last executing test programs: 7.852834235s ago: executing program 2 (id=1144): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x28, 0x1, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710, @host}, 0x55) ioctl$auto(0x3, 0x5411, 0x38) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop10\x00', 0x0, 0x0) ioctl$auto_BLKSECDISCARD(r1, 0x127d, 0x0) close_range$auto(0x2, 0xa, 0x0) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000100), r0) mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x80000000000000a, 0x2, 0x0) socket(0xa, 0x801, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x11}}, 0x54) socket(0x10, 0x2, 0x0) memfd_secret$auto(0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/ram8/dev\x00', 0x488981, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x800000000001, 0x0) write$auto(r2, &(0x7f00000005c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D_#\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc^:\xd1\xe3\xf1@\xc0\x93^:Mn#Oi\xaa[X\x93)\x8f\x03K\xe6\xa4\x11?\xf1\x02+\\\xf9\x8b\xe5l5\x11\x006c\x907E\xeb\x81\fB\xe3\xf8n\x8f\x94V\xbcB\x9cm\x9f\x15\x00Q\xf8\x8fFW#?\xd5Z~\xa51\x832\xbd|\x19\xda\x8e\xff\x17\r\x96\xa3\xcc+\xf4a\xffN\xd2_\xe5\\\xf8Lzc\xd4\xa0\x1f\x04_\xf1\xc6\fO\xbe?)Q\xc7\\B\xdb\xeaI\xde\xe9m\xf5\xf9\x19\xd3@IK\xe3c\x0ek\x8drZ\xad\xdc\xbb\xfc\xd4\x1f\xdaOW\x87\xb6Fm\x12\xadw(z\\j\xcc0P\xaeC\x9f\xbf\xd5\xf9\xe3\x85~cG\f\x85\xd6\x84ma\xfd\xdayNj\x80\xdd3^\x87,\x14\x8e\xbe$\x05\x8a\xb0 M\xf6$B TCs\xa9\x91dil[\xfc\a\xbfD\xd9\x8d(F\x1e\f\xec\xe9K|h\xf5\xcaUI\x18#\xbed\xa8C\x8a\xbb\fE\xe6\xa3|\xf7\xa8\xbb\xd3\x97l.V/uc\xb5Q\x1eY\xe0\x03\xa1\xc1\xc8\xe2=RK\x7fWV;\xe4\xccTsf\xa7[\xdd\x9cR\xab\xf81s\xbc\x9c\xaaSGH\x9al\xb9%u\v\xb4\x9d\x95\x16\x01\xbbT\x99S\xf8A\xcd\bRC\xf4\xb0\x1a%\xdd+1\x81\x9d6\x90\xe8\xc6\xc1\x1e\xf0~\xaf\x10g&\xd6\x01l::V\xdbJiVW\xab4G\x97\x9cl', 0x100000a3d9) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0) write$auto(r3, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) lseek$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x1) write$auto(r3, 0x0, 0x98c7) openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000900)='/sys/kernel/debug/block/nbd0/hctx0/sched_tags\x00', 0x60100, 0x0) mmap$auto(0x0, 0x400008, 0x7d3, 0x9b72, 0xffffffffffffffff, 0x5cd) madvise$auto(0x0, 0xffffffffffff0001, 0x15) socket(0x10, 0x2, 0x0) 7.707278747s ago: executing program 3 (id=1146): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r1 = socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) setsockopt$auto(0x3, 0x1, 0x2a, 0x0, 0x9) sendmmsg$auto(r1, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1, 0xb}, 0x800009}, 0x5, 0x20000000) recvmmsg$auto(0x3, 0x0, 0xfffe, 0x52, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001cc0)='/dev/input/event1\x00', 0x40000, 0x0) ioctl$auto_EVIOCREVOKE(r2, 0x40044591, 0x0) ioctl$auto(0x3, 0x40081271, 0x38) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_wireguard(&(0x7f0000000080), r3) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'wg0\x00', 0x0}) r6 = socket(0x10, 0x2, 0x0) sendmsg$auto_IPVS_CMD_GET_SERVICE(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)={0x7f0, 0x0, 0x4, 0x70bd26, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_SERVICE={0x10, 0x1, 0x0, 0x1, [@nested={0x4, 0x116}, @typed={0x8, 0x5c, 0x0, 0x0, @fd=r6}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x9}, @IPVS_CMD_ATTR_DEST={0x7c4, 0x2, 0x0, 0x1, [@nested={0x7be, 0xda, 0x0, 0x1, [@typed={0x35, 0x9f, 0x0, 0x0, @binary="4d8b3c4267089464b4aa1bab29ba85b4292fed2f8b900e0101096d00fcf9c595552d54be4ebe3d547ff067f1a26893f5f1"}, @generic="05e969299377c515fba1ec068cf4bc524696ccfa31f0636e86e9ead7a57c5dbae9d25916617bca2061dd5109486efe289114244d0c6b80caaf44760684e204b8876de8a0be5b0e17915bb9319b3c9b0ea637785ac9c473387c78951f2e5681ea6de1c41585d4670ddf860bee32d836b7c722958b98d3c6ca547a8d2a99f065c895a7a693ce1c31ee96b46349a872953f95a123cdd6b248acb46bfdee74435ae6960a7f9110d0ea3cea56807ee682aa3818fef4060a827c6c620eab5f613a328e5b19470fa68d3e826521934812845d14a26c47162bcf977874cd87d5daf11c6ddff26a7c90d36a2d49505279443e865f2beec2a52ff4647a39e8a9095099451761676eeef529b758e77058e60eee85cc1a11b8173bdc6390f34fe4b2d2b6aa970a1f910e17f15b76f23cebd2db9a666baa88a0af389db9d878b62228aabdb38027a0099eb28639daf5bd097fcb651bd20c6285ef1132bcd652c10d1a82e509664187f88d18fb34fece5cd402d2d44de461c8e4e245904bd84a5b84536f98bc99656e175bc70d347c1ae0db88bb8f8a83dc6ad41337219bf9a455fd49d08fa9e1510fd2bc9aa21cc0d2f0a7da678b1131e84cbb17f4bae6a4e1275a923da597227894408b42621463854c2413378da3ac87ee8a3e062eb7b848d75e2f8b7829def9cb40535f8692e425829e9ac0897f2bc69101b37560cf143836552c50503f4935b0da024cff0eb4c078717e8333a12d535fa892b66b83fb53d54fc86f2f35ec87270380abe8c87cacf9b19aec7ea950bd374ecefa9c64c1d9e607a6fd71a4192aa1ab0e56d7cf158926d30423efc5d623475976b104306eef14bde160ce0921bb758c1967d648b8783fc7990e3f3850fd0d81297d7b69bbe8b9337a7e308e36b7bade455e0fb1adb59c65ccc16ec14eae89bb24c748d7e4c191e75f6bbf4712f0c40a926f46382c545d8798866b9e5019ca6a9c810eda98396710d530e9767e13ac6140eb5bc7c62aed158d6b745d5f450e1fd95e082c68de1376bd039d5638542e82595b381c4d6cac2006a120b7be7f1d991705a7334750227013dd1b6f163545231183609cba6bb9b53baffb8957472ab6e485c86c71c26bd8d2b8b5c2fc479a6e4f1ff5eee91ce71d624ccc44d758ce3d2f5043603d4933cf8b8b09eb894227b4dea165c9ad122b5f4ce583d1cf08ed47da02bb5108fe332f239e6906273d91354e9f695d18df47fbcbd0e59a2432748dc7f5ca673b085cf19a4fb9d642708e1c991bd8f25cf7d48c0e14e59b39be576916e317e72a64d8c40f8a75eee9efb7276dab0122cda1ca10b2c48692537475b41bc52c1c8bee6278097e8fd1dfd711578397b50ca9f50d6ae3a97eced747f78fa7d137331221af418526280ec2cd5c69e7e793854749b99b314c8e2132a32841ba7af631c0a26af6f1954b0209ce52d933ba21680638f7fcd89eee4c5862f15d17cb6a047ee1c64cf2e1461d01eb88b5f847992cf1bde67e105f5b624aebd2d9757dd6ad37c07b16a9db75ab3ea399219cb5e32785bfe8cd8f150b35b21b44db2a3f707a02e46858b09d24cc077fe2f093da116f11816fb1b2573f975986e624ecba2365b0ed2f0f6afb05d1214b36f539afbe471335b9f7de18f909937abe5c17357f9acb42ff7b8980b8ffc6da6a65c0edb22d715137dce8fe4f4b1230482ed972db6f11e15fac7080cea74ec9008f1cf20de595cab5fb8649b6e0cfed593bd4ff0170f5622888e91338b48592253cedb683e4e9ae867c03f3e776bc4b8981312fbe7846d8301906f194a011f7aebbb100b222861e29027c5c349b1bd338ee5b4294baa16e49cd2dc2146d5f05c431487293312f6cf653b7673ea562100b61140074020b0533a382adb694b6786d2b34ae9a241ae3e181b8c992342a5b3cb02744e92a78a730fbaaab85216af83e555f8adb2ae5bb99a307ac267b133236c7755b468232ffff426a681a3cdef4f53643e1a90d82980b925c3740dd29f08965457c10fb9147044583e704834cbb2e4e3c69d1e74442e5609040be9dfd7dff2cadf6a24b600c518807b32144687c3fba2ba5805b7b51057788a46697ce43d0f34f59dd2b7d561bf2dac257c884e75a48edf1bc4f4b401ff9505d0af256adf15d68c9ee379cceae7173dcfb3c1f059eae48c172960678e2d0667473f62d32518c1911e9e2dd8d83e81587acca80dd1d3e10e89633800c2e13732d2bbb86104e3eafafd82c77ab90ecb456956b037fa6a553dead7c79e0750172bf7af249a785bb4cc4a065f010cee838deb927a52ae05ac784d9d21703cc9b027d35706a48acef6370a4089a99f7dd845b555621ca8e590cab078b854dc927679be72e0e0f88383f19fb69a2c5ca6427b1cd6bb41a8fe0cdfdaeb46dd2e27e80c212261b29a495bb7914955a8e1cb69e909758dc6ef70110154f53e884d85908eaa3b51e79ec503c9b5733b2bbe95ffd6ec85352f1a881e17e68482682273d3d11b79078422f6e7ea6e99a684549b3730eb92128d648bca0684577b755ce744cdd42bc2ad13210ff7f9e5a9456c3f401aea24c6908a2636e78bd5a63ab34d1b21517c8bc8ec3b208c6e41c7c37ecfd00cc6900ba878144a0d837c13faf60157ed992822286638f53da5ab06f6156324cfb41ab21071fcb937ddea75684b0e0e0e69a6b28584d6778f087562f4b9ee86f3b6c90b2ff03"]}]}]}, 0x7f0}, 0x1, 0x0, 0x0, 0x90}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) recvmmsg$auto(r6, &(0x7f0000000140)={{0x0, 0x4, &(0x7f0000000080)={0x0, 0x803}, 0x5, 0x0, 0x2, 0x8}, 0x800}, 0x10a, 0x8, 0x0) r7 = syz_genetlink_get_family_id$auto_ioam6(&(0x7f00000001c0), r0) sendmsg$auto_IOAM6_CMD_ADD_NAMESPACE(r6, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0xf748983667716322}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x1c, r7, 0x400, 0x70bd29, 0x25dfdbfb, {}, [@IOAM6_ATTR_NS_ID={0x6, 0x1, 0x100}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x2c061) sendmsg$auto_WG_CMD_SET_DEVICE(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1ccd78df9393cbff8eea59f82f74813b5f000000", @ANYRES16=r4, @ANYBLOB="010029bd6000fbdbdd250100000008000100", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x20000811}, 0x810) r8 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_STOP_AP(r8, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000d40)={&(0x7f00000009c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="0400"], 0x14}, 0x1, 0x0, 0x0, 0x4000001}, 0x40) syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000001440), r8) r9 = syz_genetlink_get_family_id$auto_nfc(&(0x7f00000015c0), r8) sendmsg$auto_NFC_CMD_STOP_POLL(r8, &(0x7f0000002680)={0x0, 0x0, &(0x7f0000002640)={&(0x7f0000001600)={0x14, r9, 0x1, 0x70bd28, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x40008d5}, 0x4010) sendmsg$auto_NFC_CMD_STOP_POLL(r0, &(0x7f0000000400)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)={0x58, r9, 0x20, 0x70bd2b, 0x25dfdbff, {}, [@NFC_ATTR_LLC_PARAM_MIUX={0x6, 0x11, 0x1000}, @NFC_ATTR_LLC_PARAM_RW={0x5, 0x10, 0xb}, @NFC_ATTR_SE_APDU={0x34, 0x19, "861dc393d4b2b1731525cebb4db3976f189c29d253ea36ad65936c4486b112292e03410beee252a1b77c030169279057"}]}, 0x58}}, 0x20000101) sendmsg$auto_ETHTOOL_MSG_MODULE_EEPROM_GET(r0, 0x0, 0x4004840) 7.452604261s ago: executing program 3 (id=1148): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000440)='/dev/ptyzf\x00', 0x2200, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) prctl$auto_PR_SET_MM_ARG_END(0x9, 0x9, 0xffffffffffffffff, 0xd, 0x13) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/bus/pci/rescan\x00', 0x20681, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000200)='5', 0x1) sendmsg$auto(0xffffffffffffffff, 0x0, 0xfff) select$auto(0x9, &(0x7f00000000c0)={[0xeeda, 0x7, 0x100000001, 0x9, 0x6, 0x1ff, 0x6, 0x3, 0x4, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8c, 0x9, 0x10001]}, &(0x7f0000000200)={[0x8, 0x4, 0x2, 0xb, 0x1, 0x9, 0x0, 0x7fff, 0xa, 0x193, 0xfffffffffffffff9, 0x3, 0x5e4, 0x101f, 0x1, 0x1]}, 0x0, &(0x7f0000000280)={0x6, 0xc8}) socket$nl_generic(0x10, 0x3, 0x10) select$auto(0x7, 0x0, 0x0, 0x0, 0x0) socket(0xa, 0x5, 0x94) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dri/card0\x00', 0x6c800, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, 0x0, 0x2482, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) close_range$auto(0x0, 0xfffffffffffff001, 0x2) socket(0x11, 0x80003, 0x300) r2 = open(&(0x7f00000000c0)='./cgroup\x00', 0x0, 0xb5d1af1605322df2) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000100), 0x100, 0x0) open_by_handle_at$auto(r2, &(0x7f0000000000)={0x8, 0x2, 'u\x00\x00\x00\x00\x00\x00\x00'}, 0x2) 6.252671034s ago: executing program 3 (id=1149): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) r1 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000080)='/dev/usbmon2\x00', 0x40080, 0x0) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000240), r0) sendmsg$auto_NL80211_CMD_STOP_P2P_DEVICE(r0, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000280)={&(0x7f00000009c0)={0x224c, r2, 0x2, 0x70bd2d, 0x25dfdbfb, {}, [@NL80211_ATTR_MLD_ADDR={0x19, 0x13a, "40a1fc0b1a76c60a3cf257ec90559ccc0327c6db76"}, @NL80211_ATTR_REG_RULES={0x220c, 0x22, 0x0, 0x1, [@nested={0x115f, 0xf7, 0x0, 0x1, [@generic="f08c41eeda6791664b27122967cbdedef8abb7b576e75c84d8ef0001f8a42d6744edc99705a48b3d", @generic="a61107da81f9beaf133d1738f738b6cf45017cf3b8a4b6469bc88e589f1111382a423832e9d4bd8219e7a0804daa08b92b24a4b45a27c095b998eec2e47f85c1cca651071aae51266807afdcc1cc03064faa3d6a54d972918c3257", @generic="0b6d58f4e7bc25b22a897229f912a9c7e3ff62b0e24f7d4b61d6cdd77bd85e207d3464fab52a360cc0d46fe1eb729f607f08ed4cb1b4159baf0f777ec9ee0a11b25e547bdcd2dc26ae55124e84718136087e3407f7610ddc643fd99a3c2bb573778117ccc49437df53a80c69b5d8a3730feab83ccb6b8311f4de304d344230566704f77aaf1cb478227a51ce6c6a44b77b72259877b236f11789a81bed7b1fa05f5d26b796ae27b07605089aa9ebd79114a12ec91491e05d4b58e6d2ea54b2365a60de48269ea9c406629ceca4e74882c077da4f0a84daed7cc846fe52873320c7df8417d4036285cbe0bb36122983b055023e9c03781cad1a38990270a0635f6d4886ebf0e0d904b10efef60f4f49fee552990406d1b2cc6d984b77e457365a8bc6dc6b0cfcfdfe76357398ba8ddaa3992b739894255deaf1511772af9decd50890a13306638923a10dd64790a8dd1d9826c58fa4adab171aef2062ffa384e6bbb43efb41d0d4a0c3dab32aa40a37b411b406e07177f7e6d48c0a2edc388d8c0b913534963966a07b49c85fac54839aa94ef33d30d9f25c049c2560344ea67ced8f5955d391e8524f12790ad46e905f425c69402e5cb864a3cdf299f045b7dab9db7ca4aa517ec6e7177a23b83c56152d56571b5f4e8f3506f43c047e0b326f94e9dea52ee97d85a5323f2d5ad65f2221c9d829443b484f4e62e560c150ac590cfc1446778572db5c2d75b03b68d9192fb34a02dfa8848f4b4dd68c4faf615a361094d137efa6704e8680ebf831023f13b7ea80206724bd9330cd615a9e0c5f6565d1c5a0aed4ae105a59c74f716aefdb583adf9d5a3dfcb52e3f2d11945ae98af01aad4cca60d5a18d191975a86b67e51d65214bbf1c367791b12e02022bb4e875aebc0ba784b8ba446df6a17c980d95f8dde7e9acd415aff2c8924db66536f8fec9cf0f0d00a0b217ebaad1b685affa229650b6e16d4c9128acb63689e107e15a292ed5653c0c0daf37a77293b9c6c5721747102d6372a51764ae66e993be1925d0063713c7b1b057c3a86fc3c2ade2ba81565765db940e4e4e2ca97977bf8047816fd76cecbf5457fd8e4b99e2c1fa3ac628d758e2bd3443006005ed9e33790dfb70a0886d8af1e73a7b74983121d111609f5511dd23389484d2722b51ca1f97cebf8382ecef9e4f66df8bde4f6262a401d53dbd5ceee7aa5cca68b2d0d83861432bc0765fee0ab3254f7d5a92403b23f5207fff96cd6eec04fd71ac02f72dc189711e48bd926bea296cbcdda6c4e05c0e42e26892750ad2b61d948d51a19d372be34b73d07622863a593b2bd4fe5cbe8e6e7dbb251a90d27aea4e569d4064391dd8208b813026455250c06d3ef2bce73a9aa5cc4c109917dd13dfff20c457fba7ae8076cedebc6e771103e9843c0c0d6201e02a70cb4ed5b8f8f7153fb03d3b0f55e740b82aa78759229a39d9ba1bea88afcc90d08f8d46f0edd402749b9c77df7079551ecad5ae67b99c5c03cc8ad0285bbf2fbe737f2eecb886a608c60ab0b68e88d296835578c1dea9d24e7393f7c012faccd23a5284af283038375b5f76ea785aaf99b91b5c5b973241cc008b826423d44406aa3be04075ffdeb5c950d0f42c10256fe554eed8fd2e74eb16ae1841a9d8420551c3384c840ac83d0b29b221aef0b617a2cf639a068efe7d2df9d816c93e886f85a462b44ced95155eef776bda39dd91c6a7a9ecef92b9be835ec95b68973cc1f8c2d8735553ec2226686aa4454229850755070e7f8f780cb6bc35e2905b558b7ed18401c5c768207d3ad6dd720ee0cb22e23a808aaf7cc53ad2d38cc536548d4a53543d8fac7c41ba1444185d15099cdd3fc4ee62818dc9390db4beef9eddc8c4e23a5ccea22f1a1df15bd7606e86e16eca43d65b7b4954ea818c070ef46467a5d2a3a46b582091cfba1567977fe78b26925013fbc212f93296259ec1d03d6dcdfc1cbd6085d075450d87f304ab41cff892755cb40d31ff86dab16f4a3dee48a879d8c14a28803e0aae7dd7c52cc432a4a02a18d7625a2ba0af2b875f6b4da5fe4c2c2d02b95fd6b68f3d04d73f9d767a38cab231a680d65182e497ebd9d0abffb2aca65d9b95b1ec44e73b79b055cf2ce2eb453033f9b0028376ad87add49f8fd90b25a20ce11aaaede8192e042bcbae040bdd3cf19b667c3bc8455a2d34fa5bf55c24cee04cbc2a74efacac51b785b38fa5a5fefdea6ffea24edfbe2a611936f51dd7cd61a2522134b4633f656dbb8532594b5fb8276c272a545cb88bde513044833bcd70bbf9912691e1ef4eac8e0e2c2bc63fa432daacba43c433284f77186d823ee7fe36ae96a976961817ef07427b64d559bc899dff1636e2b3346ab44f267e2ee25b15f70a379140f81cd3719e203bb76a1c77f3d2026f90d292feff84285053480f99b58a1699a4e20f0406c15aa7c46044855f6239f360d81b4548b25b793fb1105b4927217710a81148b5ffed8aa9d4d286ac5f04869113bcb6a693642e6f4ff97005dab4a4259e3dc5776ef37312b4a08a0f138304b158b673b07011b858cbd206fa55f4a7a37e38befaa204e14bb7879ecf1bf3cf5744e912af478c03fbf8ea1f11d768469422e8af696e3e039c67466e580e561745be94f1eb8d0a331f12c8d8a4a7fe08c76b985601346ac40deb4936f5cb65b3571843dbf6e1636abb72bce6eceef1d2a0d93cc42db7dc5be5bf75c76fbb4a686634f5e0b4e97cd8327889d7a78f5aed97513916d97f92fdd9a92caf0079963e9f345c83784442c4a6108aae47aee769060fb91d2591d53b4b155a09cc4cafb55b74207cd102dd18084a31b9ca6de92df70c19eb3dda28b72e4ce210e224d891c14d9659f02ed7aed5d25511905adddb4cbdd8ee5a47bd7d06d1aa2410b4053c0490ebe3c3c49b2076cb1477419e5187dbf0f52deee93bc3eafe4ba8577d398b927c4fe3bead4eaa3fe64d388a14032e490799b83e9233d1332ef29b22944e16cd42f7873e427a63a5a949601846f7704549e960a0f099e77010ae2f55df704362f59f93b1f6918f92ed3706606aba115fa8cfc98f85870869b85d2be48f3dd191ca3b56fb23d4b4294762c8e8a370ada7cba2b165e743c837ea9ff5ffd2e4b7a5222f8b461d02ceca4a642541270a782deee0eb92a56f08044b42655a01f2ac9d2f5f313693141323494b089f76c245ce726428bf4d66b371c5d4ceb9e0a3cce02c76ce3b6458569a8962da1a19b6188ade2108f8106a8f19f24949e393c96daddfbcd873829710c5166b5faf274ea91e1395f1a41e6c5f80ba5073d97a91b15ff7363de049637a74fa5a95cf79f44a33a3c504e3ac38f77f116df9988f9b944205bd404ba3c1a3212c9ef775d73973b40b076ef631b68d18463458749b4ba8c8fcbd99d0b1a9f1b34216a985498613c29bb49a36b6d8dc461a8c0622543a125549ba7f111c88820054d86e034dd5d2f37979a4c53a27701c70b5bad63fbbb66b3bbd8e3e6f1b62db00c2439dfddaab223e7831c0b1e20fb914805af1a6da619071cad6ccf5102b7bc0312f544cd39286daf38ce813eff9d39911bbc4e9de287ac35219123c25982cfb9c7b5e14ce3b1d1a42504dce6132ffc6396353b158554ce7629a4c3ad5109fa3a090f8cbfcd07d67fde26a48bee325201f38ac5eddaa1e3e9067f4823674aab1741be1c3a788be79e37418080091c7570b3cbaa80bb697cafdb633bb5b0ecad422fe54766ae7521af418870921c775cb51afac7a133d04a0eeca3291522d582cbe75f6c5232799be29ab830b7494effeea6e26bfd41990117e7248846017c39453171b25828319ef01f91145eebcb1f2effb025263a314ea00b8e7409ecd1a65d0ce00ceaf0000549b5d7ed7578b73893017230d413da1c2d22a28514075fdf11be1c4acb83a09603b5a5c54fd7ae4d8eb16be911d645dc131efb0bcc719403561f95f359785f41c75b80055045d83ccf19b4d42cb745d4da5896d509c2c7c64ec7a8a5d2a86442dd2f53fbc43da5ce208fb91ea789affdc9833757e5ce12c7129beae6fa4ab1c83664fb45b35a8397e802efc858f87b535471ed8705e9a1b2a31255670c09595b8d2f6c79e4a7400131e06911ee417c70ff3679b1f19e6dde02b00d6fb243151999193e99ff1d3e7a99f98ef8777831fcffb0af5e686e98f4994bae81a0908bd5516621e807ce029318deca6b6b9c589d72f4d9dd2e80fe950ea65d23cc518af1c59f6e99ecdb6144ebd44694c7677fcbeee6c0e28c80acd8a33b560aa2004d8555c08e0012e878f8af83d35febe0d83c4df4d76e5d7fecebd46ef63946411ddd666f629d72de489f6ef38381aec03c1b2abb3271bb8e05d450f8e9928eeeeb3d57e663a505f5640fdbedd2065bfbbf70e039feb50e8be9a8d115c47657cfe74f369814765782f7a3e2ceea88c981f6f6f9c798cd9f361a3d6f9de42cbc0aca1f78595ec39a35e60548d85d7aec60d7df7521f319dafea17a1a416d18eef617fc4f15db059023f07fc18d85fb3a54270e10185151f139c855cc5815b971035fc02441412f5774d409a864e63f3d1a1d3bb0b4a1d798f46b54b2fe262109e0cdf7ef0b657be995ddb3aff96e0e57acab89ee78c883ccb26e2d2c3b4098d730f35266a727883bcb809b8f8597435c4b01657c8a48c4118f11be2a11362b782d8fd85bdf09264a188f1bdb84941c73879fcde8f4d37c7a4474959c4f006e81aec585d0f2a8b7ea62c698e5d339bda658fb085ffa7b77ac55d485cde838ad9a0c81b33695ff4e9cacc9786a3cfee65cad9c0a5e3193e0f7eb864dc378b233f128d3be4279cce9036772e947247210e401dfa4780f3e589651fc34dcf18e302350a3a50ec92dc74770bcc209d36004a28ee3d18f767dc0c3b2fb030bbc747035fc2c6d731b5e04bc74d1a068ac106eb1fc56b44211c85718f937772c0dcbe2489665aa6b1d2e968ee905ad351c1004628651bd3e58bd671a5773e073bd6920417cb644a32d02b7a0fb3d0826ab33b811092df31305f58ff6d4c029d73e1747e3e81062cb9e62509214123a9ce48c91c7d0cb02cd35bc37b748ad9dc238a8607dfe79555d578ec057db895079e2e3d7c6017ab46ca1e52548874b69c43beddbcde3de50d8de0a8e50155e74099138248e7238cfa80e044cbe7998add7507635376a8b0269c0df06cf307af541470a50f42d43fe7984fb7877094bc3d220b6f0ffcf3f378adba4445e0a61d812af07ea2bd2c193eefd8e3c4331198dd7de49c7d489de2a6993fcc543bb56ddc1e6353e022ce326250bd8fd4ad6a2414e4cd8dc697c1bdf1d90e5628d0f0e705f7988b8531065eadc5e26f98530631ffea234fefa7a8290c3096e4d8b0ad7457df9a8a374788ad65d047ef3f16950f9503c54a4cb60d9523464354d04cade688ecd6d4451f113d1277d760b450d68d528b315968295c8ba0e32a195dd950c5d972037000d198867ce15db4b72b608b59bba8bbb08b963e15b843a10f0d922caff6b8f3a16cf494adb21a21c1d71d388954fccb0520e4a94aeb1345e654d9574227b7ce9bcc72863f74d3d495b33c6073451a58c0fc9a324e1124cd5eb3da221970bde6d59fad78f220643509a22903fb05b4c91e6ad860829ee3c1ad91ca983cad6c4a66570842c6bfd84e4a0da092a46842a2666d5eb259fe1f4ec64bdbff965b06dbcde391083de4bf97bc48933db61dda9ac08f6c564b3fa157e7a31f26ce36eb6d78dee5c021730ca21f0761dd2f1e279de9", @generic="df1ab192b78c309b995709b06a122252b640cbb5e463c420a665abfa5eac7ab7eee560404e44abaadf138c7782cd4430712bb99bbfd4175700af050788cc35e2b84d0dd8c46afbe2f50cf629cc436bc86f7511420e5b0f2f9f906a37322373", @nested={0x4, 0x79}, @nested={0x4, 0x118}, @generic="2db57acdadbead8362c85cb860d8524e4943fea18297b8d7a8e1fc6d637856d2697766d84e79c51284ba05d3c84a375f8a699c0f88fdb042f7d3e062e3afa9461ba80e4310bfc00f082fdfd3b0444151bcf4a6150d52e53aac454ba9b6a7bf5a081921a1cb15d7c0d60ab6f82804786365"]}, @typed={0xc, 0xff, 0x0, 0x0, @u64=0x5}, @generic="8b59603f61ded5743efc927207c0b82c6fb09caa854022b0457f66e4d0482bcf132cc496f385d54ac9183ef0302c650a277dd155f9935476aa9403637c1e2af651600710924c6c486f379a3a3d4f107a9bb2003c4cee597991e5bb5743e0d9d88e0eb2cae18ebc42981b7565af574460859926f48c7319904c51382b8642a59d71f4a7bf0c680a3606287d3eae90460adeaaba6d1704b2d9a3ffa65c33234e15be9a3f0f7386e8ff196d1ecbefe6b9a7316c20f48921549714be99da8d1e94eb42bff4a8ca03829e5dcfc511ac8c339648a3b2a845f87eb12f3ac16ecd4f806cfb566f76145a997d2289df87a0b58439c92a1b2e32a7a166601a1d70bae7304d2b4a2ae4d0f7559178aa10fd39c0be58874b32af8a6e7e6719a63f35d8741f6a866ed0ea70d11b2147a08542b2b3da340df8eb5c533b181201e7f2d9b1bf98bb55671f283c9cb37b45e07f71db5b03ea18c56da93099ad4a778e5e3824375c6f59b66493f4d91ff413e8ef6bc155022b8fced967ae4453dde9fdc670c35cd1fc4e6afa6643d11fc37060deafad5487d50e9dae437fe0806137b62d85c67ac529c32bb79232820095ceb0f5cf28768e178433ab821ece95189ea9d856fe125adbf5c54443378c1b1a9ee6dcb323a0efa568e86e83613b3037182b7d84bf30eefcf201048bfa9341c2b0d0bd5927a5f7616968bae8cde7c411e4fad8594cb3393e3f9cf3656591320b036fa31a20fcdf042e8e2dda8d1712fda0bcbad0be48c8ed375afb76f0db2b730e2fb4921a132064b52f2477a9cbda3443e86c9b19728ae5ea0621f0d4b6a02d7ba9836f309e684402798a85b335d8b020f8b2e827f01c8f447805ce88060eec470a0065f9dc63cc20f560e9d3168a64747acdbfb4ed2415585365ccec848f1df527eef69c2866f87920bff3fa9847c95773c35aced74ad83615ae408feb29f099d2f06ad4d6f561dbc36804818bfc917b890739b0024f1c2537fe8d11da112e33140f88ad4273df751cbad0b7501d676cd61163f6c83d619a0fa87aec6c72376095692b14053acda6ac6e1b90ad6ce5c1572df07c76bbb6fca9782d6eb6e6de7f03c6c840065a6bab5f917c87ba2946c99d4a3038b5e722c32336f7dd10b670cc65ce675cf1de1191ea02416e6f8d5aaed09d82e19b801cbb25a639d24348fcbe22700c519eac541006345398761c014898193d5761ec948e2d5d5b7c08c7515a31f5eba8e648a3db76278f3c066e2893863fd9d91847e93bf0e0d0bbee38d105fabc7f738f21310d43b0b80805979104e7019fb635e4bc5f9949fb90ad148caad7e49eb5d2c2639ea3bfdeda3d36a17ef70a14a131464e173f565ddda1800f796af5c98eb22edeeafe9facd264b7fa2cfa84d2e47e3fc14a7082fea1d6148dc84b86bfb77d9e4bff4952275b6ccea9ed8d1a2fa6da2efdf95e3ea09e90433b95b72756670b8d40e9a72b96fc04ce85875759c4db9ae25031efa3c809a2d5c72da6506dd0285b4f0a32a698330e48ce9b49ea8d974beed0129575fdd5b0313d2b6b29c427d9fce985750d732096552df6967cbdc08bddebf1036c9ae5ca812071ebb23a3937651a23bc07eb738e05670e1501b43471d37ffed6ec186a677a7c5747185aecfa7dfd1960678a9b95227bba7296d6f2fd740c372f34846fa933123a8757313e1f79e735e91efc31695e34845dbf0c8ed26206dba37147e5e9297dab7f5c04f105fe664477292a746706f48a462aaab6b3c8863250cb8b316181ad221af121fb4a77b8e209637d96e8a06c018ba555970256d461ad8ae212845c677cddf8ef069b3b0ac16162c02c9a21bec49cf0d758b627b277e7353c710d32029a96df06074e79586cecbf5a19270a429e3f0a46360e89f65eb2ad9205a545a8630575fe93d218947c80b105ab4195f295585ba63ae38ff993fda37b2a0774d430bd5ebcc41af6884a8280f3550e114bbdbc1cebf02059293d5ab4e4fc29fed2ccdc7d5ea61282646900185a87f7c2284df5c9faf56d173922c09939cee492e09e2a7ee7759e5285126c82ccfb8cab7baa54c5af922ab3071493449b05f8bbb9657a4967f2d7753d7c0332ad4e5312bd04ea58361c38ef39572547e518ac390bef47c69d39d7e5d6cae208d491c8f3869523b9a856df07d6522b05f42aab754a43e62a5b275965f477218c651f4825db5e87f29a204ce9524a17bf4061acaa9a29ba667f8a879512b0179407a128075efd1f69c4854610c3c8efea61312eb5d28d24ffc1c4d45a8840b1d909ffd34f33357e341bd9c2cf11f3bb214f95ee7c2aaabcafc2b1c72379a1be93a07ff88dfc2c89813a56a76b2878ed4b8a952ad63ff20d2aed134b70635ce4f2e7f344f79a1cb76a14aa94e294fadffeed0ab935ed9377b9f1d3f2569cae2f33bad0231188771ae83f72528a43887e0668977dac1c675d8efee6f844d6c41b7fb7290b5fc9cf672f7dd8c6567414681c9d15c9d06a041d4445319a350899beafe37b3b27f37d851eb89baee31d05fe67777dc4da2e0dec54f8c7cfc63cc07028375e89dffaa703f2b82d8a5f4197e868714e49c6d15abb8be39f1fb32eca744133a867a134e153641d32520dc7627ca3c66823d62a78ee40640efcfff2cd2c6c804ad29ab65e327996c41ba9bb36ca93ec8e5c3acb112e6e3bb615cd9073557b4ee9b7ad41c79a940779d97a9b61d6fb04adb2fa27930c8f8988d0ffd814384865b19f6c747efc5460fb9d42cf160977f78d39ec5b9f91b6fde6c2295f15abe5a92f9faccb46ef1df4d563ebe99952ab5ec245f84146d6d6ac5969dbd4c609715b77a8c869d883497e1f3f21823078007be028de2ca54cc6d58f5b2ac0752cc3a395d7f11d5fce173ab249d358c833f87ec80d1cc51dfc6c9357ed33f68988cb620328408582d29be7227bd7dad0050c2d2f19424575f06ae490a3c7dc45ca96b7c46106cbbbb2f2a81c8e580a5311595adfe173907ca8f19df41728d8a96b50348e5ca96b4d3297964416d3511dd320972cbf1cde9c888ea1f02a0f20dcc22fb335b437995303c88e88a06718a83396dcfb9351d6fb2d1a1e8e0eec2ab2f6dd9c2db510f846fcd015d09894c7c7fe997a936672fa987dbe193555268280ef1276cbdd6c22dad4ac8fc0b6d41c1b37fa7b98acca5688f5b2cfbcf9dc8ca82df22a564f4125cbc7102d53c59154c2119307864de7bb7702705dca8fa37e66235ff3bfd8c3fae30f61706972ef24a0731ace5dcbc5859419c0eb2c09e58288fceec8a2da9593e0053bdfe6e131bc7490f062dfb045a7e311d182e067519bf64fbd36398fe311ada46e43aae617dc456168ab8095cb0be800f824425297f2c903f5d49607d4f1169a608c4cd8352dd611e2cdf8688ab757a22a5e650a5293c2460a7e200bb9c4e18f40bb2b506ba70945347efdfc859154dee767ad3bcf318cea663e449dc833295f4a4c719cd64fa755bc46bf03df89e78761df11cf8b61f3337fe34c2e1cd02c12148334de105c4d14dca1d205a97d50480f63a48d4748729686e43245ed91f11cfd2ba836953e62a332a0dc5176d5325b5198fd539da68c0b7744a6f3c166b8cc636cfb0c5eb987dd1bec2cac33628b990d473392d205d0851d4a6e09960b74b20d954f18f37fd4335ab00e9a1cdc6ab6b29548c1b6f7c5e6ec670ba8191e2b2d8ff0c102e98213f6ca9d5e17bb885d7379fd9ed5a78c090905fd8372b22ad9003aab6d16aa6026c282bde2b2cdf2ed832db87a7fcebeb6a273e6f639ee0c8af38a4dd93de52298ce73399862512eb54c74d15ef32cb1729ffdf9df03c74044478704f606462243e645451fb72e44db1bfd3f64997480baf78a4aa2696e2dbc7e1da5f5e421a93514cbaba3690cb958bbb404ad43ffed1f7dc71155099efc8118d797030ca5ef7b08738178841be9bf0b3a8c3a9561483440405f56ed49bdd203702131921a65a425850aab19ed5ae476e598c1218fdfa99a54e6c999ce0d363829cdfe08afed3cca01b5f6385f1e012781ca8e2ba49cadc75eb1ff50c0e7a37ae4065bda15780958ed72b4f36391209c8a5a80658050a673ea8a7621119f98bee4e2708efa470023d762c848f847439aec67b55398325d148b24987746adf829621399ab3b434fa60453963be1d21d5b756ab42bd8db725504adc87b74fed2238f1fb876cf7212da4b7e8eaa0faf413c6bc9568df8102639bbdb4df4a844df3ca8491899c74b919dc583b32d20c6cfe7dd83b04878e3ef3f93ebb75c2ded489976df5419eb083353fcc40dda9af3da688084d3d23e32dae146b71e41b845490a57ab2811e4089ef08600633676304433e281f1bcf40e992409d139c8e91a6cf8f91977d27ddcf3853b26ec72161f55469bce5b45502183c3af33fbe4ca503afe532a00246a0740df673b027625f242f513e259f980a183809d946676591c5d84088667df1e082dc1601637a9849d39a60618754294cbcd1e6d456c5f546dfa51303b7fa9d26d66b8c499bfb454b064abbfabd54fa301293b0e0ffbb0590dffad4c376c9eaeecd23df363c48404d2724c212ef55f03d87b17d8cef041d5e9b07ce8d9e001ee1ed2a9f79d8d1ae796c70cf422c8e6587ded0584bcbca23aabba5934b7c0956b10b262792b4e088be339bd6ad5d281ca5da8304cdbc8d51bde3b626d768b1af582191f27666e4c8594604649bc459d919f00283b296ad26332ae61d9d8661265292264cfac3a458142d520fca75d77bf9c59bb9790308b6f97382cde9fda0135cc29f64427b817cd895b758b8ec0616c9e48803fbd284c33f8f5b2174574735e25c7088b48ad53d03e92421dcaa7f6bec8a382a829af06b7bbd6627405202430d196ced3647ecb7d56947c1bbf6724457f34c469c4e97f9bf72b48b11a86ebc8ac5917aec3035f417aaa8a08cc9cedee545fbcc76985d6239d90572f92bdf0a704fb527aa017e98818839de39d2c78334b335dcd8f15d3c8dfc02a208ece042aa724f2581bf79e74580730c4e8e29971dd66b60f42a6c2075e06c9dc224ba1f3dc38f3aeda86d7855c1ba62bc304842a1cbbd4fa745b179165d0088f61550de9233dc6abee568a99321a8ce58921def65468b54f87096832cadc4b0051c04880f3ef557fa56bcb7e4a00b8b1b27118330fae70ae6368705c1693b321b39fa56a0a8fce81a2f39f7c772bd83408016882f74ad1dac410976e3d368c5b959c24d3b24edfa9949cc6250d027230d04a7146b3944502cf48481cb855e7a71ce3d12c855f9cff6c3a0f72dded3f2b0a13068d4b2df7ab15395c7c9effb2106facbbf51c16bfd3ff1309745d439770a4d451bb75226998e6006b56826ab3d86346fee59904f8f78d4369842d8a7fd5f6de720554e3320154cb51ab7405536731869185441a5a1ad4c6aa947aaa28f7d1824f7a6ef410c29f1b5cc135d8037f0bc4f2a3fdc5b272888f42ad5872c52b5848ae8ad629c18268919136548c4e43a51e8defa8b7e1e19d90944b6c874621d3d28aa628233c31487a86aab9ac6e2e3dcc679b4c2fd5d71cb0ee04bd5cdd6f675131446b32caf8eb7557d22bd904b19a1a6792a45b1a7d150992da435d3334b90c5cc12d6de56fd91f0c5e5d39e0110bd1803e70aad86cbbe615d2782ee075677e4f6f74069e5a28b96e07689004849f7e722c5454b9405968099a0ee11c7db8666b83989ebee98305cac54abfb89c90c905225144f6cd17b27ec1eafe867340878c7e1a5e6ebce00dde61b0763b9a5be1a61e5f", @typed={0x8, 0x140, 0x0, 0x0, @ipv4=@broadcast}, @nested={0x80, 0xd5, 0x0, 0x1, [@typed={0x7a, 0x105, 0x0, 0x0, @binary="c06fb1d988a47445d3bca1ab84f83ed65b9341875c58216d829253fa5d7356afc982dc7a0605e93d845037263f906a555fc723876097f2523564696d75c567de1cd217b820ffe2c660d73133c1f78356212a4a32334153d5c6ec3fc5743a558131deb94f760e8aecb7bf8ed37910bcfa5aaaa1867e3c"}]}, @typed={0x14, 0xef, 0x0, 0x0, @ipv6=@local}]}, @NL80211_ATTR_DFS_REGION={0x5}, @NL80211_ATTR_MLO_RECONF_REM_LINKS={0x6, 0x14f, 0x4c}]}, 0x224c}, 0x1, 0x0, 0x0, 0x4000005}, 0x4000000) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) set_mempolicy$auto(0x6, &(0x7f0000000000)=0x7e, 0x4) bpf$auto(0x5, &(0x7f0000000000)=@iter_create={0x1a, 0x4}, 0x7) r3 = openat$auto_drm_edid_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/dri/vkms/Virtual-1/edid_override\x00', 0x2082, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0xb, 0x1, 0x44f, 0x7, 0x5, 0x1007181, 0x8a0d, 0x7, 0x7, 0x7ff, 0x89, 0x26, 0x4, 0x200004000001, 0x384, 0xfffffffffffffffa, 0x0, 0x0, 0x30, 0x0, 0x864, 0xb, 0x22000, 0x200, 0x0, 0x84, 0x0, 0x0, 0x7fff, 0x0, 0x0, [0x0, 0x100000000, 0x0, 0x0, 0x2]}, 0xb, 0xd) r4 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000000), 0x9541, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r4, 0xfffffff7effffd08, &(0x7f00000001c0)) write$auto_drm_edid_fops_drm_debugfs(r3, &(0x7f0000000380)="b7a53caf1b305860206af11a0ec35e7e5c46caffe279de8e9945d6e37dfaf9058103dbe387321e23d5cf1c8594d316e7ab584244b3adeed4e17e92c29d2df967f9c1ce0bd79ec3d67c9f0aff55674e238d4b83e2372ae3a03950aaa641f736e6f9065e5b9af9e2de49f8a01693aa280f0000000000000042c6720cff2f6f9bf902b74f94e7187a6f348ce9cfc5ac64a8977e242b9ca63c58d603fea4fad558f09b060c0ea075f9e9bda2b835957f69bf6c0d62d698634aa013bdd4b8db86be62388110e03558411efd9796be867e603eff001fadaffc761c3fa220cbbfbf9e94d03a0fe782881888a7b237632954062b9ebd27fd3f82dac5008e4cf2fe2ff4ef", 0x4e00) r5 = openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcsa1\x00', 0x101041, 0x0) writev$auto(r5, &(0x7f00000000c0)={&(0x7f0000000080), 0x8}, 0x94) r6 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000040), 0x2001, 0x0) r7 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x1, 0x0) write$auto(r7, &(0x7f0000000140)='/dev/audio1\x00', 0x100100a3d8) close_range$auto(0x2, 0x8, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) set_mempolicy$auto(0x4006, &(0x7f0000000000)=0xa, 0x7) kexec_load$auto(0x5, 0x2, &(0x7f0000000040)={@kbuf=0x0, 0x2aa7, 0x6c0000c000, 0xc000}, 0x4) ioctl$auto(r6, 0x8924, r6) openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcsa\x00', 0x2a801, 0x0) openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000000), 0x8880, 0x0) getsockopt$auto(r1, 0x1, 0x5, &(0x7f0000000180)='(\'\xc0(\x00', &(0x7f00000001c0)=0xb) socket(0xa, 0x802, 0x3a) 6.162332661s ago: executing program 1 (id=1151): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nbd9\x00', 0x14bf00, 0x0) mmap$auto(0x10000000000, 0x810004, 0xffb, 0x100000011e, 0x3, 0x5) (async) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x3, 0x2e) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000002500), 0xffffffffffffffff) sendmsg$auto_OVS_FLOW_CMD_SET(r1, &(0x7f00000025c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="f11fc68105070000a19d9bd4c630683f", @ANYRES16=r2, @ANYBLOB="010628bd7000fedbcf25040000001e00018015000900ef6735f5058af96b26651160dfbb140872000000"], 0x30}, 0x1, 0x0, 0x0, 0x4}, 0x0) (async) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) setrlimit$auto(0x1000000007, 0x0) r3 = socket(0x6, 0x5, 0x0) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) (async, rerun: 32) r5 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000500), r3) (rerun: 32) sendmsg$auto_L2TP_CMD_SESSION_CREATE(r3, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="ce38795f", @ANYRES16=r5, @ANYBLOB="100027bd7000fedbdf25050000000c001600f8ffffffffffffff080009000500000008000900030000000500120000000000050015000500000014001f00fe8000000000000000000000000000390c001600020000000000000005000d00d9000000"], 0x68}, 0x1, 0x0, 0x0, 0x20000015}, 0x4000000) (async) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) write$auto(r4, &(0x7f0000000340)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccW\x1c\x94t\x98\xc6\xd7\x9dh\xdf\x91\xd9\x1ew\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5,\xcc\xfa`\xfa\x90\xf0C\xdc\xbebBW\x8a\x95\xf4\x14\xc7\x90V\xe7a\xfb*\xcc6\xba\x9ef\x19R\xff\xd2\xd8\x98\xa8\x17\xcb\x84\xe8\xfb\x00`\xc2\xce~U\xca\\\xc1\xb7\xf1\n\xb9\xbfk\x1e\xdb\xed\x81{\x1f\x18j\x16\rk\x0eO\xe3\xa78&Z\x9e\xbf\x84\xd6\x1f\xe8\x88\x1f\xbc\x1eT\xa6{9hb\xbc\x1a\\\xb3\x846&\x1a\xbb\x9c:e\x9c\x18\x11\xf0\x8eQ\xd8\x8a3^?\x13\x00\xcbx\xb2\x18e\x95$\x9d\x804', 0x100000a3d9) (async) r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0) mmap$auto(0x0, 0xfffffffffffffff9, 0xdf, 0x9b72, r6, 0xc00000001) (async) close_range$auto(0x2, 0x8, 0x0) (async) mmap$auto(0x0, 0x400108, 0xdf, 0x9b72, 0x2, 0x8000) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/pci0000:00/0000:00:01.1/ata2/host1/target1:0:0/1:0:0:0/inquiry\x00', 0xa0b02, 0x0) (async, rerun: 64) read$auto(0xffffffffffffffff, 0x0, 0xb4d3) (async, rerun: 64) write$auto(0x3, 0x0, 0x73) mmap$auto(0x8000004, 0xe, 0xd9, 0x9b72, 0x5, 0x0) mmap$auto(0x0, 0x7, 0xdf, 0x10, 0x2, 0x8000) (async) mmap$auto(0x0, 0x20009, 0x10001, 0xeb1, 0x401, 0x6) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) r7 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/034/001\x00', 0x1a901, 0x0) ioctl$auto_USBDEVFS_SUBMITURB32(r7, 0x802c550a, &(0x7f0000000300)=ANY=[@ANYBLOB="020000060000e6ff040000000100400008"]) 6.043871611s ago: executing program 2 (id=1152): r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x6ab82, 0x0) ioctl$auto(0x3, 0xae41, r0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xe0180, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) getresgid$auto(0x0, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r2 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x128009, 0xdf, 0xeb1, 0x401, 0x8000) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/rose1/netdev_group\x00', 0x80000, 0x0) read$auto(r3, 0x0, 0x20) close_range$auto(0x2, 0x8, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vbi21\x00', 0x149800, 0x0) openat$auto_buffer_subbuf_size_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/tracing/buffer_subbuf_size_kb\x00', 0x2, 0x0) write$auto(0x3, 0x0, 0xfdef) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000) getresgid$auto(&(0x7f0000000100)=0xc7, &(0x7f0000000140)=0x9, &(0x7f00000001c0)=0x7) landlock_add_rule$auto_LANDLOCK_RULE_NET_PORT(r2, 0x2, 0x0, 0x7fff) write$auto(0x3, 0x0, 0xfdef) fchdir$auto(0xffffffffffffffff) inotify_rm_watch$auto(r1, 0x3c0000) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.net/syz1\x00', 0x200002, 0x0) 5.719283528s ago: executing program 2 (id=1153): openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000400)='/proc/tty/driver/serial\x00', 0x43102, 0x0) r0 = prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r2 = syz_clone(0x20a08200, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r2, 0x4, 0x8000040006) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_STRSET_GET(r3, &(0x7f0000003400)={0x0, 0x0, &(0x7f00000033c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16, @ANYBLOB], 0x20}}, 0x20000000) ptrace$auto(0xf, r2, 0xfffffffffffffffe, 0x8000000000000000) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r4 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000004400)='/dev/dsp1\x00', 0x1, 0x0) ioctl$auto_SNDCTL_DSP_GETTRIGGER(r4, 0x80045010, 0x0) setsockopt$auto(r0, 0x3, 0x6, &(0x7f0000000040)='/dev/dsp1\x00', 0x44) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x1cb842, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_OVS_FLOW_CMD_GET(0xffffffffffffffff, 0x0, 0x20000000) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/block/nbd6/queue/iosched/writes_starved\x00', 0xa001, 0x0) write$auto(r5, &(0x7f0000000100)='%\x00', 0x38f) close_range$auto(0x2, 0xa, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0) r6 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) read$auto(r6, 0x0, 0xb4d3) setresgid$auto(0xa05, 0x0, 0x0) write$auto(0x3, 0x0, 0xffd8) ioprio_set$auto(0x3, 0x0, 0x4b34) msgget$auto(0x6, 0xfffffffe) 5.055764642s ago: executing program 1 (id=1154): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400005, 0x1, 0x9b72, 0x2, 0x8000) read$auto_fake_panic_fops_(0xffffffffffffffff, 0x0, 0x0) r0 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC1D0c\x00', 0x9003, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_HW_REFINE2(r0, 0xc2604110, &(0x7f0000000040)={0x6, [{[0x2, 0xf5e, 0xf, 0xd, 0x7f, 0x8, 0x4, 0x663d349e]}, {[0x2, 0xa6, 0x5c915993, 0xfffffffd, 0x6, 0xe, 0x80000001, 0x3]}, {[0x2, 0xe, 0x2, 0x579c8feb, 0x9, 0x6, 0x7, 0xa53]}], [{[0x75d, 0x9, 0x6, 0x17f29ee4, 0x400, 0x7, 0xc, 0x44]}, {[0x1, 0xeade, 0x1, 0x3, 0xf0, 0x5, 0x101, 0x1]}, {[0x7e61, 0x6, 0x7, 0x0, 0x5, 0x5, 0x100, 0x9]}, {[0x4, 0x5, 0x1, 0xfffffff7, 0x5, 0x0, 0xfffffffb, 0x1]}, {[0x3, 0x1000, 0x8, 0x8, 0x2, 0xe8c, 0xf, 0xd403]}], [{0xfffffffa, 0x4, 0x0, 0x0, 0x1, 0x1}, {0x7b, 0x6, 0x1, 0x0, 0x0, 0x1}, {0x3, 0x1, 0x1, 0x0, 0x0, 0x1}, {0x61, 0x1, 0x0, 0x0, 0x0, 0x1}, {0x5, 0x49c5fc8b, 0x0, 0x0, 0x0, 0x1}, {0x7ff, 0x7, 0x0, 0x1, 0x1, 0x1}, {0x6, 0x9, 0x0, 0x1, 0x1}, {0x9, 0x6, 0x0, 0x1}, {0x7fd, 0x7, 0x0, 0x1, 0x0, 0x1}, {0x7, 0xfffffffd, 0x1, 0x1, 0x1}, {0x8, 0x4, 0x0, 0x0, 0x1, 0x1}, {0x3, 0x5, 0x1, 0x1, 0x0, 0x1}], [{0xbe, 0xd2, 0x0, 0x1, 0x0, 0x1}, {0xc2, 0x7fffffff, 0x1, 0x1, 0x1}, {0xbc, 0xbb5e, 0x1, 0x0, 0x0, 0x1}, {0x8, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x102, 0x12e800, 0x1, 0x1, 0x1, 0x1}, {0x2, 0xf, 0x0, 0x1, 0x1}, {0xffff, 0x8, 0x0, 0x0, 0x0, 0x1}, {0x9, 0x3, 0x1, 0x1, 0x0, 0x1}, {0x80000000, 0x6, 0x0, 0x1}], 0x100, 0x2, 0x4, 0x9, 0x5, 0x1, 0x8, "938f570ba48ab1df6ea169301a0f4b75", "16fef137d6f6aa1d93e7fd319170d04be4063eb16bddc7a41e5782dfff02104539c9b5e571a002e14933724526d0c013"}) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/dri/card2\x00', 0x200100, 0x0) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x80002, 0x0) write$auto_ocfs2_control_fops_stack_user(r1, &(0x7f0000003900)='\t', 0x1) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/module/sunrpc/parameters/pool_mode\x00', 0x80302, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x5, 0x0) socket(0xa, 0x801, 0x84) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3) msgctl$auto_IPC_INFO(0x100, 0x3, &(0x7f00000012c0)={{0x632, 0xffffffffffffffff, 0xee00, 0x1, 0x5, 0x1, 0x80}, 0x0, 0x0, 0x1b, 0x7, 0x5, 0x7, 0x1, 0xdd34, 0x7, 0x8, @raw=0xffff}) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x40000, 0x0) write$auto(0xffffffffffffffff, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000040)=""/44, 0x2c) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_ioam6(&(0x7f0000001c00), r4) sendmsg$auto_IOAM6_CMD_ADD_NAMESPACE(r4, &(0x7f0000001d00)={0x0, 0x0, &(0x7f0000001cc0)={&(0x7f0000000000)={0x1c, r5, 0xa2d601c1e7b11e31, 0x70bd27, 0x25dfdbfd, {}, [@IOAM6_ATTR_NS_ID={0x6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x0) 3.886223417s ago: executing program 0 (id=1156): close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/schedstat\x00', 0x80000, 0x0) r1 = ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x2, 0x801, 0x106) socket$nl_generic(0x10, 0x3, 0x10) io_uring_setup$auto(0x6, 0x0) r2 = socket(0x10, 0x80002, 0x0) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x6, 0x0) timerfd_create$auto(0x0, 0x0) timerfd_settime$auto(r2, 0x3, 0x0, 0x0) adjtimex$auto(&(0x7f0000000000)={0x1ff, 0x0, 0xff, 0x6, 0x8, 0x0, 0x10, 0x0, 0x2, 0xbf, 0x1f6a, {0x0, 0x3}, 0x9, 0x1, 0x2, 0x6, 0x0, 0x8, 0x545, 0x1, 0x0, 0x8}) read$auto(0x3, 0x0, 0x80) ioctl$auto_KVM_GET_MSRS(r1, 0xc008ae88, &(0x7f0000000080)={0x2, 0x0, [{0x400000b4, 0x0, 0x9}]}) 3.84123178s ago: executing program 1 (id=1157): openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000400)='/proc/tty/driver/serial\x00', 0x43102, 0x0) r0 = prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r2 = syz_clone(0x20a08200, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r2, 0x4, 0x8000040006) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_STRSET_GET(r3, &(0x7f0000003400)={0x0, 0x0, &(0x7f00000033c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16, @ANYBLOB], 0x20}}, 0x20000000) ptrace$auto(0xf, r2, 0xfffffffffffffffe, 0x8000000000000000) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r4 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000004400)='/dev/dsp1\x00', 0x1, 0x0) ioctl$auto_SNDCTL_DSP_GETTRIGGER(r4, 0x80045010, 0x0) setsockopt$auto(r0, 0x3, 0x6, &(0x7f0000000040)='/dev/dsp1\x00', 0x44) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x1cb842, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_OVS_FLOW_CMD_GET(0xffffffffffffffff, 0x0, 0x20000000) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/block/nbd6/queue/iosched/writes_starved\x00', 0xa001, 0x0) write$auto(r5, &(0x7f0000000100)='%\x00', 0x38f) close_range$auto(0x2, 0xa, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0) r6 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) read$auto(r6, 0x0, 0xb4d3) setresgid$auto(0xa05, 0x0, 0x0) write$auto(0x3, 0x0, 0xffd8) ioprio_set$auto(0x3, 0x0, 0x4b34) msgget$auto(0x6, 0xfffffffe) 3.740734051s ago: executing program 3 (id=1158): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) socket(0x11, 0x80003, 0x300) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) r1 = syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) sendmsg$auto_BATADV_CMD_SET_MESH(r0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x4c, r1, 0x2, 0x70bd29, 0x25dfdbfb, {}, [@BATADV_ATTR_THROUGHPUT={0x8, 0x1a, 0x7}, @BATADV_ATTR_MESH_ADDRESS={0xa, 0x5, @remote}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0xfffffffa}, @BATADV_ATTR_TQ={0x5, 0x19, 0x4}, @BATADV_ATTR_MESH_IFNAME={0x14, 0x4, 'team0\x00'}]}, 0x4c}, 0x1, 0x0, 0x0, 0x880}, 0x40800) epoll_create$auto(0x4) mq_open$auto(&(0x7f0000000000)='nlctrl\x00', 0x80, 0x8001, &(0x7f0000000040)={0x4, 0x1, 0x4c3, 0x28}) mmap$auto(0x0, 0x40006, 0xe2, 0x20009b72, 0x7, 0x28000) openat$auto_msr_fops_msr(0xffffffffffffff9c, 0x0, 0x121980, 0x0) setsockopt$auto_SO_OOBINLINE(0xffffffffffffffff, 0x3, 0xa, &(0x7f0000000080)='nlctrl\x00', 0x2) socketpair$auto(0x1e, 0x9, 0x8000000000000000, 0x0) close_range$auto(0x2, 0xa, 0x0) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0) ioctl$auto(r2, 0xc0184d08, r2) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x3f) madvise$auto(0x3000, 0xffffffffffff0001, 0x15) 3.697698358s ago: executing program 2 (id=1159): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) setresuid$auto(0xffffffffffffffff, 0x8, 0x8000) setfsuid$auto(0x0) r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x60102, 0x0) ioctl$auto(r0, 0x560f, 0xffffffffffffffff) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) r2 = socketcall$auto(0x8000, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r2) ioctl$auto_KVM_CREATE_VM(r1, 0xae80, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000100)='\x00\x00\x00\x00\x00\x00\x00x \xec(\x1d\x98\xe9\xc4\xe8\xfc@6=\xab\xf4\x89\x01\x93\xdc\x19\xffv\'\xa1\xd5\x14\x06S\xae\xadB}\xdf]\x99\xc9\x9f4\xbb\xc5\x81\x9d\x8ak\xdeB\xcbd\xd3\x05\xe4P\x84\xcb\xb8#\x13\nYU\'\x95R\xc8\x9d\xb7*\xe0.\xd2\xdf\x1b\x88D\x8c{k\xcec\xe1\xa2j\xec\xc9\xd2\x98\x94I\x102h\x06\x8c\xa2\xc8\x8a7\xb7t', 0x7ef) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82040, 0x0) syz_genetlink_get_family_id$auto_psample(&(0x7f0000000040), r2) socket(0xa, 0x1, 0x100) ioperm$auto(0x7, 0x5ad2, 0xc) r4 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) pread64$auto(r4, 0x0, 0x7ff, 0x400) socket(0x2, 0x1, 0x0) r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r5, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0xa, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x20000003, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x1, 0xdf, 0x9b72, 0x2, 0x8000) 3.581547926s ago: executing program 0 (id=1160): mmap$auto(0x0, 0x9e, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0xb, 0x0) mmap$auto(0x0, 0x2, 0xffffffffffffffff, 0x40eb1, 0x602, 0x300000000000) (async) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/008/001\x00', 0xa901, 0x0) (async) r0 = socket(0x10, 0x2, 0x0) setsockopt$auto(r0, 0x104000000000010e, 0x40, 0x0, 0x16) (async, rerun: 32) io_uring_setup$auto(0x6, 0x0) (async, rerun: 32) r1 = socket(0xa, 0x801, 0x84) getsockopt$auto(r1, 0x84, 0x71, 0x0, 0x0) (async, rerun: 64) close_range$auto(0x2, 0xffffffffffffffff, 0x0) (rerun: 64) open(0x0, 0x22240, 0x55) (async) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) (async, rerun: 32) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) (rerun: 32) ioctl$auto(0x3, 0x40106f52, r2) (async) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_CGROUPSTATS_CMD_GET(r3, 0x0, 0x20000004) (async) mmap$auto(0xfffffffffffffffe, 0x2020009, 0x8000000000000003, 0x80000010, 0xffffffffffffffff, 0x8000) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x5, 0x20000000) (async, rerun: 32) rseq$auto(0x0, 0x8000, 0x0, 0x6) (rerun: 32) futex_wait$auto(0x0, 0x0, 0x7f, 0x2, 0x0, 0x1) (async) futex_wake$auto(0x0, 0x7, 0xfffffffb, 0x2) (async) semget$auto(0x0, 0x13c, 0x1ff) r4 = socket(0x2, 0x5, 0x0) (async, rerun: 64) close_range$auto(0x2, 0x8, 0x0) (async, rerun: 64) socket(0x2, 0x80002, 0x73) (async) socket(0x2, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) (async, rerun: 64) sendmmsg$auto(r4, &(0x7f0000000100)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) (rerun: 64) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f0000000000)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x1}, 0x2, 0x0) 3.127754401s ago: executing program 0 (id=1161): msync$auto(0x110e230000, 0x200001, 0x6) 2.912765929s ago: executing program 0 (id=1162): r0 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={0x80040, 0x40, 0xe}, 0x18) fremovexattr$auto(r0, &(0x7f0000000240)='system.posix_acl_accessR\xa2\xbb\xe7wu\xb3\xd3\xcc\x05\xf7\xc2\xce\x1f\xaa\xe5@\xe8\x8b\x01Q\x93\xd6F\xc9\xff\xfe\xc8\xd6t8\xd6\xdd\xb8\xcaN\xb7\xfc-\xb8\rl\x86\x06zy\x11\xfay\x17Ou\x06\x87\xc48\'\x0f\v>^\x9c?\xce;\x1bk\xf0sd\'\xab\x05@\n\x10\x06lM\xa2d\"\xb6\xc5\x82\x98\x97RG\xd2\xadX\xfe\x8f\xf7v\xdf\xbe\x8a~\x1c{\x85\x80\x13s\xfa@\xb6\x1a\xbe\xcfhp\xde\xfe\xf4Ja\x05qz\x1bP\x80\xd4\xadvk)K\n%\x03\xa6\x9c)\xad\x0e~\xedI\xb3\xa0\xdd\x92\x80\x1a\x92a\xbc\xf3=\'1\x04\xb1bj\x8f\xe5\xd1\xf4luy') 2.638021889s ago: executing program 3 (id=1163): socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb5, 0x401, 0x300000000000) prctl$auto(0x16, 0x2, 0x2, 0x4000000d, 0x100) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram6\x00', 0x4040, 0x0) preadv2$auto(0x3, 0x0, 0x5, 0xffffffffffffffff, 0x7, 0x2e) write$auto_tty_fops_tty_io(r0, &(0x7f0000000280)="352c8efa618c0bcf83a4ebdb278754e15f", 0x11) mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xfffffffffffffffe, 0x8000) ustat$auto(0x801, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x40003e, 0x5, 0x0, 0x1, 0x8) writev$auto(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x40}, 0x8) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) madvise$auto(0xf2ffffffffffffff, 0x2003f0, 0x15) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0xff1, 0x8000) io_uring_setup$auto(0x1, 0x0) bpf$auto(0x5, 0x0, 0x102) getpid() openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) socket$nl_generic(0x10, 0x3, 0x10) 2.598862615s ago: executing program 0 (id=1164): openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000400)='/proc/tty/driver/serial\x00', 0x43102, 0x0) r0 = prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r2 = syz_clone(0x20a08200, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r2, 0x4, 0x8000040006) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_STRSET_GET(r3, &(0x7f0000003400)={0x0, 0x0, &(0x7f00000033c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16, @ANYBLOB], 0x20}}, 0x20000000) ptrace$auto(0xf, r2, 0xfffffffffffffffe, 0x8000000000000000) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r4 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000004400)='/dev/dsp1\x00', 0x1, 0x0) ioctl$auto_SNDCTL_DSP_GETTRIGGER(r4, 0x80045010, 0x0) setsockopt$auto(r0, 0x3, 0x6, &(0x7f0000000040)='/dev/dsp1\x00', 0x44) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x1cb842, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_OVS_FLOW_CMD_GET(0xffffffffffffffff, 0x0, 0x20000000) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/block/nbd6/queue/iosched/writes_starved\x00', 0xa001, 0x0) write$auto(r5, &(0x7f0000000100)='%\x00', 0x38f) close_range$auto(0x2, 0xa, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0) r6 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) read$auto(r6, 0x0, 0xb4d3) setresgid$auto(0xa05, 0x0, 0x0) write$auto(0x3, 0x0, 0xffd8) ioprio_set$auto(0x3, 0x0, 0x4b34) msgget$auto(0x6, 0xfffffffe) 2.267133725s ago: executing program 2 (id=1165): openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000400)='/proc/tty/driver/serial\x00', 0x43102, 0x0) r0 = prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r2 = syz_clone(0x20a08200, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r2, 0x4, 0x8000040006) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_STRSET_GET(r3, &(0x7f0000003400)={0x0, 0x0, &(0x7f00000033c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16, @ANYBLOB="01032abd7000fdccdf250100000009000280646bc0214d000000"], 0x20}}, 0x20000000) ptrace$auto(0xf, r2, 0xfffffffffffffffe, 0x8000000000000000) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r4 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000004400)='/dev/dsp1\x00', 0x1, 0x0) ioctl$auto_SNDCTL_DSP_GETTRIGGER(r4, 0x80045010, 0x0) setsockopt$auto(r0, 0x3, 0x6, &(0x7f0000000040)='/dev/dsp1\x00', 0x44) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x1cb842, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_OVS_FLOW_CMD_GET(0xffffffffffffffff, 0x0, 0x20000000) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xa001, 0x0) write$auto(r5, &(0x7f0000000100)='%\x00', 0x38f) close_range$auto(0x2, 0xa, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0) r6 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) read$auto(r6, 0x0, 0xb4d3) setresgid$auto(0xa05, 0x0, 0x0) write$auto(0x3, 0x0, 0xffd8) ioprio_set$auto(0x3, 0x0, 0x4b34) msgget$auto(0x6, 0xfffffffe) 2.091565335s ago: executing program 1 (id=1166): mmap$auto(0x0, 0x3, 0x8, 0x1b, 0x4008df3, 0xea91) r0 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event0\x00', 0x80, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/tty/ptyr9/power/runtime_status\x00', 0x0, 0x0) read$auto(r2, 0x0, 0x20) ptrace$auto(0x10, 0x0, 0x4, 0x7ff) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) r4 = socketpair$auto(0x104, 0x4, 0x9, 0x0) ioctl$auto(r3, 0x560e, r4) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000003140), 0xffffffffffffffff) r5 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000240), 0x161180, 0x0) ioctl$auto_USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0185500, &(0x7f0000000000)={0x23, 0x3, 0x1c, 0x5, 0x8, 0x7fb, &(0x7f0000000080)}) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x2eb1, 0x401, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) r6 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) fcntl$auto(r6, 0x400, 0x1) execve$auto(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) socket(0x20, 0x6, 0x0) setsockopt$auto(r5, 0x101, 0xa001b, 0x0, 0x3) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x226c1, 0x0) openat$auto_buffer_percent_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/tracing/buffer_percent\x00', 0x1, 0x0) r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/vkms/graphics/fb0/blank\x00', 0xa001, 0x0) write$auto(r7, &(0x7f0000000140)='7\x00\xb1\x9a\xc0\xf9\xc0e\xd2T\xbe\xb6I\x9d\xd9\x18\xf5\x91\xbfq\xfe\xf2\x9a\x02\x9fC0xb\xccW(\xc1n+\n|5\xa5\x9c=^\xf1\x11H\x1c\xf73\x16\xd2\a\xfaw\xcc\xf1\xff7\xab\xa1\xeaF\x04\x17\x99\xd3\xd1\x83\xccG^\xbbdC\x8a\n\x88\xbcW@+\xafD\xd1\x8a\xc13W\xf66\x86\xe5\xee\xa7\x1d\x0f\x90\x00\xcf\xdb\xf5\xbf\xd4\xc8\x84\xb3\xeeb\xb0\xc7kN\x80\x93\xfd\x89\xe1\xc9tp\xd4jm\x7f\xf0a\xc3\x02\x14\xcf\xcf\\e!\a\x82\t,\xa7\x00\xbd&\xcax\xf8P\xc1\x8f\x87\x83\x0f\x93z', 0x1) read$auto_proc_single_file_operations_base(r4, &(0x7f00000000c0)=""/106, 0x6a) socket(0x2, 0x801, 0x100) read$auto_evdev_fops_evdev(r0, 0x0, 0x0) syz_clone(0x4100000, 0x0, 0x0, 0x0, 0x0, 0x0) 855.628265ms ago: executing program 3 (id=1167): openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000400)='/proc/tty/driver/serial\x00', 0x43102, 0x0) r0 = prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r2 = syz_clone(0x20a08200, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r2, 0x4, 0x8000040006) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_STRSET_GET(r3, &(0x7f0000003400)={0x0, 0x0, &(0x7f00000033c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16, @ANYBLOB], 0x20}}, 0x20000000) ptrace$auto(0xf, r2, 0xfffffffffffffffe, 0x8000000000000000) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r4 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000004400)='/dev/dsp1\x00', 0x1, 0x0) ioctl$auto_SNDCTL_DSP_GETTRIGGER(r4, 0x80045010, 0x0) setsockopt$auto(r0, 0x3, 0x6, &(0x7f0000000040)='/dev/dsp1\x00', 0x44) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x1cb842, 0x0) sendmsg$auto_OVS_FLOW_CMD_GET(0xffffffffffffffff, 0x0, 0x20000000) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/block/nbd6/queue/iosched/writes_starved\x00', 0xa001, 0x0) write$auto(r5, &(0x7f0000000100)='%\x00', 0x38f) close_range$auto(0x2, 0xa, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0) r6 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) read$auto(r6, 0x0, 0xb4d3) setresgid$auto(0xa05, 0x0, 0x0) write$auto(0x3, 0x0, 0xffd8) ioprio_set$auto(0x3, 0x0, 0x4b34) msgget$auto(0x6, 0xfffffffe) 402.587117ms ago: executing program 1 (id=1168): r0 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000019c0), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_LINKSTATE_GET(r1, &(0x7f0000002380)={0x0, 0xf000, &(0x7f0000002340)={&(0x7f00000022c0)={0x14, r0, 0xf03, 0x70bd2b, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x80) 357.38522ms ago: executing program 2 (id=1169): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd10/queue/nr_requests\x00', 0x82942, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto_XFS_IOC_FREESP(0xffffffffffffffff, 0x4030580b, &(0x7f00000001c0)={0x8, 0x3, 0x3, 0x1, 0x2, 0x0}) prctl$auto(0x20000, 0x1, r1, 0x5, 0x7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) nanosleep$auto(0x0, 0x0) sendfile$auto(r0, r0, 0x0, 0x200) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) socket(0xa, 0x5, 0x0) getsockopt$auto(0x6, 0x40000000029, 0x19, 0xfffffffffffffffe, 0x0) r2 = fcntl$auto(r0, 0x3, 0x0) ioctl$auto_SCSI_IOCTL_GET_PCI(r2, 0x5387, &(0x7f0000000040)="7efd05d1f26fa70d062ad10b6ce4f7e8062247ea3705cf8bd2c5cc7ec1ec9a4ce17b293ddbf3b5092e2aadf875d995d86a1322a8859f5b1ca5259cdb580ae22a99f224f3aa63f838e4ebadd75e80a03689f02e6bb49dc98e") madvise$auto(0x8, 0x9, 0xff) r3 = syz_genetlink_get_family_id$auto_smc_pnetid(&(0x7f0000000100), r2) sendmsg$auto_SMC_PNETID_FLUSH(r2, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="10032cbd7000fcdbdf2504000000370003002f7379732f646576696365733e760c192f7669727475616c2f626c6f636bf70417a21d345b626bca308c2f6e626431302f71756575652f6e725f726571756573747300000a0003005e5b217d"], 0x58}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 41.084572ms ago: executing program 1 (id=1170): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/tty/console/active\x00', 0x103280, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000140), r0) prctl$auto(0x23, 0x7, 0x2008, 0x0, 0x0) ioctl$auto_SW_SYNC_GET_DEADLINE(0xffffffffffffffff, 0xc0105702, &(0x7f0000000080)={0x4, 0x0, r0}) ioperm$auto(0x7, 0x1, 0x7) modify_ldt$auto(0x1, 0x0, 0x10) ioperm$auto(0x7, 0x6, 0x2) r2 = gettid() rt_sigqueueinfo$auto(r2, 0x2, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) socket(0x26, 0xa, 0x7) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f0000003280)='/Eev/J\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc\x00'/163, 0x100000a3d9) sendmsg$auto_BATADV_CMD_SET_MESH(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="2c00000092b0f58b30a9af58e298f7b447c30d83a63463c9bb0526019f50cde4428cdc6e", @ANYBLOB="100025bd7000fbdbdf250f00000008000300", @ANYRES32=0x0, @ANYBLOB="080039000700000005002e0001000000"], 0x2c}, 0x1, 0x0, 0x0, 0x4000}, 0x140080e4) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) sched_setaffinity$auto(r2, 0x4, &(0x7f0000000240)=0x6) prctl$auto(0x6, 0x2, r2, 0x4, 0xd) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r5, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000400)={0x14, r4, 0x1, 0x70bd2d, 0x25dfdbfc, {0x7e, 0x0, 0x2c01}}, 0x14}, 0x1, 0x68, 0x0, 0x4000000}, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/block/loop8/io-timeout-fail\x00', 0x22100, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r6, &(0x7f0000003480)=""/247, 0xf7) unshare$auto(0x40000080) ioctl$auto_TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x0) close_range$auto(r1, 0xa, 0x0) r7 = openat$auto_proc_pid_attr_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/attr/exec\x00', 0x101002, 0x0) write$auto_proc_pid_attr_operations_base(r7, &(0x7f0000000200)="a597d9ce6359203d", 0x8) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0x109001, 0x0) 0s ago: executing program 0 (id=1171): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x6, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/mempolicy/weighted_interleave/node0\x00', 0xf2082, 0x0) arch_prctl$auto(0x5001, 0x800) openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x80481, 0x0) write$auto(r0, 0x0, 0x5) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) (async) io_uring_setup$auto(0x6, 0x0) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/mempolicy/weighted_interleave/node0\x00', 0xf2082, 0x0) (async) arch_prctl$auto(0x5001, 0x800) (async) openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x80481, 0x0) (async) write$auto(r0, 0x0, 0x5) (async) kernel console output (not intermixed with test programs): i_munmap+0x204/0x3e0 [ 165.119620][ T6687] move_vma+0xb67/0x1740 [ 165.119686][ T6687] ? __pfx_move_vma+0x10/0x10 [ 165.119745][ T6687] ? mm_get_unmapped_area_vmflags+0x97/0xe0 [ 165.119811][ T6687] ? vrm_set_new_addr+0x208/0x290 [ 165.119864][ T6687] __do_sys_mremap+0xe07/0x1590 [ 165.119919][ T6687] ? __pfx___do_sys_mremap+0x10/0x10 [ 165.119977][ T6687] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 165.120040][ T6687] ? __x64_sys_futex+0x1e0/0x4c0 [ 165.120107][ T6687] do_syscall_64+0xcd/0x490 [ 165.120179][ T6687] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 165.120213][ T6687] RIP: 0033:0x7f925bd8e929 [ 165.120241][ T6687] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 165.120273][ T6687] RSP: 002b:00007f925cba0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 165.120305][ T6687] RAX: ffffffffffffffda RBX: 00007f925bfb5fa0 RCX: 00007f925bd8e929 [ 165.120327][ T6687] RDX: 0000000000000004 RSI: 0000000000000004 RDI: 0000200000001000 [ 165.120348][ T6687] RBP: 00007f925be10b39 R08: 0000000100000000 R09: 0000000000000000 [ 165.120369][ T6687] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 165.120388][ T6687] R13: 0000000000000000 R14: 00007f925bfb5fa0 R15: 00007fff7b84a598 [ 165.120433][ T6687] [ 165.536942][ T6696] netlink: 186 bytes leftover after parsing attributes in process `syz.0.151'. [ 166.130352][ T6713] FAULT_INJECTION: forcing a failure. [ 166.130352][ T6713] name failslab, interval 1, probability 0, space 0, times 0 [ 166.363104][ T6713] CPU: 1 UID: 0 PID: 6713 Comm: syz.1.153 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 166.363145][ T6713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 166.363162][ T6713] Call Trace: [ 166.363171][ T6713] [ 166.363183][ T6713] dump_stack_lvl+0x16c/0x1f0 [ 166.363234][ T6713] should_fail_ex+0x512/0x640 [ 166.363277][ T6713] ? __kmalloc_noprof+0xbf/0x510 [ 166.363325][ T6713] ? process_vm_rw_core.constprop.0+0x1d8/0x9a0 [ 166.363354][ T6713] should_failslab+0xc2/0x120 [ 166.363384][ T6713] __kmalloc_noprof+0xd2/0x510 [ 166.363438][ T6713] process_vm_rw_core.constprop.0+0x1d8/0x9a0 [ 166.363488][ T6713] ? __pfx_process_vm_rw_core.constprop.0+0x10/0x10 [ 166.363551][ T6713] ? iovec_from_user+0xbb/0x140 [ 166.363585][ T6713] process_vm_rw+0x216/0x2c0 [ 166.363635][ T6713] ? __pfx_process_vm_rw+0x10/0x10 [ 166.363675][ T6713] ? ksys_write+0x190/0x250 [ 166.363759][ T6713] ? ksys_write+0x1ac/0x250 [ 166.363805][ T6713] ? __pfx_ksys_write+0x10/0x10 [ 166.363854][ T6713] __x64_sys_process_vm_writev+0xe2/0x1c0 [ 166.363886][ T6713] ? do_syscall_64+0x91/0x490 [ 166.363932][ T6713] ? lockdep_hardirqs_on+0x7c/0x110 [ 166.363981][ T6713] do_syscall_64+0xcd/0x490 [ 166.364029][ T6713] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 166.364061][ T6713] RIP: 0033:0x7fe71b38e929 [ 166.364097][ T6713] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 166.364124][ T6713] RSP: 002b:00007fe71c19f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 166.364153][ T6713] RAX: ffffffffffffffda RBX: 00007fe71b5b5fa0 RCX: 00007fe71b38e929 [ 166.364173][ T6713] RDX: 000000000000001a RSI: 0000200000000180 RDI: 00000000000000a1 [ 166.364191][ T6713] RBP: 00007fe71c19f090 R08: 000000000000000a R09: 0000000000000000 [ 166.364228][ T6713] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000001 [ 166.364247][ T6713] R13: 0000000000000000 R14: 00007fe71b5b5fa0 R15: 00007ffcbf3a7d48 [ 166.364288][ T6713] [ 167.029723][ T30] audit: type=1804 audit(1752581107.370:9): pid=6711 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.152" name="/newroot/39/file0" dev="tmpfs" ino=224 res=1 errno=0 [ 167.181440][ T30] audit: type=1800 audit(1752581107.390:10): pid=6711 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.152" name="file0" dev="tmpfs" ino=224 res=0 errno=0 [ 168.069646][ T6723] can: request_module (can-proto-0) failed. [ 170.146113][ T6753] can: request_module (can-proto-0) failed. [ 173.409541][ T30] audit: type=1804 audit(1752581113.774:11): pid=6781 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.167" name="/newroot/44/file0" dev="tmpfs" ino=250 res=1 errno=0 [ 173.431161][ T30] audit: type=1800 audit(1752581113.784:12): pid=6781 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.167" name="file0" dev="tmpfs" ino=250 res=0 errno=0 [ 175.762145][ T30] audit: type=1804 audit(1752581116.136:13): pid=6802 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.174" name="/newroot/43/file0" dev="tmpfs" ino=245 res=1 errno=0 [ 175.864885][ T30] audit: type=1800 audit(1752581116.136:14): pid=6802 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.174" name="file0" dev="tmpfs" ino=245 res=0 errno=0 [ 176.587956][ T6817] can: request_module (can-proto-0) failed. [ 177.638702][ T6826] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888078001780 pfn:0x78000 [ 177.681218][ T6828] blktrace: Concurrent blktraces are not allowed on loop2 [ 177.700165][ T6826] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 177.857730][ T6826] memcg:ffff888079407301 [ 177.862072][ T6826] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff) [ 177.884505][ T6826] page_type: f5(slab) [ 177.907555][ T6826] raw: 00fff00000000240 ffff88801ce95780 ffffea00016f7510 ffffea0001e9c210 [ 177.962169][ T6826] raw: ffff888078001780 0000000000150011 00000000f5000000 ffff888079407301 [ 178.014407][ T6826] head: 00fff00000000240 ffff88801ce95780 ffffea00016f7510 ffffea0001e9c210 [ 178.115159][ T6826] head: ffff888078001780 0000000000150011 00000000f5000000 ffff888079407301 [ 178.200252][ T6826] head: 00fff00000000001 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 178.293524][ T6826] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 178.411048][ T6826] page dumped because: unmovable page [ 178.553852][ T6826] page_owner tracks the page as allocated [ 178.648333][ T6826] page last allocated via order 1, migratetype Reclaimable, gfp_mask 0xd20d0(__GFP_RECLAIMABLE|__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5223, tgid 5223 (udevd), ts 63411110153, free_ts 36467779649 [ 178.887772][ T6826] post_alloc_hook+0x1c0/0x230 [ 178.900558][ T6826] get_page_from_freelist+0x1321/0x3890 [ 178.906342][ T6826] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 178.912441][ T6826] alloc_pages_mpol+0x1fb/0x550 [ 178.917466][ T6826] new_slab+0x23b/0x330 [ 178.924665][ T6826] ___slab_alloc+0xd9c/0x1940 [ 178.929545][ T6826] __slab_alloc.constprop.0+0x56/0xb0 [ 178.935346][ T6826] kmem_cache_alloc_lru_noprof+0xf4/0x3b0 [ 178.941628][ T6826] __d_alloc+0x31/0xaa0 [ 178.945956][ T6826] d_alloc+0x4a/0x1e0 [ 178.950597][ T6826] d_alloc_parallel+0xe3/0x12e0 [ 178.955752][ T6826] lookup_open.isra.0+0x665/0x1580 [ 178.961386][ T6826] path_openat+0x893/0x2cb0 [ 178.966166][ T6826] do_filp_open+0x20b/0x470 [ 178.971219][ T6826] do_sys_openat2+0x11b/0x1d0 [ 178.976114][ T6826] __x64_sys_openat+0x174/0x210 [ 178.981666][ T6826] page last free pid 1 tgid 1 stack trace: [ 178.990238][ T6826] __free_frozen_pages+0x7fe/0x1180 [ 178.995655][ T6826] free_contig_range+0x183/0x4b0 [ 179.008556][ T6826] destroy_args+0x7f6/0xa60 [ 179.013462][ T6826] debug_vm_pgtable+0x13b8/0x2d00 [ 179.018862][ T6826] do_one_initcall+0x120/0x6e0 [ 179.079716][ T6826] kernel_init_freeable+0x5c2/0x900 [ 179.173662][ T6826] kernel_init+0x1c/0x2b0 [ 179.178192][ T6826] ret_from_fork+0x5d7/0x6f0 [ 179.188987][ T6826] ret_from_fork_asm+0x1a/0x30 [ 179.376688][ T6849] mmap: syz.0.186 (6849) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 180.451765][ T6861] kafs: addr_prefs: Invalid Command [ 180.751521][ T6868] FAULT_INJECTION: forcing a failure. [ 180.751521][ T6868] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 180.800674][ T6868] CPU: 1 UID: 0 PID: 6868 Comm: syz.0.187 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 180.800708][ T6868] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 180.800726][ T6868] Call Trace: [ 180.800734][ T6868] [ 180.800742][ T6868] dump_stack_lvl+0x16c/0x1f0 [ 180.800782][ T6868] should_fail_ex+0x512/0x640 [ 180.800820][ T6868] should_fail_alloc_page+0xe7/0x130 [ 180.800845][ T6868] prepare_alloc_pages+0x3c2/0x610 [ 180.800877][ T6868] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 180.800912][ T6868] ? __alloc_frozen_pages_noprof+0x294/0x23f0 [ 180.800954][ T6868] ? __lock_acquire+0x622/0x1c90 [ 180.800990][ T6868] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 180.801025][ T6868] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 180.801078][ T6868] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 180.801115][ T6868] ? policy_nodemask+0xea/0x4e0 [ 180.801139][ T6868] alloc_pages_mpol+0x1fb/0x550 [ 180.801162][ T6868] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 180.801188][ T6868] ? do_raw_spin_lock+0x12c/0x2b0 [ 180.801224][ T6868] ? find_held_lock+0x2b/0x80 [ 180.801252][ T6868] alloc_pages_noprof+0x131/0x390 [ 180.801275][ T6868] __pmd_alloc+0x3b/0x930 [ 180.801299][ T6868] ? __pud_alloc+0x526/0x750 [ 180.801326][ T6868] __handle_mm_fault+0xaac/0x5490 [ 180.801364][ T6868] ? __pfx___handle_mm_fault+0x10/0x10 [ 180.801393][ T6868] ? __pfx_mt_find+0x10/0x10 [ 180.801429][ T6868] ? find_vma+0xbf/0x140 [ 180.801451][ T6868] ? __pfx_find_vma+0x10/0x10 [ 180.801483][ T6868] handle_mm_fault+0x589/0xd10 [ 180.801514][ T6868] ? __pkru_allows_pkey+0x51/0xb0 [ 180.801548][ T6868] do_user_addr_fault+0x7a6/0x1370 [ 180.801584][ T6868] ? rcu_is_watching+0x12/0xc0 [ 180.801611][ T6868] exc_page_fault+0x5c/0xb0 [ 180.801644][ T6868] asm_exc_page_fault+0x26/0x30 [ 180.801666][ T6868] RIP: 0010:strncpy_from_user+0x147/0x2e0 [ 180.801698][ T6868] Code: 00 00 4d 89 74 1d 00 48 83 ed 08 bf 07 00 00 00 48 83 c3 08 48 89 ee e8 17 f2 b0 fc 48 83 fd 07 76 22 e8 9c f6 b0 fc 45 31 ff <49> 8b 04 1c 31 ff 44 89 fe 49 89 c6 e8 c8 f1 b0 fc 45 85 ff 0f 84 [ 180.801724][ T6868] RSP: 0018:ffffc9000b84fe30 EFLAGS: 00050246 [ 180.801749][ T6868] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff850a67a6 [ 180.801768][ T6868] RDX: ffff88801db0da00 RSI: ffffffff850a6844 RDI: 0000000000000007 [ 180.801788][ T6868] RBP: 000000000000000f R08: 0000000000000007 R09: 0000000000000007 [ 180.801807][ T6868] R10: 000000000000000f R11: 0000000000000001 R12: 0000200000ffffff [ 180.801826][ T6868] R13: ffffc9000b84feb0 R14: 000000000000000f R15: 0000000000000000 [ 180.801857][ T6868] ? strncpy_from_user+0xa6/0x2e0 [ 180.801898][ T6868] ? strncpy_from_user+0x144/0x2e0 [ 180.801955][ T6868] __do_sys_prctl+0x1f66/0x24c0 [ 180.802011][ T6868] ? __pfx___do_sys_prctl+0x10/0x10 [ 180.802076][ T6868] do_syscall_64+0xcd/0x490 [ 180.802129][ T6868] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 180.802161][ T6868] RIP: 0033:0x7f2b5518e929 [ 180.802186][ T6868] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 180.802215][ T6868] RSP: 002b:00007f2b560be038 EFLAGS: 00000246 ORIG_RAX: 000000000000009d [ 180.802243][ T6868] RAX: ffffffffffffffda RBX: 00007f2b553b5fa0 RCX: 00007f2b5518e929 [ 180.802264][ T6868] RDX: 0000000000000f79 RSI: 0000200000ffffff RDI: 000000000000000f [ 180.802284][ T6868] RBP: 00007f2b560be090 R08: 0000000000010001 R09: 0000000000000000 [ 180.802303][ T6868] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000001 [ 180.802316][ T6868] R13: 0000000000000001 R14: 00007f2b553b5fa0 R15: 00007ffececcd848 [ 180.802357][ T6868] [ 182.306854][ T6874] ptrace attach of "./syz-executor exec"[6875] was attempted by "./syz-executor exec"[6874] [ 182.633275][ T6877] can: request_module (can-proto-0) failed. [ 183.990198][ T6898] netlink: 330 bytes leftover after parsing attributes in process `syz.2.195'. [ 187.041252][ T6951] futex_wake_op: syz.0.210 tries to shift op by -7; fix this program [ 190.910113][ T7087] syz.1.273 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 191.106865][ T7093] syz.3.276(7093): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 192.896438][ T7159] syz.1.307 uses obsolete (PF_INET,SOCK_PACKET) [ 194.092724][ T30] audit: type=1804 audit(1752581134.571:15): pid=7186 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.316" name="/newroot/85/file0" dev="tmpfs" ino=460 res=1 errno=0 [ 194.143547][ T30] audit: type=1800 audit(1752581134.581:16): pid=7186 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.316" name="file0" dev="tmpfs" ino=460 res=0 errno=0 [ 195.404513][ T7181] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 195.412177][ T7181] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 195.418991][ T7181] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 195.447715][ T7181] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 196.250371][ T5860] Bluetooth: hci0: command 0x0c1a tx timeout [ 197.453820][ T5860] Bluetooth: hci1: command 0x0c1a tx timeout [ 197.459997][ T5859] Bluetooth: hci3: command 0x0c1a tx timeout [ 197.466308][ T5859] Bluetooth: hci2: command 0x0c1a tx timeout [ 204.219237][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 204.225678][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 204.443583][ T7486] futex_wake_op: syz.2.451 tries to shift op by -1; fix this program [ 207.765641][ T7613] FAULT_INJECTION: forcing a failure. [ 207.765641][ T7613] name failslab, interval 1, probability 0, space 0, times 0 [ 207.784120][ T7613] CPU: 1 UID: 0 PID: 7613 Comm: syz.3.512 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 207.784166][ T7613] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 207.784185][ T7613] Call Trace: [ 207.784195][ T7613] [ 207.784207][ T7613] dump_stack_lvl+0x16c/0x1f0 [ 207.784262][ T7613] should_fail_ex+0x512/0x640 [ 207.784309][ T7613] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 207.784361][ T7613] should_failslab+0xc2/0x120 [ 207.784393][ T7613] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 207.784444][ T7613] ? vm_area_dup+0x27/0x8d0 [ 207.784493][ T7613] vm_area_dup+0x27/0x8d0 [ 207.784541][ T7613] __split_vma+0x18e/0x1070 [ 207.784587][ T7613] ? __lock_acquire+0xb8a/0x1c90 [ 207.784650][ T7613] ? __pfx___split_vma+0x10/0x10 [ 207.784706][ T7613] ? lock_acquire+0x179/0x350 [ 207.784751][ T7613] ? do_raw_spin_lock+0x12c/0x2b0 [ 207.784809][ T7613] vms_gather_munmap_vmas+0x1c2/0x1310 [ 207.784867][ T7613] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 207.784940][ T7613] do_vmi_align_munmap+0x27c/0x7d0 [ 207.784994][ T7613] ? __pfx_do_vmi_align_munmap+0x10/0x10 [ 207.785099][ T7613] do_vmi_munmap+0x204/0x3e0 [ 207.785151][ T7613] move_vma+0xb67/0x1740 [ 207.785205][ T7613] ? __pfx_move_vma+0x10/0x10 [ 207.785260][ T7613] ? mm_get_unmapped_area_vmflags+0x97/0xe0 [ 207.785312][ T7613] ? vrm_set_new_addr+0x208/0x290 [ 207.785362][ T7613] __do_sys_mremap+0xe07/0x1590 [ 207.785416][ T7613] ? __pfx___do_sys_mremap+0x10/0x10 [ 207.785473][ T7613] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 207.785537][ T7613] ? __x64_sys_futex+0x1e0/0x4c0 [ 207.785603][ T7613] do_syscall_64+0xcd/0x490 [ 207.785662][ T7613] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 207.785696][ T7613] RIP: 0033:0x7fe27cd8e929 [ 207.785721][ T7613] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 207.785751][ T7613] RSP: 002b:00007fe27dc63038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 207.785781][ T7613] RAX: ffffffffffffffda RBX: 00007fe27cfb5fa0 RCX: 00007fe27cd8e929 [ 207.785804][ T7613] RDX: 0000000000000004 RSI: 0000000000000004 RDI: 0000200000001000 [ 207.785823][ T7613] RBP: 00007fe27ce10b39 R08: 0000000100000000 R09: 0000000000000000 [ 207.785843][ T7613] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 207.785862][ T7613] R13: 0000000000000000 R14: 00007fe27cfb5fa0 R15: 00007ffd2d3c5068 [ 207.785904][ T7613] [ 209.894552][ T7646] netlink: 306 bytes leftover after parsing attributes in process `syz.3.519'. [ 210.859065][ T7667] ubi0: attaching mtd0 [ 210.867895][ T7667] ubi0: scanning is finished [ 210.872579][ T7667] ubi0: empty MTD device detected [ 211.124174][ T7667] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 211.131845][ T7667] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 211.139416][ T7667] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 211.146492][ T7667] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 211.154573][ T7667] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 211.161414][ T7667] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 211.169558][ T7667] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 3637922056 [ 211.180715][ T7667] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 211.203204][ T7672] ubi0: background thread "ubi_bgt0d" started, PID 7672 [ 212.894618][ T7697] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input5 [ 213.287712][ T7705] FAULT_INJECTION: forcing a failure. [ 213.287712][ T7705] name failslab, interval 1, probability 0, space 0, times 0 [ 213.363030][ T7705] CPU: 0 UID: 0 PID: 7705 Comm: syz.3.534 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 213.363076][ T7705] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 213.363095][ T7705] Call Trace: [ 213.363105][ T7705] [ 213.363118][ T7705] dump_stack_lvl+0x16c/0x1f0 [ 213.363172][ T7705] should_fail_ex+0x512/0x640 [ 213.363220][ T7705] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 213.363277][ T7705] should_failslab+0xc2/0x120 [ 213.363310][ T7705] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 213.363361][ T7705] ? vm_area_dup+0x27/0x8d0 [ 213.363411][ T7705] vm_area_dup+0x27/0x8d0 [ 213.363460][ T7705] __split_vma+0x18e/0x1070 [ 213.363517][ T7705] ? __lock_acquire+0xb8a/0x1c90 [ 213.363565][ T7705] ? __pfx___split_vma+0x10/0x10 [ 213.363622][ T7705] ? lock_acquire+0x179/0x350 [ 213.363667][ T7705] ? do_raw_spin_lock+0x12c/0x2b0 [ 213.363726][ T7705] vms_gather_munmap_vmas+0x1c2/0x1310 [ 213.363783][ T7705] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 213.363858][ T7705] do_vmi_align_munmap+0x27c/0x7d0 [ 213.363914][ T7705] ? __pfx_do_vmi_align_munmap+0x10/0x10 [ 213.364014][ T7705] do_vmi_munmap+0x204/0x3e0 [ 213.364069][ T7705] move_vma+0xb67/0x1740 [ 213.364126][ T7705] ? __pfx_move_vma+0x10/0x10 [ 213.364182][ T7705] ? mm_get_unmapped_area_vmflags+0x97/0xe0 [ 213.364237][ T7705] ? vrm_set_new_addr+0x208/0x290 [ 213.364290][ T7705] __do_sys_mremap+0xe07/0x1590 [ 213.364346][ T7705] ? __pfx___do_sys_mremap+0x10/0x10 [ 213.364404][ T7705] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 213.364470][ T7705] ? __x64_sys_futex+0x1e0/0x4c0 [ 213.364545][ T7705] do_syscall_64+0xcd/0x490 [ 213.364597][ T7705] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 213.364631][ T7705] RIP: 0033:0x7fe27cd8e929 [ 213.364657][ T7705] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 213.364689][ T7705] RSP: 002b:00007fe27dc63038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 213.364720][ T7705] RAX: ffffffffffffffda RBX: 00007fe27cfb5fa0 RCX: 00007fe27cd8e929 [ 213.364742][ T7705] RDX: 0000000000000004 RSI: 0000000000000004 RDI: 0000200000001000 [ 213.364762][ T7705] RBP: 00007fe27ce10b39 R08: 0000000100000000 R09: 0000000000000000 [ 213.364783][ T7705] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 213.364803][ T7705] R13: 0000000000000000 R14: 00007fe27cfb5fa0 R15: 00007ffd2d3c5068 [ 213.364846][ T7705] [ 213.657237][ T7711] netlink: 342 bytes leftover after parsing attributes in process `syz.0.535'. [ 217.776265][ T7766] FAULT_INJECTION: forcing a failure. [ 217.776265][ T7766] name failslab, interval 1, probability 0, space 0, times 0 [ 217.789221][ T7766] CPU: 1 UID: 0 PID: 7766 Comm: syz.1.546 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 217.789253][ T7766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 217.789267][ T7766] Call Trace: [ 217.789275][ T7766] [ 217.789284][ T7766] dump_stack_lvl+0x16c/0x1f0 [ 217.789324][ T7766] should_fail_ex+0x512/0x640 [ 217.789359][ T7766] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 217.789399][ T7766] should_failslab+0xc2/0x120 [ 217.789421][ T7766] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 217.789458][ T7766] ? vm_area_dup+0x27/0x8d0 [ 217.789506][ T7766] vm_area_dup+0x27/0x8d0 [ 217.789540][ T7766] __split_vma+0x18e/0x1070 [ 217.789574][ T7766] ? __lock_acquire+0xb8a/0x1c90 [ 217.789608][ T7766] ? __pfx___split_vma+0x10/0x10 [ 217.789648][ T7766] ? lock_acquire+0x179/0x350 [ 217.789681][ T7766] ? do_raw_spin_lock+0x12c/0x2b0 [ 217.789722][ T7766] vms_gather_munmap_vmas+0x1c2/0x1310 [ 217.789762][ T7766] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 217.789814][ T7766] do_vmi_align_munmap+0x27c/0x7d0 [ 217.789853][ T7766] ? __pfx_do_vmi_align_munmap+0x10/0x10 [ 217.789930][ T7766] do_vmi_munmap+0x204/0x3e0 [ 217.789968][ T7766] move_vma+0xb67/0x1740 [ 217.790008][ T7766] ? __pfx_move_vma+0x10/0x10 [ 217.790047][ T7766] ? mm_get_unmapped_area_vmflags+0x97/0xe0 [ 217.790085][ T7766] ? vrm_set_new_addr+0x208/0x290 [ 217.790128][ T7766] __do_sys_mremap+0xe07/0x1590 [ 217.790197][ T7766] ? __pfx___do_sys_mremap+0x10/0x10 [ 217.790248][ T7766] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 217.790298][ T7766] ? __x64_sys_futex+0x1e0/0x4c0 [ 217.790346][ T7766] do_syscall_64+0xcd/0x490 [ 217.790385][ T7766] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 217.790408][ T7766] RIP: 0033:0x7fe71b38e929 [ 217.790427][ T7766] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 217.790452][ T7766] RSP: 002b:00007fe71c19f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 217.790475][ T7766] RAX: ffffffffffffffda RBX: 00007fe71b5b5fa0 RCX: 00007fe71b38e929 [ 217.790490][ T7766] RDX: 0000000000000004 RSI: 0000000000000004 RDI: 0000200000001000 [ 217.790505][ T7766] RBP: 00007fe71b410b39 R08: 0000000100000000 R09: 0000000000000000 [ 217.790519][ T7766] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 217.790534][ T7766] R13: 0000000000000000 R14: 00007fe71b5b5fa0 R15: 00007ffcbf3a7d48 [ 217.790563][ T7766] [ 218.982843][ T7771] can: request_module (can-proto-3) failed. [ 220.585399][ T7798] netlink: 28 bytes leftover after parsing attributes in process `syz.1.555'. [ 220.623832][ T7798] bridge_slave_1: left allmulticast mode [ 220.638402][ T7795] ima: policy update failed [ 220.647684][ T7798] bridge_slave_1: left promiscuous mode [ 220.679047][ T7800] netlink: 342 bytes leftover after parsing attributes in process `syz.3.556'. [ 220.694692][ T7798] bridge0: port 2(bridge_slave_1) entered disabled state [ 220.715553][ T30] audit: type=1802 audit(1752581161.340:17): pid=7795 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.554" res=0 errno=0 [ 220.764291][ T7800] FAULT_INJECTION: forcing a failure. [ 220.764291][ T7800] name failslab, interval 1, probability 0, space 0, times 0 [ 220.790692][ T7800] CPU: 1 UID: 0 PID: 7800 Comm: syz.3.556 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 220.790733][ T7800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 220.790750][ T7800] Call Trace: [ 220.790760][ T7800] [ 220.790772][ T7800] dump_stack_lvl+0x16c/0x1f0 [ 220.790822][ T7800] should_fail_ex+0x512/0x640 [ 220.790863][ T7800] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 220.790917][ T7800] should_failslab+0xc2/0x120 [ 220.790946][ T7800] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 220.790994][ T7800] ? __alloc_skb+0x2b2/0x380 [ 220.791037][ T7800] __alloc_skb+0x2b2/0x380 [ 220.791074][ T7800] ? __pfx___alloc_skb+0x10/0x10 [ 220.791117][ T7800] ? __lock_acquire+0xb8a/0x1c90 [ 220.791164][ T7800] netlink_alloc_large_skb+0x69/0x130 [ 220.791201][ T7800] netlink_sendmsg+0x6a1/0xdd0 [ 220.791242][ T7800] ? __pfx_netlink_sendmsg+0x10/0x10 [ 220.791292][ T7800] ____sys_sendmsg+0xa95/0xc70 [ 220.791325][ T7800] ? copy_msghdr_from_user+0x10a/0x160 [ 220.791372][ T7800] ? __pfx_____sys_sendmsg+0x10/0x10 [ 220.791413][ T7800] ? __pfx__kstrtoull+0x10/0x10 [ 220.791459][ T7800] ___sys_sendmsg+0x134/0x1d0 [ 220.791510][ T7800] ? __pfx____sys_sendmsg+0x10/0x10 [ 220.791576][ T7800] ? find_held_lock+0x2b/0x80 [ 220.791644][ T7800] __sys_sendmmsg+0x200/0x420 [ 220.791700][ T7800] ? __pfx___sys_sendmmsg+0x10/0x10 [ 220.791761][ T7800] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 220.791826][ T7800] ? fput+0x70/0xf0 [ 220.791855][ T7800] ? ksys_write+0x1ac/0x250 [ 220.791899][ T7800] ? __pfx_ksys_write+0x10/0x10 [ 220.791951][ T7800] __x64_sys_sendmmsg+0x9c/0x100 [ 220.791999][ T7800] ? lockdep_hardirqs_on+0x7c/0x110 [ 220.792046][ T7800] do_syscall_64+0xcd/0x490 [ 220.792097][ T7800] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 220.792129][ T7800] RIP: 0033:0x7fe27cd8e929 [ 220.792154][ T7800] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 220.792185][ T7800] RSP: 002b:00007fe27dc63038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 220.792214][ T7800] RAX: ffffffffffffffda RBX: 00007fe27cfb5fa0 RCX: 00007fe27cd8e929 [ 220.792236][ T7800] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 220.792255][ T7800] RBP: 00007fe27dc63090 R08: 0000000000000000 R09: 0000000000000000 [ 220.792275][ T7800] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 220.792293][ T7800] R13: 0000000000000000 R14: 00007fe27cfb5fa0 R15: 00007ffd2d3c5068 [ 220.792334][ T7800] [ 221.361825][ T7798] bridge_slave_0: left allmulticast mode [ 221.389441][ T7798] bridge_slave_0: left promiscuous mode [ 221.469371][ T7798] bridge0: port 1(bridge_slave_0) entered disabled state [ 223.879232][ T7835] FAULT_INJECTION: forcing a failure. [ 223.879232][ T7835] name failslab, interval 1, probability 0, space 0, times 0 [ 223.966061][ T7835] CPU: 0 UID: 0 PID: 7835 Comm: syz.1.562 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 223.966094][ T7835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 223.966107][ T7835] Call Trace: [ 223.966115][ T7835] [ 223.966123][ T7835] dump_stack_lvl+0x16c/0x1f0 [ 223.966167][ T7835] should_fail_ex+0x512/0x640 [ 223.966199][ T7835] ? fs_reclaim_acquire+0xae/0x150 [ 223.966228][ T7835] ? tomoyo_encode2+0x100/0x3e0 [ 223.966257][ T7835] should_failslab+0xc2/0x120 [ 223.966279][ T7835] __kmalloc_noprof+0xd2/0x510 [ 223.966312][ T7835] ? d_absolute_path+0x136/0x1a0 [ 223.966339][ T7835] tomoyo_encode2+0x100/0x3e0 [ 223.966374][ T7835] tomoyo_encode+0x29/0x50 [ 223.966403][ T7835] tomoyo_realpath_from_path+0x18f/0x6e0 [ 223.966443][ T7835] tomoyo_path_number_perm+0x245/0x580 [ 223.966478][ T7835] ? tomoyo_path_number_perm+0x237/0x580 [ 223.966519][ T7835] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 223.966558][ T7835] ? find_held_lock+0x2b/0x80 [ 223.966615][ T7835] ? find_held_lock+0x2b/0x80 [ 223.966638][ T7835] ? hook_file_ioctl_common+0x145/0x410 [ 223.966669][ T7835] ? __fget_files+0x20e/0x3c0 [ 223.966706][ T7835] security_file_ioctl+0x9b/0x240 [ 223.966743][ T7835] __x64_sys_ioctl+0xb7/0x210 [ 223.966773][ T7835] do_syscall_64+0xcd/0x490 [ 223.966810][ T7835] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 223.966833][ T7835] RIP: 0033:0x7fe71b38e929 [ 223.966850][ T7835] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 223.966872][ T7835] RSP: 002b:00007fe71c19f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 223.966893][ T7835] RAX: ffffffffffffffda RBX: 00007fe71b5b5fa0 RCX: 00007fe71b38e929 [ 223.966908][ T7835] RDX: 0000000000000000 RSI: 0000000080045519 RDI: 0000000000000004 [ 223.966921][ T7835] RBP: 00007fe71c19f090 R08: 0000000000000000 R09: 0000000000000000 [ 223.966935][ T7835] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 223.966948][ T7835] R13: 0000000000000000 R14: 00007fe71b5b5fa0 R15: 00007ffcbf3a7d48 [ 223.966976][ T7835] [ 223.967017][ T7835] ERROR: Out of memory at tomoyo_realpath_from_path. [ 226.322504][ T7873] futex_wake_op: syz.3.572 tries to shift op by -2048; fix this program [ 226.400412][ T7873] futex_wake_op: syz.3.572 tries to shift op by -2048; fix this program [ 227.178755][ T7863] netlink: 4 bytes leftover after parsing attributes in process `syz.3.572'. [ 229.231582][ T7899] FAULT_INJECTION: forcing a failure. [ 229.231582][ T7899] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 229.328141][ T7899] CPU: 0 UID: 0 PID: 7899 Comm: syz.1.577 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 229.328183][ T7899] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 229.328202][ T7899] Call Trace: [ 229.328212][ T7899] [ 229.328223][ T7899] dump_stack_lvl+0x16c/0x1f0 [ 229.328277][ T7899] should_fail_ex+0x512/0x640 [ 229.328330][ T7899] _copy_from_user+0x2e/0xd0 [ 229.328391][ T7899] core_sys_select+0x35b/0xc10 [ 229.328446][ T7899] ? __pfx_core_sys_select+0x10/0x10 [ 229.328499][ T7899] ? proc_fail_nth_write+0x9f/0x250 [ 229.328573][ T7899] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 229.328634][ T7899] kern_select+0x15d/0x1e0 [ 229.328677][ T7899] ? __pfx_kern_select+0x10/0x10 [ 229.328727][ T7899] ? __pfx_ksys_write+0x10/0x10 [ 229.328780][ T7899] __x64_sys_select+0xbd/0x160 [ 229.328821][ T7899] ? do_syscall_64+0x91/0x490 [ 229.328869][ T7899] ? lockdep_hardirqs_on+0x7c/0x110 [ 229.328912][ T7899] do_syscall_64+0xcd/0x490 [ 229.328962][ T7899] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 229.328993][ T7899] RIP: 0033:0x7fe71b38e929 [ 229.329019][ T7899] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 229.329049][ T7899] RSP: 002b:00007fe71c17e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 229.329078][ T7899] RAX: ffffffffffffffda RBX: 00007fe71b5b6080 RCX: 00007fe71b38e929 [ 229.329100][ T7899] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000e [ 229.329118][ T7899] RBP: 00007fe71c17e090 R08: 0000000000000000 R09: 0000000000000000 [ 229.329137][ T7899] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001 [ 229.329157][ T7899] R13: 0000000000000000 R14: 00007fe71b5b6080 R15: 00007ffcbf3a7d48 [ 229.329197][ T7899] [ 231.182289][ T7921] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78002 [ 231.213440][ T30] audit: type=1804 audit(1752581171.884:18): pid=7923 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.582" name="/newroot/140/file0" dev="tmpfs" ino=741 res=1 errno=0 [ 231.239260][ T7921] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 231.262561][ T30] audit: type=1800 audit(1752581171.884:19): pid=7923 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.582" name="file0" dev="tmpfs" ino=741 res=0 errno=0 [ 231.337652][ T7921] memcg:ffff888034c65b01 [ 231.341978][ T7921] ksm flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 231.431209][ T7921] page_type: f5(slab) [ 231.435304][ T7921] raw: 00fff00000000040 ffff88801ce95780 ffffea0001e9ea00 dead000000000003 [ 231.473701][ T7921] raw: 0000000000000000 0000000000150015 00000000f5000000 ffff888034c65b01 [ 231.529097][ T7921] head: 00fff00000000040 ffff88801ce95780 ffffea0001e9ea00 dead000000000003 [ 231.551208][ T7921] head: 0000000000000000 0000000000150015 00000000f5000000 ffff888034c65b01 [ 231.592792][ T7921] head: 00fff00000000001 ffffea0001e00081 00000000ffffffff 00000000ffffffff [ 231.603831][ T7921] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 231.633644][ T7921] page dumped because: unmovable page [ 231.643999][ T7921] page_owner tracks the page as allocated [ 231.671687][ T7921] page last allocated via order 1, migratetype Reclaimable, gfp_mask 0xd20d0(__GFP_RECLAIMABLE|__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5230, tgid 5230 (udevd), ts 63431947441, free_ts 36467798038 [ 231.734263][ T7921] post_alloc_hook+0x1c0/0x230 [ 231.739630][ T7921] get_page_from_freelist+0x1321/0x3890 [ 231.745362][ T7921] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 231.752083][ T7921] alloc_pages_mpol+0x1fb/0x550 [ 231.759185][ T7921] new_slab+0x23b/0x330 [ 231.763613][ T7921] ___slab_alloc+0xd9c/0x1940 [ 231.770007][ T7921] __slab_alloc.constprop.0+0x56/0xb0 [ 231.782269][ T7921] kmem_cache_alloc_lru_noprof+0xf4/0x3b0 [ 231.788602][ T7921] __d_alloc+0x31/0xaa0 [ 231.793276][ T7921] d_alloc+0x4a/0x1e0 [ 231.805276][ T7921] d_alloc_parallel+0xe3/0x12e0 [ 231.810339][ T7921] lookup_open.isra.0+0x665/0x1580 [ 231.820439][ T7921] path_openat+0x893/0x2cb0 [ 231.834498][ T7921] do_filp_open+0x20b/0x470 [ 231.844590][ T7921] do_sys_openat2+0x11b/0x1d0 [ 231.859646][ T7921] __x64_sys_openat+0x174/0x210 [ 231.864608][ T7921] page last free pid 1 tgid 1 stack trace: [ 231.880576][ T7921] __free_frozen_pages+0x7fe/0x1180 [ 231.889344][ T7921] free_contig_range+0x183/0x4b0 [ 231.894406][ T7921] destroy_args+0x7f6/0xa60 [ 231.899454][ T7921] debug_vm_pgtable+0x13b8/0x2d00 [ 231.904973][ T7921] do_one_initcall+0x120/0x6e0 [ 231.909801][ T7921] kernel_init_freeable+0x5c2/0x900 [ 231.915631][ T7921] kernel_init+0x1c/0x2b0 [ 231.920027][ T7921] ret_from_fork+0x5d7/0x6f0 [ 231.924731][ T7921] ret_from_fork_asm+0x1a/0x30 [ 233.522818][ T7964] netlink: 28 bytes leftover after parsing attributes in process `syz.2.590'. [ 234.439401][ T30] audit: type=1804 audit(1752581175.121:20): pid=7981 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.594" name="/newroot/155/file0" dev="tmpfs" ino=818 res=1 errno=0 [ 234.471930][ T7973] can: request_module (can-proto-0) failed. [ 234.538837][ T30] audit: type=1800 audit(1752581175.121:21): pid=7981 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.594" name="file0" dev="tmpfs" ino=818 res=0 errno=0 [ 235.456722][ T7994] loop6: detected capacity change from 0 to 2097152 [ 236.381485][ T8009] syz.0.601 (8009): attempted to duplicate a private mapping with mremap. This is not supported. [ 237.191300][ T30] audit: type=1804 audit(1752581177.895:22): pid=8026 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.605" name="/newroot/158/file0" dev="tmpfs" ino=834 res=1 errno=0 [ 237.266006][ T30] audit: type=1800 audit(1752581177.895:23): pid=8026 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.605" name="file0" dev="tmpfs" ino=834 res=0 errno=0 [ 238.595756][ T8048] zswap: compressor not available [ 238.743686][ T8045] rtc_cmos 00:00: in use; can't configure [ 239.071026][ T8054] can: request_module (can-proto-0) failed. [ 241.159175][ T8088] sd 0:0:1:0: PR command failed: 1026 [ 241.164653][ T8088] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 241.305983][ T8088] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 241.491387][ T8093] netlink: 28 bytes leftover after parsing attributes in process `syz.1.620'. [ 241.742978][ T8091] sctp: failed to load transform for md5: -2 [ 242.464341][ T8111] FAULT_INJECTION: forcing a failure. [ 242.464341][ T8111] name failslab, interval 1, probability 0, space 0, times 0 [ 242.487381][ T8111] CPU: 0 UID: 0 PID: 8111 Comm: syz.0.625 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 242.487436][ T8111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 242.487456][ T8111] Call Trace: [ 242.487467][ T8111] [ 242.487481][ T8111] dump_stack_lvl+0x16c/0x1f0 [ 242.487538][ T8111] should_fail_ex+0x512/0x640 [ 242.487588][ T8111] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 242.487644][ T8111] should_failslab+0xc2/0x120 [ 242.487677][ T8111] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 242.487730][ T8111] ? mas_alloc_nodes+0x18b/0x8b0 [ 242.487779][ T8111] mas_alloc_nodes+0x18b/0x8b0 [ 242.487847][ T8111] mas_node_count_gfp+0x105/0x130 [ 242.487898][ T8111] mas_preallocate+0x7e0/0xde0 [ 242.487940][ T8111] ? __pfx_mas_preallocate+0x10/0x10 [ 242.487988][ T8111] ? anon_vma_name+0x75/0x100 [ 242.488031][ T8111] __split_vma+0x34a/0x1070 [ 242.488086][ T8111] ? __pfx___split_vma+0x10/0x10 [ 242.488145][ T8111] ? lock_acquire+0x179/0x350 [ 242.488192][ T8111] ? do_raw_spin_lock+0x12c/0x2b0 [ 242.488252][ T8111] vms_gather_munmap_vmas+0x1c2/0x1310 [ 242.488310][ T8111] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 242.488385][ T8111] do_vmi_align_munmap+0x27c/0x7d0 [ 242.488450][ T8111] ? __pfx_do_vmi_align_munmap+0x10/0x10 [ 242.488559][ T8111] do_vmi_munmap+0x204/0x3e0 [ 242.488615][ T8111] move_vma+0xb67/0x1740 [ 242.488672][ T8111] ? __pfx_move_vma+0x10/0x10 [ 242.488728][ T8111] ? mm_get_unmapped_area_vmflags+0x97/0xe0 [ 242.488784][ T8111] ? vrm_set_new_addr+0x208/0x290 [ 242.488838][ T8111] __do_sys_mremap+0xe07/0x1590 [ 242.488895][ T8111] ? __pfx___do_sys_mremap+0x10/0x10 [ 242.488955][ T8111] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 242.489022][ T8111] ? __x64_sys_futex+0x1e0/0x4c0 [ 242.489091][ T8111] do_syscall_64+0xcd/0x490 [ 242.489146][ T8111] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 242.489181][ T8111] RIP: 0033:0x7f2b5518e929 [ 242.489207][ T8111] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 242.489240][ T8111] RSP: 002b:00007f2b560be038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 242.489270][ T8111] RAX: ffffffffffffffda RBX: 00007f2b553b5fa0 RCX: 00007f2b5518e929 [ 242.489292][ T8111] RDX: 0000000000000004 RSI: 0000000000000004 RDI: 0000200000001000 [ 242.489312][ T8111] RBP: 00007f2b55210b39 R08: 0000000100000000 R09: 0000000000000000 [ 242.489333][ T8111] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 242.489353][ T8111] R13: 0000000000000000 R14: 00007f2b553b5fa0 R15: 00007ffececcd848 [ 242.489406][ T8111] [ 246.299278][ T8170] usb usb8: usbfs: interface 0 claimed by hub while 'syz.3.635' sets config #0 [ 246.509977][ T8169] ptrace attach of ""[8171] was attempted by "./syz-executor exec"[8169] [ 246.867558][ T8166] capability: warning: `syz.1.634' uses 32-bit capabilities (legacy support in use) [ 248.186842][ T8196] can: request_module (can-proto-0) failed. [ 249.798562][ T8225] FAULT_INJECTION: forcing a failure. [ 249.798562][ T8225] name failslab, interval 1, probability 0, space 0, times 0 [ 249.842863][ T8225] CPU: 0 UID: 0 PID: 8225 Comm: syz.1.646 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 249.842909][ T8225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 249.842928][ T8225] Call Trace: [ 249.842939][ T8225] [ 249.842951][ T8225] dump_stack_lvl+0x16c/0x1f0 [ 249.843005][ T8225] should_fail_ex+0x512/0x640 [ 249.843053][ T8225] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 249.843108][ T8225] should_failslab+0xc2/0x120 [ 249.843139][ T8225] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 249.843205][ T8225] ? mas_alloc_nodes+0x18b/0x8b0 [ 249.843254][ T8225] mas_alloc_nodes+0x18b/0x8b0 [ 249.843307][ T8225] mas_node_count_gfp+0x105/0x130 [ 249.843355][ T8225] mas_preallocate+0x7e0/0xde0 [ 249.843397][ T8225] ? __pfx_mas_preallocate+0x10/0x10 [ 249.843445][ T8225] ? anon_vma_name+0x75/0x100 [ 249.843489][ T8225] __split_vma+0x34a/0x1070 [ 249.843542][ T8225] ? __pfx___split_vma+0x10/0x10 [ 249.843612][ T8225] ? lock_acquire+0x179/0x350 [ 249.843660][ T8225] ? do_raw_spin_lock+0x12c/0x2b0 [ 249.843721][ T8225] vms_gather_munmap_vmas+0x1c2/0x1310 [ 249.843779][ T8225] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 249.843855][ T8225] do_vmi_align_munmap+0x27c/0x7d0 [ 249.843911][ T8225] ? __pfx_do_vmi_align_munmap+0x10/0x10 [ 249.844020][ T8225] do_vmi_munmap+0x204/0x3e0 [ 249.844076][ T8225] move_vma+0xb67/0x1740 [ 249.844134][ T8225] ? __pfx_move_vma+0x10/0x10 [ 249.844189][ T8225] ? mm_get_unmapped_area_vmflags+0x97/0xe0 [ 249.844245][ T8225] ? vrm_set_new_addr+0x208/0x290 [ 249.844299][ T8225] __do_sys_mremap+0xe07/0x1590 [ 249.844355][ T8225] ? __pfx___do_sys_mremap+0x10/0x10 [ 249.844413][ T8225] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 249.844484][ T8225] ? __x64_sys_futex+0x1e0/0x4c0 [ 249.844553][ T8225] do_syscall_64+0xcd/0x490 [ 249.844629][ T8225] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 249.844663][ T8225] RIP: 0033:0x7fe71b38e929 [ 249.844690][ T8225] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 249.844722][ T8225] RSP: 002b:00007fe71c19f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 249.844753][ T8225] RAX: ffffffffffffffda RBX: 00007fe71b5b5fa0 RCX: 00007fe71b38e929 [ 249.844775][ T8225] RDX: 0000000000000004 RSI: 0000000000000004 RDI: 0000200000001000 [ 249.844796][ T8225] RBP: 00007fe71b410b39 R08: 0000000100000000 R09: 0000000000000000 [ 249.844817][ T8225] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 249.844837][ T8225] R13: 0000000000000000 R14: 00007fe71b5b5fa0 R15: 00007ffcbf3a7d48 [ 249.844880][ T8225] [ 251.357748][ T8235] netlink: zone id is out of range [ 251.441406][ T8235] netlink: zone id is out of range [ 251.682824][ T8235] netlink: zone id is out of range [ 256.000843][ T8303] ptrace attach of "./syz-executor exec"[8304] was attempted by "./syz-executor exec"[8303] [ 257.605977][ T8318] FAULT_INJECTION: forcing a failure. [ 257.605977][ T8318] name failslab, interval 1, probability 0, space 0, times 0 [ 257.668432][ T8318] CPU: 1 UID: 0 PID: 8318 Comm: syz.3.664 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 257.668467][ T8318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 257.668480][ T8318] Call Trace: [ 257.668488][ T8318] [ 257.668497][ T8318] dump_stack_lvl+0x16c/0x1f0 [ 257.668537][ T8318] should_fail_ex+0x512/0x640 [ 257.668571][ T8318] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 257.668612][ T8318] should_failslab+0xc2/0x120 [ 257.668634][ T8318] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 257.668670][ T8318] ? alloc_vmap_area+0x58e/0x29c0 [ 257.668694][ T8318] ? alloc_vmap_area+0xdc8/0x29c0 [ 257.668723][ T8318] alloc_vmap_area+0xdc8/0x29c0 [ 257.668760][ T8318] ? __pfx_alloc_vmap_area+0x10/0x10 [ 257.668793][ T8318] __get_vm_area_node+0x1ca/0x330 [ 257.668827][ T8318] __vmalloc_node_range_noprof+0x271/0x14b0 [ 257.668858][ T8318] ? kernel_clone+0xfc/0x960 [ 257.668887][ T8318] ? local_lock_release+0x99/0x140 [ 257.668919][ T8318] ? kernel_clone+0xfc/0x960 [ 257.668948][ T8318] ? rcu_read_unlock+0x17/0x60 [ 257.668976][ T8318] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 257.669017][ T8318] ? kernel_clone+0xfc/0x960 [ 257.669046][ T8318] __vmalloc_node_noprof+0xad/0xf0 [ 257.669082][ T8318] ? kernel_clone+0xfc/0x960 [ 257.669115][ T8318] copy_process+0x2c70/0x7650 [ 257.669146][ T8318] ? __pfx___futex_wait+0x10/0x10 [ 257.669191][ T8318] ? __pfx_copy_process+0x10/0x10 [ 257.669222][ T8318] ? kfree+0x24f/0x4d0 [ 257.669254][ T8318] ? __futex_hash.constprop.0+0x1e9/0x440 [ 257.669286][ T8318] kernel_clone+0xfc/0x960 [ 257.669319][ T8318] ? __pfx_kernel_clone+0x10/0x10 [ 257.669366][ T8318] __do_sys_clone+0xce/0x120 [ 257.669396][ T8318] ? __pfx___do_sys_clone+0x10/0x10 [ 257.669440][ T8318] ? xfd_validate_state+0x61/0x180 [ 257.669476][ T8318] ? __pfx_do_writev+0x10/0x10 [ 257.669516][ T8318] do_syscall_64+0xcd/0x490 [ 257.669555][ T8318] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 257.669578][ T8318] RIP: 0033:0x7fe27cd8e929 [ 257.669596][ T8318] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 257.669618][ T8318] RSP: 002b:00007fe27dc62fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 257.669640][ T8318] RAX: ffffffffffffffda RBX: 00007fe27cfb5fa0 RCX: 00007fe27cd8e929 [ 257.669655][ T8318] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000002360411 [ 257.669668][ T8318] RBP: 00007fe27ce10b39 R08: 0000000000000000 R09: 0000000000000000 [ 257.669682][ T8318] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 257.669696][ T8318] R13: 0000000000000000 R14: 00007fe27cfb5fa0 R15: 00007ffd2d3c5068 [ 257.669724][ T8318] [ 258.794836][ T8338] rtc_cmos 00:00: in use; can't configure [ 258.889059][ T8327] zswap: compressor not available [ 261.007859][ T8374] FAULT_INJECTION: forcing a failure. [ 261.007859][ T8374] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 261.093323][ T8374] CPU: 1 UID: 0 PID: 8374 Comm: syz.0.675 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 261.093356][ T8374] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 261.093369][ T8374] Call Trace: [ 261.093376][ T8374] [ 261.093385][ T8374] dump_stack_lvl+0x16c/0x1f0 [ 261.093424][ T8374] should_fail_ex+0x512/0x640 [ 261.093462][ T8374] should_fail_alloc_page+0xe7/0x130 [ 261.093487][ T8374] prepare_alloc_pages+0x3c2/0x610 [ 261.093520][ T8374] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 261.093557][ T8374] ? __pfx_native_flush_tlb_one_user+0x10/0x10 [ 261.093601][ T8374] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 261.093636][ T8374] ? mark_held_locks+0x49/0x80 [ 261.093671][ T8374] ? __lock_acquire+0x622/0x1c90 [ 261.093713][ T8374] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 261.093750][ T8374] ? policy_nodemask+0xea/0x4e0 [ 261.093774][ T8374] alloc_pages_mpol+0x1fb/0x550 [ 261.093797][ T8374] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 261.093830][ T8374] ? kvm_mmu_notifier_invalidate_range_end+0x2b1/0x500 [ 261.093874][ T8374] folio_alloc_mpol_noprof+0x36/0x2f0 [ 261.093903][ T8374] vma_alloc_folio_noprof+0xed/0x1e0 [ 261.093929][ T8374] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 261.093956][ T8374] ? rcu_read_unlock+0x2d/0xb0 [ 261.093995][ T8374] do_wp_page+0x1136/0x4f20 [ 261.094029][ T8374] ? __pfx_do_wp_page+0x10/0x10 [ 261.094057][ T8374] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 261.094104][ T8374] __handle_mm_fault+0x2223/0x5490 [ 261.094143][ T8374] ? __pfx___handle_mm_fault+0x10/0x10 [ 261.094171][ T8374] ? __pfx_mt_find+0x10/0x10 [ 261.094208][ T8374] ? find_vma+0xbf/0x140 [ 261.094230][ T8374] ? __pfx_find_vma+0x10/0x10 [ 261.094256][ T8374] handle_mm_fault+0x589/0xd10 [ 261.094287][ T8374] ? __pkru_allows_pkey+0x51/0xb0 [ 261.094321][ T8374] do_user_addr_fault+0x7a6/0x1370 [ 261.094362][ T8374] ? rcu_is_watching+0x12/0xc0 [ 261.094390][ T8374] exc_page_fault+0x5c/0xb0 [ 261.094423][ T8374] asm_exc_page_fault+0x26/0x30 [ 261.094445][ T8374] RIP: 0010:rep_stos_alternative+0x40/0x80 [ 261.094470][ T8374] Code: c9 75 f6 e9 12 1e 04 00 48 89 07 48 83 c7 08 83 e9 08 74 ef 83 f9 08 73 ef eb de 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 <48> 89 07 48 89 47 08 48 89 47 10 48 89 47 18 48 89 47 20 48 89 47 [ 261.094492][ T8374] RSP: 0018:ffffc90002e47cc8 EFLAGS: 00050206 [ 261.094510][ T8374] RAX: 0000000000000000 RBX: 000000007fffe000 RCX: 0000000000000240 [ 261.094524][ T8374] RDX: ffff888026665a00 RSI: ffffffff855c2b66 RDI: 0000200000002000 [ 261.094538][ T8374] RBP: 0000000000001000 R08: 3b8f596bbd88045d R09: 0000000000000000 [ 261.094552][ T8374] R10: 0000000000000000 R11: 0000000000000001 R12: ffff888026665a00 [ 261.094565][ T8374] R13: 00007ffffffff000 R14: ffffed1004cccb40 R15: 0000200000001240 [ 261.094589][ T8374] ? read_zero+0xc6/0x250 [ 261.094614][ T8374] read_zero+0xd6/0x250 [ 261.094637][ T8374] ? __pfx_read_zero+0x10/0x10 [ 261.094668][ T8374] vfs_read+0x1e4/0xc60 [ 261.094721][ T8374] ? __pfx_vfs_read+0x10/0x10 [ 261.094761][ T8374] ? find_held_lock+0x2b/0x80 [ 261.094794][ T8374] ? __fget_files+0x204/0x3c0 [ 261.094850][ T8374] ? __fget_files+0x20e/0x3c0 [ 261.094889][ T8374] ? __fget_files+0x180/0x3c0 [ 261.094945][ T8374] __x64_sys_pread64+0x1eb/0x250 [ 261.094991][ T8374] ? __pfx___x64_sys_pread64+0x10/0x10 [ 261.095053][ T8374] do_syscall_64+0xcd/0x490 [ 261.095106][ T8374] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 261.095136][ T8374] RIP: 0033:0x7f2b5518e929 [ 261.095160][ T8374] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 261.095188][ T8374] RSP: 002b:00007f2b5609d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 261.095215][ T8374] RAX: ffffffffffffffda RBX: 00007f2b553b6080 RCX: 00007f2b5518e929 [ 261.095235][ T8374] RDX: 0000000100000002 RSI: 0000200000000240 RDI: 0000000000000008 [ 261.095253][ T8374] RBP: 00007f2b5609d090 R08: 0000000000000000 R09: 0000000000000000 [ 261.095271][ T8374] R10: 0000000100000001 R11: 0000000000000246 R12: 0000000000000001 [ 261.095290][ T8374] R13: 0000000000000000 R14: 00007f2b553b6080 R15: 00007ffececcd848 [ 261.095332][ T8374] [ 261.944702][ T8375] FAULT_INJECTION: forcing a failure. [ 261.944702][ T8375] name failslab, interval 1, probability 0, space 0, times 0 [ 261.970404][ T8375] CPU: 1 UID: 0 PID: 8375 Comm: syz.2.676 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 261.970439][ T8375] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 261.970453][ T8375] Call Trace: [ 261.970460][ T8375] [ 261.970471][ T8375] dump_stack_lvl+0x16c/0x1f0 [ 261.970511][ T8375] should_fail_ex+0x512/0x640 [ 261.970545][ T8375] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 261.970585][ T8375] should_failslab+0xc2/0x120 [ 261.970607][ T8375] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 261.970644][ T8375] ? mas_alloc_nodes+0x18b/0x8b0 [ 261.970696][ T8375] mas_alloc_nodes+0x18b/0x8b0 [ 261.970733][ T8375] mas_node_count_gfp+0x105/0x130 [ 261.970774][ T8375] mas_preallocate+0x7e0/0xde0 [ 261.970802][ T8375] ? __pfx_mas_preallocate+0x10/0x10 [ 261.970835][ T8375] ? anon_vma_name+0x75/0x100 [ 261.970865][ T8375] __split_vma+0x34a/0x1070 [ 261.970903][ T8375] ? __pfx___split_vma+0x10/0x10 [ 261.970944][ T8375] ? lock_acquire+0x179/0x350 [ 261.970977][ T8375] ? do_raw_spin_lock+0x12c/0x2b0 [ 261.971019][ T8375] vms_gather_munmap_vmas+0x1c2/0x1310 [ 261.971059][ T8375] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 261.971111][ T8375] do_vmi_align_munmap+0x27c/0x7d0 [ 261.971150][ T8375] ? __pfx_do_vmi_align_munmap+0x10/0x10 [ 261.971225][ T8375] do_vmi_munmap+0x204/0x3e0 [ 261.971263][ T8375] move_vma+0xb67/0x1740 [ 261.971303][ T8375] ? __pfx_move_vma+0x10/0x10 [ 261.971342][ T8375] ? mm_get_unmapped_area_vmflags+0x97/0xe0 [ 261.971380][ T8375] ? vrm_set_new_addr+0x208/0x290 [ 261.971416][ T8375] __do_sys_mremap+0xe07/0x1590 [ 261.971456][ T8375] ? __pfx___do_sys_mremap+0x10/0x10 [ 261.971497][ T8375] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 261.971542][ T8375] ? __x64_sys_futex+0x1e0/0x4c0 [ 261.971590][ T8375] do_syscall_64+0xcd/0x490 [ 261.971627][ T8375] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 261.971650][ T8375] RIP: 0033:0x7f925bd8e929 [ 261.971669][ T8375] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 261.971691][ T8375] RSP: 002b:00007f925cba0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 261.971712][ T8375] RAX: ffffffffffffffda RBX: 00007f925bfb5fa0 RCX: 00007f925bd8e929 [ 261.971727][ T8375] RDX: 0000000000000004 RSI: 0000000000000004 RDI: 0000200000001000 [ 261.971741][ T8375] RBP: 00007f925be10b39 R08: 0000000100000000 R09: 0000000000000000 [ 261.971760][ T8375] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 261.971774][ T8375] R13: 0000000000000000 R14: 00007f925bfb5fa0 R15: 00007fff7b84a598 [ 261.971803][ T8375] [ 264.569807][ T8418] ptrace attach of "./syz-executor exec"[8421] was attempted by "./syz-executor exec"[8418] [ 265.346019][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 265.352652][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 267.284697][ T8454] vivid-003: ================= START STATUS ================= [ 267.295144][ T8454] vivid-003: Radio HW Seek Mode: Bounded [ 267.300941][ T8454] vivid-003: Radio Programmable HW Seek: false [ 267.307443][ T8454] vivid-003: RDS Rx I/O Mode: Block I/O [ 267.324853][ T8454] vivid-003: Generate RBDS Instead of RDS: false [ 267.334697][ T8454] vivid-003: RDS Reception: true [ 267.354638][ T8454] vivid-003: RDS Program Type: 0 inactive [ 267.433012][ T8460] netlink: Conntrack attr type has unexpected length (type=3, length=0, expected=8) [ 267.451106][ T8454] vivid-003: RDS PS Name: inactive [ 267.509093][ T8454] vivid-003: RDS Radio Text: inactive [ 267.526934][ T8454] vivid-003: RDS Traffic Announcement: false inactive [ 267.609167][ T8454] vivid-003: RDS Traffic Program: false inactive [ 267.685718][ T8454] vivid-003: RDS Music: false inactive [ 267.728841][ T8454] vivid-003: ================== END STATUS ================== [ 267.774290][ T8465] netlink: zone id is out of range [ 267.816655][ T8465] netlink: zone id is out of range [ 267.846417][ T8465] netlink: zone id is out of range [ 267.917717][ T8465] netlink: zone id is out of range [ 267.923974][ T8465] netlink: zone id is out of range [ 267.929470][ T8465] netlink: zone id is out of range [ 267.934780][ T8465] netlink: zone id is out of range [ 267.940353][ T8465] netlink: zone id is out of range [ 267.946642][ T8465] netlink: zone id is out of range [ 268.144121][ T8468] netlink: 28 bytes leftover after parsing attributes in process `syz.1.697'. [ 268.512084][ T8458] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 268.890159][ T8483] rtc_cmos 00:00: in use; can't configure [ 269.183067][ T8477] zswap: compressor not available [ 270.432591][ T8502] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 270.488003][ T8502] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 270.497387][ T8502] memcg:ffff888079407301 [ 270.501861][ T8502] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 270.510669][ T8502] page_type: f5(slab) [ 270.515346][ T8502] raw: 00fff00000000040 ffff88801ce95780 0000000000000000 dead000000000001 [ 270.524137][ T8502] raw: 0000000000000000 0000000000150015 00000000f5000000 ffff888079407301 [ 270.532958][ T8502] head: 00fff00000000040 ffff88801ce95780 0000000000000000 dead000000000001 [ 270.541926][ T8502] head: 0000000000000000 0000000000150015 00000000f5000000 ffff888079407301 [ 270.550908][ T8502] head: 00fff00000000001 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 270.560241][ T8502] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 270.589476][ T8502] page dumped because: unmovable page [ 270.599524][ T8502] page_owner tracks the page as allocated [ 270.605709][ T8502] page last allocated via order 1, migratetype Reclaimable, gfp_mask 0xd20d0(__GFP_RECLAIMABLE|__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5223, tgid 5223 (udevd), ts 63411110153, free_ts 36467779649 [ 270.644763][ T8502] post_alloc_hook+0x1c0/0x230 [ 270.665958][ T8502] get_page_from_freelist+0x1321/0x3890 [ 270.676219][ T8502] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 270.686014][ T8502] alloc_pages_mpol+0x1fb/0x550 [ 270.691726][ T8502] new_slab+0x23b/0x330 [ 270.696136][ T8502] ___slab_alloc+0xd9c/0x1940 [ 270.700894][ T8502] __slab_alloc.constprop.0+0x56/0xb0 [ 270.706538][ T8502] kmem_cache_alloc_lru_noprof+0xf4/0x3b0 [ 270.712458][ T8502] __d_alloc+0x31/0xaa0 [ 270.716866][ T8502] d_alloc+0x4a/0x1e0 [ 270.720948][ T8502] d_alloc_parallel+0xe3/0x12e0 [ 270.726228][ T8502] lookup_open.isra.0+0x665/0x1580 [ 270.731510][ T8502] path_openat+0x893/0x2cb0 [ 270.736178][ T8502] do_filp_open+0x20b/0x470 [ 270.755784][ T8502] do_sys_openat2+0x11b/0x1d0 [ 270.774667][ T8502] __x64_sys_openat+0x174/0x210 [ 270.779751][ T8502] page last free pid 1 tgid 1 stack trace: [ 270.786199][ T8502] __free_frozen_pages+0x7fe/0x1180 [ 270.791953][ T8502] free_contig_range+0x183/0x4b0 [ 270.802748][ T8502] destroy_args+0x7f6/0xa60 [ 270.815936][ T8502] debug_vm_pgtable+0x13b8/0x2d00 [ 270.826138][ T8502] do_one_initcall+0x120/0x6e0 [ 270.831127][ T8502] kernel_init_freeable+0x5c2/0x900 [ 270.837411][ T8502] kernel_init+0x1c/0x2b0 [ 270.841977][ T8502] ret_from_fork+0x5d7/0x6f0 [ 270.850303][ T8502] ret_from_fork_asm+0x1a/0x30 [ 272.896381][ T8534] sctp: [Deprecated]: syz.2.712 (pid 8534) Use of struct sctp_assoc_value in delayed_ack socket option. [ 272.896381][ T8534] Use struct sctp_sack_info instead [ 273.549776][ T8541] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 273.580264][ T8541] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 273.707282][ T8541] memcg:ffff888079407301 [ 273.717275][ T8541] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 273.776970][ T8541] page_type: f5(slab) [ 273.781047][ T8541] raw: 00fff00000000040 ffff88801ce95780 0000000000000000 dead000000000001 [ 273.824631][ T8541] raw: 0000000000000000 0000000000150015 00000000f5000000 ffff888079407301 [ 273.885908][ T8541] head: 00fff00000000040 ffff88801ce95780 0000000000000000 dead000000000001 [ 273.985901][ T8541] head: 0000000000000000 0000000000150015 00000000f5000000 ffff888079407301 [ 274.071684][ T8541] head: 00fff00000000001 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 274.118845][ T8541] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 274.184990][ T8541] page dumped because: unmovable page [ 274.211701][ T8541] page_owner tracks the page as allocated [ 274.264504][ T8541] page last allocated via order 1, migratetype Reclaimable, gfp_mask 0xd20d0(__GFP_RECLAIMABLE|__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5223, tgid 5223 (udevd), ts 63411110153, free_ts 36467779649 [ 274.426934][ T8541] post_alloc_hook+0x1c0/0x230 [ 274.443561][ T8541] get_page_from_freelist+0x1321/0x3890 [ 274.450447][ T8541] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 274.456826][ T8541] alloc_pages_mpol+0x1fb/0x550 [ 274.463061][ T8541] new_slab+0x23b/0x330 [ 274.468279][ T8541] ___slab_alloc+0xd9c/0x1940 [ 274.473339][ T8541] __slab_alloc.constprop.0+0x56/0xb0 [ 274.478935][ T8541] kmem_cache_alloc_lru_noprof+0xf4/0x3b0 [ 274.509588][ T8541] __d_alloc+0x31/0xaa0 [ 274.538746][ T8541] d_alloc+0x4a/0x1e0 [ 274.566450][ T8541] d_alloc_parallel+0xe3/0x12e0 [ 274.590670][ T8541] lookup_open.isra.0+0x665/0x1580 [ 274.602884][ T8541] path_openat+0x893/0x2cb0 [ 274.619693][ T8541] do_filp_open+0x20b/0x470 [ 274.638344][ T8541] do_sys_openat2+0x11b/0x1d0 [ 274.654191][ T8547] kexec: Could not allocate control_code_buffer [ 274.660695][ T8541] __x64_sys_openat+0x174/0x210 [ 274.673531][ T8541] page last free pid 1 tgid 1 stack trace: [ 274.688424][ T8541] __free_frozen_pages+0x7fe/0x1180 [ 274.720977][ T8541] free_contig_range+0x183/0x4b0 [ 274.763311][ T8541] destroy_args+0x7f6/0xa60 [ 274.785347][ T8541] debug_vm_pgtable+0x13b8/0x2d00 [ 274.797669][ T8541] do_one_initcall+0x120/0x6e0 [ 274.807825][ T8541] kernel_init_freeable+0x5c2/0x900 [ 274.813385][ T8541] kernel_init+0x1c/0x2b0 [ 274.818191][ T8541] ret_from_fork+0x5d7/0x6f0 [ 274.832284][ T8541] ret_from_fork_asm+0x1a/0x30 [ 274.843755][ T8552] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 274.856457][ T8552] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 274.890712][ T8552] memcg:ffff888079407301 [ 274.896924][ T8552] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 274.940143][ T8552] page_type: f5(slab) [ 274.944392][ T8552] raw: 00fff00000000040 ffff88801ce95780 0000000000000000 dead000000000001 [ 274.990738][ T8552] raw: 0000000000000000 0000000000150015 00000000f5000000 ffff888079407301 [ 274.999679][ T8552] head: 00fff00000000040 ffff88801ce95780 0000000000000000 dead000000000001 [ 275.011654][ T8552] head: 0000000000000000 0000000000150015 00000000f5000000 ffff888079407301 [ 275.020849][ T8552] head: 00fff00000000001 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 275.033568][ T8552] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 275.043331][ T8552] page dumped because: unmovable page [ 275.050357][ T8552] page_owner tracks the page as allocated [ 275.060243][ T8552] page last allocated via order 1, migratetype Reclaimable, gfp_mask 0xd20d0(__GFP_RECLAIMABLE|__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5223, tgid 5223 (udevd), ts 63411110153, free_ts 36467779649 [ 275.117291][ T8552] post_alloc_hook+0x1c0/0x230 [ 275.127271][ T8552] get_page_from_freelist+0x1321/0x3890 [ 275.137381][ T8552] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 275.147482][ T8552] alloc_pages_mpol+0x1fb/0x550 [ 275.157586][ T8552] new_slab+0x23b/0x330 [ 275.167683][ T8552] ___slab_alloc+0xd9c/0x1940 [ 275.176666][ T8552] __slab_alloc.constprop.0+0x56/0xb0 [ 275.192638][ T8552] kmem_cache_alloc_lru_noprof+0xf4/0x3b0 [ 275.208898][ T8552] __d_alloc+0x31/0xaa0 [ 275.219546][ T8552] d_alloc+0x4a/0x1e0 [ 275.231949][ T8552] d_alloc_parallel+0xe3/0x12e0 [ 275.242466][ T8552] lookup_open.isra.0+0x665/0x1580 [ 275.264115][ T8552] path_openat+0x893/0x2cb0 [ 275.279155][ T8552] do_filp_open+0x20b/0x470 [ 275.283796][ T8552] do_sys_openat2+0x11b/0x1d0 [ 275.318533][ T8552] __x64_sys_openat+0x174/0x210 [ 275.325433][ T8552] page last free pid 1 tgid 1 stack trace: [ 275.332155][ T8552] __free_frozen_pages+0x7fe/0x1180 [ 275.337933][ T8552] free_contig_range+0x183/0x4b0 [ 275.343132][ T8552] destroy_args+0x7f6/0xa60 [ 275.347710][ T8552] debug_vm_pgtable+0x13b8/0x2d00 [ 275.353390][ T8552] do_one_initcall+0x120/0x6e0 [ 275.363127][ T8552] kernel_init_freeable+0x5c2/0x900 [ 275.370891][ T8552] kernel_init+0x1c/0x2b0 [ 275.376039][ T8552] ret_from_fork+0x5d7/0x6f0 [ 275.387156][ T8561] FAULT_INJECTION: forcing a failure. [ 275.387156][ T8561] name fail_futex, interval 1, probability 0, space 0, times 1 [ 275.408256][ T8552] ret_from_fork_asm+0x1a/0x30 [ 275.435695][ T8561] CPU: 1 UID: 7 PID: 8561 Comm: syz.3.719 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 275.435753][ T8561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 275.435775][ T8561] Call Trace: [ 275.435785][ T8561] [ 275.435799][ T8561] dump_stack_lvl+0x16c/0x1f0 [ 275.435854][ T8561] should_fail_ex+0x512/0x640 [ 275.435923][ T8561] get_futex_key+0x1d0/0x1540 [ 275.435968][ T8561] ? __pfx_get_futex_key+0x10/0x10 [ 275.436006][ T8561] ? stack_trace_save+0x8e/0xc0 [ 275.436044][ T8561] ? __pfx_stack_trace_save+0x10/0x10 [ 275.436081][ T8561] ? stack_depot_save_flags+0x28/0xa40 [ 275.436140][ T8561] futex_wait_setup+0x84/0x510 [ 275.436198][ T8561] __futex_wait+0x194/0x2f0 [ 275.436246][ T8561] ? __pfx___futex_wait+0x10/0x10 [ 275.436301][ T8561] ? __pfx_futex_wake_mark+0x10/0x10 [ 275.436364][ T8561] ? __futex_hash.constprop.0+0x1e9/0x440 [ 275.436406][ T8561] futex_wait+0xe8/0x380 [ 275.436450][ T8561] ? __pfx_futex_wait+0x10/0x10 [ 275.436533][ T8561] ? kmem_cache_free+0x2d1/0x4d0 [ 275.436581][ T8561] ? find_held_lock+0x2b/0x80 [ 275.436613][ T8561] ? putname+0x154/0x1a0 [ 275.436645][ T8561] ? do_sys_openat2+0x1b0/0x1d0 [ 275.436688][ T8561] do_futex+0x229/0x350 [ 275.436737][ T8561] ? __pfx_do_futex+0x10/0x10 [ 275.436791][ T8561] __x64_sys_futex+0x1e0/0x4c0 [ 275.436836][ T8561] ? __x64_sys_openat+0x174/0x210 [ 275.436876][ T8561] ? __pfx___x64_sys_futex+0x10/0x10 [ 275.436934][ T8561] do_syscall_64+0xcd/0x490 [ 275.436987][ T8561] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 275.437020][ T8561] RIP: 0033:0x7fe27cd8e929 [ 275.437047][ T8561] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 275.437080][ T8561] RSP: 002b:00007fe27dc630e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 275.437111][ T8561] RAX: ffffffffffffffda RBX: 00007fe27cfb5fa8 RCX: 00007fe27cd8e929 [ 275.437134][ T8561] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fe27cfb5fa8 [ 275.437156][ T8561] RBP: 00007fe27cfb5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 275.437177][ T8561] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe27cfb5fac [ 275.437198][ T8561] R13: 0000000000000000 R14: 00007ffd2d3c4f80 R15: 00007ffd2d3c5068 [ 275.437242][ T8561] [ 277.565044][ T8593] netlink: 28 bytes leftover after parsing attributes in process `syz.0.725'. [ 277.607252][ T8593] bridge_slave_1: left allmulticast mode [ 277.612938][ T8593] bridge_slave_1: left promiscuous mode [ 277.687745][ T8593] bridge0: port 2(bridge_slave_1) entered disabled state [ 278.002159][ T8593] bridge_slave_0: left allmulticast mode [ 278.033163][ T8593] bridge_slave_0: left promiscuous mode [ 278.084897][ T8593] bridge0: port 1(bridge_slave_0) entered disabled state [ 278.847332][ T8605] futex_wake_op: syz.1.726 tries to shift op by -2048; fix this program [ 278.910640][ T8605] futex_wake_op: syz.1.726 tries to shift op by -2048; fix this program [ 279.532445][ T8615] ======================================================= [ 279.532445][ T8615] WARNING: The mand mount option has been deprecated and [ 279.532445][ T8615] and is ignored by this kernel. Remove the mand [ 279.532445][ T8615] option from the mount to silence this warning. [ 279.532445][ T8615] ======================================================= [ 281.637128][ T8607] syz.0.727 (8607) used greatest stack depth: 19784 bytes left [ 282.633557][ T8641] ptrace attach of "./syz-executor exec"[8642] was attempted by "./syz-executor exec"[8641] [ 283.009273][ T30] audit: type=1326 audit(1752581267.945:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8643 comm="syz.2.736" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f925bd8e929 code=0x0 [ 283.906006][ T8661] FAULT_INJECTION: forcing a failure. [ 283.906006][ T8661] name failslab, interval 1, probability 0, space 0, times 0 [ 283.920352][ T8661] CPU: 1 UID: 0 PID: 8661 Comm: syz.0.738 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 283.920409][ T8661] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 283.920431][ T8661] Call Trace: [ 283.920443][ T8661] [ 283.920456][ T8661] dump_stack_lvl+0x16c/0x1f0 [ 283.920517][ T8661] should_fail_ex+0x512/0x640 [ 283.920567][ T8661] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 283.920623][ T8661] should_failslab+0xc2/0x120 [ 283.920658][ T8661] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 283.920711][ T8661] ? mas_alloc_nodes+0x18b/0x8b0 [ 283.920763][ T8661] mas_alloc_nodes+0x18b/0x8b0 [ 283.920818][ T8661] mas_node_count_gfp+0x105/0x130 [ 283.920867][ T8661] mas_preallocate+0x7e0/0xde0 [ 283.920907][ T8661] ? __pfx_mas_preallocate+0x10/0x10 [ 283.920956][ T8661] ? anon_vma_name+0x75/0x100 [ 283.920999][ T8661] __split_vma+0x34a/0x1070 [ 283.921053][ T8661] ? __pfx___split_vma+0x10/0x10 [ 283.921112][ T8661] ? lock_acquire+0x179/0x350 [ 283.921160][ T8661] ? do_raw_spin_lock+0x12c/0x2b0 [ 283.921220][ T8661] vms_gather_munmap_vmas+0x1c2/0x1310 [ 283.921279][ T8661] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 283.921355][ T8661] do_vmi_align_munmap+0x27c/0x7d0 [ 283.921422][ T8661] ? __pfx_do_vmi_align_munmap+0x10/0x10 [ 283.921531][ T8661] do_vmi_munmap+0x204/0x3e0 [ 283.921588][ T8661] move_vma+0xb67/0x1740 [ 283.921656][ T8661] ? __pfx_move_vma+0x10/0x10 [ 283.921710][ T8661] ? mm_get_unmapped_area_vmflags+0x97/0xe0 [ 283.921781][ T8661] ? vrm_set_new_addr+0x208/0x290 [ 283.921832][ T8661] __do_sys_mremap+0xe07/0x1590 [ 283.921888][ T8661] ? __pfx___do_sys_mremap+0x10/0x10 [ 283.921947][ T8661] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 283.922013][ T8661] ? __x64_sys_futex+0x1e0/0x4c0 [ 283.922082][ T8661] do_syscall_64+0xcd/0x490 [ 283.922136][ T8661] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 283.922171][ T8661] RIP: 0033:0x7f2b5518e929 [ 283.922198][ T8661] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 283.922231][ T8661] RSP: 002b:00007f2b560be038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 283.922262][ T8661] RAX: ffffffffffffffda RBX: 00007f2b553b5fa0 RCX: 00007f2b5518e929 [ 283.922284][ T8661] RDX: 0000000000000004 RSI: 0000000000000004 RDI: 0000200000001000 [ 283.922306][ T8661] RBP: 00007f2b55210b39 R08: 0000000100000000 R09: 0000000000000000 [ 283.922326][ T8661] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 283.922347][ T8661] R13: 0000000000000000 R14: 00007f2b553b5fa0 R15: 00007ffececcd848 [ 283.922397][ T8661] [ 284.722894][ T8670] Invalid ELF header magic: != ELF [ 285.941065][ T8685] FAULT_INJECTION: forcing a failure. [ 285.941065][ T8685] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 286.014896][ T8685] CPU: 0 UID: 0 PID: 8685 Comm: syz.3.743 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 286.014938][ T8685] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 286.014952][ T8685] Call Trace: [ 286.014959][ T8685] [ 286.014968][ T8685] dump_stack_lvl+0x16c/0x1f0 [ 286.015010][ T8685] should_fail_ex+0x512/0x640 [ 286.015047][ T8685] should_fail_alloc_page+0xe7/0x130 [ 286.015072][ T8685] prepare_alloc_pages+0x3c2/0x610 [ 286.015105][ T8685] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 286.015142][ T8685] ? do_user_addr_fault+0x843/0x1370 [ 286.015183][ T8685] ? irqentry_exit+0x3b/0x90 [ 286.015214][ T8685] ? lockdep_hardirqs_on+0x7c/0x110 [ 286.015253][ T8685] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 286.015300][ T8685] ? rep_movs_alternative+0x4a/0x90 [ 286.015328][ T8685] ? _copy_from_iter+0x15d/0x16f0 [ 286.015366][ T8685] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 286.015404][ T8685] ? policy_nodemask+0xea/0x4e0 [ 286.015428][ T8685] alloc_pages_mpol+0x1fb/0x550 [ 286.015451][ T8685] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 286.015482][ T8685] alloc_pages_noprof+0x131/0x390 [ 286.015506][ T8685] anon_pipe_write+0xbc2/0x1a70 [ 286.015553][ T8685] ? __pfx_anon_pipe_write+0x10/0x10 [ 286.015590][ T8685] ? __pfx_aa_file_perm+0x10/0x10 [ 286.015620][ T8685] ? rcu_is_watching+0x12/0xc0 [ 286.015645][ T8685] ? trace_kmalloc+0x2b/0xd0 [ 286.015667][ T8685] ? __kmalloc_noprof+0x242/0x510 [ 286.015701][ T8685] ? find_held_lock+0x2b/0x80 [ 286.015724][ T8685] ? copy_iovec_from_user+0x131/0x170 [ 286.015761][ T8685] do_iter_readv_writev+0x657/0x950 [ 286.015796][ T8685] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 286.015832][ T8685] ? bpf_lsm_file_permission+0x9/0x10 [ 286.015862][ T8685] ? security_file_permission+0x71/0x210 [ 286.015894][ T8685] ? rw_verify_area+0xcf/0x680 [ 286.015926][ T8685] vfs_writev+0x35f/0xde0 [ 286.015979][ T8685] ? __pfx_vfs_writev+0x10/0x10 [ 286.016052][ T8685] ? __fget_files+0x20e/0x3c0 [ 286.016092][ T8685] ? do_writev+0x28c/0x340 [ 286.016121][ T8685] do_writev+0x28c/0x340 [ 286.016152][ T8685] ? __pfx_do_writev+0x10/0x10 [ 286.016183][ T8685] ? ksys_write+0x1ac/0x250 [ 286.016215][ T8685] ? __pfx_ksys_write+0x10/0x10 [ 286.016260][ T8685] __x64_sys_pwritev2+0x11f/0x160 [ 286.016299][ T8685] do_syscall_64+0xcd/0x490 [ 286.016336][ T8685] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 286.016360][ T8685] RIP: 0033:0x7fe27cd8e929 [ 286.016378][ T8685] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 286.016400][ T8685] RSP: 002b:00007fe27dc63038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148 [ 286.016422][ T8685] RAX: ffffffffffffffda RBX: 00007fe27cfb5fa0 RCX: 00007fe27cd8e929 [ 286.016438][ T8685] RDX: 000000000000000e RSI: 00002000000003c0 RDI: 0000000000000000 [ 286.016452][ T8685] RBP: 00007fe27dc63090 R08: 0000000100004239 R09: 000000000000000f [ 286.016466][ T8685] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001 [ 286.016480][ T8685] R13: 0000000000000001 R14: 00007fe27cfb5fa0 R15: 00007ffd2d3c5068 [ 286.016509][ T8685] [ 286.328345][ C0] vkms_vblank_simulate: vblank timer overrun [ 287.490828][ T8692] zswap: compressor not available [ 287.953334][ C1] vcan0: j1939_tp_rxtimer: 0xffff888034797c00: rx timeout, send abort [ 288.135838][ T8705] ptrace attach of "./syz-executor exec"[8708] was attempted by "./syz-executor exec"[8705] [ 288.375923][ T8707] ptrace attach of ""[8709] was attempted by "./syz-executor exec"[8707] [ 288.460040][ C1] vcan0: j1939_tp_rxtimer: 0xffff888034797c00: abort rx timeout. Force session deactivation [ 289.859241][ T8720] netlink: 28 bytes leftover after parsing attributes in process `syz.0.751'. [ 291.282176][ T8743] ptrace attach of "./syz-executor exec"[8747] was attempted by "./syz-executor exec"[8743] [ 292.768685][ T8755] zswap: compressor not available [ 294.419928][ T30] audit: type=1804 audit(1752581279.425:25): pid=8778 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.761" name="/newroot/188/file0" dev="tmpfs" ino=988 res=1 errno=0 [ 294.472864][ T30] audit: type=1800 audit(1752581279.445:26): pid=8778 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.761" name="file0" dev="tmpfs" ino=988 res=0 errno=0 [ 296.257312][ C0] vcan0: j1939_tp_rxtimer: 0xffff88802a765c00: rx timeout, send abort [ 296.763120][ C0] vcan0: j1939_tp_rxtimer: 0xffff88802a765c00: abort rx timeout. Force session deactivation [ 297.206494][ T8821] netlink: 28 bytes leftover after parsing attributes in process `syz.0.771'. [ 297.437146][ T8829] FAULT_INJECTION: forcing a failure. [ 297.437146][ T8829] name failslab, interval 1, probability 0, space 0, times 0 [ 297.450580][ T8829] CPU: 0 UID: 0 PID: 8829 Comm: syz.0.774 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 297.450626][ T8829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 297.450646][ T8829] Call Trace: [ 297.450657][ T8829] [ 297.450669][ T8829] dump_stack_lvl+0x16c/0x1f0 [ 297.450725][ T8829] should_fail_ex+0x512/0x640 [ 297.450773][ T8829] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 297.450829][ T8829] should_failslab+0xc2/0x120 [ 297.450861][ T8829] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 297.450914][ T8829] ? vm_area_dup+0x27/0x8d0 [ 297.450965][ T8829] vm_area_dup+0x27/0x8d0 [ 297.451014][ T8829] __split_vma+0x18e/0x1070 [ 297.451063][ T8829] ? __lock_acquire+0xb8a/0x1c90 [ 297.451112][ T8829] ? __pfx___split_vma+0x10/0x10 [ 297.451187][ T8829] ? lock_acquire+0x179/0x350 [ 297.451235][ T8829] ? do_raw_spin_lock+0x12c/0x2b0 [ 297.451301][ T8829] vms_gather_munmap_vmas+0x1c2/0x1310 [ 297.451359][ T8829] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 297.451436][ T8829] do_vmi_align_munmap+0x27c/0x7d0 [ 297.451491][ T8829] ? __pfx_do_vmi_align_munmap+0x10/0x10 [ 297.451599][ T8829] do_vmi_munmap+0x204/0x3e0 [ 297.451656][ T8829] move_vma+0xb67/0x1740 [ 297.451715][ T8829] ? __pfx_move_vma+0x10/0x10 [ 297.451770][ T8829] ? mm_get_unmapped_area_vmflags+0x97/0xe0 [ 297.451825][ T8829] ? vrm_set_new_addr+0x208/0x290 [ 297.451877][ T8829] __do_sys_mremap+0xe07/0x1590 [ 297.451933][ T8829] ? __pfx___do_sys_mremap+0x10/0x10 [ 297.451992][ T8829] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 297.452060][ T8829] ? __x64_sys_futex+0x1e0/0x4c0 [ 297.452128][ T8829] do_syscall_64+0xcd/0x490 [ 297.452189][ T8829] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 297.452223][ T8829] RIP: 0033:0x7f2b5518e929 [ 297.452249][ T8829] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 297.452282][ T8829] RSP: 002b:00007f2b560be038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 297.452314][ T8829] RAX: ffffffffffffffda RBX: 00007f2b553b5fa0 RCX: 00007f2b5518e929 [ 297.452348][ T8829] RDX: 0000000000000004 RSI: 0000000000000004 RDI: 0000200000001000 [ 297.452368][ T8829] RBP: 00007f2b55210b39 R08: 0000000100000000 R09: 0000000000000000 [ 297.452390][ T8829] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 297.452409][ T8829] R13: 0000000000000000 R14: 00007f2b553b5fa0 R15: 00007ffececcd848 [ 297.452483][ T8829] [ 297.761924][ T8824] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 298.160628][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805b8b2800: rx timeout, send abort [ 298.426921][ T8843] FAULT_INJECTION: forcing a failure. [ 298.426921][ T8843] name failslab, interval 1, probability 0, space 0, times 0 [ 298.449308][ T8843] CPU: 1 UID: 0 PID: 8843 Comm: syz.3.778 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 298.449359][ T8843] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 298.449377][ T8843] Call Trace: [ 298.449387][ T8843] [ 298.449399][ T8843] dump_stack_lvl+0x16c/0x1f0 [ 298.449451][ T8843] should_fail_ex+0x512/0x640 [ 298.449494][ T8843] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 298.449545][ T8843] should_failslab+0xc2/0x120 [ 298.449575][ T8843] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 298.449621][ T8843] ? vm_area_dup+0x27/0x8d0 [ 298.449667][ T8843] vm_area_dup+0x27/0x8d0 [ 298.449712][ T8843] __split_vma+0x18e/0x1070 [ 298.449757][ T8843] ? __lock_acquire+0xb8a/0x1c90 [ 298.449801][ T8843] ? __pfx___split_vma+0x10/0x10 [ 298.449853][ T8843] ? lock_acquire+0x179/0x350 [ 298.449896][ T8843] ? do_raw_spin_lock+0x12c/0x2b0 [ 298.449950][ T8843] vms_gather_munmap_vmas+0x1c2/0x1310 [ 298.450009][ T8843] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 298.450078][ T8843] do_vmi_align_munmap+0x27c/0x7d0 [ 298.450130][ T8843] ? __pfx_do_vmi_align_munmap+0x10/0x10 [ 298.450229][ T8843] do_vmi_munmap+0x204/0x3e0 [ 298.450278][ T8843] move_vma+0xb67/0x1740 [ 298.450330][ T8843] ? __pfx_move_vma+0x10/0x10 [ 298.450388][ T8843] ? mm_get_unmapped_area_vmflags+0x97/0xe0 [ 298.450438][ T8843] ? vrm_set_new_addr+0x208/0x290 [ 298.450491][ T8843] __do_sys_mremap+0xe07/0x1590 [ 298.450562][ T8843] ? __pfx___do_sys_mremap+0x10/0x10 [ 298.450617][ T8843] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 298.450680][ T8843] ? __x64_sys_futex+0x1e0/0x4c0 [ 298.450744][ T8843] do_syscall_64+0xcd/0x490 [ 298.450795][ T8843] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 298.450827][ T8843] RIP: 0033:0x7fe27cd8e929 [ 298.450852][ T8843] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 298.450883][ T8843] RSP: 002b:00007fe27dc63038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 298.450912][ T8843] RAX: ffffffffffffffda RBX: 00007fe27cfb5fa0 RCX: 00007fe27cd8e929 [ 298.450932][ T8843] RDX: 0000000000000004 RSI: 0000000000000004 RDI: 0000200000001000 [ 298.450952][ T8843] RBP: 00007fe27ce10b39 R08: 0000000100000000 R09: 0000000000000000 [ 298.450972][ T8843] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 298.450991][ T8843] R13: 0000000000000000 R14: 00007fe27cfb5fa0 R15: 00007ffd2d3c5068 [ 298.451032][ T8843] [ 298.666346][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805b8b2800: abort rx timeout. Force session deactivation [ 298.811029][ T8848] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff8880780005e0 pfn:0x78000 [ 298.862850][ T8848] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 298.928366][ T8848] memcg:ffff888079407301 [ 299.044806][ T8848] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff) [ 299.095219][ T8848] page_type: f5(slab) [ 299.115840][ T8848] raw: 00fff00000000240 ffff88801ce95780 ffffea00016f8690 ffffea0001e9c410 [ 299.274454][ T8848] raw: ffff8880780005e0 0000000000150012 00000000f5000000 ffff888079407301 [ 299.305596][ T8848] head: 00fff00000000240 ffff88801ce95780 ffffea00016f8690 ffffea0001e9c410 [ 299.472387][ T8848] head: ffff8880780005e0 0000000000150012 00000000f5000000 ffff888079407301 [ 299.565134][ T8848] head: 00fff00000000001 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 299.668009][ T8848] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 299.676906][ T8848] page dumped because: unmovable page [ 299.682420][ T8848] page_owner tracks the page as allocated [ 299.688195][ T8848] page last allocated via order 1, migratetype Reclaimable, gfp_mask 0xd20d0(__GFP_RECLAIMABLE|__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5223, tgid 5223 (udevd), ts 63411110153, free_ts 36467779649 [ 299.712447][ T8848] post_alloc_hook+0x1c0/0x230 [ 299.717315][ T8848] get_page_from_freelist+0x1321/0x3890 [ 299.723026][ T8848] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 299.729004][ T8848] alloc_pages_mpol+0x1fb/0x550 [ 299.733960][ T8848] new_slab+0x23b/0x330 [ 299.738275][ T8848] ___slab_alloc+0xd9c/0x1940 [ 299.765836][ T8848] __slab_alloc.constprop.0+0x56/0xb0 [ 299.771369][ T8848] kmem_cache_alloc_lru_noprof+0xf4/0x3b0 [ 299.778375][ T8853] zswap: compressor not available [ 299.805095][ T8848] __d_alloc+0x31/0xaa0 [ 299.810561][ T8848] d_alloc+0x4a/0x1e0 [ 299.814852][ T8848] d_alloc_parallel+0xe3/0x12e0 [ 299.819877][ T8848] lookup_open.isra.0+0x665/0x1580 [ 299.825248][ T8848] path_openat+0x893/0x2cb0 [ 299.830055][ T8848] do_filp_open+0x20b/0x470 [ 299.834765][ T8848] do_sys_openat2+0x11b/0x1d0 [ 299.839607][ T8848] __x64_sys_openat+0x174/0x210 [ 299.844737][ T8848] page last free pid 1 tgid 1 stack trace: [ 299.850695][ T8848] __free_frozen_pages+0x7fe/0x1180 [ 299.856189][ T8848] free_contig_range+0x183/0x4b0 [ 299.866373][ T8848] destroy_args+0x7f6/0xa60 [ 299.870988][ T8848] debug_vm_pgtable+0x13b8/0x2d00 [ 299.876294][ T8848] do_one_initcall+0x120/0x6e0 [ 299.891162][ T8848] kernel_init_freeable+0x5c2/0x900 [ 299.947254][ T8848] kernel_init+0x1c/0x2b0 [ 299.976341][ T8848] ret_from_fork+0x5d7/0x6f0 [ 300.010206][ T8848] ret_from_fork_asm+0x1a/0x30 [ 300.660169][ T8882] netlink: 'syz.1.785': attribute type 1 has an invalid length. [ 301.433744][ T8884] random: crng reseeded on system resumption [ 301.534919][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805b50d800: rx timeout, send abort [ 302.040750][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805b50d800: abort rx timeout. Force session deactivation [ 302.892872][ T8908] ptrace attach of "./syz-executor exec"[8911] was attempted by "./syz-executor exec"[8908] [ 303.393394][ T8906] zswap: compressor not available [ 303.942311][ T8892] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 304.822964][ T8934] netlink: 28 bytes leftover after parsing attributes in process `syz.1.795'. [ 304.976342][ T8935] netlink: 338 bytes leftover after parsing attributes in process `syz.3.794'. [ 305.680484][ T8952] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input7 [ 306.133520][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805bbe1000: rx timeout, send abort [ 306.639244][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805bbe1000: abort rx timeout. Force session deactivation [ 307.136095][ T8980] netlink: 342 bytes leftover after parsing attributes in process `syz.3.807'. [ 307.152220][ T8980] netlink: 218 bytes leftover after parsing attributes in process `syz.3.807'. [ 307.462933][ T8986] random: crng reseeded on system resumption [ 307.570453][ T8984] FAULT_INJECTION: forcing a failure. [ 307.570453][ T8984] name failslab, interval 1, probability 0, space 0, times 0 [ 307.593546][ T8984] CPU: 0 UID: 0 PID: 8984 Comm: syz.1.808 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 307.593593][ T8984] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 307.593613][ T8984] Call Trace: [ 307.593624][ T8984] [ 307.593638][ T8984] dump_stack_lvl+0x16c/0x1f0 [ 307.593678][ T8984] should_fail_ex+0x512/0x640 [ 307.593712][ T8984] ? fs_reclaim_acquire+0xae/0x150 [ 307.593742][ T8984] should_failslab+0xc2/0x120 [ 307.593765][ T8984] __kmalloc_cache_noprof+0x6a/0x3e0 [ 307.593797][ T8984] ? tomoyo_open_control+0x415/0xa30 [ 307.593838][ T8984] tomoyo_open_control+0x415/0xa30 [ 307.593879][ T8984] do_dentry_open+0x744/0x1c10 [ 307.593915][ T8984] ? __pfx_tomoyo_open+0x10/0x10 [ 307.593953][ T8984] vfs_open+0x82/0x3f0 [ 307.593980][ T8984] path_openat+0x1de4/0x2cb0 [ 307.594023][ T8984] ? __pfx_path_openat+0x10/0x10 [ 307.594058][ T8984] ? __lock_acquire+0xb8a/0x1c90 [ 307.594092][ T8984] do_filp_open+0x20b/0x470 [ 307.594126][ T8984] ? __pfx_do_filp_open+0x10/0x10 [ 307.594179][ T8984] ? alloc_fd+0x471/0x7d0 [ 307.594218][ T8984] do_sys_openat2+0x11b/0x1d0 [ 307.594243][ T8984] ? __pfx_do_sys_openat2+0x10/0x10 [ 307.594279][ T8984] __x64_sys_openat+0x174/0x210 [ 307.594306][ T8984] ? __pfx___x64_sys_openat+0x10/0x10 [ 307.594343][ T8984] do_syscall_64+0xcd/0x490 [ 307.594380][ T8984] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 307.594403][ T8984] RIP: 0033:0x7fe71b38e929 [ 307.594421][ T8984] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 307.594444][ T8984] RSP: 002b:00007fe71c19f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 307.594465][ T8984] RAX: ffffffffffffffda RBX: 00007fe71b5b5fa0 RCX: 00007fe71b38e929 [ 307.594480][ T8984] RDX: 00000000000c0802 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 307.594494][ T8984] RBP: 00007fe71b410b39 R08: 0000000000000000 R09: 0000000000000000 [ 307.594508][ T8984] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 307.594528][ T8984] R13: 0000000000000000 R14: 00007fe71b5b5fa0 R15: 00007ffcbf3a7d48 [ 307.594556][ T8984] [ 308.511542][ T8998] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input8 [ 309.954861][ T9029] netlink: 28 bytes leftover after parsing attributes in process `syz.2.818'. [ 310.002440][ T9017] zswap: compressor not available [ 310.407938][ T9036] FAULT_INJECTION: forcing a failure. [ 310.407938][ T9036] name failslab, interval 1, probability 0, space 0, times 0 [ 310.437619][ T9036] CPU: 1 UID: 0 PID: 9036 Comm: syz.0.819 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 310.437652][ T9036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 310.437666][ T9036] Call Trace: [ 310.437674][ T9036] [ 310.437682][ T9036] dump_stack_lvl+0x16c/0x1f0 [ 310.437722][ T9036] should_fail_ex+0x512/0x640 [ 310.437755][ T9036] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 310.437793][ T9036] should_failslab+0xc2/0x120 [ 310.437815][ T9036] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 310.437850][ T9036] ? getname_flags.part.0+0x4c/0x550 [ 310.437879][ T9036] getname_flags.part.0+0x4c/0x550 [ 310.437908][ T9036] getname_flags+0x93/0xf0 [ 310.437938][ T9036] user_path_at+0x24/0x60 [ 310.437970][ T9036] do_utimes+0x102/0x2a0 [ 310.438005][ T9036] ? __pfx_do_utimes+0x10/0x10 [ 310.438037][ T9036] ? __pfx_get_timespec64+0x10/0x10 [ 310.438068][ T9036] ? __fget_files+0x20e/0x3c0 [ 310.438104][ T9036] __x64_sys_utimensat+0x1c6/0x290 [ 310.438141][ T9036] ? __pfx___x64_sys_utimensat+0x10/0x10 [ 310.438176][ T9036] ? ksys_write+0x1ac/0x250 [ 310.438218][ T9036] do_syscall_64+0xcd/0x490 [ 310.438254][ T9036] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 310.438277][ T9036] RIP: 0033:0x7f2b5518e929 [ 310.438295][ T9036] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 310.438317][ T9036] RSP: 002b:00007f2b560be038 EFLAGS: 00000246 ORIG_RAX: 0000000000000118 [ 310.438351][ T9036] RAX: ffffffffffffffda RBX: 00007f2b553b5fa0 RCX: 00007f2b5518e929 [ 310.438366][ T9036] RDX: 0000200000001cc0 RSI: 0000200000000040 RDI: 0000000000000003 [ 310.438380][ T9036] RBP: 00007f2b560be090 R08: 0000000000000000 R09: 0000000000000000 [ 310.438394][ T9036] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000001 [ 310.438407][ T9036] R13: 0000000000000000 R14: 00007f2b553b5fa0 R15: 00007ffececcd848 [ 310.438434][ T9036] [ 310.639083][ C1] vkms_vblank_simulate: vblank timer overrun [ 311.287883][ T30] audit: type=1804 audit(1752646833.379:27): pid=9042 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.822" name="/newroot/213/file0" dev="tmpfs" ino=1120 res=1 errno=0 [ 311.309387][ T30] audit: type=1800 audit(1752646833.379:28): pid=9042 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.822" name="file0" dev="tmpfs" ino=1120 res=0 errno=0 [ 311.446882][ T9014] ima: policy update failed [ 311.538712][ T30] audit: type=1802 audit(1752646833.549:29): pid=9014 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.814" res=0 errno=0 [ 311.929293][ T9059] ptrace attach of "./syz-executor exec"[9060] was attempted by "./syz-executor exec"[9059] [ 313.293034][ T9073] netlink: 28 bytes leftover after parsing attributes in process `syz.1.828'. [ 313.491487][ T9078] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(8) [ 314.476961][ T9082] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 314.504445][ T9082] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 314.567258][ T9082] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 314.573439][ T9082] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 315.421171][ T9106] FAULT_INJECTION: forcing a failure. [ 315.421171][ T9106] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 315.536631][ T9106] CPU: 0 UID: 0 PID: 9106 Comm: syz.1.833 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 315.536675][ T9106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 315.536694][ T9106] Call Trace: [ 315.536704][ T9106] [ 315.536717][ T9106] dump_stack_lvl+0x16c/0x1f0 [ 315.536771][ T9106] should_fail_ex+0x512/0x640 [ 315.536824][ T9106] _copy_from_user+0x2e/0xd0 [ 315.536876][ T9106] do_sys_poll+0x1d5/0xdf0 [ 315.536920][ T9106] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 315.536971][ T9106] ? kernel_text_address+0x8d/0x100 [ 315.537002][ T9106] ? __kernel_text_address+0xd/0x40 [ 315.537035][ T9106] ? __pfx_do_sys_poll+0x10/0x10 [ 315.537122][ T9106] ? find_held_lock+0x2b/0x80 [ 315.537232][ T9106] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 315.537288][ T9106] ? set_user_sigmask+0x21b/0x2b0 [ 315.537320][ T9106] ? __pfx_set_user_sigmask+0x10/0x10 [ 315.537354][ T9106] ? __fget_files+0x20e/0x3c0 [ 315.537405][ T9106] __x64_sys_ppoll+0x254/0x2d0 [ 315.537452][ T9106] ? __pfx___x64_sys_ppoll+0x10/0x10 [ 315.537494][ T9106] ? ksys_write+0x1ac/0x250 [ 315.537537][ T9106] ? __pfx_ksys_write+0x10/0x10 [ 315.537596][ T9106] do_syscall_64+0xcd/0x490 [ 315.537648][ T9106] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 315.537681][ T9106] RIP: 0033:0x7fe71b38e929 [ 315.537706][ T9106] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 315.537738][ T9106] RSP: 002b:00007fe71c15d038 EFLAGS: 00000246 ORIG_RAX: 000000000000010f [ 315.537769][ T9106] RAX: ffffffffffffffda RBX: 00007fe71b5b6160 RCX: 00007fe71b38e929 [ 315.537791][ T9106] RDX: 0000000000000000 RSI: 000000000000007f RDI: 0000200000000140 [ 315.537811][ T9106] RBP: 00007fe71c15d090 R08: 0000000000000008 R09: 0000000000000000 [ 315.537831][ T9106] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 315.537850][ T9106] R13: 0000000000000000 R14: 00007fe71b5b6160 R15: 00007ffcbf3a7d48 [ 315.537892][ T9106] [ 315.739003][ T5860] Bluetooth: hci0: command 0x0c1a tx timeout [ 316.584479][ T5860] Bluetooth: hci3: command 0x0c1a tx timeout [ 316.590581][ T5850] Bluetooth: hci2: command 0x0c1a tx timeout [ 316.596683][ T5859] Bluetooth: hci1: command 0x0c1a tx timeout [ 324.875524][ T9256] ptrace attach of "./syz-executor exec"[9257] was attempted by "./syz-executor exec"[9256] [ 326.483394][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 326.489912][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 327.481128][ T5860] Bluetooth: hci0: unexpected event 0x1d length: 10 > 5 [ 329.591296][ T9316] FAULT_INJECTION: forcing a failure. [ 329.591296][ T9316] name failslab, interval 1, probability 0, space 0, times 0 [ 329.647302][ T9316] CPU: 0 UID: 0 PID: 9316 Comm: syz.0.878 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 329.647348][ T9316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 329.647367][ T9316] Call Trace: [ 329.647378][ T9316] [ 329.647390][ T9316] dump_stack_lvl+0x16c/0x1f0 [ 329.647442][ T9316] should_fail_ex+0x512/0x640 [ 329.647488][ T9316] ? __kmalloc_noprof+0xbf/0x510 [ 329.647540][ T9316] ? iovec_from_user+0x108/0x140 [ 329.647566][ T9316] should_failslab+0xc2/0x120 [ 329.647597][ T9316] __kmalloc_noprof+0xd2/0x510 [ 329.647641][ T9316] ? __lock_acquire+0x622/0x1c90 [ 329.647694][ T9316] iovec_from_user+0x108/0x140 [ 329.647730][ T9316] __import_iovec+0x88/0x650 [ 329.647770][ T9316] import_iovec+0x86/0xb0 [ 329.647805][ T9316] process_vm_rw+0x144/0x2c0 [ 329.647839][ T9316] ? __pfx_process_vm_rw+0x10/0x10 [ 329.647889][ T9316] ? ksys_write+0x190/0x250 [ 329.647972][ T9316] ? ksys_write+0x1ac/0x250 [ 329.648016][ T9316] ? __pfx_ksys_write+0x10/0x10 [ 329.648064][ T9316] __x64_sys_process_vm_writev+0xe2/0x1c0 [ 329.648096][ T9316] ? do_syscall_64+0x91/0x490 [ 329.648141][ T9316] ? lockdep_hardirqs_on+0x7c/0x110 [ 329.648185][ T9316] do_syscall_64+0xcd/0x490 [ 329.648235][ T9316] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 329.648269][ T9316] RIP: 0033:0x7f2b5518e929 [ 329.648293][ T9316] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 329.648324][ T9316] RSP: 002b:00007f2b560be038 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 329.648353][ T9316] RAX: ffffffffffffffda RBX: 00007f2b553b5fa0 RCX: 00007f2b5518e929 [ 329.648371][ T9316] RDX: 0000200000000017 RSI: 0000200000000180 RDI: 00000000000002e2 [ 329.648390][ T9316] RBP: 00007f2b560be090 R08: 0000000000000007 R09: 0000000000000000 [ 329.648410][ T9316] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000001 [ 329.648430][ T9316] R13: 0000000000000000 R14: 00007f2b553b5fa0 R15: 00007ffececcd848 [ 329.648472][ T9316] [ 330.193018][ T9320] FAULT_INJECTION: forcing a failure. [ 330.193018][ T9320] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 330.267868][ T9320] CPU: 0 UID: 0 PID: 9320 Comm: syz.3.879 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 330.267912][ T9320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 330.267932][ T9320] Call Trace: [ 330.267942][ T9320] [ 330.267955][ T9320] dump_stack_lvl+0x16c/0x1f0 [ 330.268009][ T9320] should_fail_ex+0x512/0x640 [ 330.268062][ T9320] _copy_from_iter+0x29f/0x16f0 [ 330.268117][ T9320] ? __alloc_skb+0x200/0x380 [ 330.268170][ T9320] ? __pfx__copy_from_iter+0x10/0x10 [ 330.268225][ T9320] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 330.268272][ T9320] netlink_sendmsg+0x829/0xdd0 [ 330.268313][ T9320] ? __pfx_netlink_sendmsg+0x10/0x10 [ 330.268364][ T9320] ____sys_sendmsg+0xa95/0xc70 [ 330.268401][ T9320] ? copy_msghdr_from_user+0x10a/0x160 [ 330.268450][ T9320] ? __pfx_____sys_sendmsg+0x10/0x10 [ 330.268506][ T9320] ___sys_sendmsg+0x134/0x1d0 [ 330.268558][ T9320] ? __pfx____sys_sendmsg+0x10/0x10 [ 330.268602][ T9320] ? __lock_acquire+0x622/0x1c90 [ 330.268699][ T9320] __sys_sendmsg+0x16d/0x220 [ 330.268748][ T9320] ? __pfx___sys_sendmsg+0x10/0x10 [ 330.268828][ T9320] do_syscall_64+0xcd/0x490 [ 330.268882][ T9320] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 330.268915][ T9320] RIP: 0033:0x7fe27cd8e929 [ 330.268940][ T9320] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 330.268973][ T9320] RSP: 002b:00007fe27dc63038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 330.269003][ T9320] RAX: ffffffffffffffda RBX: 00007fe27cfb5fa0 RCX: 00007fe27cd8e929 [ 330.269024][ T9320] RDX: 0000000000000080 RSI: 0000200000002380 RDI: 0000000000000003 [ 330.269044][ T9320] RBP: 00007fe27dc63090 R08: 0000000000000000 R09: 0000000000000000 [ 330.269064][ T9320] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 330.269084][ T9320] R13: 0000000000000000 R14: 00007fe27cfb5fa0 R15: 00007ffd2d3c5068 [ 330.269126][ T9320] [ 331.071000][ T30] audit: type=1804 audit(1752646853.261:30): pid=9338 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.881" name="/newroot/229/file0" dev="tmpfs" ino=1204 res=1 errno=0 [ 331.198425][ T30] audit: type=1800 audit(1752646853.312:31): pid=9338 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.881" name="file0" dev="tmpfs" ino=1204 res=0 errno=0 [ 331.931429][ T9351] zswap: compressor not available [ 332.938358][ T9380] ptrace attach of "./syz-executor exec"[9382] was attempted by "./syz-executor exec"[9380] [ 334.405818][ T30] audit: type=1400 audit(1752646856.619:32): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=9402 comm="syz.3.892" [ 334.620894][ T9408] ptrace attach of ""[9410] was attempted by "./syz-executor exec"[9408] [ 335.376809][ T9422] tipc: Started in network mode [ 335.426527][ T9422] tipc: Node identity ee00, cluster identity 4711 [ 335.446536][ T9422] tipc: Node number set to 60928 [ 336.106269][ T9424] zswap: compressor not available [ 336.322552][ T9446] netlink: 28 bytes leftover after parsing attributes in process `syz.2.897'. [ 340.262120][ T9514] ptrace attach of "./syz-executor exec"[9516] was attempted by "./syz-executor exec"[9514] [ 341.200426][ T30] audit: type=1804 audit(1752646863.434:33): pid=9528 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.909" name="/newroot/235/file0" dev="tmpfs" ino=1237 res=1 errno=0 [ 341.269995][ T30] audit: type=1800 audit(1752646863.434:34): pid=9528 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.909" name="file0" dev="tmpfs" ino=1237 res=0 errno=0 [ 341.384068][ T9526] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 344.115077][ T9578] mmap: syz.3.918 (9578): VmData 37527552 exceed data ulimit 3. Update limits or use boot option ignore_rlimit_data. [ 344.547520][ T9585] netlink: 28 bytes leftover after parsing attributes in process `syz.1.919'. [ 345.746647][ T30] audit: type=1804 audit(1752646868.008:35): pid=9605 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.922" name="/newroot/224/file0" dev="tmpfs" ino=1172 res=1 errno=0 [ 345.772678][ T30] audit: type=1800 audit(1752646868.008:36): pid=9605 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.922" name="file0" dev="tmpfs" ino=1172 res=0 errno=0 [ 345.885243][ T9591] kexec: Could not allocate control_code_buffer [ 347.762756][ T9628] ptrace attach of "./syz-executor exec"[9629] was attempted by "./syz-executor exec"[9628] [ 348.232903][ T9640] netlink: 28 bytes leftover after parsing attributes in process `syz.1.929'. [ 350.755099][ T9661] kexec: Could not allocate control_code_buffer [ 351.383341][ T30] audit: type=1400 audit(1752646873.677:37): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=9677 comm="syz.1.937" [ 351.819138][ T9688] ptrace attach of "./syz-executor exec"[9689] was attempted by "./syz-executor exec"[9688] [ 353.755165][ T30] audit: type=1804 audit(1752646876.009:38): pid=9721 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.945" name="/newroot/223/file0" dev="tmpfs" ino=1172 res=1 errno=0 [ 353.885557][ T30] audit: type=1800 audit(1752646876.009:39): pid=9721 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.945" name="file0" dev="tmpfs" ino=1172 res=0 errno=0 [ 354.273415][ T9728] Invalid ELF header magic: != ELF [ 355.578328][ T5860] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 357.266507][ T9769] ptrace attach of ""[9773] was attempted by "./syz-executor exec"[9769] [ 358.618319][ T9786] ptrace attach of "./syz-executor exec"[9787] was attempted by "./syz-executor exec"[9786] [ 361.860760][ T30] audit: type=1804 audit(1752646884.212:40): pid=9823 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.964" name="/newroot/230/file0" dev="tmpfs" ino=1208 res=1 errno=0 [ 361.938936][ T30] audit: type=1800 audit(1752646884.212:41): pid=9823 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.964" name="file0" dev="tmpfs" ino=1208 res=0 errno=0 [ 362.411852][ T9831] vivid-003: ================= START STATUS ================= [ 362.435364][ T9831] vivid-003: Radio HW Seek Mode: Bounded [ 362.468137][ T9831] vivid-003: Radio Programmable HW Seek: false [ 362.475005][ T9831] vivid-003: RDS Rx I/O Mode: Block I/O [ 362.492984][ T9831] vivid-003: Generate RBDS Instead of RDS: false [ 362.500801][ T9831] vivid-003: RDS Reception: true [ 362.509030][ T9831] vivid-003: RDS Program Type: 0 inactive [ 362.514966][ T9831] vivid-003: RDS PS Name: inactive [ 362.525271][ T9831] vivid-003: RDS Radio Text: inactive [ 362.531050][ T9831] vivid-003: RDS Traffic Announcement: false inactive [ 362.542534][ T9831] vivid-003: RDS Traffic Program: false inactive [ 362.549353][ T9831] vivid-003: RDS Music: false inactive [ 362.555010][ T9831] vivid-003: ================== END STATUS ================== [ 362.770605][ T9842] netlink: 28 bytes leftover after parsing attributes in process `syz.2.967'. [ 364.854338][ T9874] ptrace attach of ""[9876] was attempted by "./syz-executor exec"[9874] [ 367.024701][ T9906] kexec: Could not allocate control_code_buffer [ 367.388553][ T9921] netlink: 28 bytes leftover after parsing attributes in process `syz.2.984'. [ 367.950226][ T9936] ptrace attach of "./syz-executor exec"[9937] was attempted by "./syz-executor exec"[9936] [ 368.795248][ T9943] ptrace attach of ""[9944] was attempted by "./syz-executor exec"[9943] [ 369.609289][ T9954] ptrace attach of "./syz-executor exec"[9956] was attempted by "./syz-executor exec"[9954] [ 370.012077][ T30] audit: type=1804 audit(1752646892.394:42): pid=9964 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.992" name="/newroot/255/file0" dev="tmpfs" ino=1338 res=1 errno=0 [ 370.076198][ T30] audit: type=1800 audit(1752646892.394:43): pid=9964 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.992" name="file0" dev="tmpfs" ino=1338 res=0 errno=0 [ 371.557306][ T9989] ptrace attach of "./syz-executor exec"[9990] was attempted by "./syz-executor exec"[9989] [ 371.705677][ T9978] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 371.715783][ T9978] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 371.755773][ T9978] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 371.766412][ T9978] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 371.854520][ T9978] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 373.011271][ T5850] Bluetooth: hci0: command 0x0c1a tx timeout [ 373.777072][ T30] audit: type=1804 audit(1752646896.183:44): pid=10014 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1002" name="/newroot/236/file0" dev="tmpfs" ino=1240 res=1 errno=0 [ 373.808431][ T5850] Bluetooth: hci2: command 0x0c1a tx timeout [ 373.814565][ T5850] Bluetooth: hci1: command 0x0c1a tx timeout [ 373.886395][ T5860] Bluetooth: hci3: command 0x0c1a tx timeout [ 373.905501][ T30] audit: type=1800 audit(1752646896.183:45): pid=10014 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1002" name="file0" dev="tmpfs" ino=1240 res=0 errno=0 [ 374.428237][T10030] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input9 [ 375.089592][ T5860] Bluetooth: hci0: command 0x0c1a tx timeout [ 376.198252][T10053] zswap: compressor not available [ 376.845975][T10072] FAULT_INJECTION: forcing a failure. [ 376.845975][T10072] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 376.889242][T10072] CPU: 0 UID: 0 PID: 10072 Comm: syz.2.1019 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 376.889289][T10072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 376.889319][T10072] Call Trace: [ 376.889330][T10072] [ 376.889342][T10072] dump_stack_lvl+0x16c/0x1f0 [ 376.889397][T10072] should_fail_ex+0x512/0x640 [ 376.889450][T10072] should_fail_alloc_page+0xe7/0x130 [ 376.889493][T10072] prepare_alloc_pages+0x3c2/0x610 [ 376.889540][T10072] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 376.889594][T10072] ? __pfx_stack_trace_save+0x10/0x10 [ 376.889634][T10072] ? stack_depot_save_flags+0x28/0xa40 [ 376.889692][T10072] ? kasan_save_stack+0x42/0x60 [ 376.889737][T10072] ? kasan_save_stack+0x33/0x60 [ 376.889785][T10072] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 376.889834][T10072] ? __pmd_alloc+0xbf/0x930 [ 376.889868][T10072] ? handle_mm_fault+0x589/0xd10 [ 376.889909][T10072] ? exc_page_fault+0x5c/0xb0 [ 376.889952][T10072] ? asm_exc_page_fault+0x26/0x30 [ 376.889982][T10072] ? strncpy_from_user+0x147/0x2e0 [ 376.890020][T10072] ? __do_sys_prctl+0x1f66/0x24c0 [ 376.890068][T10072] ? do_syscall_64+0xcd/0x490 [ 376.890113][T10072] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 376.890165][T10072] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 376.890218][T10072] ? policy_nodemask+0xea/0x4e0 [ 376.890253][T10072] alloc_pages_mpol+0x1fb/0x550 [ 376.890286][T10072] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 376.890315][T10072] ? css_rstat_updated+0x9d/0xd30 [ 376.890360][T10072] alloc_pages_noprof+0x131/0x390 [ 376.890393][T10072] pte_alloc_one+0x1c/0x3a0 [ 376.890424][T10072] __pte_alloc+0x6d/0x3c0 [ 376.890462][T10072] ? __pfx___pte_alloc+0x10/0x10 [ 376.890496][T10072] ? _raw_spin_unlock+0x28/0x50 [ 376.890545][T10072] ? __pmd_alloc+0x3fb/0x930 [ 376.890584][T10072] __handle_mm_fault+0x4358/0x5490 [ 376.890643][T10072] ? __pfx___handle_mm_fault+0x10/0x10 [ 376.890683][T10072] ? __pfx_mt_find+0x10/0x10 [ 376.890736][T10072] ? find_vma+0xbf/0x140 [ 376.890767][T10072] ? __pfx_find_vma+0x10/0x10 [ 376.890804][T10072] handle_mm_fault+0x589/0xd10 [ 376.890849][T10072] ? __pkru_allows_pkey+0x51/0xb0 [ 376.890897][T10072] do_user_addr_fault+0x7a6/0x1370 [ 376.890947][T10072] ? rcu_is_watching+0x12/0xc0 [ 376.890988][T10072] exc_page_fault+0x5c/0xb0 [ 376.891034][T10072] asm_exc_page_fault+0x26/0x30 [ 376.891066][T10072] RIP: 0010:strncpy_from_user+0x147/0x2e0 [ 376.891107][T10072] Code: 00 00 4d 89 74 1d 00 48 83 ed 08 bf 07 00 00 00 48 83 c3 08 48 89 ee e8 17 f2 b0 fc 48 83 fd 07 76 22 e8 9c f6 b0 fc 45 31 ff <49> 8b 04 1c 31 ff 44 89 fe 49 89 c6 e8 c8 f1 b0 fc 45 85 ff 0f 84 [ 376.891137][T10072] RSP: 0018:ffffc900046efe30 EFLAGS: 00050246 [ 376.891161][T10072] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff850a67a6 [ 376.891180][T10072] RDX: ffff88802c840000 RSI: ffffffff850a6844 RDI: 0000000000000007 [ 376.891198][T10072] RBP: 000000000000000f R08: 0000000000000007 R09: 0000000000000007 [ 376.891215][T10072] R10: 000000000000000f R11: 0000000000000001 R12: 0000200000ffffff [ 376.891233][T10072] R13: ffffc900046efeb0 R14: 000000000000000f R15: 0000000000000000 [ 376.891264][T10072] ? strncpy_from_user+0xa6/0x2e0 [ 376.891306][T10072] ? strncpy_from_user+0x144/0x2e0 [ 376.891362][T10072] __do_sys_prctl+0x1f66/0x24c0 [ 376.891416][T10072] ? __pfx___do_sys_prctl+0x10/0x10 [ 376.891490][T10072] do_syscall_64+0xcd/0x490 [ 376.891541][T10072] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 376.891572][T10072] RIP: 0033:0x7f925bd8e929 [ 376.891597][T10072] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 376.891628][T10072] RSP: 002b:00007f925cba0038 EFLAGS: 00000246 ORIG_RAX: 000000000000009d [ 376.891657][T10072] RAX: ffffffffffffffda RBX: 00007f925bfb5fa0 RCX: 00007f925bd8e929 [ 376.891678][T10072] RDX: 0000000000000f79 RSI: 0000200000ffffff RDI: 000000000000000f [ 376.891699][T10072] RBP: 00007f925cba0090 R08: 0000000000010001 R09: 0000000000000000 [ 376.891719][T10072] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000001 [ 376.891738][T10072] R13: 0000000000000001 R14: 00007f925bfb5fa0 R15: 00007fff7b84a598 [ 376.891781][T10072] [ 377.312785][T10075] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1018'. [ 377.998092][T10092] FAULT_INJECTION: forcing a failure. [ 377.998092][T10092] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 378.015882][T10092] CPU: 1 UID: 0 PID: 10092 Comm: syz.3.1024 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 378.015926][T10092] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 378.015945][T10092] Call Trace: [ 378.015956][T10092] [ 378.015969][T10092] dump_stack_lvl+0x16c/0x1f0 [ 378.016023][T10092] should_fail_ex+0x512/0x640 [ 378.016077][T10092] should_fail_alloc_page+0xe7/0x130 [ 378.016113][T10092] prepare_alloc_pages+0x3c2/0x610 [ 378.016161][T10092] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 378.016211][T10092] ? __lock_acquire+0x622/0x1c90 [ 378.016265][T10092] ? __lock_acquire+0x622/0x1c90 [ 378.016318][T10092] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 378.016386][T10092] ? __lock_acquire+0x622/0x1c90 [ 378.016440][T10092] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 378.016502][T10092] ? policy_nodemask+0xea/0x4e0 [ 378.016537][T10092] alloc_pages_mpol+0x1fb/0x550 [ 378.016571][T10092] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 378.016617][T10092] folio_alloc_mpol_noprof+0x36/0x2f0 [ 378.016659][T10092] shmem_alloc_folio+0x135/0x160 [ 378.016703][T10092] shmem_alloc_and_add_folio+0x499/0xc20 [ 378.016759][T10092] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 378.016812][T10092] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 378.016882][T10092] shmem_get_folio_gfp+0x67f/0x1600 [ 378.016937][T10092] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 378.016985][T10092] ? do_splice_direct+0x174/0x240 [ 378.017025][T10092] ? do_sendfile+0xb06/0xe50 [ 378.017064][T10092] ? __x64_sys_sendfile64+0x1d8/0x220 [ 378.017094][T10092] ? do_syscall_64+0xcd/0x490 [ 378.017138][T10092] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 378.017175][T10092] shmem_write_begin+0x160/0x300 [ 378.017225][T10092] ? __pfx_shmem_write_begin+0x10/0x10 [ 378.017273][T10092] ? balance_dirty_pages_ratelimited_flags+0x92/0x1260 [ 378.017313][T10092] ? __pfx_timestamp_truncate+0x10/0x10 [ 378.017368][T10092] generic_perform_write+0x3d0/0x930 [ 378.017427][T10092] ? __pfx_generic_perform_write+0x10/0x10 [ 378.017483][T10092] ? inode_needs_update_time.part.0+0x191/0x270 [ 378.017545][T10092] shmem_file_write_iter+0x10e/0x140 [ 378.017580][T10092] iter_file_splice_write+0x91c/0x1150 [ 378.017626][T10092] ? make_vfsuid+0x117/0x140 [ 378.017675][T10092] ? __pfx_iter_file_splice_write+0x10/0x10 [ 378.017753][T10092] ? __pfx_iter_file_splice_write+0x10/0x10 [ 378.017799][T10092] direct_splice_actor+0x18f/0x6c0 [ 378.017847][T10092] splice_direct_to_actor+0x345/0xa30 [ 378.017891][T10092] ? __pfx_direct_splice_actor+0x10/0x10 [ 378.017943][T10092] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 378.017982][T10092] ? get_pid_task+0xfc/0x250 [ 378.018037][T10092] do_splice_direct+0x174/0x240 [ 378.018079][T10092] ? __pfx_do_splice_direct+0x10/0x10 [ 378.018140][T10092] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 378.018191][T10092] ? rw_verify_area+0xcf/0x680 [ 378.018238][T10092] do_sendfile+0xb06/0xe50 [ 378.018291][T10092] ? __pfx_do_sendfile+0x10/0x10 [ 378.018337][T10092] ? __fget_files+0x20e/0x3c0 [ 378.018391][T10092] __x64_sys_sendfile64+0x1d8/0x220 [ 378.018422][T10092] ? ksys_write+0x1ac/0x250 [ 378.018476][T10092] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 378.018522][T10092] do_syscall_64+0xcd/0x490 [ 378.018576][T10092] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 378.018609][T10092] RIP: 0033:0x7fe27cd8e929 [ 378.018635][T10092] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 378.018666][T10092] RSP: 002b:00007fe27dc63038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 378.018697][T10092] RAX: ffffffffffffffda RBX: 00007fe27cfb5fa0 RCX: 00007fe27cd8e929 [ 378.018719][T10092] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 378.018738][T10092] RBP: 00007fe27dc63090 R08: 0000000000000000 R09: 0000000000000000 [ 378.018758][T10092] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000001 [ 378.018777][T10092] R13: 0000000000000000 R14: 00007fe27cfb5fa0 R15: 00007ffd2d3c5068 [ 378.018821][T10092] [ 379.929050][T10105] zswap: compressor not available [ 381.123706][T10135] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1032'. [ 382.788922][T10158] FAULT_INJECTION: forcing a failure. [ 382.788922][T10158] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 382.831331][T10158] CPU: 1 UID: 0 PID: 10158 Comm: syz.1.1036 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 382.831376][T10158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 382.831396][T10158] Call Trace: [ 382.831407][T10158] [ 382.831418][T10158] dump_stack_lvl+0x16c/0x1f0 [ 382.831472][T10158] should_fail_ex+0x512/0x640 [ 382.831524][T10158] _copy_to_user+0x32/0xd0 [ 382.831576][T10158] simple_read_from_buffer+0xcb/0x170 [ 382.831621][T10158] proc_fail_nth_read+0x197/0x270 [ 382.831662][T10158] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 382.831703][T10158] ? rw_verify_area+0xcf/0x680 [ 382.831755][T10158] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 382.831793][T10158] vfs_read+0x1e4/0xc60 [ 382.831842][T10158] ? __pfx___mutex_lock+0x10/0x10 [ 382.831889][T10158] ? __pfx_vfs_read+0x10/0x10 [ 382.831944][T10158] ? __fget_files+0x20e/0x3c0 [ 382.832000][T10158] ksys_read+0x12a/0x250 [ 382.832042][T10158] ? __pfx_ksys_read+0x10/0x10 [ 382.832100][T10158] do_syscall_64+0xcd/0x490 [ 382.832157][T10158] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 382.832190][T10158] RIP: 0033:0x7fe71b38d33c [ 382.832214][T10158] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 382.832244][T10158] RSP: 002b:00007fe71c19f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 382.832272][T10158] RAX: ffffffffffffffda RBX: 00007fe71b5b5fa0 RCX: 00007fe71b38d33c [ 382.832292][T10158] RDX: 000000000000000f RSI: 00007fe71c19f0a0 RDI: 0000000000000003 [ 382.832311][T10158] RBP: 00007fe71c19f090 R08: 0000000000000000 R09: 0000000000000000 [ 382.832332][T10158] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 382.832350][T10158] R13: 0000000000000000 R14: 00007fe71b5b5fa0 R15: 00007ffcbf3a7d48 [ 382.832390][T10158] [ 383.086157][T10154] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 383.099538][T10154] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 383.228425][T10154] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 383.239634][T10154] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 383.847236][T10166] zswap: compressor not available [ 384.534354][T10173] ptrace attach of "./syz-executor exec"[10176] was attempted by "./syz-executor exec"[10173] [ 384.631039][ T5860] Bluetooth: hci0: command 0x0c1a tx timeout [ 385.122047][ T5860] Bluetooth: hci1: command 0x0c1a tx timeout [ 385.277192][ T5860] Bluetooth: hci3: command 0x0c1a tx timeout [ 385.277230][ T5850] Bluetooth: hci2: command 0x0c1a tx timeout [ 386.043275][ T30] audit: type=1804 audit(1752646908.507:46): pid=10188 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1043" name="/newroot/270/file0" dev="tmpfs" ino=1404 res=1 errno=0 [ 386.157699][ T30] audit: type=1800 audit(1752646908.507:47): pid=10188 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1043" name="file0" dev="tmpfs" ino=1404 res=0 errno=0 [ 386.270235][T10205] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1046'. [ 386.941985][T10213] zswap: compressor not available [ 387.443711][T10231] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input10 [ 387.583339][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 387.589834][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 387.647486][ T30] audit: type=1804 audit(1752646910.136:48): pid=10230 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1052" name="/newroot/248/file0" dev="tmpfs" ino=1309 res=1 errno=0 [ 387.687499][ T30] audit: type=1800 audit(1752646910.136:49): pid=10230 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1052" name="file0" dev="tmpfs" ino=1309 res=0 errno=0 [ 388.302909][T10240] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1054'. [ 389.044878][ C0] vcan0: j1939_tp_rxtimer: 0xffff8880326f1800: rx timeout, send abort [ 389.550663][ C0] vcan0: j1939_tp_rxtimer: 0xffff8880326f1800: abort rx timeout. Force session deactivation [ 391.075673][T10296] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1065'. [ 392.054963][T10309] ptrace attach of "./syz-executor exec"[10310] was attempted by "./syz-executor exec"[10309] [ 392.470579][T10315] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1068'. [ 392.527954][T10315] bridge_slave_1: left allmulticast mode [ 392.560622][T10315] bridge_slave_1: left promiscuous mode [ 392.579370][T10315] bridge0: port 2(bridge_slave_1) entered disabled state [ 392.627891][T10315] bridge_slave_0: left allmulticast mode [ 392.688565][T10315] bridge_slave_0: left promiscuous mode [ 392.728912][T10315] bridge0: port 1(bridge_slave_0) entered disabled state [ 393.079690][T10321] ptrace attach of "./syz-executor exec"[10322] was attempted by "./syz-executor exec"[10321] [ 394.485762][T10332] tc_dump_action: action bad kind [ 395.514809][T10352] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1075'. [ 395.812469][T10349] futex_wake_op: syz.1.1076 tries to shift op by -2048; fix this program [ 395.982038][T10359] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1077'. [ 396.032727][T10359] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1077'. [ 396.058561][T10359] netlink: 198 bytes leftover after parsing attributes in process `syz.2.1077'. [ 396.108491][T10343] kexec: Could not allocate control_code_buffer [ 396.459290][T10363] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1078'. [ 396.505701][T10363] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1078'. [ 396.590015][T10366] ptrace attach of "./syz-executor exec"[10367] was attempted by "./syz-executor exec"[10366] [ 396.608724][T10363] FAULT_INJECTION: forcing a failure. [ 396.608724][T10363] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 396.660325][T10363] CPU: 0 UID: 0 PID: 10363 Comm: syz.3.1078 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 396.660360][T10363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 396.660373][T10363] Call Trace: [ 396.660380][T10363] [ 396.660389][T10363] dump_stack_lvl+0x16c/0x1f0 [ 396.660429][T10363] should_fail_ex+0x512/0x640 [ 396.660467][T10363] _copy_from_iter+0x29f/0x16f0 [ 396.660507][T10363] ? __alloc_skb+0x200/0x380 [ 396.660540][T10363] ? __pfx__copy_from_iter+0x10/0x10 [ 396.660579][T10363] ? __lock_acquire+0xb8a/0x1c90 [ 396.660617][T10363] netlink_sendmsg+0x829/0xdd0 [ 396.660645][T10363] ? __pfx_netlink_sendmsg+0x10/0x10 [ 396.660679][T10363] ____sys_sendmsg+0xa95/0xc70 [ 396.660704][T10363] ? copy_msghdr_from_user+0x10a/0x160 [ 396.660738][T10363] ? __pfx_____sys_sendmsg+0x10/0x10 [ 396.660768][T10363] ? __pfx__kstrtoull+0x10/0x10 [ 396.660799][T10363] ___sys_sendmsg+0x134/0x1d0 [ 396.660834][T10363] ? __pfx____sys_sendmsg+0x10/0x10 [ 396.660881][T10363] ? find_held_lock+0x2b/0x80 [ 396.660921][T10363] __sys_sendmmsg+0x200/0x420 [ 396.660959][T10363] ? __pfx___sys_sendmmsg+0x10/0x10 [ 396.661002][T10363] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 396.661062][T10363] ? fput+0x70/0xf0 [ 396.661089][T10363] ? ksys_write+0x1ac/0x250 [ 396.661122][T10363] ? __pfx_ksys_write+0x10/0x10 [ 396.661159][T10363] __x64_sys_sendmmsg+0x9c/0x100 [ 396.661194][T10363] ? lockdep_hardirqs_on+0x7c/0x110 [ 396.661226][T10363] do_syscall_64+0xcd/0x490 [ 396.661263][T10363] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 396.661286][T10363] RIP: 0033:0x7fe27cd8e929 [ 396.661304][T10363] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 396.661327][T10363] RSP: 002b:00007fe27dc63038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 396.661348][T10363] RAX: ffffffffffffffda RBX: 00007fe27cfb5fa0 RCX: 00007fe27cd8e929 [ 396.661364][T10363] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 396.661378][T10363] RBP: 00007fe27dc63090 R08: 0000000000000000 R09: 0000000000000000 [ 396.661392][T10363] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 396.661405][T10363] R13: 0000000000000000 R14: 00007fe27cfb5fa0 R15: 00007ffd2d3c5068 [ 396.661433][T10363] [ 397.755610][T10376] kexec: Could not allocate control_code_buffer [ 399.812353][T10433] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1096'. [ 401.307755][T10431] kexec: Could not allocate control_code_buffer [ 401.815744][T10459] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1104'. [ 401.962173][T10462] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1105'. [ 401.962628][T10459] hsr_slave_0: left promiscuous mode [ 401.979146][T10459] hsr_slave_1: left promiscuous mode [ 402.631234][T10471] Invalid ELF header magic: != ELF [ 403.820476][T10473] kexec: Could not allocate control_code_buffer [ 404.107334][T10476] could not allocate digest TFM handle [ 404.636790][ T30] audit: type=1804 audit(1752646927.214:50): pid=10500 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1113" name="/newroot/288/file0" dev="tmpfs" ino=1507 res=1 errno=0 [ 404.658354][ T30] audit: type=1800 audit(1752646927.214:51): pid=10500 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1113" name="file0" dev="tmpfs" ino=1507 res=0 errno=0 [ 405.989708][T10519] zswap: compressor not available [ 406.461246][T10520] netlink: 'syz.0.1117': attribute type 5 has an invalid length. [ 406.483148][T10520] netlink: 'syz.0.1117': attribute type 1 has an invalid length. [ 406.517917][T10520] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1117'. [ 408.197638][T10537] kexec: Could not allocate control_code_buffer [ 409.222633][ T30] audit: type=1804 audit(1752646931.778:52): pid=10557 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1126" name="/newroot/276/file0" dev="tmpfs" ino=1435 res=1 errno=0 [ 409.296821][ T30] audit: type=1800 audit(1752646931.808:53): pid=10557 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1126" name="file0" dev="tmpfs" ino=1435 res=0 errno=0 [ 410.386779][T10572] zswap: compressor not available [ 411.810298][T10585] kexec: Could not allocate control_code_buffer [ 412.490286][T10614] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1137'. [ 414.796673][T10633] zswap: compressor not available [ 415.060180][T10641] can: request_module (can-proto-0) failed. [ 417.741568][T10694] ptrace attach of "./syz-executor exec"[10695] was attempted by "./syz-executor exec"[10694] [ 418.909903][T10700] zswap: compressor not available [ 419.217485][T10680] kexec: Could not allocate control_code_buffer [ 419.567446][T10716] ptrace attach of "./syz-executor exec"[10718] was attempted by "./syz-executor exec"[10716] [ 421.144101][T10748] ptrace attach of "./syz-executor exec"[10751] was attempted by "./syz-executor exec"[10748] [ 422.646086][T10770] ptrace attach of "./syz-executor exec"[10771] was attempted by "./syz-executor exec"[10770] [ 423.315208][T10778] [ 423.317691][T10778] ====================================================== [ 423.324728][T10778] WARNING: possible circular locking dependency detected [ 423.331762][T10778] 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 Not tainted [ 423.338897][T10778] ------------------------------------------------------ [ 423.345926][T10778] syz.2.1169/10778 is trying to acquire lock: [ 423.352005][T10778] ffff8880267c9970 (&q->elevator_lock){+.+.}-{4:4}, at: queue_requests_store+0x1c7/0x310 [ 423.361973][T10778] [ 423.361973][T10778] but task is already holding lock: [ 423.369442][T10778] ffff8880267c9438 (&q->q_usage_counter(io)#59){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 423.380735][T10778] [ 423.380735][T10778] which lock already depends on the new lock. [ 423.380735][T10778] [ 423.391169][T10778] [ 423.391169][T10778] the existing dependency chain (in reverse order) is: [ 423.400199][T10778] [ 423.400199][T10778] -> #3 (&q->q_usage_counter(io)#59){++++}-{0:0}: [ 423.408865][T10778] blk_alloc_queue+0x619/0x760 [ 423.414218][T10778] blk_mq_alloc_queue+0x175/0x290 [ 423.419812][T10778] __blk_mq_alloc_disk+0x29/0x120 [ 423.425405][T10778] nbd_dev_add+0x4a0/0xbc0 [ 423.430406][T10778] nbd_init+0x181/0x320 [ 423.435122][T10778] do_one_initcall+0x120/0x6e0 [ 423.440435][T10778] kernel_init_freeable+0x5c2/0x900 [ 423.446192][T10778] kernel_init+0x1c/0x2b0 [ 423.451070][T10778] ret_from_fork+0x5d7/0x6f0 [ 423.456224][T10778] ret_from_fork_asm+0x1a/0x30 [ 423.461536][T10778] [ 423.461536][T10778] -> #2 (fs_reclaim){+.+.}-{0:0}: [ 423.468786][T10778] fs_reclaim_acquire+0x102/0x150 [ 423.474362][T10778] prepare_alloc_pages+0x162/0x610 [ 423.480033][T10778] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 423.486506][T10778] __alloc_pages_noprof+0xb/0x1b0 [ 423.492100][T10778] pcpu_populate_chunk+0x110/0xb00 [ 423.497793][T10778] pcpu_alloc_noprof+0x86a/0x1470 [ 423.503383][T10778] xt_percpu_counter_alloc+0x13e/0x1b0 [ 423.509439][T10778] find_check_entry.constprop.0+0xbc/0x9b0 [ 423.515805][T10778] translate_table+0xc98/0x1720 [ 423.521212][T10778] ipt_register_table+0x102/0x430 [ 423.526793][T10778] iptable_raw_table_init+0x63/0x90 [ 423.532550][T10778] xt_find_table_lock+0x2e1/0x520 [ 423.538131][T10778] xt_request_find_table_lock+0x28/0xf0 [ 423.544232][T10778] get_info+0x190/0x610 [ 423.548944][T10778] do_ipt_get_ctl+0x169/0xa10 [ 423.554172][T10778] nf_getsockopt+0x7c/0xe0 [ 423.559147][T10778] ip_getsockopt+0x18c/0x1e0 [ 423.564294][T10778] tcp_getsockopt+0x9e/0x100 [ 423.569446][T10778] do_sock_getsockopt+0x3fc/0x800 [ 423.575016][T10778] __sys_getsockopt+0x123/0x1b0 [ 423.580430][T10778] __x64_sys_getsockopt+0xbd/0x160 [ 423.586107][T10778] do_syscall_64+0xcd/0x490 [ 423.591178][T10778] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 423.597622][T10778] [ 423.597622][T10778] -> #1 (pcpu_alloc_mutex){+.+.}-{4:4}: [ 423.605398][T10778] __mutex_lock+0x199/0xb90 [ 423.610469][T10778] pcpu_alloc_noprof+0xb4c/0x1470 [ 423.616058][T10778] sbitmap_init_node+0x2fd/0x770 [ 423.621547][T10778] sbitmap_queue_init_node+0x41/0x560 [ 423.627465][T10778] blk_mq_init_tags+0x12d/0x2b0 [ 423.632873][T10778] blk_mq_alloc_map_and_rqs+0x237/0xf60 [ 423.638975][T10778] blk_mq_init_sched+0x30c/0x610 [ 423.644460][T10778] elevator_switch+0x1e1/0x7f0 [ 423.649768][T10778] elevator_change+0x2ac/0x400 [ 423.655078][T10778] elevator_set_default+0x292/0x320 [ 423.660826][T10778] blk_register_queue+0x393/0x4f0 [ 423.666399][T10778] __add_disk+0x74a/0xf00 [ 423.671290][T10778] add_disk_fwnode+0x13f/0x5d0 [ 423.676610][T10778] nbd_dev_add+0x791/0xbc0 [ 423.681585][T10778] nbd_init+0x181/0x320 [ 423.686299][T10778] do_one_initcall+0x120/0x6e0 [ 423.691610][T10778] kernel_init_freeable+0x5c2/0x900 [ 423.697365][T10778] kernel_init+0x1c/0x2b0 [ 423.702242][T10778] ret_from_fork+0x5d7/0x6f0 [ 423.707387][T10778] ret_from_fork_asm+0x1a/0x30 [ 423.712695][T10778] [ 423.712695][T10778] -> #0 (&q->elevator_lock){+.+.}-{4:4}: [ 423.720551][T10778] __lock_acquire+0x126f/0x1c90 [ 423.725958][T10778] lock_acquire+0x179/0x350 [ 423.731016][T10778] __mutex_lock+0x199/0xb90 [ 423.736081][T10778] queue_requests_store+0x1c7/0x310 [ 423.741822][T10778] queue_attr_store+0x279/0x320 [ 423.747253][T10778] sysfs_kf_write+0xef/0x150 [ 423.752404][T10778] kernfs_fop_write_iter+0x351/0x510 [ 423.758233][T10778] iter_file_splice_write+0x91c/0x1150 [ 423.764246][T10778] direct_splice_actor+0x18f/0x6c0 [ 423.769913][T10778] splice_direct_to_actor+0x345/0xa30 [ 423.775838][T10778] do_splice_direct+0x174/0x240 [ 423.781238][T10778] do_sendfile+0xb06/0xe50 [ 423.786209][T10778] __x64_sys_sendfile64+0x1d8/0x220 [ 423.791951][T10778] do_syscall_64+0xcd/0x490 [ 423.797007][T10778] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 423.803445][T10778] [ 423.803445][T10778] other info that might help us debug this: [ 423.803445][T10778] [ 423.813705][T10778] Chain exists of: [ 423.813705][T10778] &q->elevator_lock --> fs_reclaim --> &q->q_usage_counter(io)#59 [ 423.813705][T10778] [ 423.827492][T10778] Possible unsafe locking scenario: [ 423.827492][T10778] [ 423.834954][T10778] CPU0 CPU1 [ 423.840429][T10778] ---- ---- [ 423.845805][T10778] lock(&q->q_usage_counter(io)#59); [ 423.851213][T10778] lock(fs_reclaim); [ 423.857740][T10778] lock(&q->q_usage_counter(io)#59); [ 423.865663][T10778] lock(&q->elevator_lock); [ 423.870277][T10778] [ 423.870277][T10778] *** DEADLOCK *** [ 423.870277][T10778] [ 423.878517][T10778] 5 locks held by syz.2.1169/10778: [ 423.883736][T10778] #0: ffff888036d02428 (sb_writers#7){.+.+}-{0:0}, at: splice_direct_to_actor+0x345/0xa30 [ 423.893824][T10778] #1: ffff88805b956c88 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510 [ 423.903616][T10778] #2: ffff88814330f0f8 (kn->active#151){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510 [ 423.913777][T10778] #3: ffff8880267c9438 (&q->q_usage_counter(io)#59){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 423.925497][T10778] #4: ffff8880267c9470 (&q->q_usage_counter(queue)#11){+.+.}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 423.937653][T10778] [ 423.937653][T10778] stack backtrace: [ 423.943559][T10778] CPU: 0 UID: 0 PID: 10778 Comm: syz.2.1169 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 423.943604][T10778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 423.943620][T10778] Call Trace: [ 423.943628][T10778] [ 423.943637][T10778] dump_stack_lvl+0x116/0x1f0 [ 423.943697][T10778] print_circular_bug+0x275/0x350 [ 423.943735][T10778] check_noncircular+0x14c/0x170 [ 423.943775][T10778] __lock_acquire+0x126f/0x1c90 [ 423.943814][T10778] ? __lock_acquire+0xb8a/0x1c90 [ 423.943852][T10778] lock_acquire+0x179/0x350 [ 423.943889][T10778] ? queue_requests_store+0x1c7/0x310 [ 423.943914][T10778] ? __pfx___might_resched+0x10/0x10 [ 423.943944][T10778] ? do_raw_spin_lock+0x12c/0x2b0 [ 423.943989][T10778] __mutex_lock+0x199/0xb90 [ 423.944029][T10778] ? queue_requests_store+0x1c7/0x310 [ 423.944054][T10778] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 423.944090][T10778] ? queue_requests_store+0x1c7/0x310 [ 423.944113][T10778] ? lockdep_hardirqs_on+0x7c/0x110 [ 423.944153][T10778] ? __pfx___mutex_lock+0x10/0x10 [ 423.944197][T10778] ? __pfx_autoremove_wake_function+0x10/0x10 [ 423.944236][T10778] ? queue_requests_store+0x1c7/0x310 [ 423.944260][T10778] queue_requests_store+0x1c7/0x310 [ 423.944285][T10778] ? __pfx_queue_requests_store+0x10/0x10 [ 423.944311][T10778] ? __mutex_trylock_common+0xe9/0x250 [ 423.944351][T10778] ? __pfx_queue_requests_store+0x10/0x10 [ 423.944381][T10778] queue_attr_store+0x279/0x320 [ 423.944423][T10778] ? __pfx_queue_attr_store+0x10/0x10 [ 423.944463][T10778] ? __lock_acquire+0x622/0x1c90 [ 423.944507][T10778] ? find_held_lock+0x2b/0x80 [ 423.944534][T10778] ? sysfs_file_kobj+0xe4/0x290 [ 423.944567][T10778] ? __pfx_queue_attr_store+0x10/0x10 [ 423.944609][T10778] sysfs_kf_write+0xef/0x150 [ 423.944641][T10778] kernfs_fop_write_iter+0x351/0x510 [ 423.944669][T10778] ? __pfx_sysfs_kf_write+0x10/0x10 [ 423.944703][T10778] iter_file_splice_write+0x91c/0x1150 [ 423.944750][T10778] ? __pfx_iter_file_splice_write+0x10/0x10 [ 423.944790][T10778] ? __pfx_copy_splice_read+0x10/0x10 [ 423.944832][T10778] ? __pfx_iter_file_splice_write+0x10/0x10 [ 423.944871][T10778] direct_splice_actor+0x18f/0x6c0 [ 423.944908][T10778] splice_direct_to_actor+0x345/0xa30 [ 423.944944][T10778] ? __pfx_direct_splice_actor+0x10/0x10 [ 423.944983][T10778] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 423.945022][T10778] do_splice_direct+0x174/0x240 [ 423.945057][T10778] ? __pfx_do_splice_direct+0x10/0x10 [ 423.945091][T10778] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 423.945130][T10778] ? rw_verify_area+0xcf/0x680 [ 423.945166][T10778] do_sendfile+0xb06/0xe50 [ 423.945204][T10778] ? __pfx_do_sendfile+0x10/0x10 [ 423.945242][T10778] ? __x64_sys_futex+0x1e0/0x4c0 [ 423.945275][T10778] ? __x64_sys_futex+0x1e9/0x4c0 [ 423.945310][T10778] __x64_sys_sendfile64+0x1d8/0x220 [ 423.945336][T10778] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 423.945372][T10778] do_syscall_64+0xcd/0x490 [ 423.945414][T10778] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 423.945441][T10778] RIP: 0033:0x7f925bd8e929 [ 423.945462][T10778] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 423.945488][T10778] RSP: 002b:00007f925cba0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 423.945512][T10778] RAX: ffffffffffffffda RBX: 00007f925bfb5fa0 RCX: 00007f925bd8e929 [ 423.945530][T10778] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 423.945547][T10778] RBP: 00007f925be10b39 R08: 0000000000000000 R09: 0000000000000000 [ 423.945564][T10778] R10: 0000000000000200 R11: 0000000000000246 R12: 0000000000000000 [ 423.945580][T10778] R13: 0000000000000000 R14: 00007f925bfb5fa0 R15: 00007fff7b84a598 [ 423.945605][T10778] [ 424.557981][ T30] audit: type=1400 audit(1752646947.235:54): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=10782 comm="syz.1.1170"