last executing test programs:

4m45.761319096s ago: executing program 2 (id=8169):
mmap$auto(0x0, 0x20009, 0x1ce8c204, 0xeb1, 0x401, 0x8000)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x5, 0xc, 0x4, 0x1ffde, 0x7, 0x4, 0x3fe, 0x9, 0x1, 0x2, 0x7, 0x9, 0x8, 0x8, 0x407, 0x7, 0x8000000007, 0x8000, 0x0, 0x0, 0x0, 0x0, 0xf3, 0x0, 0xfffffffc, 0x0, 0x1, 0xffffffff, [0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x80000000004, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x47e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xe3a, 0xa]}, 0x400, 0x81)
r0 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="f2000000", @ANYBLOB='p\x00', @ANYRES16], 0x1ac}, 0x1, 0x0, 0x0, 0x24048040}, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='.'], 0x1ac}}, 0x40000)
sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008)

4m45.611259024s ago: executing program 2 (id=8171):
socket(0x2, 0x3, 0x6)
mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
r0 = socket(0xa, 0x801, 0x84)
clone$auto(0x4, 0x72d2, 0x0, 0x0, 0x4)
getsockopt$auto(r0, 0x84, 0xc, 0x0, 0x0)

4m45.374699554s ago: executing program 2 (id=8172):
mkdir$auto(&(0x7f0000000040)='}[,&*}\x00', 0x4)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
unshare$auto(0x40000080)
io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', 0x0, 0x1, 0x0)

4m44.456987856s ago: executing program 2 (id=8180):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x12, 0x93f, 0x1fee1, 0x3, 0x6, 0xfffffffffffffffe, 0x9, 0x5, 0x8005, 0x7, 0xb0, 0x9, 0x5, 0x3, 0x8, 0x4, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, [0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x1, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x1000000000000, 0xfffffffffffffffc, 0x0, 0x7fffffffffff, 0x9, 0x3, 0x0, 0x10, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1]}, 0x1fe, 0x82)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
r0 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x2000000, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008)

4m44.025985102s ago: executing program 2 (id=8190):
socket(0x10, 0x3, 0x6)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket(0x21, 0x2, 0xa)
sendmsg$auto_NBD_CMD_CONNECT(r0, &(0x7f0000000500)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x80000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40080}, 0x20040000)
sendmmsg$auto(0x6, &(0x7f0000000400)={{0x0, 0x3, &(0x7f00000002c0)={0x0, 0x8}, 0x1, &(0x7f0000000300), 0x10, 0x8000000}, 0xed7138c}, 0x6, 0x0)

4m43.74986077s ago: executing program 2 (id=8194):
r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC2\x00', 0x101802, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000000c0), r1)
sendmsg$auto_NFSD_CMD_LISTENER_SET(r1, &(0x7f00000050c0)={0x0, 0x0, &(0x7f0000005080)={&(0x7f0000002a80)=ANY=[@ANYBLOB="14000000", @ANYRES16=r2, @ANYBLOB="010025bd7002fbdbdf25060400"], 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x20008050)
sendmsg$auto_NFSD_CMD_LISTENER_SET(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="06000af4e92156ee60a700844acbbd976bd1cd576fc5b2e211ca2e914a7c935258c78637f3eda5ae21f7570690c76e3a66efdeedfc4d0e5973", @ANYRES16=r0, @ANYBLOB="01002abd7000fbdbdf2506000000"], 0x14}, 0x1, 0x0, 0x0, 0xeda47ee5ad433e65}, 0x20000000)
bpf$auto_BPF_MAP_FREEZE(0x16, &(0x7f00000002c0)=@bpf_attr_3={0x0, 0x200, 0x3, 0x5, 0x5, 0x7000000, 0x4, 0xfff, 0x10001, "6379b3e0ef41488f0289df262de3ee8b", 0x0, 0x235, 0xffffffffffffffff, 0x8, 0x6, 0x3, 0x9, 0x21ed, 0x10, 0x348, @attach_btf_obj_fd, 0xfd, 0x16, 0x6, 0x80000000, 0x128, r0, r0}, 0xab)

4m28.500270269s ago: executing program 32 (id=8194):
r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC2\x00', 0x101802, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000000c0), r1)
sendmsg$auto_NFSD_CMD_LISTENER_SET(r1, &(0x7f00000050c0)={0x0, 0x0, &(0x7f0000005080)={&(0x7f0000002a80)=ANY=[@ANYBLOB="14000000", @ANYRES16=r2, @ANYBLOB="010025bd7002fbdbdf25060400"], 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x20008050)
sendmsg$auto_NFSD_CMD_LISTENER_SET(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="06000af4e92156ee60a700844acbbd976bd1cd576fc5b2e211ca2e914a7c935258c78637f3eda5ae21f7570690c76e3a66efdeedfc4d0e5973", @ANYRES16=r0, @ANYBLOB="01002abd7000fbdbdf2506000000"], 0x14}, 0x1, 0x0, 0x0, 0xeda47ee5ad433e65}, 0x20000000)
bpf$auto_BPF_MAP_FREEZE(0x16, &(0x7f00000002c0)=@bpf_attr_3={0x0, 0x200, 0x3, 0x5, 0x5, 0x7000000, 0x4, 0xfff, 0x10001, "6379b3e0ef41488f0289df262de3ee8b", 0x0, 0x235, 0xffffffffffffffff, 0x8, 0x6, 0x3, 0x9, 0x21ed, 0x10, 0x348, @attach_btf_obj_fd, 0xfd, 0x16, 0x6, 0x80000000, 0x128, r0, r0}, 0xab)

2m44.747033949s ago: executing program 4 (id=8997):
mmap$auto(0x0, 0x101, 0x4000000000df, 0xeb1, 0x200000401, 0x8000)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
write$auto_proc_mem_operations_base(0xffffffffffffffff, &(0x7f0000000000)="351ff6218163cce8505bf40fca856149f185354f86f6766b73aeb066b2a65290e689cb5a9cd45a63766508ae821ea42a555887244ce3a5676c4a8f62c1dadfd6efc8b8dd0eae0c03292f536b2b5042c923", 0x51)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="180027"], 0x1ac}}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0xb}, 0x3, 0x0)

2m44.512430905s ago: executing program 4 (id=9000):
r0 = socket(0x10, 0x2, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'ip6tnl0\x00', <r1=>0x0})
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x68, 0x0, 0x800, 0x70bd2d, 0x25dfdbfe, {}, [@HSR_A_IF2_AGE={0x8, 0x4, 0xab7}, @HSR_A_IF2_SEQ={0x6, 0x7, 0x8000}, @HSR_A_IFINDEX={0x8, 0x2, r1}, @HSR_A_NODE_ADDR_B={0xa, 0x5, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, @HSR_A_NODE_ADDR={0xa, 0x1, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, @HSR_A_NODE_ADDR={0xa, 0x1, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x35}}, @HSR_A_IFINDEX={0x8, 0x2, r1}, @HSR_A_IF1_SEQ={0x6, 0x6, 0x5}, @HSR_A_IF2_AGE={0x8, 0x4, 0x4b3d}]}, 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

2m44.105991514s ago: executing program 4 (id=9003):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
r0 = epoll_create$auto(0x1)
capset$auto(0x0, 0x0)
epoll_ctl$auto(r0, 0x1, 0x8000000000000000, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/wakeup_count\x00', 0xc0082, 0x0)
read$auto(r1, 0x0, 0x8)
close_range$auto(0x2, 0x8, 0x0)

2m43.571848689s ago: executing program 4 (id=9005):
syz_genetlink_get_family_id$auto_nl802154(0x0, 0xffffffffffffffff)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
process_vm_readv$auto(0x0, 0x0, 0x1, 0x0, 0x6, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003f2, 0x15)
madvise$auto(0x0, 0x1010001, 0x100000003)
madvise$auto(0x1000, 0x400050, 0x9)

2m43.095851653s ago: executing program 4 (id=9009):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x34)
mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f0000000140)='nfsd\x00', 0x6, 0x0)
chdir$auto(&(0x7f0000000000)='}[,&*}\x00')
close_range$auto(0x2, 0x8, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@ethernet={0x1, @link_local}, 0x6a)

2m42.930057188s ago: executing program 4 (id=9011):
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r0 = socket(0x1e, 0x1, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
fanotify_init$auto(0x200, 0x1)
r1 = open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0)
fanotify_mark$auto(0x0, 0x1, 0xa, r1, 0x0)
fanotify_mark$auto(r0, 0x80, 0x9, 0xffffffffffffffff, 0x0)

2m27.851827707s ago: executing program 33 (id=9011):
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r0 = socket(0x1e, 0x1, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
fanotify_init$auto(0x200, 0x1)
r1 = open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0)
fanotify_mark$auto(0x0, 0x1, 0xa, r1, 0x0)
fanotify_mark$auto(r0, 0x80, 0x9, 0xffffffffffffffff, 0x0)

1m54.927929788s ago: executing program 3 (id=9308):
setrlimit$auto(0x7, &(0x7f0000001380)={0x5, 0x6})
close_range$auto(0x2, 0x8, 0x0)
r0 = socketcall$auto(0x5, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000001480)='/proc/sys/net/ipv6/conf/geneve0/disable_ipv6\x00', 0x40001, 0x0)
ioctl$auto(0x3, 0xae41, r0)

1m54.76856861s ago: executing program 3 (id=9310):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
io_uring_setup$auto(0x6, 0x0)
io_uring_setup$auto(0x40, &(0x7f00000001c0)={0x3, 0x5, 0xbc, 0x9, 0x5b77b906, 0x0, 0xffffffffffffffff, [0xcfa, 0xe5d, 0x6], {0x6, 0x38, 0x9, 0x80004, 0x4, 0x3, 0x3ff, 0x2, 0xffff}, {0x2, 0x9, 0x7, 0x2, 0x0, 0xffff13a7, 0x80000006, 0x44a0, 0x1001}})
r0 = socket(0x11, 0x80003, 0x300)
setsockopt$auto(r0, 0x107, 0xf, 0x0, 0x6)
capset$auto(0x0, &(0x7f0000000000)={0x80000001, 0x6, 0x5c})
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000100)={&(0x7f0000000200), 0x7}, 0x5, 0x0, 0x5, 0x1}, 0x5}, 0x4, 0x100)

1m54.551708366s ago: executing program 3 (id=9313):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sysfs$auto(0x2, 0x100000000000038, 0x0)
r0 = signalfd$auto(0xffffffffffffffff, 0x0, 0x8)
timer_create$auto(0x7, 0x0, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000a40)=""/4096, 0x1000)
rt_sigprocmask$auto(0x0, &(0x7f0000000000)={0xfffffffffffffe01}, 0x0, 0x8)
timer_settime$auto(0x0, 0x3, &(0x7f00000000c0)={{0x0, 0x400}, {0x0, 0x87}}, 0x0)

1m53.585111969s ago: executing program 3 (id=9317):
mmap$auto(0x0, 0x3, 0xdf, 0xeb1, 0x403, 0x8000)
open(&(0x7f0000000000)='./file0\x00', 0x62240, 0x154)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
unshare$auto(0x40000080)
stat$auto(&(0x7f0000000040)='./file0\x00', 0x0)

1m52.983400637s ago: executing program 3 (id=9323):
mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
memfd_create$auto(0x0, 0xe)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
mmap$auto(0x0, 0x810006, 0xffb, 0x8000000008011, 0x3, 0x0)
r0 = openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC1D1p\x00', 0x0, 0x0)
ioctl$auto_SNDRV_PCM_IOCTL_FORWARD(r0, 0x40084149, 0x0)

1m52.78660532s ago: executing program 3 (id=9326):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, 0x0, 0x1, 0x0)
ioctl$auto_FBIOPUT_CON2FBMAP(r0, 0x4610, 0x0)
ustat$auto(0x801, 0x0)
mknod$auto(0x0, 0xcb, 0xfffffffa)
mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f00000001c0)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x5, 0x0)

1m37.281097013s ago: executing program 34 (id=9326):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, 0x0, 0x1, 0x0)
ioctl$auto_FBIOPUT_CON2FBMAP(r0, 0x4610, 0x0)
ustat$auto(0x801, 0x0)
mknod$auto(0x0, 0xcb, 0xfffffffa)
mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f00000001c0)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x5, 0x0)

20.418357337s ago: executing program 1 (id=9987):
close_range$auto(0x2, 0x8, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0\x00', 0x14fa02, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x0)
r0 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cec8\x00', 0x0, 0x0)
ioctl$auto_CEC_DQEVENT(r0, 0xc0506107, 0x0)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
sendfile$auto(0x1, 0x3, 0x0, 0x400000)

20.075144036s ago: executing program 1 (id=9988):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/kernel/bpf_stats_enabled\x00', 0x163041, 0x0)
fsconfig$auto(0xffffffffffffffff, 0x3, 0x0, 0x0, 0x0)
keyctl$auto(0x1f, 0x1, 0x6, 0x0, 0x3ff)
madvise$auto(0x0, 0x240007, 0x19)
madvise$auto(0x0, 0x2003f2, 0x15)
userfaultfd$auto(0x1)
close_range$auto(0x2, 0x8, 0x0)

19.405649008s ago: executing program 1 (id=9996):
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
fanotify_init$auto(0x6a1, 0x2000000000002)
socket(0x28, 0x1, 0x0)
socket(0x2, 0x1, 0x0)
socketpair$auto(0x1e, 0x1, 0x0, 0x0)
fanotify_mark$auto(0x0, 0x1, 0x9, 0x4, 0x0)
close_range$auto(0x0, 0x5, 0x0)

19.280398571s ago: executing program 1 (id=9998):
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x3, 0x6)
lsm_list_modules$auto(0x0, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0)
mkdir$auto(0x0, 0x353)

18.998407152s ago: executing program 1 (id=10001):
openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/per_cpu/cpu1/trace\x00', 0x200, 0x0)
mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000)
r0 = socket(0xa, 0x801, 0x106)
getsockopt$auto(r0, 0x6, 0x5, 0x0, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_IPVS_CMD_DEL_DAEMON(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000b80)=ANY=[@ANYBLOB], 0x310}, 0x1, 0x0, 0x0, 0x20040014}, 0x24008040)
connect$auto(0x3, 0x0, 0x51)

18.461526545s ago: executing program 1 (id=10005):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/kernel/bpf_stats_enabled\x00', 0x163041, 0x0)
fsconfig$auto(0xffffffffffffffff, 0x3, 0x0, 0x0, 0x0)
keyctl$auto(0x1f, 0x1, 0x6, 0x0, 0x3ff)
madvise$auto(0x0, 0x240007, 0x19)
madvise$auto(0x0, 0x2003f2, 0x15)
userfaultfd$auto(0x1)
close_range$auto(0x2, 0x8, 0x0)

17.950082469s ago: executing program 35 (id=10005):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/kernel/bpf_stats_enabled\x00', 0x163041, 0x0)
fsconfig$auto(0xffffffffffffffff, 0x3, 0x0, 0x0, 0x0)
keyctl$auto(0x1f, 0x1, 0x6, 0x0, 0x3ff)
madvise$auto(0x0, 0x240007, 0x19)
madvise$auto(0x0, 0x2003f2, 0x15)
userfaultfd$auto(0x1)
close_range$auto(0x2, 0x8, 0x0)

5.105040114s ago: executing program 5 (id=10066):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00', <r1=>0x0})
bpf$auto(0x0, &(0x7f0000000040)=@bpf_attr_5={@target_ifindex=r1, 0x7f, 0x99, 0x8, 0x1, @relative_id=0x8, 0x5}, 0x92)
bpf$auto(0xf, &(0x7f00000001c0)=@bpf_attr_3={0x5, 0xaa, 0x276, 0x0, 0x3, 0x2, 0x8, 0x33, 0xd, "6326bcc7c57ffed984639b375ee8d538", 0x0, 0x3, 0xffffffffffffffff, 0xfffffffc, 0x6, 0x5, 0x0, 0x9, 0x2, 0x7f, @attach_prog_fd, 0xce51, 0x0, 0x7, 0x92c, 0x8}, 0xc)

4.173181727s ago: executing program 5 (id=10073):
close_range$auto(0x2, 0x8, 0x0)
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x2, 0x0)
openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000000)='/dev/usbmon33\x00', 0x121200, 0x0)
mmap$auto(0x0, 0x4000002, 0xfffffffffffffe01, 0x8051, 0x3, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000000), 0x40001, 0x0)
r0 = epoll_create$auto(0x3e)
epoll_ctl$auto(r0, 0x1, 0x8000000000000000, 0x0)

3.803137269s ago: executing program 5 (id=10084):
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
clone$auto(0x20003b46, 0x10000008, 0x0, 0x0, 0x5)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x80200, 0x0)
r0 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB='&\x00', @ANYBLOB="5de1"], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40000)
read$auto(r0, &(0x7f0000002300)='MAC802154_HWSIM\x00', 0xfdef)
ioctl$auto_SIOCSIFHWADDR2(0xffffffffffffffff, 0x8924, &(0x7f0000000080))

3.535520791s ago: executing program 5 (id=10079):
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/input/event1\x00', 0x34d802, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000180), 0x109802, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r1)
ioctl$auto_KVM_GET_MSRS(r0, 0xc008ae88, &(0x7f0000000500)={0x40, 0x0, [{0xe1, 0x42, 0x6}]})

2.909411086s ago: executing program 0 (id=10083):
openat$auto_ima_measure_policy_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000000), 0x48101, 0x0)
socket(0x11, 0x80003, 0x10000)
r0 = socket(0x10, 0x2, 0x4)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'dummy0\x00'})
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/cgroup\x00')
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001400"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000)
write$auto(r0, &(0x7f0000000000)='-\x00', 0x2fb)

2.724032703s ago: executing program 0 (id=10085):
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/fcloop/ctl/add_remote_port\x00', 0x80801, 0x0)
socket$nl_generic(0x11, 0x3, 0x10)
r0 = socket(0x10, 0x2, 0x4)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'dummy0\x00'})
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/cgroup\x00')
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001400"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000)
write$auto(r0, &(0x7f0000000000)='-\x00', 0x2fb)

2.709127395s ago: executing program 5 (id=10086):
mmap$auto(0x0, 0x202000d, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
sendmsg$auto_IPVS_CMD_DEL_DAEMON(0xffffffffffffffff, 0x0, 0x24008040)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
landlock_create_ruleset$auto(&(0x7f0000000140)={0xdaa0, 0x1, 0x9}, 0x9, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x105c40, 0x0)

2.475102163s ago: executing program 0 (id=10088):
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\x00\x80\x00\x00\x00\x00\x00\x00j<\v\xf47\n\xa7\xd2\x8b\x11e</\xfd\x9b\xe4\x99G\xeaS\x9a\xadu(:\x94:\xaf\x06c=3>1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5)
r0 = set_tid_address$auto(0x0)
r1 = syz_open_procfs$namespace(r0, &(0x7f0000000080))
socket(0x22, 0x6, 0x2000004)
getdents$auto(r1, 0x0, 0x10040)
getdents$auto(r1, 0x0, 0xa2b0)

2.147262158s ago: executing program 6 (id=10091):
mmap$auto(0x0, 0x202000b, 0x2003, 0xeb1, 0xffffffffffffffff, 0x8000)
r0 = socket(0x2, 0x5, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
shutdown$auto(0x200000003, 0x2)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
listen$auto(0x3, 0x81)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x312)

1.993069832s ago: executing program 7 (id=10092):
mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0xff1, 0x8000)
socket(0x28, 0x1, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r0 = socket(0x2, 0x2, 0x1)
close_range$auto(r0, 0xffffffffffffffff, 0x2)
bpf$auto(0x0, &(0x7f0000000000)=@bpf_attr_4={0x1b, r0, 0x10000}, 0x10)
r1 = epoll_create$auto(0x3e)
epoll_ctl$auto(r1, 0x1, 0x8000000000000000, 0x0)

1.888559624s ago: executing program 6 (id=10093):
read$auto_mon_fops_binary_mon_bin(0xffffffffffffffff, &(0x7f0000001080)=""/4097, 0x1001)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/nbd2\x00', 0x40000, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000006cc0), 0xffffffffffffffff)
sendmsg$auto_NBD_CMD_RECONFIGURE(r0, &(0x7f0000006d80)={0x0, 0x0, &(0x7f0000006d40)={&(0x7f0000006d00)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="01002abd7000fbdbdf19030000000800010002"], 0x1c}}, 0x24044880)
socket$nl_generic(0x10, 0x3, 0x10)
readv$auto(0x3, 0x0, 0xfffffffffffffffe)
read$auto(0xffffffffffffffff, 0x0, 0xff)

1.794408089s ago: executing program 7 (id=10094):
close_range$auto(0x2, 0xa, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x2, 0xa, 0x0)
r0 = socket(0x2b, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x11}}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x3, 0x20000000)
sendto$auto(0x3, 0x0, 0x2000f, 0x101, 0x0, 0x1c)
recvmmsg$auto(0x3, 0x0, 0x10000000, 0x9, 0x0)

1.703034534s ago: executing program 6 (id=10095):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0xe0301, 0x0)
r1 = memfd_create$auto(0x0, 0x4)
statx$auto(r1, 0x0, 0x1000, 0xbdfc, 0x0)
close_range$auto(0x2, 0xa, 0x0)
r2 = socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
ioctl$auto(r0, 0x4b72, r2)

1.551372982s ago: executing program 0 (id=10096):
r0 = socket(0xa, 0x2, 0x73)
bind$auto(0xffffffffffffffff, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
getsockname$auto(0xffffffffffffffff, &(0x7f00000001c0)=@generic={0x2c, "3abc673d7096599026c2ac4ac577"}, 0x0)
mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
sethostname$auto(0x0, 0x1)
setsockopt$auto(0x400000000000003, 0x29, 0x6, 0x0, 0x3)
sendto$auto(r0, 0x0, 0x402, 0x0, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x1c)

1.543600917s ago: executing program 6 (id=10097):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x100, 0x0)
io_uring_setup$auto(0x2, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/memory/memory12/power/control\x00', 0x100, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0x4020aed2, r0)

1.459146682s ago: executing program 7 (id=10098):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = socket(0x10, 0x2, 0x9)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x163340, 0x2a)
r1 = socket(0x2a, 0x2, 0x1)
connect$auto(r1, &(0x7f0000000140)=@qipcrtr={0x2a, 0x1}, 0x57)
sendmsg$auto_NL80211_CMD_SET_COALESCE(r0, 0x0, 0x0)

1.293869347s ago: executing program 6 (id=10099):
mmap$auto(0x0, 0x40006, 0xdf, 0x200009b72, 0x7, 0x28000)
r0 = socket(0x10, 0x2, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0x0)
socketpair$auto(0x1, 0x5, 0x1, 0x0)
fanotify_init$auto(0x65, 0x2)
dup2$auto(0x5, 0x4)
recvmmsg$auto(r0, 0x0, 0xfffffe0c, 0x8e0, 0x0)

1.291128409s ago: executing program 0 (id=10107):
mmap$auto(0x0, 0x400008, 0xe2, 0x9b72, 0xffffffffffffffff, 0x8000)
openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0)
openat$auto_loop_ctl_fops_loop(0xffffffffffffff9c, 0x0, 0x8200, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/memory/memory12/power/control\x00', 0x100, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0x400caed0, r0)

1.169745839s ago: executing program 7 (id=10100):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x163340, 0x16e)
socket(0x2, 0x80802, 0x0)
setsockopt$auto(0x3, 0x1, 0xb, 0x0, 0x9)
connect$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x4e23, @loopback}, 0x55)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)

769.055473ms ago: executing program 0 (id=10101):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
socket(0x2, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x3}, 0x55)
readv$auto(0x3, &(0x7f0000000600)={0x0, 0xc}, 0x1da)
write$auto(0x3, 0x0, 0x5c8)
setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9)
write$auto(0x3, 0x0, 0xfffffdef)

768.955374ms ago: executing program 6 (id=10102):
madvise$auto(0x0, 0x200007, 0x19)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
mprotect$auto(0x0, 0x806121, 0x6)
r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
fcntl$auto_F_SETLK(r0, 0x6, 0x9)
listen$auto(0xffffffffffffffff, 0x8)

604.362402ms ago: executing program 7 (id=10103):
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000080), 0x200041, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
getdents$auto(r0, 0x0, 0x4)
r1 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000040), 0x101401, 0x0)
ioctl$auto_SNAPSHOT_FREE(r1, 0x3305, 0x0)
io_uring_register$auto_IORING_REGISTER_PBUF_STATUS(0xffffffffffffffff, 0x1a, &(0x7f0000000180), 0x5)
read$auto_trace_options_fops_trace(0xffffffffffffffff, &(0x7f00000000c0)=""/47, 0x2f)
socketcall$auto(0x40, &(0x7f0000000040)=0x800)

118.621158ms ago: executing program 5 (id=10104):
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/input/event1\x00', 0x34d802, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000180), 0x109802, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r1)
ioctl$auto_KVM_GET_MSRS(r0, 0xc008ae88, &(0x7f0000000500)={0x40, 0x0, [{0x4b564d04, 0x42, 0x6}]})

0s ago: executing program 7 (id=10105):
mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000200)='/dev/mtd0\x00', 0x48000, 0x0)
r0 = socket(0xa, 0x801, 0x84)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
r1 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
dup3$auto(r0, r1, 0x0)

kernel console output (not intermixed with test programs):

01569][T27605]  should_fail_ex.cold+0x5/0xa
[  817.901607][T27605]  should_failslab+0xc2/0x120
[  817.901644][T27605]  __kmalloc_cache_noprof+0x7a/0x6f0
[  817.901690][T27605]  ? crtc_crc_open+0x3ba/0x7e0
[  817.901747][T27605]  crtc_crc_open+0x3ba/0x7e0
[  817.901796][T27605]  ? __debugfs_file_get+0x1fc/0x860
[  817.901844][T27605]  ? __pfx_crtc_crc_open+0x10/0x10
[  817.901897][T27605]  ? __pfx_apparmor_file_open+0x10/0x10
[  817.901929][T27605]  ? path_get+0x61/0x80
[  817.901978][T27605]  ? __pfx_crtc_crc_open+0x10/0x10
[  817.902025][T27605]  full_proxy_open_regular+0x1b6/0x370
[  817.902073][T27605]  do_dentry_open+0x6d8/0x1660
[  817.902112][T27605]  ? __pfx_full_proxy_open_regular+0x10/0x10
[  817.902167][T27605]  vfs_open+0x82/0x3f0
[  817.902220][T27605]  path_openat+0x208c/0x31a0
[  817.902273][T27605]  ? __pfx_path_openat+0x10/0x10
[  817.902326][T27605]  do_file_open+0x20e/0x430
[  817.902370][T27605]  ? __pfx_do_file_open+0x10/0x10
[  817.902437][T27605]  ? alloc_fd+0x476/0x790
[  817.902480][T27605]  ? do_getname+0x191/0x390
[  817.902551][T27605]  do_sys_openat2+0x10d/0x1e0
[  817.902608][T27605]  ? __pfx_do_sys_openat2+0x10/0x10
[  817.902674][T27605]  ? do_raw_spin_lock+0x128/0x260
[  817.902721][T27605]  __x64_sys_openat+0x12d/0x210
[  817.902752][T27605]  ? __pfx___x64_sys_openat+0x10/0x10
[  817.902810][T27605]  ? rcu_is_watching+0x12/0xc0
[  817.902868][T27605]  do_syscall_64+0x10b/0x830
[  817.902899][T27605]  ? clear_bhb_loop+0x40/0x90
[  817.902938][T27605]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  817.902970][T27605] RIP: 0033:0x7f37dcb9ce59
[  817.902996][T27605] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  817.903027][T27605] RSP: 002b:00007f37ddb1f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  817.903057][T27605] RAX: ffffffffffffffda RBX: 00007f37dce16090 RCX: 00007f37dcb9ce59
[  817.903077][T27605] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[  817.903095][T27605] RBP: 00007f37dcc32d6f R08: 0000000000000000 R09: 0000000000000000
[  817.903113][T27605] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  817.903131][T27605] R13: 00007f37dce16128 R14: 00007f37dce16090 R15: 00007fffcea35318
[  817.903171][T27605]  </TASK>
[  818.773166][T27617] netlink: 28 bytes leftover after parsing attributes in process `syz.4.8834'.
[  819.089922][T27626] netlink: 'syz.3.8837': attribute type 4 has an invalid length.
[  819.905027][   T30] audit: type=1800 audit(4294967425.290:41): pid=27638 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.8839" name="file0" dev="tmpfs" ino=1267 res=0 errno=0
[  820.458645][T27652] random: crng reseeded on system resumption
[  820.670238][T27652] hub 1-0:1.0: USB hub found
[  820.689437][T27652] hub 1-0:1.0: 1 port detected
[  821.250838][T27673] netlink: 342 bytes leftover after parsing attributes in process `syz.3.8855'.
[  821.564175][T27682] netlink: 322 bytes leftover after parsing attributes in process `syz.4.8859'.
[  821.705993][T27685] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8860'.
[  821.721925][T27685] netlink: 17 bytes leftover after parsing attributes in process `syz.3.8860'.
[  821.933701][T27692] random: crng reseeded on system resumption
[  822.120176][T27692] hub 1-0:1.0: USB hub found
[  822.135372][T27692] hub 1-0:1.0: 1 port detected
[  822.341769][T27708] netlink: 342 bytes leftover after parsing attributes in process `syz.0.8868'.
[  822.906438][T27723] netlink: 334 bytes leftover after parsing attributes in process `syz.1.8873'.
[  824.658999][T27765] netlink: 334 bytes leftover after parsing attributes in process `syz.0.8885'.
[  825.496570][T27779] netlink: 'syz.1.8900': attribute type 21 has an invalid length.
[  825.537893][T27779] netlink: 334 bytes leftover after parsing attributes in process `syz.1.8900'.
[  826.045161][T27786] netlink: 'syz.4.8894': attribute type 19 has an invalid length.
[  826.074900][T27786] netlink: 334 bytes leftover after parsing attributes in process `syz.4.8894'.
[  826.793037][T27803] FAULT_INJECTION: forcing a failure.
[  826.793037][T27803] name failslab, interval 1, probability 0, space 0, times 0
[  826.834171][T27803] CPU: 0 UID: 0 PID: 27803 Comm: syz.1.8897 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  826.834222][T27803] Tainted: [L]=SOFTLOCKUP
[  826.834234][T27803] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  826.834253][T27803] Call Trace:
[  826.834263][T27803]  <TASK>
[  826.834275][T27803]  dump_stack_lvl+0x100/0x190
[  826.834316][T27803]  should_fail_ex.cold+0x5/0xa
[  826.834359][T27803]  should_failslab+0xc2/0x120
[  826.834399][T27803]  __kmalloc_cache_noprof+0x7a/0x6f0
[  826.834447][T27803]  ? crtc_crc_open+0x3ba/0x7e0
[  826.834508][T27803]  crtc_crc_open+0x3ba/0x7e0
[  826.834559][T27803]  ? __debugfs_file_get+0x1fc/0x860
[  826.834602][T27803]  ? __pfx_crtc_crc_open+0x10/0x10
[  826.834658][T27803]  ? __pfx_apparmor_file_open+0x10/0x10
[  826.834697][T27803]  ? path_get+0x61/0x80
[  826.834768][T27803]  ? __pfx_crtc_crc_open+0x10/0x10
[  826.834820][T27803]  full_proxy_open_regular+0x1b6/0x370
[  826.834873][T27803]  do_dentry_open+0x6d8/0x1660
[  826.834915][T27803]  ? __pfx_full_proxy_open_regular+0x10/0x10
[  826.834974][T27803]  vfs_open+0x82/0x3f0
[  826.835027][T27803]  path_openat+0x208c/0x31a0
[  826.835084][T27803]  ? __pfx_path_openat+0x10/0x10
[  826.835163][T27803]  do_file_open+0x20e/0x430
[  826.835210][T27803]  ? __pfx_do_file_open+0x10/0x10
[  826.835285][T27803]  ? alloc_fd+0x476/0x790
[  826.835332][T27803]  ? do_getname+0x191/0x390
[  826.835390][T27803]  do_sys_openat2+0x10d/0x1e0
[  826.835444][T27803]  ? __pfx_do_sys_openat2+0x10/0x10
[  826.835499][T27803]  ? do_raw_spin_lock+0x128/0x260
[  826.835550][T27803]  __x64_sys_openat+0x12d/0x210
[  826.835583][T27803]  ? __pfx___x64_sys_openat+0x10/0x10
[  826.835646][T27803]  ? rcu_is_watching+0x12/0xc0
[  826.835692][T27803]  do_syscall_64+0x10b/0x830
[  826.835726][T27803]  ? clear_bhb_loop+0x40/0x90
[  826.835765][T27803]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  826.835800][T27803] RIP: 0033:0x7f37dcb9ce59
[  826.835827][T27803] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  826.835860][T27803] RSP: 002b:00007f37ddb1f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  826.835893][T27803] RAX: ffffffffffffffda RBX: 00007f37dce16090 RCX: 00007f37dcb9ce59
[  826.835913][T27803] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[  826.835941][T27803] RBP: 00007f37dcc32d6f R08: 0000000000000000 R09: 0000000000000000
[  826.835956][T27803] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  826.835982][T27803] R13: 00007f37dce16128 R14: 00007f37dce16090 R15: 00007fffcea35318
[  826.836012][T27803]  </TASK>
[  827.176433][T22051] Bluetooth: hci3: unexpected event 0x04 length: 435 > 10
[  827.177857][T22051] Bluetooth: hci3: connection err: -111
[  828.006008][T27841] netlink: 334 bytes leftover after parsing attributes in process `syz.1.8913'.
[  828.383115][   T30] audit: type=1800 audit(4294967433.770:42): pid=27851 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.8914" name="file0" dev="tmpfs" ino=906 res=0 errno=0
[  829.219698][T27871] netlink: 334 bytes leftover after parsing attributes in process `syz.3.8923'.
[  829.393420][T27875] random: crng reseeded on system resumption
[  829.700581][T27878] hub 1-0:1.0: USB hub found
[  829.750556][T27878] hub 1-0:1.0: 1 port detected
[  829.798378][T27885] netlink: 330 bytes leftover after parsing attributes in process `syz.3.8927'.
[  829.891847][T27890] netlink: 314 bytes leftover after parsing attributes in process `syz.1.8929'.
[  831.016336][T27929] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8943'.
[  831.033631][T27929] netlink: 'syz.1.8943': attribute type 7 has an invalid length.
[  831.242749][T27933] random: crng reseeded on system resumption
[  831.337861][T27933] hub 1-0:1.0: USB hub found
[  831.362864][T27933] hub 1-0:1.0: 1 port detected
[  833.016703][T27975] random: crng reseeded on system resumption
[  833.172655][T27976] hub 1-0:1.0: USB hub found
[  833.197726][T27976] hub 1-0:1.0: 1 port detected
[  834.272394][  T137] netdevsim netdevsim13 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  834.755449][T28014] netlink: 334 bytes leftover after parsing attributes in process `syz.3.8970'.
[  835.432493][T28028] netlink: 'syz.4.8975': attribute type 4 has an invalid length.
[  835.447605][T28028] netlink: 314 bytes leftover after parsing attributes in process `syz.4.8975'.
[  836.189026][T28045] netlink: 342 bytes leftover after parsing attributes in process `syz.1.8981'.
[  836.199350][T28045] IPv6: NLM_F_CREATE should be specified when creating new route
[  836.209714][T28045] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  836.217143][T28045] IPv6: NLM_F_CREATE should be set when creating new route
[  836.224465][T28045] IPv6: NLM_F_CREATE should be set when creating new route
[  836.237307][T28045] netlink: 342 bytes leftover after parsing attributes in process `syz.1.8981'.
[  836.246928][T28045] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  836.607476][T28053] random: crng reseeded on system resumption
[  836.757837][T28053] hub 1-0:1.0: USB hub found
[  836.772114][T28053] hub 1-0:1.0: 1 port detected
[  838.472244][T28098] random: crng reseeded on system resumption
[  838.629765][T28101] netlink: 330 bytes leftover after parsing attributes in process `syz.4.9000'.
[  838.678570][T28098] hub 1-0:1.0: USB hub found
[  838.705874][T28098] hub 1-0:1.0: 1 port detected
[  839.516776][T28116] netlink: 294 bytes leftover after parsing attributes in process `syz.1.9013'.
[  840.969290][T28153] netlink: 334 bytes leftover after parsing attributes in process `syz.1.9018'.
[  841.190109][   T30] audit: type=1800 audit(4294967446.580:43): pid=28156 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.9019" name="file0" dev="tmpfs" ino=1523 res=0 errno=0
[  842.315492][T28176] netlink: 346 bytes leftover after parsing attributes in process `syz.1.9023'.
[  842.479767][T28181] netlink: 342 bytes leftover after parsing attributes in process `syz.1.9024'.
[  842.864202][T28188] FAULT_INJECTION: forcing a failure.
[  842.864202][T28188] name failslab, interval 1, probability 0, space 0, times 0
[  842.903738][T28188] CPU: 0 UID: 0 PID: 28188 Comm: syz.0.9026 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  842.903789][T28188] Tainted: [L]=SOFTLOCKUP
[  842.903801][T28188] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  842.903819][T28188] Call Trace:
[  842.903829][T28188]  <TASK>
[  842.903841][T28188]  dump_stack_lvl+0x100/0x190
[  842.903882][T28188]  should_fail_ex.cold+0x5/0xa
[  842.903922][T28188]  should_failslab+0xc2/0x120
[  842.903960][T28188]  __kmalloc_cache_noprof+0x7a/0x6f0
[  842.904006][T28188]  ? snd_pcm_oss_change_params_locked+0x1db/0x39f0
[  842.904066][T28188]  snd_pcm_oss_change_params_locked+0x1db/0x39f0
[  842.904123][T28188]  ? rcu_is_watching+0x12/0xc0
[  842.904161][T28188]  ? trace_contention_end+0x122/0x170
[  842.904202][T28188]  ? snd_pcm_oss_sync+0x243/0x840
[  842.904233][T28188]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  842.904293][T28188]  ? __pfx___mutex_lock+0x10/0x10
[  842.904334][T28188]  ? __fsnotify_parent+0x2b4/0xca0
[  842.904395][T28188]  snd_pcm_oss_make_ready_locked+0xb7/0x130
[  842.904451][T28188]  snd_pcm_oss_sync+0x265/0x840
[  842.904488][T28188]  snd_pcm_oss_release+0x238/0x300
[  842.904519][T28188]  ? __pfx_snd_pcm_oss_release+0x10/0x10
[  842.904551][T28188]  __fput+0x3ff/0xb50
[  842.904603][T28188]  task_work_run+0x150/0x240
[  842.904637][T28188]  ? __pfx_task_work_run+0x10/0x10
[  842.904671][T28188]  ? rcu_is_watching+0x12/0xc0
[  842.904713][T28188]  exit_to_user_mode_loop+0x107/0x4f0
[  842.904744][T28188]  ? rcu_is_watching+0x12/0xc0
[  842.904785][T28188]  do_syscall_64+0x6f2/0x830
[  842.904813][T28188]  ? clear_bhb_loop+0x40/0x90
[  842.904851][T28188]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  842.904883][T28188] RIP: 0033:0x7f621279ce59
[  842.904908][T28188] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  842.904938][T28188] RSP: 002b:00007f62109ee028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  842.904968][T28188] RAX: 0000000000000000 RBX: 00007f6212a15fa0 RCX: 00007f621279ce59
[  842.904987][T28188] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[  842.905005][T28188] RBP: 00007f6212832d6f R08: 0000000000000000 R09: 0000000000000000
[  842.905023][T28188] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  842.905041][T28188] R13: 00007f6212a16038 R14: 00007f6212a15fa0 R15: 00007ffd0a322868
[  842.905081][T28188]  </TASK>
[  843.520855][T28191] FAULT_INJECTION: forcing a failure.
[  843.520855][T28191] name failslab, interval 1, probability 0, space 0, times 0
[  843.534885][T28191] CPU: 0 UID: 0 PID: 28191 Comm: syz.1.9027 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  843.534933][T28191] Tainted: [L]=SOFTLOCKUP
[  843.534944][T28191] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  843.534962][T28191] Call Trace:
[  843.534972][T28191]  <TASK>
[  843.534983][T28191]  dump_stack_lvl+0x100/0x190
[  843.535021][T28191]  should_fail_ex.cold+0x5/0xa
[  843.535059][T28191]  should_failslab+0xc2/0x120
[  843.535113][T28191]  __kmalloc_cache_noprof+0x7a/0x6f0
[  843.535161][T28191]  ? crtc_crc_open+0x3ba/0x7e0
[  843.535220][T28191]  crtc_crc_open+0x3ba/0x7e0
[  843.535285][T28191]  ? __debugfs_file_get+0x1fc/0x860
[  843.535329][T28191]  ? __pfx_crtc_crc_open+0x10/0x10
[  843.535382][T28191]  ? __pfx_apparmor_file_open+0x10/0x10
[  843.535415][T28191]  ? path_get+0x61/0x80
[  843.535464][T28191]  ? __pfx_crtc_crc_open+0x10/0x10
[  843.535524][T28191]  full_proxy_open_regular+0x1b6/0x370
[  843.535592][T28191]  do_dentry_open+0x6d8/0x1660
[  843.535632][T28191]  ? __pfx_full_proxy_open_regular+0x10/0x10
[  843.535691][T28191]  vfs_open+0x82/0x3f0
[  843.535748][T28191]  path_openat+0x208c/0x31a0
[  843.535804][T28191]  ? __pfx_path_openat+0x10/0x10
[  843.535860][T28191]  do_file_open+0x20e/0x430
[  843.535917][T28191]  ? __pfx_do_file_open+0x10/0x10
[  843.535983][T28191]  ? alloc_fd+0x476/0x790
[  843.536043][T28191]  ? do_getname+0x191/0x390
[  843.536092][T28191]  do_sys_openat2+0x10d/0x1e0
[  843.536138][T28191]  ? __pfx_do_sys_openat2+0x10/0x10
[  843.536189][T28191]  ? do_raw_spin_lock+0x128/0x260
[  843.536237][T28191]  __x64_sys_openat+0x12d/0x210
[  843.536268][T28191]  ? __pfx___x64_sys_openat+0x10/0x10
[  843.536339][T28191]  ? rcu_is_watching+0x12/0xc0
[  843.536386][T28191]  do_syscall_64+0x10b/0x830
[  843.536417][T28191]  ? clear_bhb_loop+0x40/0x90
[  843.536458][T28191]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  843.536492][T28191] RIP: 0033:0x7f37dcb9ce59
[  843.536519][T28191] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  843.536550][T28191] RSP: 002b:00007f37ddb1f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  843.536581][T28191] RAX: ffffffffffffffda RBX: 00007f37dce16090 RCX: 00007f37dcb9ce59
[  843.536602][T28191] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[  843.536622][T28191] RBP: 00007f37dcc32d6f R08: 0000000000000000 R09: 0000000000000000
[  843.536642][T28191] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  843.536661][T28191] R13: 00007f37dce16128 R14: 00007f37dce16090 R15: 00007fffcea35318
[  843.536703][T28191]  </TASK>
[  845.383181][T28225] FAULT_INJECTION: forcing a failure.
[  845.383181][T28225] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  845.397217][T28225] CPU: 1 UID: 0 PID: 28225 Comm: syz.0.9041 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  845.397260][T28225] Tainted: [L]=SOFTLOCKUP
[  845.397270][T28225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  845.397294][T28225] Call Trace:
[  845.397303][T28225]  <TASK>
[  845.397313][T28225]  dump_stack_lvl+0x100/0x190
[  845.397349][T28225]  should_fail_ex.cold+0x5/0xa
[  845.397380][T28225]  ? prepare_alloc_pages+0x16d/0x5f0
[  845.397419][T28225]  should_fail_alloc_page+0xeb/0x140
[  845.397458][T28225]  prepare_alloc_pages+0x1f0/0x5f0
[  845.397502][T28225]  __alloc_frozen_pages_noprof+0x19a/0x2bc0
[  845.397543][T28225]  ? rcu_is_watching+0x12/0xc0
[  845.397582][T28225]  ? trace_mm_page_alloc+0x163/0x1d0
[  845.397632][T28225]  ? __alloc_frozen_pages_noprof+0x2b1/0x2bc0
[  845.397688][T28225]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  845.397728][T28225]  ? __pfx_stack_trace_save+0x10/0x10
[  845.397776][T28225]  ? stack_depot_save_flags+0x27/0x9d0
[  845.397819][T28225]  ? is_bpf_text_address+0x8a/0x1a0
[  845.397867][T28225]  ? is_bpf_text_address+0x8a/0x1a0
[  845.397917][T28225]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  845.397951][T28225]  ? kasan_save_stack+0x3f/0x50
[  845.397982][T28225]  ? kasan_save_stack+0x30/0x50
[  845.398013][T28225]  ? kasan_save_track+0x14/0x30
[  845.398045][T28225]  ? kmem_cache_alloc_node_noprof+0x25a/0x6f0
[  845.398082][T28225]  ? __get_vm_area_node+0x1ca/0x330
[  845.398123][T28225]  ? __vmalloc_node_range_noprof+0x228/0x1630
[  845.398169][T28225]  ? __kvmalloc_node_noprof+0x3de/0xa00
[  845.398201][T28225]  ? __do_sys_listmount+0x289/0xee0
[  845.398236][T28225]  ? do_syscall_64+0x10b/0x830
[  845.398266][T28225]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  845.398312][T28225]  alloc_pages_bulk_noprof+0x649/0x1360
[  845.398356][T28225]  ? policy_nodemask+0xed/0x4f0
[  845.398399][T28225]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  845.398456][T28225]  __kasan_populate_vmalloc+0xf0/0x210
[  845.398498][T28225]  alloc_vmap_area+0x95d/0x2b70
[  845.398555][T28225]  ? __pfx_alloc_vmap_area+0x10/0x10
[  845.398606][T28225]  __get_vm_area_node+0x1ca/0x330
[  845.398666][T28225]  __vmalloc_node_range_noprof+0x228/0x1630
[  845.398716][T28225]  ? __do_sys_listmount+0x289/0xee0
[  845.398752][T28225]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  845.398837][T28225]  ? __do_sys_listmount+0x289/0xee0
[  845.398880][T28225]  ? alloc_pages_mpol+0x25a/0x540
[  845.398925][T28225]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  845.398992][T28225]  ? rcu_is_watching+0x12/0xc0
[  845.399044][T28225]  __kvmalloc_node_noprof+0x3de/0xa00
[  845.399076][T28225]  ? __do_sys_listmount+0x289/0xee0
[  845.399107][T28225]  ? __do_sys_listmount+0x289/0xee0
[  845.399140][T28225]  ? _copy_from_user+0x59/0xd0
[  845.399172][T28225]  ? copy_mnt_id_req+0x1b1/0x350
[  845.399221][T28225]  __do_sys_listmount+0x289/0xee0
[  845.399253][T28225]  ? __pfx_do_futex+0x10/0x10
[  845.399289][T28225]  ? __fget_files+0x21f/0x3d0
[  845.399326][T28225]  ? __pfx___do_sys_listmount+0x10/0x10
[  845.399374][T28225]  ? rcu_is_watching+0x12/0xc0
[  845.399414][T28225]  do_syscall_64+0x10b/0x830
[  845.399440][T28225]  ? clear_bhb_loop+0x40/0x90
[  845.399475][T28225]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  845.399504][T28225] RIP: 0033:0x7f621279ce59
[  845.399529][T28225] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  845.399558][T28225] RSP: 002b:00007f62109ee028 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca
[  845.399587][T28225] RAX: ffffffffffffffda RBX: 00007f6212a15fa0 RCX: 00007f621279ce59
[  845.399608][T28225] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000080
[  845.399636][T28225] RBP: 00007f6212832d6f R08: 0000000000000000 R09: 0000000000000000
[  845.399654][T28225] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  845.399672][T28225] R13: 00007f6212a16038 R14: 00007f6212a15fa0 R15: 00007ffd0a322868
[  845.399710][T28225]  </TASK>
[  845.401087][T28225] syz.0.9041: vmalloc error: size 8000000, vm_struct allocation failed, mode:0x400cc0(GFP_KERNEL_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1
[  845.808864][T28225] CPU: 0 UID: 0 PID: 28225 Comm: syz.0.9041 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  845.808917][T28225] Tainted: [L]=SOFTLOCKUP
[  845.808929][T28225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  845.808956][T28225] Call Trace:
[  845.808966][T28225]  <TASK>
[  845.808979][T28225]  dump_stack_lvl+0x100/0x190
[  845.809022][T28225]  warn_alloc.cold+0x95/0x1c1
[  845.809059][T28225]  ? __pfx_warn_alloc+0x10/0x10
[  845.809097][T28225]  ? lockdep_hardirqs_on+0x78/0x100
[  845.809133][T28225]  ? __get_vm_area_node+0x2c5/0x330
[  845.809184][T28225]  ? __get_vm_area_node+0x208/0x330
[  845.809237][T28225]  __vmalloc_node_range_noprof+0xccd/0x1630
[  845.809283][T28225]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  845.809347][T28225]  ? __do_sys_listmount+0x289/0xee0
[  845.809391][T28225]  ? alloc_pages_mpol+0x25a/0x540
[  845.809436][T28225]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  845.809493][T28225]  ? rcu_is_watching+0x12/0xc0
[  845.809544][T28225]  __kvmalloc_node_noprof+0x3de/0xa00
[  845.809593][T28225]  ? __do_sys_listmount+0x289/0xee0
[  845.809628][T28225]  ? __do_sys_listmount+0x289/0xee0
[  845.809664][T28225]  ? _copy_from_user+0x59/0xd0
[  845.809702][T28225]  ? copy_mnt_id_req+0x1b1/0x350
[  845.809760][T28225]  __do_sys_listmount+0x289/0xee0
[  845.809798][T28225]  ? __pfx_do_futex+0x10/0x10
[  845.809839][T28225]  ? __fget_files+0x21f/0x3d0
[  845.809881][T28225]  ? __pfx___do_sys_listmount+0x10/0x10
[  845.809949][T28225]  ? rcu_is_watching+0x12/0xc0
[  845.809994][T28225]  do_syscall_64+0x10b/0x830
[  845.810023][T28225]  ? clear_bhb_loop+0x40/0x90
[  845.810063][T28225]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  845.810106][T28225] RIP: 0033:0x7f621279ce59
[  845.810132][T28225] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  845.810163][T28225] RSP: 002b:00007f62109ee028 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca
[  845.810194][T28225] RAX: ffffffffffffffda RBX: 00007f6212a15fa0 RCX: 00007f621279ce59
[  845.810215][T28225] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000080
[  845.810235][T28225] RBP: 00007f6212832d6f R08: 0000000000000000 R09: 0000000000000000
[  845.810254][T28225] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  845.810273][T28225] R13: 00007f6212a16038 R14: 00007f6212a15fa0 R15: 00007ffd0a322868
[  845.810314][T28225]  </TASK>
[  845.810454][T28225] Mem-Info:
[  846.080897][T28225] active_anon:59156 inactive_anon:5219 isolated_anon:0
[  846.080897][T28225]  active_file:10221 inactive_file:48973 isolated_file:0
[  846.080897][T28225]  unevictable:768 dirty:605 writeback:0
[  846.080897][T28225]  slab_reclaimable:11796 slab_unreclaimable:100319
[  846.080897][T28225]  mapped:48232 shmem:47985 pagetables:1315
[  846.080897][T28225]  sec_pagetables:0 bounce:0
[  846.080897][T28225]  kernel_misc_reclaimable:0
[  846.080897][T28225]  free:1246429 free_pcp:10817 free_cma:0
[  846.136105][T28225] Node 0 active_anon:236820kB inactive_anon:20876kB active_file:40884kB inactive_file:195744kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:192928kB dirty:2420kB writeback:0kB shmem:190700kB shmem_thp:2048kB shmem_pmdmapped:2048kB anon_thp:0kB kernel_stack:11820kB pagetables:5112kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB
[  846.189424][T28225] Node 1 active_anon:4kB inactive_anon:0kB active_file:0kB inactive_file:148kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1540kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:64kB pagetables:148kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB
[  846.228679][T28225] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  846.261853][T28225] lowmem_reserve[]: 0 2477 2478 2478 2478
[  846.268327][T28225] Node 0 DMA32 free:1037320kB boost:0kB min:34056kB low:42568kB high:51080kB reserved_highatomic:0KB free_highatomic:0KB active_anon:238620kB inactive_anon:20876kB active_file:40884kB inactive_file:195744kB unevictable:1536kB writepending:2420kB zspages:288kB present:3129332kB managed:2537248kB mlocked:0kB bounce:0kB free_pcp:32520kB local_pcp:19224kB free_cma:0kB
[  846.303821][T28225] lowmem_reserve[]: 0 0 1 1 1
[  846.308925][T28225] Node 0 Normal free:0kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1096kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:4kB free_cma:0kB
[  846.339769][T28225] lowmem_reserve[]: 0 0 0 0 0
[  846.344606][T28225] Node 1 Normal free:3933036kB boost:0kB min:55828kB low:69784kB high:83740kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4kB inactive_anon:0kB active_file:0kB inactive_file:148kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:8512kB local_pcp:8512kB free_cma:0kB
[  846.378634][T28225] lowmem_reserve[]: 0 0 0 0 0
[  846.383476][T28225] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  846.396718][T28225] Node 0 DMA32: 3323*4kB (UM) 3683*8kB (U) 2135*16kB (UM) 285*32kB (UE) 678*64kB (UME) 567*128kB (UME) 414*256kB (UME) 231*512kB (UME) 74*1024kB (UME) 23*2048kB (UME) 119*4096kB (UM) = 1036564kB
[  846.416596][T28225] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  846.428852][T28225] Node 1 Normal: 35*4kB (UM) 18*8kB (UM) 13*16kB (UM) 8*32kB (UM) 14*64kB (UM) 12*128kB (UM) 11*256kB (UM) 8*512kB (UM) 7*1024kB (UM) 4*2048kB (UM) 954*4096kB (UM) = 3933036kB
[  846.448336][T28225] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  846.458950][T28225] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  846.468916][T28225] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  846.478939][T28225] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  846.488724][T28225] 108524 total pagecache pages
[  846.493668][T28225] 78 pages in swap cache
[  846.498408][T28225] Free swap  = 124364kB
[  846.502647][T28225] Total swap = 124996kB
[  846.507345][T28225] 2097051 pages RAM
[  846.511238][T28225] 0 pages HighMem/MovableOnly
[  846.516504][T28225] 430850 pages reserved
[  846.520797][T28225] 0 pages cma reserved
[  847.027441][T28242] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed
[  847.074382][T28242] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff)
[  847.117422][T28243] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed
[  847.136376][T28243] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff)
[  848.162919][T28258] netlink: 334 bytes leftover after parsing attributes in process `syz.1.9054'.
[  848.521630][T28267] netlink: 'syz.1.9056': attribute type 19 has an invalid length.
[  848.552333][T28267] netlink: 334 bytes leftover after parsing attributes in process `syz.1.9056'.
[  849.839488][T28285] netlink: 342 bytes leftover after parsing attributes in process `syz.3.9062'.
[  850.023910][T28287] netlink: 504 bytes leftover after parsing attributes in process `syz.1.9063'.
[  850.039950][T28285] netlink: 342 bytes leftover after parsing attributes in process `syz.3.9062'.
[  850.337333][T22051] Bluetooth: hci1: SCO packet for unknown connection handle 0
[  855.426793][T28314] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  855.451869][T28314] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  855.465275][T28314] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  855.475978][T28314] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  855.491076][T28314] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  855.652500][T28323] netlink: 342 bytes leftover after parsing attributes in process `syz.1.9073'.
[  856.325324][T28313] bridge0: port 1(bridge_slave_0) entered blocking state
[  856.333556][T28313] bridge0: port 1(bridge_slave_0) entered disabled state
[  856.341191][T28313] bridge_slave_0: entered allmulticast mode
[  856.348869][T28313] bridge_slave_0: entered promiscuous mode
[  856.358667][T28313] bridge0: port 2(bridge_slave_1) entered blocking state
[  856.366152][T28313] bridge0: port 2(bridge_slave_1) entered disabled state
[  856.374271][T28313] bridge_slave_1: entered allmulticast mode
[  856.383279][T28313] bridge_slave_1: entered promiscuous mode
[  856.450037][T28313] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  856.462101][T28313] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  856.497893][T28313] team0: Port device team_slave_0 added
[  856.506444][T28313] team0: Port device team_slave_1 added
[  856.534398][T28313] batman_adv: batadv0: Adding interface: batadv_slave_0
[  856.541642][T28313] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  856.567905][T28313] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  856.581883][T28313] batman_adv: batadv0: Adding interface: batadv_slave_1
[  856.588975][T28313] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  856.618870][T28313] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  856.668742][T28313] hsr_slave_0: entered promiscuous mode
[  856.676575][T28313] hsr_slave_1: entered promiscuous mode
[  856.683437][T28313] debugfs: 'hsr0' already exists in 'hsr'
[  856.689762][T28313] Cannot create hsr debugfs directory
[  856.835825][T28314] Bluetooth: hci4: command 0x0406 tx timeout
[  856.905156][T28313] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  856.919147][T28313] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  856.929818][T28313] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  856.940754][T28313] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  856.951095][T28313] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  856.963276][T28313] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  856.971551][T28313] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  856.986433][T28313] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  857.021706][T28313] bridge0: port 2(bridge_slave_1) entered blocking state
[  857.028972][T28313] bridge0: port 2(bridge_slave_1) entered forwarding state
[  857.036505][T28313] bridge0: port 1(bridge_slave_0) entered blocking state
[  857.043635][T28313] bridge0: port 1(bridge_slave_0) entered forwarding state
[  857.112287][T28313] 8021q: adding VLAN 0 to HW filter on device bond0
[  857.134543][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  857.142291][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  857.159236][T28313] 8021q: adding VLAN 0 to HW filter on device team0
[  857.175729][  T137] bridge0: port 1(bridge_slave_0) entered blocking state
[  857.182869][  T137] bridge0: port 1(bridge_slave_0) entered forwarding state
[  857.203474][  T137] bridge0: port 2(bridge_slave_1) entered blocking state
[  857.210625][  T137] bridge0: port 2(bridge_slave_1) entered forwarding state
[  857.555122][ T4947] Bluetooth: hci5: command tx timeout
[  857.643161][T28313] 8021q: adding VLAN 0 to HW filter on device batadv0
[  857.901366][T28313] veth0_vlan: entered promiscuous mode
[  857.913663][T28313] veth1_vlan: entered promiscuous mode
[  857.947793][T28313] veth0_macvtap: entered promiscuous mode
[  857.960084][T28313] veth1_macvtap: entered promiscuous mode
[  857.981267][T28313] batman_adv: batadv0: Interface activated: batadv_slave_0
[  858.001222][T28313] batman_adv: batadv0: Interface activated: batadv_slave_1
[  858.018762][  T137] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  858.029688][  T137] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  858.042061][  T137] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  858.053266][  T137] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  858.210565][ T1122] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  858.223443][ T1122] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  858.267663][   T47] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  858.276769][   T47] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  859.351163][T28391] netlink: 20 bytes leftover after parsing attributes in process `syz.0.9081'.
[  859.462060][T28386] netlink: 342 bytes leftover after parsing attributes in process `syz.3.9079'.
[  859.572099][T28396] netlink: 334 bytes leftover after parsing attributes in process `syz.5.9083'.
[  859.635042][ T4947] Bluetooth: hci5: command tx timeout
[  860.932352][T28432] netlink: 334 bytes leftover after parsing attributes in process `syz.3.9100'.
[  861.023580][T28434] netlink: 342 bytes leftover after parsing attributes in process `syz.1.9102'.
[  861.328833][T28447] netlink: 25 bytes leftover after parsing attributes in process `syz.5.9104'.
[  861.725254][ T4947] Bluetooth: hci5: command tx timeout
[  862.143986][T28469] netlink: 330 bytes leftover after parsing attributes in process `syz.3.9112'.
[  862.187096][T28469] IPv6: NLM_F_CREATE should be specified when creating new route
[  862.408651][T28474] netlink: 110 bytes leftover after parsing attributes in process `syz.3.9115'.
[  862.567749][T28478] FAULT_INJECTION: forcing a failure.
[  862.567749][T28478] name failslab, interval 1, probability 0, space 0, times 0
[  862.594031][T28478] CPU: 1 UID: 0 PID: 28478 Comm: syz.1.9116 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  862.594083][T28478] Tainted: [L]=SOFTLOCKUP
[  862.594095][T28478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  862.594115][T28478] Call Trace:
[  862.594125][T28478]  <TASK>
[  862.594138][T28478]  dump_stack_lvl+0x100/0x190
[  862.594182][T28478]  should_fail_ex.cold+0x5/0xa
[  862.594225][T28478]  should_failslab+0xc2/0x120
[  862.594267][T28478]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[  862.594301][T28478]  ? hugetlbfs_alloc_inode+0x8c/0x1d0
[  862.594358][T28478]  hugetlbfs_alloc_inode+0x8c/0x1d0
[  862.594405][T28478]  ? __pfx_hugetlbfs_alloc_inode+0x10/0x10
[  862.594456][T28478]  alloc_inode+0x68/0x250
[  862.594498][T28478]  new_inode+0x22/0x1c0
[  862.594534][T28478]  hugetlbfs_get_inode+0x39a/0x700
[  862.594584][T28478]  ? do_raw_spin_lock+0x128/0x260
[  862.594630][T28478]  hugetlb_file_setup+0x15b/0x5b0
[  862.594693][T28478]  memfd_alloc_file+0xc2/0x610
[  862.594732][T28478]  ? _raw_spin_unlock+0x28/0x50
[  862.594790][T28478]  ? __pfx_memfd_alloc_file+0x10/0x10
[  862.594842][T28478]  __do_sys_memfd_create+0x236/0x3d0
[  862.594880][T28478]  do_syscall_64+0x10b/0x830
[  862.594911][T28478]  ? clear_bhb_loop+0x40/0x90
[  862.594952][T28478]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  862.594986][T28478] RIP: 0033:0x7f37dcb9ce59
[  862.595013][T28478] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  862.595046][T28478] RSP: 002b:00007f37ddb40028 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  862.595078][T28478] RAX: ffffffffffffffda RBX: 00007f37dce15fa0 RCX: 00007f37dcb9ce59
[  862.595101][T28478] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000200000000040
[  862.595122][T28478] RBP: 00007f37dcc32d6f R08: 0000000000000000 R09: 0000000000000000
[  862.595142][T28478] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  862.595162][T28478] R13: 00007f37dce16038 R14: 00007f37dce15fa0 R15: 00007fffcea35318
[  862.595206][T28478]  </TASK>
[  863.795236][ T4947] Bluetooth: hci5: command tx timeout
[  864.031579][T28505] netlink: 28 bytes leftover after parsing attributes in process `syz.0.9126'.
[  864.051606][T28505] bond0: entered promiscuous mode
[  864.057888][T28505] bond_slave_0: entered promiscuous mode
[  864.064024][T28505] bond_slave_1: entered promiscuous mode
[  864.071166][T28505] : entered promiscuous mode
[  865.202707][T28532] netlink: 330 bytes leftover after parsing attributes in process `syz.1.9135'.
[  865.345387][T28537] netlink: 330 bytes leftover after parsing attributes in process `syz.1.9136'.
[  865.355783][T28537] IPv6: NLM_F_CREATE should be specified when creating new route
[  866.478328][T28552] netlink: 20 bytes leftover after parsing attributes in process `syz.3.9141'.
[  866.501028][T28553] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  866.536483][T28552] bridge0: port 4(vlan1) entered disabled state
[  866.733337][T28552] vlan1 (unregistering): left allmulticast mode
[  866.741964][T28552] veth0_vlan (unregistering): left allmulticast mode
[  866.759073][T28552] vlan1 (unregistering): left promiscuous mode
[  866.773197][T28552] bridge0: port 4(vlan1) entered disabled state
[  866.843752][T28561] netlink: 'syz.1.9145': attribute type 64 has an invalid length.
[  866.852322][T28561] netlink: 74 bytes leftover after parsing attributes in process `syz.1.9145'.
[  867.685638][T28584] netlink: 146 bytes leftover after parsing attributes in process `syz.3.9153'.
[  867.947104][T28591] netlink: 28 bytes leftover after parsing attributes in process `syz.3.9156'.
[  867.961889][T28591] veth1_macvtap: left promiscuous mode
[  867.965906][T28593] netlink: 21 bytes leftover after parsing attributes in process `syz.1.9157'.
[  867.978538][T28591] macsec0: entered promiscuous mode
[  867.993163][T28591] macsec0: entered allmulticast mode
[  868.110923][T28597] netlink: 342 bytes leftover after parsing attributes in process `syz.1.9158'.
[  868.831283][T28620] vivid-007: =================  START STATUS  =================
[  868.841137][T28620] vivid-007: Generate PTS: true
[  868.848153][T28620] vivid-007: Generate SCR: true
[  868.868089][T28620] tpg source WxH: 320x240 (Y'CbCr)
[  868.894903][T28620] tpg field: 1
[  868.898527][T28620] tpg crop: (0,0)/320x240
[  868.903112][T28620] tpg compose: (0,0)/320x240
[  868.908831][T28620] tpg colorspace: 8
[  868.916588][T28620] tpg transfer function: 0/0
[  868.921376][T28620] tpg Y'CbCr encoding: 0/0
[  868.926570][T28620] tpg quantization: 0/0
[  868.931443][T28620] tpg RGB range: 0/2
[  868.936387][T28620] vivid-007: ==================  END STATUS  ==================
[  870.120816][ T1318] ieee802154 phy0 wpan0: encryption failed: -22
[  870.132511][ T1318] ieee802154 phy1 wpan1: encryption failed: -22
[  871.089310][T28680] netlink: 16 bytes leftover after parsing attributes in process `syz.1.9186'.
[  871.669513][T28693] netlink: 330 bytes leftover after parsing attributes in process `syz.3.9190'.
[  871.715889][T28693] bridge0: port 1(team0) entered disabled state
[  872.456971][T28721] netlink: 20 bytes leftover after parsing attributes in process `syz.1.9196'.
[  874.394568][T28772] netlink: 342 bytes leftover after parsing attributes in process `syz.3.9207'.
[  874.455806][T28775] netlink: 198 bytes leftover after parsing attributes in process `syz.5.9208'.
[  874.727120][T28780] netlink: 20 bytes leftover after parsing attributes in process `syz.5.9210'.
[  875.306447][T28785] netlink: 2468 bytes leftover after parsing attributes in process `syz.3.9211'.
[  875.328454][T28785] netlink: 2468 bytes leftover after parsing attributes in process `syz.3.9211'.
[  875.407237][T28789] FAULT_INJECTION: forcing a failure.
[  875.407237][T28789] name failslab, interval 1, probability 0, space 0, times 0
[  875.447495][T28789] CPU: 0 UID: 0 PID: 28789 Comm: syz.0.9214 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  875.447547][T28789] Tainted: [L]=SOFTLOCKUP
[  875.447559][T28789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  875.447578][T28789] Call Trace:
[  875.447589][T28789]  <TASK>
[  875.447601][T28789]  dump_stack_lvl+0x100/0x190
[  875.447644][T28789]  should_fail_ex.cold+0x5/0xa
[  875.447687][T28789]  should_failslab+0xc2/0x120
[  875.447729][T28789]  __kmalloc_cache_noprof+0x7a/0x6f0
[  875.447780][T28789]  ? snd_pcm_oss_change_params_locked+0x81c/0x39f0
[  875.447859][T28789]  ? _snd_pcm_hw_param_min+0x1ea/0x670
[  875.447921][T28789]  snd_pcm_oss_change_params_locked+0x81c/0x39f0
[  875.448006][T28789]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  875.448070][T28789]  ? __pfx___mutex_lock+0x10/0x10
[  875.448130][T28789]  snd_pcm_oss_make_ready_locked+0xb7/0x130
[  875.448206][T28789]  snd_pcm_oss_read+0x3d4/0x730
[  875.448249][T28789]  ? __pfx_snd_pcm_oss_read+0x10/0x10
[  875.448287][T28789]  vfs_read+0x1e4/0xb30
[  875.448331][T28789]  ? __pfx_vfs_read+0x10/0x10
[  875.448367][T28789]  ? find_held_lock+0x2b/0x80
[  875.448411][T28789]  ? __fget_files+0x215/0x3d0
[  875.448451][T28789]  ? __fget_files+0x215/0x3d0
[  875.448498][T28789]  ? __fget_files+0x21f/0x3d0
[  875.448552][T28789]  ksys_read+0x12a/0x250
[  875.448591][T28789]  ? __pfx_ksys_read+0x10/0x10
[  875.448634][T28789]  ? rcu_is_watching+0x12/0xc0
[  875.448686][T28789]  do_syscall_64+0x10b/0x830
[  875.448716][T28789]  ? clear_bhb_loop+0x40/0x90
[  875.448757][T28789]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  875.448791][T28789] RIP: 0033:0x7f621279ce59
[  875.448819][T28789] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  875.448853][T28789] RSP: 002b:00007f62109ee028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  875.448884][T28789] RAX: ffffffffffffffda RBX: 00007f6212a15fa0 RCX: 00007f621279ce59
[  875.448906][T28789] RDX: 0000000000008080 RSI: 0000000000000000 RDI: 0000000000000003
[  875.448926][T28789] RBP: 00007f6212832d6f R08: 0000000000000000 R09: 0000000000000000
[  875.448945][T28789] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  875.448964][T28789] R13: 00007f6212a16038 R14: 00007f6212a15fa0 R15: 00007ffd0a322868
[  875.449006][T28789]  </TASK>
[  875.780092][T28797] netlink: 342 bytes leftover after parsing attributes in process `syz.0.9218'.
[  876.059027][T28812] netlink: 20 bytes leftover after parsing attributes in process `syz.5.9222'.
[  876.273824][T28819] FAULT_INJECTION: forcing a failure.
[  876.273824][T28819] name failslab, interval 1, probability 0, space 0, times 0
[  876.314656][T28819] CPU: 1 UID: 0 PID: 28819 Comm: syz.1.9225 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  876.314713][T28819] Tainted: [L]=SOFTLOCKUP
[  876.314725][T28819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  876.314746][T28819] Call Trace:
[  876.314756][T28819]  <TASK>
[  876.314769][T28819]  dump_stack_lvl+0x100/0x190
[  876.314815][T28819]  should_fail_ex.cold+0x5/0xa
[  876.314861][T28819]  should_failslab+0xc2/0x120
[  876.314904][T28819]  __kmalloc_node_track_caller_noprof+0xe3/0x850
[  876.314942][T28819]  ? snd_pcm_hw_rule_add+0x3b3/0x510
[  876.314994][T28819]  ? krealloc_node_align_noprof+0x27e/0x3e0
[  876.315030][T28819]  ? kfree+0x1dd/0x6c0
[  876.315084][T28819]  krealloc_node_align_noprof+0x1f9/0x3e0
[  876.315128][T28819]  snd_pcm_hw_rule_add+0x3b3/0x510
[  876.315181][T28819]  ? __pfx_snd_pcm_hw_rule_muldivk+0x10/0x10
[  876.315234][T28819]  ? __pfx_snd_pcm_hw_rule_add+0x10/0x10
[  876.315283][T28819]  ? __pfx_snd_pcm_hw_rule_add+0x10/0x10
[  876.315339][T28819]  ? mutex_init_lockdep+0xf1/0x120
[  876.315378][T28819]  ? snd_pcm_attach_substream+0x287/0xd20
[  876.315430][T28819]  snd_pcm_open_substream+0x942/0x1850
[  876.315477][T28819]  ? __pfx_snd_pcm_open_substream+0x10/0x10
[  876.315520][T28819]  ? rcu_is_watching+0x12/0xc0
[  876.315579][T28819]  snd_pcm_open+0x2a3/0x710
[  876.315627][T28819]  ? __pfx_snd_pcm_open+0x10/0x10
[  876.315673][T28819]  ? __pfx_default_wake_function+0x10/0x10
[  876.315734][T28819]  ? __pfx_snd_pcm_playback_open+0x10/0x10
[  876.315787][T28819]  snd_pcm_playback_open+0x86/0xe0
[  876.315828][T28819]  snd_open+0x201/0x450
[  876.315879][T28819]  ? __pfx_snd_open+0x10/0x10
[  876.315929][T28819]  chrdev_open+0x234/0x6a0
[  876.315972][T28819]  ? __pfx_chrdev_open+0x10/0x10
[  876.316017][T28819]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  876.316071][T28819]  do_dentry_open+0x6d8/0x1660
[  876.316113][T28819]  ? __pfx_chrdev_open+0x10/0x10
[  876.316165][T28819]  vfs_open+0x82/0x3f0
[  876.316220][T28819]  path_openat+0x208c/0x31a0
[  876.316275][T28819]  ? __pfx_path_openat+0x10/0x10
[  876.316335][T28819]  do_file_open+0x20e/0x430
[  876.316381][T28819]  ? __pfx_do_file_open+0x10/0x10
[  876.316453][T28819]  ? alloc_fd+0x476/0x790
[  876.316499][T28819]  ? do_getname+0x191/0x390
[  876.316552][T28819]  do_sys_openat2+0x10d/0x1e0
[  876.316611][T28819]  ? __pfx_do_sys_openat2+0x10/0x10
[  876.316679][T28819]  __x64_sys_openat+0x12d/0x210
[  876.316712][T28819]  ? __pfx___x64_sys_openat+0x10/0x10
[  876.316774][T28819]  ? rcu_is_watching+0x12/0xc0
[  876.316830][T28819]  do_syscall_64+0x10b/0x830
[  876.316859][T28819]  ? clear_bhb_loop+0x40/0x90
[  876.316915][T28819]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  876.316950][T28819] RIP: 0033:0x7f37dcb9ce59
[  876.316978][T28819] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  876.317012][T28819] RSP: 002b:00007f37ddb40028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  876.317055][T28819] RAX: ffffffffffffffda RBX: 00007f37dce15fa0 RCX: 00007f37dcb9ce59
[  876.317076][T28819] RDX: 0000000000002100 RSI: 0000200000004ec0 RDI: ffffffffffffff9c
[  876.317096][T28819] RBP: 00007f37dcc32d6f R08: 0000000000000000 R09: 0000000000000000
[  876.317115][T28819] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  876.317132][T28819] R13: 00007f37dce16038 R14: 00007f37dce15fa0 R15: 00007fffcea35318
[  876.317172][T28819]  </TASK>
[  878.739366][T28863] netlink: 86 bytes leftover after parsing attributes in process `syz.0.9242'.
[  879.823985][T28890] netlink: 342 bytes leftover after parsing attributes in process `syz.5.9250'.
[  879.827856][T28888] netlink: 334 bytes leftover after parsing attributes in process `syz.1.9249'.
[  882.311344][T28940] netlink: 338 bytes leftover after parsing attributes in process `syz.0.9267'.
[  882.738616][T28947] netlink: 334 bytes leftover after parsing attributes in process `syz.3.9269'.
[  883.341632][T28956] netlink: 334 bytes leftover after parsing attributes in process `syz.3.9273'.
[  883.364584][T28956] netlink: 334 bytes leftover after parsing attributes in process `syz.3.9273'.
[  883.541988][T28958] netlink: 16 bytes leftover after parsing attributes in process `syz.3.9274'.
[  883.728363][T28960] device-mapper: ioctl: Invalid ioctl structure: uuid ž, name , dev 4000000200000
[  883.778551][T28929] kexec: Could not allocate control_code_buffer
[  885.202073][T28988] netlink: 16 bytes leftover after parsing attributes in process `syz.5.9286'.
[  885.395919][T28991] device-mapper: ioctl: Invalid ioctl structure: uuid ž, name , dev 4000000200000
[  887.303516][T29024] netlink: 142 bytes leftover after parsing attributes in process `syz.3.9298'.
[  887.480104][T29019] netlink: 74 bytes leftover after parsing attributes in process `syz.5.9299'.
[  887.649896][T29028] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9302'.
[  887.662020][T29028] netlink: 25 bytes leftover after parsing attributes in process `syz.0.9302'.
[  887.959756][T29038] netlink: 130 bytes leftover after parsing attributes in process `syz.5.9306'.
[  889.603337][T29071] netlink: 130 bytes leftover after parsing attributes in process `syz.1.9318'.
[  889.825348][T29074] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  889.909524][T29077] netlink: 342 bytes leftover after parsing attributes in process `syz.1.9321'.
[  892.912480][T29136] bonding: unable to delete non-existent )
[  893.598016][T29147] netlink: 'syz.1.9343': attribute type 4 has an invalid length.
[  893.789157][T29154] netlink: 16 bytes leftover after parsing attributes in process `syz.0.9345'.
[  894.128027][T29160] netlink: 342 bytes leftover after parsing attributes in process `syz.1.9349'.
[  894.316533][T29164] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9351'.
[  894.576592][T29170] netlink: 21 bytes leftover after parsing attributes in process `syz.0.9354'.
[  895.301059][T29180] netlink: 16 bytes leftover after parsing attributes in process `syz.1.9357'.
[  895.933469][T29191] netlink: 334 bytes leftover after parsing attributes in process `syz.1.9361'.
[  897.148611][T29217] netlink: 334 bytes leftover after parsing attributes in process `syz.0.9370'.
[  898.692258][T29245] netlink: 342 bytes leftover after parsing attributes in process `syz.1.9378'.
[  898.705082][T29245] netlink: 342 bytes leftover after parsing attributes in process `syz.1.9378'.
[  899.184919][T29252] zswap: compressor 000 not available
[  899.391844][T29259] netlink: 322 bytes leftover after parsing attributes in process `syz.5.9384'.
[  905.877854][T28314] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  905.898749][T28314] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  905.909134][T28314] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  905.919534][T28314] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  905.928363][T28314] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  906.573773][T29312] netlink: 342 bytes leftover after parsing attributes in process `syz.1.9399'.
[  907.003412][T29330] netlink: 'syz.5.9403': attribute type 4 has an invalid length.
[  907.050819][T29284] bridge0: port 1(bridge_slave_0) entered blocking state
[  907.060554][T29284] bridge0: port 1(bridge_slave_0) entered disabled state
[  907.070263][T29284] bridge_slave_0: entered allmulticast mode
[  907.082653][T29284] bridge_slave_0: entered promiscuous mode
[  907.098050][T29284] bridge0: port 2(bridge_slave_1) entered blocking state
[  907.105536][T29284] bridge0: port 2(bridge_slave_1) entered disabled state
[  907.112907][T29284] bridge_slave_1: entered allmulticast mode
[  907.121533][T29284] bridge_slave_1: entered promiscuous mode
[  907.169165][T29284] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  907.185104][T29284] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  907.232783][T29284] team0: Port device team_slave_0 added
[  907.242368][T29284] team0: Port device team_slave_1 added
[  907.286629][T29284] batman_adv: batadv0: Adding interface: batadv_slave_0
[  907.293865][T29284] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  907.320404][T29284] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  907.336438][T29284] batman_adv: batadv0: Adding interface: batadv_slave_1
[  907.343513][T29284] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  907.370996][T29284] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  907.465891][T29284] hsr_slave_0: entered promiscuous mode
[  907.473273][T29284] hsr_slave_1: entered promiscuous mode
[  907.480550][T29284] debugfs: 'hsr0' already exists in 'hsr'
[  907.489974][T29284] Cannot create hsr debugfs directory
[  907.762830][T29284] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  907.785895][T29284] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  907.807486][T29284] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  907.823603][T29284] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  907.833696][T29284] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  907.863478][T29284] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  907.876248][T29284] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  907.908171][T29284] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  908.036057][ T4947] Bluetooth: hci6: command tx timeout
[  908.103569][T29284] 8021q: adding VLAN 0 to HW filter on device bond0
[  908.137596][T29284] 8021q: adding VLAN 0 to HW filter on device team0
[  908.151910][ T1043] bridge0: port 1(bridge_slave_0) entered blocking state
[  908.159192][ T1043] bridge0: port 1(bridge_slave_0) entered forwarding state
[  908.203729][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  908.211025][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  909.231096][T29284] 8021q: adding VLAN 0 to HW filter on device batadv0
[  909.404007][T29385] netlink: 16 bytes leftover after parsing attributes in process `syz.5.9416'.
[  910.008957][T29284] veth0_vlan: entered promiscuous mode
[  910.011590][T29397] netlink: 334 bytes leftover after parsing attributes in process `syz.0.9418'.
[  910.029948][T29284] veth1_vlan: entered promiscuous mode
[  910.074161][T29284] veth0_macvtap: entered promiscuous mode
[  910.087651][T29284] veth1_macvtap: entered promiscuous mode
[  910.109885][T29284] batman_adv: batadv0: Interface activated: batadv_slave_0
[  910.117515][ T4947] Bluetooth: hci6: command tx timeout
[  910.141299][T29399] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9419'.
[  910.176919][T29284] batman_adv: batadv0: Interface activated: batadv_slave_1
[  910.298071][T29403] netlink: 28 bytes leftover after parsing attributes in process `syz.0.9420'.
[  910.459218][T29407] netlink: 342 bytes leftover after parsing attributes in process `syz.1.9423'.
[  910.470227][T29403] bond0: (slave bond_slave_0): Releasing backup interface
[  910.489617][T29403] bond_slave_0 (unregistering): left promiscuous mode
[  910.525102][ T1122] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  910.542531][ T1122] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  910.568781][ T1122] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  910.586087][ T1122] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  910.880281][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  910.910759][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  911.043081][ T1043] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  911.061581][ T1043] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  912.196225][ T4947] Bluetooth: hci6: command tx timeout
[  913.044700][T29458] usb usb16: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  913.257573][T29460] netlink: 222 bytes leftover after parsing attributes in process `syz.1.9435'.
[  914.276247][ T4947] Bluetooth: hci6: command tx timeout
[  914.678461][T29462] kexec: Could not allocate control_code_buffer
[  915.420796][T29508] netlink: 'syz.1.9454': attribute type 4 has an invalid length.
[  915.445112][T29508] netlink: 'syz.1.9454': attribute type 4 has an invalid length.
[  919.539456][T29590] netlink: 350 bytes leftover after parsing attributes in process `syz.0.9481'.
[  919.822353][T29605] misc userio: No port type given on /dev/userio
[  921.578817][T29646] netlink: 342 bytes leftover after parsing attributes in process `syz.1.9500'.
[  922.059681][T29660] netlink: 'syz.5.9505': attribute type 27 has an invalid length.
[  922.097313][T29660] netlink: 334 bytes leftover after parsing attributes in process `syz.5.9505'.
[  923.388698][T29652] kexec: Could not allocate control_code_buffer
[  923.920110][T29693] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  923.990471][T29693] CIFS mount error: No usable UNC path provided in device string!
[  923.990471][T29693] 
[  924.037713][T29693] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  924.260578][T29702] netlink: 28 bytes leftover after parsing attributes in process `syz.5.9520'.
[  924.348204][T29702] bond0: (slave bond_slave_0): Releasing backup interface
[  924.579847][T29706] netlink: 146 bytes leftover after parsing attributes in process `syz.1.9522'.
[  925.513853][T29731] netlink: 342 bytes leftover after parsing attributes in process `syz.6.9531'.
[  927.282687][T29773] netlink: 'syz.6.9547': attribute type 14 has an invalid length.
[  927.292063][T29773] netlink: 330 bytes leftover after parsing attributes in process `syz.6.9547'.
[  927.413265][T29777] CIFS mount error: No usable UNC path provided in device string!
[  927.413265][T29777] 
[  927.478140][T29777] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  928.871651][T29809] FAULT_INJECTION: forcing a failure.
[  928.871651][T29809] name failslab, interval 1, probability 0, space 0, times 0
[  928.905068][T29809] CPU: 1 UID: 0 PID: 29809 Comm: syz.6.9557 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  928.905121][T29809] Tainted: [L]=SOFTLOCKUP
[  928.905134][T29809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  928.905155][T29809] Call Trace:
[  928.905167][T29809]  <TASK>
[  928.905179][T29809]  dump_stack_lvl+0x100/0x190
[  928.905222][T29809]  should_fail_ex.cold+0x5/0xa
[  928.905264][T29809]  should_failslab+0xc2/0x120
[  928.905304][T29809]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  928.905338][T29809]  ? mas_preallocate+0x1105/0x14a0
[  928.905387][T29809]  mas_preallocate+0x1105/0x14a0
[  928.905432][T29809]  ? __pfx_mas_preallocate+0x10/0x10
[  928.905495][T29809]  vma_link+0x14a/0x8d0
[  928.905545][T29809]  ? find_held_lock+0x2b/0x80
[  928.905587][T29809]  ? anon_vma_clone+0x66e/0xcd0
[  928.905634][T29809]  ? __pfx_vma_link+0x10/0x10
[  928.905695][T29809]  ? anon_vma_clone+0x675/0xcd0
[  928.905751][T29809]  copy_vma+0x7e6/0xac0
[  928.905787][T29809]  ? __pfx_copy_vma+0x10/0x10
[  928.905842][T29809]  ? __lock_acquire+0x4a5/0x2630
[  928.905904][T29809]  copy_vma_and_data+0x1cf/0x7c0
[  928.905940][T29809]  ? __pfx_copy_vma_and_data+0x10/0x10
[  928.905990][T29809]  ? __vma_start_write+0x17f/0x280
[  928.906038][T29809]  ? __pfx___vma_start_write+0x10/0x10
[  928.906094][T29809]  move_vma+0x574/0x1920
[  928.906131][T29809]  ? __pfx_move_vma+0x10/0x10
[  928.906167][T29809]  ? mm_get_unmapped_area_vmflags+0xd7/0x130
[  928.906211][T29809]  ? cap_mmap_addr+0x4b/0x120
[  928.906263][T29809]  ? bpf_lsm_mmap_addr+0x9/0x30
[  928.906295][T29809]  ? security_mmap_addr+0x71/0x1e0
[  928.906338][T29809]  ? __get_unmapped_area+0x255/0x3e0
[  928.906384][T29809]  ? vrm_set_new_addr+0x204/0x290
[  928.906445][T29809]  mremap_to+0x234/0x4c0
[  928.906474][T29809]  ? mas_walk+0x6ef/0x9b0
[  928.906525][T29809]  ? __pfx_mremap_to+0x10/0x10
[  928.906552][T29809]  ? check_prep_vma+0x878/0xdf0
[  928.906591][T29809]  __do_sys_mremap+0xa7a/0x1850
[  928.906637][T29809]  ? __pfx___do_sys_mremap+0x10/0x10
[  928.906676][T29809]  ? do_futex+0x192/0x350
[  928.906715][T29809]  ? __pfx_do_futex+0x10/0x10
[  928.906763][T29809]  ? __x64_sys_futex+0x34f/0x4d0
[  928.906825][T29809]  ? rcu_is_watching+0x12/0xc0
[  928.906874][T29809]  do_syscall_64+0x10b/0x830
[  928.906905][T29809]  ? clear_bhb_loop+0x40/0x90
[  928.906947][T29809]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  928.906982][T29809] RIP: 0033:0x7fecd179ce59
[  928.907009][T29809] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  928.907042][T29809] RSP: 002b:00007fecd2632028 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[  928.907076][T29809] RAX: ffffffffffffffda RBX: 00007fecd1a15fa0 RCX: 00007fecd179ce59
[  928.907099][T29809] RDX: 0000000000000004 RSI: 0000000000000004 RDI: 0000200000000000
[  928.907122][T29809] RBP: 00007fecd1832d6f R08: 0000000100000000 R09: 0000000000000000
[  928.907142][T29809] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000
[  928.907162][T29809] R13: 00007fecd1a16038 R14: 00007fecd1a15fa0 R15: 00007ffcc25aeb78
[  928.907207][T29809]  </TASK>
[  931.350356][T29859] netlink: 342 bytes leftover after parsing attributes in process `syz.0.9582'.
[  931.557167][ T1318] ieee802154 phy0 wpan0: encryption failed: -22
[  931.557283][ T1318] ieee802154 phy1 wpan1: encryption failed: -22
[  932.014471][T29866] skbuff: bad partial csum: csum=65535/1 headroom=4 headlen=65543
[  932.595975][T29874] netlink: 28 bytes leftover after parsing attributes in process `syz.0.9580'.
[  932.900863][T29879] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  933.180538][T29892] FAULT_INJECTION: forcing a failure.
[  933.180538][T29892] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  933.201192][T29894] FAULT_INJECTION: forcing a failure.
[  933.201192][T29894] name failslab, interval 1, probability 0, space 0, times 0
[  933.219720][T29892] CPU: 0 UID: 0 PID: 29892 Comm: syz.6.9590 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  933.219775][T29892] Tainted: [L]=SOFTLOCKUP
[  933.219787][T29892] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  933.219807][T29892] Call Trace:
[  933.219818][T29892]  <TASK>
[  933.219831][T29892]  dump_stack_lvl+0x100/0x190
[  933.219875][T29892]  should_fail_ex.cold+0x5/0xa
[  933.219912][T29892]  ? prepare_alloc_pages+0x16d/0x5f0
[  933.219969][T29892]  should_fail_alloc_page+0xeb/0x140
[  933.220013][T29892]  prepare_alloc_pages+0x1f0/0x5f0
[  933.220059][T29892]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  933.220123][T29892]  __alloc_frozen_pages_noprof+0x19a/0x2bc0
[  933.220159][T29892]  ? unwind_get_return_address+0x59/0xa0
[  933.220204][T29892]  ? arch_stack_walk+0xa6/0xf0
[  933.220262][T29892]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  933.220300][T29892]  ? __pfx_stack_trace_save+0x10/0x10
[  933.220344][T29892]  ? __alloc_frozen_pages_noprof+0x2b1/0x2bc0
[  933.220392][T29892]  ? kmem_cache_alloc_noprof+0x241/0x6e0
[  933.220423][T29892]  ? __pmd_alloc+0xbf/0x950
[  933.220470][T29892]  ? __handle_mm_fault+0xa9c/0x2a00
[  933.220517][T29892]  ? handle_mm_fault+0x36d/0xa20
[  933.220565][T29892]  ? __get_user_pages+0x1178/0x32a0
[  933.220604][T29892]  ? populate_vma_page_range+0x267/0x3f0
[  933.220646][T29892]  ? __mm_populate+0x107/0x3a0
[  933.220687][T29892]  ? vm_mmap_pgoff+0x37f/0x470
[  933.220725][T29892]  ? ksys_mmap_pgoff+0xe4/0x610
[  933.220756][T29892]  ? __x64_sys_mmap+0x125/0x190
[  933.220784][T29892]  ? do_syscall_64+0x10b/0x830
[  933.220809][T29892]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  933.220838][T29892]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  933.220882][T29892]  ? policy_nodemask+0xed/0x4f0
[  933.220918][T29892]  alloc_pages_mpol+0x1fb/0x540
[  933.220961][T29892]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  933.221000][T29892]  ? __lock_acquire+0x4a5/0x2630
[  933.221030][T29892]  alloc_pages_noprof+0x1a/0x160
[  933.221070][T29892]  pte_alloc_one+0x1c/0x3d0
[  933.221111][T29892]  __pte_alloc+0x6d/0x3e0
[  933.221141][T29892]  ? __pfx___pte_alloc+0x10/0x10
[  933.221175][T29892]  ? do_raw_spin_lock+0x128/0x260
[  933.221207][T29892]  ? find_held_lock+0x2b/0x80
[  933.221246][T29892]  do_anonymous_page+0x13c6/0x2050
[  933.221293][T29892]  ? __pmd_alloc+0x3fb/0x950
[  933.221332][T29892]  __handle_mm_fault+0x1d2c/0x2a00
[  933.221380][T29892]  ? mt_find+0x45e/0x8e0
[  933.221409][T29892]  ? __pfx___handle_mm_fault+0x10/0x10
[  933.221451][T29892]  ? __pfx_mt_find+0x10/0x10
[  933.221507][T29892]  handle_mm_fault+0x36d/0xa20
[  933.221576][T29892]  __get_user_pages+0x1178/0x32a0
[  933.221626][T29892]  ? __pfx___get_user_pages+0x10/0x10
[  933.221672][T29892]  populate_vma_page_range+0x267/0x3f0
[  933.221713][T29892]  ? __pfx_populate_vma_page_range+0x10/0x10
[  933.221752][T29892]  ? __pfx_find_vma_intersection+0x10/0x10
[  933.221789][T29892]  ? do_mmap+0x93f/0x12f0
[  933.221828][T29892]  __mm_populate+0x107/0x3a0
[  933.221868][T29892]  ? __pfx___mm_populate+0x10/0x10
[  933.221909][T29892]  ? up_write+0x28c/0x4f0
[  933.221950][T29892]  vm_mmap_pgoff+0x37f/0x470
[  933.221992][T29892]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  933.222033][T29892]  ? do_futex+0x192/0x350
[  933.222065][T29892]  ? __pfx_do_futex+0x10/0x10
[  933.222105][T29892]  ? fd_install+0x223/0x580
[  933.222143][T29892]  ksys_mmap_pgoff+0xe4/0x610
[  933.222186][T29892]  ? __x64_sys_futex+0x358/0x4d0
[  933.222221][T29892]  ? __pfx_ksys_mmap_pgoff+0x10/0x10
[  933.222256][T29892]  ? xfd_validate_state+0x129/0x190
[  933.222293][T29892]  __x64_sys_mmap+0x125/0x190
[  933.222328][T29892]  do_syscall_64+0x10b/0x830
[  933.222354][T29892]  ? clear_bhb_loop+0x40/0x90
[  933.222389][T29892]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  933.222418][T29892] RIP: 0033:0x7fecd179ce59
[  933.222459][T29892] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  933.222488][T29892] RSP: 002b:00007fecd2632028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  933.222515][T29892] RAX: ffffffffffffffda RBX: 00007fecd1a15fa0 RCX: 00007fecd179ce59
[  933.222534][T29892] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000
[  933.222551][T29892] RBP: 00007fecd1832d6f R08: 0000000000000002 R09: 0000000000008000
[  933.222569][T29892] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000
[  933.222586][T29892] R13: 00007fecd1a16038 R14: 00007fecd1a15fa0 R15: 00007ffcc25aeb78
[  933.222623][T29892]  </TASK>
[  933.672556][T29894] CPU: 1 UID: 0 PID: 29894 Comm: syz.5.9588 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  933.672614][T29894] Tainted: [L]=SOFTLOCKUP
[  933.672626][T29894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  933.672647][T29894] Call Trace:
[  933.672658][T29894]  <TASK>
[  933.672671][T29894]  dump_stack_lvl+0x100/0x190
[  933.672714][T29894]  should_fail_ex.cold+0x5/0xa
[  933.672758][T29894]  should_failslab+0xc2/0x120
[  933.672798][T29894]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  933.672831][T29894]  ? sk_prot_alloc+0x60/0x2a0
[  933.672890][T29894]  sk_prot_alloc+0x60/0x2a0
[  933.672957][T29894]  sk_alloc+0x36/0xe80
[  933.672998][T29894]  inet_create+0x3a0/0x1060
[  933.673037][T29894]  ? inet_create+0x94/0x1060
[  933.673081][T29894]  __sock_create+0x339/0x860
[  933.673140][T29894]  mptcp_subflow_create_socket+0xec/0xa30
[  933.673188][T29894]  ? __pfx_mptcp_subflow_create_socket+0x10/0x10
[  933.673243][T29894]  __mptcp_nmpc_sk+0x17f/0x880
[  933.673290][T29894]  ? __pfx___mptcp_nmpc_sk+0x10/0x10
[  933.673341][T29894]  ? __local_bh_enable_ip+0x9e/0x120
[  933.673389][T29894]  mptcp_listen+0x135/0x4c0
[  933.673440][T29894]  ? __pfx_mptcp_listen+0x10/0x10
[  933.673493][T29894]  ? apparmor_socket_listen+0xf2/0x1a0
[  933.673550][T29894]  __sys_listen_socket+0x108/0x150
[  933.673585][T29894]  __sys_listen+0xa7/0x130
[  933.673620][T29894]  __x64_sys_listen+0x53/0x80
[  933.673658][T29894]  do_syscall_64+0x10b/0x830
[  933.673689][T29894]  ? clear_bhb_loop+0x40/0x90
[  933.673730][T29894]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  933.673764][T29894] RIP: 0033:0x7f6876b9ce59
[  933.673791][T29894] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  933.673824][T29894] RSP: 002b:00007f6877996028 EFLAGS: 00000246 ORIG_RAX: 0000000000000032
[  933.673856][T29894] RAX: ffffffffffffffda RBX: 00007f6876e15fa0 RCX: 00007f6876b9ce59
[  933.673877][T29894] RDX: 0000000000000000 RSI: 000000000000f52b RDI: 0000000000000003
[  933.673896][T29894] RBP: 00007f6876c32d6f R08: 0000000000000000 R09: 0000000000000000
[  933.673916][T29894] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  933.673936][T29894] R13: 00007f6876e16038 R14: 00007f6876e15fa0 R15: 00007fffafdc93d8
[  933.673985][T29894]  </TASK>
[  934.787386][T29908] netlink: 'syz.5.9594': attribute type 33 has an invalid length.
[  934.810864][T29908] netlink: 322 bytes leftover after parsing attributes in process `syz.5.9594'.
[  936.070424][T29934] netlink: 206 bytes leftover after parsing attributes in process `syz.0.9603'.
[  936.222382][T29937] netlink: 'syz.6.9604': attribute type 29 has an invalid length.
[  936.246745][T29937] netlink: 334 bytes leftover after parsing attributes in process `syz.6.9604'.
[  936.978579][T29947] netlink: 146 bytes leftover after parsing attributes in process `syz.5.9608'.
[  937.601336][T29968] netlink: 28 bytes leftover after parsing attributes in process `syz.5.9614'.
[  940.226941][T30051] netlink: 346 bytes leftover after parsing attributes in process `syz.1.9644'.
[  940.423887][T30059] netlink: 334 bytes leftover after parsing attributes in process `syz.1.9647'.
[  940.774304][T30070] netlink: 252 bytes leftover after parsing attributes in process `syz.5.9651'.
[  942.985548][T30121] netlink: 206 bytes leftover after parsing attributes in process `syz.6.9667'.
[  943.070084][T30124] FAULT_INJECTION: forcing a failure.
[  943.070084][T30124] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  943.099981][T30124] CPU: 1 UID: 0 PID: 30124 Comm: syz.1.9669 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  943.100049][T30124] Tainted: [L]=SOFTLOCKUP
[  943.100060][T30124] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  943.100079][T30124] Call Trace:
[  943.100090][T30124]  <TASK>
[  943.100101][T30124]  dump_stack_lvl+0x100/0x190
[  943.100142][T30124]  should_fail_ex.cold+0x5/0xa
[  943.100192][T30124]  _copy_from_user+0x2e/0xd0
[  943.100230][T30124]  copy_mount_options+0x76/0x190
[  943.100286][T30124]  __x64_sys_mount+0x1ab/0x310
[  943.100335][T30124]  ? __pfx___x64_sys_mount+0x10/0x10
[  943.100387][T30124]  ? rcu_is_watching+0x12/0xc0
[  943.100434][T30124]  do_syscall_64+0x10b/0x830
[  943.100463][T30124]  ? clear_bhb_loop+0x40/0x90
[  943.100505][T30124]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  943.100539][T30124] RIP: 0033:0x7f37dcb9ce59
[  943.100565][T30124] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  943.100597][T30124] RSP: 002b:00007f37ddb1f028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  943.100628][T30124] RAX: ffffffffffffffda RBX: 00007f37dce16090 RCX: 00007f37dcb9ce59
[  943.100650][T30124] RDX: 0000200000000140 RSI: 0000000000000000 RDI: 0000200000000080
[  943.100670][T30124] RBP: 00007f37dcc32d6f R08: 00002000000002c0 R09: 0000000000000000
[  943.100690][T30124] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000000
[  943.100709][T30124] R13: 00007f37dce16128 R14: 00007f37dce16090 R15: 00007fffcea35318
[  943.100751][T30124]  </TASK>
[  946.415476][T30163] kexec: Could not allocate control_code_buffer
[  949.147002][T30246] hub 1-0:1.0: USB hub found
[  949.172714][T30246] hub 1-0:1.0: 1 port detected
[  949.250265][T30246] hub 1-0:1.0: USB hub found
[  949.261818][T30246] hub 1-0:1.0: 1 port detected
[  950.788209][T30286] netlink: 146 bytes leftover after parsing attributes in process `syz.6.9729'.
[  953.266524][T30331] FAULT_INJECTION: forcing a failure.
[  953.266524][T30331] name failslab, interval 1, probability 0, space 0, times 0
[  953.294079][T30331] CPU: 1 UID: 0 PID: 30331 Comm: syz.6.9746 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  953.294140][T30331] Tainted: [L]=SOFTLOCKUP
[  953.294153][T30331] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  953.294176][T30331] Call Trace:
[  953.294189][T30331]  <TASK>
[  953.294203][T30331]  dump_stack_lvl+0x100/0x190
[  953.294253][T30331]  should_fail_ex.cold+0x5/0xa
[  953.294302][T30331]  should_failslab+0xc2/0x120
[  953.294361][T30331]  __kmalloc_cache_noprof+0x7a/0x6f0
[  953.294418][T30331]  ? kvm_create_lapic+0xa9/0x440
[  953.294487][T30331]  kvm_create_lapic+0xa9/0x440
[  953.294547][T30331]  kvm_arch_vcpu_create+0x286/0xac0
[  953.294608][T30331]  kvm_vm_ioctl+0x756/0x4050
[  953.294678][T30331]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  953.294761][T30331]  ? kasan_quarantine_put+0x104/0x240
[  953.294799][T30331]  ? lockdep_hardirqs_on+0x78/0x100
[  953.294838][T30331]  ? find_held_lock+0x2b/0x80
[  953.294888][T30331]  ? tomoyo_path_number_perm+0x28f/0x580
[  953.294932][T30331]  ? tomoyo_path_number_perm+0x28f/0x580
[  953.294983][T30331]  ? tomoyo_path_number_perm+0x188/0x580
[  953.295030][T30331]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  953.295073][T30331]  ? futex_wait+0x11e/0x370
[  953.295138][T30331]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  953.295198][T30331]  ? do_vfs_ioctl+0x226/0x13e0
[  953.295239][T30331]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  953.295293][T30331]  ? find_held_lock+0x2b/0x80
[  953.295353][T30331]  ? __fget_files+0x215/0x3d0
[  953.295397][T30331]  ? hook_file_ioctl_common+0x149/0x410
[  953.295453][T30331]  ? __fget_files+0x21f/0x3d0
[  953.295506][T30331]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  953.295560][T30331]  __x64_sys_ioctl+0x18e/0x210
[  953.295604][T30331]  do_syscall_64+0x10b/0x830
[  953.295639][T30331]  ? clear_bhb_loop+0x40/0x90
[  953.295685][T30331]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  953.295725][T30331] RIP: 0033:0x7fecd179ce59
[  953.295756][T30331] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  953.295793][T30331] RSP: 002b:00007fecd2632028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  953.295828][T30331] RAX: ffffffffffffffda RBX: 00007fecd1a15fa0 RCX: 00007fecd179ce59
[  953.295853][T30331] RDX: 0000000000000004 RSI: 000000000000ae41 RDI: 0000000000000003
[  953.295883][T30331] RBP: 00007fecd1832d6f R08: 0000000000000000 R09: 0000000000000000
[  953.295906][T30331] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  953.295928][T30331] R13: 00007fecd1a16038 R14: 00007fecd1a15fa0 R15: 00007ffcc25aeb78
[  953.295977][T30331]  </TASK>
[  954.023421][T30342] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  954.092760][T30338] netlink: 'syz.5.9749': attribute type 8 has an invalid length.
[  954.994605][T30369] netlink: 28 bytes leftover after parsing attributes in process `syz.5.9759'.
[  956.932241][T30421] netlink: 334 bytes leftover after parsing attributes in process `syz.5.9776'.
[  956.946718][T30420] FAULT_INJECTION: forcing a failure.
[  956.946718][T30420] name failslab, interval 1, probability 0, space 0, times 0
[  956.960438][T30420] CPU: 0 UID: 0 PID: 30420 Comm: syz.0.9774 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  956.960488][T30420] Tainted: [L]=SOFTLOCKUP
[  956.960518][T30420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  956.960555][T30420] Call Trace:
[  956.960565][T30420]  <TASK>
[  956.960583][T30420]  dump_stack_lvl+0x100/0x190
[  956.960622][T30420]  should_fail_ex.cold+0x5/0xa
[  956.960665][T30420]  should_failslab+0xc2/0x120
[  956.960703][T30420]  __kmalloc_cache_noprof+0x7a/0x6f0
[  956.960752][T30420]  ? kvm_create_lapic+0xa9/0x440
[  956.960810][T30420]  kvm_create_lapic+0xa9/0x440
[  956.960861][T30420]  kvm_arch_vcpu_create+0x286/0xac0
[  956.960913][T30420]  kvm_vm_ioctl+0x756/0x4050
[  956.960973][T30420]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  956.961045][T30420]  ? kasan_quarantine_put+0x104/0x240
[  956.961078][T30420]  ? lockdep_hardirqs_on+0x78/0x100
[  956.961112][T30420]  ? find_held_lock+0x2b/0x80
[  956.961156][T30420]  ? tomoyo_path_number_perm+0x28f/0x580
[  956.961194][T30420]  ? tomoyo_path_number_perm+0x28f/0x580
[  956.961240][T30420]  ? tomoyo_path_number_perm+0x188/0x580
[  956.961280][T30420]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  956.961316][T30420]  ? futex_wait+0x11e/0x370
[  956.961373][T30420]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  956.961427][T30420]  ? do_vfs_ioctl+0x226/0x13e0
[  956.961462][T30420]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  956.961509][T30420]  ? find_held_lock+0x2b/0x80
[  956.961551][T30420]  ? __fget_files+0x215/0x3d0
[  956.961593][T30420]  ? hook_file_ioctl_common+0x149/0x410
[  956.961639][T30420]  ? __fget_files+0x21f/0x3d0
[  956.961684][T30420]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  956.961729][T30420]  __x64_sys_ioctl+0x18e/0x210
[  956.961777][T30420]  do_syscall_64+0x10b/0x830
[  956.961804][T30420]  ? clear_bhb_loop+0x40/0x90
[  956.961840][T30420]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  956.961870][T30420] RIP: 0033:0x7f621279ce59
[  956.961894][T30420] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  956.961923][T30420] RSP: 002b:00007f62109ee028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  956.961952][T30420] RAX: ffffffffffffffda RBX: 00007f6212a15fa0 RCX: 00007f621279ce59
[  956.961970][T30420] RDX: 0000000000000004 RSI: 000000000000ae41 RDI: 0000000000000003
[  956.961986][T30420] RBP: 00007f6212832d6f R08: 0000000000000000 R09: 0000000000000000
[  956.962001][T30420] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  956.962016][T30420] R13: 00007f6212a16038 R14: 00007f6212a15fa0 R15: 00007ffd0a322868
[  956.962051][T30420]  </TASK>
[  958.088665][T30445] netlink: 16 bytes leftover after parsing attributes in process `syz.5.9784'.
[  958.122959][T30439] netlink: 'syz.0.9782': attribute type 8 has an invalid length.
[  959.953685][ T4947] Bluetooth: hci5: unexpected subevent 0x01 length: 123 > 18
[  959.969679][ T4947] Bluetooth: hci5: unexpected event 0x08 length: 6 > 4
[  960.133968][T30498] FAULT_INJECTION: forcing a failure.
[  960.133968][T30498] name failslab, interval 1, probability 0, space 0, times 0
[  960.157085][T30498] CPU: 0 UID: 0 PID: 30498 Comm: syz.1.9803 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  960.157144][T30498] Tainted: [L]=SOFTLOCKUP
[  960.157157][T30498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  960.157178][T30498] Call Trace:
[  960.157190][T30498]  <TASK>
[  960.157202][T30498]  dump_stack_lvl+0x100/0x190
[  960.157246][T30498]  should_fail_ex.cold+0x5/0xa
[  960.157289][T30498]  should_failslab+0xc2/0x120
[  960.157331][T30498]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[  960.157364][T30498]  ? xas_split_alloc+0x11c/0x4a0
[  960.157408][T30498]  xas_split_alloc+0x11c/0x4a0
[  960.157453][T30498]  __folio_split+0x5e5/0x1690
[  960.157517][T30498]  ? __pfx___folio_split+0x10/0x10
[  960.157581][T30498]  ? __pfx___might_resched+0x10/0x10
[  960.157630][T30498]  madvise_cold_or_pageout_pte_range+0xf8c/0x2620
[  960.157698][T30498]  ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10
[  960.157751][T30498]  ? __lock_acquire+0x4a5/0x2630
[  960.157783][T30498]  ? __css_rstat_updated+0x1ce/0x5a0
[  960.157840][T30498]  ? __pfx___css_rstat_updated+0x10/0x10
[  960.157905][T30498]  ? register_lock_class+0x40/0x560
[  960.157942][T30498]  ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10
[  960.157996][T30498]  walk_pgd_range+0xc1a/0x1dd0
[  960.158042][T30498]  ? rcu_read_unlock+0x17/0x60
[  960.158102][T30498]  ? __pfx_walk_pgd_range+0x10/0x10
[  960.158141][T30498]  ? folios_put_refs+0x716/0xa90
[  960.158181][T30498]  __walk_page_range+0x163/0x820
[  960.158219][T30498]  ? find_held_lock+0x2b/0x80
[  960.158279][T30498]  walk_page_range_vma_unsafe+0x209/0x8f0
[  960.158323][T30498]  ? __pfx_walk_page_range_vma_unsafe+0x10/0x10
[  960.158372][T30498]  ? find_held_lock+0x2b/0x80
[  960.158416][T30498]  ? mlock_drain_local+0x254/0x4e0
[  960.158448][T30498]  ? mlock_drain_local+0x254/0x4e0
[  960.158487][T30498]  walk_page_range_vma+0x63/0x90
[  960.158528][T30498]  madvise_pageout+0x259/0x540
[  960.158573][T30498]  ? __pfx_madvise_pageout+0x10/0x10
[  960.158617][T30498]  ? rcu_is_watching+0x12/0xc0
[  960.158676][T30498]  ? mtree_range_walk+0x72b/0xb70
[  960.158734][T30498]  madvise_vma_behavior+0x4f7/0x2200
[  960.158792][T30498]  ? __pfx_madvise_vma_behavior+0x10/0x10
[  960.158860][T30498]  ? find_vma_prev+0xd8/0x150
[  960.158901][T30498]  ? futex_unqueue+0x133/0x2c0
[  960.158936][T30498]  ? __pfx_find_vma_prev+0x10/0x10
[  960.158992][T30498]  ? __futex_wait+0x256/0x300
[  960.159046][T30498]  madvise_walk_vmas+0x2fe/0xa90
[  960.159100][T30498]  ? __pfx_madvise_walk_vmas+0x10/0x10
[  960.159159][T30498]  madvise_do_behavior+0x1ea/0x510
[  960.159211][T30498]  ? __pfx_madvise_do_behavior+0x10/0x10
[  960.159259][T30498]  ? down_read+0x13b/0x450
[  960.159317][T30498]  do_madvise+0x195/0x240
[  960.159364][T30498]  ? __pfx_do_madvise+0x10/0x10
[  960.159410][T30498]  ? do_futex+0x192/0x350
[  960.159455][T30498]  ? __sys_sendmsg+0x18f/0x220
[  960.159517][T30498]  ? arch_syscall_is_vdso_sigreturn+0xb6/0x200
[  960.159577][T30498]  __x64_sys_madvise+0xa9/0x110
[  960.159624][T30498]  ? lockdep_hardirqs_on+0x78/0x100
[  960.159656][T30498]  do_syscall_64+0x10b/0x830
[  960.159686][T30498]  ? clear_bhb_loop+0x40/0x90
[  960.159728][T30498]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  960.159763][T30498] RIP: 0033:0x7f37dcb9ce59
[  960.159793][T30498] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  960.159826][T30498] RSP: 002b:00007f37ddb40028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[  960.159866][T30498] RAX: ffffffffffffffda RBX: 00007f37dce15fa0 RCX: 00007f37dcb9ce59
[  960.159889][T30498] RDX: 0000000000000015 RSI: 0000000000000081 RDI: 0000000000000000
[  960.159911][T30498] RBP: 00007f37dcc32d6f R08: 0000000000000000 R09: 0000000000000000
[  960.159931][T30498] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  960.159952][T30498] R13: 00007f37dce16038 R14: 00007f37dce15fa0 R15: 00007fffcea35318
[  960.159997][T30498]  </TASK>
[  960.967555][T30511] FAULT_INJECTION: forcing a failure.
[  960.967555][T30511] name failslab, interval 1, probability 0, space 0, times 0
[  961.004576][T30511] CPU: 1 UID: 0 PID: 30511 Comm: syz.1.9807 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  961.004630][T30511] Tainted: [L]=SOFTLOCKUP
[  961.004643][T30511] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  961.004664][T30511] Call Trace:
[  961.004679][T30511]  <TASK>
[  961.004690][T30511]  dump_stack_lvl+0x100/0x190
[  961.004731][T30511]  should_fail_ex.cold+0x5/0xa
[  961.004775][T30511]  should_failslab+0xc2/0x120
[  961.004817][T30511]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  961.004850][T30511]  ? posix_lock_inode+0x5b2/0x2420
[  961.004894][T30511]  ? lockdep_init_map_type+0x5c/0x250
[  961.004936][T30511]  posix_lock_inode+0x5b2/0x2420
[  961.004998][T30511]  ? __pfx_posix_lock_inode+0x10/0x10
[  961.005055][T30511]  vfs_lock_file+0xfb/0x150
[  961.005104][T30511]  fcntl_setlk+0x768/0xe20
[  961.005155][T30511]  ? __pfx_fcntl_setlk+0x10/0x10
[  961.005208][T30511]  ? __might_fault+0xc5/0x140
[  961.005269][T30511]  ? __might_fault+0xc5/0x140
[  961.005337][T30511]  do_fcntl+0xf39/0x1670
[  961.005392][T30511]  ? __pfx_do_fcntl+0x10/0x10
[  961.005439][T30511]  ? __fget_files+0x215/0x3d0
[  961.005493][T30511]  ? tomoyo_file_fcntl+0x6c/0xc0
[  961.005551][T30511]  __x64_sys_fcntl+0x163/0x200
[  961.005607][T30511]  do_syscall_64+0x10b/0x830
[  961.005639][T30511]  ? clear_bhb_loop+0x40/0x90
[  961.005679][T30511]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  961.005714][T30511] RIP: 0033:0x7f37dcb9ce59
[  961.005741][T30511] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  961.005775][T30511] RSP: 002b:00007f37ddb1f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000048
[  961.005808][T30511] RAX: ffffffffffffffda RBX: 00007f37dce16090 RCX: 00007f37dcb9ce59
[  961.005830][T30511] RDX: 0000000000000009 RSI: 0000000000000006 RDI: 0000000000000003
[  961.005850][T30511] RBP: 00007f37dcc32d6f R08: 0000000000000000 R09: 0000000000000000
[  961.005870][T30511] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  961.005889][T30511] R13: 00007f37dce16128 R14: 00007f37dce16090 R15: 00007fffcea35318
[  961.005932][T30511]  </TASK>
[  962.034868][T28314] Bluetooth: hci5: command 0x2016 tx timeout
[  962.359028][T28314] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18
[  962.368251][T28314] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:0'
[  962.375583][T30530] netlink: 4 bytes leftover after parsing attributes in process `syz.6.9815'.
[  962.386875][T28314] CPU: 0 UID: 0 PID: 28314 Comm: kworker/u9:3 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  962.386933][T28314] Tainted: [L]=SOFTLOCKUP
[  962.386943][T28314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  962.386976][T28314] Workqueue: hci0 hci_rx_work
[  962.387025][T28314] Call Trace:
[  962.387034][T28314]  <TASK>
[  962.387046][T28314]  dump_stack_lvl+0x100/0x190
[  962.387082][T28314]  sysfs_warn_dup.cold+0x1c/0x28
[  962.387136][T28314]  sysfs_create_dir_ns+0x24b/0x2b0
[  962.387237][T28314]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  962.387335][T28314]  ? find_held_lock+0x2b/0x80
[  962.387439][T28314]  ? kobject_add_internal+0x25f/0x930
[  962.387532][T28314]  ? kobject_add_internal+0x25f/0x930
[  962.387628][T28314]  ? do_raw_spin_unlock+0x145/0x1e0
[  962.387726][T28314]  kobject_add_internal+0x2c8/0x930
[  962.387842][T28314]  kobject_add+0x16a/0x1e0
[  962.387935][T28314]  ? __pfx_kobject_add+0x10/0x10
[  962.388025][T28314]  ? class_to_subsys+0x10f/0x150
[  962.388198][T28314]  ? kobject_put+0xb9/0x640
[  962.388283][T28314]  ? _raw_spin_unlock+0x28/0x50
[  962.388444][T28314]  device_add+0x294/0x1950
[  962.388568][T28314]  ? __pfx_dev_set_name+0x10/0x10
[  962.388668][T28314]  ? __pfx_device_add+0x10/0x10
[  962.388814][T28314]  ? mgmt_send_event_skb+0x2fb/0x460
[  962.388975][T28314]  hci_conn_add_sysfs+0x1a3/0x260
[  962.389078][T28314]  le_conn_complete_evt+0x11eb/0x1f60
[  962.389246][T28314]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  962.389375][T28314]  ? __pfx_bt_warn+0x10/0x10
[  962.389539][T28314]  hci_le_conn_complete_evt+0x23c/0x3a0
[  962.389676][T28314]  ? skb_pull_data+0x15f/0x1e0
[  962.389827][T28314]  hci_le_meta_evt+0x34a/0x5f0
[  962.389910][T28314]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  962.390086][T28314]  hci_event_packet+0x51c/0xcd0
[  962.390245][T28314]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  962.390393][T28314]  ? __pfx_hci_event_packet+0x10/0x10
[  962.390542][T28314]  ? kcov_remote_start+0x374/0x660
[  962.390677][T28314]  ? lockdep_hardirqs_on+0x78/0x100
[  962.390783][T28314]  hci_rx_work+0x451/0xfc0
[  962.390948][T28314]  process_one_work+0xa0e/0x1980
[  962.391064][T28314]  ? __pfx_process_one_work+0x10/0x10
[  962.391197][T28314]  ? __pfx_hci_rx_work+0x10/0x10
[  962.391334][T28314]  worker_thread+0x5ef/0xe50
[  962.391485][T28314]  ? __pfx_worker_thread+0x10/0x10
[  962.391590][T28314]  ? kthread+0x13a/0x450
[  962.391658][T28314]  ? __pfx_worker_thread+0x10/0x10
[  962.391741][T28314]  kthread+0x370/0x450
[  962.391815][T28314]  ? __pfx_kthread+0x10/0x10
[  962.391905][T28314]  ret_from_fork+0x72b/0xd50
[  962.392004][T28314]  ? __pfx_ret_from_fork+0x10/0x10
[  962.392108][T28314]  ? __switch_to+0x800/0x1100
[  962.392232][T28314]  ? __switch_to_asm+0x39/0x70
[  962.392341][T28314]  ? __pfx_kthread+0x10/0x10
[  962.392433][T28314]  ret_from_fork_asm+0x1a/0x30
[  962.392602][T28314]  </TASK>
[  962.392784][T28314] kobject: kobject_add_internal failed for hci0:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  962.688979][T28314] Bluetooth: hci0: failed to register connection device
[  962.699429][T28314] Bluetooth: hci0: unexpected event 0x08 length: 6 > 4
[  962.970898][T30538] vhci_hcd: not connected 4
[  963.681207][T30557] netlink: 12 bytes leftover after parsing attributes in process `syz.1.9820'.
[  964.125372][T28314] Bluetooth: hci5: command 0x2016 tx timeout
[  964.755720][ T4947] Bluetooth: hci0: command 0x0406 tx timeout
[  965.183896][T30600] futex_wake_op: syz.6.9837 tries to shift op by -2048; fix this program
[  965.210131][T30600] futex_wake_op: syz.6.9837 tries to shift op by -2048; fix this program
[  966.374105][T30619] netlink: 'syz.1.9845': attribute type 1 has an invalid length.
[  966.390793][T30619] netlink: 314 bytes leftover after parsing attributes in process `syz.1.9845'.
[  966.835183][ T4947] Bluetooth: hci0: command 0x0406 tx timeout
[  967.061512][T30636] FAULT_INJECTION: forcing a failure.
[  967.061512][T30636] name failslab, interval 1, probability 0, space 0, times 0
[  967.097250][T30636] CPU: 1 UID: 0 PID: 30636 Comm: syz.5.9852 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  967.097303][T30636] Tainted: [L]=SOFTLOCKUP
[  967.097315][T30636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  967.097335][T30636] Call Trace:
[  967.097345][T30636]  <TASK>
[  967.097357][T30636]  dump_stack_lvl+0x100/0x190
[  967.097400][T30636]  should_fail_ex.cold+0x5/0xa
[  967.097445][T30636]  should_failslab+0xc2/0x120
[  967.097488][T30636]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  967.097522][T30636]  ? do_epoll_ctl+0xc6c/0x36a0
[  967.097568][T30636]  ? percpu_counter_add_batch+0xb9/0x230
[  967.097615][T30636]  do_epoll_ctl+0xc6c/0x36a0
[  967.097664][T30636]  ? irqentry_exit+0x24d/0x7e0
[  967.097710][T30636]  ? __pfx_do_epoll_ctl+0x10/0x10
[  967.097770][T30636]  ? rep_movs_alternative+0x30/0x90
[  967.097842][T30636]  ? __x64_sys_epoll_ctl+0x15c/0x1e0
[  967.097892][T30636]  __x64_sys_epoll_ctl+0x15c/0x1e0
[  967.097945][T30636]  ? __pfx___x64_sys_epoll_ctl+0x10/0x10
[  967.098002][T30636]  ? rcu_is_watching+0x12/0xc0
[  967.098051][T30636]  do_syscall_64+0x10b/0x830
[  967.098081][T30636]  ? clear_bhb_loop+0x40/0x90
[  967.098124][T30636]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  967.098158][T30636] RIP: 0033:0x7f6876b9ce59
[  967.098186][T30636] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  967.098218][T30636] RSP: 002b:00007f6877996028 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[  967.098251][T30636] RAX: ffffffffffffffda RBX: 00007f6876e15fa0 RCX: 00007f6876b9ce59
[  967.098273][T30636] RDX: 0000000000000003 RSI: 0000000000000001 RDI: 0000000000000004
[  967.098293][T30636] RBP: 00007f6876c32d6f R08: 0000000000000000 R09: 0000000000000000
[  967.098313][T30636] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  967.098333][T30636] R13: 00007f6876e16038 R14: 00007f6876e15fa0 R15: 00007fffafdc93d8
[  967.098380][T30636]  </TASK>
[  968.102975][T30668] netlink: 314 bytes leftover after parsing attributes in process `syz.5.9864'.
[  968.207362][T30670] netlink: 146 bytes leftover after parsing attributes in process `syz.5.9865'.
[  970.056024][T30719] FAULT_INJECTION: forcing a failure.
[  970.056024][T30719] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  970.080440][T30719] CPU: 0 UID: 0 PID: 30719 Comm: syz.6.9883 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  970.080483][T30719] Tainted: [L]=SOFTLOCKUP
[  970.080491][T30719] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  970.080506][T30719] Call Trace:
[  970.080514][T30719]  <TASK>
[  970.080523][T30719]  dump_stack_lvl+0x100/0x190
[  970.080554][T30719]  should_fail_ex.cold+0x5/0xa
[  970.080586][T30719]  _copy_to_iter+0x1f3/0x1720
[  970.080616][T30719]  ? __pfx___skb_try_recv_datagram+0x10/0x10
[  970.080644][T30719]  ? __pfx__copy_to_iter+0x10/0x10
[  970.080675][T30719]  ? __skb_recv_datagram+0x1b2/0x220
[  970.080706][T30719]  simple_copy_to_iter+0x46/0x90
[  970.080730][T30719]  __skb_datagram_iter+0x129/0x900
[  970.080753][T30719]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  970.080786][T30719]  skb_copy_datagram_iter+0xa5/0x270
[  970.080810][T30719]  ? aa_sk_perm+0x309/0xaa0
[  970.080840][T30719]  netlink_recvmsg+0x27e/0xa90
[  970.080880][T30719]  ? __pfx_netlink_recvmsg+0x10/0x10
[  970.080915][T30719]  ? __fget_files+0x215/0x3d0
[  970.080944][T30719]  ? __fget_files+0x215/0x3d0
[  970.080976][T30719]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  970.081017][T30719]  ? __pfx_netlink_recvmsg+0x10/0x10
[  970.081055][T30719]  sock_recvmsg+0x1a4/0x1f0
[  970.081094][T30719]  __sys_recvfrom+0x200/0x300
[  970.081124][T30719]  ? __pfx___sys_recvfrom+0x10/0x10
[  970.081161][T30719]  ? count_memcg_events_mm.constprop.0+0xfa/0x2a0
[  970.081191][T30719]  ? count_memcg_events_mm.constprop.0+0xfa/0x2a0
[  970.081238][T30719]  __x64_sys_recvfrom+0xe0/0x1c0
[  970.081266][T30719]  ? do_syscall_64+0x90/0x830
[  970.081289][T30719]  ? lockdep_hardirqs_on+0x78/0x100
[  970.081311][T30719]  do_syscall_64+0x10b/0x830
[  970.081332][T30719]  ? clear_bhb_loop+0x40/0x90
[  970.081362][T30719]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  970.081386][T30719] RIP: 0033:0x7fecd175d68e
[  970.081406][T30719] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  970.081441][T30719] RSP: 002b:00007fecd2630ee8 EFLAGS: 00000246 ORIG_RAX: 000000000000002d
[  970.081465][T30719] RAX: ffffffffffffffda RBX: 00007fecd26326c0 RCX: 00007fecd175d68e
[  970.081481][T30719] RDX: 0000000000001000 RSI: 00007fecd2631000 RDI: 0000000000000000
[  970.081495][T30719] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  970.081509][T30719] R10: 0000000000000000 R11: 0000000000000246 R12: 00002000000020c0
[  970.081523][T30719] R13: 00007fecd2630fb0 R14: 0000000000000013 R15: 0000000000000000
[  970.081552][T30719]  </TASK>
[  970.303646][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805c143400: rx timeout, send abort
[  970.349392][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88805c143400: 0x0ffff: (3) A timeout occurred and this is the connection abort to close the session.
[  971.591670][T30750] FAULT_INJECTION: forcing a failure.
[  971.591670][T30750] name failslab, interval 1, probability 0, space 0, times 0
[  971.616867][T30750] CPU: 0 UID: 0 PID: 30750 Comm: syz.1.9894 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  971.616917][T30750] Tainted: [L]=SOFTLOCKUP
[  971.616928][T30750] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  971.616948][T30750] Call Trace:
[  971.616960][T30750]  <TASK>
[  971.616973][T30750]  dump_stack_lvl+0x100/0x190
[  971.617016][T30750]  should_fail_ex.cold+0x5/0xa
[  971.617060][T30750]  should_failslab+0xc2/0x120
[  971.617102][T30750]  __kmalloc_cache_noprof+0x7a/0x6f0
[  971.617154][T30750]  ? vkms_plane_duplicate_state+0x45/0x130
[  971.617206][T30750]  vkms_plane_duplicate_state+0x45/0x130
[  971.617250][T30750]  drm_atomic_get_plane_state+0x279/0x760
[  971.617307][T30750]  drm_client_modeset_commit_atomic+0x237/0x7e0
[  971.617351][T30750]  ? rcu_is_watching+0x12/0xc0
[  971.617400][T30750]  ? __mutex_lock+0x26d/0x1b10
[  971.617438][T30750]  ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10
[  971.617479][T30750]  ? drm_master_internal_acquire+0x21/0x80
[  971.617556][T30750]  drm_client_modeset_commit_locked+0x14d/0x580
[  971.617601][T30750]  drm_client_modeset_commit+0x4f/0x80
[  971.617642][T30750]  __drm_fb_helper_restore_fbdev_mode_unlocked.part.0+0x137/0x160
[  971.617708][T30750]  drm_fb_helper_restore_fbdev_mode_unlocked+0x93/0xc0
[  971.617772][T30750]  drm_fbdev_client_restore+0x1b/0x30
[  971.617827][T30750]  ? __pfx_drm_fbdev_client_restore+0x10/0x10
[  971.617875][T30750]  drm_client_dev_restore+0x205/0x2a0
[  971.617922][T30750]  drm_release+0x2c6/0x360
[  971.617957][T30750]  ? __pfx_drm_release+0x10/0x10
[  971.617990][T30750]  __fput+0x3ff/0xb50
[  971.618050][T30750]  task_work_run+0x150/0x240
[  971.618087][T30750]  ? __pfx_task_work_run+0x10/0x10
[  971.618127][T30750]  ? rcu_is_watching+0x12/0xc0
[  971.618176][T30750]  exit_to_user_mode_loop+0x107/0x4f0
[  971.618211][T30750]  ? rcu_is_watching+0x12/0xc0
[  971.618256][T30750]  do_syscall_64+0x6f2/0x830
[  971.618287][T30750]  ? clear_bhb_loop+0x40/0x90
[  971.618329][T30750]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  971.618364][T30750] RIP: 0033:0x7f37dcb9ce59
[  971.618391][T30750] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  971.618425][T30750] RSP: 002b:00007f37ddb40028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  971.618457][T30750] RAX: 0000000000000000 RBX: 00007f37dce15fa0 RCX: 00007f37dcb9ce59
[  971.618478][T30750] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[  971.618497][T30750] RBP: 00007f37dcc32d6f R08: 0000000000000000 R09: 0000000000000000
[  971.618519][T30750] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  971.618539][T30750] R13: 00007f37dce16038 R14: 00007f37dce15fa0 R15: 00007fffcea35318
[  971.618586][T30750]  </TASK>
[  972.086749][T30759] netlink: 504 bytes leftover after parsing attributes in process `syz.5.9896'.
[  973.066050][T30783] netlink: 146 bytes leftover after parsing attributes in process `syz.1.9905'.
[  974.078865][    C1] vcan0: j1939_tp_rxtimer: 0xffff888063237800: rx timeout, send abort
[  974.087627][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888063237800: 0x40000: (3) A timeout occurred and this is the connection abort to close the session.
[  974.581082][T30815] netlink: 146 bytes leftover after parsing attributes in process `syz.1.9916'.
[  976.367973][T30853] netlink: 'syz.5.9930': attribute type 4 has an invalid length.
[  976.385067][T30853] netlink: 314 bytes leftover after parsing attributes in process `syz.5.9930'.
[  976.669366][T30860] FAULT_INJECTION: forcing a failure.
[  976.669366][T30860] name failslab, interval 1, probability 0, space 0, times 0
[  976.700301][T30860] CPU: 1 UID: 0 PID: 30860 Comm: syz.5.9932 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  976.700357][T30860] Tainted: [L]=SOFTLOCKUP
[  976.700370][T30860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  976.700391][T30860] Call Trace:
[  976.700404][T30860]  <TASK>
[  976.700417][T30860]  dump_stack_lvl+0x100/0x190
[  976.700470][T30860]  should_fail_ex.cold+0x5/0xa
[  976.700515][T30860]  ? constrain_params_by_rules+0x175/0xcc0
[  976.700556][T30860]  should_failslab+0xc2/0x120
[  976.700598][T30860]  __kmalloc_noprof+0xe0/0x850
[  976.700633][T30860]  ? unwind_get_return_address+0x59/0xa0
[  976.700691][T30860]  constrain_params_by_rules+0x175/0xcc0
[  976.700741][T30860]  ? stack_trace_save+0x8e/0xc0
[  976.700796][T30860]  ? __pfx_constrain_params_by_rules+0x10/0x10
[  976.700847][T30860]  ? __kasan_kmalloc+0xaa/0xb0
[  976.700880][T30860]  ? snd_pcm_oss_change_params_locked+0x247/0x39f0
[  976.700939][T30860]  ? snd_pcm_oss_make_ready+0xeb/0x1b0
[  976.700971][T30860]  ? snd_pcm_oss_sync+0x1de/0x840
[  976.701015][T30860]  ? rcu_is_watching+0x12/0xc0
[  976.701065][T30860]  ? snd_interval_refine+0x2d0/0x580
[  976.701119][T30860]  snd_pcm_hw_refine+0x7e7/0xad0
[  976.701171][T30860]  ? __pfx_snd_pcm_hw_refine+0x10/0x10
[  976.701226][T30860]  ? __asan_memset+0x23/0x50
[  976.701280][T30860]  ? _snd_pcm_hw_param_min+0x1ea/0x670
[  976.701343][T30860]  snd_pcm_oss_change_params_locked+0x2594/0x39f0
[  976.701404][T30860]  ? trace_contention_end+0x120/0x170
[  976.701455][T30860]  ? snd_pcm_oss_make_ready+0xcb/0x1b0
[  976.701498][T30860]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  976.701558][T30860]  ? __pfx___mutex_lock+0x10/0x10
[  976.701626][T30860]  snd_pcm_oss_make_ready+0xeb/0x1b0
[  976.701675][T30860]  snd_pcm_oss_sync+0x1de/0x840
[  976.701716][T30860]  snd_pcm_oss_release+0x238/0x300
[  976.701752][T30860]  ? __pfx_snd_pcm_oss_release+0x10/0x10
[  976.701787][T30860]  __fput+0x3ff/0xb50
[  976.701846][T30860]  task_work_run+0x150/0x240
[  976.701884][T30860]  ? __pfx_task_work_run+0x10/0x10
[  976.701924][T30860]  ? rcu_is_watching+0x12/0xc0
[  976.701971][T30860]  exit_to_user_mode_loop+0x107/0x4f0
[  976.702006][T30860]  ? rcu_is_watching+0x12/0xc0
[  976.702053][T30860]  do_syscall_64+0x6f2/0x830
[  976.702085][T30860]  ? clear_bhb_loop+0x40/0x90
[  976.702126][T30860]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  976.702161][T30860] RIP: 0033:0x7f6876b9ce59
[  976.702188][T30860] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  976.702224][T30860] RSP: 002b:00007f6877996028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  976.702256][T30860] RAX: 0000000000000000 RBX: 00007f6876e15fa0 RCX: 00007f6876b9ce59
[  976.702279][T30860] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[  976.702299][T30860] RBP: 00007f6876c32d6f R08: 0000000000000000 R09: 0000000000000000
[  976.702319][T30860] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  976.702339][T30860] R13: 00007f6876e16038 R14: 00007f6876e15fa0 R15: 00007fffafdc93d8
[  976.702382][T30860]  </TASK>
[  977.403286][T30870] netlink: 342 bytes leftover after parsing attributes in process `syz.0.9936'.
[  977.413727][T30870] IPv6: NLM_F_CREATE should be specified when creating new route
[  977.428923][T30870] IPv6: Can't replace route, no match found
[  978.011901][T30887] FAULT_INJECTION: forcing a failure.
[  978.011901][T30887] name failslab, interval 1, probability 0, space 0, times 0
[  978.032942][T30887] CPU: 0 UID: 0 PID: 30887 Comm: syz.1.9943 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  978.032999][T30887] Tainted: [L]=SOFTLOCKUP
[  978.033012][T30887] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  978.033032][T30887] Call Trace:
[  978.033043][T30887]  <TASK>
[  978.033056][T30887]  dump_stack_lvl+0x100/0x190
[  978.033100][T30887]  should_fail_ex.cold+0x5/0xa
[  978.033143][T30887]  should_failslab+0xc2/0x120
[  978.033184][T30887]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[  978.033219][T30887]  ? xas_split_alloc+0x11c/0x4a0
[  978.033263][T30887]  xas_split_alloc+0x11c/0x4a0
[  978.033307][T30887]  __folio_split+0x5e5/0x1690
[  978.033371][T30887]  ? __pfx___folio_split+0x10/0x10
[  978.033430][T30887]  ? __pfx___might_resched+0x10/0x10
[  978.033476][T30887]  madvise_cold_or_pageout_pte_range+0xf8c/0x2620
[  978.033540][T30887]  ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10
[  978.033591][T30887]  ? __lock_acquire+0x4a5/0x2630
[  978.033621][T30887]  ? __css_rstat_updated+0x1ce/0x5a0
[  978.033675][T30887]  ? __pfx___css_rstat_updated+0x10/0x10
[  978.033729][T30887]  ? register_lock_class+0x40/0x560
[  978.033763][T30887]  ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10
[  978.033814][T30887]  walk_pgd_range+0xc1a/0x1dd0
[  978.033867][T30887]  ? rcu_read_unlock+0x17/0x60
[  978.033930][T30887]  ? __pfx_walk_pgd_range+0x10/0x10
[  978.033970][T30887]  ? folios_put_refs+0x716/0xa90
[  978.034014][T30887]  __walk_page_range+0x163/0x820
[  978.034053][T30887]  ? find_held_lock+0x2b/0x80
[  978.034112][T30887]  walk_page_range_vma_unsafe+0x209/0x8f0
[  978.034156][T30887]  ? __pfx_walk_page_range_vma_unsafe+0x10/0x10
[  978.034203][T30887]  ? find_held_lock+0x2b/0x80
[  978.034246][T30887]  ? mlock_drain_local+0x254/0x4e0
[  978.034278][T30887]  ? mlock_drain_local+0x254/0x4e0
[  978.034317][T30887]  walk_page_range_vma+0x63/0x90
[  978.034358][T30887]  madvise_pageout+0x259/0x540
[  978.034402][T30887]  ? __pfx_madvise_pageout+0x10/0x10
[  978.034448][T30887]  ? rcu_is_watching+0x12/0xc0
[  978.034513][T30887]  ? mtree_range_walk+0x72b/0xb70
[  978.034571][T30887]  madvise_vma_behavior+0x4f7/0x2200
[  978.034632][T30887]  ? __pfx_madvise_vma_behavior+0x10/0x10
[  978.034692][T30887]  ? find_vma_prev+0xd8/0x150
[  978.034733][T30887]  ? futex_unqueue+0x133/0x2c0
[  978.034768][T30887]  ? __pfx_find_vma_prev+0x10/0x10
[  978.034823][T30887]  ? __futex_wait+0x256/0x300
[  978.034884][T30887]  madvise_walk_vmas+0x2fe/0xa90
[  978.034938][T30887]  ? __pfx_madvise_walk_vmas+0x10/0x10
[  978.034997][T30887]  madvise_do_behavior+0x1ea/0x510
[  978.035047][T30887]  ? __pfx_madvise_do_behavior+0x10/0x10
[  978.035095][T30887]  ? down_read+0x13b/0x450
[  978.035152][T30887]  do_madvise+0x195/0x240
[  978.035196][T30887]  ? __pfx_do_madvise+0x10/0x10
[  978.035240][T30887]  ? do_futex+0x192/0x350
[  978.035302][T30887]  ? ksys_write+0x1ac/0x250
[  978.035343][T30887]  ? arch_syscall_is_vdso_sigreturn+0xb6/0x200
[  978.035402][T30887]  __x64_sys_madvise+0xa9/0x110
[  978.035449][T30887]  ? lockdep_hardirqs_on+0x78/0x100
[  978.035478][T30887]  do_syscall_64+0x10b/0x830
[  978.035508][T30887]  ? clear_bhb_loop+0x40/0x90
[  978.035549][T30887]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  978.035582][T30887] RIP: 0033:0x7f37dcb9ce59
[  978.035609][T30887] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  978.035642][T30887] RSP: 002b:00007f37ddb40028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[  978.035673][T30887] RAX: ffffffffffffffda RBX: 00007f37dce15fa0 RCX: 00007f37dcb9ce59
[  978.035696][T30887] RDX: 0000000000000015 RSI: 0000000000000081 RDI: 0000000000000000
[  978.035715][T30887] RBP: 00007f37dcc32d6f R08: 0000000000000000 R09: 0000000000000000
[  978.035736][T30887] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  978.035755][T30887] R13: 00007f37dce16038 R14: 00007f37dce15fa0 R15: 00007fffcea35318
[  978.035801][T30887]  </TASK>
[  979.137578][ T4947] Bluetooth: hci0: unexpected subevent 0x01 length: 3 < 18
[  979.192827][T30920] netlink: 346 bytes leftover after parsing attributes in process `syz.0.9955'.
[  979.447014][T30927] netlink: 326 bytes leftover after parsing attributes in process `syz.0.9958'.
[  979.717743][ T4947] Bluetooth: hci5: command 0x2016 tx timeout
[  980.352806][T30954] netlink: 334 bytes leftover after parsing attributes in process `syz.6.9967'.
[  981.854404][T30993] FAULT_INJECTION: forcing a failure.
[  981.854404][T30993] name failslab, interval 1, probability 0, space 0, times 0
[  981.875765][T30993] CPU: 0 UID: 0 PID: 30993 Comm: syz.6.9980 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  981.875822][T30993] Tainted: [L]=SOFTLOCKUP
[  981.875838][T30993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  981.875858][T30993] Call Trace:
[  981.875869][T30993]  <TASK>
[  981.875882][T30993]  dump_stack_lvl+0x100/0x190
[  981.875927][T30993]  should_fail_ex.cold+0x5/0xa
[  981.875970][T30993]  ? __seq_open_private+0x22/0xd0
[  981.876004][T30993]  should_failslab+0xc2/0x120
[  981.876051][T30993]  __kmalloc_noprof+0xe0/0x850
[  981.876083][T30993]  ? rcu_is_watching+0x12/0xc0
[  981.876132][T30993]  __seq_open_private+0x22/0xd0
[  981.876170][T30993]  seq_open_net+0x1ab/0x2a0
[  981.876219][T30993]  ? __pfx_seq_open_net+0x10/0x10
[  981.876270][T30993]  proc_reg_open+0x2ab/0x5f0
[  981.876316][T30993]  do_dentry_open+0x6d8/0x1660
[  981.876358][T30993]  ? __pfx_proc_reg_open+0x10/0x10
[  981.876412][T30993]  vfs_open+0x82/0x3f0
[  981.876468][T30993]  path_openat+0x208c/0x31a0
[  981.876526][T30993]  ? __pfx_path_openat+0x10/0x10
[  981.876587][T30993]  do_file_open+0x20e/0x430
[  981.876635][T30993]  ? __pfx_do_file_open+0x10/0x10
[  981.876693][T30993]  ? __pfx_kfree_link+0x10/0x10
[  981.876741][T30993]  ? alloc_fd+0x476/0x790
[  981.876788][T30993]  ? do_getname+0x191/0x390
[  981.876844][T30993]  do_sys_openat2+0x10d/0x1e0
[  981.876898][T30993]  ? __pfx_do_sys_openat2+0x10/0x10
[  981.876955][T30993]  ? __fget_files+0x21f/0x3d0
[  981.877006][T30993]  __x64_sys_openat+0x12d/0x210
[  981.877038][T30993]  ? __pfx___x64_sys_openat+0x10/0x10
[  981.877108][T30993]  ? rcu_is_watching+0x12/0xc0
[  981.877154][T30993]  do_syscall_64+0x10b/0x830
[  981.877186][T30993]  ? clear_bhb_loop+0x40/0x90
[  981.877228][T30993]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  981.877262][T30993] RIP: 0033:0x7fecd179ce59
[  981.877291][T30993] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  981.877325][T30993] RSP: 002b:00007fecd2632028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  981.877365][T30993] RAX: ffffffffffffffda RBX: 00007fecd1a15fa0 RCX: 00007fecd179ce59
[  981.877387][T30993] RDX: 0000000000000800 RSI: 0000200000000140 RDI: ffffffffffffff9c
[  981.877409][T30993] RBP: 00007fecd1832d6f R08: 0000000000000000 R09: 0000000000000000
[  981.877429][T30993] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  981.877448][T30993] R13: 00007fecd1a16038 R14: 00007fecd1a15fa0 R15: 00007ffcc25aeb78
[  981.877489][T30993]  </TASK>
[  983.003922][T31017] netlink: 330 bytes leftover after parsing attributes in process `syz.6.9990'.
[  984.477260][T31055] tipc: Can't bind to reserved service type 63
[  984.750591][ T1043] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  985.041177][ T1043] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  985.208161][ T1043] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  985.363917][ T4947] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  985.393067][ T4947] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  985.403848][ T4947] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  985.416557][ T4947] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  985.429151][ T1043] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  985.431069][ T4947] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  986.237995][ T1043] netdevsim netdevsim13 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  986.876338][ T1043] bridge_slave_1: left allmulticast mode
[  986.898892][ T1043] bridge_slave_1: left promiscuous mode
[  986.913752][ T1043] bridge0: port 2(bridge_slave_1) entered disabled state
[  986.956078][ T1043] bridge_slave_0: left allmulticast mode
[  986.973099][ T1043] bridge_slave_0: left promiscuous mode
[  986.988290][ T1043] bridge0: port 1(bridge_slave_0) entered disabled state
[  987.561758][ T4947] Bluetooth: hci0: command tx timeout
[  987.594451][ T1043]  (unregistering): (slave bond_slave_0): Releasing backup interface
[  987.614397][ T1043]  (unregistering): (slave bond_slave_1): Releasing backup interface
[  987.648730][ T1043]  (unregistering): Released all slaves
[  987.720098][ T5292] 8021q: adding VLAN 0 to HW filter on device eth1
[  987.823312][ T1043] tipc: Left network mode
[  988.940281][ T1043] hsr_slave_0: left promiscuous mode
[  988.954642][ T1043] hsr_slave_1: left promiscuous mode
[  988.967053][ T1043] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  988.983450][ T1043] batman_adv: batadv0: Removing interface: batadv_slave_0
[  989.003869][ T1043] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  989.018781][ T1043] batman_adv: batadv0: Removing interface: batadv_slave_1
[  989.069051][ T1043] veth1_macvtap: left promiscuous mode
[  989.079502][ T1043] veth0_macvtap: left promiscuous mode
[  989.500580][ T1043] team0 (unregistering): Port device team_slave_1 removed
[  989.538215][ T1043] team0 (unregistering): Port device team_slave_0 removed
[  989.642619][ T4947] Bluetooth: hci0: command tx timeout
[  989.957648][ T5292] 8021q: adding VLAN 0 to HW filter on device eth2
[  990.234261][T31069] bridge0: port 1(bridge_slave_0) entered blocking state
[  990.248637][T31069] bridge0: port 1(bridge_slave_0) entered disabled state
[  990.256442][T31069] bridge_slave_0: entered allmulticast mode
[  990.268292][T31069] bridge_slave_0: entered promiscuous mode
[  990.293862][T31069] bridge0: port 2(bridge_slave_1) entered blocking state
[  990.301267][T31069] bridge0: port 2(bridge_slave_1) entered disabled state
[  990.308604][T31069] bridge_slave_1: entered allmulticast mode
[  990.324122][T31069] bridge_slave_1: entered promiscuous mode
[  990.445207][T31069] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  990.477958][T31069] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  990.621279][T31069] team0: Port device team_slave_0 added
[  990.656847][T31069] team0: Port device team_slave_1 added
[  990.740777][T31069] batman_adv: batadv0: Adding interface: batadv_slave_0
[  990.769522][T31069] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  990.829646][T31069] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  990.865781][T31069] batman_adv: batadv0: Adding interface: batadv_slave_1
[  990.882065][T31069] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  990.953124][T31069] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  991.198096][T31069] hsr_slave_0: entered promiscuous mode
[  991.218002][T31069] hsr_slave_1: entered promiscuous mode
[  991.244009][T31069] debugfs: 'hsr0' already exists in 'hsr'
[  991.261901][T31069] Cannot create hsr debugfs directory
[  991.495420][T31191] netlink: 330 bytes leftover after parsing attributes in process `syz.5.10034'.
[  991.682685][T31193] EXT4-fs error (device sda1): trigger_test_error:130: comm syz.0.10035: 1
[  991.723390][ T4947] Bluetooth: hci0: command tx timeout
[  991.800222][ T5292] 8021q: adding VLAN 0 to HW filter on device eth3
[  991.943839][T31199] FAULT_INJECTION: forcing a failure.
[  991.943839][T31199] name failslab, interval 1, probability 0, space 0, times 0
[  992.012595][T31199] CPU: 0 UID: 0 PID: 31199 Comm: syz.5.10037 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  992.012645][T31199] Tainted: [L]=SOFTLOCKUP
[  992.012657][T31199] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  992.012675][T31199] Call Trace:
[  992.012685][T31199]  <TASK>
[  992.012697][T31199]  dump_stack_lvl+0x100/0x190
[  992.012739][T31199]  should_fail_ex.cold+0x5/0xa
[  992.012781][T31199]  should_failslab+0xc2/0x120
[  992.012820][T31199]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  992.012848][T31199]  ? __anon_vma_prepare+0xae/0x5e0
[  992.012905][T31199]  __anon_vma_prepare+0xae/0x5e0
[  992.012952][T31199]  ? __pfx___pte_alloc+0x10/0x10
[  992.012993][T31199]  __vmf_anon_prepare+0x11f/0x250
[  992.013039][T31199]  do_anonymous_page+0x536/0x2050
[  992.013092][T31199]  ? __pfx_pgd_none+0x10/0x10
[  992.013149][T31199]  __handle_mm_fault+0x1d2c/0x2a00
[  992.013204][T31199]  ? mt_find+0x45e/0x8e0
[  992.013239][T31199]  ? __pfx___handle_mm_fault+0x10/0x10
[  992.013287][T31199]  ? __pfx_mt_find+0x10/0x10
[  992.013353][T31199]  handle_mm_fault+0x36d/0xa20
[  992.013422][T31199]  __get_user_pages+0x1178/0x32a0
[  992.013479][T31199]  ? __pfx___get_user_pages+0x10/0x10
[  992.013533][T31199]  populate_vma_page_range+0x267/0x3f0
[  992.013580][T31199]  ? __pfx_populate_vma_page_range+0x10/0x10
[  992.013622][T31199]  ? __pfx_find_vma_intersection+0x10/0x10
[  992.013665][T31199]  ? do_mmap+0x93f/0x12f0
[  992.013711][T31199]  __mm_populate+0x107/0x3a0
[  992.013757][T31199]  ? __pfx___mm_populate+0x10/0x10
[  992.013804][T31199]  ? up_write+0x28c/0x4f0
[  992.013844][T31199]  vm_mmap_pgoff+0x37f/0x470
[  992.013892][T31199]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  992.013937][T31199]  ? do_futex+0x192/0x350
[  992.013977][T31199]  ? __pfx_do_futex+0x10/0x10
[  992.014027][T31199]  ksys_mmap_pgoff+0xe4/0x610
[  992.014071][T31199]  ? __x64_sys_futex+0x358/0x4d0
[  992.014109][T31199]  ? __pfx_ksys_mmap_pgoff+0x10/0x10
[  992.014150][T31199]  ? xfd_validate_state+0x129/0x190
[  992.014183][T31199]  ? ksys_write+0x1ac/0x250
[  992.014228][T31199]  __x64_sys_mmap+0x125/0x190
[  992.014270][T31199]  do_syscall_64+0x10b/0x830
[  992.014300][T31199]  ? clear_bhb_loop+0x40/0x90
[  992.014341][T31199]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  992.014383][T31199] RIP: 0033:0x7f6876b9ce59
[  992.014411][T31199] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  992.014443][T31199] RSP: 002b:00007f6877975028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  992.014494][T31199] RAX: ffffffffffffffda RBX: 00007f6876e16090 RCX: 00007f6876b9ce59
[  992.014518][T31199] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000401000
[  992.014539][T31199] RBP: 00007f6876c32d6f R08: 0000000000000002 R09: 0000000000008000
[  992.014560][T31199] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000
[  992.014580][T31199] R13: 00007f6876e16128 R14: 00007f6876e16090 R15: 00007fffafdc93d8
[  992.014624][T31199]  </TASK>
[  992.435562][T31069] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  992.499412][T31069] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  992.507620][T31069] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  992.518558][T31069] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  992.527142][T31069] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  992.562367][T31069] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  992.572359][T31069] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  992.611421][T31069] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  992.944049][T31069] 8021q: adding VLAN 0 to HW filter on device bond0
[  993.012142][ T1318] ieee802154 phy0 wpan0: encryption failed: -22
[  993.019672][ T1318] ieee802154 phy1 wpan1: encryption failed: -22
[  993.030942][T31069] 8021q: adding VLAN 0 to HW filter on device team0
[  993.073328][  T137] bridge0: port 1(bridge_slave_0) entered blocking state
[  993.080597][  T137] bridge0: port 1(bridge_slave_0) entered forwarding state
[  993.157387][  T137] bridge0: port 2(bridge_slave_1) entered blocking state
[  993.164663][  T137] bridge0: port 2(bridge_slave_1) entered forwarding state
[  993.804674][ T4947] Bluetooth: hci0: command tx timeout
[  993.938811][T31240] netlink: 342 bytes leftover after parsing attributes in process `syz.0.10043'.
[  994.056408][ T5292] 8021q: adding VLAN 0 to HW filter on device eth4
[  995.009794][T31069] 8021q: adding VLAN 0 to HW filter on device batadv0
[  995.143274][T31271] netlink: 146 bytes leftover after parsing attributes in process `syz.5.10049'.
[  995.873695][ T5292] 8021q: adding VLAN 0 to HW filter on device eth5
[  995.958521][T31069] veth0_vlan: entered promiscuous mode
[  996.001503][T31069] veth1_vlan: entered promiscuous mode
[  996.440544][T31069] veth0_macvtap: entered promiscuous mode
[  996.468255][T31069] veth1_macvtap: entered promiscuous mode
[  996.526215][T31069] batman_adv: batadv0: Interface activated: batadv_slave_0
[  996.573772][T31069] batman_adv: batadv0: Interface activated: batadv_slave_1
[  996.617485][   T36] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  996.646889][   T36] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  996.668988][   T13] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  996.697786][   T13] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  997.022366][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  997.048138][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  997.218139][T30957] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  997.240412][T30957] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  997.268647][T31320] netlink: 'syz.6.10058': attribute type 27 has an invalid length.
[  997.293756][T31320] netlink: 334 bytes leftover after parsing attributes in process `syz.6.10058'.
[  997.342569][T31322] netlink: 342 bytes leftover after parsing attributes in process `syz.0.10059'.
[  998.505061][T31357] netlink: 'syz.0.10070': attribute type 4 has an invalid length.
[  999.025040][T31366] netlink: 'syz.7.10074': attribute type 21 has an invalid length.
[  999.046142][T31366] netlink: 334 bytes leftover after parsing attributes in process `syz.7.10074'.
[  999.603404][T31378] EXT4-fs error (device sda1): trigger_test_error:130: comm syz.7.10078: 1
[  999.742731][T31385] FAULT_INJECTION: forcing a failure.
[  999.742731][T31385] name failslab, interval 1, probability 0, space 0, times 0
[  999.792492][T31385] CPU: 0 UID: 0 PID: 31385 Comm: syz.6.10080 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  999.792553][T31385] Tainted: [L]=SOFTLOCKUP
[  999.792566][T31385] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  999.792587][T31385] Call Trace:
[  999.792598][T31385]  <TASK>
[  999.792610][T31385]  dump_stack_lvl+0x100/0x190
[  999.792655][T31385]  should_fail_ex.cold+0x5/0xa
[  999.792699][T31385]  should_failslab+0xc2/0x120
[  999.792741][T31385]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  999.792773][T31385]  ? __anon_vma_prepare+0xae/0x5e0
[  999.792833][T31385]  __anon_vma_prepare+0xae/0x5e0
[  999.792881][T31385]  ? __pfx___pte_alloc+0x10/0x10
[  999.792926][T31385]  __vmf_anon_prepare+0x11f/0x250
[  999.792972][T31385]  do_anonymous_page+0x536/0x2050
[  999.793033][T31385]  ? __pfx_pgd_none+0x10/0x10
[  999.793096][T31385]  __handle_mm_fault+0x1d2c/0x2a00
[  999.793156][T31385]  ? mt_find+0x45e/0x8e0
[  999.793193][T31385]  ? __pfx___handle_mm_fault+0x10/0x10
[  999.793243][T31385]  ? __pfx_mt_find+0x10/0x10
[  999.793312][T31385]  handle_mm_fault+0x36d/0xa20
[  999.793374][T31385]  __get_user_pages+0x1178/0x32a0
[  999.793435][T31385]  ? __pfx___get_user_pages+0x10/0x10
[  999.793490][T31385]  populate_vma_page_range+0x267/0x3f0
[  999.793541][T31385]  ? __pfx_populate_vma_page_range+0x10/0x10
[  999.793587][T31385]  ? __pfx_find_vma_intersection+0x10/0x10
[  999.793633][T31385]  ? do_mmap+0x93f/0x12f0
[  999.793680][T31385]  __mm_populate+0x107/0x3a0
[  999.793729][T31385]  ? __pfx___mm_populate+0x10/0x10
[  999.793779][T31385]  ? up_write+0x28c/0x4f0
[  999.793822][T31385]  vm_mmap_pgoff+0x37f/0x470
[  999.793871][T31385]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  999.793913][T31385]  ? do_futex+0x192/0x350
[  999.793946][T31385]  ? __pfx_do_futex+0x10/0x10
[  999.793984][T31385]  ksys_mmap_pgoff+0xe4/0x610
[  999.794026][T31385]  ? __x64_sys_futex+0x358/0x4d0
[  999.794061][T31385]  ? __pfx_ksys_mmap_pgoff+0x10/0x10
[  999.794097][T31385]  ? xfd_validate_state+0x129/0x190
[  999.794127][T31385]  ? ksys_write+0x1ac/0x250
[  999.794168][T31385]  __x64_sys_mmap+0x125/0x190
[  999.794204][T31385]  do_syscall_64+0x10b/0x830
[  999.794230][T31385]  ? clear_bhb_loop+0x40/0x90
[  999.794265][T31385]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  999.794294][T31385] RIP: 0033:0x7fecd179ce59
[  999.794318][T31385] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  999.794347][T31385] RSP: 002b:00007fecd2611028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  999.794375][T31385] RAX: ffffffffffffffda RBX: 00007fecd1a16090 RCX: 00007fecd179ce59
[  999.794394][T31385] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000401000
[  999.794412][T31385] RBP: 00007fecd1832d6f R08: 0000000000000002 R09: 0000000000008000
[  999.794429][T31385] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000
[  999.794445][T31385] R13: 00007fecd1a16128 R14: 00007fecd1a16090 R15: 00007ffcc25aeb78
[  999.794482][T31385]  </TASK>
[ 1000.200601][T31389] ima: policy update failed
[ 1000.210930][   T30] audit: type=1802 audit(4294968628.594:44): pid=31389 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.10083" res=0 errno=0
[ 1002.432276][T31441] FAULT_INJECTION: forcing a failure.
[ 1002.432276][T31441] name failslab, interval 1, probability 0, space 0, times 0
[ 1002.499244][T31441] CPU: 0 UID: 0 PID: 31441 Comm: syz.6.10102 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1002.499298][T31441] Tainted: [L]=SOFTLOCKUP
[ 1002.499310][T31441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1002.499330][T31441] Call Trace:
[ 1002.499341][T31441]  <TASK>
[ 1002.499352][T31441]  dump_stack_lvl+0x100/0x190
[ 1002.499394][T31441]  should_fail_ex.cold+0x5/0xa
[ 1002.499436][T31441]  should_failslab+0xc2/0x120
[ 1002.499477][T31441]  kmem_cache_alloc_noprof+0x7b/0x6e0
[ 1002.499510][T31441]  ? posix_lock_inode+0x5b2/0x2420
[ 1002.499555][T31441]  ? lockdep_init_map_type+0x5c/0x250
[ 1002.499598][T31441]  posix_lock_inode+0x5b2/0x2420
[ 1002.499660][T31441]  ? __pfx_posix_lock_inode+0x10/0x10
[ 1002.499723][T31441]  vfs_lock_file+0xfb/0x150
[ 1002.499773][T31441]  fcntl_setlk+0x768/0xe20
[ 1002.499824][T31441]  ? __pfx_fcntl_setlk+0x10/0x10
[ 1002.499878][T31441]  ? __might_fault+0xc5/0x140
[ 1002.499931][T31441]  ? __might_fault+0xc5/0x140
[ 1002.500014][T31441]  do_fcntl+0xf39/0x1670
[ 1002.500069][T31441]  ? __pfx_do_fcntl+0x10/0x10
[ 1002.500119][T31441]  ? __fget_files+0x215/0x3d0
[ 1002.500174][T31441]  ? tomoyo_file_fcntl+0x6c/0xc0
[ 1002.500234][T31441]  __x64_sys_fcntl+0x163/0x200
[ 1002.500292][T31441]  do_syscall_64+0x10b/0x830
[ 1002.500324][T31441]  ? clear_bhb_loop+0x40/0x90
[ 1002.500366][T31441]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1002.500402][T31441] RIP: 0033:0x7fecd179ce59
[ 1002.500430][T31441] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1002.500465][T31441] RSP: 002b:00007fecd2611028 EFLAGS: 00000246 ORIG_RAX: 0000000000000048
[ 1002.500499][T31441] RAX: ffffffffffffffda RBX: 00007fecd1a16090 RCX: 00007fecd179ce59
[ 1002.500522][T31441] RDX: 0000000000000009 RSI: 0000000000000006 RDI: 0000000000000003
[ 1002.500542][T31441] RBP: 00007fecd1832d6f R08: 0000000000000000 R09: 0000000000000000
[ 1002.500563][T31441] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1002.500584][T31441] R13: 00007fecd1a16128 R14: 00007fecd1a16090 R15: 00007ffcc25aeb78
[ 1002.500627][T31441]  </TASK>
[ 1002.764268][T31448] random: crng reseeded on system resumption
[ 1002.858701][T31448] Restarting kernel threads ...
[ 1002.899519][T31448] Done restarting kernel threads.
[ 1003.255271][   T31] INFO: task syz-executor:25791 blocked for more than 143 seconds.
[ 1003.280993][   T31]       Tainted: G             L      syzkaller #0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1003.308831][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1003.328388][   T31] task:syz-executor    state:D stack:24048 pid:25791 tgid:25791 ppid:1      task_flags:0x400140 flags:0x00080002
[ 1003.348373][   T31] Call Trace:
[ 1003.353301][   T31]  <TASK>
[ 1003.359884][   T31]  __schedule+0x1295/0x67a0
[ 1003.368943][   T31]  ? __pfx___schedule+0x10/0x10
[ 1003.378564][   T31]  ? find_held_lock+0x2b/0x80
[ 1003.398348][   T31]  ? schedule+0x2bf/0x390
[ 1003.402817][   T31]  schedule+0xdd/0x390
[ 1003.406957][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1003.424823][   T31]  __mutex_lock+0xced/0x1b10
[ 1003.440316][   T31]  ? nfsd_shutdown_threads+0x5b/0xf0
[ 1003.448691][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1003.461830][   T31]  ? net_generic+0xea/0x2a0
[ 1003.471480][   T31]  ? net_generic+0xea/0x2a0
[ 1003.480115][   T31]  ? nfsd_shutdown_threads+0x5b/0xf0
[ 1003.492113][   T31]  nfsd_shutdown_threads+0x5b/0xf0
[ 1003.507413][   T31]  nfsd_umount+0x3b/0x60
[ 1003.517706][   T31]  deactivate_locked_super+0xc1/0x1b0
[ 1003.533618][   T31]  deactivate_super+0xe7/0x110
[ 1003.543754][   T31]  cleanup_mnt+0x21f/0x450
[ 1003.553889][   T31]  task_work_run+0x150/0x240
[ 1003.564033][   T31]  ? __pfx_task_work_run+0x10/0x10
[ 1003.575209][   T31]  ? rcu_is_watching+0x12/0xc0
[ 1003.585200][   T31]  exit_to_user_mode_loop+0x107/0x4f0
[ 1003.603391][   T31]  ? rcu_is_watching+0x12/0xc0
[ 1003.614838][   T31]  do_syscall_64+0x6f2/0x830
[ 1003.625961][   T31]  ? clear_bhb_loop+0x40/0x90
[ 1003.647966][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1003.669218][   T31] RIP: 0033:0x7f733a79e097
[ 1003.679283][   T31] RSP: 002b:00007ffdae490758 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 1003.694689][   T31] RAX: 0000000000000000 RBX: 00007f733a8321ca RCX: 00007f733a79e097
[ 1003.703415][   T31] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdae490810
[ 1003.711920][   T31] RBP: 00007ffdae490810 R08: 00007ffdae491810 R09: 00000000ffffffff
[ 1003.723669][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffdae4918a0
[ 1003.738925][   T31] R13: 00007f733a8321ca R14: 00000000000cd13b R15: 00007ffdae4918e0
[ 1003.758606][   T31]  </TASK>
[ 1003.763360][   T31] 
[ 1003.763360][   T31] Showing all locks held in the system:
[ 1003.790557][   T31] 1 lock held by khungtaskd/31:
[ 1003.799315][   T31]  #0: ffffffff8e7e5420 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x3d/0x184
[ 1003.820020][   T31] 2 locks held by syz-executor/5616:
[ 1003.828900][   T31] 2 locks held by getty/15757:
[ 1003.844689][   T31]  #0: ffff888033c660a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[ 1003.858241][   T31]  #1: ffffc900096992e8 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x419/0x14f0
[ 1003.871477][   T31] 2 locks held by syz.2.8194/25772:
[ 1003.898596][   T31]  #0: ffffffff906bff08 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[ 1003.911443][   T31]  #1: ffffffff8ec62400 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xd5/0x1a80
[ 1003.926239][   T31] 2 locks held by syz-executor/25791:
[ 1003.942719][   T31]  #0: ffff888055f660d8 (&type->s_umount_key#52){++++}-{4:4}, at: deactivate_super+0xdf/0x110
[ 1003.965030][   T31]  #1: ffffffff8ec62400 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0
[ 1003.975532][   T31] 2 locks held by syz.3.9326/29092:
[ 1003.983443][   T31]  #0: ffff8880438620d8 (&type->s_umount_key#52){++++}-{4:4}, at: deactivate_super+0xdf/0x110
[ 1003.995563][   T31]  #1: ffffffff8ec62400 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0
[ 1004.005794][   T31] 2 locks held by syz.5.10053/31298:
[ 1004.011659][   T31] 1 lock held by syz.7.10105/31456:
[ 1004.017098][   T31] 
[ 1004.020847][   T31] =============================================
[ 1004.020847][   T31] 
[ 1004.030546][   T31] NMI backtrace for cpu 1
[ 1004.030572][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1004.030614][   T31] Tainted: [L]=SOFTLOCKUP
[ 1004.030625][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1004.030643][   T31] Call Trace:
[ 1004.030652][   T31]  <TASK>
[ 1004.030663][   T31]  dump_stack_lvl+0x100/0x190
[ 1004.030700][   T31]  nmi_cpu_backtrace.cold+0x12d/0x151
[ 1004.030737][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1004.030774][   T31]  nmi_trigger_cpumask_backtrace+0x1d7/0x230
[ 1004.030817][   T31]  sys_info+0x141/0x190
[ 1004.030849][   T31]  watchdog+0xcb1/0x1030
[ 1004.030898][   T31]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 1004.030944][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1004.030986][   T31]  ? __kthread_parkme+0x18c/0x230
[ 1004.031030][   T31]  ? kthread+0x13a/0x450
[ 1004.031053][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1004.031093][   T31]  kthread+0x370/0x450
[ 1004.031117][   T31]  ? __pfx_kthread+0x10/0x10
[ 1004.031145][   T31]  ret_from_fork+0x72b/0xd50
[ 1004.031178][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 1004.031220][   T31]  ? __switch_to+0x800/0x1100
[ 1004.031260][   T31]  ? __switch_to_asm+0x39/0x70
[ 1004.031298][   T31]  ? __pfx_kthread+0x10/0x10
[ 1004.031326][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1004.031381][   T31]  </TASK>
[ 1004.031405][   T31] Sending NMI from CPU 1 to CPUs 0:
[ 1004.175451][    C0] NMI backtrace for cpu 0
[ 1004.175480][    C0] CPU: 0 UID: 0 PID: 31298 Comm: syz.5.10053 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1004.175518][    C0] Tainted: [L]=SOFTLOCKUP
[ 1004.175527][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1004.175542][    C0] RIP: 0010:kasan_check_range+0x6e/0x1e0
[ 1004.175584][    C0] Code: 4c 8d 54 37 ff 48 89 fd 48 b8 00 00 00 00 00 fc ff df 4d 89 d1 48 c1 ed 03 49 c1 e9 03 48 01 c5 49 01 c1 48 89 e8 49 8d 59 01 <48> 89 da 48 29 ea 48 83 fa 10 0f 8e db 00 00 00 41 89 eb 41 83 e3
[ 1004.175616][    C0] RSP: 0000:ffffc90005fcea80 EFLAGS: 00000282
[ 1004.175637][    C0] RAX: fffff9400025e1a8 RBX: fffff9400025e1a9 RCX: ffffffff824f701f
[ 1004.175655][    C0] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffea00012f0d40
[ 1004.175671][    C0] RBP: fffff9400025e1a8 R08: 0000000000000000 R09: fffff9400025e1a8
[ 1004.175688][    C0] R10: ffffea00012f0d47 R11: 0000000000000000 R12: 0000000000005a7c
[ 1004.175710][    C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000005a7c
[ 1004.175726][    C0] FS:  00007f68779966c0(0000) GS:ffff888124371000(0000) knlGS:0000000000000000
[ 1004.175749][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1004.175766][    C0] CR2: 0000001b32c08ff8 CR3: 00000000348cc000 CR4: 00000000003526f0
[ 1004.175783][    C0] Call Trace:
[ 1004.175790][    C0]  <TASK>
[ 1004.175802][    C0]  shmem_add_to_page_cache+0x28f/0xcd0
[ 1004.175849][    C0]  ? __pfx_shmem_add_to_page_cache+0x10/0x10
[ 1004.175893][    C0]  ? rcu_read_unlock+0x17/0x60
[ 1004.175925][    C0]  ? rcu_read_unlock+0x17/0x60
[ 1004.175964][    C0]  shmem_alloc_and_add_folio+0x558/0xd40
[ 1004.175994][    C0]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[ 1004.176021][    C0]  ? shmem_allowable_huge_orders+0x2bd/0x400
[ 1004.176053][    C0]  shmem_get_folio_gfp+0x6ab/0x1900
[ 1004.176082][    C0]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[ 1004.176114][    C0]  shmem_write_begin+0x1a4/0x420
[ 1004.176142][    C0]  ? __pfx_shmem_write_begin+0x10/0x10
[ 1004.176169][    C0]  ? balance_dirty_pages_ratelimited_flags+0x91/0x1170
[ 1004.176205][    C0]  ? lockdep_hardirqs_on+0x78/0x100
[ 1004.176231][    C0]  generic_perform_write+0x292/0xa40
[ 1004.176276][    C0]  ? __pfx_generic_perform_write+0x10/0x10
[ 1004.176318][    C0]  ? file_update_time_flags+0x373/0x500
[ 1004.176359][    C0]  ? __pfx_shmem_file_write_iter+0x10/0x10
[ 1004.176390][    C0]  shmem_file_write_iter+0x10e/0x140
[ 1004.176423][    C0]  __kernel_write_iter+0x2ac/0x920
[ 1004.176455][    C0]  ? __pfx___kernel_write_iter+0x10/0x10
[ 1004.176486][    C0]  ? __up_read+0x2c1/0x6e0
[ 1004.176517][    C0]  ? dump_user_range+0x65e/0xad0
[ 1004.176559][    C0]  dump_user_range+0x3f9/0xad0
[ 1004.176601][    C0]  ? __pfx_dump_user_range+0x10/0x10
[ 1004.176645][    C0]  ? __pfx_writenote+0x10/0x10
[ 1004.176717][    C0]  elf_core_dump+0x2d5f/0x3d10
[ 1004.176768][    C0]  ? __pfx_elf_core_dump+0x10/0x10
[ 1004.176808][    C0]  ? kasan_save_stack+0x3f/0x50
[ 1004.176832][    C0]  ? kasan_save_stack+0x30/0x50
[ 1004.176857][    C0]  ? __kasan_kmalloc+0xaa/0xb0
[ 1004.176881][    C0]  ? __kvmalloc_node_noprof+0x360/0xa00
[ 1004.176906][    C0]  ? vfs_coredump+0x22db/0x5770
[ 1004.176944][    C0]  ? asm_exc_page_fault+0x26/0x30
[ 1004.176972][    C0]  ? 0xffffffffff600000
[ 1004.177021][    C0]  ? vfs_coredump+0x29a0/0x5770
[ 1004.177057][    C0]  vfs_coredump+0x29a0/0x5770
[ 1004.177102][    C0]  ? __pfx_vfs_coredump+0x10/0x10
[ 1004.177147][    C0]  ? __lock_acquire+0x4a5/0x2630
[ 1004.177183][    C0]  ? lock_acquire+0x1b1/0x370
[ 1004.177219][    C0]  ? is_bpf_text_address+0x8a/0x1a0
[ 1004.177262][    C0]  ? bpf_ksym_find+0x124/0x1c0
[ 1004.177294][    C0]  ? __kernel_text_address+0xd/0x30
[ 1004.177321][    C0]  ? unwind_get_return_address+0x59/0xa0
[ 1004.177356][    C0]  ? arch_stack_walk+0xa6/0xf0
[ 1004.177403][    C0]  ? __sigqueue_free+0xbe/0x2a0
[ 1004.177449][    C0]  ? stack_trace_save+0x8e/0xc0
[ 1004.177483][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[ 1004.177519][    C0]  ? stack_depot_save_flags+0x27/0x9d0
[ 1004.177553][    C0]  ? __lock_acquire+0x4a5/0x2630
[ 1004.177609][    C0]  ? proc_coredump_connector+0x2d3/0x4f0
[ 1004.177636][    C0]  ? __pfx_proc_coredump_connector+0x10/0x10
[ 1004.177666][    C0]  ? rcu_is_watching+0x12/0xc0
[ 1004.177707][    C0]  get_signal+0x2162/0x2210
[ 1004.177749][    C0]  ? __pfx_get_signal+0x10/0x10
[ 1004.177781][    C0]  ? find_held_lock+0x2b/0x80
[ 1004.177815][    C0]  ? bad_area_access_error+0xab/0x1d0
[ 1004.177846][    C0]  ? fixup_vdso_exception+0x2d1/0x370
[ 1004.177887][    C0]  arch_do_signal_or_restart+0x91/0x7a0
[ 1004.177929][    C0]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1004.177977][    C0]  ? rcu_is_watching+0x12/0xc0
[ 1004.178010][    C0]  irqentry_exit+0x410/0x7e0
[ 1004.178038][    C0]  asm_exc_page_fault+0x26/0x30
[ 1004.178063][    C0] RIP: 0033:0x0
[ 1004.178080][    C0] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[ 1004.178092][    C0] RSP: 002b:000000000000000b EFLAGS: 00010217
[ 1004.178112][    C0] RAX: 0000000000000000 RBX: 00007f6876e15fa0 RCX: 00007f6876b9ce59
[ 1004.178129][    C0] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000020003b46
[ 1004.178146][    C0] RBP: 00007f6876c32d6f R08: fffffffffffffffe R09: 0000000000000000
[ 1004.178162][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1004.178179][    C0] R13: 00007f6876e16038 R14: 00007f6876e15fa0 R15: 00007fffafdc93d8
[ 1004.178208][    C0]  </TASK>
[ 1004.853270][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[ 1004.860221][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1004.870950][   T31] Tainted: [L]=SOFTLOCKUP
[ 1004.875296][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1004.885456][   T31] Call Trace:
[ 1004.888757][   T31]  <TASK>
[ 1004.891732][   T31]  dump_stack_lvl+0x100/0x190
[ 1004.896452][   T31]  vpanic+0x552/0x970
[ 1004.900472][   T31]  ? __pfx_vpanic+0x10/0x10
[ 1004.905004][   T31]  ? nmi_trigger_cpumask_backtrace+0x182/0x230
[ 1004.911203][   T31]  ? nmi_trigger_cpumask_backtrace+0x182/0x230
[ 1004.917423][   T31]  panic+0xd1/0xe0
[ 1004.921185][   T31]  ? __pfx_panic+0x10/0x10
[ 1004.925652][   T31]  ? nmi_trigger_cpumask_backtrace+0x1b5/0x230
[ 1004.931855][   T31]  ? nmi_trigger_cpumask_backtrace+0x1f6/0x230
[ 1004.938058][   T31]  ? nmi_trigger_cpumask_backtrace+0x200/0x230
[ 1004.944267][   T31]  ? watchdog.cold+0x1ec/0x234
[ 1004.949081][   T31]  ? watchdog+0xcc1/0x1030
[ 1004.953548][   T31]  watchdog.cold+0x1fd/0x234
[ 1004.958206][   T31]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 1004.964095][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1004.968828][   T31]  ? __kthread_parkme+0x18c/0x230
[ 1004.973899][   T31]  ? kthread+0x13a/0x450
[ 1004.978179][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1004.982905][   T31]  kthread+0x370/0x450
[ 1004.987013][   T31]  ? __pfx_kthread+0x10/0x10
[ 1004.991645][   T31]  ret_from_fork+0x72b/0xd50
[ 1004.996273][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 1005.001419][   T31]  ? __switch_to+0x800/0x1100
[ 1005.006140][   T31]  ? __switch_to_asm+0x39/0x70
[ 1005.010966][   T31]  ? __pfx_kthread+0x10/0x10
[ 1005.015589][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1005.020460][   T31]  </TASK>
[ 1005.024452][   T31] Kernel Offset: disabled
[ 1005.028802][   T31] Rebooting in 86400 seconds..