last executing test programs: 5.419710929s ago: executing program 0 (id=7179): r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xe0180, 0x0) r1 = io_uring_setup$auto(0x59, &(0x7f0000000080)={0x80000002, 0x1d, 0x3000, 0xfffffff8, 0x7, 0x400a, 0xffffffffffffffff, [], {0x6, 0x9, 0x6, 0x29c, 0x1, 0x7f, 0x0, 0x7, 0x1}, {0x10100, 0x1, 0x52, 0x85, 0x2, 0x1a7b870a, 0x76c5, 0x8, 0x100000000}}) fsconfig$auto_SHMEM_HUGE_DENY(0xffffffffffffffff, 0x0, &(0x7f0000000140)='\\!:\x00', 0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0) r2 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r3, 0xffffffffffdffe00, &(0x7f0000000140)) r4 = epoll_create$auto(0x8800001) pipe2$auto(0x0, 0x0) epoll_ctl$auto(r4, 0x1, r2, 0x0) fcntl$auto_F_SETLK(r1, 0x6, 0xd27) pidfd_open$auto(0x1, 0x0) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/pcmC1D0c\x00', 0x20000, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) fanotify_init$auto(0x65, 0x2) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mprotect$auto(0x1ffffffff000, 0x100018, 0x4) msync$auto(0x110c230000, 0x200001, 0x6) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/bdi/43:288/max_bytes\x00', 0x82942, 0x0) 4.877622917s ago: executing program 1 (id=7181): socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @local}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) mmap$auto(0x5, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) socket(0x2, 0x1, 0x0) semctl$auto(0x201, 0xfffffffd, 0x3, 0x400000) setsockopt$auto(0x3, 0x1, 0x2, 0x0, 0x100008) listen$auto(0x3, 0x81) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/irq/25/smp_affinity_list\x00', 0x402, 0x0) write$auto(r0, &(0x7f0000000500)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x9f\xe2\xc7cOM\xb6\xa3,!oc.\xe7\x1d$\x9a`\xd8/g\xd3\x1a\xcd\x8e\x1d\xbb\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94&\x81\xe2\x13\x8f\xea#\xf8F\xa9O\x00\x00\x00\x00\xabxo\xd9\x90\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xb6\xb0N\x99\x04z\xd0I>\x8f\x00\xe5\x1c*\xedE\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xa3\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xa5\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\xac\x92\x7f]|\x04\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x85R\x96\xa6\x89\xdd\xce\xab\xd5\xe4+\xeaF\x06Y\xe9\xa1`\xb1\x8d\x85\xe0w+\x1e\x8b+\xd67IH\xff\x80N\xd1E8\xb7\xff\xa7\xff\x80\xd0y\x0f\x1d(!\x99\xab\xdf\x01\x00\x00\x00\x00\x00\x00\x00\xcdd\x87\x06\xfbK\xb9/\x19\xe5\x8b\x10P\xe7i8\xbe', 0x7) mmap$auto(0x0, 0x4005, 0x1, 0x40eb2, 0x401, 0x300000000000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x29, 0x2, 0x8c6) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710, @hyper}, 0x55) ioctl$auto(0x3, 0x800005411, 0x38) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x2, 0x1, 0x1000) socket(0x15, 0x5, 0x0) unshare$auto(0x40000080) r1 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/bus/usb/021/001\x00', 0x8a903, 0x0) ioctl$auto_USBDEVFS_SUBMITURB(r1, 0x8038550a, &(0x7f0000000140)={0x2, 0x80, 0x7fff, 0x7fff, &(0x7f0000000200)="78ef101a8beb70600eda60896c7db2f842359e07c7ad8a18c2affcebc8881ec40907d7779cdecf6948fac1faf7c6b12dfcd60794261e1c2915138a601d229ea8a03fd72511c4d66b11ff0a178980c999fed704cf4c06220aa378721c54284ee402e57b926934b903b3f0f7fe40bb1c132336463947516957b2532cdcf2c7ce6b0f96462256f3a65e36a29da3d51fa6", 0x5, 0xf13, 0x80005, @stream_id=0x6, 0x20047, 0xb, 0x0}) ioctl$auto_USBDEVFS_REAPURB32(r1, 0x4004550c, &(0x7f0000000300)=0x10003fe) setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0xd) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) setresuid$auto(0x0, 0x7, 0x8080) setfsuid$auto(0x0) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/kallsyms\x00', 0x20100, 0x0) pread64$auto(r2, 0x0, 0x80000000, 0x7fff) mount$auto(&(0x7f0000000000)='gre0\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0xfffffffffffeffff, &(0x7f0000000140)) 4.682031226s ago: executing program 3 (id=7182): r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xe0180, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x80000002, 0x1d, 0x3000, 0xfffffff8, 0x7, 0x400a, 0xffffffffffffffff, [], {0x6, 0x9, 0x6, 0x29c, 0x1, 0x7f, 0x0, 0x7, 0x1}, {0x10100, 0x1, 0x52, 0x85, 0x2, 0x1a7b870a, 0x76c5, 0x8, 0x100000000}}) fsconfig$auto_SHMEM_HUGE_DENY(0xffffffffffffffff, 0x0, &(0x7f0000000140)='\\!:\x00', 0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0) r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x2, 0x0) close_range$auto(0x2, 0x8, 0x8000000) r2 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r2, 0xffffffffffdffe00, &(0x7f0000000140)) r3 = epoll_create$auto(0x8800001) pipe2$auto(0x0, 0x0) epoll_ctl$auto(r3, 0x1, r1, 0x0) pidfd_open$auto(0x1, 0x0) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/pcmC1D0c\x00', 0x20000, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) fanotify_init$auto(0x65, 0x2) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mprotect$auto(0x1ffffffff000, 0x100018, 0x4) msync$auto(0x110c230000, 0x200001, 0x6) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/bdi/43:288/max_bytes\x00', 0x82942, 0x0) 4.436802214s ago: executing program 0 (id=7184): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/lapb3/threaded\x00', 0x8a801, 0x0) write$auto(r0, &(0x7f0000000000)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) prctl$auto_PR_GET_UNALIGN(0x5, 0x29, 0x8000, 0x3, 0x7fff) r1 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x3) socket(0x26, 0x2, 0x80000300) socket(0x11, 0x3, 0x9) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) ioctl$auto_SOUND_PCM_READ_CHANNELS(r1, 0x80045006, &(0x7f0000000240)) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) preadv$auto(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f00000001c0), 0xff}, 0x5, 0x0, 0x4) r2 = socket(0x2, 0x1, 0x106) setsockopt$auto(r2, 0x6, 0x6, &(0x7f0000000700)='\b\x00\x00\x00\xe4\x15\rq\tW\x9d=\x1e\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xe7\x9b\xdd\x1cp\x19\xa0\x9dHN\xb4\x7f\x7f\xa0\xeaI\xa1\x0f/\xfc\x8e\xf9\xa6x\xa0\xdeo\t\x826Xe(\x0e\xffr\r\x8d\xefh\xdbG\x8b\xde\xfd$\'\a ]\x91YP\x94\xd0\xd0\x02\x10\xb1_z\xa2Ql\x8c\x91\xca4\x118\xcd\xc3\x97\x03J:\x1e\xe5f\xcaq\xdf`\x01;\xf9{D2\xc9WV)\xa3JH\xf5\xf9\x16\xac\xa4\x155\x80\x01I\xd9\xa5\xd0\xf1\xbd\xa0\xa4\xa5q\xc6F\x940\x00\xf8\xef\xa4\xfd\xd2z\xf5\x91z<\x9f\xf0\x8f.\x81\x84\xed J&\x8f\xd9\xab-\xf8\xd0\xd3\xcea\x91pM0\xcd\x18\xb4\xe0u\x99\b\x19I\x87\xbb/1\xf9\x84\xbf\xcc\x0e5\xba\x9a\xba\xfb\xde\x16kU\x97\xec\xc6\xe15u\xd5\x94D\xab\xec.K\xfbD\x0f\xc16g\xf3`\x03O\xae]B@\x0e!n\x8dy\x97\xaa\xa7\x12\xbbyD\xd3\x82\xb3\x9a\x88L\x1b\x8b\xfb\xe7\xc8\xa8\xf66\x16\xe1\x04T\'/8a\xeb\xe6\xe6+!\x97\b\xc8;P\f~\x88\x02\x91 \xd3\x93\xa7.xCNA\xcax)\xb4\xdf\xfe/\xe40\xc6y\x13\x8d\bfJ\x85\x05\xf5\x9f\xea\x15\xe9{3\xcc\xac\x94w.%\x11_\xd3\xe2\xe9\x8c\x9c\xb1\xfb\xf9o\xf4\xc9\x88\xbd\x90p\xae\x8ap\xb9\xa4\xb7\xadv&\x999\xdf\x83\xae\xff\xa5\xfc\xd3\xc0!\xdc\xc4\xa0\xce8:\xeb~\x9b_F\x8f\xcaY\xa9\x89@\x99)\x1c\x8b\xc5\xb7\x10\xd1\xc8`\xb6\x8f\x136\xc3\x1e\xbd\x8e$\"\xbfJ\n\xd6\x0f\x9d\xcbr\xb7\xa8\xed\r+$\x94\x9b\xfe8\x8ao\xf8\xba\'i\xf1\xd3\x9c7P\xe3\x14\xa2\x1b-\xbb\xae\xe3P#:$\xaf\aB\xd2\x95\x18\\r\xd1\x80\x9fD\xd5\xaba\xc8\xd4\xd1\xb6\xf5\xb9\x16\xbb\xbc\xd6\xb3+\xdf\xfc\x89\x1f\xe9M|\x0e?g\x18\v\"', 0x4000007) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto(0xffffffffffffffff, 0x4008550d, 0xffffffffffffffff) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/graphics/fbcon/rotate_all\x00', 0xa001, 0x0) r4 = openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, &(0x7f0000000bc0)='/sys/kernel/tracing/dynamic_events\x00', 0x1, 0x0) write$auto_dynamic_events_ops_trace_dynevent(r4, &(0x7f0000000000)=' ', 0x1) settimeofday$auto(&(0x7f0000000180)={0x6ddb8b07, 0x9}, 0x0) write$auto(r3, &(0x7f0000000000)='3\xc7\xff\xff\xff\xdd\x00\b(Ks\x0f\x87|P\x11\xd1li0\x89\x85\x90QM\xd6wfF\xf1x\xb3;c\tP\x03\x84\x97\x99\x83\x97\x81:\xf3\xa3o5\xc5\x86\xed\xa4\x18]\xa3\xc9\x0f\xff\xdak\xb0m\xe1U\xb3\xa2\xee\xdcTJQO\x98\xc8w\x8c\xe7\x00\x00\x00\x1dj\x1e\xebQT\xdd\x9b\x00'/101, 0x9) writev$auto(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x10001}, 0xc) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/arp\x00', 0x101000, 0x0) 4.292874636s ago: executing program 1 (id=7185): r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xe0180, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x80000002, 0x1d, 0x3000, 0xfffffff8, 0x5, 0x400a, 0xffffffffffffffff, [], {0x6, 0x9, 0x6, 0x29c, 0x1, 0x7f, 0x8001, 0x7, 0x1}, {0x10100, 0x1, 0x52, 0x85, 0x2, 0x1a7b870a, 0x76c5, 0x8, 0x2}}) fsconfig$auto_SHMEM_HUGE_DENY(0xffffffffffffffff, 0x0, &(0x7f0000000140)='\\!:\x00', 0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0) r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x2, 0x0) mmap$auto(0x0, 0x202000a, 0x5, 0xeb1, 0xfffffffffffffffa, 0x8000) mremap$auto(0x0, 0x4000007, 0x3fd7, 0x0, 0x20000020000000) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r2, 0xffffffffffdffe00, &(0x7f0000000140)) r3 = epoll_create$auto(0x8800001) pipe2$auto(0x0, 0x0) epoll_ctl$auto(r3, 0x1, r1, 0x0) pidfd_open$auto(0x1, 0x0) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/pcmC1D0c\x00', 0x20000, 0x0) r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x101202, 0x0) ioctl$auto_SG_GET_RESERVED_SIZE(r4, 0x4c09, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) fanotify_init$auto(0x65, 0x2) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mprotect$auto(0x1ffffffff000, 0x100018, 0x4) msync$auto(0x110c230000, 0x200001, 0x6) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/bdi/43:288/max_bytes\x00', 0x82942, 0x0) 4.031711114s ago: executing program 0 (id=7186): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/lapb3/threaded\x00', 0x8a801, 0x0) write$auto(r0, &(0x7f0000000000)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) prctl$auto_PR_GET_UNALIGN(0x5, 0x29, 0x8000, 0x3, 0x7fff) r1 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x3) socket(0x26, 0x2, 0x80000300) socket(0x11, 0x3, 0x9) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) ioctl$auto_SOUND_PCM_READ_CHANNELS(r1, 0x80045006, &(0x7f0000000240)) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) preadv$auto(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f00000001c0), 0xff}, 0x5, 0x0, 0x4) r2 = socket(0x2, 0x1, 0x106) setsockopt$auto(r2, 0x6, 0x6, &(0x7f0000000700)='\b\x00\x00\x00\xe4\x15\rq\tW\x9d=\x1e\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xe7\x9b\xdd\x1cp\x19\xa0\x9dHN\xb4\x7f\x7f\xa0\xeaI\xa1\x0f/\xfc\x8e\xf9\xa6x\xa0\xdeo\t\x826Xe(\x0e\xffr\r\x8d\xefh\xdbG\x8b\xde\xfd$\'\a ]\x91YP\x94\xd0\xd0\x02\x10\xb1_z\xa2Ql\x8c\x91\xca4\x118\xcd\xc3\x97\x03J:\x1e\xe5f\xcaq\xdf`\x01;\xf9{D2\xc9WV)\xa3JH\xf5\xf9\x16\xac\xa4\x155\x80\x01I\xd9\xa5\xd0\xf1\xbd\xa0\xa4\xa5q\xc6F\x940\x00\xf8\xef\xa4\xfd\xd2z\xf5\x91z<\x9f\xf0\x8f.\x81\x84\xed J&\x8f\xd9\xab-\xf8\xd0\xd3\xcea\x91pM0\xcd\x18\xb4\xe0u\x99\b\x19I\x87\xbb/1\xf9\x84\xbf\xcc\x0e5\xba\x9a\xba\xfb\xde\x16kU\x97\xec\xc6\xe15u\xd5\x94D\xab\xec.K\xfbD\x0f\xc16g\xf3`\x03O\xae]B@\x0e!n\x8dy\x97\xaa\xa7\x12\xbbyD\xd3\x82\xb3\x9a\x88L\x1b\x8b\xfb\xe7\xc8\xa8\xf66\x16\xe1\x04T\'/8a\xeb\xe6\xe6+!\x97\b\xc8;P\f~\x88\x02\x91 \xd3\x93\xa7.xCNA\xcax)\xb4\xdf\xfe/\xe40\xc6y\x13\x8d\bfJ\x85\x05\xf5\x9f\xea\x15\xe9{3\xcc\xac\x94w.%\x11_\xd3\xe2\xe9\x8c\x9c\xb1\xfb\xf9o\xf4\xc9\x88\xbd\x90p\xae\x8ap\xb9\xa4\xb7\xadv&\x999\xdf\x83\xae\xff\xa5\xfc\xd3\xc0!\xdc\xc4\xa0\xce8:\xeb~\x9b_F\x8f\xcaY\xa9\x89@\x99)\x1c\x8b\xc5\xb7\x10\xd1\xc8`\xb6\x8f\x136\xc3\x1e\xbd\x8e$\"\xbfJ\n\xd6\x0f\x9d\xcbr\xb7\xa8\xed\r+$\x94\x9b\xfe8\x8ao\xf8\xba\'i\xf1\xd3\x9c7P\xe3\x14\xa2\x1b-\xbb\xae\xe3P#:$\xaf\aB\xd2\x95\x18\\r\xd1\x80\x9fD\xd5\xaba\xc8\xd4\xd1\xb6\xf5\xb9\x16\xbb\xbc\xd6\xb3+\xdf\xfc\x89\x1f\xe9M|\x0e?g\x18\v\"', 0x4000007) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto(0xffffffffffffffff, 0x4008550d, 0xffffffffffffffff) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/graphics/fbcon/rotate_all\x00', 0xa001, 0x0) r4 = openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, &(0x7f0000000bc0)='/sys/kernel/tracing/dynamic_events\x00', 0x1, 0x0) write$auto_dynamic_events_ops_trace_dynevent(r4, &(0x7f0000000000)=' ', 0x1) settimeofday$auto(&(0x7f0000000180)={0x6ddb8b07, 0x9}, 0x0) write$auto(r3, &(0x7f0000000000)='3\xc7\xff\xff\xff\xdd\x00\b(Ks\x0f\x87|P\x11\xd1li0\x89\x85\x90QM\xd6wfF\xf1x\xb3;c\tP\x03\x84\x97\x99\x83\x97\x81:\xf3\xa3o5\xc5\x86\xed\xa4\x18]\xa3\xc9\x0f\xff\xdak\xb0m\xe1U\xb3\xa2\xee\xdcTJQO\x98\xc8w\x8c\xe7\x00\x00\x00\x1dj\x1e\xebQT\xdd\x9b\x00'/101, 0x9) writev$auto(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x10001}, 0xc) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/arp\x00', 0x101000, 0x0) 3.809099084s ago: executing program 3 (id=7187): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r0) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r0, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="05082cbd7000fbdbdf257e00003000"], 0x14}, 0x1, 0x0, 0x0, 0x4004044}, 0x8000) 3.716313924s ago: executing program 1 (id=7188): socket(0x28, 0x1, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x200000000eb1, 0x401, 0x8000) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2711, @host}, 0x14) setsockopt$auto(0x3, 0x1, 0x3c, 0x0, 0x9) socket(0x10, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) bind$auto(0x3, &(0x7f0000000000)=@generic={0x10, "a500acb75c9cedd1b5e9a0d76293"}, 0x68) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x2, 0x0) write$auto_seq_oss_f_ops_seq_oss(r0, &(0x7f0000000040)="f6e6812018deadf7e88f819e30236ce79200e01532f2ed0d", 0x18) r1 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/devices/virtual/net/bond0/bonding/arp_ip_target\x00', 0xa0002, 0x0) write$auto_ocfs2_control_fops_stack_user(r2, &(0x7f0000003900)='\t', 0x1) write$auto(r1, &(0x7f0000000080)=')@-!\x00', 0x1e1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_CONNECT(r3, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000000200)={0x34, r4, 0x1, 0x703d25, 0x25dfdbfd, {}, [@NBD_ATTR_SOCKETS={0x14, 0x7, 0x0, 0x1, [@nested={0xc, 0x1, 0x0, 0x1, [@nested={0x8, 0x1, 0x0, 0x1, [@generic='\x00\x00\x00\x00']}]}, @nested={0x4, 0x89}]}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x6}]}, 0x34}, 0x1, 0x0, 0x0, 0x804}, 0x8880) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/kernel/perf_event_max_contexts_per_stack\x00', 0x202, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x3ff, 0x9, 0x5, 0x14, 0x944, 0x1ffe4, 0x3, 0x6, 0x4, 0x9, 0x400005, 0x4000fff, 0x8000007, 0x8001, 0xd, 0x5, 0x3, 0x4, 0x7, 0x20, 0x309, 0x8, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x78, 0x0, 0x0, [0x3, 0x0, 0x0, 0x200, 0x9, 0x0, 0x0, 0x4, 0xffffffffffffffff, 0x0, 0x0, 0x4000000000000, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x82, 0x800000000002, 0x9, 0x0, 0xbec, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x10, 0xfffffffffffffffe, 0xffffffffffffd059, 0x0, 0x0, 0x0, 0x2961, 0x0, 0x2]}, 0x2001fb, 0x7f) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) r5 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r5, &(0x7f0000000200)={{0x0, 0x1f00, &(0x7f0000000100)={0x0, 0xfdef}, 0x2, 0x0, 0x7, 0xa505}, 0x700}, 0x7, 0x4008) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_fd=r6, r7, 0x8, 0x2, 0xffffffffffffffff, @relative_fd, 0xe600}, 0x1) 3.559516361s ago: executing program 0 (id=7190): openat$auto_ftrace_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f00000008c0)='/sys/kernel/tracing/events/vmalloc/purge_vmap_area_lazy/enable\x00', 0x2, 0x0) readv$auto(0x3, &(0x7f0000001100)={0x0, 0xffff}, 0x1) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg0\x00', 0x800, 0x0) mmap$auto(0x0, 0x8, 0x9, 0x9b72, 0x2, 0x8000) openat$auto_ftrace_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f00000008c0)='/sys/kernel/tracing/events/vmalloc/purge_vmap_area_lazy/enable\x00', 0x20002, 0x0) mmap$auto(0x9, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) madvise$auto(0x4, 0xfffbffffffff0005, 0x17) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_SMC_NETLINK_GET_DEV_SMCR(r0, &(0x7f00000004c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000001140)=ANY=[@ANYRES64=r0, @ANYBLOB="c4d51ac3c05fee66672c086ae3e2f7c020e943980d24ebc47fd394d0f7b98a5245a8b8807b464b9bf8cede562ab725d2a84e1fa112889eedbda764ae11d20b2ebc9ce158901c116fd6e7b416632a75980035801a535b10551e840b9d290ddf2f82650daff022dbbe088faf2c4108c4da0c143999aacd9b421eaf7a981d5a0d203810678f598c09f7b080e77902e787c11a00319969865da1b7bacc1252230e0be74c3fbc64302fa098bb5e11fe001c92da21dfbffafeedd4cab547313351e13db463ec75f5d25cb1f298199bac5f84f9a9244955ea459ec6d7f49a7354ee4ffe1c5e7bc3de7c1b101a651773c51a78745823531227d1ef77168d11e33e350724b7acc9caecb087a8a0042b894e8f6bb8e977e1fb91d61e84d7378b5494663a14e601a11610791a826188569d9cf0dfbaeb3c01f7715d59869bd21f09642089cb041c91f67722957d46d2bceaa19dd27de90f954cf8aa91f96e1fe5f1d03a374fba7bdb06e0bab0345d213cfb25f06b08a605188a7f83af4cf98810c357c512c45526217866b473403fb0b749e5cdf9f30c4148abf2259ecfb00bd1dcbdcdc3e6f1df116f14cd9051b125f04583f473eaa422faf8a4f2b14b7b8231f7656fba72d0bb39b777bdc075e579f1d5500be7d275899fc54432c84b3f8bdbf84db6e3edaf142cf61d9c083161662ffabd837c6ea6cbb4ddc0d04616451f01efe1169ce5cbc7d02aa1135147a3f1af04564abf355a64fe9cbcf43f2322a63b28eb097e63e09c2621113c80d15f4f2bca8a37b27e1c65f39300b7974f597c78360171fbe98f820167d6e291fa0dc291a4a6b7133a9f63bce90d780cbe0ecaa78e81dc85975204d356abe710f9267789c8d4c7fa5838fe14e82acb7e2f08f2f134b5b042b1b05f8594d0cb1fa71ad8df3a7b7d97bb1275c8340105a130e8a35ec91cf1fbb68fee99d8c7039475b7652234063366c41c72f965cb2423afd6bdc21a536324f54fb2d1ea1b7fb1badb2aaf73ff294ac6870a54e4851300de245f110e2f5d2b20e2dc19f8514e2978cc2605dddfd577feede0ad957d7a3ec0ec2e79821dcb8e64bbe687180ef071ded1a430fff0fea87606ab87ca298fe71bfceb23e2553887749847daf46e19a632bb3c42e8876f02278829f11066af0357c5fac280b8d935cfdd9728d2101cc8b2b571ef3d5179e6530de3942939c559a8871fa5d0daaedccae7692da8999421adc23a54f61eed946e0e34ff652cca6be830b1cc1e2f0edce159da142461454ee0b75e8f8e24946a2eeeb256f6f12a51ba7939e1445a05489cd7a46c40579682e802a58eff67ee6ee5c5253b928359fd03959c57f26f3e83203ff778da1f7b5881d012b9e80abf6bcafb683c516ecacbaa43ebee063911eda0eda983bb98f9543f8fdca8f7dc295138612a870b1df01dda839d02c3aba3bb69ddff50c2630eccefe5dd74fc7791b63386b6de2c0ac03ced61039b956faa7179324063ff88e905cc94edc074ed3d0afcfd380c1e263765e5be9735909e6b5db13cb5200fad6fe165bdf5f47f033548dc9a9174e9a356320dd2b661d154ed5fb21bdd0e363d8a0cfd9a3623fc1a99e4372fe605ea9dd9b84453fe623f009d51750b355511a1ac9bca375c7b5655e28df8464d6e15dcf994a75d2f959100207dfab0f01a2dd883245f7d0bde88fb6e40e7ff938d79b8645491b2aa340fdced86c1e9997be7799352247a1f642bba6a96bc1e53dfa2a59eab6174c2476e984d701c2a80fc0d1d8d71e58322256a83d1cd0015b5de84c13a293ce2eda6c4e8d7dfe127fb034f0fb265d43fa5d208f71167d7dbd7641be687bda2ada8f7c75f9b8706e658a1f9abbb7a171810769abfba71f8838624e81288c82a2ca6fcf0d2195decd916305d6c50b0310bc375156516694a92ea4a9d8aeb2fce933677124b929a04c222a983d9153504b102b551cffd64665da3a738c624a609e8bd197934a20e7d7f09da7403430b748096e6eaaf03c4d99efd46bcc1a50460c5fadc342f8bb16a8f6e1f7e32a4ac49194d6de60be6748ade451953f2322bac7f23dbb837d83927502d3c270dda1117cb07a152fd715c95f5e9fea8b1e47b83d5463d943a964bef97337841e7f37f62bf03516c02037b5fce8177ed376f48eb1e6466806fcc6da4a482f6351b44222ce171ed0eb357bda507628d86a90cb5fb70969842477a32a7ce53b184973f088eb566900286cb66826e22aa0fc47666be020717afacad5a5ea10642bce166c75707d49ed8192352be1761224e4d892a33cf0d8721b82080474ae3acaeab56db15ab0733efa402c520baa14eb443150297074d9824fc407696a6c1a23021cbf13bf7a83207b63f9f0bb58b2801ab6829ca0cb62685550db5008ebe0cf32ba30ac156ba7ae06978674cfb0457c2d464b27eff7a1ec2d46a999067ed7c56deff2fc6e3a21ff6521b10680d5617d901c61e65162e47a2ef4ee667ca4afba0544cafb3e0519c9377c78e913c0549543a7c9bdc925495518c80fe2c4fe9ae50715bcfc6f6fded62efafb46c3832fbae9970d5d5d71581cafb3918a63f8249071afb312f1ad5c252acdd3751fbaef6572342a07c51fcd4294ff7e790026a2fc79d355ce9e028719b8079ad70147f8b03f60ba2aa45ad9986b0f80479ba1bb03100b35e6ad9a2167e3320f85b1faffe933569f889bda3cf928b2b08ab795c9bfa70be2c1ba77ee758df6d39fa1dcaa9b4b9e9f61de1f3990421132b7822e6e894525b9a348e81cb8b9cbf5747ebd95c97de5b719df8ceccc572037c296ea48730d80a696381b5cbeebf38d0f6330f25427b84091884fc1c549860988f72e8cb1b1d0d3b9ffbfc18f7a5b42785641007bc4558ad75adbd86cc1e28321d005c837bf9e6c5b52a003aa038000add71693da0829d084ee9d2b5243b28d7059a75590989ab88a0dc79687e3c57ce0e903e2bfbec967f06765769fce9f8cdce8574efde4ba2a55f80a268d72dcb56b6117a586736e6217a4e46a9e167ee1e52f20ab5a6471938841b33bc4cde6d9e0cdc48a2593eb6aece0172e45df965c8c7afd03396d23ef8adef4ea5565ef2ad76ce236c5f70d67c2f22bf2e940539ccda005f878b1b8141fdf27fccb22873d243d94434361e7c8f694215a383ac1c06a12b978808edba711da52cbd71c8372437cbbd59ca46daa171b019d9c72e35cf77b7d640460e6cbf00c1b604d293376b4d1a9aea768446d7475522816e045ab5b644710332604f1a032f279def4485752d21571f58e0ab65c42f48c20f0bd19172caedc01ba0b263ebf009c9073f4b91e55bb24e5acfa7109ece241b58cc23bf99598bde7f479c49605813ebe0c4778a0ad3cec92a5ae77f37b415f4f4572bf7a69fbfcac9c305ad18773ba998911c5b5684eeb94f161cee109a9dfeb786f614dd8f2650bd556fe6c8a4c3c5913b30b6c375a62857d873bb49a9c477f54e4582b0e1feea0995ccc05c58935aaf0db2aae05a8b627e97be2b87ab8b067dab2ded8d5e8a7635e97ce7690b5994d6a4a47725512a2abd71e6432ec074bf489cd0e39e9366b7c98873f549f09871b8346730ec42618bf930048aa1f45abb25e6bfb08e33032f3cd21e7b65c920ad1d2d5ca2a090a008e28ed1ed13d1fced0ff3c1afe4d2a988f7634a0fe67afa378147dcc8c482ef303ba0a9cae7e70d5e6168d8da03cd27cd6c670b470c9ae71bc10df4a924a9604824d8f511f61ddedf0909f6958a66574ac211209ca937eeb62df56208690fdc604c66cb5396eb2d60e4c06821f5cbdef742fa9ebccb8a021b3b0f5505a41bba213c53d5765c200dc0ae8909ff3c38658474fa7ed33beb129ba5c1a4fb942a396621f0b6470fa30175c19d2c049deb1032aa97d04247ba67d8e5eb4a39c9d501e4b5ec974be8dcefb68d3c6c6c26f684c0fdfc6a93327d65ca1d3a4947b2c1ffc628a005a317081e2c77f20142304bc9eda67a72017c21c00de399b9028ad368394eb96287bd7a6ca45a3934fdcd3818a8f59cffef923f8f6db54718f87ba12c73ced104bbc00053c265b71653809bc3363ea860a98b9eecdff299d425f59eb79d51b23f529c2e1c551f1cc3aaed95ad93a874f3f9401dbace248f7e24b7e285af2b6e76e5ccf2fafdc1ff86d5d256cff801ffcab644a0b4359f2f514d7da71a39c7ea0b3c8bf0a65be75ecfee5e30fa3a69d89c35cf6f0bee84251413d20b018fdf5b79b58751e007f3d0b84b9a54f40329269dcfbf4b4d9907ddf883898ba45f49c686e1dce4b91e5fdcff27c8f026be3a25d260efaca181f2bef330e1cc1fdb9971b7b33df7f55b1862bdf928b1ac095bf56162fbab62ce3a299ce19dbcae488564a6f9ac08283eb810864761154a9e23cba0cc92160f4349feb15a4ef762d61adbdf2eaf06fed809852bb78be159f5fc42c74eac58720cf7cde70295e226bc674332029ee55911c6b24a6259f9cef370702da41cbddc3a837bbe633a8d9e8f217a6106cb3d0acac2e53f62f7606a7c12767d5c5fc7297b459dc84b57c2860b98aac9b29e51fe169d770a551ba47586a1d23117d7720b6768db07f398be781f125eea9353ad4f15f87bba9e7a2a55c4a000f823ed76070dfd55d9225a76b4416af47a34baecab315a6fffee4e6782e759e883526bdf00f42eb4e1a44382116211109c2e81fd6c4f0afbbd2f68465193d61744f39f4f939a1cbd5d52236117cdfa123d7005fc21246c672e3accadef58e056a7eeb413e00d29024a501d62faff8abb1689a882cd9d7fb56ad850d3b860d2846f12ab14d11b1352ccdd798ba8829502e5df56cb85e9fff810184e5fcfcc37d945af245ff23caa7fb4d436c2321cacd3f7eb1f89613674b7798c9b5336942c2169f4455aaabf11dbddba0423d4394e17323d5cb3898f335cf048e61af8c5b3f95455508a31f1b0719d00f3d342c739e025ce46f3c72b842b86f4894551209305582bb00e7c73a577a0728000d9813216e5c416e774c90d832aac782a6fb64034aabed56e214b61acbd7c9669a049d164250e42123ae752fea33fd53ebc7a3bae456b9e8decf1741f0f903a6ad531ef4fcdcc448057866bd508f8a6186440f498e1fdbb5396280265eab8c5710d381f673783d36e323fe9292a1240432034255c1b06354903c05b72e64ca570af51d18a38ad0aa070ea7ed04cf48f25940478f664e08bb999c0139cdaadd5fca85531ded3f1b74c9dab4d31c716e9806055e84d9f8a012ecdab352511c884fe2950700c4f18fa4432b4453d92699c5e19d07b1666de96cebf805d1a5f862a0cd75f08e6fbf23ba99bf7a3fad4f7f9c2c6b2376684418b222d4ba6428fc18227d5739af50c2368bbd83f59e5da97d2eb7decf7af73448b4063ba67d5cf826eff3608610ae64810d384bfc36b01d9200bf0411b037cfc814e79a3c35af13bfe4d5dcfd925419919eda3e56c2fbd89ba902e7531e773bb424c8d54dc44f7636f5b59ce356fcc9ce96784f0980153381f47586720a2b9a363d36261f4cace6e9552a53244c18b9d04a1980ebb19a14e92f7038568157dd8fd9d3a8ca7db227056a7f38e16b6676addacde062742d6a65bc45588abd8cd8705985ac7ae9782e478e380eb10fed6470ccfcb4c60a0fe629c3c5efcd5df1ffa2dcc604606121a0bf444e1aed361f6bca91bb8bf786d32ade6fad90f394d9620512ee6467758ce0ab92cdf73852f51a4cbed58a10220cf2b15b8bb029404e9527d127aea1a379fdfbba624cb042aedcff715d09616571db59d", @ANYBLOB="000127bd7000fedbdf2506000000ec3dcc0f2ea6e3c1d705719d4617ddd6aecc5385e61f58a3c47a8802f27790b71ec8ab16b828f4a93502f02d661ea1fca92b8d7ef3630e2587a5e4c47c7cd58552e81c6c69de23be883b0af261f2330b22131ccdf092072ab581e41b8da64e5b199b2abf092b112dbbbea608f5a726c6760189cf6d2129ad9cc10e6c2d5b6a9b382234b459c370d1cbe377b4a4fe041183966aecf87f7f687e5ecb0e1dcfc7178c74a572251cccbe195a66305f84df3f57afc0d6c10b94f6626d528d3957b38126"], 0xd8}, 0x1, 0x0, 0x0, 0x11}, 0x40040d0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/module/snd_usb_audio/parameters/quirk_flags\x00', 0x121102, 0x0) write$auto(r1, &(0x7f0000000040)='\\\x00', 0x2) recvmmsg$auto(0xffffffffffffffff, &(0x7f0000000380)={{&(0x7f00000001c0)="a36d3fa58cc14c483eaeefbda25ed11e6584b0e06b6f7d2a0920bb3dac705aa384572b6a4be4e53907a7b258", 0x7fff, 0x0, 0x9, 0x0, 0x2, 0x9}, 0x2}, 0xfffffffd, 0x3, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) mount$auto(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000140)='nfs\x00', 0x1, &(0x7f00000001c0)) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) syz_genetlink_get_family_id$auto_ipvs(0x0, r0) unshare$auto(0x40000080) openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000d00), 0x0, 0x0) madvise$auto(0xfffffffffffffffc, 0x7fffffffffffffff, 0xa) sendmsg$auto_NL802154_CMD_SET_CCA_ED_LEVEL(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000500)=ANY=[@ANYBLOB="1c010000f59f48746ddfcfed13b613525c89ac4dc96ec478bf81407eb4b62090e789e2f26b5c30cde021c02736df0f000000000000004499ff955d8b0fff18eaf1203173b2cd2095e101d1981d22b04746c26ab4ffdccd9417274de524d60b96b51cffd321dcbbca811d9ede6e7430442b25f48cc4220083f88f1fec0478967887c6e04d8fd9bbef3664", @ANYRES16=0x0, @ANYBLOB="08002dbd7000fddbdf250e000000050012004000"], 0x1c}, 0x1, 0x0, 0x0, 0x8001}, 0x40000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0x96bc}, 0x2, 0x0, 0x7, 0xe945}, 0x9}, 0x7, 0xfffffffe) mmap$auto(0xfffffffffffffffe, 0x2, 0xdf, 0xeb1, 0x401, 0x8000) r2 = socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x6, 0xdf, 0xeb1, 0x401, 0x8000) socket(0xa, 0x2, 0x3a) io_uring_setup$auto(0x52, 0x0) bpf$auto(0x1, &(0x7f0000000000)=@batch={0xfffffffffffffffb, 0x44, 0x2, 0x9, 0x81, r2, 0x2, 0x8}, 0x100000cf) r3 = socket(0xe, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200"], 0x1ac}}, 0x40000) recvmmsg$auto(r3, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x803}, 0xfffffff9, 0x10, 0x0) 3.302427936s ago: executing program 3 (id=7192): mmap$auto(0x0, 0x20006, 0x4000000000df, 0xeb1, 0x4, 0x8000) sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[], 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0xd0) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, 0x0, 0x40090) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000800}, 0x4) madvise$auto(0x0, 0xffffffffffff0001, 0x15) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sg0\x00', 0x8001, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400004, 0xdf, 0x8011, 0xffffffffffffffff, 0x2) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/workqueue/cpumask\x00', 0x2, 0x0) write$auto(r1, &(0x7f0000000180)='1\x00\\\xa0\x04|\x9d$\xdcM)\xb9\xdd\xd6', 0x5) syz_genetlink_get_family_id$auto_nl80211(0x0, r0) syz_genetlink_get_family_id$auto_ovs_packet(0x0, 0xffffffffffffffff) mmap$auto(0x2000, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mbind$auto(0x0, 0x7, 0x4, 0x0, 0x6, 0x2) ioctl$auto_PAGEMAP_SCAN(0xffffffffffffffff, 0xc0606610, &(0x7f000000c380)={0x60, 0x0, 0x100000, 0x7fffffffefff, 0xfffffffffffffffe, 0x1, 0x8, 0xbff, 0x29, 0x2c, 0x3, 0x2}) syz_genetlink_get_family_id$auto_ovs_packet(0x0, 0xffffffffffffffff) ioctl$auto_SNDCTL_DSP_SETTRIGGER(0xffffffffffffffff, 0x40045010, &(0x7f0000000080)) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D0\x00', 0x8001, 0x0) msgctl$auto(0x2, 0x1, &(0x7f0000000200)={{0xb3, 0x0, 0xffffffffffffffff, 0x10000, 0x1, 0x1, 0x6}, &(0x7f0000000180)=0xf5, &(0x7f00000001c0)=0x3, 0x2, 0xe7, 0xa2, 0x6, 0xfffffffffffffff9, 0x0, 0xb69, 0xb, @raw=0x6, @inferred=0xffffffffffffffff}) keyctl$auto(0x1f, 0x1, 0x6, r2, 0x403) mlockall$auto(0x800000000000005) msync$auto(0x1ffff000, 0x1800000ff000000, 0x400000004) r3 = openat$auto_proc_pid_smaps_operations_internal(0xffffffffffffff9c, &(0x7f0000000b00)='/proc/self/smaps\x00', 0x42000, 0x0) read$auto_proc_pid_smaps_operations_internal(r3, &(0x7f00000002c0)=""/190, 0xfffffe39) openat$auto_media_devnode_fops_mc_devnode(0xffffffffffffff9c, 0x0, 0x40, 0x0) 3.073669521s ago: executing program 2 (id=7193): close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_o2hb_debug_fops_heartbeat(0xffffffffffffff9c, &(0x7f0000001d80)='/sys/kernel/debug/o2hb/failed_regions\x00', 0x200, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101c40, 0x0) ioctl$auto(r2, 0x560d, 0xffffffffffffffff) r3 = socket(0x25, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'veth0_to_hsr\x00', 0x0}) shmget$auto(0xc60, 0xdcd4, 0xffffffff) bind$auto(r0, &(0x7f0000000040)=@can={0x1d, r4}, 0x6a) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/system/cpu/vulnerabilities/spec_store_bypass\x00', 0x101800, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r5, &(0x7f0000001080)=""/98, 0x62) sendmsg$auto_NL802154_CMD_SET_PAN_ID(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000000)=ANY=[@ANYBLOB='$\x00', @ANYRES16], 0x24}, 0x1, 0x0, 0x0, 0x4088}, 0x20000010) write$auto(0xffffffffffffffff, &(0x7f0000000000)='@*\x00', 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x16, r1, 0x8000) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x9a6, 0x1) get_mempolicy$auto(0xfffffffffffffffe, 0x0, 0x3, 0x1ff, 0x3) ioctl$auto_UDMABUF_CREATE_LIST(0xffffffffffffffff, 0x40087543, &(0x7f0000000140)={0x9, 0x2, [{0xffffffffffffffff, 0x0, 0x0, 0x6}, {r1, 0x0, 0x80, 0x2}]}) r6 = socket(0x9, 0x2, 0x73) r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/system/cpu/vulnerabilities/spec_store_bypass\x00', 0x101800, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r7, &(0x7f0000001080)=""/98, 0x62) sendto$auto(r6, 0x0, 0x4, 0xfffffffe, &(0x7f0000000000)=@generic={0xa, "e208004002de00"}, 0x1c) mmap$auto(0x0, 0x202000b, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) set_mempolicy$auto(0x7, &(0x7f00000000c0), 0x1) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x3000000, 0x0, 0x100000000001, 0x0, 0x10000000000004, 0x2}, 0x895}, 0x3, 0x0) r8 = getpid() process_vm_readv$auto(r8, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f00000002c0)="76aaa179d416e3dc0501fa72bcbb1a7b37212eeb4bc7f4a0041fc8946d5d79cc97ea4331aec63604c0ff049b6d55a7598e5547154d69672d422403a43e696b8f31e760f5e4f5e444b7dea4f2d0d9c0a405557788383728f8e30c9e04abd829d164e8d667e4cdf1c52b99820769d04956ee9606eb35069c8584a8854279d4d94ea9d3e394f97b39c26f99412f169231f6b5a39870d4761ba6e4c9479c242f79b2fbc3ff3a7fb70224a360a9205539f0bd23a122fc33c1df530d0752131a3790b3b0b4351cf4181a712dc9f88a55f610a1d2ef6facb1b1b6e9a300c1c5010bae92fb2daf7807f477448e7798ffd41cb2b8f9dcb94f3ae258cddb3810c2542c150c91e12706665d5a3f819ff615daaca316f3bab67a0b9b23859427f759cf74f9d7e9d32ba84676be4fe800f0275932f0b09994b42bd8f2f160028e9e45c57a039ce001f391a13dc898af771978ab2b7b408a62aa06db16d0c80da2934af8208c68bf82b41bd826e63c53c789", 0xffffffff}, 0x6, 0x0) sysfs$auto(0x2, 0x5, 0x0) bpf$auto(0x5, &(0x7f0000000000)=@iter_create={0x15, 0x8}, 0x7) ioctl$auto(0x3, 0x80000541b, 0x38) 2.961627444s ago: executing program 1 (id=7194): r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xe0180, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x80000002, 0x1d, 0x3000, 0xfffffff8, 0x7, 0x400a, 0xffffffffffffffff, [], {0x6, 0x9, 0x6, 0x29c, 0x1, 0x7f, 0x0, 0x7, 0x1}, {0x10100, 0x1, 0x52, 0x85, 0x2, 0x1a7b870a, 0x76c5, 0x8, 0x100000000}}) fsconfig$auto_SHMEM_HUGE_DENY(0xffffffffffffffff, 0x0, &(0x7f0000000140)='\\!:\x00', 0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0) r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000cc0), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_MPATH(0xffffffffffffffff, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000d40)={&(0x7f0000000000)={0x14, r2, 0x301, 0x70bd2d, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x4048090) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="000125bd8400ffdbdf251f0000000500130103000000"], 0x1c}, 0x1, 0x0, 0x0, 0xd1}, 0x94) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/gre0/force_tllao\x00', 0x80040, 0x0) shutdown$auto(r3, 0x8) r4 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r4, 0xffffffffffdffe00, &(0x7f0000000140)) r5 = epoll_create$auto(0x8800001) epoll_create$auto(0xabd1) pipe2$auto(0x0, 0x0) epoll_ctl$auto(r5, 0x1, r1, 0x0) pidfd_open$auto(0x1, 0x0) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/pcmC1D0c\x00', 0x20000, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) fanotify_init$auto(0x65, 0x2) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mprotect$auto(0x1ffffffff000, 0x100018, 0x4) msync$auto(0x110c230000, 0x200001, 0x6) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/bdi/43:288/max_bytes\x00', 0x82942, 0x0) 2.582248873s ago: executing program 2 (id=7195): mmap$auto(0x0, 0x20009, 0x7, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x2008, 0x0) mmap$auto(0x0, 0x4000002, 0xfffffff7fffffe01, 0x8051, 0x3, 0x0) r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sg0\x00', 0x8001, 0x0) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) ioctl$auto_SG_GET_RESERVED_SIZE2(r0, 0x2272, &(0x7f00000001c0)="fe530a59fbae9604f9035c73eb3ba04d29fbda45a7eaa756f07b29caa80ed94839be7dd990b4df9907bc743dec72ae97a7324f29d864682ef38cd63394628e1c5ad57995a54c828bde7f5604f5ea93da13dcd69794f8582b46a18eccc880f2e0400036486a6b67baa0f58ae8cde3ffdfc8ccc80b8baf70001f48cf64a73a26fd3d2d4834048ce53d31c571ae1a6ebee37d") ioctl$auto_SNDCTL_DSP_SETTRIGGER(r1, 0x40045010, &(0x7f0000000280)="6538d82d2b7eaf02e41ff088b981b8721bbd17635a04c7220116c19832b2d505000000000000000ea40faae838f9a03bc4209c8b5f9d6e0283e57e2009bc0a6fb31bf0adbff078e33b4864f877d6e8eb31357996c0d0088f605ae37997358489e07b867ee2ca313c58b0112432bc66364b4a32a956c0cb7c6c8cc2fa7f1a7bcf4632120e1fd4d222774b9571e778f3040b5228e898dbb64aa96658b8ba99e206f1807c9916480c98e19b46b0fcb98fe96574b9cca2fb04dd3f96e563f7cb966e87fc7da979f08575c468bddfe6780395fd0f64b486edb3f10bb5de73bd0d224a143523cf422aeb7007d80b6c809f9f9b3ed0932235be1d3cbccc1632d05271977f68535d8fbc5d61096b15354cfda5d3e2ff4810c666b6d0bfde05000000a9b6dcb61742a55ce5a5c4de88b4cfba2ee705") openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) mmap$auto(0x2000, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) write$auto(0xffffffffffffffff, &(0x7f0000000100)='d>*\xd2x\xc7\xbf\xff\x9a\xc01(\x00iM\x9c\bAa\x9e\xe98\xee\x15\xd3\xc5v\x99\f|\xe3\xbf\xd9\xf4C\x14A\xe6k\x105\xee\xc5\xaa$\x16\t?g\xb8b\x12\v*\xf9@B\xd0\xd2\x99{\x8b^\xff@\x83\x02Tvt\xc1_\x98\x9f\x16\xd5Is', 0x100000a3da) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) socket(0x2, 0x1, 0x0) prctl$auto(0x35, 0x1, 0x0, 0x2, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) socketpair$auto(0x4, 0xd, 0x808e8, 0x0) madvise$auto(0xfffffffffffffffc, 0xffffffffffff0006, 0x19) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0x400053, 0x9) mlockall$auto(0x800000000000005) msync$auto(0x1ffff000, 0x1800000ff000000, 0x400000004) mmap$auto(0x0, 0x2020009, 0x3, 0x200000000000eb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) 2.061999933s ago: executing program 1 (id=7196): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ttyS2\x00', 0x101f81, 0x0) ioctl$auto(0xffffffffffffffff, 0x200, 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x4a801, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x8000000000000002, 0x4000000000df, 0x11, 0xffffffffffffffff, 0x64b3) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x0) setsockopt$auto(0x400000000000003, 0x29, 0x6, 0x0, 0x3) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) r1 = landlock_create_ruleset$auto(&(0x7f0000000140)={0xdaa0, 0x1, 0x9}, 0x9, 0x0) r2 = syz_genetlink_get_family_id$auto_nlbl_unlbl(&(0x7f0000000280), r1) sendmsg$auto_NLBL_UNLABEL_C_STATICREMOVE(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000003c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="000425bd707cd49ff1221d742bd306b2779fe43900fddbdf25041b00000800050000"], 0x28}, 0x1, 0x0, 0x0, 0x2000c044}, 0x24040000) r3 = socket(0x11, 0x80003, 0x0) setsockopt$auto_SO_BSDCOMPAT(r3, 0x1, 0xe, &(0x7f0000000080)='/\x00', 0x1000) r4 = open(&(0x7f00000000c0)='./cgroup\x00', 0x80400, 0xb5d1af1605322dd2) open_by_handle_at$auto(r4, &(0x7f0000001280)={0x8, 0x2, "0200000000000000"}, 0x6) ioctl$auto_TIOCCONS2(r0, 0x541d, 0x0) 1.923289716s ago: executing program 3 (id=7197): r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xe0180, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x80000002, 0x1d, 0x3000, 0xfffffff8, 0x7, 0x400a, 0xffffffffffffffff, [], {0x6, 0x9, 0x6, 0x29c, 0x1, 0x7f, 0x0, 0x7, 0x1}, {0x10100, 0x1, 0x52, 0x85, 0x2, 0x1a7b870a, 0x76c5, 0x8, 0x100000000}}) unshare$auto(0x7) fsconfig$auto_SHMEM_HUGE_DENY(0xffffffffffffffff, 0x0, &(0x7f0000000140)='\\!:\x00', 0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0) r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r2, 0xffffffffffdffe00, &(0x7f0000000140)) r3 = epoll_create$auto(0x8800001) pipe2$auto(0x0, 0x0) epoll_ctl$auto(r3, 0x1, r1, 0x0) pidfd_open$auto(0x1, 0x0) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/pcmC1D0c\x00', 0x20000, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) fanotify_init$auto(0x65, 0x2) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mprotect$auto(0x1ffffffff000, 0x100018, 0x4) r4 = openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x101040, 0x0) read$auto_rng_chrdev_ops_core(r4, &(0x7f0000000040)=""/4096, 0xfffffe82) msync$auto(0x110c230000, 0x200001, 0x6) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/bdi/43:288/max_bytes\x00', 0x82942, 0x0) 1.412299697s ago: executing program 2 (id=7198): r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xe0180, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x80000002, 0x1d, 0x3000, 0xfffffff8, 0x7, 0x400a, 0xffffffffffffffff, [], {0x6, 0x9, 0x6, 0x29c, 0x1, 0x7f, 0x0, 0x7, 0x1}, {0x10100, 0x1, 0x52, 0x85, 0x2, 0x1a7b870a, 0x76c5, 0x8, 0x100000000}}) fsconfig$auto_SHMEM_HUGE_DENY(0xffffffffffffffff, 0x0, &(0x7f0000000140)='\\!:\x00', 0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0) r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r2, 0xffffffffffdffe00, &(0x7f0000000140)) r3 = epoll_create$auto(0x8800001) pipe2$auto(0x0, 0x0) epoll_ctl$auto(r3, 0x1, r1, 0x0) pidfd_open$auto(0x1, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyc6\x00', 0x2000, 0x0) mmap$auto(0x0, 0x202000a, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x2d, 0x2, 0x0) ioctl$auto(0x3, 0x89e0, 0x91) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/pcmC1D0c\x00', 0x20000, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) fanotify_init$auto(0x65, 0x2) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mprotect$auto(0x1ffffffff000, 0x100018, 0x4) msync$auto(0x110c230000, 0x200001, 0x6) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/bdi/43:288/max_bytes\x00', 0x82942, 0x0) 1.297510778s ago: executing program 1 (id=7199): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/dynamic_debug/control\x00', 0x334e82, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xfffffffffffeffff, 0x15) sysinfo$auto(0x0) r0 = socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0) ioctl$auto(r1, 0x5393, r0) r2 = openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/tracing_cpumask\x00', 0x28902, 0x0) read$auto_tracing_cpumask_fops_trace(r2, &(0x7f0000000140)=""/193, 0xc1) ioctl$auto_BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000040)={"f41f50c77fc60a73f782c5e4bb49d2786071a0b96037115c0d70d88ebf94c477", 0x0, 0x40, 0x7, 0x5, 0x5, 0x0}) process_vm_readv$auto(r3, 0x0, 0x3, &(0x7f0000000280)={0x0, 0xffffffff}, 0x6, 0x0) mmap$auto(0xfffffffffffffffb, 0x2020009, 0x1, 0xeb1, 0xfffffffffffffffa, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) open(&(0x7f0000022ff6)='./control\x00', 0x2640, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x8, 0xdf, 0x209b72, 0x4e477f5a, 0x8000) getsockopt$auto(0x6, 0x1, 0x4d, 0xfffffffffffffffe, 0x0) mmap$auto(0x0, 0x44009, 0xdf, 0x9b72, 0x7, 0x28000) r4 = open(&(0x7f0000000040)='./file0\x00', 0x2041, 0xfa) write$auto(r4, 0x0, 0xfffffdf1) openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x40342, 0x22) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f00000020c0)=""/4143, 0x102f) 1.273176128s ago: executing program 3 (id=7200): openat$auto_nsim_nexthop_bucket_activity_fops_fib(0xffffffffffffff9c, &(0x7f0000004040)='/sys/kernel/debug/netdevsim/netdevsim3/fib/nexthop_bucket_activity\x00', 0x10b002, 0x0) (async) mmap$auto(0x0, 0xe980, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8008000) (async) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) (async) socket(0x15, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x3, 0x100) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) socket(0xa, 0x801, 0x84) (async) socket(0x10, 0x2, 0x0) arch_prctl$auto_ARCH_SHSTK_UNLOCK(0x5004, 0x0) pidfd_open$auto(0x1, 0x0) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/pcmC1D0c\x00', 0x20800, 0x0) (async) timer_create$auto(0x9, 0x0, 0x0) (async) socket(0x25, 0x1, 0xff) (async) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000340)='/dev/tty41\x00', 0x68000, 0x0) (async) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/midiC2D0\x00', 0x20401, 0x0) (async) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/ksm/max_page_sharing\x00', 0x12b141, 0x0) write$auto(r1, &(0x7f0000000140)='-\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) mount$auto(0x0, 0xfffffffffffffffe, 0x0, 0x80, 0xfffffffffffffffe) (async) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/037/001\x00', 0x802, 0x0) (async) mmap$auto(0x1000000000, 0x10000040000b, 0x1000000000000df, 0x4000009b73, r0, 0x8003) (async) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x10000000000001ff, 0x7, 0xd3e, 0x20, 0x9687, 0x100000000000003, 0x3c2a19d5, 0x6, 0x3, 0x62, 0x8, 0x7, 0x6d3f, 0x6, 0xa, 0xfffffffffffffffe]}, 0x0) select$auto(0x8, 0x0, 0x0, &(0x7f00000002c0)={[0x1fb, 0x7, 0x7ffffdfffffffffb, 0xc40, 0x4, 0x3, 0x3, 0x3, 0xffffffffffffffff, 0x3, 0x8000000000400000, 0x2, 0x6d3c, 0x1, 0x2, 0x8000000000000006]}, 0x0) socket(0x10, 0x2, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) socketpair$auto(0x6, 0x7, 0x800, 0x0) (async) bpf$auto(0x0, 0x0, 0xa3) 1.175294072s ago: executing program 0 (id=7201): clock_settime$auto(0x0, 0x0) adjtimex$auto(&(0x7f00000010c0)={0x3, 0x0, 0x2b4, 0x100000001, 0x6, 0x8, 0xffffffff, 0x0, 0x811, 0x3, 0x6, {0x2fa, 0x7}, 0x3, 0x4, 0x5, 0x1, 0x0, 0x26, 0x400000000, 0x7, 0x9, 0x8, 0x1}) write$auto(0xffffffffffffffff, 0x0, 0x3) syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000000080), 0xffffffffffffffff) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = creat$auto(&(0x7f0000000000)='./file0\x00', 0x800) r1 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000040), 0x80800, 0x0) close_range$auto(r0, r1, 0x2) socket(0x1e, 0x4, 0x0) socket(0x1e, 0x4, 0x0) read$auto(0xffffffffffffffff, 0x0, 0xe) setsockopt$auto(0xffffffffffffffff, 0xff, 0x1, 0x0, 0x1) ftruncate$auto(0xffffffffffffffff, 0xa0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0xa, 0x3b, 0xfffffffffffffffa, 0x3, 0x7, 0x6, 0x5, 0x9, 0x3, 0x6, 0x4, 0xb4, 0x6, 0x3, 0x10000, 0x80, 0x3, 0x0, 0x8000007, 0x2000, 0x200, 0x0, 0x40084, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x20, 0x0, 0x7f, 0xa, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000, 0x0, 0x0, 0x0, 0x0, 0xb8a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x80000001]}, 0x1fe, 0x200c) getpid() sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x8c0}, 0x8d9) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r2 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) r3 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x15c1, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r3, 0xfffffff7effffd06, &(0x7f00000001c0)) io_uring_setup$auto(0x2800, 0x0) socket(0x2, 0x5, 0x0) close_range$auto(0x2, 0xa, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x6ab82, 0x0) mmap$auto(0x40000000000000, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) io_uring_setup$auto(0x7, 0x0) 707.462844ms ago: executing program 2 (id=7202): socket(0xa, 0x80002, 0x73) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0xa, 0x5, 0x84) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) setsockopt$auto(r0, 0x10000000084, 0x23, 0x0, 0x8) close_range$auto(0x0, 0x5, 0x0) r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) getpgid(r1) prctl$auto_PR_SET_MM_START_BRK(0x9, 0x6, r1, 0x8, 0x2) pipe$auto(0x0) sysfs$auto(0x2, 0x10000000000002c, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x149942, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x1, 0x84) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) write$auto(0xca, 0x0, 0xff) 692.937204ms ago: executing program 0 (id=7203): r0 = openat$auto_nvmf_dev_fops_fabrics(0xffffffffffffff9c, &(0x7f0000001a00), 0x801, 0x0) write$auto_nvmf_dev_fops_fabrics(r0, 0x0, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram5\x00', 0x20000, 0x0) mmap$auto(0x0, 0x20009, 0x5, 0x40000000000eb1, 0x401, 0x8004) unshare$auto(0x40000080) modify_ldt$auto(0x1, 0x0, 0x10) modify_ldt$auto(0x807ff0000000000, 0x0, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card1\x00', 0x40100, 0x0) mmap$auto(0x2, 0x4, 0x4000df, 0x109b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/igmp\x00', 0x100, 0x0) pread64$auto(0xffffffffffffffff, 0x0, 0x40000000f42a, 0x80202) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0x0, 0x0) mmap$auto(0x9, 0x20009, 0x7, 0x13, 0x6, 0x80000001) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x40) io_uring_setup$auto(0xb, 0x0) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptysb\x00', 0x0, 0x0) ioctl$auto_TCSBRKP2(r3, 0x5425, 0x0) close_range$auto(0x2, 0xa, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS2\x00', 0x0, 0x0) ioctl$auto_TCFLSH2(r1, 0x5408, 0x0) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) read$auto(r2, 0x0, 0xfffffdef) read$auto(0x3, 0x0, 0x5) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) ioctl$auto(0x3, 0x402c542b, 0x38) ioctl$auto_TIOCSTI2(r1, 0x5412, 0x0) socket(0xa, 0x2, 0x0) setsockopt$auto(0x3, 0x1, 0x3c, 0x0, 0xd16) 496.161373ms ago: executing program 2 (id=7204): socket(0xa, 0x80002, 0x73) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0xa, 0x5, 0x84) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) setsockopt$auto(r0, 0x10000000084, 0x23, 0x0, 0x8) close_range$auto(0x0, 0x5, 0x0) r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) getpgid(r1) prctl$auto_PR_SET_MM_START_BRK(0x9, 0x6, r1, 0x8, 0x2) pipe$auto(0x0) sysfs$auto(0x2, 0x10000000000002c, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x149942, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x1, 0x84) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) write$auto(0xca, 0x0, 0xff) 252.388632ms ago: executing program 3 (id=7205): r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xe0180, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x80000002, 0x1d, 0x3000, 0xfffffff8, 0x7, 0x400a, 0xffffffffffffffff, [], {0x6, 0x9, 0x6, 0x29c, 0x1, 0x7f, 0x0, 0x7, 0x1}, {0x10100, 0x1, 0x52, 0x85, 0x2, 0x1a7b870a, 0x76c5, 0x8, 0x100000000}}) fsconfig$auto_SHMEM_HUGE_DENY(0xffffffffffffffff, 0x0, &(0x7f0000000140)='\\!:\x00', 0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0) r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x2, 0x0) close_range$auto(0x2, 0x8, 0xfdffffff) r2 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r2, 0xffffffffffdffe00, &(0x7f0000000140)) r3 = epoll_create$auto(0x8800001) pipe2$auto(0x0, 0x0) epoll_ctl$auto(r3, 0x1, r1, 0x0) pidfd_open$auto(0x1, 0x0) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/pcmC1D0c\x00', 0x20000, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) fanotify_init$auto(0x65, 0x2) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mprotect$auto(0x1ffffffff000, 0x100018, 0x4) msync$auto(0x110c230000, 0x200001, 0x6) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/bdi/43:288/max_bytes\x00', 0x82942, 0x0) 0s ago: executing program 2 (id=7206): r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) socket(0x28, 0x5, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001400c72da808bf9779d790fb28"], 0x2c}, 0x1, 0x0, 0x0, 0x4000014}, 0x400c000) r1 = socket(0x10, 0x2, 0x4) write$auto(r1, &(0x7f0000000000)='-\x00', 0x2fb) writev$auto(r0, &(0x7f00000003c0)={&(0x7f0000000000)="d4db366d2c3c236fcaf14ec7a292752b694179285340d97942c70abec0cfd5bd86c7c66245151f658ca15bc840dba457d43e186ae1a532f420dbe95cc5b6ad96f986475d4c240e0b0ac7a74798c80ce665d7dc0826ec06018c38097cd476ad382af8024bc1db0fdaedc92e7d2ccc0cca3faee5195b252c7d21854d990b72982da4fba44df083a6dd3a078833801d4f49aa8b2f7ae3847cede12341bfb36a3252c25b48390c71ff3e6f7b71a571c6dfcbba0307d40aa3e03f24c81ada8cf9889e4f7d53684cdd8c2b107966d3edc10fc26d053a930acd8e", 0xf9}, 0x3) kernel console output (not intermixed with test programs): snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1233.910783][T26390] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1233.947542][T26391] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1233.972835][ T1317] ieee802154 phy0 wpan0: encryption failed: -22 [ 1233.980140][ T1317] ieee802154 phy1 wpan1: encryption failed: -22 [ 1234.032597][T26384] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1234.458086][T26397] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1234.660708][T26402] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5948'. [ 1234.718311][T26402] ipvlan1: entered promiscuous mode [ 1234.739649][T26402] ipvlan1: entered allmulticast mode [ 1234.759523][T26402] veth0_vlan: entered allmulticast mode [ 1234.900385][T26408] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(384.8192.60), cmd(6) [ 1235.282658][T26414] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1235.579730][T26412] bond0: invalid ARP target specified [ 1235.616297][T26421] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1236.081325][ T29] audit: type=1800 audit(4294967310.566:61): pid=26426 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.5957" name="features" dev="configfs" ino=143759 res=0 errno=0 [ 1236.369052][T26432] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1236.424042][T26434] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1236.566324][T26440] FAULT_INJECTION: forcing a failure. [ 1236.566324][T26440] name failslab, interval 1, probability 0, space 0, times 0 [ 1236.649124][T26440] CPU: 0 UID: 0 PID: 26440 Comm: syz.0.5960 Tainted: G L syzkaller #0 PREEMPT(full) [ 1236.649162][T26440] Tainted: [L]=SOFTLOCKUP [ 1236.649169][T26440] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1236.649179][T26440] Call Trace: [ 1236.649186][T26440] [ 1236.649194][T26440] dump_stack_lvl+0x100/0x190 [ 1236.649221][T26440] should_fail_ex.cold+0x5/0xa [ 1236.649245][T26440] should_failslab+0xc2/0x120 [ 1236.649265][T26440] __kvmalloc_node_noprof+0xfa/0xa00 [ 1236.649282][T26440] ? io_alloc_cache_init+0x38/0x170 [ 1236.649305][T26440] ? lockdep_init_map_type+0x10/0x250 [ 1236.649325][T26440] io_alloc_cache_init+0x38/0x170 [ 1236.649351][T26440] io_uring_setup.cold+0x3eb/0x1c6e [ 1236.649378][T26440] ? __pfx_io_uring_setup+0x10/0x10 [ 1236.649399][T26440] ? do_futex+0x192/0x350 [ 1236.649416][T26440] ? __pfx_do_futex+0x10/0x10 [ 1236.649432][T26440] ? iput+0x3a/0x40 [ 1236.649461][T26440] ? xfd_validate_state+0x129/0x190 [ 1236.649484][T26440] __x64_sys_io_uring_setup+0xc2/0x170 [ 1236.649504][T26440] do_syscall_64+0x10b/0xf80 [ 1236.649518][T26440] ? clear_bhb_loop+0x40/0x90 [ 1236.649538][T26440] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1236.649553][T26440] RIP: 0033:0x7f945df9ce59 [ 1236.649569][T26440] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1236.649584][T26440] RSP: 002b:00007f945edea028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 1236.649600][T26440] RAX: ffffffffffffffda RBX: 00007f945e216090 RCX: 00007f945df9ce59 [ 1236.649611][T26440] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 1236.649620][T26440] RBP: 00007f945e032d6f R08: 0000000000000000 R09: 0000000000000000 [ 1236.649629][T26440] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1236.649639][T26440] R13: 00007f945e216128 R14: 00007f945e216090 R15: 00007ffd0b2cfe68 [ 1236.649661][T26440] [ 1237.034264][T26449] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(384.8192.60), cmd(6) [ 1238.054560][T26460] zswap: compressor not available [ 1238.167896][T26471] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1238.594692][T26477] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1238.790545][T26471] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1239.896373][T26483] zswap: compressor not available [ 1240.355698][T26497] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5974'. [ 1240.392137][T26500] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1240.460237][T26497] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(384.8192.60), cmd(6) [ 1240.809023][T26500] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1240.842804][T26509] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1241.108589][T26510] bond0: invalid ARP target specified [ 1241.443315][T26517] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1241.887250][T26523] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1241.959130][T26517] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1243.042593][T26535] zswap: compressor not available [ 1243.728734][T26551] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1244.027050][T26544] zswap: compressor not available [ 1244.240294][T26551] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1244.312661][T26560] bond0: invalid ARP target specified [ 1244.398774][T26565] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1244.679726][T26565] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1245.214073][T26581] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(384.8192.60), cmd(6) [ 1245.356223][T26578] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5996'. [ 1245.444901][T26576] zswap: compressor û not available [ 1245.498282][T26587] block2mtd: illegal erase size [ 1245.863958][T26604] netlink: 21 bytes leftover after parsing attributes in process `syz.3.6000'. [ 1246.605048][T26617] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1246.688518][T26620] device-mapper: ioctl: Unable to rename non-existent device, to „ [ 1246.749803][T26615] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1246.921803][T26617] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1247.296318][ T5786] usb usb40-port5: attempt power cycle [ 1247.468891][T26633] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1247.893979][ T5786] usb usb40-port5: unable to enumerate USB device [ 1248.655381][T26664] FAULT_INJECTION: forcing a failure. [ 1248.655381][T26664] name failslab, interval 1, probability 0, space 0, times 0 [ 1248.716480][T26664] CPU: 0 UID: 0 PID: 26664 Comm: syz.3.6016 Tainted: G L syzkaller #0 PREEMPT(full) [ 1248.716506][T26664] Tainted: [L]=SOFTLOCKUP [ 1248.716512][T26664] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1248.716522][T26664] Call Trace: [ 1248.716528][T26664] [ 1248.716535][T26664] dump_stack_lvl+0x100/0x190 [ 1248.716559][T26664] should_fail_ex.cold+0x5/0xa [ 1248.716580][T26664] ? kernfs_fop_write_iter+0x26a/0x5f0 [ 1248.716603][T26664] should_failslab+0xc2/0x120 [ 1248.716622][T26664] __kmalloc_noprof+0xe0/0x850 [ 1248.716641][T26664] kernfs_fop_write_iter+0x26a/0x5f0 [ 1248.716665][T26664] vfs_write+0x6ac/0x1070 [ 1248.716685][T26664] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 1248.716709][T26664] ? __pfx_vfs_write+0x10/0x10 [ 1248.716743][T26664] ksys_write+0x12a/0x250 [ 1248.716761][T26664] ? __pfx_ksys_write+0x10/0x10 [ 1248.716780][T26664] ? rcu_is_watching+0x12/0xc0 [ 1248.716802][T26664] do_syscall_64+0x10b/0xf80 [ 1248.716817][T26664] ? clear_bhb_loop+0x40/0x90 [ 1248.716837][T26664] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1248.716853][T26664] RIP: 0033:0x7f429299ce59 [ 1248.716867][T26664] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1248.716882][T26664] RSP: 002b:00007f4290bd5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1248.716898][T26664] RAX: ffffffffffffffda RBX: 00007f4292c16090 RCX: 00007f429299ce59 [ 1248.716908][T26664] RDX: 0000000000000005 RSI: 0000200000000200 RDI: 0000000000000003 [ 1248.716917][T26664] RBP: 00007f4290bd5090 R08: 0000000000000000 R09: 0000000000000000 [ 1248.716927][T26664] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1248.716936][T26664] R13: 00007f4292c16128 R14: 00007f4292c16090 R15: 00007ffcb0c4ff58 [ 1248.716956][T26664] [ 1249.112828][T26666] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1249.159357][T26666] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1250.022621][T26679] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1250.410188][T26672] zswap: compressor not available [ 1250.497743][T26694] device-mapper: ioctl: Unable to rename non-existent device, to „ [ 1250.742876][T26698] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(6.0.4), cmd(6) [ 1251.243217][T26718] netlink: 'syz.1.6029': attribute type 8 has an invalid length. [ 1252.198319][T26734] netlink: 21 bytes leftover after parsing attributes in process `syz.0.6032'. [ 1252.789690][T26736] zswap: compressor not available [ 1252.937665][T26749] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1253.615554][T26755] hub 1-0:1.0: USB hub found [ 1253.666728][T26755] hub 1-0:1.0: 1 port detected [ 1253.866900][T26769] bond0: invalid ARP target specified [ 1254.310894][T26768] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6041'. [ 1254.375461][T26781] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(6.0.4), cmd(6) [ 1254.496236][T26784] netlink: 21 bytes leftover after parsing attributes in process `syz.2.6045'. [ 1254.626438][T26787] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1254.727690][T26790] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1254.795542][T26794] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1254.850463][T26794] random: crng reseeded on system resumption [ 1254.977168][T26798] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1255.935436][T26807] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1256.350821][T26814] bond0: invalid ARP target specified [ 1256.404761][T26809] hub 1-0:1.0: USB hub found [ 1256.429950][T26809] hub 1-0:1.0: 1 port detected [ 1256.548603][T26824] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1256.570308][T26813] hub 1-0:1.0: USB hub found [ 1256.588327][T26813] hub 1-0:1.0: 1 port detected [ 1256.606781][T26824] device-mapper: ioctl: Unable to rename non-existent device, to „ [ 1257.250771][T26837] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(6.0.4), cmd(6) [ 1257.277496][T26833] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1258.145417][T26849] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1258.251596][T26833] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1258.409730][T21052] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1258.511539][T18734] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 1258.540291][T18734] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 1258.553641][T18734] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 1258.575755][T18734] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 1258.583498][T18734] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 1259.051797][T26860] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 1259.229602][T26868] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1259.274046][T21052] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1259.458963][T26870] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1259.960439][T21052] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1260.380493][T26894] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(5.0.65535), cmd(5) [ 1260.449389][T21052] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1260.690234][T18734] Bluetooth: hci2: command tx timeout [ 1261.095163][T26897] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 1261.182861][T26902] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.60), cmd(6) [ 1261.634322][T21052] bridge_slave_1: left allmulticast mode [ 1261.664969][T21052] bridge_slave_1: left promiscuous mode [ 1261.697558][T21052] bridge0: port 2(bridge_slave_1) entered disabled state [ 1261.776058][T21052] bridge_slave_0: left allmulticast mode [ 1261.808560][T21052] bridge_slave_0: left promiscuous mode [ 1261.836581][T21052] bridge0: port 1(bridge_slave_0) entered disabled state [ 1261.945290][T26909] FAULT_INJECTION: forcing a failure. [ 1261.945290][T26909] name failslab, interval 1, probability 0, space 0, times 0 [ 1262.014595][T26909] CPU: 0 UID: 0 PID: 26909 Comm: syz.2.6079 Tainted: G L syzkaller #0 PREEMPT(full) [ 1262.014628][T26909] Tainted: [L]=SOFTLOCKUP [ 1262.014634][T26909] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1262.014646][T26909] Call Trace: [ 1262.014653][T26909] [ 1262.014661][T26909] dump_stack_lvl+0x100/0x190 [ 1262.014688][T26909] should_fail_ex.cold+0x5/0xa [ 1262.014716][T26909] should_failslab+0xc2/0x120 [ 1262.014738][T26909] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1262.014764][T26909] ? mas_preallocate+0x1105/0x14a0 [ 1262.014788][T26909] mas_preallocate+0x1105/0x14a0 [ 1262.014813][T26909] ? __pfx_mas_preallocate+0x10/0x10 [ 1262.014838][T26909] ? anon_vma_name+0x5a/0x250 [ 1262.014864][T26909] __split_vma+0x33d/0xd90 [ 1262.014898][T26909] ? __pfx___split_vma+0x10/0x10 [ 1262.014933][T26909] vma_modify+0x12ad/0x25c0 [ 1262.014959][T26909] ? find_vma+0x71/0x140 [ 1262.014982][T26909] ? __pfx_vma_modify+0x10/0x10 [ 1262.015003][T26909] ? queue_pages_test_walk+0x258/0x420 [ 1262.015022][T26909] ? __pfx_find_vma+0x10/0x10 [ 1262.015038][T26909] ? __pfx_queue_pages_test_walk+0x10/0x10 [ 1262.015059][T26909] ? walk_page_test+0x78/0x180 [ 1262.015081][T26909] vma_modify_policy+0x238/0x300 [ 1262.015106][T26909] ? __pfx_vma_modify_policy+0x10/0x10 [ 1262.015141][T26909] ? mas_walk+0x6ef/0x9b0 [ 1262.015165][T26909] mbind_range+0x175/0x550 [ 1262.015188][T26909] do_mbind+0x7dc/0xfd0 [ 1262.015214][T26909] ? __pfx_do_mbind+0x10/0x10 [ 1262.015234][T26909] ? ksys_write+0x190/0x250 [ 1262.015261][T26909] ? __pfx_get_nodes+0x10/0x10 [ 1262.015282][T26909] kernel_mbind+0x1b7/0x200 [ 1262.015304][T26909] ? __pfx_kernel_mbind+0x10/0x10 [ 1262.015326][T26909] ? rcu_is_watching+0x12/0xc0 [ 1262.015357][T26909] do_syscall_64+0x10b/0xf80 [ 1262.015372][T26909] ? clear_bhb_loop+0x40/0x90 [ 1262.015394][T26909] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1262.015412][T26909] RIP: 0033:0x7f3d9299ce59 [ 1262.015428][T26909] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1262.015443][T26909] RSP: 002b:00007f3d93802028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed [ 1262.015460][T26909] RAX: ffffffffffffffda RBX: 00007f3d92c15fa0 RCX: 00007f3d9299ce59 [ 1262.015472][T26909] RDX: 0000000000000004 RSI: 00000000002091d2 RDI: 0000000000000000 [ 1262.015481][T26909] RBP: 00007f3d92a32d6f R08: 0000002000000006 R09: 0000000000000002 [ 1262.015491][T26909] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1262.015502][T26909] R13: 00007f3d92c16038 R14: 00007f3d92c15fa0 R15: 00007fff70310218 [ 1262.015523][T26909] [ 1262.791094][T18734] Bluetooth: hci2: command tx timeout [ 1264.052766][T21052] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1264.077606][T21052] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1264.097414][T21052] bond0 (unregistering): Released all slaves [ 1264.275168][ T5291] 8021q: adding VLAN 0 to HW filter on device eth1 [ 1264.645736][T26938] hub 1-0:1.0: USB hub found [ 1264.650586][T26938] hub 1-0:1.0: 1 port detected [ 1264.831974][T18734] Bluetooth: hci2: command tx timeout [ 1265.615055][T21052] hsr_slave_0: left promiscuous mode [ 1265.650297][T21052] hsr_slave_1: left promiscuous mode [ 1265.676854][T21052] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1265.718072][T21052] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1265.775776][T21052] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1265.818815][T21052] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1265.892097][T21052] veth1_macvtap: left promiscuous mode [ 1265.921019][T21052] veth1_vlan: left promiscuous mode [ 1265.955314][T21052] veth0_vlan: left promiscuous mode [ 1266.072985][T26975] device-mapper: ioctl: Unable to rename non-existent device, to „ [ 1266.373116][T26978] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1266.859602][T21052] team0 (unregistering): Port device team_slave_1 removed [ 1266.894460][T18734] Bluetooth: hci2: command tx timeout [ 1266.921686][T21052] team0 (unregistering): Port device team_slave_0 removed [ 1267.104076][T26984] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 1267.177304][T26984] smpboot: CPU 1 is now offline [ 1267.336910][ T5291] 8021q: adding VLAN 0 to HW filter on device eth2 [ 1267.415087][T26851] bridge0: port 1(bridge_slave_0) entered blocking state [ 1267.452782][T26851] bridge0: port 1(bridge_slave_0) entered disabled state [ 1267.481705][T26851] bridge_slave_0: entered allmulticast mode [ 1267.521928][T26851] bridge_slave_0: entered promiscuous mode [ 1267.613402][T26851] bridge0: port 2(bridge_slave_1) entered blocking state [ 1267.665427][T26851] bridge0: port 2(bridge_slave_1) entered disabled state [ 1267.701375][T26851] bridge_slave_1: entered allmulticast mode [ 1267.719875][T26851] bridge_slave_1: entered promiscuous mode [ 1267.935825][T26851] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1268.196732][T26851] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1268.219748][T26988] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1268.602053][T26851] team0: Port device team_slave_0 added [ 1268.677252][T26851] team0: Port device team_slave_1 added [ 1268.889281][T26851] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1268.964832][T26851] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1269.164255][T26851] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1269.246047][T26851] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1269.288328][T26851] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1269.381851][T27001] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 1269.425226][T26851] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1269.534813][T27009] smpboot: CPU 1 is now offline [ 1269.651496][ T5291] 8021q: adding VLAN 0 to HW filter on device eth3 [ 1269.786928][T26851] hsr_slave_0: entered promiscuous mode [ 1269.812876][T26851] hsr_slave_1: entered promiscuous mode [ 1269.836353][T26851] debugfs: 'hsr0' already exists in 'hsr' [ 1269.858816][T26851] Cannot create hsr debugfs directory [ 1270.817578][T27030] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(384.8192.60), cmd(6) [ 1271.698406][T27040] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 1271.838277][T27040] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 1272.019272][T27044] smpboot: CPU 1 is now offline [ 1272.058618][T27044] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 1273.039232][T27058] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1273.213488][T27058] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1273.532871][T27070] netlink: 21 bytes leftover after parsing attributes in process `syz.0.6101'. [ 1274.155201][T27086] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 1274.307729][T27086] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 1274.577702][T27089] smpboot: CPU 1 is now offline [ 1274.656115][T27089] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 1275.752171][T26851] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 1275.791976][T26851] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 1275.828580][T26851] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 1275.907924][T26851] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 1275.956391][T26851] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 1276.013101][T26851] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 1276.062609][T26851] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1276.134263][T26851] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 1276.213390][T27128] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(384.8192.60), cmd(6) [ 1276.612135][T26851] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1276.697002][T26851] 8021q: adding VLAN 0 to HW filter on device team0 [ 1276.773345][T21066] bridge0: port 1(bridge_slave_0) entered blocking state [ 1276.780624][T21066] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1276.941732][T21066] bridge0: port 2(bridge_slave_1) entered blocking state [ 1276.949007][T21066] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1276.967748][T27146] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1277.053837][T27146] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1278.376195][T27180] netlink: zone id is out of range [ 1278.411666][T27180] netlink: zone id is out of range [ 1278.444333][T27180] netlink: zone id is out of range [ 1278.506018][T27180] netlink: zone id is out of range [ 1278.553376][T27180] netlink: zone id is out of range [ 1278.600495][T27180] netlink: zone id is out of range [ 1278.640932][T27180] netlink: zone id is out of range [ 1278.718241][T27180] netlink: zone id is out of range [ 1278.812461][T27180] netlink: zone id is out of range [ 1278.877034][T27180] netlink: zone id is out of range [ 1279.281005][T27193] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 1279.539560][T27206] smpboot: CPU 1 is now offline [ 1279.670289][T26851] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1279.710441][T27211] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 1279.822364][T27211] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 1280.076690][T27214] smpboot: CPU 1 is now offline [ 1280.175043][T27214] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 1280.532329][T27224] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1280.827797][T26851] veth0_vlan: entered promiscuous mode [ 1280.883096][T26851] veth1_vlan: entered promiscuous mode [ 1281.015670][T26851] veth0_macvtap: entered promiscuous mode [ 1281.024668][T27229] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1281.077967][T26851] veth1_macvtap: entered promiscuous mode [ 1281.144642][T26851] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1281.171543][T26851] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1281.197136][T27229] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1281.209982][T21066] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1281.237489][T21066] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1281.272394][T21066] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1281.319477][T21066] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1281.640061][T21046] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1281.705676][T21046] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1281.888996][T21062] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1281.924250][T21062] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1282.378809][T27248] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 1282.552751][T27258] FAULT_INJECTION: forcing a failure. [ 1282.552751][T27258] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1282.651646][T27258] CPU: 0 UID: 0 PID: 27258 Comm: syz.2.6130 Tainted: G L syzkaller #0 PREEMPT(full) [ 1282.651676][T27258] Tainted: [L]=SOFTLOCKUP [ 1282.651681][T27258] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1282.651691][T27258] Call Trace: [ 1282.651697][T27258] [ 1282.651704][T27258] dump_stack_lvl+0x100/0x190 [ 1282.651731][T27258] should_fail_ex.cold+0x5/0xa [ 1282.651753][T27258] _copy_from_iter+0x1f4/0x1690 [ 1282.651773][T27258] ? __asan_memset+0x23/0x50 [ 1282.651798][T27258] ? __pfx__copy_from_iter+0x10/0x10 [ 1282.651814][T27258] ? __pfx___alloc_skb+0x10/0x10 [ 1282.651840][T27258] netlink_sendmsg+0x808/0xda0 [ 1282.651868][T27258] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1282.651890][T27258] ? __import_iovec+0x1d2/0x640 [ 1282.651908][T27258] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 1282.651937][T27258] ____sys_sendmsg+0x9e1/0xb70 [ 1282.651963][T27258] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1282.651988][T27258] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1282.652018][T27258] ___sys_sendmsg+0x190/0x1e0 [ 1282.652043][T27258] ? __pfx____sys_sendmsg+0x10/0x10 [ 1282.652088][T27258] __sys_sendmsg+0x170/0x220 [ 1282.652108][T27258] ? __pfx___sys_sendmsg+0x10/0x10 [ 1282.652134][T27258] ? rcu_is_watching+0x12/0xc0 [ 1282.652156][T27258] do_syscall_64+0x10b/0xf80 [ 1282.652170][T27258] ? clear_bhb_loop+0x40/0x90 [ 1282.652195][T27258] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1282.652211][T27258] RIP: 0033:0x7f3d9299ce59 [ 1282.652226][T27258] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1282.652241][T27258] RSP: 002b:00007f3d93802028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1282.652257][T27258] RAX: ffffffffffffffda RBX: 00007f3d92c15fa0 RCX: 00007f3d9299ce59 [ 1282.652268][T27258] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000003 [ 1282.652278][T27258] RBP: 00007f3d93802090 R08: 0000000000000000 R09: 0000000000000000 [ 1282.652287][T27258] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1282.652296][T27258] R13: 00007f3d92c16038 R14: 00007f3d92c15fa0 R15: 00007fff70310218 [ 1282.652315][T27258] [ 1282.924905][T27262] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1282.997807][T27262] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1283.053551][T27265] MTRR 1 not used [ 1283.386032][T27267] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6131'. [ 1283.427044][T27270] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1284.054472][T27275] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(5) [ 1284.155053][T27272] netlink: 16 bytes leftover after parsing attributes in process `syz.2.6135'. [ 1284.703316][T27296] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(384.8192.60), cmd(6) [ 1284.718915][T27287] device-mapper: ioctl: Unable to rename non-existent device, to „ [ 1285.109636][T27305] ubi0: attaching mtd0 [ 1285.139308][T27304] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 1285.193945][T27305] ubi0: scanning is finished [ 1285.484294][T27305] ubi0 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt0d", error -4 [ 1286.731361][T27321] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(5) [ 1286.771895][T27321] netlink: 16 bytes leftover after parsing attributes in process `syz.0.6146'. [ 1287.162171][T27330] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1287.455973][T27330] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1287.558979][T27343] FAULT_INJECTION: forcing a failure. [ 1287.558979][T27343] name failslab, interval 1, probability 0, space 0, times 0 [ 1287.621306][T27343] CPU: 0 UID: 0 PID: 27343 Comm: syz.2.6152 Tainted: G L syzkaller #0 PREEMPT(full) [ 1287.621336][T27343] Tainted: [L]=SOFTLOCKUP [ 1287.621342][T27343] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1287.621352][T27343] Call Trace: [ 1287.621358][T27343] [ 1287.621366][T27343] dump_stack_lvl+0x100/0x190 [ 1287.621391][T27343] should_fail_ex.cold+0x5/0xa [ 1287.621412][T27343] ? kernfs_fop_write_iter+0x26a/0x5f0 [ 1287.621434][T27343] should_failslab+0xc2/0x120 [ 1287.621453][T27343] __kmalloc_noprof+0xe0/0x850 [ 1287.621468][T27343] ? __pfx_aa_file_perm+0x10/0x10 [ 1287.621494][T27343] kernfs_fop_write_iter+0x26a/0x5f0 [ 1287.621519][T27343] do_iter_readv_writev+0x6ee/0x920 [ 1287.621538][T27343] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 1287.621564][T27343] vfs_writev+0x360/0xe10 [ 1287.621582][T27343] ? trace_contention_end+0x122/0x170 [ 1287.621602][T27343] ? __pfx_vfs_writev+0x10/0x10 [ 1287.621620][T27343] ? find_held_lock+0x2b/0x80 [ 1287.621639][T27343] ? ksys_write+0x190/0x250 [ 1287.621675][T27343] ? __fget_files+0x21f/0x3d0 [ 1287.621699][T27343] ? do_writev+0x13e/0x340 [ 1287.621714][T27343] do_writev+0x13e/0x340 [ 1287.621731][T27343] ? __pfx_do_writev+0x10/0x10 [ 1287.621749][T27343] ? rcu_is_watching+0x12/0xc0 [ 1287.621771][T27343] do_syscall_64+0x10b/0xf80 [ 1287.621786][T27343] ? clear_bhb_loop+0x40/0x90 [ 1287.621805][T27343] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1287.621821][T27343] RIP: 0033:0x7f3d9299ce59 [ 1287.621835][T27343] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1287.621850][T27343] RSP: 002b:00007f3d93802028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 1287.621866][T27343] RAX: ffffffffffffffda RBX: 00007f3d92c15fa0 RCX: 00007f3d9299ce59 [ 1287.621877][T27343] RDX: 0000000000000008 RSI: 0000200000000100 RDI: 0000000000000003 [ 1287.621886][T27343] RBP: 00007f3d93802090 R08: 0000000000000000 R09: 0000000000000000 [ 1287.621895][T27343] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1287.621907][T27343] R13: 00007f3d92c16038 R14: 00007f3d92c15fa0 R15: 00007fff70310218 [ 1287.621927][T27343] [ 1288.334803][T27355] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1288.529669][T27360] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 1288.635206][T27360] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 1288.822964][T27362] smpboot: CPU 1 is now offline [ 1288.879190][T27362] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 1288.947666][T27355] bond0: invalid ARP target specified [ 1290.159849][T27374] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(5) [ 1290.177276][T27358] kexec: Could not allocate control_code_buffer [ 1290.239646][T27374] netlink: 16 bytes leftover after parsing attributes in process `syz.1.6158'. [ 1290.582217][T27387] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1291.048461][T27387] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1291.210733][T27405] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1291.458051][T27405] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1291.782603][T27420] FAULT_INJECTION: forcing a failure. [ 1291.782603][T27420] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1291.842776][T27420] CPU: 0 UID: 0 PID: 27420 Comm: syz.3.6171 Tainted: G L syzkaller #0 PREEMPT(full) [ 1291.842805][T27420] Tainted: [L]=SOFTLOCKUP [ 1291.842811][T27420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1291.842820][T27420] Call Trace: [ 1291.842826][T27420] [ 1291.842833][T27420] dump_stack_lvl+0x100/0x190 [ 1291.842859][T27420] should_fail_ex.cold+0x5/0xa [ 1291.842879][T27420] _copy_from_iter+0x43a/0x1690 [ 1291.842902][T27420] ? __pfx__copy_from_iter+0x10/0x10 [ 1291.842918][T27420] ? rcu_is_watching+0x12/0xc0 [ 1291.842939][T27420] ? trace_kmalloc+0xe3/0x110 [ 1291.842958][T27420] ? __kasan_kmalloc+0xaa/0xb0 [ 1291.842975][T27420] ? __kmalloc_noprof+0x320/0x850 [ 1291.842996][T27420] kernfs_fop_write_iter+0x186/0x5f0 [ 1291.843022][T27420] do_iter_readv_writev+0x6ee/0x920 [ 1291.843042][T27420] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 1291.843067][T27420] vfs_writev+0x360/0xe10 [ 1291.843085][T27420] ? trace_contention_end+0x122/0x170 [ 1291.843105][T27420] ? __pfx_vfs_writev+0x10/0x10 [ 1291.843122][T27420] ? find_held_lock+0x2b/0x80 [ 1291.843142][T27420] ? ksys_write+0x190/0x250 [ 1291.843169][T27420] ? __fget_files+0x21f/0x3d0 [ 1291.843194][T27420] ? do_writev+0x13e/0x340 [ 1291.843209][T27420] do_writev+0x13e/0x340 [ 1291.843226][T27420] ? __pfx_do_writev+0x10/0x10 [ 1291.843243][T27420] ? rcu_is_watching+0x12/0xc0 [ 1291.843263][T27420] do_syscall_64+0x10b/0xf80 [ 1291.843285][T27420] ? clear_bhb_loop+0x40/0x90 [ 1291.843304][T27420] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1291.843320][T27420] RIP: 0033:0x7f429299ce59 [ 1291.843334][T27420] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1291.843349][T27420] RSP: 002b:00007f4290bd5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 1291.843366][T27420] RAX: ffffffffffffffda RBX: 00007f4292c16090 RCX: 00007f429299ce59 [ 1291.843376][T27420] RDX: 0000000000000008 RSI: 0000200000000100 RDI: 0000000000000003 [ 1291.843385][T27420] RBP: 00007f4290bd5090 R08: 0000000000000000 R09: 0000000000000000 [ 1291.843395][T27420] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1291.843404][T27420] R13: 00007f4292c16128 R14: 00007f4292c16090 R15: 00007ffcb0c4ff58 [ 1291.843424][T27420] [ 1292.869522][T27432] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1293.049853][T27434] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1293.086235][T27432] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1293.207032][T27423] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 1293.282239][T27423] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 1293.460114][T27424] smpboot: CPU 1 is now offline [ 1293.495365][T27424] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 1293.697903][T27434] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1294.334225][T27422] kexec: Could not allocate control_code_buffer [ 1294.381122][T27451] MTRR 1 not used [ 1294.502729][T27453] bond0: invalid ARP target specified [ 1294.825265][T27459] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1295.056836][ T1317] ieee802154 phy0 wpan0: encryption failed: -22 [ 1295.064558][ T1317] ieee802154 phy1 wpan1: encryption failed: -22 [ 1295.239647][T27467] vivid-008: ================= START STATUS ================= [ 1295.278541][T27467] vivid-008: ================== END STATUS ================== [ 1299.449044][T27522] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 1299.660134][T27522] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 1300.070302][T27524] smpboot: CPU 1 is now offline [ 1300.181944][T27524] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 1300.595011][T27533] netlink: 16 bytes leftover after parsing attributes in process `syz.3.6195'. [ 1300.967255][T27538] FAULT_INJECTION: forcing a failure. [ 1300.967255][T27538] name failslab, interval 1, probability 0, space 0, times 0 [ 1301.055206][T27538] CPU: 0 UID: 0 PID: 27538 Comm: syz.2.6196 Tainted: G L syzkaller #0 PREEMPT(full) [ 1301.055238][T27538] Tainted: [L]=SOFTLOCKUP [ 1301.055244][T27538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1301.055256][T27538] Call Trace: [ 1301.055264][T27538] [ 1301.055272][T27538] dump_stack_lvl+0x100/0x190 [ 1301.055299][T27538] should_fail_ex.cold+0x5/0xa [ 1301.055323][T27538] should_failslab+0xc2/0x120 [ 1301.055342][T27538] __kmalloc_cache_node_noprof+0x7d/0x770 [ 1301.055368][T27538] ? __alloc_workqueue+0xf57/0x1980 [ 1301.055392][T27538] ? lockdep_init_map_type+0x5c/0x250 [ 1301.055413][T27538] __alloc_workqueue+0xf57/0x1980 [ 1301.055443][T27538] alloc_workqueue_noprof+0xc7/0x130 [ 1301.055466][T27538] ? __pfx_alloc_workqueue_noprof+0x10/0x10 [ 1301.055492][T27538] ? __pfx___debug_object_init+0x10/0x10 [ 1301.055513][T27538] nci_register_device+0x511/0xb80 [ 1301.055536][T27538] ? __pfx_nci_register_device+0x10/0x10 [ 1301.055559][T27538] ? lockdep_init_map_type+0x5c/0x250 [ 1301.055579][T27538] virtual_ncidev_open+0x141/0x220 [ 1301.055597][T27538] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 1301.055612][T27538] misc_open+0x26d/0x450 [ 1301.055635][T27538] ? __pfx_misc_open+0x10/0x10 [ 1301.055655][T27538] chrdev_open+0x234/0x6a0 [ 1301.055675][T27538] ? __pfx_apparmor_file_open+0x10/0x10 [ 1301.055691][T27538] ? __pfx_chrdev_open+0x10/0x10 [ 1301.055711][T27538] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 1301.055736][T27538] do_dentry_open+0x6d8/0x1660 [ 1301.055754][T27538] ? __pfx_chrdev_open+0x10/0x10 [ 1301.055779][T27538] vfs_open+0x82/0x3f0 [ 1301.055803][T27538] path_openat+0x208c/0x31a0 [ 1301.055829][T27538] ? __pfx_path_openat+0x10/0x10 [ 1301.055855][T27538] do_file_open+0x20e/0x430 [ 1301.055875][T27538] ? __pfx_do_file_open+0x10/0x10 [ 1301.055918][T27538] ? alloc_fd+0x476/0x790 [ 1301.055939][T27538] ? do_getname+0x191/0x390 [ 1301.055963][T27538] do_sys_openat2+0x10d/0x1e0 [ 1301.055989][T27538] ? __pfx_do_sys_openat2+0x10/0x10 [ 1301.056013][T27538] ? find_held_lock+0x2b/0x80 [ 1301.056037][T27538] __x64_sys_openat+0x12d/0x210 [ 1301.056061][T27538] ? __pfx___x64_sys_openat+0x10/0x10 [ 1301.056088][T27538] ? rcu_is_watching+0x12/0xc0 [ 1301.056109][T27538] do_syscall_64+0x10b/0xf80 [ 1301.056124][T27538] ? clear_bhb_loop+0x40/0x90 [ 1301.056146][T27538] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1301.056164][T27538] RIP: 0033:0x7f3d9299ce59 [ 1301.056179][T27538] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1301.056195][T27538] RSP: 002b:00007f3d93802028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1301.056211][T27538] RAX: ffffffffffffffda RBX: 00007f3d92c15fa0 RCX: 00007f3d9299ce59 [ 1301.056225][T27538] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 1301.056236][T27538] RBP: 00007f3d92a32d6f R08: 0000000000000000 R09: 0000000000000000 [ 1301.056245][T27538] R10: 000000000000003e R11: 0000000000000246 R12: 0000000000000000 [ 1301.056255][T27538] R13: 00007f3d92c16038 R14: 00007f3d92c15fa0 R15: 00007fff70310218 [ 1301.056277][T27538] [ 1301.370883][T27514] kexec: Could not allocate control_code_buffer [ 1302.023609][T27551] random: crng reseeded on system resumption [ 1302.040990][T27548] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 1302.076112][T27548] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 1302.360787][T27539] smpboot: CPU 1 is now offline [ 1302.419388][T27539] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 1302.513626][T27533] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1303.096023][T27562] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1303.516655][T27562] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1303.907632][T27575] FAULT_INJECTION: forcing a failure. [ 1303.907632][T27575] name failslab, interval 1, probability 0, space 0, times 0 [ 1303.967810][T27575] CPU: 0 UID: 0 PID: 27575 Comm: syz.3.6208 Tainted: G L syzkaller #0 PREEMPT(full) [ 1303.967843][T27575] Tainted: [L]=SOFTLOCKUP [ 1303.967849][T27575] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1303.967861][T27575] Call Trace: [ 1303.967868][T27575] [ 1303.967877][T27575] dump_stack_lvl+0x100/0x190 [ 1303.967904][T27575] should_fail_ex.cold+0x5/0xa [ 1303.967927][T27575] should_failslab+0xc2/0x120 [ 1303.967950][T27575] __kmalloc_cache_node_noprof+0x7d/0x770 [ 1303.967969][T27575] ? __alloc_workqueue+0x711/0x1980 [ 1303.967993][T27575] ? lockdep_init_map_type+0x5c/0x250 [ 1303.968013][T27575] __alloc_workqueue+0x711/0x1980 [ 1303.968051][T27575] alloc_workqueue_noprof+0xc7/0x130 [ 1303.968075][T27575] ? __pfx_alloc_workqueue_noprof+0x10/0x10 [ 1303.968104][T27575] ? __pfx___debug_object_init+0x10/0x10 [ 1303.968127][T27575] nci_register_device+0x511/0xb80 [ 1303.968149][T27575] ? __pfx_nci_register_device+0x10/0x10 [ 1303.968171][T27575] ? lockdep_init_map_type+0x5c/0x250 [ 1303.968190][T27575] virtual_ncidev_open+0x141/0x220 [ 1303.968207][T27575] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 1303.968222][T27575] misc_open+0x26d/0x450 [ 1303.968243][T27575] ? __pfx_misc_open+0x10/0x10 [ 1303.968264][T27575] chrdev_open+0x234/0x6a0 [ 1303.968285][T27575] ? __pfx_apparmor_file_open+0x10/0x10 [ 1303.968302][T27575] ? __pfx_chrdev_open+0x10/0x10 [ 1303.968322][T27575] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 1303.968346][T27575] do_dentry_open+0x6d8/0x1660 [ 1303.968365][T27575] ? __pfx_chrdev_open+0x10/0x10 [ 1303.968388][T27575] vfs_open+0x82/0x3f0 [ 1303.968412][T27575] path_openat+0x208c/0x31a0 [ 1303.968439][T27575] ? __pfx_path_openat+0x10/0x10 [ 1303.968465][T27575] do_file_open+0x20e/0x430 [ 1303.968485][T27575] ? __pfx_do_file_open+0x10/0x10 [ 1303.968518][T27575] ? alloc_fd+0x476/0x790 [ 1303.968540][T27575] ? do_getname+0x191/0x390 [ 1303.968563][T27575] do_sys_openat2+0x10d/0x1e0 [ 1303.968586][T27575] ? __pfx_do_sys_openat2+0x10/0x10 [ 1303.968610][T27575] ? find_held_lock+0x2b/0x80 [ 1303.968634][T27575] __x64_sys_openat+0x12d/0x210 [ 1303.968658][T27575] ? __pfx___x64_sys_openat+0x10/0x10 [ 1303.968688][T27575] ? rcu_is_watching+0x12/0xc0 [ 1303.968712][T27575] do_syscall_64+0x10b/0xf80 [ 1303.968729][T27575] ? clear_bhb_loop+0x40/0x90 [ 1303.968748][T27575] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1303.968765][T27575] RIP: 0033:0x7f429299ce59 [ 1303.968780][T27575] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1303.968795][T27575] RSP: 002b:00007f4290bf6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1303.968812][T27575] RAX: ffffffffffffffda RBX: 00007f4292c15fa0 RCX: 00007f429299ce59 [ 1303.968822][T27575] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 1303.968835][T27575] RBP: 00007f4292a32d6f R08: 0000000000000000 R09: 0000000000000000 [ 1303.968845][T27575] R10: 000000000000003e R11: 0000000000000246 R12: 0000000000000000 [ 1303.968855][T27575] R13: 00007f4292c16038 R14: 00007f4292c15fa0 R15: 00007ffcb0c4ff58 [ 1303.968875][T27575] syzkaller syzkaller login: [ 1305.098733][T27581] sg_write: data in/out 262108/140 bytes for SCSI command 0x61-- guessing data in; [ 1305.098733][T27581] program syz.2.6205 not setting count and/or reply_len properly [ 1305.811533][T27579] random: crng reseeded on system resumption [ 1306.215133][T27597] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1307.014504][T27597] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1308.003058][T27625] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1308.040437][T27626] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 1308.166155][T27626] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 1308.328049][T27629] smpboot: CPU 1 is now offline syzkaller syzkaller login: [ 1308.399793][T27629] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 1308.440284][T27625] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1309.861042][T27649] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1310.000498][T27651] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 1310.101739][T27649] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1310.124819][T27654] FAULT_INJECTION: forcing a failure. [ 1310.124819][T27654] name failslab, interval 1, probability 0, space 0, times 0 [ 1310.163234][T27651] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 1310.179711][T27654] CPU: 0 UID: 0 PID: 27654 Comm: syz.2.6228 Tainted: G L syzkaller #0 PREEMPT(full) [ 1310.179741][T27654] Tainted: [L]=SOFTLOCKUP [ 1310.179747][T27654] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1310.179762][T27654] Call Trace: [ 1310.179768][T27654] [ 1310.179775][T27654] dump_stack_lvl+0x100/0x190 [ 1310.179802][T27654] should_fail_ex.cold+0x5/0xa [ 1310.179826][T27654] should_failslab+0xc2/0x120 [ 1310.179844][T27654] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 1310.179873][T27654] ? sock_alloc_inode+0x26/0x290 [ 1310.179894][T27654] ? copy_net_ns+0x46f/0x7c0 [ 1310.179914][T27654] ? unshare_nsproxy_namespaces+0xf2/0x220 [ 1310.179936][T27654] ? ksys_unshare+0x438/0xab0 [ 1310.179961][T27654] ? __pfx_sock_alloc_inode+0x10/0x10 [ 1310.179983][T27654] sock_alloc_inode+0x26/0x290 [ 1310.180004][T27654] ? __pfx_sock_alloc_inode+0x10/0x10 [ 1310.180027][T27654] alloc_inode+0x68/0x250 [ 1310.180051][T27654] sock_alloc+0x44/0x280 [ 1310.180069][T27654] ? security_socket_create+0x7f/0x250 [ 1310.180094][T27654] sock_create_lite+0x82/0x120 [ 1310.180116][T27654] __netlink_kernel_create+0xbd/0x750 [ 1310.180143][T27654] ? __lock_acquire+0x4a5/0x2630 [ 1310.180159][T27654] ? __pfx___netlink_kernel_create+0x10/0x10 [ 1310.180191][T27654] rtnetlink_net_init+0xb9/0x140 [ 1310.180213][T27654] ? __pfx_rtnetlink_net_init+0x10/0x10 [ 1310.180231][T27654] ? lockdep_init_map_type+0x5c/0x250 [ 1310.180246][T27654] ? __pfx_rtnetlink_rcv+0x10/0x10 [ 1310.180261][T27654] ? __pfx_rtnetlink_bind+0x10/0x10 [ 1310.180279][T27654] ? mutex_init_lockdep+0xf1/0x120 [ 1310.180298][T27654] ? __pfx_rtnetlink_net_init+0x10/0x10 [ 1310.180314][T27654] ops_init+0x1e2/0x5f0 [ 1310.180338][T27654] setup_net+0x118/0x3a0 [ 1310.180358][T27654] ? __pfx_setup_net+0x10/0x10 [ 1310.180377][T27654] ? mutex_init_lockdep+0xf1/0x120 [ 1310.180397][T27654] copy_net_ns+0x46f/0x7c0 [ 1310.180422][T27654] create_new_namespaces+0x3ea/0xac0 [ 1310.180446][T27654] unshare_nsproxy_namespaces+0xf2/0x220 [ 1310.180469][T27654] ksys_unshare+0x438/0xab0 [ 1310.180493][T27654] ? __pfx_ksys_unshare+0x10/0x10 [ 1310.180513][T27654] ? xfd_validate_state+0x129/0x190 [ 1310.180536][T27654] __x64_sys_unshare+0x31/0x40 [ 1310.180558][T27654] do_syscall_64+0x10b/0xf80 [ 1310.180573][T27654] ? clear_bhb_loop+0x40/0x90 [ 1310.180594][T27654] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1310.180612][T27654] RIP: 0033:0x7f3d9299ce59 [ 1310.180628][T27654] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1310.180645][T27654] RSP: 002b:00007f3d93802028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1310.180669][T27654] RAX: ffffffffffffffda RBX: 00007f3d92c15fa0 RCX: 00007f3d9299ce59 [ 1310.180680][T27654] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1310.180690][T27654] RBP: 00007f3d92a32d6f R08: 0000000000000000 R09: 0000000000000000 [ 1310.180702][T27654] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1310.180713][T27654] R13: 00007f3d92c16038 R14: 00007f3d92c15fa0 R15: 00007fff70310218 [ 1310.180734][T27654] syzkaller syzkaller login: [ 1311.262719][T27655] smpboot: CPU 1 is now offline [ 1311.516197][T27668] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1311.911146][T27678] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 1311.931729][T27677] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1312.004282][T27678] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 1312.209190][T27680] smpboot: CPU 1 is now offline [ 1312.264987][T27680] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 1312.284060][T27677] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1312.740908][T27688] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1313.036253][T27688] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1313.631283][T27698] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1313.717440][T27701] netlink: 5574 bytes leftover after parsing attributes in process `syz.1.6240'. [ 1313.828802][T27704] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1314.003417][T27697] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1314.196569][T27706] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1314.449208][T27697] bond0: invalid ARP target specified [ 1314.710411][T27714] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1316.019952][T27751] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1316.604026][T27751] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1316.738853][T27757] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1317.170742][T27765] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 1317.290185][T27765] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 1317.537121][T27766] smpboot: CPU 1 is now offline [ 1317.635212][T27766] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 1317.789572][T27771] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1318.229237][T27778] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6256'. [ 1318.418954][T27772] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 1318.671396][T27782] smpboot: CPU 1 is now offline [ 1318.988538][T27785] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1319.907796][T27789] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1320.056890][T27791] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1320.504818][T27795] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1322.234785][T27815] FAULT_INJECTION: forcing a failure. [ 1322.234785][T27815] name failslab, interval 1, probability 0, space 0, times 0 [ 1322.371592][T27815] CPU: 0 UID: 0 PID: 27815 Comm: syz.3.6264 Tainted: G L syzkaller #0 PREEMPT(full) [ 1322.371622][T27815] Tainted: [L]=SOFTLOCKUP [ 1322.371628][T27815] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1322.371638][T27815] Call Trace: [ 1322.371644][T27815] [ 1322.371651][T27815] dump_stack_lvl+0x100/0x190 [ 1322.371676][T27815] should_fail_ex.cold+0x5/0xa [ 1322.371698][T27815] should_failslab+0xc2/0x120 [ 1322.371717][T27815] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1322.371740][T27815] ? btrfs_get_tree+0x159/0x1f20 [ 1322.371763][T27815] ? rcu_is_watching+0x12/0xc0 [ 1322.371786][T27815] btrfs_get_tree+0x159/0x1f20 [ 1322.371806][T27815] ? __do_sys_fsconfig+0x4e1/0xcb0 [ 1322.371834][T27815] ? __pfx_btrfs_get_tree+0x10/0x10 [ 1322.371855][T27815] ? rcu_is_watching+0x12/0xc0 [ 1322.371873][T27815] ? apparmor_capable+0x1d7/0x4d0 [ 1322.371890][T27815] ? bpf_lsm_capable+0x9/0x10 [ 1322.371909][T27815] ? security_capable+0x80/0x260 [ 1322.371934][T27815] vfs_get_tree+0x92/0x320 [ 1322.371968][T27815] vfs_cmd_create+0xd7/0x2a0 [ 1322.371992][T27815] __do_sys_fsconfig+0x55a/0xcb0 [ 1322.372017][T27815] ? __pfx___do_sys_fsconfig+0x10/0x10 [ 1322.372042][T27815] ? fput+0x79/0x100 [ 1322.372068][T27815] ? rcu_is_watching+0x12/0xc0 [ 1322.372088][T27815] do_syscall_64+0x10b/0xf80 [ 1322.372109][T27815] ? clear_bhb_loop+0x40/0x90 [ 1322.372128][T27815] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1322.372145][T27815] RIP: 0033:0x7f429299ce59 [ 1322.372159][T27815] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1322.372174][T27815] RSP: 002b:00007f4290bf6028 EFLAGS: 00000246 ORIG_RAX: 00000000000001af [ 1322.372190][T27815] RAX: ffffffffffffffda RBX: 00007f4292c15fa0 RCX: 00007f429299ce59 [ 1322.372200][T27815] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000003 [ 1322.372209][T27815] RBP: 00007f4290bf6090 R08: 0000000000000000 R09: 0000000000000000 [ 1322.372219][T27815] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1322.372227][T27815] R13: 00007f4292c16038 R14: 00007f4292c15fa0 R15: 00007ffcb0c4ff58 [ 1322.372247][T27815] [ 1322.978173][T18734] Bluetooth: hci3: Unexpected cc 0x7c89 with no status [ 1323.319322][T27825] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6267'. [ 1324.104471][T27835] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 1324.260605][T27835] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 1324.511843][T27836] smpboot: CPU 1 is now offline [ 1324.576288][T27836] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 1324.868904][T27838] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1325.379546][T27841] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(384.8192.60), cmd(6) [ 1326.578997][T27866] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1327.324388][T27884] FAULT_INJECTION: forcing a failure. [ 1327.324388][T27884] name failslab, interval 1, probability 0, space 0, times 0 [ 1327.341992][T27875] netlink: 25 bytes leftover after parsing attributes in process `syz.3.6280'. [ 1327.386173][T27884] CPU: 0 UID: 0 PID: 27884 Comm: syz.0.6283 Tainted: G L syzkaller #0 PREEMPT(full) [ 1327.386203][T27884] Tainted: [L]=SOFTLOCKUP [ 1327.386209][T27884] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1327.386219][T27884] Call Trace: [ 1327.386226][T27884] [ 1327.386235][T27884] dump_stack_lvl+0x100/0x190 [ 1327.386260][T27884] should_fail_ex.cold+0x5/0xa [ 1327.386282][T27884] should_failslab+0xc2/0x120 [ 1327.386301][T27884] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1327.386334][T27884] ? btrfs_get_tree+0x1b1/0x1f20 [ 1327.386361][T27884] btrfs_get_tree+0x1b1/0x1f20 [ 1327.386381][T27884] ? __do_sys_fsconfig+0x4e1/0xcb0 [ 1327.386416][T27884] ? __pfx_btrfs_get_tree+0x10/0x10 [ 1327.386438][T27884] ? rcu_is_watching+0x12/0xc0 [ 1327.386462][T27884] ? apparmor_capable+0x1d7/0x4d0 [ 1327.386480][T27884] ? bpf_lsm_capable+0x9/0x10 [ 1327.386499][T27884] ? security_capable+0x80/0x260 [ 1327.386525][T27884] vfs_get_tree+0x92/0x320 [ 1327.386541][T27884] vfs_cmd_create+0xd7/0x2a0 [ 1327.386575][T27884] __do_sys_fsconfig+0x55a/0xcb0 [ 1327.386601][T27884] ? __pfx___do_sys_fsconfig+0x10/0x10 [ 1327.386633][T27884] ? fput+0x79/0x100 [ 1327.386659][T27884] ? rcu_is_watching+0x12/0xc0 [ 1327.386679][T27884] do_syscall_64+0x10b/0xf80 [ 1327.386695][T27884] ? clear_bhb_loop+0x40/0x90 [ 1327.386715][T27884] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1327.386732][T27884] RIP: 0033:0x7f945df9ce59 [ 1327.386746][T27884] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1327.386762][T27884] RSP: 002b:00007f945ee0b028 EFLAGS: 00000246 ORIG_RAX: 00000000000001af [ 1327.386778][T27884] RAX: ffffffffffffffda RBX: 00007f945e215fa0 RCX: 00007f945df9ce59 [ 1327.386789][T27884] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000003 [ 1327.386798][T27884] RBP: 00007f945ee0b090 R08: 0000000000000000 R09: 0000000000000000 [ 1327.386808][T27884] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1327.386818][T27884] R13: 00007f945e216038 R14: 00007f945e215fa0 R15: 00007ffd0b2cfe68 [ 1327.386841][T27884] [ 1327.959354][T27887] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1329.206119][T27913] device-mapper: ioctl: Unable to rename non-existent device, to „ [ 1330.281126][T27942] ima: policy update failed [ 1330.318475][ T29] audit: type=1802 audit(1843104536.177:62): pid=27942 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.6296" res=0 errno=0 [ 1331.503304][T27948] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1331.746526][T27952] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(384.8192.60), cmd(6) [ 1331.782086][T27954] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1332.040829][T27954] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1332.403894][T27964] FAULT_INJECTION: forcing a failure. [ 1332.403894][T27964] name failslab, interval 1, probability 0, space 0, times 0 [ 1332.480218][T27964] CPU: 0 UID: 0 PID: 27964 Comm: syz.3.6302 Tainted: G L syzkaller #0 PREEMPT(full) [ 1332.480247][T27964] Tainted: [L]=SOFTLOCKUP [ 1332.480252][T27964] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1332.480262][T27964] Call Trace: [ 1332.480268][T27964] [ 1332.480275][T27964] dump_stack_lvl+0x100/0x190 [ 1332.480299][T27964] should_fail_ex.cold+0x5/0xa [ 1332.480321][T27964] should_failslab+0xc2/0x120 [ 1332.480340][T27964] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 1332.480358][T27964] ? vfs_dup_fs_context+0x74/0x8a0 [ 1332.480380][T27964] ? lockdep_init_map_type+0x5c/0x250 [ 1332.480401][T27964] kmemdup_noprof+0x29/0x60 [ 1332.480419][T27964] vfs_dup_fs_context+0x74/0x8a0 [ 1332.480442][T27964] btrfs_get_tree+0x225/0x1f20 [ 1332.480466][T27964] ? __do_sys_fsconfig+0x4e1/0xcb0 [ 1332.480493][T27964] ? __pfx_btrfs_get_tree+0x10/0x10 [ 1332.480515][T27964] ? rcu_is_watching+0x12/0xc0 [ 1332.480535][T27964] ? apparmor_capable+0x1d7/0x4d0 [ 1332.480553][T27964] ? bpf_lsm_capable+0x9/0x10 [ 1332.480572][T27964] ? security_capable+0x80/0x260 [ 1332.480597][T27964] vfs_get_tree+0x92/0x320 [ 1332.480613][T27964] vfs_cmd_create+0xd7/0x2a0 [ 1332.480637][T27964] __do_sys_fsconfig+0x55a/0xcb0 [ 1332.480661][T27964] ? __pfx___do_sys_fsconfig+0x10/0x10 [ 1332.480684][T27964] ? fput+0x79/0x100 [ 1332.480709][T27964] ? rcu_is_watching+0x12/0xc0 [ 1332.480729][T27964] do_syscall_64+0x10b/0xf80 [ 1332.480743][T27964] ? clear_bhb_loop+0x40/0x90 [ 1332.480763][T27964] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1332.480778][T27964] RIP: 0033:0x7f429299ce59 [ 1332.480792][T27964] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1332.480807][T27964] RSP: 002b:00007f4290bf6028 EFLAGS: 00000246 ORIG_RAX: 00000000000001af [ 1332.480823][T27964] RAX: ffffffffffffffda RBX: 00007f4292c15fa0 RCX: 00007f429299ce59 [ 1332.480833][T27964] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000003 [ 1332.480842][T27964] RBP: 00007f4290bf6090 R08: 0000000000000000 R09: 0000000000000000 [ 1332.480852][T27964] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1332.480860][T27964] R13: 00007f4292c16038 R14: 00007f4292c15fa0 R15: 00007ffcb0c4ff58 [ 1332.480880][T27964] [ 1333.139392][T27976] netlink: 342 bytes leftover after parsing attributes in process `syz.2.6305'. [ 1333.213436][T27966] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 1333.300295][T27972] smpboot: CPU 1 is now offline [ 1333.525904][T27981] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1333.585184][T27983] random: crng reseeded on system resumption [ 1334.153251][T27995] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1334.345025][T27995] bond0: invalid ARP target specified [ 1334.599517][T28007] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1335.336908][T28024] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1335.596451][T28030] netlink: 342 bytes leftover after parsing attributes in process `syz.0.6319'. [ 1335.629976][T28024] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1336.295979][T28040] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 1336.350012][T28038] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1336.490632][T28043] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1336.586282][T12412] Bluetooth: hci1: Unexpected cc 0x7c89 with no status [ 1336.933373][T28038] bond0: invalid ARP target specified [ 1337.283230][T28068] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1337.494900][T28076] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 1337.592018][T28076] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 1337.747879][T28078] smpboot: CPU 1 is now offline [ 1337.806526][T28078] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 1337.967601][T28085] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1338.980671][T28097] syz_tun: tun_chr_ioctl cmd 2148553947 [ 1340.510924][T28127] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1341.088616][T28127] bond0: invalid ARP target specified [ 1341.541018][T28153] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 1341.785564][T28159] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1342.864468][T28187] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6347'. [ 1343.274323][T28196] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1343.504866][T28196] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1343.885792][T28202] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1344.112347][T28202] bond0: invalid ARP target specified [ 1344.269752][T28220] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1344.286636][T28221] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 1344.363288][T28221] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 1344.491119][T28222] smpboot: CPU 1 is now offline [ 1344.513105][T28222] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 1345.327916][T12412] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 1345.696763][T28236] syz_tun: tun_chr_ioctl cmd 2148553947 [ 1346.022074][T28248] netlink: 28 bytes leftover after parsing attributes in process `syz.3.6363'. [ 1346.111828][T28251] syz_tun: tun_chr_ioctl cmd 2148553947 [ 1347.397310][T28277] FAULT_INJECTION: forcing a failure. [ 1347.397310][T28277] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1347.489954][T28277] CPU: 0 UID: 0 PID: 28277 Comm: syz.2.6369 Tainted: G L syzkaller #0 PREEMPT(full) [ 1347.489983][T28277] Tainted: [L]=SOFTLOCKUP [ 1347.489988][T28277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1347.489998][T28277] Call Trace: [ 1347.490003][T28277] [ 1347.490011][T28277] dump_stack_lvl+0x100/0x190 [ 1347.490036][T28277] should_fail_ex.cold+0x5/0xa [ 1347.490057][T28277] _copy_from_user+0x2e/0xd0 [ 1347.490076][T28277] __sys_bpf+0x243/0x4b90 [ 1347.490096][T28277] ? __pfx___sys_bpf+0x10/0x10 [ 1347.490110][T28277] ? proc_fail_nth_write+0x9f/0x220 [ 1347.490135][T28277] ? find_held_lock+0x2b/0x80 [ 1347.490159][T28277] ? find_held_lock+0x2b/0x80 [ 1347.490178][T28277] ? ksys_write+0x190/0x250 [ 1347.490195][T28277] ? ksys_write+0x190/0x250 [ 1347.490215][T28277] ? __mutex_unlock_slowpath+0x15d/0x8a0 [ 1347.490231][T28277] ? kernel_write+0x5e3/0x6c0 [ 1347.490247][T28277] ? __fget_files+0x215/0x3d0 [ 1347.490275][T28277] ? fput+0x79/0x100 [ 1347.490298][T28277] ? ksys_write+0x1ac/0x250 [ 1347.490314][T28277] ? __pfx_ksys_write+0x10/0x10 [ 1347.490335][T28277] __x64_sys_bpf+0x7b/0xc0 [ 1347.490351][T28277] ? lockdep_hardirqs_on+0x78/0x100 [ 1347.490375][T28277] do_syscall_64+0x10b/0xf80 [ 1347.490389][T28277] ? clear_bhb_loop+0x40/0x90 [ 1347.490408][T28277] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1347.490424][T28277] RIP: 0033:0x7f3d9299ce59 [ 1347.490438][T28277] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1347.490454][T28277] RSP: 002b:00007f3d93802028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1347.490472][T28277] RAX: ffffffffffffffda RBX: 00007f3d92c15fa0 RCX: 00007f3d9299ce59 [ 1347.490482][T28277] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 000000000000000c [ 1347.490492][T28277] RBP: 00007f3d93802090 R08: 0000000000000000 R09: 0000000000000000 [ 1347.490501][T28277] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1347.490510][T28277] R13: 00007f3d92c16038 R14: 00007f3d92c15fa0 R15: 00007fff70310218 [ 1347.490529][T28277] [ 1348.059582][T28290] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1348.279496][T28295] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6374'. [ 1350.172093][T28321] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 1350.267084][T28321] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 1350.531173][ T22] IRQ fixup: irq 33 move in progress, old vector 47 [ 1350.541306][T28327] smpboot: CPU 1 is now offline [ 1350.626554][T28327] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 1350.962196][T28333] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1351.076468][T21031] EXT4-fs (sda1): Delayed block allocation failed for inode 2035 at logical offset 896 with max blocks 17 with error 117 [ 1351.174987][T21031] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1351.174987][T21031] [ 1351.412266][T28347] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(5) [ 1351.847729][T28351] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1352.217233][T28356] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6390'. [ 1352.302062][T28356] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(6) [ 1352.351123][T28351] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1353.014515][T28381] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 1353.039875][T28382] netlink: 172 bytes leftover after parsing attributes in process `syz.1.6395'. [ 1353.334896][T28385] FAULT_INJECTION: forcing a failure. [ 1353.334896][T28385] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1353.399647][T28385] CPU: 0 UID: 0 PID: 28385 Comm: syz.2.6397 Tainted: G L syzkaller #0 PREEMPT(full) [ 1353.399677][T28385] Tainted: [L]=SOFTLOCKUP [ 1353.399682][T28385] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1353.399692][T28385] Call Trace: [ 1353.399698][T28385] [ 1353.399706][T28385] dump_stack_lvl+0x100/0x190 [ 1353.399731][T28385] should_fail_ex.cold+0x5/0xa [ 1353.399752][T28385] _copy_to_user+0x32/0xd0 [ 1353.399771][T28385] simple_read_from_buffer+0xcb/0x170 [ 1353.399792][T28385] proc_fail_nth_read+0x1af/0x230 [ 1353.399817][T28385] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1353.399842][T28385] ? rw_verify_area+0xce/0x6d0 [ 1353.399859][T28385] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1353.399883][T28385] vfs_read+0x1e4/0xb30 [ 1353.399903][T28385] ? __pfx_vfs_read+0x10/0x10 [ 1353.399920][T28385] ? __fget_files+0x215/0x3d0 [ 1353.399943][T28385] ? __fget_files+0x21f/0x3d0 [ 1353.399965][T28385] ksys_read+0x12a/0x250 [ 1353.399982][T28385] ? __pfx_ksys_read+0x10/0x10 [ 1353.400001][T28385] ? rcu_is_watching+0x12/0xc0 [ 1353.400024][T28385] do_syscall_64+0x10b/0xf80 [ 1353.400038][T28385] ? clear_bhb_loop+0x40/0x90 [ 1353.400058][T28385] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1353.400074][T28385] RIP: 0033:0x7f3d9295d68e [ 1353.400088][T28385] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 1353.400103][T28385] RSP: 002b:00007f3d93801fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1353.400120][T28385] RAX: ffffffffffffffda RBX: 00007f3d938026c0 RCX: 00007f3d9295d68e [ 1353.400130][T28385] RDX: 000000000000000f RSI: 00007f3d938020a0 RDI: 0000000000000006 [ 1353.400140][T28385] RBP: 00007f3d93802090 R08: 0000000000000000 R09: 0000000000000000 [ 1353.400149][T28385] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1353.400158][T28385] R13: 00007f3d92c16038 R14: 00007f3d92c15fa0 R15: 00007fff70310218 [ 1353.400178][T28385] [ 1354.503755][T28399] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1354.841449][T28399] bond0: invalid ARP target specified [ 1355.146590][T28409] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1355.601072][T28415] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 1355.716190][T28415] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 1355.846102][T28417] smpboot: CPU 1 is now offline [ 1355.903067][T28417] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 1356.152791][ T1317] ieee802154 phy0 wpan0: encryption failed: -22 [ 1356.166327][ T1317] ieee802154 phy1 wpan1: encryption failed: -22 [ 1356.752165][T28422] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1357.571673][T28433] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1357.626173][T28440] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(5) [ 1358.125616][T28433] bond0: invalid ARP target specified [ 1358.178016][T28448] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1358.631941][T28455] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 1358.720194][T28455] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 1358.959872][T28456] smpboot: CPU 1 is now offline [ 1359.028626][T28456] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 1359.078698][T28462] input: jJǸ-¶š9ã%vø“û¨lÐQ  J86Ö‘ as /devices/virtual/input/input17 [ 1359.108313][T28461] syz_tun: tun_chr_ioctl cmd 2148553947 [ 1359.287706][T28458] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1360.726949][T28471] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1363.231256][T28498] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 1363.471349][T12412] Bluetooth: hci0: unexpected event for opcode 0x7c89 [ 1363.564819][T28505] mtrr: base(0x20000) is not aligned on a size(0x0000) boundary [ 1364.479869][T28518] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6430'. [ 1364.582347][T28518] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(384.8192.60), cmd(6) [ 1365.252145][T28530] nfs: Unknown parameter '£m?¥ŒÁLH>®ï½¢^Ñe„°àko}* »' [ 1367.879143][T28547] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1368.146952][T28550] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1368.641540][T28547] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1368.931375][T28550] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1369.264422][T28564] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 1369.378372][T28564] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 1369.501724][T28567] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(6.0.4), cmd(6) [ 1369.578964][T28565] smpboot: CPU 1 is now offline [ 1369.622662][T28565] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 1371.106423][T28577] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1371.266724][T28586] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1373.997626][T28614] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1374.212831][T28614] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1377.422545][T28618] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1378.843410][T28649] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1379.595533][T28649] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1380.158146][T28662] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 1380.375481][T28666] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1381.010946][T28666] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1381.662019][T28676] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1381.950269][T28678] bond0: invalid ARP target specified [ 1382.565575][T28695] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 1382.717135][T28695] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 1382.960879][T28699] smpboot: CPU 1 is now offline [ 1383.022505][T28699] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 1383.041984][T28702] can: request_module (can-proto-0) failed. [ 1383.549256][T28706] device-mapper: ioctl: Invalid ioctl structure: uuid ž, name , dev 4000000200000 [ 1383.674967][T28679] Bluetooth: hci2: command 0x0406 tx timeout [ 1384.060983][T28722] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(384.8192.60), cmd(6) [ 1384.105348][T28710] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1384.172253][T28719] FAULT_INJECTION: forcing a failure. [ 1384.172253][T28719] name failslab, interval 1, probability 0, space 0, times 0 [ 1384.240233][T28719] CPU: 0 UID: 0 PID: 28719 Comm: syz.2.6477 Tainted: G L syzkaller #0 PREEMPT(full) [ 1384.240266][T28719] Tainted: [L]=SOFTLOCKUP [ 1384.240273][T28719] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1384.240286][T28719] Call Trace: [ 1384.240293][T28719] [ 1384.240301][T28719] dump_stack_lvl+0x100/0x190 [ 1384.240329][T28719] should_fail_ex.cold+0x5/0xa [ 1384.240363][T28719] should_failslab+0xc2/0x120 [ 1384.240385][T28719] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1384.240409][T28719] ? vb2_vmalloc_alloc+0xf9/0x410 [ 1384.240430][T28719] ? trace_kmalloc+0xe3/0x110 [ 1384.240448][T28719] ? __kasan_kmalloc+0xaa/0xb0 [ 1384.240470][T28719] vb2_vmalloc_alloc+0xf9/0x410 [ 1384.240489][T28719] ? __pfx_vb2_vmalloc_alloc+0x10/0x10 [ 1384.240511][T28719] __vb2_queue_alloc+0x8d5/0x1160 [ 1384.240546][T28719] vb2_core_reqbufs+0x899/0xf30 [ 1384.240571][T28719] ? __pfx_vb2_core_reqbufs+0x10/0x10 [ 1384.240610][T28719] __vb2_init_fileio+0x32d/0x1000 [ 1384.240630][T28719] ? aa_file_perm+0x7f3/0x14d0 [ 1384.240656][T28719] __vb2_perform_fileio+0x91e/0x1380 [ 1384.240681][T28719] ? __pfx___vb2_perform_fileio+0x10/0x10 [ 1384.240700][T28719] ? __pfx___might_resched+0x10/0x10 [ 1384.240721][T28719] ? futex_hash+0x141/0x370 [ 1384.240740][T28719] vb2_fop_read+0x211/0x520 [ 1384.240762][T28719] v4l2_read+0x229/0x2c0 [ 1384.240779][T28719] ? __pfx_v4l2_read+0x10/0x10 [ 1384.240803][T28719] vfs_read+0x1e4/0xb30 [ 1384.240826][T28719] ? __pfx_vfs_read+0x10/0x10 [ 1384.240844][T28719] ? find_held_lock+0x2b/0x80 [ 1384.240866][T28719] ? __fget_files+0x215/0x3d0 [ 1384.240886][T28719] ? __fget_files+0x215/0x3d0 [ 1384.240907][T28719] ? __fget_files+0x21f/0x3d0 [ 1384.240933][T28719] ksys_read+0x12a/0x250 [ 1384.240951][T28719] ? __pfx_ksys_read+0x10/0x10 [ 1384.240970][T28719] ? rcu_is_watching+0x12/0xc0 [ 1384.240991][T28719] do_syscall_64+0x10b/0xf80 [ 1384.241006][T28719] ? clear_bhb_loop+0x40/0x90 [ 1384.241033][T28719] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1384.241054][T28719] RIP: 0033:0x7f3d9299ce59 [ 1384.241070][T28719] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1384.241086][T28719] RSP: 002b:00007f3d93802028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1384.241104][T28719] RAX: ffffffffffffffda RBX: 00007f3d92c15fa0 RCX: 00007f3d9299ce59 [ 1384.241116][T28719] RDX: 0000000000000028 RSI: 0000200000000280 RDI: 0000000000000003 [ 1384.241127][T28719] RBP: 00007f3d92a32d6f R08: 0000000000000000 R09: 0000000000000000 [ 1384.241137][T28719] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1384.241147][T28719] R13: 00007f3d92c16038 R14: 00007f3d92c15fa0 R15: 00007fff70310218 [ 1384.241169][T28719] [ 1386.465462][T28743] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1388.242479][T28753] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1388.461133][T28753] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1388.951000][T28762] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1389.438344][T28766] bond0: invalid ARP target specified [ 1390.348055][T28784] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1390.724354][T28793] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1390.947759][T28793] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1390.983389][T28794] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1391.499005][T28804] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1391.887095][T28815] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 1392.035237][T28805] bond0: invalid ARP target specified [ 1392.040997][T28815] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 1392.302500][T28817] smpboot: CPU 1 is now offline [ 1392.351238][T28817] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 1392.391978][T28822] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1393.467193][T28838] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 1393.598288][T28838] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 1393.786881][T28839] smpboot: CPU 1 is now offline [ 1393.882090][T28839] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 1394.542955][T28851] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1395.076899][T28855] vivid-007: ================= START STATUS ================= [ 1395.110691][T28851] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1395.162116][T28855] vivid-007: Enable Output Cropping: true [ 1395.184155][T28860] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1395.253343][T28855] vivid-007: Enable Output Composing: true [ 1395.313436][T28855] vivid-007: Enable Output Scaler: true [ 1395.372566][T28855] vivid-007: Tx RGB Quantization Range: Automatic [ 1395.415579][T28855] vivid-007: Transmit Mode: HDMI [ 1395.439849][T28855] vivid-007: Hotplug Present: 0x00000000 [ 1395.469666][T28855] vivid-007: RxSense Present: 0x00000000 [ 1395.499089][T28855] vivid-007: EDID Present: 0x00000000 [ 1395.525403][T28855] vivid-007: ================== END STATUS ================== [ 1395.758649][T28864] batadv_slave_1: entered promiscuous mode [ 1395.826961][T28865] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1395.901274][T28864] batadv_slave_1: left promiscuous mode [ 1396.073389][T28875] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 1396.184889][T28875] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 1396.324467][T28876] smpboot: CPU 1 is now offline [ 1396.341279][T28878] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1396.379543][T28876] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 1396.481376][T28878] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1398.101219][T28908] netlink: 28 bytes leftover after parsing attributes in process `syz.3.6521'. [ 1398.162362][T28911] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(384.8192.60), cmd(6) [ 1398.561870][T28919] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 1398.886470][T28928] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1399.290436][T28928] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1399.745247][T28941] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6530'. [ 1399.844856][T28947] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(384.8192.60), cmd(6) [ 1399.939981][T28941] veth0_macvtap: left promiscuous mode [ 1399.983627][T28941] macvtap0: entered promiscuous mode [ 1400.006707][T28941] macvtap0: entered allmulticast mode [ 1400.900734][T28963] syz_tun: tun_chr_ioctl cmd 2148553947 [ 1401.220249][T28958] FAULT_INJECTION: forcing a failure. [ 1401.220249][T28958] name failslab, interval 1, probability 0, space 0, times 0 [ 1401.421870][T28958] CPU: 0 UID: 0 PID: 28958 Comm: syz.1.6532 Tainted: G L syzkaller #0 PREEMPT(full) [ 1401.421904][T28958] Tainted: [L]=SOFTLOCKUP [ 1401.421910][T28958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1401.421923][T28958] Call Trace: [ 1401.421928][T28958] [ 1401.421937][T28958] dump_stack_lvl+0x100/0x190 [ 1401.421969][T28958] should_fail_ex.cold+0x5/0xa [ 1401.421992][T28958] should_failslab+0xc2/0x120 [ 1401.422013][T28958] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1401.422036][T28958] ? madvise_collapse+0x1a6/0x760 [ 1401.422060][T28958] ? finish_task_switch.isra.0+0x2c6/0x1010 [ 1401.422085][T28958] madvise_collapse+0x1a6/0x760 [ 1401.422104][T28958] ? lockdep_hardirqs_on+0x78/0x100 [ 1401.422130][T28958] ? __pfx_madvise_collapse+0x10/0x10 [ 1401.422153][T28958] ? mtree_range_walk+0x72b/0xb70 [ 1401.422181][T28958] madvise_vma_behavior+0x10f4/0x2200 [ 1401.422205][T28958] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 1401.422231][T28958] ? find_vma_prev+0xd8/0x150 [ 1401.422249][T28958] ? futex_unqueue+0x133/0x2c0 [ 1401.422266][T28958] ? __pfx_find_vma_prev+0x10/0x10 [ 1401.422290][T28958] ? __futex_wait+0x256/0x300 [ 1401.422313][T28958] madvise_walk_vmas+0x2fe/0xa90 [ 1401.422337][T28958] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 1401.422362][T28958] madvise_do_behavior+0x1ea/0x510 [ 1401.422385][T28958] ? __pfx_madvise_do_behavior+0x10/0x10 [ 1401.422406][T28958] ? down_read+0x13b/0x450 [ 1401.422431][T28958] do_madvise+0x195/0x240 [ 1401.422451][T28958] ? __pfx_do_madvise+0x10/0x10 [ 1401.422471][T28958] ? do_futex+0x192/0x350 [ 1401.422490][T28958] ? __sys_sendmsg+0x18f/0x220 [ 1401.422523][T28958] __x64_sys_madvise+0xa9/0x110 [ 1401.422543][T28958] ? lockdep_hardirqs_on+0x78/0x100 [ 1401.422565][T28958] do_syscall_64+0x10b/0xf80 [ 1401.422581][T28958] ? clear_bhb_loop+0x40/0x90 [ 1401.422600][T28958] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1401.422616][T28958] RIP: 0033:0x7f2a9bd9ce59 [ 1401.422630][T28958] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1401.422647][T28958] RSP: 002b:00007f2a9ccd0028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 1401.422664][T28958] RAX: ffffffffffffffda RBX: 00007f2a9c016090 RCX: 00007f2a9bd9ce59 [ 1401.422676][T28958] RDX: 0000000000000019 RSI: 0000000000000081 RDI: 0000000000000000 [ 1401.422687][T28958] RBP: 00007f2a9be32d6f R08: 0000000000000000 R09: 0000000000000000 [ 1401.422697][T28958] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1401.422708][T28958] R13: 00007f2a9c016128 R14: 00007f2a9c016090 R15: 00007ffffa1ea358 [ 1401.422729][T28958] [ 1402.273750][T28975] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6538'. [ 1402.354543][T28978] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(384.8192.60), cmd(6) [ 1403.431202][T28993] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6541'. [ 1403.461163][T28995] batadv_slave_1: entered promiscuous mode [ 1403.486509][T28995] batadv_slave_1: left promiscuous mode [ 1403.504859][T28996] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(384.8192.60), cmd(6) [ 1403.567608][T28995] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1404.365261][T29013] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 1404.421274][T29005] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1404.436536][T29013] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 1404.556973][T29016] smpboot: CPU 1 is now offline [ 1404.579484][T29016] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 1407.278084][T29070] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6559'. [ 1407.379914][T29074] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 1407.438174][T29066] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1407.815394][T29067] bond0: invalid ARP target specified [ 1408.271953][T29089] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 1409.766642][T29111] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(384.8192.60), cmd(6) [ 1410.177451][T29117] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 1410.258579][T29121] netlink: 330 bytes leftover after parsing attributes in process `syz.3.6572'. [ 1410.304470][T29117] CIFS mount error: No usable UNC path provided in device string! [ 1410.304470][T29117] [ 1410.364289][T29117] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 1410.396919][T29121] mac80211_hwsim hwsim84 ›: renamed from wlan0 (while UP) [ 1410.503975][T29126] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 1410.911074][T29131] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6575'. [ 1410.946858][T29131] netlink: 'syz.3.6575': attribute type 1 has an invalid length. [ 1410.971204][T29131] netlink: 51465 bytes leftover after parsing attributes in process `syz.3.6575'. [ 1411.497705][T29128] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1411.546990][T29128] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1411.587149][T29128] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1411.636955][T29128] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1411.700020][T29128] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 1411.988261][T29154] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 1412.718930][T29151] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1412.782281][T12412] Bluetooth: hci0: command 0x0c1a tx timeout [ 1412.801362][T29151] bond0: invalid ARP target specified [ 1413.514046][T29177] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1413.584771][T12412] Bluetooth: hci1: command 0x040f tx timeout [ 1413.591411][T28679] Bluetooth: hci3: command 0x0c1a tx timeout [ 1413.659672][T12412] Bluetooth: hci2: command 0x0406 tx timeout [ 1413.807850][T29177] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1414.090181][T29193] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 1414.421114][T29197] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6593'. [ 1414.424087][T29197] netlink: 'syz.2.6593': attribute type 1 has an invalid length. [ 1414.424113][T29197] netlink: 51465 bytes leftover after parsing attributes in process `syz.2.6593'. [ 1415.725706][T12412] Bluetooth: hci2: command 0x0406 tx timeout [ 1417.242582][ T1317] ieee802154 phy0 wpan0: encryption failed: -22 [ 1417.254825][ T1317] ieee802154 phy1 wpan1: encryption failed: -22 [ 1420.274333][T29307] net_ratelimit: 47 callbacks suppressed [ 1420.274355][T29307] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1420.637538][T29313] bond0: invalid ARP target specified [ 1421.259983][T29326] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1421.466473][T29331] netlink: 28 bytes leftover after parsing attributes in process `syz.3.6626'. [ 1421.524582][T29331] ipvlan1: entered promiscuous mode [ 1421.574493][T29331] ipvlan1: entered allmulticast mode [ 1421.605054][T29331] veth0_vlan: entered allmulticast mode [ 1424.045282][T29376] bond0: invalid ARP target specified [ 1424.361852][T29379] zswap: compressor not available [ 1424.609402][T29388] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1429.537209][ T29] audit: type=1804 audit(1843104519.170:63): pid=29457 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.6648" name="/newroot/sys/kernel/debug/tracing/trace_marker" dev="tracefs" ino=1610 res=1 errno=0 [ 1429.711778][ T29] audit: type=1804 audit(1843104519.211:64): pid=29459 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.6648" name="/newroot/sys/kernel/debug/tracing/trace_marker" dev="tracefs" ino=1610 res=1 errno=0 [ 1430.238313][T29477] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6653'. [ 1430.712646][T12412] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 1430.720612][T12412] Bluetooth: hci0: Invalid handle: 0x3a4a > 0x0eff [ 1431.664299][T29499] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1431.761719][T29499] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1431.803955][ T29] audit: type=1800 audit(1843104521.463:65): pid=29502 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.6658" name="dbroot" dev="configfs" ino=159725 res=0 errno=0 [ 1433.531650][ T5632] Process accounting resumed [ 1435.475197][T29492] Process accounting resumed [ 1438.591436][T12412] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 1438.599473][T12412] Bluetooth: hci1: Invalid handle: 0x3a4a > 0x0eff [ 1439.694005][T29581] kexec: Could not allocate control_code_buffer [ 1439.786667][T29603] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1440.022681][T29607] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1440.184162][T29610] FAULT_INJECTION: forcing a failure. [ 1440.184162][T29610] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1440.256731][T29610] CPU: 0 UID: 0 PID: 29610 Comm: syz.2.6682 Tainted: G L syzkaller #0 PREEMPT(full) [ 1440.256759][T29610] Tainted: [L]=SOFTLOCKUP [ 1440.256765][T29610] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1440.256775][T29610] Call Trace: [ 1440.256780][T29610] [ 1440.256787][T29610] dump_stack_lvl+0x100/0x190 [ 1440.256813][T29610] should_fail_ex.cold+0x5/0xa [ 1440.256834][T29610] _copy_to_user+0x32/0xd0 [ 1440.256854][T29610] ksys_msgctl.constprop.0+0x2cc/0x340 [ 1440.256879][T29610] ? __pfx_ksys_msgctl.constprop.0+0x10/0x10 [ 1440.256919][T29610] ? rcu_is_watching+0x12/0xc0 [ 1440.256941][T29610] do_syscall_64+0x10b/0xf80 [ 1440.256956][T29610] ? clear_bhb_loop+0x40/0x90 [ 1440.256976][T29610] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1440.256992][T29610] RIP: 0033:0x7f3d9299ce59 [ 1440.257006][T29610] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1440.257022][T29610] RSP: 002b:00007f3d937e1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000047 [ 1440.257038][T29610] RAX: ffffffffffffffda RBX: 00007f3d92c16090 RCX: 00007f3d9299ce59 [ 1440.257049][T29610] RDX: 0000000000000000 RSI: 000000000000000c RDI: 0000000000000003 [ 1440.257058][T29610] RBP: 00007f3d937e1090 R08: 0000000000000000 R09: 0000000000000000 [ 1440.257068][T29610] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1440.257077][T29610] R13: 00007f3d92c16128 R14: 00007f3d92c16090 R15: 00007fff70310218 [ 1440.257096][T29610] [ 1442.701044][T29592] Process accounting resumed [ 1445.301381][T29677] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6700'. [ 1446.303319][T29701] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6708'. [ 1446.376047][T29704] netlink: 13 bytes leftover after parsing attributes in process `syz.2.6708'. [ 1447.731204][T29721] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6712'. [ 1448.429427][T29730] FAULT_INJECTION: forcing a failure. [ 1448.429427][T29730] name failslab, interval 1, probability 0, space 0, times 0 [ 1448.490994][T29730] CPU: 0 UID: 0 PID: 29730 Comm: syz.3.6713 Tainted: G L syzkaller #0 PREEMPT(full) [ 1448.491023][T29730] Tainted: [L]=SOFTLOCKUP [ 1448.491032][T29730] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1448.491042][T29730] Call Trace: [ 1448.491048][T29730] [ 1448.491055][T29730] dump_stack_lvl+0x100/0x190 [ 1448.491174][T29730] should_fail_ex.cold+0x5/0xa [ 1448.491195][T29730] ? kernfs_fop_write_iter+0x26a/0x5f0 [ 1448.491217][T29730] should_failslab+0xc2/0x120 [ 1448.491237][T29730] __kmalloc_noprof+0xe0/0x850 [ 1448.491256][T29730] kernfs_fop_write_iter+0x26a/0x5f0 [ 1448.491281][T29730] vfs_write+0x6ac/0x1070 [ 1448.491300][T29730] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 1448.491324][T29730] ? __pfx_vfs_write+0x10/0x10 [ 1448.491353][T29730] ksys_write+0x12a/0x250 [ 1448.491370][T29730] ? __pfx_ksys_write+0x10/0x10 [ 1448.491390][T29730] ? rcu_is_watching+0x12/0xc0 [ 1448.491412][T29730] do_syscall_64+0x10b/0xf80 [ 1448.491427][T29730] ? clear_bhb_loop+0x40/0x90 [ 1448.491446][T29730] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1448.491463][T29730] RIP: 0033:0x7f429299ce59 [ 1448.491477][T29730] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1448.491492][T29730] RSP: 002b:00007f4290bf6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1448.491508][T29730] RAX: ffffffffffffffda RBX: 00007f4292c15fa0 RCX: 00007f429299ce59 [ 1448.491519][T29730] RDX: 000000007fffffff RSI: 0000000000000000 RDI: 0000000000000003 [ 1448.491529][T29730] RBP: 00007f4290bf6090 R08: 0000000000000000 R09: 0000000000000000 [ 1448.491538][T29730] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1448.491547][T29730] R13: 00007f4292c16038 R14: 00007f4292c15fa0 R15: 00007ffcb0c4ff58 [ 1448.491567][T29730] [ 1449.398686][T29748] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1449.548170][T29749] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1450.680361][T29764] sysfs: cannot create duplicate filename '/class/ieee80211/211!phy1!netdev:wlan1!rc_rateidx_mcs_mask' [ 1450.787384][T29764] CPU: 0 UID: 0 PID: 29764 Comm: syz.3.6722 Tainted: G L syzkaller #0 PREEMPT(full) [ 1450.787416][T29764] Tainted: [L]=SOFTLOCKUP [ 1450.787423][T29764] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1450.787434][T29764] Call Trace: [ 1450.787441][T29764] [ 1450.787448][T29764] dump_stack_lvl+0x100/0x190 [ 1450.787476][T29764] sysfs_warn_dup.cold+0x1c/0x28 [ 1450.787502][T29764] sysfs_do_create_link_sd+0x113/0x140 [ 1450.787524][T29764] sysfs_create_link+0x61/0xc0 [ 1450.787541][T29764] device_add+0x675/0x1950 [ 1450.787568][T29764] ? __pfx_device_add+0x10/0x10 [ 1450.787588][T29764] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1450.787612][T29764] ? ieee80211_set_bitrate_flags+0x41b/0x6b0 [ 1450.787636][T29764] wiphy_register+0x1edd/0x2d90 [ 1450.787657][T29764] ? __rtnl_unlock+0xb9/0xf0 [ 1450.787683][T29764] ? __pfx_wiphy_register+0x10/0x10 [ 1450.787705][T29764] ? __asan_memset+0x23/0x50 [ 1450.787728][T29764] ? minstrel_ht_alloc+0x5e6/0x7f0 [ 1450.787755][T29764] ieee80211_register_hw+0x3055/0x4570 [ 1450.787782][T29764] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 1450.787801][T29764] ? __pfx___debug_object_init+0x10/0x10 [ 1450.787821][T29764] ? find_held_lock+0x2b/0x80 [ 1450.787852][T29764] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1450.787876][T29764] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 1450.787903][T29764] ? __hrtimer_setup+0x208/0x330 [ 1450.787924][T29764] mac80211_hwsim_new_radio+0x2a01/0x5aa0 [ 1450.787956][T29764] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 1450.787981][T29764] ? __asan_memcpy+0x3c/0x60 [ 1450.788007][T29764] hwsim_new_radio_nl+0xc5f/0x1370 [ 1450.788025][T29764] ? rcu_is_watching+0x12/0xc0 [ 1450.788045][T29764] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 1450.788069][T29764] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1e5/0x2f0 [ 1450.788087][T29764] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1ef/0x2f0 [ 1450.788108][T29764] genl_family_rcv_msg_doit+0x214/0x300 [ 1450.788127][T29764] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1450.788143][T29764] ? genl_get_cmd+0x3e7/0x760 [ 1450.788162][T29764] ? bpf_lsm_capable+0x9/0x10 [ 1450.788180][T29764] ? security_capable+0x80/0x260 [ 1450.788204][T29764] ? ns_capable+0xd2/0xf0 [ 1450.788225][T29764] genl_rcv_msg+0x560/0x800 [ 1450.788244][T29764] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1450.788260][T29764] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 1450.788286][T29764] netlink_rcv_skb+0x159/0x420 [ 1450.788309][T29764] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1450.788326][T29764] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1450.788363][T29764] ? netlink_deliver_tap+0x1ae/0xcc0 [ 1450.788403][T29764] genl_rcv+0x28/0x40 [ 1450.788418][T29764] netlink_unicast+0x585/0x850 [ 1450.788444][T29764] ? __pfx_netlink_unicast+0x10/0x10 [ 1450.788472][T29764] netlink_sendmsg+0x8b0/0xda0 [ 1450.788507][T29764] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1450.788531][T29764] ? __import_iovec+0x1d2/0x640 [ 1450.788553][T29764] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 1450.788584][T29764] ____sys_sendmsg+0x9e1/0xb70 [ 1450.788608][T29764] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1450.788632][T29764] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1450.788657][T29764] ? rcu_is_watching+0x12/0xc0 [ 1450.788680][T29764] ? ___sys_sendmsg+0x19d/0x1e0 [ 1450.788702][T29764] ? kfree+0x1dd/0x6c0 [ 1450.788729][T29764] ___sys_sendmsg+0x190/0x1e0 [ 1450.788757][T29764] ? __pfx____sys_sendmsg+0x10/0x10 [ 1450.788803][T29764] ? __pfx___might_resched+0x10/0x10 [ 1450.788826][T29764] __sys_sendmmsg+0x205/0x430 [ 1450.788857][T29764] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1450.788895][T29764] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 1450.788924][T29764] ? kcov_ioctl+0x16a/0x720 [ 1450.788949][T29764] __x64_sys_sendmmsg+0x9c/0x100 [ 1450.788968][T29764] ? lockdep_hardirqs_on+0x78/0x100 [ 1450.788991][T29764] do_syscall_64+0x10b/0xf80 [ 1450.789005][T29764] ? clear_bhb_loop+0x40/0x90 [ 1450.789025][T29764] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1450.789041][T29764] RIP: 0033:0x7f429299ce59 [ 1450.789058][T29764] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1450.789072][T29764] RSP: 002b:00007f4290bd5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1450.789090][T29764] RAX: ffffffffffffffda RBX: 00007f4292c16090 RCX: 00007f429299ce59 [ 1450.789102][T29764] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 1450.789113][T29764] RBP: 00007f4292a32d6f R08: 0000000000000000 R09: 0000000000000000 [ 1450.789123][T29764] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1450.789133][T29764] R13: 00007f4292c16128 R14: 00007f4292c16090 R15: 00007ffcb0c4ff58 [ 1450.789157][T29764] [ 1451.263739][T29770] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 1451.400228][T29760] bond0: invalid ARP target specified [ 1451.796329][T29774] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6724'. [ 1452.543723][T29787] bond0: invalid ARP target specified [ 1452.842959][T29794] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 1453.749665][T29808] FAULT_INJECTION: forcing a failure. [ 1453.749665][T29808] name failslab, interval 1, probability 0, space 0, times 0 [ 1453.806783][T29808] CPU: 0 UID: 0 PID: 29808 Comm: syz.2.6734 Tainted: G L syzkaller #0 PREEMPT(full) [ 1453.806811][T29808] Tainted: [L]=SOFTLOCKUP [ 1453.806817][T29808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1453.806827][T29808] Call Trace: [ 1453.806833][T29808] [ 1453.806840][T29808] dump_stack_lvl+0x100/0x190 [ 1453.806866][T29808] should_fail_ex.cold+0x5/0xa [ 1453.806887][T29808] ? __pfx_bonding_sysfs_store_option+0x10/0x10 [ 1453.806911][T29808] should_failslab+0xc2/0x120 [ 1453.806930][T29808] ? __pfx_bonding_sysfs_store_option+0x10/0x10 [ 1453.806952][T29808] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 1453.806969][T29808] ? bonding_sysfs_store_option+0x67/0x120 [ 1453.806997][T29808] ? __pfx_bonding_sysfs_store_option+0x10/0x10 [ 1453.807018][T29808] kstrndup+0x64/0x120 [ 1453.807036][T29808] bonding_sysfs_store_option+0x67/0x120 [ 1453.807059][T29808] dev_attr_store+0x58/0x80 [ 1453.807081][T29808] ? __pfx_dev_attr_store+0x10/0x10 [ 1453.807107][T29808] sysfs_kf_write+0xf2/0x150 [ 1453.807125][T29808] kernfs_fop_write_iter+0x3e0/0x5f0 [ 1453.807147][T29808] ? __pfx_sysfs_kf_write+0x10/0x10 [ 1453.807163][T29808] vfs_write+0x6ac/0x1070 [ 1453.807183][T29808] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 1453.807206][T29808] ? __pfx_vfs_write+0x10/0x10 [ 1453.807237][T29808] ksys_write+0x12a/0x250 [ 1453.807254][T29808] ? __pfx_ksys_write+0x10/0x10 [ 1453.807273][T29808] ? rcu_is_watching+0x12/0xc0 [ 1453.807296][T29808] do_syscall_64+0x10b/0xf80 [ 1453.807311][T29808] ? clear_bhb_loop+0x40/0x90 [ 1453.807331][T29808] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1453.807347][T29808] RIP: 0033:0x7f3d9299ce59 [ 1453.807361][T29808] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1453.807375][T29808] RSP: 002b:00007f3d93802028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1453.807391][T29808] RAX: ffffffffffffffda RBX: 00007f3d92c15fa0 RCX: 00007f3d9299ce59 [ 1453.807401][T29808] RDX: 000000007fffffff RSI: 0000000000000000 RDI: 0000000000000003 [ 1453.807411][T29808] RBP: 00007f3d93802090 R08: 0000000000000000 R09: 0000000000000000 [ 1453.807420][T29808] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1453.807429][T29808] R13: 00007f3d92c16038 R14: 00007f3d92c15fa0 R15: 00007fff70310218 [ 1453.807449][T29808] [ 1455.022484][T29825] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1455.132230][T29826] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1455.490655][T29832] device-mapper: ioctl: dm_ctl_ioctl: unknown command 0xeffffd12 [ 1455.606511][T29833] bond0: invalid ARP target specified [ 1456.049596][T29850] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1456.366230][T29853] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1457.480256][T29880] FAULT_INJECTION: forcing a failure. [ 1457.480256][T29880] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1457.572232][T29880] CPU: 0 UID: 0 PID: 29880 Comm: syz.1.6749 Tainted: G L syzkaller #0 PREEMPT(full) [ 1457.572262][T29880] Tainted: [L]=SOFTLOCKUP [ 1457.572268][T29880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1457.572278][T29880] Call Trace: [ 1457.572284][T29880] [ 1457.572291][T29880] dump_stack_lvl+0x100/0x190 [ 1457.572317][T29880] should_fail_ex.cold+0x5/0xa [ 1457.572338][T29880] _copy_from_iter+0x1f4/0x1690 [ 1457.572361][T29880] ? __pfx__copy_from_iter+0x10/0x10 [ 1457.572377][T29880] ? rcu_is_watching+0x12/0xc0 [ 1457.572397][T29880] ? trace_kmalloc+0xe3/0x110 [ 1457.572415][T29880] ? __kasan_kmalloc+0xaa/0xb0 [ 1457.572432][T29880] ? __kmalloc_noprof+0x320/0x850 [ 1457.572450][T29880] kernfs_fop_write_iter+0x186/0x5f0 [ 1457.572476][T29880] vfs_write+0x6ac/0x1070 [ 1457.572496][T29880] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 1457.572519][T29880] ? __pfx_vfs_write+0x10/0x10 [ 1457.572548][T29880] ksys_write+0x12a/0x250 [ 1457.572566][T29880] ? __pfx_ksys_write+0x10/0x10 [ 1457.572582][T29880] ? exit_to_user_mode_loop+0xe2/0x4f0 [ 1457.572601][T29880] ? rcu_is_watching+0x12/0xc0 [ 1457.572621][T29880] do_syscall_64+0x10b/0xf80 [ 1457.572636][T29880] ? clear_bhb_loop+0x40/0x90 [ 1457.572656][T29880] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1457.572672][T29880] RIP: 0033:0x7f2a9bd9ce59 [ 1457.572686][T29880] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1457.572701][T29880] RSP: 002b:00007f2a9ccd0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1457.572717][T29880] RAX: ffffffffffffffda RBX: 00007f2a9c016090 RCX: 00007f2a9bd9ce59 [ 1457.572727][T29880] RDX: 000000007fffffff RSI: 0000000000000000 RDI: 0000000000000003 [ 1457.572737][T29880] RBP: 00007f2a9ccd0090 R08: 0000000000000000 R09: 0000000000000000 [ 1457.572746][T29880] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1457.572758][T29880] R13: 00007f2a9c016128 R14: 00007f2a9c016090 R15: 00007ffffa1ea358 [ 1457.572778][T29880] [ 1458.258010][T29884] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1458.510398][T29884] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1462.113105][T29962] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 1463.917505][T29952] FAULT_INJECTION: forcing a failure. [ 1463.917505][T29952] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1463.972859][T29952] CPU: 0 UID: 0 PID: 29952 Comm: syz.1.6766 Tainted: G L syzkaller #0 PREEMPT(full) [ 1463.972888][T29952] Tainted: [L]=SOFTLOCKUP [ 1463.972893][T29952] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1463.972904][T29952] Call Trace: [ 1463.972910][T29952] [ 1463.972916][T29952] dump_stack_lvl+0x100/0x190 [ 1463.972941][T29952] should_fail_ex.cold+0x5/0xa [ 1463.972962][T29952] get_futex_key+0x1d2/0x1510 [ 1463.972983][T29952] ? __pfx_get_futex_key+0x10/0x10 [ 1463.972997][T29952] ? lock_acquire+0x1b1/0x370 [ 1463.973018][T29952] futex_wake+0xea/0x530 [ 1463.973040][T29952] ? __pfx_futex_wake+0x10/0x10 [ 1463.973059][T29952] ? exit_mm_release+0x19/0x30 [ 1463.973087][T29952] do_futex+0x32b/0x350 [ 1463.973104][T29952] ? __pfx_do_futex+0x10/0x10 [ 1463.973119][T29952] ? __might_fault+0xc5/0x140 [ 1463.973147][T29952] mm_release+0x24a/0x2f0 [ 1463.973167][T29952] do_exit+0x707/0x2af0 [ 1463.973193][T29952] ? __pfx_do_exit+0x10/0x10 [ 1463.973221][T29952] ? do_raw_spin_lock+0x128/0x260 [ 1463.973238][T29952] ? find_held_lock+0x2b/0x80 [ 1463.973258][T29952] ? get_signal+0x7e5/0x2210 [ 1463.973280][T29952] do_group_exit+0xd5/0x2a0 [ 1463.973304][T29952] get_signal+0x20ff/0x2210 [ 1463.973330][T29952] ? __pfx_get_signal+0x10/0x10 [ 1463.973351][T29952] ? do_futex+0x192/0x350 [ 1463.973368][T29952] arch_do_signal_or_restart+0x91/0x7a0 [ 1463.973395][T29952] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 1463.973424][T29952] ? rcu_is_watching+0x12/0xc0 [ 1463.973446][T29952] exit_to_user_mode_loop+0x8b/0x4f0 [ 1463.973462][T29952] ? rcu_is_watching+0x12/0xc0 [ 1463.973481][T29952] do_syscall_64+0x6f2/0xf80 [ 1463.973497][T29952] ? clear_bhb_loop+0x40/0x90 [ 1463.973523][T29952] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1463.973539][T29952] RIP: 0033:0x7f2a9bd9ce59 [ 1463.973553][T29952] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1463.973569][T29952] RSP: 002b:00007f2a9ccf10e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1463.973585][T29952] RAX: fffffffffffffe00 RBX: 00007f2a9c015fa8 RCX: 00007f2a9bd9ce59 [ 1463.973596][T29952] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f2a9c015fa8 [ 1463.973605][T29952] RBP: 00007f2a9c015fa0 R08: 0000000000000000 R09: 0000000000000000 [ 1463.973615][T29952] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1463.973624][T29952] R13: 00007f2a9c016038 R14: 00007ffffa1ea270 R15: 00007ffffa1ea358 [ 1463.973644][T29952] [ 1464.739821][T30003] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6777'. [ 1466.537216][T29995] Process accounting paused [ 1467.735461][T30039] netlink: 222 bytes leftover after parsing attributes in process `syz.3.6787'. [ 1469.191756][T30067] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1469.351172][T30070] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1469.751035][T30074] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 1469.877832][T30080] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1470.028397][T12412] Bluetooth: hci1: ISO packet for unknown connection handle 0 [ 1471.749761][T30107] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1472.189130][T30107] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1472.812961][T30121] Process accounting paused [ 1473.673782][T30151] netlink: 28 bytes leftover after parsing attributes in process `syz.3.6818'. [ 1473.949848][T30148] syz.2.6817 (30148): attempted to duplicate a private mapping with mremap. This is not supported. [ 1475.844974][T12412] Bluetooth: hci1: unexpected event 0x1d length: 8 > 5 [ 1476.761847][T30200] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6828'. [ 1477.846578][T30204] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1477.868792][T30204] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1477.890555][T30204] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1477.918033][T30204] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1478.110744][T30230] FAULT_INJECTION: forcing a failure. [ 1478.110744][T30230] name failslab, interval 1, probability 0, space 0, times 0 [ 1478.179029][T30230] CPU: 0 UID: 0 PID: 30230 Comm: syz.1.6846 Tainted: G L syzkaller #0 PREEMPT(full) [ 1478.179074][T30230] Tainted: [L]=SOFTLOCKUP [ 1478.179080][T30230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1478.179091][T30230] Call Trace: [ 1478.179098][T30230] [ 1478.179106][T30230] dump_stack_lvl+0x100/0x190 [ 1478.179133][T30230] should_fail_ex.cold+0x5/0xa [ 1478.179156][T30230] should_failslab+0xc2/0x120 [ 1478.179178][T30230] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1478.179202][T30230] ? alloc_empty_file+0x5b/0x1c0 [ 1478.179231][T30230] alloc_empty_file+0x5b/0x1c0 [ 1478.179254][T30230] alloc_file_pseudo+0x13a/0x230 [ 1478.179277][T30230] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1478.179303][T30230] ? alloc_fd+0x476/0x790 [ 1478.179325][T30230] sock_alloc_file+0x50/0x210 [ 1478.179347][T30230] __sys_socket+0x1c0/0x260 [ 1478.179364][T30230] ? __pfx___sys_socket+0x10/0x10 [ 1478.179379][T30230] ? exit_to_user_mode_loop+0xe2/0x4f0 [ 1478.179401][T30230] __x64_sys_socket+0x72/0xb0 [ 1478.179414][T30230] ? lockdep_hardirqs_on+0x78/0x100 [ 1478.179438][T30230] do_syscall_64+0x10b/0xf80 [ 1478.179451][T30230] ? clear_bhb_loop+0x40/0x90 [ 1478.179470][T30230] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1478.179486][T30230] RIP: 0033:0x7f2a9bd9ce59 [ 1478.179500][T30230] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1478.179518][T30230] RSP: 002b:00007f2a9ccf1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 1478.179534][T30230] RAX: ffffffffffffffda RBX: 00007f2a9c015fa0 RCX: 00007f2a9bd9ce59 [ 1478.179544][T30230] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 000000000000001e [ 1478.179553][T30230] RBP: 00007f2a9be32d6f R08: 0000000000000000 R09: 0000000000000000 [ 1478.179562][T30230] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1478.179571][T30230] R13: 00007f2a9c016038 R14: 00007f2a9c015fa0 R15: 00007ffffa1ea358 [ 1478.179591][T30230] [ 1478.681762][ T1317] ieee802154 phy0 wpan0: encryption failed: -22 [ 1478.681810][ T1317] ieee802154 phy1 wpan1: encryption failed: -22 [ 1479.128225][T12412] Bluetooth: hci0: command 0x0c1a tx timeout [ 1479.921525][T12412] Bluetooth: hci2: command 0x0406 tx timeout [ 1479.927872][T28679] Bluetooth: hci1: command 0x040f tx timeout [ 1479.934303][T28679] Bluetooth: hci3: command 0x0c1a tx timeout [ 1480.123016][T30266] ima: policy update failed [ 1480.206911][ T29] audit: type=1802 audit(1843104519.211:66): pid=30266 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.6848" res=0 errno=0 [ 1483.218098][T30311] netlink: 342 bytes leftover after parsing attributes in process `syz.2.6859'. [ 1484.329661][T30328] netlink: 338 bytes leftover after parsing attributes in process `syz.2.6864'. [ 1484.368404][T30328] netlink: 338 bytes leftover after parsing attributes in process `syz.2.6864'. [ 1484.510520][T30322] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1484.542395][T30322] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1484.578893][T30322] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1484.605443][T30322] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1484.979563][T30358] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 1485.886160][T30261] Bluetooth: hci0: command 0x0c1a tx timeout [ 1486.082527][T30386] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1486.601944][T30261] Bluetooth: hci2: command 0x0406 tx timeout [ 1486.608490][T18734] Bluetooth: hci1: command 0x040f tx timeout [ 1486.615345][T28679] Bluetooth: hci3: command 0x0c1a tx timeout [ 1486.758812][T30402] random: crng reseeded on system resumption [ 1488.557583][T30423] futex_wake_op: syz.2.6886 tries to shift op by -2048; fix this program [ 1488.680843][T30427] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6886'. [ 1489.771884][T30437] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1491.250133][T30458] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(5) [ 1492.797160][T30488] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1493.893547][T30509] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6909'. [ 1494.946844][T18734] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 1496.541891][T30525] Process accounting resumed [ 1496.684841][T30538] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1496.801025][T30540] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1496.982856][T30538] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1497.023274][T30261] Bluetooth: hci3: command 0x0c1a tx timeout [ 1497.537011][T30261] Bluetooth: hci1: Received unexpected HCI Event 0x00 [ 1498.131467][T30556] binder: 30552:30556 ioctl 400c620e 0 returned -22 [ 1498.144946][T30561] blktrace: Concurrent blktraces are not allowed on sg0 [ 1499.090678][T30261] Bluetooth: hci3: command 0x0c1a tx timeout [ 1499.634924][T30571] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 1499.882160][T30579] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6927'. [ 1500.459203][T18734] Bluetooth: hci3: Received unexpected HCI Event 0x00 [ 1500.793761][T30588] can0: slcan on ttyS2. [ 1501.260288][T30594] can0 (unregistered): slcan off ttyS2. [ 1501.905890][T30600] sd 0:0:1:0: PR command failed: 1026 [ 1501.940811][T30600] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 1501.990470][T30600] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 1502.253358][T30616] binder: 30611:30616 ioctl 400c620e 0 returned -22 [ 1503.382319][T30616] Process accounting resumed [ 1503.788242][T18734] Bluetooth: hci0: unexpected event for opcode 0x7c89 [ 1505.221563][T30669] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6938'. [ 1505.723266][T30674] syz_tun: tun_chr_ioctl cmd 2147767521 [ 1506.160439][T30684] NFSD: Failed to start, no listeners configured. [ 1506.907594][T30700] futex_wake_op: syz.0.6957 tries to shift op by -2048; fix this program [ 1507.023540][T30702] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6949'. [ 1507.084828][T30702] ipvlan1: entered promiscuous mode [ 1507.161227][T30702] ipvlan1: entered allmulticast mode [ 1507.190259][T30702] veth0_vlan: entered allmulticast mode [ 1508.133963][T30719] sd 0:0:1:0: PR command failed: 1026 [ 1508.148720][T30719] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 1508.183275][T30719] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 1511.213620][T30780] sd 0:0:1:0: PR command failed: 1026 [ 1511.257202][T30780] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 1511.306586][T30780] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 1513.043018][T30818] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1513.053244][T30820] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6978'. [ 1513.309843][T30818] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1516.151269][T30863] usb usb37: usbfs: process 30863 (syz.3.6986) did not claim interface 0 before use [ 1516.207210][T30863] netlink: 16 bytes leftover after parsing attributes in process `syz.3.6986'. [ 1516.606675][T30867] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6988'. [ 1516.941995][T30872] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1518.170933][T30898] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1518.485113][T30898] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1519.003512][T30920] vivid-008: ================= START STATUS ================= [ 1519.117508][T30920] vivid-008: ================== END STATUS ================== [ 1520.393733][T30935] can: request_module (can-proto-0) failed. [ 1520.487014][T18734] Bluetooth: hci0: Received unexpected HCI Event 0x00 [ 1523.136167][T31006] netlink: 28 bytes leftover after parsing attributes in process `syz.0.7018'. [ 1523.257100][T18734] Bluetooth: hci1: Received unexpected HCI Event 0x00 [ 1524.983189][T31033] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1525.019045][T31035] futex_wake_op: syz.0.7025 tries to shift op by -2048; fix this program [ 1526.354625][T31050] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7028'. [ 1528.831541][T31060] Process accounting paused [ 1529.394040][T18734] Bluetooth: hci3: Received unexpected HCI Event 0x00 [ 1530.413311][T31106] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1531.318776][T31106] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1532.436511][T31134] sd 0:0:1:0: PR command failed: 1026 [ 1532.458346][T31134] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 1532.520055][T31134] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 1533.466755][T18734] Bluetooth: hci2: ISO packet for unknown connection handle 0 [ 1533.658565][T31145] Process accounting paused [ 1533.821708][T31160] netlink: 28 bytes leftover after parsing attributes in process `syz.1.7056'. [ 1533.921452][T31160] lo: entered promiscuous mode [ 1534.127537][T31168] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1535.028812][T31188] netlink: 16 bytes leftover after parsing attributes in process `syz.3.7062'. [ 1535.597528][T31189] NFSD: Failed to start, no listeners configured. [ 1536.427614][T31210] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7067'. [ 1536.485050][T31210] lo: entered promiscuous mode [ 1537.562220][T31224] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1539.109346][T31252] netlink: 28 bytes leftover after parsing attributes in process `syz.0.7077'. [ 1539.227424][T31252] lo: entered promiscuous mode [ 1539.376517][T31257] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1539.422725][ T1317] ieee802154 phy0 wpan0: encryption failed: -22 [ 1539.429625][ T1317] ieee802154 phy1 wpan1: encryption failed: -22 [ 1539.516489][T31255] sd 0:0:1:0: PR command failed: 1026 [ 1539.536820][T31255] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 1539.562531][T31255] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 1540.523910][ T29] audit: type=1800 audit(1843104529.801:67): pid=31278 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.7083" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 1540.684632][T31280] netlink: 16 bytes leftover after parsing attributes in process `syz.1.7084'. [ 1540.720381][T31257] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1542.933803][T31320] netlink: 16 bytes leftover after parsing attributes in process `syz.0.7095'. [ 1543.781865][T31333] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1544.052971][T31333] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1544.335085][T31343] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1544.565997][T31343] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1547.245019][T18734] Bluetooth: hci2: unexpected subevent 0x0c length: 118 > 5 [ 1549.425160][T18734] Bluetooth: hci1: ISO packet for unknown connection handle 0 [ 1549.640599][T31427] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7122'. [ 1549.975668][T31425] sd 0:0:1:0: PR command failed: 1026 [ 1550.087768][T31425] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 1550.206552][T31425] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 1550.701994][T31445] FAULT_INJECTION: forcing a failure. [ 1550.701994][T31445] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1550.886118][T31445] CPU: 0 UID: 0 PID: 31445 Comm: syz.2.7127 Tainted: G L syzkaller #0 PREEMPT(full) [ 1550.886147][T31445] Tainted: [L]=SOFTLOCKUP [ 1550.886152][T31445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1550.886162][T31445] Call Trace: [ 1550.886168][T31445] [ 1550.886175][T31445] dump_stack_lvl+0x100/0x190 [ 1550.886201][T31445] should_fail_ex.cold+0x5/0xa [ 1550.886222][T31445] _copy_from_iter+0x43a/0x1690 [ 1550.886246][T31445] ? __pfx__copy_from_iter+0x10/0x10 [ 1550.886261][T31445] ? trace_kmalloc+0xe3/0x110 [ 1550.886280][T31445] ? __kasan_kmalloc+0xaa/0xb0 [ 1550.886296][T31445] ? file_tty_write.isra.0+0x694/0x890 [ 1550.886321][T31445] ? rcu_is_watching+0x12/0xc0 [ 1550.886340][T31445] ? file_tty_write.isra.0+0x694/0x890 [ 1550.886362][T31445] ? kfree+0x1dd/0x6c0 [ 1550.886386][T31445] file_tty_write.isra.0+0x45b/0x890 [ 1550.886415][T31445] redirected_tty_write+0xd4/0x120 [ 1550.886439][T31445] do_iter_readv_writev+0x6ee/0x920 [ 1550.886458][T31445] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 1550.886477][T31445] ? bpf_lsm_file_permission+0x9/0x10 [ 1550.886494][T31445] ? security_file_permission+0x76/0x210 [ 1550.886520][T31445] ? rw_verify_area+0xce/0x6d0 [ 1550.886537][T31445] vfs_writev+0x360/0xe10 [ 1550.886559][T31445] ? __pfx_vfs_writev+0x10/0x10 [ 1550.886576][T31445] ? find_held_lock+0x2b/0x80 [ 1550.886596][T31445] ? ksys_write+0x190/0x250 [ 1550.886626][T31445] ? __fget_files+0x21f/0x3d0 [ 1550.886649][T31445] ? do_writev+0x13e/0x340 [ 1550.886664][T31445] do_writev+0x13e/0x340 [ 1550.886681][T31445] ? __pfx_do_writev+0x10/0x10 [ 1550.886698][T31445] ? rcu_is_watching+0x12/0xc0 [ 1550.886719][T31445] do_syscall_64+0x10b/0xf80 [ 1550.886734][T31445] ? clear_bhb_loop+0x40/0x90 [ 1550.886753][T31445] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1550.886769][T31445] RIP: 0033:0x7f3d9299ce59 [ 1550.886783][T31445] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1550.886798][T31445] RSP: 002b:00007f3d93802028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 1550.886814][T31445] RAX: ffffffffffffffda RBX: 00007f3d92c15fa0 RCX: 00007f3d9299ce59 [ 1550.886824][T31445] RDX: 0000000000000003 RSI: 00002000000003c0 RDI: 0000000000000003 [ 1550.886834][T31445] RBP: 00007f3d93802090 R08: 0000000000000000 R09: 0000000000000000 [ 1550.886843][T31445] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1550.886852][T31445] R13: 00007f3d92c16038 R14: 00007f3d92c15fa0 R15: 00007fff70310218 [ 1550.886872][T31445] [ 1552.677185][T31478] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1553.444844][ T29] audit: type=1800 audit(1843104523.384:68): pid=31494 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.7137" name=3C5B02 dev="tmpfs" ino=1685 res=0 errno=0 [ 1554.107357][T31505] bond0: invalid ARP target specified [ 1554.225378][T31506] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1554.327611][T31509] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7141'. [ 1554.842434][T18734] Bluetooth: hci1: ISO packet for unknown connection handle 0 [ 1554.850243][T31519] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7145'. [ 1554.961101][T31520] netlink: 5 bytes leftover after parsing attributes in process `syz.0.7145'. [ 1555.038716][T31520] netlink: 16 bytes leftover after parsing attributes in process `syz.0.7145'. [ 1555.172723][T31506] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1556.994270][T31568] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1557.337403][T31568] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1557.685204][T31577] sd 0:0:1:0: PR command failed: 1026 [ 1557.709421][T31577] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 1557.741004][T31577] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 1558.002042][T31583] netlink: 28 bytes leftover after parsing attributes in process `syz.0.7159'. [ 1558.772719][T31599] nfs: Unknown parameter '£m?¥ŒÁLH>®ï½¢^Ñe„°àko}* »' [ 1559.628493][T31579] Process accounting resumed [ 1559.878068][T31612] netlink: 28 bytes leftover after parsing attributes in process `syz.2.7166'. [ 1562.017684][T31653] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1562.134578][T18734] Bluetooth: hci2: ISO packet for unknown connection handle 0 [ 1563.270319][T31670] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1563.728123][T31670] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1563.938652][T31670] Process accounting resumed [ 1564.355359][T31690] netlink: 28 bytes leftover after parsing attributes in process `syz.1.7188'. [ 1564.568083][T31692] nfs: Unknown parameter '£m?¥ŒÁLH>®ï½¢^Ñe„°àko}* »' [ 1565.510520][T31709] EXT4-fs (sda1): Delayed block allocation failed for inode 2033 at logical offset 10 with max blocks 7 with error 117 [ 1565.607067][T31709] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1565.607067][T31709] [ 1566.017919][T31726] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1566.280338][T31726] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1566.563026][T31729] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1566.650612][T31732] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1566.820815][T31742] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1566.907418][T31743] netlink: 28 bytes leftover after parsing attributes in process `syz.0.7201'. [ 1567.239803][T18734] Bluetooth: hci0: ISO packet for unknown connection handle 0 [ 1567.656971][T31756] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1567.689546][T18734] Bluetooth: hci0: ISO packet for unknown connection handle 0 [ 1567.907574][T31759] ================================================================== [ 1567.907605][T31759] BUG: KASAN: vmalloc-out-of-bounds in sys_imageblit+0x19fb/0x1d60 [ 1567.907642][T31759] Write of size 8 at addr ffffc90004bd9ac0 by task syz.2.7206/31759 [ 1567.907658][T31759] [ 1567.907670][T31759] CPU: 0 UID: 0 PID: 31759 Comm: syz.2.7206 Tainted: G L syzkaller #0 PREEMPT(full) [ 1567.907694][T31759] Tainted: [L]=SOFTLOCKUP [ 1567.907700][T31759] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1567.907710][T31759] Call Trace: [ 1567.907716][T31759] [ 1567.907724][T31759] dump_stack_lvl+0x100/0x190 [ 1567.907743][T31759] print_report+0x13d/0x4b0 [ 1567.907774][T31759] ? _raw_spin_lock_irqsave+0x52/0x60 [ 1567.907802][T31759] ? sys_imageblit+0x19fb/0x1d60 [ 1567.907826][T31759] kasan_report+0xdf/0x1d0 [ 1567.907849][T31759] ? sys_imageblit+0x19fb/0x1d60 [ 1567.907873][T31759] sys_imageblit+0x19fb/0x1d60 [ 1567.907898][T31759] ? __pfx_sys_imageblit+0x10/0x10 [ 1567.907922][T31759] ? prb_read_valid+0x78/0xa0 [ 1567.907939][T31759] drm_fbdev_shmem_defio_imageblit+0x20/0x130 [ 1567.907965][T31759] soft_cursor+0x524/0xa10 [ 1567.907989][T31759] ? atomic_notifier_call_chain+0x80/0x1c0 [ 1567.908013][T31759] ? fb_get_color_depth+0x120/0x250 [ 1567.908031][T31759] bit_cursor+0xca1/0x1490 [ 1567.908052][T31759] ? __pfx_bit_cursor+0x10/0x10 [ 1567.908071][T31759] ? __lock_acquire+0x4a5/0x2630 [ 1567.908088][T31759] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1567.908110][T31759] ? get_color+0x1da/0x450 [ 1567.908126][T31759] ? __pfx_bit_cursor+0x10/0x10 [ 1567.908144][T31759] fbcon_cursor+0x43c/0x5e0 [ 1567.908161][T31759] ? add_softcursor+0x190/0x290 [ 1567.908182][T31759] set_cursor+0x1db/0x250 [ 1567.908202][T31759] con_write+0x89/0xb0 [ 1567.908216][T31759] n_tty_write+0x431/0x11c0 [ 1567.908237][T31759] ? __pfx_n_tty_write+0x10/0x10 [ 1567.908253][T31759] ? trace_kmalloc+0xe3/0x110 [ 1567.908271][T31759] ? __pfx_woken_wake_function+0x10/0x10 [ 1567.908290][T31759] ? rcu_is_watching+0x12/0xc0 [ 1567.908308][T31759] ? file_tty_write.isra.0+0x694/0x890 [ 1567.908330][T31759] ? kfree+0x1dd/0x6c0 [ 1567.908350][T31759] ? __pfx_n_tty_write+0x10/0x10 [ 1567.908367][T31759] file_tty_write.isra.0+0x4d2/0x890 [ 1567.908392][T31759] redirected_tty_write+0xd4/0x120 [ 1567.908415][T31759] do_iter_readv_writev+0x6ee/0x920 [ 1567.908433][T31759] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 1567.908450][T31759] ? bpf_lsm_file_permission+0x9/0x10 [ 1567.908466][T31759] ? security_file_permission+0x76/0x210 [ 1567.908485][T31759] ? rw_verify_area+0xce/0x6d0 [ 1567.908501][T31759] vfs_writev+0x360/0xe10 [ 1567.908518][T31759] ? __pfx_vfs_writev+0x10/0x10 [ 1567.908539][T31759] ? __fget_files+0x21f/0x3d0 [ 1567.908560][T31759] ? do_writev+0x13e/0x340 [ 1567.908575][T31759] do_writev+0x13e/0x340 [ 1567.908590][T31759] ? __pfx_do_writev+0x10/0x10 [ 1567.908606][T31759] ? rcu_is_watching+0x12/0xc0 [ 1567.908625][T31759] do_syscall_64+0x10b/0xf80 [ 1567.908640][T31759] ? clear_bhb_loop+0x40/0x90 [ 1567.908657][T31759] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1567.908673][T31759] RIP: 0033:0x7f3d9299ce59 [ 1567.908693][T31759] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1567.908710][T31759] RSP: 002b:00007f3d93802028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 1567.908728][T31759] RAX: ffffffffffffffda RBX: 00007f3d92c15fa0 RCX: 00007f3d9299ce59 [ 1567.908740][T31759] RDX: 0000000000000003 RSI: 00002000000003c0 RDI: 0000000000000003 [ 1567.908752][T31759] RBP: 00007f3d92a32d6f R08: 0000000000000000 R09: 0000000000000000 [ 1567.908768][T31759] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1567.908778][T31759] R13: 00007f3d92c16038 R14: 00007f3d92c15fa0 R15: 00007fff70310218 [ 1567.908795][T31759] [ 1567.908801][T31759] [ 1567.908807][T31759] The buggy address belongs to a vmalloc virtual mapping [ 1567.908828][T31759] Memory state around the buggy address: [ 1567.908839][T31759] ffffc90004bd9980: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 1567.908854][T31759] ffffc90004bd9a00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 1567.908867][T31759] >ffffc90004bd9a80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 1567.908876][T31759] ^ [ 1567.908885][T31759] ffffc90004bd9b00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 1567.908898][T31759] ffffc90004bd9b80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 1567.908908][T31759] ================================================================== [ 1567.922051][T31759] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 1567.922074][T31759] CPU: 0 UID: 0 PID: 31759 Comm: syz.2.7206 Tainted: G L syzkaller #0 PREEMPT(full) [ 1567.922100][T31759] Tainted: [L]=SOFTLOCKUP [ 1567.922107][T31759] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1567.922119][T31759] Call Trace: [ 1567.922125][T31759] [ 1567.922133][T31759] dump_stack_lvl+0x100/0x190 [ 1567.922160][T31759] vpanic+0x552/0x970 [ 1567.922177][T31759] ? __pfx_vpanic+0x10/0x10 [ 1567.922193][T31759] ? mark_held_locks+0x40/0x70 [ 1567.922210][T31759] ? sys_imageblit+0x19fb/0x1d60 [ 1567.922233][T31759] panic+0xd1/0xe0 [ 1567.922247][T31759] ? __pfx_panic+0x10/0x10 [ 1567.922261][T31759] ? sys_imageblit+0x19fb/0x1d60 [ 1567.922283][T31759] ? preempt_schedule_common+0x42/0xc0 [ 1567.922308][T31759] check_panic_on_warn.cold+0x19/0x34 [ 1567.922324][T31759] end_report.part.0+0x3a/0x90 [ 1567.922346][T31759] kasan_report.cold+0xe/0x18 [ 1567.922369][T31759] ? sys_imageblit+0x19fb/0x1d60 [ 1567.922396][T31759] sys_imageblit+0x19fb/0x1d60 [ 1567.922423][T31759] ? __pfx_sys_imageblit+0x10/0x10 [ 1567.922446][T31759] ? prb_read_valid+0x78/0xa0 [ 1567.922466][T31759] drm_fbdev_shmem_defio_imageblit+0x20/0x130 [ 1567.922488][T31759] soft_cursor+0x524/0xa10 [ 1567.922511][T31759] ? atomic_notifier_call_chain+0x80/0x1c0 [ 1567.922539][T31759] ? fb_get_color_depth+0x120/0x250 [ 1567.922558][T31759] bit_cursor+0xca1/0x1490 [ 1567.922580][T31759] ? __pfx_bit_cursor+0x10/0x10 [ 1567.922599][T31759] ? __lock_acquire+0x4a5/0x2630 [ 1567.922615][T31759] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1567.922637][T31759] ? get_color+0x1da/0x450 [ 1567.922653][T31759] ? __pfx_bit_cursor+0x10/0x10 [ 1567.922672][T31759] fbcon_cursor+0x43c/0x5e0 [ 1567.922688][T31759] ? add_softcursor+0x190/0x290 [ 1567.922710][T31759] set_cursor+0x1db/0x250 [ 1567.922731][T31759] con_write+0x89/0xb0 [ 1567.922744][T31759] n_tty_write+0x431/0x11c0 [ 1567.922775][T31759] ? __pfx_n_tty_write+0x10/0x10 [ 1567.922795][T31759] ? trace_kmalloc+0xe3/0x110 [ 1567.922816][T31759] ? __pfx_woken_wake_function+0x10/0x10 [ 1567.922838][T31759] ? rcu_is_watching+0x12/0xc0 [ 1567.922856][T31759] ? file_tty_write.isra.0+0x694/0x890 [ 1567.922879][T31759] ? kfree+0x1dd/0x6c0 [ 1567.922899][T31759] ? __pfx_n_tty_write+0x10/0x10 [ 1567.922916][T31759] file_tty_write.isra.0+0x4d2/0x890 [ 1567.922941][T31759] redirected_tty_write+0xd4/0x120 [ 1567.922965][T31759] do_iter_readv_writev+0x6ee/0x920 [ 1567.922987][T31759] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 1567.923005][T31759] ? bpf_lsm_file_permission+0x9/0x10 [ 1567.923024][T31759] ? security_file_permission+0x76/0x210 [ 1567.923046][T31759] ? rw_verify_area+0xce/0x6d0 [ 1567.923063][T31759] vfs_writev+0x360/0xe10 [ 1567.923083][T31759] ? __pfx_vfs_writev+0x10/0x10 [ 1567.923105][T31759] ? __fget_files+0x21f/0x3d0 [ 1567.923125][T31759] ? do_writev+0x13e/0x340 [ 1567.923140][T31759] do_writev+0x13e/0x340 [ 1567.923156][T31759] ? __pfx_do_writev+0x10/0x10 [ 1567.923173][T31759] ? rcu_is_watching+0x12/0xc0 [ 1567.923191][T31759] do_syscall_64+0x10b/0xf80 [ 1567.923206][T31759] ? clear_bhb_loop+0x40/0x90 [ 1567.923223][T31759] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1567.923239][T31759] RIP: 0033:0x7f3d9299ce59 [ 1567.923255][T31759] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1567.923271][T31759] RSP: 002b:00007f3d93802028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 1567.923288][T31759] RAX: ffffffffffffffda RBX: 00007f3d92c15fa0 RCX: 00007f3d9299ce59 [ 1567.923300][T31759] RDX: 0000000000000003 RSI: 00002000000003c0 RDI: 0000000000000003 [ 1567.923311][T31759] RBP: 00007f3d92a32d6f R08: 0000000000000000 R09: 0000000000000000 [ 1567.923322][T31759] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1567.923333][T31759] R13: 00007f3d92c16038 R14: 00007f3d92c15fa0 R15: 00007fff70310218 [ 1567.923349][T31759] [ 1567.923409][T31759] Kernel Offset: disabled