last executing test programs: 12.268993528s ago: executing program 3 (id=683): openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000340)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x96141, 0x0) r0 = socket(0x1b, 0x3, 0x76) madvise$auto(0x0, 0x2000040080000003, 0xe) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r1, &(0x7f0000000040)='//\xf2\x00', 0x80000000) getsockopt$auto_SO_RCVPRIORITY(r0, 0x1, 0x52, 0x0, &(0x7f0000000240)=0x7) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x121900, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/midiC2D0\x00', 0xc01, 0x0) prctl$auto(0x3e, 0xfffffffffffffffd, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r3 = syz_clone(0x4040400, 0x0, 0x0, 0x0, 0x0, 0x0) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/bluetooth/hci5/rfkill30/soft\x00', 0x80400, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) r4 = socket(0x2, 0x801, 0x106) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) getsockopt$auto(r4, 0x11c, 0x3, 0x0, 0x0) mmap$auto(0x0, 0x402000b, 0xdf, 0xeb1, 0x401, 0x8000) r5 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000000), 0x2400, 0x0) ioctl$auto_UBI_IOCATT(r5, 0x40186f40, 0x0) ioctl$auto_UBI_IOCDET(r5, 0x40046f41, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd75, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4000050}, 0x0) syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000001c0), r0) pread64$auto(0xffffffffffffffff, &(0x7f0000000040)='\x00\x00\x00\x88\xde\x90\a\'\x9bM\xa0\x848\xbbz(\xe9\x05<\x82\xfe\xe2\xf6 \x0f8\xfb\xa7\xb4\xa0\x9e\xcb\xec\x9e{o2?\x0f\x11\x90^\xdf/\x84\x99!*\xe3\x99}x\xd4\xa5D\xfa\xe5\xf9od^\xa6', 0x7ff, 0x5) r6 = openat$auto_uprobe_events_ops_trace_uprobe(0xffffffffffffff9c, &(0x7f0000001680)='/sys/kernel/debug/tracing/uprobe_events\x00', 0x2, 0x0) write$auto_uprobe_events_ops_trace_uprobe(r6, &(0x7f0000000380)="703a3a82d9e5cc7c2ceda8d50bfc", 0xe) prctl$auto(0x1000000003b, 0x21, r3, 0x5, 0xb) 7.0740729s ago: executing program 2 (id=691): rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x3, 0x4000000000df, 0x19, 0x401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D0\x00', 0x109302, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000000)=""/53, 0x35) select$auto(0x7, 0x0, 0x0, 0x0, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) msgrcv$auto(0x71, 0x0, 0x0, 0x7fffffffffffffff, 0x5) r1 = openat$auto_hwflags_ops_debugfs(0xffffffffffffff9c, 0x0, 0x101000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0x1, 0xb5, 0x10, 0x7, 0x4, 0xffffffffffffffff, 0xa, "2af051a940806ec05be276cfc83ce63f", 0x0, r1, 0x5, 0x7, 0xe5, 0x3, 0xffffffffffffffff, 0xffffffffffffffff}, 0x10) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0) bpf$auto(0x1a, &(0x7f0000000380)=@link_create={@map_fd, @target_ifindex=r2, 0x3, 0x81, @uprobe_multi={0x81, 0x1ff, 0x3d7e, 0x0, 0x1, 0x4}}, 0x92) setsockopt$auto(0xffffffffffffffff, 0xfffffffc, 0x20, 0x0, 0x98000116) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) io_uring_setup$auto(0x6, 0x0) r4 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x0, 0x0) ioctl$auto(r4, 0x921064b1, 0x8) pidfd_send_signal$auto_PIDFD_SIGNAL_THREAD(r3, 0x1ff, &(0x7f00000000c0)={@_si_pad}, 0x1) r5 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x2, 0x0) write$auto_sg_fops_sg(r5, &(0x7f0000001380)="4a0200000000040000899edb615550fd8c44924d87f0010047eb02eff5d2adc245a4e1eded0e91b86c61b6b42ed6", 0x2e) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto_dma_heap_fops_dma_heap(0xffffffffffffffff, 0x0, 0x0) socket(0x11, 0x80003, 0x300) preadv2$auto(0x3, &(0x7f0000001000)={0x0, 0x10}, 0x8, 0x3, 0x4, 0x0) 6.706257814s ago: executing program 0 (id=694): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/platform/vicodec.0/video4linux/video2/uevent\x00', 0xa001, 0x0) mmap$auto(0x2, 0x400007, 0xe895, 0x16, r0, 0x401) openat$auto_ima_ascii_measurements_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000300), 0x80, 0x0) write$auto(0x3, 0x0, 0x7fffffff) r1 = syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) sendmsg$auto_NL80211_CMD_PROBE_MESH_LINK(r0, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000007ea4b46f01ec4bc7334208de26cbe38cb6db4940875c63f639625f09c4d820e7b46a995c8c341b9f", @ANYRES16=r1, @ANYBLOB="000326bd7000ffdbdf2588000000"], 0x14}, 0x1, 0x0, 0x0, 0x24000000}, 0x400c080) write$auto(0x3, 0x0, 0xfffffdef) setsockopt$auto(0xffffffffffffffff, 0xff, 0x5, 0x0, 0x7) connect$auto(0x3, 0x0, 0x55) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) openat$auto_mgts_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0xa001, 0x0) read$auto(0x3, 0x0, 0x80) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0) r4 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r3, 0x541c, r4) 6.540130868s ago: executing program 3 (id=696): rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x3, 0x4000000000df, 0x19, 0x401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D0\x00', 0x109302, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000000)=""/53, 0x35) select$auto(0x7, 0x0, 0x0, 0x0, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) msgrcv$auto(0x71, 0x0, 0x0, 0x7fffffffffffffff, 0x5) r1 = openat$auto_hwflags_ops_debugfs(0xffffffffffffff9c, 0x0, 0x101000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0x1, 0xb5, 0x10, 0x7, 0x4, 0xffffffffffffffff, 0xa, "2af051a940806ec05be276cfc83ce63f", 0x0, r1, 0x5, 0x7, 0xe5, 0x3, 0xffffffffffffffff, 0xffffffffffffffff}, 0x10) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$auto(0xffffffffffffffff, 0xfffffffc, 0x20, 0x0, 0x98000116) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) io_uring_setup$auto(0x6, 0x0) r3 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x0, 0x0) ioctl$auto(r3, 0x921064b1, 0x8) pidfd_send_signal$auto_PIDFD_SIGNAL_THREAD(r2, 0x1ff, &(0x7f00000000c0)={@_si_pad}, 0x1) r4 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x2, 0x0) write$auto_sg_fops_sg(r4, &(0x7f0000001380)="4a0200000000040000899edb615550fd8c44924d87f0010047eb02eff5d2adc245a4e1eded0e91b86c61b6b42ed6", 0x2e) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto_dma_heap_fops_dma_heap(0xffffffffffffffff, 0x0, 0x0) socket(0x11, 0x80003, 0x300) preadv2$auto(0x3, &(0x7f0000001000)={0x0, 0x10}, 0x8, 0x3, 0x4, 0x0) 6.483683171s ago: executing program 1 (id=697): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc2481, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) epoll_create$auto(0x4) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) openat$auto_msr_fops_msr(0xffffffffffffff9c, 0x0, 0xf82, 0x0) mmap$auto(0x3ff, 0x3, 0xffffffff, 0x100000eb1, 0x40000000000a1, 0x4000008000) setsockopt$auto_SO_OOBINLINE(0xffffffffffffffff, 0x3, 0xa, &(0x7f0000000080)='nlctrl\x00', 0x2) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) lseek$auto(0x3, 0x3e7ffffffd, 0x3) set_mempolicy_home_node$auto(0x1, 0x80, 0x7fff, 0x7) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x2, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) madvise$auto(0x3000, 0xffffffffffff0001, 0x15) 5.719300655s ago: executing program 2 (id=698): openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000140), 0x80, 0x0) openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000040), 0x543c00, 0x0) r0 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000240), 0xa002, 0x0) writev$auto(r0, 0x0, 0x100) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) getpid() ioctl$auto_UBI_IOCDET(0xffffffffffffffff, 0x40046f41, 0x0) unshare$auto(0x40000080) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) r2 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000500)='/dev/cpu/0/cpuid\x00', 0xad00, 0x0) readv$auto(r2, &(0x7f0000000680)={&(0x7f0000000540), 0x40200}, 0x3) ioctl$auto_SNDCTL_DSP_SPEED(r1, 0xc0045002, 0x0) clone3$auto(&(0x7f00000002c0)={0x4, 0x9, 0x1, 0x2, 0x8000, 0xffffffffffffffff, 0x7, 0x3, 0xffffffffffffffea, 0x8, 0x200}, 0x7) ioctl$auto_IOCTL_VMCI_DATAGRAM_SEND(0xffffffffffffffff, 0x7ab, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) io_setup$auto(0x7ffe, 0x0) io_setup$auto(0x7ffe, &(0x7f0000000000)) r4 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x1ac}}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) 5.425011568s ago: executing program 3 (id=699): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc2481, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) epoll_create$auto(0x4) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) openat$auto_msr_fops_msr(0xffffffffffffff9c, 0x0, 0xf82, 0x0) mmap$auto(0x3ff, 0x3, 0xffffffff, 0x100000eb1, 0x40000000000a1, 0x4000008000) setsockopt$auto_SO_OOBINLINE(0xffffffffffffffff, 0x3, 0xa, &(0x7f0000000080)='nlctrl\x00', 0x2) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) lseek$auto(0x3, 0x3e7ffffffd, 0x3) set_mempolicy_home_node$auto(0x1, 0x80, 0x7fff, 0x7) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x2, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) madvise$auto(0x3000, 0xffffffffffff0001, 0x15) 5.374305118s ago: executing program 1 (id=700): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/platform/vicodec.0/video4linux/video2/uevent\x00', 0xa001, 0x0) mmap$auto(0x2, 0x400007, 0xe895, 0x16, r0, 0x401) openat$auto_ima_ascii_measurements_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000300), 0x80, 0x0) write$auto(0x3, 0x0, 0x7fffffff) r1 = syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) sendmsg$auto_NL80211_CMD_PROBE_MESH_LINK(r0, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000007ea4b46f01ec4bc7334208de26cbe38cb6db4940875c63f639625f09c4d820e7b46a995c8c341b9f31acbbdaf42a3923faf3bd5fb7d0fbd040e5ab4caed4106b99fdc9e96e145727b677bf982cd8", @ANYRES16=r1, @ANYBLOB="000326bd7000ffdbdf2588000000"], 0x14}, 0x1, 0x0, 0x0, 0x24000000}, 0x400c080) write$auto(0x3, 0x0, 0xfffffdef) setsockopt$auto(0xffffffffffffffff, 0xff, 0x5, 0x0, 0x7) connect$auto(0x3, 0x0, 0x55) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) openat$auto_mgts_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0xa001, 0x0) read$auto(0x3, 0x0, 0x80) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0) r4 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r3, 0x541c, r4) 5.311933041s ago: executing program 0 (id=701): socket(0xa, 0x1, 0x100) pread64$auto(0xffffffffffffffff, 0x0, 0x7ff, 0x400) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socketcall$auto_SYS_SOCKET(0x1, &(0x7f0000000280)=0xfffffffffffffffd) r1 = openat$auto_vga_arb_device_fops_vgaarb(0xffffffffffffff9c, 0x0, 0x8040, 0x0) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, r1, 0x300000000000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) unshare$auto(0x3) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000340), r2) sendmsg$auto_TIPC_NL_NET_SET(r2, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x2) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/softrepeat\x00', 0xc2481, 0x0) write$auto(r3, 0x0, 0x81) fcntl$auto_F_GETFD(0xffffffffffffffff, 0x1, 0x7) ioctl$auto(0xffffffffffffffff, 0x4004556e, 0x1f) setsockopt$auto(0x3, 0x1, 0x4c, 0x0, 0x9) getsockopt$auto_SO_LOCK_FILTER(r3, 0x9, 0x2c, &(0x7f0000000280)='@,\\#\x00', &(0x7f0000000300)=0xc) mprotect$auto(0x0, 0x806121, 0x6) bpf$auto(0x0, &(0x7f0000000380)=@task_fd_query={0x12, 0x3, 0x4, 0x88, 0x8, 0xae85, 0x66b, 0x4, 0x7ff}, 0x6f4) read$auto_proc_iter_file_ops_compat_inode(0xffffffffffffffff, &(0x7f0000000180)=""/248, 0xf8) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/002/001\x00', 0x40001, 0x0) mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r4 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000001140)='/proc/self/oom_adj\x00', 0x8042, 0x0) read$auto(r4, 0x0, 0x1f40) r5 = openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/per_cpu/cpu0/buffer_size_kb\x00', 0x1, 0x0) writev$auto(r5, &(0x7f0000000200)={0x0, 0xa}, 0x3) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) 4.286497028s ago: executing program 0 (id=702): openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000140), 0x80, 0x0) openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000040), 0x543c00, 0x0) r0 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000240), 0xa002, 0x0) writev$auto(r0, 0x0, 0x100) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) getpid() ioctl$auto_UBI_IOCDET(0xffffffffffffffff, 0x40046f41, 0x0) unshare$auto(0x40000080) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) r2 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000500)='/dev/cpu/0/cpuid\x00', 0xad00, 0x0) readv$auto(r2, &(0x7f0000000680)={&(0x7f0000000540), 0x40200}, 0x3) ioctl$auto_SNDCTL_DSP_SPEED(r1, 0xc0045002, 0x0) clone3$auto(&(0x7f00000002c0)={0x4, 0x9, 0x1, 0x2, 0x8000, 0xffffffffffffffff, 0x7, 0x3, 0xffffffffffffffea, 0x8, 0x200}, 0x7) ioctl$auto_IOCTL_VMCI_DATAGRAM_SEND(0xffffffffffffffff, 0x7ab, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) io_setup$auto(0x7ffe, 0x0) io_setup$auto(0x7ffe, &(0x7f0000000000)) r4 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df"], 0x1ac}}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) 3.671161467s ago: executing program 3 (id=703): rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x3, 0x4000000000df, 0x19, 0x401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D0\x00', 0x109302, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000000)=""/53, 0x35) select$auto(0x7, 0x0, 0x0, 0x0, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) msgrcv$auto(0x71, 0x0, 0x0, 0x7fffffffffffffff, 0x5) r1 = openat$auto_hwflags_ops_debugfs(0xffffffffffffff9c, 0x0, 0x101000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0x1, 0xb5, 0x10, 0x7, 0x4, 0xffffffffffffffff, 0xa, "2af051a940806ec05be276cfc83ce63f", 0x0, r1, 0x5, 0x7, 0xe5, 0x3, 0xffffffffffffffff, 0xffffffffffffffff}, 0x10) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0) bpf$auto(0x1a, &(0x7f0000000380)=@link_create={@map_fd, @target_ifindex=r2, 0x3, 0x81, @uprobe_multi={0x81, 0x1ff, 0x3d7e, 0x0, 0x1, 0x4}}, 0x92) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$auto(0xffffffffffffffff, 0xfffffffc, 0x20, 0x0, 0x98000116) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) io_uring_setup$auto(0x6, 0x0) r4 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x0, 0x0) ioctl$auto(r4, 0x921064b1, 0x8) pidfd_send_signal$auto_PIDFD_SIGNAL_THREAD(r3, 0x1ff, &(0x7f00000000c0)={@_si_pad}, 0x1) r5 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x2, 0x0) write$auto_sg_fops_sg(r5, &(0x7f0000001380)="4a0200000000040000899edb615550fd8c44924d87f0010047eb02eff5d2adc245a4e1eded0e91b86c61b6b42ed6", 0x2e) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto_dma_heap_fops_dma_heap(0xffffffffffffffff, 0x0, 0x0) socket(0x11, 0x80003, 0x300) preadv2$auto(0x3, &(0x7f0000001000)={0x0, 0x10}, 0x8, 0x3, 0x4, 0x0) 3.665539762s ago: executing program 2 (id=711): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc2481, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) epoll_create$auto(0x4) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) openat$auto_msr_fops_msr(0xffffffffffffff9c, 0x0, 0xf82, 0x0) mmap$auto(0x3ff, 0x3, 0xffffffff, 0x100000eb1, 0x40000000000a1, 0x4000008000) setsockopt$auto_SO_OOBINLINE(0xffffffffffffffff, 0x3, 0xa, &(0x7f0000000080)='nlctrl\x00', 0x2) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) lseek$auto(0x3, 0x3e7ffffffd, 0x3) set_mempolicy_home_node$auto(0x1, 0x80, 0x7fff, 0x7) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x2, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) madvise$auto(0x3000, 0xffffffffffff0001, 0x15) 3.352779322s ago: executing program 1 (id=704): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc2481, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) epoll_create$auto(0x4) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) openat$auto_msr_fops_msr(0xffffffffffffff9c, 0x0, 0xf82, 0x0) mmap$auto(0x3ff, 0x3, 0xffffffff, 0x100000eb1, 0x40000000000a1, 0x4000008000) setsockopt$auto_SO_OOBINLINE(0xffffffffffffffff, 0x3, 0xa, &(0x7f0000000080)='nlctrl\x00', 0x2) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) lseek$auto(0x3, 0x3e7ffffffd, 0x3) set_mempolicy_home_node$auto(0x1, 0x80, 0x7fff, 0x7) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x2, 0x0) connect$auto(0x3, 0x0, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) madvise$auto(0x3000, 0xffffffffffff0001, 0x15) 2.963420625s ago: executing program 0 (id=705): r0 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec18\x00', 0x400800, 0x0) ioctl$auto_CEC_ADAP_G_LOG_ADDRS(r0, 0x805c6103, &(0x7f00000001c0)={"8911bd3a", 0x1, 0x0, 0x6, 0x4, 0x6, "feaf587cdf4d2f534a1c88d3e40a00", "e6cf6512", "0488faff", "10a991b3", ["3ae887a128f1d8c79420d880", "b11feafce4d296d8c985d069", "0149f0a7102c3fffab592db0", "0059c09dca7de9bdbbc6be07"]}) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x80703, 0x0) unshare$auto(0x40000080) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x121003, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/pagemap\x00', 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) rename$auto(0x0, 0x0) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/kernel/hung_task_check_interval_secs\x00', 0x88542, 0x0) write$auto(r1, 0x0, 0x0) pwrite64$auto(r1, &(0x7f0000002500)=']\x00', 0x3, 0xd) 2.630785406s ago: executing program 2 (id=706): openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x200, 0x0) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) sysfs$auto(0x2, 0x100001000000032, 0x0) fsopen$auto(0x0, 0x1) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x802, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0xc7f16bff2a10ba01, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D3\x00', 0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/cpu/cpu1/topology/thread_siblings\x00', 0x400, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x5, 0x406, 0xfffe, 0x10001, 0x2, 0x6d3e, 0x3, 0x2, 0x4]}, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) ioctl$auto_TIOCVHANGUP2(r0, 0x5437, 0x0) 2.296529512s ago: executing program 3 (id=707): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/platform/vicodec.0/video4linux/video2/uevent\x00', 0xa001, 0x0) mmap$auto(0x2, 0x400007, 0xe895, 0x16, r0, 0x401) openat$auto_ima_ascii_measurements_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000300), 0x80, 0x0) write$auto(0x3, 0x0, 0x7fffffff) r1 = syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) sendmsg$auto_NL80211_CMD_PROBE_MESH_LINK(r0, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000007ea4b46f01ec4bc7334208de26cbe38cb6db4940875c63f639625f09c4d820e7b46a995c8c341b9f31acbbdaf42a3923faf3bd5fb7d0fbd040e5ab4caed4106b99fdc9e96e145727b677bf982cd8657525", @ANYRES16=r1, @ANYBLOB="000326bd7000ffdbdf2588000000"], 0x14}, 0x1, 0x0, 0x0, 0x24000000}, 0x400c080) write$auto(0x3, 0x0, 0xfffffdef) setsockopt$auto(0xffffffffffffffff, 0xff, 0x5, 0x0, 0x7) connect$auto(0x3, 0x0, 0x55) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) openat$auto_mgts_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0xa001, 0x0) read$auto(0x3, 0x0, 0x80) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0) r4 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r3, 0x541c, r4) 2.225025934s ago: executing program 0 (id=708): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc2481, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) epoll_create$auto(0x4) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) openat$auto_msr_fops_msr(0xffffffffffffff9c, 0x0, 0xf82, 0x0) mmap$auto(0x3ff, 0x3, 0xffffffff, 0x100000eb1, 0x40000000000a1, 0x4000008000) setsockopt$auto_SO_OOBINLINE(0xffffffffffffffff, 0x3, 0xa, 0x0, 0x2) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) lseek$auto(0x3, 0x3e7ffffffd, 0x3) set_mempolicy_home_node$auto(0x1, 0x80, 0x7fff, 0x7) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x2, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) madvise$auto(0x3000, 0xffffffffffff0001, 0x15) 2.125481772s ago: executing program 1 (id=709): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/platform/vicodec.0/video4linux/video2/uevent\x00', 0xa001, 0x0) mmap$auto(0x2, 0x400007, 0xe895, 0x16, r0, 0x401) openat$auto_ima_ascii_measurements_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000300), 0x80, 0x0) write$auto(0x3, 0x0, 0x7fffffff) r1 = syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) sendmsg$auto_NL80211_CMD_PROBE_MESH_LINK(r0, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000007ea4b46f01ec4bc7334208de26cbe38cb6db4940875c63f639625f09c4d820e7b46a995c8c341b9f31acbbdaf42a3923faf3bd5fb7d0fbd040e5ab4caed4106b99fdc9e96e145727b677bf982cd8657525", @ANYRES16=r1, @ANYBLOB="000326bd7000ffdbdf2588000000"], 0x14}, 0x1, 0x0, 0x0, 0x24000000}, 0x400c080) write$auto(0x3, 0x0, 0xfffffdef) setsockopt$auto(0xffffffffffffffff, 0xff, 0x5, 0x0, 0x7) connect$auto(0x3, 0x0, 0x55) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) openat$auto_mgts_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0xa001, 0x0) read$auto(0x3, 0x0, 0x80) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0) r4 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r3, 0x541c, r4) 1.467471661s ago: executing program 2 (id=710): socket(0xa, 0x1, 0x100) pread64$auto(0xffffffffffffffff, 0x0, 0x7ff, 0x400) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socketcall$auto_SYS_SOCKET(0x1, &(0x7f0000000280)=0xfffffffffffffffd) r1 = openat$auto_vga_arb_device_fops_vgaarb(0xffffffffffffff9c, 0x0, 0x8040, 0x0) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, r1, 0x300000000000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) unshare$auto(0x3) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000340), r2) sendmsg$auto_TIPC_NL_NET_SET(r2, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x2) keyctl$auto(0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x6) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/softrepeat\x00', 0xc2481, 0x0) write$auto(r3, 0x0, 0x81) fcntl$auto_F_GETFD(0xffffffffffffffff, 0x1, 0x7) setsockopt$auto(0x3, 0x1, 0x4c, 0x0, 0x9) getsockopt$auto_SO_LOCK_FILTER(r3, 0x9, 0x2c, &(0x7f0000000280)='@,\\#\x00', &(0x7f0000000300)=0xc) mprotect$auto(0x0, 0x806121, 0x6) bpf$auto(0x0, &(0x7f0000000380)=@task_fd_query={0x12, 0x3, 0x4, 0x88, 0x8, 0xae85, 0x66b, 0x4, 0x7ff}, 0x6f4) read$auto_proc_iter_file_ops_compat_inode(0xffffffffffffffff, &(0x7f0000000180)=""/248, 0xf8) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/002/001\x00', 0x40001, 0x0) mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r4 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000001140)='/proc/self/oom_adj\x00', 0x8042, 0x0) read$auto(r4, 0x0, 0x1f40) r5 = openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/per_cpu/cpu0/buffer_size_kb\x00', 0x1, 0x0) writev$auto(r5, &(0x7f0000000200)={0x0, 0xa}, 0x3) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) 981.152432ms ago: executing program 0 (id=712): socket(0x2, 0x800, 0x0) io_uring_setup$auto(0x1, 0x0) r0 = socket(0x2b, 0x1, 0x1) bind$auto(r0, &(0x7f0000000080)=@qipcrtr={0x2a, 0x1, 0xfffffffe}, 0x6b) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb5, 0x401, 0x8000) unshare$auto(0x40000080) r1 = socket(0xf, 0x3, 0x2) accept$auto(0x3, 0xffffffffffffffff, 0xffffffffffffffff) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/tty53\x00', 0x200, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D0\x00', 0x109302, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x80000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000000)=""/53, 0x35) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) setsockopt$auto(0xffffffffffffffff, 0x3ff, 0x1, 0x0, 0x1e) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa}, 0x58) syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000340), r1) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000003c0)={&(0x7f0000000440)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00012abd7000000800000000000006000600070000000800090005000b00fc01000000000000000000000c0003000c000000000000000c0003000100000002000000060006005a2200000800080003000000"], 0x60}, 0x1, 0x0, 0x0, 0x884}, 0x400) r4 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000040), 0x81, 0x0) ioctl$auto_USB_RAW_IOCTL_VBUS_DRAW(r4, 0x4004550a, 0x0) openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/set_event_notrace_pid\x00', 0x582, 0x0) mmap$auto(0x2000000004, 0x400008, 0xdf, 0x20c2417c, 0xffffffffffffffff, 0x3) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) select$auto(0x0, &(0x7f0000000140)={[0x8, 0x5, 0xfffffffffffff7fe, 0x80000000, 0xf47, 0x8, 0x7, 0x1, 0x7, 0x100000001, 0x5b, 0x3ff, 0x2, 0x6, 0x9, 0x2]}, &(0x7f0000000240)={[0x3, 0x5, 0xf1d6, 0xfff, 0x8e, 0x2, 0x1, 0x100, 0x7, 0x1, 0x8, 0x6, 0x20000000003ff, 0x6, 0x9, 0x4]}, &(0x7f00000002c0)={[0x3, 0x7ff, 0x9, 0x7, 0x7, 0x7f, 0x100000001, 0x16, 0x8, 0x4, 0xe, 0x3, 0xe, 0x4, 0x401, 0x6]}, &(0x7f00000000c0)={0x4, 0x8000}) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000540)="4e33f447623b06707c65e3e5988c5553704585de2f373684232939307354695865286e3b058fae4c0f36f0fc7258f3bb284078eea6d676bf2de9699e629f58c7b347b9e9f729b25946cf043ee7c203e379172563b48d5764a5d6cbaf51af8bd3b663bdbaa63cacc79d54ff248fabd8d3685358a01fb88b66f6b59459826f841c87df91d47c9b45d1b0238e43fcca4ad5fc7fb0593671a68320e608d426ea3658d0adb7c4b49fc46690a2da2b0965c6e107c8c1a020879acf1aa9032831f937b72d17a94724eb45f1e6a7c6045149dd35", 0x3) 980.591255ms ago: executing program 1 (id=713): rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x3, 0x4000000000df, 0x19, 0x401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D0\x00', 0x109302, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000000)=""/53, 0x35) select$auto(0x7, 0x0, 0x0, 0x0, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) msgrcv$auto(0x71, 0x0, 0x0, 0x7fffffffffffffff, 0x5) r1 = openat$auto_hwflags_ops_debugfs(0xffffffffffffff9c, 0x0, 0x101000, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0x1, 0xb5, 0x10, 0x7, 0x4, 0xffffffffffffffff, 0xa, "2af051a940806ec05be276cfc83ce63f", 0x0, r1, 0x5, 0x7, 0xe5, 0x3, 0xffffffffffffffff, 0xffffffffffffffff}, 0x10) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0) bpf$auto(0x1a, &(0x7f0000000380)=@link_create={@map_fd, @target_ifindex=r2, 0x3, 0x81, @uprobe_multi={0x81, 0x1ff, 0x3d7e, 0x0, 0x1, 0x4}}, 0x92) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$auto(0xffffffffffffffff, 0xfffffffc, 0x20, 0x0, 0x98000116) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) io_uring_setup$auto(0x6, 0x0) r4 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x0, 0x0) ioctl$auto(r4, 0x921064b1, 0x8) pidfd_send_signal$auto_PIDFD_SIGNAL_THREAD(r3, 0x1ff, &(0x7f00000000c0)={@_si_pad}, 0x1) r5 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x2, 0x0) write$auto_sg_fops_sg(r5, &(0x7f0000001380)="4a0200000000040000899edb615550fd8c44924d87f0010047eb02eff5d2adc245a4e1eded0e91b86c61b6b42ed6", 0x2e) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto_dma_heap_fops_dma_heap(0xffffffffffffffff, 0x0, 0x0) socket(0x11, 0x80003, 0x300) preadv2$auto(0x3, &(0x7f0000001000)={0x0, 0x10}, 0x8, 0x3, 0x4, 0x0) 797.855238ms ago: executing program 3 (id=714): openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000140), 0x80, 0x0) openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000040), 0x543c00, 0x0) r0 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000240), 0xa002, 0x0) writev$auto(r0, 0x0, 0x100) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) getpid() ioctl$auto_UBI_IOCDET(0xffffffffffffffff, 0x40046f41, 0x0) unshare$auto(0x40000080) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) r2 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000500)='/dev/cpu/0/cpuid\x00', 0xad00, 0x0) readv$auto(r2, &(0x7f0000000680)={&(0x7f0000000540), 0x40200}, 0x3) ioctl$auto_SNDCTL_DSP_SPEED(r1, 0xc0045002, 0x0) clone3$auto(&(0x7f00000002c0)={0x4, 0x9, 0x1, 0x2, 0x8000, 0xffffffffffffffff, 0x7, 0x3, 0xffffffffffffffea, 0x8, 0x200}, 0x7) ioctl$auto_IOCTL_VMCI_DATAGRAM_SEND(0xffffffffffffffff, 0x7ab, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) io_setup$auto(0x7ffe, 0x0) io_setup$auto(0x7ffe, &(0x7f0000000000)) r4 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00"], 0x1ac}}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) 15.765387ms ago: executing program 1 (id=715): openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000140), 0x80, 0x0) openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000040), 0x543c00, 0x0) r0 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000240), 0xa002, 0x0) writev$auto(r0, 0x0, 0x100) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) getpid() ioctl$auto_UBI_IOCDET(0xffffffffffffffff, 0x40046f41, 0x0) unshare$auto(0x40000080) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) r2 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000500)='/dev/cpu/0/cpuid\x00', 0xad00, 0x0) readv$auto(r2, &(0x7f0000000680)={&(0x7f0000000540), 0x40200}, 0x3) ioctl$auto_SNDCTL_DSP_SPEED(r1, 0xc0045002, 0x0) clone3$auto(&(0x7f00000002c0)={0x4, 0x9, 0x1, 0x2, 0x8000, 0xffffffffffffffff, 0x7, 0x3, 0xffffffffffffffea, 0x8, 0x200}, 0x7) ioctl$auto_IOCTL_VMCI_DATAGRAM_SEND(0xffffffffffffffff, 0x7ab, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) io_setup$auto(0x7ffe, 0x0) io_setup$auto(0x7ffe, &(0x7f0000000000)) r4 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df"], 0x1ac}}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) 0s ago: executing program 2 (id=716): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd10/queue/nr_requests\x00', 0x82942, 0x0) sendfile$auto(r0, r0, 0x0, 0x200) close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event0\x00', 0x5175c9598dc5d493, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x414100, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r3 = ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r2) ioctl$auto_KVM_GET_MSRS(r1, 0x4008ae89, &(0x7f0000000080)={0x2, 0x0, [{0x4b564d06, 0xe3, 0x100000007f}]}) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000001900)='/sys/kernel/security/tomoyo/manager\x00', 0x2, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_nfc(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$auto_NFC_CMD_DEP_LINK_DOWN(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r5, 0x200, 0x70bd2d, 0x25dfdbfe, {}, [@NFC_ATTR_SE_APDU={0x38, 0x19, "2db690516cb652b8120b509e63dd0a0b4813d4946d144fcc611a824d011748602f4eea625e38aace9c89df7d6f8e01803715c5b1"}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4}, 0x24000000) sendmsg$auto_NFC_CMD_SE_IO(r3, &(0x7f0000001880)={&(0x7f00000017c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000001840)={&(0x7f0000000480)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="0004000000df251b00000008001d002e070000000800040006080000000000"], 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x20000000) r6 = syz_genetlink_get_family_id$auto_seg6(&(0x7f0000002e40), 0xffffffffffffffff) sendmsg$auto_SEG6_CMD_SET_TUNSRC(r4, &(0x7f0000002f00)={0x0, 0x0, &(0x7f0000002ec0)={&(0x7f0000002e80)=ANY=[@ANYBLOB, @ANYRES16=r6, @ANYBLOB="010028bd7000fcdbdf2503000000"], 0x14}, 0x1, 0x0, 0x0, 0x4048c40}, 0x4) sendmsg$auto_SEG6_CMD_DUMPHMAC(r3, &(0x7f0000000240)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x8ac4ccbadd4286dc}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x2c, r6, 0x1, 0x70bd2d, 0x25dfdbfc, {}, [@SEG6_ATTR_DSTLEN={0x8, 0x2, 0xcf}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x7f}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x4000045) pselect6$auto(0x5, &(0x7f0000000400)={[0x8, 0x5, 0x0, 0x5, 0x8001, 0x6, 0xac, 0x2000009, 0x3, 0xffffffff, 0x7fffffffffffffff, 0x0, 0x1000, 0x2, 0x8, 0x3ff]}, 0x0, 0x0, 0x0, 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x2) landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x75, 0x7}, 0x9, 0x4) landlock_restrict_self$auto(r7, 0x0) execve$auto(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)=&(0x7f0000000080)=',{\x00', &(0x7f0000000140)=&(0x7f0000000100)='}.\x00') r8 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/fs/cifs/smbd_max_send_size\x00', 0x101000, 0x0) r9 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000300), r3) futex_wait$auto(&(0x7f0000001740)="b9b5f61e354f464dc222b14754101cbcfd15bbecf1768a63a00664d00662ef2895498b03a05e69c5ba631e468170588429f101c5f6b7d8095e66c9fa3a873f7b17b337e22ec7fae91d654fbf7f9e90ca84083c19853781e6502ed2a5f9ae38ce72cdf2f90a6493f4d7e0083076f81af1c6cfefe23e9d4cbc602cf7c5c028", 0x7f, 0x0, 0x5, &(0x7f0000000180)={0x3, 0x3c}, 0xb21a) sendmsg$auto_IPVS_CMD_DEL_DEST(r7, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000340)={&(0x7f0000001a80)=ANY=[@ANYBLOB="bc120000a988486420b93c615f7c93f8e80c0ce261afb01aad341be5cc9b8634e1494b9cf9455ff9eaf2d01d23bd7e617045ce1f97cdabcad9eae14a247668d28e79123f0d2be4e7692ea67dfa01768d535c909d3f7749816a2f9373d9d9b391dc067d2abe696fbcc3d3afa0912f8f5013ecf4c33c8ca2b7351523e563ab17d23a908b715a065a834c602bda0341d300"/159, @ANYRES16=r9, @ANYBLOB="000226bd7000fbdbdf2507000000140103800d010b80601d104166cfc706b6629045df2cf941f212af5b3e4b17f0ed48ea999f7242b01be12821003ea1adff5eaa6284a0cbc1c12b10a5385f1b3985ad0ef00286bbb50bf754f0110e7d63719d6808236dc63c32245803000800c800ffffffff7ca52e3f3f4f44a296ba5c0682823c7ccbda9424a66c15ce10e36665e98c0b1fdb0ff782ee8980195c667fc1e32b649dd641686d735de55b814a1d28ce2bb2531d6678d220b5ff95b4f80b8ba080f4387c0b81dd254437b14f767ac08406ffa6129c98333ce11ee6cbbdd12b4f95e536b3b00813e41974a2495959f914277f96c4d370e7d92c12ac35691b7b0ed83858978ed313a8d5bf24969c00cbe34165a164c44800dbba8615b274f9d300000008000500070000000800060000000080080005000100000008000400860800000800060086fbffff62110180a5846b9c637847a65a504041a25c534d9de14783d5479dfb961fefe987dc6117c48bb619bd044d32884bafc920837b281d73c991c23274dea7cc8a067798a389d1023ab868ebecdd3d33c20b4f4091fd87e6e5f28068977603e2e070157925e81623166402148bafd458ec0afba83e3a513ff8e23725b3530bcd6726abd41a111d9a6a3896d6fe3616a063ad743f0ce7caae126588fd0b280d96df624892a5ac1fb72329260615d5c6c080f080e66922be5faf59d5616eb509b828ae153645bd504bd2dd2386586dd46e20281e49986d29976898a476109cd94be7fe50cf8d26be94e2ce7acc51fcf68eb1e96c3afe8382e662634a4adc7fae4840f0d2d6076a7fe463af45f70322c1e4875b35725be6fbe143a541e74d62f09de0a86a3e8a2a321c74b9e0abb100170b871b02c4c4e961e2b72917708a4c9321617c8e0217704064e02e8840116fec939adf7f9d290553f500aafaff3d739995fe7f70536c4006b2d514104c9e8150e9ec1bebd77128c0085503972b3e356aa0b50544bcd47b75ad11bad7fa77e336378f3a80fbaaa68914a6ce8124a0207d09dabececbf612b03bc966799b6a7b3ae392afcd7a4a6976468c7ee8f67bbf15a579f1f5c33f54e7d6e0e24cda4df0dafd8bb00641564b79efc01e8ba9b68c06f4dc1ac3bdbf7c9e4c547f2381f2c08a47a928863ae61478924e3c39d523a15d1ed55679925a1fbbfad91def28840764866fd7d34ec04a05130a4003fd7c6b9d0da96b2f3ff93c3977de3a2f619bba7f694c9c9062d9ab0605c6f94bcdf589650115f19291c7b50b9147f9499d87f64e1ad4cafd026b3b3ce36a92d1a9cc7fda9217057be31671abad4541ec9c5c90c136774603459b0a3c9cd1c4fd9728ff991575a234a8dcbe5a485404ccb8aeb95e88147e9606ef48591d7a9cc04f921b6c0739c9f3e8e69683c74768dad065321e04efc0b14e348d89b31ea9d68e1590635107a814cf8fd6194b9e786dd9be86babde3b44334bb218b0c8934ed1a42749baf189ccea0ac8fe250eef6352c0d63004601c4e572d024059b577d8cb96054081ced55473e5e0f3a7fa82402f95513224388f814d941b3f51c698e27a750331c9acc2c271f209d6e8b6c7714711ea48ae6a51794c6a791e0af887b137a499a0a4ef6725a2544a726d256c2efda7edff5a0ff987379f42a00566dc6a891dd77c924223f49e2661b8134e68d53b63027b54cedfe015d26bbb293faa7318a7d05fbffc1a1781fba54eae84ed2dc091f43015eda5e0417600b6e11726b75570441dbc004a381ae772fad3a4c03ddd2be7fae07e7b9671cee398b847241671844fec81d845f141e8f3a405ec72ff6750f66794f6cf28085f84fde6f4f36a3ab0f292770c2277117b030cf9dc6602e65fe78ab2ae99997784736a3881e6f1bd64d8a6cdb05cf90db848060ce01d018f7349b389bcbbad092a8d556c6fd911a7eb96bb89b357ebb542d288ad6feb66874972a30a84bd26e7d6a9a8c2eaaf821cbfe2599660169d5544345de352fabfc063bd3e2b3767dad4139bd39740f8f98127cdcfecbf6792acd99af25d9735cee2c9842fe38fbf68d092c6b2f8b74ea8acf21cd345fb71c3dfa995f3391ce2a09cd44fc6e479c510351cac159b1e19a9fd1938545164f6cf0cbcd6c9cb50abb09fc4d525caf8a02a6ede9b31217cc1daca9529811c60c639c7e8e99e7d0c55edec4a805353f6387a5af28cbd71222c5c61f74a87beef2a19b5c44529832741bef52656eb13bef592e60600a4d4a3a87b0c1806b80e4f4dd817e0ecbfdebf0f84080086c8e5b9bb61ec4690e347e78d85e2d8798ed3f43df8a5f68c220f53f6b6ad90473299b4f79b37676b935130aecd0aae833d9494419731b0c4dea7b24df252e2efe6b9a2ae6dba67948e135b2bc655d5a44efd009bebc0b50743ce2991289ee259e2086c40b526c818ecb8e679b043f60b5dcca652215aea69bf69b02895ca974abb3da764ce3e48c790fbb0ce2a453674f4a65baf77748f9f094b073d0741eb1892545afc2e6e5f6cdc20a7cb34ce67317777feed3e40c086ae8f9a420d4dcd007e5ffc50ec0c239402de278f6e95bc9a305f6e0dca6600412b325e5fecee6637506564df7b9fc67b2640a9eea72f494402eb6df7008a58f0d45994d17596e402f72689e5cfa6fb89a4f702d5810857fd08913bbafd4adffaa6cfbae6f4d6e9301e85a32c36582af47316f2ce2167a022ce4ecc3c09063a74656fb743951cf23945dc3e2dc91ba51b0d508eb40b672b89ad9706abbc26026d917e206cbb39af993dfba8ada5064e0a73b3a73b4914259dd3956057f5f7f950b64ca45d00f9b6a905d289cd3a0804933c9a19423545ace0d12b4434ca1262a6aaf3f6709e8e0264a02c0e36838b0063365a4400ce2f0faaf551bbeda907f951ba636666be0e528724f73757cdd107837f65de42ff0f5aa04669d1c02085a226dd2fb0c82c32d5837eba148e42e71215ec394c084d0616ba88c56c33ec2866804676fc5a7e6c047f0f0b9b8855df159a22511b7fac1ab0752f67fcb3ada88099f6b14ce0b1cb98ab410ed9b605ffd79d6bc8ec0748ec1170fefdbfbce20a9d5477aa68b1b347be8b468d346f120f16df590918224fad23aa47852a1645ba0854f9bc6012cc0bede47f57527887f2c6e5b588fbb65f83a32e6d3239a1539b926019c7aa5de8d96b6837989cfb8f6d538ca1e6fb6157bf8ce44daa2420feeadcd33afee80b952825839a83c9b1ff21a6f0ba061fbcc664324151a0c7f9f7389254215ffb6c9fa088f1b3519261046110e60aa0ed16baa409b053cb4968b2b83ab6fd3f8e640d865a15edfddeaffe794d43229deddb1d52b7ca29da698bf2d2761b60e376534a381eb90ed3c18a923b8532b0ee422128e5ad7bf6fdf8d9d92665c429cc9328bd691b3ec51bb8d8bfd14c93781e30bb767e65d90aaf1ca41c063102dfca18d8f5bf1371d653dd2b4ca875c39521890fe10c9bc176a47444e97b0feb28fdea9dc923b01ac0c17ae9bd4133bd5bfc81f12b13f8f685bb025fc357fd6da5606ff08d38c3b1b4005e70098e9005871c85dbc588fc29a6f3c49601b9e1c8fc692a808e59e8c2c08bc7fd4ca405da33c9a2e362b0b1d32aa12f75e8019f486eea62cae665fd603d0a5e6cf045430607d89b3470c54e6c8713b99868fdb1d722befdfe10615d1f82ed888360b74b77510671c3b9ba673b31322298b2512fe837190e8c591fb767f63800ed170335ac75a4e4348259e3040acab16a829b8d4fa61754f02f7b7cc2732e55c6aad0b9e529f80f9238181961a8a6dbe95e51f819b328e66cee5bf1e4931f3d5f8b2e2c1d4c1bc265df1c69ac473287c953b338cc4a917bf77be57b9add023cda240f15223c446d86a88998df82cd7518923deb2a6ea8ed43ccb3bf3a056f61184f9af569369177b8dcaea9c2bf73bd407aa6e307bfffce4923840432a6eb52e6a518993ac2049b7a3db1f42057fa920da74508ff96a3dc6eef50a5313a7d19a778aee744d16a90b25e89946a9266bbb20892b55cddb226740dec2d75f5240f38f5cc8a63ce2e2055ad9d559ab9b70e877e4d9a7666391206fbef3e01bf0af421ba6951d9ee46c5d4e08b511918be21f825a967670c611183e50b4b96659d2bb5dba37197e0833e0f94393bc09dcc87087ee597a714b86c1d18823e075f7746ca52ab952aa7a103f3cfa6262bbf0cab3031f1499d00b27f1c9dfdc5788008cd29f4e8f5f9aa8cb2a4ed29617298c5ec060089c33efedf7d2affc3b86dfb3b9624f9dec15348af5463c2228cc9e912038d2e809dc5334f6a6d77f02080169c9f09f8f06a8829390faf45bf458ae72b203c61b503c228bca2549dfddcb4e1d2e44f5edb0254ec2894f772e8573aec4cdcdd0f761c9ca5415b2dfb124b486af0d6b54098a83c69539dfc0d0a05d469c9ba00f2d78576ccf8bebeaf8660261681b44b2b7417de40191c84c7adb268a2ee80dc2349a1b0c45111ac3aedfb9e23772b224d68bf7f3f979592492367d2aa1f2594b39d8aa456de814e70e148ceae164ff7cfba6cf8bd968c15c78fcd6f398210092b7293cc33b62d6d03870e1c53bff9c23367adbf31f4f6f17670f1c03331635fb582289c010f7ce21059fbd490ee8c96e6ba6efd370e61a54319255104c724f486f1f8848c2f0c32bfc4072fd926718eab5a9dd9e105b54979e19c67c2ae55f2cd31bcb519a5307b94c15a228d23f5443b76d7301696334ade36cd5f8256fb767d3a0560fdd96c51bb32226c9a4d551c77f4df433e1cfa27cc94e4fabc2831515c23a0583c379cb170114cacbfcca06f299c02578b6862fc6093b6c810a89f5b902463ae722c780be57cdeece5cc85f98b0a9e731b55036035cf488e04df2923b4f2c58d21661ba37e76a96cf6b9482b513df148c277242eebc68c0275bcadbe355a30d321cfad780505917c6a2da3da628d5c8212f98b1df8649016da85b81f6b9aceaa204378dbfcc207675d6ef73f03272a092f3f0f111b4c1a89a127f70b8c8e5183b5931b8a37711084d85b9177902c1ca0358022cbe8e5efb62c8456a38ff4e7ae9c502243374f5a2c609fd84adbb32b6731cc4a1da4f633e2e87939f5de0eb5d61f93b1331e9694c89b188be5454e8d5e00423d2e8447fc1b7eadca73ad15ba0292988a7227ed250b975b322a41c6abc9813bd6e270c59c33d7eff902142d5e3b042dbcf0ea3d58a89af4e7ee3692795fc71713faf43cb7bb29b2a9956f97a733b466730e827117b37eeb8479bc5d3f2ee0bf5218ad744b0326b0ca4af2d6b4ce318125d3b54bfc92842a07c9325d2880ec4e446515b76e345aeb09c724043e10d33495c60be402b39df5a805882b0a0e41c5d5c20f6494b1768303badc8ddb70e7a08d7002641ac89fe12fb6c5e9770f1a31b8d309f4d04a16e854ccfa23e8405662ed3642e6f2437616468a0b2db41993934198c4290f9d6dd3ef8ddd045f3c66bebe6a7790dac4d1750010a04d0becd47139044c43f7a99fb00d12e74dd3098d0c84fcf28b67d531e03c75ce4aff9b0847e20453c454e7a9ed5dff5bfe8bb57ec1b76ba3cae82957cd243478fb6d74c147789b37b79cdb0f867b65184bf377393378df3d169952088edf118a4edad550be9e4f93677bd3dba03ce09d5ca56b567d70c239ea210adfc72fe3d7052e4026947d86676c140d4b138597fd960baaad645a29e1f4a453f0e0e484d1b2875975e694cb9554620782b7296cf84da83b645d694438a8d19b6aceae54f8cdc69de81bdf69468e6680853daf551106bca8deb7b9bde89b714a77bab2c74a56a60b49e170d5aae30ddcc93e35b224d9d7d46d0c7f4e6adb806d0c5512e2b4f71d8e6b65dfd9b6921a8bfcd8808caf01c0b17feffb60755cc8cff52137ad3ef3ee0889afd86dd2d24184698883bc7ab5e98bfb2a9b1943bde0b587823839b27765bd81c8ef5c61d7bdc09281c302333ed17d08827a8721cc7027f38b7bc0b3959a03c96661fd17292217ffd2f27c2744417d7ddb20c63cc863033f0dda8eb7492636a73d5fe187c62df8eac8d944113530327de39557c3c014bf0222f1cc3a76f5c2b1c15f4e6699bfde069a76541c88e64bcff8e5274cbd07d0f31720d5ba277c88fab67616c883bbf84c3509913bad9bf81f1def84b53320faba8d06d1b24987a8f7132ccf7556dfdc358181d6db8867893fdfa78cb9ad969bd27133bddd3ee819aa32de7eb30f8d06e0001fef608068052ef8e5d24dc15aba7d1c8f46762610eaf328c3056555a6dfb859fe21d11744346b76e62b54d515c7aab0129eea2ecf7d2f4cc35f42434b4e996710054e01a3cc7c403356ed4cac9f45a2a2734f4f1ba5fe4186c6cb19660fd8009e530e86af27104e6354887f0e53f82c58c0b716ef59b55fdf848a81b01ce09cfd267d330ea5085ea903ac6fef75c61efd423f7ea9f179e68ecd0f509b14357d981a183dee2f062a908c550febc85ce5bc00a2f76e470a5e38889eb890d3813007ce326f92c3066b78a000f99e8bcf7c18d0a669edb29c9ca456f0c9406c1e4024f477bde4250d414d1ec419aad0bd2a06539952d1ed6fd4ab4cd12bb52952fbde3c0b857a4c7703870727849af7d58e6508bd372e50110e522c60a451eff81c71a04d22deef92acd6aba0d6a02e9a7b11487887228e25ec4c81ef05e0624778c2032c899e9b2e3ad2a057a3bc59c50c5b801f324c19e9e907c8a967c62f517500008b95f00000800040009000000"], 0x12bc}, 0x1, 0x0, 0x0, 0x40}, 0x841) pread64$auto(r8, 0x0, 0x8, 0x9) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.135' (ED25519) to the list of known hosts. [ 90.269589][ T5836] cgroup: Unknown subsys name 'net' [ 90.400973][ T5836] cgroup: Unknown subsys name 'cpuset' [ 90.410466][ T5836] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 92.231934][ T5836] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 94.435783][ T5858] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 94.452142][ T5859] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 94.457363][ T5858] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 94.460578][ T5859] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 94.474439][ T5858] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 94.475700][ T5859] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 94.497633][ T5859] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 94.500686][ T5860] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 94.513492][ T5860] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 94.513945][ T5859] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 94.527851][ T5860] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 94.529620][ T5859] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 94.542561][ T5858] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 94.550278][ T5860] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 94.551554][ T5859] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 94.568895][ T5168] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 94.572053][ T5863] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 94.577095][ T5168] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 94.593238][ T5168] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 94.601101][ T5168] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 95.188865][ T5847] chnl_net:caif_netlink_parms(): no params data found [ 95.203813][ T5848] chnl_net:caif_netlink_parms(): no params data found [ 95.295729][ T5846] chnl_net:caif_netlink_parms(): no params data found [ 95.315141][ T5845] chnl_net:caif_netlink_parms(): no params data found [ 95.481762][ T5848] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.489314][ T5848] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.497232][ T5848] bridge_slave_0: entered allmulticast mode [ 95.504429][ T5848] bridge_slave_0: entered promiscuous mode [ 95.524318][ T5847] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.532004][ T5847] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.539649][ T5847] bridge_slave_0: entered allmulticast mode [ 95.547144][ T5847] bridge_slave_0: entered promiscuous mode [ 95.555345][ T5847] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.562623][ T5847] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.570032][ T5847] bridge_slave_1: entered allmulticast mode [ 95.577617][ T5847] bridge_slave_1: entered promiscuous mode [ 95.596569][ T5848] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.603944][ T5848] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.611215][ T5848] bridge_slave_1: entered allmulticast mode [ 95.618672][ T5848] bridge_slave_1: entered promiscuous mode [ 95.701589][ T5846] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.709609][ T5846] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.717500][ T5846] bridge_slave_0: entered allmulticast mode [ 95.724569][ T5846] bridge_slave_0: entered promiscuous mode [ 95.735287][ T5847] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 95.770502][ T5846] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.777865][ T5846] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.785183][ T5846] bridge_slave_1: entered allmulticast mode [ 95.792813][ T5846] bridge_slave_1: entered promiscuous mode [ 95.802213][ T5847] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 95.829939][ T5848] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 95.839412][ T5845] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.846562][ T5845] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.854099][ T5845] bridge_slave_0: entered allmulticast mode [ 95.862375][ T5845] bridge_slave_0: entered promiscuous mode [ 95.898805][ T5848] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 95.908262][ T5845] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.915462][ T5845] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.922780][ T5845] bridge_slave_1: entered allmulticast mode [ 95.930321][ T5845] bridge_slave_1: entered promiscuous mode [ 95.967010][ T5847] team0: Port device team_slave_0 added [ 96.016125][ T5846] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 96.029037][ T5847] team0: Port device team_slave_1 added [ 96.037890][ T5846] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 96.051232][ T5848] team0: Port device team_slave_0 added [ 96.060081][ T5845] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 96.073077][ T5845] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 96.112768][ T5848] team0: Port device team_slave_1 added [ 96.183053][ T5847] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 96.190566][ T5847] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.217260][ T5847] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 96.231958][ T5846] team0: Port device team_slave_0 added [ 96.253946][ T5845] team0: Port device team_slave_0 added [ 96.260878][ T5847] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 96.268182][ T5847] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.294979][ T5847] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 96.314693][ T5846] team0: Port device team_slave_1 added [ 96.321157][ T5848] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 96.328210][ T5848] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.354177][ T5848] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 96.372145][ T5845] team0: Port device team_slave_1 added [ 96.421662][ T5848] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 96.428971][ T5848] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.455793][ T5848] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 96.474677][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 96.481715][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.507777][ T5845] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 96.520105][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 96.527408][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.553754][ T5845] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 96.597563][ T5850] Bluetooth: hci3: command tx timeout [ 96.597568][ T5168] Bluetooth: hci1: command tx timeout [ 96.617546][ T5846] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 96.624511][ T5846] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.651171][ T5846] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 96.664031][ T5846] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 96.671055][ T5846] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.697196][ T5850] Bluetooth: hci2: command tx timeout [ 96.700515][ T5168] Bluetooth: hci0: command tx timeout [ 96.703386][ T5846] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 96.760816][ T5847] hsr_slave_0: entered promiscuous mode [ 96.767935][ T5847] hsr_slave_1: entered promiscuous mode [ 96.789850][ T5848] hsr_slave_0: entered promiscuous mode [ 96.796109][ T5848] hsr_slave_1: entered promiscuous mode [ 96.804127][ T5848] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 96.811900][ T5848] Cannot create hsr debugfs directory [ 96.919739][ T1211] cfg80211: failed to load regulatory.db [ 96.929537][ T5845] hsr_slave_0: entered promiscuous mode [ 96.935929][ T5845] hsr_slave_1: entered promiscuous mode [ 96.942696][ T5845] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 96.950520][ T5845] Cannot create hsr debugfs directory [ 96.966585][ T5846] hsr_slave_0: entered promiscuous mode [ 96.972903][ T5846] hsr_slave_1: entered promiscuous mode [ 96.979422][ T5846] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 96.987183][ T5846] Cannot create hsr debugfs directory [ 97.418686][ T5848] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 97.433903][ T5848] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 97.453405][ T5848] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 97.471586][ T5848] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 97.534370][ T5847] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 97.551977][ T5847] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 97.565845][ T5847] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 97.590364][ T5847] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 97.637584][ T5845] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 97.666543][ T5845] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 97.679130][ T5845] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 97.690692][ T5845] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 97.775415][ T5846] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 97.787683][ T5846] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 97.806418][ T5846] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 97.819130][ T5846] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 97.964656][ T5848] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.015380][ T5848] 8021q: adding VLAN 0 to HW filter on device team0 [ 98.049898][ T5847] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.062691][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.070000][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.102361][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.109657][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.161040][ T5845] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.191645][ T5847] 8021q: adding VLAN 0 to HW filter on device team0 [ 98.204496][ T5846] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.241220][ T3488] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.248456][ T3488] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.260830][ T5845] 8021q: adding VLAN 0 to HW filter on device team0 [ 98.288746][ T1005] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.296006][ T1005] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.312251][ T1005] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.319667][ T1005] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.351808][ T1005] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.359128][ T1005] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.422621][ T5846] 8021q: adding VLAN 0 to HW filter on device team0 [ 98.465878][ T1005] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.473191][ T1005] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.511118][ T1005] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.518348][ T1005] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.677813][ T5168] Bluetooth: hci1: command tx timeout [ 98.681323][ T5850] Bluetooth: hci3: command tx timeout [ 98.686363][ T5848] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 98.759940][ T5850] Bluetooth: hci2: command tx timeout [ 98.759994][ T5168] Bluetooth: hci0: command tx timeout [ 98.855685][ T5848] veth0_vlan: entered promiscuous mode [ 98.909384][ T5848] veth1_vlan: entered promiscuous mode [ 99.029052][ T5848] veth0_macvtap: entered promiscuous mode [ 99.050676][ T5848] veth1_macvtap: entered promiscuous mode [ 99.101841][ T5847] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.124166][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 99.145418][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 99.174814][ T5848] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.185308][ T5848] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.195804][ T5848] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.205680][ T5848] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.252963][ T5845] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.330147][ T5846] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.390552][ T5847] veth0_vlan: entered promiscuous mode [ 99.396564][ T5845] veth0_vlan: entered promiscuous mode [ 99.474588][ T5847] veth1_vlan: entered promiscuous mode [ 99.506578][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.509901][ T5846] veth0_vlan: entered promiscuous mode [ 99.514838][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.541702][ T5845] veth1_vlan: entered promiscuous mode [ 99.554914][ T5846] veth1_vlan: entered promiscuous mode [ 99.612621][ T5847] veth0_macvtap: entered promiscuous mode [ 99.633440][ T5847] veth1_macvtap: entered promiscuous mode [ 99.641543][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.650322][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.688160][ T5845] veth0_macvtap: entered promiscuous mode [ 99.716447][ T5846] veth0_macvtap: entered promiscuous mode [ 99.730921][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 99.746789][ T5845] veth1_macvtap: entered promiscuous mode [ 99.762092][ T5848] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 99.768772][ T5846] veth1_macvtap: entered promiscuous mode [ 99.799422][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 99.822569][ T5847] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.832489][ T5847] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.841932][ T5847] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.851018][ T5847] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.874593][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 99.892919][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 99.914238][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 99.952161][ T5845] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.969367][ T5845] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.993352][ T5845] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.006673][ T5845] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.030708][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 100.058629][ T5846] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.073471][ T5846] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.083846][ T5846] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.093037][ T5846] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.341471][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.351830][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.388479][ T1111] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.396353][ T1111] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.493633][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.523761][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.642707][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.685402][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.734719][ T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.757722][ T5168] Bluetooth: hci1: command tx timeout [ 100.758778][ T5850] Bluetooth: hci3: command tx timeout [ 100.795332][ T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.836860][ T5850] Bluetooth: hci2: command tx timeout [ 100.837140][ T5168] Bluetooth: hci0: command tx timeout [ 101.057421][ T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.082908][ T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.317456][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 101.327406][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 101.335951][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 101.344518][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 101.353136][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 101.474718][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 101.651558][ T5961] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1'. [ 101.767167][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 101.782148][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 102.287236][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 102.387135][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 102.836972][ T5168] Bluetooth: hci1: command tx timeout [ 102.842454][ T5168] Bluetooth: hci3: command tx timeout [ 102.917883][ T5850] Bluetooth: hci0: command tx timeout [ 102.927796][ T5850] Bluetooth: hci2: command tx timeout [ 103.563710][ T5993] can: request_module (can-proto-3) failed. [ 107.533749][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 107.540592][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 107.550767][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 107.560078][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 107.568303][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 107.574600][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 107.588678][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 107.594961][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 107.853914][ T6046] Zero length message leads to an empty skb [ 107.977740][ T6061] netlink: 342 bytes leftover after parsing attributes in process `syz.1.21'. [ 109.069690][ T6073] netlink: 342 bytes leftover after parsing attributes in process `syz.0.23'. [ 113.427700][ T6124] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 115.095263][ T6130] netlink: 342 bytes leftover after parsing attributes in process `syz.1.32'. [ 120.651382][ T6216] Invalid ELF header magic: != ELF [ 122.930787][ T6238] netlink: 342 bytes leftover after parsing attributes in process `syz.1.51'. [ 125.347169][ T6287] netlink: 342 bytes leftover after parsing attributes in process `syz.0.59'. [ 126.719681][ T6274] random: crng reseeded on system resumption [ 127.959548][ T6308] netlink: 342 bytes leftover after parsing attributes in process `syz.1.61'. [ 130.509015][ T6348] syz.3.67 uses obsolete (PF_INET,SOCK_PACKET) [ 131.216141][ T6357] ubi0: attaching mtd0 [ 131.273235][ T6357] ubi0: scanning is finished [ 131.273274][ T6357] ubi0: empty MTD device detected [ 131.619237][ T6357] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 131.683900][ T6357] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 131.692212][ T6357] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 131.701001][ T6357] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 131.725089][ T6357] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 131.732223][ T6357] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 131.740855][ T6357] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 2324227996 [ 131.820212][ T6357] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 132.029092][ T6361] ubi0: detaching mtd0 [ 132.036735][ T6368] ubi0: background thread "ubi_bgt0d" started, PID 6368 [ 132.144943][ T6361] ubi0: mtd0 is detached [ 132.792141][ T6383] FAULT_INJECTION: forcing a failure. [ 132.792141][ T6383] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 132.851794][ T6383] CPU: 0 UID: 0 PID: 6383 Comm: syz.3.71 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 132.851825][ T6383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 132.851841][ T6383] Call Trace: [ 132.851849][ T6383] [ 132.851860][ T6383] dump_stack_lvl+0x16c/0x1f0 [ 132.851906][ T6383] should_fail_ex+0x512/0x640 [ 132.851943][ T6383] should_fail_alloc_page+0xe7/0x130 [ 132.851965][ T6383] prepare_alloc_pages+0x3c2/0x610 [ 132.852008][ T6383] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 132.852071][ T6383] ? __lock_acquire+0x622/0x1c90 [ 132.852107][ T6383] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 132.852155][ T6383] ? is_bpf_text_address+0x8a/0x1a0 [ 132.852187][ T6383] ? bpf_ksym_find+0x124/0x1c0 [ 132.852211][ T6383] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 132.852242][ T6383] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 132.852279][ T6383] ? policy_nodemask+0xea/0x4e0 [ 132.852303][ T6383] alloc_pages_mpol+0x1fb/0x550 [ 132.852326][ T6383] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 132.852356][ T6383] alloc_pages_noprof+0x131/0x390 [ 132.852378][ T6383] __pud_alloc+0x3b/0x750 [ 132.852418][ T6383] copy_page_range+0x23b6/0x5740 [ 132.852449][ T6383] ? dup_mmap+0x877/0x21d0 [ 132.852472][ T6383] ? copy_process+0x4081/0x7650 [ 132.852499][ T6383] ? do_syscall_64+0xcd/0x490 [ 132.852540][ T6383] ? __lock_acquire+0x622/0x1c90 [ 132.852593][ T6383] ? __pfx_copy_page_range+0x10/0x10 [ 132.852628][ T6383] ? __pfx___might_resched+0x10/0x10 [ 132.852651][ T6383] ? __pfx_mas_store+0x10/0x10 [ 132.852669][ T6383] ? __vma_enter_locked+0x163/0x3f0 [ 132.852701][ T6383] ? dup_mmap+0xe38/0x21d0 [ 132.852725][ T6383] ? down_write+0x14d/0x200 [ 132.852747][ T6383] ? up_write+0x1b2/0x520 [ 132.852782][ T6383] dup_mmap+0xe88/0x21d0 [ 132.852818][ T6383] ? __pfx_dup_mmap+0x10/0x10 [ 132.852861][ T6383] copy_process+0x4081/0x7650 [ 132.852888][ T6383] ? __pfx___futex_wait+0x10/0x10 [ 132.852929][ T6383] ? __pfx_copy_process+0x10/0x10 [ 132.852963][ T6383] ? __futex_hash.constprop.0+0x1e9/0x440 [ 132.852998][ T6383] kernel_clone+0xfc/0x960 [ 132.853028][ T6383] ? __pfx_kernel_clone+0x10/0x10 [ 132.853071][ T6383] __do_sys_clone+0xce/0x120 [ 132.853099][ T6383] ? __pfx___do_sys_clone+0x10/0x10 [ 132.853139][ T6383] ? xfd_validate_state+0x61/0x180 [ 132.853178][ T6383] do_syscall_64+0xcd/0x490 [ 132.853212][ T6383] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 132.853233][ T6383] RIP: 0033:0x7f966918e929 [ 132.853253][ T6383] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 132.853277][ T6383] RSP: 002b:00007f966a02bfe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 132.853296][ T6383] RAX: ffffffffffffffda RBX: 00007f96693b6240 RCX: 00007f966918e929 [ 132.853310][ T6383] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011 [ 132.853322][ T6383] RBP: 00007f9669210b39 R08: 0000000000000000 R09: 0000000000000000 [ 132.853335][ T6383] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 132.853347][ T6383] R13: 0000000000000000 R14: 00007f96693b6240 R15: 00007ffff3a4e3c8 [ 132.853373][ T6383] [ 134.454815][ T30] audit: type=1800 audit(1752382326.875:2): pid=6390 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.72" name="SYSV0000000a" dev="hugetlbfs" ino=0 res=0 errno=0 [ 137.375446][ T6435] FAULT_INJECTION: forcing a failure. [ 137.375446][ T6435] name failslab, interval 1, probability 0, space 0, times 0 [ 137.388523][ T6435] CPU: 1 UID: 0 PID: 6435 Comm: syz.0.80 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 137.388560][ T6435] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 137.388574][ T6435] Call Trace: [ 137.388582][ T6435] [ 137.388590][ T6435] dump_stack_lvl+0x16c/0x1f0 [ 137.388630][ T6435] should_fail_ex+0x512/0x640 [ 137.388665][ T6435] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 137.388706][ T6435] should_failslab+0xc2/0x120 [ 137.388729][ T6435] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 137.388767][ T6435] ? ptlock_alloc+0x1f/0x70 [ 137.388802][ T6435] ptlock_alloc+0x1f/0x70 [ 137.388833][ T6435] pte_alloc_one+0x82/0x3a0 [ 137.388855][ T6435] copy_huge_pmd+0x18d/0x2fd0 [ 137.388895][ T6435] ? __pfx_copy_huge_pmd+0x10/0x10 [ 137.388925][ T6435] ? __pfx___might_resched+0x10/0x10 [ 137.388952][ T6435] ? copy_page_range+0x13f0/0x5740 [ 137.388987][ T6435] copy_page_range+0xe47/0x5740 [ 137.389030][ T6435] ? __lock_acquire+0x622/0x1c90 [ 137.389086][ T6435] ? __pfx_copy_page_range+0x10/0x10 [ 137.389119][ T6435] ? mas_store+0x7a9/0x1160 [ 137.389143][ T6435] ? find_held_lock+0x2b/0x80 [ 137.389169][ T6435] ? __vma_enter_locked+0x163/0x3f0 [ 137.389218][ T6435] dup_mmap+0xe88/0x21d0 [ 137.389258][ T6435] ? __pfx_dup_mmap+0x10/0x10 [ 137.389307][ T6435] copy_process+0x4081/0x7650 [ 137.389338][ T6435] ? __pfx___futex_wait+0x10/0x10 [ 137.389386][ T6435] ? __pfx_copy_process+0x10/0x10 [ 137.389424][ T6435] ? __futex_hash.constprop.0+0x1e9/0x440 [ 137.389458][ T6435] kernel_clone+0xfc/0x960 [ 137.389491][ T6435] ? __pfx_kernel_clone+0x10/0x10 [ 137.389539][ T6435] __do_sys_clone+0xce/0x120 [ 137.389583][ T6435] ? __pfx___do_sys_clone+0x10/0x10 [ 137.389622][ T6435] ? xfd_validate_state+0x61/0x180 [ 137.389658][ T6435] do_syscall_64+0xcd/0x490 [ 137.389691][ T6435] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 137.389711][ T6435] RIP: 0033:0x7fdb47b8e929 [ 137.389725][ T6435] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 137.389744][ T6435] RSP: 002b:00007fdb48a12fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 137.389762][ T6435] RAX: ffffffffffffffda RBX: 00007fdb47db6080 RCX: 00007fdb47b8e929 [ 137.389775][ T6435] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011 [ 137.389787][ T6435] RBP: 00007fdb47c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 137.389799][ T6435] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 137.389810][ T6435] R13: 0000000000000000 R14: 00007fdb47db6080 R15: 00007ffc839186d8 [ 137.389835][ T6435] [ 137.881723][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 137.888089][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 138.506908][ T6426] netlink: 342 bytes leftover after parsing attributes in process `syz.3.78'. [ 139.251099][ T6450] can: request_module (can-proto-0) failed. [ 141.279474][ T6466] netlink: 342 bytes leftover after parsing attributes in process `syz.2.85'. [ 142.944348][ T6499] netlink: 342 bytes leftover after parsing attributes in process `syz.0.91'. [ 143.689096][ T6512] netlink: 342 bytes leftover after parsing attributes in process `syz.1.93'. [ 145.190593][ T6526] FAULT_INJECTION: forcing a failure. [ 145.190593][ T6526] name failslab, interval 1, probability 0, space 0, times 0 [ 145.224083][ T6526] CPU: 0 UID: 0 PID: 6526 Comm: syz.1.97 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 145.224121][ T6526] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 145.224138][ T6526] Call Trace: [ 145.224147][ T6526] [ 145.224157][ T6526] dump_stack_lvl+0x16c/0x1f0 [ 145.224223][ T6526] should_fail_ex+0x512/0x640 [ 145.224264][ T6526] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 145.224314][ T6526] should_failslab+0xc2/0x120 [ 145.224343][ T6526] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 145.224387][ T6526] ? find_held_lock+0x2b/0x80 [ 145.224417][ T6526] ? vm_area_dup+0x27/0x8d0 [ 145.224456][ T6526] ? dup_mmap+0x5cb/0x21d0 [ 145.224496][ T6526] vm_area_dup+0x27/0x8d0 [ 145.224537][ T6526] dup_mmap+0x877/0x21d0 [ 145.224586][ T6526] ? __pfx_dup_mmap+0x10/0x10 [ 145.224670][ T6526] copy_process+0x4081/0x7650 [ 145.224708][ T6526] ? __pfx___futex_wait+0x10/0x10 [ 145.224764][ T6526] ? __pfx_copy_process+0x10/0x10 [ 145.224810][ T6526] ? __futex_hash.constprop.0+0x1e9/0x440 [ 145.224848][ T6526] kernel_clone+0xfc/0x960 [ 145.224898][ T6526] ? __pfx_kernel_clone+0x10/0x10 [ 145.224950][ T6526] __do_sys_clone+0xce/0x120 [ 145.225002][ T6526] ? __pfx___do_sys_clone+0x10/0x10 [ 145.225064][ T6526] ? xfd_validate_state+0x61/0x180 [ 145.225116][ T6526] do_syscall_64+0xcd/0x490 [ 145.225161][ T6526] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 145.225190][ T6526] RIP: 0033:0x7f6078d8e929 [ 145.225211][ T6526] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 145.225238][ T6526] RSP: 002b:00007f6079bf9fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 145.225264][ T6526] RAX: ffffffffffffffda RBX: 00007f6078fb5fa0 RCX: 00007f6078d8e929 [ 145.225282][ T6526] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011 [ 145.225298][ T6526] RBP: 00007f6078e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 145.225315][ T6526] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 145.225331][ T6526] R13: 0000000000000000 R14: 00007f6078fb5fa0 R15: 00007ffdc12bf998 [ 145.225367][ T6526] [ 150.138047][ T6584] netlink: 342 bytes leftover after parsing attributes in process `syz.0.109'. [ 151.067829][ T6611] FAULT_INJECTION: forcing a failure. [ 151.067829][ T6611] name fail_futex, interval 1, probability 0, space 0, times 1 [ 151.183885][ T6611] CPU: 1 UID: 0 PID: 6611 Comm: syz.0.114 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 151.183913][ T6611] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 151.183924][ T6611] Call Trace: [ 151.183930][ T6611] [ 151.183937][ T6611] dump_stack_lvl+0x16c/0x1f0 [ 151.183971][ T6611] should_fail_ex+0x512/0x640 [ 151.184014][ T6611] get_futex_key+0x1d0/0x1540 [ 151.184059][ T6611] ? __pfx_get_futex_key+0x10/0x10 [ 151.184083][ T6611] ? find_held_lock+0x2b/0x80 [ 151.184111][ T6611] futex_wait_setup+0x84/0x510 [ 151.184148][ T6611] __futex_wait+0x194/0x2f0 [ 151.184179][ T6611] ? __pfx___futex_wait+0x10/0x10 [ 151.184218][ T6611] ? __pfx_futex_wake_mark+0x10/0x10 [ 151.184252][ T6611] ? __pfx_hrtimer_wakeup+0x10/0x10 [ 151.184284][ T6611] ? __hrtimer_setup+0x176/0x280 [ 151.184318][ T6611] ? ktime_add_safe+0x60/0x70 [ 151.184352][ T6611] futex_wait+0xe8/0x380 [ 151.184382][ T6611] ? __pfx_futex_wait+0x10/0x10 [ 151.184410][ T6611] ? __lock_acquire+0xb8a/0x1c90 [ 151.184442][ T6611] ? __pfx_hrtimer_wakeup+0x10/0x10 [ 151.184484][ T6611] do_futex+0x229/0x350 [ 151.184510][ T6611] ? __pfx_do_futex+0x10/0x10 [ 151.184533][ T6611] ? rcu_is_watching+0x12/0xc0 [ 151.184573][ T6611] ? ktime_get+0x200/0x310 [ 151.184598][ T6611] ? lockdep_hardirqs_on+0x7c/0x110 [ 151.184630][ T6611] ? read_tsc+0x9/0x20 [ 151.184663][ T6611] __x64_sys_futex+0x1e0/0x4c0 [ 151.184708][ T6611] ? __pfx___x64_sys_futex+0x10/0x10 [ 151.184746][ T6611] ? xfd_validate_state+0x61/0x180 [ 151.184786][ T6611] do_syscall_64+0xcd/0x490 [ 151.184822][ T6611] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 151.184844][ T6611] RIP: 0033:0x7fdb47b8e929 [ 151.184861][ T6611] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 151.184882][ T6611] RSP: 002b:00007ffc83918838 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 151.184903][ T6611] RAX: ffffffffffffffda RBX: 0000000000024ded RCX: 00007fdb47b8e929 [ 151.184917][ T6611] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fdb47db5fac [ 151.184930][ T6611] RBP: 0000000000000032 R08: 00007fdb48a35000 R09: 0000001a83918b2f [ 151.184943][ T6611] R10: 00007ffc83918930 R11: 0000000000000246 R12: 00007fdb47db5fac [ 151.184957][ T6611] R13: 00007ffc83918930 R14: 0000000000024e1f R15: 00007ffc83918950 [ 151.184984][ T6611] [ 154.464213][ T6656] bridge0: port 3(gretap0) entered blocking state [ 154.476953][ T6656] bridge0: port 3(gretap0) entered disabled state [ 154.483624][ T6656] gretap0: entered allmulticast mode [ 154.528240][ T6656] gretap0: entered promiscuous mode [ 154.553823][ T6656] bridge0: port 3(gretap0) entered blocking state [ 154.560657][ T6656] bridge0: port 3(gretap0) entered forwarding state [ 160.625847][ T6753] netlink: 342 bytes leftover after parsing attributes in process `syz.1.140'. [ 161.523616][ T6770] FAULT_INJECTION: forcing a failure. [ 161.523616][ T6770] name failslab, interval 1, probability 0, space 0, times 0 [ 161.536505][ T6770] CPU: 0 UID: 0 PID: 6770 Comm: syz.1.145 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 161.536537][ T6770] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 161.536552][ T6770] Call Trace: [ 161.536559][ T6770] [ 161.536566][ T6770] dump_stack_lvl+0x16c/0x1f0 [ 161.536604][ T6770] should_fail_ex+0x512/0x640 [ 161.536632][ T6770] ? fs_reclaim_acquire+0xae/0x150 [ 161.536657][ T6770] ? tomoyo_encode2+0x100/0x3e0 [ 161.536683][ T6770] should_failslab+0xc2/0x120 [ 161.536701][ T6770] __kmalloc_noprof+0xd2/0x510 [ 161.536730][ T6770] ? d_absolute_path+0x136/0x1a0 [ 161.536754][ T6770] tomoyo_encode2+0x100/0x3e0 [ 161.536783][ T6770] tomoyo_encode+0x29/0x50 [ 161.536808][ T6770] tomoyo_realpath_from_path+0x18f/0x6e0 [ 161.536843][ T6770] tomoyo_get_exe+0x63/0xa0 [ 161.536862][ T6770] tomoyo_write_control+0x689/0x1430 [ 161.536904][ T6770] ? __pfx_tomoyo_write_control+0x10/0x10 [ 161.536946][ T6770] ? __pfx_tomoyo_write+0x10/0x10 [ 161.536972][ T6770] vfs_write+0x29d/0x1150 [ 161.537004][ T6770] ? __pfx___mutex_lock+0x10/0x10 [ 161.537033][ T6770] ? __pfx_vfs_write+0x10/0x10 [ 161.537068][ T6770] ? __fget_files+0x20e/0x3c0 [ 161.537102][ T6770] ksys_write+0x12a/0x250 [ 161.537129][ T6770] ? __pfx_ksys_write+0x10/0x10 [ 161.537170][ T6770] do_syscall_64+0xcd/0x490 [ 161.537201][ T6770] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 161.537221][ T6770] RIP: 0033:0x7f6078d8e929 [ 161.537236][ T6770] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 161.537254][ T6770] RSP: 002b:00007f6079bfa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 161.537271][ T6770] RAX: ffffffffffffffda RBX: 00007f6078fb5fa0 RCX: 00007f6078d8e929 [ 161.537284][ T6770] RDX: 00000000000005c8 RSI: 0000000000000000 RDI: 0000000000000003 [ 161.537295][ T6770] RBP: 00007f6079bfa090 R08: 0000000000000000 R09: 0000000000000000 [ 161.537306][ T6770] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 161.537317][ T6770] R13: 0000000000000000 R14: 00007f6078fb5fa0 R15: 00007ffdc12bf998 [ 161.537342][ T6770] [ 161.806158][ T6770] ERROR: Out of memory at tomoyo_realpath_from_path. [ 163.171173][ T6797] FAULT_INJECTION: forcing a failure. [ 163.171173][ T6797] name failslab, interval 1, probability 0, space 0, times 0 [ 163.186673][ T6797] CPU: 0 UID: 0 PID: 6797 Comm: syz.0.150 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 163.186710][ T6797] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 163.186727][ T6797] Call Trace: [ 163.186735][ T6797] [ 163.186746][ T6797] dump_stack_lvl+0x16c/0x1f0 [ 163.186795][ T6797] should_fail_ex+0x512/0x640 [ 163.186834][ T6797] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 163.186882][ T6797] should_failslab+0xc2/0x120 [ 163.186911][ T6797] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 163.186968][ T6797] ? anon_vma_fork+0xe6/0x620 [ 163.187016][ T6797] anon_vma_fork+0xe6/0x620 [ 163.187053][ T6797] ? vm_area_dup+0x5a1/0x8d0 [ 163.187096][ T6797] dup_mmap+0x152e/0x21d0 [ 163.187146][ T6797] ? __pfx_dup_mmap+0x10/0x10 [ 163.187207][ T6797] copy_process+0x4081/0x7650 [ 163.187244][ T6797] ? preempt_schedule_thunk+0x16/0x30 [ 163.187297][ T6797] ? __pfx_copy_process+0x10/0x10 [ 163.187334][ T6797] ? find_held_lock+0x2b/0x80 [ 163.187370][ T6797] ? wake_up_q+0xb0/0x160 [ 163.187395][ T6797] ? do_raw_spin_unlock+0x172/0x230 [ 163.187429][ T6797] kernel_clone+0xfc/0x960 [ 163.187466][ T6797] ? __pfx_futex_wake+0x10/0x10 [ 163.187507][ T6797] ? __pfx_kernel_clone+0x10/0x10 [ 163.187565][ T6797] __do_sys_clone+0xce/0x120 [ 163.187603][ T6797] ? __pfx___do_sys_clone+0x10/0x10 [ 163.187657][ T6797] ? xfd_validate_state+0x61/0x180 [ 163.187710][ T6797] do_syscall_64+0xcd/0x490 [ 163.187758][ T6797] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 163.187787][ T6797] RIP: 0033:0x7fdb47b8e929 [ 163.187809][ T6797] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 163.187837][ T6797] RSP: 002b:00007fdb48a12fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 163.187863][ T6797] RAX: ffffffffffffffda RBX: 00007fdb47db6080 RCX: 00007fdb47b8e929 [ 163.187883][ T6797] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011 [ 163.187900][ T6797] RBP: 00007fdb47c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 163.187918][ T6797] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 163.187943][ T6797] R13: 0000000000000000 R14: 00007fdb47db6080 R15: 00007ffc839186d8 [ 163.187981][ T6797] [ 164.190520][ T6812] ======================================================= [ 164.190520][ T6812] WARNING: The mand mount option has been deprecated and [ 164.190520][ T6812] and is ignored by this kernel. Remove the mand [ 164.190520][ T6812] option from the mount to silence this warning. [ 164.190520][ T6812] ======================================================= [ 164.227162][ T6812] nfsd: Unknown parameter '˜ÛZØ' [ 166.446193][ T6849] netlink: 4 bytes leftover after parsing attributes in process `syz.1.160'. [ 167.301137][ T6862] FAULT_INJECTION: forcing a failure. [ 167.301137][ T6862] name failslab, interval 1, probability 0, space 0, times 0 [ 167.379007][ T6862] CPU: 0 UID: 0 PID: 6862 Comm: syz.0.163 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 167.379054][ T6862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 167.379075][ T6862] Call Trace: [ 167.379086][ T6862] [ 167.379098][ T6862] dump_stack_lvl+0x16c/0x1f0 [ 167.379155][ T6862] should_fail_ex+0x512/0x640 [ 167.379204][ T6862] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 167.379260][ T6862] should_failslab+0xc2/0x120 [ 167.379293][ T6862] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 167.379345][ T6862] ? __pmd_alloc+0xbf/0x930 [ 167.379390][ T6862] __pmd_alloc+0xbf/0x930 [ 167.379425][ T6862] ? __pud_alloc+0x526/0x750 [ 167.379466][ T6862] copy_page_range+0x2419/0x5740 [ 167.379514][ T6862] ? dup_mmap+0x152e/0x21d0 [ 167.379574][ T6862] ? copy_process+0x4081/0x7650 [ 167.379624][ T6862] ? kernel_clone+0xfc/0x960 [ 167.379658][ T6862] ? __do_sys_clone+0xce/0x120 [ 167.379700][ T6862] ? __lock_acquire+0x622/0x1c90 [ 167.379769][ T6862] ? __pfx_copy_page_range+0x10/0x10 [ 167.379808][ T6862] ? mas_store+0x7a9/0x1160 [ 167.379837][ T6862] ? find_held_lock+0x2b/0x80 [ 167.379868][ T6862] ? __pfx_mas_store+0x10/0x10 [ 167.379892][ T6862] ? __vma_enter_locked+0x163/0x3f0 [ 167.379951][ T6862] dup_mmap+0xe88/0x21d0 [ 167.380000][ T6862] ? __pfx_dup_mmap+0x10/0x10 [ 167.380065][ T6862] copy_process+0x4081/0x7650 [ 167.380103][ T6862] ? __pfx___futex_wait+0x10/0x10 [ 167.380159][ T6862] ? __pfx_copy_process+0x10/0x10 [ 167.380198][ T6862] ? find_held_lock+0x2b/0x80 [ 167.380242][ T6862] kernel_clone+0xfc/0x960 [ 167.380283][ T6862] ? __pfx_kernel_clone+0x10/0x10 [ 167.380342][ T6862] __do_sys_clone+0xce/0x120 [ 167.380380][ T6862] ? __pfx___do_sys_clone+0x10/0x10 [ 167.380434][ T6862] ? xfd_validate_state+0x61/0x180 [ 167.380487][ T6862] do_syscall_64+0xcd/0x490 [ 167.380539][ T6862] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 167.380569][ T6862] RIP: 0033:0x7fdb47b8e929 [ 167.380592][ T6862] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 167.380620][ T6862] RSP: 002b:00007fdb48a12fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 167.380647][ T6862] RAX: ffffffffffffffda RBX: 00007fdb47db6080 RCX: 00007fdb47b8e929 [ 167.380666][ T6862] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011 [ 167.380683][ T6862] RBP: 00007fdb47c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 167.380700][ T6862] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 167.380717][ T6862] R13: 0000000000000000 R14: 00007fdb47db6080 R15: 00007ffc839186d8 [ 167.380754][ T6862] [ 172.802410][ T6936] netlink: 342 bytes leftover after parsing attributes in process `syz.2.180'. [ 174.918584][ T6982] FAULT_INJECTION: forcing a failure. [ 174.918584][ T6982] name failslab, interval 1, probability 0, space 0, times 0 [ 174.971205][ T6982] CPU: 1 UID: 0 PID: 6982 Comm: syz.2.186 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 174.971236][ T6982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 174.971248][ T6982] Call Trace: [ 174.971255][ T6982] [ 174.971263][ T6982] dump_stack_lvl+0x16c/0x1f0 [ 174.971299][ T6982] should_fail_ex+0x512/0x640 [ 174.971331][ T6982] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 174.971366][ T6982] should_failslab+0xc2/0x120 [ 174.971387][ T6982] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 174.971418][ T6982] ? find_held_lock+0x2b/0x80 [ 174.971440][ T6982] ? vm_area_dup+0x27/0x8d0 [ 174.971468][ T6982] ? dup_mmap+0x5cb/0x21d0 [ 174.971495][ T6982] vm_area_dup+0x27/0x8d0 [ 174.971526][ T6982] dup_mmap+0x877/0x21d0 [ 174.971561][ T6982] ? __pfx_dup_mmap+0x10/0x10 [ 174.971605][ T6982] copy_process+0x4081/0x7650 [ 174.971633][ T6982] ? __pfx___futex_wait+0x10/0x10 [ 174.971674][ T6982] ? __pfx_copy_process+0x10/0x10 [ 174.971702][ T6982] ? find_held_lock+0x2b/0x80 [ 174.971738][ T6982] kernel_clone+0xfc/0x960 [ 174.971767][ T6982] ? __pfx_kernel_clone+0x10/0x10 [ 174.971810][ T6982] __do_sys_clone+0xce/0x120 [ 174.971839][ T6982] ? __pfx___do_sys_clone+0x10/0x10 [ 174.971880][ T6982] ? xfd_validate_state+0x61/0x180 [ 174.971931][ T6982] do_syscall_64+0xcd/0x490 [ 174.971963][ T6982] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 174.971983][ T6982] RIP: 0033:0x7fb42c18e929 [ 174.971998][ T6982] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 174.972017][ T6982] RSP: 002b:00007fb42d017fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 174.972035][ T6982] RAX: ffffffffffffffda RBX: 00007fb42c3b6080 RCX: 00007fb42c18e929 [ 174.972048][ T6982] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011 [ 174.972059][ T6982] RBP: 00007fb42c210b39 R08: 0000000000000000 R09: 0000000000000000 [ 174.972077][ T6982] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 174.972089][ T6982] R13: 0000000000000000 R14: 00007fb42c3b6080 R15: 00007ffd78361b48 [ 174.972113][ T6982] [ 175.806652][ T6989] FAULT_INJECTION: forcing a failure. [ 175.806652][ T6989] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 175.829792][ T6989] CPU: 1 UID: 0 PID: 6989 Comm: syz.2.188 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 175.829838][ T6989] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 175.829859][ T6989] Call Trace: [ 175.829871][ T6989] [ 175.829883][ T6989] dump_stack_lvl+0x16c/0x1f0 [ 175.829949][ T6989] should_fail_ex+0x512/0x640 [ 175.830005][ T6989] should_fail_alloc_page+0xe7/0x130 [ 175.830042][ T6989] prepare_alloc_pages+0x3c2/0x610 [ 175.830090][ T6989] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 175.830149][ T6989] ? __kasan_slab_alloc+0x89/0x90 [ 175.830211][ T6989] ? lock_acquire+0x179/0x350 [ 175.830258][ T6989] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 175.830306][ T6989] ? find_held_lock+0x2b/0x80 [ 175.830342][ T6989] ? page_table_check_set+0x627/0x750 [ 175.830409][ T6989] ? __page_table_check_ptes_set+0x1ae/0x420 [ 175.830463][ T6989] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 175.830517][ T6989] ? policy_nodemask+0xea/0x4e0 [ 175.830553][ T6989] alloc_pages_mpol+0x1fb/0x550 [ 175.830586][ T6989] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 175.830631][ T6989] alloc_pages_noprof+0x131/0x390 [ 175.830665][ T6989] pte_alloc_one+0x1c/0x3a0 [ 175.830701][ T6989] __pte_alloc+0x6d/0x3c0 [ 175.830735][ T6989] ? __pfx___pte_alloc+0x10/0x10 [ 175.830767][ T6989] ? __pfx___might_resched+0x10/0x10 [ 175.830803][ T6989] ? copy_page_range+0x13f0/0x5740 [ 175.830853][ T6989] copy_page_range+0x1aed/0x5740 [ 175.830920][ T6989] ? __lock_acquire+0x622/0x1c90 [ 175.830999][ T6989] ? __pfx_copy_page_range+0x10/0x10 [ 175.831055][ T6989] ? __pfx___might_resched+0x10/0x10 [ 175.831090][ T6989] ? __vma_enter_locked+0x163/0x3f0 [ 175.831139][ T6989] ? dup_mmap+0xe38/0x21d0 [ 175.831178][ T6989] ? down_write+0x14d/0x200 [ 175.831213][ T6989] ? up_write+0x1b2/0x520 [ 175.831268][ T6989] dup_mmap+0xe88/0x21d0 [ 175.831324][ T6989] ? __pfx_dup_mmap+0x10/0x10 [ 175.831395][ T6989] copy_process+0x4081/0x7650 [ 175.831436][ T6989] ? preempt_schedule_thunk+0x16/0x30 [ 175.831497][ T6989] ? __pfx_copy_process+0x10/0x10 [ 175.831541][ T6989] ? find_held_lock+0x2b/0x80 [ 175.831582][ T6989] ? wake_up_q+0xb0/0x160 [ 175.831610][ T6989] ? do_raw_spin_unlock+0x172/0x230 [ 175.831648][ T6989] kernel_clone+0xfc/0x960 [ 175.831691][ T6989] ? __pfx_futex_wake+0x10/0x10 [ 175.831739][ T6989] ? __pfx_kernel_clone+0x10/0x10 [ 175.831805][ T6989] __do_sys_clone+0xce/0x120 [ 175.831849][ T6989] ? __pfx___do_sys_clone+0x10/0x10 [ 175.831918][ T6989] ? xfd_validate_state+0x61/0x180 [ 175.831969][ T6989] do_syscall_64+0xcd/0x490 [ 175.832014][ T6989] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 175.832042][ T6989] RIP: 0033:0x7fb42c18e929 [ 175.832064][ T6989] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 175.832092][ T6989] RSP: 002b:00007fb42d017fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 175.832118][ T6989] RAX: ffffffffffffffda RBX: 00007fb42c3b6080 RCX: 00007fb42c18e929 [ 175.832136][ T6989] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011 [ 175.832152][ T6989] RBP: 00007fb42c210b39 R08: 0000000000000000 R09: 0000000000000000 [ 175.832169][ T6989] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 175.832185][ T6989] R13: 0000000000000000 R14: 00007fb42c3b6080 R15: 00007ffd78361b48 [ 175.832220][ T6989] [ 176.824793][ T6995] netlink: 342 bytes leftover after parsing attributes in process `syz.2.191'. [ 177.425375][ T7012] netlink: 4 bytes leftover after parsing attributes in process `syz.3.194'. [ 178.560200][ T7037] FAULT_INJECTION: forcing a failure. [ 178.560200][ T7037] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 178.702788][ T7037] CPU: 1 UID: 0 PID: 7037 Comm: syz.2.199 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 178.702837][ T7037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 178.702856][ T7037] Call Trace: [ 178.702867][ T7037] [ 178.702879][ T7037] dump_stack_lvl+0x16c/0x1f0 [ 178.702954][ T7037] should_fail_ex+0x512/0x640 [ 178.703010][ T7037] _copy_from_user+0x2e/0xd0 [ 178.703063][ T7037] __sys_bpf+0x21d/0x4d80 [ 178.703121][ T7037] ? __pfx_futex_wake+0x10/0x10 [ 178.703174][ T7037] ? __pfx___sys_bpf+0x10/0x10 [ 178.703217][ T7037] ? do_futex+0x122/0x350 [ 178.703259][ T7037] ? __pfx_do_futex+0x10/0x10 [ 178.703318][ T7037] ? __pfx_blkcg_maybe_throttle_current+0x10/0x10 [ 178.703368][ T7037] ? xfd_validate_state+0x61/0x180 [ 178.703417][ T7037] ? __pfx___do_sys_close_range+0x10/0x10 [ 178.703477][ T7037] __x64_sys_bpf+0x78/0xc0 [ 178.703508][ T7037] ? lockdep_hardirqs_on+0x7c/0x110 [ 178.703557][ T7037] do_syscall_64+0xcd/0x490 [ 178.703611][ T7037] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 178.703645][ T7037] RIP: 0033:0x7fb42c18e929 [ 178.703671][ T7037] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 178.703714][ T7037] RSP: 002b:00007fb42d039038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 178.703746][ T7037] RAX: ffffffffffffffda RBX: 00007fb42c3b5fa0 RCX: 00007fb42c18e929 [ 178.703768][ T7037] RDX: 00000000000006f3 RSI: 00002000000001c0 RDI: 0000000000000000 [ 178.703788][ T7037] RBP: 00007fb42c210b39 R08: 0000000000000000 R09: 0000000000000000 [ 178.703809][ T7037] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 178.703828][ T7037] R13: 0000000000000000 R14: 00007fb42c3b5fa0 R15: 00007ffd78361b48 [ 178.703870][ T7037] [ 180.743154][ T7057] netlink: 342 bytes leftover after parsing attributes in process `syz.1.204'. [ 181.574917][ T7081] netlink: 186 bytes leftover after parsing attributes in process `syz.1.209'. [ 182.125523][ T7092] FAULT_INJECTION: forcing a failure. [ 182.125523][ T7092] name failslab, interval 1, probability 0, space 0, times 0 [ 182.162386][ T7092] CPU: 1 UID: 0 PID: 7092 Comm: syz.3.211 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 182.162441][ T7092] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 182.162458][ T7092] Call Trace: [ 182.162467][ T7092] [ 182.162479][ T7092] dump_stack_lvl+0x16c/0x1f0 [ 182.162526][ T7092] should_fail_ex+0x512/0x640 [ 182.162568][ T7092] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 182.162618][ T7092] should_failslab+0xc2/0x120 [ 182.162646][ T7092] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 182.162690][ T7092] ? __pmd_alloc+0xbf/0x930 [ 182.162725][ T7092] __pmd_alloc+0xbf/0x930 [ 182.162752][ T7092] ? __pud_alloc+0x526/0x750 [ 182.162786][ T7092] copy_page_range+0x2419/0x5740 [ 182.162825][ T7092] ? dup_mmap+0x152e/0x21d0 [ 182.162857][ T7092] ? copy_process+0x4081/0x7650 [ 182.162891][ T7092] ? kernel_clone+0xfc/0x960 [ 182.162924][ T7092] ? __do_sys_clone+0xce/0x120 [ 182.162965][ T7092] ? __lock_acquire+0x622/0x1c90 [ 182.163039][ T7092] ? __pfx_copy_page_range+0x10/0x10 [ 182.163078][ T7092] ? mas_store+0x7a9/0x1160 [ 182.163106][ T7092] ? find_held_lock+0x2b/0x80 [ 182.163137][ T7092] ? __pfx_mas_store+0x10/0x10 [ 182.163161][ T7092] ? __vma_enter_locked+0x163/0x3f0 [ 182.163220][ T7092] dup_mmap+0xe88/0x21d0 [ 182.163268][ T7092] ? __pfx_dup_mmap+0x10/0x10 [ 182.163327][ T7092] copy_process+0x4081/0x7650 [ 182.163362][ T7092] ? preempt_schedule_thunk+0x16/0x30 [ 182.163413][ T7092] ? __pfx_copy_process+0x10/0x10 [ 182.163449][ T7092] ? find_held_lock+0x2b/0x80 [ 182.163484][ T7092] ? wake_up_q+0xb0/0x160 [ 182.163509][ T7092] ? do_raw_spin_unlock+0x172/0x230 [ 182.163541][ T7092] kernel_clone+0xfc/0x960 [ 182.163577][ T7092] ? __pfx_futex_wake+0x10/0x10 [ 182.163618][ T7092] ? __pfx_kernel_clone+0x10/0x10 [ 182.163676][ T7092] __do_sys_clone+0xce/0x120 [ 182.163712][ T7092] ? __pfx___do_sys_clone+0x10/0x10 [ 182.163766][ T7092] ? xfd_validate_state+0x61/0x180 [ 182.163817][ T7092] do_syscall_64+0xcd/0x490 [ 182.163862][ T7092] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 182.163890][ T7092] RIP: 0033:0x7f966918e929 [ 182.163913][ T7092] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 182.163940][ T7092] RSP: 002b:00007f966a06dfe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 182.163967][ T7092] RAX: ffffffffffffffda RBX: 00007f96693b6080 RCX: 00007f966918e929 [ 182.163986][ T7092] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011 [ 182.164003][ T7092] RBP: 00007f9669210b39 R08: 0000000000000000 R09: 0000000000000000 [ 182.164021][ T7092] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 182.164043][ T7092] R13: 0000000000000000 R14: 00007f96693b6080 R15: 00007ffff3a4e3c8 [ 182.164080][ T7092] [ 182.766261][ T7098] FAULT_INJECTION: forcing a failure. [ 182.766261][ T7098] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 182.845594][ T7098] CPU: 0 UID: 0 PID: 7098 Comm: syz.2.212 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 182.845639][ T7098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 182.845659][ T7098] Call Trace: [ 182.845669][ T7098] [ 182.845682][ T7098] dump_stack_lvl+0x16c/0x1f0 [ 182.845737][ T7098] should_fail_ex+0x512/0x640 [ 182.845794][ T7098] should_fail_alloc_page+0xe7/0x130 [ 182.845831][ T7098] prepare_alloc_pages+0x3c2/0x610 [ 182.845877][ T7098] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 182.845936][ T7098] ? __kasan_slab_alloc+0x89/0x90 [ 182.845998][ T7098] ? lock_acquire+0x179/0x350 [ 182.846045][ T7098] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 182.846095][ T7098] ? find_held_lock+0x2b/0x80 [ 182.846129][ T7098] ? page_table_check_set+0x627/0x750 [ 182.846208][ T7098] ? __page_table_check_ptes_set+0x1ae/0x420 [ 182.846263][ T7098] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 182.846316][ T7098] ? policy_nodemask+0xea/0x4e0 [ 182.846351][ T7098] alloc_pages_mpol+0x1fb/0x550 [ 182.846385][ T7098] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 182.846430][ T7098] alloc_pages_noprof+0x131/0x390 [ 182.846464][ T7098] pte_alloc_one+0x1c/0x3a0 [ 182.846496][ T7098] __pte_alloc+0x6d/0x3c0 [ 182.846528][ T7098] ? __pfx___pte_alloc+0x10/0x10 [ 182.846559][ T7098] ? __pfx___might_resched+0x10/0x10 [ 182.846595][ T7098] ? copy_page_range+0x13f0/0x5740 [ 182.846645][ T7098] copy_page_range+0x1aed/0x5740 [ 182.846706][ T7098] ? __lock_acquire+0x622/0x1c90 [ 182.846785][ T7098] ? __pfx_copy_page_range+0x10/0x10 [ 182.846838][ T7098] ? __pfx___might_resched+0x10/0x10 [ 182.846870][ T7098] ? __vma_enter_locked+0x163/0x3f0 [ 182.846915][ T7098] ? dup_mmap+0xe38/0x21d0 [ 182.846952][ T7098] ? down_write+0x14d/0x200 [ 182.846986][ T7098] ? up_write+0x1b2/0x520 [ 182.847039][ T7098] dup_mmap+0xe88/0x21d0 [ 182.847093][ T7098] ? __pfx_dup_mmap+0x10/0x10 [ 182.847166][ T7098] copy_process+0x4081/0x7650 [ 182.847216][ T7098] ? __pfx___futex_wait+0x10/0x10 [ 182.847280][ T7098] ? __pfx_copy_process+0x10/0x10 [ 182.847324][ T7098] ? find_held_lock+0x2b/0x80 [ 182.847376][ T7098] kernel_clone+0xfc/0x960 [ 182.847422][ T7098] ? __pfx_kernel_clone+0x10/0x10 [ 182.847493][ T7098] __do_sys_clone+0xce/0x120 [ 182.847534][ T7098] ? __pfx___do_sys_clone+0x10/0x10 [ 182.847596][ T7098] ? xfd_validate_state+0x61/0x180 [ 182.847655][ T7098] do_syscall_64+0xcd/0x490 [ 182.847721][ T7098] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 182.847753][ T7098] RIP: 0033:0x7fb42c18e929 [ 182.847778][ T7098] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 182.847809][ T7098] RSP: 002b:00007fb42d017fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 182.847839][ T7098] RAX: ffffffffffffffda RBX: 00007fb42c3b6080 RCX: 00007fb42c18e929 [ 182.847861][ T7098] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011 [ 182.847881][ T7098] RBP: 00007fb42c210b39 R08: 0000000000000000 R09: 0000000000000000 [ 182.847900][ T7098] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 182.847918][ T7098] R13: 0000000000000000 R14: 00007fb42c3b6080 R15: 00007ffd78361b48 [ 182.847958][ T7098] [ 184.317484][ T7118] netlink: 342 bytes leftover after parsing attributes in process `syz.0.218'. [ 185.017531][ T7131] usb usb8: usbfs: interface 0 claimed by hub while 'syz.2.222' sets config #0 [ 186.603643][ T7159] process 'syz.3.228' launched '/dev/fd/3' with NULL argv: empty string added [ 188.436778][ T7189] random: crng reseeded on system resumption [ 188.482263][ T7190] netlink: 342 bytes leftover after parsing attributes in process `syz.3.233'.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       syzkaller syzkaller login: [ 258.439931][ T8277] warning: `syz.1.455' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 260.266676][ T8290] netlink: 342 bytes leftover after parsing attributes in process `syz.0.458'. [ 260.327449][ T8308] netlink: 4 bytes leftover after parsing attributes in process `syz.2.461'. [ 260.757122][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 260.789974][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 265.742468][ T8382] netlink: 342 bytes leftover after parsing attributes in process `syz.3.472'. [ 266.806002][ T8407] netlink: 342 bytes leftover after parsing attributes in process `syz.2.480'. [ 268.235614][ T8427] FAULT_INJECTION: forcing a failure. [ 268.235614][ T8427] name failslab, interval 1, probability 0, space 0, times 0 [ 268.264697][ T8427] CPU: 0 UID: 0 PID: 8427 Comm: syz.0.484 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 268.264737][ T8427] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 268.264753][ T8427] Call Trace: [ 268.264762][ T8427] [ 268.264773][ T8427] dump_stack_lvl+0x16c/0x1f0 [ 268.264822][ T8427] should_fail_ex+0x512/0x640 [ 268.264867][ T8427] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 268.264915][ T8427] should_failslab+0xc2/0x120 [ 268.264943][ T8427] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 268.264988][ T8427] ? anon_vma_fork+0x200/0x620 [ 268.265032][ T8427] anon_vma_fork+0x200/0x620 [ 268.265075][ T8427] dup_mmap+0x152e/0x21d0 [ 268.265123][ T8427] ? __pfx_dup_mmap+0x10/0x10 [ 268.265203][ T8427] copy_process+0x4081/0x7650 [ 268.265251][ T8427] ? __pfx___futex_wait+0x10/0x10 [ 268.265324][ T8427] ? __pfx_copy_process+0x10/0x10 [ 268.265372][ T8427] ? __futex_hash.constprop.0+0x1e9/0x440 [ 268.265416][ T8427] kernel_clone+0xfc/0x960 [ 268.265457][ T8427] ? __pfx_kernel_clone+0x10/0x10 [ 268.265519][ T8427] __do_sys_clone+0xce/0x120 [ 268.265558][ T8427] ? __pfx___do_sys_clone+0x10/0x10 [ 268.265640][ T8427] ? xfd_validate_state+0x61/0x180 [ 268.265696][ T8427] do_syscall_64+0xcd/0x490 [ 268.265747][ T8427] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 268.265776][ T8427] RIP: 0033:0x7fdb47b8e929 [ 268.265799][ T8427] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 268.265827][ T8427] RSP: 002b:00007fdb48a33fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 268.265861][ T8427] RAX: ffffffffffffffda RBX: 00007fdb47db5fa0 RCX: 00007fdb47b8e929 [ 268.265879][ T8427] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011 [ 268.265895][ T8427] RBP: 00007fdb47c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 268.265913][ T8427] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 268.265930][ T8427] R13: 0000000000000000 R14: 00007fdb47db5fa0 R15: 00007ffc839186d8 [ 268.265968][ T8427] [ 272.055576][ T8485] netlink: 342 bytes leftover after parsing attributes in process `syz.1.504'. [ 273.037046][ T8494] random: crng reseeded on system resumption syzkaller syzkaller login: [ 275.861249][ T8530] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 289.017085][ T8720] random: crng reseeded on system resumption [ 289.586328][ T8736] netlink: 342 bytes leftover after parsing attributes in process `syz.1.541'. [ 291.076503][ T8748] FAULT_INJECTION: forcing a failure. [ 291.076503][ T8748] name failslab, interval 1, probability 0, space 0, times 0 [ 291.102256][ T8748] CPU: 1 UID: 0 PID: 8748 Comm: syz.2.542 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 291.102294][ T8748] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 291.102310][ T8748] Call Trace: [ 291.102319][ T8748] [ 291.102330][ T8748] dump_stack_lvl+0x16c/0x1f0 [ 291.102371][ T8748] should_fail_ex+0x512/0x640 [ 291.102401][ T8748] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 291.102436][ T8748] should_failslab+0xc2/0x120 [ 291.102455][ T8748] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 291.102487][ T8748] ? anon_vma_fork+0xe6/0x620 [ 291.102519][ T8748] anon_vma_fork+0xe6/0x620 [ 291.102546][ T8748] ? vm_area_dup+0x5a1/0x8d0 [ 291.102575][ T8748] dup_mmap+0x152e/0x21d0 [ 291.102609][ T8748] ? __pfx_dup_mmap+0x10/0x10 [ 291.102651][ T8748] copy_process+0x4081/0x7650 [ 291.102677][ T8748] ? __pfx___futex_wait+0x10/0x10 [ 291.102717][ T8748] ? __pfx_copy_process+0x10/0x10 [ 291.102743][ T8748] ? find_held_lock+0x2b/0x80 [ 291.102774][ T8748] kernel_clone+0xfc/0x960 [ 291.102802][ T8748] ? __pfx_kernel_clone+0x10/0x10 [ 291.102844][ T8748] __do_sys_clone+0xce/0x120 [ 291.102873][ T8748] ? __pfx___do_sys_clone+0x10/0x10 [ 291.102911][ T8748] ? xfd_validate_state+0x61/0x180 [ 291.102947][ T8748] do_syscall_64+0xcd/0x490 [ 291.102979][ T8748] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 291.102999][ T8748] RIP: 0033:0x7fb42c18e929 [ 291.103015][ T8748] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 291.103033][ T8748] RSP: 002b:00007fb42cff6fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 291.103052][ T8748] RAX: ffffffffffffffda RBX: 00007fb42c3b6160 RCX: 00007fb42c18e929 [ 291.103065][ T8748] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011 [ 291.103076][ T8748] RBP: 00007fb42c210b39 R08: 0000000000000000 R09: 0000000000000000 [ 291.103087][ T8748] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 291.103100][ T8748] R13: 0000000000000000 R14: 00007fb42c3b6160 R15: 00007ffd78361b48 [ 291.103125][ T8748] [ 296.838090][ T8791] netlink: 342 bytes leftover after parsing attributes in process `syz.2.556'. [ 297.890767][ T8823] can: request_module (can-proto-0) failed. [ 300.060801][ T8861] FAULT_INJECTION: forcing a failure. [ 300.060801][ T8861] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 300.220529][ T8861] CPU: 1 UID: 0 PID: 8861 Comm: syz.0.567 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 300.220563][ T8861] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 300.220577][ T8861] Call Trace: [ 300.220584][ T8861] [ 300.220593][ T8861] dump_stack_lvl+0x16c/0x1f0 [ 300.220635][ T8861] should_fail_ex+0x512/0x640 [ 300.220675][ T8861] should_fail_alloc_page+0xe7/0x130 [ 300.220701][ T8861] prepare_alloc_pages+0x3c2/0x610 [ 300.220734][ T8861] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 300.220772][ T8861] ? __alloc_frozen_pages_noprof+0x294/0x23f0 [ 300.220817][ T8861] ? __lock_acquire+0x622/0x1c90 [ 300.220855][ T8861] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 300.220892][ T8861] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 300.220948][ T8861] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 300.220987][ T8861] ? policy_nodemask+0xea/0x4e0 [ 300.221012][ T8861] alloc_pages_mpol+0x1fb/0x550 [ 300.221036][ T8861] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 300.221058][ T8861] ? do_raw_spin_lock+0x12c/0x2b0 [ 300.221096][ T8861] ? find_held_lock+0x2b/0x80 [ 300.221126][ T8861] alloc_pages_noprof+0x131/0x390 [ 300.221150][ T8861] __pmd_alloc+0x3b/0x930 [ 300.221175][ T8861] ? __pud_alloc+0x526/0x750 [ 300.221203][ T8861] copy_page_range+0x2419/0x5740 [ 300.221237][ T8861] ? dup_mmap+0x152e/0x21d0 [ 300.221263][ T8861] ? copy_process+0x4081/0x7650 [ 300.221293][ T8861] ? kernel_clone+0xfc/0x960 [ 300.221321][ T8861] ? __do_sys_clone+0xce/0x120 [ 300.221364][ T8861] ? __lock_acquire+0x622/0x1c90 [ 300.221420][ T8861] ? __pfx_copy_page_range+0x10/0x10 [ 300.221451][ T8861] ? mas_store+0x7a9/0x1160 [ 300.221475][ T8861] ? find_held_lock+0x2b/0x80 [ 300.221500][ T8861] ? __pfx_mas_store+0x10/0x10 [ 300.221523][ T8861] ? __vma_enter_locked+0x163/0x3f0 [ 300.221571][ T8861] dup_mmap+0xe88/0x21d0 [ 300.221610][ T8861] ? __pfx_dup_mmap+0x10/0x10 [ 300.221659][ T8861] copy_process+0x4081/0x7650 [ 300.221689][ T8861] ? __pfx___futex_wait+0x10/0x10 [ 300.221735][ T8861] ? __pfx_copy_process+0x10/0x10 [ 300.221765][ T8861] ? find_held_lock+0x2b/0x80 [ 300.221801][ T8861] kernel_clone+0xfc/0x960 [ 300.221834][ T8861] ? __pfx_kernel_clone+0x10/0x10 [ 300.221882][ T8861] __do_sys_clone+0xce/0x120 [ 300.221912][ T8861] ? __pfx___do_sys_clone+0x10/0x10 [ 300.221957][ T8861] ? xfd_validate_state+0x61/0x180 [ 300.221999][ T8861] do_syscall_64+0xcd/0x490 [ 300.222037][ T8861] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 300.222061][ T8861] RIP: 0033:0x7fdb47b8e929 [ 300.222080][ T8861] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 300.222102][ T8861] RSP: 002b:00007fdb489f1fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 300.222124][ T8861] RAX: ffffffffffffffda RBX: 00007fdb47db6160 RCX: 00007fdb47b8e929 [ 300.222139][ T8861] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011 [ 300.222153][ T8861] RBP: 00007fdb47c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 300.222166][ T8861] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 300.222180][ T8861] R13: 0000000000000000 R14: 00007fdb47db6160 R15: 00007ffc839186d8 [ 300.222209][ T8861] [ 300.241280][ T8847] netlink: 342 bytes leftover after parsing attributes in process `syz.3.566'. [ 305.502158][ T8941] FAULT_INJECTION: forcing a failure. [ 305.502158][ T8941] name failslab, interval 1, probability 0, space 0, times 0 [ 305.565877][ T8941] CPU: 1 UID: 0 PID: 8941 Comm: syz.0.586 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 305.565919][ T8941] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 305.565947][ T8941] Call Trace: [ 305.565957][ T8941] [ 305.565969][ T8941] dump_stack_lvl+0x16c/0x1f0 [ 305.566018][ T8941] should_fail_ex+0x512/0x640 [ 305.566059][ T8941] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 305.566107][ T8941] should_failslab+0xc2/0x120 [ 305.566135][ T8941] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 305.566177][ T8941] ? anon_vma_fork+0xe6/0x620 [ 305.566222][ T8941] anon_vma_fork+0xe6/0x620 [ 305.566260][ T8941] ? vm_area_dup+0x5a1/0x8d0 [ 305.566301][ T8941] dup_mmap+0x152e/0x21d0 [ 305.566347][ T8941] ? __pfx_dup_mmap+0x10/0x10 [ 305.566407][ T8941] copy_process+0x4081/0x7650 [ 305.566443][ T8941] ? __pfx___futex_wait+0x10/0x10 [ 305.566498][ T8941] ? __pfx_copy_process+0x10/0x10 [ 305.566543][ T8941] ? __futex_hash.constprop.0+0x1e9/0x440 [ 305.566584][ T8941] kernel_clone+0xfc/0x960 [ 305.566637][ T8941] ? __pfx_kernel_clone+0x10/0x10 [ 305.566696][ T8941] __do_sys_clone+0xce/0x120 [ 305.566733][ T8941] ? __pfx___do_sys_clone+0x10/0x10 [ 305.566788][ T8941] ? xfd_validate_state+0x61/0x180 [ 305.566837][ T8941] do_syscall_64+0xcd/0x490 [ 305.566884][ T8941] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 305.566912][ T8941] RIP: 0033:0x7fdb47b8e929 [ 305.566934][ T8941] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 305.566960][ T8941] RSP: 002b:00007fdb48a12fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 305.566986][ T8941] RAX: ffffffffffffffda RBX: 00007fdb47db6080 RCX: 00007fdb47b8e929 [ 305.567004][ T8941] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011 [ 305.567020][ T8941] RBP: 00007fdb47c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 305.567037][ T8941] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 305.567054][ T8941] R13: 0000000000000000 R14: 00007fdb47db6080 R15: 00007ffc839186d8 [ 305.567091][ T8941] [ 308.809329][ T8989] FAULT_INJECTION: forcing a failure. [ 308.809329][ T8989] name failslab, interval 1, probability 0, space 0, times 0 [ 308.880023][ T8989] CPU: 1 UID: 0 PID: 8989 Comm: syz.0.603 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 308.880055][ T8989] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 308.880067][ T8989] Call Trace: [ 308.880073][ T8989] [ 308.880081][ T8989] dump_stack_lvl+0x16c/0x1f0 [ 308.880116][ T8989] should_fail_ex+0x512/0x640 [ 308.880145][ T8989] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 308.880179][ T8989] should_failslab+0xc2/0x120 [ 308.880199][ T8989] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 308.880227][ T8989] ? trace_cap_capable+0x18d/0x200 [ 308.880246][ T8989] ? vm_area_dup+0x27/0x8d0 [ 308.880277][ T8989] vm_area_dup+0x27/0x8d0 [ 308.880306][ T8989] dup_mmap+0x877/0x21d0 [ 308.880339][ T8989] ? __pfx_dup_mmap+0x10/0x10 [ 308.880381][ T8989] copy_process+0x4081/0x7650 [ 308.880407][ T8989] ? __pfx___futex_wait+0x10/0x10 [ 308.880446][ T8989] ? __pfx_copy_process+0x10/0x10 [ 308.880472][ T8989] ? find_held_lock+0x2b/0x80 [ 308.880512][ T8989] kernel_clone+0xfc/0x960 [ 308.880540][ T8989] ? __pfx_kernel_clone+0x10/0x10 [ 308.880581][ T8989] __do_sys_clone+0xce/0x120 [ 308.880607][ T8989] ? __pfx___do_sys_clone+0x10/0x10 [ 308.880645][ T8989] ? xfd_validate_state+0x61/0x180 [ 308.880682][ T8989] do_syscall_64+0xcd/0x490 [ 308.880714][ T8989] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 308.880734][ T8989] RIP: 0033:0x7fdb47b8e929 [ 308.880750][ T8989] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 308.880769][ T8989] RSP: 002b:00007fdb489f1fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 308.880787][ T8989] RAX: ffffffffffffffda RBX: 00007fdb47db6160 RCX: 00007fdb47b8e929 [ 308.880800][ T8989] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011 [ 308.880811][ T8989] RBP: 00007fdb47c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 308.880823][ T8989] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 308.880834][ T8989] R13: 0000000000000000 R14: 00007fdb47db6160 R15: 00007ffc839186d8 [ 308.880859][ T8989] [ 313.638138][ T9054] FAULT_INJECTION: forcing a failure. [ 313.638138][ T9054] name failslab, interval 1, probability 0, space 0, times 0 [ 313.650959][ T9054] CPU: 0 UID: 0 PID: 9054 Comm: syz.3.606 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 313.650987][ T9054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 313.650999][ T9054] Call Trace: [ 313.651005][ T9054] [ 313.651012][ T9054] dump_stack_lvl+0x16c/0x1f0 [ 313.651051][ T9054] should_fail_ex+0x512/0x640 [ 313.651080][ T9054] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 313.651114][ T9054] should_failslab+0xc2/0x120 [ 313.651133][ T9054] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 313.651164][ T9054] ? ptlock_alloc+0x1f/0x70 [ 313.651193][ T9054] ptlock_alloc+0x1f/0x70 [ 313.651218][ T9054] pte_alloc_one+0x82/0x3a0 [ 313.651236][ T9054] __pte_alloc+0x6d/0x3c0 [ 313.651255][ T9054] ? __pfx___pte_alloc+0x10/0x10 [ 313.651275][ T9054] ? _raw_spin_unlock+0x28/0x50 [ 313.651299][ T9054] ? __pmd_alloc+0x3fb/0x930 [ 313.651324][ T9054] copy_page_range+0x1aed/0x5740 [ 313.651358][ T9054] ? __lock_acquire+0x622/0x1c90 [ 313.651405][ T9054] ? __pfx_copy_page_range+0x10/0x10 [ 313.651432][ T9054] ? mas_store+0x7a9/0x1160 [ 313.651451][ T9054] ? find_held_lock+0x2b/0x80 [ 313.651473][ T9054] ? __vma_enter_locked+0x163/0x3f0 [ 313.651513][ T9054] dup_mmap+0xe88/0x21d0 [ 313.651546][ T9054] ? __pfx_dup_mmap+0x10/0x10 [ 313.651587][ T9054] copy_process+0x4081/0x7650 [ 313.651613][ T9054] ? __pfx___futex_wait+0x10/0x10 [ 313.651652][ T9054] ? __pfx_copy_process+0x10/0x10 [ 313.651683][ T9054] ? __futex_hash.constprop.0+0x1e9/0x440 [ 313.651711][ T9054] kernel_clone+0xfc/0x960 [ 313.651738][ T9054] ? __pfx_kernel_clone+0x10/0x10 [ 313.651780][ T9054] __do_sys_clone+0xce/0x120 [ 313.651806][ T9054] ? __pfx___do_sys_clone+0x10/0x10 [ 313.651844][ T9054] ? xfd_validate_state+0x61/0x180 [ 313.651880][ T9054] do_syscall_64+0xcd/0x490 [ 313.651912][ T9054] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 313.651934][ T9054] RIP: 0033:0x7f966918e929 [ 313.651956][ T9054] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 313.651985][ T9054] RSP: 002b:00007f966a06dfe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 313.652012][ T9054] RAX: ffffffffffffffda RBX: 00007f96693b6080 RCX: 00007f966918e929 [ 313.652035][ T9054] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011 [ 313.652047][ T9054] RBP: 00007f9669210b39 R08: 0000000000000000 R09: 0000000000000000 [ 313.652059][ T9054] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 313.652070][ T9054] R13: 0000000000000000 R14: 00007f96693b6080 R15: 00007ffff3a4e3c8 [ 313.652095][ T9054] [ 313.976132][ T9058] FAULT_INJECTION: forcing a failure. [ 313.976132][ T9058] name failslab, interval 1, probability 0, space 0, times 0 [ 313.990818][ T9058] CPU: 0 UID: 0 PID: 9058 Comm: syz.1.608 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 313.990857][ T9058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 313.990875][ T9058] Call Trace: [ 313.990884][ T9058] [ 313.990894][ T9058] dump_stack_lvl+0x16c/0x1f0 [ 313.990942][ T9058] should_fail_ex+0x512/0x640 [ 313.990993][ T9058] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 313.991041][ T9058] should_failslab+0xc2/0x120 [ 313.991069][ T9058] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 313.991111][ T9058] ? find_held_lock+0x2b/0x80 [ 313.991139][ T9058] ? vm_area_dup+0x27/0x8d0 [ 313.991193][ T9058] ? dup_mmap+0x5cb/0x21d0 [ 313.991233][ T9058] vm_area_dup+0x27/0x8d0 [ 313.991276][ T9058] dup_mmap+0x877/0x21d0 [ 313.991327][ T9058] ? __pfx_dup_mmap+0x10/0x10 [ 313.991391][ T9058] copy_process+0x4081/0x7650 [ 313.991431][ T9058] ? __pfx___futex_wait+0x10/0x10 [ 313.991504][ T9058] ? __pfx_copy_process+0x10/0x10 [ 313.991541][ T9058] ? find_held_lock+0x2b/0x80 [ 313.991585][ T9058] kernel_clone+0xfc/0x960 [ 313.991624][ T9058] ? __pfx_kernel_clone+0x10/0x10 [ 313.991682][ T9058] __do_sys_clone+0xce/0x120 [ 313.991719][ T9058] ? __pfx___do_sys_clone+0x10/0x10 [ 313.991774][ T9058] ? xfd_validate_state+0x61/0x180 [ 313.991825][ T9058] do_syscall_64+0xcd/0x490 [ 313.991871][ T9058] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 313.991918][ T9058] RIP: 0033:0x7f6078d8e929 [ 313.991942][ T9058] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 313.991997][ T9058] RSP: 002b:00007f6079bb7fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 313.992027][ T9058] RAX: ffffffffffffffda RBX: 00007f6078fb6160 RCX: 00007f6078d8e929 [ 313.992047][ T9058] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011 [ 313.992066][ T9058] RBP: 00007f6078e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 313.992086][ T9058] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 313.992105][ T9058] R13: 0000000000000000 R14: 00007f6078fb6160 R15: 00007ffdc12bf998 [ 313.992147][ T9058] [ 315.009005][ T9074] FAULT_INJECTION: forcing a failure. [ 315.009005][ T9074] name failslab, interval 1, probability 0, space 0, times 0 [ 315.102147][ T9064] netlink: 342 bytes leftover after parsing attributes in process `syz.0.609'. [ 315.112752][ T9074] CPU: 1 UID: 0 PID: 9074 Comm: syz.1.611 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 315.112792][ T9074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 315.112809][ T9074] Call Trace: [ 315.112818][ T9074] [ 315.112829][ T9074] dump_stack_lvl+0x16c/0x1f0 [ 315.112890][ T9074] should_fail_ex+0x512/0x640 [ 315.112933][ T9074] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 315.112984][ T9074] should_failslab+0xc2/0x120 [ 315.113014][ T9074] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 315.113062][ T9074] ? anon_vma_fork+0xe6/0x620 [ 315.113109][ T9074] anon_vma_fork+0xe6/0x620 [ 315.113149][ T9074] ? vm_area_dup+0x5a1/0x8d0 [ 315.113192][ T9074] dup_mmap+0x152e/0x21d0 [ 315.113243][ T9074] ? __pfx_dup_mmap+0x10/0x10 [ 315.113305][ T9074] copy_process+0x4081/0x7650 [ 315.113345][ T9074] ? __pfx___futex_wait+0x10/0x10 [ 315.113404][ T9074] ? __pfx_copy_process+0x10/0x10 [ 315.113443][ T9074] ? find_held_lock+0x2b/0x80 [ 315.113491][ T9074] kernel_clone+0xfc/0x960 [ 315.113532][ T9074] ? __pfx_kernel_clone+0x10/0x10 [ 315.113601][ T9074] __do_sys_clone+0xce/0x120 [ 315.113638][ T9074] ? __pfx___do_sys_clone+0x10/0x10 [ 315.113695][ T9074] ? xfd_validate_state+0x61/0x180 [ 315.113750][ T9074] do_syscall_64+0xcd/0x490 [ 315.113804][ T9074] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 315.113834][ T9074] RIP: 0033:0x7f6078d8e929 [ 315.113865][ T9074] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 315.113894][ T9074] RSP: 002b:00007f6079bb7fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 315.113922][ T9074] RAX: ffffffffffffffda RBX: 00007f6078fb6160 RCX: 00007f6078d8e929 [ 315.113942][ T9074] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011 [ 315.113960][ T9074] RBP: 00007f6078e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 315.113978][ T9074] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 315.113996][ T9074] R13: 0000000000000000 R14: 00007f6078fb6160 R15: 00007ffdc12bf998 [ 315.114036][ T9074] [ 317.314160][ T9098] nfsd: Unknown parameter '˜ÛZØ' [ 321.785530][ T9164] FAULT_INJECTION: forcing a failure. [ 321.785530][ T9164] name failslab, interval 1, probability 0, space 0, times 0 [ 321.858568][ T9164] CPU: 1 UID: 0 PID: 9164 Comm: syz.3.626 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 321.858617][ T9164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 321.858637][ T9164] Call Trace: [ 321.858648][ T9164] [ 321.858660][ T9164] dump_stack_lvl+0x16c/0x1f0 [ 321.858714][ T9164] should_fail_ex+0x512/0x640 [ 321.858762][ T9164] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 321.858819][ T9164] should_failslab+0xc2/0x120 [ 321.858852][ T9164] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 321.858899][ T9164] ? trace_cap_capable+0x18d/0x200 [ 321.858931][ T9164] ? vm_area_dup+0x27/0x8d0 [ 321.858994][ T9164] vm_area_dup+0x27/0x8d0 [ 321.859042][ T9164] dup_mmap+0x877/0x21d0 [ 321.859098][ T9164] ? __pfx_dup_mmap+0x10/0x10 [ 321.859165][ T9164] copy_process+0x4081/0x7650 [ 321.859211][ T9164] ? __pfx___futex_wait+0x10/0x10 [ 321.859275][ T9164] ? __pfx_copy_process+0x10/0x10 [ 321.859326][ T9164] ? find_held_lock+0x2b/0x80 [ 321.859380][ T9164] kernel_clone+0xfc/0x960 [ 321.859426][ T9164] ? __pfx_kernel_clone+0x10/0x10 [ 321.859494][ T9164] __do_sys_clone+0xce/0x120 [ 321.859535][ T9164] ? __pfx___do_sys_clone+0x10/0x10 [ 321.859596][ T9164] ? xfd_validate_state+0x61/0x180 [ 321.859671][ T9164] do_syscall_64+0xcd/0x490 [ 321.859717][ T9164] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 321.859746][ T9164] RIP: 0033:0x7f966918e929 [ 321.859769][ T9164] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 321.859796][ T9164] RSP: 002b:00007f966a06dfe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 321.859822][ T9164] RAX: ffffffffffffffda RBX: 00007f96693b6080 RCX: 00007f966918e929 [ 321.859841][ T9164] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011 [ 321.859858][ T9164] RBP: 00007f9669210b39 R08: 0000000000000000 R09: 0000000000000000 [ 321.859874][ T9164] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 321.859890][ T9164] R13: 0000000000000000 R14: 00007f96693b6080 R15: 00007ffff3a4e3c8 [ 321.859926][ T9164] [ 322.123647][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.129970][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 328.572176][ T9281] nfsd: Unknown parameter '˜ÛZØ' [ 332.332292][ T9327] netlink: 4 bytes leftover after parsing attributes in process `syz.3.655'. [ 336.085404][ T9358] ubi0: attaching mtd0 [ 336.125537][ T9358] ubi0: scanning is finished [ 336.343213][ T9358] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 336.352952][ T9358] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 336.556078][ T9358] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 336.700739][ T9358] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 336.728563][ T9358] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 336.754388][ T9358] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 336.807239][ T9358] ubi0: max/mean erase counter: 2/1, WL threshold: 4096, image sequence number: 2324227996 [ 336.918077][ T9358] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 336.985834][ T9386] ubi0: background thread "ubi_bgt0d" started, PID 9386 [ 337.004252][ T9363] ubi0: detaching mtd0 [ 337.032970][ T9363] ubi0: mtd0 is detached [ 339.018167][ T9414] can: request_module (can-proto-0) failed. [ 342.132816][ T9457] ubi0: attaching mtd0 [ 342.147559][ T9455] netlink: 4 bytes leftover after parsing attributes in process `syz.1.686'. [ 342.187524][ T9457] ubi0: scanning is finished [ 342.731896][ T9457] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 342.739494][ T9457] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 342.770821][ T9457] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 342.901930][ T9457] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 342.944030][ T9457] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 342.954328][ T9457] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 342.964013][ T9457] ubi0: max/mean erase counter: 2/1, WL threshold: 4096, image sequence number: 2324227996 [ 343.130214][ T9457] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 343.154185][ T9470] netlink: 342 bytes leftover after parsing attributes in process `syz.1.678'. [ 343.209840][ T9473] ubi0: background thread "ubi_bgt0d" started, PID 9473 [ 343.209877][ T9458] ubi0: detaching mtd0 [ 343.261905][ T9458] ubi0: mtd0 is detached [ 343.708985][ T9475] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 346.383814][ T9490] ubi0: attaching mtd0 [ 346.479741][ T9490] ubi0: scanning is finished [ 346.874312][ T9490] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 346.979491][ T9490] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 347.109348][ T9490] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 347.116503][ T9490] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 347.190090][ T9490] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 347.227653][ T9490] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 347.319891][ T9490] ubi0: max/mean erase counter: 2/1, WL threshold: 4096, image sequence number: 2324227996 [ 347.518048][ T9490] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 347.634759][ T9524] ubi0: background thread "ubi_bgt0d" started, PID 9524 [ 347.649822][ T9497] ubi0: detaching mtd0 [ 347.697454][ T9497] ubi0: mtd0 is detached [ 352.995605][ T9592] netlink: 342 bytes leftover after parsing attributes in process `syz.0.702'. [ 356.844108][ T9660] [ 356.846491][ T9660] ====================================================== [ 356.853514][ T9660] WARNING: possible circular locking dependency detected [ 356.860541][ T9660] 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 Not tainted [ 356.867656][ T9660] ------------------------------------------------------ [ 356.874713][ T9660] syz.2.716/9660 is trying to acquire lock: [ 356.880613][ T9660] ffff888026c01970 (&q->elevator_lock){+.+.}-{4:4}, at: queue_requests_store+0x1c7/0x310 [ 356.890487][ T9660] [ 356.890487][ T9660] but task is already holding lock: [ 356.897867][ T9660] ffff888026c01438 (&q->q_usage_counter(io)#59){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 356.909166][ T9660] [ 356.909166][ T9660] which lock already depends on the new lock. [ 356.909166][ T9660] [ 356.919588][ T9660] [ 356.919588][ T9660] the existing dependency chain (in reverse order) is: [ 356.928628][ T9660] [ 356.928628][ T9660] -> #3 (&q->q_usage_counter(io)#59){++++}-{0:0}: [ 356.937903][ T9660] blk_alloc_queue+0x619/0x760 [ 356.943221][ T9660] blk_mq_alloc_queue+0x175/0x290 [ 356.948828][ T9660] __blk_mq_alloc_disk+0x29/0x120 [ 356.954590][ T9660] nbd_dev_add+0x4a0/0xbc0 [ 356.959575][ T9660] nbd_init+0x181/0x320 [ 356.964293][ T9660] do_one_initcall+0x120/0x6e0 [ 356.969636][ T9660] kernel_init_freeable+0x5c2/0x900 [ 356.975391][ T9660] kernel_init+0x1c/0x2b0 [ 356.980262][ T9660] ret_from_fork+0x5d7/0x6f0 [ 356.985400][ T9660] ret_from_fork_asm+0x1a/0x30 [ 356.990791][ T9660] [ 356.990791][ T9660] -> #2 (fs_reclaim){+.+.}-{0:0}: [ 356.998046][ T9660] fs_reclaim_acquire+0x102/0x150 [ 357.003631][ T9660] prepare_alloc_pages+0x162/0x610 [ 357.009303][ T9660] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 357.015754][ T9660] __alloc_pages_noprof+0xb/0x1b0 [ 357.021330][ T9660] pcpu_populate_chunk+0x110/0xb00 [ 357.026986][ T9660] pcpu_alloc_noprof+0x86a/0x1470 [ 357.032554][ T9660] xt_percpu_counter_alloc+0x13e/0x1b0 [ 357.038560][ T9660] find_check_entry.constprop.0+0xbf/0xa20 [ 357.044934][ T9660] translate_table+0xd0b/0x17b0 [ 357.050325][ T9660] ip6t_register_table+0x102/0x430 [ 357.055980][ T9660] ip6table_filter_table_init+0x75/0xa0 [ 357.062070][ T9660] xt_find_table_lock+0x2e4/0x520 [ 357.067637][ T9660] xt_request_find_table_lock+0x28/0xf0 [ 357.073733][ T9660] get_info+0x190/0x620 [ 357.078453][ T9660] do_ip6t_get_ctl+0x169/0xa50 [ 357.083775][ T9660] nf_getsockopt+0x79/0xe0 [ 357.088734][ T9660] ipv6_getsockopt+0x1f7/0x280 [ 357.094042][ T9660] tcp_getsockopt+0xa1/0x100 [ 357.099185][ T9660] do_sock_getsockopt+0x3ff/0x800 [ 357.104756][ T9660] __sys_getsockopt+0x123/0x1b0 [ 357.110152][ T9660] __x64_sys_getsockopt+0xbd/0x160 [ 357.115815][ T9660] do_syscall_64+0xcd/0x490 [ 357.120883][ T9660] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 357.127316][ T9660] [ 357.127316][ T9660] -> #1 (pcpu_alloc_mutex){+.+.}-{4:4}: [ 357.135074][ T9660] __mutex_lock+0x199/0xb90 [ 357.140128][ T9660] pcpu_alloc_noprof+0xb4c/0x1470 [ 357.145709][ T9660] sbitmap_init_node+0x2fd/0x770 [ 357.151189][ T9660] sbitmap_queue_init_node+0x41/0x560 [ 357.157205][ T9660] blk_mq_init_tags+0x12d/0x2b0 [ 357.162701][ T9660] blk_mq_alloc_map_and_rqs+0x237/0xf60 [ 357.168801][ T9660] blk_mq_init_sched+0x30c/0x610 [ 357.174283][ T9660] elevator_switch+0x1e1/0x7f0 [ 357.179587][ T9660] elevator_change+0x2ac/0x400 [ 357.184918][ T9660] elevator_set_default+0x292/0x320 [ 357.190654][ T9660] blk_register_queue+0x393/0x4f0 [ 357.196216][ T9660] __add_disk+0x74a/0xf00 [ 357.201090][ T9660] add_disk_fwnode+0x13f/0x5d0 [ 357.206399][ T9660] nbd_dev_add+0x791/0xbc0 [ 357.211358][ T9660] nbd_init+0x181/0x320 [ 357.216066][ T9660] do_one_initcall+0x120/0x6e0 [ 357.221366][ T9660] kernel_init_freeable+0x5c2/0x900 [ 357.227107][ T9660] kernel_init+0x1c/0x2b0 [ 357.231970][ T9660] ret_from_fork+0x5d7/0x6f0 [ 357.237105][ T9660] ret_from_fork_asm+0x1a/0x30 [ 357.242406][ T9660] [ 357.242406][ T9660] -> #0 (&q->elevator_lock){+.+.}-{4:4}: [ 357.250251][ T9660] __lock_acquire+0x126f/0x1c90 [ 357.255653][ T9660] lock_acquire+0x179/0x350 [ 357.260729][ T9660] __mutex_lock+0x199/0xb90 [ 357.265805][ T9660] queue_requests_store+0x1c7/0x310 [ 357.271544][ T9660] queue_attr_store+0x279/0x320 [ 357.276952][ T9660] sysfs_kf_write+0xef/0x150 [ 357.282106][ T9660] kernfs_fop_write_iter+0x351/0x510 [ 357.287937][ T9660] iter_file_splice_write+0x91c/0x1150 [ 357.294029][ T9660] direct_splice_actor+0x18f/0x6c0 [ 357.299686][ T9660] splice_direct_to_actor+0x345/0xa30 [ 357.305604][ T9660] do_splice_direct+0x174/0x240 [ 357.311013][ T9660] do_sendfile+0xb06/0xe50 [ 357.315987][ T9660] __x64_sys_sendfile64+0x1d8/0x220 [ 357.321731][ T9660] do_syscall_64+0xcd/0x490 [ 357.326795][ T9660] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 357.333231][ T9660] [ 357.333231][ T9660] other info that might help us debug this: [ 357.333231][ T9660] [ 357.343471][ T9660] Chain exists of: [ 357.343471][ T9660] &q->elevator_lock --> fs_reclaim --> &q->q_usage_counter(io)#59 [ 357.343471][ T9660] [ 357.357354][ T9660] Possible unsafe locking scenario: [ 357.357354][ T9660] [ 357.364819][ T9660] CPU0 CPU1 [ 357.370194][ T9660] ---- ---- [ 357.375583][ T9660] lock(&q->q_usage_counter(io)#59); [ 357.380996][ T9660] lock(fs_reclaim); [ 357.387522][ T9660] lock(&q->q_usage_counter(io)#59); [ 357.395461][ T9660] lock(&q->elevator_lock); [ 357.400156][ T9660] [ 357.400156][ T9660] *** DEADLOCK *** [ 357.400156][ T9660] [ 357.408304][ T9660] 5 locks held by syz.2.716/9660: [ 357.413335][ T9660] #0: ffff88803194e428 (sb_writers#7){.+.+}-{0:0}, at: splice_direct_to_actor+0x345/0xa30 [ 357.423393][ T9660] #1: ffff888059ac4888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510 [ 357.433182][ T9660] #2: ffff888026d39c38 (kn->active#92){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510 [ 357.443237][ T9660] #3: ffff888026c01438 (&q->q_usage_counter(io)#59){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 357.454982][ T9660] #4: ffff888026c01470 (&q->q_usage_counter(queue)#11){+.+.}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 357.466964][ T9660] [ 357.466964][ T9660] stack backtrace: [ 357.472863][ T9660] CPU: 1 UID: 0 PID: 9660 Comm: syz.2.716 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) [ 357.472894][ T9660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 357.472908][ T9660] Call Trace: [ 357.472917][ T9660] [ 357.472926][ T9660] dump_stack_lvl+0x116/0x1f0 [ 357.472963][ T9660] print_circular_bug+0x275/0x350 [ 357.472997][ T9660] check_noncircular+0x14c/0x170 [ 357.473032][ T9660] __lock_acquire+0x126f/0x1c90 [ 357.473068][ T9660] ? __lock_acquire+0xb8a/0x1c90 [ 357.473102][ T9660] lock_acquire+0x179/0x350 [ 357.473134][ T9660] ? queue_requests_store+0x1c7/0x310 [ 357.473157][ T9660] ? __pfx___might_resched+0x10/0x10 [ 357.473184][ T9660] ? do_raw_spin_lock+0x12c/0x2b0 [ 357.473223][ T9660] __mutex_lock+0x199/0xb90 [ 357.473259][ T9660] ? queue_requests_store+0x1c7/0x310 [ 357.473281][ T9660] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 357.473313][ T9660] ? queue_requests_store+0x1c7/0x310 [ 357.473334][ T9660] ? lockdep_hardirqs_on+0x7c/0x110 [ 357.473373][ T9660] ? __pfx___mutex_lock+0x10/0x10 [ 357.473413][ T9660] ? __pfx_autoremove_wake_function+0x10/0x10 [ 357.473448][ T9660] ? queue_requests_store+0x1c7/0x310 [ 357.473468][ T9660] queue_requests_store+0x1c7/0x310 [ 357.473491][ T9660] ? __pfx_queue_requests_store+0x10/0x10 [ 357.473515][ T9660] ? __mutex_trylock_common+0xe9/0x250 [ 357.473549][ T9660] ? __pfx_queue_requests_store+0x10/0x10 [ 357.473572][ T9660] queue_attr_store+0x279/0x320 [ 357.473610][ T9660] ? __pfx_queue_attr_store+0x10/0x10 [ 357.473646][ T9660] ? __lock_acquire+0x622/0x1c90 [ 357.473686][ T9660] ? find_held_lock+0x2b/0x80 [ 357.473710][ T9660] ? sysfs_file_kobj+0xe4/0x290 [ 357.473740][ T9660] ? __pfx_queue_attr_store+0x10/0x10 [ 357.473776][ T9660] sysfs_kf_write+0xef/0x150 [ 357.473805][ T9660] kernfs_fop_write_iter+0x351/0x510 [ 357.473830][ T9660] ? __pfx_sysfs_kf_write+0x10/0x10 [ 357.473860][ T9660] iter_file_splice_write+0x91c/0x1150 [ 357.473902][ T9660] ? __pfx_iter_file_splice_write+0x10/0x10 [ 357.473937][ T9660] ? __pfx_copy_splice_read+0x10/0x10 [ 357.473974][ T9660] ? __pfx_iter_file_splice_write+0x10/0x10 [ 357.474008][ T9660] direct_splice_actor+0x18f/0x6c0 [ 357.474042][ T9660] splice_direct_to_actor+0x345/0xa30 [ 357.474073][ T9660] ? __pfx_direct_splice_actor+0x10/0x10 [ 357.474108][ T9660] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 357.474138][ T9660] ? irqentry_exit+0x3b/0x90 [ 357.474175][ T9660] do_splice_direct+0x174/0x240 [ 357.474206][ T9660] ? __pfx_do_splice_direct+0x10/0x10 [ 357.474236][ T9660] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 357.474269][ T9660] ? rw_verify_area+0xcf/0x680 [ 357.474300][ T9660] do_sendfile+0xb06/0xe50 [ 357.474334][ T9660] ? __pfx_do_sendfile+0x10/0x10 [ 357.474372][ T9660] ? handle_mm_fault+0x2ab/0xd10 [ 357.474406][ T9660] ? __x64_sys_futex+0x1e0/0x4c0 [ 357.474435][ T9660] ? __x64_sys_futex+0x1e9/0x4c0 [ 357.474466][ T9660] __x64_sys_sendfile64+0x1d8/0x220 [ 357.474489][ T9660] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 357.474517][ T9660] do_syscall_64+0xcd/0x490 [ 357.474554][ T9660] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 357.474579][ T9660] RIP: 0033:0x7fb42c18e929 [ 357.474598][ T9660] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 357.474621][ T9660] RSP: 002b:00007fb42d039038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 357.474643][ T9660] RAX: ffffffffffffffda RBX: 00007fb42c3b5fa0 RCX: 00007fb42c18e929 [ 357.474658][ T9660] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 357.474672][ T9660] RBP: 00007fb42c210b39 R08: 0000000000000000 R09: 0000000000000000 [ 357.474686][ T9660] R10: 0000000000000200 R11: 0000000000000246 R12: 0000000000000000 [ 357.474700][ T9660] R13: 0000000000000000 R14: 00007fb42c3b5fa0 R15: 00007ffd78361b48 [ 357.474722][ T9660] [ 358.128496][ T9666] netlink: 342 bytes leftover after parsing attributes in process `syz.1.715'.