last executing test programs:

31.863694778s ago: executing program 3 (id=4832):
r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
unshare$auto(0x40000080)
ioctl$auto_RNDADDENTROPY2(0xffffffffffffffff, 0x40085203, &(0x7f0000000440)=[0xfff, 0xedc0])
sendmmsg$auto(0x3, 0x0, 0x787b, 0x7000000)
r1 = openat$auto_ftrace_event_format_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/debug/tracing/events/vmalloc/purge_vmap_area_lazy/format\x00', 0x40, 0x0)
pread64$auto(r1, 0x0, 0x3, 0xfdd)
mmap$auto(0x9, 0x5, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000)
mmap$auto(0x2000, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff)
setsockopt$auto(0xffffffffffffffff, 0x0, 0x27, 0x0, 0xc)
socket(0x2a, 0x2, 0x1)
sendfile$auto(r1, 0xffffffffffffffff, 0x0, 0x5)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x100)
socket(0x840000000002, 0x3, 0xff)
connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x0, @local}, 0x55)
sendmsg$auto_NFSD_CMD_LISTENER_SET(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x264}, 0x1, 0x0, 0x0, 0xeda47ee5ad433e65}, 0x20000014)
io_setup$auto(0xffff, &(0x7f0000000580))
io_setup$auto(0xa, 0x0)
bpf$auto_BPF_TOKEN_CREATE(0x24, &(0x7f0000000100)=@test={r0, 0x7, 0x9d8b, 0xc, 0x6, 0x3, 0x100, 0x24000000, 0x9, 0xfffff40e, 0xffffffffffe00000, 0xffffffffffffffff, 0xb7d7, 0x1000, 0x80}, 0x0)
mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000)
r3 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/maps\x00', 0x40302, 0x0)
ioctl$auto_PROCMAP_QUERY(r3, 0xc0686611, &(0x7f0000000080)={0x68, 0x34, 0x7fff, 0x5, 0x80000000009, 0x1, 0x9, 0x5, 0x5, 0x7f93, 0xfffffffe, 0x7ffffffd, 0x7ff, 0x7, 0x9})

30.997660849s ago: executing program 3 (id=4835):
r0 = openat$auto_ftrace_formats_fops_trace_printk(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/printk_formats\x00', 0x109000, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
msgctl$auto_IPC_INFO(0x9, 0x3, &(0x7f0000000080)={{0xa, <r1=>0xffffffffffffffff, <r2=>0xee01, 0xfffff939, 0x5, 0x3, 0x200}, &(0x7f0000000000)=0x3, &(0x7f0000000040)=0x10, 0x3, 0x7, 0x3, 0x4, 0x0, 0x7, 0x6aa, 0x6b04})
statx$auto(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x7fff, 0xc, &(0x7f0000000140)={0x8, 0x7, 0xfffffffffffffffc, 0x4, r1, r2, 0x80, 0x8, 0x0, 0x0, 0xb910, 0x559a0cef, {0x80, 0x80000001}, {0x1, 0xfff}, {0x1, 0xffffffff}, {0x5, 0xd0d}, 0x4, 0x5, 0x4, 0x2, 0xfff, 0xfa, 0x40, 0x1000, 0x7, 0x7fff, 0x2f3f, 0x3, [0x5, 0x9800000000000000, 0x2, 0x5490, 0x0, 0xd, 0x100000001, 0xb, 0x1]})
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x1eba02, 0x0)
r3 = socket(0x23, 0x5, 0x0)
sendfile$auto(r3, 0x3, 0x0, 0x400000000006)
pread64$auto(r0, &(0x7f0000000240)='\\{:%^($(\x02]/)[.)&\x00', 0x9, 0x4)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/if_inet6\x00', 0x0, 0x0)
preadv$auto(0x3, &(0x7f00000004c0)={0x0, 0x8000000}, 0x3, 0x10000, 0xc)
socket(0x2b, 0x1, 0x0)
setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/net/bond0/bonding/ad_actor_key\x00', 0x40000, 0x0)
getsockopt$auto_SO_MEMINFO(r3, 0x1, 0x37, &(0x7f0000000280)='\x00', &(0x7f00000002c0)=0x9)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$auto_BATADV_CMD_GET_ROUTING_ALGOS(r5, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000300)={0x14, r6, 0x701, 0x70bd29, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x800)
read$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000000040)=""/44, 0xffffffffffffffe1)
fcntl$auto_F_GETPIPE_SZ(r5, 0x408, 0xa)
listen$auto(0x3, 0x81)

30.676937358s ago: executing program 3 (id=4837):
mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xffffffffffffffff, 0x8000)
move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101c40, 0x0)
r1 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000200)='/dev/video50\x00', 0x80100, 0x0)
ioctl$auto(r0, 0x560a, r1)
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, 0x0, 0x48084)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
r2 = getpid()
process_vm_readv$auto(r2, &(0x7f0000000000)={0x0, 0x20000001002}, 0x1, 0x0, 0x4, 0x0)
fcntl$auto_F_SETOWN(r0, 0x8, r2)
connect$auto(0x3, 0x0, 0x54)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0x8, 0x8000)
r3 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/usb/usbmon/9t\x00', 0x0, 0x0)
r4 = syz_genetlink_get_family_id$auto_ncsi(&(0x7f0000000100), r1)
ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
preadv$auto(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f00000003c0)="9d4585b1d5a7f82f9ddd3a27733c5f3367375e9d15ba619e5da3b7495ef19e22635f62afef90ec1851cfcc1d03b90a142209297c970c485c17395d93b63b3f8b08088b970702c457", 0x7}, 0x2, 0x4, 0x1)
sendmsg$auto_NCSI_CMD_SET_CHANNEL_MASK(r1, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, r4, 0x100, 0x70bd26, 0x25dfdbfb, {}, [@NCSI_ATTR_CHANNEL_ID={0x8, 0x4, 0xfffffeff}, @NCSI_ATTR_PACKAGE_ID={0x8, 0x3, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x20010882}, 0x40001)
r5 = syz_genetlink_get_family_id$auto_nlbl_calipso(&(0x7f0000000280), r1)
sendmsg$auto_NLBL_CALIPSO_C_REMOVE(r1, &(0x7f0000000380)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)={0x54, r5, 0x8, 0x6, 0x25dfdbfc, {}, [@NLBL_CALIPSO_A_MTYPE={0x8, 0x2, 0x81}, @NLBL_CALIPSO_A_MTYPE={0x8, 0x2, 0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8, 0x2, 0x6}, @NLBL_CALIPSO_A_MTYPE={0x8, 0x2, 0x6}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x2}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x7fffffff}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x5}]}, 0x54}, 0x1, 0x0, 0x0, 0x24010080}, 0x8000)
pread64$auto(r3, 0x0, 0x101, 0x103)
unshare$auto(0x40000080)
clock_nanosleep$auto(0x2, 0x6, &(0x7f0000000840)={0x0, 0xc025}, 0x0)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, 0x0, 0x400c800)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)

29.043588251s ago: executing program 3 (id=4842):
socket(0x2, 0x1, 0x106)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = io_uring_setup$auto(0x6, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r2 = socket(0xa, 0x5, 0x84)
getsockopt$auto(r2, 0x84, 0x7b, 0x0, 0x0)
r3 = prctl$auto(0x3e, 0x1, 0x0, 0x5, 0x0)
setsockopt$auto_SO_RCVPRIORITY(r3, 0x0, 0x52, 0x0, 0x80000000)
write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
setresuid$auto(0xee01, 0x1000, 0x607)
r4 = pidfd_open$auto(0x1, 0x0)
setns(r4, 0x20000)
openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000380), 0x20000, 0x0)
socket(0x28, 0x5, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x8000000000001fd, 0x20000000007, 0x4, 0x1000000000000bc3, 0x800, 0x3, 0xff, 0x10001, 0x400000000003, 0x3, 0xfffffffffffffffc, 0xfffffffffffffffe, 0x80000000, 0x9, 0xffffdfffffffff81, 0x4]}, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
r5 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000300), 0xffffffffffffffff)
r6 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/bus/usb/008/001\x00', 0x4a901, 0x0)
ioctl$auto_USBDEVFS_RELEASEINTERFACE(r6, 0x80045510, 0x0)
getsockopt$auto_SO_OOBINLINE(r6, 0x401, 0xa, &(0x7f0000000000)='/dev/uinput\x00', &(0x7f0000000080)=0x1f)
unshare$auto(0x8100000)
sendmsg$auto_HWSIM_CMD_GET_RADIO(r0, &(0x7f0000000680)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="dcb02dbd5c48fd383a9e06dda83f99"], 0x1c}, 0x1, 0x0, 0x0, 0x20004094}, 0x44001)
sendmsg$auto_MACSEC_CMD_ADD_RXSA(0xffffffffffffffff, &(0x7f0000000e80)={0x0, 0x0, &(0x7f0000000e40)={&(0x7f0000000640)={0x14, r5, 0x1, 0x70bd27, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x4884}, 0x4008884)
shmctl$auto_IPC_STAT(0x4, 0x2, &(0x7f00000005c0)={{0x9, 0xffffffffffffffff, <r7=>0x0, 0x4, 0x8000000, 0x79c, 0xf8}, 0xc1, 0x6, 0x7, 0x4, @inferred, @inferred, 0xf, 0x0, &(0x7f0000000440)="b3c214364a17b501d36052cf2d4d5c72b4085dee340b0260601bbbb7acb5842d96aca7e413000d24c214652df73f16f2ee7e0cf46093bcb473b024e6af439d26e98c1bfd70ff8763062ffc626733e6607886", &(0x7f00000004c0)="055caa0e1f406d2ea872be843d7be52b6d020f8a9008a4217980cc9e805b7a3c30da546edce47fa37be04266766ac34ee5cc3b6a1bbab8f499d414bb72a3eb69d26eddcf91a13332e9eb80542dad957215de6be40a0b34e8b6d1098e7d89cbe1a2271b531f4ba2be0b15d33f917c3798a6086c37f7215648547226cac580ede14a459e2f40f9de2b170e4e780ad7aea3d872d8d0b9fc51f1c3f9a64ee4a95c3ca90e614f0fa2d86bac30e76216be6c6f77e182f409c49aa14f87b526a047cd1ba50e31bff48c46d371c066530fbb085870a4b756c47ecfee387abc507ca34f4ca31e9fff7d49299db04606842684df2c35"})
shmctl$auto_IPC_RMID(0x8, 0x0, &(0x7f0000000200)={{0x4004, 0xee00, r7, 0xffffffff, 0x7, 0x400, 0x6}, 0x4, 0xffffffffffff949e, 0x8000000000000001, 0x5dfa, @inferred, @raw=0x7, 0x60, 0x0, &(0x7f0000000280)="082b64500286e882aa30e09f8812665e2a02e3b5605672e174c16fbc5ce3f1e31b02c016b83607d5d76d741e18fc5df9fb", &(0x7f0000000100)="398d5590eda0e1b4572e43d232e473b9d4de615d4b51f0240cea4b7e5cdd5a6b9c6c57424b71f3c8ba87d55932494ec01f75cd71f5a6ac48a2e0697667f5cd92b87f98e79b9bb0357edabaea025f3094ba1008834fa207ef97115d52cdd4afc0b8e0d87a0bc7d9386a5bb0eda40eb72437f0fda5f21ff0a39e58452129e21c6a100de765801ab9dc73a17a7bf3c0c0cbc0dfdfe56a36e51fff0d9e2ff1b6778b41b3733b57a900d4219d0dde47717df4969f3a1d8a65236963486e8f836a53f80ccc36c65927ee6ac60cc42fb0ac38f60855924774fe3e10e098bb168d1ea1365fe2b1bf97d12498c6f349829a00eb38bb"})
connect$auto(0x3, &(0x7f00000018c0)=@in={0x2, 0x300, @loopback=0xac14140a}, 0x55)

27.556231738s ago: executing program 3 (id=4848):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000740), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', <r2=>0x0})
sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000002c0)={0x30, r1, 0x1, 0x74bd2a, 0x25dfdbfc, {}, [@ETHTOOL_A_COALESCE_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}, @ETHTOOL_A_COALESCE_RX_USECS_HIGH={0x8, 0x13, 0xffff}, @ETHTOOL_A_COALESCE_TX_MAX_FRAMES_IRQ={0x8, 0x9, 0x200}]}, 0x30}, 0x1, 0x0, 0x0, 0x48c1}, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0)
r3 = socket(0x2, 0x1, 0x106)
bind$auto(r3, &(0x7f0000000040)=@in={0x2, 0x3, @broadcast}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ram5\x00', 0x14fa02, 0x0)
mmap$auto(0x0, 0x30009, 0x4000000000df, 0x4000eb1, 0x401, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
r5 = memfd_create$auto(0x0, 0xe)
fcntl$auto(0xff80000000000000, 0x409, 0x13)
fallocate$auto(r5, 0x3, 0x2, 0x4)
sendfile$auto(0x3, r4, 0x0, 0x400000000006)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
sysfs$auto(0x2, 0x3c, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r6 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r6, 0xc1105517, &(0x7f0000000580)={{@raw=0x7fffffff, 0xf0ee, 0x20009, 0x3, "790eaa00ffff8eac2cdafc1f64010043eeb0b053030001ffff000e000000000100", @raw=0x3}, 0x4, 0x966, 0x3, @raw=0x404, @integer={0x800000000000400e, 0x2000000b752, 0x1}, "6cc1294d63a4f1b4285854c5368de438f8cc142ef6df12bf3373a1183bedbd31b642b4051b078fa1c1c61c329794e5311121c760cb9611c78e6947a99807bcc1"})
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
msync$auto(0x200000, 0x2000000005, 0x6)
r7 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x183800, 0x0)
ioctl$auto(r7, 0x4008556c, 0x81)
prctl$auto_PR_MCE_KILL(0x21, 0x3, 0x100000000007, 0xfffffffffffffbff, 0x3)

11.589452955s ago: executing program 2 (id=4893):
r0 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x20881, 0x0)
ioctl$auto_EVIOCGRAB(r0, 0x40044590, 0x0)
close_range$auto(0x2, 0x8, 0x0)

11.243761118s ago: executing program 2 (id=4894):
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x90}, 0x20000081)
lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x802, 0x9, 0x63, <r0=>0x0, <r1=>0x0, 0x0, 0x7, 0x7ff, 0x800000000100002, 0x0, 0x2, 0xc, 0x40, 0x1c, 0x20000000009, 0xb})
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/nbd15/make-it-fail\x00', 0x28201, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000000)="b2", 0x1)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x100)
lstat$auto(&(0x7f0000000040)='./file0\x00', &(0x7f0000000300)={0x2, 0xfffffffffffff001, 0xff, 0x6, <r3=>0xffffffffffffffff, r1, 0x0, 0x7, 0xb, 0x0, 0x380000, 0x9, 0x2, 0xffffffffffffffff, 0x9, 0x5, 0x6})
setresuid$auto(r3, r0, r0)
r4 = socket(0x10, 0x2, 0x0)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000280)=ANY=[@ANYRESOCT=r4, @ANYRES16=0x0, @ANYBLOB="24051c27c100dedbdf250307cc0008000200", @ANYRES32=0x0, @ANYRESDEC=r4], 0x6c}}, 0x4008010)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004)
openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x7600c9d1953e0194, 0x0)
r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0x8f00, 0x0)
ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r6 = socket(0xa, 0x1, 0x84)
bind$auto(r6, &(0x7f0000000100)=@in={0x2, 0x3, @remote}, 0x69)
socket(0x2, 0x5, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x3d}}, 0x6a)
pipe2$auto(0x0, 0x80)
setsockopt$auto(0x3, 0x1, 0xf, 0x0, 0x8)
listen$auto(0x3, 0x83)
r7 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r7, 0xae01, 0x0)
r8 = openat$auto_lsm_ops_inode(0xffffffffffffff9c, &(0x7f0000000000), 0x183800, 0x0)
read$auto_lsm_ops_inode(r8, 0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x1, 0x6, 0x3, 0xfffffffffffffff0, 0x2, 0x8000)

10.788965949s ago: executing program 2 (id=4895):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r1 = socket(0x10, 0x2, 0x0)
sendmsg$auto_ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x2000000}, 0x4)
sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000)
recvmmsg$auto(r1, &(0x7f0000000140)={{0x0, 0xfffffffe, 0x0, 0x5, 0x0, 0x200002, 0x8}, 0x801}, 0xfffffff9, 0x10, 0x0)
mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000)
r2 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000002340)='/dev/binderfs/binder1\x00', 0x0, 0x0)
r3 = dup$auto(r2)
r4 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2000, 0x0)
ioctl$auto(r4, 0x81004522, r3)
r5 = socket(0xa, 0x1, 0x84)
getsockopt$auto(r5, 0x0, 0x53, 0x0, 0x0)
r6 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f00000009c0), 0xffffffffffffffff)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x3, 0x0)
ppoll$auto(&(0x7f0000000000)={r0, 0x3ef0, 0x9}, 0x0, &(0x7f0000000040)={0x3, 0x4}, &(0x7f0000000080)={0x7}, 0x8)
sendmsg$auto_IPVS_CMD_SET_SERVICE(r0, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000002a80)={&(0x7f00000001c0)={0x18, r6, 0x1, 0x70bd28, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_SERVICE={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4050}, 0x4000000)

9.273419968s ago: executing program 2 (id=4899):
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x141001, 0x0)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/input/event0\x00', 0x2, 0x0)
io_uring_setup$auto(0x59, 0x0)
r0 = openat$auto_ptdump_curusr_fops_(0xffffffffffffff9c, &(0x7f0000001280), 0x100, 0x0)
read$auto_ptdump_curusr_fops_(r0, &(0x7f00000012c0)=""/4096, 0x1000)
r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000780)='/proc/self/net/rpc/auth.rpcsec.init/channel\x00', 0x441, 0x0)
write$auto(r1, &(0x7f0000000000)='\\@-,@n', 0x60)
r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/card0/pcm0p/info\x00', 0x1b04, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r2, &(0x7f00000000c0)=""/10, 0xa)
ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x2475c05b)
r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0)
write$auto(r3, 0x0, 0x2)
mmap$auto(0xfffffffffffffffd, 0x3, 0x7, 0x11, 0xdd, 0x0)
io_uring_setup$auto(0x386, &(0x7f0000000000)={0x5, 0x1, 0x4c, 0x0, 0x1, 0x8, 0xffffffffffffffff, [0xfffffffa, 0x8, 0xa], {0x8, 0x8, 0x3fc000, 0x4, 0x751, 0x3, 0x3b, 0xec5, 0xffff}, {0xd5, 0x80000000, 0x1bee, 0x5d, 0x400, 0x9, 0x7, 0x8000, 0x7f}})
r4 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sysfs$auto(0x2, 0x0, 0x0)
r5 = fsopen$auto(0x0, 0x1)
fsconfig$auto(r5, 0x8, 0x0, 0x0, 0x0)
r6 = fsopen$auto(0x0, 0x1)
fsconfig$auto(r6, 0x6, 0x0, 0x0, 0x0)
write$auto_console_fops_tty_io(r4, &(0x7f0000000000)="c80d1b5d399b39", 0xfdef)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1f, 0x5, 0x3)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)

9.15035313s ago: executing program 0 (id=4900):
r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000001a80)='/dev/bus/usb/001/001\x00', 0x29202, 0x0)
mmap$auto(0x2000, 0x80009, 0xb, 0x8000000008011, r0, 0x1)
r1 = openat$auto_drm_edid_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/dri/vkms/Virtual-1/edid_override\x00', 0x3c9083, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptyy9\x00', 0x14001, 0x0)
r2 = socket(0x1d, 0x2, 0x2)
socket(0xa, 0x801, 0x84)
setsockopt$auto(0x3, 0x84, 0x17, 0x0, 0x70ed581b)
prctl$auto(0x23, 0x6, 0x2008, 0x7e, 0x200)
syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000040), r2)
r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x14f602, 0x0)
mmap$auto(0x0, 0x810004, 0xffc, 0x331, r3, 0x8000)
r4 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x40, 0x0)
openat$auto_set_tracer_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/current_tracer\x00', 0x0, 0x0)
preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5)
ioctl$auto_IOCTL_VMCI_GET_CONTEXT_ID(r4, 0x7b3, 0x0)
write$auto(r1, 0x0, 0x200002d00)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x204880, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x62b82, 0x0)
r6 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, 0x0, 0x123040, 0x0)
ioctl$auto(r6, 0x80004532, r6)
r7 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000180), 0x80000, 0x0)
ioctl$auto_RTC_SET_TIME(r7, 0x4024700a, &(0x7f00000001c0)={0x7, 0x7, 0x14, 0x8, 0x6, 0x63, 0xf, 0x81, 0x103})
r8 = ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0xc01)
ioctl$auto_KVM_GET_MSRS(r8, 0x4008ae90, 0x0)
read$auto(0x3, 0x0, 0x80)
socket$nl_generic(0x10, 0x3, 0x10)

8.026259481s ago: executing program 0 (id=4902):
close_range$auto(0x0, 0xfffffffffffff001, 0x2)
r0 = socket(0xa, 0x2, 0x0)
mmap$auto(0x0, 0x420009, 0xe2, 0xeb1, 0x401, 0x8000)
socket(0x10, 0x2, 0xc)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0xa, 0x0)
socket(0xa, 0x2, 0x0)
socket(0x18, 0x3, 0x0)
accept$auto(0x3, 0x0, 0x0)
close_range$auto(0x2, 0x8000, 0x0)
socket(0x18, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000100), 0x240202, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r0)
ioctl$auto_KVM_CREATE_VM(r1, 0x4048aecb, 0x0)

7.532427581s ago: executing program 0 (id=4903):
r0 = socket(0xa, 0x801, 0x84)
r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000000c0), r0)
sendmsg$auto_ETHTOOL_MSG_RINGS_SET(r0, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x2c, r1, 0x400, 0x70bd29, 0x25dfdbfb, {}, [@ETHTOOL_A_RINGS_TCP_DATA_SPLIT={0x5, 0xb, 0x1b}, @ETHTOOL_A_RINGS_RX_JUMBO={0x8, 0x8, 0x3}, @ETHTOOL_A_RINGS_TX_PUSH_BUF_LEN={0x8, 0xf, 0x6}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4004004}, 0x8015)
connect$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x7, @multicast1}, 0x55)
r2 = openat$auto_ftrace_system_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/events/vmalloc/enable\x00', 0x400, 0x0)
ftruncate$auto(r2, 0x3ff)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
bind$auto(r0, &(0x7f0000000000)=@rc={0x1f, @none, 0x90}, 0x800)
setsockopt$auto(0x3, 0x10000000084, 0x1e, 0x0, 0x8)
syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), r0)

7.214440732s ago: executing program 0 (id=4904):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x38, 0xffffffffffffffff, 0x8000)
close_range$auto(0x0, 0x5, 0x0)
pipe$auto(0x0)
sysfs$auto(0x2, 0x10000000000002c, 0x0)
r0 = fsopen$auto(0x0, 0x1)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x149942, 0x0)
ioctl$auto_TIOCVHANGUP2(r1, 0x5437, 0x0)
write$auto_uhid_fops_uhid(r0, 0x0, 0x0)
io_uring_setup$auto(0x386, &(0x7f0000000000)={0x5, 0x1, 0x4c, 0x0, 0x1, 0x8, 0xffffffffffffffff, [0x10001, 0x8, 0xa], {0x8, 0x8, 0x3fc000, 0x4, 0xffffff7a, 0x3, 0x9, 0xec5, 0xffff}, {0xd5, 0x80000000, 0x1bee, 0x5d, 0x400, 0x9, 0x7, 0x8000, 0x7f}})
r2 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
write$auto_console_fops_tty_io(r2, &(0x7f0000000000)="c80d1b5d399b39", 0xfdef)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x1, 0x100)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
socket(0x11, 0xa, 0x300)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0xa)
setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu/memory.force_empty\x00', 0xa001, 0x0)
write$auto(r3, &(0x7f0000000000)='3\xc7\xff\xff\xff\xdd\x00\b(Ks\x0f\x87|P\x11\xd1li0\x89\x85\x90QM\xd6wfF\xf1x\xb3;c\tP\x03\x84\x97\x99\x83\x97\x81:\xf3\xa3o5\xc5\x86\xed\xa4\x18]\xa3\xc9\x0f\xff\xdak\xb0m\xe1U\xb3\xa2\xee\xdcTJQO\x98\xc8w\x8c\xe7\x00\x00\x00\x1dj\x1e\xebQT\xdd\x9b\x00'/101, 0x9)
r4 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000010c0)='/proc/thread-self/net/stat/rt_cache\x00', 0x0, 0x0)
read$auto_proc_iter_file_ops_compat_inode(r4, &(0x7f00000002c0)=""/266, 0x10a)
mmap$auto(0x5, 0x2020009, 0xb, 0x9000000eb1, 0xfffffffffffffffa, 0x8000)

6.250203657s ago: executing program 1 (id=4905):
r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
unshare$auto(0x40000080)
ioctl$auto_RNDADDENTROPY2(0xffffffffffffffff, 0x40085203, &(0x7f0000000440)=[0xfff, 0xedc0])
sendmmsg$auto(0x3, 0x0, 0x787b, 0x7000000)
r1 = openat$auto_ftrace_event_format_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/debug/tracing/events/vmalloc/purge_vmap_area_lazy/format\x00', 0x40, 0x0)
pread64$auto(r1, 0x0, 0x3, 0xfdd)
mmap$auto(0x2000, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mlockall$auto(0x800000000000005)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff)
setsockopt$auto(0xffffffffffffffff, 0x0, 0x27, 0x0, 0xc)
socket(0x2a, 0x2, 0x1)
sendfile$auto(r1, 0xffffffffffffffff, 0x0, 0x5)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x100)
socket(0x840000000002, 0x3, 0xff)
connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x0, @local}, 0x55)
sendmsg$auto_NFSD_CMD_LISTENER_SET(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x264}, 0x1, 0x0, 0x0, 0xeda47ee5ad433e65}, 0x20000014)
io_setup$auto(0xffff, &(0x7f0000000580))
io_setup$auto(0xa, 0x0)
bpf$auto_BPF_TOKEN_CREATE(0x24, &(0x7f0000000100)=@test={r0, 0x7, 0x9d8b, 0xc, 0x6, 0x3, 0x100, 0x24000000, 0x9, 0xfffff40e, 0xffffffffffe00000, 0xffffffffffffffff, 0xb7d7, 0x1000, 0x80}, 0x0)
mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000)
r3 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/maps\x00', 0x40302, 0x0)
ioctl$auto_PROCMAP_QUERY(r3, 0xc0686611, &(0x7f0000000080)={0x68, 0x34, 0x7fff, 0x5, 0x80000000009, 0x1, 0x9, 0x5, 0x5, 0x7f93, 0xfffffffe, 0x7ffffffd, 0x7ff, 0x7, 0x9})

5.76787982s ago: executing program 0 (id=4906):
r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
unshare$auto(0x40000080)
ioctl$auto_RNDADDENTROPY2(0xffffffffffffffff, 0x40085203, &(0x7f0000000440)=[0xfff, 0xedc0])
sendmmsg$auto(0x3, 0x0, 0x787b, 0x7000000)
pread64$auto(0xffffffffffffffff, 0x0, 0x3, 0xfdd)
mmap$auto(0x9, 0x5, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000)
mmap$auto(0x2000, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mlockall$auto(0x800000000000005)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff)
setsockopt$auto(0xffffffffffffffff, 0x0, 0x27, 0x0, 0xc)
socket(0x2a, 0x2, 0x1)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x5)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x100)
socket(0x840000000002, 0x3, 0xff)
connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x0, @local}, 0x55)
sendmsg$auto_NFSD_CMD_LISTENER_SET(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x264}, 0x1, 0x0, 0x0, 0xeda47ee5ad433e65}, 0x20000014)
io_setup$auto(0xffff, &(0x7f0000000580))
io_setup$auto(0xa, 0x0)
bpf$auto_BPF_TOKEN_CREATE(0x24, &(0x7f0000000100)=@test={r0, 0x7, 0x9d8b, 0xc, 0x6, 0x3, 0x100, 0x24000000, 0x9, 0xfffff40e, 0xffffffffffe00000, 0xffffffffffffffff, 0xb7d7, 0x1000, 0x80}, 0x0)
mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000)
r2 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/maps\x00', 0x40302, 0x0)
ioctl$auto_PROCMAP_QUERY(r2, 0xc0686611, &(0x7f0000000080)={0x68, 0x34, 0x7fff, 0x5, 0x80000000009, 0x1, 0x9, 0x5, 0x5, 0x7f93, 0xfffffffe, 0x7ffffffd, 0x7ff, 0x7, 0x9})

4.557285629s ago: executing program 0 (id=4907):
socket(0xa, 0x3, 0x3b)
connect$auto(0x3, 0x0, 0x58)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x8000}, 0x4000804)
lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x11, 0x9, 0x63, 0x0, 0x0, 0x0, 0x0, 0x40000000000f, 0x1000, 0xfffffffffffffffd, 0x7ffffffb, 0x9, 0xffffffff7ffffffc, 0x9, 0x7, 0x200000100103})
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x89fc, &(0x7f0000000040)={'bridge0\x00'})
socket(0x22, 0x3, 0x0)
ioctl$auto(0xffffffffffffffff, 0x40104d01, 0xffffffffffffffff)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
readv$auto(0x3, 0x0, 0x1)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x2020009, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
memfd_create$auto(0x0, 0xe)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(r1, &(0x7f0000000000)='//\xf2\x00', 0x80000000)
mmap$auto(0x0, 0x810006, 0xffb, 0x8000000008011, 0x3, 0x0)

4.470254039s ago: executing program 1 (id=4908):
mmap$auto(0x0, 0x0, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyu3\x00', 0x0, 0x0)
openat$auto_drm_crtc_crc_control_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f00000000c0), 0xb02, 0x0)
write$auto(0x3, 0x0, 0xfffffdef)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0)
ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0)
ioctl$auto(r0, 0x89f3, r0)
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1e, 0x4, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0xa, 0xdb, 0x110, 0x5, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r1 = io_uring_setup$auto(0x6, 0x0)
open(0x0, 0x201, 0x52)
io_uring_setup$auto(0x6, 0x0)
r2 = socket(0x28, 0x805, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0xffffffff, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
bind$auto(r2, &(0x7f0000000080)=@in={0x28, 0x0, @rand_addr=0xffffffff}, 0x68)
write$auto_tty_fops_tty_io(r1, &(0x7f0000000280)="dd803b5b87f405a3e1fd1b4ad3b576f62492dfdf3dfedbb02063028275ddb7112fda4a584be5e1a9e1a8c26d5388fabe9907137ee3c23f383f656e862398c049386850c0bb10e582edf686afc9f54a5d73a5b54c57a363ab6172", 0x5a)
listen$auto(0x3, 0x81)
accept$auto(0x3, 0x0, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x0)
r3 = mq_open$auto(&(0x7f00000001c0)='\x12\xe6D\b\x9e\x00\x80\x8d\f\xb9w-\xbd!\x9eb\xed\xfb\x0f\xe5\x9dZ\xc2\xd1\x01wBV\x91\x8f_\xc0.\x84\xfe\x84\xd1se\x01\x06\x00\xb3\x13_Y&\xa9\x88\xe4\xa2\xb0V\x85\x92<\xb6\xdcT \\\xf2\v\xb1\xe2\xd8\xfa\xd8V\xe5\x00\xfa\xe9!\xc5<\xce\x18=\x06\xdagq\xb5\r\t\xb2\xde\x99\xd50\x89h\xc5\xba\xff\xc8u5<y\xa5\x97\x13\xef\xc4g\xc3\xa4&\x81I6\v\xcc\x00'/133, 0x62, 0x7, 0x0)
mq_timedreceive$auto(r3, 0x0, 0x4dcd, 0x0, 0x0)
r4 = mq_open$auto(&(0x7f00000000c0)='\x12\xe6D\b\x9e\x00\x80\x8d\f\xb9w-\xbd!\x9eb\xed\xfb\x0f\xe5\x9dZ\xc2\xd1\x01wBV\x91\x8f_\xc0.\x84\xfe\x84\xd1se\x01\x06\x00\xb3\x13_Y&\xa9\x88\xe4\xa2\xb0V\x85\x92<\xb6\xdcT \\\xf2\v\xb1\xe2\xd8\xfa\xd8V\xe5\x00\xfa\xe9!\xc5<\xce\x18=\x06\xdagq\xb5\r\t\xb2\xde\x99\xd50\xbb\x192\x1c4\x86\xc0\xc1-\xd5\x10\xc3\xfc*[8\x89h\xc5\xba\xff\xc8u5<y\xa5\x97\x13\xef\xc4g\xc3\xa4&\x81I6\v\xcc\x00\x00', 0x62, 0xfffc, 0x0)
mq_timedsend$auto(r4, 0x0, 0x2000, 0x9, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x20b42, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)

3.875291848s ago: executing program 1 (id=4909):
r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000001a80)='/dev/bus/usb/001/001\x00', 0x29202, 0x0)
mmap$auto(0x2000, 0x80009, 0xb, 0x8000000008011, r0, 0x1)
r1 = openat$auto_drm_edid_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/dri/vkms/Virtual-1/edid_override\x00', 0x3c9083, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptyy9\x00', 0x14001, 0x0)
r2 = socket(0x1d, 0x2, 0x2)
socket(0xa, 0x801, 0x84)
setsockopt$auto(0x3, 0x84, 0x17, 0x0, 0x70ed581b)
prctl$auto(0x23, 0x6, 0x2008, 0x7e, 0x200)
syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000040), r2)
r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x14f602, 0x0)
mmap$auto(0x0, 0x810004, 0xffc, 0x331, r3, 0x8000)
r4 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x40, 0x0)
openat$auto_set_tracer_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/current_tracer\x00', 0x0, 0x0)
preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5)
ioctl$auto_IOCTL_VMCI_GET_CONTEXT_ID(r4, 0x7b3, 0x0)
write$auto(r1, 0x0, 0x200002d00)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x204880, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x62b82, 0x0)
r6 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, 0x0, 0x123040, 0x0)
ioctl$auto(r6, 0x80004532, r6)
r7 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000180), 0x80000, 0x0)
ioctl$auto_RTC_SET_TIME(r7, 0x4024700a, &(0x7f00000001c0)={0x7, 0x7, 0x14, 0x8, 0x6, 0x63, 0xf, 0x81, 0x103})
r8 = ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0xc01)
ioctl$auto_KVM_GET_MSRS(r8, 0x4008ae90, 0x0)
read$auto(0x3, 0x0, 0x80)
socket$nl_generic(0x10, 0x3, 0x10)

2.604104084s ago: executing program 1 (id=4910):
r0 = creat$auto(&(0x7f0000000040)='./file0\x00', 0x81)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000", @ANYBLOB="010b2d"], 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x4000)
splice$auto(r1, 0x0, r0, 0x0, 0xb, 0xf)
ioctl$auto_NS_GET_PARENT(r0, 0xb702, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
getxattrat$auto(0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0, 0xb91)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_smbd_genl(&(0x7f0000001500), 0xffffffffffffffff)
sendmsg$auto_KSMBD_EVENT_STARTING_UP(r3, &(0x7f00000015c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000001540)={0x14, r4, 0x1, 0x70bd2a, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0xc0044}, 0x10)
sendmsg$auto_KSMBD_EVENT_LOGOUT_REQUEST(r2, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x14, r4, 0x100, 0x70bd27, 0x25dfdbfe, {}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x2000}, 0x4008040)
openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, 0x0, 0x1c1041, 0x0)
timer_create$auto(0x2, 0x0, 0x0)
mmap$auto(0x0, 0x20009, 0xfff, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
unshare$auto(0x40000080)
openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x40400, 0x0)
close_range$auto(0x0, 0x5, 0x0)
socket(0x10, 0x2, 0xc)
openat$auto_force_wakeup_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/bluetooth/hci2/force_wakeup\x00', 0x8742, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x60580, 0x0)
r5 = openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/bluetooth/hci0/force_devcoredump\x00', 0x2, 0x0)
clone$auto(0x20003b11, 0x8, 0x0, 0x0, 0x7)
execveat$auto(r2, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000280)=&(0x7f0000000240)='/sys/kernel/debug/bluetooth/hci0/force_devcoredump\x00', &(0x7f0000000300)=&(0x7f00000002c0)='(%\x00', 0x40000000)
write$auto(r5, 0x0, 0xe)

2.48720173s ago: executing program 2 (id=4911):
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nbd5\x00', 0x14f602, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x0)
madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
madvise$auto(0x0, 0x2000040080000004, 0xe)
r1 = socket$auto(0x80000000, 0x497e, 0x6)
ioctl$auto_USBDEVFS_GET_CAPABILITIES(r1, 0x8004551a, &(0x7f0000000100)=0x2)
openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cec8\x00', 0x0, 0x0) (async)
r2 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cec8\x00', 0x0, 0x0)
r3 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_OVS_FLOW_CMD_GET(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB="ff18c4005e", @ANYRES16=r3, @ANYBLOB="01002cbd7000fbdbdf250300000004000800"], 0x18}, 0x1, 0x0, 0x0, 0x24040071}, 0x800) (async)
sendmsg$auto_OVS_FLOW_CMD_GET(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB="ff18c4005e", @ANYRES16=r3, @ANYBLOB="01002cbd7000fbdbdf250300000004000800"], 0x18}, 0x1, 0x0, 0x0, 0x24040071}, 0x800)
r5 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000540), r1)
r6 = socket(0x1d, 0x2, 0x7)
r7 = socket(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'vcan0\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r8=>0x0})
bind$auto(r6, &(0x7f0000000000)=@can={0x1d, r8}, 0x6a)
sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(r4, &(0x7f0000000640)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x60, r5, 0x100, 0x70bd2c, 0x25dfdbfc, {}, [@ETHTOOL_A_CABLE_TEST_TDR_HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_PHY_INDEX={0x8, 0x4, 0x6}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x7}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x5}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_PHY_INDEX={0x8, 0x4, 0x6}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x5}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x5}, @ETHTOOL_A_HEADER_PHY_INDEX={0x8, 0x4, 0x4}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
sendmsg$auto_OVS_FLOW_CMD_NEW(r1, &(0x7f0000000480)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000180)={0x2a0, r3, 0x200, 0x70bd27, 0x25dfdbfd, {}, [@OVS_FLOW_ATTR_MASK={0x28c, 0x7, 0x0, 0x1, [@generic="2abab359be0c2047160a003f7c5411cb0ef81684cbd779794481b91ffa0be9d02112acb5718b3c2c7864a80381e99d265568ceeb4ce34809b0dbdc87d90d0bb948c62e6e", @nested={0xc, 0x139, 0x0, 0x1, [@typed={0x8, 0x133, 0x0, 0x0, @ipv4=@private=0xa010102}]}, @typed={0x8, 0x13c, 0x0, 0x0, @u32=0x2}, @nested={0x16a, 0x15d, 0x0, 0x1, [@nested={0x4, 0x11a}, @typed={0x14, 0x8c, 0x0, 0x0, @ipv6=@private0}, @generic="a736ca40d7937585ed658ef97784956480e8de8ed45dda4b0f97382fd8a7f09c39380f7ca85aff1f5e33b06d4bfb2cbff921926eadfca2600fbed5fdc761b75e88f9fa97541182c873730f95ca96d0a5b13936bc7b3874b7cc1319b3c006dcf16e926eac3660d5575657f7405d9f50cd4cf462582ea6", @typed={0xd7, 0x83, 0x0, 0x0, @binary="fad2d3a35d15e874aa829add5cafd2d809115909e6aa377cbb60abd4a3be2bca530a42944b796a90ac3ac2796b88d2a8c5e118affac0f6f570e7c5cecfb702217616d3039cf3b39afe6ca02c580cd9992ae9b777a75973fcf53929273654507b57572057287990de6a2c45beb98bbc6022c6e6c775bebb43d1b06533f7d009e75f48e0f395903b50c8b64bf3b9765e8895600d4245d5b0066022cd08063106a691d4c47d71f2d574d9b63821e3cd619ffa8ff5f0a1f676303631681fbb65ad2d6e3fd662a60aa5469c0a6ae52db2e2124f15a4"}]}, @nested={0x4, 0x4}, @typed={0xb9, 0x40, 0x0, 0x0, @binary="bd96f2680e22ae9c28f9ab68c9cd2032c36423a82bcfac48d95d747feb43973202b70b715844c5a822d6dc6514d333cd21e39a89720d1b2cc4443e0f312c5752a3900a92bb41651e502030c3afb38d5c1fa025cf42d601f6af6419e09ac5fa38fbe2aa7d153734541d67ab16292dec46df5a42b3d4d1d7a5f8ba13c45ca9b84943a3049f31296bbaf10653c972d4828e904d09a3b67caf6075fd15269dc21361cdc762012f953657c7f482cb84e0717cc7c0949be7"}, @typed={0x4, 0x5d}]}]}, 0x2a0}, 0x1, 0x0, 0x0, 0x4000844}, 0x22000090)
ioctl$auto_CEC_DQEVENT(r2, 0xc0506107, 0x0) (async)
ioctl$auto_CEC_DQEVENT(r2, 0xc0506107, 0x0)
ioctl$auto_CEC_DQEVENT(r2, 0xc0506107, 0x0) (async)
ioctl$auto_CEC_DQEVENT(r2, 0xc0506107, 0x0)
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
write$auto(r0, 0x0, 0x10007c)
pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xc9\xb3\xbc\x8c\x1dga08\x90\x86\xdde\x1cJ\x99\x00\x11:\x14\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xfe\x80\x00\x00\x00\x00\x00\x00\x0fo\x84\xfc\x89\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#\x1c\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd8\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xaf\n1\x80\x1a\xbc_\xef\x8b\t\xcc\xa6\xf2\xc1\"\xact\xee\xc9\x00'/232, 0xfdef, 0x11b5f095)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10)

2.06388686s ago: executing program 3 (id=4853):
mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xffffffffffffffff, 0x8000)
move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101c40, 0x0)
r1 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000200)='/dev/video50\x00', 0x80100, 0x0)
ioctl$auto(r0, 0x560a, r1)
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, 0x0, 0x48084)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
r2 = getpid()
process_vm_readv$auto(r2, &(0x7f0000000000)={0x0, 0x20000001002}, 0x1, 0x0, 0x4, 0x0)
fcntl$auto_F_SETOWN(r0, 0x8, r2)
connect$auto(0x3, 0x0, 0x54)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0x8, 0x8000)
r3 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/usb/usbmon/9t\x00', 0x0, 0x0)
r4 = syz_genetlink_get_family_id$auto_ncsi(&(0x7f0000000100), r1)
ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
preadv$auto(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f00000003c0)="9d4585b1d5a7f82f9ddd3a27733c5f3367375e9d15ba619e5da3b7495ef19e22635f62afef90ec1851cfcc1d03b90a142209297c970c485c17395d93b63b3f8b08088b970702c457", 0x7}, 0x2, 0x4, 0x1)
sendmsg$auto_NCSI_CMD_SET_CHANNEL_MASK(r1, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, r4, 0x100, 0x70bd26, 0x25dfdbfb, {}, [@NCSI_ATTR_CHANNEL_ID={0x8, 0x4, 0xfffffeff}, @NCSI_ATTR_PACKAGE_ID={0x8, 0x3, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x20010882}, 0x40001)
r5 = syz_genetlink_get_family_id$auto_nlbl_calipso(&(0x7f0000000280), r1)
sendmsg$auto_NLBL_CALIPSO_C_REMOVE(r1, &(0x7f0000000380)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)={0x54, r5, 0x8, 0x6, 0x25dfdbfc, {}, [@NLBL_CALIPSO_A_MTYPE={0x8, 0x2, 0x81}, @NLBL_CALIPSO_A_MTYPE={0x8, 0x2, 0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8, 0x2, 0x6}, @NLBL_CALIPSO_A_MTYPE={0x8, 0x2, 0x6}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x2}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x7fffffff}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x5}]}, 0x54}, 0x1, 0x0, 0x0, 0x24010080}, 0x8000)
pread64$auto(r3, 0x0, 0x101, 0x103)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/009/001\x00', 0xa101, 0x0)
unshare$auto(0x40000080)
clock_nanosleep$auto(0x2, 0x6, &(0x7f0000000840)={0x0, 0xc025}, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)

1.575861886s ago: executing program 2 (id=4913):
r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
unshare$auto(0x40000080)
ioctl$auto_RNDADDENTROPY2(0xffffffffffffffff, 0x40085203, &(0x7f0000000440)=[0xfff, 0xedc0])
sendmmsg$auto(0x3, 0x0, 0x787b, 0x7000000)
r1 = openat$auto_ftrace_event_format_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/debug/tracing/events/vmalloc/purge_vmap_area_lazy/format\x00', 0x40, 0x0)
mmap$auto(0x9, 0x5, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000)
mmap$auto(0x2000, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mlockall$auto(0x800000000000005)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff)
setsockopt$auto(0xffffffffffffffff, 0x0, 0x27, 0x0, 0xc)
socket(0x2a, 0x2, 0x1)
sendfile$auto(r1, 0xffffffffffffffff, 0x0, 0x5)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x100)
socket(0x840000000002, 0x3, 0xff)
connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x0, @local}, 0x55)
sendmsg$auto_NFSD_CMD_LISTENER_SET(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x264}, 0x1, 0x0, 0x0, 0xeda47ee5ad433e65}, 0x20000014)
io_setup$auto(0xffff, &(0x7f0000000580))
io_setup$auto(0xa, 0x0)
bpf$auto_BPF_TOKEN_CREATE(0x24, &(0x7f0000000100)=@test={r0, 0x7, 0x9d8b, 0xc, 0x6, 0x3, 0x100, 0x24000000, 0x9, 0xfffff40e, 0xffffffffffe00000, 0xffffffffffffffff, 0xb7d7, 0x1000, 0x80}, 0x0)
mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000)
r3 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/maps\x00', 0x40302, 0x0)
ioctl$auto_PROCMAP_QUERY(r3, 0xc0686611, &(0x7f0000000080)={0x68, 0x34, 0x7fff, 0x5, 0x80000000009, 0x1, 0x9, 0x5, 0x5, 0x7f93, 0xfffffffe, 0x7ffffffd, 0x7ff, 0x7, 0x9})

1.043326256s ago: executing program 1 (id=4914):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x1, 0x106)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
socket(0x2, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x3}, 0x55)
write$auto(0x3, 0x0, 0x5c8)
setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9)
write$auto(0x3, 0x0, 0xfffffdef)
mmap$auto(0x0, 0x810004, 0x400000000ffb, 0x8000000008011, 0x3, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x11, 0x80003, 0x300)
sendto$auto(0x3, 0x0, 0xfdef, 0xfffffff8, &(0x7f0000000440)=@tipc=@nameseq={0x1e, 0x1, 0x1, {0x1, 0x1, 0x3}}, 0x22)
socket(0xa, 0x801, 0x106)
openat$auto_proc_timens_offsets_operations_base(0xffffffffffffff9c, &(0x7f0000002440), 0x80c02, 0x0)

0s ago: executing program 1 (id=4915):
r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
unshare$auto(0x40000080)
ioctl$auto_RNDADDENTROPY2(0xffffffffffffffff, 0x40085203, &(0x7f0000000440)=[0xfff, 0xedc0])
sendmmsg$auto(0x3, 0x0, 0x787b, 0x7000000)
pread64$auto(0xffffffffffffffff, 0x0, 0x3, 0xfdd)
mmap$auto(0x9, 0x5, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000)
mmap$auto(0x2000, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mlockall$auto(0x800000000000005)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff)
setsockopt$auto(0xffffffffffffffff, 0x0, 0x27, 0x0, 0xc)
socket(0x2a, 0x2, 0x1)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x5)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x100)
socket(0x840000000002, 0x3, 0xff)
connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x0, @local}, 0x55)
sendmsg$auto_NFSD_CMD_LISTENER_SET(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x264}, 0x1, 0x0, 0x0, 0xeda47ee5ad433e65}, 0x20000014)
io_setup$auto(0xffff, &(0x7f0000000580))
io_setup$auto(0xa, 0x0)
bpf$auto_BPF_TOKEN_CREATE(0x24, &(0x7f0000000100)=@test={r0, 0x7, 0x9d8b, 0xc, 0x6, 0x3, 0x100, 0x24000000, 0x9, 0xfffff40e, 0xffffffffffe00000, 0xffffffffffffffff, 0xb7d7, 0x1000, 0x80}, 0x0)
mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000)
r2 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/maps\x00', 0x40302, 0x0)
ioctl$auto_PROCMAP_QUERY(r2, 0xc0686611, &(0x7f0000000080)={0x68, 0x34, 0x7fff, 0x5, 0x80000000009, 0x1, 0x9, 0x5, 0x5, 0x7f93, 0xfffffffe, 0x7ffffffd, 0x7ff, 0x7, 0x9})

kernel console output (not intermixed with test programs):

_write+0x190/0x250
[ 1271.475191][T28677]  ? __fget_files+0x21f/0x3d0
[ 1271.475222][T28677]  ? do_writev+0x13e/0x340
[ 1271.475243][T28677]  do_writev+0x13e/0x340
[ 1271.475265][T28677]  ? __pfx_do_writev+0x10/0x10
[ 1271.475289][T28677]  ? rcu_is_watching+0x12/0xc0
[ 1271.475318][T28677]  do_syscall_64+0x10b/0xf80
[ 1271.475349][T28677]  ? clear_bhb_loop+0x40/0x90
[ 1271.475375][T28677]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1271.475397][T28677] RIP: 0033:0x7f1d2f19cdd9
[ 1271.475414][T28677] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1271.475434][T28677] RSP: 002b:00007f1d3002a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 1271.475453][T28677] RAX: ffffffffffffffda RBX: 00007f1d2f415fa0 RCX: 00007f1d2f19cdd9
[ 1271.475467][T28677] RDX: 0000000000000004 RSI: 0000200000000200 RDI: 0000000000000003
[ 1271.475480][T28677] RBP: 00007f1d3002a090 R08: 0000000000000000 R09: 0000000000000000
[ 1271.475493][T28677] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1271.475506][T28677] R13: 00007f1d2f416038 R14: 00007f1d2f415fa0 R15: 00007ffe2223cda8
[ 1271.475532][T28677]  </TASK>
[ 1271.903396][T28686] netlink: 2468 bytes leftover after parsing attributes in process `syz.0.4155'.
[ 1273.237394][T28708] netlink: 342 bytes leftover after parsing attributes in process `syz.1.4160'.
[ 1274.550424][T28725] ima: policy update failed
[ 1274.590409][   T29] audit: type=1802 audit(1778450962.867:68): pid=28725 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.4165" res=0 errno=0
[ 1274.846969][T28719] FAULT_INJECTION: forcing a failure.
[ 1274.846969][T28719] name failslab, interval 1, probability 0, space 0, times 0
[ 1274.953823][T28719] CPU: 0 UID: 0 PID: 28719 Comm: syz.1.4163 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1274.953856][T28719] Tainted: [L]=SOFTLOCKUP
[ 1274.953863][T28719] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1274.953875][T28719] Call Trace:
[ 1274.953882][T28719]  <TASK>
[ 1274.953890][T28719]  dump_stack_lvl+0x100/0x190
[ 1274.953917][T28719]  should_fail_ex.cold+0x5/0xa
[ 1274.953943][T28719]  should_failslab+0xc2/0x120
[ 1274.953968][T28719]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[ 1274.954001][T28719]  ? __d_alloc+0x34/0xa40
[ 1274.954028][T28719]  ? lockdep_init_map_type+0x5c/0x250
[ 1274.954053][T28719]  __d_alloc+0x34/0xa40
[ 1274.954082][T28719]  d_alloc_pseudo+0x1c/0xc0
[ 1274.954102][T28719]  alloc_file_pseudo+0xcf/0x230
[ 1274.954134][T28719]  ? __pfx_alloc_file_pseudo+0x10/0x10
[ 1274.954165][T28719]  ? alloc_fd+0x476/0x790
[ 1274.954199][T28719]  sock_alloc_file+0x50/0x210
[ 1274.954225][T28719]  __sys_socket+0x1c0/0x260
[ 1274.954255][T28719]  ? __pfx___sys_socket+0x10/0x10
[ 1274.954292][T28719]  __x64_sys_socket+0x72/0xb0
[ 1274.954321][T28719]  ? lockdep_hardirqs_on+0x78/0x100
[ 1274.954355][T28719]  do_syscall_64+0x10b/0xf80
[ 1274.954384][T28719]  ? clear_bhb_loop+0x40/0x90
[ 1274.954407][T28719]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1274.954428][T28719] RIP: 0033:0x7f09a059cdd9
[ 1274.954444][T28719] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1274.954463][T28719] RSP: 002b:00007f09a13fd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[ 1274.954482][T28719] RAX: ffffffffffffffda RBX: 00007f09a0815fa0 RCX: 00007f09a059cdd9
[ 1274.954496][T28719] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[ 1274.954508][T28719] RBP: 00007f09a0632d69 R08: 0000000000000000 R09: 0000000000000000
[ 1274.954520][T28719] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1274.954532][T28719] R13: 00007f09a0816038 R14: 00007f09a0815fa0 R15: 00007ffeac3637d8
[ 1274.954557][T28719]  </TASK>
[ 1275.370245][T28736] program syz.2.4167 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1277.142874][T28752] net_ratelimit: 12 callbacks suppressed
[ 1277.142893][T28752] netlink: zone id is out of range
[ 1277.205738][T28752] netlink: zone id is out of range
[ 1277.240623][T28752] netlink: zone id is out of range
[ 1277.273692][T28752] netlink: zone id is out of range
[ 1277.300713][T28752] netlink: zone id is out of range
[ 1277.331643][T28752] netlink: zone id is out of range
[ 1277.364044][T28752] netlink: zone id is out of range
[ 1277.403027][T28752] netlink: zone id is out of range
[ 1277.430948][T28752] netlink: zone id is out of range
[ 1277.471910][T28752] netlink: zone id is out of range
[ 1281.119138][T28800] netlink: 2468 bytes leftover after parsing attributes in process `syz.1.4181'.
[ 1281.546411][T28808] netlink: 'syz.0.4182': attribute type 2 has an invalid length.
[ 1282.839689][T28827] usbip-vudc usbip-vudc.0: gadget not bound
[ 1283.004905][T28829] ima: policy update failed
[ 1283.053138][   T29] audit: type=1802 audit(1778450971.333:69): pid=28829 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.4189" res=0 errno=0
[ 1284.420789][T28850] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[ 1285.580175][T28849] Process accounting resumed
[ 1286.002734][T28870] netlink: 2468 bytes leftover after parsing attributes in process `syz.0.4197'.
[ 1286.947194][T28884] FAULT_INJECTION: forcing a failure.
[ 1286.947194][T28884] name failslab, interval 1, probability 0, space 0, times 0
[ 1287.017634][T28884] CPU: 0 UID: 0 PID: 28884 Comm: syz.0.4201 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1287.017668][T28884] Tainted: [L]=SOFTLOCKUP
[ 1287.017676][T28884] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1287.017689][T28884] Call Trace:
[ 1287.017696][T28884]  <TASK>
[ 1287.017704][T28884]  dump_stack_lvl+0x100/0x190
[ 1287.017731][T28884]  should_fail_ex.cold+0x5/0xa
[ 1287.017790][T28884]  should_failslab+0xc2/0x120
[ 1287.017815][T28884]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[ 1287.017850][T28884]  ? __d_alloc+0x34/0xa40
[ 1287.017884][T28884]  __d_alloc+0x34/0xa40
[ 1287.017915][T28884]  d_alloc_pseudo+0x1c/0xc0
[ 1287.017935][T28884]  alloc_file_pseudo+0xcf/0x230
[ 1287.017968][T28884]  ? __pfx_alloc_file_pseudo+0x10/0x10
[ 1287.018001][T28884]  ? alloc_fd+0x476/0x790
[ 1287.018030][T28884]  sock_alloc_file+0x50/0x210
[ 1287.018056][T28884]  __sys_socket+0x1c0/0x260
[ 1287.018087][T28884]  ? __pfx___sys_socket+0x10/0x10
[ 1287.018125][T28884]  __x64_sys_socket+0x72/0xb0
[ 1287.018166][T28884]  ? lockdep_hardirqs_on+0x78/0x100
[ 1287.018198][T28884]  do_syscall_64+0x10b/0xf80
[ 1287.018228][T28884]  ? clear_bhb_loop+0x40/0x90
[ 1287.018253][T28884]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1287.018274][T28884] RIP: 0033:0x7f1d2f19cdd9
[ 1287.018291][T28884] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1287.018312][T28884] RSP: 002b:00007f1d30009028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[ 1287.018332][T28884] RAX: ffffffffffffffda RBX: 00007f1d2f416090 RCX: 00007f1d2f19cdd9
[ 1287.018350][T28884] RDX: 0010000000000002 RSI: 0000000000000002 RDI: 2000000000000021
[ 1287.018364][T28884] RBP: 00007f1d2f232d69 R08: 0000000000000000 R09: 0000000000000000
[ 1287.018377][T28884] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1287.018390][T28884] R13: 00007f1d2f416128 R14: 00007f1d2f416090 R15: 00007ffe2223cda8
[ 1287.018416][T28884]  </TASK>
[ 1287.387061][T28891] Process accounting resumed
[ 1289.283291][T28916] FAULT_INJECTION: forcing a failure.
[ 1289.283291][T28916] name fail_futex, interval 1, probability 0, space 0, times 0
[ 1290.145688][T28916] CPU: 0 UID: 0 PID: 28916 Comm: syz.0.4208 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1290.145724][T28916] Tainted: [L]=SOFTLOCKUP
[ 1290.145732][T28916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1290.145747][T28916] Call Trace:
[ 1290.145754][T28916]  <TASK>
[ 1290.145762][T28916]  dump_stack_lvl+0x100/0x190
[ 1290.145792][T28916]  should_fail_ex.cold+0x5/0xa
[ 1290.145820][T28916]  get_futex_key+0x1d2/0x1510
[ 1290.145846][T28916]  ? __pfx_get_futex_key+0x10/0x10
[ 1290.145871][T28916]  ? trace_pid_list_is_set+0x11a/0x390
[ 1290.145913][T28916]  ? trace_pid_list_is_set+0x22c/0x390
[ 1290.145949][T28916]  futex_wait_setup+0x83/0x510
[ 1290.145986][T28916]  __futex_wait+0x19f/0x300
[ 1290.146019][T28916]  ? __pfx___futex_wait+0x10/0x10
[ 1290.146048][T28916]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 1290.146104][T28916]  ? __pfx_futex_wake_mark+0x10/0x10
[ 1290.146140][T28916]  ? find_held_lock+0x2b/0x80
[ 1290.146171][T28916]  ? futex_wake+0x456/0x530
[ 1290.146207][T28916]  futex_wait+0xe6/0x370
[ 1290.146239][T28916]  ? __pfx_futex_wait+0x10/0x10
[ 1290.146277][T28916]  ? errseq_sample+0x51/0x70
[ 1290.146300][T28916]  ? file_init_path+0x48e/0x670
[ 1290.146337][T28916]  do_futex+0x1ef/0x350
[ 1290.146364][T28916]  ? __pfx_do_futex+0x10/0x10
[ 1290.146390][T28916]  ? fd_install+0x223/0x580
[ 1290.146424][T28916]  __x64_sys_futex+0x34f/0x4d0
[ 1290.146452][T28916]  ? __sys_socket+0xac/0x260
[ 1290.146488][T28916]  ? __pfx___x64_sys_futex+0x10/0x10
[ 1290.146520][T28916]  ? rcu_is_watching+0x12/0xc0
[ 1290.146553][T28916]  do_syscall_64+0x10b/0xf80
[ 1290.146587][T28916]  ? clear_bhb_loop+0x40/0x90
[ 1290.146627][T28916]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1290.146650][T28916] RIP: 0033:0x7f1d2f19cdd9
[ 1290.146668][T28916] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1290.146689][T28916] RSP: 002b:00007f1d300090e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1290.146711][T28916] RAX: ffffffffffffffda RBX: 00007f1d2f416098 RCX: 00007f1d2f19cdd9
[ 1290.146726][T28916] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f1d2f416098
[ 1290.146740][T28916] RBP: 00007f1d2f416090 R08: 0000000000000000 R09: 0000000000000000
[ 1290.146753][T28916] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1290.146767][T28916] R13: 00007f1d2f416128 R14: 00007ffe2223ccc0 R15: 00007ffe2223cda8
[ 1290.146795][T28916]  </TASK>
[ 1291.072867][T28934] FAULT_INJECTION: forcing a failure.
[ 1291.072867][T28934] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1291.163824][T28934] CPU: 0 UID: 0 PID: 28934 Comm: syz.0.4213 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1291.163859][T28934] Tainted: [L]=SOFTLOCKUP
[ 1291.163868][T28934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1291.163881][T28934] Call Trace:
[ 1291.163889][T28934]  <TASK>
[ 1291.163897][T28934]  dump_stack_lvl+0x100/0x190
[ 1291.163932][T28934]  should_fail_ex.cold+0x5/0xa
[ 1291.163977][T28934]  _copy_from_iter+0x1f4/0x1690
[ 1291.164004][T28934]  ? __asan_memset+0x23/0x50
[ 1291.164066][T28934]  ? __pfx__copy_from_iter+0x10/0x10
[ 1291.164092][T28934]  ? __pfx___alloc_skb+0x10/0x10
[ 1291.164129][T28934]  netlink_sendmsg+0x808/0xda0
[ 1291.164171][T28934]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1291.164210][T28934]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[ 1291.164254][T28934]  __sys_sendto+0x468/0x4b0
[ 1291.164276][T28934]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1291.164313][T28934]  ? __pfx___sys_sendto+0x10/0x10
[ 1291.164346][T28934]  ? count_memcg_events_mm.constprop.0+0xfa/0x2a0
[ 1291.164375][T28934]  ? count_memcg_events_mm.constprop.0+0xfa/0x2a0
[ 1291.164426][T28934]  __x64_sys_sendto+0xe0/0x1c0
[ 1291.164450][T28934]  ? do_syscall_64+0x90/0xf80
[ 1291.164487][T28934]  ? lockdep_hardirqs_on+0x78/0x100
[ 1291.164523][T28934]  do_syscall_64+0x10b/0xf80
[ 1291.164559][T28934]  ? clear_bhb_loop+0x40/0x90
[ 1291.164589][T28934]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1291.164614][T28934] RIP: 0033:0x7f1d2f15d60e
[ 1291.164634][T28934] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1291.164659][T28934] RSP: 002b:00007f1d30028e88 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[ 1291.164682][T28934] RAX: ffffffffffffffda RBX: 00007f1d3002a6c0 RCX: 00007f1d2f15d60e
[ 1291.164698][T28934] RDX: 0000000000000024 RSI: 00007f1d30029000 RDI: 0000000000000002
[ 1291.164714][T28934] RBP: 0000000000000000 R08: 00007f1d30028f04 R09: 000000000000000c
[ 1291.164729][T28934] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1291.164743][T28934] R13: 00007f1d30028f58 R14: 00007f1d30029000 R15: 0000000000000000
[ 1291.164773][T28934]  </TASK>
[ 1293.145315][T28962] FAULT_INJECTION: forcing a failure.
[ 1293.145315][T28962] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1293.294381][T28962] CPU: 0 UID: 0 PID: 28962 Comm: syz.3.4218 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1293.294418][T28962] Tainted: [L]=SOFTLOCKUP
[ 1293.294426][T28962] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1293.294439][T28962] Call Trace:
[ 1293.294447][T28962]  <TASK>
[ 1293.294455][T28962]  dump_stack_lvl+0x100/0x190
[ 1293.294487][T28962]  should_fail_ex.cold+0x5/0xa
[ 1293.294516][T28962]  _copy_from_iter+0x1f4/0x1690
[ 1293.294554][T28962]  ? __asan_memset+0x23/0x50
[ 1293.294587][T28962]  ? __pfx__copy_from_iter+0x10/0x10
[ 1293.294608][T28962]  ? __pfx___alloc_skb+0x10/0x10
[ 1293.294641][T28962]  netlink_sendmsg+0x808/0xda0
[ 1293.294680][T28962]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1293.294714][T28962]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[ 1293.294751][T28962]  __sys_sendto+0x468/0x4b0
[ 1293.294771][T28962]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1293.294802][T28962]  ? __pfx___sys_sendto+0x10/0x10
[ 1293.294830][T28962]  ? count_memcg_events_mm.constprop.0+0xfa/0x2a0
[ 1293.294855][T28962]  ? count_memcg_events_mm.constprop.0+0xfa/0x2a0
[ 1293.294896][T28962]  __x64_sys_sendto+0xe0/0x1c0
[ 1293.294916][T28962]  ? do_syscall_64+0x90/0xf80
[ 1293.294947][T28962]  ? lockdep_hardirqs_on+0x78/0x100
[ 1293.294978][T28962]  do_syscall_64+0x10b/0xf80
[ 1293.295008][T28962]  ? clear_bhb_loop+0x40/0x90
[ 1293.295033][T28962]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1293.295054][T28962] RIP: 0033:0x7f488075d60e
[ 1293.295071][T28962] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1293.295091][T28962] RSP: 002b:00007f488156ce88 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[ 1293.295111][T28962] RAX: ffffffffffffffda RBX: 00007f488156e6c0 RCX: 00007f488075d60e
[ 1293.295125][T28962] RDX: 000000000000001c RSI: 00007f488156d000 RDI: 0000000000000003
[ 1293.295138][T28962] RBP: 0000000000000000 R08: 00007f488156cf04 R09: 000000000000000c
[ 1293.295150][T28962] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003
[ 1293.295163][T28962] R13: 00007f488156cf58 R14: 00007f488156d000 R15: 0000000000000000
[ 1293.295188][T28962]  </TASK>
[ 1294.865759][T28988] snd_virmidi snd_virmidi.0: control 61678:131081:3:y�:2 is already present
[ 1295.964161][T29004] ubi0: attaching mtd0
[ 1295.997225][T29004] ubi0: scanning is finished
[ 1296.026896][T29005] netlink: 2468 bytes leftover after parsing attributes in process `syz.1.4224'.
[ 1296.036507][T29004] ubi0 warning: ubi_read_volume_table: volume table copy #2 is corrupted
[ 1296.080237][T29004] ubi0: volume table was restored
[ 1296.460837][T29004] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB)
[ 1296.584180][T29004] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[ 1296.790570][T29004] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1
[ 1296.921263][T29004] ubi0: VID header offset: 64 (aligned 64), data offset: 128
[ 1297.015923][T29027] usbip-vudc usbip-vudc.0: gadget not bound
[ 1297.076621][T29004] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[ 1297.274259][T29004] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23
[ 1297.467171][T29039] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4231'.
[ 1297.525943][T29004] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 2010552860
[ 1297.791437][T29004] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[ 1297.988673][T29017] ubi0: background thread "ubi_bgt0d" started, PID 29017
[ 1298.025555][T29008] ubi0: detaching mtd0
[ 1298.135242][T29008] ubi0: mtd0 is detached
[ 1298.457721][ T5711] usb usb40-port1: attempt power cycle
[ 1298.683739][T29004] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1298.817025][T29004] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1299.043880][ T5711] usb usb40-port1: unable to enumerate USB device
[ 1299.371090][T29070] usbip-vudc usbip-vudc.0: gadget not bound
[ 1300.209829][T29084] net_ratelimit: 12 callbacks suppressed
[ 1300.209866][T29084] openvswitch: netlink: Geneve option length err (len 256, max 255).
[ 1300.241213][T29084] netlink: 'syz.0.4243': attribute type 1 has an invalid length.
[ 1300.436127][ T1314] ieee802154 phy0 wpan0: encryption failed: -22
[ 1300.449126][ T1314] ieee802154 phy1 wpan1: encryption failed: -22
[ 1300.744190][T29092] netlink: 'syz.2.4248': attribute type 1 has an invalid length.
[ 1300.804133][T29092] netlink: 33 bytes leftover after parsing attributes in process `syz.2.4248'.
[ 1300.893084][T29085] Process accounting resumed
[ 1301.683261][T29089] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied.
[ 1302.545130][T29116] futex_wake_op: syz.1.4253 tries to shift op by -2048; fix this program
[ 1302.591224][T29116] futex_wake_op: syz.1.4253 tries to shift op by -2048; fix this program
[ 1303.727627][T14793] usb usb40-port1: attempt power cycle
[ 1303.803545][T29140] usbip-vudc usbip-vudc.0: gadget not bound
[ 1304.318277][T14793] usb usb40-port1: unable to enumerate USB device
[ 1306.510349][T29178] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4264'.
[ 1306.617497][T29175] netlink: 186 bytes leftover after parsing attributes in process `syz.1.4264'.
[ 1306.668460][T29178] netlink: 186 bytes leftover after parsing attributes in process `syz.1.4264'.
[ 1311.204084][T29253] FAULT_INJECTION: forcing a failure.
[ 1311.204084][T29253] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1311.258344][T29253] CPU: 0 UID: 0 PID: 29253 Comm: syz.2.4285 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1311.258376][T29253] Tainted: [L]=SOFTLOCKUP
[ 1311.258383][T29253] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1311.258396][T29253] Call Trace:
[ 1311.258402][T29253]  <TASK>
[ 1311.258410][T29253]  dump_stack_lvl+0x100/0x190
[ 1311.258437][T29253]  should_fail_ex.cold+0x5/0xa
[ 1311.258465][T29253]  _copy_from_user+0x2e/0xd0
[ 1311.258486][T29253]  vmemdup_user+0x6b/0xe0
[ 1311.258515][T29253]  __sys_bpf+0x39f4/0x4b90
[ 1311.258539][T29253]  ? __pfx___sys_bpf+0x10/0x10
[ 1311.258558][T29253]  ? proc_fail_nth_write+0x9f/0x220
[ 1311.258590][T29253]  ? find_held_lock+0x2b/0x80
[ 1311.258621][T29253]  ? find_held_lock+0x2b/0x80
[ 1311.258645][T29253]  ? ksys_write+0x190/0x250
[ 1311.258667][T29253]  ? ksys_write+0x190/0x250
[ 1311.258693][T29253]  ? __mutex_unlock_slowpath+0x15d/0x8a0
[ 1311.258724][T29253]  ? kernel_write+0x5e3/0x6c0
[ 1311.258746][T29253]  ? __fget_files+0x215/0x3d0
[ 1311.258781][T29253]  ? fput+0x79/0x100
[ 1311.258808][T29253]  ? ksys_write+0x1ac/0x250
[ 1311.258830][T29253]  ? __pfx_ksys_write+0x10/0x10
[ 1311.258857][T29253]  __x64_sys_bpf+0x7b/0xc0
[ 1311.258877][T29253]  ? lockdep_hardirqs_on+0x78/0x100
[ 1311.258906][T29253]  do_syscall_64+0x10b/0xf80
[ 1311.258935][T29253]  ? clear_bhb_loop+0x40/0x90
[ 1311.258959][T29253]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1311.258980][T29253] RIP: 0033:0x7fbd58f9cdd9
[ 1311.258995][T29253] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1311.259015][T29253] RSP: 002b:00007fbd59f21028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1311.259034][T29253] RAX: ffffffffffffffda RBX: 00007fbd59215fa0 RCX: 00007fbd58f9cdd9
[ 1311.259047][T29253] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000015
[ 1311.259059][T29253] RBP: 00007fbd59f21090 R08: 0000000000000000 R09: 0000000000000000
[ 1311.259078][T29253] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1311.259090][T29253] R13: 00007fbd59216038 R14: 00007fbd59215fa0 R15: 00007fff31261b08
[ 1311.259115][T29253]  </TASK>
[ 1312.768831][T29276] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4293'.
[ 1313.324017][T29285] netlink: zone id is out of range
[ 1313.349619][T29285] netlink: zone id is out of range
[ 1313.384417][T29285] netlink: zone id is out of range
[ 1313.451538][T29285] netlink: set zone limit has 8 unknown bytes
[ 1313.740542][T29288] netlink: zone id is out of range
[ 1313.766174][T29288] netlink: zone id is out of range
[ 1313.793299][T29288] netlink: zone id is out of range
[ 1313.821568][T29288] netlink: zone id is out of range
[ 1313.923827][T29288] netlink: set zone limit has 8 unknown bytes
[ 1315.555157][T29318] netlink: zone id is out of range
[ 1316.074629][T29308] Process accounting paused
[ 1316.498767][T29325] netlink: 'syz.3.4309': attribute type 1 has an invalid length.
[ 1316.549652][T29325] netlink: 9 bytes leftover after parsing attributes in process `syz.3.4309'.
[ 1317.650208][T29335] Process accounting paused
[ 1317.898199][T29350] FAULT_INJECTION: forcing a failure.
[ 1317.898199][T29350] name failslab, interval 1, probability 0, space 0, times 0
[ 1317.950307][T29350] CPU: 0 UID: 0 PID: 29350 Comm: syz.2.4314 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1317.950347][T29350] Tainted: [L]=SOFTLOCKUP
[ 1317.950356][T29350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1317.950371][T29350] Call Trace:
[ 1317.950380][T29350]  <TASK>
[ 1317.950389][T29350]  dump_stack_lvl+0x100/0x190
[ 1317.950420][T29350]  should_fail_ex.cold+0x5/0xa
[ 1317.950451][T29350]  should_failslab+0xc2/0x120
[ 1317.950487][T29350]  __kmalloc_cache_noprof+0x7a/0x6f0
[ 1317.950525][T29350]  ? proc_self_get_link+0x189/0x1f0
[ 1317.950559][T29350]  proc_self_get_link+0x189/0x1f0
[ 1317.950588][T29350]  pick_link+0xac2/0x13c0
[ 1317.950612][T29350]  ? __pfx_proc_self_get_link+0x10/0x10
[ 1317.950644][T29350]  step_into_slowpath+0x9ba/0xf90
[ 1317.950677][T29350]  ? __pfx_step_into_slowpath+0x10/0x10
[ 1317.950708][T29350]  ? lookup_fast+0x2da/0x600
[ 1317.950731][T29350]  ? inode_permission+0x374/0x620
[ 1317.950773][T29350]  link_path_walk+0xf28/0x1cc0
[ 1317.950812][T29350]  path_openat+0x1be/0x31a0
[ 1317.950842][T29350]  ? kasan_save_stack+0x3f/0x50
[ 1317.950865][T29350]  ? kasan_save_stack+0x30/0x50
[ 1317.950888][T29350]  ? kasan_save_track+0x14/0x30
[ 1317.950912][T29350]  ? kmem_cache_alloc_noprof+0x241/0x6e0
[ 1317.950959][T29350]  ? __pfx_path_openat+0x10/0x10
[ 1317.951001][T29350]  do_file_open+0x20e/0x430
[ 1317.951035][T29350]  ? __pfx_do_file_open+0x10/0x10
[ 1317.951087][T29350]  ? alloc_fd+0x476/0x790
[ 1317.951121][T29350]  ? do_getname+0x191/0x390
[ 1317.951172][T29350]  do_sys_openat2+0x10d/0x1e0
[ 1317.951210][T29350]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1317.951269][T29350]  __x64_sys_openat+0x12d/0x210
[ 1317.951305][T29350]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1317.951339][T29350]  ? ksys_write+0x1ac/0x250
[ 1317.951368][T29350]  ? rcu_is_watching+0x12/0xc0
[ 1317.951398][T29350]  do_syscall_64+0x10b/0xf80
[ 1317.951430][T29350]  ? clear_bhb_loop+0x40/0x90
[ 1317.951457][T29350]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1317.951485][T29350] RIP: 0033:0x7fbd58f9cdd9
[ 1317.951503][T29350] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1317.951526][T29350] RSP: 002b:00007fbd59f21028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1317.951548][T29350] RAX: ffffffffffffffda RBX: 00007fbd59215fa0 RCX: 00007fbd58f9cdd9
[ 1317.951563][T29350] RDX: 0000000000000481 RSI: 0000200000000000 RDI: ffffffffffffff9c
[ 1317.951578][T29350] RBP: 00007fbd59032d69 R08: 0000000000000000 R09: 0000000000000000
[ 1317.951592][T29350] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1317.951605][T29350] R13: 00007fbd59216038 R14: 00007fbd59215fa0 R15: 00007fff31261b08
[ 1317.951633][T29350]  </TASK>
[ 1320.480850][T29387] ecryptfs_miscdev_write: Invalid packet size [0]
[ 1320.565341][T29388] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4323'.
[ 1320.631665][T29388] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1320.672680][T29388] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1320.746782][T29388] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1320.781335][T29388] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1323.298350][T29435] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4336'.
[ 1325.903558][T29474] FAULT_INJECTION: forcing a failure.
[ 1325.903558][T29474] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1325.985868][T29474] CPU: 0 UID: 0 PID: 29474 Comm: syz.2.4349 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1325.985904][T29474] Tainted: [L]=SOFTLOCKUP
[ 1325.985913][T29474] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1325.985927][T29474] Call Trace:
[ 1325.985935][T29474]  <TASK>
[ 1325.985943][T29474]  dump_stack_lvl+0x100/0x190
[ 1325.985972][T29474]  should_fail_ex.cold+0x5/0xa
[ 1325.986001][T29474]  _copy_from_iter+0x1f4/0x1690
[ 1325.986027][T29474]  ? __asan_memset+0x23/0x50
[ 1325.986062][T29474]  ? __pfx__copy_from_iter+0x10/0x10
[ 1325.986085][T29474]  ? __pfx___alloc_skb+0x10/0x10
[ 1325.986119][T29474]  netlink_sendmsg+0x808/0xda0
[ 1325.986157][T29474]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1325.986193][T29474]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[ 1325.986232][T29474]  __sys_sendto+0x468/0x4b0
[ 1325.986253][T29474]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1325.986287][T29474]  ? __pfx___sys_sendto+0x10/0x10
[ 1325.986317][T29474]  ? count_memcg_events_mm.constprop.0+0xfa/0x2a0
[ 1325.986343][T29474]  ? count_memcg_events_mm.constprop.0+0xfa/0x2a0
[ 1325.986390][T29474]  __x64_sys_sendto+0xe0/0x1c0
[ 1325.986411][T29474]  ? do_syscall_64+0x90/0xf80
[ 1325.986444][T29474]  ? lockdep_hardirqs_on+0x78/0x100
[ 1325.986477][T29474]  do_syscall_64+0x10b/0xf80
[ 1325.986509][T29474]  ? clear_bhb_loop+0x40/0x90
[ 1325.986536][T29474]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1325.986559][T29474] RIP: 0033:0x7fbd58f5d60e
[ 1325.986577][T29474] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1325.986599][T29474] RSP: 002b:00007fbd59f1fe88 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[ 1325.986619][T29474] RAX: ffffffffffffffda RBX: 00007fbd59f216c0 RCX: 00007fbd58f5d60e
[ 1325.986635][T29474] RDX: 000000000000001c RSI: 00007fbd59f20000 RDI: 0000000000000002
[ 1325.986648][T29474] RBP: 0000000000000000 R08: 00007fbd59f1ff04 R09: 000000000000000c
[ 1325.986662][T29474] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1325.986675][T29474] R13: 00007fbd59f1ff58 R14: 00007fbd59f20000 R15: 0000000000000000
[ 1325.986702][T29474]  </TASK>
[ 1327.079843][T29483] netlink: 2468 bytes leftover after parsing attributes in process `syz.0.4350'.
[ 1327.179378][T29485] netlink: 2468 bytes leftover after parsing attributes in process `syz.0.4350'.
[ 1327.535001][T29492] FAULT_INJECTION: forcing a failure.
[ 1327.535001][T29492] name fail_futex, interval 1, probability 0, space 0, times 0
[ 1327.608519][T29492] CPU: 0 UID: 0 PID: 29492 Comm: syz.3.4354 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1327.608551][T29492] Tainted: [L]=SOFTLOCKUP
[ 1327.608559][T29492] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1327.608571][T29492] Call Trace:
[ 1327.608578][T29492]  <TASK>
[ 1327.608586][T29492]  dump_stack_lvl+0x100/0x190
[ 1327.608613][T29492]  should_fail_ex.cold+0x5/0xa
[ 1327.608638][T29492]  get_futex_key+0x295/0x1510
[ 1327.608662][T29492]  ? __pfx_get_futex_key+0x10/0x10
[ 1327.608688][T29492]  ? lock_acquire+0x1b1/0x370
[ 1327.608714][T29492]  futex_wake+0xea/0x530
[ 1327.608743][T29492]  ? __pfx_futex_wake+0x10/0x10
[ 1327.608769][T29492]  ? exit_mm_release+0x19/0x30
[ 1327.608806][T29492]  do_futex+0x32b/0x350
[ 1327.608828][T29492]  ? __pfx_do_futex+0x10/0x10
[ 1327.608849][T29492]  ? __might_fault+0xc5/0x140
[ 1327.608887][T29492]  mm_release+0x24a/0x2f0
[ 1327.608912][T29492]  do_exit+0x707/0x2a60
[ 1327.608947][T29492]  ? __pfx_do_exit+0x10/0x10
[ 1327.608978][T29492]  ? do_raw_spin_lock+0x128/0x260
[ 1327.609001][T29492]  ? find_held_lock+0x2b/0x80
[ 1327.609026][T29492]  ? get_signal+0x7e0/0x21e0
[ 1327.609055][T29492]  do_group_exit+0xd5/0x2a0
[ 1327.609075][T29492]  get_signal+0x1ec7/0x21e0
[ 1327.609109][T29492]  ? __pfx_get_signal+0x10/0x10
[ 1327.609137][T29492]  ? do_futex+0x192/0x350
[ 1327.609161][T29492]  arch_do_signal_or_restart+0x91/0x7a0
[ 1327.609194][T29492]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1327.609231][T29492]  ? __pfx_ksys_mmap_pgoff+0x10/0x10
[ 1327.609257][T29492]  ? rcu_is_watching+0x12/0xc0
[ 1327.609285][T29492]  exit_to_user_mode_loop+0x8b/0x4f0
[ 1327.609305][T29492]  ? rcu_is_watching+0x12/0xc0
[ 1327.609331][T29492]  do_syscall_64+0x6f2/0xf80
[ 1327.609361][T29492]  ? clear_bhb_loop+0x40/0x90
[ 1327.609385][T29492]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1327.609406][T29492] RIP: 0033:0x7f488079cdd9
[ 1327.609423][T29492] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1327.609443][T29492] RSP: 002b:00007f488156e0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1327.609462][T29492] RAX: fffffffffffffe00 RBX: 00007f4880a15fa8 RCX: 00007f488079cdd9
[ 1327.609476][T29492] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f4880a15fa8
[ 1327.609488][T29492] RBP: 00007f4880a15fa0 R08: 0000000000000000 R09: 0000000000000000
[ 1327.609501][T29492] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1327.609513][T29492] R13: 00007f4880a16038 R14: 00007ffecd6f95c0 R15: 00007ffecd6f96a8
[ 1327.609538][T29492]  </TASK>
[ 1329.296199][T29502] ACPI: EC: Assuming SCI_EVT clearing on QR_EC writes
[ 1329.751513][T29512] FAULT_INJECTION: forcing a failure.
[ 1329.751513][T29512] name failslab, interval 1, probability 0, space 0, times 0
[ 1329.835245][T29512] CPU: 0 UID: 0 PID: 29512 Comm: syz.1.4362 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1329.835281][T29512] Tainted: [L]=SOFTLOCKUP
[ 1329.835289][T29512] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1329.835303][T29512] Call Trace:
[ 1329.835311][T29512]  <TASK>
[ 1329.835319][T29512]  dump_stack_lvl+0x100/0x190
[ 1329.835348][T29512]  should_fail_ex.cold+0x5/0xa
[ 1329.835376][T29512]  ? tracepoint_add_func+0x3a8/0x1150
[ 1329.835414][T29512]  should_failslab+0xc2/0x120
[ 1329.835441][T29512]  __kmalloc_noprof+0xe0/0x850
[ 1329.835466][T29512]  ? __pfx_trace_event_raw_event_nfsd_cb_class+0x10/0x10
[ 1329.835496][T29512]  tracepoint_add_func+0x3a8/0x1150
[ 1329.835529][T29512]  ? __pfx_trace_event_raw_event_nfsd_cb_class+0x10/0x10
[ 1329.835564][T29512]  ? __pfx_trace_event_raw_event_nfsd_cb_class+0x10/0x10
[ 1329.835594][T29512]  tracepoint_probe_register+0xc4/0x110
[ 1329.835630][T29512]  ? __pfx_tracepoint_probe_register+0x10/0x10
[ 1329.835664][T29512]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1329.835700][T29512]  ? __pfx_trace_event_raw_event_nfsd_cb_class+0x10/0x10
[ 1329.835736][T29512]  ? __pfx_probe_sched_switch+0x10/0x10
[ 1329.835773][T29512]  ? __lock_acquire+0x4a5/0x2630
[ 1329.835798][T29512]  trace_event_reg+0x209/0x350
[ 1329.835831][T29512]  __ftrace_event_enable_disable+0x211/0x6f0
[ 1329.835871][T29512]  __ftrace_set_clr_event_nolock+0x390/0xc30
[ 1329.835902][T29512]  ftrace_set_clr_event+0x1b7/0x3f0
[ 1329.835931][T29512]  ? __pfx_ftrace_set_clr_event+0x10/0x10
[ 1329.835968][T29512]  ? trace_get_user+0x3ae/0xa70
[ 1329.836007][T29512]  ftrace_event_write+0x259/0x2c0
[ 1329.836032][T29512]  ? __pfx_ftrace_event_write+0x10/0x10
[ 1329.836066][T29512]  vfs_write+0x2aa/0x1070
[ 1329.836091][T29512]  ? __pfx_ftrace_event_write+0x10/0x10
[ 1329.836118][T29512]  ? __pfx_vfs_write+0x10/0x10
[ 1329.836141][T29512]  ? __fget_files+0x215/0x3d0
[ 1329.836171][T29512]  ? __fget_files+0x21f/0x3d0
[ 1329.836202][T29512]  ksys_write+0x12a/0x250
[ 1329.836226][T29512]  ? __pfx_ksys_write+0x10/0x10
[ 1329.836252][T29512]  ? rcu_is_watching+0x12/0xc0
[ 1329.836280][T29512]  do_syscall_64+0x10b/0xf80
[ 1329.836310][T29512]  ? clear_bhb_loop+0x40/0x90
[ 1329.836336][T29512]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1329.836357][T29512] RIP: 0033:0x7f09a059cdd9
[ 1329.836374][T29512] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1329.836394][T29512] RSP: 002b:00007f09a13fd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1329.836414][T29512] RAX: ffffffffffffffda RBX: 00007f09a0815fa0 RCX: 00007f09a059cdd9
[ 1329.836428][T29512] RDX: 0000000000000af0 RSI: 0000000000000000 RDI: 0000000000000008
[ 1329.836440][T29512] RBP: 00007f09a0632d69 R08: 0000000000000000 R09: 0000000000000000
[ 1329.836453][T29512] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1329.836465][T29512] R13: 00007f09a0816038 R14: 00007f09a0815fa0 R15: 00007ffeac3637d8
[ 1329.836491][T29512]  </TASK>
[ 1330.422981][T29512] event trace: Could not enable event nfsd_cb_rpc_prepare
[ 1331.209850][T29512] Process accounting paused
[ 1331.506981][T29538] netlink: 2468 bytes leftover after parsing attributes in process `syz.1.4367'.
[ 1331.583050][T29539] netlink: 2468 bytes leftover after parsing attributes in process `syz.1.4367'.
[ 1331.895637][T29547] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied.
[ 1333.409688][T29586] FAULT_INJECTION: forcing a failure.
[ 1333.409688][T29586] name failslab, interval 1, probability 0, space 0, times 0
[ 1333.480056][T29586] CPU: 0 UID: 0 PID: 29586 Comm: syz.2.4380 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1333.480092][T29586] Tainted: [L]=SOFTLOCKUP
[ 1333.480100][T29586] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1333.480117][T29586] Call Trace:
[ 1333.480125][T29586]  <TASK>
[ 1333.480133][T29586]  dump_stack_lvl+0x100/0x190
[ 1333.480163][T29586]  should_fail_ex.cold+0x5/0xa
[ 1333.480198][T29586]  should_failslab+0xc2/0x120
[ 1333.480225][T29586]  kmem_cache_alloc_noprof+0x7b/0x6e0
[ 1333.480261][T29586]  ? __kernfs_new_node+0xd2/0x9f0
[ 1333.480292][T29586]  __kernfs_new_node+0xd2/0x9f0
[ 1333.480316][T29586]  ? find_held_lock+0x2b/0x80
[ 1333.480346][T29586]  ? kernfs_add_one+0x583/0x850
[ 1333.480374][T29586]  ? __pfx___kernfs_new_node+0x10/0x10
[ 1333.480425][T29586]  ? find_held_lock+0x2b/0x80
[ 1333.480456][T29586]  ? kernfs_root+0xee/0x2a0
[ 1333.480481][T29586]  ? kernfs_root+0xee/0x2a0
[ 1333.480512][T29586]  kernfs_new_node+0x11b/0x1a0
[ 1333.480547][T29586]  kernfs_create_dir_ns+0x4c/0x1a0
[ 1333.480582][T29586]  internal_create_group+0x36f/0xf40
[ 1333.480617][T29586]  ? __pfx_internal_create_group+0x10/0x10
[ 1333.480650][T29586]  ? kernfs_create_link+0x1bd/0x240
[ 1333.480690][T29586]  internal_create_groups+0x9d/0x150
[ 1333.480721][T29586]  device_add+0x77a/0x1950
[ 1333.480755][T29586]  ? __pfx_device_add+0x10/0x10
[ 1333.480784][T29586]  ? __pfx___might_resched+0x10/0x10
[ 1333.480811][T29586]  ? lockdep_hardirqs_on+0x78/0x100
[ 1333.480856][T29586]  __add_disk+0x518/0xe40
[ 1333.480894][T29586]  add_disk_fwnode+0x118/0x5c0
[ 1333.480932][T29586]  loop_add+0x90b/0xb60
[ 1333.480979][T29586]  ? __pfx_loop_add+0x10/0x10
[ 1333.481029][T29586]  ? find_held_lock+0x2b/0x80
[ 1333.481058][T29586]  ? __fget_files+0x215/0x3d0
[ 1333.481087][T29586]  loop_control_ioctl+0xae/0x620
[ 1333.481123][T29586]  ? __pfx_loop_control_ioctl+0x10/0x10
[ 1333.481162][T29586]  ? __pfx_loop_control_ioctl+0x10/0x10
[ 1333.481207][T29586]  __x64_sys_ioctl+0x18e/0x210
[ 1333.481232][T29586]  do_syscall_64+0x10b/0xf80
[ 1333.481265][T29586]  ? clear_bhb_loop+0x40/0x90
[ 1333.481292][T29586]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1333.481315][T29586] RIP: 0033:0x7fbd58f9cdd9
[ 1333.481333][T29586] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1333.481356][T29586] RSP: 002b:00007fbd59f21028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1333.481377][T29586] RAX: ffffffffffffffda RBX: 00007fbd59215fa0 RCX: 00007fbd58f9cdd9
[ 1333.481392][T29586] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000006
[ 1333.481406][T29586] RBP: 00007fbd59032d69 R08: 0000000000000000 R09: 0000000000000000
[ 1333.481420][T29586] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1333.481434][T29586] R13: 00007fbd59216038 R14: 00007fbd59215fa0 R15: 00007fff31261b08
[ 1333.481462][T29586]  </TASK>
[ 1334.027519][T29597] FAULT_INJECTION: forcing a failure.
[ 1334.027519][T29597] name failslab, interval 1, probability 0, space 0, times 0
[ 1334.040306][T29597] CPU: 0 UID: 0 PID: 29597 Comm: syz.1.4382 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1334.040341][T29597] Tainted: [L]=SOFTLOCKUP
[ 1334.040351][T29597] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1334.040365][T29597] Call Trace:
[ 1334.040374][T29597]  <TASK>
[ 1334.040383][T29597]  dump_stack_lvl+0x100/0x190
[ 1334.040418][T29597]  should_fail_ex.cold+0x5/0xa
[ 1334.040449][T29597]  should_failslab+0xc2/0x120
[ 1334.040477][T29597]  __kmalloc_cache_noprof+0x7a/0x6f0
[ 1334.040512][T29597]  ? proc_self_get_link+0x189/0x1f0
[ 1334.040544][T29597]  proc_self_get_link+0x189/0x1f0
[ 1334.040572][T29597]  pick_link+0xac2/0x13c0
[ 1334.040595][T29597]  ? __pfx_proc_self_get_link+0x10/0x10
[ 1334.040626][T29597]  step_into_slowpath+0x9ba/0xf90
[ 1334.040657][T29597]  ? __pfx_step_into_slowpath+0x10/0x10
[ 1334.040687][T29597]  ? lookup_fast+0x2da/0x600
[ 1334.040708][T29597]  ? inode_permission+0x374/0x620
[ 1334.040749][T29597]  link_path_walk+0xf28/0x1cc0
[ 1334.040784][T29597]  path_openat+0x1be/0x31a0
[ 1334.040812][T29597]  ? kasan_save_stack+0x3f/0x50
[ 1334.040834][T29597]  ? kasan_save_stack+0x30/0x50
[ 1334.040856][T29597]  ? kasan_save_track+0x14/0x30
[ 1334.040879][T29597]  ? kmem_cache_alloc_noprof+0x241/0x6e0
[ 1334.040924][T29597]  ? __pfx_path_openat+0x10/0x10
[ 1334.040965][T29597]  do_file_open+0x20e/0x430
[ 1334.040998][T29597]  ? __pfx_do_file_open+0x10/0x10
[ 1334.041059][T29597]  ? alloc_fd+0x476/0x790
[ 1334.041089][T29597]  ? do_getname+0x191/0x390
[ 1334.041129][T29597]  do_sys_openat2+0x10d/0x1e0
[ 1334.041165][T29597]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1334.041209][T29597]  __x64_sys_openat+0x12d/0x210
[ 1334.041246][T29597]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1334.041281][T29597]  ? ksys_write+0x1ac/0x250
[ 1334.041311][T29597]  ? rcu_is_watching+0x12/0xc0
[ 1334.041342][T29597]  do_syscall_64+0x10b/0xf80
[ 1334.041374][T29597]  ? clear_bhb_loop+0x40/0x90
[ 1334.041402][T29597]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1334.041425][T29597] RIP: 0033:0x7f09a059cdd9
[ 1334.041443][T29597] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1334.041466][T29597] RSP: 002b:00007f09a13fd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1334.041487][T29597] RAX: ffffffffffffffda RBX: 00007f09a0815fa0 RCX: 00007f09a059cdd9
[ 1334.041501][T29597] RDX: 0000000000000481 RSI: 0000200000000000 RDI: ffffffffffffff9c
[ 1334.041516][T29597] RBP: 00007f09a0632d69 R08: 0000000000000000 R09: 0000000000000000
[ 1334.041529][T29597] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1334.041543][T29597] R13: 00007f09a0816038 R14: 00007f09a0815fa0 R15: 00007ffeac3637d8
[ 1334.041571][T29597]  </TASK>
[ 1335.871892][T29619] raw_sendmsg: syz.1.4388 forgot to set AF_INET. Fix it!
[ 1336.827032][T29625] FAULT_INJECTION: forcing a failure.
[ 1336.827032][T29625] name failslab, interval 1, probability 0, space 0, times 0
[ 1336.926913][T29625] CPU: 0 UID: 0 PID: 29625 Comm: syz.2.4390 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1336.926953][T29625] Tainted: [L]=SOFTLOCKUP
[ 1336.926963][T29625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1336.926977][T29625] Call Trace:
[ 1336.926985][T29625]  <TASK>
[ 1336.926995][T29625]  dump_stack_lvl+0x100/0x190
[ 1336.927031][T29625]  should_fail_ex.cold+0x5/0xa
[ 1336.927062][T29625]  should_failslab+0xc2/0x120
[ 1336.927091][T29625]  kmem_cache_alloc_noprof+0x7b/0x6e0
[ 1336.927131][T29625]  ? do_getname+0x35/0x390
[ 1336.927173][T29625]  do_getname+0x35/0x390
[ 1336.927213][T29625]  do_sys_openat2+0xc5/0x1e0
[ 1336.927252][T29625]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1336.927293][T29625]  ? find_held_lock+0x2b/0x80
[ 1336.927333][T29625]  __x64_sys_openat+0x12d/0x210
[ 1336.927373][T29625]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1336.927418][T29625]  ? rcu_is_watching+0x12/0xc0
[ 1336.927452][T29625]  do_syscall_64+0x10b/0xf80
[ 1336.927488][T29625]  ? clear_bhb_loop+0x40/0x90
[ 1336.927518][T29625]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1336.927544][T29625] RIP: 0033:0x7fbd58f9cdd9
[ 1336.927564][T29625] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1336.927589][T29625] RSP: 002b:00007fbd59f21028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1336.927612][T29625] RAX: ffffffffffffffda RBX: 00007fbd59215fa0 RCX: 00007fbd58f9cdd9
[ 1336.927629][T29625] RDX: 0000000000040602 RSI: 0000200000000000 RDI: ffffffffffffff9c
[ 1336.927645][T29625] RBP: 00007fbd59032d69 R08: 0000000000000000 R09: 0000000000000000
[ 1336.927660][T29625] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1336.927675][T29625] R13: 00007fbd59216038 R14: 00007fbd59215fa0 R15: 00007fff31261b08
[ 1336.927706][T29625]  </TASK>
[ 1337.240219][T29630] input: jJǸ-���9�%v���J86�� as /devices/virtual/input/input40
[ 1337.589756][T29643] FAULT_INJECTION: forcing a failure.
[ 1337.589756][T29643] name failslab, interval 1, probability 0, space 0, times 0
[ 1337.649095][T29643] CPU: 0 UID: 0 PID: 29643 Comm: syz.1.4394 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1337.649132][T29643] Tainted: [L]=SOFTLOCKUP
[ 1337.649141][T29643] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1337.649155][T29643] Call Trace:
[ 1337.649162][T29643]  <TASK>
[ 1337.649170][T29643]  dump_stack_lvl+0x100/0x190
[ 1337.649199][T29643]  should_fail_ex.cold+0x5/0xa
[ 1337.649227][T29643]  should_failslab+0xc2/0x120
[ 1337.649253][T29643]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[ 1337.649291][T29643]  ? __d_alloc+0x34/0xa40
[ 1337.649327][T29643]  __d_alloc+0x34/0xa40
[ 1337.649363][T29643]  d_alloc_parallel+0x111/0x14e0
[ 1337.649393][T29643]  ? find_held_lock+0x2b/0x80
[ 1337.649422][T29643]  ? __d_lookup+0x25c/0x4a0
[ 1337.649444][T29643]  ? __pfx_d_alloc_parallel+0x10/0x10
[ 1337.649470][T29643]  ? __d_lookup+0x266/0x4a0
[ 1337.649498][T29643]  lookup_open.isra.0+0x57c/0x11b0
[ 1337.649527][T29643]  ? __pfx_lookup_open.isra.0+0x10/0x10
[ 1337.649565][T29643]  ? mnt_get_write_access+0x1e9/0x2f0
[ 1337.649605][T29643]  path_openat+0xa98/0x31a0
[ 1337.649642][T29643]  ? __pfx_path_openat+0x10/0x10
[ 1337.649680][T29643]  do_file_open+0x20e/0x430
[ 1337.649710][T29643]  ? __pfx_do_file_open+0x10/0x10
[ 1337.649748][T29643]  ? __pfx_kfree_link+0x10/0x10
[ 1337.649778][T29643]  ? alloc_fd+0x476/0x790
[ 1337.649814][T29643]  ? do_getname+0x191/0x390
[ 1337.649869][T29643]  do_sys_openat2+0x10d/0x1e0
[ 1337.649907][T29643]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1337.649955][T29643]  __x64_sys_openat+0x12d/0x210
[ 1337.649994][T29643]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1337.650031][T29643]  ? ksys_write+0x1ac/0x250
[ 1337.650075][T29643]  ? rcu_is_watching+0x12/0xc0
[ 1337.650105][T29643]  do_syscall_64+0x10b/0xf80
[ 1337.650138][T29643]  ? clear_bhb_loop+0x40/0x90
[ 1337.650165][T29643]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1337.650188][T29643] RIP: 0033:0x7f09a059cdd9
[ 1337.650205][T29643] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1337.650227][T29643] RSP: 002b:00007f09a13fd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1337.650248][T29643] RAX: ffffffffffffffda RBX: 00007f09a0815fa0 RCX: 00007f09a059cdd9
[ 1337.650263][T29643] RDX: 0000000000000481 RSI: 0000200000000000 RDI: ffffffffffffff9c
[ 1337.650278][T29643] RBP: 00007f09a0632d69 R08: 0000000000000000 R09: 0000000000000000
[ 1337.650292][T29643] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1337.650306][T29643] R13: 00007f09a0816038 R14: 00007f09a0815fa0 R15: 00007ffeac3637d8
[ 1337.650334][T29643]  </TASK>
[ 1339.770473][T29672] Unable to find swap-space signature
[ 1339.825370][T29648] kexec: Could not allocate control_code_buffer
[ 1339.875766][T29672] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[ 1343.619980][T29720] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888000000000 pfn:0x78002
[ 1343.683005][T29720] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 1343.714784][T29720] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000
[ 1343.789134][T29720] raw: ffff888000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 1343.861206][T29720] page dumped because: unmovable page
[ 1343.899031][T29720] page_owner tracks the page as allocated
[ 1343.952262][T29720] page last allocated via order 0, migratetype Unmovable, gfp_mask 0xcc0(GFP_KERNEL), pid 19319, tgid 19319 (syz-executor), ts 737540223949, free_ts 668168572800
[ 1344.039364][T29720]  post_alloc_hook+0x153/0x170
[ 1344.064220][T29720]  get_page_from_freelist+0x11a6/0x33b0
[ 1344.091447][T29720]  __alloc_frozen_pages_noprof+0x27c/0x2bc0
[ 1344.118347][T29720]  alloc_pages_bulk_noprof+0x657/0x1390
[ 1344.143570][T29720]  __kasan_populate_vmalloc+0xf0/0x210
[ 1344.192354][T29720]  alloc_vmap_area+0x95d/0x2b70
[ 1344.228458][T29720]  __get_vm_area_node+0x1ca/0x330
[ 1344.243643][T29720]  __vmalloc_node_range_noprof+0x228/0x1630
[ 1344.255631][T29720]  vmalloc_user_noprof+0x9e/0xe0
[ 1344.267834][T29720]  kcov_ioctl+0x4c/0x720
[ 1344.278841][T29720]  __x64_sys_ioctl+0x18e/0x210
[ 1344.288973][T29720]  do_syscall_64+0x10b/0xf80
[ 1344.299047][T29720]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1344.311505][T29720] page last free pid 16208 tgid 16207 stack trace:
[ 1344.339748][T29720]  __free_frozen_pages+0x747/0x1040
[ 1344.351326][T29720]  tlb_remove_table_rcu+0x2cf/0x380
[ 1344.362828][T29720]  rcu_core+0x5a2/0x10d0
[ 1344.374421][T29720]  handle_softirqs+0x1ea/0xa00
[ 1344.383739][T29720]  do_softirq+0xac/0xe0
[ 1344.394538][T29720]  __local_bh_enable_ip+0xf8/0x120
[ 1344.405654][T29720]  scomp_acomp_comp_decomp+0x741/0xc40
[ 1344.419114][T29720]  crypto_acomp_compress+0x14c/0x540
[ 1344.430291][T29720]  zswap_store+0xe8d/0x2e70
[ 1344.440398][T29720]  swap_writeout+0x47e/0x14f0
[ 1344.450509][T29720]  shrink_folio_list+0x51c5/0x60c0
[ 1344.461509][T29720]  evict_folios+0x846/0x20c0
[ 1344.472688][T29720]  try_to_shrink_lruvec+0x57c/0xa20
[ 1344.484285][T29720]  shrink_lruvec+0x31e/0x28e0
[ 1344.494414][T29720]  shrink_node+0x778/0x3dc0
[ 1344.505690][T29720]  do_try_to_free_pages+0x33e/0x16d0
[ 1345.517795][T29755] blktrace: Concurrent blktraces are not allowed on sda1
[ 1345.857230][   T10] usb usb40-port1: attempt power cycle
[ 1346.379432][T29761] Process accounting resumed
[ 1346.454532][   T10] usb usb40-port1: unable to enumerate USB device
[ 1347.795253][T29788] Process accounting resumed
[ 1349.505977][T29830] netlink: 2468 bytes leftover after parsing attributes in process `syz.2.4439'.
[ 1352.581292][T14793] usb usb40-port1: attempt power cycle
[ 1353.170985][T14793] usb usb40-port1: unable to enumerate USB device
[ 1353.944735][T29917] FAULT_INJECTION: forcing a failure.
[ 1353.944735][T29917] name failslab, interval 1, probability 0, space 0, times 0
[ 1354.013146][T29917] CPU: 0 UID: 0 PID: 29917 Comm: syz.1.4461 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1354.013185][T29917] Tainted: [L]=SOFTLOCKUP
[ 1354.013194][T29917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1354.013209][T29917] Call Trace:
[ 1354.013217][T29917]  <TASK>
[ 1354.013226][T29917]  dump_stack_lvl+0x100/0x190
[ 1354.013257][T29917]  should_fail_ex.cold+0x5/0xa
[ 1354.013289][T29917]  should_failslab+0xc2/0x120
[ 1354.013317][T29917]  __kmalloc_cache_noprof+0x7a/0x6f0
[ 1354.013352][T29917]  ? proc_self_get_link+0x189/0x1f0
[ 1354.013385][T29917]  proc_self_get_link+0x189/0x1f0
[ 1354.013420][T29917]  pick_link+0xac2/0x13c0
[ 1354.013444][T29917]  ? __pfx_proc_self_get_link+0x10/0x10
[ 1354.013476][T29917]  step_into_slowpath+0x9ba/0xf90
[ 1354.013507][T29917]  ? __pfx_step_into_slowpath+0x10/0x10
[ 1354.013537][T29917]  ? lookup_fast+0x2da/0x600
[ 1354.013559][T29917]  ? inode_permission+0x374/0x620
[ 1354.013599][T29917]  link_path_walk+0xf28/0x1cc0
[ 1354.013635][T29917]  path_openat+0x1be/0x31a0
[ 1354.013675][T29917]  ? kasan_save_stack+0x3f/0x50
[ 1354.013695][T29917]  ? kasan_save_stack+0x30/0x50
[ 1354.013715][T29917]  ? kasan_save_track+0x14/0x30
[ 1354.013736][T29917]  ? kmem_cache_alloc_noprof+0x241/0x6e0
[ 1354.013778][T29917]  ? __pfx_path_openat+0x10/0x10
[ 1354.013820][T29917]  do_file_open+0x20e/0x430
[ 1354.013850][T29917]  ? __pfx_do_file_open+0x10/0x10
[ 1354.013896][T29917]  ? alloc_fd+0x476/0x790
[ 1354.013926][T29917]  ? do_getname+0x191/0x390
[ 1354.013961][T29917]  do_sys_openat2+0x10d/0x1e0
[ 1354.013995][T29917]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1354.014040][T29917]  __x64_sys_openat+0x12d/0x210
[ 1354.014075][T29917]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1354.014109][T29917]  ? ksys_write+0x1ac/0x250
[ 1354.014138][T29917]  ? rcu_is_watching+0x12/0xc0
[ 1354.014169][T29917]  do_syscall_64+0x10b/0xf80
[ 1354.014201][T29917]  ? clear_bhb_loop+0x40/0x90
[ 1354.014228][T29917]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1354.014251][T29917] RIP: 0033:0x7f09a059cdd9
[ 1354.014269][T29917] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1354.014291][T29917] RSP: 002b:00007f09a13fd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1354.014313][T29917] RAX: ffffffffffffffda RBX: 00007f09a0815fa0 RCX: 00007f09a059cdd9
[ 1354.014327][T29917] RDX: 0000000000000481 RSI: 0000200000000000 RDI: ffffffffffffff9c
[ 1354.014342][T29917] RBP: 00007f09a0632d69 R08: 0000000000000000 R09: 0000000000000000
[ 1354.014356][T29917] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1354.014369][T29917] R13: 00007f09a0816038 R14: 00007f09a0815fa0 R15: 00007ffeac3637d8
[ 1354.014397][T29917]  </TASK>
[ 1354.858911][   T10] usb usb40-port1: attempt power cycle
[ 1355.514490][   T10] usb usb40-port1: unable to enumerate USB device
[ 1356.519989][T29940] FAULT_INJECTION: forcing a failure.
[ 1356.519989][T29940] name failslab, interval 1, probability 0, space 0, times 0
[ 1356.585015][T29940] CPU: 0 UID: 0 PID: 29940 Comm: syz.2.4467 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1356.585050][T29940] Tainted: [L]=SOFTLOCKUP
[ 1356.585059][T29940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1356.585073][T29940] Call Trace:
[ 1356.585081][T29940]  <TASK>
[ 1356.585093][T29940]  dump_stack_lvl+0x100/0x190
[ 1356.585123][T29940]  should_fail_ex.cold+0x5/0xa
[ 1356.585152][T29940]  should_failslab+0xc2/0x120
[ 1356.585178][T29940]  __kmalloc_cache_noprof+0x7a/0x6f0
[ 1356.585216][T29940]  ? proc_self_get_link+0x189/0x1f0
[ 1356.585247][T29940]  proc_self_get_link+0x189/0x1f0
[ 1356.585273][T29940]  pick_link+0xac2/0x13c0
[ 1356.585295][T29940]  ? __pfx_proc_self_get_link+0x10/0x10
[ 1356.585324][T29940]  step_into_slowpath+0x9ba/0xf90
[ 1356.585353][T29940]  ? __pfx_step_into_slowpath+0x10/0x10
[ 1356.585382][T29940]  ? lookup_fast+0x2da/0x600
[ 1356.585402][T29940]  ? inode_permission+0x374/0x620
[ 1356.585440][T29940]  link_path_walk+0xf28/0x1cc0
[ 1356.585473][T29940]  path_openat+0x1be/0x31a0
[ 1356.585500][T29940]  ? kasan_save_stack+0x3f/0x50
[ 1356.585521][T29940]  ? kasan_save_stack+0x30/0x50
[ 1356.585541][T29940]  ? kasan_save_track+0x14/0x30
[ 1356.585562][T29940]  ? kmem_cache_alloc_noprof+0x241/0x6e0
[ 1356.585605][T29940]  ? __pfx_path_openat+0x10/0x10
[ 1356.585643][T29940]  do_file_open+0x20e/0x430
[ 1356.585673][T29940]  ? __pfx_do_file_open+0x10/0x10
[ 1356.585720][T29940]  ? alloc_fd+0x476/0x790
[ 1356.585750][T29940]  ? do_getname+0x191/0x390
[ 1356.585785][T29940]  do_sys_openat2+0x10d/0x1e0
[ 1356.585820][T29940]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1356.585864][T29940]  __x64_sys_openat+0x12d/0x210
[ 1356.585900][T29940]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1356.585934][T29940]  ? ksys_write+0x1ac/0x250
[ 1356.585963][T29940]  ? rcu_is_watching+0x12/0xc0
[ 1356.585993][T29940]  do_syscall_64+0x10b/0xf80
[ 1356.586026][T29940]  ? clear_bhb_loop+0x40/0x90
[ 1356.586053][T29940]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1356.586075][T29940] RIP: 0033:0x7fbd58f9cdd9
[ 1356.586094][T29940] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1356.586115][T29940] RSP: 002b:00007fbd59f21028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1356.586136][T29940] RAX: ffffffffffffffda RBX: 00007fbd59215fa0 RCX: 00007fbd58f9cdd9
[ 1356.586151][T29940] RDX: 0000000000000481 RSI: 0000200000000000 RDI: ffffffffffffff9c
[ 1356.586165][T29940] RBP: 00007fbd59032d69 R08: 0000000000000000 R09: 0000000000000000
[ 1356.586179][T29940] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1356.586192][T29940] R13: 00007fbd59216038 R14: 00007fbd59215fa0 R15: 00007fff31261b08
[ 1356.586233][T29940]  </TASK>
[ 1360.065345][T29953] Process accounting resumed
[ 1361.910951][ T1314] ieee802154 phy0 wpan0: encryption failed: -22
[ 1361.917513][ T1314] ieee802154 phy1 wpan1: encryption failed: -22
[ 1362.019140][T30005] Process accounting resumed
[ 1363.542650][T30048] capability: warning: `syz.1.4494' uses 32-bit capabilities (legacy support in use)
[ 1363.648780][   T29] audit: type=1804 audit(1778451051.893:70): pid=30048 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.4494" name="/newroot/566/file0" dev="tmpfs" ino=3001 res=1 errno=0
[ 1365.647757][T30095] netlink: 2468 bytes leftover after parsing attributes in process `syz.2.4503'.
[ 1366.410880][T30102] smc: net device dummy0 applied user defined pnetid DUMMY0
[ 1366.623256][T30108] netlink: 'syz.1.4507': attribute type 2 has an invalid length.
[ 1367.795784][T30125] netlink: 'syz.2.4512': attribute type 2 has an invalid length.
[ 1369.227059][T30143] FAULT_INJECTION: forcing a failure.
[ 1369.227059][T30143] name failslab, interval 1, probability 0, space 0, times 0
[ 1369.293187][T30143] CPU: 0 UID: 0 PID: 30143 Comm: syz.2.4517 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1369.293221][T30143] Tainted: [L]=SOFTLOCKUP
[ 1369.293229][T30143] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1369.293242][T30143] Call Trace:
[ 1369.293249][T30143]  <TASK>
[ 1369.293258][T30143]  dump_stack_lvl+0x100/0x190
[ 1369.293285][T30143]  should_fail_ex.cold+0x5/0xa
[ 1369.293312][T30143]  ? constrain_params_by_rules+0x175/0xcc0
[ 1369.293333][T30143]  should_failslab+0xc2/0x120
[ 1369.293358][T30143]  __kmalloc_noprof+0xe0/0x850
[ 1369.293384][T30143]  ? unwind_get_return_address+0x59/0xa0
[ 1369.293419][T30143]  constrain_params_by_rules+0x175/0xcc0
[ 1369.293450][T30143]  ? stack_trace_save+0x8e/0xc0
[ 1369.293483][T30143]  ? __pfx_constrain_params_by_rules+0x10/0x10
[ 1369.293509][T30143]  ? __kasan_kmalloc+0xaa/0xb0
[ 1369.293528][T30143]  ? snd_pcm_oss_change_params_locked+0x81c/0x39f0
[ 1369.293561][T30143]  ? snd_pcm_oss_make_ready+0xeb/0x1b0
[ 1369.293592][T30143]  ? snd_pcm_oss_sync+0x1de/0x840
[ 1369.293632][T30143]  ? snd_interval_refine+0x2d0/0x580
[ 1369.293660][T30143]  snd_pcm_hw_refine+0x7e7/0xad0
[ 1369.293685][T30143]  ? __pfx_snd_pcm_hw_refine+0x10/0x10
[ 1369.293718][T30143]  ? snd_interval_refine+0x2d0/0x580
[ 1369.293746][T30143]  snd_pcm_oss_change_params_locked+0xdb3/0x39f0
[ 1369.293790][T30143]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[ 1369.293823][T30143]  ? __pfx___mutex_lock+0x10/0x10
[ 1369.293874][T30143]  snd_pcm_oss_make_ready+0xeb/0x1b0
[ 1369.293909][T30143]  snd_pcm_oss_sync+0x1de/0x840
[ 1369.293944][T30143]  snd_pcm_oss_release+0x238/0x300
[ 1369.293987][T30143]  ? __pfx_snd_pcm_oss_release+0x10/0x10
[ 1369.294018][T30143]  __fput+0x3ff/0xb50
[ 1369.294052][T30143]  task_work_run+0x150/0x240
[ 1369.294073][T30143]  ? __pfx_task_work_run+0x10/0x10
[ 1369.294095][T30143]  ? rcu_is_watching+0x12/0xc0
[ 1369.294127][T30143]  exit_to_user_mode_loop+0x107/0x4f0
[ 1369.294147][T30143]  ? rcu_is_watching+0x12/0xc0
[ 1369.294174][T30143]  do_syscall_64+0x6f2/0xf80
[ 1369.294202][T30143]  ? clear_bhb_loop+0x40/0x90
[ 1369.294226][T30143]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1369.294247][T30143] RIP: 0033:0x7fbd58f9cdd9
[ 1369.294262][T30143] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1369.294281][T30143] RSP: 002b:00007fbd59f21028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 1369.294300][T30143] RAX: 0000000000000000 RBX: 00007fbd59215fa0 RCX: 00007fbd58f9cdd9
[ 1369.294312][T30143] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[ 1369.294324][T30143] RBP: 00007fbd59f21090 R08: 0000000000000000 R09: 0000000000000000
[ 1369.294336][T30143] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1369.294348][T30143] R13: 00007fbd59216038 R14: 00007fbd59215fa0 R15: 00007fff31261b08
[ 1369.294373][T30143]  </TASK>
[ 1370.914562][T30159] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4521'.

syzkaller
syzkaller login: [ 1372.344177][T30178] FAULT_INJECTION: forcing a failure.
[ 1372.344177][T30178] name failslab, interval 1, probability 0, space 0, times 0
[ 1372.362761][T30179] FAULT_INJECTION: forcing a failure.
[ 1372.362761][T30179] name failslab, interval 1, probability 0, space 0, times 0
[ 1372.387318][T30179] CPU: 0 UID: 0 PID: 30179 Comm: syz.1.4525 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1372.387354][T30179] Tainted: [L]=SOFTLOCKUP
[ 1372.387362][T30179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1372.387376][T30179] Call Trace:
[ 1372.387384][T30179]  <TASK>
[ 1372.387392][T30179]  dump_stack_lvl+0x100/0x190
[ 1372.387421][T30179]  should_fail_ex.cold+0x5/0xa
[ 1372.387449][T30179]  ? __register_sysctl_table+0xbe4/0x1650
[ 1372.387479][T30179]  should_failslab+0xc2/0x120
[ 1372.387506][T30179]  __kmalloc_noprof+0xe0/0x850
[ 1372.387532][T30179]  __register_sysctl_table+0xbe4/0x1650
[ 1372.387567][T30179]  ? __pfx___register_sysctl_table+0x10/0x10
[ 1372.387598][T30179]  ? mq_init_ns+0x390/0x820
[ 1372.387620][T30179]  ? __asan_memcpy+0x3c/0x60
[ 1372.387656][T30179]  setup_mq_sysctls+0x124/0x240
[ 1372.387684][T30179]  copy_ipcs+0x524/0x7e0
[ 1372.387707][T30179]  create_new_namespaces+0x20a/0xac0
[ 1372.387737][T30179]  ? security_capable+0x80/0x260
[ 1372.387774][T30179]  copy_namespaces+0x468/0x5e0
[ 1372.387805][T30179]  copy_process+0x3531/0x7ed0
[ 1372.387847][T30179]  ? futex_unqueue+0x133/0x2c0
[ 1372.387884][T30179]  ? __pfx_copy_process+0x10/0x10
[ 1372.387923][T30179]  ? _copy_from_user+0x59/0xd0
[ 1372.387948][T30179]  kernel_clone+0x12e/0x9c0
[ 1372.387980][T30179]  ? futex_hash+0x141/0x370
[ 1372.388000][T30179]  ? __pfx_kernel_clone+0x10/0x10
[ 1372.388037][T30179]  ? __pfx_futex_wait+0x10/0x10
[ 1372.388073][T30179]  __do_sys_clone3+0x214/0x290
[ 1372.388104][T30179]  ? __pfx___do_sys_clone3+0x10/0x10
[ 1372.388163][T30179]  ? rcu_is_watching+0x12/0xc0
[ 1372.388194][T30179]  do_syscall_64+0x10b/0xf80
[ 1372.388227][T30179]  ? clear_bhb_loop+0x40/0x90
[ 1372.388254][T30179]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1372.388277][T30179] RIP: 0033:0x7f09a059cdd9
[ 1372.388295][T30179] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1372.388317][T30179] RSP: 002b:00007f09a13fcef8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 1372.388339][T30179] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f09a059cdd9
[ 1372.388354][T30179] RDX: 00007f09a13fcf10 RSI: 0000000000000058 RDI: 00007f09a13fcf10
[ 1372.388367][T30179] RBP: 00007f09a0632d69 R08: 0000000000000000 R09: 0000000000000058
[ 1372.388381][T30179] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1372.388394][T30179] R13: 00007f09a0816038 R14: 00007f09a0815fa0 R15: 00007ffeac3637d8
[ 1372.388422][T30179]  </TASK>
[ 1372.389026][T30179] sysctl could not get directory: /fs -12
[ 1372.656963][T30178] CPU: 0 UID: 0 PID: 30178 Comm: syz.0.4524 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1372.657000][T30178] Tainted: [L]=SOFTLOCKUP
[ 1372.657008][T30178] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1372.657023][T30178] Call Trace:
[ 1372.657031][T30178]  <TASK>
[ 1372.657039][T30178]  dump_stack_lvl+0x100/0x190
[ 1372.657069][T30178]  should_fail_ex.cold+0x5/0xa
[ 1372.657097][T30178]  should_failslab+0xc2/0x120
[ 1372.657127][T30178]  __kmalloc_cache_noprof+0x7a/0x6f0
[ 1372.657160][T30178]  ? proc_self_get_link+0x189/0x1f0
[ 1372.657191][T30178]  proc_self_get_link+0x189/0x1f0
[ 1372.657217][T30178]  pick_link+0xac2/0x13c0
[ 1372.657239][T30178]  ? __pfx_proc_self_get_link+0x10/0x10
[ 1372.657268][T30178]  step_into_slowpath+0x9ba/0xf90
[ 1372.657297][T30178]  ? __pfx_step_into_slowpath+0x10/0x10
[ 1372.657326][T30178]  ? lookup_fast+0x2da/0x600
[ 1372.657346][T30178]  ? inode_permission+0x374/0x620
[ 1372.657384][T30178]  link_path_walk+0xf28/0x1cc0
[ 1372.657416][T30178]  path_openat+0x1be/0x31a0
[ 1372.657443][T30178]  ? kasan_save_stack+0x3f/0x50
[ 1372.657463][T30178]  ? kasan_save_stack+0x30/0x50
[ 1372.657484][T30178]  ? kasan_save_track+0x14/0x30
[ 1372.657505][T30178]  ? kmem_cache_alloc_noprof+0x241/0x6e0
[ 1372.657547][T30178]  ? __pfx_path_openat+0x10/0x10
[ 1372.657585][T30178]  do_file_open+0x20e/0x430
[ 1372.657616][T30178]  ? __pfx_do_file_open+0x10/0x10
[ 1372.657683][T30178]  ? alloc_fd+0x476/0x790
[ 1372.657714][T30178]  ? do_getname+0x191/0x390
[ 1372.657763][T30178]  do_sys_openat2+0x10d/0x1e0
[ 1372.657798][T30178]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1372.657848][T30178]  __x64_sys_openat+0x12d/0x210
[ 1372.657884][T30178]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1372.657919][T30178]  ? ksys_write+0x1ac/0x250
[ 1372.657948][T30178]  ? rcu_is_watching+0x12/0xc0
[ 1372.657979][T30178]  do_syscall_64+0x10b/0xf80
[ 1372.658012][T30178]  ? clear_bhb_loop+0x40/0x90
[ 1372.658040][T30178]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1372.658063][T30178] RIP: 0033:0x7f1d2f19cdd9
[ 1372.658081][T30178] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1372.658103][T30178] RSP: 002b:00007f1d3002a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1372.658124][T30178] RAX: ffffffffffffffda RBX: 00007f1d2f415fa0 RCX: 00007f1d2f19cdd9
[ 1372.658139][T30178] RDX: 0000000000000481 RSI: 0000200000000000 RDI: ffffffffffffff9c
[ 1372.658153][T30178] RBP: 00007f1d2f232d69 R08: 0000000000000000 R09: 0000000000000000
[ 1372.658167][T30178] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1372.658180][T30178] R13: 00007f1d2f416038 R14: 00007f1d2f415fa0 R15: 00007ffe2223cda8
[ 1372.658208][T30178]  </TASK>
[ 1373.618277][T22154] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18
[ 1373.627461][T22154] Bluetooth: hci3: Invalid handle: 0x3a4a > 0x0eff
[ 1377.101269][T30245] random: crng reseeded on system resumption
[ 1377.857796][T30244]  ram7: [POWERTEC] p1 p2 p3 p4 p5 p6 p7 p8 p9 p10
[ 1378.131544][T30251] netlink: 11784 bytes leftover after parsing attributes in process `syz.1.4540'.
[ 1378.154800][T30244] ram7: p2 start 3320708683 is beyond EOD, truncated
[ 1378.205857][T30244] ram7: p3 start 253174566 is beyond EOD, truncated
[ 1378.265758][T30244] ram7: p4 start 2319236730 is beyond EOD, truncated
[ 1378.295716][T30239] Process accounting paused
[ 1378.318894][T30244] ram7: p5 start 4062341006 is beyond EOD, truncated
[ 1378.388383][T30244] ram7: p6 start 3078714621 is beyond EOD, truncated
[ 1378.440491][T30244] ram7: p7 start 1624321948 is beyond EOD, truncated
[ 1378.490674][T30244] ram7: p8 start 3228653154 is beyond EOD, truncated
[ 1378.526085][T30244] ram7: p9 start 531111967 is beyond EOD, truncated
[ 1378.589018][T30244] ram7: p10 start 518693131 is beyond EOD, truncated
[ 1378.839545][T30247]  ram7: [POWERTEC] p1 p2 p3 p4 p5 p6 p7 p8 p9 p10
[ 1378.880994][T30247] ram7: p2 start 3320708683 is beyond EOD, truncated
[ 1378.909755][T30247] ram7: p3 start 253174566 is beyond EOD, truncated
[ 1378.948297][T30247] ram7: p4 start 2319236730 is beyond EOD, truncated
[ 1378.981450][T30247] ram7: p5 start 4062341006 is beyond EOD, truncated
[ 1379.015735][T30247] ram7: p6 start 3078714621 is beyond EOD, truncated
[ 1379.044125][T30247] ram7: p7 start 1624321948 is beyond EOD, truncated
[ 1379.077027][T30247] ram7: p8 start 3228653154 is beyond EOD, truncated
[ 1379.100720][T30247] ram7: p9 start 531111967 is beyond EOD, truncated
[ 1379.120939][T30247] ram7: p10 start 518693131 is beyond EOD, truncated
[ 1379.360868][T30272] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4546'.
[ 1382.039688][T30305] FAULT_INJECTION: forcing a failure.
[ 1382.039688][T30305] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1382.110629][T30305] CPU: 0 UID: 0 PID: 30305 Comm: syz.2.4555 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1382.110665][T30305] Tainted: [L]=SOFTLOCKUP
[ 1382.110674][T30305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1382.110687][T30305] Call Trace:
[ 1382.110695][T30305]  <TASK>
[ 1382.110704][T30305]  dump_stack_lvl+0x100/0x190
[ 1382.110733][T30305]  should_fail_ex.cold+0x5/0xa
[ 1382.110758][T30305]  ? prepare_alloc_pages+0x16d/0x5f0
[ 1382.110789][T30305]  should_fail_alloc_page+0xeb/0x140
[ 1382.110819][T30305]  prepare_alloc_pages+0x1f0/0x5f0
[ 1382.110850][T30305]  ? arch_stack_walk+0xa6/0xf0
[ 1382.110883][T30305]  __alloc_frozen_pages_noprof+0x19a/0x2bc0
[ 1382.110926][T30305]  ? stack_trace_save+0x8e/0xc0
[ 1382.110957][T30305]  ? __pfx_stack_trace_save+0x10/0x10
[ 1382.110989][T30305]  ? stack_depot_save_flags+0x27/0x9d0
[ 1382.111024][T30305]  ? is_bpf_text_address+0x8a/0x1a0
[ 1382.111057][T30305]  ? is_bpf_text_address+0x8a/0x1a0
[ 1382.111100][T30305]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1382.111135][T30305]  ? kasan_save_stack+0x3f/0x50
[ 1382.111154][T30305]  ? kasan_save_stack+0x30/0x50
[ 1382.111173][T30305]  ? kasan_save_track+0x14/0x30
[ 1382.111192][T30305]  ? kmem_cache_alloc_node_noprof+0x25a/0x6f0
[ 1382.111227][T30305]  ? __get_vm_area_node+0x1ca/0x330
[ 1382.111252][T30305]  ? __vmalloc_node_range_noprof+0x228/0x1630
[ 1382.111280][T30305]  ? __vmalloc_node_noprof+0xad/0xf0
[ 1382.111306][T30305]  ? __snd_dma_alloc_pages+0xd2/0x150
[ 1382.111333][T30305]  ? snd_dma_alloc_dir_pages+0x151/0x240
[ 1382.111359][T30305]  ? do_alloc_pages+0xf4/0x200
[ 1382.111378][T30305]  ? snd_pcm_lib_malloc_pages+0x4bd/0x9b0
[ 1382.111399][T30305]  ? snd_pcm_hw_params+0x1673/0x1bf0
[ 1382.111420][T30305]  ? snd_pcm_kernel_ioctl+0x167/0x2e0
[ 1382.111444][T30305]  ? task_work_run+0x150/0x240
[ 1382.111464][T30305]  ? exit_to_user_mode_loop+0x107/0x4f0
[ 1382.111484][T30305]  ? do_syscall_64+0x6f2/0xf80
[ 1382.111514][T30305]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1382.111540][T30305]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1382.111573][T30305]  ? policy_nodemask+0xed/0x4f0
[ 1382.111600][T30305]  alloc_pages_mpol+0x1fb/0x540
[ 1382.111625][T30305]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1382.111657][T30305]  alloc_pages_noprof+0x1a/0x160
[ 1382.111686][T30305]  get_free_pages_noprof+0x10/0xb0
[ 1382.111710][T30305]  __kasan_populate_vmalloc+0xa0/0x210
[ 1382.111750][T30305]  alloc_vmap_area+0x95d/0x2b70
[ 1382.111785][T30305]  ? __pfx_alloc_vmap_area+0x10/0x10
[ 1382.111816][T30305]  __get_vm_area_node+0x1ca/0x330
[ 1382.111847][T30305]  __vmalloc_node_range_noprof+0x228/0x1630
[ 1382.111877][T30305]  ? __snd_dma_alloc_pages+0xd2/0x150
[ 1382.111908][T30305]  ? lock_acquire+0x1b1/0x370
[ 1382.111929][T30305]  ? __snd_dma_alloc_pages+0xd2/0x150
[ 1382.111959][T30305]  ? trace_contention_end+0x122/0x170
[ 1382.111982][T30305]  ? __mutex_lock+0x26d/0x1b10
[ 1382.112018][T30305]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1382.112047][T30305]  ? do_alloc_pages+0xb7/0x200
[ 1382.112066][T30305]  ? do_alloc_pages+0xb7/0x200
[ 1382.112090][T30305]  ? __mutex_unlock_slowpath+0x15d/0x8a0
[ 1382.112126][T30305]  ? __snd_dma_alloc_pages+0xd2/0x150
[ 1382.112153][T30305]  __vmalloc_node_noprof+0xad/0xf0
[ 1382.112181][T30305]  ? __snd_dma_alloc_pages+0xd2/0x150
[ 1382.112208][T30305]  ? __pfx_snd_dma_vmalloc_alloc+0x10/0x10
[ 1382.112233][T30305]  __snd_dma_alloc_pages+0xd2/0x150
[ 1382.112261][T30305]  snd_dma_alloc_dir_pages+0x151/0x240
[ 1382.112291][T30305]  do_alloc_pages+0xf4/0x200
[ 1382.112315][T30305]  snd_pcm_lib_malloc_pages+0x4bd/0x9b0
[ 1382.112341][T30305]  snd_pcm_hw_params+0x1673/0x1bf0
[ 1382.112368][T30305]  ? __pfx_snd_pcm_hw_params+0x10/0x10
[ 1382.112391][T30305]  ? snd_pcm_hw_param_near.constprop.0+0x578/0x850
[ 1382.112428][T30305]  ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10
[ 1382.112465][T30305]  snd_pcm_kernel_ioctl+0x167/0x2e0
[ 1382.112489][T30305]  snd_pcm_oss_change_params_locked+0x1973/0x39f0
[ 1382.112533][T30305]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[ 1382.112566][T30305]  ? __pfx___mutex_lock+0x10/0x10
[ 1382.112615][T30305]  snd_pcm_oss_make_ready+0xeb/0x1b0
[ 1382.112650][T30305]  snd_pcm_oss_sync+0x1de/0x840
[ 1382.112685][T30305]  snd_pcm_oss_release+0x238/0x300
[ 1382.112717][T30305]  ? __pfx_snd_pcm_oss_release+0x10/0x10
[ 1382.112750][T30305]  __fput+0x3ff/0xb50
[ 1382.112785][T30305]  task_work_run+0x150/0x240
[ 1382.112807][T30305]  ? __pfx_task_work_run+0x10/0x10
[ 1382.112830][T30305]  ? rcu_is_watching+0x12/0xc0
[ 1382.112859][T30305]  exit_to_user_mode_loop+0x107/0x4f0
[ 1382.112879][T30305]  ? rcu_is_watching+0x12/0xc0
[ 1382.112907][T30305]  do_syscall_64+0x6f2/0xf80
[ 1382.112938][T30305]  ? clear_bhb_loop+0x40/0x90
[ 1382.112964][T30305]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1382.112985][T30305] RIP: 0033:0x7fbd58f9cdd9
[ 1382.113009][T30305] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1382.113031][T30305] RSP: 002b:00007fbd59f21028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 1382.113052][T30305] RAX: 0000000000000000 RBX: 00007fbd59215fa0 RCX: 00007fbd58f9cdd9
[ 1382.113066][T30305] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[ 1382.113078][T30305] RBP: 00007fbd59032d69 R08: 0000000000000000 R09: 0000000000000000
[ 1382.113091][T30305] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1382.113105][T30305] R13: 00007fbd59216038 R14: 00007fbd59215fa0 R15: 00007fff31261b08
[ 1382.113132][T30305]  </TASK>
[ 1382.837722][T30305] syz.2.4555: vmalloc error: size 2097152, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1382.853889][T30305] CPU: 0 UID: 0 PID: 30305 Comm: syz.2.4555 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1382.853941][T30305] Tainted: [L]=SOFTLOCKUP
[ 1382.853949][T30305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1382.853963][T30305] Call Trace:
[ 1382.853971][T30305]  <TASK>
[ 1382.853980][T30305]  dump_stack_lvl+0x100/0x190
[ 1382.854007][T30305]  warn_alloc.cold+0x95/0x1c1
[ 1382.854030][T30305]  ? __pfx_warn_alloc+0x10/0x10
[ 1382.854064][T30305]  ? lockdep_hardirqs_on+0x78/0x100
[ 1382.854099][T30305]  ? __get_vm_area_node+0x2c5/0x330
[ 1382.854131][T30305]  ? __get_vm_area_node+0x208/0x330
[ 1382.854162][T30305]  __vmalloc_node_range_noprof+0xccd/0x1630
[ 1382.854196][T30305]  ? lock_acquire+0x1b1/0x370
[ 1382.854222][T30305]  ? __snd_dma_alloc_pages+0xd2/0x150
[ 1382.854254][T30305]  ? trace_contention_end+0x122/0x170
[ 1382.854278][T30305]  ? __mutex_lock+0x26d/0x1b10
[ 1382.854311][T30305]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1382.854341][T30305]  ? do_alloc_pages+0xb7/0x200
[ 1382.854359][T30305]  ? do_alloc_pages+0xb7/0x200
[ 1382.854384][T30305]  ? __mutex_unlock_slowpath+0x15d/0x8a0
[ 1382.854420][T30305]  ? __snd_dma_alloc_pages+0xd2/0x150
[ 1382.854446][T30305]  __vmalloc_node_noprof+0xad/0xf0
[ 1382.854475][T30305]  ? __snd_dma_alloc_pages+0xd2/0x150
[ 1382.854502][T30305]  ? __pfx_snd_dma_vmalloc_alloc+0x10/0x10
[ 1382.854527][T30305]  __snd_dma_alloc_pages+0xd2/0x150
[ 1382.854555][T30305]  snd_dma_alloc_dir_pages+0x151/0x240
[ 1382.854585][T30305]  do_alloc_pages+0xf4/0x200
[ 1382.854609][T30305]  snd_pcm_lib_malloc_pages+0x4bd/0x9b0
[ 1382.854636][T30305]  snd_pcm_hw_params+0x1673/0x1bf0
[ 1382.854664][T30305]  ? __pfx_snd_pcm_hw_params+0x10/0x10
[ 1382.854687][T30305]  ? snd_pcm_hw_param_near.constprop.0+0x578/0x850
[ 1382.854723][T30305]  ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10
[ 1382.854761][T30305]  snd_pcm_kernel_ioctl+0x167/0x2e0
[ 1382.854785][T30305]  snd_pcm_oss_change_params_locked+0x1973/0x39f0
[ 1382.854829][T30305]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[ 1382.854862][T30305]  ? __pfx___mutex_lock+0x10/0x10
[ 1382.854912][T30305]  snd_pcm_oss_make_ready+0xeb/0x1b0
[ 1382.854951][T30305]  snd_pcm_oss_sync+0x1de/0x840
[ 1382.854989][T30305]  snd_pcm_oss_release+0x238/0x300
[ 1382.855022][T30305]  ? __pfx_snd_pcm_oss_release+0x10/0x10
[ 1382.855056][T30305]  __fput+0x3ff/0xb50
[ 1382.855091][T30305]  task_work_run+0x150/0x240
[ 1382.855113][T30305]  ? __pfx_task_work_run+0x10/0x10
[ 1382.855137][T30305]  ? rcu_is_watching+0x12/0xc0
[ 1382.855166][T30305]  exit_to_user_mode_loop+0x107/0x4f0
[ 1382.855186][T30305]  ? rcu_is_watching+0x12/0xc0
[ 1382.855214][T30305]  do_syscall_64+0x6f2/0xf80
[ 1382.855244][T30305]  ? clear_bhb_loop+0x40/0x90
[ 1382.855269][T30305]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1382.855291][T30305] RIP: 0033:0x7fbd58f9cdd9
[ 1382.855308][T30305] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1382.855328][T30305] RSP: 002b:00007fbd59f21028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 1382.855348][T30305] RAX: 0000000000000000 RBX: 00007fbd59215fa0 RCX: 00007fbd58f9cdd9
[ 1382.855362][T30305] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[ 1382.855375][T30305] RBP: 00007fbd59032d69 R08: 0000000000000000 R09: 0000000000000000
[ 1382.855388][T30305] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1382.855400][T30305] R13: 00007fbd59216038 R14: 00007fbd59215fa0 R15: 00007fff31261b08
[ 1382.855427][T30305]  </TASK>
[ 1383.213393][T30305] Mem-Info:
[ 1383.218152][T30305] active_anon:15931 inactive_anon:119 isolated_anon:0
[ 1383.218152][T30305]  active_file:12788 inactive_file:14657 isolated_file:0
[ 1383.218152][T30305]  unevictable:3358 dirty:2313 writeback:0
[ 1383.218152][T30305]  slab_reclaimable:13755 slab_unreclaimable:122133
[ 1383.218152][T30305]  mapped:29148 shmem:5992 pagetables:2027
[ 1383.218152][T30305]  sec_pagetables:0 bounce:0
[ 1383.218152][T30305]  kernel_misc_reclaimable:0
[ 1383.218152][T30305]  free:1107629 free_pcp:14333 free_cma:0
[ 1383.264576][T30305] Node 0 active_anon:63724kB inactive_anon:476kB active_file:50380kB inactive_file:52836kB unevictable:11896kB isolated(anon):0kB isolated(file):0kB mapped:79184kB dirty:9208kB writeback:0kB shmem:22432kB shmem_thp:6144kB shmem_pmdmapped:0kB anon_thp:28672kB kernel_stack:11776kB pagetables:7984kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB
[ 1383.301198][T30305] Node 1 active_anon:0kB inactive_anon:0kB active_file:772kB inactive_file:5792kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:37408kB dirty:44kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:64kB pagetables:124kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB
[ 1383.335516][T30305] Node 0 DMA free:11252kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:12kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1383.366270][T30305] lowmem_reserve[]: 0 2477 2478 2478 2478
[ 1383.372750][T30305] Node 0 DMA32 free:563504kB boost:0kB min:34304kB low:42880kB high:51456kB reserved_highatomic:0KB free_highatomic:0KB active_anon:63724kB inactive_anon:476kB active_file:50380kB inactive_file:52824kB unevictable:11896kB writepending:9208kB zspages:1176kB present:3129332kB managed:2537332kB mlocked:10412kB bounce:0kB free_pcp:45952kB local_pcp:45952kB free_cma:0kB
[ 1383.408121][T30305] lowmem_reserve[]: 0 0 1 1 1
[ 1383.413360][T30305] Node 0 Normal free:8kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1100kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1383.443255][T30305] lowmem_reserve[]: 0 0 0 0 0
[ 1383.448066][T30305] Node 1 Normal free:3855752kB boost:0kB min:55580kB low:69472kB high:83364kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:772kB inactive_file:5792kB unevictable:1536kB writepending:44kB zspages:144kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:11356kB local_pcp:11356kB free_cma:0kB
[ 1383.481369][T30305] lowmem_reserve[]: 0 0 0 0 0
[ 1383.486259][T30305] Node 0 DMA: 1*4kB (M) 2*8kB (M) 2*16kB (M) 2*32kB (M) 0*64kB 1*128kB (M) 1*256kB (M) 1*512kB (M) 2*1024kB (UM) 0*2048kB 2*4096kB (UM) = 11252kB
[ 1383.502204][T30305] Node 0 DMA32: 7327*4kB (UM) 4247*8kB (UME) 2084*16kB (UME) 589*32kB (UME) 289*64kB (UME) 172*128kB (UME) 288*256kB (UME) 100*512kB (UME) 94*1024kB (UME) 7*2048kB (UM) 42*4096kB (M) = 563540kB
[ 1383.522086][T30305] Node 0 Normal: 2*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB
[ 1383.534098][T30305] Node 1 Normal: 72*4kB (UM) 33*8kB (UM) 36*16kB (UME) 35*32kB (UME) 29*64kB (UM) 13*128kB (UM) 7*256kB (UM) 4*512kB (UME) 4*1024kB (UME) 6*2048kB (UME) 935*4096kB (M) = 3855752kB
[ 1383.552282][T30305] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1383.562187][T30305] Node 0 hugepages_total=2 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1383.571818][T30305] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1383.581564][T30305] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1383.601184][T30305] 34523 total pagecache pages
[ 1383.633208][T30305] 241 pages in swap cache
[ 1383.656920][T30305] Free swap  = 120720kB
[ 1383.670005][T30305] Total swap = 124996kB
[ 1383.680119][T30305] 2097051 pages RAM
[ 1383.690226][T30305] 0 pages HighMem/MovableOnly
[ 1383.696682][T30305] 430828 pages reserved
[ 1383.702607][T30305] 0 pages cma reserved
[ 1385.347704][T30335] netlink: 2468 bytes leftover after parsing attributes in process `syz.1.4562'.
[ 1385.362939][T30340] netlink: 334 bytes leftover after parsing attributes in process `syz.0.4564'.
[ 1385.542950][T30343] netlink: 2468 bytes leftover after parsing attributes in process `syz.3.4565'.
[ 1388.325930][T30390] netlink: 334 bytes leftover after parsing attributes in process `syz.2.4576'.
[ 1388.466548][T30388] snd_virmidi snd_virmidi.0: control 61678:134348809:44033:y�:5 is already present
[ 1388.662464][T30396] netlink: 11776 bytes leftover after parsing attributes in process `syz.3.4577'.
[ 1389.112017][T30409] FAULT_INJECTION: forcing a failure.
[ 1389.112017][T30409] name failslab, interval 1, probability 0, space 0, times 0
[ 1389.189432][T30409] CPU: 0 UID: 0 PID: 30409 Comm: syz.2.4582 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1389.189472][T30409] Tainted: [L]=SOFTLOCKUP
[ 1389.189481][T30409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1389.189495][T30409] Call Trace:
[ 1389.189503][T30409]  <TASK>
[ 1389.189513][T30409]  dump_stack_lvl+0x100/0x190
[ 1389.189543][T30409]  should_fail_ex.cold+0x5/0xa
[ 1389.189575][T30409]  should_failslab+0xc2/0x120
[ 1389.189603][T30409]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[ 1389.189644][T30409]  ? __d_alloc+0x34/0xa40
[ 1389.189682][T30409]  __d_alloc+0x34/0xa40
[ 1389.189727][T30409]  d_alloc_parallel+0x111/0x14e0
[ 1389.189757][T30409]  ? find_held_lock+0x2b/0x80
[ 1389.189785][T30409]  ? __d_lookup+0x25c/0x4a0
[ 1389.189807][T30409]  ? __pfx_d_alloc_parallel+0x10/0x10
[ 1389.189835][T30409]  ? __d_lookup+0x266/0x4a0
[ 1389.189864][T30409]  lookup_open.isra.0+0x57c/0x11b0
[ 1389.189893][T30409]  ? __pfx_lookup_open.isra.0+0x10/0x10
[ 1389.189930][T30409]  ? mnt_get_write_access+0x1e9/0x2f0
[ 1389.189971][T30409]  path_openat+0xa98/0x31a0
[ 1389.190029][T30409]  ? __pfx_path_openat+0x10/0x10
[ 1389.190068][T30409]  do_file_open+0x20e/0x430
[ 1389.190098][T30409]  ? __pfx_do_file_open+0x10/0x10
[ 1389.190136][T30409]  ? __pfx_kfree_link+0x10/0x10
[ 1389.190166][T30409]  ? alloc_fd+0x476/0x790
[ 1389.190195][T30409]  ? do_getname+0x191/0x390
[ 1389.190231][T30409]  do_sys_openat2+0x10d/0x1e0
[ 1389.190266][T30409]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1389.190310][T30409]  __x64_sys_openat+0x12d/0x210
[ 1389.190346][T30409]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1389.190380][T30409]  ? ksys_write+0x1ac/0x250
[ 1389.190424][T30409]  ? rcu_is_watching+0x12/0xc0
[ 1389.190455][T30409]  do_syscall_64+0x10b/0xf80
[ 1389.190488][T30409]  ? clear_bhb_loop+0x40/0x90
[ 1389.190514][T30409]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1389.190537][T30409] RIP: 0033:0x7fbd58f9cdd9
[ 1389.190555][T30409] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1389.190577][T30409] RSP: 002b:00007fbd59f21028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1389.190599][T30409] RAX: ffffffffffffffda RBX: 00007fbd59215fa0 RCX: 00007fbd58f9cdd9
[ 1389.190613][T30409] RDX: 0000000000000481 RSI: 0000200000000000 RDI: ffffffffffffff9c
[ 1389.190628][T30409] RBP: 00007fbd59032d69 R08: 0000000000000000 R09: 0000000000000000
[ 1389.190642][T30409] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1389.190655][T30409] R13: 00007fbd59216038 R14: 00007fbd59215fa0 R15: 00007fff31261b08
[ 1389.190683][T30409]  </TASK>
[ 1390.922737][T30429] netlink: 2468 bytes leftover after parsing attributes in process `syz.3.4583'.
[ 1391.032612][T30403] Process accounting paused
[ 1393.024634][T30456] netlink: 2468 bytes leftover after parsing attributes in process `syz.2.4592'.
[ 1393.831912][T30447] Process accounting paused
[ 1394.223715][T30479] netlink: 334 bytes leftover after parsing attributes in process `syz.3.4597'.
[ 1394.422281][T30477] snd_virmidi snd_virmidi.0: control 61678:134348809:44033:y�:5 is already present
[ 1394.884886][T30493] FAULT_INJECTION: forcing a failure.
[ 1394.884886][T30493] name failslab, interval 1, probability 0, space 0, times 0
[ 1394.986387][T30493] CPU: 0 UID: 0 PID: 30493 Comm: syz.3.4601 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1394.986421][T30493] Tainted: [L]=SOFTLOCKUP
[ 1394.986428][T30493] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1394.986440][T30493] Call Trace:
[ 1394.986447][T30493]  <TASK>
[ 1394.986455][T30493]  dump_stack_lvl+0x100/0x190
[ 1394.986481][T30493]  should_fail_ex.cold+0x5/0xa
[ 1394.986507][T30493]  ? tomoyo_realpath_from_path+0xb6/0x690
[ 1394.986533][T30493]  should_failslab+0xc2/0x120
[ 1394.986557][T30493]  __kmalloc_noprof+0xe0/0x850
[ 1394.986575][T30493]  ? kfree+0x1dd/0x6c0
[ 1394.986606][T30493]  tomoyo_realpath_from_path+0xb6/0x690
[ 1394.986638][T30493]  tomoyo_check_open_permission+0x2af/0x3c0
[ 1394.986661][T30493]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[ 1394.986692][T30493]  ? hook_file_open+0x24e/0x7a0
[ 1394.986731][T30493]  ? path_get+0x61/0x80
[ 1394.986761][T30493]  tomoyo_file_open+0x6b/0x90
[ 1394.986791][T30493]  security_file_open+0xb5/0x1e0
[ 1394.986816][T30493]  do_dentry_open+0x5aa/0x1660
[ 1394.986843][T30493]  ? security_inode_permission+0xbf/0x250
[ 1394.986868][T30493]  vfs_open+0x82/0x3f0
[ 1394.986901][T30493]  path_openat+0x208c/0x31a0
[ 1394.986944][T30493]  ? __pfx_path_openat+0x10/0x10
[ 1394.986998][T30493]  do_file_open+0x20e/0x430
[ 1394.987026][T30493]  ? __pfx_do_file_open+0x10/0x10
[ 1394.987071][T30493]  ? alloc_fd+0x476/0x790
[ 1394.987117][T30493]  ? do_getname+0x191/0x390
[ 1394.987154][T30493]  do_sys_openat2+0x10d/0x1e0
[ 1394.987188][T30493]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1394.987222][T30493]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1394.987262][T30493]  ? __fget_files+0x21f/0x3d0
[ 1394.987293][T30493]  __x64_sys_openat+0x12d/0x210
[ 1394.987331][T30493]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1394.987366][T30493]  ? ksys_write+0x1ac/0x250
[ 1394.987396][T30493]  ? rcu_is_watching+0x12/0xc0
[ 1394.987427][T30493]  do_syscall_64+0x10b/0xf80
[ 1394.987459][T30493]  ? clear_bhb_loop+0x40/0x90
[ 1394.987487][T30493]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1394.987510][T30493] RIP: 0033:0x7f488079cdd9
[ 1394.987529][T30493] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1394.987551][T30493] RSP: 002b:00007f487e9f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1394.987572][T30493] RAX: ffffffffffffffda RBX: 00007f4880a16090 RCX: 00007f488079cdd9
[ 1394.987587][T30493] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c
[ 1394.987601][T30493] RBP: 00007f487e9f6090 R08: 0000000000000000 R09: 0000000000000000
[ 1394.987615][T30493] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1394.987629][T30493] R13: 00007f4880a16128 R14: 00007f4880a16090 R15: 00007ffecd6f96a8
[ 1394.987658][T30493]  </TASK>
[ 1394.987699][T30493] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1395.948166][T30513] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4606'.
[ 1396.368544][T30493] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1396.425106][T30493] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1396.450267][T30493] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1396.481523][T30493] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1396.840884][T30528] snd_virmidi snd_virmidi.0: control 61678:134348809:44033:y�:5 is already present
[ 1398.242721][T30195] Bluetooth: hci4: command 0x0406 tx timeout
[ 1398.478076][T30564] net_ratelimit: 3 callbacks suppressed
[ 1398.478095][T30564] openvswitch: netlink: Multiple metadata blocks provided
[ 1398.491392][T30195] Bluetooth: hci2: command 0x0406 tx timeout
[ 1398.498676][T30195] Bluetooth: hci3: command 0x0406 tx timeout
[ 1398.504800][T30195] Bluetooth: hci0: command 0x0406 tx timeout
[ 1398.978136][T30195] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1398.996465][T30195] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1399.006807][T30195] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1399.014932][T30195] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1399.022522][T30195] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1400.140562][T15153] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1400.471512][T15153] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1400.905886][T15153] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1401.134109][T30195] Bluetooth: hci1: command tx timeout
[ 1401.158949][T15153] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1402.228476][T15153] bridge_slave_1: left allmulticast mode
[ 1402.268133][T15153] bridge_slave_1: left promiscuous mode
[ 1402.294693][T15153] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1402.337097][T15153] bridge_slave_0: left allmulticast mode
[ 1402.366585][T30630] random: crng reseeded on system resumption
[ 1402.375502][T15153] bridge_slave_0: left promiscuous mode
[ 1402.392716][T15153] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1402.489488][T30630] hub 1-0:1.0: USB hub found
[ 1402.513818][T30630] hub 1-0:1.0: 1 port detected
[ 1403.159637][T15153] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1403.205717][T30195] Bluetooth: hci1: command tx timeout
[ 1403.226496][T15153] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1403.286345][T15153] bond0 (unregistering): Released all slaves
[ 1403.390270][T15153] &#$@\]\-: left promiscuous mode
[ 1403.406526][T30647] sysfs_service_op_show: Client not running :-5:
[ 1403.977818][ T5288] 8021q: adding VLAN 0 to HW filter on device eth1
[ 1404.530393][T30568] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1404.552638][T30568] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1404.576051][T30568] bridge_slave_0: entered allmulticast mode
[ 1404.591895][T30568] bridge_slave_0: entered promiscuous mode
[ 1404.617055][T30568] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1404.635608][T30568] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1404.644746][T30568] bridge_slave_1: entered allmulticast mode
[ 1404.667423][T30568] bridge_slave_1: entered promiscuous mode
[ 1405.014232][T30568] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1405.171863][T30568] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1405.286216][T30195] Bluetooth: hci1: command tx timeout
[ 1405.560643][T30568] team0: Port device team_slave_0 added
[ 1405.611353][T30568] team0: Port device team_slave_1 added
[ 1405.872037][T30686] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1405.993704][T30686] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1406.038578][T30686] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1406.072905][T30686] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1406.122304][T30686] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1406.234386][T30568] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1406.284008][T30703] netlink: 2468 bytes leftover after parsing attributes in process `syz.2.4647'.
[ 1406.305770][T30686] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1406.320580][T30568] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1406.456444][T30568] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1406.572402][T30568] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1406.596397][T30568] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1406.701258][T30568] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1406.726275][T30707] FAULT_INJECTION: forcing a failure.
[ 1406.726275][T30707] name failslab, interval 1, probability 0, space 0, times 0
[ 1406.765966][ T5288] 8021q: adding VLAN 0 to HW filter on device eth2
[ 1406.781907][T30707] CPU: 0 UID: 0 PID: 30707 Comm: syz.2.4648 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1406.781940][T30707] Tainted: [L]=SOFTLOCKUP
[ 1406.781948][T30707] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1406.781961][T30707] Call Trace:
[ 1406.781968][T30707]  <TASK>
[ 1406.781976][T30707]  dump_stack_lvl+0x100/0x190
[ 1406.782004][T30707]  should_fail_ex.cold+0x5/0xa
[ 1406.782031][T30707]  should_failslab+0xc2/0x120
[ 1406.782056][T30707]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[ 1406.782092][T30707]  ? __d_alloc+0x34/0xa40
[ 1406.782125][T30707]  __d_alloc+0x34/0xa40
[ 1406.782156][T30707]  d_alloc_parallel+0x111/0x14e0
[ 1406.782187][T30707]  ? find_held_lock+0x2b/0x80
[ 1406.782214][T30707]  ? __d_lookup+0x25c/0x4a0
[ 1406.782235][T30707]  ? __pfx_d_alloc_parallel+0x10/0x10
[ 1406.782260][T30707]  ? __d_lookup+0x266/0x4a0
[ 1406.782286][T30707]  lookup_open.isra.0+0x57c/0x11b0
[ 1406.782314][T30707]  ? __pfx_lookup_open.isra.0+0x10/0x10
[ 1406.782351][T30707]  ? mnt_get_write_access+0x1e9/0x2f0
[ 1406.782389][T30707]  path_openat+0xa98/0x31a0
[ 1406.782423][T30707]  ? __pfx_path_openat+0x10/0x10
[ 1406.782459][T30707]  do_file_open+0x20e/0x430
[ 1406.782488][T30707]  ? __pfx_do_file_open+0x10/0x10
[ 1406.782524][T30707]  ? __pfx_kfree_link+0x10/0x10
[ 1406.782552][T30707]  ? alloc_fd+0x476/0x790
[ 1406.782580][T30707]  ? do_getname+0x191/0x390
[ 1406.782613][T30707]  do_sys_openat2+0x10d/0x1e0
[ 1406.782646][T30707]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1406.782688][T30707]  __x64_sys_openat+0x12d/0x210
[ 1406.782722][T30707]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1406.782754][T30707]  ? ksys_write+0x1ac/0x250
[ 1406.782782][T30707]  ? rcu_is_watching+0x12/0xc0
[ 1406.782811][T30707]  do_syscall_64+0x10b/0xf80
[ 1406.782842][T30707]  ? clear_bhb_loop+0x40/0x90
[ 1406.782867][T30707]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1406.782895][T30707] RIP: 0033:0x7fbd58f9cdd9
[ 1406.782913][T30707] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1406.782934][T30707] RSP: 002b:00007fbd59f21028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1406.782955][T30707] RAX: ffffffffffffffda RBX: 00007fbd59215fa0 RCX: 00007fbd58f9cdd9
[ 1406.782969][T30707] RDX: 0000000000000481 RSI: 0000200000000000 RDI: ffffffffffffff9c
[ 1406.782982][T30707] RBP: 00007fbd59032d69 R08: 0000000000000000 R09: 0000000000000000
[ 1406.782995][T30707] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1406.783007][T30707] R13: 00007fbd59216038 R14: 00007fbd59215fa0 R15: 00007fff31261b08
[ 1406.783034][T30707]  </TASK>
[ 1407.304606][T30718] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4652'.
[ 1407.554470][T30568] hsr_slave_0: entered promiscuous mode
[ 1407.570343][T30727] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input57
[ 1407.596372][T30568] hsr_slave_1: entered promiscuous mode
[ 1407.628955][T30195] Bluetooth: hci0: command 0x0406 tx timeout
[ 1407.851411][   T29] audit: type=1800 audit(1778451096.041:71): pid=30727 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.4654" name="sr0" dev="devtmpfs" ino=3016 res=0 errno=0
[ 1408.008201][T30195] Bluetooth: hci3: command 0x0406 tx timeout
[ 1408.090232][T30195] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1408.098036][ T6691] Bluetooth: hci2: command 0x0406 tx timeout
[ 1409.397216][T30762] netlink: 246 bytes leftover after parsing attributes in process `syz.3.4659'.
[ 1409.811513][ T5288] 8021q: adding VLAN 0 to HW filter on device eth3
[ 1410.172202][T30195] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1410.350603][T30726] Process accounting resumed
[ 1411.385754][   T29] audit: type=1326 audit(1778451099.599:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30800 comm="syz.3.4666" exe="/root/ci-qemu-gce-upstream-auto/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f488079cdd9 code=0x0
[ 1412.250192][T30195] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1413.683240][T30841] blktrace: Concurrent blktraces are not allowed on sda1
[ 1413.897142][T30568] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1413.988197][T30568] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[ 1414.405416][T30568] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1414.450096][T30568] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[ 1414.493956][T30568] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1414.544674][T30568] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[ 1414.624516][T30568] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1414.766989][T30568] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[ 1415.247144][T30868] netlink: 342 bytes leftover after parsing attributes in process `syz.3.4676'.
[ 1415.338197][T30872] netlink: 326 bytes leftover after parsing attributes in process `syz.3.4676'.
[ 1416.524213][T30568] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1416.806905][T30568] 8021q: adding VLAN 0 to HW filter on device team0
[ 1416.933439][T15188] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1416.940640][T15188] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1417.086441][T15188] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1417.093666][T15188] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1417.549191][T30910] netlink: 2468 bytes leftover after parsing attributes in process `syz.2.4682'.
[ 1418.019959][T30568] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1418.097332][T30568] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1418.941778][T15153] hsr_slave_1: left promiscuous mode
[ 1418.975058][T15153] veth1_macvtap: left promiscuous mode
[ 1418.985527][T15153] veth0_macvtap: left promiscuous mode
[ 1419.289472][T15153] team0 (unregistering): Port device team_slave_1 removed
[ 1419.328771][T15153] team0 (unregistering): Port device team_slave_0 removed
[ 1422.086780][T30568] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1422.812415][T30568] veth0_vlan: entered promiscuous mode
[ 1422.881634][T30568] veth1_vlan: entered promiscuous mode
[ 1422.952942][T30982] Process accounting resumed
[ 1423.098678][T30568] veth0_macvtap: entered promiscuous mode
[ 1423.156067][T30568] veth1_macvtap: entered promiscuous mode
[ 1423.378438][ T1314] ieee802154 phy0 wpan0: encryption failed: -22
[ 1423.389625][ T1314] ieee802154 phy1 wpan1: encryption failed: -22
[ 1423.492454][T30568] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1423.698770][T30568] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1423.905633][ T6794] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1423.955268][ T6794] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1424.352542][ T6794] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1424.393001][ T6794] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1425.058138][T30195] Bluetooth: hci2: unexpected event for opcode 0x7c89
[ 1425.472142][T29639] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1425.507072][T29639] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1425.644462][T15152] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1425.654778][T15152] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1426.441139][T31046] random: crng reseeded on system resumption
[ 1428.355287][T31093] ubi0: attaching mtd0
[ 1428.402247][T31093] ubi0: scanning is finished
[ 1428.413261][T31098] netlink: 334 bytes leftover after parsing attributes in process `syz.1.4708'.
[ 1428.610846][T31093] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB)
[ 1428.715867][T31093] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[ 1428.846660][T31093] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1
[ 1428.977385][T31093] ubi0: VID header offset: 64 (aligned 64), data offset: 128
[ 1429.120628][T31093] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[ 1429.270294][T31093] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23
[ 1429.375868][T31093] ubi0: max/mean erase counter: 2/1, WL threshold: 4096, image sequence number: 2010552860
[ 1429.549914][T31093] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[ 1429.756172][T31106] ubi0: background thread "ubi_bgt0d" started, PID 31106
[ 1429.772632][T31099] ubi0: detaching mtd0
[ 1429.988046][T31099] ubi0: mtd0 is detached
[ 1430.484701][T31125] FAULT_INJECTION: forcing a failure.
[ 1430.484701][T31125] name failslab, interval 1, probability 0, space 0, times 0
[ 1430.585228][T31125] CPU: 0 UID: 0 PID: 31125 Comm: syz.1.4713 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1430.585265][T31125] Tainted: [L]=SOFTLOCKUP
[ 1430.585274][T31125] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1430.585288][T31125] Call Trace:
[ 1430.585296][T31125]  <TASK>
[ 1430.585305][T31125]  dump_stack_lvl+0x100/0x190
[ 1430.585334][T31125]  should_fail_ex.cold+0x5/0xa
[ 1430.585363][T31125]  should_failslab+0xc2/0x120
[ 1430.585390][T31125]  kmem_cache_alloc_noprof+0x7b/0x6e0
[ 1430.585427][T31125]  ? __kernfs_new_node+0xd2/0x9f0
[ 1430.585457][T31125]  __kernfs_new_node+0xd2/0x9f0
[ 1430.585481][T31125]  ? find_held_lock+0x2b/0x80
[ 1430.585512][T31125]  ? kernfs_add_one+0x583/0x850
[ 1430.585541][T31125]  ? __pfx___kernfs_new_node+0x10/0x10
[ 1430.585572][T31125]  ? find_held_lock+0x2b/0x80
[ 1430.585608][T31125]  ? kernfs_root+0xee/0x2a0
[ 1430.585632][T31125]  ? kernfs_root+0xee/0x2a0
[ 1430.585682][T31125]  kernfs_new_node+0x11b/0x1a0
[ 1430.585735][T31125]  kernfs_create_dir_ns+0x4c/0x1a0
[ 1430.585772][T31125]  internal_create_group+0x36f/0xf40
[ 1430.585809][T31125]  ? __pfx_internal_create_group+0x10/0x10
[ 1430.585848][T31125]  ? kernfs_create_link+0x1bd/0x240
[ 1430.585891][T31125]  internal_create_groups+0x9d/0x150
[ 1430.585923][T31125]  device_add+0x77a/0x1950
[ 1430.585958][T31125]  ? __pfx_device_add+0x10/0x10
[ 1430.585989][T31125]  ? __pfx___might_resched+0x10/0x10
[ 1430.586016][T31125]  ? lockdep_hardirqs_on+0x78/0x100
[ 1430.586067][T31125]  __add_disk+0x518/0xe40
[ 1430.586108][T31125]  add_disk_fwnode+0x118/0x5c0
[ 1430.586146][T31125]  loop_add+0x90b/0xb60
[ 1430.586185][T31125]  ? __pfx_loop_add+0x10/0x10
[ 1430.586240][T31125]  ? find_held_lock+0x2b/0x80
[ 1430.586271][T31125]  ? __fget_files+0x215/0x3d0
[ 1430.586303][T31125]  loop_control_ioctl+0xae/0x620
[ 1430.586344][T31125]  ? __pfx_loop_control_ioctl+0x10/0x10
[ 1430.586388][T31125]  ? __pfx_loop_control_ioctl+0x10/0x10
[ 1430.586429][T31125]  __x64_sys_ioctl+0x18e/0x210
[ 1430.586456][T31125]  do_syscall_64+0x10b/0xf80
[ 1430.586492][T31125]  ? clear_bhb_loop+0x40/0x90
[ 1430.586522][T31125]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1430.586548][T31125] RIP: 0033:0x7f0105f9cdd9
[ 1430.586568][T31125] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1430.586592][T31125] RSP: 002b:00007f0106eed028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1430.586615][T31125] RAX: ffffffffffffffda RBX: 00007f0106215fa0 RCX: 00007f0105f9cdd9
[ 1430.586632][T31125] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000005
[ 1430.586648][T31125] RBP: 00007f0106032d69 R08: 0000000000000000 R09: 0000000000000000
[ 1430.586663][T31125] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1430.586679][T31125] R13: 00007f0106216038 R14: 00007f0106215fa0 R15: 00007fff73b2eb78
[ 1430.586709][T31125]  </TASK>
[ 1431.782516][T14793] usb usb40-port1: attempt power cycle
[ 1432.341955][T14793] usb usb40-port1: unable to enumerate USB device

syzkaller
syzkaller login: [ 1434.827215][T31208] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[ 1437.377769][T30195] Bluetooth: hci1: unexpected event 0x34 length: 726 > 6
[ 1437.517615][T31257] netlink: 2468 bytes leftover after parsing attributes in process `syz.0.4739'.
[ 1440.850784][T31297] Process accounting paused
[ 1441.038611][T31306] netlink: 2468 bytes leftover after parsing attributes in process `syz.1.4754'.
[ 1443.258345][T31345] netlink: 334 bytes leftover after parsing attributes in process `syz.2.4763'.
[ 1443.334390][T31342] snd_virmidi snd_virmidi.0: control 61678:134348809:44033:y�:5 is already present
[ 1444.011060][T31346] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1444.031393][T31346] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1444.061536][T31346] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1444.090152][T31346] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1445.138387][T31369] netlink: 2468 bytes leftover after parsing attributes in process `syz.2.4771'.
[ 1445.386102][T30195] Bluetooth: hci0: command 0x0406 tx timeout

syzkaller
syzkaller login: [ 1446.106660][ T6691] Bluetooth: hci2: command 0x0406 tx timeout
[ 1446.113005][ T6691] Bluetooth: hci3: command 0x0406 tx timeout
[ 1446.120564][T30195] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1446.263451][T31392] netlink: 334 bytes leftover after parsing attributes in process `syz.2.4778'.
[ 1446.376488][T31393] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[ 1446.408666][T31389] snd_virmidi snd_virmidi.0: control 61678:134348809:44033:y�:5 is already present
[ 1447.584777][T31419] FAULT_INJECTION: forcing a failure.
[ 1447.584777][T31419] name fail_futex, interval 1, probability 0, space 0, times 0
[ 1447.698348][T31419] CPU: 0 UID: 0 PID: 31419 Comm: syz.0.4786 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1447.698389][T31419] Tainted: [L]=SOFTLOCKUP
[ 1447.698397][T31419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1447.698412][T31419] Call Trace:
[ 1447.698420][T31419]  <TASK>
[ 1447.698429][T31419]  dump_stack_lvl+0x100/0x190
[ 1447.698459][T31419]  should_fail_ex.cold+0x5/0xa
[ 1447.698487][T31419]  get_futex_key+0x1d2/0x1510
[ 1447.698531][T31419]  ? __pfx_get_futex_key+0x10/0x10
[ 1447.698553][T31419]  ? futex_hash+0x2ad/0x370
[ 1447.698577][T31419]  ? futex_hash+0x141/0x370
[ 1447.698604][T31419]  futex_wake+0xea/0x530
[ 1447.698639][T31419]  ? __pfx_futex_wait+0x10/0x10
[ 1447.698684][T31419]  ? __pfx_futex_wake+0x10/0x10
[ 1447.698716][T31419]  ? __lock_acquire+0x4a5/0x2630
[ 1447.698737][T31419]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1447.698768][T31419]  do_futex+0x32b/0x350
[ 1447.698793][T31419]  ? __pfx_do_futex+0x10/0x10
[ 1447.698820][T31419]  ? find_held_lock+0x2b/0x80
[ 1447.698853][T31419]  __x64_sys_futex+0x34f/0x4d0
[ 1447.698880][T31419]  ? __fget_files+0x21f/0x3d0
[ 1447.698906][T31419]  ? __pfx___x64_sys_futex+0x10/0x10
[ 1447.698936][T31419]  ? rcu_is_watching+0x12/0xc0
[ 1447.698967][T31419]  do_syscall_64+0x10b/0xf80
[ 1447.698999][T31419]  ? clear_bhb_loop+0x40/0x90
[ 1447.699026][T31419]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1447.699049][T31419] RIP: 0033:0x7f1d2f19cdd9
[ 1447.699066][T31419] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1447.699087][T31419] RSP: 002b:00007f1d300090e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1447.699108][T31419] RAX: ffffffffffffffda RBX: 00007f1d2f416098 RCX: 00007f1d2f19cdd9
[ 1447.699123][T31419] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f1d2f41609c
[ 1447.699137][T31419] RBP: 00007f1d2f416090 R08: 0000000000000001 R09: 0000000000000000
[ 1447.699151][T31419] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 1447.699165][T31419] R13: 00007f1d2f416128 R14: 00007ffe2223ccc0 R15: 00007ffe2223cda8
[ 1447.699193][T31419]  </TASK>
[ 1447.965984][T31422] openvswitch: netlink: Multiple metadata blocks provided
[ 1448.124678][T31425] netlink: 246 bytes leftover after parsing attributes in process `syz.3.4790'.
[ 1448.932883][T31446] FAULT_INJECTION: forcing a failure.
[ 1448.932883][T31446] name fail_futex, interval 1, probability 0, space 0, times 0
[ 1449.008363][T31446] CPU: 0 UID: 0 PID: 31446 Comm: syz.0.4793 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1449.008399][T31446] Tainted: [L]=SOFTLOCKUP
[ 1449.008407][T31446] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1449.008421][T31446] Call Trace:
[ 1449.008428][T31446]  <TASK>
[ 1449.008437][T31446]  dump_stack_lvl+0x100/0x190
[ 1449.008467][T31446]  should_fail_ex.cold+0x5/0xa
[ 1449.008498][T31446]  get_futex_key+0x1d2/0x1510
[ 1449.008525][T31446]  ? __pfx_get_futex_key+0x10/0x10
[ 1449.008556][T31446]  futex_wake+0xea/0x530
[ 1449.008587][T31446]  ? __pfx_futex_wake+0x10/0x10
[ 1449.008616][T31446]  ? _copy_to_user+0xaf/0xd0
[ 1449.008639][T31446]  ? poll_select_finish+0x36e/0x670
[ 1449.008666][T31446]  ? __pfx_poll_select_finish+0x10/0x10
[ 1449.008694][T31446]  do_futex+0x32b/0x350
[ 1449.008719][T31446]  ? __pfx_do_futex+0x10/0x10
[ 1449.008742][T31446]  ? ktime_get_ts64+0x318/0x420
[ 1449.008784][T31446]  __x64_sys_futex+0x34f/0x4d0
[ 1449.008812][T31446]  ? __pfx___x64_sys_futex+0x10/0x10
[ 1449.008842][T31446]  ? rcu_is_watching+0x12/0xc0
[ 1449.008873][T31446]  do_syscall_64+0x10b/0xf80
[ 1449.008917][T31446]  ? clear_bhb_loop+0x40/0x90
[ 1449.008942][T31446]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1449.008964][T31446] RIP: 0033:0x7f1d2f19cdd9
[ 1449.008980][T31446] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1449.009001][T31446] RSP: 002b:00007f1d300090e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1449.009020][T31446] RAX: ffffffffffffffda RBX: 00007f1d2f416098 RCX: 00007f1d2f19cdd9
[ 1449.009035][T31446] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f1d2f41609c
[ 1449.009048][T31446] RBP: 00007f1d2f416090 R08: 0000000000000001 R09: 0000000000000000
[ 1449.009061][T31446] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 1449.009074][T31446] R13: 00007f1d2f416128 R14: 00007ffe2223ccc0 R15: 00007ffe2223cda8
[ 1449.009100][T31446]  </TASK>

syzkaller
syzkaller login: [ 1452.728398][T22154] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1452.742554][T22154] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1452.753880][T22154] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1452.776976][T22154] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1452.786263][T22154] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2

syzkaller
syzkaller login: [ 1453.152435][T31489] Process accounting paused
[ 1453.395111][T31507] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1453.443979][T31507] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1454.152731][T31522] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22
[ 1454.299071][T31525] netlink: 'syz.0.4812': attribute type 1 has an invalid length.
[ 1454.911257][T22154] Bluetooth: hci4: command tx timeout
[ 1455.789639][T31499] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1455.811103][T31499] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1455.829025][T31499] bridge_slave_0: entered allmulticast mode
[ 1455.846500][T31499] bridge_slave_0: entered promiscuous mode
[ 1455.897962][T31499] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1455.924995][T31499] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1455.951996][T31499] bridge_slave_1: entered allmulticast mode
[ 1455.977138][T31499] bridge_slave_1: entered promiscuous mode
[ 1456.302851][T31499] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1456.399165][T31499] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1456.564921][T31499] team0: Port device team_slave_0 added
[ 1456.577093][T31499] team0: Port device team_slave_1 added
[ 1456.636660][T31499] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1456.643998][T31499] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1456.689191][T31499] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1456.703130][ T5711] usb usb40-port1: attempt power cycle
[ 1456.748887][T31499] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1456.782890][T31499] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1456.929281][T31499] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1456.993340][T22154] Bluetooth: hci4: command tx timeout
[ 1457.125903][T31499] hsr_slave_0: entered promiscuous mode
[ 1457.137996][T31499] hsr_slave_1: entered promiscuous mode
[ 1457.145300][T31499] debugfs: 'hsr0' already exists in 'hsr'
[ 1457.151111][T31499] Cannot create hsr debugfs directory
[ 1457.313343][ T5711] usb usb40-port1: unable to enumerate USB device
[ 1458.721285][T31499] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1459.074442][T22154] Bluetooth: hci4: command tx timeout
[ 1459.126434][T31499] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1459.293637][T31499] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1459.405408][T31499] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1459.814448][T31605] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4827'.
[ 1459.900172][T31611] netlink: 334 bytes leftover after parsing attributes in process `syz.0.4828'.
[ 1460.016539][T31608] snd_virmidi snd_virmidi.0: control 61678:134348809:44033:y�:5 is already present
[ 1460.367859][T31499] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1460.401151][T31499] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[ 1460.429531][T31499] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1460.472218][T31499] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[ 1460.503147][T31499] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1460.546167][T31499] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[ 1460.570594][T31499] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1460.618201][T31499] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[ 1460.878115][T31499] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1460.941680][T31499] 8021q: adding VLAN 0 to HW filter on device team0
[ 1460.978964][T29639] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1460.986267][T29639] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1461.037161][T15188] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1461.044315][T15188] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1461.154106][T22154] Bluetooth: hci4: command tx timeout
[ 1461.165693][   T10] usb usb40-port1: attempt power cycle
[ 1461.767391][   T10] usb usb40-port1: unable to enumerate USB device
[ 1461.874104][T31647] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22
[ 1462.165095][T31657] netlink: 62 bytes leftover after parsing attributes in process `syz.0.4836'.
[ 1462.226703][T31653] netlink: 62 bytes leftover after parsing attributes in process `syz.0.4836'.
[ 1462.267520][T31653] netlink: 62 bytes leftover after parsing attributes in process `syz.0.4836'.
[ 1462.318935][T31653] netlink: 62 bytes leftover after parsing attributes in process `syz.0.4836'.
[ 1462.370040][T31653] netlink: 62 bytes leftover after parsing attributes in process `syz.0.4836'.
[ 1462.428321][T31653] netlink: 62 bytes leftover after parsing attributes in process `syz.0.4836'.
[ 1462.473590][T31653] netlink: 62 bytes leftover after parsing attributes in process `syz.0.4836'.
[ 1462.506389][T31664] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4838'.
[ 1462.860349][T31499] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1463.219010][T31499] veth0_vlan: entered promiscuous mode
[ 1463.269248][T31499] veth1_vlan: entered promiscuous mode
[ 1463.621591][T31680] openvswitch: netlink: Key type 196 is out of range max 32
[ 1463.668556][T31499] veth0_macvtap: entered promiscuous mode
[ 1463.898910][T31499] veth1_macvtap: entered promiscuous mode
[ 1464.068974][T31499] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1464.324421][T31499] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1464.459095][T15153] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1464.459238][T15153] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1464.459274][T15153] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1464.459308][T15153] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1464.899478][T31700] dlm: plock device version mismatch: kernel (1.2.0), user (1489226698.240317300.1121487582)
[ 1464.944012][ T6794] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1464.944033][ T6794] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1465.184668][T15188] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1465.184689][T15188] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1465.483872][T31711] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030

syzkaller
syzkaller login: [ 1465.899676][T31718] __nla_validate_parse: 19 callbacks suppressed
[ 1465.899693][T31718] netlink: 314 bytes leftover after parsing attributes in process `syz.1.4850'.
[ 1466.986087][T31384] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1467.008523][T31384] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1467.018194][T31384] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1467.028461][T31384] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1467.048964][T31384] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1467.497891][T31739] netlink: 334 bytes leftover after parsing attributes in process `syz.2.4855'.
[ 1467.664554][T31738] snd_virmidi snd_virmidi.0: control 61678:134348809:44033:y�:5 is already present
[ 1468.352202][T31754] netlink: 2468 bytes leftover after parsing attributes in process `syz.1.4857'.
[ 1469.158538][T31384] Bluetooth: hci2: command tx timeout
[ 1469.370911][T15153] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1469.926554][T15153] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1470.462139][T15153] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1470.762355][T15153] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1471.239729][T31384] Bluetooth: hci2: command tx timeout

syzkaller
syzkaller login: [ 1472.551029][T15153] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1472.597150][T15153] bond0 (unregistering): Released all slaves
[ 1472.765320][T15153] &#$@\]\-: left promiscuous mode
[ 1473.276153][ T5288] 8021q: adding VLAN 0 to HW filter on device eth1
[ 1473.323358][T31384] Bluetooth: hci2: command tx timeout
[ 1473.342622][T31731] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1473.364156][T31731] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1473.381113][T31731] bridge_slave_0: entered allmulticast mode
[ 1473.396959][T31731] bridge_slave_0: entered promiscuous mode
[ 1473.483705][T31731] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1473.513181][T31731] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1473.543156][T31731] bridge_slave_1: entered allmulticast mode
[ 1473.584044][T31731] bridge_slave_1: entered promiscuous mode
[ 1473.660294][T31830] ICMPv6: process `syz.1.4871' is using deprecated sysctl (syscall) net.ipv6.neigh.veth0_to_bridge.base_reachable_time - use net.ipv6.neigh.veth0_to_bridge.base_reachable_time_ms instead
[ 1473.827283][T31731] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1474.337225][T31731] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1474.582650][T31731] team0: Port device team_slave_0 added
[ 1474.706807][T31731] team0: Port device team_slave_1 added
[ 1475.041621][T31731] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1475.081814][T31731] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1475.198485][T31731] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1475.264579][T31731] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1475.293800][T31731] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1475.405877][T31384] Bluetooth: hci2: command tx timeout
[ 1475.413627][T31731] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1475.680159][ T5288] 8021q: adding VLAN 0 to HW filter on device eth2
[ 1475.952760][T31731] hsr_slave_0: entered promiscuous mode
[ 1475.968190][T31731] hsr_slave_1: entered promiscuous mode
[ 1475.983869][T31731] debugfs: 'hsr0' already exists in 'hsr'
[ 1475.995898][T31731] Cannot create hsr debugfs directory
[ 1476.391625][T28272] usb usb40-port1: attempt power cycle
[ 1476.997907][T28272] usb usb40-port1: unable to enumerate USB device
[ 1479.344568][T31924] sg_write: data in/out 131052/209 bytes for SCSI command 0x67-- guessing data in;
[ 1479.344568][T31924]    program syz.0.4885 not setting count and/or reply_len properly
[ 1479.861885][T31731] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1479.902452][T31731] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[ 1479.965443][T31731] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1480.031238][T31731] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[ 1480.206942][T31731] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1480.260917][T31731] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[ 1480.347112][T31731] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1480.397419][T31731] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[ 1480.859240][T31963] No such timeout policy ""
[ 1480.893390][T31963] netlink: Failed to associated timeout policy ''
[ 1480.907290][T31965] netlink: 314 bytes leftover after parsing attributes in process `syz.2.4889'.
[ 1481.457833][T31731] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1481.568866][T15153] hsr_slave_0: left promiscuous mode
[ 1481.602082][T15153] hsr_slave_1: left promiscuous mode
[ 1481.631962][T15153] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1481.670566][T15153] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1481.723735][T15153] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1481.776378][T15153] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1481.857597][T15153] veth0_macvtap: left promiscuous mode
[ 1481.892009][T15153] veth1_vlan: left promiscuous mode
[ 1481.925552][T15153] veth0_vlan: left promiscuous mode
[ 1482.860383][T15153] team0 (unregistering): Port device team_slave_1 removed
[ 1482.930215][T15153] team0 (unregistering): Port device team_slave_0 removed
[ 1483.461601][T31731] 8021q: adding VLAN 0 to HW filter on device team0
[ 1483.518718][T32011] Process accounting resumed
[ 1483.656556][T15149] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1483.663731][T15149] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1483.831185][T15188] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1483.838379][T15188] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1484.857611][ T1314] ieee802154 phy0 wpan0: encryption failed: -22
[ 1484.857660][ T1314] ieee802154 phy1 wpan1: encryption failed: -22
[ 1486.509097][T31731] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1486.869939][T31731] veth0_vlan: entered promiscuous mode
[ 1486.982236][T31731] veth1_vlan: entered promiscuous mode

syzkaller
syzkaller login: [ 1487.504743][T31731] veth0_macvtap: entered promiscuous mode
[ 1487.557570][T31731] veth1_macvtap: entered promiscuous mode
[ 1487.911270][T31731] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1487.976512][T31731] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1488.303540][T15152] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1488.380596][T15152] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1488.475475][T32090] bridge0: port 3(dummy0) entered blocking state
[ 1488.512889][T32090] bridge0: port 3(dummy0) entered disabled state
[ 1488.539511][T32090] dummy0: entered allmulticast mode
[ 1488.592371][T32090] dummy0: entered promiscuous mode
[ 1488.626584][T32090] bridge0: port 3(dummy0) entered blocking state
[ 1488.633076][T32090] bridge0: port 3(dummy0) entered forwarding state
[ 1488.788312][T15152] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1488.833632][T15152] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1489.653834][T15188] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1489.727402][T15188] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1490.122471][T15149] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1490.198463][T15149] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1490.442508][T32117] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[ 1491.817118][T22154] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1491.836230][T22154] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1491.858818][T22154] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1491.866674][T22154] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1491.874291][T22154] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1492.964019][T25540] ------------[ cut here ]------------
[ 1492.969627][T25540] ODEBUG: free active (active state 0) object: ffff888057191438 object type: timer_list hint: hci_devcd_timeout+0x0/0x2e0
[ 1492.983391][T25540] WARNING: lib/debugobjects.c:629 at debug_print_object+0x18e/0x2a0, CPU#0: syz.0.3432/25540
[ 1492.994303][T25540] Modules linked in:
[ 1492.998471][T25540] CPU: 0 UID: 0 PID: 25540 Comm: syz.0.3432 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1493.009549][T25540] Tainted: [L]=SOFTLOCKUP
[ 1493.013981][T25540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1493.024536][T25540] RIP: 0010:debug_print_object+0x19b/0x2a0
[ 1493.031644][T25540] Code: b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 4f 48 8d 3d 52 a9 e2 0b 41 56 48 8b 14 dd c0 39 1c 8c 4c 89 e6 <67> 48 0f b9 3a 58 83 05 ac 25 d8 0b 01 48 83 c4 18 5b 5d 41 5c 41
[ 1493.051528][T25540] RSP: 0018:ffffc90004d576f8 EFLAGS: 00010246
[ 1493.057602][T25540] RAX: dffffc0000000000 RBX: 0000000000000003 RCX: 0000000000000000
[ 1493.065628][T25540] RDX: ffffffff8c1c3900 RSI: ffffffff8c1c3520 RDI: ffffffff90e29360
[ 1493.073662][T25540] RBP: 0000000000000001 R08: ffff888057191438 R09: ffffffff8bb2b700
[ 1493.082838][T25540] R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff8c1c3520
[ 1493.092046][T25540] R13: ffffffff8bb2b740 R14: ffffffff8a92bd10 R15: ffffc90004d577f8
[ 1493.100098][T25540] FS:  0000000000000000(0000) GS:ffff888124377000(0000) knlGS:0000000000000000
[ 1493.109063][T25540] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1493.115685][T25540] CR2: 00007faf574c3048 CR3: 0000000072a44000 CR4: 00000000003526f0
[ 1493.124144][T25540] Call Trace:
[ 1493.127426][T25540]  <TASK>
[ 1493.130733][T25540]  ? __pfx_hci_devcd_timeout+0x10/0x10
[ 1493.136220][T25540]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 1493.142081][T25540]  debug_check_no_obj_freed+0x4da/0x630
[ 1493.147650][T25540]  ? __pfx_debug_check_no_obj_freed+0x10/0x10
[ 1493.153753][T25540]  ? __page_table_check_zero+0x333/0x410
[ 1493.159392][T25540]  ? __page_table_check_zero+0x333/0x410
[ 1493.165080][T25540]  ? __page_table_check_zero+0x338/0x410
[ 1493.172459][T25540]  __free_frozen_pages+0x3f5/0x1040
[ 1493.179395][T25540]  hci_release_dev+0x4ef/0x630
[ 1493.184820][T25540]  ? __pfx_hci_release_dev+0x10/0x10
[ 1493.190173][T25540]  ? device_release+0x97/0x270
[ 1493.194960][T25540]  ? rcu_is_watching+0x12/0xc0
[ 1493.199730][T25540]  ? device_release+0x97/0x270
[ 1493.204535][T25540]  bt_host_release+0x6a/0xb0
[ 1493.209144][T25540]  ? __pfx_bt_host_release+0x10/0x10
[ 1493.214504][T25540]  device_release+0xd2/0x270
[ 1493.219128][T25540]  kobject_put+0x1f7/0x640
[ 1493.223572][T25540]  put_device+0x1f/0x30
[ 1493.228191][T25540]  vhci_release+0x185/0x230
[ 1493.233025][T25540]  ? __pfx_vhci_release+0x10/0x10
[ 1493.238063][T25540]  __fput+0x3ff/0xb50
[ 1493.242133][T25540]  task_work_run+0x150/0x240
[ 1493.246737][T25540]  ? __pfx_task_work_run+0x10/0x10
[ 1493.252283][T25540]  ? free_uts_ns+0x16e/0x330
[ 1493.256915][T25540]  do_exit+0x8d2/0x2a60
[ 1493.261125][T25540]  ? __pfx_do_exit+0x10/0x10
[ 1493.265733][T25540]  ? do_raw_spin_lock+0x128/0x260
[ 1493.270821][T25540]  ? find_held_lock+0x2b/0x80
[ 1493.275512][T25540]  ? get_signal+0x7e0/0x21e0
[ 1493.280135][T25540]  do_group_exit+0xd5/0x2a0
[ 1493.285733][T25540]  get_signal+0x1ec7/0x21e0
[ 1493.291040][T25540]  ? __pfx_get_signal+0x10/0x10
[ 1493.295913][T25540]  ? do_futex+0x192/0x350
[ 1493.300326][T25540]  arch_do_signal_or_restart+0x91/0x7a0
[ 1493.305902][T25540]  ? count_memcg_events_mm.constprop.0+0xfa/0x2a0
[ 1493.312421][T25540]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1493.318602][T25540]  ? exc_page_fault+0x6f/0xd0
[ 1493.323331][T25540]  ? rcu_is_watching+0x12/0xc0
[ 1493.328108][T25540]  exit_to_user_mode_loop+0x8b/0x4f0
[ 1493.334507][T25540]  ? rcu_is_watching+0x12/0xc0
[ 1493.339746][T25540]  do_syscall_64+0x6f2/0xf80
[ 1493.344419][T25540]  ? clear_bhb_loop+0x40/0x90
[ 1493.349117][T25540]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1493.355046][T25540] RIP: 0033:0x7f1d2f19cdd9
[ 1493.359471][T25540] Code: Unable to access opcode bytes at 0x7f1d2f19cdaf.
[ 1493.366512][T25540] RSP: 002b:00007f1d300090e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1493.374952][T25540] RAX: fffffffffffffe00 RBX: 00007f1d2f416098 RCX: 00007f1d2f19cdd9
[ 1493.383911][T25540] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f1d2f416098
[ 1493.392551][T25540] RBP: 00007f1d2f416090 R08: 0000000000000000 R09: 0000000000000000
[ 1493.400578][T25540] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1493.408553][T25540] R13: 00007f1d2f416128 R14: 00007ffe2223ccc0 R15: 00007ffe2223cda8
[ 1493.416815][T25540]  </TASK>
[ 1493.419871][T25540] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 1493.427153][T25540] CPU: 0 UID: 0 PID: 25540 Comm: syz.0.3432 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1493.438092][T25540] Tainted: [L]=SOFTLOCKUP
[ 1493.442409][T25540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1493.452459][T25540] Call Trace:
[ 1493.455731][T25540]  <TASK>
[ 1493.458659][T25540]  dump_stack_lvl+0x100/0x190
[ 1493.463343][T25540]  vpanic+0x552/0x970
[ 1493.467344][T25540]  ? __pfx_vpanic+0x10/0x10
[ 1493.471866][T25540]  panic+0xd1/0xe0
[ 1493.475716][T25540]  ? __pfx_panic+0x10/0x10
[ 1493.480170][T25540]  ? check_panic_on_warn+0x1f/0x90
[ 1493.485396][T25540]  check_panic_on_warn.cold+0x19/0x34
[ 1493.490804][T25540]  ? debug_print_object+0x18e/0x2a0
[ 1493.496022][T25540]  __warn.cold+0x191/0x328
[ 1493.500454][T25540]  __report_bug+0x296/0x3d0
[ 1493.504983][T25540]  ? debug_print_object+0x18e/0x2a0
[ 1493.510203][T25540]  ? __pfx___report_bug+0x10/0x10
[ 1493.515255][T25540]  ? unwind_next_frame+0x3c8/0x2090
[ 1493.520472][T25540]  report_bug_entry+0xe1/0x290
[ 1493.525263][T25540]  ? debug_print_object+0x19b/0x2a0
[ 1493.530482][T25540]  handle_bug+0x1cd/0x2a0
[ 1493.534820][T25540]  exc_invalid_op+0x17/0x50
[ 1493.539336][T25540]  asm_exc_invalid_op+0x1a/0x20
[ 1493.544204][T25540] RIP: 0010:debug_print_object+0x19b/0x2a0
[ 1493.550029][T25540] Code: b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 4f 48 8d 3d 52 a9 e2 0b 41 56 48 8b 14 dd c0 39 1c 8c 4c 89 e6 <67> 48 0f b9 3a 58 83 05 ac 25 d8 0b 01 48 83 c4 18 5b 5d 41 5c 41
[ 1493.569645][T25540] RSP: 0018:ffffc90004d576f8 EFLAGS: 00010246
[ 1493.575718][T25540] RAX: dffffc0000000000 RBX: 0000000000000003 RCX: 0000000000000000
[ 1493.583691][T25540] RDX: ffffffff8c1c3900 RSI: ffffffff8c1c3520 RDI: ffffffff90e29360
[ 1493.591686][T25540] RBP: 0000000000000001 R08: ffff888057191438 R09: ffffffff8bb2b700
[ 1493.599660][T25540] R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff8c1c3520
[ 1493.607641][T25540] R13: ffffffff8bb2b740 R14: ffffffff8a92bd10 R15: ffffc90004d577f8
[ 1493.615613][T25540]  ? __pfx_hci_devcd_timeout+0x10/0x10
[ 1493.621104][T25540]  ? __pfx_hci_devcd_timeout+0x10/0x10
[ 1493.626592][T25540]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 1493.632413][T25540]  debug_check_no_obj_freed+0x4da/0x630
[ 1493.637985][T25540]  ? __pfx_debug_check_no_obj_freed+0x10/0x10
[ 1493.644068][T25540]  ? __page_table_check_zero+0x333/0x410
[ 1493.649714][T25540]  ? __page_table_check_zero+0x333/0x410
[ 1493.655369][T25540]  ? __page_table_check_zero+0x338/0x410
[ 1493.661014][T25540]  __free_frozen_pages+0x3f5/0x1040
[ 1493.666235][T25540]  hci_release_dev+0x4ef/0x630
[ 1493.671030][T25540]  ? __pfx_hci_release_dev+0x10/0x10
[ 1493.676321][T25540]  ? device_release+0x97/0x270
[ 1493.681094][T25540]  ? rcu_is_watching+0x12/0xc0
[ 1493.685867][T25540]  ? device_release+0x97/0x270
[ 1493.690691][T25540]  bt_host_release+0x6a/0xb0
[ 1493.695346][T25540]  ? __pfx_bt_host_release+0x10/0x10
[ 1493.700643][T25540]  device_release+0xd2/0x270
[ 1493.705247][T25540]  kobject_put+0x1f7/0x640
[ 1493.709667][T25540]  put_device+0x1f/0x30
[ 1493.713834][T25540]  vhci_release+0x185/0x230
[ 1493.718355][T25540]  ? __pfx_vhci_release+0x10/0x10
[ 1493.723395][T25540]  __fput+0x3ff/0xb50
[ 1493.727401][T25540]  task_work_run+0x150/0x240
[ 1493.731997][T25540]  ? __pfx_task_work_run+0x10/0x10
[ 1493.737110][T25540]  ? free_uts_ns+0x16e/0x330
[ 1493.741717][T25540]  do_exit+0x8d2/0x2a60
[ 1493.745891][T25540]  ? __pfx_do_exit+0x10/0x10
[ 1493.750501][T25540]  ? do_raw_spin_lock+0x128/0x260
[ 1493.755552][T25540]  ? find_held_lock+0x2b/0x80
[ 1493.760237][T25540]  ? get_signal+0x7e0/0x21e0
[ 1493.764845][T25540]  do_group_exit+0xd5/0x2a0
[ 1493.769374][T25540]  get_signal+0x1ec7/0x21e0
[ 1493.773894][T25540]  ? __pfx_get_signal+0x10/0x10
[ 1493.778770][T25540]  ? do_futex+0x192/0x350
[ 1493.783112][T25540]  arch_do_signal_or_restart+0x91/0x7a0
[ 1493.788692][T25540]  ? count_memcg_events_mm.constprop.0+0xfa/0x2a0
[ 1493.795138][T25540]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1493.801362][T25540]  ? exc_page_fault+0x6f/0xd0
[ 1493.806079][T25540]  ? rcu_is_watching+0x12/0xc0
[ 1493.810856][T25540]  exit_to_user_mode_loop+0x8b/0x4f0
[ 1493.816152][T25540]  ? rcu_is_watching+0x12/0xc0
[ 1493.820932][T25540]  do_syscall_64+0x6f2/0xf80
[ 1493.825540][T25540]  ? clear_bhb_loop+0x40/0x90
[ 1493.830268][T25540]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1493.836178][T25540] RIP: 0033:0x7f1d2f19cdd9
[ 1493.840623][T25540] Code: Unable to access opcode bytes at 0x7f1d2f19cdaf.
[ 1493.847739][T25540] RSP: 002b:00007f1d300090e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1493.856167][T25540] RAX: fffffffffffffe00 RBX: 00007f1d2f416098 RCX: 00007f1d2f19cdd9
[ 1493.864145][T25540] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f1d2f416098
[ 1493.872121][T25540] RBP: 00007f1d2f416090 R08: 0000000000000000 R09: 0000000000000000
[ 1493.880097][T25540] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1493.888076][T25540] R13: 00007f1d2f416128 R14: 00007ffe2223ccc0 R15: 00007ffe2223cda8
[ 1493.896068][T25540]  </TASK>
[ 1493.899158][T25540] Kernel Offset: disabled
[ 1493.903504][T25540] Rebooting in 86400 seconds..