last executing test programs: 3.977418289s ago: executing program 0 (id=2245): rt_sigprocmask$auto(0x0, &(0x7f0000000000)={0xfffffffffffffe01}, 0x0, 0x8) mmap$auto(0x0, 0x2020009, 0x100003, 0x9000000eb1, 0xfffffffffffffffa, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyr0\x00', 0x60540, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0x20342, 0x0) socket(0xa, 0x5, 0x84) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) uname$auto(0x0) setsockopt$auto(0x3, 0x94, 0xf, 0x0, 0x3ff) syz_clone(0x40004000, 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$auto(0x0, 0x0) socket(0x2, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1000001, 0x5, 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptya7\x00', 0x101e81, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/ifb0/statistics/rx_length_errors\x00', 0x6400, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyde\x00', 0xa0102, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) write$auto(0x3, 0x0, 0x7fffffff) socket(0x2, 0x1, 0x106) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x40008000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) fanotify_init$auto(0x65, 0x2) pipe$auto(0x0) close_range$auto(0x0, 0x5, 0x0) 3.509246404s ago: executing program 2 (id=2252): memfd_secret$auto(0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) r0 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) read$auto(r0, 0x0, 0xb4d3) 3.029350933s ago: executing program 0 (id=2254): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sysfs$auto(0x2, 0xc, 0x0) socket(0x25, 0x1, 0x0) r0 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000140), 0x180b03, 0x0) ioctl$auto_SNAPSHOT_ALLOC_SWAP_PAGE(r0, 0x80083314, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) fallocate$auto(r0, 0x1, 0x2, 0x6653) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x1, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x5, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x9, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0x1]}, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x88000, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x2, 0x0, [{0x400000f2, 0x400, 0x9}]}) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) ioctl$auto(0x3, 0x2287, 0xffffffffffffffff) socket(0x23, 0x80805, 0x0) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x401, 0x0) write$auto_proc_mem_operations_base(r4, &(0x7f0000000300)="5c60af5a41e0c2e96c46d5125a584ba9d9b3cf382c2dfa4fb2091200"/37, 0x25) madvise$auto(0x0, 0x20200, 0x15) 3.028410333s ago: executing program 2 (id=2256): openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fb0\x00', 0x8002, 0x0) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) 2.661753098s ago: executing program 3 (id=2261): close_range$auto(0x0, 0xffffffffffffffff, 0x4000000000002) r0 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000300), 0x8000, 0x0) r1 = socketcall$auto(0x9, 0x0) fcntl$auto_F_DUPFD_QUERY(r0, 0x403, r1) 2.602689406s ago: executing program 3 (id=2262): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$auto_IPVS_CMD_SET_CONFIG(0xffffffffffffffff, &(0x7f0000001800)={0x0, 0x0, &(0x7f00000017c0)={&(0x7f0000001b80)=ANY=[@ANYRES64=0x0, @ANYBLOB="76e8243440cbe1e6423248a4886e52fb2b8ac9292e22b5923d3cae1669ca556e434e007c2dcd69a3c78aed9b74e18a3047fba714f01d9308e79a8032783144faa5effcdd9df79fc10b616f9d5ed8de8919178543327035d91922c40c1c588aad9b651778d935b33ad6ed3c86356655a18942f6bf8ba8ac4efe561c36ab136e0e15e711d035a3d845f4dedef2c065b52a142c20eed01986e0acdc411434238c78b287d9a25665adeb2790e7ec48c56184f86b7bec6f34bce54e4571cdc05d2ecd46dcc46ef4826ff4847b6ef374d9773b3f1df83ecfdfbfe3e5644011a71cb333d65d70065b88529dc989635f3cb5d946682f731529181ab294cd608f05f970f5cd9b2dc4da54c4bd588abedd63d3d2ed816ded8fa99c2379fca704e166c707cdf492e66d11abe8f38441e24daac14053385eeed3367ee2c7f14dde5049431a6b573d3df928b0fe88e57513de3c30b73479751eec592c8ae563b30dba2d9a22338bcb585f7f13f887e82ce0f3fd7603424c4fe56a6b7abb9558c7fe5fcf1854c5d3a53d2c23581f32688361b8948e080930a2c321471dc244361f149c1b19938a7a93a98ae4aa5dde6fa885674df362fe136745df986ea0a3d905a2083e5af4d48b06cce4b498f35f8455cc967ac67408a7405cda5b0ca4111e0cc1989962731542ea6e87b4383db0f12b140e13d8c2f1753a6654cc308f5d8a8d81d86fe08d2a9b801db6f5b21186bfd969ec5d804505b901b9961792f661ceaceabb5e502e7c21e82dc7ca93395f99e9df9d502557a8f0e70cd5805b8653d3e311d321e929745d42e3975fa8f89a39ef85a06eb395912f30d23b19f1f7ecb8bda26ccfd7f12d1c9da95fb73b12cc17ab5895287f964ebd54f4878134a535c396424abe53e447904dcb1238d51e821f466372415a489cc17bba2d4ab76007cde8b6d9e9d889aef92d806118e6decda5a6bd7375faa3aca2ffd7dcfb1984770034b4a1c0d8a1fd632adf1e154ba87791168cd76e94fb7d1782c5588c60e6f2b5a08b78a9e8d48aefb810927d335198f0fdff81fe4e8d874162d83fa03a19e98c334049319f5174794fddbdba791cb7ed7279c99dd0648595166d8cebb29760cb31a62a498c4e8be17e70ae1887877bdd3da05f95d58b6e991926fda689761fc3d9fa87b904582d0660ed675ed3f94fdc37424e89fb3091a3d0570caf795b8c689a7f8a9adea8622c5cf4ac8fdeae4f77779a0540a1c4729a0a2c53fcdab40e741c8cbe5c2f4c8ae0a4c1063369282977a6e3ec0bfea61da67f2002911a9c10d0fe97acb65bc5a0d9ff74e2de483f467ce0c6f20aa10c03231719d98da2cb4181b360ea0e982d2e78fb5f56f0f3a16ca3e028b217c41aee4c48954a99d1e0013e90765cf0c259cf2254aee8b0ac934f7616581f07b2f2052cb3d957af407888b8049a1a9a91d9081bebecbde9fd188992119a8e3c939d64dcbe2f762b5a1df5bd907ab82491a5f08b61fb2225df111cb598c721f0be94f5cb3e58ccbabc98a6879ed539c208eacd5908a0db35e439684bd7e80e5f7bf5ce686cb5b998ee3084dc5d0fb22e1625cc12c1874dbfc1ff1b65d286dd0be0e36264e6f30b3f863f7dfc6233f8556f1de55bc8d1f7e6353a4ef853b9dde4b4d83d71ed7a4262b9bcfc0d897a05d63572045f89167faa89b5d6ff559f055f4cedf5d0ac3a8ed3d535f8031e4d96c9fbce29a0cd77d114a06ee3edd948896aa4e6eb836d82e08b95296503e62ae605fc0baa3b175ace1fb7530047a203b8b6395f1b4adc81f89f10b361372def42f89061eb32ad14f13e8e0d1e2e757810153d3e7b07f3c7e8d66e7419bd46b35a66de90008fbbdc44c2d4d2af0c4968e84c1f0fbc7251b988830cd2c6bc41107109c54884addcd1d6000c5589a3871fd4884f902c2f324741164ecec59b8b2019aeb0f06f1e46296f33b4a51ef65627ac82939bbae2804d73ff5621cb4c0cfdd069596bc5e0d5940b93c6011dba9cc1c8cde0ddb7ff82c577805d54fd28f2da72e13ce1de9e5f54d8155b09993350d8030007c716d4b795c6f905151e707fe039e407ae1952c458ca6c8225ac709d248e378e6e6934cd2073acc9afe3ff7a98a5b9b72ec78f4573b54ab4bfa10be6d336e5ac19b22a5b1aece8bbc724fedf4eb9147cd9381abfbf5f41df573042fe1ffae3059484024c87a1940acf8fd18f5f86a8426cb776664ab8dc78da18f9e5f8ca1f81cddd4924067515a2d5113f82a658aba6ee321021396935165b49dd15611823fcca74378734811678940e8d3ea1ba656257ac171cef303e2fd860d7361a5dac4b14cc2d4dbc55ca51a963ae700f4c3e2883271cdea272521073d663142ded8efd4e370438a14ec82c6c89bb8fd683d1b8ae36bfa05efb5cbac69fd510013aeed70b494b5319edc746dfe6f74202061925d3d9d85b055587f8207bf1f75ceb1ac86913ff45d09850acff210ea3967afd5574c93205c407a8e617a737b9577c5992f4a0b40987d56f07b0cd2b86eca96b58b1793b40dbc4759e91c77a9de5ad050171aae4554e933576d85a4e9094e9f5b22f34527a1e9b4102eebd691a19c92b8f2def24f947d54d05ddddfe24cbfec62b2c08f5a3f2262d69a31cb3423b5c920ac2390f921ad97ae8789276cd5759a984e7fd224b79720f2497c383064eb6f8a4dd5f9fdf04c69eb34895a68a91813c3d4ca3880a927e299c00b6ac16595b6b4de4f678d667257e25d72f17738537b3d681fc13d50fa25b1eb51010db635fd361e4dd6806e1744a2a7f622bf629afebde46299075c34ca16d65d63c1eee8599b5e0b65a26cf04aba8c36d87eec7c644858e4ae99450645f51c9b9bed06c645ada0c744bf87d4565fde43f9a122b38b93b7192ff09e29d3179a0e31e038aedb1336f8531d107d4ca8bbc02475ad7c9b5b41bc36f3d1fba165a2348f8731ecb78631c630273edca65f1e6ee3701bfd2805956bd3597af92890da7e9c4d15ab0abe0dd56640f90dbe2f58ea1fc01fc4fd86b43ddf9cef15bb9d119ba9096c73a5f3d09ea49a9ec0d7ddfb36852e38df7f9645b54c6e997e03e79cc427b9f55b002091a95c88f80a821feae4039526f04025a7ff517b2409d3cda6fb444798ca8337d4bb8844856261af02c434eb296c9c12a0dfcf9583720a4228a57984554d5fbffab74774cca8e9e4bd014474c6b2dad1dddfc95fc9821151e7f2681b5dc55c493bd92838be31990cbdb854994533d1c0911cc14a9f3d9ff2b9cb94f9b4c1a0fc485bce618f6a9e4105f97252009a413840d47e136268ecdeb07adfaa446f1911fc81b0840d67067157c32ec8eed1b21ec2d4e69c77a96b17c981da78e7e196575fa0bc6bd6d1e993adbd26fb17bc6085c5a189740d4067974bd083fe1af02504a162732476226d2912c674b257fbced8e725b6468452e106b9c1c826badb88627547f4e0ebfe5e61c57ca66479d1cdb2e121039bbb5ae12c41b618274af010ec5948f87318cba85b46ce5819cd3352c1a7b6d04fdbb664ab2b3b0499d698e6e9f8aaddbfd1fd6d3edb831e129c6911347a3337f09cbf42b9e017c2ba0a8d67a921356d2fd211747ed4e979a06ec8f2c468fd068922d3e3845dceb60adf3279e01e67ad2f61e3d037f8dc8b0784a37f856ed1531a965971649e79cb614a6a359f33b676db03ad23791588e9cc16a8b772069b1af59a435c130cf3a0258f248f62e607947e60cdf9395bc322fd3c73754d607f914a95a9e973a1df9d5f99e2cfa77e28bea9e149e913676046317aa64b76b0e856552027881f5da24db69f1f72009f275cf5132aa20f659d31e423e2e12dce48917fda048f28d051b9cc1f849fcb884771fc99697a4a06617637fc3886d52a28d5d798d458c9e6ffd7c49d632733604c517f10a3845fe1a0593d79462f3c9f3509672de5d509f2f33d036dac99b2edd6cc200b2ecf2d9de3acf9aa4aa31fa872b09129a5ef2b6a2931027af1f0d77ff1319bfb8482e64882a9df777b552acfedfd30a16c2608ed6250e044e4537a3ca6462fb3703e3e75d2ee8214153c137efd06306d250f1b6b8da4378172f1e34b2ec3c927334019db618cf56960f5107fa75233ac00c0b304f0bce7cedd7fcda92ed120b523faff7d14319df9db1b107bfc4c1102ce28a99e471a8a9093c847f8616c53bc2698dfd27c6b3c88512e44e585b3c4ae8e327b81400629c5ca3a30ce8aa46841c3a83ce6075cd188800a556d11cb7f4cf100c61a9a5f9128113d28379d5d5c09f60d6b906ba23fb05c3c1e592692d5c201ba4e11b9d71408f1a894749425f5558c47aa76a967a6e52b6f7ad3e162778aec4b10e3a61ae7f9cb36fc6890f5d95cd1f135f9c232fe35ddb3a88e50311d42603fae114d2c80685e554dc59d9ddf2e1eaaf18bfb84fd495628ddad74a6e2df062a2e46388ce90f8bce6d48ec2cd851e1a3d3f4e53e030084375ae051b7f69d1ab79dd8817c6c37d35113782cd6b4178c48b98f8ff8418b3e52eeaefc39778a3698896938857c082f7a4ec6e2c74fce36373e32880321334815ced3036706970849a5d382a1fa5107c4045c79f42492a7b79e3eb43d32ad4b17aaa05fc53a122b374a0c7356f6b45827888e2bbbacc93614782660dbda377387fe009df27d7382156b1dde22414f326cdb45a61bb5f074011feb539e0af6ea1f76dd1603fff9e4b527fc3075872b74f6e7c245ee0be10526517269ee071070a051253e788ebda59be825d186c0616d0123e4dfcf41c0c6b0115e7a8a95c6978ae482def4cbb50318adf4b8fef2a9e30906a46994a201ae23c811f3323733b2ab66e0097d467e310d1dfd25e7a8f4f15bb74c21edb38b1ff0f0208260e3d78cfe10f1755d78204d95261bd0603d35eeb89f84f52bfcf7c8650e6c47ba99913432f94bdd132474cd41a2cbd6cf94a4253b50fda6dc8e39d712150750780b5b562833abaeada025535acc8eeb9c0c002d18b0c981807a6e0d1ab46e3e1140d1df68a384ca3cce7ae1dfa2bf40fb7c6e0fbb706f7ce1bea40c61e7e7791aaaa26d874250f96aba3432ef926fe18d63c5312addf1818e55b3a2119b2f49020e0735da64098dc52afce1cb40fbd1fb06285da8d7fe728a7284bb113c53d801472cad8b5a4a87a581537b14d1db258e83877f2bff88a8c45a480cad8f575c6fe41e095decf806e12f9e5ccf177e3cdb3bf27abf0407d5d2ca187f66f6e030242d76b899ea078d3f2013bace124d4d02d9322ccac3be9f547b86cb4f111190ddb9935ebc56043bd80af321f6ab46e920ca255fa18bd568a5750618a14687f9e9c018eb801bb2b5ad7998f174faa673bcbfeeac79a0508262c52c6e0cda5c773d173a630bb7bd02f90aa1069683ece3ba19704c2e3f864c19faf4b220122ac2622ec483ce9e83c67388c6edb2357a89737bb26671d3cc452e0d51fbc11e46ad242abedcdbcb3dc6cb9080faec2e0e764fc6563ece588fb53a8e511159f1a1c7bc3289a05bb965f0f00e049a162f0a762940899978c0f0563da5f5549af0256920857da6e609159ca8ce4f0d2499cfcce39b5914f12032d602c224c4be31715c43fbbc92cbd4327054906fb4679cc87700859a77dc8ec9c6defff6c3dc1c9cc7d2c960cd115d92b36b097e9f6933da1083779c9c6550cfa8dde9a926ea089e8910647cc0c6818542bf13b61336ae7c7f92eeb17492dc3da069288999f1957d0757844ceccd6b15bdfa8302b19428baccb46305e2f290acd90fe0c30604f2cba77d5b5da3456a0ca97"], 0x34}}, 0x200000d4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x80}, 0x40000) pwrite64$auto(0xc8, &(0x7f0000000040)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00\x00\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e#\xae\xa9i8W\xe5Iq\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd0\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00'/231, 0xfdf2, 0x3a) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) semctl$auto(0x80001ff, 0x804, 0x13, 0x4) keyctl$auto(0x1, 0x7, 0x100, 0x8, 0x4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = timerfd_create$auto(0x1, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram2\x00', 0x10ba02, 0x0) getxattrat$auto(r0, &(0x7f0000000080)='./file0\x00', 0x1000, &(0x7f00000003c0)='\x00\xa3B\x9f!\'\xb5\xd8\x7f\xedP\x93S\x8d0\xbe\x80F\x8e\x9d\x97\xea>O\xa0\r\x1d\x15\xd6\xa96\xb3\x0e\xfdf\x14a\x06\x11\xa9r\xad\xe2\x1a\x83/\xa4\x06z\xbf\x88n\xdc\xca\xf3%\xba\x8d\xe7\x17\xccZ\x19Xb\xcf\x1e\x18\xd9\xae\"\xb0\x04=cX\x94\xd3wn\x15\x96[\xc9\xe4B\x99\xf3\xb9\x82-\xad}h\x10o\xec\x05\xe8P_\xa3\xab)\x7f\x97\rS\a\x7f\x97Qt{4C\xe5f\xdc\xe4P\xdb:\xaf\xc5FV s~=\xc9\xda\xbd\xda\x1f\xa9\xda\xd8\x96\x13Hbu\xb5+\"\x94X~\x85\xbf\xc6\xc4\xfcak\x8b\x06UB\xc7R|\x94~.\x90\x8d\xa9d0x0, 0x7, 0x109, 0x7, "aab8e80600080043529f895cf5e8ec8f46cbb766439d070a00", @raw=0x2}, 0x6, 0x4, 0x6, @raw=0xd7, @integer64={0x442df60c, 0x81, 0x7}, "a4699d30a05edbe0d28473c399a7dc920b153e9b1675451d7de94b4123f970bedd3460c667373fcc59b584d81592f6ab606c276852295e00af49e6de6e768034"}) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_REMOVE(r3, 0xc0405519, &(0x7f00000000c0)={@inferred=r4, 0x7, 0xd, 0xa4, "e3eabf11dce36a2eac9cb4682c339b3ce615a9b97386d4462bc6553245da56e4978f37368e849db4a6e0aa4e", @raw=0xa2cfa1c}) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x457, 0x7, 0xd, 0x1, 0x948b, 0x6, 0x0, 0x1, 0x3, 0x40, 0x6, 0x1, 0x6d39, 0x5, 0x2, 0x4]}, 0x0) fcntl$auto_F_UNLCK(r2, 0x206, 0x2) select$auto(0x7fff, &(0x7f0000000140)={[0x21, 0xfffffffffffffff8, 0x1, 0x7, 0x7, 0x1, 0x7a, 0x3, 0x0, 0x1, 0x8, 0x7, 0x6, 0x7, 0x9, 0x81]}, &(0x7f0000000200)={[0xfffffffffffffffe, 0x38000000000, 0x1, 0xf, 0x7f, 0x0, 0x20000000d, 0x6, 0xfa2, 0x401, 0x3, 0x1f9, 0x6, 0x8, 0x80000000, 0x7]}, 0x0, &(0x7f0000000280)={0x9, 0xa74}) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x2000, 0x0) msgsnd$auto(0x0, &(0x7f0000000040)={0x5, 0x20}, 0x1000, 0xfffffffc) sendfile$auto(r1, 0x3, 0x0, 0x400000000006) timerfd_settime$auto(r0, 0x3, &(0x7f0000000000)={{0x10, 0x3ff}, {0x10, 0x9}}, 0x0) 2.589482375s ago: executing program 2 (id=2263): rt_sigprocmask$auto(0x0, &(0x7f0000000000)={0xfffffffffffffe01}, 0x0, 0x8) mmap$auto(0x0, 0x2020009, 0x100003, 0x9000000eb1, 0xfffffffffffffffa, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyr0\x00', 0x60540, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0x20342, 0x0) socket(0xa, 0x5, 0x84) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) uname$auto(0x0) setsockopt$auto(0x3, 0x94, 0xf, 0x0, 0x3ff) syz_clone(0x40004000, 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$auto(0x0, 0x0) socket(0x2, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1000001, 0x5, 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptya7\x00', 0x101e81, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/ifb0/statistics/rx_length_errors\x00', 0x6400, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyde\x00', 0xa0102, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) write$auto(0x3, 0x0, 0x7fffffff) socket(0x2, 0x1, 0x106) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x40008000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) fanotify_init$auto(0x65, 0x2) pipe$auto(0x0) close_range$auto(0x0, 0x5, 0x0) 2.14551925s ago: executing program 1 (id=2265): r0 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000040), 0x20904, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000000)={{0x3, 0x1000, 0x1, 0x5, 0x2}, "654c6dbc7a4d30983899a7e1325b6a29ba1e18441074052a3fa6c3ccf1bf00"}) readv$auto(r0, &(0x7f0000000a80)={0x0, 0x100000ffff}, 0x1) ioctl$auto_SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, 0x0) 1.882039111s ago: executing program 1 (id=2266): r0 = socket(0x15, 0x5, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x7, 0x800008000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) sendmsg$auto(r0, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0) 1.634372669s ago: executing program 2 (id=2267): close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$auto(0x3, 0xc208ae62, 0x38) 1.621096342s ago: executing program 3 (id=2268): r0 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc) fallocate$auto(r0, 0x0, 0x7, 0x4cbd5d) rename$auto(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)='./file1\x00') open(&(0x7f0000000000)='./file0\x00', 0x26142, 0x4f) 1.559730436s ago: executing program 1 (id=2269): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000000), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000000c0)={0x28, r1, 0x1, 0x70bd29, 0x25dfdbfb, {}, [@ETHTOOL_A_COALESCE_RX_USECS_IRQ={0x8}, @ETHTOOL_A_COALESCE_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x810) 1.349582128s ago: executing program 1 (id=2270): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$auto_IPVS_CMD_SET_CONFIG(0xffffffffffffffff, &(0x7f0000001800)={0x0, 0x0, &(0x7f00000017c0)={&(0x7f0000001b80)=ANY=[@ANYRES64=0x0, @ANYBLOB="76e8243440cbe1e6423248a4886e52fb2b8ac9292e22b5923d3cae1669ca556e434e007c2dcd69a3c78aed9b74e18a3047fba714f01d9308e79a8032783144faa5effcdd9df79fc10b616f9d5ed8de8919178543327035d91922c40c1c588aad9b651778d935b33ad6ed3c86356655a18942f6bf8ba8ac4efe561c36ab136e0e15e711d035a3d845f4dedef2c065b52a142c20eed01986e0acdc411434238c78b287d9a25665adeb2790e7ec48c56184f86b7bec6f34bce54e4571cdc05d2ecd46dcc46ef4826ff4847b6ef374d9773b3f1df83ecfdfbfe3e5644011a71cb333d65d70065b88529dc989635f3cb5d946682f731529181ab294cd608f05f970f5cd9b2dc4da54c4bd588abedd63d3d2ed816ded8fa99c2379fca704e166c707cdf492e66d11abe8f38441e24daac14053385eeed3367ee2c7f14dde5049431a6b573d3df928b0fe88e57513de3c30b73479751eec592c8ae563b30dba2d9a22338bcb585f7f13f887e82ce0f3fd7603424c4fe56a6b7abb9558c7fe5fcf1854c5d3a53d2c23581f32688361b8948e080930a2c321471dc244361f149c1b19938a7a93a98ae4aa5dde6fa885674df362fe136745df986ea0a3d905a2083e5af4d48b06cce4b498f35f8455cc967ac67408a7405cda5b0ca4111e0cc1989962731542ea6e87b4383db0f12b140e13d8c2f1753a6654cc308f5d8a8d81d86fe08d2a9b801db6f5b21186bfd969ec5d804505b901b9961792f661ceaceabb5e502e7c21e82dc7ca93395f99e9df9d502557a8f0e70cd5805b8653d3e311d321e929745d42e3975fa8f89a39ef85a06eb395912f30d23b19f1f7ecb8bda26ccfd7f12d1c9da95fb73b12cc17ab5895287f964ebd54f4878134a535c396424abe53e447904dcb1238d51e821f466372415a489cc17bba2d4ab76007cde8b6d9e9d889aef92d806118e6decda5a6bd7375faa3aca2ffd7dcfb1984770034b4a1c0d8a1fd632adf1e154ba87791168cd76e94fb7d1782c5588c60e6f2b5a08b78a9e8d48aefb810927d335198f0fdff81fe4e8d874162d83fa03a19e98c334049319f5174794fddbdba791cb7ed7279c99dd0648595166d8cebb29760cb31a62a498c4e8be17e70ae1887877bdd3da05f95d58b6e991926fda689761fc3d9fa87b904582d0660ed675ed3f94fdc37424e89fb3091a3d0570caf795b8c689a7f8a9adea8622c5cf4ac8fdeae4f77779a0540a1c4729a0a2c53fcdab40e741c8cbe5c2f4c8ae0a4c1063369282977a6e3ec0bfea61da67f2002911a9c10d0fe97acb65bc5a0d9ff74e2de483f467ce0c6f20aa10c03231719d98da2cb4181b360ea0e982d2e78fb5f56f0f3a16ca3e028b217c41aee4c48954a99d1e0013e90765cf0c259cf2254aee8b0ac934f7616581f07b2f2052cb3d957af407888b8049a1a9a91d9081bebecbde9fd188992119a8e3c939d64dcbe2f762b5a1df5bd907ab82491a5f08b61fb2225df111cb598c721f0be94f5cb3e58ccbabc98a6879ed539c208eacd5908a0db35e439684bd7e80e5f7bf5ce686cb5b998ee3084dc5d0fb22e1625cc12c1874dbfc1ff1b65d286dd0be0e36264e6f30b3f863f7dfc6233f8556f1de55bc8d1f7e6353a4ef853b9dde4b4d83d71ed7a4262b9bcfc0d897a05d63572045f89167faa89b5d6ff559f055f4cedf5d0ac3a8ed3d535f8031e4d96c9fbce29a0cd77d114a06ee3edd948896aa4e6eb836d82e08b95296503e62ae605fc0baa3b175ace1fb7530047a203b8b6395f1b4adc81f89f10b361372def42f89061eb32ad14f13e8e0d1e2e757810153d3e7b07f3c7e8d66e7419bd46b35a66de90008fbbdc44c2d4d2af0c4968e84c1f0fbc7251b988830cd2c6bc41107109c54884addcd1d6000c5589a3871fd4884f902c2f324741164ecec59b8b2019aeb0f06f1e46296f33b4a51ef65627ac82939bbae2804d73ff5621cb4c0cfdd069596bc5e0d5940b93c6011dba9cc1c8cde0ddb7ff82c577805d54fd28f2da72e13ce1de9e5f54d8155b09993350d8030007c716d4b795c6f905151e707fe039e407ae1952c458ca6c8225ac709d248e378e6e6934cd2073acc9afe3ff7a98a5b9b72ec78f4573b54ab4bfa10be6d336e5ac19b22a5b1aece8bbc724fedf4eb9147cd9381abfbf5f41df573042fe1ffae3059484024c87a1940acf8fd18f5f86a8426cb776664ab8dc78da18f9e5f8ca1f81cddd4924067515a2d5113f82a658aba6ee321021396935165b49dd15611823fcca74378734811678940e8d3ea1ba656257ac171cef303e2fd860d7361a5dac4b14cc2d4dbc55ca51a963ae700f4c3e2883271cdea272521073d663142ded8efd4e370438a14ec82c6c89bb8fd683d1b8ae36bfa05efb5cbac69fd510013aeed70b494b5319edc746dfe6f74202061925d3d9d85b055587f8207bf1f75ceb1ac86913ff45d09850acff210ea3967afd5574c93205c407a8e617a737b9577c5992f4a0b40987d56f07b0cd2b86eca96b58b1793b40dbc4759e91c77a9de5ad050171aae4554e933576d85a4e9094e9f5b22f34527a1e9b4102eebd691a19c92b8f2def24f947d54d05ddddfe24cbfec62b2c08f5a3f2262d69a31cb3423b5c920ac2390f921ad97ae8789276cd5759a984e7fd224b79720f2497c383064eb6f8a4dd5f9fdf04c69eb34895a68a91813c3d4ca3880a927e299c00b6ac16595b6b4de4f678d667257e25d72f17738537b3d681fc13d50fa25b1eb51010db635fd361e4dd6806e1744a2a7f622bf629afebde46299075c34ca16d65d63c1eee8599b5e0b65a26cf04aba8c36d87eec7c644858e4ae99450645f51c9b9bed06c645ada0c744bf87d4565fde43f9a122b38b93b7192ff09e29d3179a0e31e038aedb1336f8531d107d4ca8bbc02475ad7c9b5b41bc36f3d1fba165a2348f8731ecb78631c630273edca65f1e6ee3701bfd2805956bd3597af92890da7e9c4d15ab0abe0dd56640f90dbe2f58ea1fc01fc4fd86b43ddf9cef15bb9d119ba9096c73a5f3d09ea49a9ec0d7ddfb36852e38df7f9645b54c6e997e03e79cc427b9f55b002091a95c88f80a821feae4039526f04025a7ff517b2409d3cda6fb444798ca8337d4bb8844856261af02c434eb296c9c12a0dfcf9583720a4228a57984554d5fbffab74774cca8e9e4bd014474c6b2dad1dddfc95fc9821151e7f2681b5dc55c493bd92838be31990cbdb854994533d1c0911cc14a9f3d9ff2b9cb94f9b4c1a0fc485bce618f6a9e4105f97252009a413840d47e136268ecdeb07adfaa446f1911fc81b0840d67067157c32ec8eed1b21ec2d4e69c77a96b17c981da78e7e196575fa0bc6bd6d1e993adbd26fb17bc6085c5a189740d4067974bd083fe1af02504a162732476226d2912c674b257fbced8e725b6468452e106b9c1c826badb88627547f4e0ebfe5e61c57ca66479d1cdb2e121039bbb5ae12c41b618274af010ec5948f87318cba85b46ce5819cd3352c1a7b6d04fdbb664ab2b3b0499d698e6e9f8aaddbfd1fd6d3edb831e129c6911347a3337f09cbf42b9e017c2ba0a8d67a921356d2fd211747ed4e979a06ec8f2c468fd068922d3e3845dceb60adf3279e01e67ad2f61e3d037f8dc8b0784a37f856ed1531a965971649e79cb614a6a359f33b676db03ad23791588e9cc16a8b772069b1af59a435c130cf3a0258f248f62e607947e60cdf9395bc322fd3c73754d607f914a95a9e973a1df9d5f99e2cfa77e28bea9e149e913676046317aa64b76b0e856552027881f5da24db69f1f72009f275cf5132aa20f659d31e423e2e12dce48917fda048f28d051b9cc1f849fcb884771fc99697a4a06617637fc3886d52a28d5d798d458c9e6ffd7c49d632733604c517f10a3845fe1a0593d79462f3c9f3509672de5d509f2f33d036dac99b2edd6cc200b2ecf2d9de3acf9aa4aa31fa872b09129a5ef2b6a2931027af1f0d77ff1319bfb8482e64882a9df777b552acfedfd30a16c2608ed6250e044e4537a3ca6462fb3703e3e75d2ee8214153c137efd06306d250f1b6b8da4378172f1e34b2ec3c927334019db618cf56960f5107fa75233ac00c0b304f0bce7cedd7fcda92ed120b523faff7d14319df9db1b107bfc4c1102ce28a99e471a8a9093c847f8616c53bc2698dfd27c6b3c88512e44e585b3c4ae8e327b81400629c5ca3a30ce8aa46841c3a83ce6075cd188800a556d11cb7f4cf100c61a9a5f9128113d28379d5d5c09f60d6b906ba23fb05c3c1e592692d5c201ba4e11b9d71408f1a894749425f5558c47aa76a967a6e52b6f7ad3e162778aec4b10e3a61ae7f9cb36fc6890f5d95cd1f135f9c232fe35ddb3a88e50311d42603fae114d2c80685e554dc59d9ddf2e1eaaf18bfb84fd495628ddad74a6e2df062a2e46388ce90f8bce6d48ec2cd851e1a3d3f4e53e030084375ae051b7f69d1ab79dd8817c6c37d35113782cd6b4178c48b98f8ff8418b3e52eeaefc39778a3698896938857c082f7a4ec6e2c74fce36373e32880321334815ced3036706970849a5d382a1fa5107c4045c79f42492a7b79e3eb43d32ad4b17aaa05fc53a122b374a0c7356f6b45827888e2bbbacc93614782660dbda377387fe009df27d7382156b1dde22414f326cdb45a61bb5f074011feb539e0af6ea1f76dd1603fff9e4b527fc3075872b74f6e7c245ee0be10526517269ee071070a051253e788ebda59be825d186c0616d0123e4dfcf41c0c6b0115e7a8a95c6978ae482def4cbb50318adf4b8fef2a9e30906a46994a201ae23c811f3323733b2ab66e0097d467e310d1dfd25e7a8f4f15bb74c21edb38b1ff0f0208260e3d78cfe10f1755d78204d95261bd0603d35eeb89f84f52bfcf7c8650e6c47ba99913432f94bdd132474cd41a2cbd6cf94a4253b50fda6dc8e39d712150750780b5b562833abaeada025535acc8eeb9c0c002d18b0c981807a6e0d1ab46e3e1140d1df68a384ca3cce7ae1dfa2bf40fb7c6e0fbb706f7ce1bea40c61e7e7791aaaa26d874250f96aba3432ef926fe18d63c5312addf1818e55b3a2119b2f49020e0735da64098dc52afce1cb40fbd1fb06285da8d7fe728a7284bb113c53d801472cad8b5a4a87a581537b14d1db258e83877f2bff88a8c45a480cad8f575c6fe41e095decf806e12f9e5ccf177e3cdb3bf27abf0407d5d2ca187f66f6e030242d76b899ea078d3f2013bace124d4d02d9322ccac3be9f547b86cb4f111190ddb9935ebc56043bd80af321f6ab46e920ca255fa18bd568a5750618a14687f9e9c018eb801bb2b5ad7998f174faa673bcbfeeac79a0508262c52c6e0cda5c773d173a630bb7bd02f90aa1069683ece3ba19704c2e3f864c19faf4b220122ac2622ec483ce9e83c67388c6edb2357a89737bb26671d3cc452e0d51fbc11e46ad242abedcdbcb3dc6cb9080faec2e0e764fc6563ece588fb53a8e511159f1a1c7bc3289a05bb965f0f00e049a162f0a762940899978c0f0563da5f5549af0256920857da6e609159ca8ce4f0d2499cfcce39b5914f12032d602c224c4be31715c43fbbc92cbd4327054906fb4679cc87700859a77dc8ec9c6defff6c3dc1c9cc7d2c960cd115d92b36b097e9f6933da1083779c9c6550cfa8dde9a926ea089e8910647cc0c6818542bf13b61336ae7c7f92eeb17492dc3da069288999f1957d0757844ceccd6b15bdfa8302b19428baccb46305e2f290acd90fe0c30604f2cba77d5b5da3456a0ca97"], 0x34}}, 0x200000d4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x80}, 0x40000) pwrite64$auto(0xc8, &(0x7f0000000040)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00\x00\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e#\xae\xa9i8W\xe5Iq\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd0\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00'/231, 0xfdf2, 0x3a) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) semctl$auto(0x80001ff, 0x804, 0x13, 0x4) keyctl$auto(0x1, 0x7, 0x100, 0x8, 0x4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = timerfd_create$auto(0x1, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram2\x00', 0x10ba02, 0x0) getxattrat$auto(r0, &(0x7f0000000080)='./file0\x00', 0x1000, &(0x7f00000003c0)='\x00\xa3B\x9f!\'\xb5\xd8\x7f\xedP\x93S\x8d0\xbe\x80F\x8e\x9d\x97\xea>O\xa0\r\x1d\x15\xd6\xa96\xb3\x0e\xfdf\x14a\x06\x11\xa9r\xad\xe2\x1a\x83/\xa4\x06z\xbf\x88n\xdc\xca\xf3%\xba\x8d\xe7\x17\xccZ\x19Xb\xcf\x1e\x18\xd9\xae\"\xb0\x04=cX\x94\xd3wn\x15\x96[\xc9\xe4B\x99\xf3\xb9\x82-\xad}h\x10o\xec\x05\xe8P_\xa3\xab)\x7f\x97\rS\a\x7f\x97Qt{4C\xe5f\xdc\xe4P\xdb:\xaf\xc5FV s~=\xc9\xda\xbd\xda\x1f\xa9\xda\xd8\x96\x13Hbu\xb5+\"\x94X~\x85\xbf\xc6\xc4\xfcak\x8b\x06UB\xc7R|\x94~.\x90\x8d\xa9d0x0, 0x7, 0x109, 0x7, "aab8e80600080043529f895cf5e8ec8f46cbb766439d070a00", @raw=0x2}, 0x6, 0x4, 0x6, @raw=0xd7, @integer64={0x442df60c, 0x81, 0x7}, "a4699d30a05edbe0d28473c399a7dc920b153e9b1675451d7de94b4123f970bedd3460c667373fcc59b584d81592f6ab606c276852295e00af49e6de6e768034"}) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_REMOVE(r3, 0xc0405519, &(0x7f00000000c0)={@inferred=r4, 0x7, 0xd, 0xa4, "e3eabf11dce36a2eac9cb4682c339b3ce615a9b97386d4462bc6553245da56e4978f37368e849db4a6e0aa4e", @raw=0xa2cfa1c}) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x457, 0x7, 0xd, 0x1, 0x948b, 0x6, 0x0, 0x1, 0x3, 0x40, 0x6, 0x1, 0x6d39, 0x5, 0x2, 0x4]}, 0x0) fcntl$auto_F_UNLCK(r2, 0x206, 0x2) select$auto(0x7fff, &(0x7f0000000140)={[0x21, 0xfffffffffffffff8, 0x1, 0x7, 0x7, 0x1, 0x7a, 0x3, 0x0, 0x1, 0x8, 0x7, 0x6, 0x7, 0x9, 0x81]}, 0x0, &(0x7f0000000340)={[0x6, 0x3, 0x6c0000000000000, 0xedbb, 0x80, 0x6, 0xffffffffffff5bf5, 0xfffffffffffffffd, 0x9, 0x9, 0xa3a, 0xfffffffffffffffe, 0x5, 0x7, 0x8, 0x2]}, &(0x7f0000000280)={0x9, 0xa74}) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x2000, 0x0) msgsnd$auto(0x0, &(0x7f0000000040)={0x5, 0x20}, 0x1000, 0xfffffffc) sendfile$auto(r1, 0x3, 0x0, 0x400000000006) timerfd_settime$auto(r0, 0x3, &(0x7f0000000000)={{0x10, 0x3ff}, {0x10, 0x9}}, 0x0) 1.321905199s ago: executing program 2 (id=2271): mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) msgctl$auto(0x0, 0x3, 0x0) r0 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r0, 0x107, 0x12, 0x0, 0x8) 1.248171302s ago: executing program 3 (id=2272): rt_sigprocmask$auto(0x0, &(0x7f0000000000)={0xfffffffffffffe01}, 0x0, 0x8) mmap$auto(0x0, 0x2020009, 0x100003, 0x9000000eb1, 0xfffffffffffffffa, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyr0\x00', 0x60540, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0x20342, 0x0) socket(0xa, 0x5, 0x84) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) uname$auto(0x0) setsockopt$auto(0x3, 0x94, 0xf, 0x0, 0x3ff) syz_clone(0x40004000, 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$auto(0x0, 0x0) socket(0x2, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1000001, 0x5, 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptya7\x00', 0x101e81, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/ifb0/statistics/rx_length_errors\x00', 0x6400, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyde\x00', 0xa0102, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) write$auto(0x3, 0x0, 0x7fffffff) socket(0x2, 0x1, 0x106) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x40008000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) fanotify_init$auto(0x65, 0x2) pipe$auto(0x0) close_range$auto(0x0, 0x5, 0x0) 1.214668747s ago: executing program 2 (id=2273): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) stat$auto(0x0, &(0x7f0000000380)={0x506f, 0x7, 0x80000000000000, 0xfffffff2, 0x0, 0xee01, 0x0, 0x5, 0x101, 0x4, 0x1, 0x20fd, 0xffff, 0x800000401, 0x5f54, 0x1000000000, 0xfffffffeffffffff}) r0 = openat$auto_urandom_fops_random(0xffffffffffffff9c, &(0x7f0000000080), 0x20082, 0x0) writev$auto(r0, &(0x7f00000003c0)={0x0, 0x8}, 0x3) 1.174392287s ago: executing program 0 (id=2274): mmap$auto(0x0, 0x400008, 0xe2, 0x9b72, 0xffffffffffffffff, 0x8000) r0 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x8040, 0x0) io_uring_setup$auto(0x2008, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r0, 0x403c6f2b, 0x0) 390.391822ms ago: executing program 0 (id=2275): r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0) pread64$auto(r0, 0x0, 0xf42f, 0x7f) fcntl$auto(0x3, 0x400, 0x9ec0000000000000) fcntl$auto(0x3, 0x400, 0x2) 253.785251ms ago: executing program 0 (id=2276): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) lseek$auto(0x3, 0x7ffffffffffffffd, 0x2) execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) r0 = prctl$auto(0x21, 0x1, 0x1, 0x0, 0x0) read$auto_rng_chrdev_ops_core(r0, &(0x7f0000000080)=""/202, 0xca) ioctl$auto_FS_IOC_GET_ENCRYPTION_NONCE2(r0, 0x8010661b, &(0x7f0000000040)="cd0c0864cb7845cf2a936ec1fbdd9279") keyctl$auto(0x5, 0xffffffffffffffff, 0x5, 0x5, 0x8) keyctl$auto(0x15, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x8) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) mremap$auto(0x200000001000, 0x8, 0x37, 0x3, 0x110c230000) openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) mmap$auto(0x0, 0x2000b, 0x4000000000df, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) read$auto(0x3, 0x0, 0x80) close_range$auto(0x2, 0x8, 0x0) r2 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x0, 0x2) getdents64$auto(r2, &(0x7f0000000f40)={0x309, 0x7, 0xffff, 0x7}, 0x200c8) ioctl$auto(0x3, 0xae60, 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) close_range$auto(0x2, 0x8, 0x0) r3 = socket(0x2a, 0x2, 0x1) connect$auto(r3, &(0x7f00000000c0)=@qipcrtr={0x2a, 0xffffffff, 0xfffffffe}, 0x55) openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) close_range$auto(0x2, 0xa, 0x0) 218.191076ms ago: executing program 3 (id=2277): close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x1, 0x84) openat$auto_trace_clock_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/trace_clock\x00', 0xc0002, 0x0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x3f}, 0x8) 154.153321ms ago: executing program 1 (id=2278): mmap$auto(0x0, 0x853, 0x2000000000000002, 0xeb1, 0xffffffffffffffff, 0x8000) openat$auto_proc_fault_inject_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/make-it-fail\x00', 0x40002, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) write$auto(0x3, 0x0, 0xfdef) 39.329719ms ago: executing program 3 (id=2279): mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f00000000c0), 0x141401, 0x0) clock_adjtime$auto(0xfffffffffffffffb, 0x0) 529.381µs ago: executing program 0 (id=2280): mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) socket(0x1d, 0x2, 0x2) connect$auto(0x3, 0x0, 0x55) connect$auto(0x3, 0x0, 0x54) 0s ago: executing program 1 (id=2281): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_handshake(&(0x7f00000004c0), 0xffffffffffffffff) sendmsg$auto_HANDSHAKE_CMD_ACCEPT(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000000c0)={0x1c, r1, 0x1, 0x70bd27, 0x25dfdc00, {}, [@HANDSHAKE_A_ACCEPT_HANDLER_CLASS={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4002040}, 0x2004881c) kernel console output (not intermixed with test programs): .670737][T11063] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1013'. [ 435.956102][T11073] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 437.717294][T11093] bond0: option all_slaves_active: invalid value () [ 439.358295][T11119] ubi0: attaching mtd0 [ 439.413845][T11119] ubi0: scanning is finished [ 439.418506][T11119] ubi0: empty MTD device detected [ 439.924157][T11112] Invalid ELF header magic: != ELF [ 440.121641][T11119] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 440.235409][T11119] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 440.293586][T11119] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 440.301119][T11119] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 440.396325][T11119] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 440.553621][T11119] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 440.564558][T11119] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 2255779630 [ 440.746102][T11119] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 440.795662][T11131] ubi0: background thread "ubi_bgt0d" started, PID 11131 [ 440.810094][T11120] ubi0: detaching mtd0 [ 440.924620][T11120] ubi0: mtd0 is detached [ 443.442142][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 443.448525][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 443.562007][T11184] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input13 [ 443.652344][T11187] Process accounting resumed [ 444.644882][T11195] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1037'. [ 446.418145][T11224] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1043'. [ 446.576891][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805a2d2000: rx timeout, send abort [ 446.586629][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88805a2d2000: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 450.402081][T11277] zswap: compressor not available [ 450.541321][T11277] random: crng reseeded on system resumption [ 452.782231][T11315] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 453.060758][T11321] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 453.729588][T11335] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 454.936033][T11353] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 456.378300][T11384] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 456.427288][T11383] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 457.078688][T11395] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 458.620226][T11426] FAULT_INJECTION: forcing a failure. [ 458.620226][T11426] name failslab, interval 1, probability 0, space 0, times 0 [ 459.219347][T11426] CPU: 1 UID: 0 PID: 11426 Comm: syz.1.1084 Not tainted syzkaller #0 PREEMPT(full) [ 459.219382][T11426] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 459.219398][T11426] Call Trace: [ 459.219407][T11426] [ 459.219417][T11426] dump_stack_lvl+0x16c/0x1f0 [ 459.219453][T11426] should_fail_ex+0x512/0x640 [ 459.219479][T11426] ? __kmalloc_noprof+0xca/0x870 [ 459.219521][T11426] should_failslab+0xc2/0x120 [ 459.219555][T11426] __kmalloc_noprof+0xdd/0x870 [ 459.219592][T11426] ? iter_file_splice_write+0x1cc/0x12b0 [ 459.219632][T11426] ? iter_file_splice_write+0x1cc/0x12b0 [ 459.219662][T11426] iter_file_splice_write+0x1cc/0x12b0 [ 459.219699][T11426] ? kfree+0x29e/0x710 [ 459.219732][T11426] ? copy_splice_read+0x897/0xc20 [ 459.219768][T11426] ? copy_splice_read+0x897/0xc20 [ 459.219804][T11426] ? copy_splice_read+0x89c/0xc20 [ 459.219834][T11426] ? __pfx_iter_file_splice_write+0x10/0x10 [ 459.219870][T11426] ? __lock_acquire+0x433/0x22f0 [ 459.219899][T11426] ? __pfx_copy_splice_read+0x10/0x10 [ 459.219950][T11426] ? __pfx_iter_file_splice_write+0x10/0x10 [ 459.219986][T11426] direct_splice_actor+0x192/0x6c0 [ 459.220022][T11426] splice_direct_to_actor+0x345/0xa30 [ 459.220056][T11426] ? __pfx_direct_splice_actor+0x10/0x10 [ 459.220094][T11426] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 459.220140][T11426] do_splice_direct+0x174/0x240 [ 459.220171][T11426] ? __pfx_do_splice_direct+0x10/0x10 [ 459.220203][T11426] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 459.220239][T11426] ? rw_verify_area+0xcf/0x6c0 [ 459.220270][T11426] do_sendfile+0xb06/0xe50 [ 459.220306][T11426] ? __pfx_do_sendfile+0x10/0x10 [ 459.220340][T11426] ? __x64_sys_futex+0x1e0/0x4c0 [ 459.220367][T11426] ? __x64_sys_futex+0x1e9/0x4c0 [ 459.220399][T11426] __x64_sys_sendfile64+0x1d8/0x220 [ 459.220434][T11426] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 459.220467][T11426] ? syscall_user_dispatch+0x78/0x140 [ 459.220510][T11426] do_syscall_64+0xcd/0xf80 [ 459.220542][T11426] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 459.220568][T11426] RIP: 0033:0x7f500638f7c9 [ 459.220589][T11426] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 459.220612][T11426] RSP: 002b:00007f5007156038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 459.220637][T11426] RAX: ffffffffffffffda RBX: 00007f50065e6090 RCX: 00007f500638f7c9 [ 459.220655][T11426] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 459.220669][T11426] RBP: 00007f5006413f91 R08: 0000000000000000 R09: 0000000000000000 [ 459.220685][T11426] R10: 000000007fffe000 R11: 0000000000000246 R12: 0000000000000000 [ 459.220700][T11426] R13: 00007f50065e6128 R14: 00007f50065e6090 R15: 00007ffe263cab28 [ 459.220737][T11426] [ 459.815497][T11426] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1084'. [ 460.027881][T11437] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 462.773585][T11480] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 463.843482][T11499] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 465.537078][T11531] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 465.656778][T11528] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 467.160622][T11546] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1107'. [ 467.238295][T11555] bond0: option all_slaves_active: invalid value () [ 468.826997][T11575] random: crng reseeded on system resumption [ 468.956933][ T5844] Bluetooth: hci0: unexpected event 0x1c length: 725 > 5 [ 469.650887][T11589] zswap: compressor not available [ 473.465214][T11637] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 474.917951][T11663] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 475.514562][T11676] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1132'. [ 475.630173][T11680] warning: `syz.2.1131' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 475.647466][T11680] openvswitch: netlink: Message has 6 unknown bytes. [ 476.758264][T11688] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1134'. [ 477.146641][T11693] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1136'. [ 477.443797][T11699] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1137'. [ 478.583843][T11719] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1140'. [ 478.899167][T11718] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 480.330359][T11735] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1144'. [ 480.590628][T11741] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1145'. [ 481.578728][T11751] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1147'. [ 483.203560][T11774] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1151'. [ 483.482806][T11781] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1152'. [ 484.142895][ T30] audit: type=1326 audit(2358630618.368:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11771 comm="syz.3.1153" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f533a58f7c9 code=0x0 [ 484.502719][T11795] bond0: option all_slaves_active: invalid value () [ 486.565380][T11818] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1159'. [ 486.634535][T11821] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1161'. [ 486.991191][T11829] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 487.573574][T11840] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 487.754275][T11845] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1164'. [ 487.899718][T11839] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 487.956518][T11849] bond0: option all_slaves_active: invalid value () [ 490.147837][T11880] bond0: option all_slaves_active: invalid value () [ 491.210680][T11885] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1173'. [ 492.061983][T11896] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1175'. [ 492.167852][T11904] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1176'. [ 492.989149][T11911] netlink: 186 bytes leftover after parsing attributes in process `syz.0.1177'. [ 493.061528][ T30] audit: type=1800 audit(2358630627.334:6): pid=11920 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1178" name="lu_gp_id" dev="configfs" ino=34475 res=0 errno=0 [ 493.179788][T11923] netlink: 186 bytes leftover after parsing attributes in process `syz.0.1177'. [ 493.280721][T11924] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1179'. [ 493.969892][T11930] bond0: option all_slaves_active: invalid value () [ 494.247652][T11939] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1182'. [ 494.450849][T11934] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1184'. [ 495.620158][T11953] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1187'. [ 495.847911][T11966] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1191'. [ 495.917140][T11968] binder: BINDER_SET_CONTEXT_MGR already set [ 495.923364][T11968] binder: 11965:11968 ioctl 4018620d 9 returned -16 [ 496.755238][T11977] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 496.938226][T11981] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1193'. [ 498.368143][T12012] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1197'. [ 498.438263][T12010] bond0: option all_slaves_active: invalid value () [ 498.522474][T12005] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 499.276063][T12022] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 499.342788][T12030] Console: switching to colour frame buffer device 128x48 [ 499.385469][T12028] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 499.470006][T12032] device-mapper: ioctl: Invalid ioctl structure: name d, dev 3000000000 [ 500.283089][T12048] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1206'. [ 500.470468][T12046] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 501.926096][T12070] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 502.335122][T12065] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1208'. [ 502.876215][T12065] bond0: (slave bond_slave_1): Releasing backup interface [ 503.237786][T12082] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 503.688915][T12092] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 504.565776][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 504.574026][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 504.986284][T12100] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 505.010910][T12100] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 505.023776][T12100] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 505.043497][T12100] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 506.533933][T12150] bond0: option all_slaves_active: invalid value () [ 506.950018][ T5844] Bluetooth: hci0: command 0x0c1a tx timeout [ 507.030280][ T5844] Bluetooth: hci1: command 0x0c1a tx timeout [ 507.030328][ T5842] Bluetooth: hci3: command 0x0c1a tx timeout [ 507.108444][ T5842] Bluetooth: hci2: command 0x0c1a tx timeout [ 507.520363][T12173] FAULT_INJECTION: forcing a failure. [ 507.520363][T12173] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 507.600307][T12173] CPU: 1 UID: 0 PID: 12173 Comm: syz.1.1222 Not tainted syzkaller #0 PREEMPT(full) [ 507.600341][T12173] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 507.600355][T12173] Call Trace: [ 507.600363][T12173] [ 507.600374][T12173] dump_stack_lvl+0x16c/0x1f0 [ 507.600409][T12173] should_fail_ex+0x512/0x640 [ 507.600439][T12173] should_fail_alloc_page+0xe7/0x130 [ 507.600473][T12173] prepare_alloc_pages+0x3c2/0x610 [ 507.600509][T12173] __alloc_frozen_pages_noprof+0x18b/0x2440 [ 507.600548][T12173] ? __pfx_try_to_migrate_one+0x10/0x10 [ 507.600592][T12173] ? __up_read+0x2d1/0x700 [ 507.600623][T12173] ? __pfx___up_read+0x10/0x10 [ 507.600651][T12173] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 507.600687][T12173] ? rmap_walk_anon+0x503/0x710 [ 507.600748][T12173] __folio_alloc_noprof+0x11/0xa0 [ 507.600797][T12173] alloc_migration_target+0x24a/0x660 [ 507.600838][T12173] migrate_pages_batch+0x3bc/0x3bb0 [ 507.600891][T12173] ? __pfx_alloc_migration_target+0x10/0x10 [ 507.600950][T12173] ? __pfx_migrate_pages_batch+0x10/0x10 [ 507.600995][T12173] ? __pfx_walk_pgd_range+0x10/0x10 [ 507.601024][T12173] migrate_pages_sync+0x12d/0x8a0 [ 507.601062][T12173] ? __pfx_alloc_migration_target+0x10/0x10 [ 507.601103][T12173] ? queue_pages_test_walk+0x279/0x410 [ 507.601134][T12173] ? __pfx_migrate_pages_sync+0x10/0x10 [ 507.601168][T12173] ? walk_page_test+0x9b/0x180 [ 507.601194][T12173] ? walk_page_range_mm+0x235/0xb40 [ 507.601225][T12173] migrate_pages+0x1b0b/0x2350 [ 507.601250][T12173] ? __pfx_alloc_migration_target+0x10/0x10 [ 507.601275][T12173] ? __pfx_migrate_pages+0x10/0x10 [ 507.601295][T12173] ? queue_pages_range+0x11e/0x180 [ 507.601314][T12173] ? __pfx___up_read+0x10/0x10 [ 507.601330][T12173] ? do_migrate_pages+0x458/0x750 [ 507.601351][T12173] do_migrate_pages+0x48e/0x750 [ 507.601373][T12173] ? __pfx_do_migrate_pages+0x10/0x10 [ 507.601394][T12173] ? rcu_is_watching+0x12/0xc0 [ 507.601414][T12173] ? cap_capable+0x10d/0x3f0 [ 507.601426][T12173] ? get_task_mm+0xc2/0xf0 [ 507.601445][T12173] ? security_capable+0x250/0x260 [ 507.601460][T12173] kernel_migrate_pages+0x55b/0x700 [ 507.601478][T12173] ? __pfx_kernel_migrate_pages+0x10/0x10 [ 507.601496][T12173] ? __pfx_do_writev+0x10/0x10 [ 507.601515][T12173] __x64_sys_migrate_pages+0x96/0x100 [ 507.601533][T12173] ? lockdep_hardirqs_on+0x7c/0x110 [ 507.601549][T12173] do_syscall_64+0xcd/0xf80 [ 507.601567][T12173] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 507.601581][T12173] RIP: 0033:0x7f500638f7c9 [ 507.601593][T12173] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 507.601607][T12173] RSP: 002b:00007f5007177038 EFLAGS: 00000246 ORIG_RAX: 0000000000000100 [ 507.601620][T12173] RAX: ffffffffffffffda RBX: 00007f50065e5fa0 RCX: 00007f500638f7c9 [ 507.601630][T12173] RDX: 0000200000000100 RSI: 000000000000000a RDI: 0000000000000000 [ 507.601638][T12173] RBP: 00007f5006413f91 R08: 0000000000000000 R09: 0000000000000000 [ 507.601647][T12173] R10: 0000200000000140 R11: 0000000000000246 R12: 0000000000000000 [ 507.601655][T12173] R13: 00007f50065e6038 R14: 00007f50065e5fa0 R15: 00007ffe263cab28 [ 507.601674][T12173] [ 508.218956][T12186] bond0: invalid ARP target specified [ 508.901274][T12194] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1226'. [ 510.675523][T12212] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 511.167340][T12222] syz.0.1232 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 512.024557][T12241] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1234'. [ 514.648706][T12280] bond0: option all_slaves_active: invalid value () [ 515.080288][T12282] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 516.634159][T12312] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 517.049951][T12323] bond0: option all_slaves_active: invalid value () [ 517.635555][T12329] FAULT_INJECTION: forcing a failure. [ 517.635555][T12329] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 517.710623][T12329] CPU: 0 UID: 0 PID: 12329 Comm: syz.3.1253 Not tainted syzkaller #0 PREEMPT(full) [ 517.710655][T12329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 517.710670][T12329] Call Trace: [ 517.710678][T12329] [ 517.710687][T12329] dump_stack_lvl+0x16c/0x1f0 [ 517.710722][T12329] should_fail_ex+0x512/0x640 [ 517.710762][T12329] should_fail_alloc_page+0xe7/0x130 [ 517.710799][T12329] prepare_alloc_pages+0x3c2/0x610 [ 517.710837][T12329] __alloc_frozen_pages_noprof+0x18b/0x2440 [ 517.710882][T12329] ? __up_read+0x2d1/0x700 [ 517.710912][T12329] ? __pfx___up_read+0x10/0x10 [ 517.710940][T12329] ? __rmap_walk_file+0x575/0x620 [ 517.710970][T12329] ? vma_interval_tree_iter_next+0x10c/0x250 [ 517.711006][T12329] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 517.711047][T12329] ? __rmap_walk_file+0x575/0x620 [ 517.711087][T12329] ? rmap_walk_file+0x174/0x1f0 [ 517.711116][T12329] ? queue_folios_pte_range+0x9bb/0x1150 [ 517.711159][T12329] __folio_alloc_noprof+0x11/0xa0 [ 517.711191][T12329] alloc_migration_target+0x24a/0x660 [ 517.711221][T12329] migrate_pages_batch+0x3bc/0x3bb0 [ 517.711251][T12329] ? __pfx_alloc_migration_target+0x10/0x10 [ 517.711289][T12329] ? __pfx_migrate_pages_batch+0x10/0x10 [ 517.711322][T12329] ? __pfx_walk_pgd_range+0x10/0x10 [ 517.711343][T12329] migrate_pages_sync+0x12d/0x8a0 [ 517.711372][T12329] ? __pfx_alloc_migration_target+0x10/0x10 [ 517.711404][T12329] ? queue_pages_test_walk+0x279/0x410 [ 517.711430][T12329] ? __pfx_migrate_pages_sync+0x10/0x10 [ 517.711458][T12329] ? walk_page_test+0x9b/0x180 [ 517.711478][T12329] ? walk_page_range_mm+0x235/0xb40 [ 517.711502][T12329] migrate_pages+0x1b0b/0x2350 [ 517.711532][T12329] ? __pfx_alloc_migration_target+0x10/0x10 [ 517.711567][T12329] ? __pfx_migrate_pages+0x10/0x10 [ 517.711595][T12329] ? queue_pages_range+0x11e/0x180 [ 517.711622][T12329] ? __pfx___up_read+0x10/0x10 [ 517.711644][T12329] ? do_migrate_pages+0x458/0x750 [ 517.711672][T12329] do_migrate_pages+0x48e/0x750 [ 517.711704][T12329] ? __pfx_do_migrate_pages+0x10/0x10 [ 517.711734][T12329] ? rcu_is_watching+0x12/0xc0 [ 517.711768][T12329] ? cap_capable+0x10d/0x3f0 [ 517.711787][T12329] ? get_task_mm+0xc2/0xf0 [ 517.711814][T12329] ? security_capable+0x250/0x260 [ 517.711838][T12329] kernel_migrate_pages+0x55b/0x700 [ 517.711865][T12329] ? __pfx_kernel_migrate_pages+0x10/0x10 [ 517.711893][T12329] ? __pfx_do_writev+0x10/0x10 [ 517.711919][T12329] __x64_sys_migrate_pages+0x96/0x100 [ 517.711944][T12329] ? lockdep_hardirqs_on+0x7c/0x110 [ 517.711967][T12329] do_syscall_64+0xcd/0xf80 [ 517.711991][T12329] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 517.712013][T12329] RIP: 0033:0x7f533a58f7c9 [ 517.712030][T12329] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 517.712050][T12329] RSP: 002b:00007f533b466038 EFLAGS: 00000246 ORIG_RAX: 0000000000000100 [ 517.712069][T12329] RAX: ffffffffffffffda RBX: 00007f533a7e5fa0 RCX: 00007f533a58f7c9 [ 517.712082][T12329] RDX: 0000200000000100 RSI: 000000000000000a RDI: 0000000000000000 [ 517.712094][T12329] RBP: 00007f533a613f91 R08: 0000000000000000 R09: 0000000000000000 [ 517.712106][T12329] R10: 0000200000000140 R11: 0000000000000246 R12: 0000000000000000 [ 517.712118][T12329] R13: 00007f533a7e6038 R14: 00007f533a7e5fa0 R15: 00007ffd3abc07a8 [ 517.712146][T12329] [ 518.418276][T12333] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 518.830012][T12341] device-mapper: ioctl: Invalid ioctl structure: name d, dev 3000000000 [ 519.269699][T12348] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 520.104716][T12364] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1259'. [ 521.141534][T12381] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 521.713872][T12390] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 522.365272][T12402] FAULT_INJECTION: forcing a failure. [ 522.365272][T12402] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 522.391253][T12402] CPU: 1 UID: 0 PID: 12402 Comm: syz.0.1265 Not tainted syzkaller #0 PREEMPT(full) [ 522.391290][T12402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 522.391305][T12402] Call Trace: [ 522.391313][T12402] [ 522.391324][T12402] dump_stack_lvl+0x16c/0x1f0 [ 522.391370][T12402] should_fail_ex+0x512/0x640 [ 522.391403][T12402] should_fail_alloc_page+0xe7/0x130 [ 522.391440][T12402] prepare_alloc_pages+0x3c2/0x610 [ 522.391476][T12402] __alloc_frozen_pages_noprof+0x18b/0x2440 [ 522.391516][T12402] ? __pfx_try_to_migrate_one+0x10/0x10 [ 522.391560][T12402] ? __up_read+0x2d1/0x700 [ 522.391591][T12402] ? __pfx___up_read+0x10/0x10 [ 522.391619][T12402] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 522.391657][T12402] ? rmap_walk_anon+0x503/0x710 [ 522.391719][T12402] __folio_alloc_noprof+0x11/0xa0 [ 522.391758][T12402] alloc_migration_target+0x24a/0x660 [ 522.391797][T12402] migrate_pages_batch+0x3bc/0x3bb0 [ 522.391837][T12402] ? __pfx_alloc_migration_target+0x10/0x10 [ 522.391886][T12402] ? __pfx_migrate_pages_batch+0x10/0x10 [ 522.391929][T12402] ? __pfx_walk_pgd_range+0x10/0x10 [ 522.391957][T12402] migrate_pages_sync+0x12d/0x8a0 [ 522.391996][T12402] ? __pfx_alloc_migration_target+0x10/0x10 [ 522.392038][T12402] ? queue_pages_test_walk+0x279/0x410 [ 522.392072][T12402] ? __pfx_migrate_pages_sync+0x10/0x10 [ 522.392110][T12402] ? walk_page_test+0x9b/0x180 [ 522.392136][T12402] ? walk_page_range_mm+0x235/0xb40 [ 522.392168][T12402] migrate_pages+0x1b0b/0x2350 [ 522.392207][T12402] ? __pfx_alloc_migration_target+0x10/0x10 [ 522.392269][T12402] ? __pfx_migrate_pages+0x10/0x10 [ 522.392309][T12402] ? queue_pages_range+0x11e/0x180 [ 522.392350][T12402] ? __pfx___up_read+0x10/0x10 [ 522.392381][T12402] ? do_migrate_pages+0x458/0x750 [ 522.392420][T12402] do_migrate_pages+0x48e/0x750 [ 522.392461][T12402] ? __pfx_do_migrate_pages+0x10/0x10 [ 522.392500][T12402] ? rcu_is_watching+0x12/0xc0 [ 522.392535][T12402] ? cap_capable+0x10d/0x3f0 [ 522.392558][T12402] ? get_task_mm+0xc2/0xf0 [ 522.392590][T12402] ? security_capable+0x250/0x260 [ 522.392619][T12402] kernel_migrate_pages+0x55b/0x700 [ 522.392652][T12402] ? __pfx_kernel_migrate_pages+0x10/0x10 [ 522.392686][T12402] ? __pfx_do_writev+0x10/0x10 [ 522.392721][T12402] __x64_sys_migrate_pages+0x96/0x100 [ 522.392753][T12402] ? lockdep_hardirqs_on+0x7c/0x110 [ 522.392783][T12402] do_syscall_64+0xcd/0xf80 [ 522.392814][T12402] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 522.392840][T12402] RIP: 0033:0x7f7c2958f7c9 [ 522.392862][T12402] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 522.392888][T12402] RSP: 002b:00007f7c2a4c9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000100 [ 522.392913][T12402] RAX: ffffffffffffffda RBX: 00007f7c297e5fa0 RCX: 00007f7c2958f7c9 [ 522.392930][T12402] RDX: 0000200000000100 RSI: 000000000000000a RDI: 0000000000000000 [ 522.392946][T12402] RBP: 00007f7c29613f91 R08: 0000000000000000 R09: 0000000000000000 [ 522.392961][T12402] R10: 0000200000000140 R11: 0000000000000246 R12: 0000000000000000 [ 522.392976][T12402] R13: 00007f7c297e6038 R14: 00007f7c297e5fa0 R15: 00007fff08ae9ee8 [ 522.393012][T12402] [ 522.393602][T12400] Invalid ELF header magic: != ELF [ 523.401136][T12412] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1269'. [ 525.993112][T12452] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 526.046086][T12446] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 526.624659][T12469] bond0: option all_slaves_active: invalid value () [ 527.152527][T12482] Invalid ELF header magic: != ELF [ 529.425751][T12519] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 529.944038][T12524] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 530.266367][T12538] bond0: option all_slaves_active: invalid value () [ 532.508006][T12572] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1299'. [ 532.659625][T12573] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 533.621887][T12598] Invalid ELF header magic: != ELF [ 535.052736][T12604] netlink: zone id is out of range [ 536.909452][T12637] FAULT_INJECTION: forcing a failure. [ 536.909452][T12637] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 536.986027][T12637] CPU: 1 UID: 0 PID: 12637 Comm: syz.1.1313 Not tainted syzkaller #0 PREEMPT(full) [ 536.986063][T12637] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 536.986078][T12637] Call Trace: [ 536.986087][T12637] [ 536.986096][T12637] dump_stack_lvl+0x16c/0x1f0 [ 536.986124][T12637] should_fail_ex+0x512/0x640 [ 536.986143][T12637] should_fail_alloc_page+0xe7/0x130 [ 536.986165][T12637] prepare_alloc_pages+0x3c2/0x610 [ 536.986183][T12637] ? rcu_is_watching+0x12/0xc0 [ 536.986206][T12637] __alloc_frozen_pages_noprof+0x18b/0x2440 [ 536.986231][T12637] ? rcu_is_watching+0x12/0xc0 [ 536.986249][T12637] ? trace_mm_page_alloc+0x11b/0x180 [ 536.986267][T12637] ? __alloc_frozen_pages_noprof+0x292/0x2440 [ 536.986290][T12637] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 536.986313][T12637] ? find_held_lock+0x2b/0x80 [ 536.986332][T12637] ? is_bpf_text_address+0x8a/0x1a0 [ 536.986350][T12637] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 536.986371][T12637] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 536.986384][T12637] ? is_bpf_text_address+0x94/0x1a0 [ 536.986400][T12637] ? kernel_text_address+0x8d/0x100 [ 536.986416][T12637] ? __kernel_text_address+0xd/0x40 [ 536.986431][T12637] ? unwind_get_return_address+0x59/0xa0 [ 536.986453][T12637] alloc_pages_bulk_noprof+0x77b/0x1010 [ 536.986476][T12637] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 536.986496][T12637] ? policy_nodemask+0xea/0x4e0 [ 536.986515][T12637] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 536.986538][T12637] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 536.986558][T12637] ? set_page_refcounted+0xbd/0x230 [ 536.986576][T12637] kasan_populate_vmalloc+0x112/0x2d0 [ 536.986591][T12637] ? alloc_vmap_area+0x8a5/0x2980 [ 536.986610][T12637] alloc_vmap_area+0x950/0x2980 [ 536.986634][T12637] ? __pfx_alloc_vmap_area+0x10/0x10 [ 536.986656][T12637] __get_vm_area_node+0x1ca/0x330 [ 536.986676][T12637] __vmalloc_node_range_noprof+0x271/0x1480 [ 536.986695][T12637] ? vb2_vmalloc_alloc+0x135/0x3f0 [ 536.986716][T12637] ? vb2_vmalloc_alloc+0x135/0x3f0 [ 536.986735][T12637] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 536.986759][T12637] ? vb2_vmalloc_alloc+0x135/0x3f0 [ 536.986774][T12637] vmalloc_user_noprof+0x9e/0xe0 [ 536.986792][T12637] ? vb2_vmalloc_alloc+0x135/0x3f0 [ 536.986807][T12637] vb2_vmalloc_alloc+0x135/0x3f0 [ 536.986822][T12637] ? __pfx_vb2_vmalloc_alloc+0x10/0x10 [ 536.986837][T12637] __vb2_queue_alloc+0x8c9/0x1280 [ 536.986864][T12637] vb2_core_reqbufs+0xa90/0xfe0 [ 536.986882][T12637] ? __pfx_vb2_core_reqbufs+0x10/0x10 [ 536.986907][T12637] __vb2_init_fileio+0x3f1/0x1100 [ 536.986921][T12637] ? lockdep_hardirqs_on+0x7c/0x110 [ 536.986937][T12637] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 536.986953][T12637] ? __pollwait+0x271/0x460 [ 536.986970][T12637] vb2_core_poll+0x5ec/0x700 [ 536.986989][T12637] vb2_poll+0x4b/0xe0 [ 536.987011][T12637] vb2_fop_poll+0x10f/0x2c0 [ 536.987033][T12637] ? __pfx_vb2_fop_poll+0x10/0x10 [ 536.987055][T12637] v4l2_poll+0x163/0x320 [ 536.987073][T12637] ? __pfx_v4l2_poll+0x10/0x10 [ 536.987089][T12637] do_sys_poll+0x55c/0xdf0 [ 536.987117][T12637] ? __pfx_do_sys_poll+0x10/0x10 [ 536.987132][T12637] ? __lock_acquire+0x433/0x22f0 [ 536.987165][T12637] ? __futex_wait+0x24b/0x2f0 [ 536.987184][T12637] ? __pfx___pollwait+0x10/0x10 [ 536.987202][T12637] ? __pfx_pollwake+0x10/0x10 [ 536.987246][T12637] ? __pfx_timespec64_add_safe+0x10/0x10 [ 536.987263][T12637] ? ktime_get_ts64+0x2d2/0x400 [ 536.987278][T12637] ? read_tsc+0x9/0x20 [ 536.987294][T12637] ? ktime_get_ts64+0x256/0x400 [ 536.987313][T12637] __x64_sys_poll+0x1a6/0x450 [ 536.987330][T12637] ? __pfx___x64_sys_poll+0x10/0x10 [ 536.987352][T12637] do_syscall_64+0xcd/0xf80 [ 536.987369][T12637] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 536.987384][T12637] RIP: 0033:0x7f500638f7c9 [ 536.987396][T12637] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 536.987411][T12637] RSP: 002b:00007f5007177038 EFLAGS: 00000246 ORIG_RAX: 0000000000000007 [ 536.987426][T12637] RAX: ffffffffffffffda RBX: 00007f50065e5fa0 RCX: 00007f500638f7c9 [ 536.987435][T12637] RDX: 0000000000000008 RSI: 0000000000000003 RDI: 0000200000000480 [ 536.987444][T12637] RBP: 00007f5006413f91 R08: 0000000000000000 R09: 0000000000000000 [ 536.987453][T12637] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 536.987461][T12637] R13: 00007f50065e6038 R14: 00007f50065e5fa0 R15: 00007ffe263cab28 [ 536.987481][T12637] [ 537.437808][T12637] syz.1.1313: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 537.510377][T12637] CPU: 0 UID: 0 PID: 12637 Comm: syz.1.1313 Not tainted syzkaller #0 PREEMPT(full) [ 537.510417][T12637] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 537.510435][T12637] Call Trace: [ 537.510445][T12637] [ 537.510456][T12637] dump_stack_lvl+0x16c/0x1f0 [ 537.510492][T12637] warn_alloc+0x248/0x3a0 [ 537.510536][T12637] ? __pfx_warn_alloc+0x10/0x10 [ 537.510576][T12637] ? __get_vm_area_node+0x2cd/0x330 [ 537.510615][T12637] ? __get_vm_area_node+0x2cd/0x330 [ 537.510646][T12637] ? __get_vm_area_node+0x208/0x330 [ 537.510685][T12637] __vmalloc_node_range_noprof+0xaf5/0x1480 [ 537.510750][T12637] ? vb2_vmalloc_alloc+0x135/0x3f0 [ 537.510789][T12637] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 537.510834][T12637] ? vb2_vmalloc_alloc+0x135/0x3f0 [ 537.510861][T12637] vmalloc_user_noprof+0x9e/0xe0 [ 537.510894][T12637] ? vb2_vmalloc_alloc+0x135/0x3f0 [ 537.510922][T12637] vb2_vmalloc_alloc+0x135/0x3f0 [ 537.510951][T12637] ? __pfx_vb2_vmalloc_alloc+0x10/0x10 [ 537.510979][T12637] __vb2_queue_alloc+0x8c9/0x1280 [ 537.511022][T12637] vb2_core_reqbufs+0xa90/0xfe0 [ 537.511063][T12637] ? __pfx_vb2_core_reqbufs+0x10/0x10 [ 537.511110][T12637] __vb2_init_fileio+0x3f1/0x1100 [ 537.511137][T12637] ? lockdep_hardirqs_on+0x7c/0x110 [ 537.511167][T12637] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 537.511197][T12637] ? __pollwait+0x271/0x460 [ 537.511230][T12637] vb2_core_poll+0x5ec/0x700 [ 537.511259][T12637] vb2_poll+0x4b/0xe0 [ 537.511295][T12637] vb2_fop_poll+0x10f/0x2c0 [ 537.511333][T12637] ? __pfx_vb2_fop_poll+0x10/0x10 [ 537.511367][T12637] v4l2_poll+0x163/0x320 [ 537.511398][T12637] ? __pfx_v4l2_poll+0x10/0x10 [ 537.511426][T12637] do_sys_poll+0x55c/0xdf0 [ 537.511465][T12637] ? __pfx_do_sys_poll+0x10/0x10 [ 537.511491][T12637] ? __lock_acquire+0x433/0x22f0 [ 537.511551][T12637] ? __futex_wait+0x24b/0x2f0 [ 537.511584][T12637] ? __pfx___pollwait+0x10/0x10 [ 537.511615][T12637] ? __pfx_pollwake+0x10/0x10 [ 537.511697][T12637] ? __pfx_timespec64_add_safe+0x10/0x10 [ 537.511728][T12637] ? ktime_get_ts64+0x2d2/0x400 [ 537.511755][T12637] ? read_tsc+0x9/0x20 [ 537.511783][T12637] ? ktime_get_ts64+0x256/0x400 [ 537.511820][T12637] __x64_sys_poll+0x1a6/0x450 [ 537.511851][T12637] ? __pfx___x64_sys_poll+0x10/0x10 [ 537.511893][T12637] do_syscall_64+0xcd/0xf80 [ 537.511925][T12637] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 537.511953][T12637] RIP: 0033:0x7f500638f7c9 [ 537.511974][T12637] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 537.512000][T12637] RSP: 002b:00007f5007177038 EFLAGS: 00000246 ORIG_RAX: 0000000000000007 [ 537.512033][T12637] RAX: ffffffffffffffda RBX: 00007f50065e5fa0 RCX: 00007f500638f7c9 [ 537.512052][T12637] RDX: 0000000000000008 RSI: 0000000000000003 RDI: 0000200000000480 [ 537.512068][T12637] RBP: 00007f5006413f91 R08: 0000000000000000 R09: 0000000000000000 [ 537.512084][T12637] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 537.512101][T12637] R13: 00007f50065e6038 R14: 00007f50065e5fa0 R15: 00007ffe263cab28 [ 537.512141][T12637] [ 537.512151][T12637] Mem-Info: [ 537.916088][T12639] zswap: compressor not available [ 538.057544][T12637] active_anon:21053 inactive_anon:33 isolated_anon:0 [ 538.057544][T12637] active_file:4254 inactive_file:45112 isolated_file:0 [ 538.057544][T12637] unevictable:768 dirty:21 writeback:16 [ 538.057544][T12637] slab_reclaimable:10989 slab_unreclaimable:93619 [ 538.057544][T12637] mapped:25932 shmem:1359 pagetables:1096 [ 538.057544][T12637] sec_pagetables:0 bounce:0 [ 538.057544][T12637] kernel_misc_reclaimable:0 [ 538.057544][T12637] free:1315988 free_pcp:18095 free_cma:0 [ 538.127144][T12637] Node 0 active_anon:82212kB inactive_anon:132kB active_file:17016kB inactive_file:180208kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:103692kB dirty:184kB writeback:64kB shmem:3900kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11376kB pagetables:4240kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 538.254631][T12647] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 538.267610][T12637] Node 1 active_anon:0kB inactive_anon:0kB active_file:36kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:144kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 538.397533][T12637] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 538.498354][T12637] lowmem_reserve[]: 0 2482 2484 2484 2484 [ 538.502348][T12653] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 538.525058][T12637] Node 0 DMA32 free:1345632kB boost:0kB min:34108kB low:42632kB high:51156kB reserved_highatomic:0KB free_highatomic:0KB active_anon:78064kB inactive_anon:100kB active_file:17212kB inactive_file:180104kB unevictable:1536kB writepending:752kB zspages:8kB present:3129332kB managed:2542524kB mlocked:0kB bounce:0kB free_pcp:52516kB local_pcp:26368kB free_cma:0kB [ 538.610505][T12637] lowmem_reserve[]: 0 0 1 1 1 [ 538.617225][T12637] Node 0 Normal free:0kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 538.656422][T12637] lowmem_reserve[]: 0 0 0 0 0 [ 538.779553][T12637] Node 1 Normal free:3895136kB boost:0kB min:55768kB low:69708kB high:83648kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:36kB inactive_file:204kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:22564kB local_pcp:12000kB free_cma:0kB [ 538.923343][T12637] lowmem_reserve[]: 0 0 0 0 0 [ 538.990692][T12637] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 539.053855][T12637] Node 0 DMA32: 1618*4kB (UME) 2165*8kB (UME) 1064*16kB (UME) 1221*32kB (UME) 693*64kB (UME) 279*128kB (UME) 182*256kB (UME) 88*512kB (UME) 55*1024kB (UME) 11*2048kB (UME) 248*4096kB (UM) = 1346256kB [ 539.135385][T12637] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 539.189216][T12637] Node 1 Normal: 212*4kB (UME) 66*8kB (UME) 56*16kB (UME) 144*32kB (UME) 44*64kB (UME) 19*128kB (UME) 10*256kB (UM) 9*512kB (UME) 7*1024kB (UM) 5*2048kB (UME) 942*4096kB (UM) = 3895136kB [ 539.250726][T12637] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 539.281435][T12637] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 539.290765][T12637] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 539.311110][T12637] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 539.320407][T12637] 50947 total pagecache pages [ 539.325449][T12637] 14 pages in swap cache [ 539.329684][T12637] Free swap = 119352kB [ 539.409203][T12637] Total swap = 124996kB [ 539.500000][T12637] 2097051 pages RAM [ 539.503869][T12637] 0 pages HighMem/MovableOnly [ 539.508539][T12637] 429330 pages reserved [ 539.569718][T12637] 0 pages cma reserved [ 540.258987][T12681] bond0: option all_slaves_active: invalid value () [ 540.362884][T12683] ubi0: attaching mtd0 [ 540.386769][T12683] ubi0: scanning is finished [ 540.653215][T12685] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 540.703779][T12683] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 540.922653][T12683] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 540.940708][T12683] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 540.949878][T12683] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 540.964069][T12683] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 540.974167][T12683] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 540.996839][T12683] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 2255779630 [ 541.060111][T12683] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 541.214425][T12689] ubi0: detaching mtd0 [ 541.218346][T12697] ubi0: background thread "ubi_bgt0d" started, PID 12697 [ 541.544933][T12689] ubi0: mtd0 is detached [ 542.829202][T12720] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 545.037343][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805a2e0800: rx timeout, send abort [ 545.045923][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88805a2e0800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 546.035093][T12764] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 546.170571][T12772] bond0: option all_slaves_active: invalid value () [ 546.951547][T12778] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 550.525614][T12822] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 551.377752][T12847] bond0: option all_slaves_active: invalid value () [ 551.516205][T12848] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 554.295104][T12879] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 554.498290][T12887] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 554.619133][T12891] binder: 12889:12891 ioctl c018620c 0 returned -1 [ 554.661422][T12891] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1362'. [ 555.426223][T12908] Invalid ELF header magic: != ELF [ 557.155233][T12930] bond0: option all_slaves_active: invalid value () [ 557.562798][T12932] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 559.744073][T12968] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 561.036668][T12987] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 563.730997][T13027] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 564.089495][T13032] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 564.650164][T13046] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 565.688563][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 565.700542][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 568.099445][T13085] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 569.251229][T13100] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 569.487278][T13107] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 572.457825][T13149] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 573.665423][T13171] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 574.378851][T13176] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 574.718903][T13186] bond0: option all_slaves_active: invalid value () [ 576.135936][T13212] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 576.591297][T13222] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(3) [ 576.636037][T13216] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 577.949466][T13243] bond0: option all_slaves_active: invalid value () [ 580.726583][T13283] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 581.318696][T13299] bond0: option all_slaves_active: invalid value () [ 581.976636][T13305] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 582.523039][T13320] Invalid ELF header magic: != ELF [ 583.932928][T13343] ubi0: attaching mtd0 [ 583.938368][T13343] ubi0: scanning is finished [ 584.166020][T13343] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 584.200275][T13343] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 584.287270][T13343] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 584.297509][T13343] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 584.305174][T13343] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 584.312127][T13343] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 584.350783][T13343] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 2255779630 [ 584.426995][T13343] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 584.558020][T13348] ubi0: background thread "ubi_bgt0d" started, PID 13348 [ 584.692549][T13344] ubi0: detaching mtd0 [ 584.792244][T13351] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 584.805418][T13344] ubi0: mtd0 is detached [ 586.096488][T13373] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 586.706306][T13385] bond0: option all_slaves_active: invalid value () [ 587.228381][T13391] bond0: option all_slaves_active: invalid value () [ 588.621802][T13412] ubi0: attaching mtd0 [ 588.656929][T13412] ubi0: scanning is finished [ 589.019836][T13419] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 589.144764][T13412] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 589.162119][T13412] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 589.310532][T13412] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 589.325600][T13412] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 589.474414][T13412] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 589.510525][T13412] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 589.560958][T13412] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 2255779630 [ 589.667441][T13412] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 589.739465][T13423] ubi0: background thread "ubi_bgt0d" started, PID 13423 [ 589.746739][T13414] ubi0: detaching mtd0 [ 589.829172][T13414] ubi0: mtd0 is detached [ 589.884614][T13435] bond0: option all_slaves_active: invalid value () [ 590.148314][T13434] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 590.813740][T13443] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 591.266888][T13454] binder: 13453:13454 ioctl c018620c 0 returned -1 [ 591.279546][T13454] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1472'. [ 594.357686][T13477] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 595.535741][T13501] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 595.880826][T13509] bond0: option all_slaves_active: invalid value () [ 596.730005][ C0] vcan0: j1939_tp_rxtimer: 0xffff888059e8f000: rx timeout, send abort [ 596.742285][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff888059e8f000: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 598.555656][T13547] bond0: option all_slaves_active: invalid value () [ 599.580738][T13560] binder: 13558:13560 ioctl c018620c 0 returned -1 [ 599.596875][T13560] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1492'. [ 599.673996][T13562] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 599.733872][T13555] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 600.238680][T13572] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 600.794145][T13578] vhci_hcd: invalid port number 0 [ 601.242302][T13588] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 602.086456][T13606] bond0: option all_slaves_active: invalid value () [ 604.672097][T13636] FAULT_INJECTION: forcing a failure. [ 604.672097][T13636] name failslab, interval 1, probability 0, space 0, times 0 [ 604.685033][T13636] CPU: 1 UID: 0 PID: 13636 Comm: syz.3.1509 Not tainted syzkaller #0 PREEMPT(full) [ 604.685055][T13636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 604.685065][T13636] Call Trace: [ 604.685070][T13636] [ 604.685075][T13636] dump_stack_lvl+0x16c/0x1f0 [ 604.685098][T13636] should_fail_ex+0x512/0x640 [ 604.685115][T13636] ? __kmalloc_cache_node_noprof+0x62/0x790 [ 604.685133][T13636] should_failslab+0xc2/0x120 [ 604.685153][T13636] __kmalloc_cache_node_noprof+0x75/0x790 [ 604.685168][T13636] ? stack_depot_save_flags+0x29/0x9b0 [ 604.685183][T13636] ? __get_vm_area_node+0x101/0x330 [ 604.685203][T13636] ? __get_vm_area_node+0x101/0x330 [ 604.685219][T13636] __get_vm_area_node+0x101/0x330 [ 604.685235][T13636] ? __vb2_init_fileio+0x3f1/0x1100 [ 604.685253][T13636] __vmalloc_node_range_noprof+0x271/0x1480 [ 604.685271][T13636] ? vb2_vmalloc_alloc+0x135/0x3f0 [ 604.685292][T13636] ? vb2_vmalloc_alloc+0x135/0x3f0 [ 604.685311][T13636] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 604.685335][T13636] ? vb2_vmalloc_alloc+0x135/0x3f0 [ 604.685350][T13636] vmalloc_user_noprof+0x9e/0xe0 [ 604.685368][T13636] ? vb2_vmalloc_alloc+0x135/0x3f0 [ 604.685383][T13636] vb2_vmalloc_alloc+0x135/0x3f0 [ 604.685398][T13636] ? __pfx_vb2_vmalloc_alloc+0x10/0x10 [ 604.685413][T13636] __vb2_queue_alloc+0x8c9/0x1280 [ 604.685436][T13636] vb2_core_reqbufs+0xa90/0xfe0 [ 604.685453][T13636] ? __pfx_vb2_core_reqbufs+0x10/0x10 [ 604.685478][T13636] __vb2_init_fileio+0x3f1/0x1100 [ 604.685491][T13636] ? lockdep_hardirqs_on+0x7c/0x110 [ 604.685508][T13636] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 604.685523][T13636] ? __pollwait+0x271/0x460 [ 604.685541][T13636] vb2_core_poll+0x5ec/0x700 [ 604.685556][T13636] vb2_poll+0x4b/0xe0 [ 604.685576][T13636] vb2_fop_poll+0x10f/0x2c0 [ 604.685597][T13636] ? __pfx_vb2_fop_poll+0x10/0x10 [ 604.685618][T13636] v4l2_poll+0x163/0x320 [ 604.685636][T13636] ? __pfx_v4l2_poll+0x10/0x10 [ 604.685652][T13636] do_sys_poll+0x55c/0xdf0 [ 604.685674][T13636] ? __pfx_do_sys_poll+0x10/0x10 [ 604.685688][T13636] ? __lock_acquire+0x433/0x22f0 [ 604.685720][T13636] ? __futex_wait+0x24b/0x2f0 [ 604.685738][T13636] ? __pfx___pollwait+0x10/0x10 [ 604.685755][T13636] ? __pfx_pollwake+0x10/0x10 [ 604.685799][T13636] ? __pfx_timespec64_add_safe+0x10/0x10 [ 604.685817][T13636] ? ktime_get_ts64+0x2d2/0x400 [ 604.685832][T13636] ? read_tsc+0x9/0x20 [ 604.685848][T13636] ? ktime_get_ts64+0x256/0x400 [ 604.685867][T13636] __x64_sys_poll+0x1a6/0x450 [ 604.685884][T13636] ? __pfx___x64_sys_poll+0x10/0x10 [ 604.685906][T13636] do_syscall_64+0xcd/0xf80 [ 604.685923][T13636] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 604.685948][T13636] RIP: 0033:0x7f533a58f7c9 [ 604.685961][T13636] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 604.685977][T13636] RSP: 002b:00007f533b466038 EFLAGS: 00000246 ORIG_RAX: 0000000000000007 [ 604.685991][T13636] RAX: ffffffffffffffda RBX: 00007f533a7e5fa0 RCX: 00007f533a58f7c9 [ 604.686001][T13636] RDX: 0000000000000008 RSI: 0000000000000003 RDI: 0000200000000480 [ 604.686009][T13636] RBP: 00007f533a613f91 R08: 0000000000000000 R09: 0000000000000000 [ 604.686017][T13636] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 604.686026][T13636] R13: 00007f533a7e6038 R14: 00007f533a7e5fa0 R15: 00007ffd3abc07a8 [ 604.686046][T13636] [ 604.686055][T13636] syz.3.1509: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 605.042578][T13625] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 605.114272][T13636] ,cpuset=/,mems_allowed=0-1 [ 605.119023][T13636] CPU: 0 UID: 0 PID: 13636 Comm: syz.3.1509 Not tainted syzkaller #0 PREEMPT(full) [ 605.119059][T13636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 605.119074][T13636] Call Trace: [ 605.119082][T13636] [ 605.119092][T13636] dump_stack_lvl+0x16c/0x1f0 [ 605.119135][T13636] warn_alloc+0x248/0x3a0 [ 605.119177][T13636] ? __pfx_warn_alloc+0x10/0x10 [ 605.119212][T13636] ? rcu_is_watching+0x12/0xc0 [ 605.119248][T13636] ? trace_kmalloc+0x2b/0xb0 [ 605.119280][T13636] ? __get_vm_area_node+0x101/0x330 [ 605.119316][T13636] ? __kasan_kmalloc+0x8a/0xb0 [ 605.119345][T13636] ? __get_vm_area_node+0x208/0x330 [ 605.119385][T13636] __vmalloc_node_range_noprof+0xaf5/0x1480 [ 605.119433][T13636] ? vb2_vmalloc_alloc+0x135/0x3f0 [ 605.119471][T13636] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 605.119519][T13636] ? vb2_vmalloc_alloc+0x135/0x3f0 [ 605.119547][T13636] vmalloc_user_noprof+0x9e/0xe0 [ 605.119580][T13636] ? vb2_vmalloc_alloc+0x135/0x3f0 [ 605.119609][T13636] vb2_vmalloc_alloc+0x135/0x3f0 [ 605.119638][T13636] ? __pfx_vb2_vmalloc_alloc+0x10/0x10 [ 605.119666][T13636] __vb2_queue_alloc+0x8c9/0x1280 [ 605.119710][T13636] vb2_core_reqbufs+0xa90/0xfe0 [ 605.119745][T13636] ? __pfx_vb2_core_reqbufs+0x10/0x10 [ 605.119793][T13636] __vb2_init_fileio+0x3f1/0x1100 [ 605.119819][T13636] ? lockdep_hardirqs_on+0x7c/0x110 [ 605.119849][T13636] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 605.119880][T13636] ? __pollwait+0x271/0x460 [ 605.119914][T13636] vb2_core_poll+0x5ec/0x700 [ 605.119942][T13636] vb2_poll+0x4b/0xe0 [ 605.119980][T13636] vb2_fop_poll+0x10f/0x2c0 [ 605.120020][T13636] ? __pfx_vb2_fop_poll+0x10/0x10 [ 605.120057][T13636] v4l2_poll+0x163/0x320 [ 605.120090][T13636] ? __pfx_v4l2_poll+0x10/0x10 [ 605.120126][T13636] do_sys_poll+0x55c/0xdf0 [ 605.120169][T13636] ? __pfx_do_sys_poll+0x10/0x10 [ 605.120196][T13636] ? __lock_acquire+0x433/0x22f0 [ 605.120258][T13636] ? __futex_wait+0x24b/0x2f0 [ 605.120291][T13636] ? __pfx___pollwait+0x10/0x10 [ 605.120325][T13636] ? __pfx_pollwake+0x10/0x10 [ 605.120409][T13636] ? __pfx_timespec64_add_safe+0x10/0x10 [ 605.120441][T13636] ? ktime_get_ts64+0x2d2/0x400 [ 605.120469][T13636] ? read_tsc+0x9/0x20 [ 605.120509][T13636] ? ktime_get_ts64+0x256/0x400 [ 605.120545][T13636] __x64_sys_poll+0x1a6/0x450 [ 605.120576][T13636] ? __pfx___x64_sys_poll+0x10/0x10 [ 605.120618][T13636] do_syscall_64+0xcd/0xf80 [ 605.120651][T13636] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 605.120678][T13636] RIP: 0033:0x7f533a58f7c9 [ 605.120699][T13636] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 605.120724][T13636] RSP: 002b:00007f533b466038 EFLAGS: 00000246 ORIG_RAX: 0000000000000007 [ 605.120749][T13636] RAX: ffffffffffffffda RBX: 00007f533a7e5fa0 RCX: 00007f533a58f7c9 [ 605.120768][T13636] RDX: 0000000000000008 RSI: 0000000000000003 RDI: 0000200000000480 [ 605.120784][T13636] RBP: 00007f533a613f91 R08: 0000000000000000 R09: 0000000000000000 [ 605.120800][T13636] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 605.120816][T13636] R13: 00007f533a7e6038 R14: 00007f533a7e5fa0 R15: 00007ffd3abc07a8 [ 605.120857][T13636] [ 605.120866][T13636] Mem-Info: [ 605.465312][T13630] zswap: compressor not available [ 605.485006][T13632] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 605.511101][T13636] active_anon:20527 inactive_anon:19 isolated_anon:0 [ 605.511101][T13636] active_file:3992 inactive_file:43498 isolated_file:0 [ 605.511101][T13636] unevictable:768 dirty:309 writeback:0 [ 605.511101][T13636] slab_reclaimable:10909 slab_unreclaimable:93190 [ 605.511101][T13636] mapped:25807 shmem:1359 pagetables:1159 [ 605.511101][T13636] sec_pagetables:0 bounce:0 [ 605.511101][T13636] kernel_misc_reclaimable:0 [ 605.511101][T13636] free:1314663 free_pcp:20537 free_cma:0 [ 605.560363][T13635] random: crng reseeded on system resumption [ 605.569819][T13636] Node 0 active_anon:82108kB inactive_anon:76kB active_file:15968kB inactive_file:173788kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:103228kB dirty:1336kB writeback:0kB shmem:3900kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11412kB pagetables:4392kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 605.623345][T13636] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:144kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 605.707986][T13636] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 605.955585][T13637] zswap: compressor not available [ 605.975580][T13636] lowmem_reserve[]: 0 2482 2484 2484 2484 [ 606.017246][T13636] Node 0 DMA32 free:1353884kB boost:0kB min:34108kB low:42632kB high:51156kB reserved_highatomic:0KB free_highatomic:0KB active_anon:77508kB inactive_anon:76kB active_file:15968kB inactive_file:173788kB unevictable:1536kB writepending:1644kB zspages:148kB present:3129332kB managed:2542524kB mlocked:0kB bounce:0kB free_pcp:65668kB local_pcp:32484kB free_cma:0kB [ 606.209885][T13636] lowmem_reserve[]: 0 0 1 1 1 [ 606.229320][T13636] Node 0 Normal free:0kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 606.276173][T13652] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 606.290221][T13636] lowmem_reserve[]: 0 0 0 0 0 [ 606.319484][T13636] Node 1 Normal free:3896208kB boost:0kB min:55768kB low:69708kB high:83648kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:21512kB local_pcp:11240kB free_cma:0kB [ 606.432932][T13636] lowmem_reserve[]: 0 0 0 0 0 [ 606.478496][T13636] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 606.548335][T13636] Node 0 DMA32: 1834*4kB (UME) 1983*8kB (UME) 1546*16kB (UME) 617*32kB (UME) 729*64kB (UME) 336*128kB (UME) 180*256kB (UME) 91*512kB (UME) 55*1024kB (UME) 19*2048kB (UME) 246*4096kB (UM) = 1352864kB [ 606.633700][T13636] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 606.715030][T13636] Node 1 Normal: 206*4kB (UME) 63*8kB (UME) 52*16kB (UME) 169*32kB (UME) 46*64kB (UME) 19*128kB (UME) 9*256kB (UM) 8*512kB (UME) 6*1024kB (UM) 6*2048kB (UME) 942*4096kB (UM) = 3896208kB [ 607.033481][T13636] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 607.094503][T13636] Node 0 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB [ 607.159449][T13636] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 607.213601][T13636] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 607.295595][T13636] 48862 total pagecache pages [ 607.328036][T13636] 16 pages in swap cache [ 607.337210][T13636] Free swap = 124920kB [ 607.344960][T13636] Total swap = 124996kB [ 607.741025][T13636] 2097051 pages RAM [ 607.744963][T13636] 0 pages HighMem/MovableOnly [ 607.753404][T13636] 429330 pages reserved [ 607.757851][T13636] 0 pages cma reserved [ 608.332085][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805b111c00: rx timeout, send abort [ 608.340533][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88805b111c00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 608.744593][T13690] bond0: option all_slaves_active: invalid value () [ 610.815422][T13709] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 613.637657][ C0] vcan0: j1939_tp_rxtimer: 0xffff888059accc00: rx timeout, send abort [ 613.646053][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff888059accc00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 614.802399][T13757] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 614.877771][T13762] zswap: compressor not available [ 615.519592][T13776] bond0: option all_slaves_active: invalid value () [ 616.063535][T13781] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 618.346809][ C0] vcan0: j1939_tp_rxtimer: 0xffff8880330d5000: rx timeout, send abort [ 618.359870][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff8880330d5000: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 619.074541][T13827] bond0: option all_slaves_active: invalid value () [ 619.676771][T13833] bond0: option all_slaves_active: invalid value () [ 620.376055][T13846] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 621.518686][T13871] bond0: option all_slaves_active: invalid value () [ 621.568527][T13870] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 622.325204][T13879] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 623.857429][T13910] bond0: option all_slaves_active: invalid value () [ 624.619674][T13923] FAULT_INJECTION: forcing a failure. [ 624.619674][T13923] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 624.633900][T13923] CPU: 0 UID: 0 PID: 13923 Comm: syz.0.1563 Not tainted syzkaller #0 PREEMPT(full) [ 624.633923][T13923] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 624.633933][T13923] Call Trace: [ 624.633941][T13923] [ 624.633948][T13923] dump_stack_lvl+0x16c/0x1f0 [ 624.633980][T13923] should_fail_ex+0x512/0x640 [ 624.633999][T13923] should_fail_alloc_page+0xe7/0x130 [ 624.634022][T13923] prepare_alloc_pages+0x3c2/0x610 [ 624.634044][T13923] __alloc_frozen_pages_noprof+0x18b/0x2440 [ 624.634074][T13923] ? rcu_is_watching+0x12/0xc0 [ 624.634094][T13923] ? trace_mm_page_alloc+0x11b/0x180 [ 624.634112][T13923] ? __alloc_frozen_pages_noprof+0x292/0x2440 [ 624.634135][T13923] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 624.634159][T13923] ? find_held_lock+0x2b/0x80 [ 624.634179][T13923] ? is_bpf_text_address+0x8a/0x1a0 [ 624.634198][T13923] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 624.634218][T13923] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 624.634233][T13923] ? is_bpf_text_address+0x94/0x1a0 [ 624.634249][T13923] ? kernel_text_address+0x8d/0x100 [ 624.634266][T13923] ? __kernel_text_address+0xd/0x40 [ 624.634281][T13923] ? unwind_get_return_address+0x59/0xa0 [ 624.634304][T13923] alloc_pages_bulk_noprof+0x77b/0x1010 [ 624.634333][T13923] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 624.634356][T13923] ? policy_nodemask+0xea/0x4e0 [ 624.634377][T13923] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 624.634400][T13923] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 624.634421][T13923] ? set_page_refcounted+0xbd/0x230 [ 624.634452][T13923] kasan_populate_vmalloc+0x112/0x2d0 [ 624.634469][T13923] ? alloc_vmap_area+0x8a5/0x2980 [ 624.634496][T13923] alloc_vmap_area+0x950/0x2980 [ 624.634522][T13923] ? __pfx_alloc_vmap_area+0x10/0x10 [ 624.634544][T13923] __get_vm_area_node+0x1ca/0x330 [ 624.634567][T13923] __vmalloc_node_range_noprof+0x271/0x1480 [ 624.634588][T13923] ? vb2_vmalloc_alloc+0x135/0x3f0 [ 624.634609][T13923] ? vb2_vmalloc_alloc+0x135/0x3f0 [ 624.634629][T13923] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 624.634654][T13923] ? vb2_vmalloc_alloc+0x135/0x3f0 [ 624.634668][T13923] vmalloc_user_noprof+0x9e/0xe0 [ 624.634687][T13923] ? vb2_vmalloc_alloc+0x135/0x3f0 [ 624.634702][T13923] vb2_vmalloc_alloc+0x135/0x3f0 [ 624.634717][T13923] ? __pfx_vb2_vmalloc_alloc+0x10/0x10 [ 624.634732][T13923] __vb2_queue_alloc+0x8c9/0x1280 [ 624.634756][T13923] vb2_core_reqbufs+0xa90/0xfe0 [ 624.634774][T13923] ? __pfx_vb2_core_reqbufs+0x10/0x10 [ 624.634799][T13923] __vb2_init_fileio+0x3f1/0x1100 [ 624.634813][T13923] ? lockdep_hardirqs_on+0x7c/0x110 [ 624.634829][T13923] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 624.634845][T13923] ? __pollwait+0x271/0x460 [ 624.634863][T13923] vb2_core_poll+0x5ec/0x700 [ 624.634878][T13923] vb2_poll+0x4b/0xe0 [ 624.634908][T13923] vb2_fop_poll+0x10f/0x2c0 [ 624.634933][T13923] ? __pfx_vb2_fop_poll+0x10/0x10 [ 624.634955][T13923] v4l2_poll+0x163/0x320 [ 624.634975][T13923] ? __pfx_v4l2_poll+0x10/0x10 [ 624.634991][T13923] do_sys_poll+0x55c/0xdf0 [ 624.635015][T13923] ? __pfx_do_sys_poll+0x10/0x10 [ 624.635029][T13923] ? __lock_acquire+0x433/0x22f0 [ 624.635061][T13923] ? __futex_wait+0x24b/0x2f0 [ 624.635080][T13923] ? __pfx___pollwait+0x10/0x10 [ 624.635097][T13923] ? __pfx_pollwake+0x10/0x10 [ 624.635141][T13923] ? __pfx_timespec64_add_safe+0x10/0x10 [ 624.635158][T13923] ? ktime_get_ts64+0x2d2/0x400 [ 624.635174][T13923] ? read_tsc+0x9/0x20 [ 624.635190][T13923] ? ktime_get_ts64+0x256/0x400 [ 624.635209][T13923] __x64_sys_poll+0x1a6/0x450 [ 624.635225][T13923] ? __pfx___x64_sys_poll+0x10/0x10 [ 624.635254][T13923] do_syscall_64+0xcd/0xf80 [ 624.635275][T13923] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 624.635290][T13923] RIP: 0033:0x7f7c2958f7c9 [ 624.635304][T13923] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 624.635319][T13923] RSP: 002b:00007f7c2a4c9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000007 [ 624.635333][T13923] RAX: ffffffffffffffda RBX: 00007f7c297e5fa0 RCX: 00007f7c2958f7c9 [ 624.635343][T13923] RDX: 0000000000000008 RSI: 0000000000000003 RDI: 0000200000000480 [ 624.635352][T13923] RBP: 00007f7c29613f91 R08: 0000000000000000 R09: 0000000000000000 [ 624.635361][T13923] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 624.635370][T13923] R13: 00007f7c297e6038 R14: 00007f7c297e5fa0 R15: 00007fff08ae9ee8 [ 624.635390][T13923] [ 624.635444][T13923] syz.0.1563: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 625.177937][T13923] CPU: 0 UID: 0 PID: 13923 Comm: syz.0.1563 Not tainted syzkaller #0 PREEMPT(full) [ 625.177974][T13923] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 625.177989][T13923] Call Trace: [ 625.177997][T13923] [ 625.178007][T13923] dump_stack_lvl+0x16c/0x1f0 [ 625.178043][T13923] warn_alloc+0x248/0x3a0 [ 625.178084][T13923] ? __pfx_warn_alloc+0x10/0x10 [ 625.178126][T13923] ? __get_vm_area_node+0x2cd/0x330 [ 625.178163][T13923] ? __get_vm_area_node+0x2cd/0x330 [ 625.178192][T13923] ? __get_vm_area_node+0x208/0x330 [ 625.178229][T13923] __vmalloc_node_range_noprof+0xaf5/0x1480 [ 625.178285][T13923] ? vb2_vmalloc_alloc+0x135/0x3f0 [ 625.178324][T13923] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 625.178368][T13923] ? vb2_vmalloc_alloc+0x135/0x3f0 [ 625.178394][T13923] vmalloc_user_noprof+0x9e/0xe0 [ 625.178423][T13923] ? vb2_vmalloc_alloc+0x135/0x3f0 [ 625.178451][T13923] vb2_vmalloc_alloc+0x135/0x3f0 [ 625.178479][T13923] ? __pfx_vb2_vmalloc_alloc+0x10/0x10 [ 625.178506][T13923] __vb2_queue_alloc+0x8c9/0x1280 [ 625.178548][T13923] vb2_core_reqbufs+0xa90/0xfe0 [ 625.178581][T13923] ? __pfx_vb2_core_reqbufs+0x10/0x10 [ 625.178628][T13923] __vb2_init_fileio+0x3f1/0x1100 [ 625.178653][T13923] ? lockdep_hardirqs_on+0x7c/0x110 [ 625.178682][T13923] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 625.178711][T13923] ? __pollwait+0x271/0x460 [ 625.178745][T13923] vb2_core_poll+0x5ec/0x700 [ 625.178774][T13923] vb2_poll+0x4b/0xe0 [ 625.178811][T13923] vb2_fop_poll+0x10f/0x2c0 [ 625.178852][T13923] ? __pfx_vb2_fop_poll+0x10/0x10 [ 625.178897][T13923] v4l2_poll+0x163/0x320 [ 625.178930][T13923] ? __pfx_v4l2_poll+0x10/0x10 [ 625.178964][T13923] do_sys_poll+0x55c/0xdf0 [ 625.179005][T13923] ? __pfx_do_sys_poll+0x10/0x10 [ 625.179031][T13923] ? __lock_acquire+0x433/0x22f0 [ 625.179094][T13923] ? __futex_wait+0x24b/0x2f0 [ 625.179127][T13923] ? __pfx___pollwait+0x10/0x10 [ 625.179161][T13923] ? __pfx_pollwake+0x10/0x10 [ 625.179245][T13923] ? __pfx_timespec64_add_safe+0x10/0x10 [ 625.179277][T13923] ? ktime_get_ts64+0x2d2/0x400 [ 625.179304][T13923] ? read_tsc+0x9/0x20 [ 625.179333][T13923] ? ktime_get_ts64+0x256/0x400 [ 625.179369][T13923] __x64_sys_poll+0x1a6/0x450 [ 625.179399][T13923] ? __pfx___x64_sys_poll+0x10/0x10 [ 625.179441][T13923] do_syscall_64+0xcd/0xf80 [ 625.179475][T13923] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 625.179501][T13923] RIP: 0033:0x7f7c2958f7c9 [ 625.179523][T13923] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 625.179547][T13923] RSP: 002b:00007f7c2a4c9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000007 [ 625.179572][T13923] RAX: ffffffffffffffda RBX: 00007f7c297e5fa0 RCX: 00007f7c2958f7c9 [ 625.179590][T13923] RDX: 0000000000000008 RSI: 0000000000000003 RDI: 0000200000000480 [ 625.179607][T13923] RBP: 00007f7c29613f91 R08: 0000000000000000 R09: 0000000000000000 [ 625.179623][T13923] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 625.179639][T13923] R13: 00007f7c297e6038 R14: 00007f7c297e5fa0 R15: 00007fff08ae9ee8 [ 625.179676][T13923] [ 625.179685][T13923] Mem-Info: [ 625.309971][T13925] zswap: compressor not available [ 625.625011][T13923] active_anon:20504 inactive_anon:24 isolated_anon:0 [ 625.625011][T13923] active_file:4206 inactive_file:43373 isolated_file:0 [ 625.625011][T13923] unevictable:768 dirty:421 writeback:0 [ 625.625011][T13923] slab_reclaimable:10962 slab_unreclaimable:92336 [ 625.625011][T13923] mapped:26965 shmem:1374 pagetables:1146 [ 625.625011][T13923] sec_pagetables:0 bounce:0 [ 625.625011][T13923] kernel_misc_reclaimable:0 [ 625.625011][T13923] free:1313436 free_pcp:20802 free_cma:0 [ 625.694037][T13930] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 625.938032][T13923] Node 0 active_anon:93820kB inactive_anon:104kB active_file:16824kB inactive_file:173296kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:119240kB dirty:1684kB writeback:0kB shmem:17364kB shmem_thp:2048kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11388kB pagetables:4404kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 626.075571][T13923] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:144kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 626.212646][T13923] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 626.271953][T13923] lowmem_reserve[]: 0 2482 2484 2484 2484 [ 626.348360][T13923] Node 0 DMA32 free:1342988kB boost:0kB min:34108kB low:42632kB high:51156kB reserved_highatomic:0KB free_highatomic:0KB active_anon:91152kB inactive_anon:124kB active_file:17524kB inactive_file:173296kB unevictable:1536kB writepending:1724kB zspages:200kB present:3129332kB managed:2542524kB mlocked:0kB bounce:0kB free_pcp:56876kB local_pcp:34192kB free_cma:0kB [ 626.465562][T13923] lowmem_reserve[]: 0 0 1 1 1 [ 626.484150][T13923] Node 0 Normal free:0kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 626.549389][T13923] lowmem_reserve[]: 0 0 0 0 0 [ 626.557712][T13923] Node 1 Normal free:3896492kB boost:0kB min:55768kB low:69708kB high:83648kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:21220kB local_pcp:11236kB free_cma:0kB [ 626.601425][T13923] lowmem_reserve[]: 0 0 0 0 0 [ 626.627824][T13923] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 626.686785][T13923] Node 0 DMA32: 2705*4kB (UME) 1326*8kB (UME) 1127*16kB (UME) 1154*32kB (UME) 732*64kB (UME) 346*128kB (UME) 180*256kB (UME) 92*512kB (UME) 56*1024kB (UME) 15*2048kB (UME) 246*4096kB (UM) = 1356388kB [ 626.727718][T13923] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 626.765721][T13923] Node 1 Normal: 205*4kB (UME) 63*8kB (UME) 52*16kB (UME) 176*32kB (UME) 47*64kB (UME) 19*128kB (UME) 9*256kB (UM) 8*512kB (UME) 6*1024kB (UM) 6*2048kB (UME) 942*4096kB (UM) = 3896492kB [ 626.838641][T13923] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 626.848658][T13923] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 626.858561][T13923] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 626.864438][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 626.875646][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 626.957046][T13923] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 627.014889][T13923] 48844 total pagecache pages [ 627.028635][T13923] 40 pages in swap cache [ 627.074713][T13923] Free swap = 124680kB [ 627.078955][T13923] Total swap = 124996kB [ 627.083117][T13923] 2097051 pages RAM [ 627.098913][T13923] 0 pages HighMem/MovableOnly [ 627.133079][T13923] 429330 pages reserved [ 627.158002][T13923] 0 pages cma reserved [ 627.191787][T13947] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 627.979664][T13961] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 628.946890][T13984] bond0: option all_slaves_active: invalid value () [ 629.419182][T13985] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 632.484423][T14026] bond0: option all_slaves_active: invalid value () [ 633.233607][ C1] vcan0: j1939_tp_rxtimer: 0xffff888034786c00: rx timeout, send abort [ 633.242514][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888034786c00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 633.580383][T14042] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 634.301435][T14062] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 634.843210][T14069] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 635.847586][T14094] zswap: compressor not available [ 636.346553][T14094] random: crng reseeded on system resumption [ 637.201361][T14114] openvswitch: netlink: Message has 6 unknown bytes. [ 638.490969][T14125] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 638.542666][T14132] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 638.747706][T14138] bond0: option all_slaves_active: invalid value () [ 642.158875][T14181] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 642.313699][T14193] bond0: option all_slaves_active: invalid value () [ 642.376891][T14196] openvswitch: netlink: Message has 6 unknown bytes. [ 642.993327][T14203] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 643.712103][T14223] bond0: option all_slaves_active: invalid value () [ 643.891429][T14221] zswap: compressor not available [ 643.904979][T14221] random: crng reseeded on system resumption [ 644.774522][T14238] bond0: option all_slaves_active: invalid value () [ 644.993372][T14242] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 645.958291][T14260] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 648.689133][T14295] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 649.435018][T14308] bond0: option all_slaves_active: invalid value () [ 649.701449][T14313] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 649.729859][T14316] netlink: 186 bytes leftover after parsing attributes in process `syz.2.1642'. [ 649.934306][T14316] netlink: 186 bytes leftover after parsing attributes in process `syz.2.1642'. [ 650.750671][T14325] zswap: compressor not available [ 650.780420][T14331] random: crng reseeded on system resumption [ 651.245364][ T30] audit: type=1800 audit(2358630786.337:7): pid=14322 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1643" name="lu_gp_id" dev="configfs" ino=46948 res=0 errno=0 [ 651.844346][T14328] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 652.963017][T14351] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 654.007844][T14370] zswap: compressor not available [ 654.023129][T14375] random: crng reseeded on system resumption [ 654.098237][T14369] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1654'. [ 654.292247][T14369] binder: BINDER_SET_CONTEXT_MGR already set [ 654.322919][T14380] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 654.333226][T14369] binder: 14368:14369 ioctl 4018620d 9 returned -16 [ 656.562983][T14402] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 657.514989][T14421] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 658.224805][T14434] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 658.432488][T14441] bond0: option all_slaves_active: invalid value () [ 659.908437][T14454] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1669'. [ 660.108055][T14454] bond0: (slave bond_slave_1): Releasing backup interface [ 661.059970][T14467] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1672'. [ 661.735965][T14467] binder: BINDER_SET_CONTEXT_MGR already set [ 661.741964][T14467] binder: 14466:14467 ioctl 4018620d 9 returned -16 [ 662.604715][T14499] bond0: option all_slaves_active: invalid value () [ 662.666149][T14494] zswap: compressor not available [ 662.742377][T14494] random: crng reseeded on system resumption [ 662.895391][T14504] bond0: option all_slaves_active: invalid value () [ 663.303472][T14510] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 664.191138][T14533] bond0: option all_slaves_active: invalid value () [ 664.243440][T14529] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 665.063969][T14537] zswap: compressor not available [ 665.095651][T14537] random: crng reseeded on system resumption [ 666.833346][T14558] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 666.865726][T14561] bond0: option all_slaves_active: invalid value () [ 667.659312][T14568] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 668.499978][T14587] device-mapper: ioctl: Invalid ioctl structure: name d, dev 3000000000 [ 668.639908][T14588] zswap: compressor not available [ 668.698604][T14592] random: crng reseeded on system resumption [ 669.049878][T14601] openvswitch: netlink: Message has 6 unknown bytes. [ 670.635352][T14619] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 671.356424][T14626] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1704'. [ 671.599783][T14626] bond0: (slave bond_slave_1): Releasing backup interface [ 672.282108][T14636] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1705'. [ 672.507272][T14640] binder: BINDER_SET_CONTEXT_MGR already set [ 672.513597][T14640] binder: 14635:14640 ioctl 4018620d 9 returned -16 [ 673.502853][T14650] zswap: compressor not available [ 673.576470][T14650] random: crng reseeded on system resumption [ 674.380282][T14668] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 677.123995][T14708] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 677.265659][T14713] bond0: option all_slaves_active: invalid value () [ 677.616286][T14720] openvswitch: netlink: Message has 6 unknown bytes. [ 678.465522][T14728] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 681.242231][T14778] random: crng reseeded on system resumption [ 681.277753][T14772] zswap: compressor not available [ 681.588562][T14777] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 681.701428][T14781] openvswitch: netlink: Message has 6 unknown bytes. [ 683.482610][T14810] FAULT_INJECTION: forcing a failure. [ 683.482610][T14810] name failslab, interval 1, probability 0, space 0, times 0 [ 683.530683][T14810] CPU: 0 UID: 0 PID: 14810 Comm: syz.2.1742 Not tainted syzkaller #0 PREEMPT(full) [ 683.530719][T14810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 683.530734][T14810] Call Trace: [ 683.530742][T14810] [ 683.530752][T14810] dump_stack_lvl+0x16c/0x1f0 [ 683.530790][T14810] should_fail_ex+0x512/0x640 [ 683.530815][T14810] ? kmem_cache_alloc_lru_noprof+0x66/0x720 [ 683.530863][T14810] should_failslab+0xc2/0x120 [ 683.530905][T14810] kmem_cache_alloc_lru_noprof+0x79/0x720 [ 683.530939][T14810] ? inode_set_ctime_to_ts+0x137/0x3b0 [ 683.530972][T14810] ? __d_alloc+0x35/0xa80 [ 683.531006][T14810] ? __d_alloc+0x35/0xa80 [ 683.531035][T14810] __d_alloc+0x35/0xa80 [ 683.531070][T14810] d_alloc_pseudo+0x1c/0xc0 [ 683.531095][T14810] alloc_file_pseudo+0xcf/0x230 [ 683.531133][T14810] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 683.531168][T14810] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 683.531208][T14810] create_pipe_files+0x36d/0x9a0 [ 683.531245][T14810] do_pipe2+0xaf/0x1c0 [ 683.531276][T14810] ? __pfx_do_pipe2+0x10/0x10 [ 683.531308][T14810] ? xfd_validate_state+0x61/0x180 [ 683.531344][T14810] ? __pfx_ksys_write+0x10/0x10 [ 683.531382][T14810] __x64_sys_pipe+0x33/0x50 [ 683.531413][T14810] do_syscall_64+0xcd/0xf80 [ 683.531446][T14810] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 683.531473][T14810] RIP: 0033:0x7f3cf2f8f7c9 [ 683.531493][T14810] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 683.531518][T14810] RSP: 002b:00007f3cf3d96038 EFLAGS: 00000246 ORIG_RAX: 0000000000000016 [ 683.531543][T14810] RAX: ffffffffffffffda RBX: 00007f3cf31e5fa0 RCX: 00007f3cf2f8f7c9 [ 683.531561][T14810] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 683.531576][T14810] RBP: 00007f3cf3013f91 R08: 0000000000000000 R09: 0000000000000000 [ 683.531591][T14810] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 683.531606][T14810] R13: 00007f3cf31e6038 R14: 00007f3cf31e5fa0 R15: 00007ffcd5eb6218 [ 683.531643][T14810] [ 684.373385][T14810] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1742'. [ 684.404239][T14812] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 685.062610][T14828] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 687.934097][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 687.950988][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 688.943976][T14888] random: crng reseeded on system resumption [ 688.987578][T14885] zswap: compressor not available [ 689.148786][T14889] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 689.257821][T14894] random: crng reseeded on system resumption [ 690.040030][T14902] FAULT_INJECTION: forcing a failure. [ 690.040030][T14902] name failslab, interval 1, probability 0, space 0, times 0 [ 690.084378][T14902] CPU: 1 UID: 0 PID: 14902 Comm: syz.2.1761 Not tainted syzkaller #0 PREEMPT(full) [ 690.084415][T14902] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 690.084431][T14902] Call Trace: [ 690.084439][T14902] [ 690.084449][T14902] dump_stack_lvl+0x16c/0x1f0 [ 690.084486][T14902] should_fail_ex+0x512/0x640 [ 690.084514][T14902] ? __kmalloc_node_track_caller_noprof+0xcb/0x890 [ 690.084551][T14902] should_failslab+0xc2/0x120 [ 690.084582][T14902] __kmalloc_node_track_caller_noprof+0xde/0x890 [ 690.084612][T14902] ? __kthread_create_on_node+0x186/0x3f0 [ 690.084654][T14902] ? kvasprintf+0xbc/0x150 [ 690.084679][T14902] kvasprintf+0xbc/0x150 [ 690.084704][T14902] ? __pfx_kvasprintf+0x10/0x10 [ 690.084745][T14902] ? __pfx_rescuer_thread+0x10/0x10 [ 690.084769][T14902] __kthread_create_on_node+0x186/0x3f0 [ 690.084805][T14902] ? __pfx___kthread_create_on_node+0x10/0x10 [ 690.084848][T14902] ? __pfx_vsnprintf+0x10/0x10 [ 690.084881][T14902] ? __pfx_rescuer_thread+0x10/0x10 [ 690.084910][T14902] kthread_create_on_node+0xc7/0x100 [ 690.084946][T14902] ? __pfx_kthread_create_on_node+0x10/0x10 [ 690.084980][T14902] ? __pfx_scnprintf+0x10/0x10 [ 690.085024][T14902] init_rescuer+0x320/0x640 [ 690.085050][T14902] ? __pfx_init_rescuer+0x10/0x10 [ 690.085087][T14902] ? wq_adjust_max_active+0x39d/0x4a0 [ 690.085118][T14902] __alloc_workqueue+0xda1/0x1810 [ 690.085167][T14902] alloc_workqueue_noprof+0xd2/0x200 [ 690.085204][T14902] ? __pfx_alloc_workqueue_noprof+0x10/0x10 [ 690.085271][T14902] nci_register_device+0x21e/0xb80 [ 690.085298][T14902] ? __pfx_nci_register_device+0x10/0x10 [ 690.085327][T14902] ? lockdep_init_map_type+0x5c/0x270 [ 690.085360][T14902] virtual_ncidev_open+0x141/0x220 [ 690.085390][T14902] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 690.085419][T14902] misc_open+0x26d/0x450 [ 690.085444][T14902] ? __pfx_misc_open+0x10/0x10 [ 690.085468][T14902] chrdev_open+0x234/0x6a0 [ 690.085498][T14902] ? __pfx_apparmor_file_open+0x10/0x10 [ 690.085525][T14902] ? __pfx_chrdev_open+0x10/0x10 [ 690.085559][T14902] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 690.085600][T14902] do_dentry_open+0x748/0x1590 [ 690.085637][T14902] ? __pfx_chrdev_open+0x10/0x10 [ 690.085681][T14902] vfs_open+0x82/0x3f0 [ 690.085725][T14902] path_openat+0x2078/0x3140 [ 690.085770][T14902] ? __pfx_path_openat+0x10/0x10 [ 690.085818][T14902] do_filp_open+0x20b/0x470 [ 690.085853][T14902] ? __pfx_do_filp_open+0x10/0x10 [ 690.085913][T14902] ? alloc_fd+0x471/0x7d0 [ 690.085955][T14902] do_sys_openat2+0x11f/0x280 [ 690.085979][T14902] ? __pfx_do_sys_openat2+0x10/0x10 [ 690.086005][T14902] ? __fput+0x68d/0xb70 [ 690.086046][T14902] __x64_sys_openat+0x174/0x210 [ 690.086068][T14902] ? __pfx___x64_sys_openat+0x10/0x10 [ 690.086105][T14902] do_syscall_64+0xcd/0xf80 [ 690.086135][T14902] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 690.086159][T14902] RIP: 0033:0x7f3cf2f8f7c9 [ 690.086180][T14902] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 690.086224][T14902] RSP: 002b:00007f3cf3d96038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 690.086256][T14902] RAX: ffffffffffffffda RBX: 00007f3cf31e5fa0 RCX: 00007f3cf2f8f7c9 [ 690.086276][T14902] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 690.086294][T14902] RBP: 00007f3cf3013f91 R08: 0000000000000000 R09: 0000000000000000 [ 690.086310][T14902] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 690.086325][T14902] R13: 00007f3cf31e6038 R14: 00007f3cf31e5fa0 R15: 00007ffcd5eb6218 [ 690.086365][T14902] [ 690.086402][T14902] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -ENOMEM [ 690.198344][T14900] FAULT_INJECTION: forcing a failure. [ 690.198344][T14900] name failslab, interval 1, probability 0, space 0, times 0 [ 690.504767][T14900] CPU: 0 UID: 0 PID: 14900 Comm: syz.0.1760 Not tainted syzkaller #0 PREEMPT(full) [ 690.504802][T14900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 690.504816][T14900] Call Trace: [ 690.504826][T14900] [ 690.504836][T14900] dump_stack_lvl+0x16c/0x1f0 [ 690.504870][T14900] should_fail_ex+0x512/0x640 [ 690.504897][T14900] ? __kmalloc_noprof+0xca/0x870 [ 690.504937][T14900] should_failslab+0xc2/0x120 [ 690.504970][T14900] __kmalloc_noprof+0xdd/0x870 [ 690.505004][T14900] ? splice_from_pipe_next+0x1f7/0x5d0 [ 690.505036][T14900] ? copy_splice_read+0x1a8/0xc20 [ 690.505071][T14900] ? copy_splice_read+0x1a8/0xc20 [ 690.505099][T14900] copy_splice_read+0x1a8/0xc20 [ 690.505131][T14900] ? __pfx_pipe_to_null+0x10/0x10 [ 690.505169][T14900] ? __pfx_copy_splice_read+0x10/0x10 [ 690.505197][T14900] ? pipe_unlock+0x4a/0x70 [ 690.505230][T14900] ? __pfx_splice_from_pipe+0x10/0x10 [ 690.505271][T14900] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 690.505303][T14900] ? __pfx_copy_splice_read+0x10/0x10 [ 690.505333][T14900] do_splice_read+0x285/0x370 [ 690.505367][T14900] splice_direct_to_actor+0x2a1/0xa30 [ 690.505408][T14900] ? __pfx_direct_splice_actor+0x10/0x10 [ 690.505446][T14900] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 690.505480][T14900] ? futex_private_hash_put+0xd5/0x190 [ 690.505510][T14900] do_splice_direct+0x174/0x240 [ 690.505542][T14900] ? __pfx_do_splice_direct+0x10/0x10 [ 690.505574][T14900] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 690.505607][T14900] ? bpf_lsm_file_permission+0x9/0x10 [ 690.505632][T14900] ? security_file_permission+0x71/0x210 [ 690.505667][T14900] ? rw_verify_area+0xcf/0x6c0 [ 690.505698][T14900] do_sendfile+0xb06/0xe50 [ 690.505734][T14900] ? __pfx_do_sendfile+0x10/0x10 [ 690.505762][T14900] ? __pfx___might_resched+0x10/0x10 [ 690.505801][T14900] ? __x64_sys_futex+0x1e0/0x4c0 [ 690.505828][T14900] ? __x64_sys_futex+0x1e9/0x4c0 [ 690.505860][T14900] __x64_sys_sendfile64+0x1d8/0x220 [ 690.505897][T14900] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 690.505944][T14900] do_syscall_64+0xcd/0xf80 [ 690.505976][T14900] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 690.506003][T14900] RIP: 0033:0x7f7c2958f7c9 [ 690.506024][T14900] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 690.506049][T14900] RSP: 002b:00007f7c2a4a8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 690.506075][T14900] RAX: ffffffffffffffda RBX: 00007f7c297e6090 RCX: 00007f7c2958f7c9 [ 690.506091][T14900] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000006 [ 690.506107][T14900] RBP: 00007f7c29613f91 R08: 0000000000000000 R09: 0000000000000000 [ 690.506123][T14900] R10: 0010000800000003 R11: 0000000000000246 R12: 0000000000000000 [ 690.506140][T14900] R13: 00007f7c297e6128 R14: 00007f7c297e6090 R15: 00007fff08ae9ee8 [ 690.506177][T14900] [ 691.346262][T14912] bond0: option all_slaves_active: invalid value () [ 692.403577][T14930] random: crng reseeded on system resumption [ 692.524955][T14928] zswap: compressor not available [ 693.988157][T14943] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 693.996800][T14943] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 694.002973][T14943] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 694.009702][T14943] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 694.929039][T14959] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 695.154267][T14967] openvswitch: netlink: Message has 6 unknown bytes. [ 696.066397][ T5842] Bluetooth: hci2: command 0x0c1a tx timeout [ 696.074455][ T5842] Bluetooth: hci3: command 0x0c1a tx timeout [ 696.080583][ T5842] Bluetooth: hci1: command 0x0c1a tx timeout [ 696.086678][ T5842] Bluetooth: hci0: command 0x0c1a tx timeout [ 696.660178][T14975] mkiss: ax0: crc mode is auto. [ 697.631410][T14998] zswap: compressor not available [ 697.662750][T14998] random: crng reseeded on system resumption [ 698.451865][T15015] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1777'. [ 698.533057][T15017] kafs: addr_prefs: Invalid Command [ 700.231764][T15038] openvswitch: netlink: Message has 6 unknown bytes. [ 700.537052][T15052] FAULT_INJECTION: forcing a failure. [ 700.537052][T15052] name failslab, interval 1, probability 0, space 0, times 0 [ 700.563311][T15052] CPU: 1 UID: 0 PID: 15052 Comm: syz.2.1786 Not tainted syzkaller #0 PREEMPT(full) [ 700.563349][T15052] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 700.563365][T15052] Call Trace: [ 700.563375][T15052] [ 700.563391][T15052] dump_stack_lvl+0x16c/0x1f0 [ 700.563426][T15052] should_fail_ex+0x512/0x640 [ 700.563453][T15052] ? __kmalloc_cache_noprof+0x5f/0x770 [ 700.563495][T15052] should_failslab+0xc2/0x120 [ 700.563530][T15052] __kmalloc_cache_noprof+0x72/0x770 [ 700.563568][T15052] ? apply_subsystem_event_filter+0x460/0x17e0 [ 700.563608][T15052] ? apply_subsystem_event_filter+0x460/0x17e0 [ 700.563640][T15052] apply_subsystem_event_filter+0x460/0x17e0 [ 700.563684][T15052] ? __pfx_apply_subsystem_event_filter+0x10/0x10 [ 700.563724][T15052] ? _copy_from_user+0x59/0xd0 [ 700.563757][T15052] subsystem_filter_write+0x95/0x120 [ 700.563790][T15052] ? __pfx_subsystem_filter_write+0x10/0x10 [ 700.563819][T15052] vfs_write+0x2a0/0x11d0 [ 700.563853][T15052] ? __pfx___mutex_lock+0x10/0x10 [ 700.563888][T15052] ? __pfx_vfs_write+0x10/0x10 [ 700.563934][T15052] ? __fget_files+0x20e/0x3c0 [ 700.563976][T15052] ksys_write+0x12a/0x250 [ 700.564006][T15052] ? __pfx_ksys_write+0x10/0x10 [ 700.564048][T15052] do_syscall_64+0xcd/0xf80 [ 700.564082][T15052] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 700.564109][T15052] RIP: 0033:0x7f3cf2f8f7c9 [ 700.564130][T15052] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 700.564155][T15052] RSP: 002b:00007f3cf3d96038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 700.564180][T15052] RAX: ffffffffffffffda RBX: 00007f3cf31e5fa0 RCX: 00007f3cf2f8f7c9 [ 700.564198][T15052] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000006 [ 700.564214][T15052] RBP: 00007f3cf3013f91 R08: 0000000000000000 R09: 0000000000000000 [ 700.564231][T15052] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 700.564247][T15052] R13: 00007f3cf31e6038 R14: 00007f3cf31e5fa0 R15: 00007ffcd5eb6218 [ 700.564286][T15052] [ 701.373630][T15067] zswap: compressor not available [ 701.428851][T15067] random: crng reseeded on system resumption [ 701.488126][T15077] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(7) [ 701.793051][T15083] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input14 [ 701.982435][T15090] FAULT_INJECTION: forcing a failure. [ 701.982435][T15090] name failslab, interval 1, probability 0, space 0, times 0 [ 701.989196][T15081] zswap: compressor not available [ 702.000682][T15090] CPU: 1 UID: 0 PID: 15090 Comm: syz.1.1792 Not tainted syzkaller #0 PREEMPT(full) [ 702.000715][T15090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 702.000729][T15090] Call Trace: [ 702.000735][T15090] [ 702.000744][T15090] dump_stack_lvl+0x16c/0x1f0 [ 702.000779][T15090] should_fail_ex+0x512/0x640 [ 702.000805][T15090] ? __kmalloc_noprof+0xca/0x870 [ 702.000843][T15090] should_failslab+0xc2/0x120 [ 702.000875][T15090] __kmalloc_noprof+0xdd/0x870 [ 702.000909][T15090] ? __register_sysctl_table+0xb3/0x1900 [ 702.000942][T15090] ? __register_sysctl_table+0xb3/0x1900 [ 702.000970][T15090] __register_sysctl_table+0xb3/0x1900 [ 702.001001][T15090] ? is_module_address+0x5f/0xf0 [ 702.001035][T15090] ? __pfx___register_sysctl_table+0x10/0x10 [ 702.001063][T15090] ? is_module_address+0x69/0xf0 [ 702.001093][T15090] ? register_net_sysctl_sz+0x222/0x3d0 [ 702.001136][T15090] __devinet_sysctl_register+0x1b9/0x360 [ 702.001172][T15090] ? __pfx_neigh_sysctl_register+0x10/0x10 [ 702.001198][T15090] ? inetdev_init+0x245/0x580 [ 702.001229][T15090] ? __pfx___devinet_sysctl_register+0x10/0x10 [ 702.001266][T15090] ? copy_net_ns+0x351/0x5d0 [ 702.001296][T15090] ? create_new_namespaces+0x3ea/0xab0 [ 702.001336][T15090] ? unshare_nsproxy_namespaces+0xc0/0x1f0 [ 702.001371][T15090] ? ksys_unshare+0x45b/0xa40 [ 702.001392][T15090] ? __x64_sys_unshare+0x31/0x40 [ 702.001415][T15090] ? do_syscall_64+0xcd/0xf80 [ 702.001446][T15090] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 702.001478][T15090] devinet_sysctl_register+0x17b/0x200 [ 702.001517][T15090] inetdev_init+0x2b8/0x580 [ 702.001553][T15090] inetdev_event+0xc32/0x1840 [ 702.001589][T15090] ? ib_netdevice_event+0xfc/0x330 [ 702.001620][T15090] ? __pfx_inetdev_event+0x10/0x10 [ 702.001655][T15090] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 702.001697][T15090] notifier_call_chain+0xbc/0x3e0 [ 702.001721][T15090] ? __pfx_inetdev_event+0x10/0x10 [ 702.001762][T15090] call_netdevice_notifiers_info+0xbe/0x110 [ 702.001800][T15090] register_netdevice+0x1792/0x21d0 [ 702.001838][T15090] ? __pfx_register_netdevice+0x10/0x10 [ 702.001880][T15090] __ip_tunnel_create+0x540/0x6b0 [ 702.001916][T15090] ? __pfx___ip_tunnel_create+0x10/0x10 [ 702.001961][T15090] ip_tunnel_init_net+0x22f/0x7d0 [ 702.002000][T15090] ? __pfx_ip_tunnel_init_net+0x10/0x10 [ 702.002044][T15090] ? ops_init+0x77/0x5f0 [ 702.002076][T15090] ? __pfx_erspan_init_net+0x10/0x10 [ 702.002104][T15090] ops_init+0x1e2/0x5f0 [ 702.002135][T15090] setup_net+0x11d/0x3a0 [ 702.002163][T15090] ? __pfx_setup_net+0x10/0x10 [ 702.002190][T15090] ? lockdep_init_map_type+0x5c/0x270 [ 702.002218][T15090] ? mutex_init_lockep+0x110/0x150 [ 702.002251][T15090] copy_net_ns+0x351/0x5d0 [ 702.002286][T15090] create_new_namespaces+0x3ea/0xab0 [ 702.002336][T15090] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 702.002376][T15090] ksys_unshare+0x45b/0xa40 [ 702.002401][T15090] ? __pfx_ksys_unshare+0x10/0x10 [ 702.002441][T15090] ? xfd_validate_state+0x61/0x180 [ 702.002489][T15090] __x64_sys_unshare+0x31/0x40 [ 702.002511][T15090] do_syscall_64+0xcd/0xf80 [ 702.002544][T15090] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 702.002569][T15090] RIP: 0033:0x7f500638f7c9 [ 702.002591][T15090] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 702.002616][T15090] RSP: 002b:00007f5007156038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 702.002641][T15090] RAX: ffffffffffffffda RBX: 00007f50065e6090 RCX: 00007f500638f7c9 [ 702.002659][T15090] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 702.002675][T15090] RBP: 00007f5006413f91 R08: 0000000000000000 R09: 0000000000000000 [ 702.002691][T15090] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 702.002706][T15090] R13: 00007f50065e6128 R14: 00007f50065e6090 R15: 00007ffe263cab28 [ 702.002745][T15090] [ 702.470070][T15081] random: crng reseeded on system resumption [ 703.019969][T15088] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input15 [ 704.020591][T15101] random: crng reseeded on system resumption [ 705.678746][T15155] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1797'. [ 706.247135][T15155] bond0: (slave bond_slave_1): Releasing backup interface [ 706.707584][T15165] FAULT_INJECTION: forcing a failure. [ 706.707584][T15165] name failslab, interval 1, probability 0, space 0, times 0 [ 706.820147][T15165] CPU: 0 UID: 0 PID: 15165 Comm: syz.2.1800 Not tainted syzkaller #0 PREEMPT(full) [ 706.820185][T15165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 706.820201][T15165] Call Trace: [ 706.820211][T15165] [ 706.820222][T15165] dump_stack_lvl+0x16c/0x1f0 [ 706.820259][T15165] should_fail_ex+0x512/0x640 [ 706.820286][T15165] ? __kmalloc_node_track_caller_noprof+0xcb/0x890 [ 706.820322][T15165] should_failslab+0xc2/0x120 [ 706.820354][T15165] __kmalloc_node_track_caller_noprof+0xde/0x890 [ 706.820390][T15165] ? brnf_init_net+0x42/0x450 [ 706.820423][T15165] ? __pfx_brnf_init_net+0x10/0x10 [ 706.820454][T15165] ? kmemdup_noprof+0x29/0x60 [ 706.820491][T15165] kmemdup_noprof+0x29/0x60 [ 706.820529][T15165] brnf_init_net+0x42/0x450 [ 706.820562][T15165] ? __pfx_brnf_init_net+0x10/0x10 [ 706.820591][T15165] ops_init+0x1e2/0x5f0 [ 706.820626][T15165] setup_net+0x11d/0x3a0 [ 706.820656][T15165] ? __pfx_setup_net+0x10/0x10 [ 706.820682][T15165] ? lockdep_init_map_type+0x5c/0x270 [ 706.820711][T15165] ? mutex_init_lockep+0x110/0x150 [ 706.820744][T15165] copy_net_ns+0x351/0x5d0 [ 706.820785][T15165] create_new_namespaces+0x3ea/0xab0 [ 706.820833][T15165] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 706.820871][T15165] ksys_unshare+0x45b/0xa40 [ 706.820896][T15165] ? __pfx_ksys_unshare+0x10/0x10 [ 706.820935][T15165] ? xfd_validate_state+0x61/0x180 [ 706.820982][T15165] __x64_sys_unshare+0x31/0x40 [ 706.821005][T15165] do_syscall_64+0xcd/0xf80 [ 706.821038][T15165] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 706.821063][T15165] RIP: 0033:0x7f3cf2f8f7c9 [ 706.821085][T15165] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 706.821110][T15165] RSP: 002b:00007f3cf3d54038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 706.821135][T15165] RAX: ffffffffffffffda RBX: 00007f3cf31e6180 RCX: 00007f3cf2f8f7c9 [ 706.821153][T15165] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 706.821168][T15165] RBP: 00007f3cf3013f91 R08: 0000000000000000 R09: 0000000000000000 [ 706.821183][T15165] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 706.821196][T15165] R13: 00007f3cf31e6218 R14: 00007f3cf31e6180 R15: 00007ffcd5eb6218 [ 706.821234][T15165] [ 707.373408][T15173] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1803'. [ 707.854998][T15179] sctp: [Deprecated]: syz.1.1803 (pid 15179) Use of struct sctp_assoc_value in delayed_ack socket option. [ 707.854998][T15179] Use struct sctp_sack_info instead [ 708.870252][T15189] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1804'. [ 709.000702][T15191] FAULT_INJECTION: forcing a failure. [ 709.000702][T15191] name failslab, interval 1, probability 0, space 0, times 0 [ 709.026344][T15191] CPU: 1 UID: 0 PID: 15191 Comm: syz.1.1805 Not tainted syzkaller #0 PREEMPT(full) [ 709.026378][T15191] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 709.026392][T15191] Call Trace: [ 709.026400][T15191] [ 709.026410][T15191] dump_stack_lvl+0x16c/0x1f0 [ 709.026444][T15191] should_fail_ex+0x512/0x640 [ 709.026469][T15191] ? kmem_cache_alloc_node_noprof+0x65/0x760 [ 709.026508][T15191] should_failslab+0xc2/0x120 [ 709.026535][T15191] kmem_cache_alloc_node_noprof+0x78/0x760 [ 709.026568][T15191] ? alloc_unbound_pwq+0x3ff/0xe10 [ 709.026604][T15191] ? alloc_unbound_pwq+0x3ff/0xe10 [ 709.026635][T15191] alloc_unbound_pwq+0x3ff/0xe10 [ 709.026677][T15191] apply_wqattrs_prepare+0x3af/0xbd0 [ 709.026725][T15191] apply_workqueue_attrs_locked+0x64/0xe0 [ 709.026762][T15191] __alloc_workqueue+0xf3f/0x1810 [ 709.026813][T15191] alloc_workqueue_noprof+0xd2/0x200 [ 709.026852][T15191] ? __pfx_alloc_workqueue_noprof+0x10/0x10 [ 709.026912][T15191] nci_register_device+0x21e/0xb80 [ 709.026938][T15191] ? __pfx_nci_register_device+0x10/0x10 [ 709.026969][T15191] ? lockdep_init_map_type+0x5c/0x270 [ 709.027003][T15191] virtual_ncidev_open+0x141/0x220 [ 709.027038][T15191] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 709.027068][T15191] misc_open+0x26d/0x450 [ 709.027097][T15191] ? __pfx_misc_open+0x10/0x10 [ 709.027130][T15191] chrdev_open+0x234/0x6a0 [ 709.027164][T15191] ? __pfx_apparmor_file_open+0x10/0x10 [ 709.027194][T15191] ? __pfx_chrdev_open+0x10/0x10 [ 709.027230][T15191] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 709.027289][T15191] do_dentry_open+0x748/0x1590 [ 709.027323][T15191] ? __pfx_chrdev_open+0x10/0x10 [ 709.027366][T15191] vfs_open+0x82/0x3f0 [ 709.027408][T15191] path_openat+0x2078/0x3140 [ 709.027451][T15191] ? __pfx_path_openat+0x10/0x10 [ 709.027499][T15191] do_filp_open+0x20b/0x470 [ 709.027533][T15191] ? __pfx_do_filp_open+0x10/0x10 [ 709.027592][T15191] ? alloc_fd+0x471/0x7d0 [ 709.027635][T15191] do_sys_openat2+0x11f/0x280 [ 709.027659][T15191] ? __pfx_do_sys_openat2+0x10/0x10 [ 709.027685][T15191] ? __fput+0x68d/0xb70 [ 709.027729][T15191] __x64_sys_openat+0x174/0x210 [ 709.027755][T15191] ? __pfx___x64_sys_openat+0x10/0x10 [ 709.027796][T15191] do_syscall_64+0xcd/0xf80 [ 709.027829][T15191] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 709.027856][T15191] RIP: 0033:0x7f500638f7c9 [ 709.027879][T15191] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 709.027905][T15191] RSP: 002b:00007f5007177038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 709.027930][T15191] RAX: ffffffffffffffda RBX: 00007f50065e5fa0 RCX: 00007f500638f7c9 [ 709.027948][T15191] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 709.027966][T15191] RBP: 00007f5006413f91 R08: 0000000000000000 R09: 0000000000000000 [ 709.027982][T15191] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 709.027997][T15191] R13: 00007f50065e6038 R14: 00007f50065e5fa0 R15: 00007ffe263cab28 [ 709.028034][T15191] [ 710.265846][T15201] Sensor B: ================= START STATUS ================= [ 710.336619][T15201] Sensor B: Test Pattern: 75% Colorbar [ 710.343989][T15201] Sensor B: Show Information: All [ 710.349301][T15201] Sensor B: Vertical Flip: false [ 710.354882][T15201] Sensor B: Horizontal Flip: false [ 710.360277][T15201] Sensor B: Brightness: 128 [ 710.365410][T15201] Sensor B: Contrast: 128 [ 710.373340][T15201] Sensor B: Hue: 0 [ 710.397529][T15201] Sensor B: Saturation: 128 [ 710.413680][T15201] Sensor B: ================== END STATUS ================== [ 711.304170][T15223] netlink: 206 bytes leftover after parsing attributes in process `syz.3.1812'. [ 711.656537][T15230] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1810'. [ 713.317419][T15247] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1817'. [ 713.331955][T15247] bridge0: port 2(bridge_slave_1) entered disabled state [ 713.516818][T15247] bridge_slave_1 (unregistering): left allmulticast mode [ 713.645441][T15247] bridge_slave_1 (unregistering): left promiscuous mode [ 713.755152][T15247] bridge0: port 2(bridge_slave_1) entered disabled state [ 715.432408][T15262] Invalid ELF header magic: != ELF [ 716.404788][T15283] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 716.722254][T15291] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1826'. [ 717.628398][T15294] sctp: [Deprecated]: syz.3.1826 (pid 15294) Use of struct sctp_assoc_value in delayed_ack socket option. [ 717.628398][T15294] Use struct sctp_sack_info instead [ 718.057201][T15317] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1828'. [ 718.500233][T15322] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1831'. [ 718.536263][T15322] bridge0: port 2(bridge_slave_1) entered disabled state [ 718.605270][T15322] bridge_slave_1 (unregistering): left allmulticast mode [ 718.618623][T15322] bridge_slave_1 (unregistering): left promiscuous mode [ 718.634801][T15322] bridge0: port 2(bridge_slave_1) entered disabled state [ 720.386786][T15354] zswap: compressor not available [ 720.447998][T15354] random: crng reseeded on system resumption [ 720.692580][T15360] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 721.655878][T15370] sd 0:0:1:0: PR command failed: 1026 [ 721.671451][T15370] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 721.678743][T15370] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 721.900171][T15374] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1843'. [ 722.055384][T15378] binder: BINDER_SET_CONTEXT_MGR already set [ 722.175228][T15378] binder: 15373:15378 ioctl 4018620d 9 returned -16 [ 722.692365][T15387] bond0: option all_slaves_active: invalid value () [ 722.822002][T15388] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 725.828526][T15431] random: crng reseeded on system resumption [ 725.895327][T15427] zswap: compressor not available [ 727.257736][T15459] random: crng reseeded on system resumption [ 727.356355][T15454] zswap: compressor not available [ 727.393968][T15460] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 729.516726][T15498] Console: switching to colour VGA+ 80x25 [ 729.805605][T15510] Invalid ELF header magic: != ELF [ 729.933729][T15506] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1865'. [ 731.263866][T15525] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 731.545058][T15530] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1869'. [ 731.766395][T15530] binder: BINDER_SET_CONTEXT_MGR already set [ 731.814659][T15530] binder: 15529:15530 ioctl 4018620d 9 returned -16 [ 731.870346][T15538] netlink: 206 bytes leftover after parsing attributes in process `syz.0.1870'. [ 732.116756][T15554] FAULT_INJECTION: forcing a failure. [ 732.116756][T15554] name failslab, interval 1, probability 0, space 0, times 0 [ 732.310264][T15554] CPU: 1 UID: 0 PID: 15554 Comm: syz.1.1872 Not tainted syzkaller #0 PREEMPT(full) [ 732.310288][T15554] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 732.310297][T15554] Call Trace: [ 732.310302][T15554] [ 732.310309][T15554] dump_stack_lvl+0x16c/0x1f0 [ 732.310331][T15554] should_fail_ex+0x512/0x640 [ 732.310346][T15554] ? fs_reclaim_acquire+0xae/0x150 [ 732.310367][T15554] should_failslab+0xc2/0x120 [ 732.310387][T15554] __kmalloc_noprof+0xdd/0x870 [ 732.310408][T15554] ? tomoyo_encode2+0x100/0x3e0 [ 732.310430][T15554] ? tomoyo_encode2+0x100/0x3e0 [ 732.310448][T15554] tomoyo_encode2+0x100/0x3e0 [ 732.310469][T15554] tomoyo_encode+0x29/0x50 [ 732.310486][T15554] tomoyo_realpath_from_path+0x18f/0x6e0 [ 732.310515][T15554] tomoyo_mkdev_perm+0x22b/0x570 [ 732.310530][T15554] ? tomoyo_mkdev_perm+0x217/0x570 [ 732.310547][T15554] ? __pfx_tomoyo_mkdev_perm+0x10/0x10 [ 732.310564][T15554] ? do_raw_spin_lock+0x12c/0x2b0 [ 732.310586][T15554] ? do_raw_spin_unlock+0x172/0x230 [ 732.310613][T15554] ? __pfx_current_check_access_path+0x10/0x10 [ 732.310633][T15554] ? simple_lookup+0x105/0x1d0 [ 732.310653][T15554] tomoyo_path_mknod+0x12a/0x190 [ 732.310667][T15554] ? __pfx_tomoyo_path_mknod+0x10/0x10 [ 732.310681][T15554] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 732.310704][T15554] security_path_mknod+0x161/0x310 [ 732.310722][T15554] do_mknodat+0x24e/0x6f0 [ 732.310740][T15554] ? __pfx_do_mknodat+0x10/0x10 [ 732.310757][T15554] ? getname_flags.part.0+0x1c5/0x550 [ 732.310782][T15554] __x64_sys_mknod+0x87/0xb0 [ 732.310801][T15554] do_syscall_64+0xcd/0xf80 [ 732.310819][T15554] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 732.310834][T15554] RIP: 0033:0x7f500638f7c9 [ 732.310846][T15554] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 732.310860][T15554] RSP: 002b:00007f50045f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000085 [ 732.310875][T15554] RAX: ffffffffffffffda RBX: 00007f50065e6180 RCX: 00007f500638f7c9 [ 732.310906][T15554] RDX: 0000000000000103 RSI: 00000000000020e9 RDI: 00002000000003c0 [ 732.310916][T15554] RBP: 00007f5006413f91 R08: 0000000000000000 R09: 0000000000000000 [ 732.310924][T15554] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 732.310933][T15554] R13: 00007f50065e6218 R14: 00007f50065e6180 R15: 00007ffe263cab28 [ 732.310954][T15554] [ 732.310973][T15554] ERROR: Out of memory at tomoyo_realpath_from_path. [ 733.031510][T15559] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 733.994689][T15573] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 734.690932][T15591] input: jJǸ-9%vJ86 as /devices/virtual/input/input16 [ 735.342557][T15602] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 736.453267][T15617] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 737.358547][T15630] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 737.954489][T15652] random: crng reseeded on system resumption [ 738.050751][T15646] block nbd2: not configured, cannot reconfigure [ 740.201009][T15672] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 741.576715][T15704] zswap: compressor not available [ 741.628537][T15706] Kernel: The 'panic_print' parameter is now deprecated. Please use 'panic_sys_info' and 'panic_console_replay' instead. [ 742.190763][T15722] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 743.445798][T15744] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 743.687569][T15748] zswap: compressor not available [ 743.717873][T15752] random: crng reseeded on system resumption [ 744.263117][T15760] bond0: option all_slaves_active: invalid value () [ 744.850272][T15774] zswap: compressor not available [ 744.939672][T15774] random: crng reseeded on system resumption [ 745.256495][T15782] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 747.358050][T15834] zswap: compressor not available [ 747.444134][T15834] random: crng reseeded on system resumption [ 747.690620][T15848] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 748.078233][T15851] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1933'. [ 749.055107][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 749.061547][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 750.568043][ T5844] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 750.568077][ T5844] Bluetooth: hci1: unexpected subevent 0x0f length: 725 > 260 [ 750.956617][T15921] FAULT_INJECTION: forcing a failure. [ 750.956617][T15921] name failslab, interval 1, probability 0, space 0, times 0 [ 750.971916][T15921] CPU: 1 UID: 0 PID: 15921 Comm: syz.0.1952 Not tainted syzkaller #0 PREEMPT(full) [ 750.971954][T15921] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 750.971969][T15921] Call Trace: [ 750.971978][T15921] [ 750.971989][T15921] dump_stack_lvl+0x16c/0x1f0 [ 750.972033][T15921] should_fail_ex+0x512/0x640 [ 750.972062][T15921] ? __kmalloc_cache_noprof+0x5f/0x770 [ 750.972105][T15921] should_failslab+0xc2/0x120 [ 750.972137][T15921] __kmalloc_cache_noprof+0x72/0x770 [ 750.972175][T15921] ? netdevice_event+0x365/0x9d0 [ 750.972205][T15921] ? netdevice_event+0x365/0x9d0 [ 750.972228][T15921] netdevice_event+0x365/0x9d0 [ 750.972258][T15921] ? __pfx_netdevice_event+0x10/0x10 [ 750.972280][T15921] ? __pfx_del_netdev_default_ips_join+0x10/0x10 [ 750.972304][T15921] ? __pfx_is_eth_port_inactive_slave_filter+0x10/0x10 [ 750.972333][T15921] ? __pfx_add_default_gids+0x10/0x10 [ 750.972355][T15921] ? __pfx_is_ndev_for_default_gid_filter+0x10/0x10 [ 750.972382][T15921] ? __pfx_add_netdev_ips+0x10/0x10 [ 750.972406][T15921] ? __pfx_is_eth_port_of_netdev_filter+0x10/0x10 [ 750.972437][T15921] notifier_call_chain+0xbc/0x3e0 [ 750.972456][T15921] ? __pfx_netdevice_event+0x10/0x10 [ 750.972481][T15921] call_netdevice_notifiers_info+0xbe/0x110 [ 750.972511][T15921] register_netdevice+0x1792/0x21d0 [ 750.972543][T15921] ? __pfx_register_netdevice+0x10/0x10 [ 750.972578][T15921] __ip_tunnel_create+0x540/0x6b0 [ 750.972605][T15921] ? __pfx___ip_tunnel_create+0x10/0x10 [ 750.972640][T15921] ip_tunnel_init_net+0x22f/0x7d0 [ 750.972670][T15921] ? __pfx_ip_tunnel_init_net+0x10/0x10 [ 750.972709][T15921] ? ops_init+0x77/0x5f0 [ 750.972734][T15921] ? __pfx_erspan_init_net+0x10/0x10 [ 750.972757][T15921] ops_init+0x1e2/0x5f0 [ 750.972785][T15921] setup_net+0x11d/0x3a0 [ 750.972810][T15921] ? __pfx_setup_net+0x10/0x10 [ 750.972832][T15921] ? lockdep_init_map_type+0x5c/0x270 [ 750.972857][T15921] ? mutex_init_lockep+0x110/0x150 [ 750.972883][T15921] copy_net_ns+0x351/0x5d0 [ 750.972911][T15921] create_new_namespaces+0x3ea/0xab0 [ 750.972947][T15921] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 750.972977][T15921] ksys_unshare+0x45b/0xa40 [ 750.972996][T15921] ? __pfx_ksys_unshare+0x10/0x10 [ 750.973036][T15921] ? xfd_validate_state+0x61/0x180 [ 750.973078][T15921] __x64_sys_unshare+0x31/0x40 [ 750.973097][T15921] do_syscall_64+0xcd/0xf80 [ 750.973126][T15921] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 750.973145][T15921] RIP: 0033:0x7f7c2958f7c9 [ 750.973163][T15921] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 750.973183][T15921] RSP: 002b:00007f7c2a4c9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 750.973204][T15921] RAX: ffffffffffffffda RBX: 00007f7c297e5fa0 RCX: 00007f7c2958f7c9 [ 750.973217][T15921] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 750.973229][T15921] RBP: 00007f7c29613f91 R08: 0000000000000000 R09: 0000000000000000 [ 750.973241][T15921] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 750.973253][T15921] R13: 00007f7c297e6038 R14: 00007f7c297e5fa0 R15: 00007fff08ae9ee8 [ 750.973283][T15921] [ 751.423040][T15919] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1949'. [ 752.393158][T15955] random: crng reseeded on system resumption [ 752.444726][T15952] zswap: compressor not available [ 752.598974][T15962] netlink: 206 bytes leftover after parsing attributes in process `syz.1.1961'. [ 753.627869][T15986] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 754.655999][T16015] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 755.428680][T16035] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 755.454716][T16036] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 756.515883][T16055] netlink: 206 bytes leftover after parsing attributes in process `syz.2.1990'. [ 756.804490][T16071] usb usb38: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 756.814723][T16071] vhci_hcd: default hub control req: 0000 v0000 i0000 l0 [ 757.026785][T16074] usb usb36: usbfs: process 16074 (syz.0.1996) did not claim interface 0 before use [ 758.804651][T16109] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 760.247643][T16159] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2009'. [ 760.809894][T16157] netlink: 206 bytes leftover after parsing attributes in process `syz.1.2017'. [ 761.679568][T16193] random: crng reseeded on system resumption [ 761.758927][T16190] zswap: compressor not available [ 763.695321][ T30] audit: type=1806 audit(4294967332.242:8): xattr="" res=-22 [ 766.939945][T16323] ======================================================= [ 766.939945][T16323] WARNING: The mand mount option has been deprecated and [ 766.939945][T16323] and is ignored by this kernel. Remove the mand [ 766.939945][T16323] option from the mount to silence this warning. [ 766.939945][T16323] ======================================================= [ 767.619881][T16337] random: crng reseeded on system resumption [ 767.651754][T16335] zswap: compressor not available [ 768.274049][T16357] random: crng reseeded on system resumption [ 769.183324][ T5844] Bluetooth: hci3: unexpected event 0x2c length: 42 > 17 [ 769.207327][T16383] random: crng reseeded on system resumption [ 769.243891][T16377] zswap: compressor not available [ 769.989733][T16391] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 771.165491][T16428] zswap: compressor not available [ 771.174101][T16428] random: crng reseeded on system resumption [ 771.886601][T16451] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2095'. [ 772.284466][T16456] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 772.939818][T16490] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 774.647023][ T5844] Bluetooth: hci3: unexpected event 0x3c length: 42 > 7 [ 775.376083][T16566] random: crng reseeded on system resumption [ 777.128878][T16609] bond0: invalid ARP target specified [ 778.344805][T16636] capability: warning: `syz.3.2161' uses 32-bit capabilities (legacy support in use) [ 778.831712][T16649] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 781.023572][T16707] random: crng reseeded on system resumption [ 781.038379][T16703] zswap: compressor not available [ 781.351729][T16723] IPVS: length: 7562853 != 24 [ 781.967267][T16745] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 782.425315][T16757] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 782.614709][T16759] zswap: compressor not available [ 782.704448][T16759] random: crng reseeded on system resumption [ 783.710621][T16784] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 784.218797][ T30] audit: type=1806 audit(4294967352.879:9): xattr=01 res=-22 [ 784.988535][T16842] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input18 [ 785.227193][T16849] FAULT_INJECTION: forcing a failure. [ 785.227193][T16849] name failslab, interval 1, probability 0, space 0, times 0 [ 785.240439][T16848] FAULT_INJECTION: forcing a failure. [ 785.240439][T16848] name failslab, interval 1, probability 0, space 0, times 0 [ 785.248807][T16849] CPU: 1 UID: 0 PID: 16849 Comm: syz.2.2230 Not tainted syzkaller #0 PREEMPT(full) [ 785.248843][T16849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 785.248867][T16849] Call Trace: [ 785.248876][T16849] [ 785.248886][T16849] dump_stack_lvl+0x16c/0x1f0 [ 785.248923][T16849] should_fail_ex+0x512/0x640 [ 785.248949][T16849] ? __kmalloc_cache_noprof+0x5f/0x770 [ 785.248992][T16849] should_failslab+0xc2/0x120 [ 785.249025][T16849] __kmalloc_cache_noprof+0x72/0x770 [ 785.249062][T16849] ? find_held_lock+0x2b/0x80 [ 785.249093][T16849] ? snd_seq_port_connect+0x61/0x580 [ 785.249131][T16849] ? snd_seq_port_connect+0x61/0x580 [ 785.249161][T16849] snd_seq_port_connect+0x61/0x580 [ 785.249192][T16849] ? _raw_read_unlock+0x28/0x50 [ 785.249219][T16849] ? check_subscription_permission.isra.0+0xf5/0x240 [ 785.249254][T16849] snd_seq_ioctl_subscribe_port+0x209/0x4b0 [ 785.249292][T16849] ? __pfx_snd_seq_ioctl_subscribe_port+0x10/0x10 [ 785.249343][T16849] call_seq_client_ctl+0x9f/0x110 [ 785.249376][T16849] snd_seq_kernel_client_ctl+0x7a/0xc0 [ 785.249407][T16849] snd_seq_oss_midi_open+0x62d/0x720 [ 785.249435][T16849] ? __pfx_snd_seq_oss_midi_open+0x10/0x10 [ 785.249459][T16849] ? snd_seq_oss_midi_reset+0x180/0x530 [ 785.249509][T16849] ? __mutex_lock+0x27b/0x1b10 [ 785.249549][T16849] snd_seq_oss_synth_reset+0x437/0x810 [ 785.249594][T16849] ? __pfx_snd_seq_oss_synth_reset+0x10/0x10 [ 785.249634][T16849] ? __pfx___fsnotify_parent+0x10/0x10 [ 785.249676][T16849] snd_seq_oss_reset+0x73/0x290 [ 785.249710][T16849] ? __pfx_odev_release+0x10/0x10 [ 785.249741][T16849] snd_seq_oss_release+0x7c/0x180 [ 785.249776][T16849] odev_release+0x56/0xa0 [ 785.249805][T16849] __fput+0x402/0xb70 [ 785.249849][T16849] task_work_run+0x150/0x240 [ 785.249884][T16849] ? __pfx_task_work_run+0x10/0x10 [ 785.249914][T16849] ? __pfx___do_sys_close_range+0x10/0x10 [ 785.249956][T16849] exit_to_user_mode_loop+0xec/0x130 [ 785.249989][T16849] do_syscall_64+0x4d8/0xf80 [ 785.250020][T16849] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 785.250047][T16849] RIP: 0033:0x7f3cf2f8f7c9 [ 785.250068][T16849] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 785.250092][T16849] RSP: 002b:00007f3cf3d96038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 785.250116][T16849] RAX: 0000000000000000 RBX: 00007f3cf31e5fa0 RCX: 00007f3cf2f8f7c9 [ 785.250133][T16849] RDX: 0000000000000000 RSI: fffffffffffff000 RDI: 0000000000000000 [ 785.250149][T16849] RBP: 00007f3cf3013f91 R08: 0000000000000000 R09: 0000000000000000 [ 785.250166][T16849] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 785.250182][T16849] R13: 00007f3cf31e6038 R14: 00007f3cf31e5fa0 R15: 00007ffcd5eb6218 [ 785.250219][T16849] [ 785.537615][T16851] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input19 [ 785.552003][T16843] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 785.600090][T16848] CPU: 0 UID: 0 PID: 16848 Comm: syz.0.2231 Not tainted syzkaller #0 PREEMPT(full) [ 785.600135][T16848] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 785.600148][T16848] Call Trace: [ 785.600156][T16848] [ 785.600164][T16848] dump_stack_lvl+0x16c/0x1f0 [ 785.600197][T16848] should_fail_ex+0x512/0x640 [ 785.600222][T16848] ? __kmalloc_node_track_caller_noprof+0xcb/0x890 [ 785.600256][T16848] should_failslab+0xc2/0x120 [ 785.600287][T16848] __kmalloc_node_track_caller_noprof+0xde/0x890 [ 785.600317][T16848] ? snd_timer_instance_new+0x65/0x2e0 [ 785.600357][T16848] ? kstrdup+0x53/0x100 [ 785.600376][T16848] kstrdup+0x53/0x100 [ 785.600400][T16848] snd_timer_instance_new+0x65/0x2e0 [ 785.600434][T16848] __snd_timer_user_ioctl.isra.0+0x1522/0x2520 [ 785.600474][T16848] ? rcu_is_watching+0x12/0xc0 [ 785.600505][T16848] ? __pfx___snd_timer_user_ioctl.isra.0+0x10/0x10 [ 785.600541][T16848] ? __mutex_lock+0x27b/0x1b10 [ 785.600570][T16848] ? do_vfs_ioctl+0x128/0x14f0 [ 785.600584][T16848] ? snd_timer_user_ioctl+0x4a/0xd0 [ 785.600608][T16848] ? __pfx___mutex_lock+0x10/0x10 [ 785.600640][T16848] snd_timer_user_ioctl+0x76/0xd0 [ 785.600661][T16848] ? __pfx_snd_timer_user_ioctl+0x10/0x10 [ 785.600683][T16848] __x64_sys_ioctl+0x18e/0x210 [ 785.600699][T16848] do_syscall_64+0xcd/0xf80 [ 785.600718][T16848] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 785.600746][T16848] RIP: 0033:0x7f7c2958f7c9 [ 785.600759][T16848] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 785.600773][T16848] RSP: 002b:00007f7c2a4c9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 785.600788][T16848] RAX: ffffffffffffffda RBX: 00007f7c297e5fa0 RCX: 00007f7c2958f7c9 [ 785.600798][T16848] RDX: 0000200000000080 RSI: 0000000040345410 RDI: 0000000000000003 [ 785.600807][T16848] RBP: 00007f7c29613f91 R08: 0000000000000000 R09: 0000000000000000 [ 785.600815][T16848] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 785.600824][T16848] R13: 00007f7c297e6038 R14: 00007f7c297e5fa0 R15: 00007fff08ae9ee8 [ 785.600843][T16848] [ 786.139568][T16873] random: crng reseeded on system resumption [ 786.492078][T16885] db_root: cannot open: [ 787.672916][T16921] random: crng reseeded on system resumption [ 788.346674][T16943] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 789.479287][T16975] snd_aloop snd_aloop.0: control 7:265:7::2 is already present [ 789.984689][T16980] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 790.002738][T16980] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 790.549659][T17005] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000005: 0000 [#1] SMP KASAN PTI [ 790.561597][T17005] KASAN: null-ptr-deref in range [0x0000000000000028-0x000000000000002f] [ 790.570061][T17005] CPU: 1 UID: 0 PID: 17005 Comm: syz.1.2281 Not tainted syzkaller #0 PREEMPT(full) [ 790.579542][T17005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 790.589619][T17005] RIP: 0010:handshake_complete+0x31/0x390 [ 790.595369][T17005] Code: 56 41 55 49 89 d5 41 54 41 89 f4 55 53 48 89 fb e8 d4 fc 6f f6 48 8d 7b 28 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 0f 03 00 00 48 8b 6b 28 e8 dc 23 0e 00 48 b8 00 [ 790.615092][T17005] RSP: 0018:ffffc90004c874f8 EFLAGS: 00010206 [ 790.621188][T17005] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffc90004cb2000 [ 790.629183][T17005] RDX: 0000000000000005 RSI: ffffffff8b4d245c RDI: 0000000000000028 [ 790.637174][T17005] RBP: ffffc90004c875c0 R08: 0000000000000000 R09: ffffed10285fc220 [ 790.645173][T17005] R10: ffff888142fe1103 R11: 0000000000000001 R12: 00000000fffffffb [ 790.653158][T17005] R13: 0000000000000000 R14: ffff88807d797400 R15: ffff88807d48a500 [ 790.661579][T17005] FS: 00007f50071776c0(0000) GS:ffff888124ca8000(0000) knlGS:0000000000000000 [ 790.670518][T17005] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 790.677099][T17005] CR2: 000000110dbd4398 CR3: 000000007d74a000 CR4: 00000000003526f0 [ 790.685066][T17005] Call Trace: [ 790.688343][T17005] [ 790.691271][T17005] handshake_nl_accept_doit+0x2dc/0x910 [ 790.696838][T17005] genl_family_rcv_msg_doit+0x209/0x2f0 [ 790.702390][T17005] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 790.708456][T17005] ? __dev_queue_xmit+0xaf1/0x4330 [ 790.713579][T17005] ? genl_get_cmd+0x194/0x580 [ 790.718330][T17005] ? bpf_lsm_capable+0x9/0x10 [ 790.723027][T17005] ? security_capable+0x7e/0x260 [ 790.727968][T17005] genl_rcv_msg+0x55c/0x800 [ 790.732477][T17005] ? __pfx_genl_rcv_msg+0x10/0x10 [ 790.737511][T17005] ? __pfx_handshake_nl_accept_doit+0x10/0x10 [ 790.743587][T17005] netlink_rcv_skb+0x158/0x420 [ 790.748353][T17005] ? __pfx_genl_rcv_msg+0x10/0x10 [ 790.753381][T17005] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 790.758676][T17005] ? netlink_deliver_tap+0x1ae/0xd30 [ 790.763958][T17005] genl_rcv+0x28/0x40 [ 790.767936][T17005] netlink_unicast+0x5aa/0x870 [ 790.772699][T17005] ? __pfx_netlink_unicast+0x10/0x10 [ 790.777984][T17005] netlink_sendmsg+0x8c8/0xdd0 [ 790.782749][T17005] ? __pfx_netlink_sendmsg+0x10/0x10 [ 790.788038][T17005] ? aa_sock_msg_perm.constprop.0+0x100/0x1b0 [ 790.794105][T17005] ____sys_sendmsg+0xa5d/0xc30 [ 790.798870][T17005] ? copy_msghdr_from_user+0x10a/0x160 [ 790.804326][T17005] ? __pfx_____sys_sendmsg+0x10/0x10 [ 790.809615][T17005] ? __pfx_futex_wake_mark+0x10/0x10 [ 790.814903][T17005] ___sys_sendmsg+0x134/0x1d0 [ 790.819573][T17005] ? find_held_lock+0x2b/0x80 [ 790.824258][T17005] ? __pfx____sys_sendmsg+0x10/0x10 [ 790.829457][T17005] ? __lock_acquire+0x433/0x22f0 [ 790.834403][T17005] __sys_sendmsg+0x16d/0x220 [ 790.838991][T17005] ? __pfx___sys_sendmsg+0x10/0x10 [ 790.844095][T17005] ? __x64_sys_futex+0x1e0/0x4c0 [ 790.849035][T17005] do_syscall_64+0xcd/0xf80 [ 790.853538][T17005] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 790.859430][T17005] RIP: 0033:0x7f500638f7c9 [ 790.863838][T17005] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 790.883527][T17005] RSP: 002b:00007f5007177038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 790.891936][T17005] RAX: ffffffffffffffda RBX: 00007f50065e5fa0 RCX: 00007f500638f7c9 [ 790.899987][T17005] RDX: 000000002004881c RSI: 0000200000000580 RDI: 0000000000000003 [ 790.907948][T17005] RBP: 00007f5006413f91 R08: 0000000000000000 R09: 0000000000000000 [ 790.915915][T17005] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 790.923876][T17005] R13: 00007f50065e6038 R14: 00007f50065e5fa0 R15: 00007ffe263cab28 [ 790.931847][T17005] [ 790.934861][T17005] Modules linked in: [ 790.939674][T17005] ---[ end trace 0000000000000000 ]--- [ 790.957130][T17005] RIP: 0010:handshake_complete+0x31/0x390 [ 790.974264][T17005] Code: 56 41 55 49 89 d5 41 54 41 89 f4 55 53 48 89 fb e8 d4 fc 6f f6 48 8d 7b 28 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 0f 03 00 00 48 8b 6b 28 e8 dc 23 0e 00 48 b8 00 [ 790.998531][T17005] RSP: 0018:ffffc90004c874f8 EFLAGS: 00010206 [ 791.005060][T17005] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffc90004cb2000 [ 791.013465][T17005] RDX: 0000000000000005 RSI: ffffffff8b4d245c RDI: 0000000000000028 [ 791.021835][T17005] RBP: ffffc90004c875c0 R08: 0000000000000000 R09: ffffed10285fc220 [ 791.036875][T17005] R10: ffff888142fe1103 R11: 0000000000000001 R12: 00000000fffffffb [ 791.046790][T17005] R13: 0000000000000000 R14: ffff88807d797400 R15: ffff88807d48a500 [ 791.055743][T17005] FS: 00007f50071776c0(0000) GS:ffff888124ba8000(0000) knlGS:0000000000000000 [ 791.065309][T17005] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 791.073881][T17005] CR2: 00007f533a7b7198 CR3: 000000007d74a000 CR4: 00000000003526f0 [ 791.083025][T17005] Kernel panic - not syncing: Fatal exception [ 791.089140][T17005] Sending NMI from CPU 1 to CPUs 0: [ 791.094358][ C0] NMI backtrace for cpu 0 [ 791.094378][ C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G D syzkaller #0 PREEMPT(full) [ 791.094410][ C0] Tainted: [D]=DIE [ 791.094418][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 791.094431][ C0] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 791.094463][ C0] Code: 15 59 02 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d f3 f4 0e 00 fb f4 8c 27 03 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 791.094485][ C0] RSP: 0018:ffffffff8de07df8 EFLAGS: 000002c6 [ 791.094504][ C0] RAX: 00000000005e42a4 RBX: 0000000000000000 RCX: ffffffff8b5b5429 [ 791.094518][ C0] RDX: ffffed10170866e6 RSI: ffffffff8bd1bc80 RDI: ffffffff8192199d [ 791.094534][ C0] RBP: fffffbfff1bd2f50 R08: 0000000000000000 R09: ffffed10170866e5 [ 791.094550][ C0] R10: ffff8880b843372b R11: 0000000000000000 R12: 0000000000000000 [ 791.094564][ C0] R13: ffffffff8de97a80 R14: ffffffff9065cfd0 R15: 0000000000000000 [ 791.094579][ C0] FS: 0000000000000000(0000) GS:ffff888124ba8000(0000) knlGS:0000000000000000 [ 791.094600][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 791.094616][ C0] CR2: 00007f533a7b7198 CR3: 000000007d74a000 CR4: 00000000003526f0 [ 791.094631][ C0] Call Trace: [ 791.094638][ C0] [ 791.094645][ C0] default_idle+0x13/0x20 [ 791.094674][ C0] default_idle_call+0x6c/0xb0 [ 791.094703][ C0] do_idle+0x38d/0x500 [ 791.094736][ C0] ? __pfx_do_idle+0x10/0x10 [ 791.094773][ C0] cpu_startup_entry+0x4f/0x60 [ 791.094802][ C0] rest_init+0x16b/0x2b0 [ 791.094832][ C0] ? acpi_subsystem_init+0x133/0x180 [ 791.094856][ C0] ? __pfx_x86_late_time_init+0x10/0x10 [ 791.094884][ C0] start_kernel+0x3f6/0x4d0 [ 791.094909][ C0] x86_64_start_reservations+0x18/0x30 [ 791.094935][ C0] x86_64_start_kernel+0x130/0x190 [ 791.094960][ C0] common_startup_64+0x13e/0x148 [ 791.094992][ C0] [ 791.284902][T17005] Kernel Offset: disabled [ 791.289205][T17005] Mem-Info: [ 791.292299][T17005] active_anon:19334 inactive_anon:11 isolated_anon:0 [ 791.292299][T17005] active_file:4361 inactive_file:41405 isolated_file:0 [ 791.292299][T17005] unevictable:768 dirty:467 writeback:0 [ 791.292299][T17005] slab_reclaimable:11659 slab_unreclaimable:91759 [ 791.292299][T17005] mapped:26562 shmem:1371 pagetables:1051 [ 791.292299][T17005] sec_pagetables:0 bounce:0 [ 791.292299][T17005] kernel_misc_reclaimable:0 [ 791.292299][T17005] free:1321513 free_pcp:10334 free_cma:0 [ 791.337623][T17005] Node 0 active_anon:77336kB inactive_anon:44kB active_file:17444kB inactive_file:165488kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:106248kB dirty:1868kB writeback:0kB shmem:3948kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11092kB pagetables:4060kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 791.370104][T17005] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:132kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:144kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 791.399885][T17005] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 791.429866][T17005] lowmem_reserve[]: 0 2482 2484 2484 2484 [ 791.435614][T17005] Node 0 DMA32 free:1371648kB boost:0kB min:34108kB low:42632kB high:51156kB reserved_highatomic:0KB free_highatomic:0KB active_anon:77336kB inactive_anon:44kB active_file:17444kB inactive_file:165488kB unevictable:1536kB writepending:1868kB zspages:520kB present:3129332kB managed:2542524kB mlocked:0kB bounce:0kB free_pcp:31700kB local_pcp:31700kB free_cma:0kB [ 791.469216][T17005] lowmem_reserve[]: 0 0 1 1 1 [ 791.473899][T17005] Node 0 Normal free:0kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 791.503417][T17005] lowmem_reserve[]: 0 0 0 0 0 [ 791.508116][T17005] Node 1 Normal free:3899044kB boost:0kB min:55768kB low:69708kB high:83648kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:132kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:9636kB local_pcp:9636kB free_cma:0kB [ 791.540688][T17005] lowmem_reserve[]: 0 0 0 0 0 [ 791.545379][T17005] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 791.557957][T17005] Node 0 DMA32: 2305*4kB (UME) 1163*8kB (UME) 525*16kB (UME) 1664*32kB (UME) 815*64kB (UME) 343*128kB (UME) 176*256kB (UM) 95*512kB (UME) 60*1024kB (UM) 12*2048kB (UME) 248*4096kB (UM) = 1371756kB [ 791.577448][T17005] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 791.588886][T17005] Node 1 Normal: 199*4kB (UME) 59*8kB (UME) 51*16kB (UME) 224*32kB (UME) 62*64kB (UME) 18*128kB (UME) 10*256kB (UM) 8*512kB (UME) 6*1024kB (UM) 6*2048kB (UME) 942*4096kB (UM) = 3899044kB [ 791.607325][T17005] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 791.616844][T17005] Node 0 hugepages_total=3 hugepages_free=0 hugepages_surp=1 hugepages_size=2048kB [ 791.626129][T17005] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 791.635666][T17005] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 791.644944][T17005] 47144 total pagecache pages [ 791.649609][T17005] 11 pages in swap cache [ 791.653825][T17005] Free swap = 124768kB [ 791.657955][T17005] Total swap = 124996kB [ 791.662255][T17005] 2097051 pages RAM [ 791.666098][T17005] 0 pages HighMem/MovableOnly [ 791.670754][T17005] 429330 pages reserved [ 791.674885][T17005] 0 pages cma reserved [ 791.678928][T17005] INFO: lockdep is turned off. [ 791.683667][T17005] NMI backtrace for cpu 1 [ 791.683683][T17005] CPU: 1 UID: 0 PID: 17005 Comm: syz.1.2281 Tainted: G D syzkaller #0 PREEMPT(full) [ 791.683703][T17005] Tainted: [D]=DIE [ 791.683708][T17005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 791.683718][T17005] Call Trace: [ 791.683726][T17005] [ 791.683733][T17005] dump_stack_lvl+0x3d/0x1f0 [ 791.683754][T17005] nmi_cpu_backtrace+0x27b/0x390 [ 791.683774][T17005] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 791.683797][T17005] nmi_trigger_cpumask_backtrace+0x29c/0x300 [ 791.683818][T17005] sys_info+0x113/0x160 [ 791.683837][T17005] vpanic+0x234/0x6f0 [ 791.683851][T17005] panic+0xca/0xd0 [ 791.683864][T17005] ? __pfx_panic+0x10/0x10 [ 791.683878][T17005] ? __show_regs+0x4bf/0x750 [ 791.683894][T17005] ? oops_end+0x84/0x110 [ 791.683915][T17005] oops_end+0xac/0x110 [ 791.683935][T17005] exc_general_protection+0x154/0x230 [ 791.683958][T17005] asm_exc_general_protection+0x26/0x30 [ 791.683973][T17005] RIP: 0010:handshake_complete+0x31/0x390 [ 791.683989][T17005] Code: 56 41 55 49 89 d5 41 54 41 89 f4 55 53 48 89 fb e8 d4 fc 6f f6 48 8d 7b 28 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 0f 03 00 00 48 8b 6b 28 e8 dc 23 0e 00 48 b8 00 [ 791.684004][T17005] RSP: 0018:ffffc90004c874f8 EFLAGS: 00010206 [ 791.684016][T17005] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffc90004cb2000 [ 791.684025][T17005] RDX: 0000000000000005 RSI: ffffffff8b4d245c RDI: 0000000000000028 [ 791.684035][T17005] RBP: ffffc90004c875c0 R08: 0000000000000000 R09: ffffed10285fc220 [ 791.684044][T17005] R10: ffff888142fe1103 R11: 0000000000000001 R12: 00000000fffffffb [ 791.684053][T17005] R13: 0000000000000000 R14: ffff88807d797400 R15: ffff88807d48a500 [ 791.684065][T17005] ? handshake_complete+0x1c/0x390 [ 791.684079][T17005] ? handshake_complete+0x1c/0x390 [ 791.684093][T17005] handshake_nl_accept_doit+0x2dc/0x910 [ 791.684116][T17005] genl_family_rcv_msg_doit+0x209/0x2f0 [ 791.684138][T17005] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 791.684162][T17005] ? __dev_queue_xmit+0xaf1/0x4330 [ 791.684182][T17005] ? genl_get_cmd+0x194/0x580 [ 791.684201][T17005] ? bpf_lsm_capable+0x9/0x10 [ 791.684217][T17005] ? security_capable+0x7e/0x260 [ 791.684233][T17005] genl_rcv_msg+0x55c/0x800 [ 791.684253][T17005] ? __pfx_genl_rcv_msg+0x10/0x10 [ 791.684272][T17005] ? __pfx_handshake_nl_accept_doit+0x10/0x10 [ 791.684296][T17005] netlink_rcv_skb+0x158/0x420 [ 791.684313][T17005] ? __pfx_genl_rcv_msg+0x10/0x10 [ 791.684332][T17005] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 791.684353][T17005] ? netlink_deliver_tap+0x1ae/0xd30 [ 791.684370][T17005] genl_rcv+0x28/0x40 [ 791.684386][T17005] netlink_unicast+0x5aa/0x870 [ 791.684404][T17005] ? __pfx_netlink_unicast+0x10/0x10 [ 791.684424][T17005] netlink_sendmsg+0x8c8/0xdd0 [ 791.684441][T17005] ? __pfx_netlink_sendmsg+0x10/0x10 [ 791.684459][T17005] ? aa_sock_msg_perm.constprop.0+0x100/0x1b0 [ 791.684475][T17005] ____sys_sendmsg+0xa5d/0xc30 [ 791.684495][T17005] ? copy_msghdr_from_user+0x10a/0x160 [ 791.684510][T17005] ? __pfx_____sys_sendmsg+0x10/0x10 [ 791.684530][T17005] ? __pfx_futex_wake_mark+0x10/0x10 [ 791.684550][T17005] ___sys_sendmsg+0x134/0x1d0 [ 791.684564][T17005] ? find_held_lock+0x2b/0x80 [ 791.684582][T17005] ? __pfx____sys_sendmsg+0x10/0x10 [ 791.684596][T17005] ? __lock_acquire+0x433/0x22f0 [ 791.684619][T17005] __sys_sendmsg+0x16d/0x220 [ 791.684634][T17005] ? __pfx___sys_sendmsg+0x10/0x10 [ 791.684648][T17005] ? __x64_sys_futex+0x1e0/0x4c0 [ 791.684669][T17005] do_syscall_64+0xcd/0xf80 [ 791.684685][T17005] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 791.684700][T17005] RIP: 0033:0x7f500638f7c9 [ 791.684714][T17005] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 791.684728][T17005] RSP: 002b:00007f5007177038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 791.684741][T17005] RAX: ffffffffffffffda RBX: 00007f50065e5fa0 RCX: 00007f500638f7c9 [ 791.684751][T17005] RDX: 000000002004881c RSI: 0000200000000580 RDI: 0000000000000003 [ 791.684759][T17005] RBP: 00007f5006413f91 R08: 0000000000000000 R09: 0000000000000000 [ 791.684768][T17005] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 791.684777][T17005] R13: 00007f50065e6038 R14: 00007f50065e5fa0 R15: 00007ffe263cab28 [ 791.684791][T17005] [ 792.105031][T17005] Rebooting in 86400 seconds..