last executing test programs: 10.235600664s ago: executing program 2 (id=3005): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x9, 0x1f, 0x940, 0x1ffde, 0x3, 0x6, 0x8000003, 0x9, 0x5, 0x0, 0x4, 0xb0, 0x7, 0x200, 0x3, 0x205, 0x7, 0x0, 0x3ffff, 0x0, 0x3, 0x7069, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, [0x0, 0x0, 0x0, 0x8, 0x5, 0x8000004, 0x0, 0x100000000000000, 0xfffffffffffffffb, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x0, 0x100000000, 0x0, 0x8000000000000001, 0x0, 0x1, 0x0, 0x0, 0xfff, 0x4, 0x0, 0x0, 0x2000000000000000]}, 0x203, 0x7d) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) mmap$auto(0x0, 0x400008, 0xdf, 0x4000000000009b72, 0x2, 0x8000) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) io_uring_setup$auto(0x8, 0x0) close_range$auto(0x2, 0x8, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$auto_SO_DOMAIN(r0, 0x1, 0x27, &(0x7f0000000080)='\x00', 0x7) open(0x0, 0x22040, 0x80) r1 = socket(0x11, 0x3, 0x9) socket(0xa, 0x2, 0x3a) socket(0x11, 0x80003, 0x300) openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cmdline\x00', 0x8800, 0x0) r2 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x787806, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = socket(0x10, 0x2, 0x4) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYRES32=0x0, @ANYRES8=r1, @ANYRES8=r2], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x2000c082) write$auto(r3, &(0x7f0000000000)='-\x00', 0xfdef) r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nbd13\x00', 0x101400, 0x0) ioctl$auto_BLKGETDISKSEQ(r4, 0x80081280, &(0x7f00000000c0)=0x7) r5 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r5, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 8.701183934s ago: executing program 2 (id=3011): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x141201, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r0, 0xffffffffffdffe00, &(0x7f0000000140)=';') openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) socket(0xa, 0x1, 0x100) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000000), 0x80001, 0x0) io_uring_setup$auto(0x85, 0x0) r2 = socket(0xa, 0x1, 0x84) getsockopt$auto(r2, 0x0, 0x487, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x3b71, 0x0) 7.242934362s ago: executing program 2 (id=3018): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000000)='/dev/usbmon7\x00', 0x40080, 0x0) mmap$auto(0x0, 0x4000002, 0xfffffffffffffe01, 0x8051, 0x3, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000180)='/dev/bus/usb/007/001\x00', 0x40001, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) unshare$auto(0x40000080) mmap$auto(0x7, 0x1, 0x200000000df, 0x9b72, 0x2, 0x3) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/system/node/node1/compact\x00', 0xc2481, 0x0) writev$auto(r3, &(0x7f0000000080)={&(0x7f0000000040)="99e7daa24511691d42a9", 0x1000}, 0x3) r4 = openat$auto_btrfs_dir_file_operations_inode(0xffffffffffffff9c, &(0x7f0000000680)='/sys/devices/virtual/mac80211_hwsim/hwsim15\x00', 0x200802, 0x0) ioctl$auto_BTRFS_IOC_QUOTA_CTL(r4, 0xc0109428, &(0x7f00000006c0)={0xfffffffffffff53e, 0x1}) read$auto_nvram_misc_fops_nvram(r2, &(0x7f00000005c0)=""/152, 0x98) close_range$auto(0x2, 0x8, 0x0) socket(0x3, 0x2, 0x9) r5 = pipe2$auto(&(0x7f00000000c0), 0x0) openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, 0x0, 0x200, 0x0) r6 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) r7 = ioctl$auto_KVM_CREATE_VM(r6, 0xae01, 0x0) r8 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto(r7, 0x4008ae6a, r8) sendmsg$auto_NFC_CMD_DISABLE_SE(r7, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x50000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="2c0014ca", @ANYRES16, @ANYRESDEC=r1], 0x2c}, 0x1, 0x0, 0x0, 0x1}, 0x8004) sendmsg$auto_NFC_CMD_DEV_DOWN(r5, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[], 0x2e0}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000805) socket(0x6, 0x2, 0x6) semctl$auto_SETVAL(0x0, 0xfffffff5, 0x10, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x71f2c1, 0x0) madvise$auto_MADV_GUARD_INSTALL(0x0, 0x100000000, 0x66) syz_open_procfs$namespace(0x0, &(0x7f0000000080)) 7.011732074s ago: executing program 1 (id=3019): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socket(0xa, 0x1, 0x100) r1 = socket(0xa, 0x2, 0x3a) setsockopt$auto(r1, 0x29, 0x1e, &(0x7f0000000040)='!\x00', 0x1ff) r2 = socket(0x1e, 0x1, 0x0) connect$auto(r2, &(0x7f0000000000)=@tipc=@id={0x1e, 0x3, 0x2, {0x4e20, 0xf5}}, 0x10) setsockopt$auto(r0, 0x29, 0x8, 0x0, 0x568) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) mmap$auto(0x0, 0x3, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x1, 0x0) capget$auto(0x0, 0xfffffffffffffffe) capset$auto(0x0, 0x0) readv$auto(0x3, &(0x7f00000000c0)={&(0x7f0000000000), 0x7}, 0x10) r3 = open(&(0x7f0000000040)='./file0\x00', 0x22240, 0x154) fcntl$auto(r3, 0x400, 0x1) r4 = fcntl$auto(0x3, 0x8, 0x0) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) madvise$auto(0x0, 0x2000040080000004, 0xe) r5 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) write$auto(r5, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) r6 = socket(0xa, 0x5, 0x0) getsockopt$auto(r6, 0x84, 0x71, 0x0, 0x0) ioctl$auto(r4, 0x9, r1) mprotect$auto(0x200000000000, 0x806121, 0x6) fcntl$auto(0x3, 0x400, 0x9ec0000000000000) openat$auto_trace_time_stamp_mode_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/timestamp_mode\x00', 0x101800, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) close_range$auto(0x2, 0x8, 0x0) 6.626958897s ago: executing program 1 (id=3023): setxattr$auto(0x0, &(0x7f0000000200)='*\x00', 0x0, 0x800000, 0x0) madvise$auto(0x0, 0x100, 0xc) r0 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x7a9303, 0x0) ioctl$auto(r0, 0x92106411, 0xffffffffffffffff) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0xd, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000300)='/dev/nbd9\x00', 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_DISCONNECT(r2, 0x0, 0x2000c800) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x8000b) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x163, 0x2007f2, 0x15) madvise$auto(0xffffffffffffffff, 0x200007, 0x19) syslog$auto(0x3, 0x0, 0x5) poll$auto(0x0, 0x7f, 0x9) socket(0x25, 0x800, 0x5) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) setsockopt$auto_SO_OOBINLINE(0xffffffffffffffff, 0x80000001, 0xa, &(0x7f0000000080)=',\x00', 0xfffffffc) r3 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f00000001c0), 0x82200, 0x0) pread64$auto(r3, &(0x7f0000000240)='\x03W\x96l\x15\x00'/21, 0x100000002, 0x100000001) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0) shmctl$auto_IPC_SET(0x7, 0x1, &(0x7f00000004c0)={{0xfd47, 0xee00, 0x0, 0xd4, 0x2, 0xef1, 0x2}, 0xd04, 0xc95, 0x9, 0x64, @inferred=0xffffffffffffffff, @inferred, 0x1000, 0x0, &(0x7f0000000340)="167b47e1b8b52d2f5d861e673ce96466c002662e497963066c0b7fd67086a93e1685c93c18bd2d9e7582452d35405d043bd657f6ca357425605f815a8424b286a3103c415ca54d99dac939d6b63b71fabd044b1b7b9556c9124edcb03d924c8f1b50ee3dca9dc53691b776e67d519c9a0607a0858ee496f0bf3f6e0a8a0c068eecae4829d1e7d3", &(0x7f0000000440)="42128a42b5b6e462a9a516e863452e20372859bdcee3cfcb5f58a9b597498922d103878438790b6a38c478082b9ea2b6516cd06edc6e2fdabaf7b00586268c3cf0632c322d1d02dc6be34fd03ad5e36c1f798e1a"}) sendmsg$auto_NL802154_CMD_SET_SHORT_ADDR(0xffffffffffffffff, &(0x7f0000000980)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000940)={&(0x7f0000000540)=ANY=[@ANYBLOB="08030000", @ANYRES16=0x0, @ANYBLOB="000427bd7000fbdbdf250b00000005001a001c00000008002c000100000005001000070000000800050009000000050024000500000006000a000180000005000f0000000000ba0219802c29d84708b0d4bd9dd2568a18f2dc48c4a77987a9ed3c84e0a2dff675dad4d5bbae0eda5220dcd495f3f6b87e5ca25f7ef6b878add456108ba04331c87163fdccd4568c9e57ce1d249ffafa79c0713789f6fb6235f1c407b22e464185a638ce6848080055800400308090001680040051800400bb8004003e80040092801400fe00ff0200000000000000000000000000015f00a600ce01b02a2331f9c14b8c69b3a72e09000000b76fa349a0a9a7a522527ab8882b64d7a9b711445e369545179a4400b3c71f9ffcd918e6d64a5b90b694dc2bd7323c27041afa3d64a9f76f67e3e874b556e5b7b9b2a036bdbf810008007b0000000000", @ANYRES32=0x0, @ANYBLOB="fb0007800800be00", @ANYRES32=r5, @ANYBLOB="f531bd2cedbed0243e162413a3d9a20e28804c3c7b1cd89a1b1766091d81ca33944a93b6d0ab96c09c39479b195c36a5d972c3af8763db422e37b8606c8b261f098014858238944b5edf78abbc1e39a897e7bedef791ad695f2e02a890a489fe244be9369518cf25a425cd592cc562b7f9e4d0b17084814a1a14710740d49f8f1c2e5d3da05daa6d66d16e77674e8d1642e597039a3aafe54e603a114f5ced583f4185cdad81c16c487f8864e291127fc17e2123eec1231b388d422d18398c1960317fe43cd5365437658acf34b034318bb870bdfdb39c029fdc166dfbd82bff9d58600c00b8000400000000000000000c001c000100000000000000d5580444fb80643de92c84a16405a37a30b16419dcbd2c45c50e3e3265cffaa3ae55bf5680b3539cbd58272316516e2aa82fb7b3651a9ed7273c5bd2229bf8d75930532fc8e3e72fb2d3d447f9fd97d95885f3a336882379b7bd72bd96ef5c34c9f62c3b7cec9a9362cca774484b717a1eace4d573a71a6d27142e388eebbd347f7b310aa703e9097f35ca481f331af40f0f85fd318ba6d36f830c86e068e426ab6476e7a652b88db366e62c04002f000000"], 0x308}, 0x1, 0x0, 0x0, 0x880}, 0x20000001) sendfile$auto(r4, r4, 0x0, 0x3) mmap$auto(0x0, 0x400008, 0xfffffffffffffffb, 0x9b72, 0x2, 0x9) madvise$auto(0x0, 0xffffffffffff0005, 0x19) 5.456145064s ago: executing program 1 (id=3029): r0 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000040), 0x80302, 0x0) r1 = ioctl$auto_SW_SYNC_IOC_INC(r0, 0x40045701, &(0x7f0000000080)=0xffffffff) fcntl$auto_F_GETSIG(r1, 0xb, 0x7) r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000000c0), r1) sendmsg$auto_NFSD_CMD_THREADS_SET(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0x94, r2, 0x800, 0x70bd29, 0x25dfdbff, {}, [@NFSD_A_SERVER_SCOPE={0x23, 0x4, '/sys/kernel/debug/sync/sw_sync\x00'}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0xff}, @NFSD_A_SERVER_GRACETIME={0x8, 0x2, 0x3}, @NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x1505}, @NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x5}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0xa}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x100}, @NFSD_A_SERVER_SCOPE={0x23, 0x4, '/sys/kernel/debug/sync/sw_sync\x00'}, @NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x10000}]}, 0x94}, 0x1, 0x0, 0x0, 0x400}, 0x8041) 5.351221875s ago: executing program 1 (id=3030): r0 = socket(0x2, 0x3, 0xa) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/ip_vs_conn_sync\x00', 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r2) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'geneve0\x00', 0x0}) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000001f80)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="00012cbd02000000df251d00000008000300", @ANYRES32=r4, @ANYBLOB], 0x1c}}, 0x4000000) accept4$auto(r1, &(0x7f0000000000)=@can={0x1d, r4}, &(0x7f0000000040), 0x6) syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000000), 0xffffffffffffffff) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) socket(0x2b, 0x1, 0x1) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r5 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0) ioctl$auto_PAGEMAP_SCAN(r5, 0xc0606610, &(0x7f000000c380)={0x60, 0x0, 0x100000, 0x7fffffffefff, 0xfffffffffffffffe, 0x1, 0x6, 0x50b301a, 0x2c, 0x2c, 0x0, 0x2}) listmount$auto(&(0x7f0000000040)={0xf1, @inferred=r0, 0xe5c5, 0x18, 0x1}, &(0x7f00000000c0)=0x43c4, 0x2, 0x1) epoll_create$auto(0x51) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb5, r2, 0x1) statmount$auto(0x0, &(0x7f0000000440)={0x8, 0xbf, 0x401bf, 0x7352, 0x1801, 0x8000, 0x1ffde, 0x3, 0x2, 0x1, 0x9, 0x7, 0x5, 0x8, 0x3002, 0x10000000000009, 0xb, 0x80010002, 0x80, 0x200000008, 0x6, 0x7, 0x2, 0x203, 0x400, 0x84, 0x0, 0x0, 0x0, 0xfff, 0x0, [0x0, 0x7f, 0x0, 0x0, 0x10, 0x7ff, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x100, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x9, 0x1, 0x0, 0x9, 0xfffffffffffffffc, 0x0, 0x1, 0x79, 0x0, 0x6a4644af, 0x0, 0x0, 0x2, 0x0, 0x0, 0xeff, 0x0, 0xffffffffffffffff, 0x0, 0x1000, 0x4], "1cceaef80f67e328c23963bbe8128418b1fa53cd7d44fe185c8a6b0c2f25846657c4c4e3893fb068e15a22a1db251c98a199243a062b58dcd7d48a0a702d02c2fc7223db7d04a5e1ba5b6b603843faaf35b363c5cc497136078df8da65eab977c8af983b04737b497da9eaf59c13b036e9ce2c7834e515943ee2815df068c9c234f6ffb2130e5f4d756c0920ec9377ae30f389e3d006f5031c19afa480cf2cb70c3025b805ab3fa5d9fa4219b5f6f97d4c23055e38795c98270c43957069169390d6bf6dd47f5ba1fa06658e67ed95b8d17d9f7c8d425eb07b4dc947549be208540991f1c02d4ffad4e48f53d8e2ffef804fef54aa97c5805b38a453223583e581ecda5fbf846a25b4706f861de94f456e818c8f8553be65b4c96bc9b322b8b8c22d59c90211d30ce41f28c481f226e905ade086fd4e110102ac3986e4b296e9cc317aaf6aeec55c751aef92fb8c70fab40edc3e62b4c23e2376be891e66d2054591a3402eec97f5cdcd71fb180f5c85c4b285e2cb30f05924557399d3f8cf669dabd5bfe3089375e58e549883970de04b21a1bc8af934"}, 0x1fe, 0x0) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x24008000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) r6 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r6, &(0x7f0000000200)={{0x0, 0xfc, &(0x7f0000000100)={0x0, 0xfc6}, 0x2, 0x0, 0x7, 0x3}, 0x7}, 0x7, 0x4008) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x401, 0x0) r7 = openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vcs1\x00', 0x50002, 0x0) bpf$auto_BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)=@info={r7, 0x7fff, 0x8b77}, 0x8) madvise$auto(0x0, 0xffffffffffff0005, 0x17) 4.253000087s ago: executing program 3 (id=3033): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000001a80)='/dev/bus/usb/027/001\x00', 0x0, 0x0) mmap$auto(0x2000, 0x80009, 0xb, 0x8000000008011, r0, 0x0) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x20342, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) ioperm$auto(0x7, 0x5ad2, 0x8) write$auto(0x3, 0x0, 0xffd8) unshare$auto(0x40000080) mincore$auto(0x1000, 0x8001, 0x0) r2 = openat$auto_bm_entry_operations_binfmt_misc(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/fs/binfmt_misc/syz1\x00', 0x40, 0x0) write$auto(r2, &(0x7f00000000c0)='/dev/dsp\x00', 0xa) r3 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x1000, 0x0) ioctl$auto_tracing_buffers_fops_trace(r3, 0xffffffffffffffff, 0x0) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) r4 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x24, r4, 0x1, 0x70bd29, 0x25dfdbfb, {}, [@OVS_FLOW_ATTR_PROBE={0x4}, @OVS_FLOW_ATTR_KEY={0xc, 0x1, 0x0, 0x1, [@typed={0x8, 0x16, 0x0, 0x0, @ipv4=@local}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x40010}, 0x800) clone$auto(0x21, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6) ioctl$auto_SNDCTL_DSP_SYNC(r1, 0x5001, 0xfffffffffffffffc) r6 = gettid() process_vm_writev$auto(r6, &(0x7f0000002980)={0x0, 0x7ff}, 0x3, &(0x7f0000002a40)={0x0, 0x100000004007}, 0x4, 0x0) 4.240974401s ago: executing program 1 (id=3034): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cpu/1/cpuid\x00', 0x1, 0x0) recvmmsg$auto(r0, 0x0, 0x7, 0x1, 0x0) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) mremap$auto(0x0, 0x7, 0x3fd6, 0x3, 0x20000000) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x340, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), 0xffffffffffffffff) msgctl$auto(0x3, 0xb7, &(0x7f0000000180)={{0x4, 0x0, 0xffffffffffffffff, 0x3, 0x418, 0xf, 0x2}, &(0x7f0000000100)=0x5, 0x0, 0x9, 0x967, 0xc, 0xffffffffffffffff, 0x6, 0x3, 0x11d4, 0x8, @raw=0x5, @inferred=0xffffffffffffffff}) msgctl$auto_IPC_STAT(0x3ff, 0x2, &(0x7f0000000280)={{0x9, 0xee01, 0xee01, 0x4, 0x5, 0x7f, 0x3}, &(0x7f0000000200)=0x7, &(0x7f0000000240)=0x1, 0x496, 0xd, 0x100, 0x7, 0x80000001, 0x5, 0xff00, 0x9, @inferred=0x0, @inferred=0xffffffffffffffff}) msgctl$auto_IPC_RMID(0x1, 0x0, &(0x7f0000000480)={{0x1, r2, r3, 0x10001, 0xfffffff7, 0x5, 0x6}, &(0x7f0000000380), &(0x7f00000003c0)=0x2, 0x0, 0x5, 0x9, 0x3, 0x8001, 0x1, 0xf72, 0x8, @inferred=r4, @raw=0x3}) socket(0x2, 0x1, 0x106) fcntl$auto(0x3, 0x4, 0xa553) sendmsg$auto_NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL(0xffffffffffffffff, 0x0, 0x800) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$auto_MACSEC_CMD_UPD_RXSA(r5, &(0x7f0000006200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)={0x2c, r6, 0x23, 0x70bd27, 0x25dfdbfe, {}, [@MACSEC_ATTR_SA_CONFIG={0xc, 0x3, 0x0, 0x1, [@nested={0x5, 0x1, 0x0, 0x1, [@generic="03"]}]}, @MACSEC_ATTR_RXSC_CONFIG={0x4}, @MACSEC_ATTR_IFINDEX={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4008008}, 0x0) openat$auto_proc_projid_map_operations_base(0xffffffffffffff9c, 0x0, 0x981082, 0x0) setgroups$auto(0xc00000000, 0xfffffffffffffffc) setresgid$auto(0x81, 0x800000a0, 0x8) socket(0x2, 0x800, 0x1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r7 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x109100, 0x0) ioctl$auto_SNDRV_RAWMIDI_IOCTL_STATUS64(r7, 0xc0385720, &(0x7f0000000240)={0x1, "77947a0f", 0x9, 0x2, 0x7ff, 0x1bb8, "d00f5322a8e93a161984686708c98cd7"}) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) setgroups$auto(0xe32, 0x0) 3.241490907s ago: executing program 3 (id=3037): kexec_load$auto(0x200000000007, 0x1, &(0x7f0000000040)={@kbuf=&(0x7f0000000280)="4f9007e952d365b37edb5599378ebd43de6ba11bdf3e0b8bfecf60d17abce6abaff4a34c888ce3062a129e28fd3fceb4c46ca0c4345a2afc7cafaa185bc82e5963a67240d8dd7b8d55d351437d1d00c69452ef2798d28539a46f52aa1899d024958243fc04c6fca33e9c73a274ba94cd48368bda3b70df314a1c5005c7", 0x2aaa, 0x2, 0x7}, 0x5) mmap$auto(0x0, 0x2020009, 0xe9, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x3, 0x6) socket(0x10, 0x2, 0x0) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000540)='/proc/sys/net/ipv6/conf/netdevsim1/router_solicitation_interval\x00', 0x1a0202, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x1, 0x20009, 0x8, 0xeb1, 0x7f, 0x8000) rseq$auto(0x0, 0xfffffff5, 0x0, 0x5) mmap$auto(0x0, 0x40009, 0x7, 0x9b72, 0x7, 0x28000) r1 = socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendto$auto(0x3, 0x0, 0x2000f, 0x0, 0x0, 0x1c) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0) readv$auto(0x3, &(0x7f0000000600)={0x0, 0x4}, 0x1da) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x40401, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) ioctl$auto(0x3, 0x4010ae67, 0x38) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x60040, 0x0) ioctl$auto_XFS_IOC_FSCOUNTS(r1, 0x80205871, &(0x7f0000000040)={0x2, 0x0, 0x8001, 0x6}) openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) sendfile$auto(r0, r0, 0x0, 0x7) 3.164907627s ago: executing program 1 (id=3038): openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$auto_BLKTRACETEARDOWN2(r0, 0x1276, 0x0) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) madvise$auto(0x2, 0x80, 0x1) (async) madvise$auto(0x2, 0x80, 0x1) pwrite64$auto(0xc8, &(0x7f0000000080)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00\x00\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e#\xae\xa9i8W\xe5Iq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd0\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00'/232, 0xfdef, 0x3) r1 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x28641, 0x0) signalfd$auto(r1, &(0x7f0000000040)={0x6}, 0xfffffffffffffff8) (async) signalfd$auto(r1, &(0x7f0000000040)={0x6}, 0xfffffffffffffff8) ioctl$auto_SG_GET_NUM_WAITING(r1, 0x227d, &(0x7f0000000180)) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) (async) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x2, 0x801, 0x106) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0) (async) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r2, 0xc004500a, &(0x7f0000000000)) fcntl$auto(0xffffffffffffffff, 0x20007, 0xa553) r3 = socket(0xa, 0x1, 0x100) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40, 0x0) (async) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40, 0x0) mmap$auto(0xffffffff, 0x6, 0x2a, 0xeb1, r4, 0x100000001) write$auto(0x3, 0x0, 0xffd8) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) r5 = fcntl$auto(0x8000000000000001, 0x7, 0x8) openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000003740)='/proc/cmdline\x00', 0x500, 0x0) (async) openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000003740)='/proc/cmdline\x00', 0x500, 0x0) sendmsg$auto_NL802154_CMD_DEL_SEC_LEVEL(r3, 0x0, 0x4040) (async) sendmsg$auto_NL802154_CMD_DEL_SEC_LEVEL(r3, 0x0, 0x4040) write$auto(0x3, 0x0, 0x100082) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) (async) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_TIOCSETD2(r5, 0x5423, 0x0) setxattr$auto(0x0, 0x0, 0x0, 0x800000, 0x0) (async) setxattr$auto(0x0, 0x0, 0x0, 0x800000, 0x0) madvise$auto(0x0, 0x2000040080000004, 0xe) 2.830706407s ago: executing program 2 (id=3041): mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) swapon$auto(&(0x7f0000000000)='/dev//oop7\x00', 0x4) close_range$auto(0x0, 0x5, 0x0) fanotify_init$auto(0xffffffff, 0xc23c) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) writev$auto(0x3, 0x0, 0x8009) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_DEL(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000005c0)=ANY=[@ANYBLOB, @ANYBLOB="e388bea156873508fe4320d7f215affde7cb43996a0e289ba1d8ddea38fbe2c6ba05f1ec013ed33955942aff74d7d0d5eb8119526b0c262ed02c3d9843f041e8348fc0e29779fe"], 0x18}, 0x1, 0x0, 0x0, 0x40}, 0x800) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000) mmap$auto(0x3, 0x402000b, 0x2000006, 0xeb1, 0x401, 0xfff) openat$auto_udf_dir_operations_udfdecl(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/bluetooth/hci4\x00', 0x2000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) lremovexattr$auto(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='\'\x15\'\x00') mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000240)='//ev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/kallsyms\x00', 0x0, 0x0) pread64$auto(r1, 0x0, 0x8, 0x8000) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x400c058) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) pwritev$auto(0x3, &(0x7f0000001000)={0x0, 0x8}, 0x5, 0x3, 0x9) read$auto(0xffffffffffffffff, &(0x7f0000000300)='/sys/device\a\x00\x00\x00\x00\x00\x00\x00l/net/bod0/bondactive\x00', 0x5) write$auto(0x3, 0x0, 0xffd8) setreuid$auto(0x3, 0x7) socket(0x6, 0x800, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev7\x00', 0x141083, 0x0) 2.361749494s ago: executing program 3 (id=3043): openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder0\x00', 0x200, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) (async) open_by_handle_at$auto(r0, &(0x7f0000000040)={0x1000, 0x6, "9da653b31752079554512ec68c61036964f9470c00d05df6b4ca77db3dd708c07a75da0cbbf21ec20d7cf009c25379bb2fdf5cfc6d04d9af2a45342f92edde48970038ff1ebc02ee8389976fe2986a1198cccd754766188fd47e389a970969edb41e1ee9f1f83ab48d3a23bdf73db519c15fe4ce019db00e7dff8b4651ac3a880f16185fb3fc93d91af1603b099279a816409556d767f5c4abfa1696876cb27d2084b5e94df7317280c95ff12192773646dca8cba4753b144310a6d0dec939e25604478a5ba78300af9f05a8c453edfe1b92138d86a1a00d1f725f575dac9164cbe11a25c873d173e90ad6bff69d653b221e86280d828373295a8c7c8195a871d779679c7818e9b80daedcd31d6bf688c69c2b022615843aa3fefea331f761e1216672cd273018d0ab447803d619da2d7b53d8bafd4d3754f2296b298e601a660d502fbeebb5e0c9d25f511e9e883901b9cb3c84ad5baa5855098bff5456ccf5f9042709f84e7b5eee24a3c1798a77e20dc07cfd471fa26257533ac8d14bfedae34c8894625c004bdef4d20a2e89e42aaf176857a7da087de8ee89714e68dc5bdaa9b6f33761567b4dc149421528dbe1983bfbb2dbfc061ecb1c0c01662dfe0ac914882cc2bf2485e2cdc5ef5343f44329b8babd5f26224f476b83fcbc99aab29d0c170ed7a4610930ff6697ce8aff098b57b0975b7decfeb368c4bf4c425bb9d0c30d45d228516f8fb3b6fc2ff387d1cff3385d72163ba36cf83426fdac5d5a2d7273b826c88b89e13ac1f8c94472d1f02f827aded3e560a439e92474fc866dc57e2ff706850dc4ac3f79f05607e74d0a36b38fb0253edfe5970382b87dabd7a70c7e54d6b4f1feaa84cf176157bf30ef401027da5545302965ffe098814af257e8cc37ef66e2afde485dfc1c4b072eba4048f5993c0c2a90132365f70dd27b2ae8168713a9c88b077f5d6b0ab9797527a71ffe594ff12afa855ce04b7e158f00b625edaa16b09359eed9043f1c46c06aaee38ac973cda2856d13179c8dcc035942176db9f2ff3c40a7a78d8e3541c0f23362ee75cc690c044795ed048108208d4140fe8e8cef6cc8135ae651c379a196798fb1bb0d3d947f368395c568d5ddd6167d9304f517ea4371a0f979eaaa79ec4000f95ac7d5abfb40921fa45aa83db20a554aedb046cf6b7af8dfc1d937a88c4ca73d7a8af8361e39bcfa86fe79bec671d32ca899de4b8dc26a21eeae057274d30fa46a5bef94fda828010fc239e197620d3758f226f174a269d5f972aec64530a3ca8527bad5d94a71ec5d36b1147eeafe34aa7a05de8ae131c2ed310e8b46676dc4e3be021e95927fb1c2d6af73794fb1174cd5aedf4f9e47d56bc36023507cb46c0c4c7808e793b7aa503df62a0cf24245e6c9beac96577741a180b87c1bc299be47c170e82bca18f5f56b911c69a926994fcb48b7ce4d89ab15df62a05c88f31cfb94abba88d514c01350ce43b61ea55171e0931f614525d6d9b9acff9690d3ddb927445e55c76e5d92249d4885034ed79ebbd106aa62d860aaa463349463a1b0c8daaffa372f3a44211c93086b99917a65cbf988ead535eced0dcf48b2ffce4542e33d4a43c2e967cd4c0832e5e78b366cf6e4d1cebfa1f146819429101adcec0a3e52cb2a5ec6ded17fdf74457527a95093eb6715523bc7f34584bc4b327aaf5ae859eb758d64e93f9908b698c4bc4378d5bdaca265aae10982079eb389768b6d9105d7454f7edf57b6b5b80b1cb4a3d3effc56504590d4f5576bb16a55e7dc81f3f34fbfbabc6f4e73fbe364314aad67104d7767883623af6fe1b9c489a780e840f6433d2b2ed5292b6f625681759e32ab2804a962d954dc591138f199a96fc43f83188c745dc264a5bd0641adfd8cd0b9638506fd54fc93d3e5907be8f1c4a408c8d54d404fdce2b2c5f176d562303cb746780d91158c089bbe2981fb4b4d88a25f79be6d6bfb55c3eba55e3093d33a5ace81bce4bb635277c5f573e5e1e6fd42a1e01160de454ceebe46346665ca9d500dbe45223d87b709276cc0edb2a23348ca0aa1d14cc1c66c034a2e1e5e22493834e6aee0ae5397440c7d89a769279f6869ba55cb66b9a342639f00c1c1cf7d9482797aae257851067cfbe9aee73acb8ec5d6a1c131ee0ba76bea9c6989925687d17e30f17caaa05dfe424bd1f52e6c6a2ee209e739f8f95ee25a0875a1f455972046e184009a988a4ebfdf0aee82ebaab30f98610d2991d3831d2b34de903883ec197004b6fe421d22d8c9db6b454e40a18e501ff24a6825f04f39a2814190ecbf9623d7eb65bc4453217a6af15dc4e872cf4d215228dcd7de7448274cbd2e1bc2c1bfe44444b501c28136310d4dfa7fb924482a424e88efc04bf9c1bc80a1ce494b42e9c188eab02353aad6162da44c4a44ed80675fa34b1293065267176d2dd1b4e0d7bd3ace95b5b649fc63a106868377a997487ba0a077f16415ded51d8439387af6bcad3a376b74b9ddadcc0dd05fadd8408cf7f7317ac271115837cdb7f6da28dc8825338f63b61c1619e37baf72470c95dabb44a913960707156e032916d147b3c8427b01fc95e47f000e865b6e6595606358504e435adc94aec172e701045429360280fd85ee72121060832cd2abd42d7304713e00870a1489d3559bb709178642a1b949dfb4d8e1226a828630fcc152ac15902ca7aaa2f0082309ecec1c3227752f82ed10cf0df19611fcb1344e361ca6a9ea7208042e33bedd065e05bf219d27d6216d7f3c33eb85608869a4978c92c6a33bafa199290d0653e5eac457d6020c70fa6274938e51a0efbacda68f214bd212fdba3b13e7dcd09efbd507405c65fb9bf36595ead646fbdb18be644a99583c099bf97e9fda1ea74a1c1a8ea5d015c844001f9e3baf23b38c8097c197ac759d4e9237d991d47a38621caf962028bae9720051279c3e702fb5d76ce46c9cae6c6c84dea1fd56a64f7ea309d5e914bad8b55ecc4a2c08c3ce7a5037bda2c5861741aaece72158fca467e754aa039d50d814616f804b590042f53d847dc0f1507f3c009ca4e82979d57801a3cc1180c2ec459fdeeb87b59073f3cebdfc857e3f510703050b3b04ec81ce94e8caa553ec1ae9c60c4bd1df9a780c1da8ed55de14e790fb12bcb9deb42d164d4800c76e78f783e88ed01c031a6aca3b57ba1279282be948d9d6bdbbdb0fce0b7d8e6674658f8714c03b7145f429ca1eb4f9506a9fb3838ab4b18fac93c69da9620aa7345ae126b9be4c2975f04c4b97675f7c2537756c9012b3a48d163b20ba514ba16e69af6ce447ee238e381b3fe9a02740b87036891377428bb21c464c3910a55e63595ba7a4f0525ada04725c4e03b6ad29a1b2d0e6d98ebb3d61fb9c314611e67e4dab4bd00da2033771df1f175a9cb699780b1dbe750687536f6f451f5455c574b993fa3dfc3188682a885bd370086271e41a3c93e338c81b6352e5dbcfc151aeb442d20488f47e4d144d04fb66949ed3c6f18b27c79356e5686ecda8d5b204db21b6a1d9dac6959a001faf9c7d45c2191b8d87af9038730c0c3e73b72874ec3aef57add758a9e4af51ec0b7f40cbc4821a0e79fa1dc46aa504d2302923741bed9275d5f00af0e47a32f44f064ef99739fbfe1cd55b5876367c4331365cbf357e32a86fce05a642f62d06f6ee61e16ded417cad26205ad5005ed61714f1e083a5b30b2aefa96219d2adf75f0b9e5b3eb79f62f7a0238f2c79824f8f77dda886c2f1e5b2f084143edef1ee7b33f3debd5b1c9c3d82aa9f777d70d4fccead7bc47182eb0b6ee51144f8822446b203c1f274e12518d8defa882eb7a82b64a8591c1d4a997909dd0f418ce9dea31d997186d7c5f5ecbeeca94c7af27c3559a56a32efacdb53fba813ec56285eac522696a3555a5db63d7dc3f00f6f792152698fc58505602d669a17ed047f000d31b4adf22b8bf65ab3e293add1312081f44ae51fb19d03d58645efa4041d11f0d916785230d52271e7adc4ce99a74842970715680f317ee6aba6775c90a1477f88f06e395eaa1bf049a5c2621d05fb11737dc755d27dc8916d6292a0ca2a29f4cc0e414b23583796dea0380fad984aa1c115458f9998c61cb6ed4c051dc5cde6f6d759cebd375d76c5a329a2551912a8cd7f954d270b89818470cd2daf99afbe9cf6ed3434a80bfe83b171c4603ecf5d565762244ccf88ca082b39d58da113f72f1a5583bdcf1a805297994da387850fe92f80f0d48311c5fa61efe1be5a11938ff65c03aafac999c8012f675bc56d7d00a7eb0a5de8559bb36f062b1b97cb4c915bcc01aa9f42f4109e6332515664dcdcf2055ba66e5dfbe3a860e1c11e351be889e8b9e5a2292b9c199bd50c72ebb9c68b1a5474e677fc4bad435ecfb957e5bfdcc92f839cb92d77e3198368cf15fea7fddda928b558f248f28971b30a117b513f414a70e1f6c3ae32cc37a49c5a521840292fdd982d27a1ce85b241a1e851efbaad7f8b97b59c770e63838160f60442b60cd80066a72c7b6ce51fd05b100009aeec828fa4b8b0a1df45ce8c86b0c4b07c7a93e740d2faa7e6cb4371589ddafcb19619c4aec729ed9858b357dc308bd5d7a01875a3810a0567d6773f9103b902c8eddc0d71c0937099d86d529356e0400bbace859506387eda4628e9800b2081c19a60ec83002e79aef835e2c3c330f5eb78e94b43194bd220e0ef1c2ff982754e79dd219b5a1ce88df4dad33e548fc152bbd865c0f524d3af06f2fd6b1e3ddf5c2f6fafd19cb5790f9e52ce48daaa4f4ea24e35e4ca1fc88ed11d0269dc46b355ef09341f100bd5dc9f5aa2d48c06c5375ef3e774b67d089dd6d055b58d336990935905000915d5659c1f5a8ae380580522bcb1097e6142ee6bf424c9e07ff4b1ef6a831c56f1d13dce0325cc6d837dd004bfff5736261233800ff8b67a7dd2f2c79deb1fd7b19adff678dcbcfa5ef0424130b28bcb7d16399e757925c227622ea65e50d31a47ae2e092b915139d038971615e796f245043ec788060152f2d62e3fef7690938aeaef9ea666b9de6178e3e6e630754d0959b38385d6f5bbf24a4b6e36b866c46ce36b6e8376a23fe3b1f63f4e603261547dd76eb334e5d1e3851d5666d22f5abe25031662b76be81fe5cb678c58056c5024803ab9e99a956b051b504dee77d9dabe2bc123746745b939b9b09577921bf3b336be6179d8ef748fadf04495109f5396a473e343416f53be84e507407cfc55c218c46cd8b170a35d2235a6596a37f6455c72d4c33ac8887cd25a1820db0f9fe35aaf820e3647bec3bf1a74a0f61ae558de6b24ac520992bdfc21a5351946787f2092371ac40eea199dc1ccc86827428c7abd20d6702904dd6e07a7c5f8ff95b4944eda86a151427e251aa5baa04694254a0c530eb7c6026f50c1272f488b3b71b53310ff0393da130efcaa94f79e3aa1b166db61078190caeb63e3d93a71c9d3b9e3ad147a5c41ac9ed24cc021c6d1ee5645c0478bc611ee40ecdbfbd967d8986b2b00e2c38b69e17f2b53105833e6fe1db51c7dadca8b577d049b9007c2abfb9e1bdd526eeabb07b396d231d1af0380a811929fcd68b1c74b8655048b3472029d97704e617f4fb0eef395d8dd317664616a93b4b25bbff200706a8a2389ff84167a753da0807bdd6cdb8f3730e7e47b82b552569a3c0cf521b202e9577323832eafc0da3a867223515526a53f2e1cde1c3fecc2fe4466ef3b5a73d646c96a31f76ee2e9b6ef1eb5cdd98ac31be9d0d3839873"}, 0x559) r2 = openat$auto_loop_ctl_fops_loop(0xffffffffffffff9c, &(0x7f0000001080), 0x123000, 0x0) (async) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/block2mtd/parameters/block2mtd\x00', 0x601, 0x0) mmap$auto(0x0, 0x2020009, 0xffffffffffffffff, 0xeb1, r1, 0x8000) r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x0, 0x0) ioctl$auto_BLKALIGNOFF(r4, 0x127a, 0x0) (async) write$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000240)="e769ffff91a9bccbf2a814c2b1c2da6a4642e71e42496c6bac2cd2cc3aa9633c36df13128be76976577ef8b494eb27dd7c5c300903663e1e87c15519219ff691bef8e8162e8a841e0b720ba4c432a0b5e1e6ce3fba9b6c4462c74f701a8daaf2a07cdcee8ef120a79f8ecfef3532373fcfc0602284e9ecfab10a02", 0x7b) ioctl$auto(r3, 0xfffffffb, r2) 2.247632894s ago: executing program 3 (id=3044): r0 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$auto_SO_ATTACH_BPF(r0, 0x1, 0x32, &(0x7f0000000180)='/dev/mtd0\x00', 0x4) syz_genetlink_get_family_id$auto_ovs_flow(0x0, 0xffffffffffffffff) sendmsg$auto_OVS_FLOW_CMD_DEL(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40}, 0x800) socket(0x2d, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000000)=@in={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x4) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) openat$nci(0xffffffffffffff9c, &(0x7f0000001500), 0x2, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000) mmap$auto(0x1, 0x402000b, 0x2000006, 0xeb1, 0x401, 0xfff) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) r1 = io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) unshare$auto(0x40000080) set_mempolicy$auto(0x1, &(0x7f0000000080)=0x3, 0x21) unshare$auto(0x40000080) fanotify_mark$auto(0xffffffffffffffff, 0x0, 0xfffffffffff8fbff, 0xffffffffffffffff, 0x0) r2 = openat$auto_udmabuf_fops_udmabuf(0xffffffffffffff9c, &(0x7f0000004040), 0x2000, 0x0) ioctl$auto_UDMABUF_CREATE_LIST(r2, 0x40087543, &(0x7f0000000100)={0x1, 0x4, [{0xffffffffffffffff, 0x0, 0x100000000, 0x8000000000000000}, {r1, 0x0, 0x8, 0x7ff}, {r1, 0x0, 0xfffffffffffffff7, 0x3}]}) capset$auto(0x0, &(0x7f00000000c0)={0x6, 0x0, 0x6}) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x4, 0x15) madvise$auto(0x0, 0xffffffffffff0005, 0x17) statmount$auto(&(0x7f0000000040)={0x7, @raw=0x4, 0x9, 0x5, 0x3}, &(0x7f00000002c0)={0x0, 0xffffffff, 0x8000000000, 0xe5ef, 0x9, 0x4, 0x1, 0x0, 0xdabd, 0x4, 0x2, 0x742, 0xa300000000000000, 0x6, 0x8, 0x7f, 0x1, 0x400, 0xfffffff8, 0x6, 0x0, 0x3ff, 0x200, 0xf, 0x7ff, 0xc8, 0x5, 0x4, 0x9, 0x1, 0x8, [0x7, 0x7, 0x8, 0x6, 0x8, 0xffffffff, 0x2, 0x2, 0x7, 0x3, 0x100, 0xfffffffffffff420, 0x8000000000000000, 0x6, 0xff, 0xffffffffffffffff, 0x7, 0x423acfe6, 0x9, 0x3, 0xb, 0x4, 0x4, 0x401, 0x9, 0x7, 0x0, 0x6, 0x8, 0x3d40000000, 0x64, 0x8000000000000001, 0x4, 0x0, 0xff, 0x4, 0xffffffff, 0x6, 0x80, 0x5, 0xb3, 0x4, 0x7fffffff], "3c65789a61bfc6f64b1cca8dbfa77e301c9a59fa11e27a255ba649aefbc435b5c0ceb07fcd8c38e43e36e7bdfebd5f868820123c8e49dfd1f22e2b8d8df6f427def490cbb7c308d74e602c6c744445f0e7d4c5c78540471b2a5dcce3f55c827900a8592ad9cab6b35caebd9ba6a5385756b929b82c0d1fd05887f01c70e3af93d84bbe1c4d55f48f8a9e6c5f82ebf2d043398e937c5f79c2ffc57e538d9175a33b74e005204e2e9aa2847c7ba94e6cc283009f73469c2f4435727b8afe4ece1f11b91ec98be9ba26646ee5755c98dbeb7b0de7175cf2fe79661782c85e285044db0a38f1729ec26a673752295dd5ba4b78c29bf20ba93f5a6dfee9e11e7dff63ae2807bebc0eafcb8f4c3336cf4008e286138fea7766ed8e9c4f9a42020ce2b4a0a3d1fe851289af262fbe0c66aa79bc3b374bea6d6721a6e5f0d1fcf645c59bdec286ff12ce0061f2e2876311abc5e1a52abfa3515ce0d8542a2e5f1b65c04496ad53375a70617645494a4fd1a746b909d0c14fcf05126cb29044dbb5924289d5ba58da73b5fa1f1f03322876dd729d2a03c4e84e9c5ee56be9cc2572f6552a754d1e6da6d5c2227f35692a8520fc9d200268bd5fdba721197023ed34cd5981843320b19c0648e7d4560a6c268676c502ccc29d74281f5403d2ebf2de57db255d04aa0d051bf31cf90ad29b6806b8f438006cb693460550e149f7bdf8f25e736ce9eef40a1e8f4f575d51d1949f8f28ad65567ad70a54f3ca28eaf63b222ef220cb5b3782253c3329685ab4bd9a34353bfe54291779d92e56a01dcf5f0597ee62d1c508e8dafab7b284a8cec8e7328c75c62fc017c37d96ffd69ed7eb57a501461dc4206217532cf41eb7ed069996dcdff0a8651ad495bd1d8ef74614075d0688b94f8edb08ea51a39a4e42991419cba9e7f7e6235286ed4d4a90bf1e6a045191bbcf7bac5773ac469856416ab8e73dfe3b15a3aeeef0ec804b195f870899fd467a2c4287168f03cfd70cc9936d25b03badeb4dbfbcd6a06fc5727b50d61a4f11c1e910f369b7aaf370326eddd1271f5eeb98266d7edef3e1785e5f2dddaaf36918058c05c1e1a8d55dc5a10c65b5e1740b5c34903963c4c1d3e84f1f63bfa0e1cc2ee2639230b862b09e478f160ea9ff08e2b729819ea34bac31b9dd0dde0f3f74efc6c7dae44165a8c97ba41a510fb1fec3d1b1283567b59c66c74cc84ae1b47c84eccec78f0de3330c6e18f43a2b15d6083c8750a6ef7b8f61b9fae94e3680b0ef2d77a484bceddc9b5ef08dc4983dd4a3bcf5fcaecf41759744875fb0f88d30e609b524b379cfd5aea26be34caa7b505e20d88d2fc8d674f771a62bfd7eea52736f140f653636ca9beb06cdc2a3cd07cafc479a83419414b2c25cd6f6fa6a94885f02badbf5a3a1ede958c2734452d5aa37ac514e2393c096a56433fb9d6c7d593ffb2fa05d284ba3e47f297bcaf6d1d66568ace3fb18f84bf96f65e7391495bdf83ad821381acc400fd59529c16da469a30b82e6348b4da27c9f6a3c6caea916e8d31d9d98ad1d4799bf95021710ac2b820ccd2bc58a5d65c26d038ebdf89ff2ceef40778cc5066dfa67dbf0f8460bf65cf622ba5a35ce2a479146e65af6700e8a62c383d057d6441e532e1f8934d4da07a750d2da5c0babfb63887c266903dc8c97f0b46154ea43602cbaeb25bebdf0fecd32bbb34f6dad9afa10e592c83f71c1382bb923e68d61fe0a3d08dc6e93b78d44aacd82c42d10aff263d44a5c1c95a50531eb26dce2564cd775a1a0e1617aabb288a7293f33610c545d1305ff2151568e20fe94bbe901005d4c70fad88120082dec1c21a842aa2aec1926c14523145e7bf7b0b3d225c2de66941522e700e27cb5107890fd8d4790e5efe53a8256b55d0cc22cdaa4bdbc804ec68a9b5746d08366b1107f100c7c757669896b2f16393044ee75002350fe722723e502c954d4820853053960ad568d5e267cd2c475ee59ee27db1c0ad415b95e9ff0e562d827370b0166cf7c8890212b323e5ffe249aa1e18b92388225865016b5972d242dd48db5cc5769febab28f28769ca0a243aabec55d3f9ee65bdcc58e343bfa68d07cf811de1b35b347475ce75874888d5dc12e31c866ba5f608c013db6fc111e00d98ba2b4012d9b7327deab876e2fd0c86a2fd0660176feeed5ccefa0078e555e4129e3bde8d408b25ba82c5aca5b4c4bf13518922252ec442db1f8afbdf4c80f205bf8fe3944c785e71eb45c8e80b66f5fe43690061b31eb76a052583437102d8e61af5be5c09a3b6321b34964f618b185ccb3070e39cab4f1fc9ef1347f3c057ba2dd27e98ef86f496dd80f5df997874d0e5a298b2005a0bc2c2387e7e9772e18f9dcd55c666aad50b4249b0b9e8f79c1fa55a89a14ecc42150b72d494f0b29a6a76e0c511d95e8e8f454a4738fcd17fcc4ce2d591d706bb5196b196fe3ab989fa0e080b7756d10a36e0c758e316a765adebb95ae720cf7669b8b07e2a85c6764687f04a2c2c50b5bf089b9dd6514fb8d707c56155518dfd3539997ac2cecc0c638628b1950e4ab88cfddd532cfcec71f7a559de1cf626ab166e5343738ee04d935dfe515e780fdf32014ccfa1a105eb5258ce42515271ed1be9456fc70e1311b116cdeba464f93f7cafd665e345961831d81adefa0aa9b3bc06d24443c7839b9b3b8cf28b77b75dede16c5b37aa35164f6998ddbbbb4ba4db002ed3144fa7904021fd3b989ad4d30a21c08c16a402c8b25bb08af0124272d9f7bae3663e560fc27ab6528aa20693998ba40997965455aea95e40c756d945a0f1739a63de4a1990417d466b9cbc7f8133fe7eb335899f28dc8bc9cc24982c9020dfc5bf10a92ae66e022642afb9d1991cdca66e0ccf70845f4113c25e84c5c71a521e70293e989433cd4bf1310ca6ffcca35374f6f977e8c95a12a00acc171170319d09b9f4abf315870d39517a9c799be59bcc496b0330bfd45a075470cfe31d610de191aeaea57d98d12c1894ffd7d460285cd384c61eb786d54b934245fe76b04f4b3929b8b67db6a82f8530543671b377f9188696ed146db2215fba926d78dd3b97b8ac3ac5cf5d3d2a2419bd9020c906ee8b3595d3a9326eeeb7424ed83fb5040d297ce8e3b80a1c8493c8748e1e9dfa54e156b2caf2eba9ff35f1265d78aeec0d67fe0e737127e7305e4b601321e75333ec431b0f42ea3f46c5a87f31c9a27d063617092ce622422076f9a37ee9d199bea6acb8d040f7a3650ee1cedd0bf1719720a739f7752462ed20dd040b01618b0b5198fad577096f1307fc5e3da153a18e2e80e375f0c4c1797104f2f7e8c924b3b12fa297bc607e3e08c7d4452a0a102192bfb18b20fa0086581a2fd88ebb376f314a85b66adefe32aa05da29714f32f728dff84c37791be3865bcf43dbd9ed4c37bb215e104bd39e462056b299c52706e95619f4eb75cc2a312efc93ba387edcad93fe839411ae9f9c1125a6e5809014f1ace6bca194d6c3e7e6ceeeae9598499331beb10e8704273e47848b5052d1c1d88ce1ee57f57721a683df07c9d3d696327e3d781c5ed3a27c03266042050b92db7c833d0c8e72ca1b98a2a0f245c91108fed964ed71125472e9c39b39cd37d814a67f3386a372557ba28b5a71059907eb7645e345b5ebb9b6668e058eabc559556b394c42cd74fbcf778d823c1016d707cda9cff1ca90e601ada523d7be78455cdc161099e2b31de7da50f121c0682cf1033410dc44cc5f0b1dd14a2a9d2b60adc9deb973a6d02f3f50f5a6dcc4c429f090c8b1a65a1916afad6d3f7568d3a740e3be46d51d852518e299e2a825816061ec86d9d9457d109b01121a04c82a008b5c397c1c753dc7249bf90a070ded6399c7bbae3376d06a062de545aefde0c1734bf82c77a6a68967928e064ec85bfa587f7a064c0a26d6ec38f157e4f57b8f326d340cc5497907bc3993573948e396d871503c7f6b7d3a1c6a60e2560642e29df1e2816f0a05a62cf767e2292412292ec771622f3092b846920ff3f96d02f105e9e9b70b3cf63a052689bffcd1dfa1ac607a8c2672043a944eb94724a9265cfe10fa9fe243eb07efb51c8ef5616d2ef215ac57083d47c20fb6a76cf2936788c42afab9353f21fd3c0f28e2abb5a87cf9989f55b2e2b9e82b8d9ea70a7e52f2aad406c97677c39a2ba2954608aa1c84c6e37b6ab7435b8dfced37c3fcc85714101377b7c3d9cbd53acad990c53c275b5b0102a45b0aa7d7dd0ec56a593a0506438203f3175f5a66c5d561b11f8c3a188ca49a08684b44fcb9be4517cb65cf45407274558c082457f5d8dcab8053d2292330e0c81e73d91528e1d088e7c95de533bf3df1c1563f5510db591f77ee5fd6244cb2e118632133fda172b8350af5fab610a5c967a652494c25a9c9d7cff3456f3361f605eeef624d2b96cbb4f864bb2e3fad870aa93c2fd346efab9cedca3f4bc775d81104986df1b350565c3d4971d5615932fa8a92c3648b0128628bab430f1a1e407f10e8e853ca14a78e711efde822e4e21337de895fb90fcac711556ab054a40884076dd537d0c66cf470ef7960ecf4155d6a6133584dde599464e54827542453fc9038c6e30c14f43df0acc51539ca864b3b39d728d2a5923f1d63f5970c43aa4d20660a042314e719f3237afc3afb7f25fd705def53a0fd4d4cd63131d74c4d9af928cf5907f2d173aa646d756cbd0d3d4c3b0da111ebe786c53cf7acff5d7178a1c04572f620f80d58bfc3121c692a87beec88c67ba7b18080f54e7a2026f1c38e7d4e723d7d8ecf535f35a2a340274f8ef6ab9be072c014a89f3d2c8e6c2cf277d3588a442935a1dfd068212e58e4d216bab5556995798a6e66783946d378738d32d955648f0a85757ca13ce8c1298d655afe1eed7a01796e22bb6e62af0b54277272d809003473ed6e438bbaf4964c7f1f4d9a545fbbde619fd19f1d340c52952c70fa0fbad0fcfbfdb973120d69831e8d74d60beec0a9d67d966db48f8d6905136564c779a01082100ed9adc5ba2210ba91ac99791d812687fa6e77a5a2c2717b6d3b1717adc5a460f654a98f101756ce538a22a8b81d9b05cf6e78010807e524181c667c45119bcb7089b0e274c0d308862ae4a7407437613c77bc24d175ccbba6471b9363275fc645b0ee85a309f7d673175ee90de2917c8266836b5eab28941f8d6c696a99729dd2fc6a703d7321dce433d353a123f1b5f4a4e40f6158035aa866d821ca8470691c88ef003b2ed5c67efeff2e66da78badbe49eeed7086cc79819a5b93f09ee1950eb0be9b9a4904755c9c7b49d223e2cba1b0193059ae4dd00f0eaaabbf917e36542e8403e86e558910c0b281d5c984efcc381627c8a7c06e13efab37d31b8d455c94296a2b5479e631e648230c175fcd0637db659c18ff5f26263067d9e609fe8d7528cf30d33b4d3bb1960bc02baec884a890d7ba0502db16f9f26e6a8ba602af928fe5c3341cc5ceab208bb627581628ccd6b3f9536dd1cb93fcbb133a7a26d67632b4acee62a9af9e818d0b00d81081cfd2c10ac22b73f8b0a205ca8570ee1ef2380a89ae63645217953f02fd66a4ac259dbf8df33674fea54db50f9d3c4c8111e1e9720348c21240e99a25b79cee34cbfd0d3c99c1448bc6c8dfdba29ae5d8f34c63e560f0853789c65cdd7992b45df5728dc3177e8d199f30d567cf2965de873e6752c45aa327a8664252a5f802cbc2660b3cbb9cebdf59b05bd92c9497be594baefd1d56a15cea8fc2ceb647432c"}, 0x8, 0x38) mbind$auto(0x8000, 0xfa9d, 0x2, &(0x7f0000000280)=0x20000000000000fb, 0x3, 0x1) set_mempolicy_home_node$auto(0x0, 0x2010001, 0x0, 0x0) r3 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/fb0\x00', 0x400000, 0x0) writev$auto(r3, &(0x7f00000014c0)={&(0x7f00000001c0)="cbabb55803e80fa3598af7958c793b8f7f518c4866465c0a744630169120ea941be38557cd9b9c15e38b574401a727c13a65ea973e3cb2d943eddc7c71a67c12d78f94a69fa957ea5f92e715eae30a5f5879"}, 0x9) ioctl$auto_SNDRV_CTL_IOCTL_TLV_READ(0xffffffffffffffff, 0xc008551a, &(0x7f0000001800)={0x8e8, 0x8, [0x4, 0x2, 0x7, 0xd]}) 2.001708104s ago: executing program 0 (id=3046): set_mempolicy$auto(0x3, &(0x7f0000000000)=0x7, 0x9) r0 = socket(0x2, 0x801, 0x106) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) pidfd_open$auto(0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x1e, 0x4, 0x0) r2 = socket(0x1e, 0x4, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/fs/nilfs2/features/README\x00', 0x40, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000040)=""/6, 0x6) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r2, 0x10f, 0x87, 0x0, 0x14) ioctl$auto(r1, 0x2, 0x4) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) sendmmsg$auto(0x3, 0x0, 0x7, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) preadv2$auto(0x42f9, 0x0, 0x2, 0xffffffff, 0x5dc6, 0x0) setsockopt$auto(r0, 0x533, 0x21, 0x0, 0x20) mmap$auto(0x0, 0x400008, 0xe3, 0xbb72, 0x2, 0x8000) 1.658868446s ago: executing program 0 (id=3047): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x0) socket(0x11, 0x2, 0x300) (async) r0 = socket(0x11, 0x2, 0x300) read$auto(0x3, 0x0, 0x80) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000002f80)={&(0x7f0000000040)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=0x0, @ANYRESHEX=r0], 0x28}, 0x1, 0x0, 0x0, 0x278e18a297a8387c}, 0x24000802) (async) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000002f80)={&(0x7f0000000040)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=0x0, @ANYRESHEX=r0], 0x28}, 0x1, 0x0, 0x0, 0x278e18a297a8387c}, 0x24000802) close_range$auto(0x2, 0x8000, 0x0) socket(0xa, 0x5, 0x0) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f00000001c0), 0x20000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) ioctl$auto_USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0185500, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x149000, 0x0) io_uring_setup$auto(0x6, 0x0) (async) r1 = io_uring_setup$auto(0x6, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) close_range$auto(0x2, 0x8, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x4242, 0xe1d2b27bdc14aad4) open(0x0, 0x0, 0x40) (async) open(0x0, 0x0, 0x40) syz_genetlink_get_family_id$auto_tipcv2(0x0, r1) (async) r2 = syz_genetlink_get_family_id$auto_tipcv2(0x0, r1) socket(0x10, 0x2, 0x0) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000426bd7000fddbdf250300000004000800040003374b0008"], 0x20}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)=ANY=[@ANYRES16=r2, @ANYRES16=0x0, @ANYBLOB="db002cbd7000fbdbdf250a"], 0x1c}, 0x1, 0x0, 0x0, 0x20040004}, 0x20008810) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="18"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x6, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x4}, 0x3, 0x20000) close_range$auto(0x2, 0x8000, 0x200) io_uring_setup$auto(0x6, 0x0) socket(0x10, 0x2, 0x0) (async) r3 = socket(0x10, 0x2, 0x0) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000000), r3) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB='#\x00\x00\x00', @ANYBLOB="2e00f5"], 0x1ac}}, 0x40000) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB='#\x00\x00\x00', @ANYBLOB="2e00f5"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) 1.327482507s ago: executing program 0 (id=3048): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = getpid() pidfd_open$auto(r0, 0x5) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r1 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x4605, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x2, 0x1, 0x106) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_CONNECT(r2, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f00000001c0)={0x38, r3, 0x1, 0x703d25, 0x25dfdbfd, {}, [@NBD_ATTR_SOCKETS={0x18, 0x7, 0x0, 0x1, [@nested={0xc, 0x1, 0x0, 0x1, [@nested={0x8, 0x1, 0x0, 0x1, [@generic='\x00\x00\x00\x00']}]}, @typed={0x8, 0x23, 0x0, 0x0, @uid}]}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x6}]}, 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x8880) r4 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="05040000", @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf2503000000080003000010000006000700fd7f000006000700100000000a00050000000000000000000a00010000000000000000000a000100aaaaaaaaaaaa000008000200", @ANYRES8=r4, @ANYBLOB="08000200", @ANYRES32=0x0, @ANYBLOB="080004000900", @ANYRES8, @ANYRESOCT, @ANYRESHEX, @ANYRESHEX, @ANYRES64, @ANYRES64], 0x68}, 0x1, 0x0, 0x0, 0x40090}, 0x40090) ioctl$auto_TUNSETPERSIST(r4, 0x400454cb, &(0x7f0000000000)) 1.193625669s ago: executing program 0 (id=3049): openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, 0x0, 0x40a40, 0x0) mmap$auto(0x0, 0x3, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80000, 0x0) openat$auto_lowpan_enable_fops_(0xffffffffffffff9c, &(0x7f00000000c0), 0x200, 0x0) socket(0x2, 0x801, 0x106) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/mm/transparent_hugepage/hugepages-64kB/stats/split\x00', 0x0, 0x0) socketpair$auto(0xe0ea, 0x6, 0x4, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x286ac0, 0x0) r0 = socket(0x27, 0x80802, 0x0) setsockopt$auto(r0, 0x11, 0x67, 0x0, 0x8) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f0000000140), 0x55) socket(0x10, 0x2, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x80100, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r1, 0x0, 0x20) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/fail-nth\x00', 0x82, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3) mmap$auto(0x0, 0xdb3, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) io_setup$auto(0x7ffe, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mlockall$auto(0x7) 1.142910955s ago: executing program 3 (id=3050): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) capset$auto(0x0, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) r0 = signalfd4$auto(0xffffffff, 0x0, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x0) openat$auto_safesetid_uid_file_fops_securityfs(0xffffffffffffff9c, &(0x7f0000000740), 0x101001, 0x0) write$auto(0x3, 0x0, 0x3f00) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, r0, 0x8000) read$auto(r0, 0x0, 0x80000000006) mq_open$auto(0x0, 0x7, 0x5, 0x0) 817.526207ms ago: executing program 2 (id=3051): openat$auto_cachefiles_daemon_fops_internal(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) socket(0x10, 0x2, 0x0) r0 = openat$auto_vga_arb_device_fops_vgaarb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = set_tid_address$auto(0x0) ioprio_get$auto_IOPRIO_WHO_PROCESS(0x1, r1) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x0) prctl$auto(0x1, 0x7, r1, 0x8000001, 0x100000001) write$auto(r0, &(0x7f0000000180)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x2) r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/controlC2\x00', 0x80, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_TLV_WRITE(r2, 0xc008551b, &(0x7f0000000080)={0x7, 0x81a6}) r3 = socket(0x0, 0x1, 0x0) r4 = getsockopt$auto(r3, 0x6, 0x23, 0x0, &(0x7f0000000140)=0x8) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) kexec_load$auto(0x9, 0x0, 0x0, 0x1003e0000) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x6, 0x3, 0x19, 0xfffffffffffffffa, 0xb) madvise$auto(0xffffffffffff7ffe, 0x2000040080000044, 0xe) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) unshare$auto(0x20000080) unshare$auto(0x40000080) io_uring_setup$auto(0x8, 0x0) madvise$auto(0x8, 0xffffffffffff0001, 0x5a) openat$auto_snapshot_fops_user(0xffffffffffffff9c, 0x0, 0x180b01, 0x0) prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x0, 0x3, r1, 0x8001, 0x2) ioctl$auto_VHOST_SET_VRING_CALL(r4, 0x4008af21, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/ip6_vti0/stable_secret\x00', 0x509100, 0x0) write$auto(r3, &(0x7f0000000040)='/dev/snd/midiC2D0\x00', 0xfffffffffffffff2) socket(0xb, 0xa, 0x800) socket$nl_generic(0x10, 0x3, 0x10) 816.699864ms ago: executing program 0 (id=3059): openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, 0x0, 0x40a40, 0x0) mmap$auto(0x0, 0x3, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80000, 0x0) openat$auto_lowpan_enable_fops_(0xffffffffffffff9c, &(0x7f00000000c0), 0x200, 0x0) socket(0x2, 0x801, 0x106) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/mm/transparent_hugepage/hugepages-64kB/stats/split\x00', 0x0, 0x0) socketpair$auto(0xe0ea, 0x6, 0x4, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x286ac0, 0x0) r0 = socket(0x27, 0x80802, 0x0) setsockopt$auto(r0, 0x11, 0x67, 0x0, 0x8) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f0000000140), 0x55) socket(0x10, 0x2, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x80100, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r1, 0x0, 0x20) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/fail-nth\x00', 0x82, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3) mmap$auto(0x0, 0xdb3, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) io_setup$auto(0x7ffe, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mlockall$auto(0x7) 201.189748ms ago: executing program 3 (id=3052): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x9, 0x1f, 0x940, 0x1ffde, 0x3, 0x6, 0x8000003, 0x9, 0x5, 0x0, 0x4, 0xb0, 0x7, 0x200, 0x3, 0x205, 0x7, 0x0, 0x3ffff, 0x0, 0x3, 0x7069, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, [0x0, 0x0, 0x0, 0x8, 0x5, 0x8000004, 0x0, 0x100000000000000, 0xfffffffffffffffb, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x0, 0x100000000, 0x0, 0x8000000000000001, 0x0, 0x1, 0x0, 0x0, 0xfff, 0x4, 0x0, 0x0, 0x2000000000000000]}, 0x203, 0x7d) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) mmap$auto(0x0, 0x400008, 0xdf, 0x4000000000009b72, 0x2, 0x8000) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) io_uring_setup$auto(0x8, 0x0) close_range$auto(0x2, 0x8, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$auto_SO_DOMAIN(r0, 0x1, 0x27, &(0x7f0000000080)='\x00', 0x7) open(0x0, 0x22040, 0x80) r1 = socket(0x11, 0x3, 0x9) socket(0xa, 0x2, 0x3a) socket(0x11, 0x80003, 0x300) openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cmdline\x00', 0x8800, 0x0) r2 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x787806, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = socket(0x10, 0x2, 0x4) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYRES32=0x0, @ANYRES8=r1, @ANYRES8=r2], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x2000c082) write$auto(r3, &(0x7f0000000000)='-\x00', 0xfdef) r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nbd13\x00', 0x101400, 0x0) ioctl$auto_BLKGETDISKSEQ(r4, 0x80081280, &(0x7f00000000c0)=0x7) r5 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r5, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 190.823854ms ago: executing program 2 (id=3061): r0 = openat$auto_tracing_readme_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/README\x00', 0x101000, 0x0) read$auto_tracing_readme_fops_trace(r0, &(0x7f0000001e40)=""/4096, 0x1000) r1 = socket(0x1d, 0x2, 0x7) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_CONNECT(r2, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000001280)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010025bd7000fddbdf2503000000040007800c0002000500000000030000080001"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x8880) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r4, 0xfd}, 0x6a) r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/tty45\x00', 0x201, 0x0) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) io_uring_setup$auto(0x4e61, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) close_range$auto(0xffffffffffffffff, 0x8, 0x0) socket(0x2, 0x80002, 0x73) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x6) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) r6 = socket(0x2, 0x801, 0x106) getsockopt$auto(r6, 0x11c, 0x3616, 0x0, 0x0) ioctl$auto_TIOCSTI2(r5, 0x5412, &(0x7f0000000840)="13") close_range$auto(r1, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x80000008000) socket(0x18, 0x2, 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'veth0\x00'}) close_range$auto(0x0, 0xffffffffffffffff, 0x2) socket(0xa, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) 0s ago: executing program 0 (id=3053): openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, 0x0, 0x40a40, 0x0) mmap$auto(0x0, 0x3, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80000, 0x0) openat$auto_lowpan_enable_fops_(0xffffffffffffff9c, &(0x7f00000000c0), 0x200, 0x0) socket(0x2, 0x801, 0x106) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/mm/transparent_hugepage/hugepages-64kB/stats/split\x00', 0x0, 0x0) socketpair$auto(0xe0ea, 0x6, 0x4, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x286ac0, 0x0) r0 = socket(0x27, 0x80802, 0x0) setsockopt$auto(r0, 0x11, 0x67, 0x0, 0x8) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f0000000140), 0x55) socket(0x10, 0x2, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x80100, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r1, 0x0, 0x20) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/fail-nth\x00', 0x82, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3) mmap$auto(0x0, 0xdb3, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) io_setup$auto(0x7ffe, 0x0) kernel console output (not intermixed with test programs): [ 739.344035][T18522] ? __pfx_mt_find+0x10/0x10 [ 739.344059][T18522] ? find_vma+0xbf/0x140 [ 739.344076][T18522] ? __pfx_find_vma+0x10/0x10 [ 739.344096][T18522] handle_mm_fault+0x589/0xd10 [ 739.344111][T18522] ? trace_raw_output_exceptions+0x131/0x150 [ 739.344134][T18522] do_user_addr_fault+0x7a6/0x1370 [ 739.344157][T18522] ? rcu_is_watching+0x12/0xc0 [ 739.344174][T18522] exc_page_fault+0x5c/0xb0 [ 739.344195][T18522] asm_exc_page_fault+0x26/0x30 [ 739.344209][T18522] RIP: 0010:rep_movs_alternative+0xf/0x90 [ 739.344227][T18522] Code: c4 10 e9 d4 1e 04 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 66 [ 739.344241][T18522] RSP: 0018:ffffc900001e7ad0 EFLAGS: 00050202 [ 739.344253][T18522] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000004 [ 739.344262][T18522] RDX: fffff5200003cf7f RSI: 0000000000000000 RDI: ffffc900001e7bf8 [ 739.344271][T18522] RBP: 0000000000000004 R08: 0000000000000001 R09: fffff5200003cf7f [ 739.344280][T18522] R10: 0000000000000003 R11: 0000000000000000 R12: 0000000000000000 [ 739.344288][T18522] R13: ffffc900001e7bf8 R14: ffffc900001e7bf8 R15: 0000000000000000 [ 739.344306][T18522] _copy_from_user+0x98/0xd0 [ 739.344323][T18522] copy_from_sockptr_offset.constprop.0+0x136/0x170 [ 739.344343][T18522] ? __pfx_copy_from_sockptr_offset.constprop.0+0x10/0x10 [ 739.344367][T18522] sk_setsockopt+0x162/0x3af0 [ 739.344384][T18522] ? __pfx_sk_setsockopt+0x10/0x10 [ 739.344399][T18522] ? get_pid_task+0xfc/0x250 [ 739.344425][T18522] ? __pfx___might_resched+0x10/0x10 [ 739.344441][T18522] ? __lock_acquire+0x62e/0x1ce0 [ 739.344461][T18522] udp_lib_setsockopt+0x653/0xcf0 [ 739.344476][T18522] ? __pfx_udp_push_pending_frames+0x10/0x10 [ 739.344498][T18522] ? __pfx_udp_lib_setsockopt+0x10/0x10 [ 739.344512][T18522] ? __pfx_aa_sk_perm+0x10/0x10 [ 739.344531][T18522] ? find_held_lock+0x2b/0x80 [ 739.344547][T18522] udp_setsockopt+0xbc/0xd0 [ 739.344560][T18522] ? __pfx_udp_push_pending_frames+0x10/0x10 [ 739.344581][T18522] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 739.344597][T18522] do_sock_setsockopt+0xf3/0x1d0 [ 739.344615][T18522] __sys_setsockopt+0x120/0x1a0 [ 739.344638][T18522] __x64_sys_setsockopt+0xbd/0x160 [ 739.344656][T18522] ? do_syscall_64+0x91/0x4c0 [ 739.344676][T18522] ? lockdep_hardirqs_on+0x7c/0x110 [ 739.344695][T18522] do_syscall_64+0xcd/0x4c0 [ 739.344717][T18522] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 739.344730][T18522] RIP: 0033:0x7f50f438ec29 [ 739.344742][T18522] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 739.344754][T18522] RSP: 002b:00007f50f52ac038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 739.344767][T18522] RAX: ffffffffffffffda RBX: 00007f50f45d5fa0 RCX: 00007f50f438ec29 [ 739.344776][T18522] RDX: 0000000000000005 RSI: 0000000000000001 RDI: 0000000000000003 [ 739.344784][T18522] RBP: 00007f50f52ac090 R08: 0000000000000009 R09: 0000000000000000 [ 739.344792][T18522] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 739.344801][T18522] R13: 00007f50f45d6038 R14: 00007f50f45d5fa0 R15: 00007ffe3d2939b8 [ 739.344819][T18522] [ 739.788166][ C0] vkms_vblank_simulate: vblank timer overrun [ 741.198229][T18535] FAULT_INJECTION: forcing a failure. [ 741.198229][T18535] name fail_futex, interval 1, probability 0, space 0, times 0 [ 741.260643][T18535] CPU: 0 UID: 5 PID: 18535 Comm: syz.3.2486 Not tainted syzkaller #0 PREEMPT(full) [ 741.260667][T18535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 741.260681][T18535] Call Trace: [ 741.260686][T18535] [ 741.260693][T18535] dump_stack_lvl+0x16c/0x1f0 [ 741.260720][T18535] should_fail_ex+0x512/0x640 [ 741.260743][T18535] ? __pfx_caif_wait_for_flow_on.constprop.0+0x10/0x10 [ 741.260768][T18535] get_futex_key+0x1d0/0x1560 [ 741.260788][T18535] ? __pfx_get_futex_key+0x10/0x10 [ 741.260806][T18535] ? caif_stream_sendmsg+0x5d2/0x800 [ 741.260829][T18535] futex_wake+0xea/0x530 [ 741.260851][T18535] ? __pfx_futex_wake+0x10/0x10 [ 741.260871][T18535] ? fput+0x9b/0xd0 [ 741.260891][T18535] ? __sys_sendto+0x2b1/0x520 [ 741.260911][T18535] ? __pfx___sys_sendto+0x10/0x10 [ 741.260932][T18535] do_futex+0x1e3/0x350 [ 741.260950][T18535] ? __pfx_do_futex+0x10/0x10 [ 741.260967][T18535] ? find_held_lock+0x2b/0x80 [ 741.260985][T18535] __x64_sys_futex+0x1e0/0x4c0 [ 741.261005][T18535] ? __pfx___x64_sys_futex+0x10/0x10 [ 741.261023][T18535] ? xfd_validate_state+0x61/0x180 [ 741.261049][T18535] do_syscall_64+0xcd/0x4c0 [ 741.261072][T18535] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 741.261087][T18535] RIP: 0033:0x7f5a66d8ec29 [ 741.261098][T18535] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 741.261112][T18535] RSP: 002b:00007f5a67bae0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 741.261127][T18535] RAX: ffffffffffffffda RBX: 00007f5a66fd6278 RCX: 00007f5a66d8ec29 [ 741.261136][T18535] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f5a66fd627c [ 741.261145][T18535] RBP: 00007f5a66fd6270 R08: 00007f5a67c12000 R09: 0000000000000000 [ 741.261154][T18535] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 741.261162][T18535] R13: 00007f5a66fd6308 R14: 00007ffc437491a0 R15: 00007ffc43749288 [ 741.261181][T18535] [ 741.455232][ C0] vkms_vblank_simulate: vblank timer overrun [ 742.136104][T18558] FAULT_INJECTION: forcing a failure. [ 742.136104][T18558] name failslab, interval 1, probability 0, space 0, times 0 [ 742.182561][T18558] CPU: 0 UID: 0 PID: 18558 Comm: syz.3.2493 Not tainted syzkaller #0 PREEMPT(full) [ 742.182584][T18558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 742.182592][T18558] Call Trace: [ 742.182598][T18558] [ 742.182604][T18558] dump_stack_lvl+0x16c/0x1f0 [ 742.182630][T18558] should_fail_ex+0x512/0x640 [ 742.182652][T18558] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 742.182672][T18558] should_failslab+0xc2/0x120 [ 742.182691][T18558] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 742.182708][T18558] ? __pmd_alloc+0xbf/0x930 [ 742.182731][T18558] __pmd_alloc+0xbf/0x930 [ 742.182753][T18558] __handle_mm_fault+0xa06/0x2a50 [ 742.182770][T18558] ? mt_find+0x3ef/0xa30 [ 742.182785][T18558] ? __pfx___handle_mm_fault+0x10/0x10 [ 742.182798][T18558] ? __pfx_mt_find+0x10/0x10 [ 742.182822][T18558] ? find_vma+0xbf/0x140 [ 742.182839][T18558] ? __pfx_find_vma+0x10/0x10 [ 742.182859][T18558] handle_mm_fault+0x589/0xd10 [ 742.182874][T18558] ? trace_raw_output_exceptions+0x131/0x150 [ 742.182897][T18558] do_user_addr_fault+0x7a6/0x1370 [ 742.182920][T18558] ? rcu_is_watching+0x12/0xc0 [ 742.182937][T18558] exc_page_fault+0x5c/0xb0 [ 742.182957][T18558] asm_exc_page_fault+0x26/0x30 [ 742.182972][T18558] RIP: 0010:rep_movs_alternative+0xf/0x90 [ 742.182989][T18558] Code: c4 10 e9 d4 1e 04 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 66 [ 742.183003][T18558] RSP: 0018:ffffc9000449fad0 EFLAGS: 00050202 [ 742.183015][T18558] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000004 [ 742.183024][T18558] RDX: fffff52000893f7f RSI: 0000000000000000 RDI: ffffc9000449fbf8 [ 742.183033][T18558] RBP: 0000000000000004 R08: 0000000000000001 R09: fffff52000893f7f [ 742.183042][T18558] R10: 0000000000000003 R11: 0000000000000000 R12: 0000000000000000 [ 742.183050][T18558] R13: ffffc9000449fbf8 R14: ffffc9000449fbf8 R15: 0000000000000000 [ 742.183069][T18558] _copy_from_user+0x98/0xd0 [ 742.183085][T18558] copy_from_sockptr_offset.constprop.0+0x136/0x170 [ 742.183105][T18558] ? __pfx_copy_from_sockptr_offset.constprop.0+0x10/0x10 [ 742.183130][T18558] sk_setsockopt+0x162/0x3af0 [ 742.183147][T18558] ? __pfx_sk_setsockopt+0x10/0x10 [ 742.183162][T18558] ? get_pid_task+0xfc/0x250 [ 742.183188][T18558] ? __pfx___might_resched+0x10/0x10 [ 742.183203][T18558] ? __lock_acquire+0x62e/0x1ce0 [ 742.183224][T18558] udp_lib_setsockopt+0x653/0xcf0 [ 742.183239][T18558] ? __pfx_udp_push_pending_frames+0x10/0x10 [ 742.183261][T18558] ? __pfx_udp_lib_setsockopt+0x10/0x10 [ 742.183274][T18558] ? __pfx_aa_sk_perm+0x10/0x10 [ 742.183294][T18558] ? find_held_lock+0x2b/0x80 [ 742.183310][T18558] udp_setsockopt+0xbc/0xd0 [ 742.183323][T18558] ? __pfx_udp_push_pending_frames+0x10/0x10 [ 742.183344][T18558] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 742.183360][T18558] do_sock_setsockopt+0xf3/0x1d0 [ 742.183378][T18558] __sys_setsockopt+0x120/0x1a0 [ 742.183401][T18558] __x64_sys_setsockopt+0xbd/0x160 [ 742.183419][T18558] ? do_syscall_64+0x91/0x4c0 [ 742.183439][T18558] ? lockdep_hardirqs_on+0x7c/0x110 [ 742.183464][T18558] do_syscall_64+0xcd/0x4c0 [ 742.183486][T18558] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 742.183499][T18558] RIP: 0033:0x7f5a66d8ec29 [ 742.183511][T18558] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 742.183524][T18558] RSP: 002b:00007f5a67c11038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 742.183537][T18558] RAX: ffffffffffffffda RBX: 00007f5a66fd5fa0 RCX: 00007f5a66d8ec29 [ 742.183546][T18558] RDX: 0000000000000005 RSI: 0000000000000001 RDI: 0000000000000003 [ 742.183554][T18558] RBP: 00007f5a67c11090 R08: 0000000000000009 R09: 0000000000000000 [ 742.183562][T18558] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 742.183573][T18558] R13: 00007f5a66fd6038 R14: 00007f5a66fd5fa0 R15: 00007ffc43749288 [ 742.183592][T18558] [ 742.570058][ C0] vkms_vblank_simulate: vblank timer overrun [ 742.940072][T18559] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2491'. [ 744.640885][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 744.647869][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 745.035538][T18588] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 745.316054][T18574] kexec: Could not allocate control_code_buffer [ 745.352398][T18595] random: crng reseeded on system resumption [ 745.717709][T18614] random: crng reseeded on system resumption [ 747.048873][T18633] FAULT_INJECTION: forcing a failure. [ 747.048873][T18633] name failslab, interval 1, probability 0, space 0, times 0 [ 747.093515][T18633] CPU: 0 UID: 0 PID: 18633 Comm: syz.3.2508 Not tainted syzkaller #0 PREEMPT(full) [ 747.093537][T18633] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 747.093547][T18633] Call Trace: [ 747.093552][T18633] [ 747.093558][T18633] dump_stack_lvl+0x16c/0x1f0 [ 747.093585][T18633] should_fail_ex+0x512/0x640 [ 747.093606][T18633] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 747.093625][T18633] ? __pfx_filemap_map_pages+0x10/0x10 [ 747.093642][T18633] should_failslab+0xc2/0x120 [ 747.093661][T18633] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 747.093678][T18633] ? ptlock_alloc+0x1f/0x70 [ 747.093693][T18633] ? __pfx_filemap_map_pages+0x10/0x10 [ 747.093709][T18633] ptlock_alloc+0x1f/0x70 [ 747.093723][T18633] pte_alloc_one+0x82/0x3a0 [ 747.093739][T18633] __do_fault+0x320/0x490 [ 747.093754][T18633] ? do_raw_spin_lock+0x12c/0x2b0 [ 747.093777][T18633] ? __pfx_filemap_map_pages+0x10/0x10 [ 747.093792][T18633] do_pte_missing+0xf50/0x3ba0 [ 747.093807][T18633] ? do_raw_spin_unlock+0x172/0x230 [ 747.093829][T18633] ? __pmd_alloc+0x3fb/0x930 [ 747.093851][T18633] __handle_mm_fault+0x152a/0x2a50 [ 747.093868][T18633] ? mt_find+0x3ef/0xa30 [ 747.093882][T18633] ? __pfx___handle_mm_fault+0x10/0x10 [ 747.093904][T18633] ? __pfx_mt_find+0x10/0x10 [ 747.093927][T18633] ? find_vma+0xbf/0x140 [ 747.093944][T18633] ? __pfx_find_vma+0x10/0x10 [ 747.093964][T18633] handle_mm_fault+0x589/0xd10 [ 747.093979][T18633] ? trace_raw_output_exceptions+0x131/0x150 [ 747.094002][T18633] do_user_addr_fault+0x7a6/0x1370 [ 747.094024][T18633] ? rcu_is_watching+0x12/0xc0 [ 747.094041][T18633] exc_page_fault+0x5c/0xb0 [ 747.094062][T18633] asm_exc_page_fault+0x26/0x30 [ 747.094076][T18633] RIP: 0010:rep_movs_alternative+0xf/0x90 [ 747.094093][T18633] Code: c4 10 e9 d4 1e 04 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 66 [ 747.094106][T18633] RSP: 0018:ffffc9000bfc7ad0 EFLAGS: 00050202 [ 747.094118][T18633] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000004 [ 747.094127][T18633] RDX: fffff520017f8f7f RSI: 0000000000000000 RDI: ffffc9000bfc7bf8 [ 747.094136][T18633] RBP: 0000000000000004 R08: 0000000000000001 R09: fffff520017f8f7f [ 747.094145][T18633] R10: 0000000000000003 R11: 0000000000000000 R12: 0000000000000000 [ 747.094153][T18633] R13: ffffc9000bfc7bf8 R14: ffffc9000bfc7bf8 R15: 0000000000000000 [ 747.094171][T18633] _copy_from_user+0x98/0xd0 [ 747.094188][T18633] copy_from_sockptr_offset.constprop.0+0x136/0x170 [ 747.094207][T18633] ? __pfx_copy_from_sockptr_offset.constprop.0+0x10/0x10 [ 747.094232][T18633] sk_setsockopt+0x162/0x3af0 [ 747.094249][T18633] ? __pfx_sk_setsockopt+0x10/0x10 [ 747.094264][T18633] ? get_pid_task+0xfc/0x250 [ 747.094290][T18633] ? __pfx___might_resched+0x10/0x10 [ 747.094304][T18633] ? __lock_acquire+0x62e/0x1ce0 [ 747.094326][T18633] udp_lib_setsockopt+0x653/0xcf0 [ 747.094341][T18633] ? __pfx_udp_push_pending_frames+0x10/0x10 [ 747.094363][T18633] ? __pfx_udp_lib_setsockopt+0x10/0x10 [ 747.094376][T18633] ? __pfx_aa_sk_perm+0x10/0x10 [ 747.094396][T18633] ? find_held_lock+0x2b/0x80 [ 747.094413][T18633] udp_setsockopt+0xbc/0xd0 [ 747.094426][T18633] ? __pfx_udp_push_pending_frames+0x10/0x10 [ 747.094446][T18633] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 747.094463][T18633] do_sock_setsockopt+0xf3/0x1d0 [ 747.094481][T18633] __sys_setsockopt+0x120/0x1a0 [ 747.094504][T18633] __x64_sys_setsockopt+0xbd/0x160 [ 747.094522][T18633] ? do_syscall_64+0x91/0x4c0 [ 747.094542][T18633] ? lockdep_hardirqs_on+0x7c/0x110 [ 747.094561][T18633] do_syscall_64+0xcd/0x4c0 [ 747.094583][T18633] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 747.094596][T18633] RIP: 0033:0x7f5a66d8ec29 [ 747.094608][T18633] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 747.094621][T18633] RSP: 002b:00007f5a67c11038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 747.094634][T18633] RAX: ffffffffffffffda RBX: 00007f5a66fd5fa0 RCX: 00007f5a66d8ec29 [ 747.094643][T18633] RDX: 0000000000000005 RSI: 0000000000000001 RDI: 0000000000000003 [ 747.094651][T18633] RBP: 00007f5a67c11090 R08: 0000000000000009 R09: 0000000000000000 [ 747.094659][T18633] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 747.094667][T18633] R13: 00007f5a66fd6038 R14: 00007f5a66fd5fa0 R15: 00007ffc43749288 [ 747.094686][T18633] [ 747.811321][T18635] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2509'. [ 747.822876][T18635] netlink: 25 bytes leftover after parsing attributes in process `syz.0.2509'. [ 748.502595][T18663] Process accounting resumed [ 748.917350][T18678] random: crng reseeded on system resumption [ 749.174811][T18685] netlink: 'syz.3.2518': attribute type 1 has an invalid length. [ 749.220125][T18685] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input43 [ 749.714607][T18655] kexec: Could not allocate control_code_buffer [ 750.069319][ T30] audit: type=1800 audit(4294967323.265:42): pid=18679 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2507" name="dbroot" dev="configfs" ino=71341 res=0 errno=0 [ 750.373426][T18699] FAULT_INJECTION: forcing a failure. [ 750.373426][T18699] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 750.435031][T18699] CPU: 0 UID: 0 PID: 18699 Comm: syz.3.2523 Not tainted syzkaller #0 PREEMPT(full) [ 750.435053][T18699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 750.435063][T18699] Call Trace: [ 750.435069][T18699] [ 750.435074][T18699] dump_stack_lvl+0x16c/0x1f0 [ 750.435101][T18699] should_fail_ex+0x512/0x640 [ 750.435126][T18699] should_fail_alloc_page+0xe7/0x130 [ 750.435146][T18699] prepare_alloc_pages+0x3c2/0x610 [ 750.435171][T18699] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 750.435189][T18699] ? __lock_acquire+0x62e/0x1ce0 [ 750.435212][T18699] ? __lock_acquire+0x62e/0x1ce0 [ 750.435231][T18699] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 750.435255][T18699] ? find_held_lock+0x2b/0x80 [ 750.435270][T18699] ? is_bpf_text_address+0x8a/0x1a0 [ 750.435287][T18699] ? bpf_ksym_find+0x124/0x1c0 [ 750.435301][T18699] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 750.435323][T18699] ? policy_nodemask+0xea/0x4e0 [ 750.435343][T18699] alloc_pages_mpol+0x1fb/0x550 [ 750.435362][T18699] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 750.435385][T18699] folio_alloc_mpol_noprof+0x36/0x2f0 [ 750.435407][T18699] shmem_alloc_folio+0x135/0x160 [ 750.435421][T18699] shmem_alloc_and_add_folio+0x499/0xc20 [ 750.435442][T18699] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 750.435460][T18699] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 750.435480][T18699] shmem_get_folio_gfp+0x67f/0x1600 [ 750.435500][T18699] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 750.435518][T18699] ? css_rstat_updated+0x1c2/0x510 [ 750.435535][T18699] shmem_fault+0x1fe/0xa30 [ 750.435553][T18699] ? __pfx_shmem_fault+0x10/0x10 [ 750.435568][T18699] ? mod_memcg_lruvec_state+0x389/0x5f0 [ 750.435593][T18699] ? __pfx_filemap_map_pages+0x10/0x10 [ 750.435620][T18699] ? pte_alloc_one+0x2b6/0x3a0 [ 750.435637][T18699] ? __pfx_filemap_map_pages+0x10/0x10 [ 750.435653][T18699] __do_fault+0x10d/0x490 [ 750.435669][T18699] ? do_raw_spin_lock+0x12c/0x2b0 [ 750.435691][T18699] ? __pfx_filemap_map_pages+0x10/0x10 [ 750.435707][T18699] do_pte_missing+0xf50/0x3ba0 [ 750.435723][T18699] ? do_raw_spin_unlock+0x172/0x230 [ 750.435744][T18699] ? __pmd_alloc+0x3fb/0x930 [ 750.435766][T18699] __handle_mm_fault+0x152a/0x2a50 [ 750.435783][T18699] ? mt_find+0x3ef/0xa30 [ 750.435797][T18699] ? __pfx___handle_mm_fault+0x10/0x10 [ 750.435811][T18699] ? __pfx_mt_find+0x10/0x10 [ 750.435834][T18699] ? find_vma+0xbf/0x140 [ 750.435851][T18699] ? __pfx_find_vma+0x10/0x10 [ 750.435871][T18699] handle_mm_fault+0x589/0xd10 [ 750.435886][T18699] ? trace_raw_output_exceptions+0x131/0x150 [ 750.435909][T18699] do_user_addr_fault+0x7a6/0x1370 [ 750.435932][T18699] ? rcu_is_watching+0x12/0xc0 [ 750.435949][T18699] exc_page_fault+0x5c/0xb0 [ 750.435969][T18699] asm_exc_page_fault+0x26/0x30 [ 750.435983][T18699] RIP: 0010:rep_movs_alternative+0xf/0x90 [ 750.436001][T18699] Code: c4 10 e9 d4 1e 04 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 66 [ 750.436015][T18699] RSP: 0018:ffffc9000c2f7ad0 EFLAGS: 00050202 [ 750.436027][T18699] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000004 [ 750.436035][T18699] RDX: fffff5200185ef7f RSI: 0000000000000000 RDI: ffffc9000c2f7bf8 [ 750.436044][T18699] RBP: 0000000000000004 R08: 0000000000000001 R09: fffff5200185ef7f [ 750.436052][T18699] R10: 0000000000000003 R11: 0000000000000000 R12: 0000000000000000 [ 750.436060][T18699] R13: ffffc9000c2f7bf8 R14: ffffc9000c2f7bf8 R15: 0000000000000000 [ 750.436079][T18699] _copy_from_user+0x98/0xd0 [ 750.436095][T18699] copy_from_sockptr_offset.constprop.0+0x136/0x170 [ 750.436116][T18699] ? __pfx_copy_from_sockptr_offset.constprop.0+0x10/0x10 [ 750.436140][T18699] sk_setsockopt+0x162/0x3af0 [ 750.436156][T18699] ? __pfx_sk_setsockopt+0x10/0x10 [ 750.436171][T18699] ? get_pid_task+0xfc/0x250 [ 750.436197][T18699] ? __pfx___might_resched+0x10/0x10 [ 750.436212][T18699] ? __lock_acquire+0x62e/0x1ce0 [ 750.436233][T18699] udp_lib_setsockopt+0x653/0xcf0 [ 750.436247][T18699] ? __pfx_udp_push_pending_frames+0x10/0x10 [ 750.436269][T18699] ? __pfx_udp_lib_setsockopt+0x10/0x10 [ 750.436282][T18699] ? __pfx_aa_sk_perm+0x10/0x10 [ 750.436302][T18699] ? find_held_lock+0x2b/0x80 [ 750.436319][T18699] udp_setsockopt+0xbc/0xd0 [ 750.436332][T18699] ? __pfx_udp_push_pending_frames+0x10/0x10 [ 750.436353][T18699] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 750.436369][T18699] do_sock_setsockopt+0xf3/0x1d0 [ 750.436386][T18699] __sys_setsockopt+0x120/0x1a0 [ 750.436409][T18699] __x64_sys_setsockopt+0xbd/0x160 [ 750.436427][T18699] ? do_syscall_64+0x91/0x4c0 [ 750.436448][T18699] ? lockdep_hardirqs_on+0x7c/0x110 [ 750.436467][T18699] do_syscall_64+0xcd/0x4c0 [ 750.436488][T18699] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 750.436502][T18699] RIP: 0033:0x7f5a66d8ec29 [ 750.436514][T18699] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 750.436527][T18699] RSP: 002b:00007f5a67c11038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 750.436540][T18699] RAX: ffffffffffffffda RBX: 00007f5a66fd5fa0 RCX: 00007f5a66d8ec29 [ 750.436549][T18699] RDX: 0000000000000005 RSI: 0000000000000001 RDI: 0000000000000003 [ 750.436557][T18699] RBP: 00007f5a67c11090 R08: 0000000000000009 R09: 0000000000000000 [ 750.436565][T18699] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 750.436573][T18699] R13: 00007f5a66fd6038 R14: 00007f5a66fd5fa0 R15: 00007ffc43749288 [ 750.436592][T18699] [ 753.266570][T18722] FAULT_INJECTION: forcing a failure. [ 753.266570][T18722] name failslab, interval 1, probability 0, space 0, times 0 [ 753.316551][T18722] CPU: 0 UID: 0 PID: 18722 Comm: syz.1.2530 Not tainted syzkaller #0 PREEMPT(full) [ 753.316574][T18722] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 753.316583][T18722] Call Trace: [ 753.316589][T18722] [ 753.316595][T18722] dump_stack_lvl+0x16c/0x1f0 [ 753.316622][T18722] should_fail_ex+0x512/0x640 [ 753.316645][T18722] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 753.316666][T18722] should_failslab+0xc2/0x120 [ 753.316685][T18722] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 753.316702][T18722] ? sk_prot_alloc+0x60/0x2a0 [ 753.316720][T18722] sk_prot_alloc+0x60/0x2a0 [ 753.316736][T18722] sk_alloc+0x36/0xc20 [ 753.316756][T18722] inet_create+0x3a1/0x1040 [ 753.316775][T18722] ? inet_create+0x93/0x1040 [ 753.316794][T18722] __sock_create+0x338/0x8d0 [ 753.316814][T18722] __sys_socket+0x14d/0x260 [ 753.316829][T18722] ? __fget_files+0x20e/0x3c0 [ 753.316845][T18722] ? __pfx___sys_socket+0x10/0x10 [ 753.316862][T18722] ? xfd_validate_state+0x61/0x180 [ 753.316886][T18722] __x64_sys_socket+0x72/0xb0 [ 753.316902][T18722] ? lockdep_hardirqs_on+0x7c/0x110 [ 753.316922][T18722] do_syscall_64+0xcd/0x4c0 [ 753.316944][T18722] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 753.316959][T18722] RIP: 0033:0x7ffa2e78ec29 [ 753.316971][T18722] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 753.316985][T18722] RSP: 002b:00007ffa2f56a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 753.316999][T18722] RAX: ffffffffffffffda RBX: 00007ffa2e9d5fa0 RCX: 00007ffa2e78ec29 [ 753.317008][T18722] RDX: 0000000000000100 RSI: 0000000000000801 RDI: 0000000000000002 [ 753.317017][T18722] RBP: 00007ffa2e811e41 R08: 0000000000000000 R09: 0000000000000000 [ 753.317025][T18722] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 753.317034][T18722] R13: 00007ffa2e9d6038 R14: 00007ffa2e9d5fa0 R15: 00007ffc32926198 [ 753.317052][T18722] [ 753.842992][T18732] FAULT_INJECTION: forcing a failure. [ 753.842992][T18732] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 753.890920][T18732] CPU: 0 UID: 0 PID: 18732 Comm: syz.1.2533 Not tainted syzkaller #0 PREEMPT(full) [ 753.890941][T18732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 753.890951][T18732] Call Trace: [ 753.890956][T18732] [ 753.890962][T18732] dump_stack_lvl+0x16c/0x1f0 [ 753.890988][T18732] should_fail_ex+0x512/0x640 [ 753.891013][T18732] _copy_to_user+0x32/0xd0 [ 753.891030][T18732] simple_read_from_buffer+0xcb/0x170 [ 753.891047][T18732] proc_fail_nth_read+0x197/0x240 [ 753.891064][T18732] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 753.891080][T18732] ? rw_verify_area+0xcf/0x6c0 [ 753.891095][T18732] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 753.891110][T18732] vfs_read+0x1e1/0xcf0 [ 753.891128][T18732] ? __pfx___mutex_lock+0x10/0x10 [ 753.891150][T18732] ? __pfx_vfs_read+0x10/0x10 [ 753.891171][T18732] ? __fget_files+0x20e/0x3c0 [ 753.891197][T18732] ksys_read+0x12a/0x250 [ 753.891213][T18732] ? __pfx_ksys_read+0x10/0x10 [ 753.891234][T18732] do_syscall_64+0xcd/0x4c0 [ 753.891261][T18732] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 753.891276][T18732] RIP: 0033:0x7ffa2e78d63c [ 753.891289][T18732] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 753.891303][T18732] RSP: 002b:00007ffa2f56a030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 753.891316][T18732] RAX: ffffffffffffffda RBX: 00007ffa2e9d5fa0 RCX: 00007ffa2e78d63c [ 753.891325][T18732] RDX: 000000000000000f RSI: 00007ffa2f56a0a0 RDI: 0000000000000004 [ 753.891334][T18732] RBP: 00007ffa2f56a090 R08: 0000000000000000 R09: 0000000000000000 [ 753.891342][T18732] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 753.891350][T18732] R13: 00007ffa2e9d6038 R14: 00007ffa2e9d5fa0 R15: 00007ffc32926198 [ 753.891369][T18732] [ 755.635642][T18760] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 755.887454][T18759] input: f¬ as /devices/virtual/input/input44 [ 755.968320][ T30] audit: type=1800 audit(4294967329.186:43): pid=18744 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2537" name="dbroot" dev="configfs" ino=71709 res=0 errno=0 [ 756.321756][T18769] FAULT_INJECTION: forcing a failure. [ 756.321756][T18769] name failslab, interval 1, probability 0, space 0, times 0 [ 756.384372][T18769] CPU: 0 UID: 0 PID: 18769 Comm: syz.3.2540 Not tainted syzkaller #0 PREEMPT(full) [ 756.384395][T18769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 756.384405][T18769] Call Trace: [ 756.384411][T18769] [ 756.384417][T18769] dump_stack_lvl+0x16c/0x1f0 [ 756.384444][T18769] should_fail_ex+0x512/0x640 [ 756.384467][T18769] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 756.384487][T18769] should_failslab+0xc2/0x120 [ 756.384507][T18769] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 756.384524][T18769] ? acpi_ut_create_generic_state+0x5c/0xb0 [ 756.384545][T18769] acpi_ut_create_generic_state+0x5c/0xb0 [ 756.384563][T18769] acpi_ps_push_scope+0x22/0x230 [ 756.384585][T18769] acpi_ps_parse_loop+0x9f3/0x1d00 [ 756.384609][T18769] ? __pfx_acpi_ps_parse_loop+0x10/0x10 [ 756.384627][T18769] ? trace_kmem_cache_alloc+0x28/0xc0 [ 756.384656][T18769] acpi_ps_parse_aml+0x3c1/0xcb0 [ 756.384679][T18769] acpi_ps_execute_method+0x55a/0xb30 [ 756.384701][T18769] ? acpi_ut_acquire_mutex+0x125/0x1d0 [ 756.384718][T18769] acpi_ns_evaluate+0x76c/0xca0 [ 756.384741][T18769] ? kasan_save_track+0x14/0x30 [ 756.384759][T18769] acpi_evaluate_object+0x1fa/0xa90 [ 756.384779][T18769] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 756.384795][T18769] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 756.384814][T18769] ? __mutex_trylock_common+0xe9/0x250 [ 756.384838][T18769] acpi_evaluate_integer+0xdd/0x200 [ 756.384855][T18769] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 756.384880][T18769] ? __pfx_status_show+0x10/0x10 [ 756.384898][T18769] status_show+0xa0/0x120 [ 756.384917][T18769] ? __pfx_status_show+0x10/0x10 [ 756.384941][T18769] dev_attr_show+0x56/0xe0 [ 756.384956][T18769] ? __pfx_dev_attr_show+0x10/0x10 [ 756.384969][T18769] sysfs_kf_seq_show+0x213/0x3e0 [ 756.384990][T18769] seq_read_iter+0x506/0x12c0 [ 756.385014][T18769] kernfs_fop_read_iter+0x46c/0x610 [ 756.385029][T18769] ? rw_verify_area+0xcf/0x6c0 [ 756.385050][T18769] vfs_read+0x8bf/0xcf0 [ 756.385072][T18769] ? __pfx___mutex_lock+0x10/0x10 [ 756.385095][T18769] ? __pfx_vfs_read+0x10/0x10 [ 756.385125][T18769] ksys_read+0x12a/0x250 [ 756.385141][T18769] ? __pfx_ksys_read+0x10/0x10 [ 756.385163][T18769] do_syscall_64+0xcd/0x4c0 [ 756.385187][T18769] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 756.385202][T18769] RIP: 0033:0x7f5a66d8ec29 [ 756.385214][T18769] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 756.385228][T18769] RSP: 002b:00007f5a67c11038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 756.385247][T18769] RAX: ffffffffffffffda RBX: 00007f5a66fd5fa0 RCX: 00007f5a66d8ec29 [ 756.385258][T18769] RDX: 000000000000007a RSI: 0000200000000140 RDI: 000000000000000b [ 756.385267][T18769] RBP: 00007f5a66e11e41 R08: 0000000000000000 R09: 0000000000000000 [ 756.385276][T18769] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 756.385285][T18769] R13: 00007f5a66fd6038 R14: 00007f5a66fd5fa0 R15: 00007ffc43749288 [ 756.385306][T18769] [ 756.385348][T18769] ACPI Error: Aborting method \_SB.LNKA._STA due to previous error (AE_NO_MEMORY) (20250404/psparse-529) [ 757.685737][T18783] netlink: 268 bytes leftover after parsing attributes in process `syz.3.2543'. [ 760.157966][T18836] random: crng reseeded on system resumption [ 760.273472][T18838] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2554'. [ 760.346744][T18839] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2554'. [ 760.443647][T18842] FAULT_INJECTION: forcing a failure. [ 760.443647][T18842] name failslab, interval 1, probability 0, space 0, times 0 [ 760.874351][T18842] CPU: 0 UID: 0 PID: 18842 Comm: syz.2.2553 Not tainted syzkaller #0 PREEMPT(full) [ 760.874373][T18842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 760.874382][T18842] Call Trace: [ 760.874387][T18842] [ 760.874393][T18842] dump_stack_lvl+0x16c/0x1f0 [ 760.874419][T18842] should_fail_ex+0x512/0x640 [ 760.874440][T18842] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 760.874460][T18842] should_failslab+0xc2/0x120 [ 760.874479][T18842] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 760.874496][T18842] ? sock_alloc_inode+0x25/0x1c0 [ 760.874514][T18842] ? __pfx_sock_alloc_inode+0x10/0x10 [ 760.874527][T18842] sock_alloc_inode+0x25/0x1c0 [ 760.874541][T18842] alloc_inode+0x61/0x240 [ 760.874561][T18842] sock_alloc+0x40/0x280 [ 760.874581][T18842] __sock_create+0xc1/0x8d0 [ 760.874600][T18842] __sys_socket+0x14d/0x260 [ 760.874617][T18842] ? __pfx___sys_socket+0x10/0x10 [ 760.874633][T18842] ? xfd_validate_state+0x61/0x180 [ 760.874658][T18842] __x64_sys_socket+0x72/0xb0 [ 760.874673][T18842] ? lockdep_hardirqs_on+0x7c/0x110 [ 760.874694][T18842] do_syscall_64+0xcd/0x4c0 [ 760.874716][T18842] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 760.874730][T18842] RIP: 0033:0x7f907198ec29 [ 760.874742][T18842] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 760.874756][T18842] RSP: 002b:00007f9072894038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 760.874770][T18842] RAX: ffffffffffffffda RBX: 00007f9071bd5fa0 RCX: 00007f907198ec29 [ 760.874779][T18842] RDX: 0000000000000084 RSI: 0000000000000801 RDI: 000000000000000a [ 760.874788][T18842] RBP: 00007f9071a11e41 R08: 0000000000000000 R09: 0000000000000000 [ 760.874796][T18842] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 760.874804][T18842] R13: 00007f9071bd6038 R14: 00007f9071bd5fa0 R15: 00007ffd9c97bb58 [ 760.874822][T18842] [ 760.874830][T18842] socket: no more sockets [ 763.819388][T18912] netlink: 64 bytes leftover after parsing attributes in process `syz.3.2569'. [ 764.914156][T18928] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2573'. [ 764.980499][T18929] netlink: 326 bytes leftover after parsing attributes in process `syz.1.2573'. [ 765.063789][T18929] veth1_macvtap: left promiscuous mode [ 765.479401][T18944] overlayfs: missing 'lowerdir' [ 767.312701][T18957] zswap: compressor not available [ 768.198233][T19002] FAULT_INJECTION: forcing a failure. [ 768.198233][T19002] name fail_futex, interval 1, probability 0, space 0, times 0 [ 768.314525][T19002] CPU: 0 UID: 0 PID: 19002 Comm: syz.3.2588 Not tainted syzkaller #0 PREEMPT(full) [ 768.314547][T19002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 768.314555][T19002] Call Trace: [ 768.314561][T19002] [ 768.314566][T19002] dump_stack_lvl+0x16c/0x1f0 [ 768.314593][T19002] should_fail_ex+0x512/0x640 [ 768.314617][T19002] get_futex_key+0x1d0/0x1560 [ 768.314638][T19002] ? __pfx_get_futex_key+0x10/0x10 [ 768.314656][T19002] ? __pick_eevdf+0x30a/0x670 [ 768.314676][T19002] futex_wait_setup+0x9d/0x550 [ 768.314702][T19002] __futex_wait+0x194/0x2f0 [ 768.314722][T19002] ? __pfx___futex_wait+0x10/0x10 [ 768.314741][T19002] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 768.314760][T19002] ? lockdep_hardirqs_on+0x7c/0x110 [ 768.314782][T19002] ? __pfx_futex_wake_mark+0x10/0x10 [ 768.314809][T19002] ? futex_private_hash_put+0x176/0x300 [ 768.314828][T19002] ? futex_private_hash_put+0x18a/0x300 [ 768.314846][T19002] futex_wait+0xe8/0x380 [ 768.314866][T19002] ? __pfx_futex_wait+0x10/0x10 [ 768.314892][T19002] ? lock_acquire+0x179/0x350 [ 768.314912][T19002] do_futex+0x229/0x350 [ 768.314930][T19002] ? __pfx_do_futex+0x10/0x10 [ 768.314949][T19002] ? fd_install+0x244/0x750 [ 768.314970][T19002] __x64_sys_futex+0x1e0/0x4c0 [ 768.314988][T19002] ? __do_sys_landlock_create_ruleset+0x2b2/0x4e0 [ 768.315005][T19002] ? __pfx___x64_sys_futex+0x10/0x10 [ 768.315030][T19002] do_syscall_64+0xcd/0x4c0 [ 768.315056][T19002] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 768.315070][T19002] RIP: 0033:0x7f5a66d8ec29 [ 768.315083][T19002] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 768.315097][T19002] RSP: 002b:00007f5a67c110e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 768.315111][T19002] RAX: ffffffffffffffda RBX: 00007f5a66fd5fa8 RCX: 00007f5a66d8ec29 [ 768.315121][T19002] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f5a66fd5fa8 [ 768.315129][T19002] RBP: 00007f5a66fd5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 768.315138][T19002] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 768.315146][T19002] R13: 00007f5a66fd6038 R14: 00007ffc437491a0 R15: 00007ffc43749288 [ 768.315164][T19002] [ 769.185742][T19038] overlayfs: missing 'lowerdir' [ 774.841691][T19105] warn_alloc: 1 callbacks suppressed [ 774.841706][T19105] syz.0.2602: vmalloc error: size 24576, failed to allocate pages, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 774.937322][T19105] CPU: 0 UID: 0 PID: 19105 Comm: syz.0.2602 Not tainted syzkaller #0 PREEMPT(full) [ 774.937346][T19105] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 774.937356][T19105] Call Trace: [ 774.937362][T19105] [ 774.937368][T19105] dump_stack_lvl+0x16c/0x1f0 [ 774.937395][T19105] warn_alloc+0x248/0x3a0 [ 774.937414][T19105] ? __pfx_warn_alloc+0x10/0x10 [ 774.937431][T19105] ? alloc_pages_mpol+0x25a/0x550 [ 774.937451][T19105] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 774.937478][T19105] __vmalloc_node_range_noprof+0x11d4/0x14b0 [ 774.937498][T19105] ? kernel_clone+0xfc/0x930 [ 774.937521][T19105] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 774.937542][T19105] ? kernel_clone+0xfc/0x930 [ 774.937558][T19105] __vmalloc_node_noprof+0xad/0xf0 [ 774.937572][T19105] ? kernel_clone+0xfc/0x930 [ 774.937591][T19105] copy_process+0x2c70/0x7690 [ 774.937616][T19105] ? __pfx_copy_process+0x10/0x10 [ 774.937639][T19105] ? _copy_from_user+0x59/0xd0 [ 774.937656][T19105] kernel_clone+0xfc/0x930 [ 774.937675][T19105] ? __pfx_kernel_clone+0x10/0x10 [ 774.937691][T19105] ? futex_private_hash_put+0x18a/0x300 [ 774.937713][T19105] ? __pfx_futex_wake+0x10/0x10 [ 774.937735][T19105] __do_sys_clone3+0x212/0x290 [ 774.937754][T19105] ? __pfx___do_sys_clone3+0x10/0x10 [ 774.937795][T19105] do_syscall_64+0xcd/0x4c0 [ 774.937817][T19105] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 774.937832][T19105] RIP: 0033:0x7f50f438ec29 [ 774.937845][T19105] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 774.937859][T19105] RSP: 002b:00007f50f52abf08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 774.937874][T19105] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f50f438ec29 [ 774.937883][T19105] RDX: 00007f50f52abf20 RSI: 0000000000000058 RDI: 00007f50f52abf20 [ 774.937892][T19105] RBP: 00007f50f4411e41 R08: 0000000000000000 R09: 0000000000000058 [ 774.937901][T19105] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 774.937909][T19105] R13: 00007f50f45d6038 R14: 00007f50f45d5fa0 R15: 00007ffe3d2939b8 [ 774.937928][T19105] [ 774.937934][T19105] Mem-Info: [ 775.728460][T19105] active_anon:13507 inactive_anon:72961 isolated_anon:0 [ 775.728460][T19105] active_file:5960 inactive_file:51766 isolated_file:0 [ 775.728460][T19105] unevictable:1197 dirty:816 writeback:0 [ 775.728460][T19105] slab_reclaimable:12028 slab_unreclaimable:95790 [ 775.728460][T19105] mapped:30249 shmem:76383 pagetables:1251 [ 775.728460][T19105] sec_pagetables:0 bounce:0 [ 775.728460][T19105] kernel_misc_reclaimable:0 [ 775.728460][T19105] free:1218026 free_pcp:33309 free_cma:0 [ 775.890038][T19105] Node 0 active_anon:57356kB inactive_anon:289296kB active_file:23840kB inactive_file:206396kB unevictable:3304kB isolated(anon):0kB isolated(file):0kB mapped:123284kB dirty:3264kB writeback:0kB shmem:306752kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:15152kB pagetables:4640kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 776.016300][T19105] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:616kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:104kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 776.123872][T19105] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 776.217420][T19105] lowmem_reserve[]: 0 2480 2481 2481 2481 [ 776.237594][T19105] Node 0 DMA32 free:1024332kB boost:0kB min:34076kB low:42592kB high:51108kB reserved_highatomic:0KB free_highatomic:0KB active_anon:67256kB inactive_anon:283520kB active_file:23840kB inactive_file:205016kB unevictable:3372kB writepending:3264kB present:3129332kB managed:2539532kB mlocked:1836kB bounce:0kB free_pcp:59000kB local_pcp:59000kB free_cma:0kB [ 776.350088][T19105] lowmem_reserve[]: 0 0 1 1 1 [ 776.354815][T19105] Node 0 Normal free:8kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1316kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:16kB free_cma:0kB [ 776.457571][T19105] lowmem_reserve[]: 0 0 0 0 0 [ 776.471495][T19105] Node 1 Normal free:3832612kB boost:0kB min:55804kB low:69752kB high:83700kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:616kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:67736kB local_pcp:67736kB free_cma:0kB [ 776.595789][T19105] lowmem_reserve[]: 0 0 0 0 0 [ 776.605899][T19105] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 776.657247][T19105] Node 0 DMA32: 463*4kB (UE) 140*8kB (UME) 387*16kB (UE) 394*32kB (UME) 79*64kB (UME) 30*128kB (UME) 43*256kB (U) 35*512kB (UE) 65*1024kB (UME) 11*2048kB (UME) 214*4096kB (UM) = 1025228kB [ 776.718077][T19105] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 776.757853][T19105] Node 1 Normal: 154*4kB (UME) 169*8kB (ME) 134*16kB (M) 154*32kB (ME) 124*64kB (ME) 78*128kB (UME) 32*256kB (ME) 19*512kB (M) 9*1024kB (UM) 9*2048kB (UME) 918*4096kB (UM) = 3832656kB [ 776.827682][T19105] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 776.860024][T19105] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 776.897129][T19105] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 776.906689][T19105] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 776.986684][T19105] 138182 total pagecache pages [ 776.991535][T19105] 19 pages in swap cache [ 776.995758][T19105] Free swap = 106536kB [ 777.016490][T19105] Total swap = 124996kB [ 777.020660][T19105] 2097051 pages RAM [ 777.024478][T19105] 0 pages HighMem/MovableOnly [ 777.061184][T19105] 430206 pages reserved [ 777.065358][T19105] 0 pages cma reserved [ 777.853584][T19138] rnbd_client L213: map_device: Parameters missing [ 778.418318][T19140] Process accounting paused [ 780.053889][T19160] FAULT_INJECTION: forcing a failure. [ 780.053889][T19160] name failslab, interval 1, probability 0, space 0, times 0 [ 780.110476][T19160] CPU: 0 UID: 0 PID: 19160 Comm: syz.3.2616 Not tainted syzkaller #0 PREEMPT(full) [ 780.110500][T19160] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 780.110511][T19160] Call Trace: [ 780.110517][T19160] [ 780.110524][T19160] dump_stack_lvl+0x16c/0x1f0 [ 780.110551][T19160] should_fail_ex+0x512/0x640 [ 780.110573][T19160] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 780.110597][T19160] should_failslab+0xc2/0x120 [ 780.110617][T19160] __kmalloc_cache_noprof+0x6a/0x3e0 [ 780.110633][T19160] ? trace_kmalloc+0x2b/0xd0 [ 780.110653][T19160] ? snd_virmidi_input_open+0xc8/0x4d0 [ 780.110671][T19160] snd_virmidi_input_open+0xc8/0x4d0 [ 780.110689][T19160] open_substream+0x478/0x990 [ 780.110711][T19160] rawmidi_open_priv+0x513/0x6e0 [ 780.110732][T19160] snd_rawmidi_open+0x4cc/0xbf0 [ 780.110755][T19160] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 780.110775][T19160] ? __pfx_default_wake_function+0x10/0x10 [ 780.110797][T19160] ? kobject_get_unless_zero+0x156/0x1e0 [ 780.110813][T19160] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 780.110831][T19160] snd_open+0x22a/0x4c0 [ 780.110846][T19160] ? __pfx_snd_open+0x10/0x10 [ 780.110860][T19160] chrdev_open+0x231/0x6a0 [ 780.110878][T19160] ? __pfx_apparmor_file_open+0x10/0x10 [ 780.110895][T19160] ? __pfx_chrdev_open+0x10/0x10 [ 780.110914][T19160] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 780.110934][T19160] do_dentry_open+0x97f/0x1530 [ 780.110952][T19160] ? __pfx_chrdev_open+0x10/0x10 [ 780.110974][T19160] vfs_open+0x82/0x3f0 [ 780.110997][T19160] path_openat+0x1de4/0x2cb0 [ 780.111020][T19160] ? __pfx_path_openat+0x10/0x10 [ 780.111042][T19160] do_filp_open+0x20b/0x470 [ 780.111059][T19160] ? __pfx_do_filp_open+0x10/0x10 [ 780.111090][T19160] ? alloc_fd+0x471/0x7d0 [ 780.111110][T19160] do_sys_openat2+0x11b/0x1d0 [ 780.111131][T19160] ? __pfx_do_sys_openat2+0x10/0x10 [ 780.111159][T19160] __x64_sys_openat+0x174/0x210 [ 780.111173][T19160] ? __pfx___x64_sys_openat+0x10/0x10 [ 780.111193][T19160] do_syscall_64+0xcd/0x4c0 [ 780.111216][T19160] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 780.111231][T19160] RIP: 0033:0x7f5a66d8ec29 [ 780.111243][T19160] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 780.111258][T19160] RSP: 002b:00007f5a67c11038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 780.111272][T19160] RAX: ffffffffffffffda RBX: 00007f5a66fd5fa0 RCX: 00007f5a66d8ec29 [ 780.111282][T19160] RDX: 0000000000080102 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 780.111291][T19160] RBP: 00007f5a66e11e41 R08: 0000000000000000 R09: 0000000000000000 [ 780.111300][T19160] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 780.111308][T19160] R13: 00007f5a66fd6038 R14: 00007f5a66fd5fa0 R15: 00007ffc43749288 [ 780.111327][T19160] [ 781.323519][T19167] futex_wake_op: syz.3.2617 tries to shift op by -2048; fix this program [ 781.342891][T19167] futex_wake_op: syz.3.2617 tries to shift op by -2048; fix this program [ 781.724160][ T30] audit: type=1804 audit(4294967355.080:44): pid=19171 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.2618" name="/newroot/114/file0" dev="tmpfs" ino=618 res=1 errno=0 [ 781.847421][T19171] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 781.865684][T19171] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 783.577514][T19059] syz.1.2591 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 783.908486][T19059] CPU: 0 UID: 0 PID: 19059 Comm: syz.1.2591 Not tainted syzkaller #0 PREEMPT(full) [ 783.908508][T19059] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 783.908516][T19059] Call Trace: [ 783.908523][T19059] [ 783.908529][T19059] dump_stack_lvl+0x16c/0x1f0 [ 783.908555][T19059] dump_header+0x101/0x930 [ 783.908576][T19059] oom_kill_process+0x272/0xa40 [ 783.908596][T19059] out_of_memory+0x350/0x1700 [ 783.908618][T19059] ? __pfx_out_of_memory+0x10/0x10 [ 783.908641][T19059] mem_cgroup_out_of_memory+0x118/0x130 [ 783.908663][T19059] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 783.908689][T19059] ? do_raw_spin_unlock+0x172/0x230 [ 783.908720][T19059] try_charge_memcg+0x72b/0xd50 [ 783.908741][T19059] ? __pfx_try_charge_memcg+0x10/0x10 [ 783.908759][T19059] ? __print_lock_name+0x41/0xe0 [ 783.908774][T19059] ? rcu_read_unlock+0x17/0x60 [ 783.908797][T19059] charge_memcg+0x8a/0x230 [ 783.908815][T19059] __mem_cgroup_charge+0x2b/0x1e0 [ 783.908835][T19059] shmem_alloc_and_add_folio+0x514/0xc20 [ 783.908856][T19059] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 783.908875][T19059] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 783.908895][T19059] shmem_get_folio_gfp+0x67f/0x1600 [ 783.908916][T19059] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 783.908938][T19059] shmem_write_begin+0x160/0x300 [ 783.908957][T19059] ? __pfx_shmem_write_begin+0x10/0x10 [ 783.908972][T19059] ? timestamp_truncate+0x21e/0x2d0 [ 783.908990][T19059] ? balance_dirty_pages_ratelimited_flags+0x92/0x1260 [ 783.909015][T19059] generic_perform_write+0x3c2/0x900 [ 783.909038][T19059] ? __pfx_generic_perform_write+0x10/0x10 [ 783.909055][T19059] ? inode_needs_update_time.part.0+0x191/0x270 [ 783.909077][T19059] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 783.909095][T19059] shmem_file_write_iter+0x10e/0x140 [ 783.909116][T19059] __kernel_write_iter+0x317/0xb10 [ 783.909135][T19059] ? __pfx___kernel_write_iter+0x10/0x10 [ 783.909151][T19059] ? __up_read+0x1f8/0x750 [ 783.909173][T19059] ? dump_user_range+0x756/0xb70 [ 783.909192][T19059] dump_user_range+0x413/0xb70 [ 783.909215][T19059] ? __pfx_dump_user_range+0x10/0x10 [ 783.909231][T19059] ? elf_coredump_extra_notes_write+0xbd/0x4f0 [ 783.909257][T19059] ? __pfx_writenote+0x10/0x10 [ 783.909277][T19059] elf_core_dump+0x2929/0x3b60 [ 783.909304][T19059] ? __pfx_elf_core_dump+0x10/0x10 [ 783.909321][T19059] ? check_preempt_wakeup_fair+0x51e/0x9d0 [ 783.909347][T19059] ? find_held_lock+0x2b/0x80 [ 783.909360][T19059] ? 0xffffffffff600000 [ 783.909373][T19059] ? rcu_is_watching+0x12/0xc0 [ 783.909387][T19059] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 783.909406][T19059] ? lockdep_hardirqs_on+0x7c/0x110 [ 783.909455][T19059] ? vfs_coredump+0x2b97/0x5670 [ 783.909467][T19059] vfs_coredump+0x2b97/0x5670 [ 783.909489][T19059] ? __pfx_vfs_coredump+0x10/0x10 [ 783.909504][T19059] ? __lock_acquire+0x62e/0x1ce0 [ 783.909526][T19059] ? __lock_acquire+0x62e/0x1ce0 [ 783.909545][T19059] ? lock_acquire+0x179/0x350 [ 783.909572][T19059] ? is_bpf_text_address+0x8a/0x1a0 [ 783.909590][T19059] ? bpf_ksym_find+0x124/0x1c0 [ 783.909608][T19059] ? __kernel_text_address+0xd/0x40 [ 783.909622][T19059] ? unwind_get_return_address+0x59/0xa0 [ 783.909637][T19059] ? arch_stack_walk+0xa6/0x100 [ 783.909660][T19059] ? stack_trace_save+0x8e/0xc0 [ 783.909675][T19059] ? __pfx_stack_trace_save+0x10/0x10 [ 783.909691][T19059] ? stack_depot_save_flags+0x29/0x9c0 [ 783.909713][T19059] ? __lock_acquire+0xb97/0x1ce0 [ 783.909765][T19059] ? proc_coredump_connector+0x2d1/0x4f0 [ 783.909783][T19059] ? __pfx_proc_coredump_connector+0x10/0x10 [ 783.909805][T19059] ? rcu_is_watching+0x12/0xc0 [ 783.909822][T19059] get_signal+0x22e3/0x26d0 [ 783.909846][T19059] ? __pfx_get_signal+0x10/0x10 [ 783.909862][T19059] ? rcu_is_watching+0x12/0xc0 [ 783.909876][T19059] ? trace_irq_disable.constprop.0+0xd4/0x120 [ 783.909900][T19059] arch_do_signal_or_restart+0x8f/0x790 [ 783.909919][T19059] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 783.909949][T19059] irqentry_exit_to_user_mode+0x13e/0x290 [ 783.909971][T19059] asm_exc_page_fault+0x26/0x30 [ 783.909985][T19059] RIP: 0033:0x401000 [ 783.910008][T19059] Code: Unable to access opcode bytes at 0x400fd6. [ 783.910015][T19059] RSP: 002b:000000000000000a EFLAGS: 00010282 [ 783.910027][T19059] RAX: 0000000000000000 RBX: 00007ffa2e9d6540 RCX: 00007ffa2e78ec29 [ 783.910036][T19059] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000020003b46 [ 783.910045][T19059] RBP: 00007ffa2e811e41 R08: 0000000000000002 R09: 0000000000000000 [ 783.910053][T19059] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 783.910061][T19059] R13: 00007ffa2e9d65d8 R14: 00007ffa2e9d6540 R15: 00007ffc32926198 [ 783.910080][T19059] [ 783.910086][T19059] memory: usage 307200kB, limit 307200kB, failcnt 27080 [ 785.004938][T19059] memory+swap: usage 432072kB, limit 9007199254740988kB, failcnt 0 [ 785.044741][T19059] kmem: usage 3512kB, limit 9007199254740988kB, failcnt 0 [ 785.070917][T19059] Memory cgroup stats for /syz1: [ 785.071019][T19059] cache 309112832 [ 785.087181][T19059] rss 1826816 [ 785.090597][T19059] rss_huge 0 [ 785.093779][T19059] shmem 309112832 [ 785.124489][T19059] mapped_file 17408000 [ 785.128715][T19059] dirty 0 [ 785.131641][T19059] writeback 0 [ 785.145490][T19059] workingset_refault_anon 6099 [ 785.154130][T19059] workingset_refault_file 7383 [ 785.175774][T19059] swap 127868928 [ 785.195059][T19059] swapcached 57344 [ 785.198806][T19059] pgpgin 1209928 [ 785.225470][T19059] pgpgout 1141191 [ 785.233356][T19059] pgfault 1214333 [ 785.254250][T19059] pgmajfault 923 [ 785.257812][T19059] inactive_anon 309825536 [ 785.262144][T19059] active_anon 1150976 [ 785.283326][T19059] inactive_file 0 [ 785.298911][T19059] active_file 0 [ 785.315291][T19059] unevictable 0 [ 785.318861][T19059] hierarchical_memory_limit 314572800 [ 785.334958][T19059] hierarchical_memsw_limit 9223372036854771712 [ 785.341146][T19059] total_cache 309112832 [ 785.353203][T19059] total_rss 1826816 [ 785.357123][T19059] total_rss_huge 0 [ 785.377361][T19059] total_shmem 309112832 [ 785.406703][T19059] total_mapped_file 17408000 [ 785.416762][T19059] total_dirty 0 [ 785.426206][T19059] total_writeback 0 [ 785.436242][T19059] total_workingset_refault_anon 6099 [ 785.451966][T19059] total_workingset_refault_file 7383 [ 785.477789][T19059] total_swap 127868928 [ 785.490456][T19059] total_swapcached 57344 [ 785.504625][T19059] total_pgpgin 1209928 [ 785.519585][T19059] total_pgpgout 1141191 [ 785.535471][T19059] total_pgfault 1214333 [ 785.554130][T19059] total_pgmajfault 923 [ 785.563268][T19059] total_inactive_anon 309825536 [ 785.581726][T19059] total_active_anon 1150976 [ 785.618946][T19059] total_inactive_file 0 [ 785.635145][T19059] total_active_file 0 [ 785.639145][T19059] total_unevictable 0 [ 785.655073][T19059] anon_cost 0 [ 785.662486][T19059] file_cost 0 [ 785.665778][T19059] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.2591,pid=19062,uid=0 [ 785.734952][T19059] Memory cgroup out of memory: Killed process 19062 (syz.1.2591) total-vm:131808kB, anon-rss:2900kB, file-rss:20736kB, shmem-rss:16896kB, UID:0 pgtables:172kB oom_score_adj:1000 [ 786.021652][T19236] binder: 19233:19236 ioctl 4020565a 38 returned -22 [ 786.626226][T19249] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2636'. [ 788.660942][T19282] can: request_module (can-proto-3) failed. [ 788.764232][T19289] Invalid ELF header magic: != ELF [ 790.211248][T19316] svc: failed to register nfsdv3 RPC service (errno 111). [ 790.249726][T19319] CIFS mount error: No usable UNC path provided in device string! [ 790.249726][T19319] [ 790.274030][T19319] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 790.309300][T19316] svc: failed to register nfsaclv3 RPC service (errno 111). [ 790.380061][T19286] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 791.700892][T19345] netlink: 268 bytes leftover after parsing attributes in process `syz.0.2657'. [ 791.951161][T19353] ovs_: entered promiscuous mode [ 792.237969][T14749] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 792.238014][T14749] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260 [ 792.252837][T14749] Bluetooth: hci3: Unknown advertising packet type: 0x7f [ 792.252882][T14749] Bluetooth: hci3: adv larger than maximum supported [ 792.261279][T14749] Bluetooth: hci3: adv larger than maximum supported [ 792.268077][T14749] Bluetooth: hci3: Malformed LE Event: 0x0d [ 793.502967][T19390] netlink: 64 bytes leftover after parsing attributes in process `syz.0.2667'. [ 796.243517][T19460] FAULT_INJECTION: forcing a failure. [ 796.243517][T19460] name failslab, interval 1, probability 0, space 0, times 0 [ 796.285740][T19460] CPU: 0 UID: 0 PID: 19460 Comm: syz.0.2681 Not tainted syzkaller #0 PREEMPT(full) [ 796.285762][T19460] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 796.285771][T19460] Call Trace: [ 796.285777][T19460] [ 796.285783][T19460] dump_stack_lvl+0x16c/0x1f0 [ 796.285811][T19460] should_fail_ex+0x512/0x640 [ 796.285840][T19460] should_failslab+0xc2/0x120 [ 796.285862][T19460] __kmalloc_cache_noprof+0x6a/0x3e0 [ 796.285877][T19460] ? __sctp_v6_cmp_addr+0x206/0x530 [ 796.285898][T19460] ? sctp_add_bind_addr+0xae/0x3f0 [ 796.285917][T19460] sctp_add_bind_addr+0xae/0x3f0 [ 796.285941][T19460] sctp_copy_local_addr_list+0x349/0x550 [ 796.285965][T19460] ? __pfx_sctp_copy_local_addr_list+0x10/0x10 [ 796.285985][T19460] ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360 [ 796.286017][T19460] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 796.286043][T19460] sctp_bind_addr_copy+0xe0/0x530 [ 796.286068][T19460] sctp_sf_do_unexpected_init.isra.0+0x90c/0x16f0 [ 796.286094][T19460] ? __pfx_sctp_sf_do_unexpected_init.isra.0+0x10/0x10 [ 796.286114][T19460] ? __pfx_sctp_sm_lookup_event+0x10/0x10 [ 796.286135][T19460] ? __pfx_sctp_cname+0x10/0x10 [ 796.286152][T19460] sctp_do_sm+0x181/0x5c80 [ 796.286168][T19460] ? sctp_packet_singleton+0x1a5/0x370 [ 796.286183][T19460] ? __pfx_sctp_packet_singleton+0x10/0x10 [ 796.286200][T19460] ? __pfx_sctp_do_sm+0x10/0x10 [ 796.286238][T19460] ? ktime_get+0x200/0x310 [ 796.286255][T19460] ? lockdep_hardirqs_on+0x7c/0x110 [ 796.286278][T19460] sctp_assoc_bh_rcv+0x392/0x6f0 [ 796.286305][T19460] sctp_inq_push+0x1db/0x270 [ 796.286320][T19460] sctp_backlog_rcv+0x169/0x590 [ 796.286338][T19460] ? __pfx_sctp_backlog_rcv+0x10/0x10 [ 796.286353][T19460] __release_sock+0x35f/0x400 [ 796.286375][T19460] ? lockdep_hardirqs_on+0x7c/0x110 [ 796.286398][T19460] release_sock+0x5a/0x220 [ 796.286419][T19460] sctp_wait_for_connect+0x1c4/0x5c0 [ 796.286442][T19460] ? __pfx_sctp_wait_for_connect+0x10/0x10 [ 796.286464][T19460] ? __pfx_autoremove_wake_function+0x10/0x10 [ 796.286485][T19460] ? sctp_primitive_ASSOCIATE+0x9c/0xd0 [ 796.286502][T19460] __sctp_connect+0x9c7/0xc60 [ 796.286519][T19460] ? do_raw_spin_lock+0x12c/0x2b0 [ 796.286541][T19460] ? __pfx___sctp_connect+0x10/0x10 [ 796.286556][T19460] ? __pfx_sctp_inet_connect+0x10/0x10 [ 796.286571][T19460] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 796.286593][T19460] ? __pfx_sctp_inet_connect+0x10/0x10 [ 796.286606][T19460] sctp_inet_connect+0x15f/0x200 [ 796.286621][T19460] __sys_connect_file+0x13e/0x1a0 [ 796.286642][T19460] __sys_connect+0x13b/0x160 [ 796.286660][T19460] ? __pfx___sys_connect+0x10/0x10 [ 796.286684][T19460] ? xfd_validate_state+0x61/0x180 [ 796.286709][T19460] __x64_sys_connect+0x72/0xb0 [ 796.286727][T19460] ? lockdep_hardirqs_on+0x7c/0x110 [ 796.286746][T19460] do_syscall_64+0xcd/0x4c0 [ 796.286768][T19460] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 796.286783][T19460] RIP: 0033:0x7f50f438ec29 [ 796.286796][T19460] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 796.286811][T19460] RSP: 002b:00007f50f52ac038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 796.286825][T19460] RAX: ffffffffffffffda RBX: 00007f50f45d5fa0 RCX: 00007f50f438ec29 [ 796.286836][T19460] RDX: 0000000000000054 RSI: 0000200000000080 RDI: 0000000000000003 [ 796.286845][T19460] RBP: 00007f50f4411e41 R08: 0000000000000000 R09: 0000000000000000 [ 796.286855][T19460] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 796.286864][T19460] R13: 00007f50f45d6038 R14: 00007f50f45d5fa0 R15: 00007ffe3d2939b8 [ 796.286883][T19460] [ 796.637411][ C0] vkms_vblank_simulate: vblank timer overrun [ 797.886887][T19483] netlink: 'syz.3.2685': attribute type 1 has an invalid length. [ 797.919745][T19483] netlink: 33 bytes leftover after parsing attributes in process `syz.3.2685'. [ 799.807100][T19524] netlink: 64 bytes leftover after parsing attributes in process `syz.1.2692'. [ 800.948677][T19542] netlink: 80 bytes leftover after parsing attributes in process `syz.3.2694'. [ 801.700051][T19553] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 801.743582][T19553] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 802.018455][T19553] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 802.087867][T19553] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 802.133940][T19553] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 803.126379][T19588] kAFS: Invalid Command on /proc/fs/afs/cells file [ 803.197802][T19593] kAFS: Invalid Command on /proc/fs/afs/cells file [ 803.628555][T19604] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2707'. [ 803.767912][T14749] Bluetooth: hci1: command 0x0c1a tx timeout [ 804.085224][T14749] Bluetooth: hci3: command 0x040f tx timeout [ 804.091278][T14749] Bluetooth: hci0: command 0x0c1a tx timeout [ 804.097615][T14746] Bluetooth: hci2: command 0x0c1a tx timeout [ 805.634732][T19626] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2709'. [ 805.759935][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 805.767561][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 805.838366][T14749] Bluetooth: hci1: command 0x0c1a tx timeout [ 808.141048][T19674] virtio-pci 0000:00:04.0: [Firmware Bug]: Overriding NUMA node to 0. Contact your vendor for updates. [ 808.554432][T19680] Process accounting resumed [ 810.701456][T19719] netlink: 504 bytes leftover after parsing attributes in process `syz.0.2730'. [ 811.351277][T19733] FAULT_INJECTION: forcing a failure. [ 811.351277][T19733] name failslab, interval 1, probability 0, space 0, times 0 [ 811.446806][T19733] CPU: 0 UID: 0 PID: 19733 Comm: syz.3.2735 Tainted: G I syzkaller #0 PREEMPT(full) [ 811.446832][T19733] Tainted: [I]=FIRMWARE_WORKAROUND [ 811.446838][T19733] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 811.446846][T19733] Call Trace: [ 811.446851][T19733] [ 811.446857][T19733] dump_stack_lvl+0x16c/0x1f0 [ 811.446882][T19733] should_fail_ex+0x512/0x640 [ 811.446903][T19733] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 811.446921][T19733] should_failslab+0xc2/0x120 [ 811.446940][T19733] __kmalloc_cache_noprof+0x6a/0x3e0 [ 811.446955][T19733] ? rcu_is_watching+0x12/0xc0 [ 811.446969][T19733] ? call_usermodehelper_setup+0xaf/0x360 [ 811.446986][T19733] ? __pfx_free_modprobe_argv+0x10/0x10 [ 811.447008][T19733] call_usermodehelper_setup+0xaf/0x360 [ 811.447026][T19733] __request_module+0x3bd/0x690 [ 811.447047][T19733] ? __pfx___request_module+0x10/0x10 [ 811.447083][T19733] ? rcu_is_watching+0x12/0xc0 [ 811.447098][T19733] ? lockdep_hardirqs_on+0x7c/0x110 [ 811.447122][T19733] netlink_create+0x226/0x620 [ 811.447146][T19733] __sock_create+0x338/0x8d0 [ 811.447166][T19733] __sys_socket+0x14d/0x260 [ 811.447183][T19733] ? __pfx___sys_socket+0x10/0x10 [ 811.447199][T19733] ? xfd_validate_state+0x61/0x180 [ 811.447220][T19733] ? __pfx_ksys_write+0x10/0x10 [ 811.447241][T19733] __x64_sys_socket+0x72/0xb0 [ 811.447256][T19733] ? lockdep_hardirqs_on+0x7c/0x110 [ 811.447275][T19733] do_syscall_64+0xcd/0x4c0 [ 811.447298][T19733] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 811.447313][T19733] RIP: 0033:0x7f5a66d8ec29 [ 811.447326][T19733] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 811.447341][T19733] RSP: 002b:00007f5a67c11038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 811.447355][T19733] RAX: ffffffffffffffda RBX: 00007f5a66fd5fa0 RCX: 00007f5a66d8ec29 [ 811.447365][T19733] RDX: 000000000000001f RSI: 0000000000000003 RDI: 0000000000000010 [ 811.447374][T19733] RBP: 00007f5a66e11e41 R08: 0000000000000000 R09: 0000000000000000 [ 811.447383][T19733] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 811.447391][T19733] R13: 00007f5a66fd6038 R14: 00007f5a66fd5fa0 R15: 00007ffc43749288 [ 811.447409][T19733] [ 811.678421][ C0] vkms_vblank_simulate: vblank timer overrun [ 812.182234][T19739] netlink: 'syz.1.2736': attribute type 11 has an invalid length. [ 812.637085][T19751] vivid-003: ================= START STATUS ================= [ 812.660481][T19751] vivid-003: Radio HW Seek Mode: Bounded [ 812.676780][T19751] vivid-003: Radio Programmable HW Seek: false [ 812.719979][T19751] vivid-003: RDS Rx I/O Mode: Block I/O [ 812.752229][T19751] vivid-003: Generate RBDS Instead of RDS: false [ 812.786528][T19751] vivid-003: RDS Reception: true [ 812.820967][T19751] vivid-003: RDS Program Type: 0 inactive [ 812.851545][T19751] vivid-003: RDS PS Name: inactive [ 812.865614][T19751] vivid-003: RDS Radio Text: inactive [ 812.875649][T19751] vivid-003: RDS Traffic Announcement: false inactive [ 812.897413][T19751] vivid-003: RDS Traffic Program: false inactive [ 812.910958][T19751] vivid-003: RDS Music: false inactive [ 812.957080][T19751] vivid-003: ================== END STATUS ================== [ 813.594955][T19770] rtc_cmos 00:00: Alarms can be up to one day in the future [ 813.699064][T14706] rtc_cmos 00:00: Alarms can be up to one day in the future [ 813.863369][T14706] rtc_cmos 00:00: Alarms can be up to one day in the future [ 814.002639][T14706] rtc_cmos 00:00: Alarms can be up to one day in the future [ 814.234725][T14706] rtc_cmos 00:00: Alarms can be up to one day in the future [ 814.498801][T19783] Invalid ELF header magic: != ELF [ 814.569474][T14706] rtc rtc0: __rtc_set_alarm: err=-22 [ 815.785688][T19806] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(3) [ 816.106391][T19789] ALSA: mixer_oss: invalid OSS volume '' [ 816.173035][T19789] ALSA: mixer_oss: invalid OSS volume '' [ 820.001675][T19882] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2764'. [ 820.568981][T19887] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2765'. [ 820.986737][T19887] ipvlan0: entered promiscuous mode [ 820.994358][T19887] ipvlan0: entered allmulticast mode [ 821.008924][T19887] veth0_vlan: entered allmulticast mode [ 823.100386][T19938] netlink: 'syz.1.2775': attribute type 11 has an invalid length. [ 825.399398][T19986] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2783'. [ 825.856189][T19986] macvlan0: entered allmulticast mode [ 825.885326][T19994] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2788'. [ 826.100111][T19986] veth1_vlan: entered allmulticast mode [ 826.108137][ T30] audit: type=1800 audit(4294967399.674:45): pid=20004 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2788" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0 [ 826.333827][T20010] input: jJǸ-¶š9ã%vø“û¨lÐQ  J86Ö‘ as /devices/virtual/input/input48 [ 827.249836][T20056] sg_write: data in/out 3292/1 bytes for SCSI command 0xa3-- guessing data in; [ 827.249836][T20056] program syz.0.2801 not setting count and/or reply_len properly [ 827.711050][T20068] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2803'. [ 827.840037][T20071] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2803'. [ 830.195156][T20110] cgroup: fork rejected by pids controller in /syz0 [ 830.808424][T20128] zswap: compressor û not available [ 833.355151][T20296] netlink: 'syz.3.2818': attribute type 1 has an invalid length. [ 836.357227][T14748] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 838.383117][T14748] Bluetooth: hci0: command 0x0c1a tx timeout [ 838.690852][T20341] Process accounting paused [ 840.012271][T20362] kafs: addr_prefs: Invalid Command [ 840.049146][T20362] bond0: Unable to set down delay as MII monitoring is disabled [ 846.078254][T20111] syz.0.2813 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 846.367781][T20111] CPU: 0 UID: 0 PID: 20111 Comm: syz.0.2813 Tainted: G I syzkaller #0 PREEMPT(full) [ 846.367808][T20111] Tainted: [I]=FIRMWARE_WORKAROUND [ 846.367813][T20111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 846.367822][T20111] Call Trace: [ 846.367827][T20111] [ 846.367834][T20111] dump_stack_lvl+0x16c/0x1f0 [ 846.367861][T20111] dump_header+0x101/0x930 [ 846.367882][T20111] oom_kill_process+0x272/0xa40 [ 846.367902][T20111] out_of_memory+0x350/0x1700 [ 846.367924][T20111] ? __pfx_out_of_memory+0x10/0x10 [ 846.367947][T20111] mem_cgroup_out_of_memory+0x118/0x130 [ 846.367969][T20111] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 846.367995][T20111] ? do_raw_spin_unlock+0x172/0x230 [ 846.368020][T20111] try_charge_memcg+0x72b/0xd50 [ 846.368041][T20111] ? __pfx_try_charge_memcg+0x10/0x10 [ 846.368058][T20111] ? __print_lock_name+0x41/0xe0 [ 846.368073][T20111] ? rcu_read_unlock+0x17/0x60 [ 846.368097][T20111] charge_memcg+0x8a/0x230 [ 846.368114][T20111] __mem_cgroup_charge+0x2b/0x1e0 [ 846.368135][T20111] shmem_alloc_and_add_folio+0x514/0xc20 [ 846.368156][T20111] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 846.368175][T20111] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 846.368201][T20111] shmem_get_folio_gfp+0x67f/0x1600 [ 846.368221][T20111] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 846.368243][T20111] shmem_write_begin+0x160/0x300 [ 846.368262][T20111] ? __pfx_shmem_write_begin+0x10/0x10 [ 846.368276][T20111] ? timestamp_truncate+0x21e/0x2d0 [ 846.368294][T20111] ? balance_dirty_pages_ratelimited_flags+0x92/0x1260 [ 846.368320][T20111] generic_perform_write+0x3c2/0x900 [ 846.368342][T20111] ? __pfx_generic_perform_write+0x10/0x10 [ 846.368359][T20111] ? inode_needs_update_time.part.0+0x191/0x270 [ 846.368381][T20111] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 846.368400][T20111] shmem_file_write_iter+0x10e/0x140 [ 846.368420][T20111] __kernel_write_iter+0x317/0xb10 [ 846.368439][T20111] ? __pfx___kernel_write_iter+0x10/0x10 [ 846.368455][T20111] ? __up_read+0x1f8/0x750 [ 846.368477][T20111] ? dump_user_range+0x756/0xb70 [ 846.368496][T20111] dump_user_range+0x413/0xb70 [ 846.368514][T20111] ? __pfx_dump_user_range+0x10/0x10 [ 846.368530][T20111] ? elf_coredump_extra_notes_write+0xbd/0x4f0 [ 846.368556][T20111] ? __pfx_writenote+0x10/0x10 [ 846.368576][T20111] elf_core_dump+0x2929/0x3b60 [ 846.368602][T20111] ? __pfx_elf_core_dump+0x10/0x10 [ 846.368617][T20111] ? kasan_save_stack+0x42/0x60 [ 846.368632][T20111] ? kasan_save_stack+0x33/0x60 [ 846.368646][T20111] ? kasan_save_track+0x14/0x30 [ 846.368660][T20111] ? __kasan_kmalloc+0xaa/0xb0 [ 846.368675][T20111] ? vfs_coredump+0x1dca/0x5670 [ 846.368687][T20111] ? get_signal+0x22e3/0x26d0 [ 846.368703][T20111] ? arch_do_signal_or_restart+0x8f/0x790 [ 846.368724][T20111] ? 0xffffffffff600000 [ 846.368769][T20111] ? vfs_coredump+0x2b97/0x5670 [ 846.368781][T20111] vfs_coredump+0x2b97/0x5670 [ 846.368802][T20111] ? __pfx_vfs_coredump+0x10/0x10 [ 846.368817][T20111] ? __lock_acquire+0x62e/0x1ce0 [ 846.368839][T20111] ? __lock_acquire+0x62e/0x1ce0 [ 846.368858][T20111] ? lock_acquire+0x179/0x350 [ 846.368885][T20111] ? is_bpf_text_address+0x8a/0x1a0 [ 846.368903][T20111] ? bpf_ksym_find+0x124/0x1c0 [ 846.368921][T20111] ? __kernel_text_address+0xd/0x40 [ 846.368934][T20111] ? unwind_get_return_address+0x59/0xa0 [ 846.368949][T20111] ? arch_stack_walk+0xa6/0x100 [ 846.368972][T20111] ? stack_trace_save+0x8e/0xc0 [ 846.368988][T20111] ? __pfx_stack_trace_save+0x10/0x10 [ 846.369004][T20111] ? stack_depot_save_flags+0x29/0x9c0 [ 846.369026][T20111] ? __lock_acquire+0xb97/0x1ce0 [ 846.369078][T20111] ? proc_coredump_connector+0x2d1/0x4f0 [ 846.369096][T20111] ? __pfx_proc_coredump_connector+0x10/0x10 [ 846.369117][T20111] ? rcu_is_watching+0x12/0xc0 [ 846.369135][T20111] get_signal+0x22e3/0x26d0 [ 846.369158][T20111] ? __pfx_get_signal+0x10/0x10 [ 846.369174][T20111] ? rcu_is_watching+0x12/0xc0 [ 846.369192][T20111] ? trace_irq_disable.constprop.0+0xd4/0x120 [ 846.369215][T20111] arch_do_signal_or_restart+0x8f/0x790 [ 846.369234][T20111] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 846.369263][T20111] irqentry_exit_to_user_mode+0x13e/0x290 [ 846.369286][T20111] asm_exc_page_fault+0x26/0x30 [ 846.369299][T20111] RIP: 0033:0x0 [ 846.369310][T20111] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [ 846.369316][T20111] RSP: 002b:000000000000000a EFLAGS: 00010217 [ 846.369328][T20111] RAX: 0000000000000000 RBX: 00007f50f45d6450 RCX: 00007f50f438ec29 [ 846.369337][T20111] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000020003b46 [ 846.369346][T20111] RBP: 00007f50f4411e41 R08: 0000000000000002 R09: 0000000000000000 [ 846.369354][T20111] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 846.369362][T20111] R13: 00007f50f45d64e8 R14: 00007f50f45d6450 R15: 00007ffe3d2939b8 [ 846.369381][T20111] [ 846.369387][T20111] memory: usage 307200kB, limit 307200kB, failcnt 28042 [ 846.923882][T20111] memory+swap: usage 428644kB, limit 9007199254740988kB, failcnt 0 [ 846.934632][T20111] kmem: usage 4060kB, limit 9007199254740988kB, failcnt 0 [ 846.946437][T20111] Memory cgroup stats for /syz0: [ 846.946535][T20111] cache 310194176 [ 846.955404][T20111] rss 86016 [ 846.960915][T20111] rss_huge 0 [ 846.964108][T20111] shmem 310194176 [ 846.982433][T20111] mapped_file 17096704 [ 846.986516][T20111] dirty 0 [ 847.000195][T20111] writeback 0 [ 847.003496][T20111] workingset_refault_anon 7928 [ 847.009182][T20111] workingset_refault_file 8936 [ 847.013942][T20111] swap 124358656 [ 847.021978][T20111] swapcached 49152 [ 847.025701][T20111] pgpgin 1316432 [ 847.044191][T20111] pgpgout 1258490 [ 847.048826][T20111] pgfault 1409252 [ 847.052452][T20111] pgmajfault 1041 [ 847.056065][T20111] inactive_anon 14782464 [ 847.062004][T20111] active_anon 295522304 [ 847.066154][T20111] inactive_file 0 [ 847.094035][T20111] active_file 0 [ 847.104200][T20111] unevictable 0 [ 847.111803][T20111] hierarchical_memory_limit 314572800 [ 847.133443][T20111] hierarchical_memsw_limit 9223372036854771712 [ 847.145358][T20111] total_cache 310194176 [ 847.150387][T20111] total_rss 86016 [ 847.154360][T20111] total_rss_huge 0 [ 847.185869][T20111] total_shmem 310194176 [ 847.190053][T20111] total_mapped_file 17096704 [ 847.194708][T20111] total_dirty 0 [ 847.227355][T20111] total_writeback 0 [ 847.231178][T20111] total_workingset_refault_anon 7928 [ 847.289999][T20111] total_workingset_refault_file 8936 [ 847.300083][T20111] total_swap 124358656 [ 847.304168][T20111] total_swapcached 49152 [ 847.333483][T20111] total_pgpgin 1316432 [ 847.344115][T20111] total_pgpgout 1258490 [ 847.353993][T20111] total_pgfault 1409252 [ 847.362404][T20111] total_pgmajfault 1041 [ 847.371726][T20111] total_inactive_anon 14782464 [ 847.377682][T20111] total_active_anon 295522304 [ 847.388848][T20111] total_inactive_file 0 [ 847.393054][T20111] total_active_file 0 [ 847.403325][T20111] total_unevictable 0 [ 847.417239][T20111] anon_cost 0 [ 847.425842][T20111] file_cost 0 [ 847.434617][T20111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.2801,pid=20059,uid=0 [ 847.494004][T20111] Memory cgroup out of memory: Killed process 20059 (syz.0.2801) total-vm:106772kB, anon-rss:1212kB, file-rss:48640kB, shmem-rss:0kB, UID:0 pgtables:212kB oom_score_adj:1000 [ 848.475386][T20114] syz.0.2813 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 848.853417][T20114] CPU: 0 UID: 0 PID: 20114 Comm: syz.0.2813 Tainted: G I syzkaller #0 PREEMPT(full) [ 848.853441][T20114] Tainted: [I]=FIRMWARE_WORKAROUND [ 848.853447][T20114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 848.853456][T20114] Call Trace: [ 848.853461][T20114] [ 848.853467][T20114] dump_stack_lvl+0x16c/0x1f0 [ 848.853493][T20114] dump_header+0x101/0x930 [ 848.853514][T20114] oom_kill_process+0x272/0xa40 [ 848.853534][T20114] out_of_memory+0x350/0x1700 [ 848.853556][T20114] ? __pfx_out_of_memory+0x10/0x10 [ 848.853579][T20114] mem_cgroup_out_of_memory+0x118/0x130 [ 848.853601][T20114] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 848.853626][T20114] ? do_raw_spin_unlock+0x172/0x230 [ 848.853652][T20114] try_charge_memcg+0x72b/0xd50 [ 848.853673][T20114] ? __pfx_try_charge_memcg+0x10/0x10 [ 848.853691][T20114] ? __print_lock_name+0x41/0xe0 [ 848.853705][T20114] ? rcu_read_unlock+0x17/0x60 [ 848.853729][T20114] charge_memcg+0x8a/0x230 [ 848.853753][T20114] __mem_cgroup_charge+0x2b/0x1e0 [ 848.853774][T20114] shmem_alloc_and_add_folio+0x514/0xc20 [ 848.853796][T20114] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 848.853815][T20114] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 848.853835][T20114] shmem_get_folio_gfp+0x67f/0x1600 [ 848.853856][T20114] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 848.853872][T20114] ? timestamp_truncate+0x21e/0x2d0 [ 848.853894][T20114] shmem_write_begin+0x160/0x300 [ 848.853913][T20114] ? __pfx_shmem_write_begin+0x10/0x10 [ 848.853928][T20114] ? inode_set_ctime_current+0x2a1/0x8f0 [ 848.853947][T20114] ? balance_dirty_pages_ratelimited_flags+0x92/0x1260 [ 848.853973][T20114] generic_perform_write+0x3c2/0x900 [ 848.853995][T20114] ? __pfx_generic_perform_write+0x10/0x10 [ 848.854013][T20114] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 848.854031][T20114] ? generic_update_time+0xcf/0xf0 [ 848.854048][T20114] ? mnt_put_write_access_file+0x45/0xf0 [ 848.854066][T20114] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 848.854084][T20114] shmem_file_write_iter+0x10e/0x140 [ 848.854104][T20114] __kernel_write_iter+0x317/0xb10 [ 848.854124][T20114] ? __pfx___kernel_write_iter+0x10/0x10 [ 848.854140][T20114] ? __up_read+0x1f8/0x750 [ 848.854162][T20114] ? dump_user_range+0x756/0xb70 [ 848.854181][T20114] dump_user_range+0x413/0xb70 [ 848.854199][T20114] ? __pfx_dump_user_range+0x10/0x10 [ 848.854215][T20114] ? elf_coredump_extra_notes_write+0xbd/0x4f0 [ 848.854241][T20114] ? __pfx_writenote+0x10/0x10 [ 848.854261][T20114] elf_core_dump+0x2929/0x3b60 [ 848.854288][T20114] ? __pfx_elf_core_dump+0x10/0x10 [ 848.854309][T20114] ? find_held_lock+0x2b/0x80 [ 848.854323][T20114] ? 0xffffffffff600000 [ 848.854338][T20114] ? rcu_is_watching+0x12/0xc0 [ 848.854353][T20114] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 848.854372][T20114] ? lockdep_hardirqs_on+0x7c/0x110 [ 848.854422][T20114] ? vfs_coredump+0x2b97/0x5670 [ 848.854434][T20114] vfs_coredump+0x2b97/0x5670 [ 848.854455][T20114] ? __pfx_vfs_coredump+0x10/0x10 [ 848.854470][T20114] ? __lock_acquire+0x62e/0x1ce0 [ 848.854492][T20114] ? __lock_acquire+0x62e/0x1ce0 [ 848.854512][T20114] ? lock_acquire+0x179/0x350 [ 848.854539][T20114] ? is_bpf_text_address+0x8a/0x1a0 [ 848.854557][T20114] ? bpf_ksym_find+0x124/0x1c0 [ 848.854575][T20114] ? __kernel_text_address+0xd/0x40 [ 848.854589][T20114] ? unwind_get_return_address+0x59/0xa0 [ 848.854604][T20114] ? arch_stack_walk+0xa6/0x100 [ 848.854626][T20114] ? stack_trace_save+0x8e/0xc0 [ 848.854642][T20114] ? __pfx_stack_trace_save+0x10/0x10 [ 848.854658][T20114] ? stack_depot_save_flags+0x29/0x9c0 [ 848.854680][T20114] ? __lock_acquire+0xb97/0x1ce0 [ 848.854731][T20114] ? proc_coredump_connector+0x2d1/0x4f0 [ 848.854755][T20114] ? __pfx_proc_coredump_connector+0x10/0x10 [ 848.854776][T20114] ? rcu_is_watching+0x12/0xc0 [ 848.854793][T20114] get_signal+0x22e3/0x26d0 [ 848.854818][T20114] ? __pfx_get_signal+0x10/0x10 [ 848.854834][T20114] ? rcu_is_watching+0x12/0xc0 [ 848.854848][T20114] ? trace_irq_disable.constprop.0+0xd4/0x120 [ 848.854871][T20114] arch_do_signal_or_restart+0x8f/0x790 [ 848.854891][T20114] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 848.854921][T20114] irqentry_exit_to_user_mode+0x13e/0x290 [ 848.854943][T20114] asm_exc_page_fault+0x26/0x30 [ 848.854957][T20114] RIP: 0033:0x0 [ 848.854967][T20114] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [ 848.854974][T20114] RSP: 002b:000000000000000a EFLAGS: 00010217 [ 848.854986][T20114] RAX: 0000000000000000 RBX: 00007f50f45d6450 RCX: 00007f50f438ec29 [ 848.854996][T20114] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000020003b46 [ 848.855004][T20114] RBP: 00007f50f4411e41 R08: 0000000000000002 R09: 0000000000000000 [ 848.855013][T20114] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 848.855021][T20114] R13: 00007f50f45d64e8 R14: 00007f50f45d6450 R15: 00007ffe3d2939b8 [ 848.855041][T20114] [ 849.809981][T20114] memory: usage 307164kB, limit 307200kB, failcnt 29787 [ 849.852676][T20114] memory+swap: usage 386120kB, limit 9007199254740988kB, failcnt 0 [ 849.860774][T20114] kmem: usage 3852kB, limit 9007199254740988kB, failcnt 0 [ 849.911524][T20114] Memory cgroup stats for /syz0: [ 849.911653][T20114] cache 307367936 [ 849.920206][T20114] rss 81920 [ 849.971471][T20114] rss_huge 0 [ 849.980881][T20114] shmem 307367936 [ 849.984519][T20114] mapped_file 20127744 [ 850.034962][T20114] dirty 0 [ 850.037917][T20114] writeback 0 [ 850.061034][T20114] workingset_refault_anon 7928 [ 850.066135][T20114] workingset_refault_file 8936 [ 850.120192][T20114] swap 85106688 [ 850.123705][T20114] swapcached 28672 [ 850.127426][T20114] pgpgin 1322882 [ 850.169033][T20114] pgpgout 1265637 [ 850.191051][T20114] pgfault 1411150 [ 850.209812][T20114] pgmajfault 1041 [ 850.213467][T20114] inactive_anon 242946048 [ 850.217782][T20114] active_anon 64159744 [ 850.269836][T20114] inactive_file 0 [ 850.283641][T20114] active_file 0 [ 850.287142][T20114] unevictable 0 [ 850.329139][T20114] hierarchical_memory_limit 314572800 [ 850.336677][T20114] hierarchical_memsw_limit 9223372036854771712 [ 850.400829][T20114] total_cache 307367936 [ 850.405002][T20114] total_rss 81920 [ 850.547853][T20114] total_rss_huge 0 [ 850.551588][T20114] total_shmem 307367936 [ 850.555723][T20114] total_mapped_file 20127744 [ 850.684809][T20114] total_dirty 0 [ 850.776227][T20114] total_writeback 0 [ 850.800493][T20114] total_workingset_refault_anon 7928 [ 850.848258][ T30] audit: type=1800 audit(4294967424.566:46): pid=20455 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2851" name="file0" dev="tmpfs" ino=807 res=0 errno=0 [ 850.913899][T20114] total_workingset_refault_file 8936 [ 850.926726][T20114] total_swap 85106688 [ 850.965707][T20114] total_swapcached 28672 [ 850.999500][T20114] total_pgpgin 1322882 [ 851.027468][T20114] total_pgpgout 1265637 [ 851.086608][T20114] total_pgfault 1411150 [ 851.118902][T20114] total_pgmajfault 1041 [ 851.156063][T20114] total_inactive_anon 242946048 [ 851.215492][T20114] total_active_anon 64159744 [ 851.262603][T20114] total_inactive_file 0 [ 851.313939][T20114] total_active_file 0 [ 851.349212][T20114] total_unevictable 0 [ 851.390271][T20114] anon_cost 0 [ 851.412732][T20114] file_cost 0 [ 851.438140][T20114] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.2813,pid=20135,uid=0 [ 851.620744][T20468] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(7) [ 851.679734][T20114] Memory cgroup out of memory: Killed process 20135 (syz.0.2813) total-vm:131940kB, anon-rss:1208kB, file-rss:28032kB, shmem-rss:24320kB, UID:0 pgtables:212kB oom_score_adj:1000 [ 854.111745][ T32] oom_reaper: reaped process 20135 (syz.0.2813), now anon-rss:48kB, file-rss:29164kB, shmem-rss:21888kB [ 854.324562][T20133] syz.0.2813 (20133) used greatest stack depth: 17736 bytes left [ 855.038308][T20514] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 855.052870][T20514] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 855.077916][T20514] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 855.100769][T20514] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 855.155965][T20514] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 856.526254][T14748] Bluetooth: hci1: command 0x0c1a tx timeout [ 856.785369][T20550] FAULT_INJECTION: forcing a failure. [ 856.785369][T20550] name failslab, interval 1, probability 0, space 0, times 0 [ 856.840147][T20550] CPU: 0 UID: 0 PID: 20550 Comm: syz.3.2878 Tainted: G I syzkaller #0 PREEMPT(full) [ 856.840172][T20550] Tainted: [I]=FIRMWARE_WORKAROUND [ 856.840177][T20550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 856.840186][T20550] Call Trace: [ 856.840191][T20550] [ 856.840196][T20550] dump_stack_lvl+0x16c/0x1f0 [ 856.840223][T20550] should_fail_ex+0x512/0x640 [ 856.840244][T20550] ? fs_reclaim_acquire+0xae/0x150 [ 856.840267][T20550] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 856.840287][T20550] should_failslab+0xc2/0x120 [ 856.840306][T20550] __kmalloc_noprof+0xd2/0x510 [ 856.840327][T20550] tomoyo_realpath_from_path+0xc2/0x6e0 [ 856.840352][T20550] tomoyo_check_open_permission+0x2ab/0x3c0 [ 856.840370][T20550] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 856.840407][T20550] ? do_raw_spin_lock+0x12c/0x2b0 [ 856.840433][T20550] tomoyo_file_open+0x6b/0x90 [ 856.840448][T20550] security_file_open+0x84/0x1e0 [ 856.840468][T20550] do_dentry_open+0x596/0x1530 [ 856.840491][T20550] vfs_open+0x82/0x3f0 [ 856.840513][T20550] path_openat+0x1de4/0x2cb0 [ 856.840537][T20550] ? __pfx_path_openat+0x10/0x10 [ 856.840558][T20550] do_filp_open+0x20b/0x470 [ 856.840575][T20550] ? __pfx_do_filp_open+0x10/0x10 [ 856.840605][T20550] ? alloc_fd+0x471/0x7d0 [ 856.840625][T20550] do_sys_openat2+0x11b/0x1d0 [ 856.840645][T20550] ? __pfx_do_sys_openat2+0x10/0x10 [ 856.840673][T20550] __x64_sys_openat+0x174/0x210 [ 856.840686][T20550] ? __pfx___x64_sys_openat+0x10/0x10 [ 856.840706][T20550] do_syscall_64+0xcd/0x4c0 [ 856.840728][T20550] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 856.840743][T20550] RIP: 0033:0x7f5a66d8ec29 [ 856.840755][T20550] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 856.840768][T20550] RSP: 002b:00007f5a67c11038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 856.840781][T20550] RAX: ffffffffffffffda RBX: 00007f5a66fd5fa0 RCX: 00007f5a66d8ec29 [ 856.840791][T20550] RDX: 0000000000000040 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 856.840799][T20550] RBP: 00007f5a66e11e41 R08: 0000000000000000 R09: 0000000000000000 [ 856.840807][T20550] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 856.840816][T20550] R13: 00007f5a66fd6038 R14: 00007f5a66fd5fa0 R15: 00007ffc43749288 [ 856.840834][T20550] [ 856.840840][T20550] ERROR: Out of memory at tomoyo_realpath_from_path. [ 857.168459][T14748] Bluetooth: hci0: command 0x0c1a tx timeout [ 857.174633][T14748] Bluetooth: hci2: command 0x0c1a tx timeout [ 857.180688][T14748] Bluetooth: hci3: command 0x040f tx timeout [ 857.821521][T20575] FAULT_INJECTION: forcing a failure. [ 857.821521][T20575] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 857.854909][T20575] CPU: 0 UID: 0 PID: 20575 Comm: syz.3.2884 Tainted: G I syzkaller #0 PREEMPT(full) [ 857.854935][T20575] Tainted: [I]=FIRMWARE_WORKAROUND [ 857.854942][T20575] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 857.854951][T20575] Call Trace: [ 857.854957][T20575] [ 857.854963][T20575] dump_stack_lvl+0x16c/0x1f0 [ 857.854990][T20575] should_fail_ex+0x512/0x640 [ 857.855015][T20575] should_fail_alloc_page+0xe7/0x130 [ 857.855037][T20575] prepare_alloc_pages+0x3c2/0x610 [ 857.855067][T20575] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 857.855085][T20575] ? __pfx_workingset_update_node+0x10/0x10 [ 857.855106][T20575] ? __lock_acquire+0x62e/0x1ce0 [ 857.855126][T20575] ? css_rstat_updated+0x1c2/0x510 [ 857.855144][T20575] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 857.855165][T20575] ? rcu_is_watching+0x12/0xc0 [ 857.855185][T20575] ? __lock_acquire+0x62e/0x1ce0 [ 857.855203][T20575] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 857.855225][T20575] ? policy_nodemask+0xea/0x4e0 [ 857.855245][T20575] alloc_pages_mpol+0x1fb/0x550 [ 857.855264][T20575] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 857.855284][T20575] ? filemap_get_entry+0x1a7/0x3b0 [ 857.855305][T20575] folio_alloc_noprof+0x20/0x2d0 [ 857.855326][T20575] filemap_alloc_folio_noprof+0x3a1/0x470 [ 857.855343][T20575] ? __pfx_filemap_alloc_folio_noprof+0x10/0x10 [ 857.855363][T20575] __filemap_get_folio+0x5e1/0xc30 [ 857.855386][T20575] ioctx_alloc+0x761/0x2120 [ 857.855411][T20575] ? __pfx_ioctx_alloc+0x10/0x10 [ 857.855425][T20575] ? __might_fault+0x13b/0x190 [ 857.855447][T20575] __x64_sys_io_setup+0xc9/0x210 [ 857.855465][T20575] do_syscall_64+0xcd/0x4c0 [ 857.855488][T20575] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 857.855503][T20575] RIP: 0033:0x7f5a66d8ec29 [ 857.855515][T20575] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 857.855529][T20575] RSP: 002b:00007f5a67c11038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 857.855544][T20575] RAX: ffffffffffffffda RBX: 00007f5a66fd5fa0 RCX: 00007f5a66d8ec29 [ 857.855553][T20575] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000007ffe [ 857.855562][T20575] RBP: 00007f5a66e11e41 R08: 0000000000000000 R09: 0000000000000000 [ 857.855571][T20575] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 857.855579][T20575] R13: 00007f5a66fd6038 R14: 00007f5a66fd5fa0 R15: 00007ffc43749288 [ 857.855598][T20575] [ 858.391161][ T30] audit: type=1800 audit(4294967432.126:47): pid=20588 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2888" name="members" dev="configfs" ino=80612 res=0 errno=0 [ 858.697569][ T30] audit: type=1326 audit(4294967432.467:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20594 comm="syz.1.2890" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ffa2e78ec29 code=0x0 [ 858.731011][T20597] __vm_enough_memory: pid: 20597, comm: syz.3.2891, bytes: 9223372036854775808 not enough memory for the allocation [ 859.001390][T20601] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 859.008477][T20601] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 859.017141][T20601] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 859.027820][T20601] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 859.305668][T20611] nbd: socks must be embedded in a SOCK_ITEM attr [ 859.334522][T20612] nbd: nbd4128 already in use [ 860.090380][T20641] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2903'. [ 860.903162][T14746] Bluetooth: hci1: command 0x0c1a tx timeout [ 861.062283][T14746] Bluetooth: hci3: command 0x040f tx timeout [ 861.068326][T14746] Bluetooth: hci0: command 0x0c1a tx timeout [ 861.075031][T14746] Bluetooth: hci2: command 0x0c1a tx timeout [ 863.124904][T20710] FAULT_INJECTION: forcing a failure. [ 863.124904][T20710] name failslab, interval 1, probability 0, space 0, times 0 [ 863.184808][T20710] CPU: 0 UID: 0 PID: 20710 Comm: syz.1.2916 Tainted: G I syzkaller #0 PREEMPT(full) [ 863.184835][T20710] Tainted: [I]=FIRMWARE_WORKAROUND [ 863.184841][T20710] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 863.184850][T20710] Call Trace: [ 863.184856][T20710] [ 863.184863][T20710] dump_stack_lvl+0x16c/0x1f0 [ 863.184889][T20710] should_fail_ex+0x512/0x640 [ 863.184911][T20710] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 863.184933][T20710] should_failslab+0xc2/0x120 [ 863.184953][T20710] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 863.184972][T20710] ? sysctl_route_net_init+0x42/0x2c0 [ 863.184987][T20710] ? register_net_sysctl_sz+0x228/0x3e0 [ 863.185001][T20710] ? __pfx_sysctl_route_net_init+0x10/0x10 [ 863.185017][T20710] kmemdup_noprof+0x29/0x60 [ 863.185034][T20710] sysctl_route_net_init+0x42/0x2c0 [ 863.185050][T20710] ? __pfx_sysctl_route_net_init+0x10/0x10 [ 863.185066][T20710] ops_init+0x1df/0x5f0 [ 863.185090][T20710] setup_net+0x10f/0x380 [ 863.185101][T20710] ? lockdep_init_map_type+0x5c/0x280 [ 863.185122][T20710] ? __pfx_setup_net+0x10/0x10 [ 863.185135][T20710] ? debug_mutex_init+0x37/0x70 [ 863.185151][T20710] copy_net_ns+0x2a6/0x5f0 [ 863.185168][T20710] create_new_namespaces+0x3ea/0xa90 [ 863.185189][T20710] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 863.185207][T20710] ksys_unshare+0x45b/0xa40 [ 863.185227][T20710] ? __pfx_ksys_unshare+0x10/0x10 [ 863.185246][T20710] ? xfd_validate_state+0x61/0x180 [ 863.185280][T20710] __x64_sys_unshare+0x31/0x40 [ 863.185300][T20710] do_syscall_64+0xcd/0x4c0 [ 863.185324][T20710] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 863.185339][T20710] RIP: 0033:0x7ffa2e78ec29 [ 863.185352][T20710] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 863.185366][T20710] RSP: 002b:00007ffa2c9f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 863.185380][T20710] RAX: ffffffffffffffda RBX: 00007ffa2e9d6180 RCX: 00007ffa2e78ec29 [ 863.185389][T20710] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 863.185398][T20710] RBP: 00007ffa2e811e41 R08: 0000000000000000 R09: 0000000000000000 [ 863.185406][T20710] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 863.185414][T20710] R13: 00007ffa2e9d6218 R14: 00007ffa2e9d6180 R15: 00007ffc32926198 [ 863.185433][T20710] [ 865.492795][T20736] device-mapper: ioctl: dm_ctl_ioctl: unknown command 0xfffffd12 [ 865.570788][T20737] rnbd_client L213: map_device: Parameters missing [ 866.059842][ T30] audit: type=1800 audit(4294967439.857:49): pid=20746 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2925" name="dbroot" dev="configfs" ino=81561 res=0 errno=0 [ 866.649596][T20757] netlink: 186 bytes leftover after parsing attributes in process `syz.2.2927'. [ 866.890252][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 866.910935][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 869.415570][T20799] Invalid ELF header magic: != ELF [ 869.811732][T20806] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2941'. [ 869.866623][T20806] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2941'. [ 869.943798][T20667] Process accounting resumed [ 870.314350][T20827] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2944'. [ 870.342602][T20827] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2944'. [ 870.774996][T20840] FAULT_INJECTION: forcing a failure. [ 870.774996][T20840] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 871.005405][T20840] CPU: 0 UID: 0 PID: 20840 Comm: syz.2.2948 Tainted: G I syzkaller #0 PREEMPT(full) [ 871.005431][T20840] Tainted: [I]=FIRMWARE_WORKAROUND [ 871.005437][T20840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 871.005446][T20840] Call Trace: [ 871.005453][T20840] [ 871.005460][T20840] dump_stack_lvl+0x16c/0x1f0 [ 871.005494][T20840] should_fail_ex+0x512/0x640 [ 871.005520][T20840] should_fail_alloc_page+0xe7/0x130 [ 871.005542][T20840] prepare_alloc_pages+0x3c2/0x610 [ 871.005567][T20840] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 871.005586][T20840] ? __pfx_workingset_update_node+0x10/0x10 [ 871.005606][T20840] ? __lock_acquire+0x62e/0x1ce0 [ 871.005636][T20840] ? css_rstat_updated+0x1c2/0x510 [ 871.005653][T20840] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 871.005674][T20840] ? rcu_is_watching+0x12/0xc0 [ 871.005697][T20840] ? __lock_acquire+0x62e/0x1ce0 [ 871.005716][T20840] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 871.005743][T20840] ? policy_nodemask+0xea/0x4e0 [ 871.005764][T20840] alloc_pages_mpol+0x1fb/0x550 [ 871.005783][T20840] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 871.005803][T20840] ? filemap_get_entry+0x1a7/0x3b0 [ 871.005835][T20840] folio_alloc_noprof+0x20/0x2d0 [ 871.005856][T20840] filemap_alloc_folio_noprof+0x3a1/0x470 [ 871.005873][T20840] ? __pfx_filemap_alloc_folio_noprof+0x10/0x10 [ 871.005894][T20840] __filemap_get_folio+0x5e1/0xc30 [ 871.005919][T20840] ioctx_alloc+0x761/0x2120 [ 871.005944][T20840] ? __pfx_ioctx_alloc+0x10/0x10 [ 871.005959][T20840] ? __might_fault+0x13b/0x190 [ 871.005980][T20840] __x64_sys_io_setup+0xc9/0x210 [ 871.005998][T20840] do_syscall_64+0xcd/0x4c0 [ 871.006021][T20840] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 871.006035][T20840] RIP: 0033:0x7f907198ec29 [ 871.006048][T20840] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 871.006062][T20840] RSP: 002b:00007f9072894038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 871.006076][T20840] RAX: ffffffffffffffda RBX: 00007f9071bd5fa0 RCX: 00007f907198ec29 [ 871.006086][T20840] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000007ffe [ 871.006094][T20840] RBP: 00007f9071a11e41 R08: 0000000000000000 R09: 0000000000000000 [ 871.006103][T20840] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 871.006111][T20840] R13: 00007f9071bd6038 R14: 00007f9071bd5fa0 R15: 00007ffd9c97bb58 [ 871.006130][T20840] [ 872.766037][T20871] random: crng reseeded on system resumption [ 874.760404][T20915] random: crng reseeded on system resumption [ 876.081277][T20940] FAULT_INJECTION: forcing a failure. [ 876.081277][T20940] name failslab, interval 1, probability 0, space 0, times 0 [ 876.127604][T20940] CPU: 0 UID: 0 PID: 20940 Comm: syz.1.2972 Tainted: G I syzkaller #0 PREEMPT(full) [ 876.127629][T20940] Tainted: [I]=FIRMWARE_WORKAROUND [ 876.127635][T20940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 876.127644][T20940] Call Trace: [ 876.127649][T20940] [ 876.127655][T20940] dump_stack_lvl+0x16c/0x1f0 [ 876.127682][T20940] should_fail_ex+0x512/0x640 [ 876.127707][T20940] should_failslab+0xc2/0x120 [ 876.127727][T20940] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 876.127745][T20940] ? __alloc_skb+0x2b2/0x380 [ 876.127767][T20940] __alloc_skb+0x2b2/0x380 [ 876.127785][T20940] ? __pfx___alloc_skb+0x10/0x10 [ 876.127811][T20940] tipc_buf_acquire+0x26/0xe0 [ 876.127829][T20940] tipc_msg_reverse+0x1e9/0x920 [ 876.127850][T20940] tipc_sk_respond+0xfe/0x310 [ 876.127866][T20940] ? __pfx_tipc_sk_respond+0x10/0x10 [ 876.127881][T20940] ? tipc_node_remove_conn+0x8f/0x480 [ 876.127898][T20940] ? tipc_sk_push_backlog+0x3b4/0x9e0 [ 876.127921][T20940] __tipc_shutdown+0xad9/0xee0 [ 876.127939][T20940] ? __pfx___tipc_shutdown+0x10/0x10 [ 876.127954][T20940] ? do_raw_spin_lock+0x12c/0x2b0 [ 876.127976][T20940] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 876.128004][T20940] ? __pfx_woken_wake_function+0x10/0x10 [ 876.128029][T20940] ? tipc_sk_filtering+0x420/0x520 [ 876.128046][T20940] tipc_release+0xe2/0x1680 [ 876.128060][T20940] ? down_write+0x14d/0x200 [ 876.128074][T20940] ? __pfx_down_write+0x10/0x10 [ 876.128089][T20940] ? __pfx_locks_remove_file+0x10/0x10 [ 876.128106][T20940] __sock_release+0xb0/0x270 [ 876.128120][T20940] ? __pfx_sock_close+0x10/0x10 [ 876.128131][T20940] sock_close+0x1c/0x30 [ 876.128143][T20940] __fput+0x3ff/0xb70 [ 876.128167][T20940] task_work_run+0x14d/0x240 [ 876.128189][T20940] ? __pfx_task_work_run+0x10/0x10 [ 876.128210][T20940] ? __pfx___do_sys_close_range+0x10/0x10 [ 876.128231][T20940] exit_to_user_mode_loop+0xeb/0x110 [ 876.128253][T20940] do_syscall_64+0x41c/0x4c0 [ 876.128276][T20940] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 876.128291][T20940] RIP: 0033:0x7ffa2e78ec29 [ 876.128303][T20940] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 876.128317][T20940] RSP: 002b:00007ffa2f56a038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 876.128331][T20940] RAX: 0000000000000000 RBX: 00007ffa2e9d5fa0 RCX: 00007ffa2e78ec29 [ 876.128340][T20940] RDX: 0000000000000000 RSI: fffffffffffff000 RDI: 0000000000000000 [ 876.128349][T20940] RBP: 00007ffa2e811e41 R08: 0000000000000000 R09: 0000000000000000 [ 876.128357][T20940] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 876.128365][T20940] R13: 00007ffa2e9d6038 R14: 00007ffa2e9d5fa0 R15: 00007ffc32926198 [ 876.128384][T20940] [ 876.499686][T20951] FAULT_INJECTION: forcing a failure. [ 876.499686][T20951] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 876.513418][T20951] CPU: 0 UID: 0 PID: 20951 Comm: syz.2.2974 Tainted: G I syzkaller #0 PREEMPT(full) [ 876.513444][T20951] Tainted: [I]=FIRMWARE_WORKAROUND [ 876.513450][T20951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 876.513459][T20951] Call Trace: [ 876.513466][T20951] [ 876.513472][T20951] dump_stack_lvl+0x16c/0x1f0 [ 876.513499][T20951] should_fail_ex+0x512/0x640 [ 876.513524][T20951] should_fail_alloc_page+0xe7/0x130 [ 876.513546][T20951] prepare_alloc_pages+0x3c2/0x610 [ 876.513567][T20951] ? rcu_is_watching+0x12/0xc0 [ 876.513584][T20951] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 876.513606][T20951] ? __lock_acquire+0x62e/0x1ce0 [ 876.513626][T20951] ? css_rstat_updated+0x1c2/0x510 [ 876.513643][T20951] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 876.513666][T20951] ? rcu_is_watching+0x12/0xc0 [ 876.513685][T20951] ? __lock_acquire+0x62e/0x1ce0 [ 876.513703][T20951] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 876.513725][T20951] ? policy_nodemask+0xea/0x4e0 [ 876.513746][T20951] alloc_pages_mpol+0x1fb/0x550 [ 876.513765][T20951] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 876.513785][T20951] ? filemap_get_entry+0x1a7/0x3b0 [ 876.513806][T20951] folio_alloc_noprof+0x20/0x2d0 [ 876.513827][T20951] filemap_alloc_folio_noprof+0x3a1/0x470 [ 876.513844][T20951] ? __pfx_filemap_alloc_folio_noprof+0x10/0x10 [ 876.513863][T20951] __filemap_get_folio+0x5e1/0xc30 [ 876.513887][T20951] ioctx_alloc+0x761/0x2120 [ 876.513912][T20951] ? __pfx_ioctx_alloc+0x10/0x10 [ 876.513927][T20951] ? __might_fault+0x13b/0x190 [ 876.513948][T20951] __x64_sys_io_setup+0xc9/0x210 [ 876.513966][T20951] do_syscall_64+0xcd/0x4c0 [ 876.513989][T20951] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 876.514004][T20951] RIP: 0033:0x7f907198ec29 [ 876.514016][T20951] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 876.514030][T20951] RSP: 002b:00007f9072894038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 876.514045][T20951] RAX: ffffffffffffffda RBX: 00007f9071bd5fa0 RCX: 00007f907198ec29 [ 876.514055][T20951] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000007ffe [ 876.514063][T20951] RBP: 00007f9071a11e41 R08: 0000000000000000 R09: 0000000000000000 [ 876.514073][T20951] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 876.514081][T20951] R13: 00007f9071bd6038 R14: 00007f9071bd5fa0 R15: 00007ffd9c97bb58 [ 876.514101][T20951] [ 877.275924][T20963] Invalid ELF header magic: != ELF [ 881.330741][T21054] FAULT_INJECTION: forcing a failure. [ 881.330741][T21054] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 881.413391][T21054] CPU: 0 UID: 0 PID: 21054 Comm: syz.0.2997 Tainted: G I syzkaller #0 PREEMPT(full) [ 881.413417][T21054] Tainted: [I]=FIRMWARE_WORKAROUND [ 881.413422][T21054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 881.413431][T21054] Call Trace: [ 881.413436][T21054] [ 881.413442][T21054] dump_stack_lvl+0x16c/0x1f0 [ 881.413469][T21054] should_fail_ex+0x512/0x640 [ 881.413500][T21054] should_fail_alloc_page+0xe7/0x130 [ 881.413521][T21054] prepare_alloc_pages+0x3c2/0x610 [ 881.413549][T21054] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 881.413571][T21054] ? find_held_lock+0x2b/0x80 [ 881.413587][T21054] ? is_bpf_text_address+0x8a/0x1a0 [ 881.413605][T21054] ? bpf_ksym_find+0x124/0x1c0 [ 881.413619][T21054] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 881.413636][T21054] ? is_bpf_text_address+0x94/0x1a0 [ 881.413653][T21054] ? kernel_text_address+0x8d/0x100 [ 881.413667][T21054] ? __kernel_text_address+0xd/0x40 [ 881.413680][T21054] ? unwind_get_return_address+0x59/0xa0 [ 881.413703][T21054] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 881.413725][T21054] ? policy_nodemask+0xea/0x4e0 [ 881.413745][T21054] alloc_pages_mpol+0x1fb/0x550 [ 881.413765][T21054] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 881.413782][T21054] ? kasan_save_stack+0x33/0x60 [ 881.413797][T21054] ? kasan_save_track+0x14/0x30 [ 881.413812][T21054] ? __kasan_kmalloc+0xaa/0xb0 [ 881.413826][T21054] ? __get_vm_area_node+0x101/0x330 [ 881.413850][T21054] alloc_pages_noprof+0x131/0x390 [ 881.413869][T21054] get_free_pages_noprof+0x10/0xb0 [ 881.413887][T21054] kasan_populate_vmalloc+0x9f/0x2d0 [ 881.413903][T21054] ? alloc_vmap_area+0x8b5/0x29c0 [ 881.413926][T21054] alloc_vmap_area+0x960/0x29c0 [ 881.413954][T21054] ? __pfx_alloc_vmap_area+0x10/0x10 [ 881.413979][T21054] __get_vm_area_node+0x1ca/0x330 [ 881.414004][T21054] __vmalloc_node_range_noprof+0x271/0x14b0 [ 881.414019][T21054] ? n_tty_open+0x1a/0x170 [ 881.414032][T21054] ? look_up_lock_class+0x6b/0x150 [ 881.414057][T21054] ? n_tty_open+0x1a/0x170 [ 881.414075][T21054] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 881.414088][T21054] ? console_unlock+0x184/0x210 [ 881.414102][T21054] ? __pfx_console_unlock+0x10/0x10 [ 881.414117][T21054] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 881.414135][T21054] ? n_tty_open+0x1a/0x170 [ 881.414147][T21054] __vmalloc_node_noprof+0xad/0xf0 [ 881.414161][T21054] ? n_tty_open+0x1a/0x170 [ 881.414174][T21054] ? __pfx_n_tty_open+0x10/0x10 [ 881.414189][T21054] n_tty_open+0x1a/0x170 [ 881.414202][T21054] ? __pfx_n_tty_open+0x10/0x10 [ 881.414215][T21054] tty_ldisc_open+0x9f/0x120 [ 881.414234][T21054] tty_ldisc_setup+0x40/0x100 [ 881.414253][T21054] tty_init_dev.part.0+0x1ec/0x500 [ 881.414268][T21054] tty_open+0xa50/0xf90 [ 881.414285][T21054] ? __pfx_tty_open+0x10/0x10 [ 881.414297][T21054] ? chrdev_open+0x10b/0x6a0 [ 881.414318][T21054] ? __pfx_tty_open+0x10/0x10 [ 881.414330][T21054] chrdev_open+0x231/0x6a0 [ 881.414347][T21054] ? __pfx_apparmor_file_open+0x10/0x10 [ 881.414363][T21054] ? __pfx_chrdev_open+0x10/0x10 [ 881.414382][T21054] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 881.414402][T21054] do_dentry_open+0x97f/0x1530 [ 881.414420][T21054] ? __pfx_chrdev_open+0x10/0x10 [ 881.414441][T21054] vfs_open+0x82/0x3f0 [ 881.414464][T21054] path_openat+0x1de4/0x2cb0 [ 881.414493][T21054] ? __pfx_path_openat+0x10/0x10 [ 881.414515][T21054] do_filp_open+0x20b/0x470 [ 881.414532][T21054] ? __pfx_do_filp_open+0x10/0x10 [ 881.414563][T21054] ? alloc_fd+0x471/0x7d0 [ 881.414583][T21054] do_sys_openat2+0x11b/0x1d0 [ 881.414604][T21054] ? __pfx_do_sys_openat2+0x10/0x10 [ 881.414632][T21054] __x64_sys_openat+0x174/0x210 [ 881.414645][T21054] ? __pfx___x64_sys_openat+0x10/0x10 [ 881.414666][T21054] do_syscall_64+0xcd/0x4c0 [ 881.414688][T21054] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 881.414703][T21054] RIP: 0033:0x7f50f438ec29 [ 881.414715][T21054] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 881.414729][T21054] RSP: 002b:00007f50f528b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 881.414743][T21054] RAX: ffffffffffffffda RBX: 00007f50f45d6090 RCX: 00007f50f438ec29 [ 881.414753][T21054] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 881.414762][T21054] RBP: 00007f50f4411e41 R08: 0000000000000000 R09: 0000000000000000 [ 881.414770][T21054] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000 [ 881.414779][T21054] R13: 00007f50f45d6128 R14: 00007f50f45d6090 R15: 00007ffe3d2939b8 [ 881.414798][T21054] [ 881.856577][ C0] vkms_vblank_simulate: vblank timer overrun [ 882.019906][T21061] FAULT_INJECTION: forcing a failure. [ 882.019906][T21061] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 882.033276][T21061] CPU: 0 UID: 0 PID: 21061 Comm: syz.1.2998 Tainted: G I syzkaller #0 PREEMPT(full) [ 882.033301][T21061] Tainted: [I]=FIRMWARE_WORKAROUND [ 882.033308][T21061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 882.033317][T21061] Call Trace: [ 882.033324][T21061] [ 882.033331][T21061] dump_stack_lvl+0x16c/0x1f0 [ 882.033358][T21061] should_fail_ex+0x512/0x640 [ 882.033404][T21061] should_fail_alloc_page+0xe7/0x130 [ 882.033427][T21061] prepare_alloc_pages+0x3c2/0x610 [ 882.033450][T21061] ? rcu_is_watching+0x12/0xc0 [ 882.033467][T21061] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 882.033484][T21061] ? css_rstat_updated+0x1c2/0x510 [ 882.033502][T21061] ? __pfx_css_rstat_updated+0x10/0x10 [ 882.033518][T21061] ? __lock_acquire+0x62e/0x1ce0 [ 882.033539][T21061] ? rcu_is_watching+0x12/0xc0 [ 882.033554][T21061] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 882.033572][T21061] ? __mod_zone_page_state+0xcc/0x1a0 [ 882.033593][T21061] ? __lock_acquire+0x62e/0x1ce0 [ 882.033615][T21061] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 882.033637][T21061] ? policy_nodemask+0xea/0x4e0 [ 882.033657][T21061] alloc_pages_mpol+0x1fb/0x550 [ 882.033676][T21061] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 882.033697][T21061] ? __lock_acquire+0x62e/0x1ce0 [ 882.033716][T21061] folio_alloc_mpol_noprof+0x36/0x2f0 [ 882.033739][T21061] vma_alloc_folio_noprof+0xed/0x1e0 [ 882.033760][T21061] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 882.033787][T21061] do_pte_missing+0x2230/0x3ba0 [ 882.033802][T21061] ? find_held_lock+0x2b/0x80 [ 882.033821][T21061] __handle_mm_fault+0x152a/0x2a50 [ 882.033841][T21061] ? __pfx___handle_mm_fault+0x10/0x10 [ 882.033857][T21061] ? __pte_offset_map_lock+0x174/0x310 [ 882.033877][T21061] ? find_held_lock+0x2b/0x80 [ 882.033897][T21061] ? follow_page_pte.constprop.0+0x5cf/0x1390 [ 882.033922][T21061] handle_mm_fault+0x589/0xd10 [ 882.033941][T21061] __get_user_pages+0x551/0x34a0 [ 882.033969][T21061] ? __pfx___get_user_pages+0x10/0x10 [ 882.033995][T21061] populate_vma_page_range+0x267/0x3f0 [ 882.034018][T21061] ? __pfx_populate_vma_page_range+0x10/0x10 [ 882.034039][T21061] ? __pfx_find_vma_intersection+0x10/0x10 [ 882.034060][T21061] ? do_mmap+0x69c/0x1210 [ 882.034081][T21061] __mm_populate+0x1d8/0x380 [ 882.034095][T21061] ? __pfx___mm_populate+0x10/0x10 [ 882.034110][T21061] ? up_write+0x1b2/0x520 [ 882.034131][T21061] vm_mmap_pgoff+0x37f/0x470 [ 882.034153][T21061] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 882.034177][T21061] ? __x64_sys_futex+0x1e0/0x4c0 [ 882.034194][T21061] ? __x64_sys_futex+0x1e9/0x4c0 [ 882.034215][T21061] ksys_mmap_pgoff+0x7d/0x5c0 [ 882.034233][T21061] ? xfd_validate_state+0x61/0x180 [ 882.034253][T21061] ? getname_flags.part.0+0x1c5/0x550 [ 882.034277][T21061] __x64_sys_mmap+0x125/0x190 [ 882.034300][T21061] do_syscall_64+0xcd/0x4c0 [ 882.034323][T21061] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 882.034338][T21061] RIP: 0033:0x7ffa2e78ec29 [ 882.034351][T21061] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 882.034365][T21061] RSP: 002b:00007ffa2f56a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 882.034380][T21061] RAX: ffffffffffffffda RBX: 00007ffa2e9d5fa0 RCX: 00007ffa2e78ec29 [ 882.034397][T21061] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 882.034406][T21061] RBP: 00007ffa2e811e41 R08: 0000000000000002 R09: 0000000000008000 [ 882.034416][T21061] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 882.034426][T21061] R13: 00007ffa2e9d6038 R14: 00007ffa2e9d5fa0 R15: 00007ffc32926198 [ 882.034446][T21061] [ 882.393049][ C0] vkms_vblank_simulate: vblank timer overrun [ 883.003566][T21054] syz.0.2997: vmalloc error: size 9128, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 883.128120][T21054] CPU: 0 UID: 0 PID: 21054 Comm: syz.0.2997 Tainted: G I syzkaller #0 PREEMPT(full) [ 883.128146][T21054] Tainted: [I]=FIRMWARE_WORKAROUND [ 883.128151][T21054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 883.128160][T21054] Call Trace: [ 883.128165][T21054] [ 883.128171][T21054] dump_stack_lvl+0x16c/0x1f0 [ 883.128198][T21054] warn_alloc+0x248/0x3a0 [ 883.128217][T21054] ? __pfx_warn_alloc+0x10/0x10 [ 883.128251][T21054] ? kfree+0x2b4/0x4d0 [ 883.128274][T21054] ? __get_vm_area_node+0x208/0x330 [ 883.128300][T21054] __vmalloc_node_range_noprof+0xb2d/0x14b0 [ 883.128314][T21054] ? look_up_lock_class+0x6b/0x150 [ 883.128340][T21054] ? n_tty_open+0x1a/0x170 [ 883.128360][T21054] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 883.128373][T21054] ? console_unlock+0x184/0x210 [ 883.128387][T21054] ? __pfx_console_unlock+0x10/0x10 [ 883.128402][T21054] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 883.128420][T21054] ? n_tty_open+0x1a/0x170 [ 883.128433][T21054] __vmalloc_node_noprof+0xad/0xf0 [ 883.128446][T21054] ? n_tty_open+0x1a/0x170 [ 883.128460][T21054] ? __pfx_n_tty_open+0x10/0x10 [ 883.128474][T21054] n_tty_open+0x1a/0x170 [ 883.128488][T21054] ? __pfx_n_tty_open+0x10/0x10 [ 883.128501][T21054] tty_ldisc_open+0x9f/0x120 [ 883.128519][T21054] tty_ldisc_setup+0x40/0x100 [ 883.128539][T21054] tty_init_dev.part.0+0x1ec/0x500 [ 883.128554][T21054] tty_open+0xa50/0xf90 [ 883.128570][T21054] ? __pfx_tty_open+0x10/0x10 [ 883.128583][T21054] ? chrdev_open+0x10b/0x6a0 [ 883.128603][T21054] ? __pfx_tty_open+0x10/0x10 [ 883.128616][T21054] chrdev_open+0x231/0x6a0 [ 883.128633][T21054] ? __pfx_apparmor_file_open+0x10/0x10 [ 883.128649][T21054] ? __pfx_chrdev_open+0x10/0x10 [ 883.128668][T21054] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 883.128688][T21054] do_dentry_open+0x97f/0x1530 [ 883.128705][T21054] ? __pfx_chrdev_open+0x10/0x10 [ 883.128727][T21054] vfs_open+0x82/0x3f0 [ 883.128750][T21054] path_openat+0x1de4/0x2cb0 [ 883.128773][T21054] ? __pfx_path_openat+0x10/0x10 [ 883.128795][T21054] do_filp_open+0x20b/0x470 [ 883.128812][T21054] ? __pfx_do_filp_open+0x10/0x10 [ 883.128843][T21054] ? alloc_fd+0x471/0x7d0 [ 883.128863][T21054] do_sys_openat2+0x11b/0x1d0 [ 883.128884][T21054] ? __pfx_do_sys_openat2+0x10/0x10 [ 883.128912][T21054] __x64_sys_openat+0x174/0x210 [ 883.128925][T21054] ? __pfx___x64_sys_openat+0x10/0x10 [ 883.128946][T21054] do_syscall_64+0xcd/0x4c0 [ 883.128968][T21054] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 883.128983][T21054] RIP: 0033:0x7f50f438ec29 [ 883.128995][T21054] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 883.129009][T21054] RSP: 002b:00007f50f528b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 883.129023][T21054] RAX: ffffffffffffffda RBX: 00007f50f45d6090 RCX: 00007f50f438ec29 [ 883.129032][T21054] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 883.129041][T21054] RBP: 00007f50f4411e41 R08: 0000000000000000 R09: 0000000000000000 [ 883.129049][T21054] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000 [ 883.129057][T21054] R13: 00007f50f45d6128 R14: 00007f50f45d6090 R15: 00007ffe3d2939b8 [ 883.129076][T21054] [ 883.129082][T21054] Mem-Info: [ 883.399320][ C0] vkms_vblank_simulate: vblank timer overrun [ 883.476326][T21070] FAULT_INJECTION: forcing a failure. [ 883.476326][T21070] name failslab, interval 1, probability 0, space 0, times 0 [ 883.507950][T21070] CPU: 0 UID: 0 PID: 21070 Comm: syz.3.3001 Tainted: G I syzkaller #0 PREEMPT(full) [ 883.507975][T21070] Tainted: [I]=FIRMWARE_WORKAROUND [ 883.507981][T21070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 883.507989][T21070] Call Trace: [ 883.507995][T21070] [ 883.508001][T21070] dump_stack_lvl+0x16c/0x1f0 [ 883.508027][T21070] should_fail_ex+0x512/0x640 [ 883.508049][T21070] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 883.508068][T21070] should_failslab+0xc2/0x120 [ 883.508087][T21070] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 883.508104][T21070] ? vma_merge_new_range+0x3ae/0xa50 [ 883.508119][T21070] ? vm_area_alloc+0x1f/0x160 [ 883.508137][T21070] vm_area_alloc+0x1f/0x160 [ 883.508151][T21070] __mmap_region+0xf90/0x27b0 [ 883.508170][T21070] ? __pfx___mmap_region+0x10/0x10 [ 883.508186][T21070] ? lock_acquire+0x179/0x350 [ 883.508223][T21070] ? mark_held_locks+0x49/0x80 [ 883.508245][T21070] ? finish_task_switch.isra.0+0x221/0xc10 [ 883.508260][T21070] ? lockdep_hardirqs_on+0x7c/0x110 [ 883.508281][T21070] ? finish_task_switch.isra.0+0x221/0xc10 [ 883.508296][T21070] ? rcu_is_watching+0x12/0xc0 [ 883.508311][T21070] ? trace_sched_exit_tp+0xd1/0x120 [ 883.508362][T21070] ? trace_cap_capable+0x18d/0x200 [ 883.508384][T21070] mmap_region+0x1ab/0x3f0 [ 883.508400][T21070] ? __get_unmapped_area+0x267/0x440 [ 883.508422][T21070] do_mmap+0xa3e/0x1210 [ 883.508445][T21070] ? __pfx_do_mmap+0x10/0x10 [ 883.508465][T21070] ? __pfx_down_write_killable+0x10/0x10 [ 883.508483][T21070] vm_mmap_pgoff+0x29e/0x470 [ 883.508507][T21070] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 883.508531][T21070] ? __x64_sys_futex+0x1e0/0x4c0 [ 883.508548][T21070] ? __x64_sys_futex+0x1e9/0x4c0 [ 883.508568][T21070] ksys_mmap_pgoff+0x7d/0x5c0 [ 883.508586][T21070] ? xfd_validate_state+0x61/0x180 [ 883.508606][T21070] ? __pfx_ksys_write+0x10/0x10 [ 883.508625][T21070] __x64_sys_mmap+0x125/0x190 [ 883.508649][T21070] do_syscall_64+0xcd/0x4c0 [ 883.508672][T21070] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 883.508687][T21070] RIP: 0033:0x7f5a66d8ec29 [ 883.508699][T21070] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 883.508713][T21070] RSP: 002b:00007f5a67c11038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 883.508726][T21070] RAX: ffffffffffffffda RBX: 00007f5a66fd5fa0 RCX: 00007f5a66d8ec29 [ 883.508736][T21070] RDX: 00000000000000df RSI: 0000000000400005 RDI: 0000000000000000 [ 883.508744][T21070] RBP: 00007f5a66e11e41 R08: 0000000000000002 R09: 0000000000008000 [ 883.508753][T21070] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 883.508761][T21070] R13: 00007f5a66fd6038 R14: 00007f5a66fd5fa0 R15: 00007ffc43749288 [ 883.508779][T21070] [ 883.783046][ C0] vkms_vblank_simulate: vblank timer overrun [ 883.993026][T21085] netlink: 25 bytes leftover after parsing attributes in process `syz.2.3005'. [ 884.003506][T21085] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3005'. [ 884.220033][T21085] bridge0: port 2(bridge_slave_1) entered disabled state [ 884.232114][T21054] active_anon:11340 inactive_anon:6 isolated_anon:0 [ 884.232114][T21054] active_file:10199 inactive_file:46872 isolated_file:0 [ 884.232114][T21054] unevictable:768 dirty:259 writeback:0 [ 884.232114][T21054] slab_reclaimable:13005 slab_unreclaimable:98113 [ 884.232114][T21054] mapped:25716 shmem:1357 pagetables:1204 [ 884.232114][T21054] sec_pagetables:0 bounce:0 [ 884.232114][T21054] kernel_misc_reclaimable:0 [ 884.232114][T21054] free:1299229 free_pcp:25361 free_cma:0 [ 884.277548][ C0] vkms_vblank_simulate: vblank timer overrun [ 884.365082][T21054] Node 0 active_anon:45256kB inactive_anon:24kB active_file:40796kB inactive_file:186872kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:98808kB dirty:1192kB writeback:0kB shmem:3892kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:12080kB pagetables:4712kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 884.396988][ C0] vkms_vblank_simulate: vblank timer overrun [ 884.422942][T21054] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:616kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:104kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 884.452791][ C0] vkms_vblank_simulate: vblank timer overrun [ 884.468327][T21054] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 884.497210][ C0] vkms_vblank_simulate: vblank timer overrun [ 884.505960][T21054] lowmem_reserve[]: 0 2480 2481 2481 2481 [ 884.514776][T21085] bridge_slave_1 (unregistering): left allmulticast mode [ 884.524262][T21054] Node 0 DMA32 free:1342236kB boost:0kB min:34076kB low:42592kB high:51108kB reserved_highatomic:0KB free_highatomic:0KB active_anon:45208kB inactive_anon:24kB active_file:40796kB inactive_file:185556kB unevictable:1536kB writepending:1296kB present:3129332kB managed:2539532kB mlocked:0kB bounce:0kB free_pcp:41164kB local_pcp:41164kB free_cma:0kB [ 884.560786][T21054] lowmem_reserve[]: 0 0 1 1 1 [ 884.565566][T21054] Node 0 Normal free:8kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1316kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:16kB free_cma:0kB [ 884.594780][ C0] vkms_vblank_simulate: vblank timer overrun [ 884.602239][T21085] bridge_slave_1 (unregistering): left promiscuous mode [ 884.609657][T21054] lowmem_reserve[]: 0 0 0 0 0 [ 884.614497][T21054] Node 1 Normal free:3839312kB boost:0kB min:55804kB low:69752kB high:83700kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:616kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:61080kB local_pcp:61080kB free_cma:0kB [ 884.645747][ C0] vkms_vblank_simulate: vblank timer overrun [ 884.655878][T21085] bridge0: port 2(bridge_slave_1) entered disabled state [ 884.663425][T21054] lowmem_reserve[]: 0 0 0 0 0 [ 884.668492][T21054] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 884.681630][T21054] Node 0 DMA32: 4851*4kB (UM) 2982*8kB (UM) 1588*16kB (UME) 1819*32kB (UME) 1096*64kB (UME) 677*128kB (UME) 399*256kB (UM) 166*512kB (UME) 57*1024kB (UME) 9*2048kB (UME) 194*4096kB (UM) = 1342236kB [ 884.713898][T21054] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 884.727592][T21054] Node 1 Normal: 150*4kB (UME) 163*8kB (ME) 130*16kB (M) 242*32kB (UME) 198*64kB (UME) 74*128kB (UME) 31*256kB (ME) 19*512kB (M) 9*1024kB (UM) 9*2048kB (UME) 918*4096kB (UM) = 3839312kB [ 884.746774][T21054] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 884.759004][T21054] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 884.770678][T21054] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 884.803566][T21054] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 884.813416][T21054] 58431 total pagecache pages [ 884.819071][T21054] 7 pages in swap cache [ 884.824193][T21054] Free swap = 119260kB [ 884.828445][T21054] Total swap = 124996kB [ 884.832931][T21054] 2097051 pages RAM [ 884.837015][T21054] 0 pages HighMem/MovableOnly [ 884.841737][T21054] 430206 pages reserved [ 884.846688][T21054] 0 pages cma reserved [ 884.851942][T21054] tty tty26: ldisc open failed (-12), clearing slot 25 [ 885.753505][T21122] random: crng reseeded on system resumption [ 887.440301][ T30] audit: type=1800 audit(4294967461.350:50): pid=21161 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.3022" name="features" dev="configfs" ino=83626 res=0 errno=0 [ 887.473836][T21161] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3022'. [ 887.526268][T21161] veth0_macvtap: left promiscuous mode [ 887.532186][T21161] macvtap0: entered promiscuous mode [ 887.538141][T21161] macvtap0: entered allmulticast mode [ 888.456708][T21183] kafs: addr_prefs: Too many elements in string [ 889.010022][T21200] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3030'. [ 891.855396][T21272] block2mtd: illegal erase size [ 892.737480][T21292] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3047'. [ 892.880327][T21296] nbd: socks must be embedded in a SOCK_ITEM attr [ 892.925751][T21296] block nbd1: shutting down sockets [ 893.396984][T21304] FAULT_INJECTION: forcing a failure. [ 893.396984][T21304] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 893.420078][T21304] CPU: 0 UID: 0 PID: 21304 Comm: syz.0.3059 Tainted: G I syzkaller #0 PREEMPT(full) [ 893.420105][T21304] Tainted: [I]=FIRMWARE_WORKAROUND [ 893.420111][T21304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 893.420120][T21304] Call Trace: [ 893.420126][T21304] [ 893.420132][T21304] dump_stack_lvl+0x16c/0x1f0 [ 893.420159][T21304] should_fail_ex+0x512/0x640 [ 893.420184][T21304] should_fail_alloc_page+0xe7/0x130 [ 893.420206][T21304] prepare_alloc_pages+0x3c2/0x610 [ 893.420231][T21304] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 893.420250][T21304] ? __pfx_workingset_update_node+0x10/0x10 [ 893.420277][T21304] ? __lock_acquire+0x62e/0x1ce0 [ 893.420300][T21304] ? css_rstat_updated+0x1c2/0x510 [ 893.420317][T21304] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 893.420340][T21304] ? rcu_is_watching+0x12/0xc0 [ 893.420361][T21304] ? __lock_acquire+0x62e/0x1ce0 [ 893.420380][T21304] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 893.420402][T21304] ? policy_nodemask+0xea/0x4e0 [ 893.420422][T21304] alloc_pages_mpol+0x1fb/0x550 [ 893.420441][T21304] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 893.420461][T21304] ? filemap_get_entry+0x1a7/0x3b0 [ 893.420483][T21304] folio_alloc_noprof+0x20/0x2d0 [ 893.420504][T21304] filemap_alloc_folio_noprof+0x3a1/0x470 [ 893.420521][T21304] ? __pfx_filemap_alloc_folio_noprof+0x10/0x10 [ 893.420541][T21304] __filemap_get_folio+0x5e1/0xc30 [ 893.420563][T21304] ioctx_alloc+0x761/0x2120 [ 893.420589][T21304] ? __pfx_ioctx_alloc+0x10/0x10 [ 893.420603][T21304] ? __might_fault+0x13b/0x190 [ 893.420625][T21304] __x64_sys_io_setup+0xc9/0x210 [ 893.420642][T21304] do_syscall_64+0xcd/0x4c0 [ 893.420665][T21304] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 893.420680][T21304] RIP: 0033:0x7f50f438ec29 [ 893.420692][T21304] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 893.420708][T21304] RSP: 002b:00007f50f52ac038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 893.420722][T21304] RAX: ffffffffffffffda RBX: 00007f50f45d5fa0 RCX: 00007f50f438ec29 [ 893.420732][T21304] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000007ffe [ 893.420741][T21304] RBP: 00007f50f4411e41 R08: 0000000000000000 R09: 0000000000000000 [ 893.420750][T21304] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 893.420759][T21304] R13: 00007f50f45d6038 R14: 00007f50f45d5fa0 R15: 00007ffe3d2939b8 [ 893.420779][T21304] [ 894.128969][T21313] nbd0: detected capacity change from 0 to 6442450944 [ 894.191376][T21312] netlink: 25 bytes leftover after parsing attributes in process `syz.3.3052'. [ 894.216409][T21312] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3052'. [ 894.270166][T16863] [ 894.272533][T16863] ====================================================== [ 894.279533][T16863] WARNING: possible circular locking dependency detected [ 894.286533][T16863] syzkaller #0 Tainted: G I [ 894.292507][T16863] ------------------------------------------------------ [ 894.299519][T16863] udevd/16863 is trying to acquire lock: [ 894.305128][T16863] ffff888057aab270 (&nsock->tx_lock){+.+.}-{4:4}, at: nbd_queue_rq+0x423/0x12d0 [ 894.314160][T16863] [ 894.314160][T16863] but task is already holding lock: [ 894.321503][T16863] ffff8880265551f8 (&cmd->lock){+.+.}-{4:4}, at: nbd_queue_rq+0xbd/0x12d0 [ 894.330012][T16863] [ 894.330012][T16863] which lock already depends on the new lock. [ 894.330012][T16863] [ 894.340396][T16863] [ 894.340396][T16863] the existing dependency chain (in reverse order) is: [ 894.349421][T16863] [ 894.349421][T16863] -> #5 (&cmd->lock){+.+.}-{4:4}: [ 894.356623][T16863] __mutex_lock+0x193/0x1060 [ 894.361729][T16863] nbd_queue_rq+0xbd/0x12d0 [ 894.366764][T16863] blk_mq_dispatch_rq_list+0x416/0x1e20 [ 894.372840][T16863] __blk_mq_sched_dispatch_requests+0xcb7/0x15f0 [ 894.379675][T16863] blk_mq_sched_dispatch_requests+0xd8/0x1b0 [ 894.386162][T16863] blk_mq_run_hw_queue+0x239/0x670 [ 894.391779][T16863] blk_mq_dispatch_list+0x514/0x1310 [ 894.397572][T16863] blk_mq_flush_plug_list+0x130/0x600 [ 894.403451][T16863] __blk_flush_plug+0x2c4/0x4b0 [ 894.408808][T16863] __submit_bio+0x545/0x690 [ 894.413851][T16863] submit_bio_noacct_nocheck+0x660/0xd30 [ 894.420042][T16863] submit_bio_noacct+0xc20/0x1ed0 [ 894.425581][T16863] block_read_full_folio+0x4db/0x850 [ 894.431381][T16863] filemap_read_folio+0xc5/0x2a0 [ 894.436831][T16863] do_read_cache_folio+0x263/0x5c0 [ 894.442452][T16863] read_part_sector+0xd4/0x370 [ 894.447718][T16863] adfspart_check_ICS+0x93/0x940 [ 894.453157][T16863] bdev_disk_changed+0x720/0x1520 [ 894.458682][T16863] blkdev_get_whole+0x187/0x290 [ 894.464038][T16863] bdev_open+0x2c7/0xe40 [ 894.468784][T16863] blkdev_open+0x34e/0x4f0 [ 894.473703][T16863] do_dentry_open+0x97f/0x1530 [ 894.478971][T16863] vfs_open+0x82/0x3f0 [ 894.483549][T16863] path_openat+0x1de4/0x2cb0 [ 894.488647][T16863] do_filp_open+0x20b/0x470 [ 894.493651][T16863] do_sys_openat2+0x11b/0x1d0 [ 894.498838][T16863] __x64_sys_openat+0x174/0x210 [ 894.504191][T16863] do_syscall_64+0xcd/0x4c0 [ 894.509207][T16863] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 894.515604][T16863] [ 894.515604][T16863] -> #4 (set->srcu){.+.+}-{0:0}: [ 894.522705][T16863] __synchronize_srcu+0xa1/0x290 [ 894.528171][T16863] blk_mq_quiesce_queue+0x149/0x1b0 [ 894.533874][T16863] queue_wb_lat_store+0x269/0x3d0 [ 894.539414][T16863] queue_attr_store+0x26b/0x310 [ 894.544777][T16863] sysfs_kf_write+0xef/0x150 [ 894.549875][T16863] kernfs_fop_write_iter+0x3ac/0x570 [ 894.555672][T16863] vfs_write+0x7d3/0x11d0 [ 894.560518][T16863] ksys_write+0x12a/0x250 [ 894.565365][T16863] do_syscall_64+0xcd/0x4c0 [ 894.570383][T16863] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 894.576795][T16863] [ 894.576795][T16863] -> #3 (&q->q_usage_counter(io)#69){++++}-{0:0}: [ 894.585469][T16863] blk_alloc_queue+0x619/0x760 [ 894.590741][T16863] blk_mq_alloc_queue+0x172/0x280 [ 894.596273][T16863] __blk_mq_alloc_disk+0x29/0x120 [ 894.601812][T16863] add_mtd_blktrans_dev+0x7ad/0x15a0 [ 894.607604][T16863] mtdblock_add_mtd+0x1cc/0x270 [ 894.612961][T16863] blktrans_notify_add+0xa2/0xf0 [ 894.618401][T16863] add_mtd_device+0xb07/0x1720 [ 894.623667][T16863] mtd_device_parse_register+0x7c2/0xb10 [ 894.629796][T16863] mtdram_init_device+0x298/0x350 [ 894.635328][T16863] init_mtdram+0xba/0x1b0 [ 894.640164][T16863] do_one_initcall+0x120/0x6e0 [ 894.645434][T16863] kernel_init_freeable+0x5c2/0x910 [ 894.651138][T16863] kernel_init+0x1c/0x2b0 [ 894.655976][T16863] ret_from_fork+0x56d/0x730 [ 894.661090][T16863] ret_from_fork_asm+0x1a/0x30 [ 894.666370][T16863] [ 894.666370][T16863] -> #2 (fs_reclaim){+.+.}-{0:0}: [ 894.673569][T16863] fs_reclaim_acquire+0x102/0x150 [ 894.679117][T16863] kmem_cache_alloc_node_noprof+0x57/0x3b0 [ 894.685438][T16863] __alloc_skb+0x2b2/0x380 [ 894.690398][T16863] tcp_stream_alloc_skb+0x34/0x570 [ 894.696046][T16863] tcp_sendmsg_locked+0x12d0/0x42a0 [ 894.701761][T16863] tcp_sendmsg+0x2e/0x50 [ 894.706527][T16863] inet_sendmsg+0xb9/0x140 [ 894.711457][T16863] sock_write_iter+0x4aa/0x5b0 [ 894.716729][T16863] vfs_write+0x7d3/0x11d0 [ 894.721568][T16863] ksys_write+0x1f8/0x250 [ 894.726402][T16863] do_syscall_64+0xcd/0x4c0 [ 894.731416][T16863] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 894.737811][T16863] [ 894.737811][T16863] -> #1 (sk_lock-AF_INET){+.+.}-{0:0}: [ 894.745435][T16863] lock_sock_nested+0x41/0xf0 [ 894.750618][T16863] inet_shutdown+0x67/0x440 [ 894.755624][T16863] nbd_mark_nsock_dead+0xae/0x5d0 [ 894.761154][T16863] sock_shutdown+0x17c/0x280 [ 894.766253][T16863] nbd_config_put+0x1e6/0x750 [ 894.771438][T16863] nbd_genl_connect+0x162b/0x1c60 [ 894.776962][T16863] genl_family_rcv_msg_doit+0x209/0x2f0 [ 894.783008][T16863] genl_rcv_msg+0x55c/0x800 [ 894.788012][T16863] netlink_rcv_skb+0x155/0x420 [ 894.793283][T16863] genl_rcv+0x28/0x40 [ 894.797778][T16863] netlink_unicast+0x5aa/0x870 [ 894.803076][T16863] netlink_sendmsg+0x8d1/0xdd0 [ 894.808362][T16863] ____sys_sendmsg+0xa95/0xc70 [ 894.813644][T16863] ___sys_sendmsg+0x134/0x1d0 [ 894.818868][T16863] __sys_sendmsg+0x16d/0x220 [ 894.823972][T16863] do_syscall_64+0xcd/0x4c0 [ 894.829013][T16863] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 894.835414][T16863] [ 894.835414][T16863] -> #0 (&nsock->tx_lock){+.+.}-{4:4}: [ 894.843040][T16863] __lock_acquire+0x12a6/0x1ce0 [ 894.848402][T16863] lock_acquire+0x179/0x350 [ 894.853438][T16863] __mutex_lock+0x193/0x1060 [ 894.858543][T16863] nbd_queue_rq+0x423/0x12d0 [ 894.863638][T16863] blk_mq_dispatch_rq_list+0x416/0x1e20 [ 894.869713][T16863] __blk_mq_sched_dispatch_requests+0xcb7/0x15f0 [ 894.876561][T16863] blk_mq_sched_dispatch_requests+0xd8/0x1b0 [ 894.883082][T16863] blk_mq_run_hw_queue+0x239/0x670 [ 894.888702][T16863] blk_mq_dispatch_list+0x514/0x1310 [ 894.894496][T16863] blk_mq_flush_plug_list+0x130/0x600 [ 894.900375][T16863] __blk_flush_plug+0x2c4/0x4b0 [ 894.905728][T16863] __submit_bio+0x545/0x690 [ 894.910737][T16863] submit_bio_noacct_nocheck+0x660/0xd30 [ 894.916874][T16863] submit_bio_noacct+0xc20/0x1ed0 [ 894.922399][T16863] block_read_full_folio+0x4db/0x850 [ 894.928192][T16863] filemap_read_folio+0xc5/0x2a0 [ 894.933633][T16863] do_read_cache_folio+0x263/0x5c0 [ 894.939264][T16863] read_part_sector+0xd4/0x370 [ 894.944541][T16863] adfspart_check_ICS+0x93/0x940 [ 894.949992][T16863] bdev_disk_changed+0x720/0x1520 [ 894.955521][T16863] blkdev_get_whole+0x187/0x290 [ 894.960894][T16863] bdev_open+0x2c7/0xe40 [ 894.965662][T16863] blkdev_open+0x34e/0x4f0 [ 894.970602][T16863] do_dentry_open+0x97f/0x1530 [ 894.975873][T16863] vfs_open+0x82/0x3f0 [ 894.980456][T16863] path_openat+0x1de4/0x2cb0 [ 894.985550][T16863] do_filp_open+0x20b/0x470 [ 894.990562][T16863] do_sys_openat2+0x11b/0x1d0 [ 894.995766][T16863] __x64_sys_openat+0x174/0x210 [ 895.001119][T16863] do_syscall_64+0xcd/0x4c0 [ 895.006134][T16863] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 895.012531][T16863] [ 895.012531][T16863] other info that might help us debug this: [ 895.012531][T16863] [ 895.022739][T16863] Chain exists of: [ 895.022739][T16863] &nsock->tx_lock --> set->srcu --> &cmd->lock [ 895.022739][T16863] [ 895.034799][T16863] Possible unsafe locking scenario: [ 895.034799][T16863] [ 895.042233][T16863] CPU0 CPU1 [ 895.047578][T16863] ---- ---- [ 895.052929][T16863] lock(&cmd->lock); [ 895.056896][T16863] lock(set->srcu); [ 895.063309][T16863] lock(&cmd->lock); [ 895.069792][T16863] lock(&nsock->tx_lock); [ 895.074189][T16863] [ 895.074189][T16863] *** DEADLOCK *** [ 895.074189][T16863] [ 895.082311][T16863] 3 locks held by udevd/16863: [ 895.087057][T16863] #0: ffff888143370358 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0x41a/0xe40 [ 895.096346][T16863] #1: ffff88814332f610 (set->srcu){.+.+}-{0:0}, at: blk_mq_run_hw_queue+0x22b/0x670 [ 895.105807][T16863] #2: ffff8880265551f8 (&cmd->lock){+.+.}-{4:4}, at: nbd_queue_rq+0xbd/0x12d0 [ 895.114745][T16863] [ 895.114745][T16863] stack backtrace: [ 895.120637][T16863] CPU: 0 UID: 0 PID: 16863 Comm: udevd Tainted: G I syzkaller #0 PREEMPT(full) [ 895.120657][T16863] Tainted: [I]=FIRMWARE_WORKAROUND [ 895.120663][T16863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 895.120672][T16863] Call Trace: [ 895.120680][T16863] [ 895.120687][T16863] dump_stack_lvl+0x116/0x1f0 [ 895.120710][T16863] print_circular_bug+0x275/0x350 [ 895.120729][T16863] check_noncircular+0x14c/0x170 [ 895.120748][T16863] __lock_acquire+0x12a6/0x1ce0 [ 895.120768][T16863] lock_acquire+0x179/0x350 [ 895.120785][T16863] ? nbd_queue_rq+0x423/0x12d0 [ 895.120798][T16863] ? __pfx___might_resched+0x10/0x10 [ 895.120814][T16863] ? nbd_queue_rq+0x423/0x12d0 [ 895.120826][T16863] __mutex_lock+0x193/0x1060 [ 895.120846][T16863] ? nbd_queue_rq+0x423/0x12d0 [ 895.120861][T16863] ? __pfx___mutex_lock+0x10/0x10 [ 895.120880][T16863] ? lock_acquire+0x179/0x350 [ 895.120898][T16863] ? mark_held_locks+0x49/0x80 [ 895.120917][T16863] ? nbd_queue_rq+0x423/0x12d0 [ 895.120928][T16863] nbd_queue_rq+0x423/0x12d0 [ 895.120941][T16863] ? __schedule+0x11a3/0x5de0 [ 895.120960][T16863] ? __pfx_nbd_queue_rq+0x10/0x10 [ 895.120975][T16863] ? __pfx___schedule+0x10/0x10 [ 895.120991][T16863] ? irqentry_exit+0x3b/0x90 [ 895.121012][T16863] blk_mq_dispatch_rq_list+0x416/0x1e20 [ 895.121031][T16863] ? sbitmap_find_bit+0x4c0/0x6f0 [ 895.121055][T16863] ? sbitmap_get+0x1e5/0x360 [ 895.121070][T16863] ? __pfx_blk_mq_dispatch_rq_list+0x10/0x10 [ 895.121089][T16863] ? __blk_mq_alloc_driver_tag+0x4f7/0x7a0 [ 895.121107][T16863] __blk_mq_sched_dispatch_requests+0xcb7/0x15f0 [ 895.121127][T16863] ? __pfx___blk_mq_sched_dispatch_requests+0x10/0x10 [ 895.121148][T16863] blk_mq_sched_dispatch_requests+0xd8/0x1b0 [ 895.121166][T16863] blk_mq_run_hw_queue+0x239/0x670 [ 895.121181][T16863] ? blk_mq_run_hw_queue+0x22b/0x670 [ 895.121197][T16863] blk_mq_dispatch_list+0x514/0x1310 [ 895.121216][T16863] ? __pfx_blk_mq_dispatch_list+0x10/0x10 [ 895.121234][T16863] ? find_held_lock+0x2b/0x80 [ 895.121247][T16863] ? blk_add_trace_plug+0xf5/0x290 [ 895.121263][T16863] blk_mq_flush_plug_list+0x130/0x600 [ 895.121281][T16863] ? trace_block_plug+0x17f/0x200 [ 895.121295][T16863] ? blk_add_rq_to_plug+0x30a/0x540 [ 895.121312][T16863] ? __pfx_blk_mq_flush_plug_list+0x10/0x10 [ 895.121331][T16863] ? blk_mq_submit_bio+0x7b2/0x2a10 [ 895.121349][T16863] __blk_flush_plug+0x2c4/0x4b0 [ 895.121367][T16863] ? __pfx___blk_flush_plug+0x10/0x10 [ 895.121383][T16863] ? __lock_acquire+0x62e/0x1ce0 [ 895.121402][T16863] __submit_bio+0x545/0x690 [ 895.121418][T16863] ? __pfx___submit_bio+0x10/0x10 [ 895.121438][T16863] ? submit_bio_noacct_nocheck+0x660/0xd30 [ 895.121455][T16863] submit_bio_noacct_nocheck+0x660/0xd30 [ 895.121473][T16863] ? __pfx_submit_bio_noacct_nocheck+0x10/0x10 [ 895.121491][T16863] ? __pfx___might_resched+0x10/0x10 [ 895.121506][T16863] submit_bio_noacct+0xc20/0x1ed0 [ 895.121525][T16863] block_read_full_folio+0x4db/0x850 [ 895.121545][T16863] ? __pfx_blkdev_get_block+0x10/0x10 [ 895.121563][T16863] ? __pfx_blkdev_read_folio+0x10/0x10 [ 895.121580][T16863] filemap_read_folio+0xc5/0x2a0 [ 895.121596][T16863] ? __pfx_filemap_read_folio+0x10/0x10 [ 895.121612][T16863] ? __filemap_get_folio+0x32b/0xc30 [ 895.121631][T16863] do_read_cache_folio+0x263/0x5c0 [ 895.121648][T16863] ? __pfx_blkdev_read_folio+0x10/0x10 [ 895.121666][T16863] read_part_sector+0xd4/0x370 [ 895.121682][T16863] adfspart_check_ICS+0x93/0x940 [ 895.121697][T16863] ? snprintf+0xc7/0x100 [ 895.121715][T16863] ? __pfx_snprintf+0x10/0x10 [ 895.121733][T16863] ? __pfx_adfspart_check_ICS+0x10/0x10 [ 895.121750][T16863] ? __pfx_adfspart_check_ICS+0x10/0x10 [ 895.121765][T16863] bdev_disk_changed+0x720/0x1520 [ 895.121782][T16863] ? __pfx_bdev_disk_changed+0x10/0x10 [ 895.121797][T16863] ? __pfx_ilookup+0x10/0x10 [ 895.121817][T16863] blkdev_get_whole+0x187/0x290 [ 895.121832][T16863] bdev_open+0x2c7/0xe40 [ 895.121849][T16863] blkdev_open+0x34e/0x4f0 [ 895.121868][T16863] do_dentry_open+0x97f/0x1530 [ 895.121885][T16863] ? __pfx_blkdev_open+0x10/0x10 [ 895.121904][T16863] vfs_open+0x82/0x3f0 [ 895.121924][T16863] path_openat+0x1de4/0x2cb0 [ 895.121943][T16863] ? __pfx_path_openat+0x10/0x10 [ 895.121960][T16863] do_filp_open+0x20b/0x470 [ 895.121976][T16863] ? __pfx_do_filp_open+0x10/0x10 [ 895.121997][T16863] ? alloc_fd+0x471/0x7d0 [ 895.122013][T16863] do_sys_openat2+0x11b/0x1d0 [ 895.122033][T16863] ? __pfx_do_sys_openat2+0x10/0x10 [ 895.122058][T16863] ? __sys_recvmsg+0x189/0x220 [ 895.122079][T16863] ? __pfx___sys_recvmsg+0x10/0x10 [ 895.122100][T16863] __x64_sys_openat+0x174/0x210 [ 895.122112][T16863] ? __pfx___x64_sys_openat+0x10/0x10 [ 895.122127][T16863] do_syscall_64+0xcd/0x4c0 [ 895.122149][T16863] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 895.122164][T16863] RIP: 0033:0x7f95a2ca7407 [ 895.122176][T16863] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff [ 895.122190][T16863] RSP: 002b:00007ffd65b0eba0 EFLAGS: 00000202 ORIG_RAX: 0000000000000101 [ 895.122204][T16863] RAX: ffffffffffffffda RBX: 00007f95a3392880 RCX: 00007f95a2ca7407 [ 895.122213][T16863] RDX: 00000000000a0800 RSI: 000055bedcbd92d0 RDI: ffffffffffffff9c [ 895.122223][T16863] RBP: 000055bedcbd8910 R08: 0000000000000000 R09: 0000000000000000 [ 895.122231][T16863] R10: 0000000000000000 R11: 0000000000000202 R12: 000055bedcbecba0 [ 895.122240][T16863] R13: 000055bedcbe6190 R14: 0000000000000000 R15: 000055bedcbecba0 [ 895.122252][T16863] [ 895.685769][T21312] bridge0: port 2(bridge_slave_1) entered disabled state [ 895.723559][T21312] bridge_slave_1 (unregistering): left allmulticast mode [ 895.733466][T21312] bridge_slave_1 (unregistering): left promiscuous mode [ 895.740491][T21312] bridge0: port 2(bridge_slave_1) entered disabled state [ 895.793030][T16863] block nbd0: Send control failed (result -107) [ 895.800593][T16863] block nbd0: Request send failed, requeueing [ 895.806872][T14749] block nbd0: Receive control failed (result -32) [ 895.816531][T12714] block nbd0: Dead connection, failed to find a fallback [ 895.852235][T12714] block nbd0: shutting down sockets [ 895.857829][T12714] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 895.878759][T12714] Buffer I/O error on dev nbd0, logical block 0, async page read [ 895.898064][T16863] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 895.907942][T16863] Buffer I/O error on dev nbd0, logical block 0, async page read [ 895.915893][T16863] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 895.931267][T16863] Buffer I/O error on dev nbd0, logical block 0, async page read [ 895.939338][T16863] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 895.948636][T16863] Buffer I/O error on dev nbd0, logical block 0, async page read [ 895.956630][T16863] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 895.965700][T16863] Buffer I/O error on dev nbd0, logical block 0, async page read [ 895.973791][T16863] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 895.983119][T16863] Buffer I/O error on dev nbd0, logical block 0, async page read [ 895.991153][T16863] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 896.000498][T16863] Buffer I/O error on dev nbd0, logical block 0, async page read [ 896.009239][T16863] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 896.018598][T16863] Buffer I/O error on dev nbd0, logical block 0, async page read [ 896.026539][T16863] ldm_validate_partition_table(): Disk read failed. [ 896.033757][T16863] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 896.044562][T16863] Buffer I/O error on dev nbd0, logical block 0, async page read [ 896.052560][T16863] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 896.061825][T16863] Buffer I/O error on dev nbd0, logical block 0, async page read [ 896.069954][T16863] Dev nbd0: unable to read RDB block 0 [ 896.075947][T16863] nbd0: unable to read partition table [ 896.084512][T16863] ldm_validate_partition_table(): Disk read failed. [ 896.091612][T16863] Dev nbd0: unable to read RDB block 0 [ 896.097734][T16863] nbd0: unable to read partition table