last executing test programs: 4.931078157s ago: executing program 0 (id=1026): r0 = socket$nl_generic(0x10, 0x3, 0x10) socket(0x15, 0x5, 0x0) sendto$auto(0x3, 0x0, 0x8000002000f, 0x0, &(0x7f0000000040), 0x1c) mmap$auto(0x6, 0x3, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/net/rose7/power/runtime_suspended_time\x00', 0x48000, 0x0) read$auto(r1, 0x0, 0x80000000) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/fail-nth\x00', 0x16f802, 0x0) mmap$auto(0x0, 0x0, 0x8, 0xeb1, 0x401, 0x1ffffffffffeff) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x2) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket(0x10, 0x2, 0xc) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYRES8=r2, @ANYBLOB="01"], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x80) write$auto(r0, &(0x7f0000000300)='-\xac\x92\x01\xf9\xc8\x04\a\xd4\xed\x8bi\xa9\xdc\x9b\xceNk4*\xc9WF\xcd\xc4\x8e|\xd5}\xae\xce\xc7Xr\r\x8e\x91?\xab\x1bjA!\xc3RL\xfe\\\x01\xcb\x85\x9f\xbb\xa9j\xe6\x1b!%\x83\xbf\xdd\xfd\x18\x82z\xf4d\xbc\xd8\x1f\x87\xae\xb5\x94\xe2\x96iP\x1d\aQ\x1cF\x98?\x97\x85\xb6\xab\xaa\xfa8\xc2\xb8\x98\x17\x05r\xe64/\x1a\xb6\xda\xcd\xd9B\xb3\xe1\xb8\xcf\xc5\x0e\xff\x0e6\"\xa2\xfd\xdahm\x84U\xa9\xc6*S!\xe0\xc2\x98\x03\x97\x94\xcc\xdb\x91g07\xfbn\x1a\xc0\xd9\x91\x9b\x81\xc1N\xa5^\xaeeo\x9d\xf5\xa3k\xa3F\xac\xdf\x98^\x80\t\xd2P\xb7JKLy\xe0\x99\x9a\xc54r\x86K\x05\x006\x0fNr\r\xa1\x95\x81\xc7\x8cB@p`\xfa\x197\x82@9\xae5(\x0e\x7f@2', 0x8) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x5, 0x800000002020009, 0xfffffffffffffffe, 0x2000000eb1, 0xfffffffffffffffa, 0xa1e) r3 = socket(0xa, 0x801, 0x100) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "0000000000fffffffa00"}, 0x55) ioctl$auto(r3, 0x541b, r3) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:0c/sun\x00', 0x0, 0x0) read$auto(r4, 0x0, 0x20) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/fail-nth\x00', 0x412302, 0x0) getrandom$auto(0x0, 0x6000000, 0x3) writev$auto(r1, &(0x7f0000000200)={0x0, 0x207}, 0x3) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40, 0x0) socket(0x1e, 0x5, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0) semctl$auto_SETVAL(0x6, 0x6, 0x10, 0x8) 4.724470019s ago: executing program 2 (id=1029): bpf$auto(0x0, &(0x7f0000000040)=@bpf_attr_5={@target_ifindex, 0x7f, 0x99, 0x8, 0x1, @relative_id=0x8, 0x1}, 0x92) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000004c0)={'veth0_vlan\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_MACSEC_CMD_DEL_RXSC(r2, &(0x7f0000007500)={0x0, 0x0, &(0x7f00000074c0)={&(0x7f0000000040)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01"], 0x2c}, 0x1, 0x0, 0x0, 0xc0c1}, 0x10) (fail_nth: 14) 4.097719187s ago: executing program 0 (id=1032): openat$auto_proc_gid_map_operations_base(0xffffffffffffff9c, &(0x7f0000001480)='/proc/thread-self/gid_map\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000200)=""/114, 0x72) r0 = socket(0x9, 0x1, 0x4) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mprotect$auto(0x5, 0x8000000000000004, 0x5) madvise$auto(0x0, 0xffffffffffff0001, 0x15) msync$auto(0x0, 0x2000000005, 0x6) r1 = socket$nl_generic(0x10, 0x3, 0x10) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) r2 = syz_clone(0x40040000, 0x0, 0x0, 0x0, 0x0, 0x0) move_pages$auto(r2, 0x1002, 0x0, 0x0, 0x0, 0x5) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) sendmsg$auto_ETHTOOL_MSG_LINKMODES_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x20}, 0x1, 0x0, 0x0, 0x40000000}, 0x0) r3 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/radio6\x00', 0x8a240, 0x0) r4 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), r0) r5 = getpid() process_vm_readv$auto(r5, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={0x0, 0xffffffff}, 0x6, 0x0) sendmsg$auto_NL802154_CMD_NEW_INTERFACE(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)={0x104, r4, 0x100, 0x70bd25, 0x25dfdbfb, {}, [@NL802154_ATTR_PID={0x8, 0x1c, r5}, @NL802154_ATTR_MAX_CSMA_BACKOFFS={0x5, 0x12, 0x8}, @NL802154_ATTR_SEC_DEVICE={0xc, 0x2e, 0x0, 0x1, [@typed={0x8, 0xae, 0x0, 0x0, @u32=0xffffffff}]}, @NL802154_ATTR_IFNAME={0x14, 0x4, 'veth0_to_hsr\x00'}, @NL802154_ATTR_SEC_LEVEL={0xa8, 0x2d, 0x0, 0x1, [@nested={0x91, 0xe7, 0x0, 0x1, [@generic="f994f9b391316f24fa09192d3264478cdf0681ef8b848605fa3d7ae821f9f922072f6c873c36fc72f5944680c3ee5f88a4739ad41f30df6df64524d0b81b5892d0a06e8a7818f2cd7f470a7d3749545cedbacb84eac07a5cec6b56b73e28ba4600fbb16180a67f89eff562dc172dfc95dab69ca6f7e96416a8357f4a89024d1eb5b71ada5c", @nested={0x4, 0x114}, @nested={0x4, 0xac}]}, @nested={0x10, 0x12a, 0x0, 0x1, [@nested={0x4, 0xae}, @generic, @typed={0x8, 0xb9, 0x0, 0x0, @ipv4=@rand_addr=0x64010102}]}]}, @NL802154_ATTR_IFTYPE={0x8, 0x5, 0x5}, @NL802154_ATTR_PID={0x8, 0x1c, 0xffffffffffffffff}, @NL802154_ATTR_MAX_CSMA_BACKOFFS={0x5, 0x12, 0x6}]}, 0x104}, 0x1, 0x0, 0x0, 0x800}, 0x40800) ioctl$auto(r3, 0x5646, r3) read$auto_v4l2_fops_v4l2_dev(r3, &(0x7f0000000080)=""/27, 0x1b) r6 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/scsi/device_info\x00', 0x0, 0x0) read$auto_proc_reg_file_ops_compat_inode(r6, &(0x7f0000001080)=""/244, 0xf4) 4.087526956s ago: executing program 2 (id=1033): close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x5, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x4, 0xffffffffffffffff, 0x0, 0x5, 0x10000000000007) statmount$auto(0x0, 0x0, 0x1fe, 0xd) r0 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0) select$auto(0xd, 0x0, 0x0, 0x0, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r0, 0xfffffffffffffd02, &(0x7f00000001c0)) socket(0xa, 0x801, 0x84) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x2c, 0x3, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x314183, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0xd4, 0x1, 0x6, 0x0, 0x1, 0x368e, 0x2, {0x100000000, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x80000004, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0xa200, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000004440), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'ip6gre0\x00', 0x0}) sendmsg$auto_OVS_DP_CMD_NEW(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000004540)={&(0x7f0000000140)={0x40, r3, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@OVS_DP_ATTR_IFINDEX={0x8, 0x9, r4}, @OVS_DP_ATTR_USER_FEATURES={0x8, 0x5, 0x6}, @OVS_DP_ATTR_NAME={0x11, 0x1, 'ovs_\x12\x00\x00\x00\x00\x00\x00\x00\x00'}, @OVS_DP_ATTR_UPCALL_PID={0x8}]}, 0x40}, 0x1, 0x0, 0x0, 0x10}, 0x2000000) r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r5, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3f, 0x9, 0x5, 0xfffffffffffffffd]}, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000280)={'batadv0\x00'}) bpf$auto(0xa, &(0x7f00000000c0)=@bpf_attr_5={@target_fd, r1, 0x1000004, 0x401, r7, @relative_fd=r7, 0xe600}, 0x3) mmap$auto(0x0, 0x1, 0xdf, 0xeb1, 0x401, 0x8000) r8 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) setsockopt$auto(r8, 0x3, 0x35, 0x0, 0x0) pidfd_open$auto(0x1, 0x0) 2.938255259s ago: executing program 2 (id=1037): set_mempolicy_home_node$auto(0x8, 0x200, 0x7, 0x5) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/platform/vkms/graphics/fb0/state\x00', 0xc2481, 0x0) write$auto(r0, 0x0, 0x81) acct$auto(&(0x7f0000000000)='/dev/fb0\x00') recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/bus/scsi/drivers_autoprobe\x00', 0x141000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000500)=""/4096, 0x1000) openat$auto_proc_pid_attr_operations_base(0xffffffffffffff9c, 0x0, 0x151001, 0x0) socket$nl_generic(0x10, 0x3, 0x10) write$auto_console_fops_tty_io(0xffffffffffffffff, 0x0, 0x0) sendmsg$auto_OVS_DP_CMD_GET(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x28, 0x0, 0x5, 0x70bd29, 0x25dfdbfc, {}, [@OVS_DP_ATTR_IFINDEX={0x8}, @OVS_DP_ATTR_NAME={0xb, 0x1, '.\x02:\xb6-$\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000c000}, 0x4000024) sendmsg$auto_ETHTOOL_MSG_DEBUG_GET(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000380)={&(0x7f0000001500)=ANY=[@ANYBLOB="04010000", @ANYRES16=0x0, @ANYBLOB="000126bd7000fddbdf250700000028000180080003004c000000140002007465616d5f736c6176655f310000000008000100", @ANYBLOB="680001801400020070696d3672656700000000000000000008000300a10c000008000100", @ANYRES32=0x0, @ANYBLOB="1400020070696d36726567310000000000000000140002007866726d30dcaa48ed5a00"/44, @ANYRES32=0x0, @ANYBLOB="08000300ff03000008000100", @ANYRES32, @ANYBLOB="600001801400020067656e65766530000000000000000000140002006970766c616e30000000000000000000080003000100000008000300ff03000008000300040300001400020076657468305f766c616e0000000000000800030008000000"], 0x104}, 0x1, 0x0, 0x0, 0x80}, 0x4927eb57b23ce3bf) signalfd$auto(0xffffffff, 0x0, 0x8) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) close_range$auto(0xffffffffffffffff, 0x8, 0x0) r2 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/security/tomoyo/manager\x00', 0x2, 0x0) write$auto_tomoyo_operations_securityfs_if(r2, &(0x7f0000000180), 0x0) setns(0xffffffffffffffff, 0x60020000) 2.821392679s ago: executing program 1 (id=1038): set_mempolicy_home_node$auto(0x8, 0x200, 0x7, 0x5) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/platform/vkms/graphics/fb0/state\x00', 0xc2481, 0x0) write$auto(r0, 0x0, 0x81) acct$auto(&(0x7f0000000000)='/dev/fb0\x00') recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/bus/scsi/drivers_autoprobe\x00', 0x141000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000500)=""/4096, 0x1000) openat$auto_proc_pid_attr_operations_base(0xffffffffffffff9c, 0x0, 0x151001, 0x0) socket$nl_generic(0x10, 0x3, 0x10) write$auto_console_fops_tty_io(0xffffffffffffffff, 0x0, 0x0) sendmsg$auto_OVS_DP_CMD_GET(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x28, 0x0, 0x5, 0x70bd29, 0x25dfdbfc, {}, [@OVS_DP_ATTR_IFINDEX={0x8}, @OVS_DP_ATTR_NAME={0xb, 0x1, '.\x02:\xb6-$\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000c000}, 0x4000024) sendmsg$auto_ETHTOOL_MSG_DEBUG_GET(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000380)={&(0x7f0000001500)=ANY=[@ANYBLOB="04010000", @ANYRES16=0x0, @ANYBLOB="000126bd7000fddbdf250700000028000180080003004c000000140002007465616d5f736c6176655f310000000008000100", @ANYBLOB="680001801400020070696d3672656700000000000000000008000300a10c000008000100", @ANYRES32=0x0, @ANYBLOB="1400020070696d36726567310000000000000000140002007866726d30dcaa48ed5a00"/44, @ANYRES32=0x0, @ANYBLOB="08000300ff03000008000100", @ANYRES32, @ANYBLOB="600001801400020067656e65766530000000000000000000140002006970766c616e30000000000000000000080003000100000008000300ff03000008000300040300001400020076657468305f766c616e0000000000000800030008000000"], 0x104}, 0x1, 0x0, 0x0, 0x80}, 0x4927eb57b23ce3bf) signalfd$auto(0xffffffff, 0x0, 0x8) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) close_range$auto(0xffffffffffffffff, 0x8, 0x0) r2 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/security/tomoyo/manager\x00', 0x2, 0x0) write$auto_tomoyo_operations_securityfs_if(r2, &(0x7f0000000180), 0x0) (fail_nth: 1) setns(0xffffffffffffffff, 0x60020000) 2.750287002s ago: executing program 3 (id=1039): bpf$auto(0x0, &(0x7f0000000040)=@bpf_attr_5={@target_ifindex, 0x7f, 0x99, 0x8, 0x1, @relative_id=0x8, 0x1}, 0x92) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000004c0)={'veth0_vlan\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_MACSEC_CMD_DEL_RXSC(r2, &(0x7f0000007500)={0x0, 0xf000, &(0x7f00000074c0)={&(0x7f0000000040)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01"], 0x2c}, 0x1, 0x0, 0x0, 0xc0c1}, 0x10) 2.520009669s ago: executing program 3 (id=1040): io_uring_setup$auto(0x6, 0x0) shmctl$auto_SHM_UNLOCK(0x1c, 0xc, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x10f102, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x800, 0x100) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) mmap$auto(0x9, 0x4020009, 0xdf, 0xeb1, r0, 0xb) mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000) r2 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) capset$auto(&(0x7f0000000180)={0x19980330}, 0x0) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) r4 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r3, 0x560f, r4) ioctl$auto_PPPIOCSPASS(r2, 0x40107447, &(0x7f0000000040)={0x6, 0x0}) ioctl$auto_PPPIOCSPASS(r2, 0x40107447, &(0x7f00000000c0)={0x9, &(0x7f0000000000)={0x30, 0xf1, 0xb0, @raw=0xfffff034}}) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x14}}, 0x4000080) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r5, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_FIOQSIZE(r1, 0x5460, 0xffffffffffffffff) syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000140), 0xffffffffffffffff) openat$auto_nsim_udp_tunnels_info_reset_fops_udp_tunnels(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/netdevsim/netdevsim1/ports/0/udp_ports_reset\x00', 0x400000, 0x0) fanotify_init$auto(0x8, 0x401) mmap$auto(0x0, 0x5810, 0xffb, 0x8000000008011, 0x3, 0x0) 2.119222933s ago: executing program 0 (id=1041): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x7, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x2, 0x0) sysinfo$auto(&(0x7f0000000180)={0xe5, [0x5, 0x7f, 0xe6f], 0x0, 0x9, 0x0, 0x4, 0x1, 0x6, 0xd, 0x0, 0x3, 0x0, 0x5}) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB=']'], 0x1ac}}, 0x40000) recvmmsg$auto(r0, &(0x7f0000000140)={{0x0, 0x1, &(0x7f0000000080)={0x0, 0x400}, 0x5, 0x0, 0x200002, 0x10001}, 0x6}, 0xfffffff9, 0x10, 0x0) r1 = gettid() process_vm_writev$auto(r1, 0x0, 0x3, 0x0, 0x4, 0x0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0xc) socket(0x2, 0x80002, 0x73) r2 = socket(0xa, 0x1, 0x84) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000000)='ns/time_for_children\x00') connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) ppoll$auto(&(0x7f00000002c0)={r2, 0x1, 0xd75}, 0x2, 0x0, 0x0, 0x8) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/kernel/hung_task_check_interval_secs\x00', 0x88542, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) r3 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/keys\x00', 0x8340, 0x0) read$auto_proc_iter_file_ops_compat_inode(r3, &(0x7f0000001700)=""/4096, 0x2f00) 2.035404384s ago: executing program 1 (id=1042): mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000003c0)='/sys/devices/platform/dummy_hcd.1/usb2/bcdDevice\x00', 0x200, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000100)=""/246, 0xf6) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0xa200, 0x0) r1 = semctl$auto_GETZCNT(0xd, 0x1, 0xf, 0x3) process_vm_readv$auto(r1, 0x0, 0xfffffffffffffffe, 0x0, 0x3, 0x42) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x500, 0x0) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) 1.853012066s ago: executing program 2 (id=1043): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/memory/memory15/online\x00', 0xa001, 0x0) write$auto(r0, &(0x7f0000000140)='0[.[\x00', 0xcd04) 1.818371957s ago: executing program 3 (id=1044): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/igmp6\x00', 0x101d41, 0x0) write$auto(r0, 0x0, 0x6) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x2c, 0x3, 0x0) openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000000), 0x48501, 0x0) r1 = io_uring_setup$auto(0x1, 0x0) r2 = openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000008040), 0x2, 0x0) pipe$auto(0x0) ioctl$auto_I2C_SMBUS(r2, 0x720, 0x0) mmap$auto(0x0, 0x20009, 0x3, 0xeb1, 0x401, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/self/statm\x00', 0x800, 0x0) read$auto_proc_single_file_operations_base(r4, &(0x7f0000000300)=""/248, 0xf8) r5 = mq_open$auto(&(0x7f0000000000)='\xbe\xf2\x82\xe7\x14g\xb5\xeeMQ\x13\xa2_g\xbf\t\xfa\xf2_N\xb0{\xf9\xb57v\xeeG\xd9l\xbf\x86q w\x96\xd9\xe9\xa8\xe1\xf0\xc7\x1f\x1e\xc4\xc4\x89u\x83\xe8}\xbd\x7fO\x91\xc1UVW.\xb6\xad\x04u\x02w.\xec`O\xc1\x0e\x15\xe7:\xc9\x1bK\xcddY\x03\x95\xd1\xae\xc1\x9b\x96\x9faj\xd2\xfc\xfc\x1f7\xaf\xcan\xf6\xc0wK\xce\xe7Q\xae\xc9Hg\x01\xef\xda[\xe5\xa3\xa3%\'\x8f\xcf\x96X:\x04Dkt\x7f\xde\x80\x01\xddX\x91\x88\xa1\t\xc3\xf1\xfe[\x93$O8 b\xb4\x92\xf4\xbc\xc5\xb9\x989\xfcF\xec\xdc@\xdd\xdaeM\xe0U\xc8;\xf5\xe7$Q8\xd2\x87\xdd\xc5\x9d\xc5\xe8\xb5\xb5\xb8\xdfD\xd0\xe8t\x8aS\xaa\xbe\xaa\xba\x9e^0\x1a\xf8Y\xf5Jp\bu\xba\x98\x00\xf0H5\xa9u\x0e\xc4\x04\x13\xf58p\x9f\x11\xc07\xefS*|\xd87\x12\xd8\xce\xde0\xd82;\xcd\x18\r\xccI\x99\n\xd2\x86', 0xdd1, 0x8, 0x0) mq_notify$auto(r5, &(0x7f0000000200)={@sival_ptr=0x0, @inferred=r3, 0x2, @_tid}) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "00800000ffefffffff0200000001"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x3, 0xb00) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r6 = socket(0x15, 0x5, 0x0) write$auto_proc_pid_attr_operations_base(r5, &(0x7f0000000100)="8d2e418c64c4f0f3aed23633318657adf995014ca45dbce5344a15aea4e5efafa218aa1130ec6394b158506a5ceb6a428303ce35ffedc23cc65b568ead129d59d2f971718456c4b65cf59402db5c9f15e62ca12042ea730a969ad7c8ff24453a15980bb01161747ca72ff78e92411a244f2e89a127d56703ddead5a353e74ee7d47cd62afefa", 0x86) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000280)={'nicvf0\x00'}) r7 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r8, 0xfd}, 0x6a) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000400)={'wg1\x00'}) getsockopt$auto(r6, 0x114, 0x271b, 0xfffffffffffffffc, 0x0) 1.730662598s ago: executing program 1 (id=1045): socket(0x28, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xf0101, 0x0) ioctl$auto(0x3, 0xae47, 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x28f, 0x100, 0x0, 0x101, 0x6, 0x2}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}}) mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) io_uring_register$auto(0x2, 0x9, &(0x7f0000000100), 0xd) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000540)='/dev/sequencer2\x00', 0x1c8340, 0x0) write$auto_ocfs2_control_fops_stack_user(0xffffffffffffffff, &(0x7f00000000c0)="5b85c9f225bc8d4ac56901a14beffe61588413cc62c56c3a633fddf579e13442591befc6df25bd500ff90240fbc32e9c0f452600c2797452e527b4b9e0c77e62c3875786eb0e36b4951b5df88665373cfe4cc5e584879c911aa43a7e17fba047e2759dc9eecc237312d0080ae2979c4d86d266064da14a6eac212ce1472b997fcd18e4dbc709753a341dead6d4a454b998861dcaa330f577d6666dc69bb362b1440f41b1d35e51391ec141560085c2a8f4c438d1aeed18c50c93f2d77d2e9666ba8d6493365940c1e6a25b6b87a9ecb04587d88f48a755ae35034b9e3b0518baf0bc26fd3793cc4d192c", 0xea) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dmmidi2\x00', 0x12503, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/fs/pipe-max-size\x00', 0x382, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xffffffffffff7fff, 0x1, 0x948b, 0x2, 0x15f4da0a, 0x400000006, 0x3, 0x300000000000000, 0x9, 0x5, 0x6d3c, 0x5, 0x80000000002]}, 0x0) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) r2 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f00000001c0), 0x7a1c0, 0x0) mmap$auto(0x0, 0x200000000020009, 0xdf, 0xeb1, 0x3fd, 0x2000008000) socket(0x2, 0x1, 0x100) sysfs$auto(0x2, 0x4, 0x0) r3 = getsockopt$auto(r1, 0x0, 0x42, 0x0, &(0x7f00000000c0)=0x1e) ioctl$auto_RTC_PIE_ON(r2, 0x7005, 0x0) r4 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) ioctl$auto_IOCTL_VMCI_VERSION2(r4, 0x7a7, 0x0) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r4, 0x7a0, 0x6) ioctl$auto_IOCTL_VMCI_SET_NOTIFY(r3, 0x7cb, 0xf4) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x1, 0x0) 1.617809838s ago: executing program 3 (id=1046): r0 = socket(0x25, 0x1, 0x1) unshare$auto(0x40000080) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) setfsgid$auto(0x9) mmap$auto(0xfffffffffffffffe, 0x8000000000000000, 0x87, 0xeb1, 0xffffffffffffffff, 0x4000000000007ffc) r1 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x1000, 0x0) r2 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto_VHOST_SET_OWNER(r2, 0xaf01, 0x5) ioctl$auto(r2, 0xc008af12, r1) lstat$auto(0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) sendmsg$auto_NL802154_CMD_NEW_INTERFACE(0xffffffffffffffff, 0x0, 0x40) r3 = socket(0x11, 0x3, 0x2) read$auto(0xffffffffffffffff, 0x0, 0x9) ioctl$sock_SIOCGIFINDEX(r3, 0x8955, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) unshare$auto(0x7) madvise$auto(0x110c230000, 0x8031ca, 0x9) r4 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0x400, 0x0) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r4, 0x7a0, 0x0) syz_genetlink_get_family_id$auto_ovs_flow(0x0, 0xffffffffffffffff) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram1\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) write$auto(0x3, 0x0, 0x100082) close_range$auto(0x2, 0x8, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) connect$auto(r0, &(0x7f0000000040)=@generic={0x25, "835aabaf5dc454e38226799f73aa"}, 0x18) 1.242469986s ago: executing program 1 (id=1047): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop4\x00', 0x0, 0x0) ioctl$auto_BLKGETSIZE64(r0, 0x80081272, &(0x7f0000001200)=0x7) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_tracing_stats_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/per_cpu/cpu0/stats\x00', 0x100, 0x0) read$auto_tracing_stats_fops_trace(r2, 0x0, 0x0) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), r1) socket(0x2, 0x801, 0x100) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/tcp\x00', 0x181800, 0x0) pread64$auto(r4, &(0x7f0000000000)='/proc/thread-self/net/tcp6\x00\xd2)\x8e\x892\x82\x19\xfd\x03\xc3\x8d\xd7D\bz\xde5u4\xddS\xe6\x1a\x8a`\xad0\x98|\xbc\x00\x98\b\x0ey\xcb`\x9b\x91r\xd5\x13\x9e\xdd4\xe7\xb7\x94P\x8fBlm\x04eAW\xbc0\x9b\xbd\x8f\xf5];\x94\x18\xf0\v\xd7\xf4P\xd3\x9e,Q\xd8\x16\x989l\x03\a\xcc\x1e\xb9\xe9{\xeeS\xa9\xc60\x00\xb5&\x9e\xdbk{F\x18\xa8\xba*G\xd3\x80\xb1G.\xec1\x96uP\x97\x8co\xf1\xa6\xd5\xea\xc8L3|a\xb3\xaa\x90~Y\xb19\xad\xdc\x05o\x98g\xd4\x10]5\x95\xd0\xabJC\x06\xd0c\xd1Ra\xf7\xc4n\xdf\xe4\xc7\x03\x19x\xbb\v\x00\t\xde\xf5\x93\xfb\xfb#\xbd\xc0S\f57\x83\xdd\xaa\xf0\x9c\xd3G\xe1\x00'/232, 0x3ef, 0x9) r5 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r6 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r6, 0x0, 0x1f40) r7 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x20002, 0x0) ioctl$auto_KVM_GET_SUPPORTED_HV_CPUID(r7, 0xc008aec1, &(0x7f0000000100)={0x7}) r8 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r8, &(0x7f0000000200)={0x0, 0x7}, 0x3) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_SNDCTL_DSP_SETTRIGGER(r5, 0x40045010, &(0x7f0000000040)) sendmsg$auto_ETHTOOL_MSG_FEC_GET(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)={0x2c, r3, 0x1, 0x70bd2b, 0x25dfdc01, {}, [@ETHTOOL_A_FEC_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4010}, 0x800) 1.20413803s ago: executing program 0 (id=1048): r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000001a80)='/dev/bus/usb/001/001\x00', 0x29202, 0x0) mmap$auto(0x2000, 0x80009, 0xb, 0x8000000008011, r0, 0x0) mbind$auto(0x8000, 0x7f, 0x2, &(0x7f0000000280)=0x20000000000000fb, 0x3, 0x1) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) unshare$auto(0x40000080) sendmsg$auto_NLBL_MGMT_C_LISTALL(0xffffffffffffffff, 0x0, 0x0) socket(0x2, 0x3, 0x2) syz_clone3(&(0x7f0000000240)={0x800, &(0x7f0000000000), &(0x7f0000000040)=0x0, &(0x7f0000000080), {0x21}, &(0x7f00000000c0)=""/217, 0xd9, &(0x7f00000001c0)=""/8, &(0x7f0000000200)=[0xffffffffffffffff], 0x1}, 0x58) capset$auto(&(0x7f00000002c0)={0x2, r1}, &(0x7f0000000300)={0x9, 0x95ff, 0xb3}) setsockopt$auto(0x3, 0x0, 0xc8, 0xfffffffffffffffc, 0x4) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) 1.177869753s ago: executing program 2 (id=1049): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x14f602, 0x0) r0 = open(0x0, 0x105040, 0x0) open_by_handle_at$auto(r0, &(0x7f0000000500)={0x3, 0xfe, "010000"}, 0xffffffff) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) madvise$auto(0x0, 0x454, 0x9) r1 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, 0x0, 0x101000, 0x0) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmmsg$auto(r1, &(0x7f0000000300)={{&(0x7f0000000340)="c333d6a034037879a947cadbd4bb273b9eacac7287fc2fa7d04fd14cf1ed40254baa8ed312dc45d54e08617fbe5a0e627eb8a17fcd23b990dd3258653b87cd998db3053a68dfa024fcfb11fbba6fe3be6ff892c9523d10bb4e87780053ba5c3b8c8adb4d467600bec6fdc9b64fa5650f10fda4c41564a69b796ef75cb529aef701f50246daf994a8923ae368da5ebc829d7c254901f2e97a7383fe3f3b4c9e8aa0b4e48897f9b83524947447649ea6145de6706afd3aed", 0x0, &(0x7f00000002c0)={&(0x7f0000000540)="ad36b3e3288d4a5aa0f5167f974306c06ba73c5d26364fb262f108045bd15d82ce3625aaa12c00478723e5196d3a5c5fccd32d68aaa577207ea63a1cacf237f1509186b20b926214a7a5059cf45d833d4cbaa53b64aa55e63e4064d33a932919018fbf6d65f11c303b2088959ab600f43b3980e40324c69be3c1e5b81788bac2d62745745630ad6bc5fdd61e54b7966af7dbc99ad791e288d60ab5ab73149c7e21e989a140edd18bca5fffa4b50b761410d2c4b481283e35cad38faf79cf85a1349128f785ca953dbd67426f16a83b18ad005f26452d47bf5215f68f8dc6671cc331d5d601d1f69b88e2026f57d3d86663dc583858af80034b1041d00b485257e639d5a4ecf9cacea25b38062b9171fa2ad189109a181739cbae0c9c6d9c57c9d22576d2333301e3aa079248a4482834346e33aa82a45948fd198931219f0a376aca27758300a64f5aa2062cb8bf38a69a69cf06594999604c41a3f39fe001e66c2aba1584b53e7c6f8070d75e02cabc8300579652e871e8f347978a249eba1602318af285d7a7a557713c1d752ac3cac5c4b4805de17972d71231aa73bc8462f0b94a41e03c18c9fd36f775181cd7cf54c11d8d1ab9971955a533bbccf1aa22c18359c1e328f98e0717c47df09e1a302f08a4053d5a189d9e3c269d7e7907f3b92cce82dfd60a7a17b8517e5c26541b22fd9ab47626cef1ad839d72531643d0f82c2f954814fe087c4c64fc2d47d4dd32347f4ba4aac0c89859aadd6c3aa16f9eeee6edb7359286e22863364b659e4ccb19ff7067dbc63bc612e2f00526e6a4597e6f2594fd17dd463c55d5d0ab40be1cf361202eb8241b460036f429b24ae5dd4d4df794a3a4395662c13a37a6a16d8da888e14bd467a16d7884cca8bb8499f3a8aaf8c2532ff80cd86004c480fd87e92f9a3497fdf7264c918ee80fac1c135b4b77c012bff52018dcaf2607f7fad11d95f4afeb36225709620a32094236d95f142e837e36e9d239dd3bcd71cce5e55c41675de5aac3dd50ecd0db05aa61f157747dfa35eac5de9a755b7b5414e3fecf82c7a514c25ee185cc63c493f8a47604ab9fdaa248b19850ad28537dc92b54a3bde0b0be874ac9db0cfcddccb2e8096f5b2b051639e87e2fdac8c186a7524e70fe152b1bfef4e59bd9b7f0fdb282627da0ef01425d774f1ec9823ac4de8d4981b2b7c8d5140063ed880c611d220327f7f1974e1af886c7767e0661869aac74b6665de710abdd70e762ff2fd78e6f7392047bbc144cb711a800c02914d1f0b90726532d9d1c9b2c12950a81a4ceb8685110a41e343e4c52c852bd46a84753b77d2a52d00aac204262bbd04f0609dd66fcd8aa796429b292d779396834d3ffb9d9b7aa816bef1fdc1ad1685f6c2ce3e717e634ed358d501b4e8c0a4506c97426b60cf4dadbaf5d9cf1cc20cf37d977d4b71ac3a7e22c8c5c187c427ce16bc8f9372138b9943961063d8368f54428ececd7fd7ec4d8b71551e09f89ec7be6e217121360695f2ed787ba5677473a8d9a0c7a3e80f50226790c9ded57141751cda46018556627104e24d3bc3bd55008af8575b04700dcd31d7db051853aa8f200355b773d3bf8dac01e20215c739b27094a639d54151da231bf984b984a9476db3b8d9275e297db887e248bf1c64ffa754a37764be72ab4f9e268686bdb2de48dd45bb331d2d659599253fe47e7f8f22c3004ca22e673aee676a523f607f5a7766a0e85b9f64eccca200a5c45e224b96cf26283af6dd59be82bb57ad52ce069b3cd16b11bcbea2db39cacdd7419f223dcd0722dcd079ad1d07579a0f228c631ab9469acc9afdd058496be22af4bbe1844280e66a5b7f07d0c9be47951d9c12a0d492e3e5a646f9b94663eb07b8f96dcd83a8c8f0d9654250d72fd16d2cc5b1e8c6a8e41e495b76007fed901b2eb0dbcc7d150fff3f7aed8a89fd1fb0fb99e7b5c524356600587269cf889ac2e51ec90fc6f90877c5475e159f0f9e9e3e21aee75794878c96f141287cd99503b95fd16d859dc7c93b73f0f2aa747a6c5b5a4dc43f7fcef3e21fc2a17e66a75c989fd300c84c6f3014bcb5d20d0105a60cd81a566e39662b23392511fced9a452ce96651b096f8a42ce4305de7320cb855ab315727418b6b04d8a70c7fac1c0fc79fb98d104debbcf4f09367f7cee6a231c6145da5afbc4fed8b4ba13333149eff931a397a86d14262ed890975b10f88be41fbdd21ddfb9e810a7105a266c4cd8bd05a5112530622c8ff1bfb6e3f248f682580b038f478069e945b1c1fe3e1de509a6d2f2448452e9c6c244bd207b1b7d9456d5b6fff389b987310fdfe6223af154e18b683450c21b38bd9d787d981398aa38cfa80e82f0f1db824d68144771301e70b5faf0b8c96dcb958d1e25bbf16453e7cabb387131e3bac88e33fd63837c16be5462b8a744ef1bf519a8c837f0af717cfe6668fc032efa268b7c40f16ccdfbf48befc980ea77d0d5c311b71972efe74471a0a99be46cdaa9cb8402ff1191d454295faaea649dda01835230622c9b295e896c2db80f8ea6a963c8d37b36511c0f8e76de251eab71879a30b8562751e5a1a80ea62e270b74faa3b0a2b756dab09d8caf35a18f26bdac8f3c10a14179b926b97228d64b2e16bca45c63c06762e9a535dc75bc148804bb16263b9f3146ab3b52675cf14e01c7cc46da7b432a673bad9afec4659840aa043eaac45f7413b27fefd49673aa268ad45203b72d14a22f871009349e9087450190bf652a193e8b3cfd1f88329d5f252c9d8bf8266ddc7110af9c0b3864299193712d05f9733c1b911aa7a60f084a76429212327466419c02796df6ef7857a4db7f7c762ad54fe7ea6a05384249598be25d91aa075507ecfe1dcb7c252e9cabe9d473cba9c4c736b197205b99298599051969bda52bb699596b0e3320b95a5904c933d92ddb03d3c175710c41d8513dc3a6680a5da9f5e84abdb17d3070f54e7ad817d16d3db08ec51000c8eb52dcb02e738afdd19dbb7552f8be50e4a69b384c3c204bcee384c32f7f8fd73abaec3cbfcf4957848f2b784fd3fad571177cd95763a2ea73ce0e86f87fb8dd7d4ea9e8ba5f65161038311958901404f89f3a17498b35f6ff2496fb3a8aa051b50879ccf6c28efd831023e45e2f41a4db1b642169e9bd0614a3023247c6ae9094f2ec5ba07357503feac81ea6f94ff7682a410714ba0fab450c107a6baa87f0e7e054daf14493c3e75af3c09de45bbd02af15ef1901834c9b6ca9efb6b9563cae08e964391dd2d74e25da858b1450c89f88457bb3aee1a1ae559d3297bfd30a374fb381e5800a2546fad7f85eb03ff2f7b9a82701d45e827c4c913a5aea664d629d4a9f1afedb16e3ff1204b724bbeb2c882dde3481a3ec2a6cc61afebf26765f724d449b150f9b811f009351a55eb5f5e62c73d7f088a07fd674cc205d7a28fc7c8c777d08055a404e7fab12a8b45a6ca40b5578f76f06588af158d2cab9eb4f27b5f7bca5eff55d610d3b3017005c653d0c35e31dfe2d2fc9bb5e36c68b32f2dce33068446500307bdfafcd458b1428d59df0994b37b7c4539d470d7a90c2a28eb4165918723dbfe83b978b75df26806e25556bb0a9bedc25e630bdbd6d8d5b61d5418ca4f9a9ba77ddb99f53c48fa1d79a7cd56722cb4a8b416ca032ba60d0e9ff870dc5e05607eff19fab05b6c2838ff48f0162f734fa96e2c16363e9813c51458a84927e66d784388f5825678c7bfe4833748dca84daaa36c39cd7805415b22233f79e3e4918e00620850cf24630bacc510dceef3c7785f2c109c3b29f8d4723ef1a40fae54a75bebe8ad2dbab99f1cb064f94d97397f1dc44bb13709fac495539c902f440a314ff4351911a9d92ea5f0234ddf0bdd9e1253cbac0ee3b17527acb042c7582bc5a420b32319bfd4a6fb63b930a2ed9cf3f01d82e86230962d2bd5850fe6148eff56cf5d8227f8962dda6fea28e0e716155e376222bc6942efa3b1c18f9ae2dceff0a445fff6148a8bf833e2a49ab0e4dbdaa257f4de358818d333af02db762b613a9e866ef2a238a11f114421d712562186a5c4a33f59ea3d769e5d39425de8fed567fa5be21eb3151405e8b08df19d28173ef48ae62159564638250466418aab52fc1d8eda020dd5a2dd5e1d93fed9eb6139ee058172996e43cb2d218f335374e7e517248b5a958356e24c378c27632dbb018a9f01f3d48e391e5042baabc72a9f5946976fe9d28da2789ba6def1fad6a2efe0277087a10df2ffa18437972ddd97576e11876e42144c652bc8ccdf55931276268ac5a9779d6e6334399646f274eea1480e3e090ad6e28364fc004bad3e14d3fbf920dcfb018d463a491846cd36f91148d23872cd23a2f1e3a1627ddf78a5e410beb3254248cefeb83904adc892c6c776b0b620b2e1e7ecc8528e47bb5535ab763f6b2ccb23f284a2cb45a300d9eaff5d22959750dc92dd4967d530204751d143c124b7c4d0693cc0385b29a91b03a12420c3d03ed2fe138e97311afa3eb21d0f3924d7009dde13a9bc12f47dd8f56bea3961b9ab88a733d14ca4ceecc190fe1b45bcaf1fa9dc0f3b742de9afa6a6a083e117d9b3c90170573cfaf8467a86d926ce9cb134f4a0d1f28f9b60800b38bb40bf4be3834dc313cc80780f0f7cf9b7e3a93b8032b4533e092b672176a18f0b1354457f38944dd36c71d0cfb600493a627f1838dd903a8f2384400a8ced3259ed1da2fa0b90f1a0840954f5e4ef9ab4bd57c5e9f7e4d06344bb099e43839959073a6e87cc4dac783f5b1691a1b8b059bfe8e14c5deec77cecbe771d470224933d9e28014aa583dcad93b26bc86f015d22098be877048e645ce45aa21010fba7d139e5bf43cd044be16ae93ff573bd5ba602565bf91206ad266a0d5c7c24dd488bf1eb5d782fbf124580ce6925f47eca0f19835bf71227046d239a8dbdb2399b59fd647fb433afb4cfb975bb01b6e5ab2b7a02712ff9f13684bd7e75a3a9769457f0c09a96d7c20eef867e655be13526b0d221e541c708e0455bc3db83f75210dc7ef3d11399a6af758552da4f31b319aa254819fd71a2ae16171d97ea55699fc1d258fab67008d635f2863ae13fdd12716d9543f80e909324cb9072c38c36f8d644b6180e3459fc2c019a5f2155f9cfe3ccd3d6153ab0d0a1d5a219069069f867ede1ec2340722c68ed0a144b5be6209c5e7b1302d7ebbe25c5ea7fa2b1705a3f5a8c490c2a067215cf623a2ab6050c56845f27f802bbcc84e608b1d2cc4b340c5c33193de0fedf0fa4a1b8b1b1d04377f72eb6716aa461ed8b23df4310f3cbec94b0e42889ef606c4253bad51f937d5c8eb539501d607ffd2ad31ec6055819cbff5a41442e1d8fcdb5d878b465b675dd8cc7d13874fb7bcaf28afc4e514d1f50229bdd6de90aea2cea1aa09d14f57d56991e137aef98d213936ef270f5d236fab1fefbe30ee209db111f6402712e805e6e939def57420b55c163063629fb1dd1cd411891cb125d23acdaafffcd342aa211c4f8dc5172531793331100b0611d14294c1c7a630e1d52729568295fcadc777026bf8c5dcf95a0a8f797018da5d33e4f4876b3f4787fc77abbcf5f3d663da20534743dec9d4b3d1f5da5bdb41f0c36c50c2b65a47afb179b77ba7a8315fb1cfd989108055deb8d76c1e8cae6550dd19ff8795c054752059fe6ec3e546e15c5787d27f8b6fe4c54b6f463dbc0b774a7323df8f6646951dad65ad88283610e1c125b43535acb43e9db12549d81ae4277b8ea3ff", 0x1}, 0xff, &(0x7f0000001540)="37e82ef84ed680dc777d862c6a04f7acb18d2572aa4688b895e70b956910db0fd231ef5d44576b75986c30d790576812ef93a75b1663191d436cee76b40abe003a282efaaab67a8e7785e9751de009995e2d88272f0e7e86a6d7242c3ca0b326c33499e1d012434701a8fbd92ef8cbed07add3f9533f59826d3d8c6dea02730c39340754497ad4b67fd8f5b96263c72581d32a897d8c95cd77e8f0bb773f2d91aab215616852cc0c9b48e4ae48b8de8fee9bbd17a21b6d8879b0d44a106e15c4ca2fb4137c36d17e00f89adaeae9d7041c18951ff39040bb6f11f29d0dd1df9066a360bb220ee37e3983da4cdb77d5a5f3b99345229cae89b83d4067dc51639966f5baaa55974cc2068bec1f47917e0e9d7971cdef559ba51725ce806440cde2ff468ffc7aa91836ea8248611705cfd0b4e774d1364032c8fc24b28c3fee2f348f031af613d21341cd07510348aa0de8bd1107bea84d851c38815738ccf34a9b7b96dc82b55048b576cee68150ab4cd215816587016ec3553e42cf0dc234dfb526e5a34719099c6fb3d1a02c1fc71f471ec251b97a1bb5a1607ed4c8fb0c84e4750e9941afaf05c8fe88f3f6cd4881c252715846433d79f5621edde05b0f30e0fbe6619a10fd26fd02eac8aea744530a4b356ffc9b78ae7c3bf6eb703dc4092a4b60f65ef3a6623696caec338ed13d30531dfda76ad4889af9e02b0cac8c47ae2e0339e824db741aa745eba6b7ba6a6220fbb60e1f75f04a31c9703200a3e806e11d04e1b2b4a10aeb55e1daf7aeb4f1c28fadd59198577ee372aa7e71f8c7f584ea1c208574dee4ed46fccc71666abdd88f12936a239baafcdc1324b80b3944d0ec0955952929fd9abeadc23dc3a0fb29a00987c83d09de9c82644f912bbb1e0405dfa9df6de35cc16f1a60652a46ce48cd41b9ab3226e0dba2485437dec75a704cbdfb6ff5a92c274af4f2a905a6e312fe36c8502d35ac9f22b42f97806f45f6ec53295887857a9e5df70cd927fc378ecfe0b5da6980943b8f57b2b11a508c3f538ab8776f2e2d5430af4ed405ea8bfe76e974ea8874d91f86866472bb62e7e2687e66f936e024e2dd8e74c48a1c354aec1adb049264edcb7b8ffb15cd7e3591d50f3245f0f3f143cba45b1cd8a8051f763cf871f270101bdef2efabd73f1a94224acfe474169101bebf85f5469ebaae18303fbd34fd97212eadd91ed4ffd1b39239672ab6e5a135e9fb5ab5361ad6bd42baf8aa30ce4122683e12020aa59f42b89c8331e074f360e4e37b5561fb6f0678d715e91136df8073fc594e945ed6d263c4558cbe74f3e82da590ff44c6856b770a6649f511e2ae7e83c0e5f3a12179ef80eb1999e3ac7a85a304dbe45385c75b7454971bdcc3bd6d6bb941b8dc231d3116f9be76d93365dbbb767ad0626f4f900c04d32c108fac29f9ab5b59ea609a98b89923ef507262137d53adf37db5583bafc2a3732b4342c0beea83f46b181cac862bd82a8f66d8942a373f68d8ca6b00d1aaabf36d2fe82f3ce21f2602f36516d4309fd32906db081180c0e807923892cab4a36d0f10722dca6c123cf5cdbee700541b314fa5dc0cd56593883620cd6aa158dc1b01176ba51bfcfe9e3dfbf3c2236cad4b3aba96044336c1b7fc682fef8e2d1b895e58660b6355741c56805922995c8ac8f524257c406dbfb9523665e4f62f78286870d0fb515d9b3888977174cc9f8f72f3aca05c40c08485eecac28276492923787f2fded535309602588aa60453c27b779e32d7ced0e3888724f15eebc22be557b5d5ad30f255422ad2bb0c8c7cf97d5937daa01ba2b1023cfc5ed06008c7599bf094174315d41c3873a1ab64074929eecaa039cd9711802bf9e7fc61609558bfcaf52f47db5290f4181df5b9491ada21c15f977e10e80ab101694f8abeb913ad488d616c833c22d0e9fbb6f8c4ea8491f2ee01a18ef72e7240b9d9c305e67f1f1b216b07ea3312bec8f6dc9de649d00c45e2100038d4a6a35d7130ba955f1e5c569888f4ee0d00d2918b79be72a2321a60162691599c12d705988a625691885f1653d2565e41bf8a05c89e4c21e65eca9d59cb560794b50e46da2b6d77d05db31614df6e43cb2a2530825e05a82a9e17d964125a2b972b0609d161bcee64f85af8122e301d64415e5987b5b47780a0d93fe37a3e2f361bc7954ac673d5720b5f07b65d6100955224b6ecdebc7aa2aa051676371c1ef927a1ffcf1500fc2326ecab380cf20f50eea3482bfef520d76e8c24a5b1a6c1abb40043a82af98d752a69ceea5843da6ad26a4c9922e9adae0a85105b0bb51977b9d82924aa799c3816c7d3b3aceb258262468eec40049b3076e6f7af4ca247520bdd29c9c88748dab6fff4751ef3205ed7990973466059698925375ea909b4d614930a23552d62dfb1428c8de092a39692df96ec99de7d88e02e3b222838e9e777e057706af7293ce875354375c754a5d2b10209fd981bc30b18491b57162ffac8925420118c213189f67de4c768ce47eeab602c6bbe47b65a1c8075529cf0d6b778c33e7ee52ca0e811a93b34d8da67bfb3380a1766034765b70064f61ee586841de6386228e59d1a2a34f54c6d4cb5fc802ba6d468c3779bc51f8206dcd697d71294a716c021052f2461d2d5a3fb03d687bb5035a6f30acf62446f05fbf4dca7cfc91cfa2ab0064afa19279f208935b02d79d489b2c3c626e0680d8043fda6ad5c2e8b4ea19af4ef40db27f627f4d84723fb1f8211a123fc775f8cf32fdb2b10d90359fd04196c16d1b299cb2d45d7a7fe8fc11c1a18e771a3308d2f6f89d208d2996fb09ec5fca8fb4fa62a126bfba640d6330d5040fa492d584644ae9cfa482f2232c393f83a1f61b0d20f462330cc591dcede832f534be90da4752005e01ff343ea8ec150d015706f53cbb1ddaf60bd40628b9fcb8b6a866a75913b6d9076068d64788e3661fb7bcce0d23aea0fabb5a0453e0b5284b4f38e474f770577bb05518d63c2cdbbd293d74eb3234117f5319a4a5b8e40c1de6e07dc1005da17cb6cd182c30a18fe69d718a1d0069047015dbba8d975cd5a0c60715143bd19b1d6b0fc8fd586d5eab2d11874009093eb49f6872c816e79098014e58cceb8d3a9d88acc25180f87cc8dca62b8d0ce9aad965c732542abb224f1272dbd4ee4a5feafd022393ab9522eaf4456dc7954f1ec1997bfd9744bcf3be39fab9b49726576d9cf099ebb562bf7fa3ea37739650c739451a268931dfc815f56c059dbc31d38c3d77c73fb4163e095d876ee3619b697c0b6e0dcc90b4a30fe5093988bb4995590b72daa59b4dcb4019fcae03de5e13f41790f8afd94524179449624f60135b2a200d5b1d2603cdb7a32d756b01dbff3231b31bd4caa7927d852082aeaa3faf88fb96f1930882e29d288aa3cb4ea6c9aca0476e9e8c7527eb56a3b0fc0b68c1565e7961ed0bf13e7844155bdbf8f7216310256d0f798fd71afd2541e51d6276bfede9d9eeca273a82de1e7bb30cabca93194db01cc0b1a562fd13968b3c5aa417c5f796e50f2b2fd1f0b4eccded71a552c28a5acecfd7f790e1852d72077fa9f4947220d7b0e40be7bbec7a2c33e4bac9ad4ee8baf5d79276f59ca97a614901d4c97aaa06dad8a135311ef8b87209ac4365298998e1429d484c665a65dc0ebbf6a5a25907b8e08f22c4ef7beaaf6b03f9566eb3afb9aae25e259e60e8ed9df296f64abd31ef5ce71a22917a66a1a31020bc0ceb43501b387c587d64d76b5fedee76706bf7e9d7b8e9848a5d3dcc7535ab5d01bfbb9fc1398b03dfd3c78227ae3a05869ef771e284df9814a0e4aaac638ca052dd4292343c8db1389a534c4072e1b8390ba93c454d0058620074292ee1d9c9929f92d2d64521734bef7c00be1871603169f0be409832e47720a6e440dac9e380752e31e4cbe5d905c918af789f10529b87a32c2e7324b278d5267b3624496d073a37bf418c0d3614b955b96e8233767f9079b372906f1d1129b6540c22779bfbdec4b20d17c3a81cf3e702c1e4a94598cd252e142d819dba2dffa4fac045629339adc4acaeb92d8e94131106d890f9e05a7902791a86385d01f739b4d737b11cd3ff01a772dc86383f2698753f5d98833caf698e249603b760d672d4cbf94c844cfcbc9ce79df2ce03188751de312e37b75af95b014387a1e3b215961bc5cafe36683c960a19290a541107f5d6839a0b6ff3565febdfbb36939c3f3b72b4a4d40dd640cec2d220db10bab3c8b7ed60cb359825b5737dbc17173e22da5ac8c8cecff665e63bfee6a5732c0fb5a72943456d811f605d100b34d1b21fd0ebbf45cfaaf13303397049f45de288f1e6123346f6046ef9c45a2ba1d7b5f174019b71268c513b58e58d72b39c66010823f87f22e0edefe1df087884ead168b814a73390679d0d15a51f06bb3c256f5eff54b7837afa91c0946aa597aad7f7cbc085efe2ab504094e00022e1c773304b89a0b26b23aed7b2dca3fb8ef0a12044b8a487121c2de1f6d660fc5e2d3cd52ecb619ba59bf5ed4bbfac7d7ea8b2739b5b24afd1e770f5ebb926e1e88ad140182d0200882015c513b03caa9370f5b418168280754eb01e8edc445d100dfeec1d29f92500dbf7adf9b8475c8e18dd2ff97414ff2076c5595f40775d9fde9955d104504f57c641e8eac5d403878a1dd86342477c10980fb54bfe1e4895882e0292b293f84168d746800381e25a7887117acbbfb4c2e9c8dab42b37a60b2dd86419f561cceb274aa1d39bca04a35a80b6dbc20778e45112c2bbc7b81e41ad8a59f7c87732bb4383bb803a5787dbe1a76b83a85c6bf1cb2a3c1dddda7f6eed544679ff46f5705c6ec2d1040d215c981b7f52c325ac912fe5bbef7684b0ef66037304fe0e4d44374a321f78741b2a4dc237a5743e04d55350a28c04ed3b1191c9b95c3c4514fa4ae9ea0071f183e3dfc486275fee2ed47731bd37f03664e9ba197af375af15cd24a84e3314dffbbde680d3b816767d61fd88948597bb056fa6a03f0e3a924ca67b70206aa2d8194141f42f7196cf5e75c002e7e2f3eeee67a88203aef6dc42ec13ee6fa12ba944dc21b75985475777f627b9a60952346cf3053c5fc9583c7aea6b0f8e4e31d74ebd3950a2cee2be308ce18d20ddc2726f87cf5a465df5055ce66570832fcbd2ece003cd5b35a70e36ddbc8686e4f0845be5be6aa951a5dba361f63a23f077f98c4724eed84815707d71d197c7a86e76b0bdb2a913a34b32588d8f1fc78af7ff199bc0cebb87bc21aea4d1446fd72e8f2f474fad2126fa3bc17fcfe52146e6aa74d5e9998589d21c27c04a9b8eca1094e34b5710001fc8124952834ef499ebebb5658aea6e2397fcc131eb06af2494113e18facbaf9f29a22c1967ead454320539be121a3b9a22da743427615bd98184b0a412921c5c83a7478e8b8516981fae825f5d6caa2a31875191ac327d4be578b952db1dd4837e7c5843fdd5b35e40bec285d03525c3ee475cf1bfb45edec58f672d568f21b71f221606ceca77e6b1d609f995a7cd88957125f4e62abc713e0468750e06500dd99f5f9fb4f3169a76d2ded46cdfe575016aae8d3ad0ee4f381df4aa2f88f8ddb9d26b94cc836b5362731a0b4e6974e5bac426a99051db8f330630b7262ac6740efedce2289cc4aa3ea65b00febb30d983662d8caa0c02ff215609623a301384c0c78c842f1d6c82d731e17b66d672d33564b379383f3e6b1e9cdb2b690def5c31d540f87c1d261798bf3b8beb226123cd2e877f6", 0xe3ab, 0x80000000}, 0xc}, 0x1, 0x9) r2 = socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) ioctl$auto(0x3, 0x800005411, 0x38) r3 = socketpair$auto(0x1e, 0x40004, 0x8000000000000000, 0x0) sendmsg$auto_NL80211_CMD_FRAME(r3, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="e4000000", @ANYRES16=0x0, @ANYBLOB="000826bd7000fcdbdf253b00000005008900ff000000050060000c0000000500e4008300000099001a007ff66a78b9c703d5099d03bb622fc8a023d9a74e33d79db824c13cd28f27d861f3f5a81f067d751ce4c56033ee57bc9789d88c4391cffbb3cd4684f01b540011997de7416097a273ff9f24525db6f08aef710d1686ed0513c212b9cf95d50ccb93f7a4a0409fec57d6b2a0fd84d8032d47b592654c0732d0da0bfd53481a5501d83a2460f19b12456fa8183d80a63e07fd379afeee000000080018006f4950940800db00", @ANYRES32=r2, @ANYBLOB="0500c20004e3ffff03001e01"], 0xe4}, 0x1, 0x0, 0x0, 0x20044880}, 0x98) getsockopt$auto(0x4, 0x6, 0x1f, 0xfffffffffffffffc, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r4 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0xd}}, 0x6a) sendmmsg$auto(r4, &(0x7f0000001300)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0xfffd}, 0x5, 0x20000000) socket(0xa, 0x801, 0x84) socket$nl_generic(0x10, 0x3, 0x10) newfstatat$auto(0xffffffffffffffff, 0x0, 0x0, 0x1000) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) write$auto(0x3, 0x0, 0xfffffdef) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) semctl$auto(0x9, 0x2, 0xf, 0x2) mmap$auto(0x7ffffffd, 0x400004, 0x6, 0x9b72, 0xffffffffffffffff, 0x5) openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x102, 0x0) 568.276346ms ago: executing program 1 (id=1050): close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0x8) setsockopt$auto(0x3, 0x10000000084, 0x80, 0x0, 0x8) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) (fail_nth: 18) 559.540678ms ago: executing program 0 (id=1051): sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f0026bd7000fcdbdf9907"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='V'], 0x1ac}}, 0x40000) r0 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0xffff0000, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000002c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 161.260564ms ago: executing program 3 (id=1052): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x2, 0x2, 0x1) (async) r0 = socket(0x2, 0x2, 0x1) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) futex$auto(0x0, 0x8, 0x8243, 0x0, 0x0, 0x4) close_range$auto(0x2, 0x8, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0xc0202, 0x0) (async) openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0xc0202, 0x0) open(0x0, 0x22240, 0x55) openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000180), 0x101002, 0x0) io_uring_setup$auto(0x6, 0x0) write$auto(0x3, 0x0, 0xffd8) dup3$auto(r0, r0, 0x7814) io_uring_setup$auto(0x6, 0x0) sendto$auto(r0, 0x0, 0xb, 0xf1a, &(0x7f0000000000)=@in={0x2, 0x0, @empty}, 0x1c) (async) sendto$auto(r0, 0x0, 0xb, 0xf1a, &(0x7f0000000000)=@in={0x2, 0x0, @empty}, 0x1c) 134.995605ms ago: executing program 0 (id=1053): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = io_uring_setup$auto(0x6, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="72010000", @ANYBLOB="120027", @ANYBLOB="5de1523353782950330a"], 0x1ac}}, 0x40000) ioctl$auto_SNDRV_PCM_IOCTL_REWIND(r0, 0x40084146, &(0x7f0000000000)=0x3) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x4, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x4000) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0xf7}, 0x7) r1 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0) r2 = openat$auto_iommufd_fops_main(0xffffffffffffff9c, 0x0, 0x80001, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x3b72, 0x0) unshare$auto(0x40000080) sysinfo$auto(0x0) unshare$auto(0x1) socket(0x2, 0x1, 0x0) bind$auto(0x3, 0x0, 0x6a) openat$nci(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x4601, 0x0) 115.817645ms ago: executing program 2 (id=1054): r0 = socket(0x2, 0x801, 0x100) connect$auto(0x3, &(0x7f00000000c0), 0x55) connect$auto(0x3, &(0x7f00000000c0), 0x55) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r2 = prctl$auto_PR_GET_TSC(0x19, 0xfff, 0x0, 0x0, 0x10000) read$auto_proc_mountinfo_operations_mnt_namespace(r2, &(0x7f0000000280)=""/28, 0x1c) socket(0x11, 0x3, 0x9) r3 = prctl$auto_PR_SET_MM_START_BRK(0x90e6, 0x6, 0x0, 0x8, 0x9) syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000040), r3) r4 = syz_genetlink_get_family_id$auto_hsr(&(0x7f0000000140), r0) mmap$auto(0x0, 0x20009, 0x20000000000000e2, 0xeb1, 0x405, 0x8000) r5 = openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/mixer\x00', 0x40000, 0x0) ioctl$auto_SOUND_MIXER_WRITE_RECSRC(r5, 0xc0044dff, 0x0) sendmsg$auto_HSR_C_GET_NODE_STATUS(r0, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="000126bd7000fbdbdf250300000008000400000000000a000100aaaa63af08b29e2d9dceaf19f47baaaaaaaa00000a0005000180c2000000000006000700000000000a000100bbbbbbbbbbbb0000060006000400000008000200", @ANYRES32=r1, @ANYBLOB="08000400050000000a000500bbbbbbbbbbbb0000"], 0x6c}, 0x1, 0x0, 0x0, 0x800}, 0x40) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) r6 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000040), 0x8300, 0x0) mmap$auto(0xffffdffffffffffd, 0x20009, 0x4000000000df, 0xeb1, 0x3fd, 0x8000) r7 = socket(0x2, 0x1, 0x100) sysfs$auto(0x2, 0x4, 0x0) getsockopt$auto(r7, 0x0, 0x42, 0x0, &(0x7f00000000c0)=0x1e) ioctl$auto_RTC_PIE_ON(r6, 0x7005, 0x0) r8 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) r9 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) socket(0x2000000000000021, 0x2, 0x10000000000002) socket(0x6, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000000)=@in={0x2, 0x0, @loopback}, 0x68) sendmsg$auto_HWSIM_CMD_FRAME(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x20004000}, 0x0) creat$auto(&(0x7f0000000180)='./file0\x00', 0x4) ioctl$auto_IOCTL_VMCI_VERSION2(r8, 0x7a7, 0x0) 183.976µs ago: executing program 1 (id=1055): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) memfd_create$auto(0x0, 0x4) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2a, 0x2, 0x6) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/mptcp/available_schedulers\x00', 0x80000, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x5, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/cpu/cpu1/cache/index2/size\x00', 0x180, 0x0) read$auto(r0, &(0x7f0000001080)='.&(]\x00', 0x6) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x3, 0x3a) eventfd$auto(0x3) socket(0xa, 0x5, 0x0) getcpu$auto(&(0x7f0000000200)=0x7, &(0x7f0000000280)=0xc, &(0x7f00000002c0)={[0x0, 0x5, 0x8, 0x3, 0x5, 0x1, 0x7, 0xffff, 0x9, 0x2, 0x2000000, 0xe, 0x5, 0x1, 0x9, 0xffff]}) r1 = socket(0xa, 0x2, 0x88) r2 = bpf$auto(0x0, &(0x7f0000000000)=@link_update={r1, @new_prog_fd=0x4, 0x4, @old_map_fd}, 0xa3) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) r5 = openat$auto_tracing_err_log_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/error_log\x00', 0x0, 0x0) shmctl$auto_SHM_UNLOCK(0x8, 0xc, &(0x7f0000000180)={{0x1, 0x0, 0xee00, 0xf, 0x40, 0x80, 0x100}, 0xa, 0x60d, 0x0, 0x2, @raw=0x5, @raw=0x3, 0x6, 0x0, &(0x7f00000000c0)="336d41655e49354a39c2fd4f71f2421b14166c2908", &(0x7f0000000100)="a17235a8c4963542bb6688b3d639b3534edc03cd34804c0ee7af4ecb3aa0f1273fd057eb30e5ae6288feaabad18e276ddab24ef6c93f482358f909de9fad5751f6d992656d9b9d42a3cafc6f1579471aed6a6de80994acd2561a9496686b27b1444f6e6f80c76f3a2b3d941f25cfd0cc2511aded17"}) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)={0x21c, r4, 0x1b, 0x70bd26, 0x25dfdbfd, {}, [@OVS_PACKET_ATTR_ACTIONS={0x200, 0x3, 0x0, 0x1, [@nested={0x1fc, 0x1, 0x0, 0x1, [@nested={0x1f5, 0x12d, 0x0, 0x1, [@typed={0x8, 0x128, 0x0, 0x0, @u32=0x4}, @generic="4e44c4ebb753fbf97977efefe239aa6cbd5f8a483d4832163af850a1b706ab743a10f674ad68cdf8459f76f8b1261e720e5f8e2a78b422d5f89a334f25580effb224df05074a045082b0d7746e86e8305c3e9fde4cb0110f22269a3204c5465636fbcbb7e100e1338dde237110bfab18fa920e86e026de906a136f0cb80d52699a5086a61acce058a062cd0fd89dad81f6", @generic="b006b100000000000000001100e1a1034039d73f4d0858760e287e65ba16275a975c2188c9547299ee754fdf70c28de13fa2c1d1e615a34b0775b7a43b02714d1794370e29d7bb35985f43beb0a265642020bf07d9cd7e175312527afd55377818bd02bc1fecef5a4ae829d0002ed29715852154bedcf954127c97db0fb568f9120b76ad29a91137be4ec6dde4da67afefcfc275a9fa21937058f5738ddc4583a53e424eadfc0206", @typed={0x8, 0x35, 0x0, 0x0, @fd=r5}, @nested={0xa5, 0x8a, 0x0, 0x1, [@generic="7897c7ca660c", @typed={0x4, 0x7b}, @generic="073dc8e8e4805d30b44c3466894fd34be815563254488b27ebb9b6e710fddc", @typed={0x76, 0xf1, 0x0, 0x0, @binary="67ab35ede9f24221fdc80dd31a37d3c1256b43654c3a3b85edbcac47d71a14432c0662ea40898e214313ed0218f47a1f36a442d15fb111fe40341b601829dc1642c2eb2a94efbed2538400819d9b1abc52df9fb7de60d64a2bc46918afa2fde42a5dbbca34c81f55e0b0dc3837c5acde968e"}]}]}]}]}, @OVS_PACKET_ATTR_ACTIONS={0x4}, @OVS_PACKET_ATTR_KEY={0x4}]}, 0x21c}, 0x1, 0x0, 0x0, 0x4004040}, 0x4000844) prctl$auto(0x39, 0xfffffffffffffff2, 0x0, 0x0, 0x0) write$auto_buffer_percent_fops_trace(r2, &(0x7f0000000000)="02fb441ef8235cd33e4266383d8d0d0ac5a58df5ab35be76d890c27c182903601af64d90c16b74eaa84e1ce5839ebb0a65a2a23945bc332bc14b6eda743a3f243a019a30387047907713c91ac4755b17afe4835d545aaa7e57debee79106", 0x5e) 0s ago: executing program 3 (id=1056): socketpair$auto(0x4, 0x757c, 0x10d77, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto_PR_SET_DUMPABLE(0x4, 0x1, 0xffffffffffffffff, 0x6, 0x10001) getpid() socket$nl_generic(0x10, 0x3, 0x10) openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000c40)='/sys/kernel/debug/bluetooth/hci0/force_devcoredump\x00', 0x2, 0x0) r0 = fanotify_init$auto(0x5, 0x0) fanotify_mark$auto(r0, 0x205, 0xa, 0x4, 0x0) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) madvise$auto(0x0, 0x101, 0x8) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) clone$auto(0x21, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6) getsockopt$auto(0xffffffffffffffff, 0x84, 0x1e, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mremap$auto(0x4000, 0xb8, 0x13fd4, 0x3, 0xfffff000) r1 = io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x4002, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0xa, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x6, 0x2000}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}}) mmap$auto(0x0, 0x200004, 0x4000000000df, 0x15, r1, 0x300000000000) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/neigh/ipvlan1/retrans_time\x00', 0x242, 0x0) sendfile$auto(r2, r2, 0x0, 0x200) mmap$auto(0xf000, 0x8, 0x1000000003, 0x9b72, 0x2, 0x8000) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) socketpair$auto(0x1d, 0x1004003, 0x0, 0x0) syz_open_procfs$namespace(0x0, 0x0) memfd_create$auto(&(0x7f0000000040)='A^^\x02\x00\xef\x97\x8aY\x00\x00\xd2\x8c\xb05\x03\\\xb2\xbf247{\xde\t8\f\x00\x00\v\x00\x82\xcc\"K\xe1IIT\x00'/54, 0x4) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x6b000000000000) finit_module$auto(0x3, 0xfffffffffffffffe, 0x400000000004) close_range$auto(0x2, 0x8, 0x0) kernel console output (not intermixed with test programs): yscall_64+0xcd/0x260 [ 208.601616][ T8343] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 208.601642][ T8343] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 208.601673][ T8343] ? __mutex_trylock_common+0xe9/0x250 [ 208.601714][ T8343] acpi_evaluate_integer+0xdd/0x200 [ 208.601738][ T8343] ? __pfx___might_resched+0x10/0x10 [ 208.601770][ T8343] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 208.601804][ T8343] ? kernfs_seq_start+0x4d/0x240 [ 208.601837][ T8343] ? __pfx_status_show+0x10/0x10 [ 208.601866][ T8343] status_show+0xa0/0x120 [ 208.601896][ T8343] ? __pfx_status_show+0x10/0x10 [ 208.601933][ T8343] dev_attr_show+0x53/0xe0 [ 208.601967][ T8343] ? __pfx_dev_attr_show+0x10/0x10 [ 208.601998][ T8343] sysfs_kf_seq_show+0x23e/0x410 [ 208.602037][ T8343] seq_read_iter+0x506/0x12b0 [ 208.602083][ T8343] kernfs_fop_read_iter+0x422/0x5a0 [ 208.602113][ T8343] ? rw_verify_area+0xcf/0x680 [ 208.602147][ T8343] vfs_read+0x8c8/0xc70 [ 208.602184][ T8343] ? __pfx___mutex_lock+0x10/0x10 [ 208.602215][ T8343] ? __pfx_vfs_read+0x10/0x10 [ 208.602265][ T8343] ksys_read+0x12a/0x240 [ 208.602298][ T8343] ? __pfx_ksys_read+0x10/0x10 [ 208.602331][ T8343] ? rcu_is_watching+0x12/0xc0 [ 208.602365][ T8343] do_syscall_64+0xcd/0x260 [ 208.602406][ T8343] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 208.602429][ T8343] RIP: 0033:0x7f310478d169 [ 208.602450][ T8343] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 208.602473][ T8343] RSP: 002b:00007f310553b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 208.602498][ T8343] RAX: ffffffffffffffda RBX: 00007f31049a5fa0 RCX: 00007f310478d169 [ 208.602515][ T8343] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000006 [ 208.602530][ T8343] RBP: 00007f310480e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 208.602545][ T8343] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 208.602560][ T8343] R13: 0000000000000000 R14: 00007f31049a5fa0 R15: 00007ffd8eebb6c8 [ 208.602589][ T8343] [ 208.602641][ T8343] ACPI Error: [ 208.607019][ T8312] vivid-003: RDS Music: [ 208.673300][ T8343] ffff8880603d2000 walk still has a scope list [ 208.848143][ T8312] false [ 208.856350][ T8343] (20240827/dswstate-694) [ 208.930456][ T8312] inactive [ 208.954076][ T8312] vivid-003: ================== END STATUS ================== [ 209.124823][ T8358] FAULT_INJECTION: forcing a failure. [ 209.124823][ T8358] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 209.175641][ T8358] CPU: 0 UID: 0 PID: 8358 Comm: syz.2.610 Not tainted 6.14.0-syzkaller-07318-g4fa118e5b79f #0 PREEMPT(full) [ 209.175688][ T8358] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 209.175705][ T8358] Call Trace: [ 209.175714][ T8358] [ 209.175725][ T8358] dump_stack_lvl+0x16c/0x1f0 [ 209.175769][ T8358] should_fail_ex+0x512/0x640 [ 209.175817][ T8358] should_fail_alloc_page+0xe7/0x130 [ 209.175851][ T8358] prepare_alloc_pages.constprop.0+0x172/0x570 [ 209.175898][ T8358] __alloc_frozen_pages_noprof+0x18f/0x24d0 [ 209.175928][ T8358] ? __kernel_text_address+0xd/0x40 [ 209.175961][ T8358] ? unwind_get_return_address+0x59/0xa0 [ 209.176000][ T8358] ? arch_stack_walk+0xa6/0x100 [ 209.176046][ T8358] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 209.176079][ T8358] ? __pfx_stack_trace_save+0x10/0x10 [ 209.176115][ T8358] ? stack_depot_save_flags+0x29/0x9c0 [ 209.176166][ T8358] ? kasan_save_stack+0x42/0x60 [ 209.176213][ T8358] ? __lock_acquire+0xaa4/0x1ba0 [ 209.176254][ T8358] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 209.176302][ T8358] ? policy_nodemask+0xea/0x4e0 [ 209.176336][ T8358] alloc_pages_mpol+0x1fb/0x540 [ 209.176429][ T8358] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 209.176458][ T8358] ? __page_table_check_ptes_set+0x16a/0x3e0 [ 209.176489][ T8358] ? do_raw_spin_lock+0x12c/0x2b0 [ 209.176519][ T8358] ? find_held_lock+0x2b/0x80 [ 209.176559][ T8358] alloc_pages_noprof+0x131/0x390 [ 209.176591][ T8358] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 209.176631][ T8358] get_free_pages_noprof+0xc/0x40 [ 209.176664][ T8358] kasan_populate_vmalloc_pte+0x2d/0x160 [ 209.176707][ T8358] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 209.176750][ T8358] __apply_to_page_range+0x5f9/0xd30 [ 209.176793][ T8358] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 209.176842][ T8358] ? __pfx___apply_to_page_range+0x10/0x10 [ 209.176884][ T8358] ? alloc_vmap_area+0x872/0x2970 [ 209.176926][ T8358] alloc_vmap_area+0x919/0x2970 [ 209.176973][ T8358] ? __pfx_alloc_vmap_area+0x10/0x10 [ 209.177017][ T8358] __get_vm_area_node+0x1a7/0x300 [ 209.177061][ T8358] __vmalloc_node_range_noprof+0x277/0x1540 [ 209.177104][ T8358] ? __snd_dma_alloc_pages+0x50/0x90 [ 209.177149][ T8358] ? __mutex_trylock_common+0xe9/0x250 [ 209.177222][ T8358] ? __snd_dma_alloc_pages+0x50/0x90 [ 209.177270][ T8358] ? do_alloc_pages+0xd7/0x280 [ 209.177312][ T8358] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 209.177366][ T8358] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 209.177410][ T8358] ? __snd_dma_alloc_pages+0x50/0x90 [ 209.177454][ T8358] vmalloc_noprof+0x6b/0x90 [ 209.177495][ T8358] ? __snd_dma_alloc_pages+0x50/0x90 [ 209.177539][ T8358] ? __pfx_snd_dma_vmalloc_alloc+0x10/0x10 [ 209.177584][ T8358] __snd_dma_alloc_pages+0x50/0x90 [ 209.177627][ T8358] snd_dma_alloc_dir_pages+0x151/0x240 [ 209.177674][ T8358] do_alloc_pages+0x115/0x280 [ 209.177719][ T8358] snd_pcm_lib_malloc_pages+0x3df/0x980 [ 209.177767][ T8358] snd_pcm_hw_params+0x15e1/0x1b40 [ 209.177816][ T8358] ? __pfx_snd_pcm_hw_params+0x10/0x10 [ 209.177860][ T8358] ? snd_pcm_hw_param_near.constprop.0+0x734/0x8e0 [ 209.177905][ T8358] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 209.177946][ T8358] ? __asan_memset+0x23/0x50 [ 209.177990][ T8358] snd_pcm_kernel_ioctl+0x147/0x2e0 [ 209.178027][ T8358] snd_pcm_oss_change_params_locked+0x1432/0x3b40 [ 209.178074][ T8358] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 209.178115][ T8358] ? __pfx___mutex_lock+0x10/0x10 [ 209.178162][ T8358] snd_pcm_oss_make_ready+0xe6/0x1b0 [ 209.178200][ T8358] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 209.178238][ T8358] snd_pcm_oss_sync+0x1de/0x840 [ 209.178278][ T8358] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 209.178316][ T8358] snd_pcm_oss_release+0x28b/0x310 [ 209.178366][ T8358] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 209.178405][ T8358] __fput+0x3ff/0xb70 [ 209.178445][ T8358] task_work_run+0x14d/0x240 [ 209.178479][ T8358] ? __pfx_task_work_run+0x10/0x10 [ 209.178511][ T8358] ? __pfx___do_sys_close_range+0x10/0x10 [ 209.178541][ T8358] ? rcu_is_watching+0x12/0xc0 [ 209.178579][ T8358] syscall_exit_to_user_mode+0x27b/0x2a0 [ 209.178614][ T8358] do_syscall_64+0xda/0x260 [ 209.178649][ T8358] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 209.178680][ T8358] RIP: 0033:0x7f95d1f8d169 [ 209.178705][ T8358] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 209.178735][ T8358] RSP: 002b:00007f95d2dde038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 209.178765][ T8358] RAX: 0000000000000000 RBX: 00007f95d21a5fa0 RCX: 00007f95d1f8d169 [ 209.178783][ T8358] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 209.178800][ T8358] RBP: 00007f95d200e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 209.178818][ T8358] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 209.178834][ T8358] R13: 0000000000000000 R14: 00007f95d21a5fa0 R15: 00007ffebe630018 [ 209.178866][ T8358] [ 209.741883][ T8358] syz.2.610: vmalloc error: size 2097152, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 209.768534][ T8358] CPU: 0 UID: 0 PID: 8358 Comm: syz.2.610 Not tainted 6.14.0-syzkaller-07318-g4fa118e5b79f #0 PREEMPT(full) [ 209.768586][ T8358] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 209.768602][ T8358] Call Trace: [ 209.768611][ T8358] [ 209.768621][ T8358] dump_stack_lvl+0x16c/0x1f0 [ 209.768659][ T8358] warn_alloc+0x248/0x3a0 [ 209.768685][ T8358] ? __pfx_warn_alloc+0x10/0x10 [ 209.768710][ T8358] ? kfree+0x2b6/0x4d0 [ 209.768750][ T8358] ? __get_vm_area_node+0x1e5/0x300 [ 209.768787][ T8358] __vmalloc_node_range_noprof+0xd31/0x1540 [ 209.768823][ T8358] ? __mutex_trylock_common+0xe9/0x250 [ 209.768873][ T8358] ? __snd_dma_alloc_pages+0x50/0x90 [ 209.768918][ T8358] ? do_alloc_pages+0xd7/0x280 [ 209.768957][ T8358] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 209.768998][ T8358] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 209.769038][ T8358] ? __snd_dma_alloc_pages+0x50/0x90 [ 209.769077][ T8358] vmalloc_noprof+0x6b/0x90 [ 209.769112][ T8358] ? __snd_dma_alloc_pages+0x50/0x90 [ 209.769147][ T8358] ? __pfx_snd_dma_vmalloc_alloc+0x10/0x10 [ 209.769188][ T8358] __snd_dma_alloc_pages+0x50/0x90 [ 209.769227][ T8358] snd_dma_alloc_dir_pages+0x151/0x240 [ 209.769271][ T8358] do_alloc_pages+0x115/0x280 [ 209.769309][ T8358] snd_pcm_lib_malloc_pages+0x3df/0x980 [ 209.769351][ T8358] snd_pcm_hw_params+0x15e1/0x1b40 [ 209.769398][ T8358] ? __pfx_snd_pcm_hw_params+0x10/0x10 [ 209.769440][ T8358] ? snd_pcm_hw_param_near.constprop.0+0x734/0x8e0 [ 209.769480][ T8358] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 209.769518][ T8358] ? __asan_memset+0x23/0x50 [ 209.769565][ T8358] snd_pcm_kernel_ioctl+0x147/0x2e0 [ 209.769604][ T8358] snd_pcm_oss_change_params_locked+0x1432/0x3b40 [ 209.769642][ T8358] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 209.769673][ T8358] ? __pfx___mutex_lock+0x10/0x10 [ 209.769716][ T8358] snd_pcm_oss_make_ready+0xe6/0x1b0 [ 209.769742][ T8358] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 209.769776][ T8358] snd_pcm_oss_sync+0x1de/0x840 [ 209.769814][ T8358] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 209.769847][ T8358] snd_pcm_oss_release+0x28b/0x310 [ 209.769881][ T8358] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 209.769916][ T8358] __fput+0x3ff/0xb70 [ 209.769953][ T8358] task_work_run+0x14d/0x240 [ 209.769984][ T8358] ? __pfx_task_work_run+0x10/0x10 [ 209.770011][ T8358] ? __pfx___do_sys_close_range+0x10/0x10 [ 209.770035][ T8358] ? rcu_is_watching+0x12/0xc0 [ 209.770070][ T8358] syscall_exit_to_user_mode+0x27b/0x2a0 [ 209.770105][ T8358] do_syscall_64+0xda/0x260 [ 209.770142][ T8358] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 209.770168][ T8358] RIP: 0033:0x7f95d1f8d169 [ 209.770191][ T8358] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 209.770215][ T8358] RSP: 002b:00007f95d2dde038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 209.770242][ T8358] RAX: 0000000000000000 RBX: 00007f95d21a5fa0 RCX: 00007f95d1f8d169 [ 209.770259][ T8358] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 209.770273][ T8358] RBP: 00007f95d200e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 209.770288][ T8358] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 209.770303][ T8358] R13: 0000000000000000 R14: 00007f95d21a5fa0 R15: 00007ffebe630018 [ 209.770332][ T8358] [ 209.770342][ T8358] Mem-Info: [ 209.976479][ T8361] random: crng reseeded on system resumption [ 210.125704][ T8358] active_anon:9577 inactive_anon:0 isolated_anon:0 [ 210.125704][ T8358] active_file:11101 inactive_file:48713 isolated_file:0 [ 210.125704][ T8358] unevictable:768 dirty:469 writeback:0 [ 210.125704][ T8358] slab_reclaimable:10446 slab_unreclaimable:95285 [ 210.125704][ T8358] mapped:27059 shmem:3639 pagetables:983 [ 210.125704][ T8358] sec_pagetables:0 bounce:0 [ 210.125704][ T8358] kernel_misc_reclaimable:0 [ 210.125704][ T8358] free:1326543 free_pcp:2549 free_cma:0 [ 210.171049][ C1] vkms_vblank_simulate: vblank timer overrun [ 210.268131][ T8358] Node 0 active_anon:39408kB inactive_anon:0kB active_file:44404kB inactive_file:194780kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:113296kB dirty:1876kB writeback:0kB shmem:13840kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:4096kB writeback_tmp:0kB kernel_stack:10920kB pagetables:3916kB sec_pagetables:0kB all_unreclaimable? no [ 210.338270][ T8358] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 210.385365][ T55] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 210.385415][ T55] Bluetooth: hci1: unexpected subevent 0x05 length: 725 > 12 [ 210.401318][ T8358] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 210.430759][ T8358] lowmem_reserve[]: 0 2484 2486 2486 2486 [ 210.436756][ T8358] Node 0 DMA32 free:1379852kB boost:0kB min:34108kB low:42632kB high:51156kB reserved_highatomic:0KB active_anon:36868kB inactive_anon:0kB active_file:44404kB inactive_file:192972kB unevictable:1536kB writepending:1876kB present:3129332kB managed:2544512kB mlocked:0kB bounce:0kB free_pcp:5856kB local_pcp:1160kB free_cma:0kB [ 210.467573][ C1] vkms_vblank_simulate: vblank timer overrun [ 210.473803][ T8358] lowmem_reserve[]: 0 0 1 1 1 [ 210.478812][ T8358] Node 0 Normal free:28kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1808kB unevictable:0kB writepending:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:8kB free_cma:0kB [ 210.506426][ C1] vkms_vblank_simulate: vblank timer overrun [ 210.611919][ T8358] lowmem_reserve[]: 0 0 0 0 0 [ 210.618219][ T8358] Node 1 Normal free:3911872kB boost:0kB min:55768kB low:69708kB high:83648kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:248kB local_pcp:248kB free_cma:0kB [ 210.720300][ T8358] lowmem_reserve[]: 0 0 0 0 0 [ 210.725691][ T8358] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 210.745376][ T8358] Node 0 DMA32: 168*4kB (UE) 188*8kB (UME) 73*16kB (UE) 414*32kB (UME) 619*64kB (UME) 338*128kB (UME) 189*256kB (UME) 92*512kB (UME) 46*1024kB (UM) 27*2048kB (UME) 264*4096kB (UM) = 1378704kB [ 210.779040][ T8358] Node 0 Normal: 1*4kB (M) 1*8kB (M) 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 28kB [ 210.833923][ T8358] Node 1 Normal: 173*4kB (UE) 57*8kB (UE) 41*16kB (UE) 216*32kB (UE) 98*64kB (UME) 26*128kB (UE) 15*256kB (UME) 7*512kB (UME) 5*1024kB (UME) 3*2048kB (UE) 946*4096kB (M) = 3911820kB [ 210.865339][ C1] vkms_vblank_simulate: vblank timer overrun [ 210.909963][ T8358] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 210.921034][ T8358] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 210.931739][ T8358] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 210.947323][ T8358] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 210.957565][ T8358] 65933 total pagecache pages [ 210.966613][ T8358] 0 pages in swap cache [ 210.972011][ T8358] Free swap = 124616kB [ 210.976217][ T8358] Total swap = 124996kB [ 210.984222][ T8358] 2097051 pages RAM [ 210.989775][ T8358] 0 pages HighMem/MovableOnly [ 210.994586][ T8358] 428817 pages reserved [ 211.003151][ T8358] 0 pages cma reserved [ 211.149563][ T8385] bond0: option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0) [ 211.558146][ T8388] sp0: Synchronizing with TNC [ 212.440634][ T55] Bluetooth: hci1: command 0x0406 tx timeout [ 213.960237][ T8401] vivid-003: ================= START STATUS ================= [ 213.997269][ T8401] vivid-003: Radio HW Seek Mode: Bounded [ 214.067046][ T8401] vivid-003: Radio Programmable HW Seek: false [ 214.071726][ T8454] netlink: 350 bytes leftover after parsing attributes in process `syz.0.630'. [ 214.120647][ T8401] vivid-003: RDS Rx I/O Mode: Block I/O [ 214.126349][ T8401] vivid-003: Generate RBDS Instead of RDS: false [ 214.227302][ T8401] vivid-003: RDS Reception: true [ 214.256129][ T8401] vivid-003: RDS Program Type: 0 inactive [ 214.295024][ T8401] vivid-003: RDS PS Name: inactive [ 214.359125][ T8401] vivid-003: RDS Radio Text: inactive [ 214.369250][ T8401] vivid-003: RDS Traffic Announcement: false inactive [ 214.390792][ T8401] vivid-003: RDS Traffic Program: false inactive [ 214.437027][ T8401] vivid-003: RDS Music: false inactive [ 214.472284][ T8401] vivid-003: ================== END STATUS ================== [ 215.026982][ T8478] kAFS: No cell specified [ 215.085183][ T8480] netlink: 4 bytes leftover after parsing attributes in process `syz.2.638'. [ 215.108438][ T30] audit: type=1800 audit(6038128478.474:7): pid=8480 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.638" name="version" dev="configfs" ino=20626 res=0 errno=0 [ 215.242192][ T8484] netlink: 342 bytes leftover after parsing attributes in process `syz.1.639'. [ 215.348840][ T8489] netlink: 294 bytes leftover after parsing attributes in process `syz.1.639'. [ 215.467931][ T8487] Invalid ELF header magic: != ELF [ 215.995120][ T8494] openvswitch: netlink: IPv4 tunnel dst address is zero [ 216.425102][ T8503] netlink: 330 bytes leftover after parsing attributes in process `syz.1.643'. [ 216.436793][ T8503] mac80211_hwsim hwsim2 : renamed from wlan0 (while UP) [ 216.609105][ T8499] Invalid ELF header magic: != ELF [ 216.730324][ T8499] can: request_module (can-proto-0) failed. [ 217.170591][ T8521] FAULT_INJECTION: forcing a failure. [ 217.170591][ T8521] name failslab, interval 1, probability 0, space 0, times 0 [ 217.198189][ T8513] vivid-003: ================= START STATUS ================= [ 217.205922][ T8513] vivid-003: Radio HW Seek Mode: Bounded [ 217.238167][ T8521] CPU: 1 UID: 0 PID: 8521 Comm: syz.0.647 Not tainted 6.14.0-syzkaller-07318-g4fa118e5b79f #0 PREEMPT(full) [ 217.238206][ T8521] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 217.238221][ T8521] Call Trace: [ 217.238229][ T8521] [ 217.238239][ T8521] dump_stack_lvl+0x16c/0x1f0 [ 217.238278][ T8521] should_fail_ex+0x512/0x640 [ 217.238316][ T8521] ? fs_reclaim_acquire+0xae/0x150 [ 217.238353][ T8521] ? tomoyo_encode2+0x100/0x3e0 [ 217.238383][ T8521] should_failslab+0xc2/0x120 [ 217.238411][ T8521] __kmalloc_noprof+0xd2/0x510 [ 217.238442][ T8521] tomoyo_encode2+0x100/0x3e0 [ 217.238477][ T8521] tomoyo_encode+0x29/0x50 [ 217.238506][ T8521] tomoyo_realpath_from_path+0x18f/0x6e0 [ 217.238550][ T8521] ? tomoyo_profile+0x47/0x60 [ 217.238588][ T8521] tomoyo_path_number_perm+0x245/0x580 [ 217.238614][ T8521] ? tomoyo_path_number_perm+0x237/0x580 [ 217.238643][ T8521] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 217.238671][ T8521] ? find_held_lock+0x2b/0x80 [ 217.238725][ T8521] ? find_held_lock+0x2b/0x80 [ 217.238756][ T8521] ? __fget_files+0x204/0x3c0 [ 217.238794][ T8521] ? __fget_files+0x20e/0x3c0 [ 217.238821][ T8521] security_file_ioctl+0x9b/0x240 [ 217.238850][ T8521] __x64_sys_ioctl+0xb7/0x200 [ 217.238889][ T8521] do_syscall_64+0xcd/0x260 [ 217.238926][ T8521] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 217.238953][ T8521] RIP: 0033:0x7f4371b8d169 [ 217.238974][ T8521] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 217.239001][ T8521] RSP: 002b:00007f436f9f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 217.239028][ T8521] RAX: ffffffffffffffda RBX: 00007f4371da5fa0 RCX: 00007f4371b8d169 [ 217.239047][ T8521] RDX: 000020000000c380 RSI: 00000000c0606610 RDI: 0000000000000003 [ 217.239064][ T8521] RBP: 00007f436f9f6090 R08: 0000000000000000 R09: 0000000000000000 [ 217.239081][ T8521] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 217.239097][ T8521] R13: 0000000000000000 R14: 00007f4371da5fa0 R15: 00007fff9aeaa578 [ 217.239127][ T8521] [ 217.239147][ T8521] ERROR: Out of memory at tomoyo_realpath_from_path. [ 217.251488][ T8513] vivid-003: Radio Programmable HW Seek: false [ 217.574307][ T8513] vivid-003: RDS Rx I/O Mode: Block I/O [ 217.598482][ T8513] vivid-003: Generate RBDS Instead of RDS: false [ 217.604958][ T8513] vivid-003: RDS Reception: true [ 217.629692][ T8513] vivid-003: RDS Program Type: 0 inactive [ 217.635551][ T8513] vivid-003: RDS PS Name: inactive [ 217.728126][ T8513] vivid-003: RDS Radio Text: inactive [ 217.733733][ T8513] vivid-003: RDS Traffic Announcement: false inactive [ 217.768370][ T8513] vivid-003: RDS Traffic Program: false inactive [ 217.774822][ T8513] vivid-003: RDS Music: false inactive [ 217.811810][ T8513] vivid-003: ================== END STATUS ================== [ 218.199495][ T8535] FAULT_INJECTION: forcing a failure. [ 218.199495][ T8535] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 218.234190][ T8535] CPU: 1 UID: 0 PID: 8535 Comm: syz.2.652 Not tainted 6.14.0-syzkaller-07318-g4fa118e5b79f #0 PREEMPT(full) [ 218.234232][ T8535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 218.234247][ T8535] Call Trace: [ 218.234255][ T8535] [ 218.234264][ T8535] dump_stack_lvl+0x16c/0x1f0 [ 218.234300][ T8535] should_fail_ex+0x512/0x640 [ 218.234342][ T8535] _copy_from_iter+0x2a4/0x15b0 [ 218.234368][ T8535] ? find_held_lock+0x2b/0x80 [ 218.234399][ T8535] ? __pfx__copy_from_iter+0x10/0x10 [ 218.234427][ T8535] ? __virt_addr_valid+0x5e/0x590 [ 218.234463][ T8535] ? __phys_addr_symbol+0x30/0x80 [ 218.234496][ T8535] ? __check_object_size+0x4c7/0x710 [ 218.234526][ T8535] netlink_sendmsg+0x83a/0xd70 [ 218.234567][ T8535] ? __pfx_netlink_sendmsg+0x10/0x10 [ 218.234602][ T8535] ____sys_sendmsg+0xa8d/0xc60 [ 218.234635][ T8535] ? copy_msghdr_from_user+0x10a/0x160 [ 218.234659][ T8535] ? __pfx_____sys_sendmsg+0x10/0x10 [ 218.234702][ T8535] ___sys_sendmsg+0x134/0x1d0 [ 218.234728][ T8535] ? __pfx____sys_sendmsg+0x10/0x10 [ 218.234781][ T8535] __sys_sendmsg+0x16d/0x220 [ 218.234807][ T8535] ? __pfx___sys_sendmsg+0x10/0x10 [ 218.234839][ T8535] ? rcu_is_watching+0x12/0xc0 [ 218.234874][ T8535] do_syscall_64+0xcd/0x260 [ 218.234909][ T8535] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 218.234934][ T8535] RIP: 0033:0x7f95d1f8d169 [ 218.234954][ T8535] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 218.234978][ T8535] RSP: 002b:00007f95d2dde038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 218.235004][ T8535] RAX: ffffffffffffffda RBX: 00007f95d21a5fa0 RCX: 00007f95d1f8d169 [ 218.235022][ T8535] RDX: 0000000020008080 RSI: 0000200000000180 RDI: 0000000000000002 [ 218.235037][ T8535] RBP: 00007f95d2dde090 R08: 0000000000000000 R09: 0000000000000000 [ 218.235052][ T8535] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 218.235067][ T8535] R13: 0000000000000000 R14: 00007f95d21a5fa0 R15: 00007ffebe630018 [ 218.235095][ T8535] [ 218.517113][ T8538] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input6 [ 218.620996][ T8538] : Can't lookup blockdev [ 219.280601][ T8567] netlink: 'syz.1.662': attribute type 35 has an invalid length. [ 219.592750][ T8571] FAULT_INJECTION: forcing a failure. [ 219.592750][ T8571] name failslab, interval 1, probability 0, space 0, times 0 [ 219.619980][ T8571] CPU: 1 UID: 0 PID: 8571 Comm: syz.1.663 Not tainted 6.14.0-syzkaller-07318-g4fa118e5b79f #0 PREEMPT(full) [ 219.620028][ T8571] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 219.620046][ T8571] Call Trace: [ 219.620056][ T8571] [ 219.620067][ T8571] dump_stack_lvl+0x16c/0x1f0 [ 219.620111][ T8571] should_fail_ex+0x512/0x640 [ 219.620155][ T8571] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 219.620205][ T8571] should_failslab+0xc2/0x120 [ 219.620237][ T8571] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 219.620282][ T8571] ? d_alloc_parallel+0x6ae/0x12e0 [ 219.620321][ T8571] ? proc_alloc_inode+0x25/0x200 [ 219.620353][ T8571] ? __pfx_proc_alloc_inode+0x10/0x10 [ 219.620381][ T8571] proc_alloc_inode+0x25/0x200 [ 219.620409][ T8571] alloc_inode+0x61/0x240 [ 219.620444][ T8571] new_inode+0x22/0x1c0 [ 219.620483][ T8571] ? proc_lookup_de+0x217/0x320 [ 219.620520][ T8571] proc_get_inode+0x1d/0x780 [ 219.620563][ T8571] proc_lookup_de+0x253/0x320 [ 219.620600][ T8571] ? __pfx_proc_lookup+0x10/0x10 [ 219.620635][ T8571] proc_lookup+0xcf/0x110 [ 219.620669][ T8571] lookup_open.isra.0+0x4d7/0x1580 [ 219.620716][ T8571] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 219.620775][ T8571] ? lookup_fast+0x156/0x610 [ 219.620820][ T8571] path_openat+0x905/0x2d40 [ 219.620857][ T8571] ? __pfx_path_openat+0x10/0x10 [ 219.620891][ T8571] do_filp_open+0x20b/0x470 [ 219.620917][ T8571] ? __pfx_do_filp_open+0x10/0x10 [ 219.620943][ T8571] ? find_held_lock+0x2b/0x80 [ 219.620995][ T8571] ? alloc_fd+0x420/0x760 [ 219.621046][ T8571] do_sys_openat2+0x11b/0x1d0 [ 219.621080][ T8571] ? __pfx_do_sys_openat2+0x10/0x10 [ 219.621124][ T8571] __x64_sys_openat+0x174/0x210 [ 219.621159][ T8571] ? __pfx___x64_sys_openat+0x10/0x10 [ 219.621196][ T8571] ? rcu_is_watching+0x12/0xc0 [ 219.621236][ T8571] do_syscall_64+0xcd/0x260 [ 219.621275][ T8571] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 219.621303][ T8571] RIP: 0033:0x7f310478d169 [ 219.621327][ T8571] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 219.621356][ T8571] RSP: 002b:00007f310551a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 219.621387][ T8571] RAX: ffffffffffffffda RBX: 00007f31049a6080 RCX: 00007f310478d169 [ 219.621406][ T8571] RDX: 00000000001c1080 RSI: 0000200000001080 RDI: ffffffffffffff9c [ 219.621424][ T8571] RBP: 00007f310480e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 219.621442][ T8571] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 219.621459][ T8571] R13: 0000000000000000 R14: 00007f31049a6080 R15: 00007ffd8eebb6c8 [ 219.621491][ T8571] [ 219.890135][ C1] hrtimer: interrupt took 262179092 ns [ 219.955533][ T8568] zswap: compressor not available [ 220.718427][ T8561] vivid-003: ================= START STATUS ================= [ 220.740310][ T8561] vivid-003: Radio HW Seek Mode: Bounded [ 220.746089][ T8561] vivid-003: Radio Programmable HW Seek: false [ 220.752562][ T8561] vivid-003: RDS Rx I/O Mode: Block I/O [ 220.758297][ T8561] vivid-003: Generate RBDS Instead of RDS: false [ 220.764955][ T8561] vivid-003: RDS Reception: true [ 220.775297][ T8561] vivid-003: RDS Program Type: 0 inactive [ 220.781307][ T8561] vivid-003: RDS PS Name: inactive [ 220.786673][ T8561] vivid-003: RDS Radio Text: inactive [ 220.792366][ T8561] vivid-003: RDS Traffic Announcement: false inactive [ 220.799336][ T8561] vivid-003: RDS Traffic Program: false inactive [ 220.805846][ T8561] vivid-003: RDS Music: false inactive [ 220.811531][ T8561] vivid-003: ================== END STATUS ================== [ 220.945162][ T55] Bluetooth: hci0: unexpected subevent 0x01 length: 4 < 18 [ 221.788941][ T8625] aoe: skb alloc failure [ 221.895206][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 221.906213][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 222.108185][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 222.114610][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 222.798651][ T8649] FAULT_INJECTION: forcing a failure. [ 222.798651][ T8649] name failslab, interval 1, probability 0, space 0, times 0 [ 222.878132][ T8649] CPU: 1 UID: 0 PID: 8649 Comm: syz.3.683 Not tainted 6.14.0-syzkaller-07318-g4fa118e5b79f #0 PREEMPT(full) [ 222.878184][ T8649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 222.878199][ T8649] Call Trace: [ 222.878207][ T8649] [ 222.878217][ T8649] dump_stack_lvl+0x16c/0x1f0 [ 222.878256][ T8649] should_fail_ex+0x512/0x640 [ 222.878297][ T8649] ? __kvmalloc_node_noprof+0x122/0x600 [ 222.878338][ T8649] should_failslab+0xc2/0x120 [ 222.878367][ T8649] __kvmalloc_node_noprof+0x135/0x600 [ 222.878405][ T8649] ? trace_kmalloc+0x2b/0xd0 [ 222.878431][ T8649] ? __kvmalloc_node_noprof+0x296/0x600 [ 222.878466][ T8649] ? io_alloc_cache_init+0x33/0x170 [ 222.878502][ T8649] ? io_alloc_cache_init+0x33/0x170 [ 222.878531][ T8649] io_alloc_cache_init+0x33/0x170 [ 222.878564][ T8649] io_rsrc_cache_init+0x26/0x50 [ 222.878592][ T8649] io_uring_setup+0x688/0x2080 [ 222.878619][ T8649] ? __pfx_io_uring_setup+0x10/0x10 [ 222.878640][ T8649] ? do_futex+0x122/0x350 [ 222.878673][ T8649] ? __pfx_do_futex+0x10/0x10 [ 222.878704][ T8649] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 222.878752][ T8649] ? rcu_is_watching+0x12/0xc0 [ 222.878786][ T8649] __x64_sys_io_uring_setup+0xc2/0x170 [ 222.878812][ T8649] do_syscall_64+0xcd/0x260 [ 222.878845][ T8649] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 222.878871][ T8649] RIP: 0033:0x7f535e18d169 [ 222.878893][ T8649] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 222.878918][ T8649] RSP: 002b:00007f535ef5d038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 222.878945][ T8649] RAX: ffffffffffffffda RBX: 00007f535e3a5fa0 RCX: 00007f535e18d169 [ 222.878963][ T8649] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000000003ff [ 222.878978][ T8649] RBP: 00007f535e20e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 222.878994][ T8649] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 222.879010][ T8649] R13: 0000000000000000 R14: 00007f535e3a5fa0 R15: 00007ffc29cab958 [ 222.879038][ T8649] [ 223.376507][ T8653] vivid-003: ================= START STATUS ================= [ 223.384391][ T8653] vivid-003: Radio HW Seek Mode: Bounded [ 223.390203][ T8653] vivid-003: Radio Programmable HW Seek: false [ 223.396520][ T8653] vivid-003: RDS Rx I/O Mode: Block I/O [ 223.402676][ T8653] vivid-003: Generate RBDS Instead of RDS: false [ 223.409417][ T8653] vivid-003: RDS Reception: true [ 223.414430][ T8653] vivid-003: RDS Program Type: 0 inactive [ 223.420407][ T8653] vivid-003: RDS PS Name: inactive [ 223.425688][ T8653] vivid-003: RDS Radio Text: inactive [ 223.433556][ T8653] vivid-003: RDS Traffic Announcement: false inactive [ 223.446200][ T8653] vivid-003: RDS Traffic Program: false inactive [ 223.453009][ T8653] vivid-003: RDS Music: false inactive [ 223.458708][ T8653] vivid-003: ================== END STATUS ================== [ 224.007182][ T8692] netlink: 2168 bytes leftover after parsing attributes in process `syz.2.696'. [ 224.818302][ T8692] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 224.864423][ T8692] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 224.921445][ T8692] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 224.957429][ T8692] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 224.984895][ T55] Bluetooth: hci2: Malformed LE Event: 0x1d [ 224.987609][ T8692] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 225.026779][ T8692] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 225.071123][ T8692] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 225.085281][ T8692] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 225.339624][ T8724] [ 226.202203][ T55] Bluetooth: hci2: command 0x0406 tx timeout [ 226.384720][ T8725] vivid-003: ================= START STATUS ================= [ 226.435425][ T8725] vivid-003: Radio HW Seek Mode: Bounded [ 226.463433][ T8725] vivid-003: Radio Programmable HW Seek: false [ 226.528429][ T8725] vivid-003: RDS Rx I/O Mode: Block I/O [ 226.534130][ T8725] vivid-003: Generate RBDS Instead of RDS: false [ 226.553872][ T55] Bluetooth: hci0: unexpected subevent 0x01 length: 4 < 18 [ 226.566778][ T8725] vivid-003: RDS Reception: true [ 226.575969][ T8725] vivid-003: RDS Program Type: 0 inactive [ 226.582138][ T8725] vivid-003: RDS PS Name: inactive [ 226.587607][ T8725] vivid-003: RDS Radio Text: inactive [ 226.593617][ T8725] vivid-003: RDS Traffic Announcement: false inactive [ 226.600804][ T8725] vivid-003: RDS Traffic Program: false inactive [ 226.608455][ T8725] vivid-003: RDS Music: false inactive [ 226.614179][ T8725] vivid-003: ================== END STATUS ================== [ 226.998159][ T55] Bluetooth: hci0: command 0x0406 tx timeout [ 227.004311][ T5838] Bluetooth: hci1: command 0x0406 tx timeout [ 227.078099][ T55] Bluetooth: hci3: command 0x0406 tx timeout [ 227.477421][ T8788] netlink: 28 bytes leftover after parsing attributes in process `syz.2.711'. [ 227.493670][ T8788] mac80211_hwsim hwsim7 wlan1: entered allmulticast mode [ 228.278119][ T55] Bluetooth: hci2: command 0x0406 tx timeout [ 229.078991][ T55] Bluetooth: hci0: command 0x0406 tx timeout [ 229.085147][ T5838] Bluetooth: hci1: command 0x0406 tx timeout [ 229.158178][ T55] Bluetooth: hci3: command 0x0406 tx timeout [ 229.207757][ T8825] netlink: 28 bytes leftover after parsing attributes in process `syz.1.719'. [ 229.318328][ T8825] mac80211_hwsim hwsim3 wlan1: entered allmulticast mode [ 229.682483][ T8826] vivid-003: ================= START STATUS ================= [ 229.726836][ T8826] vivid-003: Radio HW Seek Mode: Bounded [ 229.748481][ T8826] vivid-003: Radio Programmable HW Seek: false [ 229.786117][ T8826] vivid-003: RDS Rx I/O Mode: Block I/O [ 229.822234][ T8826] vivid-003: Generate RBDS Instead of RDS: false [ 229.870987][ T8826] vivid-003: RDS Reception: true [ 229.876131][ T8826] vivid-003: RDS Program Type: 0 inactive [ 229.884491][ T8826] vivid-003: RDS PS Name: inactive [ 229.890590][ T8826] vivid-003: RDS Radio Text: inactive [ 229.896538][ T8826] vivid-003: RDS Traffic Announcement: false inactive [ 229.903961][ T8826] vivid-003: RDS Traffic Program: false inactive [ 229.910854][ T8826] vivid-003: RDS Music: false inactive [ 229.916454][ T8826] vivid-003: ================== END STATUS ================== [ 230.524371][ T8857] Dead loop on virtual device ip6_vti0, fix it urgently! [ 230.561555][ T8857] Dead loop on virtual device ip6_vti0, fix it urgently! [ 230.607843][ T8857] Dead loop on virtual device ip6_vti0, fix it urgently! [ 230.804479][ T8862] FAULT_INJECTION: forcing a failure. [ 230.804479][ T8862] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 230.818044][ T8862] CPU: 0 UID: 0 PID: 8862 Comm: syz.2.732 Not tainted 6.14.0-syzkaller-07318-g4fa118e5b79f #0 PREEMPT(full) [ 230.818083][ T8862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 230.818100][ T8862] Call Trace: [ 230.818116][ T8862] [ 230.818127][ T8862] dump_stack_lvl+0x16c/0x1f0 [ 230.818166][ T8862] should_fail_ex+0x512/0x640 [ 230.818210][ T8862] should_fail_alloc_page+0xe7/0x130 [ 230.818240][ T8862] prepare_alloc_pages.constprop.0+0x172/0x570 [ 230.818278][ T8862] ? stack_trace_save+0x8e/0xc0 [ 230.818313][ T8862] __alloc_frozen_pages_noprof+0x18f/0x24d0 [ 230.818345][ T8862] ? cgroup_rstat_updated+0x2a/0xb20 [ 230.818382][ T8862] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 230.818412][ T8862] ? __lock_acquire+0x5ca/0x1ba0 [ 230.818462][ T8862] ? lock_acquire+0x179/0x350 [ 230.818500][ T8862] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 230.818546][ T8862] ? policy_nodemask+0xea/0x4e0 [ 230.818577][ T8862] alloc_pages_mpol+0x1fb/0x540 [ 230.818606][ T8862] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 230.818635][ T8862] ? __lock_acquire+0x5ca/0x1ba0 [ 230.818679][ T8862] folio_alloc_mpol_noprof+0x36/0x2f0 [ 230.818714][ T8862] vma_alloc_folio_noprof+0xed/0x1e0 [ 230.818746][ T8862] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 230.818786][ T8862] do_pte_missing+0x2049/0x3ea0 [ 230.818837][ T8862] __handle_mm_fault+0x1043/0x2a50 [ 230.818886][ T8862] ? __pfx___handle_mm_fault+0x10/0x10 [ 230.818927][ T8862] ? __pte_offset_map_lock+0x155/0x2f0 [ 230.818960][ T8862] ? find_held_lock+0x2b/0x80 [ 230.818989][ T8862] ? find_held_lock+0x2b/0x80 [ 230.819034][ T8862] handle_mm_fault+0x404/0xae0 [ 230.819080][ T8862] __get_user_pages+0x771/0x36f0 [ 230.819134][ T8862] ? __pfx_mt_find+0x10/0x10 [ 230.819171][ T8862] ? __pfx___get_user_pages+0x10/0x10 [ 230.819221][ T8862] populate_vma_page_range+0x278/0x3a0 [ 230.819264][ T8862] ? __pfx_populate_vma_page_range+0x10/0x10 [ 230.819305][ T8862] ? __pfx_find_vma_intersection+0x10/0x10 [ 230.819343][ T8862] ? do_mmap+0x69c/0x11b0 [ 230.819381][ T8862] __mm_populate+0x1d8/0x380 [ 230.819422][ T8862] ? __pfx___mm_populate+0x10/0x10 [ 230.819465][ T8862] ? up_write+0x1b2/0x520 [ 230.819493][ T8862] vm_mmap_pgoff+0x362/0x450 [ 230.819536][ T8862] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 230.819578][ T8862] ? __fget_files+0x20e/0x3c0 [ 230.819600][ T8862] ? __up_read+0x190/0x750 [ 230.819632][ T8862] ksys_mmap_pgoff+0x7d/0x5c0 [ 230.819666][ T8862] ? __pfx_ksys_write+0x10/0x10 [ 230.819709][ T8862] __x64_sys_mmap+0x125/0x190 [ 230.819742][ T8862] do_syscall_64+0xcd/0x260 [ 230.819776][ T8862] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 230.819803][ T8862] RIP: 0033:0x7f95d1f8d169 [ 230.819825][ T8862] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 230.819851][ T8862] RSP: 002b:00007f95d2dde038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 230.819877][ T8862] RAX: ffffffffffffffda RBX: 00007f95d21a5fa0 RCX: 00007f95d1f8d169 [ 230.819894][ T8862] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 230.819910][ T8862] RBP: 00007f95d2dde090 R08: 0000000000000002 R09: 0000000000008000 [ 230.819927][ T8862] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000002 [ 230.819944][ T8862] R13: 0000000000000001 R14: 00007f95d21a5fa0 R15: 00007ffebe630018 [ 230.819975][ T8862] [ 231.448257][ T8871] netlink: 8 bytes leftover after parsing attributes in process `syz.1.734'. [ 231.868378][ T8886] kAFS: No cell specified [ 231.940279][ T8888] netlink: 20 bytes leftover after parsing attributes in process `syz.2.738'. [ 232.156452][ T8894] FAULT_INJECTION: forcing a failure. [ 232.156452][ T8894] name failslab, interval 1, probability 0, space 0, times 0 [ 232.169381][ T8894] CPU: 0 UID: 0 PID: 8894 Comm: syz.0.741 Not tainted 6.14.0-syzkaller-07318-g4fa118e5b79f #0 PREEMPT(full) [ 232.169423][ T8894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 232.169441][ T8894] Call Trace: [ 232.169449][ T8894] [ 232.169460][ T8894] dump_stack_lvl+0x16c/0x1f0 [ 232.169502][ T8894] should_fail_ex+0x512/0x640 [ 232.169546][ T8894] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 232.169596][ T8894] should_failslab+0xc2/0x120 [ 232.169626][ T8894] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 232.169669][ T8894] ? __proc_create+0xc3/0x8c0 [ 232.169701][ T8894] ? __proc_create+0x2ce/0x8c0 [ 232.169738][ T8894] __proc_create+0x2ce/0x8c0 [ 232.169772][ T8894] ? __pfx___proc_create+0x10/0x10 [ 232.169807][ T8894] ? _raw_write_unlock+0x28/0x50 [ 232.169838][ T8894] ? proc_register+0x314/0x5f0 [ 232.169874][ T8894] proc_create_reg+0x7d/0x180 [ 232.169912][ T8894] proc_create_net_data+0x8e/0x1b0 [ 232.169947][ T8894] ? __pfx_proc_create_net_data+0x10/0x10 [ 232.169979][ T8894] ? __pfx_proc_create_net_data+0x10/0x10 [ 232.170014][ T8894] ? __kasan_kmalloc+0xaa/0xb0 [ 232.170074][ T8894] ip_vs_conn_net_init+0x13f/0x200 [ 232.170118][ T8894] __ip_vs_init+0x27d/0x520 [ 232.170159][ T8894] ? __pfx___ip_vs_init+0x10/0x10 [ 232.170197][ T8894] ops_init+0x1df/0x5f0 [ 232.170229][ T8894] setup_net+0x21e/0x850 [ 232.170262][ T8894] ? __pfx_setup_net+0x10/0x10 [ 232.170290][ T8894] ? lockdep_init_map_type+0x5c/0x280 [ 232.170332][ T8894] ? __pfx_down_read_killable+0x10/0x10 [ 232.170376][ T8894] ? debug_mutex_init+0x37/0x70 [ 232.170410][ T8894] copy_net_ns+0x2a6/0x5f0 [ 232.170446][ T8894] create_new_namespaces+0x3ea/0xad0 [ 232.170490][ T8894] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 232.170530][ T8894] ksys_unshare+0x45b/0xa40 [ 232.170572][ T8894] ? __pfx_ksys_unshare+0x10/0x10 [ 232.170612][ T8894] ? xfd_validate_state+0x5d/0x180 [ 232.170643][ T8894] ? rcu_is_watching+0x12/0xc0 [ 232.170682][ T8894] __x64_sys_unshare+0x31/0x40 [ 232.170719][ T8894] do_syscall_64+0xcd/0x260 [ 232.170757][ T8894] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 232.170786][ T8894] RIP: 0033:0x7f4371b8d169 [ 232.170810][ T8894] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 232.170838][ T8894] RSP: 002b:00007f436f9f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 232.170866][ T8894] RAX: ffffffffffffffda RBX: 00007f4371da5fa0 RCX: 00007f4371b8d169 [ 232.170884][ T8894] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 232.170901][ T8894] RBP: 00007f4371c0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 232.170919][ T8894] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 232.170936][ T8894] R13: 0000000000000000 R14: 00007f4371da5fa0 R15: 00007fff9aeaa578 [ 232.170968][ T8894] [ 232.533352][ T8898] netlink: 'syz.3.743': attribute type 1 has an invalid length. [ 232.814614][ T8895] vivid-003: ================= START STATUS ================= [ 232.855465][ T8895] vivid-003: Radio HW Seek Mode: Bounded [ 232.876626][ T8895] vivid-003: Radio Programmable HW Seek: false [ 232.894127][ T8895] vivid-003: RDS Rx I/O Mode: Block I/O [ 232.901007][ T8895] vivid-003: Generate RBDS Instead of RDS: false [ 232.907878][ T8895] vivid-003: RDS Reception: true [ 232.935548][ T8895] vivid-003: RDS Program Type: 0 inactive [ 232.958318][ T8895] vivid-003: RDS PS Name: inactive [ 232.968840][ T8934] ubi0: attaching mtd0 [ 232.990423][ T8934] ubi0: scanning is finished [ 232.994188][ T8895] vivid-003: RDS Radio Text: [ 232.995229][ T8934] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 232.995299][ T8895] inactive [ 233.016014][ T8895] vivid-003: RDS Traffic Announcement: false inactive [ 233.026721][ T8895] vivid-003: RDS Traffic Program: false inactive [ 233.037394][ T8895] vivid-003: RDS Music: false inactive [ 233.047546][ T8895] vivid-003: ================== END STATUS ================== [ 233.137703][ T8934] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 233.331282][ T8942] Invalid ELF header magic: != ELF [ 233.891639][ T8962] netlink: 8 bytes leftover after parsing attributes in process `syz.0.756'. [ 235.446416][ T8969] vivid-003: ================= START STATUS ================= [ 235.505407][ T8969] vivid-003: Radio HW Seek Mode: Bounded [ 235.538174][ T8969] vivid-003: Radio Programmable HW Seek: false [ 235.544463][ T8969] vivid-003: RDS Rx I/O Mode: Block I/O [ 235.599990][ T8969] vivid-003: Generate RBDS Instead of RDS: false [ 235.606532][ T8969] vivid-003: RDS Reception: true [ 235.623066][ T8969] vivid-003: RDS Program Type: 0 inactive [ 235.651328][ T8969] vivid-003: RDS PS Name: inactive [ 235.659106][ T8969] vivid-003: RDS Radio Text: inactive [ 235.677883][ T8969] vivid-003: RDS Traffic Announcement: false inactive [ 235.685694][ T8969] vivid-003: RDS Traffic Program: false inactive [ 235.696481][ T8969] vivid-003: RDS Music: false inactive [ 235.723662][ T8969] vivid-003: ================== END STATUS ================== [ 236.503999][ T8993] FAULT_INJECTION: forcing a failure. [ 236.503999][ T8993] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 236.530671][ T8993] CPU: 1 UID: 0 PID: 8993 Comm: syz.3.765 Not tainted 6.14.0-syzkaller-07318-g4fa118e5b79f #0 PREEMPT(full) [ 236.530715][ T8993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 236.530731][ T8993] Call Trace: [ 236.530740][ T8993] [ 236.530751][ T8993] dump_stack_lvl+0x16c/0x1f0 [ 236.530792][ T8993] should_fail_ex+0x512/0x640 [ 236.530837][ T8993] _copy_to_iter+0x477/0x15a0 [ 236.530872][ T8993] ? __pfx__copy_to_iter+0x10/0x10 [ 236.530908][ T8993] ? const_folio_flags+0x5b/0x100 [ 236.530952][ T8993] ? folio_mark_accessed+0xc1/0xc00 [ 236.530992][ T8993] ? __pfx_folio_mark_accessed+0x10/0x10 [ 236.531037][ T8993] copy_page_to_iter+0xf1/0x180 [ 236.531068][ T8993] filemap_read+0x6b1/0xe90 [ 236.531116][ T8993] ? __pfx_filemap_read+0x10/0x10 [ 236.531171][ T8993] ? _kstrtoull+0x145/0x200 [ 236.531204][ T8993] ? __pfx__kstrtoull+0x10/0x10 [ 236.531237][ T8993] ? __pfx_aa_file_perm+0x10/0x10 [ 236.531273][ T8993] blkdev_read_iter+0x190/0x4d0 [ 236.531309][ T8993] do_iter_readv_writev+0x735/0x950 [ 236.531358][ T8993] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 236.531401][ T8993] ? bpf_lsm_file_permission+0x9/0x10 [ 236.531428][ T8993] ? security_file_permission+0x71/0x210 [ 236.531460][ T8993] ? rw_verify_area+0xcf/0x680 [ 236.531498][ T8993] vfs_readv+0x4c5/0x8a0 [ 236.531541][ T8993] ? __pfx_vfs_readv+0x10/0x10 [ 236.531596][ T8993] ? __fget_files+0x20e/0x3c0 [ 236.531628][ T8993] ? do_readv+0x132/0x330 [ 236.531663][ T8993] do_readv+0x132/0x330 [ 236.531705][ T8993] ? __pfx_do_readv+0x10/0x10 [ 236.531742][ T8993] ? ksys_write+0x1b9/0x240 [ 236.531782][ T8993] ? __pfx_ksys_write+0x10/0x10 [ 236.531828][ T8993] ? rcu_is_watching+0x12/0xc0 [ 236.531864][ T8993] __x64_sys_preadv2+0x11f/0x160 [ 236.531893][ T8993] do_syscall_64+0xcd/0x260 [ 236.531937][ T8993] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 236.531966][ T8993] RIP: 0033:0x7f535e18d169 [ 236.531988][ T8993] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 236.532015][ T8993] RSP: 002b:00007f535ef5d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000147 [ 236.532044][ T8993] RAX: ffffffffffffffda RBX: 00007f535e3a5fa0 RCX: 00007f535e18d169 [ 236.532062][ T8993] RDX: 0000000000000005 RSI: 0000200000001000 RDI: 0000000000000003 [ 236.532079][ T8993] RBP: 00007f535ef5d090 R08: 0000000000000007 R09: 000000000000002e [ 236.532094][ T8993] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001 [ 236.532111][ T8993] R13: 0000000000000000 R14: 00007f535e3a5fa0 R15: 00007ffc29cab958 [ 236.532142][ T8993] [ 239.145662][ T9022] vivid-003: ================= START STATUS ================= [ 239.172110][ T9022] vivid-003: Radio HW Seek Mode: Bounded [ 239.221766][ T9022] vivid-003: Radio Programmable HW Seek: false [ 239.242616][ T9022] vivid-003: RDS Rx I/O Mode: Block I/O [ 239.273172][ T9022] vivid-003: Generate RBDS Instead of RDS: false [ 239.326160][ T9022] vivid-003: RDS Reception: true [ 239.358155][ T9022] vivid-003: RDS Program Type: 0 inactive [ 239.408050][ T9022] vivid-003: RDS PS Name: inactive [ 239.413391][ T9022] vivid-003: RDS Radio Text: inactive [ 239.468300][ T9022] vivid-003: RDS Traffic Announcement: false inactive [ 239.531644][ T9022] vivid-003: RDS Traffic Program: false inactive [ 239.556533][ T9022] vivid-003: RDS Music: false inactive [ 239.582776][ T9022] vivid-003: ================== END STATUS ================== [ 239.699518][ T9049] program syz.2.780 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 239.729024][ T9049] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 241.355370][ T9064] vivid-003: ================= START STATUS ================= [ 241.368192][ T9064] vivid-003: Radio HW Seek Mode: Bounded [ 241.373993][ T9064] vivid-003: Radio Programmable HW Seek: false [ 241.391442][ T9064] vivid-003: RDS Rx I/O Mode: Block I/O [ 241.399840][ T9064] vivid-003: Generate RBDS Instead of RDS: false [ 241.407034][ T9064] vivid-003: RDS Reception: true [ 241.412693][ T9064] vivid-003: RDS Program Type: 0 inactive [ 241.418861][ T9064] vivid-003: RDS PS Name: inactive [ 241.427311][ T9064] vivid-003: RDS Radio Text: inactive [ 241.433086][ T9064] vivid-003: RDS Traffic Announcement: false inactive [ 241.440089][ T9064] vivid-003: RDS Traffic Program: false inactive [ 241.446623][ T9064] vivid-003: RDS Music: false inactive [ 241.481295][ T9064] vivid-003: ================== END STATUS ================== [ 241.583598][ T9071] vivid-003: ================= START STATUS ================= [ 241.601296][ T9071] vivid-003: Radio HW Seek Mode: Bounded [ 241.607060][ T9071] vivid-003: Radio Programmable HW Seek: false [ 241.617725][ T9071] vivid-003: RDS Rx I/O Mode: Block I/O [ 241.625614][ T9071] vivid-003: Generate RBDS Instead of RDS: false [ 241.643152][ T9071] vivid-003: RDS Reception: true [ 241.678161][ T9071] vivid-003: RDS Program Type: 0 inactive [ 241.684929][ T9071] vivid-003: RDS PS Name: inactive [ 241.708851][ T9071] vivid-003: RDS Radio Text: inactive [ 241.714447][ T9071] vivid-003: RDS Traffic Announcement: false inactive [ 241.752860][ T9071] vivid-003: RDS Traffic Program: false inactive [ 241.790797][ T9071] vivid-003: RDS Music: false inactive [ 241.816989][ T9071] vivid-003: ================== END STATUS ================== [ 243.139188][ T9117] vivid-003: ================= START STATUS ================= [ 243.147045][ T9117] vivid-003: Radio HW Seek Mode: Bounded [ 243.239261][ T9117] vivid-003: Radio Programmable HW Seek: false [ 243.245951][ T9117] vivid-003: RDS Rx I/O Mode: Block I/O [ 243.274731][ T9117] vivid-003: Generate RBDS Instead of RDS: false [ 243.295328][ T9117] vivid-003: RDS Reception: true [ 243.303809][ T9117] vivid-003: RDS Program Type: 0 inactive [ 243.311109][ T9117] vivid-003: RDS PS Name: inactive [ 243.323251][ T9117] vivid-003: RDS Radio Text: inactive [ 243.338710][ T9117] vivid-003: RDS Traffic Announcement: false inactive [ 243.346096][ T9117] vivid-003: RDS Traffic Program: false inactive [ 243.357051][ T9117] vivid-003: RDS Music: false inactive [ 243.368107][ T9117] vivid-003: ================== END STATUS ================== [ 243.577496][ T9129] FAULT_INJECTION: forcing a failure. [ 243.577496][ T9129] name failslab, interval 1, probability 0, space 0, times 0 [ 243.600361][ T9129] CPU: 0 UID: 0 PID: 9129 Comm: syz.2.800 Not tainted 6.14.0-syzkaller-07318-g4fa118e5b79f #0 PREEMPT(full) [ 243.600406][ T9129] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 243.600423][ T9129] Call Trace: [ 243.600432][ T9129] [ 243.600444][ T9129] dump_stack_lvl+0x16c/0x1f0 [ 243.600486][ T9129] should_fail_ex+0x512/0x640 [ 243.600530][ T9129] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 243.600574][ T9129] should_failslab+0xc2/0x120 [ 243.600604][ T9129] __kmalloc_cache_noprof+0x6a/0x3e0 [ 243.600643][ T9129] ? __asan_memcpy+0x3c/0x60 [ 243.600682][ T9129] ? ip_vs_protocol_net_init+0xbe/0x300 [ 243.600719][ T9129] ip_vs_protocol_net_init+0xbe/0x300 [ 243.600757][ T9129] __ip_vs_init+0x239/0x520 [ 243.600800][ T9129] ? __pfx___ip_vs_init+0x10/0x10 [ 243.600841][ T9129] ops_init+0x1df/0x5f0 [ 243.600875][ T9129] setup_net+0x21e/0x850 [ 243.600907][ T9129] ? __pfx_setup_net+0x10/0x10 [ 243.600937][ T9129] ? lockdep_init_map_type+0x5c/0x280 [ 243.600979][ T9129] ? __pfx_down_read_killable+0x10/0x10 [ 243.601017][ T9129] ? debug_mutex_init+0x37/0x70 [ 243.601048][ T9129] copy_net_ns+0x2a6/0x5f0 [ 243.601082][ T9129] create_new_namespaces+0x3ea/0xad0 [ 243.601126][ T9129] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 243.601165][ T9129] ksys_unshare+0x45b/0xa40 [ 243.601206][ T9129] ? __pfx_ksys_unshare+0x10/0x10 [ 243.601253][ T9129] ? xfd_validate_state+0x5d/0x180 [ 243.601287][ T9129] ? rcu_is_watching+0x12/0xc0 [ 243.601326][ T9129] __x64_sys_unshare+0x31/0x40 [ 243.601365][ T9129] do_syscall_64+0xcd/0x260 [ 243.601405][ T9129] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 243.601433][ T9129] RIP: 0033:0x7f95d1f8d169 [ 243.601455][ T9129] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 243.601484][ T9129] RSP: 002b:00007f95d2dde038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 243.601511][ T9129] RAX: ffffffffffffffda RBX: 00007f95d21a5fa0 RCX: 00007f95d1f8d169 [ 243.601530][ T9129] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 243.601547][ T9129] RBP: 00007f95d200e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 243.601564][ T9129] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 243.601581][ T9129] R13: 0000000000000000 R14: 00007f95d21a5fa0 R15: 00007ffebe630018 [ 243.601612][ T9129] [ 245.218142][ T9132] vivid-003: ================= START STATUS ================= [ 245.267054][ T9132] vivid-003: Radio HW Seek Mode: Bounded [ 245.304625][ T9132] vivid-003: Radio Programmable HW Seek: false [ 245.334044][ T9132] vivid-003: RDS Rx I/O Mode: Block I/O [ 245.354416][ T9132] vivid-003: Generate RBDS Instead of RDS: false [ 245.387515][ T9132] vivid-003: RDS Reception: true [ 245.416181][ T9132] vivid-003: RDS Program Type: 0 inactive [ 245.450345][ T9132] vivid-003: RDS PS Name: inactive [ 245.470535][ T9132] vivid-003: RDS Radio Text: inactive [ 245.489749][ T9132] vivid-003: RDS Traffic Announcement: false inactive [ 245.527502][ T9132] vivid-003: RDS Traffic Program: false inactive [ 245.563318][ T9132] vivid-003: RDS Music: false inactive [ 245.628032][ T9132] vivid-003: ================== END STATUS ================== [ 246.521962][ T9151] vivid-003: ================= START STATUS ================= [ 246.567842][ T9151] vivid-003: Radio HW Seek Mode: Bounded [ 246.592423][ T9151] vivid-003: Radio Programmable HW Seek: false [ 246.639666][ T9151] vivid-003: RDS Rx I/O Mode: Block I/O [ 246.665327][ T9151] vivid-003: Generate RBDS Instead of RDS: false [ 246.693552][ T9151] vivid-003: RDS Reception: true [ 246.714101][ T9151] vivid-003: RDS Program Type: 0 inactive [ 246.754134][ T9151] vivid-003: RDS PS Name: inactive [ 246.797029][ T9151] vivid-003: RDS Radio Text: inactive [ 246.820729][ T9151] vivid-003: RDS Traffic Announcement: false inactive [ 246.844920][ T9151] vivid-003: RDS Traffic Program: false inactive [ 246.899566][ T9151] vivid-003: RDS Music: false inactive [ 246.905156][ T9151] vivid-003: ================== END STATUS ================== [ 246.969105][ T9160] vivid-003: ================= START STATUS ================= [ 247.028467][ T9160] vivid-003: Radio HW Seek Mode: Bounded [ 247.034480][ T9160] vivid-003: Radio Programmable HW Seek: false [ 247.093858][ T9160] vivid-003: RDS Rx I/O Mode: Block I/O [ 247.099591][ T9160] vivid-003: Generate RBDS Instead of RDS: false [ 247.107649][ T9160] vivid-003: RDS Reception: true [ 247.112977][ T9160] vivid-003: RDS Program Type: 0 inactive [ 247.119055][ T9160] vivid-003: RDS PS Name: inactive [ 247.124360][ T9160] vivid-003: RDS Radio Text: inactive [ 247.130013][ T9160] vivid-003: RDS Traffic Announcement: false inactive [ 247.136896][ T9160] vivid-003: RDS Traffic Program: false inactive [ 247.144054][ T9160] vivid-003: RDS Music: false inactive [ 247.149773][ T9160] vivid-003: ================== END STATUS ================== [ 247.733694][ T9187] netlink: 2168 bytes leftover after parsing attributes in process `syz.3.811'. [ 248.099801][ T9198] FAULT_INJECTION: forcing a failure. [ 248.099801][ T9198] name failslab, interval 1, probability 0, space 0, times 0 [ 248.113840][ T9198] CPU: 0 UID: 0 PID: 9198 Comm: syz.1.813 Not tainted 6.14.0-syzkaller-07318-g4fa118e5b79f #0 PREEMPT(full) [ 248.113866][ T9198] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 248.113876][ T9198] Call Trace: [ 248.113881][ T9198] [ 248.113888][ T9198] dump_stack_lvl+0x16c/0x1f0 [ 248.113914][ T9198] should_fail_ex+0x512/0x640 [ 248.113941][ T9198] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 248.113971][ T9198] should_failslab+0xc2/0x120 [ 248.113988][ T9198] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 248.114013][ T9198] ? __proc_create+0xc3/0x8c0 [ 248.114032][ T9198] ? __proc_create+0x2ce/0x8c0 [ 248.114054][ T9198] __proc_create+0x2ce/0x8c0 [ 248.114074][ T9198] ? __pfx___proc_create+0x10/0x10 [ 248.114108][ T9198] ? _raw_write_unlock+0x28/0x50 [ 248.114138][ T9198] ? proc_register+0x314/0x5f0 [ 248.114172][ T9198] proc_create_reg+0x7d/0x180 [ 248.114216][ T9198] ? __pfx_ip_vs_stats_percpu_show+0x10/0x10 [ 248.114245][ T9198] proc_create_net_single+0x86/0x170 [ 248.114282][ T9198] ? __pfx_proc_create_net_single+0x10/0x10 [ 248.114310][ T9198] ip_vs_control_net_init+0x4c9/0x1d20 [ 248.114332][ T9198] ? debug_mutex_init+0x37/0x70 [ 248.114353][ T9198] __ip_vs_init+0x217/0x520 [ 248.114376][ T9198] ? __pfx___ip_vs_init+0x10/0x10 [ 248.114398][ T9198] ops_init+0x1df/0x5f0 [ 248.114417][ T9198] setup_net+0x21e/0x850 [ 248.114435][ T9198] ? __pfx_setup_net+0x10/0x10 [ 248.114451][ T9198] ? lockdep_init_map_type+0x5c/0x280 [ 248.114476][ T9198] ? __pfx_down_read_killable+0x10/0x10 [ 248.114501][ T9198] ? debug_mutex_init+0x37/0x70 [ 248.114521][ T9198] copy_net_ns+0x2a6/0x5f0 [ 248.114541][ T9198] create_new_namespaces+0x3ea/0xad0 [ 248.114566][ T9198] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 248.114589][ T9198] ksys_unshare+0x45b/0xa40 [ 248.114612][ T9198] ? __pfx_ksys_unshare+0x10/0x10 [ 248.114636][ T9198] ? rcu_is_watching+0x12/0xc0 [ 248.114657][ T9198] __x64_sys_unshare+0x31/0x40 [ 248.114680][ T9198] do_syscall_64+0xcd/0x260 [ 248.114701][ T9198] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 248.114718][ T9198] RIP: 0033:0x7f310478d169 [ 248.114733][ T9198] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 248.114749][ T9198] RSP: 002b:00007f310553b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 248.114767][ T9198] RAX: ffffffffffffffda RBX: 00007f31049a5fa0 RCX: 00007f310478d169 [ 248.114777][ T9198] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 248.114787][ T9198] RBP: 00007f310480e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 248.114797][ T9198] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 248.114807][ T9198] R13: 0000000000000000 R14: 00007f31049a5fa0 R15: 00007ffd8eebb6c8 [ 248.114824][ T9198] [ 248.560498][ T9187] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 248.566690][ T9187] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 248.574025][ T9187] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 248.583899][ T9187] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 249.878100][ T55] Bluetooth: hci2: command 0x0406 tx timeout [ 250.598260][ T55] Bluetooth: hci3: command 0x0406 tx timeout [ 250.604372][ T55] Bluetooth: hci0: command 0x0406 tx timeout [ 250.610585][ T5838] Bluetooth: hci1: command 0x0406 tx timeout [ 250.731521][ T9219] zswap: compressor not available [ 251.032136][ T9239] netlink: 342 bytes leftover after parsing attributes in process `syz.0.820'. [ 251.098596][ T9239] netlink: 342 bytes leftover after parsing attributes in process `syz.0.820'. [ 251.153579][ T9210] vivid-003: ================= START STATUS ================= [ 251.163222][ T9210] vivid-003: Radio HW Seek Mode: Bounded [ 251.172529][ T9210] vivid-003: Radio Programmable HW Seek: false [ 251.187710][ T9210] vivid-003: RDS Rx I/O Mode: Block I/O [ 251.196910][ T9210] vivid-003: Generate RBDS Instead of RDS: false [ 251.206863][ T9210] vivid-003: RDS Reception: true [ 251.224247][ T9210] vivid-003: RDS Program Type: 0 inactive [ 251.245631][ T9241] netlink: 294 bytes leftover after parsing attributes in process `syz.0.820'. [ 251.247943][ T9210] vivid-003: RDS PS Name: inactive [ 251.354692][ T9210] vivid-003: RDS Radio Text: inactive [ 251.360440][ T9210] vivid-003: RDS Traffic Announcement: false inactive [ 251.367370][ T9210] vivid-003: RDS Traffic Program: false inactive [ 251.374024][ T9210] vivid-003: RDS Music: false inactive [ 251.379698][ T9210] vivid-003: ================== END STATUS ================== [ 252.441247][ T9250] Invalid ELF header magic: != ELF [ 252.534724][ T9250] can: request_module (can-proto-0) failed. [ 254.788556][ T9310] can: request_module (can-proto-0) failed. [ 255.422701][ T9324] vivid-003: ================= START STATUS ================= [ 255.431633][ T9324] vivid-003: Radio HW Seek Mode: Bounded [ 255.437667][ T9324] vivid-003: Radio Programmable HW Seek: false [ 255.444773][ T9324] vivid-003: RDS Rx I/O Mode: Block I/O [ 255.451884][ T9324] vivid-003: Generate RBDS Instead of RDS: false [ 255.513175][ T9324] vivid-003: RDS Reception: true [ 255.520099][ T9324] vivid-003: RDS Program Type: 0 inactive [ 255.532698][ T9324] vivid-003: RDS PS Name: inactive [ 255.548032][ T9324] vivid-003: RDS Radio Text: inactive [ 255.558435][ T9324] vivid-003: RDS Traffic Announcement: false inactive [ 255.572946][ T9324] vivid-003: RDS Traffic Program: false inactive [ 255.588255][ T9324] vivid-003: RDS Music: false inactive [ 255.612129][ T9324] vivid-003: ================== END STATUS ================== [ 256.231430][ T9337] vivid-003: ================= START STATUS ================= [ 256.266383][ T9337] vivid-003: Radio HW Seek Mode: Bounded [ 256.281867][ T9337] vivid-003: Radio Programmable HW Seek: false [ 256.294748][ T9337] vivid-003: RDS Rx I/O Mode: Block I/O [ 256.317885][ T9337] vivid-003: Generate RBDS Instead of RDS: false [ 256.325540][ T9337] vivid-003: RDS Reception: true [ 256.339290][ T9337] vivid-003: RDS Program Type: 0 inactive [ 256.346584][ T9337] vivid-003: RDS PS Name: inactive [ 256.365866][ T9337] vivid-003: RDS Radio Text: inactive [ 256.382003][ T9337] vivid-003: RDS Traffic Announcement: false inactive [ 256.438750][ T9337] vivid-003: RDS Traffic Program: false inactive [ 256.501242][ T9337] vivid-003: RDS Music: false inactive [ 256.538291][ T9337] vivid-003: ================== END STATUS ================== [ 257.351683][ T9380] can: request_module (can-proto-0) failed. [ 257.360735][ T55] Bluetooth: hci2: unexpected event 0x02 length: 726 > 260 [ 257.848320][ T9363] vivid-003: ================= START STATUS ================= [ 257.889036][ T9363] vivid-003: Radio HW Seek Mode: Bounded [ 257.905117][ T9363] vivid-003: Radio Programmable HW Seek: false [ 257.922275][ T9363] vivid-003: RDS Rx I/O Mode: Block I/O [ 257.938252][ T9363] vivid-003: Generate RBDS Instead of RDS: false [ 257.973130][ T9363] vivid-003: RDS Reception: true [ 258.018173][ T9363] vivid-003: RDS Program Type: 0 inactive [ 258.024060][ T9363] vivid-003: RDS PS Name: inactive [ 258.070502][ T9363] vivid-003: RDS Radio Text: inactive [ 258.076122][ T9363] vivid-003: RDS Traffic Announcement: false inactive [ 258.108354][ T9363] vivid-003: RDS Traffic Program: false inactive [ 258.126681][ T9363] vivid-003: RDS Music: false inactive [ 258.132718][ T9358] kexec: Could not allocate control_code_buffer [ 258.146360][ T9363] vivid-003: ================== END STATUS ================== [ 258.606563][ T9404] netlink: 984 bytes leftover after parsing attributes in process `syz.3.857'. [ 258.842047][ T55] Bluetooth: hci3: unexpected event 0x02 length: 726 > 260 [ 260.587566][ T9408] vivid-003: ================= START STATUS ================= [ 260.628116][ T9408] vivid-003: Radio HW Seek Mode: Bounded [ 260.647805][ T9408] vivid-003: Radio Programmable HW Seek: false [ 260.668096][ T9408] vivid-003: RDS Rx I/O Mode: Block I/O [ 260.673848][ T9408] vivid-003: Generate RBDS Instead of RDS: false [ 260.697793][ T9408] vivid-003: RDS Reception: true [ 260.713564][ T9408] vivid-003: RDS Program Type: 0 inactive [ 260.728121][ T9408] vivid-003: RDS PS Name: inactive [ 260.757473][ T9408] vivid-003: RDS Radio Text: inactive [ 260.798090][ T9408] vivid-003: RDS Traffic Announcement: false inactive [ 260.805003][ T9408] vivid-003: RDS Traffic Program: false inactive [ 260.858095][ T9408] vivid-003: RDS Music: false inactive [ 260.863751][ T9408] vivid-003: ================== END STATUS ================== [ 261.185193][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 261.191819][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 263.902859][ T9455] kexec: Could not allocate control_code_buffer [ 265.046225][ T9487] vivid-003: ================= START STATUS ================= [ 265.069684][ T9487] vivid-003: Radio HW Seek Mode: Bounded [ 265.075454][ T9487] vivid-003: Radio Programmable HW Seek: false [ 265.118101][ T9487] vivid-003: RDS Rx I/O Mode: Block I/O [ 265.131476][ T9487] vivid-003: Generate RBDS Instead of RDS: false [ 265.150494][ T9487] vivid-003: RDS Reception: true [ 265.160625][ T9487] vivid-003: RDS Program Type: 0 inactive [ 265.190996][ T9487] vivid-003: RDS PS Name: inactive [ 265.198967][ T9487] vivid-003: RDS Radio Text: inactive [ 265.237461][ T9487] vivid-003: RDS Traffic Announcement: false inactive [ 265.298190][ T9487] vivid-003: RDS Traffic Program: false inactive [ 265.304693][ T9487] vivid-003: RDS Music: false inactive [ 265.444993][ T9487] vivid-003: ================== END STATUS ================== [ 266.401032][ T9504] vivid-003: ================= START STATUS ================= [ 266.409222][ T9504] vivid-003: Radio HW Seek Mode: Bounded [ 266.415026][ T9504] vivid-003: Radio Programmable HW Seek: false [ 266.421636][ T9504] vivid-003: RDS Rx I/O Mode: Block I/O [ 266.427322][ T9504] vivid-003: Generate RBDS Instead of RDS: false [ 266.454662][ T9504] vivid-003: RDS Reception: true [ 266.473496][ T9504] vivid-003: RDS Program Type: 0 inactive [ 266.586774][ T9504] vivid-003: RDS PS Name: inactive [ 266.598125][ T9504] vivid-003: RDS Radio Text: inactive [ 266.631882][ T9504] vivid-003: RDS Traffic Announcement: false inactive [ 266.722305][ T9504] vivid-003: RDS Traffic Program: false inactive [ 266.786455][ T9504] vivid-003: RDS Music: false inactive [ 266.855573][ T9504] vivid-003: ================== END STATUS ================== [ 267.664668][ T9522] vivid-003: ================= START STATUS ================= [ 267.739699][ T9522] vivid-003: Radio HW Seek Mode: Bounded [ 267.745453][ T9522] vivid-003: Radio Programmable HW Seek: false [ 267.764169][ T9522] vivid-003: RDS Rx I/O Mode: Block I/O [ 267.792549][ T9522] vivid-003: Generate RBDS Instead of RDS: false [ 267.888725][ T9522] vivid-003: RDS Reception: true [ 267.905661][ T9522] vivid-003: RDS Program Type: 0 inactive [ 267.934644][ T9522] vivid-003: RDS PS Name: inactive [ 267.961994][ T9522] vivid-003: RDS Radio Text: inactive [ 268.018126][ T9522] vivid-003: RDS Traffic Announcement: false inactive [ 268.053449][ T9522] vivid-003: RDS Traffic Program: false inactive [ 268.097583][ T9522] vivid-003: RDS Music: false inactive [ 268.148803][ T9522] vivid-003: ================== END STATUS ================== [ 268.725149][ T9535] vivid-003: ================= START STATUS ================= [ 268.737480][ T9535] vivid-003: Radio HW Seek Mode: Bounded [ 268.762771][ T9535] vivid-003: Radio Programmable HW Seek: false [ 268.787609][ T9535] vivid-003: RDS Rx I/O Mode: Block I/O [ 268.798127][ T9535] vivid-003: Generate RBDS Instead of RDS: false [ 268.825208][ T9535] vivid-003: RDS Reception: true [ 268.838152][ T9535] vivid-003: RDS Program Type: 0 inactive [ 268.847195][ T9535] vivid-003: RDS PS Name: inactive [ 268.857619][ T9535] vivid-003: RDS Radio Text: inactive [ 268.879688][ T9535] vivid-003: RDS Traffic Announcement: false inactive [ 268.886588][ T9535] vivid-003: RDS Traffic Program: false inactive [ 268.919751][ T9535] vivid-003: RDS Music: false inactive [ 268.931675][ T9535] vivid-003: ================== END STATUS ================== [ 269.697083][ T9572] i2c i2c-0: Frontend requested software zigzag, but didn't set the frequency step size [ 270.602980][ T9589] netlink: 342 bytes leftover after parsing attributes in process `syz.1.892'. [ 270.680959][ T9589] netlink: 342 bytes leftover after parsing attributes in process `syz.1.892'. [ 270.773179][ T9592] netlink: 294 bytes leftover after parsing attributes in process `syz.1.892'. [ 271.098025][ T9582] vivid-003: ================= START STATUS ================= [ 271.157337][ T9582] vivid-003: Radio HW Seek Mode: Bounded [ 271.208082][ T9582] vivid-003: Radio Programmable HW Seek: false [ 271.244918][ T9582] vivid-003: RDS Rx I/O Mode: Block I/O [ 271.290978][ T9582] vivid-003: Generate RBDS Instead of RDS: false [ 271.307693][ T9582] vivid-003: RDS Reception: true [ 271.313424][ T9582] vivid-003: RDS Program Type: 0 inactive [ 271.328045][ T9582] vivid-003: RDS PS Name: inactive [ 271.349174][ T9582] vivid-003: RDS Radio Text: inactive [ 271.381260][ T9582] vivid-003: RDS Traffic Announcement: false inactive [ 271.446998][ T9582] vivid-003: RDS Traffic Program: false inactive [ 271.451907][ T9564] kexec: Could not allocate control_code_buffer [ 271.488211][ T9582] vivid-003: RDS Music: false inactive [ 271.493805][ T9582] vivid-003: ================== END STATUS ================== [ 273.407297][ T9608] vivid-003: ================= START STATUS ================= [ 273.479016][ T9608] vivid-003: Radio HW Seek Mode: Bounded [ 273.484777][ T9608] vivid-003: Radio Programmable HW Seek: false [ 273.491204][ T9608] vivid-003: RDS Rx I/O Mode: Block I/O [ 273.496854][ T9608] vivid-003: Generate RBDS Instead of RDS: false [ 273.503362][ T9608] vivid-003: RDS Reception: true [ 273.509731][ T9608] vivid-003: RDS Program Type: 0 inactive [ 273.512782][ T9612] zswap: compressor not available [ 273.515522][ T9608] vivid-003: RDS PS Name: inactive [ 273.526217][ T9608] vivid-003: RDS Radio Text: inactive [ 273.532031][ T9608] vivid-003: RDS Traffic Announcement: false inactive [ 273.539052][ T9608] vivid-003: RDS Traffic Program: false inactive [ 273.548031][ T9608] vivid-003: RDS Music: false inactive [ 273.553606][ T9608] vivid-003: ================== END STATUS ================== [ 274.745460][ T9639] netlink: 2168 bytes leftover after parsing attributes in process `syz.0.900'. [ 274.777254][ T9642] FAULT_INJECTION: forcing a failure. [ 274.777254][ T9642] name failslab, interval 1, probability 0, space 0, times 0 [ 274.790399][ T9642] CPU: 1 UID: 0 PID: 9642 Comm: syz.2.901 Not tainted 6.14.0-syzkaller-07318-g4fa118e5b79f #0 PREEMPT(full) [ 274.790439][ T9642] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 274.790456][ T9642] Call Trace: [ 274.790464][ T9642] [ 274.790475][ T9642] dump_stack_lvl+0x16c/0x1f0 [ 274.790519][ T9642] should_fail_ex+0x512/0x640 [ 274.790562][ T9642] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 274.790612][ T9642] should_failslab+0xc2/0x120 [ 274.790642][ T9642] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 274.790697][ T9642] ? acpi_ut_create_thread_state+0x63/0x170 [ 274.790734][ T9642] acpi_ut_create_thread_state+0x63/0x170 [ 274.790769][ T9642] acpi_ps_parse_aml+0x79/0xcb0 [ 274.790810][ T9642] acpi_ps_execute_method+0x55a/0xb30 [ 274.790852][ T9642] ? acpi_ut_acquire_mutex+0x125/0x1d0 [ 274.790881][ T9642] acpi_ns_evaluate+0x76c/0xca0 [ 274.790923][ T9642] ? kasan_save_track+0x14/0x30 [ 274.790964][ T9642] acpi_evaluate_object+0x1fa/0xa90 [ 274.790998][ T9642] ? do_syscall_64+0xcd/0x260 [ 274.791033][ T9642] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 274.791062][ T9642] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 274.791098][ T9642] ? __mutex_trylock_common+0xe9/0x250 [ 274.791147][ T9642] acpi_evaluate_integer+0xdd/0x200 [ 274.791175][ T9642] ? __pfx___might_resched+0x10/0x10 [ 274.791212][ T9642] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 274.791251][ T9642] ? kernfs_seq_start+0x4d/0x240 [ 274.791295][ T9642] ? __pfx_status_show+0x10/0x10 [ 274.791330][ T9642] status_show+0xa0/0x120 [ 274.791365][ T9642] ? __pfx_status_show+0x10/0x10 [ 274.791408][ T9642] dev_attr_show+0x53/0xe0 [ 274.791447][ T9642] ? __pfx_dev_attr_show+0x10/0x10 [ 274.791484][ T9642] sysfs_kf_seq_show+0x23e/0x410 [ 274.791530][ T9642] seq_read_iter+0x506/0x12b0 [ 274.791583][ T9642] kernfs_fop_read_iter+0x422/0x5a0 [ 274.791619][ T9642] ? rw_verify_area+0xcf/0x680 [ 274.791659][ T9642] vfs_read+0x8c8/0xc70 [ 274.791712][ T9642] ? __pfx___mutex_lock+0x10/0x10 [ 274.791749][ T9642] ? __pfx_vfs_read+0x10/0x10 [ 274.791807][ T9642] ksys_read+0x12a/0x240 [ 274.791847][ T9642] ? __pfx_ksys_read+0x10/0x10 [ 274.791886][ T9642] ? rcu_is_watching+0x12/0xc0 [ 274.791926][ T9642] do_syscall_64+0xcd/0x260 [ 274.791962][ T9642] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 274.791990][ T9642] RIP: 0033:0x7f95d1f8d169 [ 274.792013][ T9642] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 274.792040][ T9642] RSP: 002b:00007f95d2dde038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 274.792067][ T9642] RAX: ffffffffffffffda RBX: 00007f95d21a5fa0 RCX: 00007f95d1f8d169 [ 274.792085][ T9642] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000006 [ 274.792102][ T9642] RBP: 00007f95d200e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 274.792119][ T9642] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 274.792135][ T9642] R13: 0000000000000000 R14: 00007f95d21a5fa0 R15: 00007ffebe630018 [ 274.792166][ T9642] [ 274.792262][ T9642] ACPI Error: ffff88805d66a000 walk still has a scope list (20240827/dswstate-694) [ 275.582647][ T9644] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 275.606664][ T9644] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 275.653624][ T9644] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 275.698038][ T9644] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 276.536800][ T9659] Invalid ELF header magic: != ELF [ 276.801384][ T9659] can: request_module (can-proto-0) failed. [ 277.159158][ T55] Bluetooth: hci2: command 0x0406 tx timeout [ 277.648096][ T55] Bluetooth: hci1: command 0x0406 tx timeout [ 277.718166][ T55] Bluetooth: hci3: command 0x0406 tx timeout [ 277.724271][ T55] Bluetooth: hci0: command 0x0406 tx timeout [ 278.606499][ T9685] FAULT_INJECTION: forcing a failure. [ 278.606499][ T9685] name failslab, interval 1, probability 0, space 0, times 0 [ 278.623886][ T9681] could not allocate digest TFM handle [ 278.626039][ T9685] CPU: 1 UID: 0 PID: 9685 Comm: syz.0.913 Not tainted 6.14.0-syzkaller-07318-g4fa118e5b79f #0 PREEMPT(full) [ 278.626076][ T9685] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 278.626091][ T9685] Call Trace: [ 278.626099][ T9685] [ 278.626109][ T9685] dump_stack_lvl+0x16c/0x1f0 [ 278.626145][ T9685] should_fail_ex+0x512/0x640 [ 278.626183][ T9685] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 278.626226][ T9685] should_failslab+0xc2/0x120 [ 278.626252][ T9685] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 278.626291][ T9685] ? acpi_ut_create_thread_state+0x63/0x170 [ 278.626325][ T9685] acpi_ut_create_thread_state+0x63/0x170 [ 278.626353][ T9685] acpi_ps_parse_aml+0x79/0xcb0 [ 278.626389][ T9685] acpi_ps_execute_method+0x55a/0xb30 [ 278.626425][ T9685] ? acpi_ut_acquire_mutex+0x125/0x1d0 [ 278.626450][ T9685] acpi_ns_evaluate+0x76c/0xca0 [ 278.626487][ T9685] ? kasan_save_track+0x14/0x30 [ 278.626525][ T9685] acpi_evaluate_object+0x1fa/0xa90 [ 278.626556][ T9685] ? do_syscall_64+0xcd/0x260 [ 278.626594][ T9685] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 278.626620][ T9685] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 278.626650][ T9685] ? __mutex_trylock_common+0xe9/0x250 [ 278.626691][ T9685] acpi_evaluate_integer+0xdd/0x200 [ 278.626722][ T9685] ? __pfx___might_resched+0x10/0x10 [ 278.626756][ T9685] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 278.626789][ T9685] ? kernfs_seq_start+0x4d/0x240 [ 278.626822][ T9685] ? __pfx_status_show+0x10/0x10 [ 278.626852][ T9685] status_show+0xa0/0x120 [ 278.626881][ T9685] ? __pfx_status_show+0x10/0x10 [ 278.626919][ T9685] dev_attr_show+0x53/0xe0 [ 278.626952][ T9685] ? __pfx_dev_attr_show+0x10/0x10 [ 278.626984][ T9685] sysfs_kf_seq_show+0x23e/0x410 [ 278.627030][ T9685] seq_read_iter+0x506/0x12b0 [ 278.627077][ T9685] kernfs_fop_read_iter+0x422/0x5a0 [ 278.627107][ T9685] ? rw_verify_area+0xcf/0x680 [ 278.627143][ T9685] vfs_read+0x8c8/0xc70 [ 278.627180][ T9685] ? __pfx___mutex_lock+0x10/0x10 [ 278.627211][ T9685] ? __pfx_vfs_read+0x10/0x10 [ 278.627267][ T9685] ksys_read+0x12a/0x240 [ 278.627302][ T9685] ? __pfx_ksys_read+0x10/0x10 [ 278.627335][ T9685] ? rcu_is_watching+0x12/0xc0 [ 278.627371][ T9685] do_syscall_64+0xcd/0x260 [ 278.627403][ T9685] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 278.627428][ T9685] RIP: 0033:0x7f4371b8d169 [ 278.627448][ T9685] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 278.627473][ T9685] RSP: 002b:00007f436f9f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 278.627498][ T9685] RAX: ffffffffffffffda RBX: 00007f4371da5fa0 RCX: 00007f4371b8d169 [ 278.627515][ T9685] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000006 [ 278.627530][ T9685] RBP: 00007f4371c0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 278.627545][ T9685] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 278.627560][ T9685] R13: 0000000000000000 R14: 00007f4371da5fa0 R15: 00007fff9aeaa578 [ 278.627596][ T9685] [ 278.627721][ T9685] ACPI Error: ffff888022699000 walk still has a scope list (20240827/dswstate-694) [ 279.830971][ T9721] [U]  [ 279.833841][ T9721] [U] [ 279.836575][ T9721] [U] [ 279.839288][ T9721] [U] [ 279.915522][ T9721] [U] [ 279.918328][ T9721] [U] [ 279.921049][ T9721] [U] [ 279.923760][ T9721] [U] [ 279.981308][ T9721] [U] [ 279.984184][ T9721] [U] [ 279.986897][ T9721] [U] [ 279.989608][ T9721] [U] [ 280.043688][ T9725] [U] [ 282.299777][ T9736] vivid-003: ================= START STATUS ================= [ 282.368112][ T9736] vivid-003: Radio HW Seek Mode: Bounded [ 282.408040][ T9736] vivid-003: Radio Programmable HW Seek: false [ 282.414328][ T9736] vivid-003: RDS Rx I/O Mode: Block I/O [ 282.490112][ T9736] vivid-003: Generate RBDS Instead of RDS: false [ 282.496564][ T9736] vivid-003: RDS Reception: true [ 282.508172][ T9736] vivid-003: RDS Program Type: 0 inactive [ 282.514030][ T9736] vivid-003: RDS PS Name: inactive [ 282.522205][ T9736] vivid-003: RDS Radio Text: inactive [ 282.527781][ T9736] vivid-003: RDS Traffic Announcement: false inactive [ 282.534761][ T9736] vivid-003: RDS Traffic Program: false inactive [ 282.543635][ T9736] vivid-003: RDS Music: false inactive [ 282.549305][ T9736] vivid-003: ================== END STATUS ================== [ 282.796455][ T9747] smc: net device syz_tun applied user defined pnetid ETHTOOL [ 285.405355][ T9787] netlink: 342 bytes leftover after parsing attributes in process `syz.0.935'. [ 286.341860][ T9808] FAULT_INJECTION: forcing a failure. [ 286.341860][ T9808] name failslab, interval 1, probability 0, space 0, times 0 [ 286.378066][ T9808] CPU: 1 UID: 0 PID: 9808 Comm: syz.0.941 Not tainted 6.14.0-syzkaller-07318-g4fa118e5b79f #0 PREEMPT(full) [ 286.378125][ T9808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 286.378143][ T9808] Call Trace: [ 286.378151][ T9808] [ 286.378163][ T9808] dump_stack_lvl+0x16c/0x1f0 [ 286.378207][ T9808] should_fail_ex+0x512/0x640 [ 286.378251][ T9808] ? __kmalloc_noprof+0xbf/0x510 [ 286.378280][ T9808] ? __blkdev_direct_IO_simple+0x65b/0x810 [ 286.378315][ T9808] should_failslab+0xc2/0x120 [ 286.378346][ T9808] __kmalloc_noprof+0xd2/0x510 [ 286.378371][ T9808] ? rcu_is_watching+0x12/0xc0 [ 286.378415][ T9808] __blkdev_direct_IO_simple+0x65b/0x810 [ 286.378455][ T9808] ? __pfx___blkdev_direct_IO_simple+0x10/0x10 [ 286.378518][ T9808] ? ktime_get_coarse_real_ts64_mg+0x26c/0x320 [ 286.378565][ T9808] ? rcu_is_watching+0x12/0xc0 [ 286.378597][ T9808] ? iov_iter_is_aligned+0xf2/0x5a0 [ 286.378640][ T9808] ? iov_iter_npages+0xf0/0x5a0 [ 286.378686][ T9808] blkdev_direct_IO+0xa97/0x1cc0 [ 286.378729][ T9808] ? __pfx_blkdev_direct_IO+0x10/0x10 [ 286.378762][ T9808] ? rcu_is_watching+0x12/0xc0 [ 286.378795][ T9808] ? filemap_check_errors+0xa9/0x160 [ 286.378834][ T9808] blkdev_write_iter+0x702/0xdf0 [ 286.378871][ T9808] vfs_write+0x5ba/0x1180 [ 286.378911][ T9808] ? __pfx_blkdev_write_iter+0x10/0x10 [ 286.378945][ T9808] ? __pfx_vfs_write+0x10/0x10 [ 286.378986][ T9808] ? find_held_lock+0x2b/0x80 [ 286.379035][ T9808] ksys_write+0x12a/0x240 [ 286.379077][ T9808] ? __pfx_ksys_write+0x10/0x10 [ 286.379118][ T9808] ? rcu_is_watching+0x12/0xc0 [ 286.379157][ T9808] do_syscall_64+0xcd/0x260 [ 286.379196][ T9808] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 286.379226][ T9808] RIP: 0033:0x7f4371b8d169 [ 286.379249][ T9808] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 286.379278][ T9808] RSP: 002b:00007f436f9f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 286.379308][ T9808] RAX: ffffffffffffffda RBX: 00007f4371da5fa0 RCX: 00007f4371b8d169 [ 286.379327][ T9808] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 286.379345][ T9808] RBP: 00007f4371c0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 286.379363][ T9808] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 286.379381][ T9808] R13: 0000000000000000 R14: 00007f4371da5fa0 R15: 00007fff9aeaa578 [ 286.379413][ T9808] [ 286.861972][ T9818] netlink: 12 bytes leftover after parsing attributes in process `syz.0.943'. [ 287.141858][ T9825] netlink: 'syz.2.947': attribute type 11 has an invalid length. [ 287.200485][ T9825] FAULT_INJECTION: forcing a failure. [ 287.200485][ T9825] name failslab, interval 1, probability 0, space 0, times 0 [ 287.227430][ T9825] CPU: 1 UID: 0 PID: 9825 Comm: syz.2.947 Not tainted 6.14.0-syzkaller-07318-g4fa118e5b79f #0 PREEMPT(full) [ 287.227479][ T9825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 287.227495][ T9825] Call Trace: [ 287.227504][ T9825] [ 287.227515][ T9825] dump_stack_lvl+0x16c/0x1f0 [ 287.227559][ T9825] should_fail_ex+0x512/0x640 [ 287.227605][ T9825] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 287.227651][ T9825] should_failslab+0xc2/0x120 [ 287.227683][ T9825] __kmalloc_cache_noprof+0x6a/0x3e0 [ 287.227725][ T9825] ? dccp_feat_clone_sp_val+0x96/0x130 [ 287.227771][ T9825] ? dccp_feat_entry_new+0x1a2/0x380 [ 287.227810][ T9825] dccp_feat_entry_new+0x1a2/0x380 [ 287.227851][ T9825] __feat_register_sp+0x372/0x5a0 [ 287.227893][ T9825] ? __pfx___feat_register_sp+0x10/0x10 [ 287.227933][ T9825] ? lockdep_hardirqs_on+0x7c/0x110 [ 287.227964][ T9825] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 287.227994][ T9825] ? __debug_object_init+0x2de/0x3d0 [ 287.228031][ T9825] dccp_feat_init+0x2ad/0x800 [ 287.228070][ T9825] ? __pfx_dccp_feat_init+0x10/0x10 [ 287.228107][ T9825] ? __pfx_dccp_keepalive_timer+0x10/0x10 [ 287.228135][ T9825] ? lockdep_init_map_type+0x5c/0x280 [ 287.228179][ T9825] ? do_init_timer+0xc9/0x110 [ 287.228212][ T9825] ? __pfx_dccp_keepalive_timer+0x10/0x10 [ 287.228240][ T9825] ? __pfx_dccp_delack_timer+0x10/0x10 [ 287.228271][ T9825] dccp_init_sock+0x327/0x420 [ 287.228313][ T9825] ? __pfx_dccp_v4_init_sock+0x10/0x10 [ 287.228354][ T9825] dccp_v4_init_sock+0x1f/0xa0 [ 287.228390][ T9825] ? __pfx_dccp_v4_init_sock+0x10/0x10 [ 287.228430][ T9825] inet_create+0x936/0x1090 [ 287.228466][ T9825] ? inet_create+0x93/0x1090 [ 287.228505][ T9825] __sock_create+0x335/0x8d0 [ 287.228547][ T9825] inet_ctl_sock_create+0x94/0x230 [ 287.228583][ T9825] ? __pfx_inet_ctl_sock_create+0x10/0x10 [ 287.228625][ T9825] ? __pfx_dccp_v4_init_net+0x10/0x10 [ 287.228665][ T9825] dccp_v4_init_net+0x63/0x90 [ 287.228704][ T9825] ops_init+0x1df/0x5f0 [ 287.228745][ T9825] setup_net+0x21e/0x850 [ 287.228777][ T9825] ? __pfx_setup_net+0x10/0x10 [ 287.228807][ T9825] ? lockdep_init_map_type+0x5c/0x280 [ 287.228851][ T9825] ? __pfx_down_read_killable+0x10/0x10 [ 287.228895][ T9825] ? debug_mutex_init+0x37/0x70 [ 287.228929][ T9825] copy_net_ns+0x2a6/0x5f0 [ 287.228965][ T9825] create_new_namespaces+0x3ea/0xad0 [ 287.229011][ T9825] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 287.229054][ T9825] ksys_unshare+0x45b/0xa40 [ 287.229106][ T9825] ? __pfx_ksys_unshare+0x10/0x10 [ 287.229148][ T9825] ? xfd_validate_state+0x5d/0x180 [ 287.229181][ T9825] ? rcu_is_watching+0x12/0xc0 [ 287.229221][ T9825] __x64_sys_unshare+0x31/0x40 [ 287.229268][ T9825] do_syscall_64+0xcd/0x260 [ 287.229307][ T9825] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.229337][ T9825] RIP: 0033:0x7f95d1f8d169 [ 287.229362][ T9825] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 287.229393][ T9825] RSP: 002b:00007f95d2dde038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 287.229422][ T9825] RAX: ffffffffffffffda RBX: 00007f95d21a5fa0 RCX: 00007f95d1f8d169 [ 287.229440][ T9825] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 287.229457][ T9825] RBP: 00007f95d200e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 287.229475][ T9825] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 287.229490][ T9825] R13: 0000000000000000 R14: 00007f95d21a5fa0 R15: 00007ffebe630018 [ 287.229519][ T9825] [ 287.649214][ T55] Bluetooth: hci2: command 0x0406 tx timeout [ 287.728134][ T9795] Bluetooth: hci2: Opcode 0x0c1a failed: -110 [ 287.916749][ T9826] vivid-003: ================= START STATUS ================= [ 287.924600][ T9826] vivid-003: Radio HW Seek Mode: Bounded [ 287.930510][ T9826] vivid-003: Radio Programmable HW Seek: false [ 287.936780][ T9826] vivid-003: RDS Rx I/O Mode: Block I/O [ 287.942525][ T9826] vivid-003: Generate RBDS Instead of RDS: false [ 287.950273][ T9826] vivid-003: RDS Reception: true [ 287.955470][ T9826] vivid-003: RDS Program Type: 0 inactive [ 287.961475][ T9826] vivid-003: RDS PS Name: inactive [ 287.968129][ T9826] vivid-003: RDS Radio Text: inactive [ 287.974297][ T9826] vivid-003: RDS Traffic Announcement: false inactive [ 287.981419][ T9826] vivid-003: RDS Traffic Program: false inactive [ 287.988847][ T9826] vivid-003: RDS Music: false inactive [ 287.988896][ T9826] vivid-003: ================== END STATUS ================== [ 288.113153][ T9842] netlink: 342 bytes leftover after parsing attributes in process `syz.0.950'. [ 288.535138][ T9795] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 288.543296][ T9795] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 288.552725][ T9795] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 289.799589][ T55] Bluetooth: hci1: command 0x0406 tx timeout [ 290.148438][ T9868] vivid-003: ================= START STATUS ================= [ 290.166676][ T9868] vivid-003: Radio HW Seek Mode: Bounded [ 290.175964][ T9868] vivid-003: Radio Programmable HW Seek: false [ 290.208193][ T9868] vivid-003: RDS Rx I/O Mode: Block I/O [ 290.220889][ T9868] vivid-003: Generate RBDS Instead of RDS: false [ 290.258058][ T9868] vivid-003: RDS Reception: true [ 290.268173][ T9868] vivid-003: RDS Program Type: 0 inactive [ 290.284312][ T9868] vivid-003: RDS PS Name: inactive [ 290.304609][ T9868] vivid-003: RDS Radio Text: inactive [ 290.324879][ T9868] vivid-003: RDS Traffic Announcement: false inactive [ 290.365600][ T9868] vivid-003: RDS Traffic Program: false inactive [ 290.378444][ T9868] vivid-003: RDS Music: false inactive [ 290.384118][ T9868] vivid-003: ================== END STATUS ================== [ 290.598412][ T55] Bluetooth: hci3: command 0x0406 tx timeout [ 290.605045][ T5845] Bluetooth: hci0: command 0x0406 tx timeout [ 290.790060][ T9870] vivid-003: ================= START STATUS ================= [ 290.797919][ T9870] vivid-003: Radio HW Seek Mode: Bounded [ 290.811429][ T9870] vivid-003: Radio Programmable HW Seek: false [ 290.817716][ T9870] vivid-003: RDS Rx I/O Mode: Block I/O [ 290.834012][ T9894] netlink: 12 bytes leftover after parsing attributes in process `syz.3.963'. [ 290.888064][ T9870] vivid-003: Generate RBDS Instead of RDS: false [ 290.894500][ T9870] vivid-003: RDS Reception: true [ 290.953429][ T9870] vivid-003: RDS Program Type: 0 inactive [ 290.995189][ T9870] vivid-003: RDS PS Name: inactive [ 291.101757][ T9870] vivid-003: RDS Radio Text: inactive [ 291.131653][ T9870] vivid-003: RDS Traffic Announcement: false inactive [ 291.169971][ T9870] vivid-003: RDS Traffic Program: false inactive [ 291.190266][ T9870] vivid-003: RDS Music: false inactive [ 291.195948][ T9870] vivid-003: ================== END STATUS ================== [ 291.493682][ T9906] netlink: 342 bytes leftover after parsing attributes in process `syz.0.966'. [ 291.950160][ T9915] netlink: 354 bytes leftover after parsing attributes in process `syz.1.968'. [ 292.205090][ T9921] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 292.215276][ T9921] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 292.224355][ T9921] memcg:ffff8880342e2f01 [ 292.229023][ T9921] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 292.237662][ T9921] page_type: f5(slab) [ 292.250979][ T9921] raw: 00fff00000000040 ffff88801c68da00 0000000000000000 dead000000000001 [ 292.315111][ T9921] raw: 0000000000000000 00000000800c000c 00000000f5000000 ffff8880342e2f01 [ 292.444304][ T9921] head: 00fff00000000040 ffff88801c68da00 0000000000000000 dead000000000001 [ 292.568104][ T9921] head: 0000000000000000 00000000800c000c 00000000f5000000 ffff8880342e2f01 [ 292.727719][ T9921] head: 00fff00000000002 ffffea0001e00001 ffffffffffffffff 0000000000000000 [ 292.827178][ T9921] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 292.836197][ T9921] page dumped because: unmovable page [ 292.842053][ T9921] page_owner tracks the page as allocated [ 292.848307][ T9921] page last allocated via order 2, migratetype Reclaimable, gfp_mask 0xd20d0(__GFP_RECLAIMABLE|__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 7312, tgid 7310 (syz.0.332), ts 160526761520, free_ts 159552728567 [ 292.873170][ T9921] post_alloc_hook+0x181/0x1b0 [ 292.878217][ T9921] get_page_from_freelist+0x10c4/0x34c0 [ 292.883863][ T9921] __alloc_frozen_pages_noprof+0x223/0x24d0 [ 292.889874][ T9921] alloc_pages_mpol+0x1fb/0x540 [ 292.894774][ T9921] new_slab+0x23c/0x330 [ 292.899035][ T9921] ___slab_alloc+0xd9c/0x1940 [ 292.903867][ T9921] __slab_alloc.constprop.0+0x56/0xb0 [ 292.909462][ T9921] kmem_cache_alloc_lru_noprof+0xf4/0x3b0 [ 292.915352][ T9921] alloc_inode+0xc3/0x240 [ 292.919864][ T9921] new_inode+0x22/0x1c0 [ 292.924089][ T9921] simple_fill_super+0x306/0x720 [ 292.930103][ T9921] nfsd_fill_super+0x90/0x530 [ 292.934851][ T9921] get_tree_keyed+0x10b/0x1d0 [ 292.939778][ T9921] vfs_get_tree+0x8b/0x340 [ 292.944264][ T9921] path_mount+0x14d4/0x1f30 [ 292.949006][ T9921] __x64_sys_mount+0x28d/0x310 [ 292.953828][ T9921] page last free pid 5831 tgid 5831 stack trace: [ 292.961318][ T9921] free_frozen_pages+0x6d8/0xf40 [ 292.966350][ T9921] qlist_free_all+0x4e/0x120 [ 292.971096][ T9921] kasan_quarantine_reduce+0x195/0x1e0 [ 292.976644][ T9921] __kasan_slab_alloc+0x69/0x90 [ 292.981657][ T9921] kmem_cache_alloc_noprof+0x1cb/0x3b0 [ 292.987196][ T9921] vm_area_dup+0x21/0x2f0 [ 292.993908][ T9921] copy_process+0x8114/0x9130 [ 292.999982][ T9921] kernel_clone+0xfc/0x960 [ 293.005104][ T9921] __do_sys_clone+0xce/0x120 [ 293.012845][ T9921] do_syscall_64+0xcd/0x260 [ 293.017609][ T9921] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 293.126522][ T9931] sd 0:0:1:0: PR command failed: 1026 [ 293.138141][ T9931] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 293.155355][ T9931] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 293.447087][ T9937] Invalid ELF header magic: != ELF [ 293.503701][ T9937] netlink: 8 bytes leftover after parsing attributes in process `syz.1.974'. [ 293.683872][ T9943] FAULT_INJECTION: forcing a failure. [ 293.683872][ T9943] name failslab, interval 1, probability 0, space 0, times 0 [ 293.750014][ T9943] CPU: 1 UID: 0 PID: 9943 Comm: syz.3.975 Not tainted 6.14.0-syzkaller-07318-g4fa118e5b79f #0 PREEMPT(full) [ 293.750060][ T9943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 293.750078][ T9943] Call Trace: [ 293.750086][ T9943] [ 293.750098][ T9943] dump_stack_lvl+0x16c/0x1f0 [ 293.750142][ T9943] should_fail_ex+0x512/0x640 [ 293.750185][ T9943] ? __kmalloc_noprof+0xbf/0x510 [ 293.750212][ T9943] ? __blkdev_direct_IO_simple+0x65b/0x810 [ 293.750245][ T9943] should_failslab+0xc2/0x120 [ 293.750274][ T9943] __kmalloc_noprof+0xd2/0x510 [ 293.750298][ T9943] ? rcu_is_watching+0x12/0xc0 [ 293.750334][ T9943] __blkdev_direct_IO_simple+0x65b/0x810 [ 293.750366][ T9943] ? __lock_acquire+0xaa4/0x1ba0 [ 293.750406][ T9943] ? __pfx___blkdev_direct_IO_simple+0x10/0x10 [ 293.750469][ T9943] ? ktime_get_coarse_real_ts64_mg+0x26c/0x320 [ 293.750514][ T9943] ? rcu_is_watching+0x12/0xc0 [ 293.750548][ T9943] ? iov_iter_is_aligned+0xf2/0x5a0 [ 293.750592][ T9943] ? iov_iter_npages+0xf0/0x5a0 [ 293.750637][ T9943] blkdev_direct_IO+0xa97/0x1cc0 [ 293.750679][ T9943] ? __pfx_blkdev_direct_IO+0x10/0x10 [ 293.750710][ T9943] ? rcu_is_watching+0x12/0xc0 [ 293.750743][ T9943] ? filemap_check_errors+0xa9/0x160 [ 293.750781][ T9943] blkdev_write_iter+0x702/0xdf0 [ 293.750817][ T9943] vfs_write+0x5ba/0x1180 [ 293.750859][ T9943] ? __pfx_blkdev_write_iter+0x10/0x10 [ 293.750894][ T9943] ? __pfx_vfs_write+0x10/0x10 [ 293.750934][ T9943] ? find_held_lock+0x2b/0x80 [ 293.750982][ T9943] ksys_write+0x12a/0x240 [ 293.751022][ T9943] ? __pfx_ksys_write+0x10/0x10 [ 293.751061][ T9943] ? rcu_is_watching+0x12/0xc0 [ 293.751099][ T9943] do_syscall_64+0xcd/0x260 [ 293.751135][ T9943] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 293.751163][ T9943] RIP: 0033:0x7f535e18d169 [ 293.751186][ T9943] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 293.751217][ T9943] RSP: 002b:00007f535ef5d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 293.751247][ T9943] RAX: ffffffffffffffda RBX: 00007f535e3a5fa0 RCX: 00007f535e18d169 [ 293.751267][ T9943] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 293.751283][ T9943] RBP: 00007f535e20e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 293.751300][ T9943] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 293.751317][ T9943] R13: 0000000000000000 R14: 00007f535e3a5fa0 R15: 00007ffc29cab958 [ 293.751347][ T9943] [ 293.796078][ T9947] hub 8-0:1.0: USB hub found [ 294.056293][ T9947] hub 8-0:1.0: 1 port detected [ 294.310131][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 294.319509][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 294.452601][ T9958] Invalid ELF header magic: != ELF [ 294.726094][ T9958] netlink: 4 bytes leftover after parsing attributes in process `syz.1.979'. [ 295.044146][ T9971] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 295.098231][ T9971] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 295.360005][ T9976] FAULT_INJECTION: forcing a failure. [ 295.360005][ T9976] name failslab, interval 1, probability 0, space 0, times 0 [ 295.424038][ T9976] CPU: 1 UID: 0 PID: 9976 Comm: syz.0.985 Not tainted 6.14.0-syzkaller-07318-g4fa118e5b79f #0 PREEMPT(full) [ 295.424065][ T9976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 295.424075][ T9976] Call Trace: [ 295.424080][ T9976] [ 295.424086][ T9976] dump_stack_lvl+0x16c/0x1f0 [ 295.424112][ T9976] should_fail_ex+0x512/0x640 [ 295.424140][ T9976] ? fs_reclaim_acquire+0xae/0x150 [ 295.424164][ T9976] should_failslab+0xc2/0x120 [ 295.424184][ T9976] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 295.424210][ T9976] ? __alloc_skb+0x2b2/0x380 [ 295.424228][ T9976] __alloc_skb+0x2b2/0x380 [ 295.424242][ T9976] ? __pfx___alloc_skb+0x10/0x10 [ 295.424259][ T9976] ? netlink_has_listeners+0x20f/0x430 [ 295.424279][ T9976] alloc_uevent_skb+0x7d/0x210 [ 295.424305][ T9976] kobject_uevent_env+0xca4/0x1870 [ 295.424337][ T9976] device_release_driver_internal+0x51c/0x620 [ 295.424363][ T9976] bus_remove_device+0x22f/0x420 [ 295.424382][ T9976] device_del+0x396/0x9f0 [ 295.424402][ T9976] ? __pfx_device_del+0x10/0x10 [ 295.424428][ T9976] ? kobject_put+0x210/0x5a0 [ 295.424453][ T9976] usb_disable_device+0x34d/0x7c0 [ 295.424481][ T9976] usb_set_configuration+0x12cd/0x1e20 [ 295.424505][ T9976] ? __pfx_sscanf+0x10/0x10 [ 295.424522][ T9976] ? trace_contention_end+0xdd/0x130 [ 295.424553][ T9976] bConfigurationValue_store+0x100/0x180 [ 295.424577][ T9976] ? __pfx_bConfigurationValue_store+0x10/0x10 [ 295.424602][ T9976] ? __pfx__copy_from_iter+0x10/0x10 [ 295.424627][ T9976] ? __pfx_bConfigurationValue_store+0x10/0x10 [ 295.424662][ T9976] dev_attr_store+0x55/0x80 [ 295.424695][ T9976] ? __pfx_dev_attr_store+0x10/0x10 [ 295.424727][ T9976] sysfs_kf_write+0x117/0x170 [ 295.424764][ T9976] kernfs_fop_write_iter+0x349/0x510 [ 295.424796][ T9976] ? __pfx_sysfs_kf_write+0x10/0x10 [ 295.424838][ T9976] iter_file_splice_write+0x91c/0x1150 [ 295.424889][ T9976] ? __pfx_iter_file_splice_write+0x10/0x10 [ 295.424918][ T9976] ? __pfx_copy_splice_read+0x10/0x10 [ 295.424950][ T9976] ? __pfx_iter_file_splice_write+0x10/0x10 [ 295.424975][ T9976] direct_splice_actor+0x18f/0x6c0 [ 295.425001][ T9976] splice_direct_to_actor+0x342/0xa30 [ 295.425029][ T9976] ? __pfx_direct_splice_actor+0x10/0x10 [ 295.425057][ T9976] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 295.425080][ T9976] ? get_pid_task+0xfc/0x250 [ 295.425099][ T9976] do_splice_direct+0x174/0x240 [ 295.425123][ T9976] ? __pfx_do_splice_direct+0x10/0x10 [ 295.425147][ T9976] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 295.425172][ T9976] ? rw_verify_area+0xcf/0x680 [ 295.425196][ T9976] do_sendfile+0xafd/0xe50 [ 295.425220][ T9976] ? __pfx_do_sendfile+0x10/0x10 [ 295.425243][ T9976] ? __fget_files+0x20e/0x3c0 [ 295.425264][ T9976] __x64_sys_sendfile64+0x1d8/0x220 [ 295.425281][ T9976] ? ksys_write+0x1b9/0x240 [ 295.425304][ T9976] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 295.425321][ T9976] ? rcu_is_watching+0x12/0xc0 [ 295.425344][ T9976] do_syscall_64+0xcd/0x260 [ 295.425366][ T9976] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 295.425382][ T9976] RIP: 0033:0x7f4371b8d169 [ 295.425395][ T9976] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 295.425420][ T9976] RSP: 002b:00007f436f9f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 295.425438][ T9976] RAX: ffffffffffffffda RBX: 00007f4371da5fa0 RCX: 00007f4371b8d169 [ 295.425449][ T9976] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 295.425459][ T9976] RBP: 00007f436f9f6090 R08: 0000000000000000 R09: 0000000000000000 [ 295.425468][ T9976] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000002 [ 295.425477][ T9976] R13: 0000000000000000 R14: 00007f4371da5fa0 R15: 00007fff9aeaa578 [ 295.425495][ T9976] [ 295.808323][ T9976] hub 8-0:1.0: USB hub found [ 295.815025][ T9976] hub 8-0:1.0: 1 port detected [ 295.955848][ T55] Bluetooth: hci1: unexpected subevent 0x01 length: 4 < 18 [ 297.765014][T10015] netlink: 342 bytes leftover after parsing attributes in process `syz.0.993'. [ 298.868549][T10028] FAULT_INJECTION: forcing a failure. [ 298.868549][T10028] name failslab, interval 1, probability 0, space 0, times 0 [ 298.901316][T10028] CPU: 0 UID: 0 PID: 10028 Comm: syz.0.997 Not tainted 6.14.0-syzkaller-07318-g4fa118e5b79f #0 PREEMPT(full) [ 298.901358][T10028] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 298.901375][T10028] Call Trace: [ 298.901383][T10028] [ 298.901393][T10028] dump_stack_lvl+0x16c/0x1f0 [ 298.901433][T10028] should_fail_ex+0x512/0x640 [ 298.901473][T10028] ? fs_reclaim_acquire+0xae/0x150 [ 298.901510][T10028] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 298.901543][T10028] should_failslab+0xc2/0x120 [ 298.901571][T10028] __kmalloc_noprof+0xd2/0x510 [ 298.901599][T10028] tomoyo_realpath_from_path+0xc2/0x6e0 [ 298.901630][T10028] ? tomoyo_profile+0x47/0x60 [ 298.901664][T10028] tomoyo_path_number_perm+0x245/0x580 [ 298.901699][T10028] ? tomoyo_path_number_perm+0x237/0x580 [ 298.901728][T10028] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 298.901756][T10028] ? find_held_lock+0x2b/0x80 [ 298.901808][T10028] ? find_held_lock+0x2b/0x80 [ 298.901837][T10028] ? __fget_files+0x204/0x3c0 [ 298.901866][T10028] ? __fget_files+0x20e/0x3c0 [ 298.901894][T10028] security_file_ioctl+0x9b/0x240 [ 298.901924][T10028] __x64_sys_ioctl+0xb7/0x200 [ 298.901959][T10028] do_syscall_64+0xcd/0x260 [ 298.901993][T10028] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 298.902019][T10028] RIP: 0033:0x7f4371b8d169 [ 298.902037][T10028] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 298.902061][T10028] RSP: 002b:00007f436f9f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 298.902087][T10028] RAX: ffffffffffffffda RBX: 00007f4371da5fa0 RCX: 00007f4371b8d169 [ 298.902105][T10028] RDX: ffffffffffffffff RSI: 00000000800454d7 RDI: 0000000000000003 [ 298.902122][T10028] RBP: 00007f436f9f6090 R08: 0000000000000000 R09: 0000000000000000 [ 298.902137][T10028] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 298.902152][T10028] R13: 0000000000000000 R14: 00007f4371da5fa0 R15: 00007fff9aeaa578 [ 298.902179][T10028] [ 298.902190][T10028] ERROR: Out of memory at tomoyo_realpath_from_path. [ 301.321282][ T55] Bluetooth: hci2: command 0x0406 tx timeout [ 301.327621][T10031] Bluetooth: hci2: Opcode 0x0c1a failed: -110 [ 302.170842][T10031] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 302.180716][T10031] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 302.187086][T10031] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 302.384357][T10061] FAULT_INJECTION: forcing a failure. [ 302.384357][T10061] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 302.431860][T10065] capability: warning: `syz.0.1003' uses 32-bit capabilities (legacy support in use) [ 302.448160][T10061] CPU: 0 UID: 0 PID: 10061 Comm: syz.2.1005 Not tainted 6.14.0-syzkaller-07318-g4fa118e5b79f #0 PREEMPT(full) [ 302.448200][T10061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 302.448217][T10061] Call Trace: [ 302.448225][T10061] [ 302.448235][T10061] dump_stack_lvl+0x16c/0x1f0 [ 302.448274][T10061] should_fail_ex+0x512/0x640 [ 302.448326][T10061] _copy_from_user+0x2e/0xd0 [ 302.448352][T10061] map_update_elem+0x594/0x910 [ 302.448393][T10061] ? __pfx_map_update_elem+0x10/0x10 [ 302.448434][T10061] __sys_bpf+0x1d21/0x4c80 [ 302.448461][T10061] ? __pfx___sys_bpf+0x10/0x10 [ 302.448485][T10061] ? vfs_write+0x316/0x1180 [ 302.448521][T10061] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 302.448565][T10061] ? __pfx_vfs_write+0x10/0x10 [ 302.448603][T10061] ? do_sys_openat2+0x157/0x1d0 [ 302.448648][T10061] ? ksys_write+0x1b9/0x240 [ 302.448686][T10061] ? __pfx_ksys_write+0x10/0x10 [ 302.448723][T10061] ? rcu_is_watching+0x12/0xc0 [ 302.448757][T10061] __x64_sys_bpf+0x78/0xc0 [ 302.448782][T10061] ? lockdep_hardirqs_on+0x7c/0x110 [ 302.448814][T10061] do_syscall_64+0xcd/0x260 [ 302.448850][T10061] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 302.448876][T10061] RIP: 0033:0x7f95d1f8d169 [ 302.448897][T10061] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 302.448923][T10061] RSP: 002b:00007f95d2dde038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 302.448950][T10061] RAX: ffffffffffffffda RBX: 00007f95d21a5fa0 RCX: 00007f95d1f8d169 [ 302.448968][T10061] RDX: 0000000000000001 RSI: 0000200000000240 RDI: 0000000000000002 [ 302.448984][T10061] RBP: 00007f95d2dde090 R08: 0000000000000000 R09: 0000000000000000 [ 302.449000][T10061] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 302.449015][T10061] R13: 0000000000000000 R14: 00007f95d21a5fa0 R15: 00007ffebe630018 [ 302.449045][T10061] [ 303.198561][T10082] FAULT_INJECTION: forcing a failure. [ 303.198561][T10082] name failslab, interval 1, probability 0, space 0, times 0 [ 303.223771][T10082] CPU: 0 UID: 0 PID: 10082 Comm: syz.2.1012 Not tainted 6.14.0-syzkaller-07318-g4fa118e5b79f #0 PREEMPT(full) [ 303.223807][T10082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 303.223817][T10082] Call Trace: [ 303.223823][T10082] [ 303.223829][T10082] dump_stack_lvl+0x16c/0x1f0 [ 303.223854][T10082] should_fail_ex+0x512/0x640 [ 303.223879][T10082] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 303.223906][T10082] should_failslab+0xc2/0x120 [ 303.223923][T10082] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 303.223947][T10082] ? __pfx___schedule+0x10/0x10 [ 303.223964][T10082] ? alloc_empty_file+0x55/0x1e0 [ 303.223985][T10082] alloc_empty_file+0x55/0x1e0 [ 303.224003][T10082] path_openat+0xe0/0x2d40 [ 303.224017][T10082] ? __x64_sys_openat+0x174/0x210 [ 303.224035][T10082] ? do_syscall_64+0xcd/0x260 [ 303.224055][T10082] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 303.224076][T10082] ? __pfx_path_openat+0x10/0x10 [ 303.224094][T10082] do_filp_open+0x20b/0x470 [ 303.224108][T10082] ? __pfx_do_filp_open+0x10/0x10 [ 303.224122][T10082] ? find_held_lock+0x2b/0x80 [ 303.224152][T10082] ? alloc_fd+0x420/0x760 [ 303.224183][T10082] do_sys_openat2+0x11b/0x1d0 [ 303.224201][T10082] ? __pfx_do_sys_openat2+0x10/0x10 [ 303.224224][T10082] __x64_sys_openat+0x174/0x210 [ 303.224243][T10082] ? __pfx___x64_sys_openat+0x10/0x10 [ 303.224263][T10082] ? rcu_is_watching+0x12/0xc0 [ 303.224285][T10082] do_syscall_64+0xcd/0x260 [ 303.224306][T10082] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 303.224332][T10082] RIP: 0033:0x7f95d1f8d169 [ 303.224346][T10082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 303.224362][T10082] RSP: 002b:00007f95d2dde038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 303.224381][T10082] RAX: ffffffffffffffda RBX: 00007f95d21a5fa0 RCX: 00007f95d1f8d169 [ 303.224391][T10082] RDX: 0000000000200400 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 303.224401][T10082] RBP: 00007f95d200e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 303.224411][T10082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 303.224420][T10082] R13: 0000000000000000 R14: 00007f95d21a5fa0 R15: 00007ffebe630018 [ 303.224437][T10082] [ 303.452688][ C0] vkms_vblank_simulate: vblank timer overrun [ 303.468199][ T55] Bluetooth: hci1: command 0x0406 tx timeout [ 303.990400][T10102] sd 0:0:1:0: PR command failed: 1026 [ 304.047127][T10102] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 304.074735][T10102] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 304.095002][T10108] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1019'. [ 304.109857][T10108] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1019'. [ 304.133451][T10108] netlink: 290 bytes leftover after parsing attributes in process `syz.3.1019'. [ 304.159271][T10108] veth0_macvtap: left promiscuous mode [ 304.198824][ T55] Bluetooth: hci3: command 0x0406 tx timeout [ 304.205088][ T5845] Bluetooth: hci0: command 0x0406 tx timeout [ 304.262456][T10113] FAULT_INJECTION: forcing a failure. [ 304.262456][T10113] name failslab, interval 1, probability 0, space 0, times 0 [ 304.306076][T10113] CPU: 1 UID: 0 PID: 10113 Comm: syz.0.1020 Not tainted 6.14.0-syzkaller-07318-g4fa118e5b79f #0 PREEMPT(full) [ 304.306116][T10113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 304.306132][T10113] Call Trace: [ 304.306140][T10113] [ 304.306151][T10113] dump_stack_lvl+0x16c/0x1f0 [ 304.306191][T10113] should_fail_ex+0x512/0x640 [ 304.306233][T10113] should_failslab+0xc2/0x120 [ 304.306261][T10113] __kmalloc_cache_noprof+0x6a/0x3e0 [ 304.306306][T10113] ? sctp_add_bind_addr+0xae/0x3f0 [ 304.306333][T10113] sctp_add_bind_addr+0xae/0x3f0 [ 304.306359][T10113] sctp_copy_local_addr_list+0x39d/0x5a0 [ 304.306391][T10113] ? __pfx_sctp_copy_local_addr_list+0x10/0x10 [ 304.306423][T10113] ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360 [ 304.306459][T10113] ? sctp_bind_addr_copy+0xe0/0x530 [ 304.306483][T10113] sctp_bind_addr_copy+0xe0/0x530 [ 304.306513][T10113] sctp_connect_new_asoc+0x1d7/0x790 [ 304.306549][T10113] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 304.306585][T10113] ? sctp_endpoint_lookup_assoc+0x15c/0x2a0 [ 304.306624][T10113] __sctp_connect+0x3f3/0xc60 [ 304.306661][T10113] ? do_raw_spin_lock+0x12c/0x2b0 [ 304.306692][T10113] ? __pfx___sctp_connect+0x10/0x10 [ 304.306730][T10113] ? __pfx_sctp_inet_connect+0x10/0x10 [ 304.306768][T10113] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 304.306814][T10113] ? __pfx_sctp_inet_connect+0x10/0x10 [ 304.306850][T10113] sctp_inet_connect+0x15f/0x200 [ 304.306888][T10113] __sys_connect_file+0x13e/0x1a0 [ 304.306930][T10113] __sys_connect+0x14d/0x170 [ 304.306968][T10113] ? __pfx___sys_connect+0x10/0x10 [ 304.307017][T10113] ? __pfx_ksys_write+0x10/0x10 [ 304.307055][T10113] ? rcu_is_watching+0x12/0xc0 [ 304.307090][T10113] __x64_sys_connect+0x72/0xb0 [ 304.307125][T10113] ? lockdep_hardirqs_on+0x7c/0x110 [ 304.307157][T10113] do_syscall_64+0xcd/0x260 [ 304.307194][T10113] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 304.307221][T10113] RIP: 0033:0x7f4371b8d169 [ 304.307245][T10113] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 304.307281][T10113] RSP: 002b:00007f436f9f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 304.307309][T10113] RAX: ffffffffffffffda RBX: 00007f4371da5fa0 RCX: 00007f4371b8d169 [ 304.307327][T10113] RDX: 0000000000000054 RSI: 0000200000000080 RDI: 0000000000000003 [ 304.307343][T10113] RBP: 00007f436f9f6090 R08: 0000000000000000 R09: 0000000000000000 [ 304.307359][T10113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 304.307375][T10113] R13: 0000000000000000 R14: 00007f4371da5fa0 R15: 00007fff9aeaa578 [ 304.307405][T10113] [ 304.897248][T10130] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1025'. [ 304.987095][T10132] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1026'. [ 305.190425][T10143] FAULT_INJECTION: forcing a failure. [ 305.190425][T10143] name failslab, interval 1, probability 0, space 0, times 0 [ 305.224388][T10143] CPU: 1 UID: 0 PID: 10143 Comm: syz.2.1029 Not tainted 6.14.0-syzkaller-07318-g4fa118e5b79f #0 PREEMPT(full) [ 305.224428][T10143] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 305.224444][T10143] Call Trace: [ 305.224451][T10143] [ 305.224461][T10143] dump_stack_lvl+0x16c/0x1f0 [ 305.224497][T10143] should_fail_ex+0x512/0x640 [ 305.224533][T10143] ? __kmalloc_noprof+0xbf/0x510 [ 305.224558][T10143] ? __tipc_nl_compat_dumpit+0x208/0xbe0 [ 305.224588][T10143] should_failslab+0xc2/0x120 [ 305.224627][T10143] __kmalloc_noprof+0xd2/0x510 [ 305.224651][T10143] ? do_raw_spin_unlock+0x172/0x230 [ 305.224678][T10143] ? _raw_spin_unlock+0x28/0x50 [ 305.224707][T10143] __tipc_nl_compat_dumpit+0x208/0xbe0 [ 305.224746][T10143] ? __pfx___tipc_nl_compat_dumpit+0x10/0x10 [ 305.224800][T10143] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 305.224828][T10143] ? skb_put+0x138/0x1b0 [ 305.224859][T10143] ? __asan_memset+0x23/0x50 [ 305.224894][T10143] ? __nlmsg_put+0x152/0x1c0 [ 305.224938][T10143] tipc_nl_compat_dumpit+0x45f/0x820 [ 305.224975][T10143] tipc_nl_compat_recv+0xb6e/0xc50 [ 305.225009][T10143] ? __pfx_tipc_nl_compat_recv+0x10/0x10 [ 305.225045][T10143] ? __pfx_tipc_nl_node_dump+0x10/0x10 [ 305.225068][T10143] ? __pfx_tipc_nl_compat_node_dump+0x10/0x10 [ 305.225098][T10143] ? __mutex_trylock_common+0xe9/0x250 [ 305.225144][T10143] ? rcu_is_watching+0x12/0xc0 [ 305.225172][T10143] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 305.225214][T10143] genl_family_rcv_msg_doit+0x206/0x2f0 [ 305.225250][T10143] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 305.225283][T10143] ? genl_get_cmd+0x194/0x580 [ 305.225321][T10143] ? __local_bh_enable_ip+0xa4/0x120 [ 305.225353][T10143] ? __dev_queue_xmit+0x896/0x43e0 [ 305.225388][T10143] ? __radix_tree_lookup+0x21f/0x2c0 [ 305.225424][T10143] genl_rcv_msg+0x55c/0x800 [ 305.225460][T10143] ? __pfx_genl_rcv_msg+0x10/0x10 [ 305.225492][T10143] ? __pfx___dev_queue_xmit+0x10/0x10 [ 305.225528][T10143] ? __pfx_tipc_nl_compat_recv+0x10/0x10 [ 305.225562][T10143] ? __lock_acquire+0xaa4/0x1ba0 [ 305.225605][T10143] netlink_rcv_skb+0x16a/0x440 [ 305.225643][T10143] ? __pfx_genl_rcv_msg+0x10/0x10 [ 305.225679][T10143] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 305.225722][T10143] ? __pfx_down_read+0x10/0x10 [ 305.225759][T10143] ? netlink_deliver_tap+0x1ae/0xd30 [ 305.225787][T10143] genl_rcv+0x28/0x40 [ 305.225816][T10143] netlink_unicast+0x53a/0x7f0 [ 305.225848][T10143] ? __pfx_netlink_unicast+0x10/0x10 [ 305.225878][T10143] ? __phys_addr_symbol+0x30/0x80 [ 305.225915][T10143] ? __check_object_size+0x4c7/0x710 [ 305.225947][T10143] netlink_sendmsg+0x8da/0xd70 [ 305.225979][T10143] ? __pfx_netlink_sendmsg+0x10/0x10 [ 305.226019][T10143] ____sys_sendmsg+0xa8d/0xc60 [ 305.226052][T10143] ? copy_msghdr_from_user+0x10a/0x160 [ 305.226076][T10143] ? __pfx_____sys_sendmsg+0x10/0x10 [ 305.226121][T10143] ___sys_sendmsg+0x134/0x1d0 [ 305.226148][T10143] ? __pfx____sys_sendmsg+0x10/0x10 [ 305.226205][T10143] __sys_sendmsg+0x16d/0x220 [ 305.226232][T10143] ? __pfx___sys_sendmsg+0x10/0x10 [ 305.226265][T10143] ? rcu_is_watching+0x12/0xc0 [ 305.226300][T10143] do_syscall_64+0xcd/0x260 [ 305.226336][T10143] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 305.226361][T10143] RIP: 0033:0x7f95d1f8d169 [ 305.226382][T10143] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 305.226408][T10143] RSP: 002b:00007f95d2dde038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 305.226434][T10143] RAX: ffffffffffffffda RBX: 00007f95d21a5fa0 RCX: 00007f95d1f8d169 [ 305.226451][T10143] RDX: 0000000000000010 RSI: 0000200000007500 RDI: 0000000000000004 [ 305.226468][T10143] RBP: 00007f95d2dde090 R08: 0000000000000000 R09: 0000000000000000 [ 305.226484][T10143] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 305.226499][T10143] R13: 0000000000000000 R14: 00007f95d21a5fa0 R15: 00007ffebe630018 [ 305.226529][T10143] [ 305.966481][T10155] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(2) [ 306.035489][T10155] ovs_: entered promiscuous mode [ 307.287466][T10153] vivid-003: ================= START STATUS ================= [ 307.308125][T10153] vivid-003: Radio HW Seek Mode: Bounded [ 307.308172][T10153] vivid-003: Radio Programmable HW Seek: false [ 307.308203][T10153] vivid-003: RDS Rx I/O Mode: Block I/O [ 307.308244][T10153] vivid-003: Generate RBDS Instead of RDS: false [ 307.308285][T10153] vivid-003: RDS Reception: true [ 307.308316][T10153] vivid-003: RDS Program Type: 0 inactive [ 307.308355][T10153] vivid-003: RDS PS Name: inactive [ 307.308393][T10153] vivid-003: RDS Radio Text: inactive [ 307.308430][T10153] vivid-003: RDS Traffic Announcement: false inactive [ 307.308468][T10153] vivid-003: RDS Traffic Program: false inactive [ 307.308506][T10153] vivid-003: RDS Music: false inactive [ 307.308550][T10153] vivid-003: ================== END STATUS ================== [ 307.492473][T10179] FAULT_INJECTION: forcing a failure. [ 307.492473][T10179] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 307.511050][T10179] CPU: 1 UID: 0 PID: 10179 Comm: syz.1.1038 Not tainted 6.14.0-syzkaller-07318-g4fa118e5b79f #0 PREEMPT(full) [ 307.511077][T10179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 307.511086][T10179] Call Trace: [ 307.511092][T10179] [ 307.511098][T10179] dump_stack_lvl+0x16c/0x1f0 [ 307.511125][T10179] should_fail_ex+0x512/0x640 [ 307.511152][T10179] _copy_to_user+0x32/0xd0 [ 307.511169][T10179] simple_read_from_buffer+0xe0/0x170 [ 307.511194][T10179] proc_fail_nth_read+0x197/0x270 [ 307.511218][T10179] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 307.511243][T10179] ? rw_verify_area+0xcf/0x680 [ 307.511264][T10179] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 307.511290][T10179] vfs_read+0x1de/0xc70 [ 307.511315][T10179] ? __pfx___mutex_lock+0x10/0x10 [ 307.511336][T10179] ? __pfx_vfs_read+0x10/0x10 [ 307.511362][T10179] ? __fget_files+0x20e/0x3c0 [ 307.511381][T10179] ksys_read+0x12a/0x240 [ 307.511403][T10179] ? __pfx_ksys_read+0x10/0x10 [ 307.511428][T10179] ? rcu_is_watching+0x12/0xc0 [ 307.511451][T10179] do_syscall_64+0xcd/0x260 [ 307.511472][T10179] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 307.511488][T10179] RIP: 0033:0x7f310478bb7c [ 307.511502][T10179] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 307.511518][T10179] RSP: 002b:00007f310553b030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 307.511541][T10179] RAX: ffffffffffffffda RBX: 00007f31049a5fa0 RCX: 00007f310478bb7c [ 307.511552][T10179] RDX: 000000000000000f RSI: 00007f310553b0a0 RDI: 000000000000000a [ 307.511561][T10179] RBP: 00007f310553b090 R08: 0000000000000000 R09: 0000000000000000 [ 307.511571][T10179] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 307.511580][T10179] R13: 0000000000000000 R14: 00007f31049a5fa0 R15: 00007ffd8eebb6c8 [ 307.511597][T10179] [ 308.063053][T10198] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 308.101241][T10198] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 308.162593][T10198] memcg:ffff8880342e2f01 [ 308.172428][T10198] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 308.190437][T10198] page_type: f5(slab) [ 308.201393][T10198] raw: 00fff00000000040 ffff88801c68da00 0000000000000000 dead000000000001 [ 308.218186][T10198] raw: 0000000000000000 00000000000c000c 00000000f5000000 ffff8880342e2f01 [ 308.238090][T10198] head: 00fff00000000040 ffff88801c68da00 0000000000000000 dead000000000001 [ 308.256073][T10198] head: 0000000000000000 00000000000c000c 00000000f5000000 ffff8880342e2f01 [ 308.272302][T10198] head: 00fff00000000002 ffffea0001e00001 ffffffffffffffff 0000000000000000 [ 308.299738][T10198] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 308.309055][T10198] page dumped because: unmovable page [ 308.314999][T10198] page_owner tracks the page as allocated [ 308.323925][T10198] page last allocated via order 2, migratetype Reclaimable, gfp_mask 0xd20d0(__GFP_RECLAIMABLE|__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 7312, tgid 7310 (syz.0.332), ts 160526761520, free_ts 159552728567 [ 308.349864][T10198] post_alloc_hook+0x181/0x1b0 [ 308.354830][T10198] get_page_from_freelist+0x10c4/0x34c0 [ 308.360959][T10198] __alloc_frozen_pages_noprof+0x223/0x24d0 [ 308.367120][T10198] alloc_pages_mpol+0x1fb/0x540 [ 308.372383][T10198] new_slab+0x23c/0x330 [ 308.376624][T10198] ___slab_alloc+0xd9c/0x1940 [ 308.381471][T10198] __slab_alloc.constprop.0+0x56/0xb0 [ 308.387004][T10198] kmem_cache_alloc_lru_noprof+0xf4/0x3b0 [ 308.392899][T10198] alloc_inode+0xc3/0x240 [ 308.397589][T10198] new_inode+0x22/0x1c0 [ 308.401874][T10198] simple_fill_super+0x306/0x720 [ 308.407306][T10198] nfsd_fill_super+0x90/0x530 [ 308.412257][T10198] get_tree_keyed+0x10b/0x1d0 [ 308.417156][T10198] vfs_get_tree+0x8b/0x340 [ 308.421773][T10198] path_mount+0x14d4/0x1f30 [ 308.426506][T10198] __x64_sys_mount+0x28d/0x310 [ 308.431476][T10198] page last free pid 5831 tgid 5831 stack trace: [ 308.437852][T10198] free_frozen_pages+0x6d8/0xf40 [ 308.443007][T10198] qlist_free_all+0x4e/0x120 [ 308.447746][T10198] kasan_quarantine_reduce+0x195/0x1e0 [ 308.453476][T10198] __kasan_slab_alloc+0x69/0x90 [ 308.458439][T10198] kmem_cache_alloc_noprof+0x1cb/0x3b0 [ 308.463979][T10198] vm_area_dup+0x21/0x2f0 [ 308.468691][T10198] copy_process+0x8114/0x9130 [ 308.473435][T10198] kernel_clone+0xfc/0x960 [ 308.478047][T10198] __do_sys_clone+0xce/0x120 [ 308.507988][T10198] do_syscall_64+0xcd/0x260 [ 308.512671][T10198] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 308.769041][T10220] FAULT_INJECTION: forcing a failure. [ 308.769041][T10220] name failslab, interval 1, probability 0, space 0, times 0 [ 308.782618][T10220] CPU: 1 UID: 0 PID: 10220 Comm: syz.1.1047 Not tainted 6.14.0-syzkaller-07318-g4fa118e5b79f #0 PREEMPT(full) [ 308.782659][T10220] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 308.782674][T10220] Call Trace: [ 308.782684][T10220] [ 308.782693][T10220] dump_stack_lvl+0x16c/0x1f0 [ 308.782737][T10220] should_fail_ex+0x512/0x640 [ 308.782786][T10220] should_failslab+0xc2/0x120 [ 308.782813][T10220] __kmalloc_cache_noprof+0x6a/0x3e0 [ 308.782849][T10220] ? nfc_genl_rcv_nl_event+0xc1/0x2e0 [ 308.782887][T10220] nfc_genl_rcv_nl_event+0xc1/0x2e0 [ 308.782921][T10220] notifier_call_chain+0xb9/0x410 [ 308.782954][T10220] ? __pfx_nfc_genl_rcv_nl_event+0x10/0x10 [ 308.782996][T10220] blocking_notifier_call_chain+0x69/0xa0 [ 308.783040][T10220] netlink_release+0x186b/0x2020 [ 308.783075][T10220] ? netlink_release+0x1de/0x2020 [ 308.783107][T10220] ? __pfx_netlink_release+0x10/0x10 [ 308.783139][T10220] ? __pfx_locks_remove_file+0x10/0x10 [ 308.783183][T10220] __sock_release+0xb0/0x270 [ 308.783213][T10220] ? __pfx_sock_close+0x10/0x10 [ 308.783240][T10220] sock_close+0x1c/0x30 [ 308.783266][T10220] __fput+0x3ff/0xb70 [ 308.783299][T10220] ? _raw_spin_unlock_irq+0x23/0x50 [ 308.783343][T10220] task_work_run+0x14d/0x240 [ 308.783374][T10220] ? __pfx_task_work_run+0x10/0x10 [ 308.783404][T10220] ? __pfx___do_sys_close_range+0x10/0x10 [ 308.783432][T10220] ? rcu_is_watching+0x12/0xc0 [ 308.783470][T10220] syscall_exit_to_user_mode+0x27b/0x2a0 [ 308.783508][T10220] do_syscall_64+0xda/0x260 [ 308.783545][T10220] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 308.783573][T10220] RIP: 0033:0x7f310478d169 [ 308.783594][T10220] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 308.783621][T10220] RSP: 002b:00007f310551a038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 308.783647][T10220] RAX: 0000000000000000 RBX: 00007f31049a6080 RCX: 00007f310478d169 [ 308.783665][T10220] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 308.783681][T10220] RBP: 00007f310480e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 308.783698][T10220] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 308.783713][T10220] R13: 0000000000000000 R14: 00007f31049a6080 R15: 00007ffd8eebb6c8 [ 308.783744][T10220] [ 309.399485][T10227] FAULT_INJECTION: forcing a failure. [ 309.399485][T10227] name failslab, interval 1, probability 0, space 0, times 0 [ 309.414782][T10227] CPU: 1 UID: 0 PID: 10227 Comm: syz.1.1050 Not tainted 6.14.0-syzkaller-07318-g4fa118e5b79f #0 PREEMPT(full) [ 309.414823][T10227] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 309.414840][T10227] Call Trace: [ 309.414849][T10227] [ 309.414859][T10227] dump_stack_lvl+0x16c/0x1f0 [ 309.414899][T10227] should_fail_ex+0x512/0x640 [ 309.414946][T10227] should_failslab+0xc2/0x120 [ 309.414975][T10227] __kmalloc_cache_noprof+0x6a/0x3e0 [ 309.415016][T10227] ? sctp_add_bind_addr+0xae/0x3f0 [ 309.415047][T10227] sctp_add_bind_addr+0xae/0x3f0 [ 309.415075][T10227] sctp_copy_local_addr_list+0x39d/0x5a0 [ 309.415113][T10227] ? __pfx_sctp_copy_local_addr_list+0x10/0x10 [ 309.415150][T10227] ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360 [ 309.415190][T10227] ? sctp_bind_addr_copy+0xe0/0x530 [ 309.415216][T10227] sctp_bind_addr_copy+0xe0/0x530 [ 309.415249][T10227] sctp_connect_new_asoc+0x1d7/0x790 [ 309.415290][T10227] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 309.415336][T10227] ? sctp_endpoint_lookup_assoc+0x15c/0x2a0 [ 309.415376][T10227] __sctp_connect+0x3f3/0xc60 [ 309.415413][T10227] ? do_raw_spin_lock+0x12c/0x2b0 [ 309.415440][T10227] ? __pfx___sctp_connect+0x10/0x10 [ 309.415477][T10227] ? __pfx_sctp_inet_connect+0x10/0x10 [ 309.415512][T10227] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 309.415555][T10227] ? __pfx_sctp_inet_connect+0x10/0x10 [ 309.415588][T10227] sctp_inet_connect+0x15f/0x200 [ 309.415625][T10227] __sys_connect_file+0x13e/0x1a0 [ 309.415669][T10227] __sys_connect+0x14d/0x170 [ 309.415706][T10227] ? __pfx___sys_connect+0x10/0x10 [ 309.415754][T10227] ? __pfx_ksys_write+0x10/0x10 [ 309.415793][T10227] ? rcu_is_watching+0x12/0xc0 [ 309.415830][T10227] __x64_sys_connect+0x72/0xb0 [ 309.415868][T10227] ? lockdep_hardirqs_on+0x7c/0x110 [ 309.415901][T10227] do_syscall_64+0xcd/0x260 [ 309.415936][T10227] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 309.415964][T10227] RIP: 0033:0x7f310478d169 [ 309.415985][T10227] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 309.416012][T10227] RSP: 002b:00007f310553b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 309.416040][T10227] RAX: ffffffffffffffda RBX: 00007f31049a5fa0 RCX: 00007f310478d169 [ 309.416058][T10227] RDX: 0000000000000054 RSI: 0000200000000080 RDI: 0000000000000003 [ 309.416100][T10227] RBP: 00007f310553b090 R08: 0000000000000000 R09: 0000000000000000 [ 309.416117][T10227] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 309.416132][T10227] R13: 0000000000000000 R14: 00007f31049a5fa0 R15: 00007ffd8eebb6c8 [ 309.416163][T10227] [ 309.875644][ T10] [ 309.878059][ T10] ====================================================== [ 309.885111][ T10] WARNING: possible circular locking dependency detected [ 309.892235][ T10] 6.14.0-syzkaller-07318-g4fa118e5b79f #0 Not tainted [ 309.899126][ T10] ------------------------------------------------------ [ 309.906283][ T10] kworker/0:1/10 is trying to acquire lock: [ 309.912278][ T10] ffffffff9010b968 (rtnl_mutex){+.+.}-{4:4}, at: smc_vlan_by_tcpsk+0x251/0x620 [ 309.921284][ T10] [ 309.921284][ T10] but task is already holding lock: [ 309.928774][ T10] ffff88805da99958 (sk_lock-AF_INET){+.+.}-{0:0}, at: smc_connect_work+0x53a/0xae0 [ 309.938119][ T10] [ 309.938119][ T10] which lock already depends on the new lock. [ 309.938119][ T10] [ 309.948649][ T10] [ 309.948649][ T10] the existing dependency chain (in reverse order) is: [ 309.957839][ T10] [ 309.957839][ T10] -> #1 (sk_lock-AF_INET){+.+.}-{0:0}: [ 309.965514][ T10] lock_sock_nested+0x41/0xf0 [ 309.970749][ T10] sockopt_lock_sock+0x54/0x70 [ 309.976047][ T10] do_ip_setsockopt+0xfe/0x3240 [ 309.981458][ T10] ip_setsockopt+0x59/0xf0 [ 309.986422][ T10] sctp_setsockopt+0x169/0xb870 [ 309.991905][ T10] do_sock_setsockopt+0x221/0x470 [ 309.997473][ T10] __sys_setsockopt+0x1a0/0x230 [ 310.002975][ T10] __x64_sys_setsockopt+0xbd/0x160 [ 310.008733][ T10] do_syscall_64+0xcd/0x260 [ 310.013870][ T10] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 310.020302][ T10] [ 310.020302][ T10] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 310.027552][ T10] __lock_acquire+0x1173/0x1ba0 [ 310.032951][ T10] lock_acquire+0x179/0x350 [ 310.038004][ T10] __mutex_lock+0x199/0xb90 [ 310.043131][ T10] smc_vlan_by_tcpsk+0x251/0x620 [ 310.048620][ T10] __smc_connect+0x44b/0x4880 [ 310.053836][ T10] smc_connect_work+0x54c/0xae0 [ 310.059236][ T10] process_one_work+0x9cc/0x1b70 [ 310.064710][ T10] worker_thread+0x6c8/0xf10 [ 310.069836][ T10] kthread+0x3c2/0x780 [ 310.074468][ T10] ret_from_fork+0x45/0x80 [ 310.079419][ T10] ret_from_fork_asm+0x1a/0x30 [ 310.084901][ T10] [ 310.084901][ T10] other info that might help us debug this: [ 310.084901][ T10] [ 310.095141][ T10] Possible unsafe locking scenario: [ 310.095141][ T10] [ 310.102595][ T10] CPU0 CPU1 [ 310.107966][ T10] ---- ---- [ 310.113331][ T10] lock(sk_lock-AF_INET); [ 310.117762][ T10] lock(rtnl_mutex); [ 310.124284][ T10] lock(sk_lock-AF_INET); [ 310.131422][ T10] lock(rtnl_mutex); [ 310.135419][ T10] [ 310.135419][ T10] *** DEADLOCK *** [ 310.135419][ T10] [ 310.143568][ T10] 3 locks held by kworker/0:1/10: [ 310.148634][ T10] #0: ffff8880310e3948 ((wq_completion)smc_hs_wq){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 310.159391][ T10] #1: ffffc900000f7d18 ((work_completion)(&smc->connect_work)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 310.171203][ T10] #2: ffff88805da99958 (sk_lock-AF_INET){+.+.}-{0:0}, at: smc_connect_work+0x53a/0xae0 [ 310.181079][ T10] [ 310.181079][ T10] stack backtrace: [ 310.186977][ T10] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Not tainted 6.14.0-syzkaller-07318-g4fa118e5b79f #0 PREEMPT(full) [ 310.187005][ T10] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 310.187020][ T10] Workqueue: smc_hs_wq smc_connect_work [ 310.187052][ T10] Call Trace: [ 310.187059][ T10] [ 310.187067][ T10] dump_stack_lvl+0x116/0x1f0 [ 310.187094][ T10] print_circular_bug+0x275/0x350 [ 310.187126][ T10] check_noncircular+0x14c/0x170 [ 310.187157][ T10] __lock_acquire+0x1173/0x1ba0 [ 310.187189][ T10] ? lockdep_hardirqs_on+0x7c/0x110 [ 310.187214][ T10] lock_acquire+0x179/0x350 [ 310.187243][ T10] ? smc_vlan_by_tcpsk+0x251/0x620 [ 310.187276][ T10] ? __pfx___might_resched+0x10/0x10 [ 310.187303][ T10] ? kasan_save_stack+0x42/0x60 [ 310.187335][ T10] ? kasan_save_stack+0x33/0x60 [ 310.187364][ T10] ? kasan_save_track+0x14/0x30 [ 310.187395][ T10] __mutex_lock+0x199/0xb90 [ 310.187421][ T10] ? smc_vlan_by_tcpsk+0x251/0x620 [ 310.187453][ T10] ? smc_vlan_by_tcpsk+0x251/0x620 [ 310.187484][ T10] ? __pfx___mutex_lock+0x10/0x10 [ 310.187520][ T10] ? find_held_lock+0x2b/0x80 [ 310.187545][ T10] ? smc_vlan_by_tcpsk+0x251/0x620 [ 310.187576][ T10] ? rtnl_lock+0x9/0x20 [ 310.187601][ T10] smc_vlan_by_tcpsk+0x251/0x620 [ 310.187632][ T10] ? __pfx_smc_vlan_by_tcpsk+0x10/0x10 [ 310.187665][ T10] __smc_connect+0x44b/0x4880 [ 310.187697][ T10] ? __pfx___smc_connect+0x10/0x10 [ 310.187726][ T10] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 310.187749][ T10] ? __local_bh_enable_ip+0xa4/0x120 [ 310.187776][ T10] smc_connect_work+0x54c/0xae0 [ 310.187804][ T10] ? __pfx_smc_connect_work+0x10/0x10 [ 310.187834][ T10] ? rcu_is_watching+0x12/0xc0 [ 310.187858][ T10] process_one_work+0x9cc/0x1b70 [ 310.187882][ T10] ? __pfx_process_one_work+0x10/0x10 [ 310.187906][ T10] ? assign_work+0x1a0/0x250 [ 310.187928][ T10] worker_thread+0x6c8/0xf10 [ 310.187957][ T10] ? __kthread_parkme+0x19e/0x250 [ 310.187990][ T10] ? __pfx_worker_thread+0x10/0x10 [ 310.188012][ T10] kthread+0x3c2/0x780 [ 310.188030][ T10] ? __pfx_kthread+0x10/0x10 [ 310.188048][ T10] ? __pfx_kthread+0x10/0x10 [ 310.188066][ T10] ? __pfx_kthread+0x10/0x10 [ 310.188084][ T10] ? __pfx_kthread+0x10/0x10 [ 310.188102][ T10] ? rcu_is_watching+0x12/0xc0 [ 310.188125][ T10] ? __pfx_kthread+0x10/0x10 [ 310.188144][ T10] ret_from_fork+0x45/0x80 [ 310.188164][ T10] ? __pfx_kthread+0x10/0x10 [ 310.188183][ T10] ret_from_fork_asm+0x1a/0x30 [ 310.188218][ T10] [ 310.434465][ C0] vkms_vblank_simulate: vblank timer overrun [ 310.576656][T10241] ICMPv6: process `syz.3.1056' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead