last executing test programs:

5.785010949s ago: executing program 3 (id=1244):
r0 = socket(0x10, 0x2, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r1, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f0000004300)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\v'], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x810)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r1)
r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000000c0), r1)
sendmsg$auto_ETHTOOL_MSG_LINKMODES_GET(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000003c0)={0x30, r2, 0x1, 0x70bd2d, 0x25dfdbfb, {}, [@ETHTOOL_A_LINKMODES_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_LINKMODES_HEADER={0x4}, @ETHTOOL_A_LINKMODES_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x9}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x2004d081}, 0x4010)

5.293737173s ago: executing program 3 (id=1247):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
landlock_create_ruleset$auto(&(0x7f0000000000)={0xdaa1, 0x0, 0xfffffffffffffffd}, 0x8, 0x0)
socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
r0 = socket(0x15, 0x5, 0x0)
setsockopt$auto(r0, 0x114, 0x8, 0x0, 0x4)

4.931605333s ago: executing program 3 (id=1250):
madvise$auto(0x0, 0x2000040080000004, 0xe)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(r0, &(0x7f0000000040)='//\xf2\x00', 0x80000000)
write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9)
mmap$auto(0x0, 0x400005, 0xe2, 0x9b72, 0x2, 0x8000)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)

4.254992498s ago: executing program 1 (id=1257):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000180), 0xffffffffffffffff)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/module/pvrusb2/parameters/vbi_nr\x00', 0x200, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x80002, 0x0)
write$auto_ocfs2_control_fops_stack_user(r1, &(0x7f0000003900)='\t', 0x1)
read$auto(r0, 0x0, 0x1)

3.589280748s ago: executing program 2 (id=1260):
fspick$auto(0xffffffffffffffff, 0x0, 0x5)
r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
r1 = gettid()
mmap$auto(0xffffffffffffffff, 0xd, 0x8000000000000000, 0x10011, r0, 0x4946)
syz_open_procfs$namespace(r1, &(0x7f0000000080)='ns/net\x00')

2.7562894s ago: executing program 2 (id=1263):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
socket(0x2, 0x1, 0x0)
io_uring_setup$auto(0x1, 0x0)
setsockopt$auto(0x3, 0x1, 0xf, 0x0, 0x9)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a)
listen$auto(0x3, 0x81)

2.620999504s ago: executing program 1 (id=1264):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
keyctl$auto(0x4, 0xfffffffe, 0x6, 0xffffffffffffffff, 0xe)

2.43181112s ago: executing program 2 (id=1265):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
socket(0x23, 0x5, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
listen$auto(0x3, 0x81)

2.149902194s ago: executing program 2 (id=1267):
mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000)
r0 = socket(0x10, 0x2, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0xb8, 0x100000000, 0x5, 0x1b, 0x93c, 0x1ffdc, 0x7, 0x2000000000000006, 0x2, 0x9, 0x5, 0x2, 0x8001, 0xae, 0x9, 0x922, 0x7, 0x5, 0x5, 0x3, 0xfffffffe, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000000000]}, 0x1fe, 0x81)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xdc5e}, 0x800}, 0x7, 0x4008)

2.033531812s ago: executing program 0 (id=1268):
rseq$auto(0x0, 0x8000, 0x0, 0x9)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sysfs$auto(0x2, 0x4c, 0x0)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$auto(0x10, r0, 0x4, 0x7ff)
ptrace$auto_PTRACE_POKEDATA(0x5, r0, 0x4e5, 0x9)

1.804134871s ago: executing program 3 (id=1269):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
mlockall$auto(0x7)
mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000)
unshare$auto(0x9)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)

1.662200109s ago: executing program 2 (id=1270):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = socket(0x2b, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @loopback}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x0, 0x0, 0x1f, 0xb}, 0x800009}, 0x3, 0x20000000)
write$auto(r0, 0x0, 0xfffffde9)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x420, 0x0, 0xfffffffffffffffd)

1.488669321s ago: executing program 1 (id=1271):
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
keyctl$auto_KEYCTL_CAPABILITIES(0x1f, 0x0, 0xfffffffffffffffd, 0xc44, 0x8)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/fail-nth\x00', 0x20902, 0x0)
socket(0xa, 0x1, 0x100)
setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b)

1.406931766s ago: executing program 0 (id=1272):
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/tty45\x00', 0x201, 0x0)
ioctl$auto_TIOCSTI2(r0, 0x5412, &(0x7f0000000140)="80ef")
landlock_create_ruleset$auto(&(0x7f0000000000)={0x9, 0x402, 0x7}, 0x6, 0x0)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/tty45\x00', 0x201, 0x0)
ioctl$auto_TIOCSTI2(r1, 0x5412, &(0x7f0000000000))
ioctl$auto_TIOCSTI2(r1, 0x5412, &(0x7f0000000100)="15")

1.110019888s ago: executing program 0 (id=1273):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
futex_wake$auto(&(0x7f0000000300)="194777f28f0f52354e1e", 0x1, 0x1, 0x200)
r0 = socket(0x10, 0x2, 0x0)
sendmsg$auto_IPVS_CMD_GET_SERVICE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x11e0}, 0x1, 0x0, 0x0, 0x90}, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB=']'], 0x1ac}}, 0x40000)
recvmmsg$auto(r0, &(0x7f0000000140)={{0x0, 0x4, &(0x7f0000000080)={0x0, 0x803}, 0x5, 0x0, 0x2, 0x8}, 0x800}, 0x10a, 0x8, 0x0)

1.094212545s ago: executing program 1 (id=1274):
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000)
socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
clone$auto(0x21, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
waitid$auto(0x0, 0x5c5, 0x0, 0x4, 0x0)

828.411882ms ago: executing program 0 (id=1275):
mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
fstat$auto(0x2, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x89fc, &(0x7f0000000040)={'bridge0\x00'})

552.388998ms ago: executing program 1 (id=1276):
sendmsg$auto_NL802154_CMD_SET_MAX_CSMA_BACKOFFS(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)={0x14, 0x0, 0x1, 0x70bd28, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x8044)
wait4$auto(0x0, 0x0, 0xf, &(0x7f0000000140)={{0x2599}, {0xffffffffffffffff, 0x1000000009}, 0x2, 0x800080000001, 0x1, 0x1000, 0x5, 0x7, 0x5, 0x5, 0xb11c, 0x8, 0xfffffffffffffffd, 0x7, 0xffff, 0x801c0000000})
sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d4000000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708003600", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c000180080003"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000)
sendmsg$auto_OVS_DP_CMD_DEL(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="01"], 0x14}, 0x1, 0x0, 0x0, 0x8044}, 0x4001090)
r0 = socket(0x10, 0x2, 0x4)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}}, 0x40000)

525.761489ms ago: executing program 0 (id=1277):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = memfd_create$auto(0x0, 0x4)
r1 = socket(0xa, 0x3, 0x3a)
statx$auto(r0, 0x0, 0x1000, 0xbdfc, 0x0)
setsockopt$auto(r1, 0x29, 0x14, 0x0, 0x56b)
setsockopt$auto(r1, 0x29, 0x15, 0x0, 0x52b)

290.945017ms ago: executing program 3 (id=1278):
mmap$auto(0x0, 0x100, 0x4000000000df, 0x80000000eb1, 0x401, 0x8000)
r0 = socket(0x10, 0x2, 0x0)
io_uring_setup$auto(0x4bf15e08, &(0x7f0000000000)={0x408, 0x3, 0x10101, 0x6fb7, 0x8a, 0x4, r0, [0x100, 0x7, 0x7f], {0x2, 0x7, 0x3034, 0xc, 0x8f, 0x3, 0x5, 0xfffffff9, 0x6}, {0x4000, 0xffffffff, 0x0, 0xbffff000, 0x8, 0x20b85, 0x5, 0x837, 0x8}})
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYBLOB='_\x00'], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

233.581923ms ago: executing program 1 (id=1279):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x2008000)
ioctl$auto(0x4000000000000c8, 0x800454cf, 0x3)
r0 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0)
ioctl$auto_IOCTL_VMCI_VERSION2(r0, 0x7a7, 0x0)
ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, 0x6)
ioctl$auto_IOCTL_VMCI_QUEUEPAIR_SETVA(r0, 0x7a4, 0x0)

227.600052ms ago: executing program 2 (id=1280):
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
read$auto(r0, 0x0, 0x20)
write$auto(0x3, 0x0, 0xfffffdef)

203.418865ms ago: executing program 0 (id=1281):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vbi18\x00', 0xc0400, 0x0)
close_range$auto(0x2, r0, 0x0)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
sendmsg$auto_TIPC_NL_NET_SET(r0, &(0x7f00000005c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x200444d4)

0s ago: executing program 3 (id=1282):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
pselect6$auto(0x9, &(0x7f0000000000)={[0x8, 0x4, 0x0, 0x6, 0x8001, 0xfffffffffffff000, 0xfff, 0x9, 0xcf1, 0x100000003, 0x8000000000000001, 0x0, 0x2f, 0x4002, 0x8000000000000002, 0xfffffffffffffffe]}, 0x0, 0x0, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.73' (ED25519) to the list of known hosts.
[   92.056428][ T5818] cgroup: Unknown subsys name 'net'
[   92.205629][ T5818] cgroup: Unknown subsys name 'cpuset'
[   92.216670][ T5818] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   94.051686][ T5818] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   96.414553][ T5834] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   96.423345][ T5838] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   96.432142][ T5838] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   96.439692][ T5838] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   96.449157][ T5838] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   96.457357][ T5839] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   96.480444][ T5839] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   96.488604][ T5839] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   96.509755][ T5838] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   96.510140][ T5839] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   96.524892][ T5843] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   96.525065][ T5844] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   96.542972][ T5839] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   96.544026][ T5843] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   96.558707][ T5843] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   96.567262][ T5843] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   96.575228][ T5843] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   96.587951][ T5843] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   96.600823][ T5845] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   96.613580][   T51] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   97.113007][ T5831] chnl_net:caif_netlink_parms(): no params data found
[   97.234846][ T5829] chnl_net:caif_netlink_parms(): no params data found
[   97.295068][ T5830] chnl_net:caif_netlink_parms(): no params data found
[   97.425401][ T5831] bridge0: port 1(bridge_slave_0) entered blocking state
[   97.433486][ T5831] bridge0: port 1(bridge_slave_0) entered disabled state
[   97.441100][ T5831] bridge_slave_0: entered allmulticast mode
[   97.448404][ T5831] bridge_slave_0: entered promiscuous mode
[   97.475478][ T5831] bridge0: port 2(bridge_slave_1) entered blocking state
[   97.482773][ T5831] bridge0: port 2(bridge_slave_1) entered disabled state
[   97.490035][ T5831] bridge_slave_1: entered allmulticast mode
[   97.497470][ T5831] bridge_slave_1: entered promiscuous mode
[   97.504667][ T5828] chnl_net:caif_netlink_parms(): no params data found
[   97.645701][ T5829] bridge0: port 1(bridge_slave_0) entered blocking state
[   97.652902][ T5829] bridge0: port 1(bridge_slave_0) entered disabled state
[   97.660588][ T5829] bridge_slave_0: entered allmulticast mode
[   97.668514][ T5829] bridge_slave_0: entered promiscuous mode
[   97.679513][ T5831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   97.692934][ T5831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   97.720585][ T5829] bridge0: port 2(bridge_slave_1) entered blocking state
[   97.728224][ T5829] bridge0: port 2(bridge_slave_1) entered disabled state
[   97.738009][ T5829] bridge_slave_1: entered allmulticast mode
[   97.745446][ T5829] bridge_slave_1: entered promiscuous mode
[   97.771868][ T5830] bridge0: port 1(bridge_slave_0) entered blocking state
[   97.779012][ T5830] bridge0: port 1(bridge_slave_0) entered disabled state
[   97.787118][ T5830] bridge_slave_0: entered allmulticast mode
[   97.794518][ T5830] bridge_slave_0: entered promiscuous mode
[   97.873415][ T5830] bridge0: port 2(bridge_slave_1) entered blocking state
[   97.880746][ T5830] bridge0: port 2(bridge_slave_1) entered disabled state
[   97.887921][ T5830] bridge_slave_1: entered allmulticast mode
[   97.896712][ T5830] bridge_slave_1: entered promiscuous mode
[   97.906961][ T5829] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   97.919700][ T5831] team0: Port device team_slave_0 added
[   97.926250][ T5828] bridge0: port 1(bridge_slave_0) entered blocking state
[   97.935771][ T5828] bridge0: port 1(bridge_slave_0) entered disabled state
[   97.943449][ T5828] bridge_slave_0: entered allmulticast mode
[   97.951034][ T5828] bridge_slave_0: entered promiscuous mode
[   97.974474][ T5829] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   98.001652][ T5831] team0: Port device team_slave_1 added
[   98.007799][ T5828] bridge0: port 2(bridge_slave_1) entered blocking state
[   98.015781][ T5828] bridge0: port 2(bridge_slave_1) entered disabled state
[   98.023435][ T5828] bridge_slave_1: entered allmulticast mode
[   98.031600][ T5828] bridge_slave_1: entered promiscuous mode
[   98.054052][ T5830] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   98.080647][ T5829] team0: Port device team_slave_0 added
[   98.119803][ T5830] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   98.132863][ T5829] team0: Port device team_slave_1 added
[   98.151860][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_0
[   98.158840][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   98.185606][ T5831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   98.236538][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_1
[   98.243906][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   98.270604][ T5831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   98.292458][ T5828] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   98.305916][ T5828] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   98.365202][ T5830] team0: Port device team_slave_0 added
[   98.373312][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_0
[   98.381097][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   98.407377][ T5829] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   98.446823][ T5830] team0: Port device team_slave_1 added
[   98.466114][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_1
[   98.473514][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   98.499515][ T5829] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   98.537905][ T5831] hsr_slave_0: entered promiscuous mode
[   98.545584][ T5831] hsr_slave_1: entered promiscuous mode
[   98.555679][ T5828] team0: Port device team_slave_0 added
[   98.579869][ T5828] team0: Port device team_slave_1 added
[   98.586558][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_0
[   98.593861][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   98.619828][ T5830] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   98.632507][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_1
[   98.639496][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   98.654649][ T5833] Bluetooth: hci3: command tx timeout
[   98.665534][   T51] Bluetooth: hci2: command tx timeout
[   98.671399][ T5833] Bluetooth: hci0: command tx timeout
[   98.676548][   T51] Bluetooth: hci1: command tx timeout
[   98.687623][ T5830] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   98.775546][ T5829] hsr_slave_0: entered promiscuous mode
[   98.782202][ T5829] hsr_slave_1: entered promiscuous mode
[   98.788288][ T5829] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   98.796147][ T5829] Cannot create hsr debugfs directory
[   98.856427][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_0
[   98.863487][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   98.890285][ T5828] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   98.943996][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_1
[   98.951081][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   98.978051][ T5828] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   98.994697][ T5830] hsr_slave_0: entered promiscuous mode
[   99.001486][ T5830] hsr_slave_1: entered promiscuous mode
[   99.007676][ T5830] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   99.015355][ T5830] Cannot create hsr debugfs directory
[   99.192264][ T5828] hsr_slave_0: entered promiscuous mode
[   99.198645][ T5828] hsr_slave_1: entered promiscuous mode
[   99.205614][ T5828] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   99.213796][ T5828] Cannot create hsr debugfs directory
[   99.486534][ T5831] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   99.501646][ T5831] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   99.551565][ T5831] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   99.588682][ T5831] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   99.654530][ T5829] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   99.667888][ T5829] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   99.679644][ T5829] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   99.708136][ T5829] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   99.794505][ T5828] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   99.813893][ T5828] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   99.847535][ T5828] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   99.858695][ T5828] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   99.952981][ T5830] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   99.983012][ T5830] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  100.002019][ T5830] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  100.021408][ T5830] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  100.038771][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0
[  100.146318][ T5831] 8021q: adding VLAN 0 to HW filter on device team0
[  100.163953][ T5829] 8021q: adding VLAN 0 to HW filter on device bond0
[  100.193443][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[  100.200938][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[  100.237641][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[  100.244886][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[  100.265705][ T5829] 8021q: adding VLAN 0 to HW filter on device team0
[  100.327050][ T2991] bridge0: port 1(bridge_slave_0) entered blocking state
[  100.334271][ T2991] bridge0: port 1(bridge_slave_0) entered forwarding state
[  100.356819][ T5828] 8021q: adding VLAN 0 to HW filter on device bond0
[  100.371505][ T2991] bridge0: port 2(bridge_slave_1) entered blocking state
[  100.378668][ T2991] bridge0: port 2(bridge_slave_1) entered forwarding state
[  100.463294][ T5828] 8021q: adding VLAN 0 to HW filter on device team0
[  100.480881][ T3010] bridge0: port 1(bridge_slave_0) entered blocking state
[  100.488015][ T3010] bridge0: port 1(bridge_slave_0) entered forwarding state
[  100.507976][ T5831] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  100.539061][ T3010] bridge0: port 2(bridge_slave_1) entered blocking state
[  100.546257][ T3010] bridge0: port 2(bridge_slave_1) entered forwarding state
[  100.584441][ T5830] 8021q: adding VLAN 0 to HW filter on device bond0
[  100.654075][ T5830] 8021q: adding VLAN 0 to HW filter on device team0
[  100.724084][ T2991] bridge0: port 1(bridge_slave_0) entered blocking state
[  100.730819][   T51] Bluetooth: hci0: command tx timeout
[  100.731310][ T2991] bridge0: port 1(bridge_slave_0) entered forwarding state
[  100.736570][   T51] Bluetooth: hci2: command tx timeout
[  100.745079][ T5845] Bluetooth: hci3: command tx timeout
[  100.750319][ T5833] Bluetooth: hci1: command tx timeout
[  100.807390][ T5828] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  100.844266][ T2991] bridge0: port 2(bridge_slave_1) entered blocking state
[  100.851505][ T2991] bridge0: port 2(bridge_slave_1) entered forwarding state
[  101.235885][ T5829] 8021q: adding VLAN 0 to HW filter on device batadv0
[  101.315131][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0
[  101.371624][ T5828] 8021q: adding VLAN 0 to HW filter on device batadv0
[  101.455700][ T5829] veth0_vlan: entered promiscuous mode
[  101.481806][ T5831] veth0_vlan: entered promiscuous mode
[  101.491588][ T5830] 8021q: adding VLAN 0 to HW filter on device batadv0
[  101.528390][ T5829] veth1_vlan: entered promiscuous mode
[  101.554012][ T5831] veth1_vlan: entered promiscuous mode
[  101.596579][ T5828] veth0_vlan: entered promiscuous mode
[  101.648566][ T5829] veth0_macvtap: entered promiscuous mode
[  101.659069][ T5828] veth1_vlan: entered promiscuous mode
[  101.675723][ T5829] veth1_macvtap: entered promiscuous mode
[  101.716451][ T5830] veth0_vlan: entered promiscuous mode
[  101.728364][ T5831] veth0_macvtap: entered promiscuous mode
[  101.744047][ T5831] veth1_macvtap: entered promiscuous mode
[  101.774163][ T5830] veth1_vlan: entered promiscuous mode
[  101.786594][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_0
[  101.817403][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_1
[  101.828242][ T5828] veth0_macvtap: entered promiscuous mode
[  101.849365][ T5829] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  101.860064][ T5829] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  101.868837][ T5829] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  101.878102][ T5829] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  101.893344][ T5828] veth1_macvtap: entered promiscuous mode
[  101.904388][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0
[  101.942481][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1
[  101.954770][ T5830] veth0_macvtap: entered promiscuous mode
[  101.979224][ T5831] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  101.988364][ T5831] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  101.997739][ T5831] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  102.007117][ T5831] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  102.022542][ T5830] veth1_macvtap: entered promiscuous mode
[  102.050343][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_0
[  102.064605][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_1
[  102.095801][ T5828] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  102.105535][ T5828] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  102.117108][ T5828] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  102.125959][ T5828] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  102.176772][  T920] cfg80211: failed to load regulatory.db
[  102.192299][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_0
[  102.242081][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_1
[  102.286155][ T3010] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  102.287994][ T5830] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  102.305393][ T3010] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  102.308980][ T5830] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  102.325083][ T5830] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  102.336426][ T5830] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  102.415405][ T3010] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  102.427190][ T3010] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  102.470227][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  102.478122][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  102.523426][ T3010] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  102.531933][ T3010] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  102.588045][ T2991] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  102.613024][ T2991] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  102.669654][ T5829] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  102.704235][   T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  102.714196][   T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  102.761512][ T2970] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  102.801986][ T2970] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  102.810183][ T5833] Bluetooth: hci1: command tx timeout
[  102.810711][   T51] Bluetooth: hci2: command tx timeout
[  102.815622][ T5833] Bluetooth: hci0: command tx timeout
[  102.821595][ T5839] Bluetooth: hci3: command tx timeout
[  102.916641][ T5924] =======================================================
[  102.916641][ T5924] WARNING: The mand mount option has been deprecated and
[  102.916641][ T5924]          and is ignored by this kernel. Remove the mand
[  102.916641][ T5924]          option from the mount to silence this warning.
[  102.916641][ T5924] =======================================================
[  103.008504][   T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  103.058808][   T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  103.182282][ T5928] random: crng reseeded on system resumption
[  103.927117][ T5948] syz.1.12 uses obsolete (PF_INET,SOCK_PACKET)
[  104.890615][   T51] Bluetooth: hci0: command tx timeout
[  104.896173][ T5839] Bluetooth: hci1: command tx timeout
[  104.902375][ T5845] Bluetooth: hci2: command tx timeout
[  104.904549][ T5833] Bluetooth: hci3: command tx timeout
[  106.163896][ T5987] overlayfs: missing 'lowerdir'
[  106.173170][ T5985] netlink: 342 bytes leftover after parsing attributes in process `syz.3.28'.
[  106.218700][ T5985] Zero length message leads to an empty skb
[  106.704570][ T5997] tipc: Started in network mode
[  106.713527][ T5997] tipc: Node identity ee00, cluster identity 4711
[  106.725102][ T5997] tipc: Node number set to 60928
[  108.554142][ T6033] netlink: 19 bytes leftover after parsing attributes in process `syz.2.46'.
[  109.070366][ T6048] capability: warning: `syz.2.51' uses 32-bit capabilities (legacy support in use)
[  110.569770][ T6090] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  112.138880][ T6120] netlink: 354 bytes leftover after parsing attributes in process `syz.3.83'.
[  114.137147][ T6172] sock: sock_timestamping_bind_phc: sock not bind to device
[  117.214130][ T2991] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.463879][ T2991] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.622851][ T2991] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.844974][ T2991] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  118.264159][ T2991] bridge_slave_1: left allmulticast mode
[  118.270897][ T2991] bridge_slave_1: left promiscuous mode
[  118.281974][ T2991] bridge0: port 2(bridge_slave_1) entered disabled state
[  118.319656][   T51] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  118.328843][   T51] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  118.336790][   T51] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  118.345140][   T51] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  118.353046][   T51] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  118.391901][ T2991] bridge_slave_0: left allmulticast mode
[  118.426399][ T2991] bridge_slave_0: left promiscuous mode
[  118.442473][ T2991] bridge0: port 1(bridge_slave_0) entered disabled state
[  119.410690][ T2991] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  119.464439][ T2991] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  119.525105][ T2991] bond0 (unregistering): Released all slaves
[  119.802698][ T5922] smpboot: CPU 0 is now offline
[  120.410346][ T5833] Bluetooth: hci1: command tx timeout
[  120.594667][ T2991] hsr_slave_0: left promiscuous mode
[  120.645646][ T2991] hsr_slave_1: left promiscuous mode
[  120.711242][ T2991] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  120.778813][ T2991] batman_adv: batadv0: Removing interface: batadv_slave_0
[  120.873149][ T2991] batman_adv: batadv0: Interface deactivated: batadv_slave_1

syzkaller
syzkaller login: [  120.930065][ T2991] batman_adv: batadv0: Removing interface: batadv_slave_1
[  121.112244][ T2991] veth1_macvtap: left promiscuous mode
[  121.118038][ T2991] veth0_macvtap: left promiscuous mode
[  121.225992][ T2991] veth1_vlan: left promiscuous mode
[  121.271122][ T2991] veth0_vlan: left promiscuous mode
[  122.162502][ T6325] mtrr: base(0x100000000) is not aligned on a size(0x0000) boundary
[  122.490755][   T51] Bluetooth: hci1: command tx timeout
[  123.731761][ T2991] team0 (unregistering): Port device team_slave_1 removed
[  124.025008][ T2991] team0 (unregistering): Port device team_slave_0 removed
[  124.571945][   T51] Bluetooth: hci1: command tx timeout
[  125.497712][ T6382] random: crng reseeded on system resumption
[  126.104534][ T6245] chnl_net:caif_netlink_parms(): no params data found
[  126.650292][   T51] Bluetooth: hci1: command tx timeout
[  126.861394][ T6245] bridge0: port 1(bridge_slave_0) entered blocking state
[  126.882966][ T6245] bridge0: port 1(bridge_slave_0) entered disabled state
[  126.930546][ T6245] bridge_slave_0: entered allmulticast mode
[  126.937902][ T6245] bridge_slave_0: entered promiscuous mode
[  127.050794][ T6245] bridge0: port 2(bridge_slave_1) entered blocking state
[  127.113370][ T6245] bridge0: port 2(bridge_slave_1) entered disabled state
[  127.162468][ T6245] bridge_slave_1: entered allmulticast mode
[  127.211459][ T6245] bridge_slave_1: entered promiscuous mode
[  127.379301][ T6424] netlink: 4 bytes leftover after parsing attributes in process `syz.1.197'.
[  127.473287][ T6245] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  127.566206][ T6245] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  127.833213][ T6245] team0: Port device team_slave_0 added
[  127.873811][ T6245] team0: Port device team_slave_1 added
[  128.097228][ T6245] batman_adv: batadv0: Adding interface: batadv_slave_0
[  128.152201][ T6245] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  128.290661][ T6245] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  128.381536][ T6245] batman_adv: batadv0: Adding interface: batadv_slave_1
[  128.388535][ T6245] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  128.577626][ T6245] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  128.813429][ T6245] hsr_slave_0: entered promiscuous mode
[  128.862344][ T6245] hsr_slave_1: entered promiscuous mode
[  128.885489][ T6245] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  128.935563][ T6245] Cannot create hsr debugfs directory
[  129.089605][ T6454] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  130.840265][ T6488] mmap: syz.3.219 (6488) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  131.281051][ T6245] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  131.333504][ T6245] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  131.436182][ T6245] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  131.545509][ T6245] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  132.047058][ T6245] 8021q: adding VLAN 0 to HW filter on device bond0
[  132.157750][ T6245] 8021q: adding VLAN 0 to HW filter on device team0
[  132.232985][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  132.240167][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  132.369095][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  132.376299][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  133.327212][ T6542] usb usb28: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  133.687758][ T6245] 8021q: adding VLAN 0 to HW filter on device batadv0
[  134.064098][ T6245] veth0_vlan: entered promiscuous mode
[  134.147923][ T6245] veth1_vlan: entered promiscuous mode
[  134.349108][ T6245] veth0_macvtap: entered promiscuous mode
[  134.449410][ T6245] veth1_macvtap: entered promiscuous mode
[  134.592617][ T6245] batman_adv: batadv0: Interface activated: batadv_slave_0
[  134.661672][ T6245] batman_adv: batadv0: Interface activated: batadv_slave_1
[  134.736646][ T6245] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  134.812400][ T6245] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  134.853886][ T6245] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  134.907730][ T6245] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  135.280416][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  135.347350][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  135.483222][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  135.554218][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  136.215574][ T6601] netlink: 28 bytes leftover after parsing attributes in process `syz.1.249'.
[  137.689410][ T6609] Loading of unsigned module is rejected
[  139.811256][ T6650] kexec: Could not allocate control_code_buffer
[  140.130533][ T6670] netlink: 28 bytes leftover after parsing attributes in process `syz.1.270'.
[  140.166170][ T6670] ipvlan0: entered allmulticast mode
[  140.203054][ T6670] veth0_vlan: entered allmulticast mode
[  141.858218][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  141.866937][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  142.482725][ T6708] ptrace attach of "./syz-executor exec"[5831] was attempted by ""[6708]
[  143.679645][ T6728] netlink: 294 bytes leftover after parsing attributes in process `syz.0.295'.
[  146.848398][ T6775] netlink: 342 bytes leftover after parsing attributes in process `syz.0.314'.
[  152.781505][ T6876] netlink: 8 bytes leftover after parsing attributes in process `syz.1.355'.
[  153.793390][ T6893] FAULT_INJECTION: forcing a failure.
[  153.793390][ T6893] name failslab, interval 1, probability 0, space 0, times 1
[  153.890767][ T6893] CPU: 1 UID: 0 PID: 6893 Comm: syz.0.362 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) 
[  153.890802][ T6893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  153.890818][ T6893] Call Trace:
[  153.890826][ T6893]  <TASK>
[  153.890838][ T6893]  dump_stack_lvl+0x16c/0x1f0
[  153.890900][ T6893]  should_fail_ex+0x512/0x640
[  153.890935][ T6893]  ? fs_reclaim_acquire+0xae/0x150
[  153.890967][ T6893]  should_failslab+0xc2/0x120
[  153.890989][ T6893]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  153.891038][ T6893]  ? ext4_init_io_end+0x24/0x170
[  153.891066][ T6893]  ext4_init_io_end+0x24/0x170
[  153.891089][ T6893]  ext4_do_writepages+0x985/0x3490
[  153.891126][ T6893]  ? lock_acquire+0x179/0x350
[  153.891155][ T6893]  ? find_held_lock+0x2b/0x80
[  153.891189][ T6893]  ? __pfx_ext4_do_writepages+0x10/0x10
[  153.891237][ T6893]  ? ext4_writepages+0x37a/0x7d0
[  153.891268][ T6893]  ext4_writepages+0x37a/0x7d0
[  153.891301][ T6893]  ? __pfx_ext4_writepages+0x10/0x10
[  153.891344][ T6893]  ? do_writepages+0x4b7/0x600
[  153.891374][ T6893]  ? __pfx_ext4_writepages+0x10/0x10
[  153.891414][ T6893]  do_writepages+0x27a/0x600
[  153.891445][ T6893]  ? __pfx_do_writepages+0x10/0x10
[  153.891472][ T6893]  ? do_raw_spin_unlock+0x172/0x230
[  153.891507][ T6893]  ? _raw_spin_unlock+0x28/0x50
[  153.891540][ T6893]  filemap_fdatawrite_wbc+0x104/0x160
[  153.891572][ T6893]  __filemap_fdatawrite_range+0xb2/0xf0
[  153.891608][ T6893]  ? __pfx___filemap_fdatawrite_range+0x10/0x10
[  153.891644][ T6893]  ? __lock_acquire+0x622/0x1c90
[  153.891721][ T6893]  file_write_and_wait_range+0xca/0x140
[  153.891761][ T6893]  ext4_sync_file+0x310/0xf10
[  153.891791][ T6893]  ? __pfx___up_read+0x10/0x10
[  153.891831][ T6893]  ? __pfx_ext4_sync_file+0x10/0x10
[  153.891858][ T6893]  vfs_fsync_range+0x136/0x220
[  153.891914][ T6893]  __do_sys_msync+0x3cb/0x5c0
[  153.891956][ T6893]  do_syscall_64+0xcd/0x490
[  153.891995][ T6893]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.892019][ T6893] RIP: 0033:0x7f936678e929
[  153.892041][ T6893] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  153.892076][ T6893] RSP: 002b:00007f93675f0038 EFLAGS: 00000246 ORIG_RAX: 000000000000001a
[  153.892100][ T6893] RAX: ffffffffffffffda RBX: 00007f93669b5fa0 RCX: 00007f936678e929
[  153.892115][ T6893] RDX: 0000000400000004 RSI: 0180000000000000 RDI: 000000001ffff000
[  153.892130][ T6893] RBP: 00007f9366810b39 R08: 0000000000000000 R09: 0000000000000000
[  153.892143][ T6893] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  153.892156][ T6893] R13: 0000000000000000 R14: 00007f93669b5fa0 R15: 00007ffceee436f8
[  153.892185][ T6893]  </TASK>
[  156.997750][ T6938] process 'syz.2.382' launched '/dev/fd/4' with NULL argv: empty string added
[  157.658641][ T6943] zswap: compressor 000 not available
[  159.897040][ T6995] binder: 6991:6995 ioctl c0306201 0 returned -14
[  160.455070][ T7008] netlink: 330 bytes leftover after parsing attributes in process `syz.2.408'.
[  160.835538][ T7011] qrtr: Invalid version 0
[  162.685536][ T7065] netlink: 342 bytes leftover after parsing attributes in process `syz.0.433'.
[  163.598135][ T7046] kexec: Could not allocate control_code_buffer
[  165.603435][ T7117] netlink: 'syz.1.453': attribute type 1 has an invalid length.
[  167.836885][   T51] Bluetooth: hci1: Malformed Event: 0x02
[  169.392658][ T7181] nbd: socks must be embedded in a SOCK_ITEM attr
[  169.437551][ T7181] block nbd1: shutting down sockets
[  170.704007][ T7174] kexec: Could not allocate control_code_buffer
[  172.839713][ T7239] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  174.194639][ T7226] kexec: Could not allocate control_code_buffer
[  176.873548][ T7310] netlink: 346 bytes leftover after parsing attributes in process `syz.0.528'.
[  182.435123][ T7401] netlink: 334 bytes leftover after parsing attributes in process `syz.3.559'.
[  182.612236][ T7405] nbd: socks must be embedded in a SOCK_ITEM attr
[  182.693059][ T7405] block nbd1: shutting down sockets
[  183.341346][   T51] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260
[  183.341378][   T51] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260
[  183.356613][   T51] Bluetooth: hci2: Unknown advertising packet type: 0x7f
[  183.356666][   T51] Bluetooth: hci2: adv larger than maximum supported
[  183.364224][   T51] Bluetooth: hci2: adv larger than maximum supported
[  183.372947][   T51] Bluetooth: hci2: Malformed LE Event: 0x0d
[  186.394786][ T7472] lo: entered allmulticast mode
[  186.475522][ T7474] lo: left allmulticast mode
[  188.714749][ T7512] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8
[  188.797701][ T7516] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8
[  189.643201][ T7533] netlink: 40 bytes leftover after parsing attributes in process `syz.1.613'.
[  189.911585][ T7537] netlink: 28 bytes leftover after parsing attributes in process `syz.3.615'.
[  189.983593][ T7541] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[  192.165466][ T7591] netlink: 28 bytes leftover after parsing attributes in process `syz.0.638'.
[  192.232596][ T7591] vlan1: entered allmulticast mode
[  192.269494][ T7591] veth0_vlan: entered allmulticast mode
[  196.133219][ T7654] netlink: 342 bytes leftover after parsing attributes in process `syz.2.662'.
[  196.477603][ T7659] netlink: 'syz.2.663': attribute type 11 has an invalid length.
[  197.669815][ T7683] netlink: 346 bytes leftover after parsing attributes in process `syz.3.670'.
[  198.701631][ T7702] netlink: 28 bytes leftover after parsing attributes in process `syz.3.677'.
[  198.773349][ T7702] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  198.820258][ T7702] batman_adv: batadv0: Removing interface: batadv_slave_0
[  198.896965][ T7702] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  198.957223][ T7702] batman_adv: batadv0: Removing interface: batadv_slave_1
[  200.045586][ T7730] netlink: 350 bytes leftover after parsing attributes in process `syz.0.684'.
[  203.487913][ T7806] netlink: 28 bytes leftover after parsing attributes in process `syz.3.712'.
[  203.948113][   T51] Bluetooth: hci2: unexpected event 0x03 length: 725 > 11
[  204.244969][ T7823] netlink: 28 bytes leftover after parsing attributes in process `syz.1.719'.
[  204.575280][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  204.581928][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  204.917892][ T7833] sd 0:0:1:0: PR command failed: 1026
[  204.968588][ T7833] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  205.000738][ T7833] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  205.154295][ T7839] netlink: 326 bytes leftover after parsing attributes in process `syz.1.727'.
[  206.951896][ T7873] netlink: 74 bytes leftover after parsing attributes in process `syz.2.739'.
[  207.421896][   T30] audit: type=1326 audit(1751545538.279:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7885 comm="syz.3.744" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f8fcb78e929 code=0x0
[  207.890941][ T7859] kexec: Could not allocate control_code_buffer
[  208.235890][ T7900] netlink: 342 bytes leftover after parsing attributes in process `syz.0.748'.
[  208.397019][ T7903] FAULT_INJECTION: forcing a failure.
[  208.397019][ T7903] name failslab, interval 1, probability 0, space 0, times 0
[  208.475201][ T7903] CPU: 1 UID: 0 PID: 7903 Comm: syz.3.749 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) 
[  208.475234][ T7903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  208.475248][ T7903] Call Trace:
[  208.475256][ T7903]  <TASK>
[  208.475267][ T7903]  dump_stack_lvl+0x16c/0x1f0
[  208.475309][ T7903]  should_fail_ex+0x512/0x640
[  208.475342][ T7903]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  208.475375][ T7903]  should_failslab+0xc2/0x120
[  208.475397][ T7903]  __kmalloc_cache_noprof+0x6a/0x3e0
[  208.475426][ T7903]  ? _raw_spin_unlock+0x28/0x50
[  208.475456][ T7903]  ? snd_rawmidi_open+0x3c3/0xbf0
[  208.475490][ T7903]  snd_rawmidi_open+0x3c3/0xbf0
[  208.475525][ T7903]  ? __pfx_snd_rawmidi_open+0x10/0x10
[  208.475561][ T7903]  ? kobject_get_unless_zero+0x156/0x1e0
[  208.475586][ T7903]  ? __pfx_snd_rawmidi_open+0x10/0x10
[  208.475615][ T7903]  snd_open+0x1fe/0x450
[  208.475636][ T7903]  ? __pfx_snd_open+0x10/0x10
[  208.475655][ T7903]  chrdev_open+0x231/0x6a0
[  208.475690][ T7903]  ? __pfx_apparmor_file_open+0x10/0x10
[  208.475719][ T7903]  ? __pfx_chrdev_open+0x10/0x10
[  208.475757][ T7903]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  208.475792][ T7903]  do_dentry_open+0x744/0x1c10
[  208.475826][ T7903]  ? __pfx_chrdev_open+0x10/0x10
[  208.475867][ T7903]  vfs_open+0x82/0x3f0
[  208.475894][ T7903]  path_openat+0x1de4/0x2cb0
[  208.475937][ T7903]  ? __pfx_path_openat+0x10/0x10
[  208.475971][ T7903]  ? __lock_acquire+0xb8a/0x1c90
[  208.476004][ T7903]  do_filp_open+0x20b/0x470
[  208.476039][ T7903]  ? __pfx_do_filp_open+0x10/0x10
[  208.476111][ T7903]  ? alloc_fd+0x471/0x7d0
[  208.476152][ T7903]  do_sys_openat2+0x11b/0x1d0
[  208.476183][ T7903]  ? __pfx_do_sys_openat2+0x10/0x10
[  208.476221][ T7903]  __x64_sys_openat+0x174/0x210
[  208.476248][ T7903]  ? __pfx___x64_sys_openat+0x10/0x10
[  208.476287][ T7903]  do_syscall_64+0xcd/0x490
[  208.476327][ T7903]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  208.476351][ T7903] RIP: 0033:0x7f8fcb78e929
[  208.476370][ T7903] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  208.476393][ T7903] RSP: 002b:00007f8fcc5f8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  208.476415][ T7903] RAX: ffffffffffffffda RBX: 00007f8fcb9b5fa0 RCX: 00007f8fcb78e929
[  208.476430][ T7903] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  208.476444][ T7903] RBP: 00007f8fcb810b39 R08: 0000000000000000 R09: 0000000000000000
[  208.476458][ T7903] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  208.476472][ T7903] R13: 0000000000000000 R14: 00007f8fcb9b5fa0 R15: 00007fff6674acb8
[  208.476501][ T7903]  </TASK>
[  210.120491][ T7925] netlink: 342 bytes leftover after parsing attributes in process `syz.2.759'.
[  210.358763][ T7929] netlink: 'syz.1.769': attribute type 15 has an invalid length.
[  210.555029][ T7934] FAULT_INJECTION: forcing a failure.
[  210.555029][ T7934] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  210.585149][ T7935] netlink: 130 bytes leftover after parsing attributes in process `syz.0.762'.
[  210.626235][ T7934] CPU: 1 UID: 0 PID: 7934 Comm: syz.3.763 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) 
[  210.626268][ T7934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  210.626282][ T7934] Call Trace:
[  210.626289][ T7934]  <TASK>
[  210.626298][ T7934]  dump_stack_lvl+0x16c/0x1f0
[  210.626339][ T7934]  should_fail_ex+0x512/0x640
[  210.626377][ T7934]  should_fail_alloc_page+0xe7/0x130
[  210.626401][ T7934]  prepare_alloc_pages+0x3c2/0x610
[  210.626429][ T7934]  ? rcu_is_watching+0x12/0xc0
[  210.626455][ T7934]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  210.626492][ T7934]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  210.626520][ T7934]  ? is_bpf_text_address+0x94/0x1a0
[  210.626553][ T7934]  ? kernel_text_address+0x8d/0x100
[  210.626589][ T7934]  ? __kernel_text_address+0xd/0x40
[  210.626625][ T7934]  ? unwind_get_return_address+0x59/0xa0
[  210.626661][ T7934]  ? arch_stack_walk+0xa6/0x100
[  210.626701][ T7934]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  210.626747][ T7934]  ? stack_depot_save_flags+0x28/0xa40
[  210.626782][ T7934]  ? stack_trace_save+0x8e/0xc0
[  210.626806][ T7934]  ? __pfx_stack_trace_save+0x10/0x10
[  210.626833][ T7934]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  210.626871][ T7934]  ? policy_nodemask+0xea/0x4e0
[  210.626912][ T7934]  alloc_pages_mpol+0x1fb/0x550
[  210.626935][ T7934]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  210.626965][ T7934]  alloc_pages_noprof+0x131/0x390
[  210.626987][ T7934]  kimage_alloc_pages+0x75/0x350
[  210.627026][ T7934]  kimage_alloc_control_pages+0x153/0xa00
[  210.627080][ T7934]  ? __pfx_kimage_alloc_control_pages+0x10/0x10
[  210.627128][ T7934]  do_kexec_load+0x480/0x8d0
[  210.627151][ T7934]  ? __pfx_do_kexec_load+0x10/0x10
[  210.627177][ T7934]  ? _copy_from_user+0x59/0xd0
[  210.627217][ T7934]  __x64_sys_kexec_load+0x1bf/0x230
[  210.627243][ T7934]  do_syscall_64+0xcd/0x490
[  210.627293][ T7934]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.627316][ T7934] RIP: 0033:0x7f8fcb78e929
[  210.627334][ T7934] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  210.627355][ T7934] RSP: 002b:00007f8fcc5f8038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6
[  210.627376][ T7934] RAX: ffffffffffffffda RBX: 00007f8fcb9b5fa0 RCX: 00007f8fcb78e929
[  210.627390][ T7934] RDX: 0000200000000040 RSI: 0000000000000002 RDI: 0000000000000005
[  210.627404][ T7934] RBP: 00007f8fcb810b39 R08: 0000000000000000 R09: 0000000000000000
[  210.627417][ T7934] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000
[  210.627430][ T7934] R13: 0000000000000000 R14: 00007f8fcb9b5fa0 R15: 00007fff6674acb8
[  210.627458][ T7934]  </TASK>
[  210.628288][ T7934] kexec: Could not allocate control_code_buffer
[  211.360950][ T7946] netlink: 342 bytes leftover after parsing attributes in process `syz.2.767'.
[  212.750276][ T7975] random: crng reseeded on system resumption
[  212.756821][ T7973] netlink: 'syz.1.782': attribute type 3 has an invalid length.
[  212.920366][ T7980] FAULT_INJECTION: forcing a failure.
[  212.920366][ T7980] name failslab, interval 1, probability 0, space 0, times 0
[  212.982062][ T7980] CPU: 1 UID: 0 PID: 7980 Comm: syz.3.784 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) 
[  212.982096][ T7980] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  212.982110][ T7980] Call Trace:
[  212.982117][ T7980]  <TASK>
[  212.982126][ T7980]  dump_stack_lvl+0x16c/0x1f0
[  212.982167][ T7980]  should_fail_ex+0x512/0x640
[  212.982201][ T7980]  ? fs_reclaim_acquire+0xae/0x150
[  212.982230][ T7980]  ? tomoyo_open_control+0x51f/0xa30
[  212.982266][ T7980]  should_failslab+0xc2/0x120
[  212.982288][ T7980]  __kmalloc_noprof+0xd2/0x510
[  212.982330][ T7980]  tomoyo_open_control+0x51f/0xa30
[  212.982372][ T7980]  do_dentry_open+0x744/0x1c10
[  212.982407][ T7980]  ? __pfx_tomoyo_open+0x10/0x10
[  212.982445][ T7980]  vfs_open+0x82/0x3f0
[  212.982473][ T7980]  path_openat+0x1de4/0x2cb0
[  212.982517][ T7980]  ? __pfx_path_openat+0x10/0x10
[  212.982552][ T7980]  ? __lock_acquire+0xb8a/0x1c90
[  212.982586][ T7980]  do_filp_open+0x20b/0x470
[  212.982621][ T7980]  ? __pfx_do_filp_open+0x10/0x10
[  212.982675][ T7980]  ? alloc_fd+0x471/0x7d0
[  212.982714][ T7980]  do_sys_openat2+0x11b/0x1d0
[  212.982740][ T7980]  ? __pfx_do_sys_openat2+0x10/0x10
[  212.982777][ T7980]  __x64_sys_openat+0x174/0x210
[  212.982803][ T7980]  ? __pfx___x64_sys_openat+0x10/0x10
[  212.982841][ T7980]  do_syscall_64+0xcd/0x490
[  212.982887][ T7980]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  212.982911][ T7980] RIP: 0033:0x7f8fcb78e929
[  212.982929][ T7980] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  212.982951][ T7980] RSP: 002b:00007f8fcc5f8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  212.982984][ T7980] RAX: ffffffffffffffda RBX: 00007f8fcb9b5fa0 RCX: 00007f8fcb78e929
[  212.982999][ T7980] RDX: 00000000000c0802 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  212.983014][ T7980] RBP: 00007f8fcb810b39 R08: 0000000000000000 R09: 0000000000000000
[  212.983027][ T7980] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  212.983041][ T7980] R13: 0000000000000000 R14: 00007f8fcb9b5fa0 R15: 00007fff6674acb8
[  212.983069][ T7980]  </TASK>
[  213.629481][ T7986] netlink: 28 bytes leftover after parsing attributes in process `syz.2.794'.
[  215.413023][ T8010] netlink: 4 bytes leftover after parsing attributes in process `syz.3.796'.
[  216.207005][ T8019] zswap: compressor  not available
[  216.504694][ T8034] netlink: 'syz.3.805': attribute type 21 has an invalid length.
[  216.546061][ T8034] netlink: 334 bytes leftover after parsing attributes in process `syz.3.805'.
[  217.145067][ T8045] netlink: 334 bytes leftover after parsing attributes in process `syz.2.811'.
[  217.823625][ T8057] netlink: 4 bytes leftover after parsing attributes in process `syz.3.816'.
[  217.890593][ T8060] netlink: 4 bytes leftover after parsing attributes in process `syz.1.817'.
[  219.291625][   T30] audit: type=1806 audit(1751545550.139:3): xattr="0x00060000" res=-22
[  219.347749][ T8082] FAULT_INJECTION: forcing a failure.
[  219.347749][ T8082] name failslab, interval 1, probability 0, space 0, times 0
[  219.399966][ T8082] CPU: 1 UID: 0 PID: 8082 Comm: syz.3.828 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) 
[  219.400000][ T8082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  219.400013][ T8082] Call Trace:
[  219.400021][ T8082]  <TASK>
[  219.400029][ T8082]  dump_stack_lvl+0x16c/0x1f0
[  219.400069][ T8082]  should_fail_ex+0x512/0x640
[  219.400103][ T8082]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  219.400141][ T8082]  should_failslab+0xc2/0x120
[  219.400163][ T8082]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  219.400197][ T8082]  ? d_instantiate+0x77/0x90
[  219.400233][ T8082]  ? alloc_empty_file+0x55/0x1e0
[  219.400261][ T8082]  alloc_empty_file+0x55/0x1e0
[  219.400285][ T8082]  alloc_file_pseudo+0x13a/0x230
[  219.400311][ T8082]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  219.400336][ T8082]  ? tipc_sk_finish_conn+0x580/0x790
[  219.400364][ T8082]  sock_alloc_file+0x50/0x210
[  219.400387][ T8082]  __sys_socketpair+0x34e/0x5a0
[  219.400417][ T8082]  ? __pfx___sys_socketpair+0x10/0x10
[  219.400451][ T8082]  ? fput+0x70/0xf0
[  219.400473][ T8082]  ? xfd_validate_state+0x61/0x180
[  219.400505][ T8082]  ? __pfx_do_writev+0x10/0x10
[  219.400540][ T8082]  __x64_sys_socketpair+0x96/0x100
[  219.400568][ T8082]  ? lockdep_hardirqs_on+0x7c/0x110
[  219.400602][ T8082]  do_syscall_64+0xcd/0x490
[  219.400640][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  219.400663][ T8082] RIP: 0033:0x7f8fcb78e929
[  219.400680][ T8082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  219.400702][ T8082] RSP: 002b:00007f8fcc5f8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
[  219.400722][ T8082] RAX: ffffffffffffffda RBX: 00007f8fcb9b5fa0 RCX: 00007f8fcb78e929
[  219.400737][ T8082] RDX: 8000000000000000 RSI: 0000000000000005 RDI: 000000000000001e
[  219.400751][ T8082] RBP: 00007f8fcb810b39 R08: 0000000000000000 R09: 0000000000000000
[  219.400764][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  219.400777][ T8082] R13: 0000000000000000 R14: 00007f8fcb9b5fa0 R15: 00007fff6674acb8
[  219.400804][ T8082]  </TASK>
[  219.979902][ T8098] i2c i2c-0: dvb_frontend_start: failed to start kthread (-4)
[  220.282160][ T8109] sctp: [Deprecated]: syz.3.836 (pid 8109) Use of int in max_burst socket option deprecated.
[  220.282160][ T8109] Use struct sctp_assoc_value instead
[  222.121968][ T5843] Bluetooth: hci2: command 0x0406 tx timeout
[  222.122015][ T5843] Bluetooth: hci3: command 0x0406 tx timeout
[  222.122046][ T5843] Bluetooth: hci0: command 0x0406 tx timeout
[  222.700775][ T8151] netlink: 28 bytes leftover after parsing attributes in process `syz.1.853'.
[  222.814218][ T8155] netlink: 28 bytes leftover after parsing attributes in process `syz.2.855'.
[  222.897116][ T8151] team0: Port device team_slave_1 removed
[  224.625628][   T30] audit: type=1800 audit(1751545555.489:4): pid=8192 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.872" name="file0" dev="tmpfs" ino=1299 res=0 errno=0
[  224.851372][ T8199] netlink: 186 bytes leftover after parsing attributes in process `syz.2.873'.
[  224.897786][ T8198] FAULT_INJECTION: forcing a failure.
[  224.897786][ T8198] name failslab, interval 1, probability 0, space 0, times 0
[  224.961687][ T8198] CPU: 1 UID: 0 PID: 8198 Comm: syz.3.874 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) 
[  224.961721][ T8198] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  224.961735][ T8198] Call Trace:
[  224.961743][ T8198]  <TASK>
[  224.961751][ T8198]  dump_stack_lvl+0x16c/0x1f0
[  224.961791][ T8198]  should_fail_ex+0x512/0x640
[  224.961826][ T8198]  ? __kmalloc_noprof+0xbf/0x510
[  224.961864][ T8198]  ? __seq_open_private+0x22/0xd0
[  224.961890][ T8198]  should_failslab+0xc2/0x120
[  224.961912][ T8198]  __kmalloc_noprof+0xd2/0x510
[  224.961947][ T8198]  ? apparmor_file_open+0x1a1/0x9c0
[  224.961977][ T8198]  ? find_held_lock+0x2b/0x80
[  224.962002][ T8198]  __seq_open_private+0x22/0xd0
[  224.962030][ T8198]  sysvipc_proc_open+0x29/0x2d0
[  224.962061][ T8198]  ? __pfx_sysvipc_proc_open+0x10/0x10
[  224.962102][ T8198]  proc_reg_open+0x119/0x610
[  224.962139][ T8198]  do_dentry_open+0x744/0x1c10
[  224.962175][ T8198]  ? __pfx_proc_reg_open+0x10/0x10
[  224.962214][ T8198]  vfs_open+0x82/0x3f0
[  224.962254][ T8198]  path_openat+0x1de4/0x2cb0
[  224.962296][ T8198]  ? __pfx_path_openat+0x10/0x10
[  224.962341][ T8198]  ? __lock_acquire+0xb8a/0x1c90
[  224.962372][ T8198]  do_filp_open+0x20b/0x470
[  224.962402][ T8198]  ? __pfx_do_filp_open+0x10/0x10
[  224.962451][ T8198]  ? alloc_fd+0x471/0x7d0
[  224.962487][ T8198]  do_sys_openat2+0x11b/0x1d0
[  224.962509][ T8198]  ? __pfx_do_sys_openat2+0x10/0x10
[  224.962542][ T8198]  __x64_sys_openat+0x174/0x210
[  224.962566][ T8198]  ? __pfx___x64_sys_openat+0x10/0x10
[  224.962601][ T8198]  do_syscall_64+0xcd/0x490
[  224.962636][ T8198]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.962658][ T8198] RIP: 0033:0x7f8fcb78e929
[  224.962674][ T8198] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  224.962694][ T8198] RSP: 002b:00007f8fcc5f8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  224.962714][ T8198] RAX: ffffffffffffffda RBX: 00007f8fcb9b5fa0 RCX: 00007f8fcb78e929
[  224.962728][ T8198] RDX: 0000000000000082 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  224.962741][ T8198] RBP: 00007f8fcb810b39 R08: 0000000000000000 R09: 0000000000000000
[  224.962754][ T8198] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  224.962766][ T8198] R13: 0000000000000000 R14: 00007f8fcb9b5fa0 R15: 00007fff6674acb8
[  224.962792][ T8198]  </TASK>
[  225.204144][    C1] vkms_vblank_simulate: vblank timer overrun
[  226.213406][ T8214] netlink: 28 bytes leftover after parsing attributes in process `syz.1.876'.
[  226.931135][ T8226] netlink: 'syz.0.884': attribute type 64 has an invalid length.
[  226.938928][ T8226] netlink: 74 bytes leftover after parsing attributes in process `syz.0.884'.
[  229.562734][ T8272] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  229.862258][ T8281] netlink: 'syz.1.907': attribute type 15 has an invalid length.
[  229.897255][ T8281] netlink: 186 bytes leftover after parsing attributes in process `syz.1.907'.
[  230.922105][ T8302] netlink: 326 bytes leftover after parsing attributes in process `syz.0.914'.
[  231.030391][ T8306] netlink: 342 bytes leftover after parsing attributes in process `syz.2.916'.
[  231.583672][ T8313] netlink: 342 bytes leftover after parsing attributes in process `syz.0.920'.
[  231.858523][ T8322] netlink: 28 bytes leftover after parsing attributes in process `syz.3.925'.
[  232.087551][ T8328] FAULT_INJECTION: forcing a failure.
[  232.087551][ T8328] name failslab, interval 1, probability 0, space 0, times 0
[  232.179981][ T8328] CPU: 1 UID: 0 PID: 8328 Comm: syz.1.928 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) 
[  232.180015][ T8328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  232.180030][ T8328] Call Trace:
[  232.180037][ T8328]  <TASK>
[  232.180045][ T8328]  dump_stack_lvl+0x16c/0x1f0
[  232.180086][ T8328]  should_fail_ex+0x512/0x640
[  232.180119][ T8328]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  232.180153][ T8328]  should_failslab+0xc2/0x120
[  232.180174][ T8328]  __kmalloc_cache_noprof+0x6a/0x3e0
[  232.180205][ T8328]  ? alloc_tty_struct+0x96/0x8c0
[  232.180231][ T8328]  alloc_tty_struct+0x96/0x8c0
[  232.180253][ T8328]  ? __pfx_alloc_tty_struct+0x10/0x10
[  232.180283][ T8328]  pty_common_install+0x1c7/0xb30
[  232.180318][ T8328]  ? __pfx_pty_install+0x10/0x10
[  232.180348][ T8328]  tty_init_dev.part.0+0x9c/0x500
[  232.180372][ T8328]  tty_open+0xa50/0xf90
[  232.180398][ T8328]  ? __pfx_tty_open+0x10/0x10
[  232.180419][ T8328]  ? chrdev_open+0x58c/0x6a0
[  232.180458][ T8328]  ? __pfx_tty_open+0x10/0x10
[  232.180478][ T8328]  chrdev_open+0x231/0x6a0
[  232.180514][ T8328]  ? __pfx_chrdev_open+0x10/0x10
[  232.180551][ T8328]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  232.180607][ T8328]  do_dentry_open+0x744/0x1c10
[  232.180660][ T8328]  ? __pfx_chrdev_open+0x10/0x10
[  232.180708][ T8328]  vfs_open+0x82/0x3f0
[  232.180737][ T8328]  path_openat+0x1de4/0x2cb0
[  232.180782][ T8328]  ? __pfx_path_openat+0x10/0x10
[  232.180829][ T8328]  ? __lock_acquire+0xb8a/0x1c90
[  232.180863][ T8328]  do_filp_open+0x20b/0x470
[  232.180896][ T8328]  ? __pfx_do_filp_open+0x10/0x10
[  232.180950][ T8328]  ? alloc_fd+0x471/0x7d0
[  232.180988][ T8328]  do_sys_openat2+0x11b/0x1d0
[  232.181013][ T8328]  ? __pfx_do_sys_openat2+0x10/0x10
[  232.181054][ T8328]  __x64_sys_openat+0x174/0x210
[  232.181079][ T8328]  ? __pfx___x64_sys_openat+0x10/0x10
[  232.181117][ T8328]  do_syscall_64+0xcd/0x490
[  232.181156][ T8328]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  232.181179][ T8328] RIP: 0033:0x7f07d918e929
[  232.181197][ T8328] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  232.181218][ T8328] RSP: 002b:00007f07d6ff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  232.181239][ T8328] RAX: ffffffffffffffda RBX: 00007f07d93b5fa0 RCX: 00007f07d918e929
[  232.181254][ T8328] RDX: 0000000000000002 RSI: 0000200000000400 RDI: ffffffffffffff9c
[  232.181268][ T8328] RBP: 00007f07d9210b39 R08: 0000000000000000 R09: 0000000000000000
[  232.181281][ T8328] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  232.181294][ T8328] R13: 0000000000000000 R14: 00007f07d93b5fa0 R15: 00007ffcf8a15628
[  232.181323][ T8328]  </TASK>
[  232.472491][ T8331] netlink: 330 bytes leftover after parsing attributes in process `syz.2.929'.
[  232.844205][ T8340] netlink: 326 bytes leftover after parsing attributes in process `syz.3.933'.
[  235.204047][ T8377] [U]  
[  235.207023][ T8377] [U] 
[  235.209734][ T8377] [U] 
[  235.212454][ T8377] [U] 
[  235.347559][ T8377] [U] 
[  235.350316][ T8377] [U] 
[  235.353029][ T8377] [U] 
[  235.355741][ T8377] [U] 
[  235.404644][ T8387] program syz.2.952 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  235.432836][ T8377] [U] 
[  235.435590][ T8377] [U] 
[  235.438301][ T8377] [U] 
[  235.441015][ T8377] [U] 
[  235.547586][ T8377] [U] 
[  236.847504][ T8409] netlink: 342 bytes leftover after parsing attributes in process `syz.1.962'.
[  237.151600][ T8419] netlink: 'syz.1.966': attribute type 4 has an invalid length.
[  237.210067][ T8419] netlink: 314 bytes leftover after parsing attributes in process `syz.1.966'.
[  237.533327][ T8423] netlink: 'syz.1.968': attribute type 1 has an invalid length.
[  237.576619][ T8423] netlink: 322 bytes leftover after parsing attributes in process `syz.1.968'.
[  237.634301][ T8423] netlink: 'syz.1.968': attribute type 1 has an invalid length.
[  237.679885][ T8423] netlink: 322 bytes leftover after parsing attributes in process `syz.1.968'.
[  237.863049][ T8433] netlink: 334 bytes leftover after parsing attributes in process `syz.0.972'.
[  238.876857][ T8452] FAULT_INJECTION: forcing a failure.
[  238.876857][ T8452] name failslab, interval 1, probability 0, space 0, times 0
[  238.894648][ T8453] netlink: 4 bytes leftover after parsing attributes in process `syz.3.982'.
[  238.937639][ T8453] netlink: 354 bytes leftover after parsing attributes in process `syz.3.982'.
[  238.952646][ T8452] CPU: 1 UID: 0 PID: 8452 Comm: syz.0.981 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) 
[  238.952677][ T8452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  238.952691][ T8452] Call Trace:
[  238.952698][ T8452]  <TASK>
[  238.952706][ T8452]  dump_stack_lvl+0x16c/0x1f0
[  238.952745][ T8452]  should_fail_ex+0x512/0x640
[  238.952778][ T8452]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  238.952813][ T8452]  should_failslab+0xc2/0x120
[  238.952835][ T8452]  __kmalloc_cache_noprof+0x6a/0x3e0
[  238.952884][ T8452]  ? snd_pcm_oss_change_params_locked+0x211/0x3a30
[  238.952913][ T8452]  ? kasan_save_track+0x14/0x30
[  238.952950][ T8452]  snd_pcm_oss_change_params_locked+0x211/0x3a30
[  238.952980][ T8452]  ? rcu_is_watching+0x12/0xc0
[  238.953007][ T8452]  ? __mutex_lock+0x1ca/0xb90
[  238.953047][ T8452]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  238.953076][ T8452]  ? __pfx___mutex_lock+0x10/0x10
[  238.953119][ T8452]  ? __fsnotify_parent+0x24b/0xc40
[  238.953158][ T8452]  snd_pcm_oss_make_ready+0xe6/0x1b0
[  238.953185][ T8452]  ? __pfx_snd_pcm_oss_release+0x10/0x10
[  238.953211][ T8452]  snd_pcm_oss_sync+0x1de/0x840
[  238.953240][ T8452]  ? __pfx_snd_pcm_oss_release+0x10/0x10
[  238.953266][ T8452]  snd_pcm_oss_release+0x28b/0x310
[  238.953294][ T8452]  ? __pfx_snd_pcm_oss_release+0x10/0x10
[  238.953331][ T8452]  __fput+0x402/0xb70
[  238.953359][ T8452]  task_work_run+0x14d/0x240
[  238.953396][ T8452]  ? __pfx_task_work_run+0x10/0x10
[  238.953431][ T8452]  ? __pfx___do_sys_close_range+0x10/0x10
[  238.953472][ T8452]  exit_to_user_mode_loop+0xeb/0x110
[  238.953509][ T8452]  do_syscall_64+0x3f6/0x490
[  238.953554][ T8452]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  238.953577][ T8452] RIP: 0033:0x7f936678e929
[  238.953595][ T8452] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  238.953622][ T8452] RSP: 002b:00007f93675f0038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  238.953642][ T8452] RAX: 0000000000000000 RBX: 00007f93669b5fa0 RCX: 00007f936678e929
[  238.953656][ T8452] RDX: 0000000000000000 RSI: fffffffffffff000 RDI: 0000000000000000
[  238.953670][ T8452] RBP: 00007f9366810b39 R08: 0000000000000000 R09: 0000000000000000
[  238.953683][ T8452] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  238.953696][ T8452] R13: 0000000000000000 R14: 00007f93669b5fa0 R15: 00007ffceee436f8
[  238.953724][ T8452]  </TASK>
[  240.563649][ T8476] netlink: 342 bytes leftover after parsing attributes in process `syz.2.990'.
[  240.681320][ T8479] netlink: 8 bytes leftover after parsing attributes in process `syz.0.994'.
[  241.804918][ T8497] syz.0.1001 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  242.501515][ T5845] Bluetooth: hci1: command 0x0406 tx timeout
[  242.713828][ T8521] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1010'.
[  243.580055][ T8544] netlink: 74 bytes leftover after parsing attributes in process `syz.0.1015'.
[  245.816569][ T8584] sd 0:0:1:0: device reset
[  246.166036][ T8558] kexec: Could not allocate control_code_buffer
[  246.822401][ T8600] Loading of unsigned module is rejected
[  247.638003][ T8617] FAULT_INJECTION: forcing a failure.
[  247.638003][ T8617] name failslab, interval 1, probability 0, space 0, times 0
[  247.660136][ T8619] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1039'.
[  247.696076][ T8617] CPU: 1 UID: 0 PID: 8617 Comm: syz.3.1038 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) 
[  247.696130][ T8617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  247.696153][ T8617] Call Trace:
[  247.696161][ T8617]  <TASK>
[  247.696169][ T8617]  dump_stack_lvl+0x16c/0x1f0
[  247.696210][ T8617]  should_fail_ex+0x512/0x640
[  247.696244][ T8617]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  247.696279][ T8617]  should_failslab+0xc2/0x120
[  247.696301][ T8617]  __kmalloc_cache_noprof+0x6a/0x3e0
[  247.696332][ T8617]  ? vsnprintf+0x318/0x1160
[  247.696363][ T8617]  ? __alloc_workqueue+0xda2/0x1810
[  247.696397][ T8617]  __alloc_workqueue+0xda2/0x1810
[  247.696426][ T8617]  ? __pfx_vsnprintf+0x10/0x10
[  247.696459][ T8617]  ? lockdep_hardirqs_on+0x7c/0x110
[  247.696493][ T8617]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  247.696530][ T8617]  alloc_workqueue+0xd2/0x200
[  247.696558][ T8617]  ? __pfx_alloc_workqueue+0x10/0x10
[  247.696595][ T8617]  ? __pfx___debug_object_init+0x10/0x10
[  247.696627][ T8617]  nci_register_device+0x21e/0xb80
[  247.696661][ T8617]  ? __pfx_nci_register_device+0x10/0x10
[  247.696698][ T8617]  ? lockdep_init_map_type+0x5c/0x280
[  247.696744][ T8617]  virtual_ncidev_open+0x141/0x220
[  247.696775][ T8617]  ? __pfx_virtual_ncidev_open+0x10/0x10
[  247.696803][ T8617]  misc_open+0x35a/0x420
[  247.696832][ T8617]  ? __pfx_misc_open+0x10/0x10
[  247.696861][ T8617]  chrdev_open+0x231/0x6a0
[  247.696899][ T8617]  ? __pfx_chrdev_open+0x10/0x10
[  247.696938][ T8617]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  247.696975][ T8617]  do_dentry_open+0x744/0x1c10
[  247.697010][ T8617]  ? __pfx_chrdev_open+0x10/0x10
[  247.697052][ T8617]  vfs_open+0x82/0x3f0
[  247.697080][ T8617]  path_openat+0x1de4/0x2cb0
[  247.697124][ T8617]  ? __pfx_path_openat+0x10/0x10
[  247.697160][ T8617]  ? __lock_acquire+0xb8a/0x1c90
[  247.697194][ T8617]  do_filp_open+0x20b/0x470
[  247.697228][ T8617]  ? __pfx_do_filp_open+0x10/0x10
[  247.697295][ T8617]  ? alloc_fd+0x471/0x7d0
[  247.697343][ T8617]  do_sys_openat2+0x11b/0x1d0
[  247.697365][ T8617]  ? __pfx_do_sys_openat2+0x10/0x10
[  247.697397][ T8617]  __x64_sys_openat+0x174/0x210
[  247.697420][ T8617]  ? __pfx___x64_sys_openat+0x10/0x10
[  247.697454][ T8617]  do_syscall_64+0xcd/0x490
[  247.697487][ T8617]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  247.697508][ T8617] RIP: 0033:0x7f8fcb78e929
[  247.697524][ T8617] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  247.697543][ T8617] RSP: 002b:00007f8fcc5f8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  247.697562][ T8617] RAX: ffffffffffffffda RBX: 00007f8fcb9b5fa0 RCX: 00007f8fcb78e929
[  247.697575][ T8617] RDX: 0000000000000002 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  247.697587][ T8617] RBP: 00007f8fcb810b39 R08: 0000000000000000 R09: 0000000000000000
[  247.697599][ T8617] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  247.697611][ T8617] R13: 0000000000000000 R14: 00007f8fcb9b5fa0 R15: 00007fff6674acb8
[  247.697637][ T8617]  </TASK>
[  248.423046][ T8631] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1044'.
[  248.457648][ T8631] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1044'.
[  254.286179][ T8744] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1091'.
[  257.150568][ T8803] random: crng reseeded on system resumption
[  257.187741][ T8803] FAULT_INJECTION: forcing a failure.
[  257.187741][ T8803] name failslab, interval 1, probability 0, space 0, times 0
[  257.261477][ T8803] CPU: 1 UID: 0 PID: 8803 Comm: syz.3.1114 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) 
[  257.261506][ T8803] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  257.261518][ T8803] Call Trace:
[  257.261525][ T8803]  <TASK>
[  257.261532][ T8803]  dump_stack_lvl+0x16c/0x1f0
[  257.261567][ T8803]  should_fail_ex+0x512/0x640
[  257.261597][ T8803]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  257.261627][ T8803]  should_failslab+0xc2/0x120
[  257.261646][ T8803]  __kmalloc_cache_noprof+0x6a/0x3e0
[  257.261673][ T8803]  ? memory_bm_create+0x154/0x810
[  257.261696][ T8803]  memory_bm_create+0x154/0x810
[  257.261726][ T8803]  create_basic_memory_bitmaps+0xbd/0x320
[  257.261752][ T8803]  snapshot_open+0x235/0x2b0
[  257.261775][ T8803]  ? __pfx_snapshot_open+0x10/0x10
[  257.261799][ T8803]  misc_open+0x35a/0x420
[  257.261825][ T8803]  ? __pfx_misc_open+0x10/0x10
[  257.261848][ T8803]  chrdev_open+0x231/0x6a0
[  257.261879][ T8803]  ? __pfx_apparmor_file_open+0x10/0x10
[  257.261905][ T8803]  ? __pfx_chrdev_open+0x10/0x10
[  257.261938][ T8803]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  257.261969][ T8803]  do_dentry_open+0x744/0x1c10
[  257.261999][ T8803]  ? __pfx_chrdev_open+0x10/0x10
[  257.262035][ T8803]  vfs_open+0x82/0x3f0
[  257.262059][ T8803]  path_openat+0x1de4/0x2cb0
[  257.262097][ T8803]  ? __pfx_path_openat+0x10/0x10
[  257.262127][ T8803]  ? __lock_acquire+0xb8a/0x1c90
[  257.262163][ T8803]  do_filp_open+0x20b/0x470
[  257.262192][ T8803]  ? __pfx_do_filp_open+0x10/0x10
[  257.262239][ T8803]  ? alloc_fd+0x471/0x7d0
[  257.262273][ T8803]  do_sys_openat2+0x11b/0x1d0
[  257.262295][ T8803]  ? __pfx_do_sys_openat2+0x10/0x10
[  257.262327][ T8803]  __x64_sys_openat+0x174/0x210
[  257.262351][ T8803]  ? __pfx___x64_sys_openat+0x10/0x10
[  257.262384][ T8803]  do_syscall_64+0xcd/0x490
[  257.262418][ T8803]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  257.262438][ T8803] RIP: 0033:0x7f8fcb78e929
[  257.262453][ T8803] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  257.262472][ T8803] RSP: 002b:00007f8fcc5f8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  257.262493][ T8803] RAX: ffffffffffffffda RBX: 00007f8fcb9b5fa0 RCX: 00007f8fcb78e929
[  257.262505][ T8803] RDX: 0000000000080201 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  257.262518][ T8803] RBP: 00007f8fcb810b39 R08: 0000000000000000 R09: 0000000000000000
[  257.262530][ T8803] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  257.262542][ T8803] R13: 0000000000000000 R14: 00007f8fcb9b5fa0 R15: 00007fff6674acb8
[  257.262567][ T8803]  </TASK>
[  258.033117][ T8807] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1115'.
[  258.070728][ T8807] : renamed from bond0 (while UP)
[  258.385206][ T8810] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1116'.
[  258.464161][ T8811] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1116'.
[  258.627142][ T8813] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1117'.
[  260.224129][ T8830] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1124'.
[  261.538060][ T8852] syz.2.1132 (8852): /proc/8851/oom_adj is deprecated, please use /proc/8851/oom_score_adj instead.
[  262.095758][ T8869] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1137'.
[  262.919025][ T8879] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1139'.
[  262.929255][ T8882] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1143'.
[  262.969019][ T8882] mac80211_hwsim hwsim5 wlan1: entered allmulticast mode
[  264.521810][ T8910] input: 	= as /devices/virtual/input/input5
[  264.530818][ T8908] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1152'.
[  264.993011][ T5845] Bluetooth: hci3: unexpected event 0x04 length: 46 > 10
[  266.018253][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  266.033345][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  267.049936][ T5845] Bluetooth: hci3: command 0x0406 tx timeout
[  267.107026][ T8943] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1166'.
[  267.441109][ T8948] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1167'.
[  267.781489][ T8954] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1170'.
[  267.829035][ T8954] : renamed from bond0 (while UP)
[  268.770806][ T8967] FAULT_INJECTION: forcing a failure.
[  268.770806][ T8967] name failslab, interval 1, probability 0, space 0, times 0
[  268.952863][ T8967] CPU: 1 UID: 0 PID: 8967 Comm: syz.0.1175 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) 
[  268.952895][ T8967] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  268.952908][ T8967] Call Trace:
[  268.952915][ T8967]  <TASK>
[  268.952923][ T8967]  dump_stack_lvl+0x16c/0x1f0
[  268.952960][ T8967]  should_fail_ex+0x512/0x640
[  268.952992][ T8967]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  268.953025][ T8967]  should_failslab+0xc2/0x120
[  268.953045][ T8967]  __kmalloc_cache_noprof+0x6a/0x3e0
[  268.953074][ T8967]  ? pty_common_install+0x10e/0xb30
[  268.953118][ T8967]  pty_common_install+0x10e/0xb30
[  268.953148][ T8967]  ? __pfx_pty_install+0x10/0x10
[  268.953175][ T8967]  tty_init_dev.part.0+0x9c/0x500
[  268.953197][ T8967]  tty_open+0xa50/0xf90
[  268.953219][ T8967]  ? __pfx_tty_open+0x10/0x10
[  268.953237][ T8967]  ? chrdev_open+0x10b/0x6a0
[  268.953272][ T8967]  ? __pfx_tty_open+0x10/0x10
[  268.953289][ T8967]  chrdev_open+0x231/0x6a0
[  268.953319][ T8967]  ? __pfx_apparmor_file_open+0x10/0x10
[  268.953345][ T8967]  ? __pfx_chrdev_open+0x10/0x10
[  268.953377][ T8967]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  268.953409][ T8967]  do_dentry_open+0x744/0x1c10
[  268.953445][ T8967]  ? __pfx_chrdev_open+0x10/0x10
[  268.953482][ T8967]  vfs_open+0x82/0x3f0
[  268.953506][ T8967]  path_openat+0x1de4/0x2cb0
[  268.953544][ T8967]  ? __pfx_path_openat+0x10/0x10
[  268.953574][ T8967]  ? __lock_acquire+0xb8a/0x1c90
[  268.953603][ T8967]  do_filp_open+0x20b/0x470
[  268.953632][ T8967]  ? __pfx_do_filp_open+0x10/0x10
[  268.953679][ T8967]  ? alloc_fd+0x471/0x7d0
[  268.953713][ T8967]  do_sys_openat2+0x11b/0x1d0
[  268.953734][ T8967]  ? __pfx_do_sys_openat2+0x10/0x10
[  268.953755][ T8967]  ? ktime_get+0x1a7/0x310
[  268.953787][ T8967]  __x64_sys_openat+0x174/0x210
[  268.953809][ T8967]  ? __pfx___x64_sys_openat+0x10/0x10
[  268.953842][ T8967]  do_syscall_64+0xcd/0x490
[  268.953879][ T8967]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  268.953899][ T8967] RIP: 0033:0x7f936678e929
[  268.953915][ T8967] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  268.953934][ T8967] RSP: 002b:00007f93675f0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  268.953952][ T8967] RAX: ffffffffffffffda RBX: 00007f93669b5fa0 RCX: 00007f936678e929
[  268.953965][ T8967] RDX: 0000000000000002 RSI: 0000200000000400 RDI: ffffffffffffff9c
[  268.953977][ T8967] RBP: 00007f9366810b39 R08: 0000000000000000 R09: 0000000000000000
[  268.953989][ T8967] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  268.954001][ T8967] R13: 0000000000000000 R14: 00007f93669b5fa0 R15: 00007ffceee436f8
[  268.954026][ T8967]  </TASK>
[  269.530453][ T8969] FAULT_INJECTION: forcing a failure.
[  269.530453][ T8969] name failslab, interval 1, probability 0, space 0, times 0
[  269.569863][ T8969] CPU: 1 UID: 0 PID: 8969 Comm: syz.1.1176 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) 
[  269.569897][ T8969] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  269.569926][ T8969] Call Trace:
[  269.569933][ T8969]  <TASK>
[  269.569941][ T8969]  dump_stack_lvl+0x16c/0x1f0
[  269.569982][ T8969]  should_fail_ex+0x512/0x640
[  269.570016][ T8969]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  269.570050][ T8969]  should_failslab+0xc2/0x120
[  269.570072][ T8969]  __kmalloc_cache_noprof+0x6a/0x3e0
[  269.570101][ T8969]  ? lockdep_init_map_type+0x5c/0x280
[  269.570133][ T8969]  ? nci_hci_allocate+0x45/0x330
[  269.570175][ T8969]  nci_hci_allocate+0x45/0x330
[  269.570212][ T8969]  nci_allocate_device+0x26f/0x430
[  269.570245][ T8969]  virtual_ncidev_open+0x6f/0x220
[  269.570273][ T8969]  ? __pfx_virtual_ncidev_open+0x10/0x10
[  269.570301][ T8969]  misc_open+0x35a/0x420
[  269.570330][ T8969]  ? __pfx_misc_open+0x10/0x10
[  269.570357][ T8969]  chrdev_open+0x231/0x6a0
[  269.570399][ T8969]  ? __pfx_apparmor_file_open+0x10/0x10
[  269.570428][ T8969]  ? __pfx_chrdev_open+0x10/0x10
[  269.570466][ T8969]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  269.570501][ T8969]  do_dentry_open+0x744/0x1c10
[  269.570536][ T8969]  ? __pfx_chrdev_open+0x10/0x10
[  269.570596][ T8969]  vfs_open+0x82/0x3f0
[  269.570624][ T8969]  path_openat+0x1de4/0x2cb0
[  269.570668][ T8969]  ? __pfx_path_openat+0x10/0x10
[  269.570703][ T8969]  ? __lock_acquire+0xb8a/0x1c90
[  269.570737][ T8969]  do_filp_open+0x20b/0x470
[  269.570771][ T8969]  ? __pfx_do_filp_open+0x10/0x10
[  269.570827][ T8969]  ? alloc_fd+0x471/0x7d0
[  269.570866][ T8969]  do_sys_openat2+0x11b/0x1d0
[  269.570891][ T8969]  ? __pfx_do_sys_openat2+0x10/0x10
[  269.570929][ T8969]  __x64_sys_openat+0x174/0x210
[  269.570955][ T8969]  ? __pfx___x64_sys_openat+0x10/0x10
[  269.570994][ T8969]  do_syscall_64+0xcd/0x490
[  269.571033][ T8969]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.571057][ T8969] RIP: 0033:0x7f07d918e929
[  269.571075][ T8969] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  269.571098][ T8969] RSP: 002b:00007f07d6ff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  269.571119][ T8969] RAX: ffffffffffffffda RBX: 00007f07d93b5fa0 RCX: 00007f07d918e929
[  269.571134][ T8969] RDX: 0000000000000002 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  269.571149][ T8969] RBP: 00007f07d9210b39 R08: 0000000000000000 R09: 0000000000000000
[  269.571163][ T8969] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  269.571176][ T8969] R13: 0000000000000000 R14: 00007f07d93b5fa0 R15: 00007ffcf8a15628
[  269.571205][ T8969]  </TASK>
[  270.511334][ T8975] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1179'.
[  271.795076][ T8982] sctp: [Deprecated]: syz.3.1181 (pid 8982) Use of struct sctp_assoc_value in delayed_ack socket option.
[  271.795076][ T8982] Use struct sctp_sack_info instead
[  272.232903][ T8987] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1182'.
[  272.273608][ T8987] : renamed from bond0 (while UP)
[  272.446351][ T8985] FAULT_INJECTION: forcing a failure.
[  272.446351][ T8985] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  272.491798][ T8985] CPU: 1 UID: 0 PID: 8985 Comm: syz.1.1190 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) 
[  272.491826][ T8985] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  272.491838][ T8985] Call Trace:
[  272.491844][ T8985]  <TASK>
[  272.491851][ T8985]  dump_stack_lvl+0x16c/0x1f0
[  272.491887][ T8985]  should_fail_ex+0x512/0x640
[  272.491921][ T8985]  should_fail_alloc_page+0xe7/0x130
[  272.491943][ T8985]  prepare_alloc_pages+0x3c2/0x610
[  272.491967][ T8985]  ? rcu_is_watching+0x12/0xc0
[  272.491990][ T8985]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  272.492027][ T8985]  ? __lock_acquire+0x622/0x1c90
[  272.492056][ T8985]  ? xas_create+0x1d7/0x1460
[  272.492076][ T8985]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  272.492110][ T8985]  ? lock_acquire+0x179/0x350
[  272.492136][ T8985]  ? rcu_is_watching+0x12/0xc0
[  272.492163][ T8985]  ? __lock_acquire+0x622/0x1c90
[  272.492189][ T8985]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  272.492229][ T8985]  ? policy_nodemask+0xea/0x4e0
[  272.492264][ T8985]  alloc_pages_mpol+0x1fb/0x550
[  272.492284][ T8985]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  272.492305][ T8985]  ? filemap_get_entry+0x1a7/0x3b0
[  272.492327][ T8985]  folio_alloc_noprof+0x20/0x2d0
[  272.492349][ T8985]  filemap_alloc_folio_noprof+0x3a1/0x470
[  272.492378][ T8985]  ? __pfx_filemap_alloc_folio_noprof+0x10/0x10
[  272.492411][ T8985]  __filemap_get_folio+0x5e1/0xc30
[  272.492436][ T8985]  ioctx_alloc+0x761/0x2120
[  272.492473][ T8985]  ? __pfx_ioctx_alloc+0x10/0x10
[  272.492496][ T8985]  ? __might_fault+0x13b/0x190
[  272.492532][ T8985]  __x64_sys_io_setup+0xc9/0x210
[  272.492560][ T8985]  do_syscall_64+0xcd/0x490
[  272.492593][ T8985]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  272.492613][ T8985] RIP: 0033:0x7f07d918e929
[  272.492628][ T8985] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  272.492647][ T8985] RSP: 002b:00007f07d6ff6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce
[  272.492665][ T8985] RAX: ffffffffffffffda RBX: 00007f07d93b5fa0 RCX: 00007f07d918e929
[  272.492678][ T8985] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000007ffe
[  272.492690][ T8985] RBP: 00007f07d9210b39 R08: 0000000000000000 R09: 0000000000000000
[  272.492702][ T8985] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  272.492713][ T8985] R13: 0000000000000000 R14: 00007f07d93b5fa0 R15: 00007ffcf8a15628
[  272.492741][ T8985]  </TASK>
[  272.874427][ T8990] FAULT_INJECTION: forcing a failure.
[  272.874427][ T8990] name failslab, interval 1, probability 0, space 0, times 0
[  272.887329][ T8990] CPU: 1 UID: 0 PID: 8990 Comm: syz.1.1184 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) 
[  272.887360][ T8990] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  272.887385][ T8990] Call Trace:
[  272.887392][ T8990]  <TASK>
[  272.887400][ T8990]  dump_stack_lvl+0x16c/0x1f0
[  272.887437][ T8990]  should_fail_ex+0x512/0x640
[  272.887467][ T8990]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[  272.887506][ T8990]  should_failslab+0xc2/0x120
[  272.887526][ T8990]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  272.887560][ T8990]  ? __pfx_proc_create_net_data+0x10/0x10
[  272.887596][ T8990]  ? nf_log_net_init+0x9f/0x450
[  272.887617][ T8990]  ? __pfx_nf_log_net_init+0x10/0x10
[  272.887638][ T8990]  kmemdup_noprof+0x29/0x60
[  272.887670][ T8990]  nf_log_net_init+0x9f/0x450
[  272.887691][ T8990]  ? __pfx_nf_log_net_init+0x10/0x10
[  272.887711][ T8990]  ops_init+0x1df/0x5f0
[  272.887734][ T8990]  setup_net+0x1ff/0x510
[  272.887751][ T8990]  ? lockdep_init_map_type+0x5c/0x280
[  272.887781][ T8990]  ? __pfx_setup_net+0x10/0x10
[  272.887802][ T8990]  ? debug_mutex_init+0x37/0x70
[  272.887824][ T8990]  copy_net_ns+0x2a6/0x5f0
[  272.887849][ T8990]  create_new_namespaces+0x3ea/0xa90
[  272.887877][ T8990]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  272.887903][ T8990]  ksys_unshare+0x45b/0xa40
[  272.887931][ T8990]  ? __pfx_ksys_unshare+0x10/0x10
[  272.887960][ T8990]  ? xfd_validate_state+0x61/0x180
[  272.887996][ T8990]  __x64_sys_unshare+0x31/0x40
[  272.888023][ T8990]  do_syscall_64+0xcd/0x490
[  272.888058][ T8990]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  272.888079][ T8990] RIP: 0033:0x7f07d918e929
[  272.888096][ T8990] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  272.888116][ T8990] RSP: 002b:00007f07d6ff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  272.888136][ T8990] RAX: ffffffffffffffda RBX: 00007f07d93b5fa0 RCX: 00007f07d918e929
[  272.888150][ T8990] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  272.888162][ T8990] RBP: 00007f07d9210b39 R08: 0000000000000000 R09: 0000000000000000
[  272.888174][ T8990] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  272.888193][ T8990] R13: 0000000000000000 R14: 00007f07d93b5fa0 R15: 00007ffcf8a15628
[  272.888220][ T8990]  </TASK>
[  274.727803][ T9021] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1197'.
[  274.768578][ T9021] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1197'.
[  274.795005][ T9025] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1198'.
[  275.652322][ T9043] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1206'.
[  276.427036][ T9053] sctp: [Deprecated]: syz.0.1210 (pid 9053) Use of int in max_burst socket option deprecated.
[  276.427036][ T9053] Use struct sctp_assoc_value instead
[  277.148923][ T9067] openvswitch: netlink: IP tunnel dst address not specified
[  277.197617][ T9067] openvswitch: netlink: IP tunnel dst address not specified
[  277.402280][ T9070] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1217'.
[  277.770450][ T9075] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1219'.
[  279.223352][ T9089] sctp: [Deprecated]: syz.2.1222 (pid 9089) Use of int in max_burst socket option deprecated.
[  279.223352][ T9089] Use struct sctp_assoc_value instead
[  279.564246][ T9094] netlink: 'syz.0.1226': attribute type 1 has an invalid length.
[  281.139404][ T9127] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1237'.
[  281.855455][ T9135] usb usb28: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  284.067031][ T9197] FAULT_INJECTION: forcing a failure.
[  284.067031][ T9197] name failslab, interval 1, probability 0, space 0, times 0
[  284.148215][ T9186] zswap: compressor  not available
[  284.195792][ T9197] CPU: 1 UID: 0 PID: 9197 Comm: syz.2.1260 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) 
[  284.195819][ T9197] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  284.195832][ T9197] Call Trace:
[  284.195838][ T9197]  <TASK>
[  284.195845][ T9197]  dump_stack_lvl+0x16c/0x1f0
[  284.195882][ T9197]  should_fail_ex+0x512/0x640
[  284.195911][ T9197]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  284.195944][ T9197]  should_failslab+0xc2/0x120
[  284.195963][ T9197]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  284.195993][ T9197]  ? getname_flags.part.0+0x4c/0x550
[  284.196019][ T9197]  getname_flags.part.0+0x4c/0x550
[  284.196044][ T9197]  getname_flags+0x93/0xf0
[  284.196075][ T9197]  do_sys_openat2+0xb8/0x1d0
[  284.196097][ T9197]  ? __pfx_do_sys_openat2+0x10/0x10
[  284.196151][ T9197]  __x64_sys_openat+0x174/0x210
[  284.196178][ T9197]  ? __pfx___x64_sys_openat+0x10/0x10
[  284.196218][ T9197]  do_syscall_64+0xcd/0x490
[  284.196258][ T9197]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  284.196283][ T9197] RIP: 0033:0x7fb68598d290
[  284.196301][ T9197] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[  284.196323][ T9197] RSP: 002b:00007fb686765f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  284.196345][ T9197] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fb68598d290
[  284.196360][ T9197] RDX: 0000000000000002 RSI: 00007fb686765fa0 RDI: 00000000ffffff9c
[  284.196374][ T9197] RBP: 00007fb686765fa0 R08: 0000000000000000 R09: 00007fb686765cd5
[  284.196389][ T9197] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  284.196403][ T9197] R13: 0000000000000000 R14: 00007fb685bb5fa0 R15: 00007ffe07503738
[  284.196432][ T9197]  </TASK>
[  285.448819][ T9216] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1267'.
[  287.431461][ T9257] Console: switching to colour VGA+ 80x25
[  287.522690][ T9257] ==================================================================
[  287.522705][ T9257] BUG: KASAN: slab-out-of-bounds in fbcon_prepare_logo+0xa03/0xc70
[  287.522745][ T9257] Read of size 256 at addr ffff88807f9bf860 by task syz.2.1280/9257
[  287.522762][ T9257] 
[  287.522772][ T9257] CPU: 1 UID: 0 PID: 9257 Comm: syz.2.1280 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) 
[  287.522799][ T9257] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  287.522811][ T9257] Call Trace:
[  287.522818][ T9257]  <TASK>
[  287.522825][ T9257]  dump_stack_lvl+0x116/0x1f0
[  287.522859][ T9257]  print_report+0xcd/0x680
[  287.522893][ T9257]  ? __virt_addr_valid+0x81/0x610
[  287.522915][ T9257]  ? __phys_addr+0xe8/0x180
[  287.522936][ T9257]  ? fbcon_prepare_logo+0xa03/0xc70
[  287.522967][ T9257]  kasan_report+0xe0/0x110
[  287.522986][ T9257]  ? fbcon_prepare_logo+0xa03/0xc70
[  287.523021][ T9257]  kasan_check_range+0x100/0x1b0
[  287.523045][ T9257]  __asan_memcpy+0x23/0x60
[  287.523073][ T9257]  fbcon_prepare_logo+0xa03/0xc70
[  287.523110][ T9257]  fbcon_init+0xd77/0x1900
[  287.523142][ T9257]  ? __pfx_drm_fb_helper_set_par+0x10/0x10
[  287.523178][ T9257]  visual_init+0x31d/0x620
[  287.523205][ T9257]  do_bind_con_driver.isra.0+0x57a/0xbf0
[  287.523241][ T9257]  store_bind+0x61d/0x760
[  287.523272][ T9257]  ? sysfs_file_kobj+0xe4/0x290
[  287.523316][ T9257]  ? __pfx_store_bind+0x10/0x10
[  287.523354][ T9257]  dev_attr_store+0x55/0x80
[  287.523375][ T9257]  ? __pfx_dev_attr_store+0x10/0x10
[  287.523395][ T9257]  sysfs_kf_write+0xf2/0x150
[  287.523423][ T9257]  kernfs_fop_write_iter+0x351/0x510
[  287.523446][ T9257]  ? __pfx_sysfs_kf_write+0x10/0x10
[  287.523474][ T9257]  vfs_write+0x6c4/0x1150
[  287.523508][ T9257]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  287.523533][ T9257]  ? __pfx___mutex_lock+0x10/0x10
[  287.523569][ T9257]  ? __pfx_vfs_write+0x10/0x10
[  287.523611][ T9257]  ksys_write+0x12a/0x250
[  287.523643][ T9257]  ? __pfx_ksys_write+0x10/0x10
[  287.523679][ T9257]  do_syscall_64+0xcd/0x490
[  287.523716][ T9257]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  287.523740][ T9257] RIP: 0033:0x7fb68598e929
[  287.523758][ T9257] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  287.523780][ T9257] RSP: 002b:00007fb686766038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  287.523801][ T9257] RAX: ffffffffffffffda RBX: 00007fb685bb5fa0 RCX: 00007fb68598e929
[  287.523816][ T9257] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003
[  287.523830][ T9257] RBP: 00007fb685a10b39 R08: 0000000000000000 R09: 0000000000000000
[  287.523844][ T9257] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  287.523858][ T9257] R13: 0000000000000000 R14: 00007fb685bb5fa0 R15: 00007ffe07503738
[  287.523880][ T9257]  </TASK>
[  287.523887][ T9257] 
[  287.523892][ T9257] Allocated by task 7060:
[  287.523903][ T9257]  kasan_save_stack+0x33/0x60
[  287.523934][ T9257]  kasan_save_track+0x14/0x30
[  287.523965][ T9257]  __kasan_kmalloc+0xaa/0xb0
[  287.523994][ T9257]  device_create_groups_vargs+0x8a/0x270
[  287.524017][ T9257]  device_create+0xed/0x130
[  287.524037][ T9257]  vc_allocate+0x501/0x880
[  287.524068][ T9257]  con_install+0xa1/0x600
[  287.524099][ T9257]  tty_init_dev.part.0+0x9c/0x500
[  287.524118][ T9257]  tty_open+0xa50/0xf90
[  287.524136][ T9257]  chrdev_open+0x231/0x6a0
[  287.524168][ T9257]  do_dentry_open+0x744/0x1c10
[  287.524199][ T9257]  vfs_open+0x82/0x3f0
[  287.524219][ T9257]  path_openat+0x1de4/0x2cb0
[  287.524248][ T9257]  do_filp_open+0x20b/0x470
[  287.524277][ T9257]  do_sys_openat2+0x11b/0x1d0
[  287.524299][ T9257]  __x64_sys_openat+0x174/0x210
[  287.524322][ T9257]  do_syscall_64+0xcd/0x490
[  287.524363][ T9257]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  287.524397][ T9257] 
[  287.524401][ T9257] The buggy address belongs to the object at ffff88807f9bf000
[  287.524401][ T9257]  which belongs to the cache kmalloc-2k of size 2048
[  287.524418][ T9257] The buggy address is located 1016 bytes to the right of
[  287.524418][ T9257]  allocated 1128-byte region [ffff88807f9bf000, ffff88807f9bf468)
[  287.524439][ T9257] 
[  287.524445][ T9257] The buggy address belongs to the physical page:
[  287.524458][ T9257] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7f9b8
[  287.524476][ T9257] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  287.524493][ T9257] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  287.524511][ T9257] page_type: f5(slab)
[  287.524528][ T9257] raw: 00fff00000000040 ffff88801b842000 dead000000000100 dead000000000122
[  287.524548][ T9257] raw: 0000000000000000 0000000080080008 00000000f5000000 0000000000000000
[  287.524567][ T9257] head: 00fff00000000040 ffff88801b842000 dead000000000100 dead000000000122
[  287.524586][ T9257] head: 0000000000000000 0000000080080008 00000000f5000000 0000000000000000
[  287.524605][ T9257] head: 00fff00000000003 ffffea0001fe6e01 00000000ffffffff 00000000ffffffff
[  287.524624][ T9257] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  287.524636][ T9257] page dumped because: kasan: bad access detected
[  287.524650][ T9257] page_owner tracks the page as allocated
[  287.524656][ T9257] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5828, tgid 5828 (syz-executor), ts 99778934820, free_ts 99735332758
[  287.524693][ T9257]  post_alloc_hook+0x1c0/0x230
[  287.524720][ T9257]  get_page_from_freelist+0x1321/0x3890
[  287.524750][ T9257]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  287.524781][ T9257]  alloc_pages_mpol+0x1fb/0x550
[  287.524798][ T9257]  new_slab+0x23b/0x330
[  287.524821][ T9257]  ___slab_alloc+0xd9c/0x1940
[  287.524845][ T9257]  __slab_alloc.constprop.0+0x56/0xb0
[  287.524870][ T9257]  __kmalloc_noprof+0x2f2/0x510
[  287.524899][ T9257]  sk_prot_alloc+0x1a8/0x2a0
[  287.524919][ T9257]  sk_alloc+0x36/0xc20
[  287.524963][ T9257]  __netlink_create+0x5e/0x2c0
[  287.524995][ T9257]  netlink_create+0x39e/0x620
[  287.525028][ T9257]  __sock_create+0x338/0x8d0
[  287.525051][ T9257]  __sys_socket+0x14d/0x260
[  287.525075][ T9257]  __x64_sys_socket+0x72/0xb0
[  287.525100][ T9257]  do_syscall_64+0xcd/0x490
[  287.525133][ T9257] page last free pid 5828 tgid 5828 stack trace:
[  287.525145][ T9257]  __free_frozen_pages+0x7fe/0x1180
[  287.525172][ T9257]  __put_partials+0x16d/0x1c0
[  287.525199][ T9257]  qlist_free_all+0x4d/0x120
[  287.525227][ T9257]  kasan_quarantine_reduce+0x195/0x1e0
[  287.525258][ T9257]  __kasan_slab_alloc+0x69/0x90
[  287.525291][ T9257]  __kmalloc_cache_noprof+0x1f1/0x3e0
[  287.525319][ T9257]  ref_tracker_alloc+0x18e/0x5b0
[  287.525356][ T9257]  register_netdevice+0x1689/0x2270
[  287.525377][ T9257]  nsim_create+0xc70/0x10a0
[  287.525399][ T9257]  __nsim_dev_port_add+0x42b/0x7d0
[  287.525426][ T9257]  nsim_drv_probe+0xdca/0x1490
[  287.525453][ T9257]  really_probe+0x23e/0xa90
[  287.525484][ T9257]  __driver_probe_device+0x1de/0x440
[  287.525516][ T9257]  driver_probe_device+0x4c/0x1b0
[  287.525548][ T9257]  __device_attach_driver+0x1df/0x310
[  287.525580][ T9257]  bus_for_each_drv+0x156/0x1e0
[  287.525605][ T9257] 
[  287.525610][ T9257] Memory state around the buggy address:
[  287.525620][ T9257]  ffff88807f9bf700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  287.525636][ T9257]  ffff88807f9bf780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  287.525652][ T9257] >ffff88807f9bf800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  287.525664][ T9257]                                                        ^
[  287.525676][ T9257]  ffff88807f9bf880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  287.525692][ T9257]  ffff88807f9bf900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  287.525704][ T9257] ==================================================================
[  287.525716][ T9257] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  287.525730][ T9257] CPU: 1 UID: 0 PID: 9257 Comm: syz.2.1280 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) 
[  287.525758][ T9257] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  287.525772][ T9257] Call Trace:
[  287.525779][ T9257]  <TASK>
[  287.525787][ T9257]  dump_stack_lvl+0x3d/0x1f0
[  287.525822][ T9257]  panic+0x71c/0x800
[  287.525853][ T9257]  ? __pfx_panic+0x10/0x10
[  287.525887][ T9257]  ? __pfx__printk+0x10/0x10
[  287.525922][ T9257]  ? fbcon_prepare_logo+0xa03/0xc70
[  287.525956][ T9257]  check_panic_on_warn+0xab/0xb0
[  287.525991][ T9257]  end_report+0x107/0x170
[  287.526027][ T9257]  kasan_report+0xee/0x110
[  287.526048][ T9257]  ? fbcon_prepare_logo+0xa03/0xc70
[  287.526091][ T9257]  kasan_check_range+0x100/0x1b0
[  287.526134][ T9257]  __asan_memcpy+0x23/0x60
[  287.526165][ T9257]  fbcon_prepare_logo+0xa03/0xc70
[  287.526213][ T9257]  fbcon_init+0xd77/0x1900
[  287.526253][ T9257]  ? __pfx_drm_fb_helper_set_par+0x10/0x10
[  287.526293][ T9257]  visual_init+0x31d/0x620
[  287.526323][ T9257]  do_bind_con_driver.isra.0+0x57a/0xbf0
[  287.526368][ T9257]  store_bind+0x61d/0x760
[  287.526404][ T9257]  ? sysfs_file_kobj+0xe4/0x290
[  287.526432][ T9257]  ? __pfx_store_bind+0x10/0x10
[  287.526465][ T9257]  dev_attr_store+0x55/0x80
[  287.526487][ T9257]  ? __pfx_dev_attr_store+0x10/0x10
[  287.526508][ T9257]  sysfs_kf_write+0xf2/0x150
[  287.526536][ T9257]  kernfs_fop_write_iter+0x351/0x510
[  287.526560][ T9257]  ? __pfx_sysfs_kf_write+0x10/0x10
[  287.526589][ T9257]  vfs_write+0x6c4/0x1150
[  287.526622][ T9257]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  287.526647][ T9257]  ? __pfx___mutex_lock+0x10/0x10
[  287.526684][ T9257]  ? __pfx_vfs_write+0x10/0x10
[  287.526727][ T9257]  ksys_write+0x12a/0x250
[  287.526759][ T9257]  ? __pfx_ksys_write+0x10/0x10
[  287.526797][ T9257]  do_syscall_64+0xcd/0x490
[  287.526835][ T9257]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  287.526859][ T9257] RIP: 0033:0x7fb68598e929
[  287.526875][ T9257] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  287.526898][ T9257] RSP: 002b:00007fb686766038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  287.526920][ T9257] RAX: ffffffffffffffda RBX: 00007fb685bb5fa0 RCX: 00007fb68598e929
[  287.526936][ T9257] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003
[  287.526951][ T9257] RBP: 00007fb685a10b39 R08: 0000000000000000 R09: 0000000000000000
[  287.526965][ T9257] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  287.526980][ T9257] R13: 0000000000000000 R14: 00007fb685bb5fa0 R15: 00007ffe07503738
[  287.527003][ T9257]  </TASK>
[  287.527075][ T9257] Kernel Offset: disabled