.520038][ T8945] nbd: illegal input index -560326505 [ 261.205502][ T8963] ptrace attach of "./syz-executor exec"[8965] was attempted by "./syz-executor exec"[8963] [ 261.637122][ T8955] netlink: set zone limit has 8 unknown bytes [ 261.750091][ T8970] __vm_enough_memory: pid: 8970, comm: syz.2.780, bytes: 4398046511104 not enough memory for the allocation [ 262.325198][ T8994] block nbd7: not configured, cannot reconfigure [ 264.798350][ T9022] netlink: set zone limit has 8 unknown bytes [ 266.277974][ T9048] nvme_fabrics: missing parameter 'transport=%s' [ 266.285924][ T9048] nvme_fabrics: missing parameter 'nqn=%s' [ 268.675389][ T9073] FAULT_INJECTION: forcing a failure. [ 268.675389][ T9073] name fail_futex, interval 1, probability 0, space 0, times 0 [ 268.688539][ T9073] CPU: 1 UID: 0 PID: 9073 Comm: syz.0.805 Not tainted syzkaller #0 PREEMPT(full) [ 268.688561][ T9073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 268.688569][ T9073] Call Trace: [ 268.688574][ T9073] [ 268.688580][ T9073] dump_stack_lvl+0x16c/0x1f0 [ 268.688600][ T9073] should_fail_ex+0x512/0x640 [ 268.688624][ T9073] get_futex_key+0x1d0/0x1560 [ 268.688647][ T9073] ? __pfx_get_futex_key+0x10/0x10 [ 268.688666][ T9073] ? import_iovec+0x86/0xb0 [ 268.688697][ T9073] futex_wake+0xea/0x530 [ 268.688738][ T9073] ? futex_wait+0x120/0x380 [ 268.688761][ T9073] ? __pfx_futex_wait+0x10/0x10 [ 268.688792][ T9073] ? __pfx_futex_wake+0x10/0x10 [ 268.688812][ T9073] ? __pfx_vfs_writev+0x10/0x10 [ 268.688827][ T9073] ? __might_fault+0xe3/0x190 [ 268.688840][ T9073] ? __might_fault+0x13b/0x190 [ 268.688857][ T9073] do_futex+0x1e3/0x350 [ 268.688875][ T9073] ? __pfx_do_futex+0x10/0x10 [ 268.688898][ T9073] __x64_sys_futex+0x1e0/0x4c0 [ 268.688918][ T9073] ? __pfx___x64_sys_futex+0x10/0x10 [ 268.688937][ T9073] ? __pfx_do_writev+0x10/0x10 [ 268.688956][ T9073] do_syscall_64+0xcd/0xfa0 [ 268.688973][ T9073] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 268.688987][ T9073] RIP: 0033:0x7fed9ab8efc9 [ 268.688999][ T9073] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 268.689013][ T9073] RSP: 002b:00007fed9b9dd0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 268.689026][ T9073] RAX: ffffffffffffffda RBX: 00007fed9ade5fa8 RCX: 00007fed9ab8efc9 [ 268.689036][ T9073] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fed9ade5fac [ 268.689045][ T9073] RBP: 00007fed9ade5fa0 R08: 00007fed9b9de000 R09: 0000000000000000 [ 268.689054][ T9073] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 268.689063][ T9073] R13: 00007fed9ade6038 R14: 00007ffee3bb7d70 R15: 00007ffee3bb7e58 [ 268.689082][ T9073] [ 269.371530][ T9084] netlink: 8 bytes leftover after parsing attributes in process `syz.3.807'. [ 270.159076][ T9098] bond0: option slaves: interface -Âô]àæ©=,Dçon?ïI|›a CB does not exist! [ 271.066008][ T9115] i2c i2c-0: new_device: Extra parameters [ 272.708162][ T9128] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input64 [ 273.007238][ T9130] netlink: 8 bytes leftover after parsing attributes in process `syz.2.818'. [ 273.068440][ T9123] netlink: set zone limit has 8 unknown bytes [ 273.081431][ T9129] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input65 [ 274.716410][ T30] audit: type=1800 audit(4294967336.790:5): pid=9165 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.827" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 275.231213][ T9183] netlink: 8 bytes leftover after parsing attributes in process `syz.3.829'. [ 276.842662][ T5838] block nbd4: Receive control failed (result -107) [ 276.869611][ T9224] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input66 [ 277.083513][ T9232] netlink: 8 bytes leftover after parsing attributes in process `syz.0.841'. [ 277.201546][ T9229] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input67 [ 280.334917][ T9314] zswap: compressor not available [ 280.885433][ T9333] netlink: 8 bytes leftover after parsing attributes in process `syz.3.866'. [ 281.378995][ T9345] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input68 [ 281.603799][ T9351] random: crng reseeded on system resumption [ 281.800978][ T9348] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input69 [ 282.361274][ T9361] block nbd7: not configured, cannot reconfigure [ 282.556750][ T9366] FAULT_INJECTION: forcing a failure. [ 282.556750][ T9366] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 282.581193][ T9366] CPU: 0 UID: 0 PID: 9366 Comm: syz.0.875 Not tainted syzkaller #0 PREEMPT(full) [ 282.581229][ T9366] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 282.581245][ T9366] Call Trace: [ 282.581253][ T9366] [ 282.581264][ T9366] dump_stack_lvl+0x16c/0x1f0 [ 282.581301][ T9366] should_fail_ex+0x512/0x640 [ 282.581346][ T9366] should_fail_alloc_page+0xe7/0x130 [ 282.581384][ T9366] prepare_alloc_pages+0x3c2/0x610 [ 282.581419][ T9366] ? rcu_is_watching+0x12/0xc0 [ 282.581459][ T9366] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 282.581499][ T9366] ? __lock_acquire+0x622/0x1c90 [ 282.581541][ T9366] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 282.581586][ T9366] ? __lock_acquire+0x622/0x1c90 [ 282.581626][ T9366] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 282.581671][ T9366] ? policy_nodemask+0xea/0x4e0 [ 282.581709][ T9366] alloc_pages_mpol+0x1fb/0x550 [ 282.581746][ T9366] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 282.581797][ T9366] folio_alloc_mpol_noprof+0x36/0x2f0 [ 282.581840][ T9366] vma_alloc_folio_noprof+0xed/0x1e0 [ 282.581880][ T9366] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 282.581933][ T9366] do_pte_missing+0x2202/0x3ba0 [ 282.581976][ T9366] ? find_held_lock+0x2b/0x80 [ 282.582012][ T9366] __handle_mm_fault+0x1556/0x2aa0 [ 282.582059][ T9366] ? __pfx___handle_mm_fault+0x10/0x10 [ 282.582098][ T9366] ? __pte_offset_map_lock+0x174/0x310 [ 282.582130][ T9366] ? find_held_lock+0x2b/0x80 [ 282.582168][ T9366] ? follow_page_pte+0x5cf/0x1390 [ 282.582207][ T9366] handle_mm_fault+0x589/0xd10 [ 282.582251][ T9366] __get_user_pages+0x54e/0x3530 [ 282.582302][ T9366] ? __pfx___get_user_pages+0x10/0x10 [ 282.582345][ T9366] populate_vma_page_range+0x267/0x3f0 [ 282.582383][ T9366] ? __pfx_populate_vma_page_range+0x10/0x10 [ 282.582417][ T9366] ? __pfx_find_vma_intersection+0x10/0x10 [ 282.582462][ T9366] ? do_mmap+0x69c/0x1210 [ 282.582501][ T9366] __mm_populate+0x1d8/0x380 [ 282.582540][ T9366] ? __pfx___mm_populate+0x10/0x10 [ 282.582580][ T9366] ? up_write+0x1b2/0x520 [ 282.582621][ T9366] vm_mmap_pgoff+0x37f/0x470 [ 282.582659][ T9366] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 282.582700][ T9366] ? __x64_sys_futex+0x1e0/0x4c0 [ 282.582736][ T9366] ? __x64_sys_futex+0x1e9/0x4c0 [ 282.582772][ T9366] ksys_mmap_pgoff+0x7d/0x5c0 [ 282.582804][ T9366] ? xfd_validate_state+0x61/0x180 [ 282.582836][ T9366] ? __pfx_do_writev+0x10/0x10 [ 282.582867][ T9366] __x64_sys_mmap+0x125/0x190 [ 282.582907][ T9366] do_syscall_64+0xcd/0xfa0 [ 282.582939][ T9366] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 282.582967][ T9366] RIP: 0033:0x7fed9ab8efc9 [ 282.582990][ T9366] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 282.583018][ T9366] RSP: 002b:00007fed9b99b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 282.583044][ T9366] RAX: ffffffffffffffda RBX: 00007fed9ade6180 RCX: 00007fed9ab8efc9 [ 282.583062][ T9366] RDX: 0000000000000007 RSI: 0000000000040009 RDI: 0000000000000000 [ 282.583079][ T9366] RBP: 00007fed9ac11f91 R08: 0000000000000007 R09: 0000000000028000 [ 282.583095][ T9366] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 282.583110][ T9366] R13: 00007fed9ade6218 R14: 00007fed9ade6180 R15: 00007ffee3bb7e58 [ 282.583148][ T9366] [ 283.422575][ T9368] netlink: set zone limit has 8 unknown bytes [ 283.462947][ T9368] netlink: zone id is out of range [ 283.494284][ T9368] netlink: del zone limit has 4 unknown bytes [ 284.447812][ T9395] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input70 [ 284.618970][ T9401] random: crng reseeded on system resumption [ 284.821691][ T9398] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input71 [ 285.755973][ T9422] netlink: 8 bytes leftover after parsing attributes in process `syz.1.887'. [ 286.008934][ T9414] netlink: zone id is out of range [ 286.014578][ T9414] netlink: del zone limit has 4 unknown bytes [ 286.052617][ T9417] netlink: set zone limit has 8 unknown bytes [ 287.581294][ T9459] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input72 [ 288.136709][ T9467] netlink: 8 bytes leftover after parsing attributes in process `syz.0.898'. [ 288.340403][ T9463] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input73 [ 288.922125][ T9470] netlink: zone id is out of range [ 289.037122][ T9470] netlink: del zone limit has 4 unknown bytes [ 289.064338][ T9473] netlink: set zone limit has 8 unknown bytes [ 290.186203][ T9505] netlink: 334 bytes leftover after parsing attributes in process `syz.1.910'. [ 290.401325][ T9509] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input74 [ 290.688488][ T9511] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input75 [ 290.842730][ T9509] netlink: 8 bytes leftover after parsing attributes in process `syz.0.911'. [ 294.433059][ T9579] netlink: 338 bytes leftover after parsing attributes in process `syz.0.931'. [ 294.485532][ T9579] netlink: 338 bytes leftover after parsing attributes in process `syz.0.931'. [ 295.515109][ T9598] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input76 [ 295.563220][ T9594] netlink: 186 bytes leftover after parsing attributes in process `syz.0.934'. [ 295.677274][ T9600] random: crng reseeded on system resumption [ 295.822319][ T9599] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input77 [ 297.968263][ T9639] netlink: 8 bytes leftover after parsing attributes in process `syz.3.945'. [ 299.812525][ T9689] netlink: 186 bytes leftover after parsing attributes in process `syz.1.957'. [ 299.983828][ T9680] netlink: set zone limit has 8 unknown bytes [ 300.003245][ T9680] netlink: zone id is out of range [ 300.008458][ T9680] netlink: del zone limit has 4 unknown bytes [ 300.432905][ T5838] block nbd5: Receive control failed (result -107) [ 301.873164][ T9733] netlink: 600 bytes leftover after parsing attributes in process `syz.1.968'. [ 302.222033][ T5838] block nbd6: Receive control failed (result -107) [ 303.141805][ T9768] netlink: 4 bytes leftover after parsing attributes in process `syz.2.978'. [ 304.018376][ T9787] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input78 [ 304.214850][ T9792] netlink: 8 bytes leftover after parsing attributes in process `syz.0.981'. [ 304.256568][ T9788] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input79 [ 304.477638][ T9789] netlink: zone id is out of range [ 304.493142][ T9789] netlink: del zone limit has 4 unknown bytes [ 304.535289][ T9786] netlink: set zone limit has 8 unknown bytes [ 305.552980][ T30] audit: type=1800 audit(4294967367.630:6): pid=9822 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.991" name="sda" dev="tmpfs" ino=1522 res=0 errno=0 [ 305.857629][ T9826] netlink: 334 bytes leftover after parsing attributes in process `syz.2.992'. [ 306.377909][ T9836] syz.1.995 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 306.922884][ T9838] netlink: set zone limit has 8 unknown bytes [ 306.931595][ T9838] netlink: zone id is out of range [ 306.936730][ T9838] netlink: del zone limit has 4 unknown bytes [ 307.488139][ T9844] netlink: zone id is out of range [ 307.495225][ T9848] FAULT_INJECTION: forcing a failure. [ 307.495225][ T9848] name fail_futex, interval 1, probability 0, space 0, times 0 [ 307.518949][ T9844] netlink: del zone limit has 4 unknown bytes [ 307.523483][ T9843] netlink: set zone limit has 8 unknown bytes [ 307.529885][ T9848] CPU: 0 UID: 0 PID: 9848 Comm: syz.0.999 Not tainted syzkaller #0 PREEMPT(full) [ 307.529921][ T9848] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 307.529950][ T9848] Call Trace: [ 307.529959][ T9848] [ 307.529969][ T9848] dump_stack_lvl+0x16c/0x1f0 [ 307.530006][ T9848] should_fail_ex+0x512/0x640 [ 307.530048][ T9848] get_futex_key+0x1d0/0x1560 [ 307.530095][ T9848] ? __pfx_get_futex_key+0x10/0x10 [ 307.530132][ T9848] ? import_iovec+0x86/0xb0 [ 307.530163][ T9848] futex_wake+0xea/0x530 [ 307.530197][ T9848] ? futex_wait+0x120/0x380 [ 307.530220][ T9848] ? __pfx_futex_wait+0x10/0x10 [ 307.530256][ T9848] ? __pfx_futex_wake+0x10/0x10 [ 307.530292][ T9848] ? __pfx_vfs_writev+0x10/0x10 [ 307.530320][ T9848] ? __might_fault+0xe3/0x190 [ 307.530344][ T9848] ? __might_fault+0x13b/0x190 [ 307.530376][ T9848] do_futex+0x1e3/0x350 [ 307.530410][ T9848] ? __pfx_do_futex+0x10/0x10 [ 307.530453][ T9848] __x64_sys_futex+0x1e0/0x4c0 [ 307.530491][ T9848] ? __pfx___x64_sys_futex+0x10/0x10 [ 307.530524][ T9848] ? __pfx_do_writev+0x10/0x10 [ 307.530560][ T9848] do_syscall_64+0xcd/0xfa0 [ 307.530591][ T9848] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 307.530617][ T9848] RIP: 0033:0x7fed9ab8efc9 [ 307.530637][ T9848] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 307.530663][ T9848] RSP: 002b:00007fed9b9dd0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 307.530712][ T9848] RAX: ffffffffffffffda RBX: 00007fed9ade5fa8 RCX: 00007fed9ab8efc9 [ 307.530728][ T9848] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fed9ade5fac [ 307.530741][ T9848] RBP: 00007fed9ade5fa0 R08: 00007fed9b9de000 R09: 0000000000000000 [ 307.530755][ T9848] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 307.530769][ T9848] R13: 00007fed9ade6038 R14: 00007ffee3bb7d70 R15: 00007ffee3bb7e58 [ 307.530798][ T9848] [ 308.017909][ T9857] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„ [ 308.170077][ T9859] futex_wake_op: syz.0.1001 tries to shift op by -2048; fix this program [ 308.202655][ T9859] futex_wake_op: syz.0.1001 tries to shift op by -2048; fix this program [ 308.243894][ T9864] ubi1: attaching mtd0 [ 308.272682][ T9864] ubi1: scanning is finished [ 308.277340][ T9864] ubi1: empty MTD device detected [ 308.921032][ T9864] ubi1 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt1d", error -4 [ 309.363555][ T5838] block nbd7: Receive control failed (result -107) [ 309.562486][ T9884] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1006'. [ 310.443352][ T9890] netlink: set zone limit has 8 unknown bytes [ 310.882285][ T5838] block nbd8: Receive control failed (result -107) [ 311.341021][ T9932] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1018'. [ 313.327951][ T9958] netlink: set zone limit has 8 unknown bytes [ 313.432601][ T5838] block nbd9: Receive control failed (result -107) [ 313.746729][ T9987] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input80 [ 314.046147][ T9992] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1029'. [ 314.322047][ T9988] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input81 [ 317.234652][T10061] erspan0: entered allmulticast mode [ 317.274822][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.281647][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.754668][T10075] ubi0: attaching mtd0 [ 317.760832][T10075] ubi0: scanning is finished [ 318.025876][T10075] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 318.035114][T10075] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 318.058819][T10075] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 318.065950][T10075] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 318.073958][T10075] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 318.081089][T10075] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 318.089221][T10075] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 3955668230 [ 318.099429][T10075] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 318.141713][T10081] ubi0: background thread "ubi_bgt0d" started, PID 10081 [ 318.830970][ T30] audit: type=1800 audit(4294967380.910:7): pid=10097 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1055" name="version" dev="configfs" ino=27268 res=0 errno=0 [ 318.841469][T10098] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1057'. [ 319.220349][T10108] openvswitch: netlink: Key 2 has unexpected len 12 expected 4 [ 320.197381][T10143] blkio.reset_stats is deprecated [ 322.295380][T10191] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1087'. [ 323.726447][T10211] usb usb23: usbfs: interface 0 claimed by hub while 'syz.2.1091' sets config #1 [ 325.910758][T10252] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input82 [ 326.176626][T10254] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input83 [ 326.473949][T10249] netlink: set zone limit has 8 unknown bytes [ 329.079977][T10317] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 329.280569][T10305] netlink: set zone limit has 8 unknown bytes [ 331.059832][T10358] TCP: TCP_TX_DELAY enabled [ 331.222176][T10354] netlink: set zone limit has 8 unknown bytes [ 332.454702][T10387] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1139'. [ 332.843098][T10398] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1141'. [ 333.661265][T10420] CIFS: VFS: Invalid SecurityFlags: 0 [ 333.661265][T10420] [ 333.706832][ T5838] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 333.714518][ T5838] Bluetooth: hci3: Invalid handle: 0x3a4a > 0x0eff [ 333.939435][T10415] netlink: set zone limit has 8 unknown bytes [ 334.829655][T10436] FAULT_INJECTION: forcing a failure. [ 334.829655][T10436] name failslab, interval 1, probability 0, space 0, times 0 [ 334.862838][T10436] CPU: 0 UID: 0 PID: 10436 Comm: syz.2.1149 Not tainted syzkaller #0 PREEMPT(full) [ 334.862874][T10436] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 334.862891][T10436] Call Trace: [ 334.862896][T10436] [ 334.862902][T10436] dump_stack_lvl+0x16c/0x1f0 [ 334.862923][T10436] should_fail_ex+0x512/0x640 [ 334.862945][T10436] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 334.862961][T10436] should_failslab+0xc2/0x120 [ 334.862980][T10436] kmem_cache_alloc_noprof+0x75/0x6e0 [ 334.862994][T10436] ? taskstats_exit+0x654/0xbe0 [ 334.863010][T10436] ? taskstats_exit+0x654/0xbe0 [ 334.863020][T10436] ? acct_update_integrals+0x2ce/0x4a0 [ 334.863032][T10436] taskstats_exit+0x654/0xbe0 [ 334.863046][T10436] ? __pfx_taskstats_exit+0x10/0x10 [ 334.863069][T10436] ? exit_signals+0x38e/0xb40 [ 334.863087][T10436] do_exit+0x5dc/0x2bf0 [ 334.863110][T10436] ? __pfx_do_exit+0x10/0x10 [ 334.863128][T10436] ? do_raw_spin_lock+0x12c/0x2b0 [ 334.863149][T10436] ? find_held_lock+0x2b/0x80 [ 334.863166][T10436] do_group_exit+0xd3/0x2a0 [ 334.863186][T10436] get_signal+0x2671/0x26d0 [ 334.863204][T10436] ? __fget_files+0x204/0x3c0 [ 334.863220][T10436] ? __pfx_get_signal+0x10/0x10 [ 334.863235][T10436] ? do_futex+0x122/0x350 [ 334.863254][T10436] ? __pfx_do_futex+0x10/0x10 [ 334.863274][T10436] arch_do_signal_or_restart+0x8f/0x790 [ 334.863292][T10436] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 334.863319][T10436] exit_to_user_mode_loop+0x85/0x130 [ 334.863341][T10436] do_syscall_64+0x426/0xfa0 [ 334.863358][T10436] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 334.863373][T10436] RIP: 0033:0x7f893238efc9 [ 334.863385][T10436] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 334.863398][T10436] RSP: 002b:00007f89331c30e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 334.863412][T10436] RAX: fffffffffffffe00 RBX: 00007f89325e6188 RCX: 00007f893238efc9 [ 334.863421][T10436] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f89325e6188 [ 334.863430][T10436] RBP: 00007f89325e6180 R08: 0000000000000000 R09: 0000000000000000 [ 334.863438][T10436] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 334.863446][T10436] R13: 00007f89325e6218 R14: 00007ffff96951d0 R15: 00007ffff96952b8 [ 334.863465][T10436] [ 337.025000][T10482] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input84 [ 337.168039][T10484] random: crng reseeded on system resumption [ 337.271229][T10483] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input85 [ 337.518625][T10486] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1163'. [ 337.527946][T10486] nbd: must specify a device to reconfigure [ 338.986427][T10510] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input86 [ 339.126827][T10511] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input87 [ 339.176698][T10510] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1170'. [ 339.684207][T10527] nbd: must specify a size in bytes for the device [ 339.988644][T10525] netlink: set zone limit has 8 unknown bytes [ 340.436522][T10552] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1185'. [ 340.633581][T10556] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1187'. [ 340.643168][T10556] nbd: must specify a device to reconfigure [ 340.765337][T10562] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input88 [ 340.956274][T10563] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input89 [ 341.072948][T10562] random: crng reseeded on system resumption [ 341.661388][T10579] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1194'. [ 341.713152][T10579] nbd: must specify a device to reconfigure [ 341.807616][T10583] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1203'. [ 341.843317][T10583] nbd: must specify a device to reconfigure [ 341.862489][T10580] netlink: zone id is out of range [ 341.941285][T10580] netlink: del zone limit has 4 unknown bytes [ 342.016182][T10571] netlink: set zone limit has 8 unknown bytes [ 342.606582][ T52] block nbd10: Receive control failed (result -107) [ 343.406719][T10619] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1206'. [ 343.441172][T10619] nbd: must specify a device to reconfigure [ 344.184739][T10639] netlink: set zone limit has 8 unknown bytes [ 344.215687][T10627] netlink: zone id is out of range [ 344.235852][T10627] netlink: del zone limit has 4 unknown bytes [ 344.717835][T10658] nbd: must specify a device to reconfigure [ 346.469716][T10674] FAULT_INJECTION: forcing a failure. [ 346.469716][T10674] name failslab, interval 1, probability 0, space 0, times 0 [ 346.535098][T10674] CPU: 0 UID: 0 PID: 10674 Comm: syz.0.1222 Not tainted syzkaller #0 PREEMPT(full) [ 346.535120][T10674] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 346.535129][T10674] Call Trace: [ 346.535135][T10674] [ 346.535141][T10674] dump_stack_lvl+0x16c/0x1f0 [ 346.535162][T10674] should_fail_ex+0x512/0x640 [ 346.535184][T10674] ? __kmalloc_cache_noprof+0x5f/0x780 [ 346.535208][T10674] should_failslab+0xc2/0x120 [ 346.535227][T10674] __kmalloc_cache_noprof+0x72/0x780 [ 346.535249][T10674] ? pidlist_array_load+0x529/0x9d0 [ 346.535273][T10674] ? pidlist_array_load+0x529/0x9d0 [ 346.535289][T10674] pidlist_array_load+0x529/0x9d0 [ 346.535308][T10674] ? __pfx_pidlist_array_load+0x10/0x10 [ 346.535325][T10674] ? __pfx___mutex_lock+0x10/0x10 [ 346.535350][T10674] ? kernfs_root+0xf8/0x2a0 [ 346.535371][T10674] cgroup_pidlist_start+0x3a3/0x4f0 [ 346.535390][T10674] ? __pfx_cgroup_seqfile_start+0x10/0x10 [ 346.535410][T10674] kernfs_seq_start+0x133/0x2a0 [ 346.535425][T10674] seq_read_iter+0x2c1/0x12d0 [ 346.535455][T10674] kernfs_fop_read_iter+0x46c/0x610 [ 346.535468][T10674] ? rw_verify_area+0xcf/0x6c0 [ 346.535492][T10674] vfs_read+0x8bf/0xcf0 [ 346.535516][T10674] ? __pfx___mutex_lock+0x10/0x10 [ 346.535533][T10674] ? __pfx_vfs_read+0x10/0x10 [ 346.535562][T10674] ksys_read+0x12a/0x250 [ 346.535577][T10674] ? __pfx_ksys_read+0x10/0x10 [ 346.535599][T10674] do_syscall_64+0xcd/0xfa0 [ 346.535616][T10674] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 346.535631][T10674] RIP: 0033:0x7fed9ab8efc9 [ 346.535643][T10674] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 346.535657][T10674] RSP: 002b:00007fed9b9dd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 346.535672][T10674] RAX: ffffffffffffffda RBX: 00007fed9ade5fa0 RCX: 00007fed9ab8efc9 [ 346.535681][T10674] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000007 [ 346.535690][T10674] RBP: 00007fed9ac11f91 R08: 0000000000000000 R09: 0000000000000000 [ 346.535699][T10674] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 346.535709][T10674] R13: 00007fed9ade6038 R14: 00007fed9ade5fa0 R15: 00007ffee3bb7e58 [ 346.535729][T10674] [ 347.312660][T10683] netlink: set zone limit has 8 unknown bytes [ 347.344526][T10683] netlink: zone id is out of range [ 347.349898][T10683] netlink: del zone limit has 4 unknown bytes [ 347.951859][T10702] nbd: must specify a device to reconfigure [ 348.321807][T10708] openvswitch: netlink: Flow actions attr not present in new flow. [ 348.608985][T10705] zswap: compressor not available [ 349.839050][T10735] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input90 [ 349.948941][ T52] block nbd11: Receive control failed (result -107) [ 349.972104][T10738] random: crng reseeded on system resumption [ 350.413580][T10737] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input91 [ 350.483459][ T52] block nbd12: Receive control failed (result -107) [ 351.954766][T10768] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1247'. [ 352.971176][T10783] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 352.999132][T10783] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 353.121173][T10783] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 353.138508][T10783] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 353.222908][T10783] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 353.238533][T10783] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 353.355052][T10783] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 353.384233][T10783] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 354.677856][T10808] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1257'. [ 354.788812][ T52] Bluetooth: hci0: command 0x0406 tx timeout [ 355.188930][ T52] Bluetooth: hci1: command 0x0406 tx timeout [ 355.280951][ T52] Bluetooth: hci2: command 0x0406 tx timeout [ 355.434352][ T52] Bluetooth: hci3: command 0x0406 tx timeout [ 356.062231][ T52] block nbd13: Receive control failed (result -107) [ 356.314588][T10843] netlink: zone id is out of range [ 356.351207][T10843] netlink: del zone limit has 4 unknown bytes [ 356.403227][ T52] block nbd14: Receive control failed (result -107) [ 356.406383][T10838] netlink: set zone limit has 8 unknown bytes [ 356.869267][ T52] Bluetooth: hci0: command 0x0406 tx timeout [ 357.287703][ T52] Bluetooth: hci1: command 0x0406 tx timeout [ 357.348937][ T52] Bluetooth: hci2: command 0x0406 tx timeout [ 357.515862][ T52] Bluetooth: hci3: command 0x0406 tx timeout [ 358.381296][ T52] block nbd15: Receive control failed (result -107) [ 359.982602][ T52] block nbd16: Receive control failed (result -107) [ 360.322157][ T52] block nbd17: Receive control failed (result -107) [ 362.150924][T10980] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1305'. [ 362.773983][T11000] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1310'. [ 363.527787][T11005] netlink: zone id is out of range [ 363.538963][T11005] netlink: del zone limit has 4 unknown bytes [ 363.572428][T11002] netlink: set zone limit has 8 unknown bytes [ 364.649490][T11048] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input92 [ 364.901203][T11051] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1320'. [ 365.000861][T11050] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input93 [ 367.522913][T11101] sysfs_service_op_store: Client not running :-5: [ 367.841378][T11124] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1346'. [ 368.099468][T11130] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 368.105872][T11130] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 368.115049][T11130] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 368.122385][T11130] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 368.269733][T11134] netlink: zone id is out of range [ 368.308788][T11134] netlink: del zone limit has 4 unknown bytes [ 368.322127][T11141] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input94 [ 368.377994][T11141] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input95 [ 368.403458][T11122] netlink: set zone limit has 8 unknown bytes [ 368.484357][T11145] random: crng reseeded on system resumption [ 369.270643][T11154] netlink: 'syz.2.1357': attribute type 11 has an invalid length. [ 369.283597][T11154] netlink: 'syz.2.1357': attribute type 11 has an invalid length. [ 369.322881][T11154] netlink: 'syz.2.1357': attribute type 11 has an invalid length. [ 369.415342][T11154] netlink: 'syz.2.1357': attribute type 11 has an invalid length. [ 369.436949][T11154] netlink: 'syz.2.1357': attribute type 11 has an invalid length. [ 369.461076][T11154] netlink: 'syz.2.1357': attribute type 11 has an invalid length. [ 369.539646][T11154] netlink: 'syz.2.1357': attribute type 11 has an invalid length. [ 369.555135][T11154] netlink: 'syz.2.1357': attribute type 11 has an invalid length. [ 369.580205][T11154] netlink: 'syz.2.1357': attribute type 11 has an invalid length. [ 369.679126][T11154] netlink: 'syz.2.1357': attribute type 11 has an invalid length. [ 370.078827][ T52] Bluetooth: hci0: command 0x0406 tx timeout [ 370.148852][ T52] Bluetooth: hci3: command 0x0406 tx timeout [ 370.148867][ T5838] Bluetooth: hci2: command 0x0406 tx timeout [ 370.148909][ T5838] Bluetooth: hci1: command 0x0406 tx timeout [ 370.542200][ T5838] block nbd18: Receive control failed (result -107) [ 370.606961][T11178] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 370.637696][T11178] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 370.699186][T11178] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 370.708545][T11178] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 371.087960][T11197] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 371.104403][T11197] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 371.117538][T11197] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 371.125225][T11197] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 371.349202][T11206] netlink: 252 bytes leftover after parsing attributes in process `syz.0.1379'. [ 371.358388][T11206] unsupported nla_type 65535 [ 371.680544][ T5838] block nbd19: Receive control failed (result -107) [ 372.516813][T11241] tipc: Enabling of bearer <@):^\/\> rejected, media not registered [ 372.559044][T11242] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 372.565736][T11242] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 372.573134][T11242] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 372.581763][T11242] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 373.007975][ T5838] block nbd20: Receive control failed (result -107) [ 374.548898][ T5838] Bluetooth: hci0: command 0x0406 tx timeout [ 374.629510][ T5838] Bluetooth: hci3: command 0x0406 tx timeout [ 374.629546][ T5839] Bluetooth: hci2: command 0x0406 tx timeout [ 374.635554][ T5838] Bluetooth: hci1: command 0x0406 tx timeout [ 374.932395][ T5838] block nbd21: Receive control failed (result -107) [ 375.777781][T11318] netlink: set zone limit has 8 unknown bytes [ 376.111407][T11318] netlink: zone id is out of range [ 376.149607][T11318] netlink: del zone limit has 4 unknown bytes [ 377.314275][T11369] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1413'. [ 377.770614][T11380] Unable to find swap-space signature [ 378.482388][ T5838] block nbd22: Receive control failed (result -107) [ 378.719020][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.735644][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.433950][T11420] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1426'. [ 380.013221][T11431] __vm_enough_memory: pid: 11431, comm: syz.1.1432, bytes: 4398046511104 not enough memory for the allocation [ 380.519916][T11444] mmap: syz.1.1434 (11444): VmData 46145536 exceed data ulimit 3. Update limits or use boot option ignore_rlimit_data. [ 380.659323][ T5838] block nbd23: Receive control failed (result -107) [ 381.005498][ T5838] Bluetooth: hci2: unexpected event 0x3d length: 726 > 14 [ 381.754002][T11457] netlink: set zone limit has 8 unknown bytes [ 381.777347][T11457] netlink: zone id is out of range [ 381.783505][T11457] netlink: del zone limit has 4 unknown bytes [ 384.482444][ T5838] block nbd24: Receive control failed (result -107) [ 384.613115][T11503] netlink: set zone limit has 8 unknown bytes [ 384.776589][T11516] netlink: zone id is out of range [ 384.808876][T11516] netlink: del zone limit has 4 unknown bytes [ 385.353422][T11538] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input96 [ 385.474615][T11543] random: crng reseeded on system resumption [ 385.702380][T11540] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input97 [ 386.728927][T11572] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input98 [ 386.769780][T11566] kfence: disabled [ 386.944548][T11582] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1472'. [ 387.302361][T11574] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input99 [ 388.339839][T11602] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input100 [ 388.417596][ T5838] block nbd25: Receive control failed (result -107) [ 388.511717][T11607] random: crng reseeded on system resumption [ 388.590161][T11605] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input101 [ 388.826241][T11587] kexec: Could not allocate control_code_buffer [ 390.428522][T11622] netlink: 326 bytes leftover after parsing attributes in process `syz.3.1481'. [ 391.212888][ T5838] block nbd26: Receive control failed (result -107) [ 391.550418][T11656] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input102 [ 391.638487][T11664] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1495'. [ 391.667026][T11668] random: crng reseeded on system resumption [ 391.756936][T11666] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input103 [ 392.641838][ T5838] block nbd27: Receive control failed (result -107) [ 394.086705][T11703] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input104 [ 394.222875][T11710] random: crng reseeded on system resumption [ 394.575627][T11709] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input105 [ 396.991353][T11768] netlink: set zone limit has 8 unknown bytes [ 397.716140][T11783] hub 8-0:1.0: USB hub found [ 397.742899][T11783] hub 8-0:1.0: 1 port detected [ 399.180506][T11816] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input106 [ 399.411369][T11822] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1535'. [ 399.481912][T11817] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input107 [ 400.563458][T11847] Unable to find swap-space signature [ 401.647205][T11875] ptrace attach of "./syz-executor exec"[5823] was attempted by ""[11875] [ 401.856248][T11875] ptrace attach of "./syz-executor exec"[5823] was attempted by ""[11875] [ 401.915262][T11866] netlink: set zone limit has 8 unknown bytes [ 402.224799][T11875] ptrace attach of "./syz-executor exec"[5823] was attempted by ""[11875] [ 402.320615][T11875] ptrace attach of "./syz-executor exec"[5823] was attempted by ""[11875] [ 402.379111][T11889] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input108 [ 402.510132][T11896] random: crng reseeded on system resumption [ 402.642036][T11894] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input109 [ 402.753103][T11899] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1557'. [ 404.152530][ T5838] block nbd28: Receive control failed (result -107) [ 404.677579][T11934] : Can't lookup blockdev [ 405.452498][T11938] netlink: set zone limit has 8 unknown bytes [ 405.499735][T11940] netlink: zone id is out of range [ 405.505543][T11940] netlink: del zone limit has 4 unknown bytes [ 406.672490][ T5838] block nbd29: Receive control failed (result -107) [ 406.919405][T11970] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1576'. [ 407.554357][T11958] netlink: zone id is out of range [ 407.998929][T11989] vhci_hcd: SetHubDepth req not supported for USB 2.0 roothub [ 409.362232][T12022] can: request_module (can-proto-0) failed. [ 410.511776][T12009] kexec: Could not allocate control_code_buffer [ 411.953995][T12070] netlink: 5 bytes leftover after parsing attributes in process `syz.3.1599'. [ 412.616905][ T5838] block nbd30: Receive control failed (result -107) [ 413.937770][T12101] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 414.593537][T12130] netlink: set zone limit has 8 unknown bytes [ 414.959516][T12147] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 414.969086][T12147] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 414.975347][T12147] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 414.985365][T12147] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 415.403165][T12165] input: f¬ as /devices/virtual/input/input110 [ 416.949239][ T5838] Bluetooth: hci0: command 0x0406 tx timeout [ 417.029650][ T5838] Bluetooth: hci3: command 0x0406 tx timeout [ 417.031112][ T5839] Bluetooth: hci2: command 0x0406 tx timeout [ 417.036884][ T5838] Bluetooth: hci1: command 0x0406 tx timeout [ 417.280473][T12197] FAULT_INJECTION: forcing a failure. [ 417.280473][T12197] name fail_futex, interval 1, probability 0, space 0, times 0 [ 417.298017][T12197] CPU: 1 UID: 0 PID: 12197 Comm: syz.2.1633 Not tainted syzkaller #0 PREEMPT(full) [ 417.298051][T12197] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 417.298066][T12197] Call Trace: [ 417.298074][T12197] [ 417.298083][T12197] dump_stack_lvl+0x16c/0x1f0 [ 417.298118][T12197] should_fail_ex+0x512/0x640 [ 417.298160][T12197] get_futex_key+0x293/0x1560 [ 417.298196][T12197] ? __pfx_get_futex_key+0x10/0x10 [ 417.298228][T12197] ? __mutex_trylock_common+0xe9/0x250 [ 417.298270][T12197] futex_wake+0xea/0x530 [ 417.298307][T12197] ? __pfx_futex_wake+0x10/0x10 [ 417.298335][T12197] ? __lock_acquire+0xb8a/0x1c90 [ 417.298371][T12197] do_futex+0x1e3/0x350 [ 417.298397][T12197] ? __pfx_do_futex+0x10/0x10 [ 417.298426][T12197] ? __might_fault+0xe3/0x190 [ 417.298458][T12197] mm_release+0x24e/0x300 [ 417.298487][T12197] do_exit+0x68e/0x2bf0 [ 417.298524][T12197] ? __pfx_do_exit+0x10/0x10 [ 417.298557][T12197] ? do_raw_spin_lock+0x12c/0x2b0 [ 417.298594][T12197] ? find_held_lock+0x2b/0x80 [ 417.298625][T12197] do_group_exit+0xd3/0x2a0 [ 417.298662][T12197] get_signal+0x2671/0x26d0 [ 417.298697][T12197] ? __might_fault+0x13b/0x190 [ 417.298722][T12197] ? __pfx_get_signal+0x10/0x10 [ 417.298749][T12197] ? do_futex+0x122/0x350 [ 417.298779][T12197] ? __pfx_do_futex+0x10/0x10 [ 417.298809][T12197] arch_do_signal_or_restart+0x8f/0x790 [ 417.298840][T12197] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 417.298879][T12197] ? xfd_validate_state+0x61/0x180 [ 417.298910][T12197] ? __pfx_do_writev+0x10/0x10 [ 417.298941][T12197] exit_to_user_mode_loop+0x85/0x130 [ 417.298986][T12197] do_syscall_64+0x426/0xfa0 [ 417.299017][T12197] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 417.299040][T12197] RIP: 0033:0x7f893238efc9 [ 417.299057][T12197] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 417.299079][T12197] RSP: 002b:00007f89331e40e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 417.299102][T12197] RAX: fffffffffffffe00 RBX: 00007f89325e6098 RCX: 00007f893238efc9 [ 417.299119][T12197] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f89325e6098 [ 417.299134][T12197] RBP: 00007f89325e6090 R08: 0000000000000000 R09: 0000000000000000 [ 417.299148][T12197] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 417.299160][T12197] R13: 00007f89325e6128 R14: 00007ffff96951d0 R15: 00007ffff96952b8 [ 417.299195][T12197] [ 417.338902][T12204] futex_wake_op: syz.0.1635 tries to shift op by -2048; fix this program [ 417.985195][T12209] Unable to find swap-space signature [ 418.889094][ T5838] block nbd31: Receive control failed (result -107) [ 419.981102][T12256] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1648'. [ 420.046722][T12256] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 420.157715][T12256] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 420.271568][T12256] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 420.280506][T12256] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 420.512985][T12270] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input111 [ 420.813251][ T5838] block nbd32: Receive control failed (result -107) [ 421.094990][T12273] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input112 [ 422.043157][T12301] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input113 [ 422.106595][T12303] netlink: zone id is out of range [ 422.117819][T12295] netlink: set zone limit has 8 unknown bytes [ 422.125507][T12303] netlink: del zone limit has 4 unknown bytes [ 422.203166][T12311] random: crng reseeded on system resumption [ 424.989899][T12376] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input114 [ 425.151947][T12380] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1681'. [ 425.295590][T12373] Unable to find swap-space signature [ 425.837401][ T1329] netdevsim netdevsim1335 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 426.394849][T12423] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1697'. [ 426.682966][T12415] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1692'. [ 427.253459][ T5838] block nbd33: Receive control failed (result -107) [ 427.345941][T12402] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 427.914134][T12465] WARNING! power/level is deprecated; use power/control instead [ 428.584677][ T5838] block nbd34: Receive control failed (result -107) [ 429.061349][T12500] ubi0: detaching mtd0 [ 429.115621][T12500] ubi0: mtd0 is detached [ 429.587115][T12521] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input115 [ 429.767111][T12522] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input116 [ 429.959577][T12521] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1723'. [ 430.641268][T12556] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input117 [ 430.785005][T12561] random: crng reseeded on system resumption [ 430.879468][T12560] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input118 [ 431.940080][T12584] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1738'. [ 432.814951][T12603] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1744'. [ 432.824752][T12603] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 432.832254][T12603] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 432.849677][T12603] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 432.857107][T12603] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 433.626834][T12635] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1751'. [ 434.265120][T12653] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1758'. [ 434.637908][T12672] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1763'. [ 435.278011][T12684] netlink: zone id is out of range [ 435.347399][T12684] netlink: del zone limit has 4 unknown bytes [ 435.393185][T12678] netlink: set zone limit has 8 unknown bytes [ 435.983458][T12710] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input119 [ 436.003848][ T5838] block nbd35: Receive control failed (result -107) [ 436.037068][T12711] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input120 [ 437.089317][T12738] nbd0: detected capacity change from 0 to 98304 [ 437.117901][ T5826] block nbd0: Dead connection, failed to find a fallback [ 437.260444][ T5826] block nbd0: shutting down sockets [ 437.273547][ T5826] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 437.334356][ T5826] Buffer I/O error on dev nbd0, logical block 0, async page read [ 437.384234][ T5826] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 437.407993][ T5826] Buffer I/O error on dev nbd0, logical block 0, async page read [ 437.442089][ T5826] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 437.463469][ T5826] Buffer I/O error on dev nbd0, logical block 0, async page read [ 437.481657][ T5826] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 437.500996][ T5826] Buffer I/O error on dev nbd0, logical block 0, async page read [ 437.532161][ T5826] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 437.560035][ T5826] Buffer I/O error on dev nbd0, logical block 0, async page read [ 437.576537][ T5826] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 437.598740][ T5826] Buffer I/O error on dev nbd0, logical block 0, async page read [ 437.619132][ T5826] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 437.652544][ T5826] Buffer I/O error on dev nbd0, logical block 0, async page read [ 437.681991][ T5826] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 437.711879][ T5826] Buffer I/O error on dev nbd0, logical block 0, async page read [ 437.739403][ T5826] ldm_validate_partition_table(): Disk read failed. [ 437.769146][ T5826] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 437.796122][ T5826] Buffer I/O error on dev nbd0, logical block 0, async page read [ 437.817523][ T5826] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 437.842780][ T5826] Buffer I/O error on dev nbd0, logical block 0, async page read [ 437.865140][ T5826] Dev nbd0: unable to read RDB block 0 [ 437.878468][ T5826] nbd0: unable to read partition table [ 437.932904][ T5826] ldm_validate_partition_table(): Disk read failed. [ 437.948397][ T5826] Dev nbd0: unable to read RDB block 0 [ 437.960229][ T5826] nbd0: unable to read partition table [ 438.618909][T12757] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input121 [ 438.825616][T12760] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input122 [ 439.087341][T12771] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input123 [ 439.320247][T12782] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1791'. [ 439.532592][T12775] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input124 [ 440.153926][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.162955][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.262014][T12789] ima: policy update failed [ 440.263080][ T30] audit: type=1802 audit(4294967399.250:8): pid=12789 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.1794" res=0 errno=0 [ 440.603806][ T5838] block nbd36: Receive control failed (result -107) [ 440.775256][T12801] netlink: set zone limit has 8 unknown bytes [ 440.796686][T12801] netlink: zone id is out of range [ 440.824491][T12801] netlink: del zone limit has 4 unknown bytes [ 441.112840][T12815] nbd0: detected capacity change from 98304 to 6442450944 [ 441.126969][ T5826] ldm_validate_partition_table(): Disk read failed. [ 441.149491][ T5826] Dev nbd0: unable to read RDB block 0 [ 441.164189][ T5826] nbd0: unable to read partition table [ 441.206738][ T5826] ldm_validate_partition_table(): Disk read failed. [ 441.242861][ T5826] Dev nbd0: unable to read RDB block 0 [ 441.270155][ T5826] nbd0: unable to read partition table [ 441.282154][T12824] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1804'. [ 441.748554][T12834] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1807'. [ 442.134296][ T5838] block nbd37: Receive control failed (result -107) [ 442.557291][T12853] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input125 [ 442.681026][T12857] random: crng reseeded on system resumption [ 442.855188][T12855] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input126 [ 443.289241][T12869] nbd0: detected capacity change from 6442450944 to 25165824 [ 443.299049][ T5826] blk_print_req_error: 58 callbacks suppressed [ 443.299069][ T5826] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 443.338789][ T5826] buffer_io_error: 56 callbacks suppressed [ 443.338810][ T5826] Buffer I/O error on dev nbd0, logical block 0, async page read [ 443.377154][ T5826] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 443.428938][ T5826] Buffer I/O error on dev nbd0, logical block 0, async page read [ 443.450989][T12858] netlink: zone id is out of range [ 443.452710][ T5826] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 443.480786][ T5826] Buffer I/O error on dev nbd0, logical block 0, async page read [ 443.488975][ T5826] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 443.498037][ T5826] Buffer I/O error on dev nbd0, logical block 0, async page read [ 443.506275][ T5826] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 443.515502][ T5826] Buffer I/O error on dev nbd0, logical block 0, async page read [ 443.523641][ T5826] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 443.529392][T12858] netlink: del zone limit has 4 unknown bytes [ 443.539077][ T5826] Buffer I/O error on dev nbd0, logical block 0, async page read [ 443.547187][ T5826] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 443.572130][T12856] netlink: set zone limit has 8 unknown bytes [ 443.617269][ T5826] Buffer I/O error on dev nbd0, logical block 0, async page read [ 443.654301][T12879] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1819'. [ 443.665551][ T5826] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 443.687975][ T5826] Buffer I/O error on dev nbd0, logical block 0, async page read [ 443.813538][ T5826] ldm_validate_partition_table(): Disk read failed. [ 443.821180][ T5826] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 443.831006][ T5826] Buffer I/O error on dev nbd0, logical block 0, async page read [ 443.866368][ T5826] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 443.895764][ T5826] Buffer I/O error on dev nbd0, logical block 0, async page read [ 444.060615][ T5826] Dev nbd0: unable to read RDB block 0 [ 444.080412][ T5826] nbd0: unable to read partition table [ 444.110052][ T5826] ldm_validate_partition_table(): Disk read failed. [ 444.262928][ T5826] Dev nbd0: unable to read RDB block 0 [ 444.286668][ T5826] nbd0: unable to read partition table [ 444.352425][T12889] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1822'. [ 444.508763][T12892] nbd0: detected capacity change from 25165824 to 0 [ 444.963715][ T5838] block nbd38: Receive control failed (result -107) [ 446.488536][T12941] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1832'. [ 447.102695][T12942] netlink: set zone limit has 8 unknown bytes [ 447.317878][T12942] netlink: zone id is out of range [ 447.338905][T12942] netlink: del zone limit has 4 unknown bytes [ 447.673170][ T5838] block nbd39: Receive control failed (result -107) [ 449.023005][T12998] netlink: set zone limit has 8 unknown bytes [ 449.042852][ T5838] block nbd40: Receive control failed (result -107) [ 449.120748][ T5838] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 449.120785][ T5838] Bluetooth: hci2: unexpected subevent 0x0e length: 725 > 15 [ 449.135799][ T5838] Bluetooth: hci2: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 449.369032][T13020] nbd0: detected capacity change from 0 to 422212465065984 [ 449.410282][ T6063] blk_print_req_error: 24 callbacks suppressed [ 449.410296][ T6063] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 449.490415][ T6063] buffer_io_error: 23 callbacks suppressed [ 449.490434][ T6063] Buffer I/O error on dev nbd0, logical block 0, async page read [ 449.510794][ T6063] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 449.523138][ T6063] Buffer I/O error on dev nbd0, logical block 0, async page read [ 449.602344][ T6063] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 449.655601][ T6063] Buffer I/O error on dev nbd0, logical block 0, async page read [ 449.664833][ T6063] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 449.678801][ T6063] Buffer I/O error on dev nbd0, logical block 0, async page read [ 449.713558][ T6063] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 449.754817][ T6063] Buffer I/O error on dev nbd0, logical block 0, async page read [ 449.827075][ T6063] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 449.888325][ T6063] Buffer I/O error on dev nbd0, logical block 0, async page read [ 449.979130][ T6063] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 449.988185][ T6063] Buffer I/O error on dev nbd0, logical block 0, async page read [ 450.059357][ T6063] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 450.294369][ T6063] Buffer I/O error on dev nbd0, logical block 0, async page read [ 450.302497][ T6063] ldm_validate_partition_table(): Disk read failed. [ 450.310273][ T6063] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 450.320752][ T6063] Buffer I/O error on dev nbd0, logical block 0, async page read [ 450.328990][ T6063] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 450.338247][ T6063] Buffer I/O error on dev nbd0, logical block 0, async page read [ 450.346987][ T6063] Dev nbd0: unable to read RDB block 0 [ 450.353327][ T6063] nbd0: unable to read partition table [ 450.364772][ T6063] ldm_validate_partition_table(): Disk read failed. [ 450.376710][ T6063] Dev nbd0: unable to read RDB block 0 [ 450.387250][ T6063] nbd0: unable to read partition table [ 450.484031][T13039] FAULT_INJECTION: forcing a failure. [ 450.484031][T13039] name fail_futex, interval 1, probability 0, space 0, times 0 [ 450.506214][T13039] CPU: 1 UID: 0 PID: 13039 Comm: syz.2.1856 Not tainted syzkaller #0 PREEMPT(full) [ 450.506276][T13039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 450.506305][T13039] Call Trace: [ 450.506320][T13039] [ 450.506339][T13039] dump_stack_lvl+0x16c/0x1f0 [ 450.506375][T13039] should_fail_ex+0x512/0x640 [ 450.506415][T13039] get_futex_key+0xff0/0x1560 [ 450.506452][T13039] ? __pfx_get_futex_key+0x10/0x10 [ 450.506484][T13039] ? __mutex_trylock_common+0xe9/0x250 [ 450.506529][T13039] futex_wake+0xea/0x530 [ 450.506569][T13039] ? __pfx_futex_wake+0x10/0x10 [ 450.506604][T13039] ? __lock_acquire+0xb8a/0x1c90 [ 450.506661][T13039] do_futex+0x1e3/0x350 [ 450.506694][T13039] ? __pfx_do_futex+0x10/0x10 [ 450.506724][T13039] ? __might_fault+0xe3/0x190 [ 450.506760][T13039] mm_release+0x24e/0x300 [ 450.506790][T13039] do_exit+0x68e/0x2bf0 [ 450.506830][T13039] ? __pfx_do_exit+0x10/0x10 [ 450.506863][T13039] ? do_raw_spin_lock+0x12c/0x2b0 [ 450.506898][T13039] ? find_held_lock+0x2b/0x80 [ 450.506929][T13039] do_group_exit+0xd3/0x2a0 [ 450.506966][T13039] get_signal+0x2671/0x26d0 [ 450.507008][T13039] ? __pfx_get_signal+0x10/0x10 [ 450.507036][T13039] ? do_futex+0x122/0x350 [ 450.507068][T13039] ? __pfx_do_futex+0x10/0x10 [ 450.507105][T13039] arch_do_signal_or_restart+0x8f/0x790 [ 450.507138][T13039] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 450.507178][T13039] ? __pfx_do_pwritev+0x10/0x10 [ 450.507211][T13039] exit_to_user_mode_loop+0x85/0x130 [ 450.507250][T13039] do_syscall_64+0x426/0xfa0 [ 450.507280][T13039] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 450.507307][T13039] RIP: 0033:0x7f893238efc9 [ 450.507327][T13039] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 450.507351][T13039] RSP: 002b:00007f89331a20e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 450.507375][T13039] RAX: fffffffffffffe00 RBX: 00007f89325e6278 RCX: 00007f893238efc9 [ 450.507393][T13039] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f89325e6278 [ 450.507408][T13039] RBP: 00007f89325e6270 R08: 0000000000000000 R09: 0000000000000000 [ 450.507423][T13039] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 450.507438][T13039] R13: 00007f89325e6308 R14: 00007ffff96951d0 R15: 00007ffff96952b8 [ 450.507473][T13039] [ 451.587294][T13064] netlink: zone id is out of range [ 451.598168][T13055] netlink: set zone limit has 8 unknown bytes [ 451.617692][T13064] netlink: del zone limit has 4 unknown bytes [ 451.799388][T13068] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1864'. [ 453.058991][T13089] FAULT_INJECTION: forcing a failure. [ 453.058991][T13089] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 453.072973][T13089] CPU: 0 UID: 0 PID: 13089 Comm: syz.2.1869 Not tainted syzkaller #0 PREEMPT(full) [ 453.073007][T13089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 453.073022][T13089] Call Trace: [ 453.073030][T13089] [ 453.073039][T13089] dump_stack_lvl+0x16c/0x1f0 [ 453.073070][T13089] should_fail_ex+0x512/0x640 [ 453.073110][T13089] _copy_from_user+0x2e/0xd0 [ 453.073144][T13089] move_addr_to_kernel+0x65/0x170 [ 453.073176][T13089] __copy_msghdr+0x386/0x470 [ 453.073197][T13089] copy_msghdr_from_user+0xc1/0x160 [ 453.073220][T13089] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 453.073250][T13089] ? __pfx_futex_wake_mark+0x10/0x10 [ 453.073291][T13089] ___sys_sendmsg+0xfe/0x1d0 [ 453.073311][T13089] ? futex_private_hash_put+0x176/0x300 [ 453.073338][T13089] ? __pfx____sys_sendmsg+0x10/0x10 [ 453.073356][T13089] ? __lock_acquire+0x622/0x1c90 [ 453.073439][T13089] __sys_sendmsg+0x16d/0x220 [ 453.073465][T13089] ? __pfx___sys_sendmsg+0x10/0x10 [ 453.073489][T13089] ? __x64_sys_futex+0x1e0/0x4c0 [ 453.073537][T13089] do_syscall_64+0xcd/0xfa0 [ 453.073573][T13089] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 453.073600][T13089] RIP: 0033:0x7f893238efc9 [ 453.073620][T13089] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 453.073651][T13089] RSP: 002b:00007f8933205038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 453.073673][T13089] RAX: ffffffffffffffda RBX: 00007f89325e5fa0 RCX: 00007f893238efc9 [ 453.073689][T13089] RDX: 0000000004008881 RSI: 0000200000000500 RDI: 0000000000000003 [ 453.073703][T13089] RBP: 00007f8932411f91 R08: 0000000000000000 R09: 0000000000000000 [ 453.073718][T13089] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 453.073731][T13089] R13: 00007f89325e6038 R14: 00007f89325e5fa0 R15: 00007ffff96952b8 [ 453.073765][T13089] [ 454.301106][ T5838] block nbd41: Receive control failed (result -107) [ 455.876888][T13122] netlink: zone id is out of range [ 455.959373][T13122] netlink: del zone limit has 4 unknown bytes [ 456.042466][T13117] netlink: set zone limit has 8 unknown bytes [ 456.443400][T13132] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input127 [ 456.566906][T13138] random: crng reseeded on system resumption [ 456.657706][T13136] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input128 [ 457.468261][T13149] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1884'. [ 458.614362][T13166] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1888'. [ 459.687597][T13176] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input129 [ 459.750447][T13178] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1892'. [ 459.819255][T13184] random: crng reseeded on system resumption [ 459.942431][T13181] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input130 [ 460.480185][T13198] netlink: 79 bytes leftover after parsing attributes in process `syz.1.1896'. [ 460.499158][T13198] openvswitch: netlink: Flow key attr not present in new flow. [ 461.019081][T13206] nbd0: detected capacity change from 422212465065984 to 0 [ 461.273957][T13207] netlink: zone id is out of range [ 461.319689][T13207] netlink: del zone limit has 4 unknown bytes [ 461.389863][T13203] netlink: set zone limit has 8 unknown bytes [ 462.751332][ T5838] block nbd42: Receive control failed (result -107) [ 464.382812][T13275] Invalid ELF header magic: != ELF [ 464.598887][T13279] netlink: zone id is out of range [ 464.667618][T13279] netlink: del zone limit has 4 unknown bytes [ 464.782726][T13264] netlink: set zone limit has 8 unknown bytes [ 465.415398][T13305] FAULT_INJECTION: forcing a failure. [ 465.415398][T13305] name fail_futex, interval 1, probability 0, space 0, times 0 [ 465.432604][T13305] CPU: 0 UID: 0 PID: 13305 Comm: syz.0.1929 Not tainted syzkaller #0 PREEMPT(full) [ 465.432638][T13305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 465.432652][T13305] Call Trace: [ 465.432660][T13305] [ 465.432671][T13305] dump_stack_lvl+0x16c/0x1f0 [ 465.432705][T13305] should_fail_ex+0x512/0x640 [ 465.432747][T13305] get_futex_key+0x1d0/0x1560 [ 465.432783][T13305] ? __pfx_get_futex_key+0x10/0x10 [ 465.432819][T13305] ? import_iovec+0x86/0xb0 [ 465.432849][T13305] futex_wake+0xea/0x530 [ 465.432880][T13305] ? futex_wait+0x120/0x380 [ 465.432902][T13305] ? __pfx_futex_wait+0x10/0x10 [ 465.432940][T13305] ? __pfx_futex_wake+0x10/0x10 [ 465.432966][T13305] ? __pfx_vfs_writev+0x10/0x10 [ 465.432981][T13305] ? __might_fault+0xe3/0x190 [ 465.432993][T13305] ? __might_fault+0x13b/0x190 [ 465.433010][T13305] do_futex+0x1e3/0x350 [ 465.433028][T13305] ? __pfx_do_futex+0x10/0x10 [ 465.433051][T13305] __x64_sys_futex+0x1e0/0x4c0 [ 465.433072][T13305] ? __pfx___x64_sys_futex+0x10/0x10 [ 465.433090][T13305] ? __pfx_do_writev+0x10/0x10 [ 465.433109][T13305] do_syscall_64+0xcd/0xfa0 [ 465.433126][T13305] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 465.433140][T13305] RIP: 0033:0x7fed9ab8efc9 [ 465.433152][T13305] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 465.433166][T13305] RSP: 002b:00007fed9b9dd0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 465.433180][T13305] RAX: ffffffffffffffda RBX: 00007fed9ade5fa8 RCX: 00007fed9ab8efc9 [ 465.433190][T13305] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fed9ade5fac [ 465.433198][T13305] RBP: 00007fed9ade5fa0 R08: 00007fed9b9de000 R09: 0000000000000000 [ 465.433206][T13305] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 465.433215][T13305] R13: 00007fed9ade6038 R14: 00007ffee3bb7d70 R15: 00007ffee3bb7e58 [ 465.433241][T13305] [ 465.946424][T13314] FAULT_INJECTION: forcing a failure. [ 465.946424][T13314] name failslab, interval 1, probability 0, space 0, times 0 [ 466.125681][T13314] CPU: 0 UID: 0 PID: 13314 Comm: syz.2.1931 Not tainted syzkaller #0 PREEMPT(full) [ 466.125722][T13314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 466.125740][T13314] Call Trace: [ 466.125749][T13314] [ 466.125760][T13314] dump_stack_lvl+0x16c/0x1f0 [ 466.125793][T13314] should_fail_ex+0x512/0x640 [ 466.125831][T13314] ? __kmalloc_noprof+0xca/0x880 [ 466.125874][T13314] should_failslab+0xc2/0x120 [ 466.125909][T13314] __kmalloc_noprof+0xdd/0x880 [ 466.125947][T13314] ? lsm_blob_alloc+0x68/0x90 [ 466.125983][T13314] ? lsm_blob_alloc+0x68/0x90 [ 466.126010][T13314] lsm_blob_alloc+0x68/0x90 [ 466.126042][T13314] security_sk_alloc+0x30/0x270 [ 466.126076][T13314] sk_prot_alloc+0xfb/0x2a0 [ 466.126109][T13314] sk_alloc+0x36/0xc20 [ 466.126167][T13314] unix_create1+0xa6/0x700 [ 466.126206][T13314] unix_create+0x110/0x270 [ 466.126242][T13314] __sock_create+0x338/0x8d0 [ 466.126283][T13314] __sys_socketpair+0x25c/0x5a0 [ 466.126321][T13314] ? __pfx___sys_socketpair+0x10/0x10 [ 466.126358][T13314] ? xfd_validate_state+0x61/0x180 [ 466.126389][T13314] ? __pfx_do_writev+0x10/0x10 [ 466.126423][T13314] __x64_sys_socketpair+0x96/0x100 [ 466.126458][T13314] ? lockdep_hardirqs_on+0x7c/0x110 [ 466.126486][T13314] do_syscall_64+0xcd/0xfa0 [ 466.126517][T13314] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 466.126543][T13314] RIP: 0033:0x7f893238efc9 [ 466.126565][T13314] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 466.126592][T13314] RSP: 002b:00007f8933205038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 466.126617][T13314] RAX: ffffffffffffffda RBX: 00007f89325e5fa0 RCX: 00007f893238efc9 [ 466.126636][T13314] RDX: 8000000000000000 RSI: 0000000000000001 RDI: 0000000000000001 [ 466.126653][T13314] RBP: 00007f8932411f91 R08: 0000000000000000 R09: 0000000000000000 [ 466.126669][T13314] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 466.126686][T13314] R13: 00007f89325e6038 R14: 00007f89325e5fa0 R15: 00007ffff96952b8 [ 466.126725][T13314] [ 466.146266][T13313] zswap: compressor not available [ 466.830214][T13323] netlink: set zone limit has 8 unknown bytes [ 466.857225][T13323] netlink: zone id is out of range [ 466.868773][T13323] netlink: del zone limit has 4 unknown bytes [ 467.300578][T13313] [ 467.302956][T13313] ====================================================== [ 467.309978][T13313] WARNING: possible circular locking dependency detected [ 467.316992][T13313] syzkaller #0 Not tainted [ 467.321409][T13313] ------------------------------------------------------ [ 467.328418][T13313] syz.0.1930/13313 is trying to acquire lock: [ 467.334476][T13313] ffff888140450220 (&root->kernfs_iattr_rwsem){++++}-{4:4}, at: kernfs_unlink_sibling+0xa3/0x320 [ 467.345020][T13313] [ 467.345020][T13313] but task is already holding lock: [ 467.352398][T13313] ffff888140450188 (&root->kernfs_rwsem){++++}-{4:4}, at: kernfs_remove_by_name_ns+0x3d/0x110 [ 467.362717][T13313] [ 467.362717][T13313] which lock already depends on the new lock. [ 467.362717][T13313] [ 467.373115][T13313] [ 467.373115][T13313] the existing dependency chain (in reverse order) is: [ 467.382124][T13313] [ 467.382124][T13313] -> #11 (&root->kernfs_rwsem){++++}-{4:4}: [ 467.390301][T13313] down_write+0x92/0x200 [ 467.395078][T13313] kernfs_add_one+0x38/0x840 [ 467.400202][T13313] kernfs_create_dir_ns+0xfc/0x1a0 [ 467.405846][T13313] internal_create_group+0x34d/0xf30 [ 467.411664][T13313] cpuhp_invoke_callback+0x3d5/0xa10 [ 467.417472][T13313] cpuhp_issue_call+0x1c0/0x980 [ 467.422853][T13313] __cpuhp_setup_state_cpuslocked+0x3a1/0x7b0 [ 467.429713][T13313] __cpuhp_setup_state+0xf4/0x300 [ 467.435264][T13313] do_one_initcall+0x123/0x6e0 [ 467.440562][T13313] kernel_init_freeable+0x5c8/0x920 [ 467.446294][T13313] kernel_init+0x1c/0x2b0 [ 467.451155][T13313] ret_from_fork+0x675/0x7d0 [ 467.456275][T13313] ret_from_fork_asm+0x1a/0x30 [ 467.461569][T13313] [ 467.461569][T13313] -> #10 (cpuhp_state_mutex){+.+.}-{4:4}: [ 467.469485][T13313] [ 467.469485][T13313] -> #9 (cpu_hotplug_lock){++++}-{0:0}: [ 467.477249][T13313] cpus_read_lock+0x42/0x160 [ 467.482369][T13313] static_key_enable+0x12/0x20 [ 467.487668][T13313] do_tcp_setsockopt+0x1ce9/0x2500 [ 467.493324][T13313] tcp_setsockopt+0xe2/0x100 [ 467.498446][T13313] smc_setsockopt+0x1b6/0xa00 [ 467.503655][T13313] do_sock_setsockopt+0xf3/0x1d0 [ 467.509113][T13313] __sys_setsockopt+0x120/0x1a0 [ 467.514498][T13313] __x64_sys_setsockopt+0xbd/0x160 [ 467.520143][T13313] do_syscall_64+0xcd/0xfa0 [ 467.525176][T13313] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 467.531595][T13313] [ 467.531595][T13313] -> #8 (k-sk_lock-AF_INET){+.+.}-{0:0}: [ 467.539421][T13313] lock_sock_nested+0x41/0xf0 [ 467.544621][T13313] __inet_bind+0x893/0xc50 [ 467.549564][T13313] inet_bind_sk+0xb8/0xf0 [ 467.554435][T13313] mptcp_bind+0x18e/0x1e0 [ 467.559301][T13313] __sys_bind+0x1a7/0x260 [ 467.564167][T13313] __x64_sys_bind+0x72/0xb0 [ 467.569196][T13313] do_syscall_64+0xcd/0xfa0 [ 467.574219][T13313] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 467.580635][T13313] [ 467.580635][T13313] -> #7 (sk_lock-AF_INET){+.+.}-{0:0}: [ 467.588284][T13313] lock_sock_nested+0x41/0xf0 [ 467.593515][T13313] inet_shutdown+0x67/0x440 [ 467.598547][T13313] nbd_mark_nsock_dead+0xae/0x5d0 [ 467.604183][T13313] recv_work+0x671/0xa80 [ 467.608953][T13313] process_one_work+0x9cf/0x1b70 [ 467.614421][T13313] worker_thread+0x6c8/0xf10 [ 467.619543][T13313] kthread+0x3c5/0x780 [ 467.624142][T13313] ret_from_fork+0x675/0x7d0 [ 467.629353][T13313] ret_from_fork_asm+0x1a/0x30 [ 467.634742][T13313] [ 467.634742][T13313] -> #6 (&nsock->tx_lock){+.+.}-{4:4}: [ 467.642394][T13313] __mutex_lock+0x193/0x1060 [ 467.647516][T13313] nbd_queue_rq+0x423/0x12d0 [ 467.652636][T13313] blk_mq_dispatch_rq_list+0x416/0x1e20 [ 467.658707][T13313] __blk_mq_sched_dispatch_requests+0xcb7/0x15f0 [ 467.665648][T13313] blk_mq_sched_dispatch_requests+0xd8/0x1b0 [ 467.672147][T13313] blk_mq_run_hw_queue+0x239/0x670 [ 467.677791][T13313] blk_mq_dispatch_list+0x514/0x1310 [ 467.683597][T13313] blk_mq_flush_plug_list+0x130/0x600 [ 467.689504][T13313] __blk_flush_plug+0x2c4/0x4b0 [ 467.694871][T13313] __submit_bio+0x545/0x690 [ 467.699897][T13313] submit_bio_noacct_nocheck+0x53d/0xc10 [ 467.706054][T13313] submit_bio_noacct+0x5bd/0x1f60 [ 467.711598][T13313] block_read_full_folio+0x4db/0x850 [ 467.717428][T13313] filemap_read_folio+0xc8/0x2a0 [ 467.722899][T13313] do_read_cache_folio+0x263/0x5c0 [ 467.728544][T13313] read_part_sector+0xd4/0x370 [ 467.733941][T13313] adfspart_check_ICS+0x93/0x940 [ 467.739406][T13313] bdev_disk_changed+0x723/0x1520 [ 467.744969][T13313] blkdev_get_whole+0x187/0x290 [ 467.750352][T13313] bdev_open+0x2c7/0xe40 [ 467.755114][T13313] blkdev_open+0x34e/0x4f0 [ 467.760054][T13313] do_dentry_open+0x982/0x1530 [ 467.765341][T13313] vfs_open+0x82/0x3f0 [ 467.769935][T13313] path_openat+0x1de4/0x2cb0 [ 467.775047][T13313] do_filp_open+0x20b/0x470 [ 467.780112][T13313] do_sys_openat2+0x11b/0x1d0 [ 467.785321][T13313] __x64_sys_openat+0x174/0x210 [ 467.790710][T13313] do_syscall_64+0xcd/0xfa0 [ 467.795738][T13313] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 467.802328][T13313] [ 467.802328][T13313] -> #5 (&cmd->lock){+.+.}-{4:4}: [ 467.809549][T13313] __mutex_lock+0x193/0x1060 [ 467.814732][T13313] nbd_queue_rq+0xbd/0x12d0 [ 467.819827][T13313] blk_mq_dispatch_rq_list+0x416/0x1e20 [ 467.825915][T13313] __blk_mq_sched_dispatch_requests+0xcb7/0x15f0 [ 467.832777][T13313] blk_mq_sched_dispatch_requests+0xd8/0x1b0 [ 467.839291][T13313] blk_mq_run_hw_queue+0x239/0x670 [ 467.844941][T13313] blk_mq_dispatch_list+0x514/0x1310 [ 467.850759][T13313] blk_mq_flush_plug_list+0x130/0x600 [ 467.856681][T13313] __blk_flush_plug+0x2c4/0x4b0 [ 467.862053][T13313] __submit_bio+0x545/0x690 [ 467.867091][T13313] submit_bio_noacct_nocheck+0x53d/0xc10 [ 467.873336][T13313] submit_bio_noacct+0x5bd/0x1f60 [ 467.878889][T13313] block_read_full_folio+0x4db/0x850 [ 467.884704][T13313] filemap_read_folio+0xc8/0x2a0 [ 467.890161][T13313] do_read_cache_folio+0x263/0x5c0 [ 467.895796][T13313] read_part_sector+0xd4/0x370 [ 467.901116][T13313] adfspart_check_ICS+0x93/0x940 [ 467.906569][T13313] bdev_disk_changed+0x723/0x1520 [ 467.912122][T13313] blkdev_get_whole+0x187/0x290 [ 467.917507][T13313] bdev_open+0x2c7/0xe40 [ 467.922272][T13313] blkdev_open+0x34e/0x4f0 [ 467.927210][T13313] do_dentry_open+0x982/0x1530 [ 467.932501][T13313] vfs_open+0x82/0x3f0 [ 467.937100][T13313] path_openat+0x1de4/0x2cb0 [ 467.942212][T13313] do_filp_open+0x20b/0x470 [ 467.947242][T13313] do_sys_openat2+0x11b/0x1d0 [ 467.952457][T13313] __x64_sys_openat+0x174/0x210 [ 467.957839][T13313] do_syscall_64+0xcd/0xfa0 [ 467.962866][T13313] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 467.969281][T13313] [ 467.969281][T13313] -> #4 (set->srcu){.+.+}-{0:0}: [ 467.976424][T13313] __synchronize_srcu+0xa1/0x290 [ 467.981895][T13313] blk_mq_quiesce_queue+0x149/0x1b0 [ 467.987623][T13313] elevator_switch+0x17d/0x810 [ 467.992917][T13313] elevator_change+0x391/0x5d0 [ 467.998209][T13313] elevator_set_default+0x2e9/0x380 [ 468.003933][T13313] blk_register_queue+0x384/0x4e0 [ 468.009486][T13313] __add_disk+0x74a/0xf00 [ 468.014340][T13313] add_disk_fwnode+0x13f/0x5d0 [ 468.019627][T13313] nbd_dev_add+0x783/0xbb0 [ 468.024575][T13313] nbd_init+0x1a2/0x3c0 [ 468.029264][T13313] do_one_initcall+0x123/0x6e0 [ 468.034579][T13313] kernel_init_freeable+0x5c8/0x920 [ 468.040306][T13313] kernel_init+0x1c/0x2b0 [ 468.045168][T13313] ret_from_fork+0x675/0x7d0 [ 468.050294][T13313] ret_from_fork_asm+0x1a/0x30 [ 468.055591][T13313] [ 468.055591][T13313] -> #3 (&q->elevator_lock){+.+.}-{4:4}: [ 468.063418][T13313] __mutex_lock+0x193/0x1060 [ 468.068585][T13313] elevator_change+0x17d/0x5d0 [ 468.073885][T13313] elv_iosched_store+0x315/0x3c0 [ 468.079341][T13313] queue_attr_store+0x26b/0x310 [ 468.084718][T13313] sysfs_kf_write+0xf2/0x150 [ 468.089920][T13313] kernfs_fop_write_iter+0x3af/0x570 [ 468.095747][T13313] vfs_write+0x7d3/0x11d0 [ 468.100602][T13313] ksys_write+0x12a/0x250 [ 468.105456][T13313] do_syscall_64+0xcd/0xfa0 [ 468.110827][T13313] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 468.117255][T13313] [ 468.117255][T13313] -> #2 (&q->q_usage_counter(io)#62){++++}-{0:0}: [ 468.125871][T13313] blk_alloc_queue+0x619/0x760 [ 468.131173][T13313] blk_mq_alloc_queue+0x172/0x280 [ 468.137260][T13313] __blk_mq_alloc_disk+0x29/0x120 [ 468.142814][T13313] nbd_dev_add+0x492/0xbb0 [ 468.147761][T13313] nbd_init+0x1a2/0x3c0 [ 468.152460][T13313] do_one_initcall+0x123/0x6e0 [ 468.157751][T13313] kernel_init_freeable+0x5c8/0x920 [ 468.163478][T13313] kernel_init+0x1c/0x2b0 [ 468.168341][T13313] ret_from_fork+0x675/0x7d0 [ 468.173553][T13313] ret_from_fork_asm+0x1a/0x30 [ 468.178864][T13313] [ 468.178864][T13313] -> #1 (fs_reclaim){+.+.}-{0:0}: [ 468.186109][T13313] fs_reclaim_acquire+0x102/0x150 [ 468.191668][T13313] kmem_cache_alloc_noprof+0x5b/0x6e0 [ 468.197562][T13313] __kernfs_iattrs+0x124/0x3e0 [ 468.202853][T13313] __kernfs_setattr+0x4d/0x3c0 [ 468.208146][T13313] kernfs_iop_setattr+0xda/0x120 [ 468.213605][T13313] notify_change+0x6d2/0x12a0 [ 468.218815][T13313] do_truncate+0x1d7/0x230 [ 468.223752][T13313] path_openat+0x2678/0x2cb0 [ 468.228928][T13313] do_filp_open+0x20b/0x470 [ 468.234388][T13313] do_sys_openat2+0x11b/0x1d0 [ 468.239685][T13313] __x64_sys_openat+0x174/0x210 [ 468.245069][T13313] do_syscall_64+0xcd/0xfa0 [ 468.250117][T13313] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 468.256532][T13313] [ 468.256532][T13313] -> #0 (&root->kernfs_iattr_rwsem){++++}-{4:4}: [ 468.265051][T13313] __lock_acquire+0x126f/0x1c90 [ 468.270433][T13313] lock_acquire+0x179/0x350 [ 468.275465][T13313] down_write+0x92/0x200 [ 468.280244][T13313] kernfs_unlink_sibling+0xa3/0x320 [ 468.285976][T13313] __kernfs_remove+0x2c0/0x8a0 [ 468.291268][T13313] kernfs_remove_by_name_ns+0x68/0x110 [ 468.297258][T13313] sysfs_unmerge_group+0xe7/0x170 [ 468.302824][T13313] dpm_sysfs_remove+0x7f/0xb0 [ 468.308019][T13313] device_del+0x1a0/0x9f0 [ 468.312877][T13313] device_unregister+0x1d/0xc0 [ 468.318168][T13313] usb_remove_ep_devs+0x42/0x80 [ 468.323547][T13313] usb_disable_device+0x309/0x7d0 [ 468.329101][T13313] usb_set_configuration+0x12cd/0x1e20 [ 468.335095][T13313] bConfigurationValue_store+0x100/0x180 [ 468.341251][T13313] dev_attr_store+0x58/0x80 [ 468.346376][T13313] sysfs_kf_write+0xf2/0x150 [ 468.351577][T13313] kernfs_fop_write_iter+0x3af/0x570 [ 468.357500][T13313] vfs_write+0x7d3/0x11d0 [ 468.362353][T13313] ksys_write+0x12a/0x250 [ 468.367207][T13313] do_syscall_64+0xcd/0xfa0 [ 468.372251][T13313] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 468.378678][T13313] [ 468.378678][T13313] other info that might help us debug this: [ 468.378678][T13313] [ 468.389157][T13313] Chain exists of: [ 468.389157][T13313] &root->kernfs_iattr_rwsem --> cpuhp_state_mutex --> &root->kernfs_rwsem [ 468.389157][T13313] [ 468.403595][T13313] Possible unsafe locking scenario: [ 468.403595][T13313] [ 468.411035][T13313] CPU0 CPU1 [ 468.416388][T13313] ---- ---- [ 468.421753][T13313] lock(&root->kernfs_rwsem); [ 468.426516][T13313] lock(cpuhp_state_mutex); [ 468.433660][T13313] lock(&root->kernfs_rwsem); [ 468.440942][T13313] lock(&root->kernfs_iattr_rwsem); [ 468.446227][T13313] [ 468.446227][T13313] *** DEADLOCK *** [ 468.446227][T13313] [ 468.454361][T13313] 5 locks held by syz.0.1930/13313: [ 468.459554][T13313] #0: ffff888025596d38 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x2a2/0x370 [ 468.468624][T13313] #1: ffff888030458420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 468.477611][T13313] #2: ffff888052eae088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570 [ 468.487387][T13313] #3: ffff888028a8e198 (&dev->mutex){....}-{4:4}, at: bConfigurationValue_store+0xde/0x180 [ 468.497494][T13313] #4: ffff888140450188 (&root->kernfs_rwsem){++++}-{4:4}, at: kernfs_remove_by_name_ns+0x3d/0x110 [ 468.508221][T13313] [ 468.508221][T13313] stack backtrace: [ 468.514102][T13313] CPU: 1 UID: 0 PID: 13313 Comm: syz.0.1930 Not tainted syzkaller #0 PREEMPT(full) [ 468.514131][T13313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 468.514145][T13313] Call Trace: [ 468.514154][T13313] [ 468.514163][T13313] dump_stack_lvl+0x116/0x1f0 [ 468.514191][T13313] print_circular_bug+0x275/0x350 [ 468.514227][T13313] check_noncircular+0x14c/0x170 [ 468.514260][T13313] __lock_acquire+0x126f/0x1c90 [ 468.514295][T13313] lock_acquire+0x179/0x350 [ 468.514325][T13313] ? kernfs_unlink_sibling+0xa3/0x320 [ 468.514357][T13313] ? __pfx___might_resched+0x10/0x10 [ 468.514384][T13313] down_write+0x92/0x200 [ 468.514413][T13313] ? kernfs_unlink_sibling+0xa3/0x320 [ 468.514442][T13313] ? __pfx_down_write+0x10/0x10 [ 468.514475][T13313] kernfs_unlink_sibling+0xa3/0x320 [ 468.514505][T13313] __kernfs_remove+0x2c0/0x8a0 [ 468.514535][T13313] ? kernfs_find_ns+0x277/0x540 [ 468.514566][T13313] kernfs_remove_by_name_ns+0x68/0x110 [ 468.514602][T13313] sysfs_unmerge_group+0xe7/0x170 [ 468.514634][T13313] dpm_sysfs_remove+0x7f/0xb0 [ 468.514655][T13313] device_del+0x1a0/0x9f0 [ 468.514686][T13313] ? __pfx_device_del+0x10/0x10 [ 468.514715][T13313] ? __pfx_rpm_resume+0x10/0x10 [ 468.514745][T13313] ? do_raw_spin_lock+0x12c/0x2b0 [ 468.514782][T13313] device_unregister+0x1d/0xc0 [ 468.514811][T13313] usb_remove_ep_devs+0x42/0x80 [ 468.514838][T13313] usb_disable_device+0x309/0x7d0 [ 468.514879][T13313] usb_set_configuration+0x12cd/0x1e20 [ 468.514915][T13313] ? sscanf+0xc7/0x100 [ 468.514946][T13313] ? __pfx_sscanf+0x10/0x10 [ 468.514984][T13313] bConfigurationValue_store+0x100/0x180 [ 468.515007][T13313] ? __pfx_bConfigurationValue_store+0x10/0x10 [ 468.515031][T13313] ? find_held_lock+0x2b/0x80 [ 468.515055][T13313] ? sysfs_file_kobj+0xe4/0x290 [ 468.515079][T13313] ? __pfx_bConfigurationValue_store+0x10/0x10 [ 468.515103][T13313] dev_attr_store+0x58/0x80 [ 468.515136][T13313] ? __pfx_dev_attr_store+0x10/0x10 [ 468.515168][T13313] sysfs_kf_write+0xf2/0x150 [ 468.515193][T13313] kernfs_fop_write_iter+0x3af/0x570 [ 468.515234][T13313] ? __pfx_sysfs_kf_write+0x10/0x10 [ 468.515260][T13313] vfs_write+0x7d3/0x11d0 [ 468.515285][T13313] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 468.515322][T13313] ? __pfx___mutex_lock+0x10/0x10 [ 468.515349][T13313] ? __pfx_vfs_write+0x10/0x10 [ 468.515382][T13313] ksys_write+0x12a/0x250 [ 468.515406][T13313] ? __pfx_ksys_write+0x10/0x10 [ 468.515434][T13313] do_syscall_64+0xcd/0xfa0 [ 468.515461][T13313] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 468.515485][T13313] RIP: 0033:0x7fed9ab8efc9 [ 468.515504][T13313] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 468.515527][T13313] RSP: 002b:00007fed9b9dd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 468.515548][T13313] RAX: ffffffffffffffda RBX: 00007fed9ade5fa0 RCX: 00007fed9ab8efc9 [ 468.515564][T13313] RDX: 0000000000000003 RSI: 0000200000000000 RDI: 000000000000000b [ 468.515579][T13313] RBP: 00007fed9ac11f91 R08: 0000000000000000 R09: 0000000000000000 [ 468.515593][T13313] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 468.515607][T13313] R13: 00007fed9ade6038 R14: 00007fed9ade5fa0 R15: 00007ffee3bb7e58 [ 468.515630][T13313] [ 469.063171][T13344] FAULT_INJECTION: forcing a failure. [ 469.063171][T13344] name fail_futex, interval 1, probability 0, space 0, times 0 [ 469.105649][T13344] CPU: 0 UID: 0 PID: 13344 Comm: syz.2.1940 Not tainted syzkaller #0 PREEMPT(full) [ 469.105686][T13344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 469.105703][T13344] Call Trace: [ 469.105711][T13344] [ 469.105721][T13344] dump_stack_lvl+0x16c/0x1f0 [ 469.105755][T13344] should_fail_ex+0x512/0x640 [ 469.105796][T13344] get_futex_key+0x1d0/0x1560 [ 469.105831][T13344] ? __pfx_get_futex_key+0x10/0x10 [ 469.105864][T13344] ? import_iovec+0x86/0xb0 [ 469.105890][T13344] futex_wake+0xea/0x530 [ 469.105925][T13344] ? futex_wait+0x120/0x380 [ 469.105947][T13344] ? __pfx_futex_wait+0x10/0x10 [ 469.105985][T13344] ? __pfx_futex_wake+0x10/0x10 [ 469.106021][T13344] ? __pfx_vfs_writev+0x10/0x10 [ 469.106049][T13344] ? rcu_is_watching+0x12/0xc0 [ 469.106076][T13344] ? __might_fault+0xe3/0x190 [ 469.106104][T13344] do_futex+0x1e3/0x350 [ 469.106137][T13344] ? __pfx_do_futex+0x10/0x10 [ 469.106183][T13344] __x64_sys_futex+0x1e0/0x4c0 [ 469.106220][T13344] ? __pfx___x64_sys_futex+0x10/0x10 [ 469.106254][T13344] ? __pfx_do_writev+0x10/0x10 [ 469.106283][T13344] do_syscall_64+0xcd/0xfa0 [ 469.106314][T13344] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 469.106340][T13344] RIP: 0033:0x7f893238efc9 [ 469.106359][T13344] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 469.106386][T13344] RSP: 002b:00007f89332050e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 469.106412][T13344] RAX: ffffffffffffffda RBX: 00007f89325e5fa8 RCX: 00007f893238efc9 [ 469.106430][T13344] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f89325e5fac [ 469.106447][T13344] RBP: 00007f89325e5fa0 R08: 00007f8933206000 R09: 0000000000000000 [ 469.106463][T13344] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 469.106480][T13344] R13: 00007f89325e6038 R14: 00007ffff96951d0 R15: 00007ffff96952b8 [ 469.106506][T13344]