last executing test programs: 11.110550705s ago: executing program 3 (id=4350): r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/input/event2\x00', 0x0, 0x0) ioperm$auto(0x7, 0x5ad2, 0x8) mmap$auto(0x80, 0x40009, 0xe2, 0x100009b72, 0x7, 0x28400) r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2000, 0x0) ioctl$auto(r1, 0x8100451b, r1) name_to_handle_at$auto(0xffffffffffffffff, &(0x7f00000000c0)='/\x00R\xa6\x00\xc8\xda\xdc\xb1\xb4#\xe4\xeb\xe1c_\x1b/\xb9L\xc6P\x82\xba\x90@\xb8\xb5\xb1\xe8\"\x88s\xdf\x15\xaa\x18\xa9\x86\xc7\x87g>8\xae\x99\xd4~\xc6\xa7\\\xcc\xfeV\x83\f\xdc\xdc~\x8e\xd5\x18\x13\x16\xc5\x93E\x10\xcb\x1c\x02\x00\xd2\xa4_\xa3\xdcS\xe2\xe2\xc6\x85p\xfa\xc3/G\x86\xea\x9f\xb0\x9a\xcc6\x1a\x06\x91\x9f\xcfC\xedU\x00f`\x02\x04\xef\xfe\x10\xec\x17\x83%K\x04\xd5s\x86\xe4\x9d\x15\f\x8c\xd9wj\xe5t\x82o7\xc05ul\xacU\xbf\xc0\xee\xb4\xd7\t\xe0s]\xcd\xac\x87\xa5\xa6.t\xa9\xe8\xa6>\xf2\xd0\xb1\x83\x83\x91\a\xdc\xe9\xaa\x1dx\x06\xa77\xd6\xe1\xe9\x94\xb9Xi\xbbv_\x9a_bv%\xcb\xc7\xdd\xa3\xb4\tpr%\xdf\xc9\x06\xa2\xe7\xe1\xde\x16\xf7\x03x\xf8\v\v\x1a\xfcm\x87r\xc1\b\xca\x97\xb0\xeb\xd6F\x8f^\x94\xdf\x9ax\xf4\x03e[l\xa5', &(0x7f0000000200)={0x2c, 0x6}, 0x0, 0x1001) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'team_slave_1\x00', 0x0}) sendmsg$auto_NL80211_CMD_REQ_SET_REG(r2, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000580)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="e1ff2abd7000fddbdf251b000f0008040300", @ANYRES32=r3, @ANYBLOB="0c0025800800da00", @ANYRES32, @ANYBLOB="0800508004000480"], 0x30}, 0x1, 0x0, 0x0, 0x814}, 0x80) ioprio_get$auto(0x360, 0x0) sendmsg$auto_NL80211_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000005c0)={&(0x7f00000002c0)={0x2f8, 0x0, 0x200, 0x70bd2b, 0x25dfdbff, {}, [@NL80211_ATTR_MAC_ADDRS={0x2dd, 0xa6, 0x0, 0x1, [@generic="bf8826e753eaa942d32fda3b0e69b277b2144e21b5d51c278c0f526a0844abe82f75164db1e1939c48aa5e9e5322bf2bb0be27cee920725f7cedf5ff4be3c97c8cf7853562c7345ded116656b107fce5e913a3b6a4d9ff6b4e76b49aefab805cf36417e8558cc5d52f61a648e4816db669e53481dd8849f8a8b9d2b6667e922168a7541216f273a40b25c87cbeb014cb6fdb6cc43763ae59d1a6e5b50c24b087abbe19f4eac82ddba89441ba26bb08", @generic="c31ff9309b45e1466331f96c95afcdfe59f7", @typed={0x8, 0x78, 0x0, 0x0, @ipv4=@local}, @typed={0x1d, 0x136, 0x0, 0x0, @str='/dev/dvb/adapter0/demux0\x00'}, @nested={0x184, 0x17, 0x0, 0x1, [@typed={0x4, 0x1a}, @generic="db41a0f8e3b93f9f65497580588de148f34ea994ab9964b2c25cbafa033ef2ab9f1893bf052b9c5ae5a0b3eea9ebe7fea78beaceeaf84200f83048d20b8daa41b557e125a14ffe49d0fbbe4497da688b52bd32c88ebca5b613eee18d6acfd429872239470097c61414e283ead0880a58849605b46f", @typed={0x8, 0xac, 0x0, 0x0, @u32=0x5e}, @typed={0x8, 0x106, 0x0, 0x0, @uid}, @generic="a5736fc8017fc7e6048cdaf928591ec1c5eb21a97e83d4637acbb72ce57556974614a23e456263aa41ebfe27aa0fa1cce9508c00f77b0d47ffae6081591a2436febc933cc1fe5f7d9fb2b755cf76085bcb57aac2806318ac98c60b", @generic="645effd05a2c6520a2393147a2c74d6fed4611a8845ee9be9c6558490727d3a0c3ef32c4e6d652ba541ce9b33637fbf57fe7f9b2b76cce30ee9d0a3cfd9732a29d4504af43a8cab65a43b48ae5464c6919ed6bf413d0d01d819c04d9c3928169859868ce1f461ded8f83e2fb220704b5b675d879e0978ce4d62aa54ea965662d48848396361236", @generic="f3cd93b3501c65d793369934a5a0ff028afacca6da"]}, @nested={0x6c, 0x34, 0x0, 0x1, [@nested={0x4, 0x64}, @typed={0x49, 0x107, 0x0, 0x0, @binary="fc7cb9b0a2741c007dae7a5120df109380b01878e54f35be1bd47d0718b0508a5ecf7be005a583b37aa20fb996381985428c5de03c0bfd5177031b3f16afc08a89fe58e2ce"}, @typed={0x17, 0x7a, 0x0, 0x0, @str='/dev/snd/controlC2\x00'}]}]}, @NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT={0x4}]}, 0x2f8}, 0x1, 0x0, 0x0, 0x4008013}, 0x20008010) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty49\x00', 0x800, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x1fe, 0x0) r4 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x8040, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r4, 0x403c6f2b, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r4, 0x4000000403c6f2b, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'}) rseq$auto(&(0x7f0000000080)={0x9, 0x8, 0x0, 0x7, 0xffffffff, 0x2}, 0x7ffd, 0xfffffff6, 0x8) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r5 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/audio1\x00', 0x20b42, 0x0) r6 = open(&(0x7f0000000280)='./file0\x00', 0x261c2, 0x84) bpf$auto(0x2, &(0x7f00000000c0)=@raw_tracepoint={0x5, r6, 0x0, 0x3}, 0x91) read$auto_safesetid_gid_file_fops_securityfs(r6, &(0x7f0000000040)=""/7, 0x7) ioctl$auto_SNDCTL_DSP_SPEED(r5, 0xc0045002, 0x0) write$auto(r5, 0x0, 0x7fffffff) ioctl$auto_SNDRV_CTL_IOCTL_TLV_READ(r0, 0xc008551a, &(0x7f0000000000)={0x2, 0x7f}) 7.92907703s ago: executing program 3 (id=4363): rt_sigtimedwait$auto(0x0, 0x0, 0x0, 0x8) mmap$auto(0x0, 0x2000d, 0x4000000000df, 0xeb1, 0x404, 0x8000) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x8000, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r0, 0xc0045002, 0x0) read$auto(r0, 0x0, 0xcefbce6) read$auto_nsim_dev_trap_fa_cookie_fops_dev(r0, &(0x7f0000000000)=""/156, 0x9c) shmat$auto(0x0, &(0x7f0000000580)='(\x00', 0xdffffffa) kill$auto(0x0, 0x11) syz_clone3(&(0x7f0000000500)={0x400, 0x0, 0x0, 0x0, {0x2c}, 0x0, 0x0, 0x0, 0x0}, 0x58) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3fd, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) madvise$auto(0xfff, 0x7, 0xab8) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) r2 = socket(0x1e, 0x1, 0x0) setsockopt$auto(0x3, 0x6, 0x100000000, 0xfffffffffffffffc, 0xa) socket(0x29, 0x801, 0x100) io_uring_register$auto_IORING_REGISTER_EVENTFD_ASYNC(r2, 0x7, &(0x7f0000000140)="92f5b6d429e0ea2a4c97b31ef789fd555acfff756a6ddec6766e42cef1270e8cbc51c5f9e8f21d850b3d9ea1d0e1696765035381aa2abc1d8444971a96b79c11a4868a99e2bb7a8d57dc4174ab434c3803232696dd1e76a82db428ac5f853d91bd418b167d44f92ab9cb309d32d1e141b130eb16ee7fd4e1be204c3feff3f6278ae2b00e582c04ef3966bf12ce5af6fe2dfac002951b", 0x9) mmap$auto(0x1, 0x3, 0x3, 0x55, r1, 0x8001) mmap$auto(0x0, 0x400008, 0x200, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x2000040080000004, 0xe) write$auto_proc_mem_operations_base(0xffffffffffffffff, &(0x7f0000001680)="a7", 0x80000) pselect6$auto(0x9, &(0x7f0000000000)={[0x8, 0x4, 0x0, 0x6, 0x8001, 0x4000000000002bc8, 0xfff, 0x9, 0x3, 0xffffffff, 0x8000000000000001, 0x0, 0x2f, 0x2, 0x8, 0xfffffffffffffffe]}, 0x0, 0x0, 0x0, 0x0) semctl$auto(0x1ff, 0x2, 0x13, 0x4) 6.941870234s ago: executing program 3 (id=4369): r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/input/event2\x00', 0x0, 0x0) ioperm$auto(0x7, 0x5ad2, 0x8) mmap$auto(0x80, 0x40009, 0xe2, 0x100009b72, 0x7, 0x28400) r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2000, 0x0) ioctl$auto(r1, 0x8100451b, r1) name_to_handle_at$auto(0xffffffffffffffff, &(0x7f00000000c0)='/\x00R\xa6\x00\xc8\xda\xdc\xb1\xb4#\xe4\xeb\xe1c_\x1b/\xb9L\xc6P\x82\xba\x90@\xb8\xb5\xb1\xe8\"\x88s\xdf\x15\xaa\x18\xa9\x86\xc7\x87g>8\xae\x99\xd4~\xc6\xa7\\\xcc\xfeV\x83\f\xdc\xdc~\x8e\xd5\x18\x13\x16\xc5\x93E\x10\xcb\x1c\x02\x00\xd2\xa4_\xa3\xdcS\xe2\xe2\xc6\x85p\xfa\xc3/G\x86\xea\x9f\xb0\x9a\xcc6\x1a\x06\x91\x9f\xcfC\xedU\x00f`\x02\x04\xef\xfe\x10\xec\x17\x83%K\x04\xd5s\x86\xe4\x9d\x15\f\x8c\xd9wj\xe5t\x82o7\xc05ul\xacU\xbf\xc0\xee\xb4\xd7\t\xe0s]\xcd\xac\x87\xa5\xa6.t\xa9\xe8\xa6>\xf2\xd0\xb1\x83\x83\x91\a\xdc\xe9\xaa\x1dx\x06\xa77\xd6\xe1\xe9\x94\xb9Xi\xbbv_\x9a_bv%\xcb\xc7\xdd\xa3\xb4\tpr%\xdf\xc9\x06\xa2\xe7\xe1\xde\x16\xf7\x03x\xf8\v\v\x1a\xfcm\x87r\xc1\b\xca\x97\xb0\xeb\xd6F\x8f^\x94\xdf\x9ax\xf4\x03e[l\xa5', &(0x7f0000000200)={0x2c, 0x6}, 0x0, 0x1001) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'team_slave_1\x00', 0x0}) sendmsg$auto_NL80211_CMD_REQ_SET_REG(r2, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000580)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="e1ff2abd7000fddbdf251b000f0008040300", @ANYRES32=r3, @ANYBLOB="0c0025800800da00", @ANYRES32, @ANYBLOB="0800508004000480"], 0x30}, 0x1, 0x0, 0x0, 0x814}, 0x80) ioprio_get$auto(0x360, 0x0) sendmsg$auto_NL80211_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000005c0)={&(0x7f00000002c0)={0x2f8, 0x0, 0x200, 0x70bd2b, 0x25dfdbff, {}, [@NL80211_ATTR_MAC_ADDRS={0x2dd, 0xa6, 0x0, 0x1, [@generic="bf8826e753eaa942d32fda3b0e69b277b2144e21b5d51c278c0f526a0844abe82f75164db1e1939c48aa5e9e5322bf2bb0be27cee920725f7cedf5ff4be3c97c8cf7853562c7345ded116656b107fce5e913a3b6a4d9ff6b4e76b49aefab805cf36417e8558cc5d52f61a648e4816db669e53481dd8849f8a8b9d2b6667e922168a7541216f273a40b25c87cbeb014cb6fdb6cc43763ae59d1a6e5b50c24b087abbe19f4eac82ddba89441ba26bb08", @generic="c31ff9309b45e1466331f96c95afcdfe59f7", @typed={0x8, 0x78, 0x0, 0x0, @ipv4=@local}, @typed={0x1d, 0x136, 0x0, 0x0, @str='/dev/dvb/adapter0/demux0\x00'}, @nested={0x184, 0x17, 0x0, 0x1, [@typed={0x4, 0x1a}, @generic="db41a0f8e3b93f9f65497580588de148f34ea994ab9964b2c25cbafa033ef2ab9f1893bf052b9c5ae5a0b3eea9ebe7fea78beaceeaf84200f83048d20b8daa41b557e125a14ffe49d0fbbe4497da688b52bd32c88ebca5b613eee18d6acfd429872239470097c61414e283ead0880a58849605b46f", @typed={0x8, 0xac, 0x0, 0x0, @u32=0x5e}, @typed={0x8, 0x106, 0x0, 0x0, @uid}, @generic="a5736fc8017fc7e6048cdaf928591ec1c5eb21a97e83d4637acbb72ce57556974614a23e456263aa41ebfe27aa0fa1cce9508c00f77b0d47ffae6081591a2436febc933cc1fe5f7d9fb2b755cf76085bcb57aac2806318ac98c60b", @generic="645effd05a2c6520a2393147a2c74d6fed4611a8845ee9be9c6558490727d3a0c3ef32c4e6d652ba541ce9b33637fbf57fe7f9b2b76cce30ee9d0a3cfd9732a29d4504af43a8cab65a43b48ae5464c6919ed6bf413d0d01d819c04d9c3928169859868ce1f461ded8f83e2fb220704b5b675d879e0978ce4d62aa54ea965662d48848396361236", @generic="f3cd93b3501c65d793369934a5a0ff028afacca6da"]}, @nested={0x6c, 0x34, 0x0, 0x1, [@nested={0x4, 0x64}, @typed={0x49, 0x107, 0x0, 0x0, @binary="fc7cb9b0a2741c007dae7a5120df109380b01878e54f35be1bd47d0718b0508a5ecf7be005a583b37aa20fb996381985428c5de03c0bfd5177031b3f16afc08a89fe58e2ce"}, @typed={0x17, 0x7a, 0x0, 0x0, @str='/dev/snd/controlC2\x00'}]}]}, @NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT={0x4}]}, 0x2f8}, 0x1, 0x0, 0x0, 0x4008013}, 0x20008010) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty49\x00', 0x800, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x1fe, 0x0) r4 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x8040, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r4, 0x403c6f2b, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r4, 0x4000000403c6f2b, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'}) rseq$auto(&(0x7f0000000080)={0x9, 0x8, 0x0, 0x7, 0xffffffff, 0x2}, 0x7ffd, 0xfffffff6, 0x8) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r5 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/audio1\x00', 0x20b42, 0x0) r6 = open(&(0x7f0000000280)='./file0\x00', 0x261c2, 0x84) bpf$auto(0x2, &(0x7f00000000c0)=@raw_tracepoint={0x5, r6, 0x0, 0x3}, 0x91) read$auto_safesetid_gid_file_fops_securityfs(r6, &(0x7f0000000040)=""/7, 0x7) ioctl$auto_SNDCTL_DSP_SPEED(r5, 0xc0045002, 0x0) write$auto(r5, 0x0, 0x7fffffff) ioctl$auto_SNDRV_CTL_IOCTL_TLV_READ(r0, 0xc008551a, &(0x7f0000000000)={0x2, 0x7f}) 5.552245881s ago: executing program 1 (id=4372): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) mmap$auto(0x8, 0x3a02, 0x0, 0x9b72, 0xffffffffffffffff, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000180)={{0x0, 0x0, 0x0, 0x9, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x77, 0x4008) (async) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000180)={{0x0, 0x0, 0x0, 0x9, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x77, 0x4008) r0 = socket(0x1f, 0x3, 0x400001) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000580)=ANY=[], 0x1ac}}, 0x4c041) r1 = socket(0xf, 0x5, 0xf) mmap$auto(0x0, 0x20009, 0xdf, 0xebf, 0x401, 0x5) (async) mmap$auto(0x0, 0x20009, 0xdf, 0xebf, 0x401, 0x5) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, 0x0, 0x42100, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r4 = syz_genetlink_get_family_id$auto_nlbl_unlbl(0x0, r3) sendmsg$auto_NLBL_UNLABEL_C_STATICADD(r3, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000000c0)={&(0x7f0000001500)=ANY=[], 0x1094}, 0x1, 0x0, 0x0, 0x4081}, 0xc000) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) (async) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) ioctl$auto(r3, 0x57, r2) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x40) execve$auto(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) (async) execve$auto(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0x20, 0x0) (async) sysfs$auto(0x2, 0x20, 0x0) fsopen$auto(0x0, 0x1) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYRESHEX=r2, @ANYBLOB="90d7b0a4eff0b4477aa3829b3d691d38772bb1cea2c1a1c1f79e63e6a5bd430e63200af964449f44d409812c0da521bfbc1ce6d644ba5e339fa36fe8ec9ff828a25dc634fd89850f11fbb07eca59879b985189b09536", @ANYRES16=r4], 0x1ac}, 0x1, 0x0, 0x0, 0x20044800}, 0x20004810) (async) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYRESHEX=r2, @ANYBLOB="90d7b0a4eff0b4477aa3829b3d691d38772bb1cea2c1a1c1f79e63e6a5bd430e63200af964449f44d409812c0da521bfbc1ce6d644ba5e339fa36fe8ec9ff828a25dc634fd89850f11fbb07eca59879b985189b09536", @ANYRES16=r4], 0x1ac}, 0x1, 0x0, 0x0, 0x20044800}, 0x20004810) r5 = socket(0x10, 0x2, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/platform/vhci_hcd.0/status\x00', 0x101600, 0x0) (async) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/platform/vhci_hcd.0/status\x00', 0x101600, 0x0) read$auto(r6, &(0x7f0000000040)='\x04\x00\x86\xd2\x0f\x84\xe7\x05}\x88\x04\xc2&\x14^\v\x802\x89Y\xf2;\xe8\xf4a\xab\x01\xf5\x1f\xd5\xf5\x89lg\x0f+S\xbf\xa7\xc3\xd0\x1e\x18\xc2\xe8\x87\xa9\x9a4I;\xf6wP\'go\xf2\xf13\x91I\x819nz65-\x84\x11\x7f^\xed^\xbc\x17\x17\x82r\xa4\xf6\x86m\x81YI\xa7\xe7\x97%\x9d\bs\xc92\x1b\t\xf9q\a*\xf1\r\xc1\x18\xa7\x05m\xb1\xda\apU\xb8)b\x7f\xe9rQ\xc5N~,,\xad\xf0\x011\x8b`\xb8\x06\x01$\'\xb4\x03g\xe6\xf8\x18liR-\x97\xadX\x7f\v\xa4\xb5\xfa\xe0k\xa1\xc3\x89\x01\xb1J\xdcy!\x99\xf65\x9e\xcd\xe2[\xd78\x0e\xde-!u\x9bh\a\xbbHC\x91\xde\xd2\x9a}S\xf0\x85\x7f\x86/\xd7||\xf4\xca\xc9A\xac\xfb\x1f\xcb\xed\xbaF\xe5\xb2\xdc/Z\x1b\xc9\xb8\xc9\x83O2F\x91\a\x8c\xcd\xe57\xaa\x12\x03\xe4=\x85\xb3\xa7L', 0xc) sendmmsg$auto(r5, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) execve$auto(&(0x7f0000000240)='./file0\x00', 0x0, 0x0) (async) execve$auto(&(0x7f0000000240)='./file0\x00', 0x0, 0x0) pidfd_open$auto(0x0, 0x5) 5.136860294s ago: executing program 0 (id=4374): openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x802, 0x0) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) socket(0xa, 0x1, 0x100) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0x0, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x5, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000040), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) setsockopt$auto(0x3, 0x1, 0x48, 0x0, 0x9) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xe2, 0x9b72, 0x2, 0x8000) r1 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/mtd\x00', 0xc40, 0x0) read$auto_proc_iter_file_ops_compat_inode(r1, 0x0, 0x4d) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) r3 = gettid() process_vm_writev$auto(r3, &(0x7f0000000240)={0x0, 0x800}, 0x6, &(0x7f0000002a40)={0x0, 0x100000004007}, 0x4, 0x0) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/raw\x00', 0x2802, 0x0) pread64$auto(r4, 0x0, 0x8, 0xffff) r5 = io_uring_setup$auto(0x8, &(0x7f0000000080)={0x7fffffff, 0xd, 0x2, 0x6, 0x8, 0x8, r2, [], {0x6, 0x6, 0xf, 0x8, 0x100, 0x83, 0x101, 0x6, 0x2}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}}) ioctl$auto_TUNSETDEBUG(r5, 0x400454c9, &(0x7f00000001c0)=0x7) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/cpu/smt/control\x00', 0x2ab42, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) 4.441077752s ago: executing program 1 (id=4376): mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f00000001c0), 0x80100, 0x0) mkdir$auto(&(0x7f0000000000)='}[,&*}\x00', 0xc001) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000001e00)='/dev/snd/pcmC1D0p\x00', 0x101080, 0x0) mount$auto(0x0, &(0x7f0000000100)='}[,&*}\x00', &(0x7f0000000140)='nfsd\x00', 0x10001, 0x0) mount$auto(0x0, &(0x7f0000000100)='}[,&*}\x00', 0x0, 0x44020, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) r2 = socket(0x2b, 0x1, 0x1) listen$auto(r2, 0x6) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) setsockopt$auto(0x3, 0x6, 0x1, 0x0, 0x4) ioctl$auto(0x3, 0xae60, 0x10000000000402) ioctl$auto(0x3, 0xae41, 0x38) mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000) r3 = socket(0x2, 0x5, 0x0) getsockopt$auto(r3, 0x84, 0xf, 0x0, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0x4138ae84, 0x0) close_range$auto(r2, 0xffffffffffffffff, 0x10000) 4.018896647s ago: executing program 0 (id=4379): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020008, 0x7, 0xb9, 0xfffffffffffffffa, 0x9) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) socket(0x25, 0x6, 0x0) mmap$auto(0x81, 0x9, 0x7, 0x16, 0x401, 0x2) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) getrandom$auto(0x0, 0x2, 0x5) setsockopt$auto(0x3, 0x1, 0x1d, 0x0, 0x9) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000b80)='/proc/sys/kernel/kptr_restrict\x00', 0x202, 0x0) read$auto(r0, 0x0, 0x2) write$auto(0x3, 0x0, 0xfdef) close_range$auto(0x0, 0xfffffffffffff000, 0x0) eventfd$auto(0x8c) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff) socket(0x2, 0x1, 0x106) r1 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x86fb16d8bb90233e, 0x0) pread64$auto(r1, 0x0, 0x8100000041, 0x413e) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0xe0742, 0x0) 3.96148039s ago: executing program 1 (id=4380): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_loop_ctl_fops_loop(0xffffffffffffff9c, &(0x7f0000000440), 0x20100, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20342, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) socket$nl_generic(0x10, 0x3, 0x10) select$auto(0x7, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x800, 0x0, 0x2, 0x5, 0x495f4da0a, 0xa33a, 0x3, 0x62, 0xfffffffffffff7b2, 0x10000000000004, 0x6d40, 0x1, 0x39, 0xfffffffffffffffe]}, 0x0) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp1\x00', 0x60282, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, 0x0) write$auto(r0, 0x0, 0x100082) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) 3.861928669s ago: executing program 2 (id=4381): r0 = socket(0x2, 0x1, 0x0) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0xe6, 0x0, 0x2, 0xb}, 0xfff}, 0x6, 0x311) r1 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL802154_CMD_GET_SEC_LEVEL(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r1, 0x8, 0x70bd2c, 0x25dfdbff, {}, [@NL802154_ATTR_PAGE={0x5, 0x7, 0x6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1041}, 0xd0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) io_uring_setup$auto(0x2, 0x0) close_range$auto(0x2, 0xa, 0x0) openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f000000e680), 0x2, 0x0) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x1c1041, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/kernel/ns_last_pid\x00', 0x68001, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0x17, r3, 0x113c) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/seq/clients\x00', 0x280, 0x0) pread64$auto(r4, 0x0, 0x8, 0x8) socket(0x2a, 0x3, 0x7) close_range$auto(0x2, 0x8, 0x0) 3.701557875s ago: executing program 3 (id=4382): pwrite64$auto(0xffffffffffffffff, &(0x7f0000000000)='./cgroup/memory.pressure\x00', 0x6bc, 0x5) sendmsg$auto_NL80211_CMD_REQ_SET_REG(0xffffffffffffffff, 0x0, 0x40) readahead$auto(0xffffffffffffffff, 0x4, 0x4) sysfs$auto(0x1003, 0x401, 0x0) unshare$auto(0x40000080) r0 = socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x1000, 0x400005, 0x5, 0x9b72, 0x2, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) mmap$auto(0x0, 0x4994, 0xdf, 0x9b75, 0x2, 0x9) statmount$auto(0x0, &(0x7f0000000180)={0x0, 0x1, 0x38a1, 0x3, 0x66, 0xfffffffffffffff8, 0x4, 0x3, 0x7fffffff, 0x902c, 0x19, 0x400005, 0x35be, 0x100000004, 0xa1d0, 0x8, 0x9, 0x3, 0x3, 0x6, 0x0, 0xffffffff, 0xfffffffe, 0x0, 0xffffffff, 0x0, 0x100000, 0x200, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x6, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9]}, 0xfffff7fffffffffa, 0x8000081) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r2, 0x0, 0x20) openat$auto_cpu_latency_qos_fops_qos(0xffffffffffffff9c, &(0x7f0000000100), 0x2001, 0x0) read$auto(r1, 0x0, 0x20) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x101c02, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) settimeofday$auto(&(0x7f0000000180)={0xffffffffffffffff, 0x1}, 0x0) socket(0x2a, 0x2, 0x6) connect$auto(0x3, &(0x7f0000000180)=@in={0x2a}, 0x54) write$auto(0x3, 0x0, 0x9) r4 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, 0x0, 0x428400, 0x0) ioctl$auto(r4, 0x4004556e, 0x1f) r5 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/maps\x00', 0x40302, 0x0) sendmsg$auto_BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000400)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="00000000088d7e4d665724459b152315694ab2fc17969266f96621cee91b1e2636b8b542c82ba8", @ANYRES16, @ANYBLOB="00012cbd7000fbdbdf2504000000050019000700000008002b0005000000"], 0x24}, 0x1, 0x0, 0x0, 0x8005}, 0x20080845) ioctl$auto_PROCMAP_QUERY(r5, 0xc0686611, &(0x7f0000000300)={0x68, 0x7, 0x200000007fff, 0x6, 0x80000000007, 0x1, 0x80000010, 0x8000, 0x400000005, 0x80005, 0xfbfffffe, 0xffffffff, 0x1, 0x85, 0x9}) socket$nl_generic(0x10, 0x3, 0x10) unshare$auto(0x40000080) 3.431384341s ago: executing program 2 (id=4383): openat$auto_fragmentation_threshold_ops_(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/ieee80211/phy11/fragmentation_threshold\x00', 0x40000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82400, 0x0) ioctl$auto_SG_SCSI_RESET(r1, 0x2284, 0x0) getcpu$auto(0xfffffffffffffffc, 0xffffffffffffffff, 0xfffffffffffffffd) epoll_create$auto(0x4) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x17f, 0x7, 0xd, 0x5, 0x948b, 0x3, 0x15f4da0a, 0x0, 0x3, 0x62, 0x80000004, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) r2 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0) ioctl$auto(r2, 0x6, 0xffffffffffffffff) ioctl$auto(0x20000000000003, 0x8946, 0x2) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r3 = socket(0x2, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e21, @remote}, 0x6a) sendmmsg$auto(r3, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0x40000b}, 0xfff}, 0x5, 0x311) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/drvctl\x00', 0x20681, 0x0) r5 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0xa02, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r5, 0xc1105517, &(0x7f00000001c0)={{@inferred=0x0, 0x1, 0x40008, 0x7, "aab8e80600080043529f895cf5e8ec8f46cbb766439daa41e1aa00000000001200000000070a00", @inferred=0x0}, 0x6, 0x8, 0x7, @raw=0x1, @enumerated={0x4, 0xffff, "3a451db75512bd3527fc812ba5063f658f3a83495f2f7e8b4b84d579e75c002e35796b745e9f1f32cbfbdc296577c42c2257f3cdba1288075707bcc50e018166", 0x9e, 0x5}, "a4699d30a05edbe0d28473c399a7dc920b153e9b1675451d7de94b4123f970bedd3460c667373fcc59b584d81592f6ab606c276852295e00af49e6de6e768034"}) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_REMOVE(r5, 0xc0405519, &(0x7f00000000c0)={@inferred=r6, 0x7, 0xd, 0xa4, "e3eabf11dce36a2eac9cb4682c339b3ce615a9b97386d4462bc6553245da56e4978f37368e849db4a6e0aa4e", @raw=0xa2cfa1c}) write$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f00000000c0)="f4", 0x1) prctl$auto(0x35, 0x0, r7, 0x0, 0x0) socket(0x22, 0x2, 0x4) getpeername$auto(0x3, 0x0, 0x0) 2.89949817s ago: executing program 1 (id=4384): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp1\x00', 0x20b42, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async) madvise$auto(0x0, 0xffffffffffff0005, 0x17) (async) madvise$auto(0x0, 0xffffffffffff0005, 0x19) (async, rerun: 32) mremap$auto(0x4000, 0xb8, 0x13fd4, 0x3, 0xfffff000) (async, rerun: 32) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x4002, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0xa, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x2, 0x6, 0x2000}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}}) (async) open(0x0, 0x22240, 0x154) connect$auto(0x3, 0x0, 0x55) (async) mmap$auto(0x0, 0x400008, 0xdc, 0x9b72, 0x2, 0x8000) (async) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/tcp\x00', 0x181800, 0x0) pread64$auto(r1, &(0x7f0000000000)='/proc/thread-self/net/tcp6\x00\xd2)\x8e\x892\x82\x19\xfd\x03\xc3\x8d\xd7D\bz\xde5u4\xddS\xe6\x1a\x8a`\xad0\x98|\xbc\x00\x98\b\x0ey\xcb`\x9b\x91r\xd5\x13\x9e\xdd4\xe7\xb7\x94P\x8fBlm\x04eAW\xbc0\x9b\xbd\x8f\xf5];\x94\x18\xf0\v\xd7\xf4P\xd3\x9e,Q\xd8\x16\x989l\x03\a\xcc\x1e\xb9\xe9{\xeeS\xa9\xc60\x00\xb5&\x9e\xdbk{F\x18\xa8\xba*G\xd3\x80\xb1G.\xec1\x96uP\x97\x8co\xf1\xa6\xd5\xea\xc8L3|a\xb3\xaa\x90~Y\xb19\xad\xdc\x05o\x98g\xd4\x10]5\x95\xd0\xabJC\x06\xd0c\xd1Ra\xf7\xc4n\xdf\xe4\xc7\x03\x19x\xbb\v\x00\t\xde\xf5\x93\xfb\xfb#\xbd\xc0S\f57\x83\xdd\xaa\xf0\x9c\xd3G\xe1\x00'/232, 0x3ef, 0x9) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) close_range$auto(0x2, 0x8, 0x0) (async) mmap$auto(0x200000, 0x2020009, 0x3, 0x13, r0, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) setsockopt$auto(r0, 0x104000000000010e, 0x0, 0x0, 0xc) (async, rerun: 32) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x2001, 0x0) (async, rerun: 32) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x200000000008000) (async) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x8000, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r2, 0xc0045002, 0x0) (async, rerun: 64) write$auto(0x3, 0x0, 0x81) (async, rerun: 64) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000040), 0x101000, 0x0) ioctl$auto_UDMABUF_CREATE_LIST(0xffffffffffffffff, 0x40087543, &(0x7f0000000100)={0x5eea, 0x7, [{r3, 0x0, 0x4, 0x6}]}) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x20009, 0x8001, 0xeb1, 0x401, 0x8000) mremap$auto(0x0, 0xffffffffffffffff, 0x3fd6, 0x3, 0x7fffffffb000) mmap$auto(0x0, 0x4, 0x8, 0x40eb1, 0x401, 0x308000000000) (async, rerun: 64) socket(0xa, 0x3, 0x3a) (async, rerun: 64) setsockopt$auto(0x400000000000003, 0x29, 0xd4, 0x0, 0x4) 2.795590148s ago: executing program 0 (id=4385): r0 = openat$auto_bdi_debug_stats_fops_(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/bdi/7:2/stats\x00', 0x20002, 0x0) r1 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000280)='/dev/usbmon19\x00', 0x101000, 0x0) mmap$auto(0x0, 0x20008, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) socket(0x10, 0x2, 0x0) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x20000800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) bpf$auto(0x0, &(0x7f0000000100)=@bpf_attr_5={@target_fd=0x5, 0x7f, 0x9c, 0x7b2, 0x1, @relative_id=0x4, 0x80}, 0x96) ioctl$auto_MON_IOCH_MFLUSH(r1, 0x9208, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/vkms/graphics/fb0/blank\x00', 0xa001, 0x0) write$auto(r2, &(0x7f0000000140)='7\x00\xb1\x9a\xc0\xf9\xc0e\xd2T\xbe\xb6I\x9d\xd9\x18\xf5\x91\xbfq\xfe\xf2\x9a\x02\x9fC0xb\xccW(\xc1n+\n|5\xa5\x9c=^\xf1\x11H\x1c\xf73\x16\xd2\a\xfaw\xcc\xf1\xff7\xab\xa1\xeaF\x04\x17\x99\xd3\xd1\x83\xccG^\xbbdC\x8a\n\x88\xbcW@+\xafD\xd1\x8a\xc13W\xf66\x86\xe5\xee\xa7\x1d\x0f\x90\x00\xcf\xdb\xf5\xbf\xd4\xc8\x84\xb3\xeeb\xb0\xc7kN\x80\x93\xfd\x89\xe1\xc9tp\xd4jm\x7f\xf0a\xc3\x02\x14\xcf\xcf\\e!\a\x82\t,\xa7\x00\xbd&\xcax\xf8P\xc1\x8f\x87\x83\x0f\x93z', 0x81) read$auto_null_fops_mem(0xffffffffffffffff, &(0x7f0000000180)=""/251, 0xfb) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop2\x00', 0x24040, 0x0) ioctl$auto_BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000380)={"ef13a5421a7c65cadfca436c4d13dd823843180bb151e936e8ce6cb454168d6c", 0x3ff, 0xa, 0x1000, 0x54, 0x200000000000000d}) ioctl$auto_BLKTRACESTART(r3, 0x1274, 0x0) get_mempolicy$auto(&(0x7f00000002c0)=0x9, &(0x7f0000000340)=0x400, 0x2, 0x85, 0x5) ioctl$auto_BLKTRACETEARDOWN(r3, 0x1276, 0x0) r4 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000000), 0x4881c2, 0x0) setsockopt$auto_SO_RCVLOWAT(r4, 0x9, 0x12, &(0x7f00000000c0)='/sys/kernel/debug/bdi/7:2/stats\x00', 0x7) read$auto_bdi_debug_stats_fops_(r0, &(0x7f0000000040)=""/69, 0x45) 2.293740378s ago: executing program 2 (id=4386): close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) capset$auto(0x0, 0x0) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000062c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'bond_slave_0\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_LINKMODES_GET(0xffffffffffffffff, &(0x7f00000000c0)={0xfffffffffffffffd, 0x0, &(0x7f0000006340)={&(0x7f00000001c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="8f0329bd7000fbdbdf25040000001400018008000100", @ANYRES32=r2, @ANYBLOB="08000300010000002eb92f837c1c5cd86bc856f18d821bab694817b55e39e0750e704eeb309f5a4597813fd26b36c15b0f2ddd81b63ac5274cab167d43481c9615c0ad304590a6493d7e50307d1e019b65008dad40548ac00760141a1cf61e2e042d6ef09c5424ee4680bf78617aa61a055cac18756c6e47eebe2141386c95b1809c63d81244a4aec6356446d582db80031ea1b6e23cdf91b17383796492a25c6bffe8792f3ab4b270ff58"], 0x28}, 0x1, 0x0, 0x0, 0x4044040}, 0x4000) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'ip_vti0\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f0000000500)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c010000", @ANYRES16=0x0, @ANYBLOB="000025bd7000ffdbdf25110000002000018008000300070000001400020076657468315f746f5f626f6e64000000040001805c0001801400020064756d6d7930000000000000000000001400020070696d3672656731000000000000000014000200766c616e30000000000000000000000008000100", @ANYRES32=0x0, @ANYBLOB="140002000000000000000000000000000000000020000180080041000700000014000200697036677265300000000000000000005400018008000300010001511ca4bb40b3fcdf0008000300", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="140002007465616d5f736c6176655f300000000008000300131bffff1400020064766d727031000000000000000000000c00018008000100", @ANYRES32=0x0, @ANYBLOB="28000180140002006e69637666300000000000000000000008000100", @ANYRES32=r2, @ANYBLOB="08000100", @ANYRES32=r3, @ANYBLOB="040001800c00018008000100", @ANYRES32=0x0, @ANYBLOB], 0x14c}, 0x1, 0x0, 0x0, 0x2}, 0x0) setsockopt$auto(0x3, 0x0, 0x17, 0x0, 0x28) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) r4 = openat$auto_urandom_fops_random(0xffffffffffffff9c, &(0x7f0000000000), 0x4800, 0x0) ioctl$auto_RNDADDENTROPY2(r4, 0x40085203, &(0x7f0000000040)=[0x874a, 0x7fffffff]) r5 = socket(0x23, 0x80805, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'macsec0\x00'}) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000040), r7) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'batadv0\x00', 0x0}) sendmsg$auto_BATADV_CMD_GET_HARDIF(r6, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r8, @ANYBLOB="dbdf25050000000800030000b50000000000", @ANYRES32=r9], 0x1c}}, 0x4008000) read$auto(0x3, 0x0, 0x7) socket$nl_generic(0x10, 0x3, 0x10) socket(0x25, 0x2, 0xf) ioctl$auto_KVM_GET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee2, &(0x7f0000000040)={0xd, 0x0, 0x0, 0xfffffffffffffffe}) 2.236879023s ago: executing program 1 (id=4387): r0 = open(&(0x7f0000000440)='./cgroup\x00', 0x49c280, 0xde) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000003c0)='/sys/devices/platform/vhci_hcd.9/usb27/27-0:1.0/usb27-port1/early_stop\x00', 0x80302, 0x0) sendfile$auto(r1, r1, 0x0, 0x2001) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000540), 0x363ac0, 0x0) set_mempolicy$auto(0x3, &(0x7f0000000000)=0x7, 0x9) mmap$auto(0x0, 0x3, 0x3, 0xeb1, r0, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0) readv$auto(r2, &(0x7f00000000c0)={0x0, 0x5}, 0x3) ioctl$auto_TIOCVHANGUP2(r2, 0x5437, 0x0) mmap$auto(0x0, 0x2420009, 0x3, 0xebe, 0xfffffffffffffffa, 0xb) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0x1010001, 0x100000003) read$auto(r3, 0x0, 0x20) sendmsg$auto_NL80211_CMD_UPDATE_OWE_INFO(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYRESDEC=r2, @ANYRESHEX, @ANYBLOB="746cb551e830601e0d16aabb95291469d303f663aee02f11c85470d52aad0e1a83597ff7ee28603127a63aa61486d9def84244b955e043f80e4863109603599904e43691d52f8b8db3f762b23603e1aeea28c050892624ce04b9aa085cc103b84b27b4f6399119f1c648753803ada83ef75d2f83473afa338a9363aec6fc7e290c779f559a7721508685a053719936c59213308d23b1d3d1e8555c43793617dd0492ab7c5024ad50f8abd13c2b5ea6b33cb1b1730c67f78ba2a77fcf21948b126604c380be7ebf"], 0x40}, 0x1, 0x0, 0x0, 0x2408c810}, 0x40418c0) mmap$auto(0xff0f200000000000, 0x400008, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0xffffffffffff0001, 0x15) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000a40), 0xffffffffffffffff) sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_ID(r0, &(0x7f00000004c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000480)={&(0x7f0000000500)=ANY=[], 0x18}, 0x1, 0x0, 0x0, 0x24004080}, 0x4000000) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, &(0x7f0000001c00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0xc844}, 0x0) io_uring_setup$auto(0x6, 0x0) madvise$auto(0x0, 0x200006, 0x19) shmctl$auto_IPC_STAT(0x4, 0x2, 0x0) getsockopt$auto_SO_GET_FILTER(r0, 0x4, 0x1a, &(0x7f00000005c0)='{\x00', &(0x7f0000000580)=0x81) bpf$auto(0x8, &(0x7f00000000c0)=@test={r0, 0x81, 0x10, 0x5d, 0x80c, 0x6, 0xfff, 0x2, 0x9, 0x1, 0x8001, 0xffffffff, 0xc8, 0x8, 0x5}, 0x8) 2.171060728s ago: executing program 0 (id=4388): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc2a43, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0xc0c00, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000440)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) stat$auto(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x5, 0x6, 0x6, 0x4, 0xee00, 0x0, 0x0, 0x74a7047a, 0x1, 0x5, 0x1b5, 0xb7a6, 0x9, 0x2, 0x9, 0x107f0a84}) setfsgid$auto(0xee00) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x0, 0x100000000008000) ioperm$auto(0x100000000, 0x7, 0x3) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/net/udplite6\x00', 0x101000, 0x0) pread64$auto(r2, 0x0, 0x8, 0x8000) ioctl$auto_SIOCGIFHWADDR(r1, 0x8927, &(0x7f0000000140)="eecf4c74097de9ee2f43444b57d132ed65857b31456737b234a253a85cf2a8aa97227d58bc639c84e324a61a663d0c81e2e24bd675f6f7a65971f57caaa74f4a73be4533954e850c7be6ce1291744b4a8d8c62deee198f4ec825f53443efae60b44d7ef88b745ae0efc4a36c2e2cfa5d10a22bd8b20673668911e6b42b159fab482d755437618c265f62f15308fa5617c65ea5a5052a49873c26638702305a6b6ea794c54c28ef696bbd7315c9c11826a221d5403e652da57c4dc00724c4b7dd0020cbbd97f0c269f253bb0f6a5f515b305efe034adf2f30eb9f8a462d551b3f56f5c0cface6dfc52a") syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000240), r1) r3 = getpid() process_vm_readv$auto(r3, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0) 2.109320428s ago: executing program 3 (id=4389): mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f00000001c0), 0x80100, 0x0) mkdir$auto(&(0x7f0000000000)='}[,&*}\x00', 0xc001) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000001e00)='/dev/snd/pcmC1D0p\x00', 0x101080, 0x0) mount$auto(0x0, &(0x7f0000000100)='}[,&*}\x00', &(0x7f0000000140)='nfsd\x00', 0x10001, 0x0) mount$auto(0x0, &(0x7f0000000100)='}[,&*}\x00', 0x0, 0x44020, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) r2 = socket(0x2b, 0x1, 0x1) listen$auto(r2, 0x6) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) setsockopt$auto(0x3, 0x6, 0x1, 0x0, 0x4) ioctl$auto(0x3, 0xae60, 0x10000000000402) ioctl$auto(0x3, 0xae41, 0x38) mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000) r3 = socket(0x2, 0x5, 0x0) getsockopt$auto(r3, 0x84, 0xf, 0x0, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0x4138ae84, 0x0) close_range$auto(r2, 0xffffffffffffffff, 0x10000) 1.752958557s ago: executing program 2 (id=4390): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/firmware/acpi/interrupts/gpe02\x00', 0x200, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_NEXT_DEVICE(0xffffffffffffffff, 0xc0145401, &(0x7f0000000580)={0x80000006, 0x0, 0xd12b, 0xfffffffd, 0x200a}) r1 = fspick$auto(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x5) ioctl$auto_FS_IOC_GETFSLABEL2(r1, 0x81009431, &(0x7f0000000200)="394b63a9c25080fe4b051f56dc99ec82cb2fa40e6e139250819abb56eaa666408a17c07f8edb076b2ba935d8c30b4cbab55d9c12b072417a5e9369f7439fdca05c009129bced1656146e9b5fed2047c43e20ff04ec05c63bc889dd216eeafa978f3f2bcbfa8721b2e57c912bcfc4216bf10ffa5f4552b8fadef4527d133209d87db9b0ba28087ece259033ad5bf30dc1ac9aec3529bb1d3c5f056a5e13c6a50181ac89ed61c5af725db048fd90fbc1550c9f115dd3bbe155ffd1594122c8c6a233d5862be5b20abfed4e7fc7ed8ebf7abd9b66285f4995d286727c83ccb6b038c94a2ee61f02da15a2d7507cf808e4d1078058a2ed2fd53c9206f9d954ff1c1e") r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000440)='/proc/sys/kernel/timer_migration\x00', 0x242, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x110) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) unlink$auto(&(0x7f0000000380)='./file0\x00') openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioperm$auto(0x3, 0xe, 0x2000000000000149) syz_clone3(&(0x7f0000000100)={0x2000000, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58) r5 = mq_open$auto(&(0x7f00000000c0)='\x12\xe6D\b\x9e\x00\x80\x85\f\xb9w-\xbd!\x9eb\xed\xfb\x0f\xe5\x9dZ\xc2\xd1\x01wBV\x91\x8f_\xc0\xdf\x84\xfe\x84\xd1se\x01\x06\x00\xb3\x13_Y&\xa9\x88\xe4\xa2\xb0V\x85\x92<\xb6\xdcT\xfa\xe9!\xc5<\xce\x18=\x06\xdaGq\xb5\r\t\xb2\xde\x99\xd50\xbb\x192\x1c4\x86\xc0\xc1-\xd5\x10\xc3\xfc*[8\x89h\xc5\xba\xff\xc8u50x0}) r8 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x440ac0, 0x0) openat$auto_fake_panic_fops_(0xffffffffffffff9c, &(0x7f0000000140), 0x40400, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r8, &(0x7f0000000040)=""/195, 0xc3) sendmsg$auto_ILA_CMD_ADD(r3, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000240)=ANY=[@ANYBLOB="119f0000", @ANYRES16=r4, @ANYBLOB="010228bd7000ffdbdf25010000000500080000000000", @ANYRES16=r0, @ANYRESHEX=r7, @ANYRES8], 0x1c}, 0x1, 0x0, 0x0, 0x8080}, 0x38) kernel console output (not intermixed with test programs): syzkaller #0 PREEMPT(full) [ 1306.741174][T22318] Tainted: [I]=FIRMWARE_WORKAROUND [ 1306.741187][T22318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1306.741206][T22318] Call Trace: [ 1306.741218][T22318] [ 1306.741231][T22318] dump_stack_lvl+0x16c/0x1f0 [ 1306.741287][T22318] should_fail_ex+0x512/0x640 [ 1306.741334][T22318] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1306.741389][T22318] should_failslab+0xc2/0x120 [ 1306.741421][T22318] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1306.741484][T22318] ? security_file_alloc+0x34/0x2b0 [ 1306.741532][T22318] security_file_alloc+0x34/0x2b0 [ 1306.741574][T22318] init_file+0x93/0x4c0 [ 1306.741607][T22318] alloc_empty_file+0x73/0x1e0 [ 1306.741643][T22318] path_openat+0xda/0x2cb0 [ 1306.741685][T22318] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1306.741732][T22318] ? __pfx_path_openat+0x10/0x10 [ 1306.741782][T22318] ? __lock_acquire+0xb8a/0x1c90 [ 1306.741841][T22318] do_filp_open+0x20b/0x470 [ 1306.741890][T22318] ? __pfx_do_filp_open+0x10/0x10 [ 1306.741965][T22318] ? alloc_fd+0x471/0x7d0 [ 1306.742029][T22318] do_sys_openat2+0x11b/0x1d0 [ 1306.742062][T22318] ? __pfx_do_sys_openat2+0x10/0x10 [ 1306.742111][T22318] __x64_sys_openat+0x174/0x210 [ 1306.742145][T22318] ? __pfx___x64_sys_openat+0x10/0x10 [ 1306.742194][T22318] do_syscall_64+0xcd/0x490 [ 1306.742244][T22318] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1306.742276][T22318] RIP: 0033:0x7fc1d838e929 [ 1306.742301][T22318] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1306.742332][T22318] RSP: 002b:00007fc1d9184038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1306.742362][T22318] RAX: ffffffffffffffda RBX: 00007fc1d85b6080 RCX: 00007fc1d838e929 [ 1306.742383][T22318] RDX: 0000000000000440 RSI: 0000200000000280 RDI: ffffffffffffff9c [ 1306.742403][T22318] RBP: 00007fc1d8410b39 R08: 0000000000000000 R09: 0000000000000000 [ 1306.742421][T22318] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1306.742439][T22318] R13: 0000000000000000 R14: 00007fc1d85b6080 R15: 00007ffec46996e8 [ 1306.742478][T22318] [ 1309.321422][T22352] FAULT_INJECTION: forcing a failure. [ 1309.321422][T22352] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1309.395639][T22352] CPU: 1 UID: 0 PID: 22352 Comm: syz.0.3800 Tainted: G I 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 1309.395691][T22352] Tainted: [I]=FIRMWARE_WORKAROUND [ 1309.395700][T22352] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1309.395714][T22352] Call Trace: [ 1309.395722][T22352] [ 1309.395731][T22352] dump_stack_lvl+0x16c/0x1f0 [ 1309.395771][T22352] should_fail_ex+0x512/0x640 [ 1309.395808][T22352] should_fail_alloc_page+0xe7/0x130 [ 1309.395832][T22352] prepare_alloc_pages+0x3c2/0x610 [ 1309.395867][T22352] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 1309.395904][T22352] ? mas_next_slot+0x12d3/0x21b0 [ 1309.395927][T22352] ? __up_read+0x1f8/0x750 [ 1309.395965][T22352] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1309.396003][T22352] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1309.396037][T22352] ? mas_find+0x2f6/0x530 [ 1309.396058][T22352] ? validate_mm+0x40a/0x570 [ 1309.396099][T22352] ? __lock_acquire+0xb8a/0x1c90 [ 1309.396130][T22352] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1309.396179][T22352] ? policy_nodemask+0xea/0x4e0 [ 1309.396201][T22352] alloc_pages_mpol+0x1fb/0x550 [ 1309.396223][T22352] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1309.396243][T22352] ? __pud_alloc+0x521/0x750 [ 1309.396272][T22352] alloc_pages_noprof+0x131/0x390 [ 1309.396293][T22352] __pmd_alloc+0x3b/0x930 [ 1309.396319][T22352] move_page_tables+0x28c8/0x4070 [ 1309.396357][T22352] ? __pfx_copy_vma+0x10/0x10 [ 1309.396386][T22352] ? finish_task_switch.isra.0+0x21c/0xc10 [ 1309.396415][T22352] ? __pfx_move_page_tables+0x10/0x10 [ 1309.396459][T22352] ? register_lock_class+0x41/0x4c0 [ 1309.396506][T22352] ? rcu_is_watching+0x12/0xc0 [ 1309.396552][T22352] copy_vma_and_data+0x216/0x750 [ 1309.396596][T22352] ? __pfx_copy_vma_and_data+0x10/0x10 [ 1309.396641][T22352] ? __vma_enter_locked+0x163/0x3f0 [ 1309.396674][T22352] ? find_held_lock+0x2b/0x80 [ 1309.396698][T22352] ? move_vma+0x536/0x1740 [ 1309.396737][T22352] move_vma+0x548/0x1740 [ 1309.396777][T22352] ? __pfx_move_vma+0x10/0x10 [ 1309.396810][T22352] ? mm_get_unmapped_area+0x95/0xe0 [ 1309.396837][T22352] ? shmem_get_unmapped_area+0x170/0xa00 [ 1309.396869][T22352] ? cap_mmap_addr+0x4b/0x120 [ 1309.396890][T22352] ? bpf_lsm_mmap_addr+0x9/0x10 [ 1309.396913][T22352] ? security_mmap_addr+0x6c/0x1e0 [ 1309.396942][T22352] ? __get_unmapped_area+0x267/0x440 [ 1309.396971][T22352] ? vrm_set_new_addr+0x208/0x290 [ 1309.397006][T22352] __do_sys_mremap+0xe07/0x1590 [ 1309.397044][T22352] ? __pfx___do_sys_mremap+0x10/0x10 [ 1309.397086][T22352] ? __fget_files+0x204/0x3c0 [ 1309.397122][T22352] ? __x64_sys_futex+0x1e0/0x4c0 [ 1309.397168][T22352] do_syscall_64+0xcd/0x490 [ 1309.397206][T22352] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1309.397230][T22352] RIP: 0033:0x7f665d18e929 [ 1309.397249][T22352] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1309.397272][T22352] RSP: 002b:00007f665df3a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 1309.397293][T22352] RAX: ffffffffffffffda RBX: 00007f665d3b6320 RCX: 00007f665d18e929 [ 1309.397309][T22352] RDX: 0000000000000008 RSI: 0000000000000002 RDI: 0000000000000000 [ 1309.397323][T22352] RBP: 00007f665d210b39 R08: 00007effffffb000 R09: 0000000000000000 [ 1309.397338][T22352] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 1309.397352][T22352] R13: 0000000000000000 R14: 00007f665d3b6320 R15: 00007ffe535d9818 [ 1309.397381][T22352] [ 1309.918755][T22344] bond0: option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0) [ 1310.613403][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 1310.620009][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 1312.755509][T22399] openvswitch: HfR: Dropping previously announced user features [ 1312.929829][T22400] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3822'. [ 1315.779941][T22447] FAULT_INJECTION: forcing a failure. [ 1315.779941][T22447] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1315.803817][T22447] CPU: 1 UID: 0 PID: 22447 Comm: syz.1.3826 Tainted: G I 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 1315.803871][T22447] Tainted: [I]=FIRMWARE_WORKAROUND [ 1315.803884][T22447] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1315.803904][T22447] Call Trace: [ 1315.803914][T22447] [ 1315.803927][T22447] dump_stack_lvl+0x16c/0x1f0 [ 1315.803982][T22447] should_fail_ex+0x512/0x640 [ 1315.804035][T22447] _copy_to_iter+0x29f/0x16f0 [ 1315.804096][T22447] ? __pfx___skb_try_recv_datagram+0x10/0x10 [ 1315.804150][T22447] ? __pfx__copy_to_iter+0x10/0x10 [ 1315.804207][T22447] ? __skb_recv_datagram+0x1b2/0x220 [ 1315.804261][T22447] ? __pfx___skb_recv_datagram+0x10/0x10 [ 1315.804310][T22447] simple_copy_to_iter+0x46/0x90 [ 1315.804352][T22447] __skb_datagram_iter+0x129/0x900 [ 1315.804393][T22447] ? __pfx_simple_copy_to_iter+0x10/0x10 [ 1315.804437][T22447] ? skb_recv_datagram+0x88/0xc0 [ 1315.804486][T22447] skb_copy_datagram_iter+0x40/0x50 [ 1315.804532][T22447] netlink_recvmsg+0x27e/0xa90 [ 1315.804569][T22447] ? __pfx_netlink_recvmsg+0x10/0x10 [ 1315.804603][T22447] ? __fget_files+0x204/0x3c0 [ 1315.804663][T22447] sock_recvmsg+0x1f6/0x250 [ 1315.804703][T22447] __sys_recvfrom+0x203/0x310 [ 1315.804748][T22447] ? __pfx___sys_recvfrom+0x10/0x10 [ 1315.804798][T22447] ? find_held_lock+0x2b/0x80 [ 1315.804847][T22447] __x64_sys_recvfrom+0xe0/0x1c0 [ 1315.804886][T22447] ? do_syscall_64+0x91/0x490 [ 1315.804927][T22447] ? lockdep_hardirqs_on+0x7c/0x110 [ 1315.804967][T22447] do_syscall_64+0xcd/0x490 [ 1315.805012][T22447] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1315.805040][T22447] RIP: 0033:0x7fee941906f4 [ 1315.805062][T22447] Code: 89 4c 24 1c e8 ed 5f 02 00 44 8b 54 24 1c 8b 3c 24 45 31 c9 89 c5 48 8b 54 24 10 48 8b 74 24 08 45 31 c0 b8 2d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 04 24 e8 39 60 02 00 48 8b 04 [ 1315.805094][T22447] RSP: 002b:00007fee950b9f30 EFLAGS: 00000246 ORIG_RAX: 000000000000002d [ 1315.805121][T22447] RAX: ffffffffffffffda RBX: 000000000000003c RCX: 00007fee941906f4 [ 1315.805140][T22447] RDX: 0000000000001000 RSI: 00007fee950ba010 RDI: 0000000000000008 [ 1315.805158][T22447] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1315.805175][T22447] R10: 0000000000000000 R11: 0000000000000246 R12: 0000200000000040 [ 1315.805192][T22447] R13: 00007fee950b9fc0 R14: 0000000000000011 R15: 0000000000000000 [ 1315.805225][T22447] [ 1316.071707][T22447] HfR: entered promiscuous mode [ 1316.181449][T22450] FAULT_INJECTION: forcing a failure. [ 1316.181449][T22450] name failslab, interval 1, probability 0, space 0, times 0 [ 1316.222935][T22450] CPU: 0 UID: 0 PID: 22450 Comm: syz.3.3828 Tainted: G I 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 1316.222991][T22450] Tainted: [I]=FIRMWARE_WORKAROUND [ 1316.223005][T22450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1316.223024][T22450] Call Trace: [ 1316.223035][T22450] [ 1316.223049][T22450] dump_stack_lvl+0x16c/0x1f0 [ 1316.223105][T22450] should_fail_ex+0x512/0x640 [ 1316.223153][T22450] ? __kmalloc_noprof+0xbf/0x510 [ 1316.223205][T22450] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 1316.223252][T22450] should_failslab+0xc2/0x120 [ 1316.223283][T22450] __kmalloc_noprof+0xd2/0x510 [ 1316.223340][T22450] ? __pfx___mutex_trylock_common+0x10/0x10 [ 1316.223397][T22450] genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 1316.223452][T22450] genl_family_rcv_msg_doit+0xbf/0x2f0 [ 1316.223498][T22450] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1316.223543][T22450] ? trace_cap_capable+0x18d/0x200 [ 1316.223585][T22450] ? bpf_lsm_capable+0x9/0x10 [ 1316.223625][T22450] ? security_capable+0x7e/0x260 [ 1316.223680][T22450] ? ns_capable+0xd7/0x110 [ 1316.223718][T22450] genl_rcv_msg+0x55c/0x800 [ 1316.223768][T22450] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1316.223811][T22450] ? __pfx_wg_set_device+0x10/0x10 [ 1316.223879][T22450] netlink_rcv_skb+0x155/0x420 [ 1316.223920][T22450] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1316.223963][T22450] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1316.224018][T22450] ? netlink_deliver_tap+0x1ae/0xd30 [ 1316.224060][T22450] genl_rcv+0x28/0x40 [ 1316.224096][T22450] netlink_unicast+0x53a/0x7f0 [ 1316.224137][T22450] ? __pfx_netlink_unicast+0x10/0x10 [ 1316.224186][T22450] netlink_sendmsg+0x8d1/0xdd0 [ 1316.224232][T22450] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1316.224286][T22450] ____sys_sendmsg+0xa95/0xc70 [ 1316.224334][T22450] ? copy_msghdr_from_user+0x10a/0x160 [ 1316.224386][T22450] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1316.224446][T22450] ___sys_sendmsg+0x134/0x1d0 [ 1316.224500][T22450] ? __pfx____sys_sendmsg+0x10/0x10 [ 1316.224547][T22450] ? __lock_acquire+0x622/0x1c90 [ 1316.224644][T22450] __sys_sendmsg+0x16d/0x220 [ 1316.224698][T22450] ? __pfx___sys_sendmsg+0x10/0x10 [ 1316.224778][T22450] do_syscall_64+0xcd/0x490 [ 1316.224834][T22450] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1316.224867][T22450] RIP: 0033:0x7fc1d838e929 [ 1316.224895][T22450] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1316.224925][T22450] RSP: 002b:00007fc1d91a5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1316.224955][T22450] RAX: ffffffffffffffda RBX: 00007fc1d85b5fa0 RCX: 00007fc1d838e929 [ 1316.224976][T22450] RDX: 0000000008004004 RSI: 00002000000028c0 RDI: 0000000000000003 [ 1316.224997][T22450] RBP: 00007fc1d91a5090 R08: 0000000000000000 R09: 0000000000000000 [ 1316.225017][T22450] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1316.225037][T22450] R13: 0000000000000000 R14: 00007fc1d85b5fa0 R15: 00007ffec46996e8 [ 1316.225081][T22450] [ 1316.860553][T22452] ptrace attach of "./syz-executor exec"[22454] was attempted by "./syz-executor exec"[22452] [ 1316.985926][T22457] ptrace attach of "./syz-executor exec"[22459] was attempted by "./syz-executor exec"[22457] [ 1317.693070][T22464] phram: not enough arguments [ 1319.118036][T22496] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3841'. [ 1319.516097][T22494] netlink: 330 bytes leftover after parsing attributes in process `syz.2.3843'. [ 1322.701079][T22548] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 1323.476746][T22518] vidtv vidtv.0: No streaming. Skipping. [ 1325.728273][T22591] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3867'. [ 1325.815807][T22595] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3868'. [ 1326.655848][T22591] team_slave_1 (unregistering): left promiscuous mode [ 1326.703395][T22591] team_slave_1 (unregistering): left allmulticast mode [ 1326.823775][T22591] team0: Port device team_slave_1 removed [ 1328.034212][T22614] can: request_module (can-proto-0) failed. [ 1329.493734][T22624] FAULT_INJECTION: forcing a failure. [ 1329.493734][T22624] name failslab, interval 1, probability 0, space 0, times 0 [ 1329.509124][T22624] CPU: 1 UID: 0 PID: 22624 Comm: syz.0.3874 Tainted: G I 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 1329.509174][T22624] Tainted: [I]=FIRMWARE_WORKAROUND [ 1329.509187][T22624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1329.509207][T22624] Call Trace: [ 1329.509218][T22624] [ 1329.509230][T22624] dump_stack_lvl+0x16c/0x1f0 [ 1329.509289][T22624] should_fail_ex+0x512/0x640 [ 1329.509356][T22624] ? kmem_cache_alloc_bulk_noprof+0x6d/0xbc0 [ 1329.509414][T22624] should_failslab+0xc2/0x120 [ 1329.509447][T22624] kmem_cache_alloc_bulk_noprof+0x85/0xbc0 [ 1329.509505][T22624] ? trace_kmem_cache_alloc+0x28/0xc0 [ 1329.509539][T22624] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 1329.509591][T22624] ? mas_alloc_nodes+0x18b/0x8b0 [ 1329.509642][T22624] ? mas_alloc_nodes+0x2f1/0x8b0 [ 1329.509688][T22624] mas_alloc_nodes+0x2f1/0x8b0 [ 1329.509744][T22624] mas_node_count_gfp+0x105/0x130 [ 1329.509797][T22624] mas_preallocate+0x77b/0xda0 [ 1329.509841][T22624] ? __pfx_mas_preallocate+0x10/0x10 [ 1329.509916][T22624] ? rcu_read_unlock+0x17/0x60 [ 1329.509961][T22624] vma_link+0x135/0x6a0 [ 1329.510015][T22624] ? __pfx_vma_link+0x10/0x10 [ 1329.510082][T22624] ? rcu_is_watching+0x12/0xc0 [ 1329.510123][T22624] ? anon_vma_clone+0x405/0x5c0 [ 1329.510167][T22624] ? anon_vma_name+0x75/0x100 [ 1329.510208][T22624] copy_vma+0x6c2/0xaa0 [ 1329.510264][T22624] ? __pfx_copy_vma+0x10/0x10 [ 1329.510310][T22624] ? lockdep_hardirqs_on+0x7c/0x110 [ 1329.510389][T22624] ? register_lock_class+0x41/0x4c0 [ 1329.510434][T22624] ? __schedule+0x1181/0x5de0 [ 1329.510496][T22624] ? __lock_acquire+0x622/0x1c90 [ 1329.510550][T22624] copy_vma_and_data+0x1cf/0x750 [ 1329.510606][T22624] ? __pfx_copy_vma_and_data+0x10/0x10 [ 1329.510666][T22624] ? __vma_enter_locked+0x163/0x3f0 [ 1329.510716][T22624] ? find_held_lock+0x2b/0x80 [ 1329.510750][T22624] ? move_vma+0x536/0x1740 [ 1329.510808][T22624] move_vma+0x548/0x1740 [ 1329.510876][T22624] ? __pfx_move_vma+0x10/0x10 [ 1329.510924][T22624] ? mm_get_unmapped_area+0x95/0xe0 [ 1329.510965][T22624] ? shmem_get_unmapped_area+0x170/0xa00 [ 1329.511009][T22624] ? cap_mmap_addr+0x4b/0x120 [ 1329.511040][T22624] ? bpf_lsm_mmap_addr+0x9/0x10 [ 1329.511076][T22624] ? security_mmap_addr+0x6c/0x1e0 [ 1329.511119][T22624] ? __get_unmapped_area+0x267/0x440 [ 1329.511164][T22624] ? vrm_set_new_addr+0x208/0x290 [ 1329.511219][T22624] __do_sys_mremap+0xe07/0x1590 [ 1329.511275][T22624] ? __pfx___do_sys_mremap+0x10/0x10 [ 1329.511339][T22624] ? __fget_files+0x204/0x3c0 [ 1329.511395][T22624] ? __x64_sys_futex+0x1e0/0x4c0 [ 1329.511475][T22624] do_syscall_64+0xcd/0x490 [ 1329.511539][T22624] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1329.511570][T22624] RIP: 0033:0x7f665d18e929 [ 1329.511595][T22624] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1329.511627][T22624] RSP: 002b:00007f665dfbe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 1329.511657][T22624] RAX: ffffffffffffffda RBX: 00007f665d3b5fa0 RCX: 00007f665d18e929 [ 1329.511679][T22624] RDX: 0000000000000008 RSI: 0000000000000002 RDI: 0000000000000000 [ 1329.511697][T22624] RBP: 00007f665d210b39 R08: 00007effffffb000 R09: 0000000000000000 [ 1329.511717][T22624] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 1329.511735][T22624] R13: 0000000000000000 R14: 00007f665d3b5fa0 R15: 00007ffe535d9818 [ 1329.511775][T22624] [ 1329.850715][ C1] vkms_vblank_simulate: vblank timer overrun [ 1330.143059][T22630] blkio.reset_stats is deprecated [ 1331.173806][T22645] FAULT_INJECTION: forcing a failure. [ 1331.173806][T22645] name failslab, interval 1, probability 0, space 0, times 0 [ 1331.188186][T22645] CPU: 1 UID: 0 PID: 22645 Comm: syz.0.3878 Tainted: G I 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 1331.188241][T22645] Tainted: [I]=FIRMWARE_WORKAROUND [ 1331.188254][T22645] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1331.188273][T22645] Call Trace: [ 1331.188283][T22645] [ 1331.188295][T22645] dump_stack_lvl+0x16c/0x1f0 [ 1331.188350][T22645] should_fail_ex+0x512/0x640 [ 1331.188396][T22645] ? kmem_cache_alloc_bulk_noprof+0x6d/0xbc0 [ 1331.188449][T22645] should_failslab+0xc2/0x120 [ 1331.188481][T22645] kmem_cache_alloc_bulk_noprof+0x85/0xbc0 [ 1331.188547][T22645] ? trace_kmem_cache_alloc+0x28/0xc0 [ 1331.188578][T22645] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 1331.188623][T22645] ? mas_alloc_nodes+0x18b/0x8b0 [ 1331.188669][T22645] ? mas_alloc_nodes+0x2f1/0x8b0 [ 1331.188707][T22645] mas_alloc_nodes+0x2f1/0x8b0 [ 1331.188757][T22645] mas_node_count_gfp+0x105/0x130 [ 1331.188802][T22645] mas_preallocate+0x77b/0xda0 [ 1331.188842][T22645] ? __pfx_mas_preallocate+0x10/0x10 [ 1331.188883][T22645] ? rcu_read_unlock+0x17/0x60 [ 1331.188922][T22645] vma_link+0x135/0x6a0 [ 1331.188978][T22645] ? __pfx_vma_link+0x10/0x10 [ 1331.189024][T22645] ? rcu_is_watching+0x12/0xc0 [ 1331.189061][T22645] ? anon_vma_clone+0x405/0x5c0 [ 1331.189102][T22645] ? anon_vma_name+0x75/0x100 [ 1331.189158][T22645] copy_vma+0x6c2/0xaa0 [ 1331.189212][T22645] ? __pfx_copy_vma+0x10/0x10 [ 1331.189258][T22645] ? lockdep_hardirqs_on+0x7c/0x110 [ 1331.189316][T22645] ? register_lock_class+0x41/0x4c0 [ 1331.189358][T22645] ? __schedule+0x1181/0x5de0 [ 1331.189419][T22645] ? __lock_acquire+0x622/0x1c90 [ 1331.189469][T22645] copy_vma_and_data+0x1cf/0x750 [ 1331.189522][T22645] ? __pfx_copy_vma_and_data+0x10/0x10 [ 1331.189580][T22645] ? __vma_enter_locked+0x163/0x3f0 [ 1331.189627][T22645] ? find_held_lock+0x2b/0x80 [ 1331.189659][T22645] ? move_vma+0x536/0x1740 [ 1331.189716][T22645] move_vma+0x548/0x1740 [ 1331.189772][T22645] ? __pfx_move_vma+0x10/0x10 [ 1331.189816][T22645] ? mm_get_unmapped_area+0x95/0xe0 [ 1331.189855][T22645] ? shmem_get_unmapped_area+0x170/0xa00 [ 1331.189897][T22645] ? cap_mmap_addr+0x4b/0x120 [ 1331.189925][T22645] ? bpf_lsm_mmap_addr+0x9/0x10 [ 1331.189958][T22645] ? security_mmap_addr+0x6c/0x1e0 [ 1331.190005][T22645] ? __get_unmapped_area+0x267/0x440 [ 1331.190047][T22645] ? vrm_set_new_addr+0x208/0x290 [ 1331.190098][T22645] __do_sys_mremap+0xe07/0x1590 [ 1331.190150][T22645] ? __pfx___do_sys_mremap+0x10/0x10 [ 1331.190210][T22645] ? __fget_files+0x204/0x3c0 [ 1331.190278][T22645] ? __x64_sys_futex+0x1e0/0x4c0 [ 1331.190346][T22645] do_syscall_64+0xcd/0x490 [ 1331.190402][T22645] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1331.190436][T22645] RIP: 0033:0x7f665d18e929 [ 1331.190464][T22645] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1331.190499][T22645] RSP: 002b:00007f665df3a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 1331.190532][T22645] RAX: ffffffffffffffda RBX: 00007f665d3b6320 RCX: 00007f665d18e929 [ 1331.190554][T22645] RDX: 0000000000000008 RSI: 0000000000000002 RDI: 0000000000000000 [ 1331.190572][T22645] RBP: 00007f665d210b39 R08: 00007effffffb000 R09: 0000000000000000 [ 1331.190593][T22645] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 1331.190614][T22645] R13: 0000000000000000 R14: 00007f665d3b6320 R15: 00007ffe535d9818 [ 1331.190656][T22645] [ 1332.840925][T22658] FAULT_INJECTION: forcing a failure. [ 1332.840925][T22658] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1332.864605][T22658] CPU: 1 UID: 0 PID: 22658 Comm: syz.0.3881 Tainted: G I 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 1332.864659][T22658] Tainted: [I]=FIRMWARE_WORKAROUND [ 1332.864672][T22658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1332.864691][T22658] Call Trace: [ 1332.864703][T22658] [ 1332.864716][T22658] dump_stack_lvl+0x16c/0x1f0 [ 1332.864772][T22658] should_fail_ex+0x512/0x640 [ 1332.864838][T22658] should_fail_alloc_page+0xe7/0x130 [ 1332.864898][T22658] prepare_alloc_pages+0x3c2/0x610 [ 1332.864947][T22658] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 1332.865006][T22658] ? mas_next_slot+0x12d3/0x21b0 [ 1332.865039][T22658] ? __up_read+0x1f8/0x750 [ 1332.865110][T22658] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1332.865180][T22658] ? mas_find+0x2f6/0x530 [ 1332.865212][T22658] ? validate_mm+0x40a/0x570 [ 1332.865263][T22658] ? __pfx_validate_mm+0x10/0x10 [ 1332.865314][T22658] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1332.865368][T22658] ? policy_nodemask+0xea/0x4e0 [ 1332.865403][T22658] alloc_pages_mpol+0x1fb/0x550 [ 1332.865436][T22658] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1332.865481][T22658] alloc_pages_noprof+0x131/0x390 [ 1332.865514][T22658] __pud_alloc+0x3b/0x750 [ 1332.865554][T22658] alloc_new_pud+0x267/0x320 [ 1332.865604][T22658] move_page_tables+0x6b6/0x4070 [ 1332.865663][T22658] ? __pfx_copy_vma+0x10/0x10 [ 1332.865710][T22658] ? lockdep_hardirqs_on+0x7c/0x110 [ 1332.865768][T22658] ? __pfx_move_page_tables+0x10/0x10 [ 1332.865814][T22658] ? register_lock_class+0x41/0x4c0 [ 1332.865856][T22658] ? __schedule+0x1181/0x5de0 [ 1332.865925][T22658] ? __lock_acquire+0x622/0x1c90 [ 1332.865976][T22658] copy_vma_and_data+0x216/0x750 [ 1332.866030][T22658] ? __pfx_copy_vma_and_data+0x10/0x10 [ 1332.866090][T22658] ? __vma_enter_locked+0x163/0x3f0 [ 1332.866139][T22658] ? find_held_lock+0x2b/0x80 [ 1332.866172][T22658] ? move_vma+0x536/0x1740 [ 1332.866228][T22658] move_vma+0x548/0x1740 [ 1332.866284][T22658] ? __pfx_move_vma+0x10/0x10 [ 1332.866330][T22658] ? mm_get_unmapped_area+0x95/0xe0 [ 1332.866370][T22658] ? shmem_get_unmapped_area+0x170/0xa00 [ 1332.866413][T22658] ? cap_mmap_addr+0x4b/0x120 [ 1332.866442][T22658] ? bpf_lsm_mmap_addr+0x9/0x10 [ 1332.866476][T22658] ? security_mmap_addr+0x6c/0x1e0 [ 1332.866518][T22658] ? __get_unmapped_area+0x267/0x440 [ 1332.866560][T22658] ? vrm_set_new_addr+0x208/0x290 [ 1332.866613][T22658] __do_sys_mremap+0xe07/0x1590 [ 1332.866668][T22658] ? __pfx___do_sys_mremap+0x10/0x10 [ 1332.866730][T22658] ? __fget_files+0x204/0x3c0 [ 1332.866783][T22658] ? __x64_sys_futex+0x1e0/0x4c0 [ 1332.866850][T22658] do_syscall_64+0xcd/0x490 [ 1332.866913][T22658] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1332.866948][T22658] RIP: 0033:0x7f665d18e929 [ 1332.866975][T22658] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1332.867020][T22658] RSP: 002b:00007f665df7c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 1332.867050][T22658] RAX: ffffffffffffffda RBX: 00007f665d3b6160 RCX: 00007f665d18e929 [ 1332.867071][T22658] RDX: 0000000000000008 RSI: 0000000000000002 RDI: 0000000000000000 [ 1332.867089][T22658] RBP: 00007f665d210b39 R08: 00007effffffb000 R09: 0000000000000000 [ 1332.867109][T22658] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 1332.867128][T22658] R13: 0000000000000000 R14: 00007f665d3b6160 R15: 00007ffe535d9818 [ 1332.867167][T22658] [ 1334.651441][T22648] vidtv vidtv.0: No streaming. Skipping. [ 1335.071424][T22691] ima: policy update failed [ 1335.091910][ T30] audit: type=1802 audit(1393.010:91): pid=22691 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.3892" res=0 errno=0 [ 1335.717166][ T30] audit: type=1804 audit(1393.650:92): pid=22700 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.3893" name="/newroot/356/file0" dev="tmpfs" ino=1852 res=1 errno=0 [ 1335.783783][T22711] netlink: 'syz.0.3896': attribute type 11 has an invalid length. [ 1336.101037][T22713] program syz.1.3897 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1336.626782][T22723] can: request_module (can-proto-0) failed. [ 1337.080378][T22727] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1337.086562][T22727] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1337.413561][T22727] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1337.474710][T22727] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1338.528400][T21431] Bluetooth: hci0: command 0x0c1a tx timeout [ 1338.976254][T22754] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3902'. [ 1339.089655][T21431] Bluetooth: hci3: command 0x041b tx timeout [ 1339.488492][T21431] Bluetooth: hci4: command 0x0c1a tx timeout [ 1339.494604][T21431] Bluetooth: hci2: command 0x0406 tx timeout [ 1343.458196][T22819] FAULT_INJECTION: forcing a failure. [ 1343.458196][T22819] name failslab, interval 1, probability 0, space 0, times 0 [ 1343.473049][T22819] CPU: 0 UID: 0 PID: 22819 Comm: syz.1.3920 Tainted: G I 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 1343.473102][T22819] Tainted: [I]=FIRMWARE_WORKAROUND [ 1343.473116][T22819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1343.473136][T22819] Call Trace: [ 1343.473147][T22819] [ 1343.473160][T22819] dump_stack_lvl+0x16c/0x1f0 [ 1343.473217][T22819] should_fail_ex+0x512/0x640 [ 1343.473264][T22819] ? kmem_cache_alloc_bulk_noprof+0x6d/0xbc0 [ 1343.473318][T22819] should_failslab+0xc2/0x120 [ 1343.473350][T22819] kmem_cache_alloc_bulk_noprof+0x85/0xbc0 [ 1343.473407][T22819] ? trace_kmem_cache_alloc+0x28/0xc0 [ 1343.473441][T22819] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 1343.473492][T22819] ? mas_alloc_nodes+0x18b/0x8b0 [ 1343.473560][T22819] ? mas_alloc_nodes+0x2f1/0x8b0 [ 1343.473604][T22819] mas_alloc_nodes+0x2f1/0x8b0 [ 1343.473657][T22819] mas_node_count_gfp+0x105/0x130 [ 1343.473707][T22819] mas_preallocate+0x77b/0xda0 [ 1343.473750][T22819] ? __pfx_mas_preallocate+0x10/0x10 [ 1343.473797][T22819] ? rcu_read_unlock+0x17/0x60 [ 1343.473839][T22819] vma_link+0x135/0x6a0 [ 1343.473898][T22819] ? __pfx_vma_link+0x10/0x10 [ 1343.473946][T22819] ? rcu_is_watching+0x12/0xc0 [ 1343.473987][T22819] ? anon_vma_clone+0x405/0x5c0 [ 1343.474038][T22819] ? anon_vma_name+0x75/0x100 [ 1343.474080][T22819] copy_vma+0x6c2/0xaa0 [ 1343.474134][T22819] ? __pfx_copy_vma+0x10/0x10 [ 1343.474200][T22819] ? lockdep_hardirqs_on+0x7c/0x110 [ 1343.474260][T22819] ? register_lock_class+0x41/0x4c0 [ 1343.474305][T22819] ? __schedule+0x1181/0x5de0 [ 1343.474368][T22819] ? __lock_acquire+0x622/0x1c90 [ 1343.474422][T22819] copy_vma_and_data+0x1cf/0x750 [ 1343.474478][T22819] ? __pfx_copy_vma_and_data+0x10/0x10 [ 1343.474539][T22819] ? __vma_enter_locked+0x163/0x3f0 [ 1343.474589][T22819] ? find_held_lock+0x2b/0x80 [ 1343.474624][T22819] ? move_vma+0x536/0x1740 [ 1343.474684][T22819] move_vma+0x548/0x1740 [ 1343.474739][T22819] ? __pfx_move_vma+0x10/0x10 [ 1343.474787][T22819] ? mm_get_unmapped_area+0x95/0xe0 [ 1343.474828][T22819] ? shmem_get_unmapped_area+0x170/0xa00 [ 1343.474873][T22819] ? cap_mmap_addr+0x4b/0x120 [ 1343.474915][T22819] ? bpf_lsm_mmap_addr+0x9/0x10 [ 1343.474949][T22819] ? security_mmap_addr+0x6c/0x1e0 [ 1343.474994][T22819] ? __get_unmapped_area+0x267/0x440 [ 1343.475038][T22819] ? vrm_set_new_addr+0x208/0x290 [ 1343.475093][T22819] __do_sys_mremap+0xe07/0x1590 [ 1343.475149][T22819] ? __pfx___do_sys_mremap+0x10/0x10 [ 1343.475211][T22819] ? __fget_files+0x204/0x3c0 [ 1343.475266][T22819] ? __x64_sys_futex+0x1e0/0x4c0 [ 1343.475346][T22819] do_syscall_64+0xcd/0x490 [ 1343.475399][T22819] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1343.475432][T22819] RIP: 0033:0x7fee9418e929 [ 1343.475459][T22819] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1343.475492][T22819] RSP: 002b:00007fee95058038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 1343.475541][T22819] RAX: ffffffffffffffda RBX: 00007fee943b6240 RCX: 00007fee9418e929 [ 1343.475564][T22819] RDX: 0000000000000008 RSI: 0000000000000002 RDI: 0000000000000000 [ 1343.475584][T22819] RBP: 00007fee94210b39 R08: 00007effffffb000 R09: 0000000000000000 [ 1343.475606][T22819] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 1343.475626][T22819] R13: 0000000000000000 R14: 00007fee943b6240 R15: 00007ffc89b017d8 [ 1343.475669][T22819] [ 1345.261184][T22840] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input70 [ 1345.484838][T22844] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3928'. [ 1349.567785][T22908] netlink: 'syz.2.3946': attribute type 4 has an invalid length. [ 1349.598361][T22908] netlink: 314 bytes leftover after parsing attributes in process `syz.2.3946'. [ 1349.628480][T22908] IPv6: NLM_F_CREATE should be specified when creating new route [ 1349.654628][T22908] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 1349.662525][T22908] IPv6: NLM_F_CREATE should be set when creating new route [ 1352.215854][T22943] FAULT_INJECTION: forcing a failure. [ 1352.215854][T22943] name failslab, interval 1, probability 0, space 0, times 0 [ 1352.254638][T22942] kmem.tcp.limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 1352.271623][T22943] CPU: 1 UID: 0 PID: 22943 Comm: syz.1.3955 Tainted: G I 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 1352.271667][T22943] Tainted: [I]=FIRMWARE_WORKAROUND [ 1352.271677][T22943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1352.271691][T22943] Call Trace: [ 1352.271700][T22943] [ 1352.271709][T22943] dump_stack_lvl+0x16c/0x1f0 [ 1352.271754][T22943] should_fail_ex+0x512/0x640 [ 1352.271788][T22943] ? kmem_cache_alloc_bulk_noprof+0x6d/0xbc0 [ 1352.271827][T22943] should_failslab+0xc2/0x120 [ 1352.271849][T22943] kmem_cache_alloc_bulk_noprof+0x85/0xbc0 [ 1352.271892][T22943] ? trace_kmem_cache_alloc+0x28/0xc0 [ 1352.271917][T22943] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 1352.271952][T22943] ? mas_alloc_nodes+0x18b/0x8b0 [ 1352.271987][T22943] ? mas_alloc_nodes+0x2f1/0x8b0 [ 1352.272031][T22943] mas_alloc_nodes+0x2f1/0x8b0 [ 1352.272069][T22943] mas_node_count_gfp+0x105/0x130 [ 1352.272103][T22943] mas_preallocate+0x77b/0xda0 [ 1352.272141][T22943] ? __pfx_mas_preallocate+0x10/0x10 [ 1352.272173][T22943] ? rcu_read_unlock+0x17/0x60 [ 1352.272203][T22943] vma_link+0x135/0x6a0 [ 1352.272240][T22943] ? __pfx_vma_link+0x10/0x10 [ 1352.272273][T22943] ? rcu_is_watching+0x12/0xc0 [ 1352.272301][T22943] ? anon_vma_clone+0x405/0x5c0 [ 1352.272333][T22943] ? anon_vma_name+0x75/0x100 [ 1352.272362][T22943] copy_vma+0x6c2/0xaa0 [ 1352.272403][T22943] ? __pfx_copy_vma+0x10/0x10 [ 1352.272449][T22943] ? lockdep_hardirqs_on+0x7c/0x110 [ 1352.272506][T22943] ? register_lock_class+0x41/0x4c0 [ 1352.272539][T22943] ? __schedule+0x1181/0x5de0 [ 1352.272581][T22943] ? __lock_acquire+0x622/0x1c90 [ 1352.272615][T22943] copy_vma_and_data+0x1cf/0x750 [ 1352.272652][T22943] ? __pfx_copy_vma_and_data+0x10/0x10 [ 1352.272691][T22943] ? __vma_enter_locked+0x163/0x3f0 [ 1352.272724][T22943] ? find_held_lock+0x2b/0x80 [ 1352.272765][T22943] ? move_vma+0x536/0x1740 [ 1352.272806][T22943] move_vma+0x548/0x1740 [ 1352.272844][T22943] ? __pfx_move_vma+0x10/0x10 [ 1352.272879][T22943] ? mm_get_unmapped_area+0x95/0xe0 [ 1352.272905][T22943] ? shmem_get_unmapped_area+0x170/0xa00 [ 1352.272935][T22943] ? cap_mmap_addr+0x4b/0x120 [ 1352.272955][T22943] ? bpf_lsm_mmap_addr+0x9/0x10 [ 1352.272978][T22943] ? security_mmap_addr+0x6c/0x1e0 [ 1352.273006][T22943] ? __get_unmapped_area+0x267/0x440 [ 1352.273035][T22943] ? vrm_set_new_addr+0x208/0x290 [ 1352.273070][T22943] __do_sys_mremap+0xe07/0x1590 [ 1352.273107][T22943] ? __pfx___do_sys_mremap+0x10/0x10 [ 1352.273155][T22943] ? __fget_files+0x204/0x3c0 [ 1352.273193][T22943] ? __x64_sys_futex+0x1e0/0x4c0 [ 1352.273239][T22943] do_syscall_64+0xcd/0x490 [ 1352.273277][T22943] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1352.273301][T22943] RIP: 0033:0x7fee9418e929 [ 1352.273326][T22943] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1352.273350][T22943] RSP: 002b:00007fee95037038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 1352.273376][T22943] RAX: ffffffffffffffda RBX: 00007fee943b6320 RCX: 00007fee9418e929 [ 1352.273392][T22943] RDX: 0000000000000008 RSI: 0000000000000002 RDI: 0000000000000000 [ 1352.273406][T22943] RBP: 00007fee94210b39 R08: 00007effffffb000 R09: 0000000000000000 [ 1352.273421][T22943] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 1352.273435][T22943] R13: 0000000000000000 R14: 00007fee943b6320 R15: 00007ffc89b017d8 [ 1352.273463][T22943] [ 1353.040437][T22942] blktrace: Concurrent blktraces are not allowed on loop2 [ 1357.199263][T22988] FAULT_INJECTION: forcing a failure. [ 1357.199263][T22988] name failslab, interval 1, probability 0, space 0, times 0 [ 1357.244892][T22995] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3972'. [ 1357.275171][T22988] CPU: 0 UID: 0 PID: 22988 Comm: syz.0.3971 Tainted: G I 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 1357.275224][T22988] Tainted: [I]=FIRMWARE_WORKAROUND [ 1357.275238][T22988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1357.275258][T22988] Call Trace: [ 1357.275270][T22988] [ 1357.275282][T22988] dump_stack_lvl+0x16c/0x1f0 [ 1357.275351][T22988] should_fail_ex+0x512/0x640 [ 1357.275394][T22988] ? kmem_cache_alloc_bulk_noprof+0x6d/0xbc0 [ 1357.275446][T22988] should_failslab+0xc2/0x120 [ 1357.275477][T22988] kmem_cache_alloc_bulk_noprof+0x85/0xbc0 [ 1357.275530][T22988] ? trace_kmem_cache_alloc+0x28/0xc0 [ 1357.275562][T22988] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 1357.275609][T22988] ? mas_alloc_nodes+0x18b/0x8b0 [ 1357.275655][T22988] ? mas_alloc_nodes+0x2f1/0x8b0 [ 1357.275701][T22988] mas_alloc_nodes+0x2f1/0x8b0 [ 1357.275751][T22988] mas_node_count_gfp+0x105/0x130 [ 1357.275799][T22988] mas_preallocate+0x77b/0xda0 [ 1357.275840][T22988] ? __pfx_mas_preallocate+0x10/0x10 [ 1357.275883][T22988] ? rcu_read_unlock+0x17/0x60 [ 1357.275924][T22988] vma_link+0x135/0x6a0 [ 1357.275973][T22988] ? __pfx_vma_link+0x10/0x10 [ 1357.276017][T22988] ? rcu_is_watching+0x12/0xc0 [ 1357.276056][T22988] ? anon_vma_clone+0x405/0x5c0 [ 1357.276097][T22988] ? anon_vma_name+0x75/0x100 [ 1357.276136][T22988] copy_vma+0x6c2/0xaa0 [ 1357.276191][T22988] ? __pfx_copy_vma+0x10/0x10 [ 1357.276236][T22988] ? lockdep_hardirqs_on+0x7c/0x110 [ 1357.276306][T22988] ? register_lock_class+0x41/0x4c0 [ 1357.276349][T22988] ? __schedule+0x1181/0x5de0 [ 1357.276410][T22988] ? __lock_acquire+0x622/0x1c90 [ 1357.276460][T22988] copy_vma_and_data+0x1cf/0x750 [ 1357.276514][T22988] ? __pfx_copy_vma_and_data+0x10/0x10 [ 1357.276573][T22988] ? __vma_enter_locked+0x163/0x3f0 [ 1357.276621][T22988] ? find_held_lock+0x2b/0x80 [ 1357.276654][T22988] ? move_vma+0x536/0x1740 [ 1357.276749][T22988] move_vma+0x548/0x1740 [ 1357.276801][T22988] ? __pfx_move_vma+0x10/0x10 [ 1357.276844][T22988] ? mm_get_unmapped_area+0x95/0xe0 [ 1357.276881][T22988] ? shmem_get_unmapped_area+0x170/0xa00 [ 1357.276919][T22988] ? cap_mmap_addr+0x4b/0x120 [ 1357.276947][T22988] ? bpf_lsm_mmap_addr+0x9/0x10 [ 1357.276997][T22988] ? security_mmap_addr+0x6c/0x1e0 [ 1357.277039][T22988] ? __get_unmapped_area+0x267/0x440 [ 1357.277080][T22988] ? vrm_set_new_addr+0x208/0x290 [ 1357.277132][T22988] __do_sys_mremap+0xe07/0x1590 [ 1357.277185][T22988] ? __pfx___do_sys_mremap+0x10/0x10 [ 1357.277244][T22988] ? __fget_files+0x204/0x3c0 [ 1357.277306][T22988] ? __x64_sys_futex+0x1e0/0x4c0 [ 1357.277367][T22988] do_syscall_64+0xcd/0x490 [ 1357.277419][T22988] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1357.277450][T22988] RIP: 0033:0x7f665d18e929 [ 1357.277476][T22988] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1357.277508][T22988] RSP: 002b:00007f665dfbe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 1357.277537][T22988] RAX: ffffffffffffffda RBX: 00007f665d3b5fa0 RCX: 00007f665d18e929 [ 1357.277558][T22988] RDX: 0000000000000008 RSI: 0000000000000002 RDI: 0000000000000000 [ 1357.277576][T22988] RBP: 00007f665d210b39 R08: 00007effffffb000 R09: 0000000000000000 [ 1357.277596][T22988] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 1357.277615][T22988] R13: 0000000000000000 R14: 00007f665d3b5fa0 R15: 00007ffe535d9818 [ 1357.277654][T22988] [ 1357.438635][T22995] vlan1: left allmulticast mode [ 1357.658551][T22995] veth0_vlan: left allmulticast mode [ 1357.666602][T22995] vlan1: left promiscuous mode [ 1357.672580][T22995] bridge0: port 3(vlan1) entered disabled state [ 1357.928729][T22995] bridge_slave_1: left allmulticast mode [ 1357.934647][T22995] bridge_slave_1: left promiscuous mode [ 1357.977223][T22995] bridge0: port 2(bridge_slave_1) entered disabled state [ 1358.054448][T22995] bridge_slave_0: left allmulticast mode [ 1358.078415][T22995] bridge_slave_0: left promiscuous mode [ 1358.084271][T22995] bridge0: port 1(bridge_slave_0) entered disabled state [ 1361.120135][T23032] FAULT_INJECTION: forcing a failure. [ 1361.120135][T23032] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1361.133493][T23032] CPU: 1 UID: 0 PID: 23032 Comm: syz.1.3983 Tainted: G I 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 1361.133529][T23032] Tainted: [I]=FIRMWARE_WORKAROUND [ 1361.133539][T23032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1361.133554][T23032] Call Trace: [ 1361.133562][T23032] [ 1361.133571][T23032] dump_stack_lvl+0x16c/0x1f0 [ 1361.133611][T23032] should_fail_ex+0x512/0x640 [ 1361.133660][T23032] should_fail_alloc_page+0xe7/0x130 [ 1361.133683][T23032] prepare_alloc_pages+0x3c2/0x610 [ 1361.133714][T23032] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 1361.133748][T23032] ? mas_next_slot+0x12d3/0x21b0 [ 1361.133769][T23032] ? __up_read+0x1f8/0x750 [ 1361.133805][T23032] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1361.133840][T23032] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1361.133872][T23032] ? mas_find+0x2f6/0x530 [ 1361.133892][T23032] ? validate_mm+0x40a/0x570 [ 1361.133929][T23032] ? __lock_acquire+0xb8a/0x1c90 [ 1361.133958][T23032] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1361.133992][T23032] ? policy_nodemask+0xea/0x4e0 [ 1361.134015][T23032] alloc_pages_mpol+0x1fb/0x550 [ 1361.134037][T23032] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1361.134057][T23032] ? __pud_alloc+0x521/0x750 [ 1361.134086][T23032] alloc_pages_noprof+0x131/0x390 [ 1361.134107][T23032] __pmd_alloc+0x3b/0x930 [ 1361.134134][T23032] move_page_tables+0x28c8/0x4070 [ 1361.134171][T23032] ? __pfx_copy_vma+0x10/0x10 [ 1361.134208][T23032] ? finish_task_switch.isra.0+0x21c/0xc10 [ 1361.134237][T23032] ? __pfx_move_page_tables+0x10/0x10 [ 1361.134268][T23032] ? register_lock_class+0x41/0x4c0 [ 1361.134297][T23032] ? rcu_is_watching+0x12/0xc0 [ 1361.134336][T23032] copy_vma_and_data+0x216/0x750 [ 1361.134371][T23032] ? __pfx_copy_vma_and_data+0x10/0x10 [ 1361.134408][T23032] ? __vma_enter_locked+0x163/0x3f0 [ 1361.134439][T23032] ? find_held_lock+0x2b/0x80 [ 1361.134460][T23032] ? move_vma+0x536/0x1740 [ 1361.134497][T23032] move_vma+0x548/0x1740 [ 1361.134533][T23032] ? __pfx_move_vma+0x10/0x10 [ 1361.134563][T23032] ? mm_get_unmapped_area+0x95/0xe0 [ 1361.134589][T23032] ? shmem_get_unmapped_area+0x170/0xa00 [ 1361.134617][T23032] ? cap_mmap_addr+0x4b/0x120 [ 1361.134637][T23032] ? bpf_lsm_mmap_addr+0x9/0x10 [ 1361.134659][T23032] ? security_mmap_addr+0x6c/0x1e0 [ 1361.134686][T23032] ? __get_unmapped_area+0x267/0x440 [ 1361.134713][T23032] ? vrm_set_new_addr+0x208/0x290 [ 1361.134747][T23032] __do_sys_mremap+0xe07/0x1590 [ 1361.134782][T23032] ? __pfx___do_sys_mremap+0x10/0x10 [ 1361.134821][T23032] ? __fget_files+0x204/0x3c0 [ 1361.134855][T23032] ? __x64_sys_futex+0x1e0/0x4c0 [ 1361.134897][T23032] do_syscall_64+0xcd/0x490 [ 1361.134933][T23032] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1361.134955][T23032] RIP: 0033:0x7fee9418e929 [ 1361.134973][T23032] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1361.134995][T23032] RSP: 002b:00007fee950bb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 1361.135015][T23032] RAX: ffffffffffffffda RBX: 00007fee943b5fa0 RCX: 00007fee9418e929 [ 1361.135031][T23032] RDX: 0000000000000008 RSI: 0000000000000002 RDI: 0000000000000000 [ 1361.135044][T23032] RBP: 00007fee94210b39 R08: 00007effffffb000 R09: 0000000000000000 [ 1361.135058][T23032] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 1361.135071][T23032] R13: 0000000000000000 R14: 00007fee943b5fa0 R15: 00007ffc89b017d8 [ 1361.135097][T23032] [ 1361.474455][ C1] vkms_vblank_simulate: vblank timer overrun [ 1364.167928][T23073] FAULT_INJECTION: forcing a failure. [ 1364.167928][T23073] name failslab, interval 1, probability 0, space 0, times 0 [ 1364.181276][T23073] CPU: 1 UID: 0 PID: 23073 Comm: syz.3.3991 Tainted: G I 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 1364.181330][T23073] Tainted: [I]=FIRMWARE_WORKAROUND [ 1364.181344][T23073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1364.181365][T23073] Call Trace: [ 1364.181377][T23073] [ 1364.181391][T23073] dump_stack_lvl+0x16c/0x1f0 [ 1364.181450][T23073] should_fail_ex+0x512/0x640 [ 1364.181511][T23073] ? fs_reclaim_acquire+0xae/0x150 [ 1364.181553][T23073] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 1364.181597][T23073] should_failslab+0xc2/0x120 [ 1364.181629][T23073] __kmalloc_noprof+0xd2/0x510 [ 1364.181683][T23073] ? __lock_acquire+0x622/0x1c90 [ 1364.181736][T23073] tomoyo_realpath_from_path+0xc2/0x6e0 [ 1364.181787][T23073] ? tomoyo_profile+0x47/0x60 [ 1364.181843][T23073] tomoyo_path_perm+0x274/0x460 [ 1364.181879][T23073] ? tomoyo_path_perm+0x260/0x460 [ 1364.181919][T23073] ? __pfx_tomoyo_path_perm+0x10/0x10 [ 1364.181976][T23073] ? d_add+0x47a/0x780 [ 1364.182027][T23073] ? __pfx_current_check_access_path+0x10/0x10 [ 1364.182071][T23073] ? lookup_one_qstr_excl_raw.part.0+0xf9/0x160 [ 1364.182114][T23073] ? lookup_dcache+0x66/0x170 [ 1364.182159][T23073] tomoyo_path_symlink+0x97/0xe0 [ 1364.182210][T23073] ? __pfx_tomoyo_path_symlink+0x10/0x10 [ 1364.182259][T23073] ? find_held_lock+0x2b/0x80 [ 1364.182291][T23073] ? __might_fault+0xe3/0x190 [ 1364.182345][T23073] security_path_symlink+0x152/0x2e0 [ 1364.182384][T23073] do_symlinkat+0x10d/0x310 [ 1364.182437][T23073] ? __pfx_do_symlinkat+0x10/0x10 [ 1364.182489][T23073] ? getname_flags.part.0+0x1c5/0x550 [ 1364.182535][T23073] __x64_sys_symlink+0x75/0x90 [ 1364.182601][T23073] do_syscall_64+0xcd/0x490 [ 1364.182656][T23073] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1364.182690][T23073] RIP: 0033:0x7fc1d838e929 [ 1364.182717][T23073] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1364.182751][T23073] RSP: 002b:00007fc1d91a5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000058 [ 1364.182801][T23073] RAX: ffffffffffffffda RBX: 00007fc1d85b5fa0 RCX: 00007fc1d838e929 [ 1364.182824][T23073] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000000 [ 1364.182845][T23073] RBP: 00007fc1d8410b39 R08: 0000000000000000 R09: 0000000000000000 [ 1364.182865][T23073] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1364.182886][T23073] R13: 0000000000000000 R14: 00007fc1d85b5fa0 R15: 00007ffec46996e8 [ 1364.182929][T23073] [ 1364.182942][T23073] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1365.197757][T23088] netlink: 130 bytes leftover after parsing attributes in process `syz.2.3995'. [ 1365.920057][T23091] FAULT_INJECTION: forcing a failure. [ 1365.920057][T23091] name failslab, interval 1, probability 0, space 0, times 0 [ 1365.950160][T23091] CPU: 0 UID: 0 PID: 23091 Comm: syz.0.3997 Tainted: G I 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 1365.950220][T23091] Tainted: [I]=FIRMWARE_WORKAROUND [ 1365.950233][T23091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1365.950254][T23091] Call Trace: [ 1365.950265][T23091] [ 1365.950279][T23091] dump_stack_lvl+0x16c/0x1f0 [ 1365.950361][T23091] should_fail_ex+0x512/0x640 [ 1365.950410][T23091] ? kmem_cache_alloc_bulk_noprof+0x6d/0xbc0 [ 1365.950468][T23091] should_failslab+0xc2/0x120 [ 1365.950502][T23091] kmem_cache_alloc_bulk_noprof+0x85/0xbc0 [ 1365.950562][T23091] ? trace_kmem_cache_alloc+0x28/0xc0 [ 1365.950598][T23091] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 1365.950650][T23091] ? mas_alloc_nodes+0x18b/0x8b0 [ 1365.950700][T23091] ? mas_alloc_nodes+0x2f1/0x8b0 [ 1365.950746][T23091] mas_alloc_nodes+0x2f1/0x8b0 [ 1365.950801][T23091] mas_node_count_gfp+0x105/0x130 [ 1365.950852][T23091] mas_preallocate+0x77b/0xda0 [ 1365.950896][T23091] ? __pfx_mas_preallocate+0x10/0x10 [ 1365.950954][T23091] ? rcu_read_unlock+0x17/0x60 [ 1365.951000][T23091] vma_link+0x135/0x6a0 [ 1365.951055][T23091] ? __pfx_vma_link+0x10/0x10 [ 1365.951104][T23091] ? rcu_is_watching+0x12/0xc0 [ 1365.951147][T23091] ? anon_vma_clone+0x405/0x5c0 [ 1365.951192][T23091] ? anon_vma_name+0x75/0x100 [ 1365.951234][T23091] copy_vma+0x6c2/0xaa0 [ 1365.951287][T23091] ? __pfx_copy_vma+0x10/0x10 [ 1365.951329][T23091] ? lockdep_hardirqs_on+0x7c/0x110 [ 1365.951380][T23091] ? register_lock_class+0x41/0x4c0 [ 1365.951418][T23091] ? __schedule+0x1181/0x5de0 [ 1365.951471][T23091] ? __lock_acquire+0x622/0x1c90 [ 1365.951515][T23091] copy_vma_and_data+0x1cf/0x750 [ 1365.951564][T23091] ? __pfx_copy_vma_and_data+0x10/0x10 [ 1365.951634][T23091] ? __vma_enter_locked+0x163/0x3f0 [ 1365.951678][T23091] ? find_held_lock+0x2b/0x80 [ 1365.951709][T23091] ? move_vma+0x536/0x1740 [ 1365.951759][T23091] move_vma+0x548/0x1740 [ 1365.951808][T23091] ? __pfx_move_vma+0x10/0x10 [ 1365.951848][T23091] ? mm_get_unmapped_area+0x95/0xe0 [ 1365.951882][T23091] ? shmem_get_unmapped_area+0x170/0xa00 [ 1365.951920][T23091] ? cap_mmap_addr+0x4b/0x120 [ 1365.951955][T23091] ? bpf_lsm_mmap_addr+0x9/0x10 [ 1365.951986][T23091] ? security_mmap_addr+0x6c/0x1e0 [ 1365.952023][T23091] ? __get_unmapped_area+0x267/0x440 [ 1365.952061][T23091] ? vrm_set_new_addr+0x208/0x290 [ 1365.952107][T23091] __do_sys_mremap+0xe07/0x1590 [ 1365.952157][T23091] ? __pfx___do_sys_mremap+0x10/0x10 [ 1365.952211][T23091] ? __fget_files+0x204/0x3c0 [ 1365.952259][T23091] ? __x64_sys_futex+0x1e0/0x4c0 [ 1365.952323][T23091] do_syscall_64+0xcd/0x490 [ 1365.952377][T23091] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1365.952408][T23091] RIP: 0033:0x7f665d18e929 [ 1365.952432][T23091] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1365.952461][T23091] RSP: 002b:00007f665dfbe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 1365.952490][T23091] RAX: ffffffffffffffda RBX: 00007f665d3b5fa0 RCX: 00007f665d18e929 [ 1365.952512][T23091] RDX: 0000000000000008 RSI: 0000000000000002 RDI: 0000000000000000 [ 1365.952530][T23091] RBP: 00007f665d210b39 R08: 00007effffffb000 R09: 0000000000000000 [ 1365.952550][T23091] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 1365.952569][T23091] R13: 0000000000000000 R14: 00007f665d3b5fa0 R15: 00007ffe535d9818 [ 1365.952607][T23091] [ 1367.029824][ T30] audit: type=1800 audit(4294968710.501:93): pid=23120 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.4001" name="SYSVffffffff" dev="tmpfs" ino=0 res=0 errno=0 [ 1368.599185][T23135] phram: not enough arguments [ 1371.478685][T23173] FAULT_INJECTION: forcing a failure. [ 1371.478685][T23173] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1371.542438][T23173] CPU: 1 UID: 0 PID: 23173 Comm: syz.3.4018 Tainted: G I 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 1371.542489][T23173] Tainted: [I]=FIRMWARE_WORKAROUND [ 1371.542503][T23173] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1371.542531][T23173] Call Trace: [ 1371.542541][T23173] [ 1371.542553][T23173] dump_stack_lvl+0x16c/0x1f0 [ 1371.542609][T23173] should_fail_ex+0x512/0x640 [ 1371.542660][T23173] should_fail_alloc_page+0xe7/0x130 [ 1371.542693][T23173] prepare_alloc_pages+0x3c2/0x610 [ 1371.542737][T23173] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 1371.542786][T23173] ? mas_next_slot+0x12d3/0x21b0 [ 1371.542816][T23173] ? __up_read+0x1f8/0x750 [ 1371.542869][T23173] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1371.542918][T23173] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1371.542964][T23173] ? mas_find+0x2f6/0x530 [ 1371.543003][T23173] ? validate_mm+0x40a/0x570 [ 1371.543054][T23173] ? __lock_acquire+0xb8a/0x1c90 [ 1371.543093][T23173] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1371.543154][T23173] ? policy_nodemask+0xea/0x4e0 [ 1371.543186][T23173] alloc_pages_mpol+0x1fb/0x550 [ 1371.543218][T23173] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1371.543247][T23173] ? __pud_alloc+0x521/0x750 [ 1371.543289][T23173] alloc_pages_noprof+0x131/0x390 [ 1371.543320][T23173] __pmd_alloc+0x3b/0x930 [ 1371.543358][T23173] move_page_tables+0x28c8/0x4070 [ 1371.543411][T23173] ? __pfx_copy_vma+0x10/0x10 [ 1371.543454][T23173] ? finish_task_switch.isra.0+0x21c/0xc10 [ 1371.543498][T23173] ? __pfx_move_page_tables+0x10/0x10 [ 1371.543552][T23173] ? register_lock_class+0x41/0x4c0 [ 1371.543591][T23173] ? rcu_is_watching+0x12/0xc0 [ 1371.543647][T23173] copy_vma_and_data+0x216/0x750 [ 1371.543697][T23173] ? __pfx_copy_vma_and_data+0x10/0x10 [ 1371.543753][T23173] ? __vma_enter_locked+0x163/0x3f0 [ 1371.543796][T23173] ? find_held_lock+0x2b/0x80 [ 1371.543827][T23173] ? move_vma+0x536/0x1740 [ 1371.543880][T23173] move_vma+0x548/0x1740 [ 1371.543948][T23173] ? __pfx_move_vma+0x10/0x10 [ 1371.543993][T23173] ? mm_get_unmapped_area+0x95/0xe0 [ 1371.544031][T23173] ? shmem_get_unmapped_area+0x170/0xa00 [ 1371.544073][T23173] ? cap_mmap_addr+0x4b/0x120 [ 1371.544102][T23173] ? bpf_lsm_mmap_addr+0x9/0x10 [ 1371.544136][T23173] ? security_mmap_addr+0x6c/0x1e0 [ 1371.544177][T23173] ? __get_unmapped_area+0x267/0x440 [ 1371.544219][T23173] ? vrm_set_new_addr+0x208/0x290 [ 1371.544271][T23173] __do_sys_mremap+0xe07/0x1590 [ 1371.544326][T23173] ? __pfx___do_sys_mremap+0x10/0x10 [ 1371.544385][T23173] ? __fget_files+0x204/0x3c0 [ 1371.544439][T23173] ? __x64_sys_futex+0x1e0/0x4c0 [ 1371.544514][T23173] do_syscall_64+0xcd/0x490 [ 1371.544572][T23173] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1371.544606][T23173] RIP: 0033:0x7fc1d838e929 [ 1371.544633][T23173] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1371.544669][T23173] RSP: 002b:00007fc1d91a5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 1371.544701][T23173] RAX: ffffffffffffffda RBX: 00007fc1d85b5fa0 RCX: 00007fc1d838e929 [ 1371.544723][T23173] RDX: 0000000000000008 RSI: 0000000000000002 RDI: 0000000000000000 [ 1371.544743][T23173] RBP: 00007fc1d8410b39 R08: 00007effffffb000 R09: 0000000000000000 [ 1371.544763][T23173] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 1371.544782][T23173] R13: 0000000000000000 R14: 00007fc1d85b5fa0 R15: 00007ffec46996e8 [ 1371.544823][T23173] [ 1372.054733][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 1372.061265][ T1299] ieee802154 phy1 wpan1: encryption failed: -22             syzkaller syzkaller login: [ 1380.730575][T23307] FAULT_INJECTION: forcing a failure. [ 1380.730575][T23307] name failslab, interval 1, probability 0, space 0, times 0 [ 1380.758331][T23307] CPU: 1 UID: 0 PID: 23307 Comm: syz.0.4051 Tainted: G I 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 1380.758385][T23307] Tainted: [I]=FIRMWARE_WORKAROUND [ 1380.758397][T23307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1380.758417][T23307] Call Trace: [ 1380.758429][T23307] [ 1380.758442][T23307] dump_stack_lvl+0x16c/0x1f0 [ 1380.758500][T23307] should_fail_ex+0x512/0x640 [ 1380.758547][T23307] ? kmem_cache_alloc_bulk_noprof+0x6d/0xbc0 [ 1380.758602][T23307] should_failslab+0xc2/0x120 [ 1380.758633][T23307] kmem_cache_alloc_bulk_noprof+0x85/0xbc0 [ 1380.758690][T23307] ? trace_kmem_cache_alloc+0x28/0xc0 [ 1380.758731][T23307] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 1380.758781][T23307] ? mas_alloc_nodes+0x18b/0x8b0 [ 1380.758831][T23307] ? mas_alloc_nodes+0x2f1/0x8b0 [ 1380.758874][T23307] mas_alloc_nodes+0x2f1/0x8b0 [ 1380.758929][T23307] mas_node_count_gfp+0x105/0x130 [ 1380.758978][T23307] mas_preallocate+0x77b/0xda0 [ 1380.759021][T23307] ? __pfx_mas_preallocate+0x10/0x10 [ 1380.759067][T23307] ? rcu_read_unlock+0x17/0x60 [ 1380.759110][T23307] vma_link+0x135/0x6a0 [ 1380.759161][T23307] ? __pfx_vma_link+0x10/0x10 [ 1380.759209][T23307] ? rcu_is_watching+0x12/0xc0 [ 1380.759248][T23307] ? anon_vma_clone+0x405/0x5c0 [ 1380.759294][T23307] ? anon_vma_name+0x75/0x100 [ 1380.759335][T23307] copy_vma+0x6c2/0xaa0 [ 1380.759394][T23307] ? __pfx_copy_vma+0x10/0x10 [ 1380.759438][T23307] ? lockdep_hardirqs_on+0x7c/0x110 [ 1380.759496][T23307] ? register_lock_class+0x41/0x4c0 [ 1380.759537][T23307] ? __schedule+0x1181/0x5de0 [ 1380.759595][T23307] ? __lock_acquire+0x622/0x1c90 [ 1380.759643][T23307] copy_vma_and_data+0x1cf/0x750 [ 1380.759696][T23307] ? __pfx_copy_vma_and_data+0x10/0x10 [ 1380.759763][T23307] ? __vma_enter_locked+0x163/0x3f0 [ 1380.759813][T23307] ? find_held_lock+0x2b/0x80 [ 1380.759845][T23307] ? move_vma+0x536/0x1740 [ 1380.759902][T23307] move_vma+0x548/0x1740 [ 1380.759958][T23307] ? __pfx_move_vma+0x10/0x10 [ 1380.760003][T23307] ? mm_get_unmapped_area+0x95/0xe0 [ 1380.760043][T23307] ? shmem_get_unmapped_area+0x170/0xa00 [ 1380.760086][T23307] ? cap_mmap_addr+0x4b/0x120 [ 1380.760116][T23307] ? bpf_lsm_mmap_addr+0x9/0x10 [ 1380.760150][T23307] ? security_mmap_addr+0x6c/0x1e0 [ 1380.760192][T23307] ? __get_unmapped_area+0x267/0x440 [ 1380.760234][T23307] ? vrm_set_new_addr+0x208/0x290 [ 1380.760286][T23307] __do_sys_mremap+0xe07/0x1590 [ 1380.760359][T23307] ? __pfx___do_sys_mremap+0x10/0x10 [ 1380.760423][T23307] ? __fget_files+0x204/0x3c0 [ 1380.760479][T23307] ? __x64_sys_futex+0x1e0/0x4c0 [ 1380.760547][T23307] do_syscall_64+0xcd/0x490 [ 1380.760606][T23307] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1380.760642][T23307] RIP: 0033:0x7f665d18e929 [ 1380.760670][T23307] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1380.760711][T23307] RSP: 002b:00007f665df3a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 1380.760746][T23307] RAX: ffffffffffffffda RBX: 00007f665d3b6320 RCX: 00007f665d18e929 [ 1380.760768][T23307] RDX: 0000000000000008 RSI: 0000000000000002 RDI: 0000000000000000 [ 1380.760789][T23307] RBP: 00007f665d210b39 R08: 00007effffffb000 R09: 0000000000000000 [ 1380.760812][T23307] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 1380.760832][T23307] R13: 0000000000000000 R14: 00007f665d3b6320 R15: 00007ffe535d9818 [ 1380.760876][T23307] [ 1381.901357][T23314] FAULT_INJECTION: forcing a failure. [ 1381.901357][T23314] name failslab, interval 1, probability 0, space 0, times 0 [ 1381.958482][T23314] CPU: 0 UID: 0 PID: 23314 Comm: syz.3.4054 Tainted: G I 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 1381.958539][T23314] Tainted: [I]=FIRMWARE_WORKAROUND [ 1381.958553][T23314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1381.958574][T23314] Call Trace: [ 1381.958586][T23314] [ 1381.958598][T23314] dump_stack_lvl+0x16c/0x1f0 [ 1381.958664][T23314] should_fail_ex+0x512/0x640 [ 1381.958711][T23314] ? fs_reclaim_acquire+0xae/0x150 [ 1381.958753][T23314] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 1381.958799][T23314] should_failslab+0xc2/0x120 [ 1381.958832][T23314] __kmalloc_noprof+0xd2/0x510 [ 1381.958878][T23314] ? __lock_acquire+0x622/0x1c90 [ 1381.958932][T23314] tomoyo_realpath_from_path+0xc2/0x6e0 [ 1381.958982][T23314] ? tomoyo_profile+0x47/0x60 [ 1381.959037][T23314] tomoyo_path_perm+0x274/0x460 [ 1381.959071][T23314] ? tomoyo_path_perm+0x260/0x460 [ 1381.959112][T23314] ? __pfx_tomoyo_path_perm+0x10/0x10 [ 1381.959170][T23314] ? d_add+0x47a/0x780 [ 1381.959221][T23314] ? __pfx_current_check_access_path+0x10/0x10 [ 1381.959263][T23314] ? lookup_one_qstr_excl_raw.part.0+0xf9/0x160 [ 1381.959298][T23314] ? lookup_dcache+0x66/0x170 [ 1381.959343][T23314] tomoyo_path_symlink+0x97/0xe0 [ 1381.959394][T23314] ? __pfx_tomoyo_path_symlink+0x10/0x10 [ 1381.959443][T23314] ? find_held_lock+0x2b/0x80 [ 1381.959474][T23314] ? __might_fault+0xe3/0x190 [ 1381.959537][T23314] security_path_symlink+0x152/0x2e0 [ 1381.959593][T23314] do_symlinkat+0x10d/0x310 [ 1381.959652][T23314] ? __pfx_do_symlinkat+0x10/0x10 [ 1381.959703][T23314] ? getname_flags.part.0+0x1c5/0x550 [ 1381.959751][T23314] __x64_sys_symlink+0x75/0x90 [ 1381.959804][T23314] do_syscall_64+0xcd/0x490 [ 1381.959859][T23314] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1381.959892][T23314] RIP: 0033:0x7fc1d838e929 [ 1381.959917][T23314] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1381.959951][T23314] RSP: 002b:00007fc1d91a5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000058 [ 1381.959984][T23314] RAX: ffffffffffffffda RBX: 00007fc1d85b5fa0 RCX: 00007fc1d838e929 [ 1381.960005][T23314] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000000 [ 1381.960026][T23314] RBP: 00007fc1d8410b39 R08: 0000000000000000 R09: 0000000000000000 [ 1381.960046][T23314] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1381.960065][T23314] R13: 0000000000000000 R14: 00007fc1d85b5fa0 R15: 00007ffec46996e8 [ 1381.960116][T23314] [ 1381.960128][T23314] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1385.148099][T23363] delete_channel: no stack [ 1387.706635][ T30] audit: type=1800 audit(4294968731.171:95): pid=23410 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.4086" name="SYSVffffffff" dev="tmpfs" ino=0 res=0 errno=0 [ 1388.773960][T23422] netlink: 334 bytes leftover after parsing attributes in process `syz.3.4089'. [ 1389.416714][T23428] FAULT_INJECTION: forcing a failure. [ 1389.416714][T23428] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1389.430469][T23428] CPU: 1 UID: 0 PID: 23428 Comm: syz.3.4092 Tainted: G I 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 1389.430521][T23428] Tainted: [I]=FIRMWARE_WORKAROUND [ 1389.430536][T23428] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1389.430555][T23428] Call Trace: [ 1389.430565][T23428] [ 1389.430579][T23428] dump_stack_lvl+0x16c/0x1f0 [ 1389.430634][T23428] should_fail_ex+0x512/0x640 [ 1389.430690][T23428] should_fail_alloc_page+0xe7/0x130 [ 1389.430725][T23428] prepare_alloc_pages+0x3c2/0x610 [ 1389.430773][T23428] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 1389.430826][T23428] ? mas_next_slot+0x12d3/0x21b0 [ 1389.430860][T23428] ? __up_read+0x1f8/0x750 [ 1389.430917][T23428] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1389.430980][T23428] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1389.431030][T23428] ? mas_find+0x2f6/0x530 [ 1389.431062][T23428] ? validate_mm+0x40a/0x570 [ 1389.431122][T23428] ? __lock_acquire+0xb8a/0x1c90 [ 1389.431168][T23428] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1389.431223][T23428] ? policy_nodemask+0xea/0x4e0 [ 1389.431259][T23428] alloc_pages_mpol+0x1fb/0x550 [ 1389.431293][T23428] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1389.431325][T23428] ? __pud_alloc+0x521/0x750 [ 1389.431371][T23428] alloc_pages_noprof+0x131/0x390 [ 1389.431405][T23428] __pmd_alloc+0x3b/0x930 [ 1389.431457][T23428] move_page_tables+0x28c8/0x4070 [ 1389.431510][T23428] ? __pfx_copy_vma+0x10/0x10 [ 1389.431552][T23428] ? finish_task_switch.isra.0+0x21c/0xc10 [ 1389.431591][T23428] ? __pfx_move_page_tables+0x10/0x10 [ 1389.431635][T23428] ? register_lock_class+0x41/0x4c0 [ 1389.431674][T23428] ? rcu_is_watching+0x12/0xc0 [ 1389.431721][T23428] ? find_held_lock+0x2b/0x80 [ 1389.431754][T23428] copy_vma_and_data+0x216/0x750 [ 1389.431803][T23428] ? __pfx_copy_vma_and_data+0x10/0x10 [ 1389.431857][T23428] ? __vma_enter_locked+0x163/0x3f0 [ 1389.431901][T23428] ? find_held_lock+0x2b/0x80 [ 1389.431932][T23428] ? move_vma+0x536/0x1740 [ 1389.431994][T23428] move_vma+0x548/0x1740 [ 1389.432045][T23428] ? __pfx_move_vma+0x10/0x10 [ 1389.432087][T23428] ? mm_get_unmapped_area+0x95/0xe0 [ 1389.432123][T23428] ? shmem_get_unmapped_area+0x170/0xa00 [ 1389.432163][T23428] ? cap_mmap_addr+0x4b/0x120 [ 1389.432190][T23428] ? bpf_lsm_mmap_addr+0x9/0x10 [ 1389.432222][T23428] ? security_mmap_addr+0x6c/0x1e0 [ 1389.432261][T23428] ? __get_unmapped_area+0x267/0x440 [ 1389.432299][T23428] ? vrm_set_new_addr+0x208/0x290 [ 1389.432347][T23428] __do_sys_mremap+0xe07/0x1590 [ 1389.432398][T23428] ? __pfx___do_sys_mremap+0x10/0x10 [ 1389.432452][T23428] ? __fget_files+0x204/0x3c0 [ 1389.432502][T23428] ? __x64_sys_futex+0x1e0/0x4c0 [ 1389.432565][T23428] do_syscall_64+0xcd/0x490 [ 1389.432614][T23428] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1389.432644][T23428] RIP: 0033:0x7fc1d838e929 [ 1389.432668][T23428] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1389.432698][T23428] RSP: 002b:00007fc1d91a5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 1389.432728][T23428] RAX: ffffffffffffffda RBX: 00007fc1d85b5fa0 RCX: 00007fc1d838e929 [ 1389.432748][T23428] RDX: 0000000000000008 RSI: 0000000000000002 RDI: 0000000000000000 [ 1389.432765][T23428] RBP: 00007fc1d8410b39 R08: 00007effffffb000 R09: 0000000000000000 [ 1389.432784][T23428] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 1389.432801][T23428] R13: 0000000000000000 R14: 00007fc1d85b5fa0 R15: 00007ffec46996e8 [ 1389.432837][T23428] [ 1390.839552][T23459] FAULT_INJECTION: forcing a failure. [ 1390.839552][T23459] name failslab, interval 1, probability 0, space 0, times 0 [ 1390.891121][T23459] CPU: 1 UID: 0 PID: 23459 Comm: syz.3.4097 Tainted: G I 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 1390.891176][T23459] Tainted: [I]=FIRMWARE_WORKAROUND [ 1390.891189][T23459] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1390.891208][T23459] Call Trace: [ 1390.891220][T23459] [ 1390.891233][T23459] dump_stack_lvl+0x16c/0x1f0 [ 1390.891291][T23459] should_fail_ex+0x512/0x640 [ 1390.891339][T23459] ? kmem_cache_alloc_bulk_noprof+0x6d/0xbc0 [ 1390.891396][T23459] should_failslab+0xc2/0x120 [ 1390.891427][T23459] kmem_cache_alloc_bulk_noprof+0x85/0xbc0 [ 1390.891486][T23459] ? trace_kmem_cache_alloc+0x28/0xc0 [ 1390.891520][T23459] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 1390.891571][T23459] ? mas_alloc_nodes+0x18b/0x8b0 [ 1390.891622][T23459] ? mas_alloc_nodes+0x2f1/0x8b0 [ 1390.891667][T23459] mas_alloc_nodes+0x2f1/0x8b0 [ 1390.891734][T23459] mas_node_count_gfp+0x105/0x130 [ 1390.891783][T23459] mas_preallocate+0x77b/0xda0 [ 1390.891833][T23459] ? __pfx_mas_preallocate+0x10/0x10 [ 1390.891879][T23459] ? rcu_read_unlock+0x17/0x60 [ 1390.891921][T23459] vma_link+0x135/0x6a0 [ 1390.891984][T23459] ? __pfx_vma_link+0x10/0x10 [ 1390.892028][T23459] ? rcu_is_watching+0x12/0xc0 [ 1390.892066][T23459] ? anon_vma_clone+0x405/0x5c0 [ 1390.892101][T23459] ? anon_vma_name+0x75/0x100 [ 1390.892133][T23459] copy_vma+0x6c2/0xaa0 [ 1390.892175][T23459] ? __pfx_copy_vma+0x10/0x10 [ 1390.892229][T23459] ? lockdep_hardirqs_on+0x7c/0x110 [ 1390.892277][T23459] ? register_lock_class+0x41/0x4c0 [ 1390.892313][T23459] ? __schedule+0x1181/0x5de0 [ 1390.892362][T23459] ? __lock_acquire+0x622/0x1c90 [ 1390.892403][T23459] copy_vma_and_data+0x1cf/0x750 [ 1390.892447][T23459] ? __pfx_copy_vma_and_data+0x10/0x10 [ 1390.892495][T23459] ? __vma_enter_locked+0x163/0x3f0 [ 1390.892534][T23459] ? find_held_lock+0x2b/0x80 [ 1390.892561][T23459] ? move_vma+0x536/0x1740 [ 1390.892609][T23459] move_vma+0x548/0x1740 [ 1390.892654][T23459] ? __pfx_move_vma+0x10/0x10 [ 1390.892692][T23459] ? mm_get_unmapped_area+0x95/0xe0 [ 1390.892724][T23459] ? shmem_get_unmapped_area+0x170/0xa00 [ 1390.892760][T23459] ? cap_mmap_addr+0x4b/0x120 [ 1390.892784][T23459] ? bpf_lsm_mmap_addr+0x9/0x10 [ 1390.892818][T23459] ? security_mmap_addr+0x6c/0x1e0 [ 1390.892854][T23459] ? __get_unmapped_area+0x267/0x440 [ 1390.892890][T23459] ? vrm_set_new_addr+0x208/0x290 [ 1390.892933][T23459] __do_sys_mremap+0xe07/0x1590 [ 1390.892978][T23459] ? __pfx___do_sys_mremap+0x10/0x10 [ 1390.893033][T23459] ? __fget_files+0x204/0x3c0 [ 1390.893077][T23459] ? __x64_sys_futex+0x1e0/0x4c0 [ 1390.893131][T23459] do_syscall_64+0xcd/0x490 [ 1390.893176][T23459] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1390.893205][T23459] RIP: 0033:0x7fc1d838e929 [ 1390.893227][T23459] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1390.893273][T23459] RSP: 002b:00007fc1d9121038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 1390.893300][T23459] RAX: ffffffffffffffda RBX: 00007fc1d85b6320 RCX: 00007fc1d838e929 [ 1390.893319][T23459] RDX: 0000000000000008 RSI: 0000000000000002 RDI: 0000000000000000 [ 1390.893349][T23459] RBP: 00007fc1d8410b39 R08: 00007effffffb000 R09: 0000000000000000 [ 1390.893367][T23459] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 1390.893384][T23459] R13: 0000000000000000 R14: 00007fc1d85b6320 R15: 00007ffec46996e8 [ 1390.893436][T23459] [ 1391.718958][T23470] netlink: 334 bytes leftover after parsing attributes in process `syz.3.4102'. [ 1393.402611][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 1393.409235][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 1394.632026][T23511] Invalid ELF header magic: != ELF [ 1396.749103][ T30] audit: type=1800 audit(4294968740.211:96): pid=23553 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.4120" name="SYSVffffffff" dev="tmpfs" ino=0 res=0 errno=0 [ 1398.247650][T23577] snd_aloop snd_aloop.0: control 16781581:65533:6:é'x?F¢é/èìzFË·fCªáª:0 is already present [ 1398.964070][T23593] FAULT_INJECTION: forcing a failure. [ 1398.964070][T23593] name failslab, interval 1, probability 0, space 0, times 0 [ 1398.993204][T23593] CPU: 0 UID: 0 PID: 23593 Comm: syz.3.4132 Tainted: G I 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 1398.993252][T23593] Tainted: [I]=FIRMWARE_WORKAROUND [ 1398.993263][T23593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1398.993280][T23593] Call Trace: [ 1398.993290][T23593] [ 1398.993301][T23593] dump_stack_lvl+0x16c/0x1f0 [ 1398.993352][T23593] should_fail_ex+0x512/0x640 [ 1398.993394][T23593] ? kmem_cache_alloc_bulk_noprof+0x6d/0xbc0 [ 1398.993463][T23593] should_failslab+0xc2/0x120 [ 1398.993493][T23593] kmem_cache_alloc_bulk_noprof+0x85/0xbc0 [ 1398.993548][T23593] ? trace_kmem_cache_alloc+0x28/0xc0 [ 1398.993582][T23593] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 1398.993630][T23593] ? mas_alloc_nodes+0x18b/0x8b0 [ 1398.993678][T23593] ? mas_alloc_nodes+0x2f1/0x8b0 [ 1398.993719][T23593] mas_alloc_nodes+0x2f1/0x8b0 [ 1398.993770][T23593] mas_node_count_gfp+0x105/0x130 [ 1398.993818][T23593] mas_preallocate+0x77b/0xda0 [ 1398.993859][T23593] ? __pfx_mas_preallocate+0x10/0x10 [ 1398.993915][T23593] ? rcu_read_unlock+0x17/0x60 [ 1398.993960][T23593] vma_link+0x135/0x6a0 [ 1398.994015][T23593] ? __pfx_vma_link+0x10/0x10 [ 1398.994064][T23593] ? rcu_is_watching+0x12/0xc0 [ 1398.994105][T23593] ? anon_vma_clone+0x405/0x5c0 [ 1398.994151][T23593] ? anon_vma_name+0x75/0x100 [ 1398.994194][T23593] copy_vma+0x6c2/0xaa0 [ 1398.994250][T23593] ? __pfx_copy_vma+0x10/0x10 [ 1398.994298][T23593] ? lockdep_hardirqs_on+0x7c/0x110 [ 1398.994357][T23593] ? register_lock_class+0x41/0x4c0 [ 1398.994399][T23593] ? __schedule+0x1181/0x5de0 [ 1398.994460][T23593] ? __lock_acquire+0x622/0x1c90 [ 1398.994513][T23593] copy_vma_and_data+0x1cf/0x750 [ 1398.994566][T23593] ? __pfx_copy_vma_and_data+0x10/0x10 [ 1398.994625][T23593] ? __vma_enter_locked+0x163/0x3f0 [ 1398.994672][T23593] ? find_held_lock+0x2b/0x80 [ 1398.994705][T23593] ? move_vma+0x536/0x1740 [ 1398.994762][T23593] move_vma+0x548/0x1740 [ 1398.994818][T23593] ? __pfx_move_vma+0x10/0x10 [ 1398.994864][T23593] ? mm_get_unmapped_area+0x95/0xe0 [ 1398.994910][T23593] ? shmem_get_unmapped_area+0x170/0xa00 [ 1398.994954][T23593] ? cap_mmap_addr+0x4b/0x120 [ 1398.994983][T23593] ? bpf_lsm_mmap_addr+0x9/0x10 [ 1398.995017][T23593] ? security_mmap_addr+0x6c/0x1e0 [ 1398.995057][T23593] ? __get_unmapped_area+0x267/0x440 [ 1398.995098][T23593] ? vrm_set_new_addr+0x208/0x290 [ 1398.995148][T23593] __do_sys_mremap+0xe07/0x1590 [ 1398.995201][T23593] ? __pfx___do_sys_mremap+0x10/0x10 [ 1398.995261][T23593] ? __fget_files+0x204/0x3c0 [ 1398.995313][T23593] ? __x64_sys_futex+0x1e0/0x4c0 [ 1398.995378][T23593] do_syscall_64+0xcd/0x490 [ 1398.995433][T23593] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1398.995467][T23593] RIP: 0033:0x7fc1d838e929 [ 1398.995494][T23593] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1398.995527][T23593] RSP: 002b:00007fc1d9184038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 1398.995558][T23593] RAX: ffffffffffffffda RBX: 00007fc1d85b6080 RCX: 00007fc1d838e929 [ 1398.995580][T23593] RDX: 0000000000000008 RSI: 0000000000000002 RDI: 0000000000000000 [ 1398.995600][T23593] RBP: 00007fc1d8410b39 R08: 00007effffffb000 R09: 0000000000000000 [ 1398.995620][T23593] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 1398.995640][T23593] R13: 0000000000000000 R14: 00007fc1d85b6080 R15: 00007ffec46996e8 [ 1398.995682][T23593] [ 1401.621244][T23624] FAULT_INJECTION: forcing a failure. [ 1401.621244][T23624] name failslab, interval 1, probability 0, space 0, times 0 [ 1401.662322][T23624] CPU: 0 UID: 0 PID: 23624 Comm: syz.0.4139 Tainted: G I 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 1401.662369][T23624] Tainted: [I]=FIRMWARE_WORKAROUND [ 1401.662381][T23624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1401.662398][T23624] Call Trace: [ 1401.662408][T23624] [ 1401.662419][T23624] dump_stack_lvl+0x16c/0x1f0 [ 1401.662469][T23624] should_fail_ex+0x512/0x640 [ 1401.662509][T23624] ? fs_reclaim_acquire+0xae/0x150 [ 1401.662545][T23624] should_failslab+0xc2/0x120 [ 1401.662572][T23624] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1401.662615][T23624] ? security_inode_alloc+0x3b/0x2b0 [ 1401.662661][T23624] security_inode_alloc+0x3b/0x2b0 [ 1401.662692][T23624] inode_init_always_gfp+0xce4/0x1030 [ 1401.662739][T23624] alloc_inode+0x86/0x240 [ 1401.662768][T23624] sock_alloc+0x40/0x280 [ 1401.662796][T23624] sock_create_lite+0x82/0x120 [ 1401.662828][T23624] __netlink_kernel_create+0xbd/0x750 [ 1401.662858][T23624] ? __lock_acquire+0x622/0x1c90 [ 1401.662899][T23624] ? __pfx___netlink_kernel_create+0x10/0x10 [ 1401.662947][T23624] rtnetlink_net_init+0xb9/0x140 [ 1401.662993][T23624] ? __pfx_rtnetlink_net_init+0x10/0x10 [ 1401.663038][T23624] ? lockdep_init_map_type+0x5c/0x280 [ 1401.663079][T23624] ? __pfx_rtnetlink_rcv+0x10/0x10 [ 1401.663119][T23624] ? __pfx_rtnetlink_bind+0x10/0x10 [ 1401.663162][T23624] ? lockdep_init_map_type+0x5c/0x280 [ 1401.663207][T23624] ? debug_mutex_init+0x37/0x70 [ 1401.663239][T23624] ? __pfx_rtnetlink_net_init+0x10/0x10 [ 1401.663281][T23624] ops_init+0x1e2/0x5f0 [ 1401.663320][T23624] setup_net+0x1ff/0x510 [ 1401.663349][T23624] ? lockdep_init_map_type+0x5c/0x280 [ 1401.663393][T23624] ? __pfx_setup_net+0x10/0x10 [ 1401.663427][T23624] ? debug_mutex_init+0x37/0x70 [ 1401.663461][T23624] copy_net_ns+0x2a6/0x5f0 [ 1401.663499][T23624] create_new_namespaces+0x3ea/0xa90 [ 1401.663543][T23624] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1401.663580][T23624] ksys_unshare+0x45b/0xa40 [ 1401.663627][T23624] ? __pfx_ksys_unshare+0x10/0x10 [ 1401.663675][T23624] ? xfd_validate_state+0x61/0x180 [ 1401.663729][T23624] __x64_sys_unshare+0x31/0x40 [ 1401.663769][T23624] do_syscall_64+0xcd/0x490 [ 1401.663822][T23624] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1401.663853][T23624] RIP: 0033:0x7f665d18e929 [ 1401.663879][T23624] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1401.663912][T23624] RSP: 002b:00007f665dfbe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1401.663943][T23624] RAX: ffffffffffffffda RBX: 00007f665d3b5fa0 RCX: 00007f665d18e929 [ 1401.663964][T23624] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1401.663983][T23624] RBP: 00007f665d210b39 R08: 0000000000000000 R09: 0000000000000000 [ 1401.664002][T23624] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1401.664020][T23624] R13: 0000000000000000 R14: 00007f665d3b5fa0 R15: 00007ffe535d9818 [ 1401.664060][T23624] [ 1402.561694][T23661] random: crng reseeded on system resumption [ 1402.843369][T23671] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input72 [ 1404.091536][T23686] FAULT_INJECTION: forcing a failure. [ 1404.091536][T23686] name failslab, interval 1, probability 0, space 0, times 0 [ 1404.104530][T23686] CPU: 1 UID: 0 PID: 23686 Comm: syz.1.4154 Tainted: G I 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 1404.104580][T23686] Tainted: [I]=FIRMWARE_WORKAROUND [ 1404.104594][T23686] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1404.104612][T23686] Call Trace: [ 1404.104624][T23686] [ 1404.104637][T23686] dump_stack_lvl+0x16c/0x1f0 [ 1404.104693][T23686] should_fail_ex+0x512/0x640 [ 1404.104739][T23686] ? kmem_cache_alloc_bulk_noprof+0x6d/0xbc0 [ 1404.104801][T23686] should_failslab+0xc2/0x120 [ 1404.104833][T23686] kmem_cache_alloc_bulk_noprof+0x85/0xbc0 [ 1404.104889][T23686] ? trace_kmem_cache_alloc+0x28/0xc0 [ 1404.104922][T23686] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 1404.104971][T23686] ? mas_alloc_nodes+0x18b/0x8b0 [ 1404.105020][T23686] ? mas_alloc_nodes+0x2f1/0x8b0 [ 1404.105062][T23686] mas_alloc_nodes+0x2f1/0x8b0 [ 1404.105117][T23686] mas_node_count_gfp+0x105/0x130 [ 1404.105166][T23686] mas_preallocate+0x77b/0xda0 [ 1404.105208][T23686] ? __pfx_mas_preallocate+0x10/0x10 [ 1404.105256][T23686] ? rcu_read_unlock+0x17/0x60 [ 1404.105299][T23686] vma_link+0x135/0x6a0 [ 1404.105350][T23686] ? __pfx_vma_link+0x10/0x10 [ 1404.105398][T23686] ? rcu_is_watching+0x12/0xc0 [ 1404.105438][T23686] ? anon_vma_clone+0x405/0x5c0 [ 1404.105482][T23686] ? anon_vma_name+0x75/0x100 [ 1404.105525][T23686] copy_vma+0x6c2/0xaa0 [ 1404.105580][T23686] ? __pfx_copy_vma+0x10/0x10 [ 1404.105627][T23686] ? lockdep_hardirqs_on+0x7c/0x110 [ 1404.105686][T23686] ? register_lock_class+0x41/0x4c0 [ 1404.105727][T23686] ? __schedule+0x1181/0x5de0 [ 1404.105793][T23686] ? __lock_acquire+0x622/0x1c90 [ 1404.105842][T23686] copy_vma_and_data+0x1cf/0x750 [ 1404.105894][T23686] ? __pfx_copy_vma_and_data+0x10/0x10 [ 1404.105952][T23686] ? __vma_enter_locked+0x163/0x3f0 [ 1404.105999][T23686] ? find_held_lock+0x2b/0x80 [ 1404.106032][T23686] ? move_vma+0x536/0x1740 [ 1404.106087][T23686] move_vma+0x548/0x1740 [ 1404.106141][T23686] ? __pfx_move_vma+0x10/0x10 [ 1404.106187][T23686] ? mm_get_unmapped_area+0x95/0xe0 [ 1404.106226][T23686] ? shmem_get_unmapped_area+0x170/0xa00 [ 1404.106270][T23686] ? cap_mmap_addr+0x4b/0x120 [ 1404.106298][T23686] ? bpf_lsm_mmap_addr+0x9/0x10 [ 1404.106331][T23686] ? security_mmap_addr+0x6c/0x1e0 [ 1404.106372][T23686] ? __get_unmapped_area+0x267/0x440 [ 1404.106412][T23686] ? vrm_set_new_addr+0x208/0x290 [ 1404.106463][T23686] __do_sys_mremap+0xe07/0x1590 [ 1404.106516][T23686] ? __pfx___do_sys_mremap+0x10/0x10 [ 1404.106570][T23686] ? __fget_files+0x204/0x3c0 [ 1404.106614][T23686] ? __x64_sys_futex+0x1e0/0x4c0 [ 1404.106667][T23686] do_syscall_64+0xcd/0x490 [ 1404.106712][T23686] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1404.106740][T23686] RIP: 0033:0x7fee9418e929 [ 1404.106771][T23686] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1404.106800][T23686] RSP: 002b:00007fee95037038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 1404.106826][T23686] RAX: ffffffffffffffda RBX: 00007fee943b6320 RCX: 00007fee9418e929 [ 1404.106845][T23686] RDX: 0000000000000008 RSI: 0000000000000002 RDI: 0000000000000000 [ 1404.106862][T23686] RBP: 00007fee94210b39 R08: 00007effffffb000 R09: 0000000000000000 [ 1404.106879][T23686] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 1404.106896][T23686] R13: 0000000000000000 R14: 00007fee943b6320 R15: 00007ffc89b017d8 [ 1404.106931][T23686] [ 1405.614384][T23696] FAULT_INJECTION: forcing a failure. [ 1405.614384][T23696] name failslab, interval 1, probability 0, space 0, times 0 [ 1405.627952][T23696] CPU: 0 UID: 0 PID: 23696 Comm: syz.3.4157 Tainted: G I 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 1405.628001][T23696] Tainted: [I]=FIRMWARE_WORKAROUND [ 1405.628014][T23696] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1405.628032][T23696] Call Trace: [ 1405.628042][T23696] [ 1405.628054][T23696] dump_stack_lvl+0x16c/0x1f0 [ 1405.628105][T23696] should_fail_ex+0x512/0x640 [ 1405.628145][T23696] ? fs_reclaim_acquire+0xae/0x150 [ 1405.628228][T23696] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 1405.628277][T23696] should_failslab+0xc2/0x120 [ 1405.628309][T23696] __kmalloc_noprof+0xd2/0x510 [ 1405.628356][T23696] ? __lock_acquire+0x622/0x1c90 [ 1405.628410][T23696] tomoyo_realpath_from_path+0xc2/0x6e0 [ 1405.628460][T23696] ? tomoyo_profile+0x47/0x60 [ 1405.628519][T23696] tomoyo_path_perm+0x274/0x460 [ 1405.628556][T23696] ? tomoyo_path_perm+0x260/0x460 [ 1405.628606][T23696] ? __pfx_tomoyo_path_perm+0x10/0x10 [ 1405.628665][T23696] ? d_add+0x47a/0x780 [ 1405.628716][T23696] ? __pfx_current_check_access_path+0x10/0x10 [ 1405.628757][T23696] ? lookup_one_qstr_excl_raw.part.0+0xf9/0x160 [ 1405.628794][T23696] ? lookup_dcache+0x66/0x170 [ 1405.628838][T23696] tomoyo_path_symlink+0x97/0xe0 [ 1405.628886][T23696] ? __pfx_tomoyo_path_symlink+0x10/0x10 [ 1405.628935][T23696] ? find_held_lock+0x2b/0x80 [ 1405.628967][T23696] ? __might_fault+0xe3/0x190 [ 1405.629022][T23696] security_path_symlink+0x152/0x2e0 [ 1405.629060][T23696] do_symlinkat+0x10d/0x310 [ 1405.629114][T23696] ? __pfx_do_symlinkat+0x10/0x10 [ 1405.629167][T23696] ? getname_flags.part.0+0x1c5/0x550 [ 1405.629214][T23696] __x64_sys_symlink+0x75/0x90 [ 1405.629267][T23696] do_syscall_64+0xcd/0x490 [ 1405.629325][T23696] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1405.629372][T23696] RIP: 0033:0x7fc1d838e929 [ 1405.629399][T23696] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1405.629433][T23696] RSP: 002b:00007fc1d91a5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000058 [ 1405.629465][T23696] RAX: ffffffffffffffda RBX: 00007fc1d85b5fa0 RCX: 00007fc1d838e929 [ 1405.629486][T23696] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000000 [ 1405.629506][T23696] RBP: 00007fc1d8410b39 R08: 0000000000000000 R09: 0000000000000000 [ 1405.629525][T23696] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1405.629544][T23696] R13: 0000000000000000 R14: 00007fc1d85b5fa0 R15: 00007ffec46996e8 [ 1405.629594][T23696] [ 1405.916573][T23696] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1409.538169][T23749] FAULT_INJECTION: forcing a failure. [ 1409.538169][T23749] name failslab, interval 1, probability 0, space 0, times 0 [ 1409.551777][T23749] CPU: 0 UID: 0 PID: 23749 Comm: syz.1.4173 Tainted: G I 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 1409.551858][T23749] Tainted: [I]=FIRMWARE_WORKAROUND [ 1409.551872][T23749] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1409.551893][T23749] Call Trace: [ 1409.551905][T23749] [ 1409.551919][T23749] dump_stack_lvl+0x16c/0x1f0 [ 1409.551976][T23749] should_fail_ex+0x512/0x640 [ 1409.552026][T23749] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 1409.552085][T23749] should_failslab+0xc2/0x120 [ 1409.552118][T23749] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 1409.552171][T23749] ? __d_alloc+0x31/0xaa0 [ 1409.552237][T23749] __d_alloc+0x31/0xaa0 [ 1409.552287][T23749] ? __d_lookup+0x266/0x4a0 [ 1409.552330][T23749] d_alloc+0x4a/0x1e0 [ 1409.552399][T23749] lookup_one_qstr_excl_raw.part.0+0x96/0x160 [ 1409.552437][T23749] ? lookup_dcache+0x66/0x170 [ 1409.552475][T23749] lookup_one_qstr_excl+0x3e/0x120 [ 1409.552515][T23749] filename_create+0x1e7/0x4a0 [ 1409.552560][T23749] ? __pfx_filename_create+0x10/0x10 [ 1409.552602][T23749] ? find_held_lock+0x2b/0x80 [ 1409.552632][T23749] ? __might_fault+0xe3/0x190 [ 1409.552677][T23749] ? __might_fault+0xe3/0x190 [ 1409.552734][T23749] do_symlinkat+0xbe/0x310 [ 1409.552788][T23749] ? __pfx_do_symlinkat+0x10/0x10 [ 1409.552839][T23749] ? getname_flags.part.0+0x1c5/0x550 [ 1409.552886][T23749] __x64_sys_symlink+0x75/0x90 [ 1409.552939][T23749] do_syscall_64+0xcd/0x490 [ 1409.552996][T23749] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1409.553030][T23749] RIP: 0033:0x7fee9418e929 [ 1409.553057][T23749] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1409.553090][T23749] RSP: 002b:00007fee950bb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000058 [ 1409.553122][T23749] RAX: ffffffffffffffda RBX: 00007fee943b5fa0 RCX: 00007fee9418e929 [ 1409.553144][T23749] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000000 [ 1409.553164][T23749] RBP: 00007fee94210b39 R08: 0000000000000000 R09: 0000000000000000 [ 1409.553184][T23749] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1409.553204][T23749] R13: 0000000000000000 R14: 00007fee943b5fa0 R15: 00007ffc89b017d8 [ 1409.553255][T23749] [ 1411.669252][T23781] FAULT_INJECTION: forcing a failure. [ 1411.669252][T23781] name failslab, interval 1, probability 0, space 0, times 0 [ 1411.682398][T23781] CPU: 1 UID: 0 PID: 23781 Comm: syz.1.4182 Tainted: G I 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 1411.682446][T23781] Tainted: [I]=FIRMWARE_WORKAROUND [ 1411.682459][T23781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1411.682477][T23781] Call Trace: [ 1411.682488][T23781] [ 1411.682501][T23781] dump_stack_lvl+0x16c/0x1f0 [ 1411.682555][T23781] should_fail_ex+0x512/0x640 [ 1411.682601][T23781] ? fs_reclaim_acquire+0xae/0x150 [ 1411.682643][T23781] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 1411.682708][T23781] should_failslab+0xc2/0x120 [ 1411.682740][T23781] __kmalloc_noprof+0xd2/0x510 [ 1411.682787][T23781] ? __lock_acquire+0x622/0x1c90 [ 1411.682840][T23781] tomoyo_realpath_from_path+0xc2/0x6e0 [ 1411.682904][T23781] ? tomoyo_profile+0x47/0x60 [ 1411.682958][T23781] tomoyo_path_perm+0x274/0x460 [ 1411.682991][T23781] ? tomoyo_path_perm+0x260/0x460 [ 1411.683031][T23781] ? __pfx_tomoyo_path_perm+0x10/0x10 [ 1411.683094][T23781] ? d_add+0x47a/0x780 [ 1411.683144][T23781] ? __pfx_current_check_access_path+0x10/0x10 [ 1411.683185][T23781] ? lookup_one_qstr_excl_raw.part.0+0xf9/0x160 [ 1411.683221][T23781] ? lookup_dcache+0x66/0x170 [ 1411.683264][T23781] tomoyo_path_symlink+0x97/0xe0 [ 1411.683314][T23781] ? __pfx_tomoyo_path_symlink+0x10/0x10 [ 1411.683362][T23781] ? find_held_lock+0x2b/0x80 [ 1411.683394][T23781] ? __might_fault+0xe3/0x190 [ 1411.683448][T23781] security_path_symlink+0x152/0x2e0 [ 1411.683487][T23781] do_symlinkat+0x10d/0x310 [ 1411.683539][T23781] ? __pfx_do_symlinkat+0x10/0x10 [ 1411.683590][T23781] ? getname_flags.part.0+0x1c5/0x550 [ 1411.683636][T23781] __x64_sys_symlink+0x75/0x90 [ 1411.683686][T23781] do_syscall_64+0xcd/0x490 [ 1411.683766][T23781] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1411.683800][T23781] RIP: 0033:0x7fee9418e929 [ 1411.683840][T23781] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1411.683873][T23781] RSP: 002b:00007fee950bb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000058 [ 1411.683905][T23781] RAX: ffffffffffffffda RBX: 00007fee943b5fa0 RCX: 00007fee9418e929 [ 1411.683927][T23781] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000000 [ 1411.683947][T23781] RBP: 00007fee94210b39 R08: 0000000000000000 R09: 0000000000000000 [ 1411.683968][T23781] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1411.683987][T23781] R13: 0000000000000000 R14: 00007fee943b5fa0 R15: 00007ffc89b017d8 [ 1411.684029][T23781] [ 1411.684361][T23781] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1412.347681][T23784] FAULT_INJECTION: forcing a failure. [ 1412.347681][T23784] name failslab, interval 1, probability 0, space 0, times 0 [ 1412.360707][T23784] CPU: 0 UID: 0 PID: 23784 Comm: syz.0.4183 Tainted: G I 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 1412.360771][T23784] Tainted: [I]=FIRMWARE_WORKAROUND [ 1412.360785][T23784] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1412.360806][T23784] Call Trace: [ 1412.360818][T23784] [ 1412.360831][T23784] dump_stack_lvl+0x16c/0x1f0 [ 1412.360891][T23784] should_fail_ex+0x512/0x640 [ 1412.360940][T23784] ? fs_reclaim_acquire+0xae/0x150 [ 1412.360984][T23784] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 1412.361031][T23784] should_failslab+0xc2/0x120 [ 1412.361064][T23784] __kmalloc_noprof+0xd2/0x510 [ 1412.361113][T23784] ? __lock_acquire+0x622/0x1c90 [ 1412.361173][T23784] tomoyo_realpath_from_path+0xc2/0x6e0 [ 1412.361226][T23784] ? tomoyo_profile+0x47/0x60 [ 1412.361282][T23784] tomoyo_path_perm+0x274/0x460 [ 1412.361318][T23784] ? tomoyo_path_perm+0x260/0x460 [ 1412.361359][T23784] ? __pfx_tomoyo_path_perm+0x10/0x10 [ 1412.361419][T23784] ? d_add+0x47a/0x780 [ 1412.361472][T23784] ? __pfx_current_check_access_path+0x10/0x10 [ 1412.361527][T23784] ? lookup_one_qstr_excl_raw.part.0+0xf9/0x160 [ 1412.361564][T23784] ? lookup_dcache+0x66/0x170 [ 1412.361609][T23784] tomoyo_path_symlink+0x97/0xe0 [ 1412.361657][T23784] ? __pfx_tomoyo_path_symlink+0x10/0x10 [ 1412.361705][T23784] ? find_held_lock+0x2b/0x80 [ 1412.361738][T23784] ? __might_fault+0xe3/0x190 [ 1412.361800][T23784] security_path_symlink+0x152/0x2e0 [ 1412.361843][T23784] do_symlinkat+0x10d/0x310 [ 1412.361896][T23784] ? __pfx_do_symlinkat+0x10/0x10 [ 1412.361947][T23784] ? getname_flags.part.0+0x1c5/0x550 [ 1412.361993][T23784] __x64_sys_symlink+0x75/0x90 [ 1412.362047][T23784] do_syscall_64+0xcd/0x490 [ 1412.362103][T23784] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1412.362138][T23784] RIP: 0033:0x7f665d18e929 [ 1412.362165][T23784] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1412.362197][T23784] RSP: 002b:00007f665dfbe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000058 [ 1412.362227][T23784] RAX: ffffffffffffffda RBX: 00007f665d3b5fa0 RCX: 00007f665d18e929 [ 1412.362249][T23784] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000000 [ 1412.362270][T23784] RBP: 00007f665d210b39 R08: 0000000000000000 R09: 0000000000000000 [ 1412.362290][T23784] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1412.362310][T23784] R13: 0000000000000000 R14: 00007f665d3b5fa0 R15: 00007ffe535d9818 [ 1412.362353][T23784] [ 1412.364545][T23784] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1414.323677][T23809] ptrace attach of "./syz-executor exec"[23811] was attempted by "./syz-executor exec"[23809] [ 1416.827068][T23841] FAULT_INJECTION: forcing a failure. [ 1416.827068][T23841] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1416.868368][T23841] CPU: 1 UID: 0 PID: 23841 Comm: syz.3.4194 Tainted: G I 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 1416.868435][T23841] Tainted: [I]=FIRMWARE_WORKAROUND [ 1416.868448][T23841] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1416.868468][T23841] Call Trace: [ 1416.868479][T23841] [ 1416.868491][T23841] dump_stack_lvl+0x16c/0x1f0 [ 1416.868545][T23841] should_fail_ex+0x512/0x640 [ 1416.868596][T23841] should_fail_alloc_page+0xe7/0x130 [ 1416.868640][T23841] prepare_alloc_pages+0x3c2/0x610 [ 1416.868691][T23841] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 1416.868744][T23841] ? mas_next_slot+0x12d3/0x21b0 [ 1416.868776][T23841] ? __up_read+0x1f8/0x750 [ 1416.868830][T23841] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1416.868883][T23841] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1416.868931][T23841] ? mas_find+0x2f6/0x530 [ 1416.868968][T23841] ? validate_mm+0x40a/0x570 [ 1416.869028][T23841] ? __lock_acquire+0xb8a/0x1c90 [ 1416.869073][T23841] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1416.869125][T23841] ? policy_nodemask+0xea/0x4e0 [ 1416.869159][T23841] alloc_pages_mpol+0x1fb/0x550 [ 1416.869192][T23841] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1416.869223][T23841] ? __pud_alloc+0x521/0x750 [ 1416.869268][T23841] alloc_pages_noprof+0x131/0x390 [ 1416.869301][T23841] __pmd_alloc+0x3b/0x930 [ 1416.869341][T23841] move_page_tables+0x28c8/0x4070 [ 1416.869399][T23841] ? __pfx_copy_vma+0x10/0x10 [ 1416.869443][T23841] ? finish_task_switch.isra.0+0x21c/0xc10 [ 1416.869485][T23841] ? __pfx_move_page_tables+0x10/0x10 [ 1416.869532][T23841] ? register_lock_class+0x41/0x4c0 [ 1416.869574][T23841] ? rcu_is_watching+0x12/0xc0 [ 1416.869631][T23841] ? find_held_lock+0x2b/0x80 [ 1416.869669][T23841] copy_vma_and_data+0x216/0x750 [ 1416.869722][T23841] ? __pfx_copy_vma_and_data+0x10/0x10 [ 1416.869777][T23841] ? __vma_enter_locked+0x163/0x3f0 [ 1416.869822][T23841] ? find_held_lock+0x2b/0x80 [ 1416.869853][T23841] ? move_vma+0x536/0x1740 [ 1416.869908][T23841] move_vma+0x548/0x1740 [ 1416.869961][T23841] ? __pfx_move_vma+0x10/0x10 [ 1416.870006][T23841] ? mm_get_unmapped_area+0x95/0xe0 [ 1416.870044][T23841] ? shmem_get_unmapped_area+0x170/0xa00 [ 1416.870087][T23841] ? cap_mmap_addr+0x4b/0x120 [ 1416.870116][T23841] ? bpf_lsm_mmap_addr+0x9/0x10 [ 1416.870150][T23841] ? security_mmap_addr+0x6c/0x1e0 [ 1416.870190][T23841] ? __get_unmapped_area+0x267/0x440 [ 1416.870251][T23841] ? vrm_set_new_addr+0x208/0x290 [ 1416.870304][T23841] __do_sys_mremap+0xe07/0x1590 [ 1416.870371][T23841] ? __pfx___do_sys_mremap+0x10/0x10 [ 1416.870435][T23841] ? __fget_files+0x204/0x3c0 [ 1416.870489][T23841] ? __x64_sys_futex+0x1e0/0x4c0 [ 1416.870557][T23841] do_syscall_64+0xcd/0x490 [ 1416.870619][T23841] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1416.870654][T23841] RIP: 0033:0x7fc1d838e929 [ 1416.870681][T23841] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1416.870714][T23841] RSP: 002b:00007fc1d91a5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 1416.870746][T23841] RAX: ffffffffffffffda RBX: 00007fc1d85b5fa0 RCX: 00007fc1d838e929 [ 1416.870769][T23841] RDX: 0000000000000008 RSI: 0000000000000002 RDI: 0000000000000000 [ 1416.870788][T23841] RBP: 00007fc1d8410b39 R08: 00007effffffb000 R09: 0000000000000000 [ 1416.870809][T23841] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 1416.870829][T23841] R13: 0000000000000000 R14: 00007fc1d85b5fa0 R15: 00007ffec46996e8 [ 1416.870870][T23841] [ 1418.190731][T23861] FAULT_INJECTION: forcing a failure. [ 1418.190731][T23861] name failslab, interval 1, probability 0, space 0, times 0 [ 1418.210855][T23861] CPU: 0 UID: 0 PID: 23861 Comm: syz.3.4199 Tainted: G I 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 1418.210909][T23861] Tainted: [I]=FIRMWARE_WORKAROUND [ 1418.210923][T23861] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1418.210942][T23861] Call Trace: [ 1418.210954][T23861] [ 1418.210967][T23861] dump_stack_lvl+0x16c/0x1f0 [ 1418.211023][T23861] should_fail_ex+0x512/0x640 [ 1418.211071][T23861] ? fs_reclaim_acquire+0xae/0x150 [ 1418.211115][T23861] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 1418.211162][T23861] should_failslab+0xc2/0x120 [ 1418.211195][T23861] __kmalloc_noprof+0xd2/0x510 [ 1418.211249][T23861] ? __lock_acquire+0x622/0x1c90 [ 1418.211302][T23861] tomoyo_realpath_from_path+0xc2/0x6e0 [ 1418.211353][T23861] ? tomoyo_profile+0x47/0x60 [ 1418.211410][T23861] tomoyo_path_perm+0x274/0x460 [ 1418.211445][T23861] ? tomoyo_path_perm+0x260/0x460 [ 1418.211499][T23861] ? __pfx_tomoyo_path_perm+0x10/0x10 [ 1418.211555][T23861] ? d_add+0x47a/0x780 [ 1418.211605][T23861] ? __pfx_current_check_access_path+0x10/0x10 [ 1418.211646][T23861] ? lookup_one_qstr_excl_raw.part.0+0xf9/0x160 [ 1418.211682][T23861] ? lookup_dcache+0x66/0x170 [ 1418.211725][T23861] tomoyo_path_symlink+0x97/0xe0 [ 1418.211771][T23861] ? __pfx_tomoyo_path_symlink+0x10/0x10 [ 1418.211818][T23861] ? find_held_lock+0x2b/0x80 [ 1418.211849][T23861] ? __might_fault+0xe3/0x190 [ 1418.211902][T23861] security_path_symlink+0x152/0x2e0 [ 1418.211940][T23861] do_symlinkat+0x10d/0x310 [ 1418.211990][T23861] ? __pfx_do_symlinkat+0x10/0x10 [ 1418.212039][T23861] ? getname_flags.part.0+0x1c5/0x550 [ 1418.212084][T23861] __x64_sys_symlink+0x75/0x90 [ 1418.212133][T23861] do_syscall_64+0xcd/0x490 [ 1418.212187][T23861] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1418.212219][T23861] RIP: 0033:0x7fc1d838e929 [ 1418.212250][T23861] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1418.212280][T23861] RSP: 002b:00007fc1d91a5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000058 [ 1418.212306][T23861] RAX: ffffffffffffffda RBX: 00007fc1d85b5fa0 RCX: 00007fc1d838e929 [ 1418.212326][T23861] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000000 [ 1418.212343][T23861] RBP: 00007fc1d8410b39 R08: 0000000000000000 R09: 0000000000000000 [ 1418.212360][T23861] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1418.212377][T23861] R13: 0000000000000000 R14: 00007fc1d85b5fa0 R15: 00007ffec46996e8 [ 1418.212425][T23861] [ 1418.212443][T23861] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1420.127294][T23892] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input73 [ 1422.688357][T23925] FAULT_INJECTION: forcing a failure. [ 1422.688357][T23925] name failslab, interval 1, probability 0, space 0, times 0 [ 1422.774284][T23925] CPU: 1 UID: 0 PID: 23925 Comm: syz.3.4213 Tainted: G I 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 1422.774335][T23925] Tainted: [I]=FIRMWARE_WORKAROUND [ 1422.774347][T23925] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1422.774364][T23925] Call Trace: [ 1422.774374][T23925] [ 1422.774385][T23925] dump_stack_lvl+0x16c/0x1f0 [ 1422.774439][T23925] should_fail_ex+0x512/0x640 [ 1422.774483][T23925] ? __kmalloc_noprof+0xbf/0x510 [ 1422.774532][T23925] ? ops_init+0x77/0x5f0 [ 1422.774557][T23925] should_failslab+0xc2/0x120 [ 1422.774588][T23925] __kmalloc_noprof+0xd2/0x510 [ 1422.774632][T23925] ? lockdep_init_map_type+0x5c/0x280 [ 1422.774687][T23925] ops_init+0x77/0x5f0 [ 1422.774722][T23925] setup_net+0x1ff/0x510 [ 1422.774749][T23925] ? lockdep_init_map_type+0x5c/0x280 [ 1422.774791][T23925] ? __pfx_setup_net+0x10/0x10 [ 1422.774825][T23925] ? debug_mutex_init+0x37/0x70 [ 1422.774882][T23925] copy_net_ns+0x2a6/0x5f0 [ 1422.774919][T23925] create_new_namespaces+0x3ea/0xa90 [ 1422.774964][T23925] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1422.775003][T23925] ksys_unshare+0x45b/0xa40 [ 1422.775046][T23925] ? __pfx_ksys_unshare+0x10/0x10 [ 1422.775088][T23925] ? xfd_validate_state+0x61/0x180 [ 1422.775142][T23925] __x64_sys_unshare+0x31/0x40 [ 1422.775182][T23925] do_syscall_64+0xcd/0x490 [ 1422.775236][T23925] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1422.775268][T23925] RIP: 0033:0x7fc1d838e929 [ 1422.775295][T23925] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1422.775327][T23925] RSP: 002b:00007fc1d91a5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1422.775357][T23925] RAX: ffffffffffffffda RBX: 00007fc1d85b5fa0 RCX: 00007fc1d838e929 [ 1422.775378][T23925] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1422.775397][T23925] RBP: 00007fc1d8410b39 R08: 0000000000000000 R09: 0000000000000000 [ 1422.775415][T23925] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1422.775445][T23925] R13: 0000000000000000 R14: 00007fc1d85b5fa0 R15: 00007ffec46996e8 [ 1422.775483][T23925] [ 1423.008558][T23930] kAFS: Invalid Command on /proc/fs/afs/cells file [ 1423.277825][T23927] kAFS: Invalid Command on /proc/fs/afs/cells file [ 1424.454328][T23956] FAULT_INJECTION: forcing a failure. [ 1424.454328][T23956] name failslab, interval 1, probability 0, space 0, times 0 [ 1424.539977][T23956] CPU: 1 UID: 0 PID: 23956 Comm: syz.1.4218 Tainted: G I 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 1424.540015][T23956] Tainted: [I]=FIRMWARE_WORKAROUND [ 1424.540024][T23956] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1424.540038][T23956] Call Trace: [ 1424.540046][T23956] [ 1424.540056][T23956] dump_stack_lvl+0x16c/0x1f0 [ 1424.540095][T23956] should_fail_ex+0x512/0x640 [ 1424.540128][T23956] ? kmem_cache_alloc_bulk_noprof+0x6d/0xbc0 [ 1424.540166][T23956] should_failslab+0xc2/0x120 [ 1424.540189][T23956] kmem_cache_alloc_bulk_noprof+0x85/0xbc0 [ 1424.540228][T23956] ? trace_kmem_cache_alloc+0x28/0xc0 [ 1424.540251][T23956] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 1424.540288][T23956] ? mas_alloc_nodes+0x18b/0x8b0 [ 1424.540341][T23956] ? mas_alloc_nodes+0x2f1/0x8b0 [ 1424.540373][T23956] mas_alloc_nodes+0x2f1/0x8b0 [ 1424.540411][T23956] mas_node_count_gfp+0x105/0x130 [ 1424.540447][T23956] mas_preallocate+0x77b/0xda0 [ 1424.540477][T23956] ? __pfx_mas_preallocate+0x10/0x10 [ 1424.540510][T23956] ? rcu_read_unlock+0x17/0x60 [ 1424.540540][T23956] vma_link+0x135/0x6a0 [ 1424.540578][T23956] ? __pfx_vma_link+0x10/0x10 [ 1424.540612][T23956] ? rcu_is_watching+0x12/0xc0 [ 1424.540641][T23956] ? anon_vma_clone+0x405/0x5c0 [ 1424.540680][T23956] ? anon_vma_name+0x75/0x100 [ 1424.540711][T23956] copy_vma+0x6c2/0xaa0 [ 1424.540750][T23956] ? __pfx_copy_vma+0x10/0x10 [ 1424.540785][T23956] ? lockdep_hardirqs_on+0x7c/0x110 [ 1424.540827][T23956] ? register_lock_class+0x41/0x4c0 [ 1424.540858][T23956] ? __schedule+0x1181/0x5de0 [ 1424.540901][T23956] ? __lock_acquire+0x622/0x1c90 [ 1424.540937][T23956] copy_vma_and_data+0x1cf/0x750 [ 1424.540976][T23956] ? __pfx_copy_vma_and_data+0x10/0x10 [ 1424.541023][T23956] ? __vma_enter_locked+0x163/0x3f0 [ 1424.541058][T23956] ? find_held_lock+0x2b/0x80 [ 1424.541082][T23956] ? move_vma+0x536/0x1740 [ 1424.541122][T23956] move_vma+0x548/0x1740 [ 1424.541162][T23956] ? __pfx_move_vma+0x10/0x10 [ 1424.541195][T23956] ? mm_get_unmapped_area+0x95/0xe0 [ 1424.541223][T23956] ? shmem_get_unmapped_area+0x170/0xa00 [ 1424.541254][T23956] ? cap_mmap_addr+0x4b/0x120 [ 1424.541275][T23956] ? bpf_lsm_mmap_addr+0x9/0x10 [ 1424.541300][T23956] ? security_mmap_addr+0x6c/0x1e0 [ 1424.541330][T23956] ? __get_unmapped_area+0x267/0x440 [ 1424.541360][T23956] ? vrm_set_new_addr+0x208/0x290 [ 1424.541397][T23956] __do_sys_mremap+0xe07/0x1590 [ 1424.541436][T23956] ? __pfx___do_sys_mremap+0x10/0x10 [ 1424.541480][T23956] ? __fget_files+0x204/0x3c0 [ 1424.541529][T23956] ? __x64_sys_futex+0x1e0/0x4c0 [ 1424.541574][T23956] do_syscall_64+0xcd/0x490 [ 1424.541612][T23956] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1424.541636][T23956] RIP: 0033:0x7fee9418e929 [ 1424.541655][T23956] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1424.541683][T23956] RSP: 002b:00007fee95037038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 1424.541705][T23956] RAX: ffffffffffffffda RBX: 00007fee943b6320 RCX: 00007fee9418e929 [ 1424.541721][T23956] RDX: 0000000000000008 RSI: 0000000000000002 RDI: 0000000000000000 [ 1424.541736][T23956] RBP: 00007fee94210b39 R08: 00007effffffb000 R09: 0000000000000000 [ 1424.541751][T23956] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 1424.541766][T23956] R13: 0000000000000000 R14: 00007fee943b6320 R15: 00007ffc89b017d8 [ 1424.541795][T23956] [ 1425.580723][T23941] netlink: 330 bytes leftover after parsing attributes in process `syz.3.4216'. [ 1426.917549][T23974] FAULT_INJECTION: forcing a failure. [ 1426.917549][T23974] name failslab, interval 1, probability 0, space 0, times 0 [ 1427.016346][T23974] CPU: 0 UID: 0 PID: 23974 Comm: syz.0.4228 Tainted: G I 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 1427.016403][T23974] Tainted: [I]=FIRMWARE_WORKAROUND [ 1427.016415][T23974] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1427.016434][T23974] Call Trace: [ 1427.016446][T23974] [ 1427.016459][T23974] dump_stack_lvl+0x16c/0x1f0 [ 1427.016517][T23974] should_fail_ex+0x512/0x640 [ 1427.016565][T23974] ? kmem_cache_alloc_bulk_noprof+0x6d/0xbc0 [ 1427.016619][T23974] should_failslab+0xc2/0x120 [ 1427.016651][T23974] kmem_cache_alloc_bulk_noprof+0x85/0xbc0 [ 1427.016714][T23974] ? trace_kmem_cache_alloc+0x28/0xc0 [ 1427.016740][T23974] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 1427.016776][T23974] ? mas_alloc_nodes+0x18b/0x8b0 [ 1427.016813][T23974] ? mas_alloc_nodes+0x2f1/0x8b0 [ 1427.016844][T23974] mas_alloc_nodes+0x2f1/0x8b0 [ 1427.016884][T23974] mas_node_count_gfp+0x105/0x130 [ 1427.016919][T23974] mas_preallocate+0x77b/0xda0 [ 1427.016949][T23974] ? __pfx_mas_preallocate+0x10/0x10 [ 1427.016982][T23974] ? rcu_read_unlock+0x17/0x60 [ 1427.017012][T23974] vma_link+0x135/0x6a0 [ 1427.017050][T23974] ? __pfx_vma_link+0x10/0x10 [ 1427.017084][T23974] ? rcu_is_watching+0x12/0xc0 [ 1427.017113][T23974] ? anon_vma_clone+0x405/0x5c0 [ 1427.017145][T23974] ? anon_vma_name+0x75/0x100 [ 1427.017175][T23974] copy_vma+0x6c2/0xaa0 [ 1427.017215][T23974] ? __pfx_copy_vma+0x10/0x10 [ 1427.017263][T23974] ? lockdep_hardirqs_on+0x7c/0x110 [ 1427.017323][T23974] ? register_lock_class+0x41/0x4c0 [ 1427.017359][T23974] ? __schedule+0x1181/0x5de0 [ 1427.017402][T23974] ? __lock_acquire+0x622/0x1c90 [ 1427.017443][T23974] copy_vma_and_data+0x1cf/0x750 [ 1427.017499][T23974] ? __pfx_copy_vma_and_data+0x10/0x10 [ 1427.017563][T23974] ? __vma_enter_locked+0x163/0x3f0 [ 1427.017612][T23974] ? find_held_lock+0x2b/0x80 [ 1427.017647][T23974] ? move_vma+0x536/0x1740 [ 1427.017711][T23974] move_vma+0x548/0x1740 [ 1427.017767][T23974] ? __pfx_move_vma+0x10/0x10 [ 1427.017814][T23974] ? mm_get_unmapped_area+0x95/0xe0 [ 1427.017855][T23974] ? shmem_get_unmapped_area+0x170/0xa00 [ 1427.017899][T23974] ? cap_mmap_addr+0x4b/0x120 [ 1427.017930][T23974] ? bpf_lsm_mmap_addr+0x9/0x10 [ 1427.017962][T23974] ? security_mmap_addr+0x6c/0x1e0 [ 1427.018007][T23974] ? __get_unmapped_area+0x267/0x440 [ 1427.018048][T23974] ? vrm_set_new_addr+0x208/0x290 [ 1427.018100][T23974] __do_sys_mremap+0xe07/0x1590 [ 1427.018155][T23974] ? __pfx___do_sys_mremap+0x10/0x10 [ 1427.018220][T23974] ? __fget_files+0x204/0x3c0 [ 1427.018273][T23974] ? __x64_sys_futex+0x1e0/0x4c0 [ 1427.018341][T23974] do_syscall_64+0xcd/0x490 [ 1427.018399][T23974] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1427.018434][T23974] RIP: 0033:0x7f665d18e929 [ 1427.018462][T23974] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1427.018496][T23974] RSP: 002b:00007f665df5b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 1427.018528][T23974] RAX: ffffffffffffffda RBX: 00007f665d3b6240 RCX: 00007f665d18e929 [ 1427.018551][T23974] RDX: 0000000000000008 RSI: 0000000000000002 RDI: 0000000000000000 [ 1427.018571][T23974] RBP: 00007f665d210b39 R08: 00007effffffb000 R09: 0000000000000000 [ 1427.018592][T23974] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 1427.018612][T23974] R13: 0000000000000000 R14: 00007f665d3b6240 R15: 00007ffe535d9818 [ 1427.018655][T23974] [ 1430.856998][T24018] 0x000200000001-0xa29656a63616329 : "" [ 1430.878710][T24018] mtd: partition "" is out of reach -- disabled [ 1430.932460][T24018] ftl_cs: FTL header not found. [ 1431.362921][T24032] FAULT_INJECTION: forcing a failure. [ 1431.362921][T24032] name failslab, interval 1, probability 0, space 0, times 0 [ 1431.407684][T24032] CPU: 1 UID: 0 PID: 24032 Comm: syz.1.4238 Tainted: G I 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 1431.407740][T24032] Tainted: [I]=FIRMWARE_WORKAROUND [ 1431.407753][T24032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1431.407772][T24032] Call Trace: [ 1431.407783][T24032] [ 1431.407795][T24032] dump_stack_lvl+0x16c/0x1f0 [ 1431.407853][T24032] should_fail_ex+0x512/0x640 [ 1431.407899][T24032] ? kmem_cache_alloc_bulk_noprof+0x6d/0xbc0 [ 1431.407956][T24032] should_failslab+0xc2/0x120 [ 1431.407988][T24032] kmem_cache_alloc_bulk_noprof+0x85/0xbc0 [ 1431.408046][T24032] ? trace_kmem_cache_alloc+0x28/0xc0 [ 1431.408082][T24032] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 1431.408134][T24032] ? mas_alloc_nodes+0x18b/0x8b0 [ 1431.408188][T24032] ? mas_alloc_nodes+0x2f1/0x8b0 [ 1431.408232][T24032] mas_alloc_nodes+0x2f1/0x8b0 [ 1431.408288][T24032] mas_node_count_gfp+0x105/0x130 [ 1431.408355][T24032] mas_preallocate+0x77b/0xda0 [ 1431.408400][T24032] ? __pfx_mas_preallocate+0x10/0x10 [ 1431.408448][T24032] ? rcu_read_unlock+0x17/0x60 [ 1431.408491][T24032] vma_link+0x135/0x6a0 [ 1431.408546][T24032] ? __pfx_vma_link+0x10/0x10 [ 1431.408594][T24032] ? rcu_is_watching+0x12/0xc0 [ 1431.408636][T24032] ? anon_vma_clone+0x405/0x5c0 [ 1431.408681][T24032] ? anon_vma_name+0x75/0x100 [ 1431.408723][T24032] copy_vma+0x6c2/0xaa0 [ 1431.408780][T24032] ? __pfx_copy_vma+0x10/0x10 [ 1431.408829][T24032] ? lockdep_hardirqs_on+0x7c/0x110 [ 1431.408889][T24032] ? register_lock_class+0x41/0x4c0 [ 1431.408931][T24032] ? __schedule+0x1181/0x5de0 [ 1431.409009][T24032] ? __lock_acquire+0x622/0x1c90 [ 1431.409059][T24032] copy_vma_and_data+0x1cf/0x750 [ 1431.409115][T24032] ? __pfx_copy_vma_and_data+0x10/0x10 [ 1431.409178][T24032] ? __vma_enter_locked+0x163/0x3f0 [ 1431.409232][T24032] ? find_held_lock+0x2b/0x80 [ 1431.409266][T24032] ? move_vma+0x536/0x1740 [ 1431.409332][T24032] move_vma+0x548/0x1740 [ 1431.409391][T24032] ? __pfx_move_vma+0x10/0x10 [ 1431.409438][T24032] ? mm_get_unmapped_area+0x95/0xe0 [ 1431.409479][T24032] ? shmem_get_unmapped_area+0x170/0xa00 [ 1431.409525][T24032] ? cap_mmap_addr+0x4b/0x120 [ 1431.409555][T24032] ? bpf_lsm_mmap_addr+0x9/0x10 [ 1431.409590][T24032] ? security_mmap_addr+0x6c/0x1e0 [ 1431.409634][T24032] ? __get_unmapped_area+0x267/0x440 [ 1431.409677][T24032] ? vrm_set_new_addr+0x208/0x290 [ 1431.409732][T24032] __do_sys_mremap+0xe07/0x1590 [ 1431.409787][T24032] ? __pfx___do_sys_mremap+0x10/0x10 [ 1431.409849][T24032] ? __fget_files+0x204/0x3c0 [ 1431.409903][T24032] ? __x64_sys_futex+0x1e0/0x4c0 [ 1431.409971][T24032] do_syscall_64+0xcd/0x490 [ 1431.410028][T24032] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1431.410063][T24032] RIP: 0033:0x7fee9418e929 [ 1431.410090][T24032] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1431.410124][T24032] RSP: 002b:00007fee95037038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 1431.410156][T24032] RAX: ffffffffffffffda RBX: 00007fee943b6320 RCX: 00007fee9418e929 [ 1431.410180][T24032] RDX: 0000000000000008 RSI: 0000000000000002 RDI: 0000000000000000 [ 1431.410200][T24032] RBP: 00007fee94210b39 R08: 00007effffffb000 R09: 0000000000000000 [ 1431.410222][T24032] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 1431.410242][T24032] R13: 0000000000000000 R14: 00007fee943b6320 R15: 00007ffc89b017d8 [ 1431.410292][T24032] [ 1433.495330][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 1433.502929][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 1436.143160][T24049] vidtv vidtv.0: No streaming. Skipping. [ 1436.402403][T24089] FAULT_INJECTION: forcing a failure. [ 1436.402403][T24089] name failslab, interval 1, probability 0, space 0, times 0 [ 1436.415282][T24089] CPU: 1 UID: 0 PID: 24089 Comm: syz.3.4256 Tainted: G I 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 1436.415333][T24089] Tainted: [I]=FIRMWARE_WORKAROUND [ 1436.415346][T24089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1436.415365][T24089] Call Trace: [ 1436.415378][T24089] [ 1436.415390][T24089] dump_stack_lvl+0x16c/0x1f0 [ 1436.415447][T24089] should_fail_ex+0x512/0x640 [ 1436.415493][T24089] ? kmem_cache_alloc_bulk_noprof+0x6d/0xbc0 [ 1436.415549][T24089] should_failslab+0xc2/0x120 [ 1436.415580][T24089] kmem_cache_alloc_bulk_noprof+0x85/0xbc0 [ 1436.415637][T24089] ? trace_kmem_cache_alloc+0x28/0xc0 [ 1436.415671][T24089] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 1436.415722][T24089] ? mas_alloc_nodes+0x18b/0x8b0 [ 1436.415773][T24089] ? mas_alloc_nodes+0x2f1/0x8b0 [ 1436.415816][T24089] mas_alloc_nodes+0x2f1/0x8b0 [ 1436.415870][T24089] mas_node_count_gfp+0x105/0x130 [ 1436.415930][T24089] mas_preallocate+0x77b/0xda0 [ 1436.415971][T24089] ? __pfx_mas_preallocate+0x10/0x10 [ 1436.416018][T24089] ? rcu_read_unlock+0x17/0x60 [ 1436.416060][T24089] vma_link+0x135/0x6a0 [ 1436.416114][T24089] ? __pfx_vma_link+0x10/0x10 [ 1436.416162][T24089] ? rcu_is_watching+0x12/0xc0 [ 1436.416203][T24089] ? anon_vma_clone+0x405/0x5c0 [ 1436.416249][T24089] ? anon_vma_name+0x75/0x100 [ 1436.416291][T24089] copy_vma+0x6c2/0xaa0 [ 1436.416345][T24089] ? __pfx_copy_vma+0x10/0x10 [ 1436.416392][T24089] ? lockdep_hardirqs_on+0x7c/0x110 [ 1436.416450][T24089] ? register_lock_class+0x41/0x4c0 [ 1436.416492][T24089] ? __schedule+0x1181/0x5de0 [ 1436.416553][T24089] ? __lock_acquire+0x622/0x1c90 [ 1436.416604][T24089] copy_vma_and_data+0x1cf/0x750 [ 1436.416659][T24089] ? __pfx_copy_vma_and_data+0x10/0x10 [ 1436.416718][T24089] ? __vma_enter_locked+0x163/0x3f0 [ 1436.416767][T24089] ? find_held_lock+0x2b/0x80 [ 1436.416800][T24089] ? move_vma+0x536/0x1740 [ 1436.416855][T24089] move_vma+0x548/0x1740 [ 1436.416918][T24089] ? __pfx_move_vma+0x10/0x10 [ 1436.416965][T24089] ? mm_get_unmapped_area+0x95/0xe0 [ 1436.417005][T24089] ? shmem_get_unmapped_area+0x170/0xa00 [ 1436.417048][T24089] ? cap_mmap_addr+0x4b/0x120 [ 1436.417078][T24089] ? bpf_lsm_mmap_addr+0x9/0x10 [ 1436.417112][T24089] ? security_mmap_addr+0x6c/0x1e0 [ 1436.417153][T24089] ? __get_unmapped_area+0x267/0x440 [ 1436.417195][T24089] ? vrm_set_new_addr+0x208/0x290 [ 1436.417247][T24089] __do_sys_mremap+0xe07/0x1590 [ 1436.417301][T24089] ? __pfx___do_sys_mremap+0x10/0x10 [ 1436.417361][T24089] ? __fget_files+0x204/0x3c0 [ 1436.417414][T24089] ? __x64_sys_futex+0x1e0/0x4c0 [ 1436.417500][T24089] do_syscall_64+0xcd/0x490 [ 1436.417556][T24089] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1436.417591][T24089] RIP: 0033:0x7fc1d838e929 [ 1436.417620][T24089] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1436.417655][T24089] RSP: 002b:00007fc1d91a5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 1436.417687][T24089] RAX: ffffffffffffffda RBX: 00007fc1d85b5fa0 RCX: 00007fc1d838e929 [ 1436.417722][T24089] RDX: 0000000000000008 RSI: 0000000000000002 RDI: 0000000000000000 [ 1436.417742][T24089] RBP: 00007fc1d8410b39 R08: 00007effffffb000 R09: 0000000000000000 [ 1436.417762][T24089] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 1436.417781][T24089] R13: 0000000000000000 R14: 00007fc1d85b5fa0 R15: 00007ffec46996e8 [ 1436.417822][T24089] [ 1439.099917][T24141] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4273'. [ 1442.013080][T24164] netlink: 330 bytes leftover after parsing attributes in process `syz.0.4280'. [ 1446.254961][T24230] netlink: 330 bytes leftover after parsing attributes in process `syz.1.4296'. [ 1452.312513][T24333] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4325'. [ 1452.348522][T24333] hsr_slave_0: left promiscuous mode [ 1452.362974][T24333] hsr_slave_1: left promiscuous mode [ 1453.584424][T24343] FAULT_INJECTION: forcing a failure. [ 1453.584424][T24343] name failslab, interval 1, probability 0, space 0, times 0 [ 1453.630823][T24343] CPU: 1 UID: 0 PID: 24343 Comm: syz.1.4328 Tainted: G I 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 1453.630882][T24343] Tainted: [I]=FIRMWARE_WORKAROUND [ 1453.630896][T24343] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1453.630918][T24343] Call Trace: [ 1453.630929][T24343] [ 1453.630942][T24343] dump_stack_lvl+0x16c/0x1f0 [ 1453.631003][T24343] should_fail_ex+0x512/0x640 [ 1453.631051][T24343] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 1453.631109][T24343] should_failslab+0xc2/0x120 [ 1453.631141][T24343] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 1453.631193][T24343] ? do_raw_spin_lock+0x12c/0x2b0 [ 1453.631252][T24343] ? sock_alloc_inode+0x25/0x1c0 [ 1453.631294][T24343] ? __pfx_sock_alloc_inode+0x10/0x10 [ 1453.631329][T24343] sock_alloc_inode+0x25/0x1c0 [ 1453.631365][T24343] alloc_inode+0x61/0x240 [ 1453.631401][T24343] sock_alloc+0x40/0x280 [ 1453.631435][T24343] sock_create_lite+0x82/0x120 [ 1453.631474][T24343] __netlink_kernel_create+0xbd/0x750 [ 1453.631516][T24343] ? __pfx___netlink_kernel_create+0x10/0x10 [ 1453.631576][T24343] ? __pfx_genl_pernet_init+0x10/0x10 [ 1453.631616][T24343] genl_pernet_init+0xbd/0x170 [ 1453.631666][T24343] ? __pfx_genl_pernet_init+0x10/0x10 [ 1453.631702][T24343] ? lockdep_init_map_type+0x5c/0x280 [ 1453.631743][T24343] ? __pfx_genl_rcv+0x10/0x10 [ 1453.631776][T24343] ? __pfx_genl_bind+0x10/0x10 [ 1453.631827][T24343] ? __pfx_genl_unbind+0x10/0x10 [ 1453.631862][T24343] ? __pfx_genl_release+0x10/0x10 [ 1453.631902][T24343] ? debug_mutex_init+0x37/0x70 [ 1453.631937][T24343] ops_init+0x1e2/0x5f0 [ 1453.631983][T24343] setup_net+0x1ff/0x510 [ 1453.632010][T24343] ? lockdep_init_map_type+0x5c/0x280 [ 1453.632050][T24343] ? __pfx_setup_net+0x10/0x10 [ 1453.632085][T24343] ? debug_mutex_init+0x37/0x70 [ 1453.632118][T24343] copy_net_ns+0x2a6/0x5f0 [ 1453.632156][T24343] create_new_namespaces+0x3ea/0xa90 [ 1453.632198][T24343] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1453.632243][T24343] ksys_unshare+0x45b/0xa40 [ 1453.632286][T24343] ? __pfx_ksys_unshare+0x10/0x10 [ 1453.632345][T24343] ? xfd_validate_state+0x61/0x180 [ 1453.632399][T24343] __x64_sys_unshare+0x31/0x40 [ 1453.632440][T24343] do_syscall_64+0xcd/0x490 [ 1453.632495][T24343] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1453.632529][T24343] RIP: 0033:0x7fee9418e929 [ 1453.632555][T24343] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1453.632586][T24343] RSP: 002b:00007fee950bb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1453.632618][T24343] RAX: ffffffffffffffda RBX: 00007fee943b5fa0 RCX: 00007fee9418e929 [ 1453.632639][T24343] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1453.632659][T24343] RBP: 00007fee94210b39 R08: 0000000000000000 R09: 0000000000000000 [ 1453.632678][T24343] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1453.632697][T24343] R13: 0000000000000000 R14: 00007fee943b5fa0 R15: 00007ffc89b017d8 [ 1453.632738][T24343] [ 1457.879868][T24416] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78008 [ 1457.988247][T24416] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 1458.044380][T24423] could not allocate digest TFM handle [ 1458.052185][T24416] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 1458.132245][T24416] page_type: f5(slab) [ 1458.203310][T24416] raw: 00fff00000000040 ffff88801ce95640 0000000000000000 dead000000000001 [ 1458.317132][T24416] raw: 0000000000000000 0000000000070007 00000000f5000000 0000000000000000 [ 1458.438359][T24416] head: 00fff00000000040 ffff88801ce95640 0000000000000000 dead000000000001 [ 1458.559127][T24416] head: 0000000000000000 0000000000070007 00000000f5000000 0000000000000000 [ 1458.568052][T24416] head: 00fff00000000003 ffffea0001e00201 00000000ffffffff 00000000ffffffff [ 1458.594954][T24416] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 1458.680577][T24416] page dumped because: unmovable page [ 1458.693979][T24416] page_owner tracks the page as allocated [ 1458.712497][T24416] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5200, tgid 5200 (udevd), ts 1017185989724, free_ts 1017072619810 [ 1458.747851][T24416] post_alloc_hook+0x1c0/0x230 [ 1458.756414][T24416] get_page_from_freelist+0x1321/0x3890 [ 1458.762506][T24416] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 1458.770069][T24416] alloc_pages_mpol+0x1fb/0x550 [ 1458.775110][T24416] new_slab+0x23b/0x330 [ 1458.779855][T24416] ___slab_alloc+0xd9c/0x1940 [ 1458.784614][T24416] __slab_alloc.constprop.0+0x56/0xb0 [ 1458.790729][T24416] kmem_cache_alloc_noprof+0xef/0x3b0 [ 1458.796186][T24416] getname_flags.part.0+0x4c/0x550 [ 1458.802454][T24416] __x64_sys_unlink+0xb0/0x110 [ 1458.807310][T24416] do_syscall_64+0xcd/0x490 [ 1458.818307][T24416] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1458.833610][T24416] page last free pid 16206 tgid 16206 stack trace: [ 1458.847889][T24416] __free_frozen_pages+0x7fe/0x1180 [ 1458.857141][T24416] __put_partials+0x16d/0x1c0 [ 1458.862233][T24416] qlist_free_all+0x4d/0x120 [ 1458.867266][T24416] kasan_quarantine_reduce+0x195/0x1e0 [ 1458.873400][T24416] __kasan_slab_alloc+0x69/0x90 [ 1458.879004][T24416] kmem_cache_alloc_noprof+0x1cb/0x3b0 [ 1458.885370][T24416] getname_flags.part.0+0x4c/0x550 [ 1458.891120][T24416] getname_flags+0x93/0xf0 [ 1458.895777][T24416] vfs_fstatat+0xe1/0xf0 [ 1458.900493][T24416] __do_sys_newfstatat+0x97/0x120 [ 1458.905670][T24416] do_syscall_64+0xcd/0x490 [ 1458.911368][T24416] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1460.669610][T24470] FAULT_INJECTION: forcing a failure. [ 1460.669610][T24470] name failslab, interval 1, probability 0, space 0, times 0 [ 1460.683091][T24470] CPU: 1 UID: 0 PID: 24470 Comm: syz.0.4357 Tainted: G I 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 1460.683143][T24470] Tainted: [I]=FIRMWARE_WORKAROUND [ 1460.683155][T24470] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1460.683176][T24470] Call Trace: [ 1460.683187][T24470] [ 1460.683201][T24470] dump_stack_lvl+0x16c/0x1f0 [ 1460.683256][T24470] should_fail_ex+0x512/0x640 [ 1460.683303][T24470] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 1460.683359][T24470] should_failslab+0xc2/0x120 [ 1460.683392][T24470] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 1460.683464][T24470] ? sock_alloc_inode+0x25/0x1c0 [ 1460.683525][T24470] ? __pfx_sock_alloc_inode+0x10/0x10 [ 1460.683559][T24470] sock_alloc_inode+0x25/0x1c0 [ 1460.683595][T24470] alloc_inode+0x61/0x240 [ 1460.683644][T24470] sock_alloc+0x40/0x280 [ 1460.683679][T24470] sock_create_lite+0x82/0x120 [ 1460.683716][T24470] __netlink_kernel_create+0xbd/0x750 [ 1460.683757][T24470] ? __pfx___netlink_kernel_create+0x10/0x10 [ 1460.683812][T24470] uevent_net_init+0xf8/0x350 [ 1460.683849][T24470] ? __pfx_uevent_net_init+0x10/0x10 [ 1460.683888][T24470] ? __pfx_uevent_net_rcv+0x10/0x10 [ 1460.683938][T24470] ? __pfx_uevent_net_init+0x10/0x10 [ 1460.683973][T24470] ops_init+0x1e2/0x5f0 [ 1460.684009][T24470] setup_net+0x1ff/0x510 [ 1460.684037][T24470] ? lockdep_init_map_type+0x5c/0x280 [ 1460.684089][T24470] ? __pfx_setup_net+0x10/0x10 [ 1460.684124][T24470] ? debug_mutex_init+0x37/0x70 [ 1460.684179][T24470] copy_net_ns+0x2a6/0x5f0 [ 1460.684221][T24470] create_new_namespaces+0x3ea/0xa90 [ 1460.684269][T24470] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1460.684313][T24470] ksys_unshare+0x45b/0xa40 [ 1460.684358][T24470] ? __pfx_ksys_unshare+0x10/0x10 [ 1460.684412][T24470] ? xfd_validate_state+0x61/0x180 [ 1460.684469][T24470] __x64_sys_unshare+0x31/0x40 [ 1460.684520][T24470] do_syscall_64+0xcd/0x490 [ 1460.684576][T24470] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1460.684623][T24470] RIP: 0033:0x7f665d18e929 [ 1460.684650][T24470] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1460.684684][T24470] RSP: 002b:00007f665dfbe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1460.684715][T24470] RAX: ffffffffffffffda RBX: 00007f665d3b5fa0 RCX: 00007f665d18e929 [ 1460.684737][T24470] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1460.684758][T24470] RBP: 00007f665d210b39 R08: 0000000000000000 R09: 0000000000000000 [ 1460.684779][T24470] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1460.684808][T24470] R13: 0000000000000000 R14: 00007f665d3b5fa0 R15: 00007ffe535d9818 [ 1460.684856][T24470] [ 1460.684946][T24470] kobject_uevent: unable to create netlink socket! [ 1467.158415][T24567] FAULT_INJECTION: forcing a failure. [ 1467.158415][T24567] name failslab, interval 1, probability 0, space 0, times 0 [ 1467.171143][T24567] CPU: 1 UID: 0 PID: 24567 Comm: syz.3.4382 Tainted: G I 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 1467.171180][T24567] Tainted: [I]=FIRMWARE_WORKAROUND [ 1467.171189][T24567] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1467.171203][T24567] Call Trace: [ 1467.171212][T24567] [ 1467.171221][T24567] dump_stack_lvl+0x16c/0x1f0 [ 1467.171262][T24567] should_fail_ex+0x512/0x640 [ 1467.171296][T24567] ? __kmalloc_noprof+0xbf/0x510 [ 1467.171339][T24567] ? __netlink_kernel_create+0x17f/0x750 [ 1467.171365][T24567] should_failslab+0xc2/0x120 [ 1467.171388][T24567] __kmalloc_noprof+0xd2/0x510 [ 1467.171426][T24567] ? __netlink_create+0x208/0x2c0 [ 1467.171464][T24567] __netlink_kernel_create+0x17f/0x750 [ 1467.171492][T24567] ? __pfx___netlink_kernel_create+0x10/0x10 [ 1467.171528][T24567] ? find_held_lock+0x2b/0x80 [ 1467.171563][T24567] ? audit_net_init+0x190/0x440 [ 1467.171593][T24567] audit_net_init+0x1ae/0x440 [ 1467.171618][T24567] ? __pfx_audit_net_init+0x10/0x10 [ 1467.171645][T24567] ? __pfx_audit_receive+0x10/0x10 [ 1467.171674][T24567] ? __pfx_audit_multicast_bind+0x10/0x10 [ 1467.171703][T24567] ? __pfx_audit_multicast_unbind+0x10/0x10 [ 1467.171732][T24567] ? __kmalloc_noprof+0x242/0x510 [ 1467.171768][T24567] ? __pfx_audit_net_init+0x10/0x10 [ 1467.171793][T24567] ops_init+0x1e2/0x5f0 [ 1467.171816][T24567] setup_net+0x1ff/0x510 [ 1467.171834][T24567] ? lockdep_init_map_type+0x5c/0x280 [ 1467.171884][T24567] ? __pfx_setup_net+0x10/0x10 [ 1467.171908][T24567] ? debug_mutex_init+0x37/0x70 [ 1467.171932][T24567] copy_net_ns+0x2a6/0x5f0 [ 1467.171964][T24567] create_new_namespaces+0x3ea/0xa90 [ 1467.171996][T24567] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1467.172025][T24567] ksys_unshare+0x45b/0xa40 [ 1467.172057][T24567] ? __pfx_ksys_unshare+0x10/0x10 [ 1467.172088][T24567] ? xfd_validate_state+0x61/0x180 [ 1467.172126][T24567] __x64_sys_unshare+0x31/0x40 [ 1467.172156][T24567] do_syscall_64+0xcd/0x490 [ 1467.172194][T24567] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1467.172218][T24567] RIP: 0033:0x7fc1d838e929 [ 1467.172237][T24567] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1467.172260][T24567] RSP: 002b:00007fc1d91a5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1467.172282][T24567] RAX: ffffffffffffffda RBX: 00007fc1d85b5fa0 RCX: 00007fc1d838e929 [ 1467.172298][T24567] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1467.172313][T24567] RBP: 00007fc1d8410b39 R08: 0000000000000000 R09: 0000000000000000 [ 1467.172327][T24567] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1467.172348][T24567] R13: 0000000000000000 R14: 00007fc1d85b5fa0 R15: 00007ffec46996e8 [ 1467.172378][T24567] [ 1467.172449][T24567] audit: cannot initialize netlink socket in namespace syzkaller syzkaller login: [ 1470.194631][T24640] kernel tried to execute NX-protected page - exploit attempt? (uid: 0) [ 1470.203008][T24640] BUG: kernel NULL pointer dereference, address: 0000000000000000 [ 1470.210820][T24640] #PF: supervisor instruction fetch in kernel mode [ 1470.217330][T24640] #PF: error_code(0x0011) - permissions violation [ 1470.223755][T24640] PGD 8000000082b94067 P4D 8000000082b94067 PUD 62d78067 PMD 678a9067 PTE 6bcd9867 [ 1470.233092][T24640] Oops: Oops: 0011 [#1] SMP KASAN PTI [ 1470.238481][T24640] CPU: 0 UID: 0 PID: 24640 Comm: syz.0.4396 Tainted: G I 6.16.0-rc3-syzkaller #0 PREEMPT(full) [ 1470.250392][T24640] Tainted: [I]=FIRMWARE_WORKAROUND [ 1470.255504][T24640] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1470.265567][T24640] RIP: 0010:0x0 [ 1470.269043][T24640] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [ 1470.276413][T24640] RSP: 0018:ffffc9000bbcf9c8 EFLAGS: 00010287 [ 1470.282492][T24640] RAX: 00000000000009d4 RBX: 0000000000000000 RCX: ffffc9000c859000 [ 1470.290473][T24640] RDX: 0000000000080000 RSI: ffffea00012f4940 RDI: ffff8880831ffc00 [ 1470.298454][T24640] RBP: ffffea00012f4940 R08: 0000000000000007 R09: 0000000000000000 [ 1470.306430][T24640] R10: 0000000000000000 R11: 0000000000000001 R12: 1ffff92001779f3a [ 1470.314408][T24640] R13: ffff8880831ffc00 R14: 0000000000000000 R15: dffffc0000000000 [ 1470.322409][T24640] FS: 00007f665dfbe6c0(0000) GS:ffff88812475f000(0000) knlGS:0000000000000000 [ 1470.331707][T24640] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1470.338311][T24640] CR2: ffffffffffffffd6 CR3: 0000000082c72000 CR4: 00000000003526f0 [ 1470.346296][T24640] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1470.354277][T24640] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1470.362257][T24640] Call Trace: [ 1470.365544][T24640] [ 1470.368486][T24640] filemap_read_folio+0xc5/0x2a0 [ 1470.373457][T24640] ? __pfx_filemap_read_folio+0x10/0x10 [ 1470.379033][T24640] ? __filemap_get_folio+0x32b/0xc30 [ 1470.384347][T24640] ? down_read+0x13d/0x480 [ 1470.388779][T24640] do_read_cache_folio+0x263/0x5c0 [ 1470.393901][T24640] freader_get_folio+0x337/0x930 [ 1470.398870][T24640] freader_fetch+0xc2/0x5e0 [ 1470.403391][T24640] ? mt_find+0x3ef/0xa30 [ 1470.407647][T24640] __build_id_parse.isra.0+0xec/0x7a0 [ 1470.413039][T24640] ? __pfx___build_id_parse.isra.0+0x10/0x10 [ 1470.419041][T24640] ? __pfx_find_vma+0x10/0x10 [ 1470.423756][T24640] do_procmap_query+0xd96/0x1090 [ 1470.428741][T24640] ? __pfx_do_procmap_query+0x10/0x10 [ 1470.434141][T24640] ? __fget_files+0x20e/0x3c0 [ 1470.438843][T24640] procfs_procmap_ioctl+0x7d/0xb0 [ 1470.443887][T24640] ? __pfx_procfs_procmap_ioctl+0x10/0x10 [ 1470.449627][T24640] __x64_sys_ioctl+0x18e/0x210 [ 1470.454422][T24640] do_syscall_64+0xcd/0x490 [ 1470.458952][T24640] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1470.464865][T24640] RIP: 0033:0x7f665d18e929 [ 1470.469294][T24640] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1470.488938][T24640] RSP: 002b:00007f665dfbe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1470.497380][T24640] RAX: ffffffffffffffda RBX: 00007f665d3b5fa0 RCX: 00007f665d18e929 [ 1470.505369][T24640] RDX: 0000200000000180 RSI: 00000000c0686611 RDI: 0000000000000006 [ 1470.513347][T24640] RBP: 00007f665d210b39 R08: 0000000000000000 R09: 0000000000000000 [ 1470.521325][T24640] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1470.529305][T24640] R13: 0000000000000000 R14: 00007f665d3b5fa0 R15: 00007ffe535d9818 [ 1470.537296][T24640] [ 1470.540322][T24640] Modules linked in: [ 1470.544248][T24640] CR2: 0000000000000000 [ 1470.548419][T24640] ---[ end trace 0000000000000000 ]--- [ 1470.553880][T24640] RIP: 0010:0x0 [ 1470.557351][T24640] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [ 1470.564718][T24640] RSP: 0018:ffffc9000bbcf9c8 EFLAGS: 00010287 [ 1470.570796][T24640] RAX: 00000000000009d4 RBX: 0000000000000000 RCX: ffffc9000c859000 [ 1470.578774][T24640] RDX: 0000000000080000 RSI: ffffea00012f4940 RDI: ffff8880831ffc00 [ 1470.586749][T24640] RBP: ffffea00012f4940 R08: 0000000000000007 R09: 0000000000000000 [ 1470.594730][T24640] R10: 0000000000000000 R11: 0000000000000001 R12: 1ffff92001779f3a [ 1470.602723][T24640] R13: ffff8880831ffc00 R14: 0000000000000000 R15: dffffc0000000000 [ 1470.610707][T24640] FS: 00007f665dfbe6c0(0000) GS:ffff88812475f000(0000) knlGS:0000000000000000 [ 1470.619650][T24640] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1470.626246][T24640] CR2: ffffffffffffffd6 CR3: 0000000082c72000 CR4: 00000000003526f0 [ 1470.634229][T24640] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1470.642208][T24640] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1470.650191][T24640] Kernel panic - not syncing: Fatal exception [ 1470.656610][T24640] Kernel Offset: disabled [ 1470.660951][T24640] Rebooting in 86400 seconds..