last executing test programs:

26.19242055s ago: executing program 0 (id=2380):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x3, 0x2)
socketpair$auto(0x3, 0x5, 0x6, 0x0)
bind$auto(0x3, 0x0, 0x6b)

25.999705583s ago: executing program 0 (id=2381):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
socket(0x15, 0x5, 0x0)
mprotect$auto(0x0, 0x8000000000000001, 0x8)
ioctl$auto(0x3, 0x89e0, 0x91)

25.807750666s ago: executing program 0 (id=2382):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$auto_NBD_CMD_CONNECT(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000000)=ANY=[@ANYBLOB, @ANYRES16=r1, @ANYBLOB="01002dbd7000fbdbdf2501000000040007800c00020004000000000000040c00060009"], 0x30}, 0x1, 0x0, 0x0, 0x40080}, 0x20040000)

25.64269259s ago: executing program 0 (id=2383):
unshare$auto(0x40000080)
write$auto_ocfs2_control_fops_stack_user(0xffffffffffffffff, &(0x7f0000000000), 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
socket(0x2, 0x2, 0x0)
socket(0x23, 0x2, 0x0)
ioctl$auto(0x3, 0x80000541b, 0x38)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyd8\x00', 0xa05c0, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0x2, 0x1d2c, 0x3, 0x4, 0x15f4da0e, 0x6, 0x9, 0x100000000000000c, 0x8, 0x4, 0xfca, 0x9, 0x2, 0x4000000000000d]}, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
get_mempolicy$auto(0x0, 0x0, 0x2, 0x86, 0x9)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dri/card2\x00', 0x688200, 0x0)
r1 = socket(0xa, 0x801, 0x100)
setsockopt$auto(r1, 0x6, 0x2, 0x0, 0xfb3)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x20000, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x1fffffffffffffff, 0x40009, 0xdf, 0x12, r0, 0xc)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8080000001)
mmap$auto(0x4, 0x6, 0xdb, 0xebb, 0x40000000000a5, 0x8000)
close_range$auto(0x0, 0x5, 0x0)
fadvise64$auto_POSIX_FADV_DONTNEED(r0, 0x34, 0xffffffff, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)

22.740096085s ago: executing program 0 (id=2386):
r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fb0\x00', 0xc2000, 0x0)
ioctl$auto(r0, 0x4611, r0)

9.076852872s ago: executing program 3 (id=2423):
ioctl$auto(0xffffffffffffffff, 0x4611, 0xffffffffffffffff)

8.963594746s ago: executing program 3 (id=2425):
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x5, 0x84)
socket(0xa, 0x3, 0x3a)
setsockopt$auto(0x400000000000003, 0x29, 0xd1, 0x0, 0x6)

8.768649142s ago: executing program 3 (id=2427):
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x0, 0x0)
mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
write$auto_seq_oss_f_ops_seq_oss(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_ETHTOOL_MSG_STRSET_GET(r0, 0x0, 0x20000000)
madvise$auto(0x0, 0xffffff7fffff0005, 0x8)
read$auto(0xffffffffffffffff, 0x0, 0x20)
openat$auto_hwflags_ops_debugfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
read$auto(0x3, 0x0, 0x8080)
unshare$auto(0x40000080)
syz_clone3(&(0x7f000000dd80)={0x100000, 0x0, 0x0, 0x0, {0x13}, 0x0, 0x0, 0x0, 0x0}, 0x58)
syz_clone3(&(0x7f000000dd80)={0xa04400, 0x0, 0x0, 0x0, {0x12}, 0x0, 0x0, 0x0, 0x0}, 0x58)
read$auto(0x3, 0x0, 0x80)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
socket(0xa, 0x3, 0x3a)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
eventfd$auto(0x3)
eventfd$auto(0x0)
socket(0xa, 0x2, 0x88)

6.724239325s ago: executing program 3 (id=2431):
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
socket(0xa, 0x3, 0x3b)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x400, 0xdf, 0xeb1, 0x401, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
pwrite64$auto(0xc8, &(0x7f0000000080)='\vX\xb5n\x91p\xe6\x15\x00p\x01\x99\x88c\x14\r>\x14\x1a\xd3\xd3\x1d\xf8?\xdb\xdb\xc1\xf5\xe3o\x8e\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\xe5}\xea\x1b\x95\xafQ;_L\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2\x10\x00\x00\x00\x00\x00/TX:\x8a\xddf\xa9H0\x06\xe7\xd2\xe2\xf6^\xfdo\x00\x9a>T\xd5\x1e\xe3\xeb\x89q\a\xd6h\xc9\xbc\x8f\x1dBk\x95\x174\xdc\x03\x05> -\xb6\x9d[\xe42(\xe4\n\x98u\xc9\xa1\xc4Zb\x04\xc2\xf1 \x8a\xbe]\xde\xfd8u\xb4\xde\xb3\xa1T/\xdfx\x14Y\xfe\x1e\x1f\x91\x19\xb7\xfc\xcd\x7fl\xb3\xa8#\xa0\xb9P\x8d\x04C\x87\xebR\x93\x12\x18H&N\x8b\'i)\xab@\xaf\xcb\xda\x00\x067\xce\xd6V4\xc2\xeeX\xb4\xe9\f\xee\xe8\xd8\x91\x1b\xcd\x00j\x14H\xcc-\x14\xde\xaaN\x87\x8d\x9b\xa05\xacHX\xc1\xce\x91\xee\xad\r\xbe\xb2&f\xa3\xe2\x8bp\xba\x8a\"\xf1\xfc\xa13\xfe\xe0JG\xe1v\x82s}v~`X%pJ\xbf\xc3`\xa9\x8f\"l\xc7XX\xa4\xb6\x0e\xbe\xa0wy\xfe\x03n+k\xf149*(\x15\xaa\xc2\x8aB\xf1\xbb$M\xfe%\xc7\x84\xf0\xa4}bd\xac\xa8T\xda\xffm\x86\xca\x80\xde3\xa7\xba\xc7Y]\xd7\xa2\xec)\xd6\xad\xbcI\x10\xa3#\xd4/J\xa8\x14\x1b<\x04\xbd\x89\xefQf\xc0Q\x92\x92\xa7\x99\xcf\xaekR\xf5\xb7\x14r[\x9fx\xaf+\xb3@\xf4\x83\xbf\xc7e\xe7\xc2\xd6\x10\x0fk\xee)\x92\bO\xa1\x1a\x9e\xef:5\x1e\x1c\"9\xd8\xdf\xa9C\xe2SHG6\xf2\xd5.\x12]\x17J\x8b\xc52\xe9\x9e\xbc\xdc\xae\xef\xed\xf9\xa6\x9e-\x92pZ\x12j/\x1dD{\xac\x17\\O\xee\x11\x10$\x12\xfc \xb0\xb7cA;\xa1,\x040\xa7\xd9\xb2\x19@1\x92\x10\xc4\xc0\x1f\x1d\xe1\xf6\x80lW\v,\xa2\x134no\xa0\x00l\xd8\xe4\xd3\x16\xd3%\x8b\xf5\x1e\x12{\xe6\xdb\xde\a\xdedH\x90\xf7\x19\xff\xcb\xacC\xeadOf\xb8\x15\xc39\xefLt\t\x11\xa1\x0e\x85\xac\xcc+\xc0\xb4.\xaa3>\xc0\x96\x84\xd5\x02\xc1\x94=\xb0\xfe\xda\x1d\xe9\xa7\xe1\xcf\x80|k\xdd\x95\xc9\xb0y\xb4\xbd\xc2W\x9c\xa4\x80\x13\xbc\x7fb=y\xdb]U\xd1HC\xe1\xa7\x94q\xb0C\xb8\x86\xd0\x9d\xe0\x8aD\x91x\'\xd6\x17\xd1\x9d\x16\xa7oZ\x8a\xce:\x9e@\xca\x17\x05f+\xee\xd8\xe6D\x9e\xb18Aw', 0xe, 0x3)
socket(0x10, 0x2, 0x4)
r1 = socket(0x10, 0x2, 0xc)
sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYBLOB="01002d"], 0x5c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r2 = openat$auto_ima_measure_policy_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000000), 0x48101, 0x0)
write$auto(r2, &(0x7f0000000100)='/surit\x8b\xafR\xf2y/integrity?iqa/policy\x00\xa2\xf4\x92_\xe8\xaeD\xca/ \xe5\xed`\xa4\xb5b\xff\x8c\xcf8\x00\xd5s\xb36\"\'\xb0\x84k\x98\xd7\xca\x06O\xd8Y\x15{W\f=XM\xb7\xf4\xca\xdf\x8fe\xe2\x91>`D{\x9e\xfe\x92\x9f|#5P\x8b\xdd\xd2/\b\xb5g\x18\xed\xaa \x9fs\xe0\x04\x84\x04\x02\x89\x84%d\xc1@\x91W\xf8\xf65\xa8\x1d\xde\alUZ\xab\x17\xba\xf8\x02\x12\x94\xdc\xcb\xc3\x06\x82\xc8G4>J\x83\xd3^\x8d', 0x2000000000c5)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYRES8=r1, @ANYRES8=r0], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x4000050)
r3 = socket(0x11, 0x3, 0x3ff)
setsockopt$auto(r3, 0x107, 0xc, 0x0, 0x6)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), r4)
sendmsg$auto_ETHTOOL_MSG_LINKINFO_SET(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x40}, 0x2400004c)
pread64$auto(0xffffffffffffffff, 0x0, 0x1, 0x401)
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0)
read$auto(r5, 0x0, 0x20)
r6 = openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/pcmC0D0p\x00', 0x2800, 0x0)
ioctl$auto_SNDRV_PCM_IOCTL_RESUME(r6, 0x4147, 0x0)
r7 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r7, &(0x7f0000000200)={0x0, 0x7}, 0x3)
bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3)

5.688321555s ago: executing program 3 (id=2433):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x8000, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000040)=""/194, 0xc2)

5.520747429s ago: executing program 3 (id=2435):
socket(0x2, 0x80000, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/suspend_stats/failed_resume_noirq\x00', 0x0, 0x0)
r0 = openat$auto_drm_edid_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/dri/vkms/Writeback-1/edid_override\x00', 0x40901, 0x0)
write$auto(r0, &(0x7f0000000040)='/sys/kernel/debug/drS/vkms/Wri1/edid_override\x00', 0x20004)
mmap$auto(0x7, 0x8, 0x3, 0xeb1, 0xffffffffffffffff, 0x8)
mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
mbind$auto(0x0, 0x2091d3, 0x4, 0x0, 0x6, 0x2)
mkdir$auto(0x0, 0x8001)
getrandom$auto(0x0, 0x6000000, 0x3)
close_range$auto(0x2, 0x8, 0x0)
r1 = socket(0x1f, 0x2, 0x77)
mmap$auto(0xfffffffffffffc, 0xd8f0, 0x7, 0xeb1, r1, 0xbf47)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
unshare$auto(0x40000080)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x4020005, 0xe3, 0xeb1, 0x401, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/usbcore/parameters/quirks\x00', 0xc0202, 0x0)
readv$auto(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x40200}, 0x3)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
unshare$auto(0x20000)
unshare$auto(0x20000)
mmap$auto(0x0, 0x202000d, 0x3, 0x200000000eb1, 0xfffffffffffffffa, 0x8000)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/virtual/mac80211_hwsim/hwsim0/net/wlan0/flags\x00', 0x189082, 0x0)
sendfile$auto(r2, r2, 0x0, 0x1)
r3 = gettid()
pidfd_open$auto(r3, 0x0)

3.297112855s ago: executing program 1 (id=2440):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_genetlink_get_family_id$auto_psample(&(0x7f0000007a40), 0xffffffffffffffff)
sendmsg$auto_PSAMPLE_CMD_GET_GROUP(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000007ac0)={&(0x7f0000000300)={0x14, r0, 0x2, 0x820bd2f, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x24048859}, 0x40860)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0x8, 0x800, 0x400073)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
r1 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000380)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x721200, 0x0)
r2 = fcntl$auto_F_DUPFD(r1, 0x0, r1)
read$auto_tun_fops_tun(r2, &(0x7f0000000180)=""/106, 0x6a)

3.047057819s ago: executing program 2 (id=2442):
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
read$auto(r0, 0x0, 0x20)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x140082, 0x0)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x2a01, 0x0)
syz_genetlink_get_family_id$auto_mac802154_hwsim(&(0x7f0000000100), 0xffffffffffffffff)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x3e)

3.030101576s ago: executing program 1 (id=2443):
r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sg0\x00', 0x941683, 0x0)
ioctl$auto_SG_SET_DEBUG(r0, 0x227e, &(0x7f00000000c0))
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff)
recvfrom$auto(r2, &(0x7f0000000600), 0x4, 0x4, 0x0, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x14, r3, 0x301, 0x70bd2c, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x4000)
ioctl$auto_BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={"d9ade6a9583fb77a9e21a5b4069c53a3b40ad64262fc9a8389195e94acc355c3", 0xfffb, 0xed02, 0xfffffff7, 0x100000000, 0x3, <r4=>0x0})
sendmsg$auto_NL80211_CMD_JOIN_IBSS(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x80, r3, 0x400, 0x70bd2b, 0x25dfdbff, {}, [@NL80211_ATTR_PID={0x8, 0x52, r4}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0x59, 0xe8, "c53055742be09158376e461eff7c257e5ec387fdd311da3830e0dd87b71eb82270d0d17e38805906a8d64ddd5b0db348ecfba769577bf82d1cde6798e794201db2e29d5962dc2e346d168ab9e868b32ad21cb934d1"}, @NL80211_ATTR_MEASUREMENT_DURATION_MANDATORY={0x4}, @NL80211_ATTR_RECEIVE_MULTICAST={0x4}]}, 0x80}, 0x1, 0x0, 0x0, 0x40004}, 0x4044054)

2.829588555s ago: executing program 1 (id=2444):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_smc_pnetid(&(0x7f0000000080), r0)
sendmsg$auto_SMC_PNETID_ADD(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)={0x14, r1, 0x10, 0x70bd25, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x44c0)

2.71880487s ago: executing program 1 (id=2445):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000080), r0)
socket(0x1d, 0x2, 0x6)
r1 = socket(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'vcan0\x00'})
unshare$auto(0x40000080)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/mtdblock0\x00', 0x14fe02, 0x0)
getsockopt$auto_SO_BSDCOMPAT(r2, 0x3, 0xe, &(0x7f00000000c0)='*\\\x00', &(0x7f0000000180)=0x40)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
preadv2$auto(r2, &(0x7f0000000040)={0x0, 0x80000003}, 0x6, 0xffffffffffffffff, 0x8000000000000, 0x2f)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
listen$auto(r2, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0x0, 0x0)
close_range$auto(0xffffffffffffffff, 0xa, 0x0)
mmap$auto(0xc, 0x5, 0x7, 0xeb1, 0x7, 0x8002)
futex$auto(0x0, 0x85, 0x38, 0x0, 0x0, 0x80800005)
r3 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x68082, 0x0)
ioctl$auto_BLKPG2(r3, 0x1269, 0x3f00)
ioctl$auto_MEMGETINFO(r3, 0x80204d01, 0x0)
r4 = openat$auto_tracing_fops_trace(0xffffffffffffff9c, 0x0, 0x40200, 0x0)
mmap$auto(0x0, 0x402000b, 0x4af, 0xeb1, 0x401, 0x8000)
r5 = open(&(0x7f0000000000)='./file0\x00', 0x621c2, 0x84)
bpf$auto(0x2, &(0x7f00000001c0)=@task_fd_query={0x0, 0xffffffffffffffff, 0x2, 0x1, 0x5, 0x6, r2, 0x241, 0x6}, 0x7)
ioctl$auto_EVIOCGMASK(r5, 0x80104592, &(0x7f0000000080)={0xc0dc, 0x6, 0x4})
read$auto(0x3, 0x0, 0xfffffdef)
syz_genetlink_get_family_id$auto_seg6(0x0, 0xffffffffffffffff)
getsockopt$auto_SO_SNDBUF(r4, 0x73, 0x7, &(0x7f0000000100)='SEG\x85\x00', &(0x7f0000000140)=0x9d9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mbind$auto(0x1c0000, 0x800097, 0x1, 0x0, 0x3, 0x1)
mbind$auto(0x0, 0x800605, 0x1, &(0x7f0000000500)=0xffff, 0xa, 0x3)

1.412271764s ago: executing program 2 (id=2446):
r0 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x129800, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
sendmmsg$auto(r0, 0x0, 0x89a5, 0x7000000)
mmap$auto(0x0, 0x9, 0x3ff57697, 0x9b72, 0x2, 0x8000000000008000)
connect$auto(0x3, 0x0, 0x54)
connect$auto(0x4, 0x0, 0x10)

1.315056926s ago: executing program 1 (id=2447):
mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x20000008000)
r0 = socket(0x2, 0x1, 0x0)
bind$auto(r0, &(0x7f0000000340)=@ax25={0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x8}, 0x10006a)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000400)="01a10399281c", 0x12, 0x0, 0x6, 0x0, 0x1f, 0x5}, 0x800004}, 0x5, 0x20000000)
shutdown$auto(r0, 0x2)
sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
ioctl$auto_MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0)
prctl$auto(0x7, 0x5, 0x0, 0x1, 0xfdfffffefffffffd)
openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, 0x0, 0xa2cc0, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/block/nbd3/queue/atomic_write_boundary_bytes\x00', 0x92483, 0x0)
syz_genetlink_get_family_id$auto_smbd_genl(0x0, 0xffffffffffffffff)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/module/libceph/parameters/supported_features\x00', 0x40000, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0)
sendmsg$auto_KSMBD_EVENT_LOGIN_RESPONSE(0xffffffffffffffff, 0x0, 0x30004850)
keyctl$auto(0x1ff, 0x0, 0x0, 0x0, 0xa)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000440), 0x466b02, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x68b82, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r2)
r3 = openat$auto_stat_fops_per_vm_kvm_main(0xffffffffffffff9c, &(0x7f0000000380)='/sys/kernel/debug/kvm/pf_guest\x00', 0xa2540, 0x0)
read$auto_stat_fops_per_vm_kvm_main(r3, 0x0, 0x0)
msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004)
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x40802, 0x0)

1.307974893s ago: executing program 2 (id=2448):
write$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffffff, 0x0, 0x0)
mmap$auto(0x0, 0x2000d, 0x3, 0xeb1, 0x404, 0x100010008000)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, 0x0, 0x24008000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/loop14/queue/dma_alignment\x00', 0x80000, 0x0)
read$auto(r0, 0x0, 0x20)
r1 = socket(0x2, 0x801, 0x106)
mmap$auto(0x0, 0x10005, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
setsockopt$auto(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000140)='lp\x00h\x85M\xdf\xdc\x83\x8a\xa7\xe4]U(\x01\t=\x1e\x00\x00}\xc9\xd0ghB\x8a\n\x8bw\xc8\x9f\x8f\xd1\xd0\xc3i\xd4\x8cO\x90\xaf?J\t\xce%\xcb\xb7Sq)\x12k\xb6\xa7(\\Vpm\xc6Q6\xe2\x0f\xae\xd6\x15\\\xf3\xefOA\xf1G\n\xd6u\x9b\x18+\x83\xc9g*v@\x90\xc6\xc2\xb9\n\a]\x86VDLp\xa2\xb0\xbd`\x144\xb2', 0x4)
r2 = getpid()
process_vm_readv$auto(r2, &(0x7f0000000080)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0)
syz_genetlink_get_family_id$auto_ovs_vport(0x0, 0xffffffffffffffff)
r3 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card0\x00', 0x20100, 0x0)
ioctl$auto(r3, 0x404064c8, r3)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000003fc0), 0xffffffffffffffff)
sendmsg$auto_OVS_VPORT_CMD_GET(r4, &(0x7f0000004540)={0x0, 0x0, &(0x7f0000004500)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYRES16=r5, @ANYBLOB="ffff2bbd7000fedbdf250300040005"], 0x18}, 0x1, 0x0, 0x0, 0x40081}, 0x20000c50)
write$auto(r1, &(0x7f0000000000)='*\x00', 0xfd)
r6 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r6, &(0x7f0000000200)={0x0, 0x7}, 0x3)
unshare$auto(0x40000080)

472.249388ms ago: executing program 2 (id=2449):
r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, 0x0, 0xc2000, 0x0)
ioctl$auto(r0, 0x4611, r0)

276.549946ms ago: executing program 2 (id=2450):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x1, 0x8000)
getrandom$auto(0x0, 0x6000000, 0x3)
r0 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000000), 0xc0402, 0x0)
ioctl$auto_posix_clock_file_operations_posix_clock(r0, 0x40, 0x0)

93.705103ms ago: executing program 0 (id=2397):
mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000)
ioctl$auto_PROCMAP_QUERY(0xffffffffffffffff, 0xc0686611, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
openat$auto_buffer_subbuf_size_fops_trace(0xffffffffffffff9c, 0x0, 0x2401, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (fail_nth: 2)

52.830408ms ago: executing program 1 (id=2451):
sendmsg$auto_THERMAL_GENL_CMD_THRESHOLD_FLUSH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="14000000", @ANYBLOB="100029bd7000000000000000000050c2d02bed50d333293fd4ac989ca0c867ce98473cd438b55a5fafd115222d0e0fd83cab12f431818a334647e01480e814781480505ddc0e0fd3093ec7e50afbb9c5ecab93d7f3c0e2d9fb4f6b117fb2cfdfdb813de692cdd01d8e5cf98cb582023a652f57e07ebd86b00e103cb5ef21dffc475b4481d37a582b44cd4934123dd38261cac4d3744a184be3d09933aba3da74dd03d5203f8c746f700173672c195cfb0263a841d8dcb5e922c97ac38a8e1b50"], 0x14}}, 0x4040014)
r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
write$auto_console_fops_tty_io(r0, &(0x7f0000000000)="c80d1b5d399b3b", 0xfdef)

0s ago: executing program 2 (id=2452):
sendmsg$auto_WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f00000028c0)={0x0, 0x0, &(0x7f0000002880)={&(0x7f00000002c0)=ANY=[@ANYBLOB="020000083659c0edff48d34ebfac2d2c6f206f1276fab959add5bb0fe91be665d8fb356234bd0169a0de74bf2853220f75ea261f3404f7878c758ffe8e1a65f19bc741dab72f2584c63148caedcb0836921c5dcfa31eea5d41ca406aca8fe85630b23bef7e4e46e582b4b8bce2e1db256ac52548e5d5c3a813a92c073bd60c4d115d6ff892227bbe0f052b80b965f444236ff21f0e3ee85ed3e49f27f6f259ed036a751d6e5eaf0130d690fe3969bbdba876440c42c974e7c99dbbb77fb02fd08f8da7fed562c07edce767fd42093db809a5a60b964451a94320cb28bc7c9001466edc35d8d3dde6fa8e44ebbc24df3fc819efb84a52b65646f177b60ecd7551567491517506bd49097aee86c1cbddcc2b048627696a480407d7ae395e935915ccbb696e2475886a25e332c4af3bf4d188c8466adceee38a84c1a285e99dac7888025055b0230962ebd58141e09def15e627", @ANYRES16=0x0, @ANYBLOB="210026bd7000fedbdf2501000000"], 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x80)
r0 = socket(0x10, 0x2, 0x4)
r1 = socket(0xa, 0x5, 0x0)
socket(0x10, 0x2, 0xc)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2)
r3 = syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f0000002340), 0xffffffffffffffff)
unshare$auto(0x40000080)
r4 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg0\x00', 0x800, 0x0)
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000240)='/proc/zoneinfo\x00', 0x15000, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/virtual/net/rose7/flags\x00', 0x2262, 0x0)
write$auto(r5, &(0x7f0000000140)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k\xfc\xb2\x00\x00\x00\x00y\x113!\x05\xa7\xd6M\xce\xd6\'\xdf@\x9f\xf5 \x8b_hw\x8em\xd0\b\xe7~1\xf5\xf8\x93*jH\x85H\x05\xae\xdf\xf0\x15A\xdb$\'\x87', 0x81)
close_range$auto(0x2, 0x8, 0x0)
r6 = openat$auto_proc_projid_map_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/projid_map\x00', 0x980, 0x0)
read$auto_proc_projid_map_operations_base(r6, &(0x7f0000000040)=""/24, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x2, 0x0)
mmap$auto(0x0, 0x4, 0xdf, 0x91, 0x401, 0x8000)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55)
sendmmsg$auto(0x3, 0x0, 0x986, 0xe000)
close_range$auto(r4, 0xffffffffffffffff, 0x0)
sendmsg$auto_OVS_METER_CMD_SET(r2, &(0x7f0000002480)={0x0, 0x0, &(0x7f0000002440)={&(0x7f0000000140)=ANY=[@ANYBLOB="c8000000", @ANYRES16=r3, @ANYBLOB="010025bd7000fed3df250200000004000200a8000480a40029800800018085f65a9a99254957ed216f0700000000000000dfe0e5df120af1ed82a3e1853978af5f1138750308c11f71036c698f56bcc01b530611839459fa777c291f0070003335f9601f4ba9ae40e3cb521cfacc5c7fd444da486781f5dd37e9c6e01bebb7032428ff442526cd06c6119eb75c6be9926baafcd97bfaebea6c51f0d8a272ef8e26c14dd1a91218d09320c6a6c4561a7685283350da364c4c0d620800010005000000"], 0xc8}, 0x1, 0x0, 0x0, 0x48000}, 0x4000)
r7 = openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/config/nvmet/discovery_nqn\x00', 0x1, 0x0)
read$auto_transactions_fops_(0xffffffffffffffff, &(0x7f0000000080)=""/18, 0x12)
writev$auto(r7, &(0x7f00000000c0)={&(0x7f0000000040)='@', 0x1292}, 0x2)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="18000000", @ANYRES16=r0, @ANYRES8=r7, @ANYRES64=r3, @ANYRESHEX=r1, @ANYRESOCT=r0], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x40000)
write$auto(r0, &(0x7f0000000000)='-\x00', 0xfdef)

kernel console output (not intermixed with test programs):

c/0x250
[  787.779108][T16248]  ? ubi_attach_mtd_dev+0x1353/0x32a0
[  787.779126][T16248]  ? __vmalloc_node_noprof+0xad/0xf0
[  787.779146][T16248]  ? ubi_attach_mtd_dev+0x1353/0x32a0
[  787.779167][T16248]  ubi_attach_mtd_dev+0x139f/0x32a0
[  787.779198][T16248]  ? __pfx_ubi_attach_mtd_dev+0x10/0x10
[  787.779215][T16248]  ? __pfx_get_mtd_device+0x10/0x10
[  787.779243][T16248]  ctrl_cdev_ioctl+0x36a/0x400
[  787.779261][T16248]  ? __pfx_ctrl_cdev_ioctl+0x10/0x10
[  787.779285][T16248]  ? __pfx_ctrl_cdev_ioctl+0x10/0x10
[  787.779304][T16248]  __x64_sys_ioctl+0x18e/0x210
[  787.779328][T16248]  do_syscall_64+0x106/0xf80
[  787.779348][T16248]  ? clear_bhb_loop+0x40/0x90
[  787.779368][T16248]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  787.779384][T16248] RIP: 0033:0x7f0e3839c819
[  787.779399][T16248] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  787.779414][T16248] RSP: 002b:00007f0e392c1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  787.779431][T16248] RAX: ffffffffffffffda RBX: 00007f0e38616090 RCX: 00007f0e3839c819
[  787.779442][T16248] RDX: 0000000000000000 RSI: 0000000040186f40 RDI: 0000000000000006
[  787.779451][T16248] RBP: 00007f0e38432c91 R08: 0000000000000000 R09: 0000000000000000
[  787.779460][T16248] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  787.779469][T16248] R13: 00007f0e38616128 R14: 00007f0e38616090 R15: 00007ffefe201b48
[  787.779492][T16248]  </TASK>
[  788.247947][T16248] SLUB: Unable to add cache ubi_aeb_slab_cache to sysfs
[  788.256396][T16248] ubi0: scanning is finished
[  788.261605][T16248] ubi0 error: ubi_read_volume_table: the layout volume was not found
[  788.954773][T16248] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  789.673237][   T29] audit: type=1800 audit(1775760407.108:10): pid=16267 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2243" name="members" dev="configfs" ino=59684 res=0 errno=0
[  789.773560][T16278] vivid-007: =================  START STATUS  =================
[  789.822609][T16278] vivid-007: Enable Output Cropping: true
[  789.852413][T16278] vivid-007: Enable Output Composing: true
[  789.912729][T16278] vivid-007: Enable Output Scaler: true
[  789.955165][T16278] vivid-007: Tx RGB Quantization Range: Automatic
[  790.004299][T16278] vivid-007: Transmit Mode: HDMI
[  790.023781][T16278] vivid-007: Hotplug Present: 0x00000000
[  790.065508][T16278] vivid-007: RxSense Present: 0x00000000
[  790.086222][T16278] vivid-007: EDID Present: 0x00000000
[  790.121366][T16278] vivid-007: ==================  END STATUS  ==================
[  790.221270][T16285] openvswitch: ovs_: Dropping previously announced user features
[  790.652530][T16295] FAULT_INJECTION: forcing a failure.
[  790.652530][T16295] name failslab, interval 1, probability 0, space 0, times 0
[  790.737860][T16295] CPU: 0 UID: 0 PID: 16295 Comm: syz.0.2249 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  790.737889][T16295] Tainted: [L]=SOFTLOCKUP
[  790.737895][T16295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  790.737905][T16295] Call Trace:
[  790.737911][T16295]  <TASK>
[  790.737918][T16295]  dump_stack_lvl+0x100/0x190
[  790.737947][T16295]  should_fail_ex.cold+0x5/0xa
[  790.737967][T16295]  should_failslab+0xc2/0x120
[  790.737984][T16295]  __kmalloc_cache_node_noprof+0x7d/0x770
[  790.738000][T16295]  ? __alloc_workqueue+0x711/0x1880
[  790.738018][T16295]  ? lockdep_init_map_type+0x5c/0x250
[  790.738043][T16295]  __alloc_workqueue+0x711/0x1880
[  790.738064][T16295]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  790.738091][T16295]  alloc_workqueue_noprof+0xd2/0x200
[  790.738109][T16295]  ? __pfx_alloc_workqueue_noprof+0x10/0x10
[  790.738133][T16295]  ? __pfx___debug_object_init+0x10/0x10
[  790.738156][T16295]  nci_register_device+0x394/0xb80
[  790.738179][T16295]  ? __pfx_nci_register_device+0x10/0x10
[  790.738204][T16295]  ? lockdep_init_map_type+0x5c/0x250
[  790.738228][T16295]  virtual_ncidev_open+0x141/0x220
[  790.738251][T16295]  ? __pfx_virtual_ncidev_open+0x10/0x10
[  790.738273][T16295]  misc_open+0x26d/0x450
[  790.738293][T16295]  ? __pfx_misc_open+0x10/0x10
[  790.738312][T16295]  chrdev_open+0x234/0x6a0
[  790.738328][T16295]  ? __pfx_apparmor_file_open+0x10/0x10
[  790.738345][T16295]  ? __pfx_chrdev_open+0x10/0x10
[  790.738363][T16295]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  790.738384][T16295]  do_dentry_open+0x6d8/0x1660
[  790.738400][T16295]  ? __pfx_chrdev_open+0x10/0x10
[  790.738421][T16295]  vfs_open+0x82/0x3f0
[  790.738443][T16295]  path_openat+0x208c/0x31a0
[  790.738466][T16295]  ? __pfx_path_openat+0x10/0x10
[  790.738489][T16295]  do_file_open+0x20e/0x430
[  790.738507][T16295]  ? __pfx_do_file_open+0x10/0x10
[  790.738537][T16295]  ? alloc_fd+0x476/0x790
[  790.738555][T16295]  ? do_getname+0x191/0x390
[  790.738577][T16295]  do_sys_openat2+0x10d/0x1e0
[  790.738597][T16295]  ? __pfx_do_sys_openat2+0x10/0x10
[  790.738624][T16295]  __x64_sys_openat+0x12d/0x210
[  790.738645][T16295]  ? __pfx___x64_sys_openat+0x10/0x10
[  790.738674][T16295]  do_syscall_64+0x106/0xf80
[  790.738698][T16295]  ? clear_bhb_loop+0x40/0x90
[  790.738718][T16295]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  790.738734][T16295] RIP: 0033:0x7f0e3839c819
[  790.738749][T16295] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  790.738764][T16295] RSP: 002b:00007f0e392c1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  790.738779][T16295] RAX: ffffffffffffffda RBX: 00007f0e38616090 RCX: 00007f0e3839c819
[  790.738789][T16295] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  790.738800][T16295] RBP: 00007f0e38432c91 R08: 0000000000000000 R09: 0000000000000000
[  790.738809][T16295] R10: 000000000000003e R11: 0000000000000246 R12: 0000000000000000
[  790.738819][T16295] R13: 00007f0e38616128 R14: 00007f0e38616090 R15: 00007ffefe201b48
[  790.738840][T16295]  </TASK>
[  791.433085][T16318] FAULT_INJECTION: forcing a failure.
[  791.433085][T16318] name failslab, interval 1, probability 0, space 0, times 0
[  791.479165][T16318] CPU: 0 UID: 0 PID: 16318 Comm: syz.0.2255 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  791.479197][T16318] Tainted: [L]=SOFTLOCKUP
[  791.479203][T16318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  791.479213][T16318] Call Trace:
[  791.479219][T16318]  <TASK>
[  791.479226][T16318]  dump_stack_lvl+0x100/0x190
[  791.479255][T16318]  should_fail_ex.cold+0x5/0xa
[  791.479275][T16318]  should_failslab+0xc2/0x120
[  791.479293][T16318]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  791.479317][T16318]  ? vm_area_dup+0x27/0x8e0
[  791.479342][T16318]  vm_area_dup+0x27/0x8e0
[  791.479364][T16318]  __split_vma+0x18c/0xd90
[  791.479388][T16318]  ? __pfx___split_vma+0x10/0x10
[  791.479413][T16318]  ? __mpol_equal+0xaf/0x340
[  791.479436][T16318]  vma_modify+0x1121/0x2250
[  791.479463][T16318]  ? __pfx_vma_modify+0x10/0x10
[  791.479489][T16318]  vma_modify_policy+0x238/0x300
[  791.479512][T16318]  ? __pfx_vma_modify_policy+0x10/0x10
[  791.479551][T16318]  mbind_range+0x175/0x550
[  791.479572][T16318]  do_mbind+0x7dc/0xfd0
[  791.479595][T16318]  ? __might_fault+0xc5/0x140
[  791.479616][T16318]  ? __pfx_do_mbind+0x10/0x10
[  791.479640][T16318]  ? _copy_from_user+0x59/0xd0
[  791.479664][T16318]  ? __pfx_get_nodes+0x10/0x10
[  791.479683][T16318]  kernel_mbind+0x1b7/0x200
[  791.479704][T16318]  ? __pfx_kernel_mbind+0x10/0x10
[  791.479729][T16318]  do_syscall_64+0x106/0xf80
[  791.479746][T16318]  ? clear_bhb_loop+0x40/0x90
[  791.479764][T16318]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  791.479780][T16318] RIP: 0033:0x7f0e3839c819
[  791.479794][T16318] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  791.479809][T16318] RSP: 002b:00007f0e392c1028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed
[  791.479824][T16318] RAX: ffffffffffffffda RBX: 00007f0e38616090 RCX: 00007f0e3839c819
[  791.479834][T16318] RDX: 0000000000008003 RSI: 0000000000800605 RDI: 0000000000000000
[  791.479843][T16318] RBP: 00007f0e38432c91 R08: 0000000000000003 R09: 0000000000000003
[  791.479852][T16318] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000000
[  791.479862][T16318] R13: 00007f0e38616128 R14: 00007f0e38616090 R15: 00007ffefe201b48
[  791.479883][T16318]  </TASK>
[  791.748387][T16300] FAULT_INJECTION: forcing a failure.
[  791.748387][T16300] name failslab, interval 1, probability 0, space 0, times 0
[  791.761116][T16300] CPU: 0 UID: 0 PID: 16300 Comm: syz.1.2251 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  791.761143][T16300] Tainted: [L]=SOFTLOCKUP
[  791.761149][T16300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  791.761158][T16300] Call Trace:
[  791.761165][T16300]  <TASK>
[  791.761172][T16300]  dump_stack_lvl+0x100/0x190
[  791.761201][T16300]  should_fail_ex.cold+0x5/0xa
[  791.761222][T16300]  should_failslab+0xc2/0x120
[  791.761239][T16300]  __kmalloc_cache_noprof+0x7a/0x6f0
[  791.761260][T16300]  ? nfc_llcp_register_device+0x4b/0xa60
[  791.761279][T16300]  nfc_llcp_register_device+0x4b/0xa60
[  791.761296][T16300]  nfc_register_device+0x6d/0x3e0
[  791.761314][T16300]  nci_register_device+0x7f1/0xb80
[  791.761337][T16300]  ? __pfx_nci_register_device+0x10/0x10
[  791.761362][T16300]  ? lockdep_init_map_type+0x5c/0x250
[  791.761387][T16300]  virtual_ncidev_open+0x141/0x220
[  791.761421][T16300]  ? __pfx_virtual_ncidev_open+0x10/0x10
[  791.761444][T16300]  misc_open+0x26d/0x450
[  791.761465][T16300]  ? __pfx_misc_open+0x10/0x10
[  791.761484][T16300]  chrdev_open+0x234/0x6a0
[  791.761501][T16300]  ? __pfx_apparmor_file_open+0x10/0x10
[  791.761518][T16300]  ? __pfx_chrdev_open+0x10/0x10
[  791.761536][T16300]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  791.761557][T16300]  do_dentry_open+0x6d8/0x1660
[  791.761574][T16300]  ? __pfx_chrdev_open+0x10/0x10
[  791.761596][T16300]  vfs_open+0x82/0x3f0
[  791.761618][T16300]  path_openat+0x208c/0x31a0
[  791.761641][T16300]  ? __pfx_path_openat+0x10/0x10
[  791.761710][T16300]  do_file_open+0x20e/0x430
[  791.761730][T16300]  ? __pfx_do_file_open+0x10/0x10
[  791.761760][T16300]  ? alloc_fd+0x476/0x790
[  791.761779][T16300]  ? do_getname+0x191/0x390
[  791.761801][T16300]  do_sys_openat2+0x10d/0x1e0
[  791.761822][T16300]  ? __pfx_do_sys_openat2+0x10/0x10
[  791.761843][T16300]  ? __fget_files+0x21f/0x3d0
[  791.761863][T16300]  __x64_sys_openat+0x12d/0x210
[  791.761884][T16300]  ? __pfx___x64_sys_openat+0x10/0x10
[  791.761911][T16300]  do_syscall_64+0x106/0xf80
[  791.761927][T16300]  ? clear_bhb_loop+0x40/0x90
[  791.761946][T16300]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  791.761961][T16300] RIP: 0033:0x7ff0c4b9c819
[  791.761977][T16300] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  791.761992][T16300] RSP: 002b:00007ff0c5aa6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  791.762008][T16300] RAX: ffffffffffffffda RBX: 00007ff0c4e15fa0 RCX: 00007ff0c4b9c819
[  791.762018][T16300] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  791.762029][T16300] RBP: 00007ff0c4c32c91 R08: 0000000000000000 R09: 0000000000000000
[  791.762039][T16300] R10: 000000000000003e R11: 0000000000000246 R12: 0000000000000000
[  791.762048][T16300] R13: 00007ff0c4e16038 R14: 00007ff0c4e15fa0 R15: 00007ffc890583a8
[  791.762068][T16300]  </TASK>
[  791.762100][T16300] nfc: nfc_register_device: Could not register llcp device
[  792.277769][T16300] llcp: nfc_llcp_remove_local: Shutting down device not found
[  792.332112][T16325] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2256'.
[  792.623061][T16331] FAULT_INJECTION: forcing a failure.
[  792.623061][T16331] name failslab, interval 1, probability 0, space 0, times 0
[  792.704736][T16331] CPU: 0 UID: 0 PID: 16331 Comm: syz.2.2259 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  792.704763][T16331] Tainted: [L]=SOFTLOCKUP
[  792.704768][T16331] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  792.704778][T16331] Call Trace:
[  792.704783][T16331]  <TASK>
[  792.704790][T16331]  dump_stack_lvl+0x100/0x190
[  792.704817][T16331]  should_fail_ex.cold+0x5/0xa
[  792.704835][T16331]  should_failslab+0xc2/0x120
[  792.704853][T16331]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  792.704876][T16331]  ? alloc_empty_file+0x55/0x1c0
[  792.704896][T16331]  ? __pfx_stack_trace_save+0x10/0x10
[  792.704915][T16331]  alloc_empty_file+0x55/0x1c0
[  792.704935][T16331]  path_openat+0xe8/0x31a0
[  792.704951][T16331]  ? kasan_save_stack+0x3f/0x50
[  792.704964][T16331]  ? kasan_save_stack+0x30/0x50
[  792.704977][T16331]  ? kasan_save_track+0x14/0x30
[  792.704991][T16331]  ? __kasan_slab_alloc+0x89/0x90
[  792.705005][T16331]  ? kmem_cache_alloc_noprof+0x241/0x6e0
[  792.705027][T16331]  ? do_getname+0x35/0x390
[  792.705046][T16331]  ? do_sys_openat2+0xc5/0x1e0
[  792.705066][T16331]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  792.705084][T16331]  ? __pfx_path_openat+0x10/0x10
[  792.705112][T16331]  do_file_open+0x20e/0x430
[  792.705130][T16331]  ? __pfx_do_file_open+0x10/0x10
[  792.705159][T16331]  ? alloc_fd+0x476/0x790
[  792.705177][T16331]  ? do_getname+0x191/0x390
[  792.705197][T16331]  do_sys_openat2+0x10d/0x1e0
[  792.705218][T16331]  ? __pfx_do_sys_openat2+0x10/0x10
[  792.705237][T16331]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  792.705258][T16331]  ? __fget_files+0x21f/0x3d0
[  792.705276][T16331]  __x64_sys_openat+0x12d/0x210
[  792.705297][T16331]  ? __pfx___x64_sys_openat+0x10/0x10
[  792.705317][T16331]  ? ksys_write+0x1ac/0x250
[  792.705338][T16331]  do_syscall_64+0x106/0xf80
[  792.705354][T16331]  ? clear_bhb_loop+0x40/0x90
[  792.705372][T16331]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  792.705388][T16331] RIP: 0033:0x7eff1159c819
[  792.705401][T16331] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  792.705416][T16331] RSP: 002b:00007eff123bf028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  792.705431][T16331] RAX: ffffffffffffffda RBX: 00007eff11815fa0 RCX: 00007eff1159c819
[  792.705441][T16331] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  792.705451][T16331] RBP: 00007eff123bf090 R08: 0000000000000000 R09: 0000000000000000
[  792.705460][T16331] R10: 000000000000003e R11: 0000000000000246 R12: 0000000000000001
[  792.705469][T16331] R13: 00007eff11816038 R14: 00007eff11815fa0 R15: 00007ffd1179f578
[  792.705488][T16331]  </TASK>
[  793.338558][T16342] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2263'.
[  794.386805][   T29] audit: type=1800 audit(1775760411.828:11): pid=16350 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2266" name="SYSV00000014" dev="hugetlbfs" ino=0 res=0 errno=0
[  794.543346][T16357] FAULT_INJECTION: forcing a failure.
[  794.543346][T16357] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  794.628265][T16357] CPU: 0 UID: 0 PID: 16357 Comm: syz.0.2268 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  794.628293][T16357] Tainted: [L]=SOFTLOCKUP
[  794.628299][T16357] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  794.628308][T16357] Call Trace:
[  794.628315][T16357]  <TASK>
[  794.628321][T16357]  dump_stack_lvl+0x100/0x190
[  794.628349][T16357]  should_fail_ex.cold+0x5/0xa
[  794.628368][T16357]  _copy_from_user+0x2e/0xd0
[  794.628389][T16357]  move_addr_to_kernel+0x65/0x170
[  794.628411][T16357]  __sys_bind+0x11d/0x260
[  794.628432][T16357]  ? __pfx___sys_bind+0x10/0x10
[  794.628451][T16357]  ? __fget_files+0x21f/0x3d0
[  794.628472][T16357]  ? __pfx_ksys_write+0x10/0x10
[  794.628492][T16357]  __x64_sys_bind+0x72/0xb0
[  794.628511][T16357]  ? lockdep_hardirqs_on+0x78/0x100
[  794.628527][T16357]  do_syscall_64+0x106/0xf80
[  794.628544][T16357]  ? clear_bhb_loop+0x40/0x90
[  794.628562][T16357]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  794.628578][T16357] RIP: 0033:0x7f0e3839c819
[  794.628591][T16357] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  794.628606][T16357] RSP: 002b:00007f0e392e2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  794.628622][T16357] RAX: ffffffffffffffda RBX: 00007f0e38615fa0 RCX: 00007f0e3839c819
[  794.628632][T16357] RDX: 000000000000006b RSI: 0000000000000000 RDI: 0000000000000003
[  794.628641][T16357] RBP: 00007f0e392e2090 R08: 0000000000000000 R09: 0000000000000000
[  794.628650][T16357] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  794.628666][T16357] R13: 00007f0e38616038 R14: 00007f0e38615fa0 R15: 00007ffefe201b48
[  794.628685][T16357]  </TASK>
[  794.991768][T16365] program syz.0.2270 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  795.191237][T16358] FAULT_INJECTION: forcing a failure.
[  795.191237][T16358] name failslab, interval 1, probability 0, space 0, times 0
[  795.291467][T16358] CPU: 0 UID: 0 PID: 16358 Comm: syz.2.2267 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  795.291494][T16358] Tainted: [L]=SOFTLOCKUP
[  795.291500][T16358] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  795.291511][T16358] Call Trace:
[  795.291517][T16358]  <TASK>
[  795.291523][T16358]  dump_stack_lvl+0x100/0x190
[  795.291553][T16358]  should_fail_ex.cold+0x5/0xa
[  795.291572][T16358]  should_failslab+0xc2/0x120
[  795.291589][T16358]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  795.291612][T16358]  ? vm_area_dup+0x27/0x8e0
[  795.291637][T16358]  vm_area_dup+0x27/0x8e0
[  795.291659][T16358]  __split_vma+0x18c/0xd90
[  795.291683][T16358]  ? __pfx___split_vma+0x10/0x10
[  795.291709][T16358]  ? __mpol_equal+0xaf/0x340
[  795.291732][T16358]  vma_modify+0x1121/0x2250
[  795.291758][T16358]  ? __pfx_vma_modify+0x10/0x10
[  795.291784][T16358]  vma_modify_policy+0x238/0x300
[  795.291808][T16358]  ? __pfx_vma_modify_policy+0x10/0x10
[  795.291845][T16358]  mbind_range+0x175/0x550
[  795.291868][T16358]  do_mbind+0x7dc/0xfd0
[  795.291890][T16358]  ? __might_fault+0xc5/0x140
[  795.291912][T16358]  ? __pfx_do_mbind+0x10/0x10
[  795.291935][T16358]  ? _copy_from_user+0x59/0xd0
[  795.291959][T16358]  ? __pfx_get_nodes+0x10/0x10
[  795.291978][T16358]  kernel_mbind+0x1b7/0x200
[  795.291999][T16358]  ? __pfx_kernel_mbind+0x10/0x10
[  795.292024][T16358]  do_syscall_64+0x106/0xf80
[  795.292040][T16358]  ? clear_bhb_loop+0x40/0x90
[  795.292058][T16358]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  795.292074][T16358] RIP: 0033:0x7eff1159c819
[  795.292088][T16358] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  795.292103][T16358] RSP: 002b:00007eff1239e028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed
[  795.292118][T16358] RAX: ffffffffffffffda RBX: 00007eff11816090 RCX: 00007eff1159c819
[  795.292128][T16358] RDX: 0000000000008003 RSI: 0000000000800605 RDI: 0000000000000000
[  795.292137][T16358] RBP: 00007eff11632c91 R08: 0000000000000003 R09: 0000000000000003
[  795.292146][T16358] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000000
[  795.292156][T16358] R13: 00007eff11816128 R14: 00007eff11816090 R15: 00007ffd1179f578
[  795.292175][T16358]  </TASK>
[  796.084041][T16388] FAULT_INJECTION: forcing a failure.
[  796.084041][T16388] name failslab, interval 1, probability 0, space 0, times 0
[  796.130033][T16388] CPU: 0 UID: 0 PID: 16388 Comm: syz.3.2277 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  796.130063][T16388] Tainted: [L]=SOFTLOCKUP
[  796.130068][T16388] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  796.130088][T16388] Call Trace:
[  796.130095][T16388]  <TASK>
[  796.130102][T16388]  dump_stack_lvl+0x100/0x190
[  796.130131][T16388]  should_fail_ex.cold+0x5/0xa
[  796.130150][T16388]  should_failslab+0xc2/0x120
[  796.130169][T16388]  __kmalloc_cache_noprof+0x7a/0x6f0
[  796.130189][T16388]  ? apply_wqattrs_prepare+0x136/0xbb0
[  796.130210][T16388]  apply_wqattrs_prepare+0x136/0xbb0
[  796.130225][T16388]  ? __alloc_workqueue+0x901/0x1880
[  796.130249][T16388]  apply_workqueue_attrs_locked+0x64/0xe0
[  796.130267][T16388]  __alloc_workqueue+0xe25/0x1880
[  796.130293][T16388]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  796.130322][T16388]  alloc_workqueue_noprof+0xd2/0x200
[  796.130342][T16388]  ? __pfx_alloc_workqueue_noprof+0x10/0x10
[  796.130367][T16388]  ? __pfx___debug_object_init+0x10/0x10
[  796.130389][T16388]  nci_register_device+0x394/0xb80
[  796.130413][T16388]  ? __pfx_nci_register_device+0x10/0x10
[  796.130438][T16388]  ? lockdep_init_map_type+0x5c/0x250
[  796.130463][T16388]  virtual_ncidev_open+0x141/0x220
[  796.130487][T16388]  ? __pfx_virtual_ncidev_open+0x10/0x10
[  796.130509][T16388]  misc_open+0x26d/0x450
[  796.130530][T16388]  ? __pfx_misc_open+0x10/0x10
[  796.130548][T16388]  chrdev_open+0x234/0x6a0
[  796.130565][T16388]  ? __pfx_apparmor_file_open+0x10/0x10
[  796.130583][T16388]  ? __pfx_chrdev_open+0x10/0x10
[  796.130600][T16388]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  796.130621][T16388]  do_dentry_open+0x6d8/0x1660
[  796.130637][T16388]  ? __pfx_chrdev_open+0x10/0x10
[  796.130658][T16388]  vfs_open+0x82/0x3f0
[  796.130680][T16388]  path_openat+0x208c/0x31a0
[  796.130703][T16388]  ? __pfx_path_openat+0x10/0x10
[  796.130727][T16388]  do_file_open+0x20e/0x430
[  796.130745][T16388]  ? __pfx_do_file_open+0x10/0x10
[  796.130776][T16388]  ? alloc_fd+0x476/0x790
[  796.130793][T16388]  ? do_getname+0x191/0x390
[  796.130814][T16388]  do_sys_openat2+0x10d/0x1e0
[  796.130834][T16388]  ? __pfx_do_sys_openat2+0x10/0x10
[  796.130862][T16388]  __x64_sys_openat+0x12d/0x210
[  796.130883][T16388]  ? __pfx___x64_sys_openat+0x10/0x10
[  796.130911][T16388]  do_syscall_64+0x106/0xf80
[  796.130927][T16388]  ? clear_bhb_loop+0x40/0x90
[  796.130945][T16388]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  796.130961][T16388] RIP: 0033:0x7f48c4d9c819
[  796.130976][T16388] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  796.130991][T16388] RSP: 002b:00007f48c2ff6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  796.131007][T16388] RAX: ffffffffffffffda RBX: 00007f48c5015fa0 RCX: 00007f48c4d9c819
[  796.131017][T16388] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  796.131027][T16388] RBP: 00007f48c4e32c91 R08: 0000000000000000 R09: 0000000000000000
[  796.131036][T16388] R10: 000000000000003e R11: 0000000000000246 R12: 0000000000000000
[  796.131046][T16388] R13: 00007f48c5016038 R14: 00007f48c5015fa0 R15: 00007ffd7b7acd48
[  796.131067][T16388]  </TASK>
[  798.130654][T16408] FAULT_INJECTION: forcing a failure.
[  798.130654][T16408] name failslab, interval 1, probability 0, space 0, times 0
[  798.183027][T16408] CPU: 0 UID: 0 PID: 16408 Comm: syz.3.2281 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  798.183054][T16408] Tainted: [L]=SOFTLOCKUP
[  798.183061][T16408] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  798.183070][T16408] Call Trace:
[  798.183076][T16408]  <TASK>
[  798.183083][T16408]  dump_stack_lvl+0x100/0x190
[  798.183119][T16408]  should_fail_ex.cold+0x5/0xa
[  798.183139][T16408]  should_failslab+0xc2/0x120
[  798.183157][T16408]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  798.183180][T16408]  ? __mpol_dup+0x74/0x390
[  798.183203][T16408]  __mpol_dup+0x74/0x390
[  798.183222][T16408]  ? __pfx___mpol_dup+0x10/0x10
[  798.183240][T16408]  ? kmem_cache_alloc_noprof+0x292/0x6e0
[  798.183268][T16408]  ? sp_alloc+0x27/0x160
[  798.183292][T16408]  sp_alloc+0x4d/0x160
[  798.183311][T16408]  mpol_set_shared_policy+0xa5/0x890
[  798.183336][T16408]  ? __pfx_shmem_set_policy+0x10/0x10
[  798.183354][T16408]  mbind_range+0x339/0x550
[  798.183376][T16408]  do_mbind+0x7dc/0xfd0
[  798.183399][T16408]  ? __might_fault+0xc5/0x140
[  798.183421][T16408]  ? __pfx_do_mbind+0x10/0x10
[  798.183444][T16408]  ? _copy_from_user+0x59/0xd0
[  798.183468][T16408]  ? __pfx_get_nodes+0x10/0x10
[  798.183487][T16408]  kernel_mbind+0x1b7/0x200
[  798.183508][T16408]  ? __pfx_kernel_mbind+0x10/0x10
[  798.183533][T16408]  do_syscall_64+0x106/0xf80
[  798.183554][T16408]  ? clear_bhb_loop+0x40/0x90
[  798.183574][T16408]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  798.183590][T16408] RIP: 0033:0x7f48c4d9c819
[  798.183604][T16408] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  798.183619][T16408] RSP: 002b:00007f48c2ff6028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed
[  798.183635][T16408] RAX: ffffffffffffffda RBX: 00007f48c5015fa0 RCX: 00007f48c4d9c819
[  798.183645][T16408] RDX: 0000000000008003 RSI: 0000000000800605 RDI: 0000000000000000
[  798.183654][T16408] RBP: 00007f48c4e32c91 R08: 0000000000000003 R09: 0000000000000003
[  798.183663][T16408] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000000
[  798.183672][T16408] R13: 00007f48c5016038 R14: 00007f48c5015fa0 R15: 00007ffd7b7acd48
[  798.183692][T16408]  </TASK>
[  802.446463][   T29] audit: type=1804 audit(1775760419.888:12): pid=16479 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.2294" name="/newroot/576/file0" dev="tmpfs" ino=2977 res=1 errno=0
[  802.593938][   T29] audit: type=1804 audit(1775760420.008:13): pid=16480 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.2294" name="/newroot/576/file0" dev="tmpfs" ino=2977 res=1 errno=0
[  802.717465][T16473] FAULT_INJECTION: forcing a failure.
[  802.717465][T16473] name failslab, interval 1, probability 0, space 0, times 0
[  802.794075][T16473] CPU: 0 UID: 0 PID: 16473 Comm: syz.1.2293 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  802.794103][T16473] Tainted: [L]=SOFTLOCKUP
[  802.794109][T16473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  802.794119][T16473] Call Trace:
[  802.794125][T16473]  <TASK>
[  802.794131][T16473]  dump_stack_lvl+0x100/0x190
[  802.794159][T16473]  should_fail_ex.cold+0x5/0xa
[  802.794182][T16473]  should_failslab+0xc2/0x120
[  802.794199][T16473]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  802.794222][T16473]  ? __mpol_dup+0x74/0x390
[  802.794245][T16473]  __mpol_dup+0x74/0x390
[  802.794263][T16473]  ? __pfx___mpol_dup+0x10/0x10
[  802.794289][T16473]  ? kmem_cache_alloc_noprof+0x292/0x6e0
[  802.794312][T16473]  ? sp_alloc+0x27/0x160
[  802.794334][T16473]  sp_alloc+0x4d/0x160
[  802.794354][T16473]  mpol_set_shared_policy+0xa5/0x890
[  802.794378][T16473]  ? __pfx_shmem_set_policy+0x10/0x10
[  802.794397][T16473]  mbind_range+0x339/0x550
[  802.794419][T16473]  do_mbind+0x7dc/0xfd0
[  802.794442][T16473]  ? __might_fault+0xc5/0x140
[  802.794464][T16473]  ? __pfx_do_mbind+0x10/0x10
[  802.794487][T16473]  ? _copy_from_user+0x59/0xd0
[  802.794511][T16473]  ? __pfx_get_nodes+0x10/0x10
[  802.794530][T16473]  kernel_mbind+0x1b7/0x200
[  802.794550][T16473]  ? __pfx_kernel_mbind+0x10/0x10
[  802.794575][T16473]  do_syscall_64+0x106/0xf80
[  802.794592][T16473]  ? clear_bhb_loop+0x40/0x90
[  802.794610][T16473]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  802.794625][T16473] RIP: 0033:0x7ff0c4b9c819
[  802.794638][T16473] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  802.794655][T16473] RSP: 002b:00007ff0c5aa6028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed
[  802.794670][T16473] RAX: ffffffffffffffda RBX: 00007ff0c4e15fa0 RCX: 00007ff0c4b9c819
[  802.794681][T16473] RDX: 0000000000008003 RSI: 0000000000800605 RDI: 0000000000000000
[  802.794689][T16473] RBP: 00007ff0c4c32c91 R08: 0000000000000003 R09: 0000000000000003
[  802.794699][T16473] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000000
[  802.794708][T16473] R13: 00007ff0c4e16038 R14: 00007ff0c4e15fa0 R15: 00007ffc890583a8
[  802.794728][T16473]  </TASK>
[  804.448999][T16515] FAULT_INJECTION: forcing a failure.
[  804.448999][T16515] name failslab, interval 1, probability 0, space 0, times 0
[  804.530275][T16515] CPU: 0 UID: 0 PID: 16515 Comm: syz.1.2303 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  804.530305][T16515] Tainted: [L]=SOFTLOCKUP
[  804.530311][T16515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  804.530320][T16515] Call Trace:
[  804.530327][T16515]  <TASK>
[  804.530335][T16515]  dump_stack_lvl+0x100/0x190
[  804.530365][T16515]  should_fail_ex.cold+0x5/0xa
[  804.530385][T16515]  ? kobject_get_path+0xcf/0x2c0
[  804.530404][T16515]  should_failslab+0xc2/0x120
[  804.530421][T16515]  __kmalloc_noprof+0xe0/0x850
[  804.530449][T16515]  kobject_get_path+0xcf/0x2c0
[  804.530471][T16515]  kobject_uevent_env+0x287/0x18b0
[  804.530495][T16515]  ? bus_to_subsys+0x114/0x150
[  804.530520][T16515]  device_add+0x116e/0x1950
[  804.530542][T16515]  ? __pfx_device_add+0x10/0x10
[  804.530569][T16515]  nfc_register_device+0x41/0x3e0
[  804.530588][T16515]  nci_register_device+0x7f1/0xb80
[  804.530610][T16515]  ? __pfx_nci_register_device+0x10/0x10
[  804.530634][T16515]  ? lockdep_init_map_type+0x5c/0x250
[  804.530659][T16515]  virtual_ncidev_open+0x141/0x220
[  804.530682][T16515]  ? __pfx_virtual_ncidev_open+0x10/0x10
[  804.530713][T16515]  misc_open+0x26d/0x450
[  804.530733][T16515]  ? __pfx_misc_open+0x10/0x10
[  804.530753][T16515]  chrdev_open+0x234/0x6a0
[  804.530769][T16515]  ? __pfx_apparmor_file_open+0x10/0x10
[  804.530786][T16515]  ? __pfx_chrdev_open+0x10/0x10
[  804.530804][T16515]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  804.530826][T16515]  do_dentry_open+0x6d8/0x1660
[  804.530842][T16515]  ? __pfx_chrdev_open+0x10/0x10
[  804.530864][T16515]  vfs_open+0x82/0x3f0
[  804.530886][T16515]  path_openat+0x208c/0x31a0
[  804.530910][T16515]  ? __pfx_path_openat+0x10/0x10
[  804.530933][T16515]  do_file_open+0x20e/0x430
[  804.530951][T16515]  ? __pfx_do_file_open+0x10/0x10
[  804.530982][T16515]  ? alloc_fd+0x476/0x790
[  804.530999][T16515]  ? do_getname+0x191/0x390
[  804.531021][T16515]  do_sys_openat2+0x10d/0x1e0
[  804.531041][T16515]  ? __pfx_do_sys_openat2+0x10/0x10
[  804.531062][T16515]  ? __fget_files+0x21f/0x3d0
[  804.531081][T16515]  __x64_sys_openat+0x12d/0x210
[  804.531102][T16515]  ? __pfx___x64_sys_openat+0x10/0x10
[  804.531130][T16515]  do_syscall_64+0x106/0xf80
[  804.531147][T16515]  ? clear_bhb_loop+0x40/0x90
[  804.531165][T16515]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  804.531182][T16515] RIP: 0033:0x7ff0c4b9c819
[  804.531197][T16515] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  804.531211][T16515] RSP: 002b:00007ff0c5aa6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  804.531227][T16515] RAX: ffffffffffffffda RBX: 00007ff0c4e15fa0 RCX: 00007ff0c4b9c819
[  804.531238][T16515] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  804.531247][T16515] RBP: 00007ff0c4c32c91 R08: 0000000000000000 R09: 0000000000000000
[  804.531257][T16515] R10: 000000000000003e R11: 0000000000000246 R12: 0000000000000000
[  804.531266][T16515] R13: 00007ff0c4e16038 R14: 00007ff0c4e15fa0 R15: 00007ffc890583a8
[  804.531287][T16515]  </TASK>
[  805.468847][T16528] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2306'.
[  805.586894][T16530] FAULT_INJECTION: forcing a failure.
[  805.586894][T16530] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  805.644089][T16530] CPU: 0 UID: 0 PID: 16530 Comm: syz.1.2307 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  805.644116][T16530] Tainted: [L]=SOFTLOCKUP
[  805.644121][T16530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  805.644131][T16530] Call Trace:
[  805.644137][T16530]  <TASK>
[  805.644143][T16530]  dump_stack_lvl+0x100/0x190
[  805.644171][T16530]  should_fail_ex.cold+0x5/0xa
[  805.644187][T16530]  ? prepare_alloc_pages+0x16d/0x5f0
[  805.644207][T16530]  should_fail_alloc_page+0xeb/0x140
[  805.644226][T16530]  prepare_alloc_pages+0x1f0/0x5f0
[  805.644244][T16530]  ? __lock_acquire+0x4a5/0x2630
[  805.644267][T16530]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  805.644295][T16530]  ? lock_acquire+0x1cf/0x380
[  805.644317][T16530]  ? __lock_acquire+0x4a5/0x2630
[  805.644337][T16530]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  805.644366][T16530]  ? do_raw_spin_lock+0x128/0x260
[  805.644392][T16530]  ? mark_held_locks+0x40/0x70
[  805.644411][T16530]  ? find_held_lock+0x2b/0x80
[  805.644425][T16530]  ? find_held_lock+0x2b/0x80
[  805.644438][T16530]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  805.644456][T16530]  ? policy_nodemask+0xed/0x4f0
[  805.644474][T16530]  alloc_pages_mpol+0x1fb/0x550
[  805.644492][T16530]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  805.644513][T16530]  folio_alloc_mpol_noprof+0x36/0x340
[  805.644534][T16530]  vma_alloc_folio_noprof+0xed/0x1d0
[  805.644554][T16530]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  805.644579][T16530]  do_anonymous_page+0xb3a/0x1fb0
[  805.644607][T16530]  __handle_mm_fault+0x1d48/0x2b60
[  805.644633][T16530]  ? reacquire_held_locks+0xce/0x1e0
[  805.644653][T16530]  ? __pfx___handle_mm_fault+0x10/0x10
[  805.644677][T16530]  ? lock_vma_under_rcu+0x17c/0x590
[  805.644709][T16530]  handle_mm_fault+0x36d/0xa20
[  805.644734][T16530]  do_user_addr_fault+0x5a3/0x12f0
[  805.644755][T16530]  exc_page_fault+0x6f/0xd0
[  805.644772][T16530]  asm_exc_page_fault+0x26/0x30
[  805.644787][T16530] RIP: 0033:0x7ff0c4a5dfcb
[  805.644801][T16530] Code: 00 00 00 48 8d 3d bd a6 1a 00 48 89 c1 31 c0 e8 5b 32 ff ff eb d2 66 0f 1f 84 00 00 00 00 00 55 31 c0 53 48 81 ec 68 10 00 00 <48> 89 7c 24 08 48 8d 3d f1 a6 1a 00 48 89 34 24 48 8b 14 24 48 8b
[  805.644816][T16530] RSP: 002b:00007ff0c5aa4fa0 EFLAGS: 00010206
[  805.644829][T16530] RAX: 0000000000000000 RBX: 00007ff0c4e15fa0 RCX: 0000000000000000
[  805.644838][T16530] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000200000000640
[  805.644848][T16530] RBP: 00007ff0c5aa6090 R08: 0000000000000000 R09: 0000000000000000
[  805.644857][T16530] R10: 0000200000000640 R11: 0000000000000000 R12: 0000000000000001
[  805.644872][T16530] R13: 00007ff0c4e16038 R14: 00007ff0c4e15fa0 R15: 00007ffc890583a8
[  805.644892][T16530]  </TASK>
[  805.645054][T16530] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  806.170033][T16533] FAULT_INJECTION: forcing a failure.
[  806.170033][T16533] name failslab, interval 1, probability 0, space 0, times 0
[  806.204752][T16533] CPU: 0 UID: 0 PID: 16533 Comm: syz.2.2308 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  806.204779][T16533] Tainted: [L]=SOFTLOCKUP
[  806.204786][T16533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  806.204796][T16533] Call Trace:
[  806.204802][T16533]  <TASK>
[  806.204808][T16533]  dump_stack_lvl+0x100/0x190
[  806.204838][T16533]  should_fail_ex.cold+0x5/0xa
[  806.204858][T16533]  should_failslab+0xc2/0x120
[  806.204876][T16533]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  806.204899][T16533]  ? __mpol_dup+0x74/0x390
[  806.204921][T16533]  __mpol_dup+0x74/0x390
[  806.204939][T16533]  ? __pfx___mpol_dup+0x10/0x10
[  806.204957][T16533]  ? kmem_cache_alloc_noprof+0x292/0x6e0
[  806.204979][T16533]  ? sp_alloc+0x27/0x160
[  806.205001][T16533]  sp_alloc+0x4d/0x160
[  806.205020][T16533]  mpol_set_shared_policy+0xa5/0x890
[  806.205043][T16533]  ? __pfx_shmem_set_policy+0x10/0x10
[  806.205061][T16533]  mbind_range+0x339/0x550
[  806.205082][T16533]  do_mbind+0x7dc/0xfd0
[  806.205105][T16533]  ? __might_fault+0xc5/0x140
[  806.205127][T16533]  ? __pfx_do_mbind+0x10/0x10
[  806.205149][T16533]  ? _copy_from_user+0x59/0xd0
[  806.205174][T16533]  ? __pfx_get_nodes+0x10/0x10
[  806.205193][T16533]  kernel_mbind+0x1b7/0x200
[  806.205214][T16533]  ? __pfx_kernel_mbind+0x10/0x10
[  806.205240][T16533]  do_syscall_64+0x106/0xf80
[  806.205256][T16533]  ? clear_bhb_loop+0x40/0x90
[  806.205274][T16533]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  806.205290][T16533] RIP: 0033:0x7eff1159c819
[  806.205304][T16533] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  806.205319][T16533] RSP: 002b:00007eff1239e028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed
[  806.205334][T16533] RAX: ffffffffffffffda RBX: 00007eff11816090 RCX: 00007eff1159c819
[  806.205344][T16533] RDX: 0000000000008003 RSI: 0000000000800605 RDI: 0000000000000000
[  806.205353][T16533] RBP: 00007eff11632c91 R08: 0000000000000003 R09: 0000000000000003
[  806.205362][T16533] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000000
[  806.205371][T16533] R13: 00007eff11816128 R14: 00007eff11816090 R15: 00007ffd1179f578
[  806.205390][T16533]  </TASK>
[  806.467946][T16535] FAULT_INJECTION: forcing a failure.
[  806.467946][T16535] name failslab, interval 1, probability 0, space 0, times 0
[  806.480813][T16535] CPU: 0 UID: 0 PID: 16535 Comm: syz.3.2304 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  806.480841][T16535] Tainted: [L]=SOFTLOCKUP
[  806.480847][T16535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  806.480858][T16535] Call Trace:
[  806.480865][T16535]  <TASK>
[  806.480873][T16535]  dump_stack_lvl+0x100/0x190
[  806.480903][T16535]  should_fail_ex.cold+0x5/0xa
[  806.480927][T16535]  should_failslab+0xc2/0x120
[  806.480998][T16535]  __kmalloc_node_track_caller_noprof+0xe3/0x850
[  806.481017][T16535]  ? __kthread_create_on_node+0x186/0x3f0
[  806.481042][T16535]  kvasprintf+0xbc/0x150
[  806.481063][T16535]  ? __pfx_kvasprintf+0x10/0x10
[  806.481090][T16535]  ? __pfx_rescuer_thread+0x10/0x10
[  806.481111][T16535]  __kthread_create_on_node+0x186/0x3f0
[  806.481131][T16535]  ? __pfx___kthread_create_on_node+0x10/0x10
[  806.481154][T16535]  ? __pfx_vsnprintf+0x10/0x10
[  806.481173][T16535]  ? __pfx_rescuer_thread+0x10/0x10
[  806.481194][T16535]  kthread_create_on_node+0xc7/0x100
[  806.481213][T16535]  ? __pfx_kthread_create_on_node+0x10/0x10
[  806.481230][T16535]  ? __pfx_scnprintf+0x10/0x10
[  806.481258][T16535]  init_rescuer+0x321/0x550
[  806.481279][T16535]  ? __pfx_init_rescuer+0x10/0x10
[  806.481310][T16535]  ? wq_adjust_max_active+0x352/0x4a0
[  806.481335][T16535]  __alloc_workqueue+0xc90/0x1880
[  806.481357][T16535]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  806.481384][T16535]  alloc_workqueue_noprof+0xd2/0x200
[  806.481403][T16535]  ? __pfx_alloc_workqueue_noprof+0x10/0x10
[  806.481427][T16535]  ? __pfx___debug_object_init+0x10/0x10
[  806.481448][T16535]  nci_register_device+0x21e/0xb80
[  806.481471][T16535]  ? __pfx_nci_register_device+0x10/0x10
[  806.481495][T16535]  ? lockdep_init_map_type+0x5c/0x250
[  806.481520][T16535]  virtual_ncidev_open+0x141/0x220
[  806.481592][T16535]  ? __pfx_virtual_ncidev_open+0x10/0x10
[  806.481614][T16535]  misc_open+0x26d/0x450
[  806.481634][T16535]  ? __pfx_misc_open+0x10/0x10
[  806.481653][T16535]  chrdev_open+0x234/0x6a0
[  806.481670][T16535]  ? __pfx_apparmor_file_open+0x10/0x10
[  806.481688][T16535]  ? __pfx_chrdev_open+0x10/0x10
[  806.481706][T16535]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  806.481728][T16535]  do_dentry_open+0x6d8/0x1660
[  806.481745][T16535]  ? __pfx_chrdev_open+0x10/0x10
[  806.481766][T16535]  vfs_open+0x82/0x3f0
[  806.481796][T16535]  path_openat+0x208c/0x31a0
[  806.481821][T16535]  ? __pfx_path_openat+0x10/0x10
[  806.481845][T16535]  do_file_open+0x20e/0x430
[  806.481863][T16535]  ? __pfx_do_file_open+0x10/0x10
[  806.481893][T16535]  ? alloc_fd+0x476/0x790
[  806.481912][T16535]  ? do_getname+0x191/0x390
[  806.481934][T16535]  do_sys_openat2+0x10d/0x1e0
[  806.481955][T16535]  ? __pfx_do_sys_openat2+0x10/0x10
[  806.481983][T16535]  __x64_sys_openat+0x12d/0x210
[  806.482004][T16535]  ? __pfx___x64_sys_openat+0x10/0x10
[  806.482036][T16535]  do_syscall_64+0x106/0xf80
[  806.482052][T16535]  ? clear_bhb_loop+0x40/0x90
[  806.482071][T16535]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  806.482086][T16535] RIP: 0033:0x7f48c4d9c819
[  806.482102][T16535] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  806.482118][T16535] RSP: 002b:00007f48c2fd5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  806.482134][T16535] RAX: ffffffffffffffda RBX: 00007f48c5016090 RCX: 00007f48c4d9c819
[  806.482145][T16535] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  806.482154][T16535] RBP: 00007f48c4e32c91 R08: 0000000000000000 R09: 0000000000000000
[  806.482164][T16535] R10: 000000000000003e R11: 0000000000000246 R12: 0000000000000000
[  806.482173][T16535] R13: 00007f48c5016128 R14: 00007f48c5016090 R15: 00007ffd7b7acd48
[  806.482195][T16535]  </TASK>
[  806.483658][T16535] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -ENOMEM
[  806.956366][T16537] FAULT_INJECTION: forcing a failure.
[  806.956366][T16537] name failslab, interval 1, probability 0, space 0, times 0
[  807.043277][T16537] CPU: 0 UID: 0 PID: 16537 Comm: syz.0.2309 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  807.043307][T16537] Tainted: [L]=SOFTLOCKUP
[  807.043313][T16537] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  807.043322][T16537] Call Trace:
[  807.043328][T16537]  <TASK>
[  807.043335][T16537]  dump_stack_lvl+0x100/0x190
[  807.043364][T16537]  should_fail_ex.cold+0x5/0xa
[  807.043384][T16537]  should_failslab+0xc2/0x120
[  807.043401][T16537]  __kmalloc_cache_noprof+0x7a/0x6f0
[  807.043424][T16537]  ? snd_pcm_oss_change_params_locked+0x247/0x39f0
[  807.043451][T16537]  snd_pcm_oss_change_params_locked+0x247/0x39f0
[  807.043482][T16537]  ? __mutex_lock+0x26a/0x1b90
[  807.043505][T16537]  ? snd_pcm_oss_sync+0x243/0x840
[  807.043527][T16537]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  807.043553][T16537]  ? __pfx___mutex_lock+0x10/0x10
[  807.043574][T16537]  ? __fsnotify_parent+0x2b4/0xca0
[  807.043596][T16537]  snd_pcm_oss_make_ready_locked+0xb7/0x130
[  807.043619][T16537]  snd_pcm_oss_sync+0x265/0x840
[  807.043643][T16537]  snd_pcm_oss_release+0x238/0x300
[  807.043664][T16537]  ? __pfx_snd_pcm_oss_release+0x10/0x10
[  807.043685][T16537]  __fput+0x3ff/0xb40
[  807.043708][T16537]  task_work_run+0x150/0x240
[  807.043733][T16537]  ? __pfx_task_work_run+0x10/0x10
[  807.043760][T16537]  exit_to_user_mode_loop+0x100/0x4a0
[  807.043793][T16537]  do_syscall_64+0x668/0xf80
[  807.043811][T16537]  ? clear_bhb_loop+0x40/0x90
[  807.043830][T16537]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  807.043846][T16537] RIP: 0033:0x7f0e3839c819
[  807.043861][T16537] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  807.043876][T16537] RSP: 002b:00007f0e392e2028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  807.043892][T16537] RAX: 0000000000000000 RBX: 00007f0e38615fa0 RCX: 00007f0e3839c819
[  807.043903][T16537] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[  807.043912][T16537] RBP: 00007f0e38432c91 R08: 0000000000000000 R09: 0000000000000000
[  807.043921][T16537] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  807.043930][T16537] R13: 00007f0e38616038 R14: 00007f0e38615fa0 R15: 00007ffefe201b48
[  807.043949][T16537]  </TASK>
[  807.797056][T16545] EXT4-fs error (device sda1): ext4_validate_inode_bitmap:104: comm syz-executor: Corrupt inode bitmap - block_group = 0, inode_bitmap = 137
[  807.805255][T16545] EXT4-fs error (device sda1): ext4_validate_inode_bitmap:104: comm syz-executor: Corrupt inode bitmap - block_group = 1, inode_bitmap = 138
[  807.834592][T16545] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz-executor: bg 0: bad block bitmap checksum
[  808.338896][T16555] FAULT_INJECTION: forcing a failure.
[  808.338896][T16555] name failslab, interval 1, probability 0, space 0, times 0
[  808.390218][T16555] CPU: 0 UID: 0 PID: 16555 Comm: syz.1.2313 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  808.390247][T16555] Tainted: [L]=SOFTLOCKUP
[  808.390253][T16555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  808.390263][T16555] Call Trace:
[  808.390269][T16555]  <TASK>
[  808.390276][T16555]  dump_stack_lvl+0x100/0x190
[  808.390305][T16555]  should_fail_ex.cold+0x5/0xa
[  808.390325][T16555]  should_failslab+0xc2/0x120
[  808.390343][T16555]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  808.390367][T16555]  ? __proc_create+0x2cb/0x8c0
[  808.390386][T16555]  __proc_create+0x2cb/0x8c0
[  808.390402][T16555]  ? __pfx___proc_create+0x10/0x10
[  808.390425][T16555]  proc_create_reg+0x75/0x170
[  808.390443][T16555]  proc_create_net_data+0x8e/0x1c0
[  808.390460][T16555]  ? __pfx_proc_create_net_data+0x10/0x10
[  808.390475][T16555]  ? net_generic+0xea/0x2a0
[  808.390495][T16555]  ? __pfx_phonet_init_net+0x10/0x10
[  808.390511][T16555]  phonet_init_net+0x66/0x120
[  808.390528][T16555]  ops_init+0x1e2/0x5f0
[  808.390547][T16555]  setup_net+0x118/0x3a0
[  808.390565][T16555]  ? __pfx_setup_net+0x10/0x10
[  808.390583][T16555]  ? lockdep_init_map_type+0x5c/0x250
[  808.390605][T16555]  ? mutex_init_lockep+0x110/0x150
[  808.390629][T16555]  copy_net_ns+0x46f/0x7c0
[  808.390649][T16555]  create_new_namespaces+0x3ea/0xac0
[  808.390682][T16555]  unshare_nsproxy_namespaces+0xc3/0x1f0
[  808.390703][T16555]  ksys_unshare+0x473/0xad0
[  808.390725][T16555]  ? __pfx_ksys_unshare+0x10/0x10
[  808.390752][T16555]  __x64_sys_unshare+0x31/0x40
[  808.390771][T16555]  do_syscall_64+0x106/0xf80
[  808.390787][T16555]  ? clear_bhb_loop+0x40/0x90
[  808.390806][T16555]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  808.390823][T16555] RIP: 0033:0x7ff0c4b9c819
[  808.390837][T16555] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  808.390851][T16555] RSP: 002b:00007ff0c5aa6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  808.390866][T16555] RAX: ffffffffffffffda RBX: 00007ff0c4e15fa0 RCX: 00007ff0c4b9c819
[  808.390878][T16555] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  808.390888][T16555] RBP: 00007ff0c4c32c91 R08: 0000000000000000 R09: 0000000000000000
[  808.390898][T16555] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  808.390907][T16555] R13: 00007ff0c4e16038 R14: 00007ff0c4e15fa0 R15: 00007ffc890583a8
[  808.390927][T16555]  </TASK>
[  808.918067][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  808.943878][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  808.975042][ T5837] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  808.992953][ T5837] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  809.005013][ T5837] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  809.014057][T16565] FAULT_INJECTION: forcing a failure.
[  809.014057][T16565] name failslab, interval 1, probability 0, space 0, times 0
[  809.027628][T16565] CPU: 0 UID: 0 PID: 16565 Comm: syz.0.2316 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  809.027655][T16565] Tainted: [L]=SOFTLOCKUP
[  809.027661][T16565] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  809.027671][T16565] Call Trace:
[  809.027677][T16565]  <TASK>
[  809.027684][T16565]  dump_stack_lvl+0x100/0x190
[  809.027713][T16565]  should_fail_ex.cold+0x5/0xa
[  809.027733][T16565]  should_failslab+0xc2/0x120
[  809.027750][T16565]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  809.027773][T16565]  ? skb_clone+0x190/0x400
[  809.027792][T16565]  skb_clone+0x190/0x400
[  809.027807][T16565]  netlink_broadcast_filtered+0xb6a/0xf50
[  809.027831][T16565]  ? __alloc_skb+0x5b7/0x710
[  809.027857][T16565]  ? __pfx_netlink_broadcast_filtered+0x10/0x10
[  809.027873][T16565]  ? netlink_has_listeners+0x20f/0x430
[  809.027888][T16565]  ? netlink_has_listeners+0x20f/0x430
[  809.027906][T16565]  netlink_broadcast+0x39/0x50
[  809.027923][T16565]  kobject_uevent_env+0xcdd/0x18b0
[  809.027948][T16565]  ? bus_to_subsys+0x114/0x150
[  809.027974][T16565]  device_add+0x116e/0x1950
[  809.027995][T16565]  ? __pfx_device_add+0x10/0x10
[  809.028023][T16565]  nfc_register_device+0x41/0x3e0
[  809.028042][T16565]  nci_register_device+0x7f1/0xb80
[  809.028064][T16565]  ? __pfx_nci_register_device+0x10/0x10
[  809.028088][T16565]  ? lockdep_init_map_type+0x5c/0x250
[  809.028113][T16565]  virtual_ncidev_open+0x141/0x220
[  809.028136][T16565]  ? __pfx_virtual_ncidev_open+0x10/0x10
[  809.028159][T16565]  misc_open+0x26d/0x450
[  809.028179][T16565]  ? __pfx_misc_open+0x10/0x10
[  809.028197][T16565]  chrdev_open+0x234/0x6a0
[  809.028213][T16565]  ? __pfx_apparmor_file_open+0x10/0x10
[  809.028231][T16565]  ? __pfx_chrdev_open+0x10/0x10
[  809.028248][T16565]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  809.028270][T16565]  do_dentry_open+0x6d8/0x1660
[  809.028295][T16565]  ? __pfx_chrdev_open+0x10/0x10
[  809.028317][T16565]  vfs_open+0x82/0x3f0
[  809.028339][T16565]  path_openat+0x208c/0x31a0
[  809.028363][T16565]  ? __pfx_path_openat+0x10/0x10
[  809.028391][T16565]  do_file_open+0x20e/0x430
[  809.028409][T16565]  ? __pfx_do_file_open+0x10/0x10
[  809.028440][T16565]  ? alloc_fd+0x476/0x790
[  809.028458][T16565]  ? do_getname+0x191/0x390
[  809.028481][T16565]  do_sys_openat2+0x10d/0x1e0
[  809.028502][T16565]  ? __pfx_do_sys_openat2+0x10/0x10
[  809.028523][T16565]  ? __fget_files+0x21f/0x3d0
[  809.028546][T16565]  __x64_sys_openat+0x12d/0x210
[  809.028567][T16565]  ? __pfx___x64_sys_openat+0x10/0x10
[  809.028595][T16565]  do_syscall_64+0x106/0xf80
[  809.028611][T16565]  ? clear_bhb_loop+0x40/0x90
[  809.028641][T16565]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  809.028658][T16565] RIP: 0033:0x7f0e3839c819
[  809.028673][T16565] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  809.028688][T16565] RSP: 002b:00007f0e392e2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  809.028703][T16565] RAX: ffffffffffffffda RBX: 00007f0e38615fa0 RCX: 00007f0e3839c819
[  809.028714][T16565] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  809.028724][T16565] RBP: 00007f0e38432c91 R08: 0000000000000000 R09: 0000000000000000
[  809.028734][T16565] R10: 000000000000003e R11: 0000000000000246 R12: 0000000000000000
[  809.028744][T16565] R13: 00007f0e38616038 R14: 00007f0e38615fa0 R15: 00007ffefe201b48
[  809.028775][T16565]  </TASK>
[  809.032757][ T5837] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  809.419632][ T5837] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  809.535395][T16562] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.3.2315: iget: checksum invalid
[  809.569106][T16562] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74
[  809.635581][T16562] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.3.2315: iget: checksum invalid
[  809.726237][T16562] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74
[  809.790149][T16562] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.3.2315: iget: checksum invalid
[  809.927709][T16562] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74
[  809.965808][ T9923] bridge_slave_1: left allmulticast mode
[  809.983043][ T9923] bridge_slave_1: left promiscuous mode
[  810.005704][ T9923] bridge0: port 2(bridge_slave_1) entered disabled state
[  810.015319][T16562] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.3.2315: iget: checksum invalid
[  810.062081][ T9923] bridge_slave_0: left allmulticast mode
[  810.077750][T16562] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74
[  810.107861][ T9923] bridge_slave_0: left promiscuous mode
[  810.113725][ T9923] bridge0: port 1(bridge_slave_0) entered disabled state
[  810.134764][T16562] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74
[  810.182536][T16562] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  810.495847][T16582] FAULT_INJECTION: forcing a failure.
[  810.495847][T16582] name failslab, interval 1, probability 0, space 0, times 0
[  810.553282][T16582] CPU: 0 UID: 0 PID: 16582 Comm: syz.3.2320 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  810.553310][T16582] Tainted: [L]=SOFTLOCKUP
[  810.553316][T16582] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  810.553326][T16582] Call Trace:
[  810.553332][T16582]  <TASK>
[  810.553339][T16582]  dump_stack_lvl+0x100/0x190
[  810.553368][T16582]  should_fail_ex.cold+0x5/0xa
[  810.553388][T16582]  should_failslab+0xc2/0x120
[  810.553406][T16582]  __kmalloc_cache_node_noprof+0x7d/0x770
[  810.553422][T16582]  ? __alloc_workqueue+0xf78/0x1880
[  810.553441][T16582]  ? lockdep_init_map_type+0x5c/0x250
[  810.553465][T16582]  __alloc_workqueue+0xf78/0x1880
[  810.553486][T16582]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  810.553513][T16582]  alloc_workqueue_noprof+0xd2/0x200
[  810.553531][T16582]  ? __pfx_alloc_workqueue_noprof+0x10/0x10
[  810.553556][T16582]  ? __pfx___debug_object_init+0x10/0x10
[  810.553577][T16582]  nci_register_device+0x394/0xb80
[  810.553601][T16582]  ? __pfx_nci_register_device+0x10/0x10
[  810.553624][T16582]  ? lockdep_init_map_type+0x5c/0x250
[  810.553648][T16582]  virtual_ncidev_open+0x141/0x220
[  810.553672][T16582]  ? __pfx_virtual_ncidev_open+0x10/0x10
[  810.553694][T16582]  misc_open+0x26d/0x450
[  810.553714][T16582]  ? __pfx_misc_open+0x10/0x10
[  810.553732][T16582]  chrdev_open+0x234/0x6a0
[  810.553748][T16582]  ? __pfx_apparmor_file_open+0x10/0x10
[  810.553765][T16582]  ? __pfx_chrdev_open+0x10/0x10
[  810.553783][T16582]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  810.553809][T16582]  do_dentry_open+0x6d8/0x1660
[  810.553825][T16582]  ? __pfx_chrdev_open+0x10/0x10
[  810.553846][T16582]  vfs_open+0x82/0x3f0
[  810.553868][T16582]  path_openat+0x208c/0x31a0
[  810.553893][T16582]  ? __pfx_path_openat+0x10/0x10
[  810.553918][T16582]  do_file_open+0x20e/0x430
[  810.553936][T16582]  ? __pfx_do_file_open+0x10/0x10
[  810.553966][T16582]  ? alloc_fd+0x476/0x790
[  810.553984][T16582]  ? do_getname+0x191/0x390
[  810.554005][T16582]  do_sys_openat2+0x10d/0x1e0
[  810.554026][T16582]  ? __pfx_do_sys_openat2+0x10/0x10
[  810.554053][T16582]  __x64_sys_openat+0x12d/0x210
[  810.554074][T16582]  ? __pfx___x64_sys_openat+0x10/0x10
[  810.554101][T16582]  do_syscall_64+0x106/0xf80
[  810.554117][T16582]  ? clear_bhb_loop+0x40/0x90
[  810.554135][T16582]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  810.554151][T16582] RIP: 0033:0x7f48c4d9c819
[  810.554165][T16582] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  810.554180][T16582] RSP: 002b:00007f48c2ff6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  810.554196][T16582] RAX: ffffffffffffffda RBX: 00007f48c5015fa0 RCX: 00007f48c4d9c819
[  810.554206][T16582] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  810.554216][T16582] RBP: 00007f48c4e32c91 R08: 0000000000000000 R09: 0000000000000000
[  810.554226][T16582] R10: 000000000000003e R11: 0000000000000246 R12: 0000000000000000
[  810.554242][T16582] R13: 00007f48c5016038 R14: 00007f48c5015fa0 R15: 00007ffd7b7acd48
[  810.554263][T16582]  </TASK>
[  810.868717][ T9923] tunl0 (unregistering): left allmulticast mode
[  811.322705][ T9923] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  811.397947][ T9923] bond_slave_0: left promiscuous mode
[  811.420798][ T9923] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  811.500635][ T9923] bond_slave_1: left promiscuous mode
[  811.513050][ T9923] bond0 (unregistering): Released all slaves
[  811.545483][ T5837] Bluetooth: hci1: command tx timeout
[  811.805617][ T9923] ovs_: left promiscuous mode
[  812.006954][T16558] chnl_net:caif_netlink_parms(): no params data found
[  812.349546][ T9923] hsr_slave_0: left promiscuous mode
[  812.368930][ T9923] hsr_slave_1: left promiscuous mode
[  812.406954][ T9923] veth1_macvtap: left promiscuous mode
[  812.449810][ T9923] veth0_macvtap: left promiscuous mode
[  812.474366][ T9923] veth1_vlan: left promiscuous mode
[  812.480888][T16634] FAULT_INJECTION: forcing a failure.
[  812.480888][T16634] name failslab, interval 1, probability 0, space 0, times 0
[  812.512296][ T9923] veth0_vlan: left promiscuous mode
[  812.539438][T16634] CPU: 0 UID: 0 PID: 16634 Comm: syz.3.2325 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  812.539467][T16634] Tainted: [L]=SOFTLOCKUP
[  812.539473][T16634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  812.539483][T16634] Call Trace:
[  812.539490][T16634]  <TASK>
[  812.539497][T16634]  dump_stack_lvl+0x100/0x190
[  812.539526][T16634]  should_fail_ex.cold+0x5/0xa
[  812.539546][T16634]  should_failslab+0xc2/0x120
[  812.539563][T16634]  __kmalloc_cache_noprof+0x7a/0x6f0
[  812.539584][T16634]  ? nfc_llcp_register_device+0x4b/0xa60
[  812.539604][T16634]  nfc_llcp_register_device+0x4b/0xa60
[  812.539621][T16634]  nfc_register_device+0x6d/0x3e0
[  812.539640][T16634]  nci_register_device+0x7f1/0xb80
[  812.539663][T16634]  ? __pfx_nci_register_device+0x10/0x10
[  812.539687][T16634]  ? lockdep_init_map_type+0x5c/0x250
[  812.539712][T16634]  virtual_ncidev_open+0x141/0x220
[  812.539735][T16634]  ? __pfx_virtual_ncidev_open+0x10/0x10
[  812.539757][T16634]  misc_open+0x26d/0x450
[  812.539778][T16634]  ? __pfx_misc_open+0x10/0x10
[  812.539797][T16634]  chrdev_open+0x234/0x6a0
[  812.539813][T16634]  ? __pfx_apparmor_file_open+0x10/0x10
[  812.539831][T16634]  ? __pfx_chrdev_open+0x10/0x10
[  812.539848][T16634]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  812.539869][T16634]  do_dentry_open+0x6d8/0x1660
[  812.539885][T16634]  ? __pfx_chrdev_open+0x10/0x10
[  812.539924][T16634]  vfs_open+0x82/0x3f0
[  812.539946][T16634]  path_openat+0x208c/0x31a0
[  812.539971][T16634]  ? __pfx_path_openat+0x10/0x10
[  812.539995][T16634]  do_file_open+0x20e/0x430
[  812.540014][T16634]  ? __pfx_do_file_open+0x10/0x10
[  812.540044][T16634]  ? alloc_fd+0x476/0x790
[  812.540062][T16634]  ? do_getname+0x191/0x390
[  812.540083][T16634]  do_sys_openat2+0x10d/0x1e0
[  812.540103][T16634]  ? __pfx_do_sys_openat2+0x10/0x10
[  812.540131][T16634]  ? __fget_files+0x21f/0x3d0
[  812.540151][T16634]  __x64_sys_openat+0x12d/0x210
[  812.540173][T16634]  ? __pfx___x64_sys_openat+0x10/0x10
[  812.540203][T16634]  do_syscall_64+0x106/0xf80
[  812.540219][T16634]  ? clear_bhb_loop+0x40/0x90
[  812.540238][T16634]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  812.540253][T16634] RIP: 0033:0x7f48c4d9c819
[  812.540267][T16634] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  812.540282][T16634] RSP: 002b:00007f48c2ff6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  812.540297][T16634] RAX: ffffffffffffffda RBX: 00007f48c5015fa0 RCX: 00007f48c4d9c819
[  812.540308][T16634] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  812.540318][T16634] RBP: 00007f48c4e32c91 R08: 0000000000000000 R09: 0000000000000000
[  812.540328][T16634] R10: 000000000000003e R11: 0000000000000246 R12: 0000000000000000
[  812.540338][T16634] R13: 00007f48c5016038 R14: 00007f48c5015fa0 R15: 00007ffd7b7acd48
[  812.540359][T16634]  </TASK>
[  812.540366][T16634] nfc: nfc_register_device: Could not register llcp device
[  813.091445][T16574] Process accounting resumed
[  813.615841][ T5837] Bluetooth: hci1: command tx timeout
[  813.630713][ T9923] team0 (unregistering): Port device team_slave_1 removed
[  813.715645][ T9923] team0 (unregistering): Port device team_slave_0 removed
[  813.754045][T16634] llcp: nfc_llcp_remove_local: Shutting down device not found
[  814.075126][T16648] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2328'.
[  814.191156][T16648] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2328'.
[  814.224281][T16651] FAULT_INJECTION: forcing a failure.
[  814.224281][T16651] name failslab, interval 1, probability 0, space 0, times 0
[  814.267647][T16648] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2328'.
[  814.304150][T16651] CPU: 0 UID: 0 PID: 16651 Comm: syz.1.2329 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  814.304178][T16651] Tainted: [L]=SOFTLOCKUP
[  814.304184][T16651] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  814.304194][T16651] Call Trace:
[  814.304200][T16651]  <TASK>
[  814.304207][T16651]  dump_stack_lvl+0x100/0x190
[  814.304237][T16651]  should_fail_ex.cold+0x5/0xa
[  814.304256][T16651]  should_failslab+0xc2/0x120
[  814.304275][T16651]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[  814.304298][T16651]  ? sock_alloc_inode+0x25/0x1c0
[  814.304318][T16651]  ? __pfx_sock_alloc_inode+0x10/0x10
[  814.304337][T16651]  sock_alloc_inode+0x25/0x1c0
[  814.304354][T16651]  alloc_inode+0x68/0x250
[  814.304375][T16651]  sock_alloc+0x44/0x280
[  814.304390][T16651]  ? security_socket_create+0x7f/0x250
[  814.304409][T16651]  __sock_create+0xc2/0x860
[  814.304431][T16651]  __sys_socket+0x14d/0x260
[  814.304452][T16651]  ? __pfx___sys_socket+0x10/0x10
[  814.304477][T16651]  __x64_sys_socket+0x72/0xb0
[  814.304497][T16651]  ? lockdep_hardirqs_on+0x78/0x100
[  814.304514][T16651]  do_syscall_64+0x106/0xf80
[  814.304529][T16651]  ? clear_bhb_loop+0x40/0x90
[  814.304548][T16651]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  814.304564][T16651] RIP: 0033:0x7ff0c4b9c819
[  814.304579][T16651] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  814.304594][T16651] RSP: 002b:00007ff0c5aa6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  814.304609][T16651] RAX: ffffffffffffffda RBX: 00007ff0c4e15fa0 RCX: 00007ff0c4b9c819
[  814.304619][T16651] RDX: 000000000000001f RSI: 0000000000000003 RDI: 0000000000000010
[  814.304628][T16651] RBP: 00007ff0c4c32c91 R08: 0000000000000000 R09: 0000000000000000
[  814.304637][T16651] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  814.304646][T16651] R13: 00007ff0c4e16038 R14: 00007ff0c4e15fa0 R15: 00007ffc890583a8
[  814.304665][T16651]  </TASK>
[  814.304675][T16651] socket: no more sockets
[  814.525118][T16648] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2328'.
[  814.564553][T16558] bridge0: port 1(bridge_slave_0) entered blocking state
[  814.572739][T16558] bridge0: port 1(bridge_slave_0) entered disabled state
[  814.581273][T16648] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2328'.
[  814.604174][T16648] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2328'.
[  814.624057][T16558] bridge_slave_0: entered allmulticast mode
[  814.631477][T16558] bridge_slave_0: entered promiscuous mode
[  814.646072][T16648] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2328'.
[  814.704459][T16648] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2328'.
[  814.720463][T16648] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2328'.
[  814.752481][T16648] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2328'.
[  814.763788][T16558] bridge0: port 2(bridge_slave_1) entered blocking state
[  814.770924][T16558] bridge0: port 2(bridge_slave_1) entered disabled state
[  814.830379][T16558] bridge_slave_1: entered allmulticast mode
[  814.865105][T16558] bridge_slave_1: entered promiscuous mode
[  814.969597][T16558] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  815.045705][T16558] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  815.182798][T16558] team0: Port device team_slave_0 added
[  815.191712][T16661] FAULT_INJECTION: forcing a failure.
[  815.191712][T16661] name failslab, interval 1, probability 0, space 0, times 0
[  815.242065][T16558] team0: Port device team_slave_1 added
[  815.252285][T16661] CPU: 0 UID: 0 PID: 16661 Comm: syz.3.2331 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  815.252312][T16661] Tainted: [L]=SOFTLOCKUP
[  815.252317][T16661] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  815.252328][T16661] Call Trace:
[  815.252334][T16661]  <TASK>
[  815.252341][T16661]  dump_stack_lvl+0x100/0x190
[  815.252370][T16661]  should_fail_ex.cold+0x5/0xa
[  815.252391][T16661]  should_failslab+0xc2/0x120
[  815.252408][T16661]  __kmalloc_cache_node_noprof+0x7d/0x770
[  815.252425][T16661]  ? __alloc_workqueue+0x711/0x1880
[  815.252443][T16661]  ? lockdep_init_map_type+0x5c/0x250
[  815.252467][T16661]  __alloc_workqueue+0x711/0x1880
[  815.252489][T16661]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  815.252516][T16661]  alloc_workqueue_noprof+0xd2/0x200
[  815.252534][T16661]  ? __pfx_alloc_workqueue_noprof+0x10/0x10
[  815.252559][T16661]  ? __pfx___debug_object_init+0x10/0x10
[  815.252581][T16661]  nci_register_device+0x394/0xb80
[  815.252605][T16661]  ? __pfx_nci_register_device+0x10/0x10
[  815.252630][T16661]  ? lockdep_init_map_type+0x5c/0x250
[  815.252653][T16661]  virtual_ncidev_open+0x141/0x220
[  815.252677][T16661]  ? __pfx_virtual_ncidev_open+0x10/0x10
[  815.252699][T16661]  misc_open+0x26d/0x450
[  815.252719][T16661]  ? __pfx_misc_open+0x10/0x10
[  815.252738][T16661]  chrdev_open+0x234/0x6a0
[  815.252754][T16661]  ? __pfx_apparmor_file_open+0x10/0x10
[  815.252771][T16661]  ? __pfx_chrdev_open+0x10/0x10
[  815.252788][T16661]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  815.252810][T16661]  do_dentry_open+0x6d8/0x1660
[  815.252826][T16661]  ? __pfx_chrdev_open+0x10/0x10
[  815.252847][T16661]  vfs_open+0x82/0x3f0
[  815.252869][T16661]  path_openat+0x208c/0x31a0
[  815.252891][T16661]  ? __pfx_path_openat+0x10/0x10
[  815.252915][T16661]  do_file_open+0x20e/0x430
[  815.252933][T16661]  ? __pfx_do_file_open+0x10/0x10
[  815.252974][T16661]  ? alloc_fd+0x476/0x790
[  815.252993][T16661]  ? do_getname+0x191/0x390
[  815.253016][T16661]  do_sys_openat2+0x10d/0x1e0
[  815.253038][T16661]  ? __pfx_do_sys_openat2+0x10/0x10
[  815.253065][T16661]  __x64_sys_openat+0x12d/0x210
[  815.253086][T16661]  ? __pfx___x64_sys_openat+0x10/0x10
[  815.253114][T16661]  do_syscall_64+0x106/0xf80
[  815.253130][T16661]  ? clear_bhb_loop+0x40/0x90
[  815.253149][T16661]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  815.253164][T16661] RIP: 0033:0x7f48c4d9c819
[  815.253178][T16661] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  815.253193][T16661] RSP: 002b:00007f48c2ff6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  815.253208][T16661] RAX: ffffffffffffffda RBX: 00007f48c5015fa0 RCX: 00007f48c4d9c819
[  815.253218][T16661] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  815.253228][T16661] RBP: 00007f48c4e32c91 R08: 0000000000000000 R09: 0000000000000000
[  815.253237][T16661] R10: 000000000000003e R11: 0000000000000246 R12: 0000000000000000
[  815.253247][T16661] R13: 00007f48c5016038 R14: 00007f48c5015fa0 R15: 00007ffd7b7acd48
[  815.253268][T16661]  </TASK>
[  815.956679][ T5837] Bluetooth: hci1: command tx timeout
[  816.305256][T16674] netlink: 'syz.3.2334': attribute type 2 has an invalid length.
[  816.649364][T16678] FAULT_INJECTION: forcing a failure.
[  816.649364][T16678] name failslab, interval 1, probability 0, space 0, times 0
[  816.722329][T16678] CPU: 0 UID: 0 PID: 16678 Comm: syz.1.2335 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  816.722358][T16678] Tainted: [L]=SOFTLOCKUP
[  816.722364][T16678] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  816.722373][T16678] Call Trace:
[  816.722379][T16678]  <TASK>
[  816.722386][T16678]  dump_stack_lvl+0x100/0x190
[  816.722415][T16678]  should_fail_ex.cold+0x5/0xa
[  816.722434][T16678]  ? nfc_llcp_build_tlv+0x105/0x250
[  816.722450][T16678]  should_failslab+0xc2/0x120
[  816.722468][T16678]  __kmalloc_noprof+0xe0/0x850
[  816.722497][T16678]  nfc_llcp_build_tlv+0x105/0x250
[  816.722512][T16678]  ? lockdep_hardirqs_on+0x78/0x100
[  816.722530][T16678]  nfc_llcp_build_gb.isra.0+0xed/0x3f0
[  816.722554][T16678]  ? __pfx_nfc_llcp_build_gb.isra.0+0x10/0x10
[  816.722582][T16678]  ? lockdep_init_map_type+0x5c/0x250
[  816.722603][T16678]  ? lockdep_init_map_type+0x5c/0x250
[  816.722626][T16678]  nfc_llcp_register_device+0x600/0xa60
[  816.722642][T16678]  nfc_register_device+0x6d/0x3e0
[  816.722659][T16678]  nci_register_device+0x7f1/0xb80
[  816.722682][T16678]  ? __pfx_nci_register_device+0x10/0x10
[  816.722706][T16678]  ? lockdep_init_map_type+0x5c/0x250
[  816.722729][T16678]  virtual_ncidev_open+0x141/0x220
[  816.722753][T16678]  ? __pfx_virtual_ncidev_open+0x10/0x10
[  816.722775][T16678]  misc_open+0x26d/0x450
[  816.722795][T16678]  ? __pfx_misc_open+0x10/0x10
[  816.722820][T16678]  chrdev_open+0x234/0x6a0
[  816.722843][T16678]  ? __pfx_apparmor_file_open+0x10/0x10
[  816.722861][T16678]  ? __pfx_chrdev_open+0x10/0x10
[  816.722880][T16678]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  816.722902][T16678]  do_dentry_open+0x6d8/0x1660
[  816.722919][T16678]  ? __pfx_chrdev_open+0x10/0x10
[  816.722940][T16678]  vfs_open+0x82/0x3f0
[  816.722962][T16678]  path_openat+0x208c/0x31a0
[  816.722986][T16678]  ? __pfx_path_openat+0x10/0x10
[  816.723009][T16678]  do_file_open+0x20e/0x430
[  816.723027][T16678]  ? __pfx_do_file_open+0x10/0x10
[  816.723057][T16678]  ? alloc_fd+0x476/0x790
[  816.723075][T16678]  ? do_getname+0x191/0x390
[  816.723095][T16678]  do_sys_openat2+0x10d/0x1e0
[  816.723116][T16678]  ? __pfx_do_sys_openat2+0x10/0x10
[  816.723137][T16678]  ? __fget_files+0x21f/0x3d0
[  816.723157][T16678]  __x64_sys_openat+0x12d/0x210
[  816.723178][T16678]  ? __pfx___x64_sys_openat+0x10/0x10
[  816.723206][T16678]  do_syscall_64+0x106/0xf80
[  816.723222][T16678]  ? clear_bhb_loop+0x40/0x90
[  816.723241][T16678]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  816.723256][T16678] RIP: 0033:0x7ff0c4b9c819
[  816.723271][T16678] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  816.723286][T16678] RSP: 002b:00007ff0c5aa6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  816.723301][T16678] RAX: ffffffffffffffda RBX: 00007ff0c4e15fa0 RCX: 00007ff0c4b9c819
[  816.723312][T16678] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  816.723323][T16678] RBP: 00007ff0c4c32c91 R08: 0000000000000000 R09: 0000000000000000
[  816.723332][T16678] R10: 000000000000003e R11: 0000000000000246 R12: 0000000000000000
[  816.723342][T16678] R13: 00007ff0c4e16038 R14: 00007ff0c4e15fa0 R15: 00007ffc890583a8
[  816.723374][T16678]  </TASK>
[  818.064811][ T5837] Bluetooth: hci1: command tx timeout
[  818.624042][T16558] batman_adv: batadv0: Adding interface: batadv_slave_0
[  818.653507][T16558] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  818.820560][T16558] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  818.897038][T16558] batman_adv: batadv0: Adding interface: batadv_slave_1
[  818.953911][T16558] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  819.087535][T16558] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  819.407707][T16558] hsr_slave_0: entered promiscuous mode
[  819.434654][T16558] hsr_slave_1: entered promiscuous mode
[  819.449878][T16558] debugfs: 'hsr0' already exists in 'hsr'
[  819.479168][T16558] Cannot create hsr debugfs directory
[  820.117745][T16720] openvswitch: ovs_: Dropping previously announced user features
[  820.646765][T16558] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  820.723566][T16558] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  820.797863][T16558] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  820.864757][T16558] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  821.313716][T16558] 8021q: adding VLAN 0 to HW filter on device bond0
[  821.391202][T16558] 8021q: adding VLAN 0 to HW filter on device team0
[  821.491984][  T142] bridge0: port 1(bridge_slave_0) entered blocking state
[  821.499282][  T142] bridge0: port 1(bridge_slave_0) entered forwarding state
[  821.589346][ T9923] bridge0: port 2(bridge_slave_1) entered blocking state
[  821.596541][ T9923] bridge0: port 2(bridge_slave_1) entered forwarding state
[  821.798405][T16558] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  822.616488][T16558] 8021q: adding VLAN 0 to HW filter on device batadv0
[  822.684419][T16765] FAULT_INJECTION: forcing a failure.
[  822.684419][T16765] name failslab, interval 1, probability 0, space 0, times 0
[  822.684452][T16765] CPU: 0 UID: 0 PID: 16765 Comm: syz.0.2350 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  822.684476][T16765] Tainted: [L]=SOFTLOCKUP
[  822.684481][T16765] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  822.684491][T16765] Call Trace:
[  822.684497][T16765]  <TASK>
[  822.684503][T16765]  dump_stack_lvl+0x100/0x190
[  822.684531][T16765]  should_fail_ex.cold+0x5/0xa
[  822.684551][T16765]  ? apply_wqattrs_prepare+0xfe/0xbb0
[  822.684567][T16765]  should_failslab+0xc2/0x120
[  822.684584][T16765]  __kmalloc_noprof+0xe0/0x850
[  822.684612][T16765]  apply_wqattrs_prepare+0xfe/0xbb0
[  822.684629][T16765]  ? __alloc_workqueue+0x901/0x1880
[  822.684653][T16765]  apply_workqueue_attrs_locked+0x64/0xe0
[  822.684674][T16765]  __alloc_workqueue+0xe25/0x1880
[  822.684696][T16765]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  822.684723][T16765]  alloc_workqueue_noprof+0xd2/0x200
[  822.684741][T16765]  ? __pfx_alloc_workqueue_noprof+0x10/0x10
[  822.684765][T16765]  ? __pfx___debug_object_init+0x10/0x10
[  822.684787][T16765]  nci_register_device+0x394/0xb80
[  822.684810][T16765]  ? __pfx_nci_register_device+0x10/0x10
[  822.684833][T16765]  ? lockdep_init_map_type+0x5c/0x250
[  822.684859][T16765]  virtual_ncidev_open+0x141/0x220
[  822.684883][T16765]  ? __pfx_virtual_ncidev_open+0x10/0x10
[  822.684905][T16765]  misc_open+0x26d/0x450
[  822.684926][T16765]  ? __pfx_misc_open+0x10/0x10
[  822.684950][T16765]  chrdev_open+0x234/0x6a0
[  822.684967][T16765]  ? __pfx_apparmor_file_open+0x10/0x10
[  822.684985][T16765]  ? __pfx_chrdev_open+0x10/0x10
[  822.685002][T16765]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  822.685024][T16765]  do_dentry_open+0x6d8/0x1660
[  822.685040][T16765]  ? __pfx_chrdev_open+0x10/0x10
[  822.685061][T16765]  vfs_open+0x82/0x3f0
[  822.685083][T16765]  path_openat+0x208c/0x31a0
[  822.685106][T16765]  ? __pfx_path_openat+0x10/0x10
[  822.685129][T16765]  do_file_open+0x20e/0x430
[  822.685147][T16765]  ? __pfx_do_file_open+0x10/0x10
[  822.685178][T16765]  ? alloc_fd+0x476/0x790
[  822.685195][T16765]  ? do_getname+0x191/0x390
[  822.685216][T16765]  do_sys_openat2+0x10d/0x1e0
[  822.685237][T16765]  ? __pfx_do_sys_openat2+0x10/0x10
[  822.685265][T16765]  __x64_sys_openat+0x12d/0x210
[  822.685286][T16765]  ? __pfx___x64_sys_openat+0x10/0x10
[  822.685314][T16765]  do_syscall_64+0x106/0xf80
[  822.685330][T16765]  ? clear_bhb_loop+0x40/0x90
[  822.685348][T16765]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  822.685371][T16765] RIP: 0033:0x7f0e3839c819
[  822.685390][T16765] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  822.685405][T16765] RSP: 002b:00007f0e392e2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  822.685421][T16765] RAX: ffffffffffffffda RBX: 00007f0e38615fa0 RCX: 00007f0e3839c819
[  822.685432][T16765] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  822.685441][T16765] RBP: 00007f0e38432c91 R08: 0000000000000000 R09: 0000000000000000
[  822.685450][T16765] R10: 000000000000003e R11: 0000000000000246 R12: 0000000000000000
[  822.685460][T16765] R13: 00007f0e38616038 R14: 00007f0e38615fa0 R15: 00007ffefe201b48
[  822.685481][T16765]  </TASK>
[  822.818637][T16558] veth0_vlan: entered promiscuous mode
[  822.855617][T16558] veth1_vlan: entered promiscuous mode
[  822.933711][T16558] veth0_macvtap: entered promiscuous mode
[  822.955996][T16558] veth1_macvtap: entered promiscuous mode
[  823.089410][T16558] batman_adv: batadv0: Interface activated: batadv_slave_0
[  823.112436][T16558] batman_adv: batadv0: Interface activated: batadv_slave_1
[  823.267018][ T9925] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  823.268132][ T9925] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  823.268166][ T9925] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  823.268193][ T9925] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  823.661085][ T9925] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  823.661131][ T9925] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  823.788848][   T79] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  823.788870][   T79] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  825.515834][T16804] syz.2.2358 (16804): /proc/16804/oom_adj is deprecated, please use /proc/16804/oom_score_adj instead.
[  825.594219][T16804] vhci_hcd vhci_hcd.2: default hub control req: 0303 v0002 i0002 l8
[  826.184582][T16816] FAULT_INJECTION: forcing a failure.
[  826.184582][T16816] name failslab, interval 1, probability 0, space 0, times 0
[  826.277760][T16816] CPU: 0 UID: 0 PID: 16816 Comm: syz.2.2362 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  826.277788][T16816] Tainted: [L]=SOFTLOCKUP
[  826.277794][T16816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  826.277804][T16816] Call Trace:
[  826.277810][T16816]  <TASK>
[  826.277817][T16816]  dump_stack_lvl+0x100/0x190
[  826.277845][T16816]  should_fail_ex.cold+0x5/0xa
[  826.277866][T16816]  should_failslab+0xc2/0x120
[  826.277883][T16816]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  826.277906][T16816]  ? __kernfs_new_node+0xd2/0x960
[  826.277947][T16816]  __kernfs_new_node+0xd2/0x960
[  826.277972][T16816]  ? __pfx___kernfs_new_node+0x10/0x10
[  826.278000][T16816]  ? find_held_lock+0x2b/0x80
[  826.278016][T16816]  ? kernfs_root+0xee/0x2a0
[  826.278036][T16816]  ? kernfs_root+0xee/0x2a0
[  826.278062][T16816]  kernfs_new_node+0x11b/0x1a0
[  826.278080][T16816]  __kernfs_create_file+0x53/0x350
[  826.278102][T16816]  sysfs_add_file_mode_ns+0x207/0x3c0
[  826.278129][T16816]  sysfs_merge_group+0x194/0x340
[  826.278152][T16816]  ? __pfx_sysfs_merge_group+0x10/0x10
[  826.278174][T16816]  ? bus_add_device+0x368/0x6b0
[  826.278191][T16816]  ? __pfx_bus_add_device+0x10/0x10
[  826.278205][T16816]  ? __pfx_dev_add_physical_location+0x10/0x10
[  826.278229][T16816]  dpm_sysfs_add+0x237/0x280
[  826.278251][T16816]  device_add+0x9ef/0x1950
[  826.278273][T16816]  ? __pfx_device_add+0x10/0x10
[  826.278300][T16816]  nfc_register_device+0x41/0x3e0
[  826.278319][T16816]  nci_register_device+0x7f1/0xb80
[  826.278343][T16816]  ? __pfx_nci_register_device+0x10/0x10
[  826.278368][T16816]  ? lockdep_init_map_type+0x5c/0x250
[  826.278399][T16816]  virtual_ncidev_open+0x141/0x220
[  826.278423][T16816]  ? __pfx_virtual_ncidev_open+0x10/0x10
[  826.278444][T16816]  misc_open+0x26d/0x450
[  826.278465][T16816]  ? __pfx_misc_open+0x10/0x10
[  826.278483][T16816]  chrdev_open+0x234/0x6a0
[  826.278499][T16816]  ? __pfx_apparmor_file_open+0x10/0x10
[  826.278517][T16816]  ? __pfx_chrdev_open+0x10/0x10
[  826.278534][T16816]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  826.278555][T16816]  do_dentry_open+0x6d8/0x1660
[  826.278571][T16816]  ? __pfx_chrdev_open+0x10/0x10
[  826.278593][T16816]  vfs_open+0x82/0x3f0
[  826.278615][T16816]  path_openat+0x208c/0x31a0
[  826.278638][T16816]  ? __pfx_path_openat+0x10/0x10
[  826.278662][T16816]  do_file_open+0x20e/0x430
[  826.278680][T16816]  ? __pfx_do_file_open+0x10/0x10
[  826.278710][T16816]  ? alloc_fd+0x476/0x790
[  826.278728][T16816]  ? do_getname+0x191/0x390
[  826.278750][T16816]  do_sys_openat2+0x10d/0x1e0
[  826.278770][T16816]  ? __pfx_do_sys_openat2+0x10/0x10
[  826.278801][T16816]  __x64_sys_openat+0x12d/0x210
[  826.278821][T16816]  ? __pfx___x64_sys_openat+0x10/0x10
[  826.278850][T16816]  do_syscall_64+0x106/0xf80
[  826.278866][T16816]  ? clear_bhb_loop+0x40/0x90
[  826.278885][T16816]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  826.278918][T16816] RIP: 0033:0x7f758a79c819
[  826.278933][T16816] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  826.278949][T16816] RSP: 002b:00007f758b682028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  826.278965][T16816] RAX: ffffffffffffffda RBX: 00007f758aa15fa0 RCX: 00007f758a79c819
[  826.278976][T16816] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  826.278986][T16816] RBP: 00007f758a832c91 R08: 0000000000000000 R09: 0000000000000000
[  826.278995][T16816] R10: 000000000000003e R11: 0000000000000246 R12: 0000000000000000
[  826.279005][T16816] R13: 00007f758aa16038 R14: 00007f758aa15fa0 R15: 00007fff99ccf4b8
[  826.279026][T16816]  </TASK>
[  830.644569][T16857] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  830.664357][T16857] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  830.675751][T16857] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  830.683484][T16857] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  830.691406][T16857] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  831.392595][T16864] FAULT_INJECTION: forcing a failure.
[  831.392595][T16864] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  831.521603][T16864] CPU: 0 UID: 0 PID: 16864 Comm: syz.2.2372 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  831.521631][T16864] Tainted: [L]=SOFTLOCKUP
[  831.521637][T16864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  831.521648][T16864] Call Trace:
[  831.521663][T16864]  <TASK>
[  831.521670][T16864]  dump_stack_lvl+0x100/0x190
[  831.521699][T16864]  should_fail_ex.cold+0x5/0xa
[  831.521715][T16864]  ? prepare_alloc_pages+0x16d/0x5f0
[  831.521736][T16864]  should_fail_alloc_page+0xeb/0x140
[  831.521754][T16864]  prepare_alloc_pages+0x1f0/0x5f0
[  831.521776][T16864]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  831.521804][T16864]  ? try_to_migrate_one+0x13fd/0x3860
[  831.521831][T16864]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  831.521862][T16864]  ? reacquire_held_locks+0xce/0x1e0
[  831.521882][T16864]  ? folio_lock_anon_vma_read+0x348/0xe30
[  831.521906][T16864]  ? folio_lock_anon_vma_read+0x348/0xe30
[  831.521928][T16864]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  831.521945][T16864]  ? policy_nodemask+0xed/0x4f0
[  831.521963][T16864]  alloc_pages_mpol+0x1fb/0x550
[  831.521980][T16864]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  831.522002][T16864]  folio_alloc_mpol_noprof+0x36/0x340
[  831.522022][T16864]  alloc_migration_target_by_mpol+0x2c1/0x650
[  831.522044][T16864]  ? __pfx_alloc_migration_target_by_mpol+0x10/0x10
[  831.522065][T16864]  ? __pfx___might_resched+0x10/0x10
[  831.522088][T16864]  ? folio_get_anon_vma+0x16b/0x980
[  831.522110][T16864]  migrate_pages_batch+0x4f2/0x4530
[  831.522129][T16864]  ? core_kernel_text+0x70/0xb0
[  831.522152][T16864]  ? __pfx_alloc_migration_target_by_mpol+0x10/0x10
[  831.522180][T16864]  ? __pfx_migrate_pages_batch+0x10/0x10
[  831.522199][T16864]  ? __pfx_stack_trace_save+0x10/0x10
[  831.522216][T16864]  ? stack_depot_save_flags+0x27/0x9d0
[  831.522237][T16864]  ? __split_vma+0x392/0xd90
[  831.522259][T16864]  ? kasan_save_stack+0x3f/0x50
[  831.522273][T16864]  ? kasan_save_stack+0x30/0x50
[  831.522286][T16864]  ? kasan_save_track+0x14/0x30
[  831.522298][T16864]  ? __kasan_slab_alloc+0x89/0x90
[  831.522312][T16864]  ? kmem_cache_alloc_noprof+0x241/0x6e0
[  831.522335][T16864]  ? __mpol_dup+0x74/0x390
[  831.522351][T16864]  ? mbind_range+0x2ad/0x550
[  831.522371][T16864]  migrate_pages_sync+0x12c/0x880
[  831.522391][T16864]  ? __pfx_alloc_migration_target_by_mpol+0x10/0x10
[  831.522416][T16864]  ? __pfx_migrate_pages_sync+0x10/0x10
[  831.522437][T16864]  ? __lock_acquire+0x4a5/0x2630
[  831.522461][T16864]  migrate_pages+0x1aae/0x28a0
[  831.522483][T16864]  ? __pfx_alloc_migration_target_by_mpol+0x10/0x10
[  831.522508][T16864]  ? __pfx_migrate_pages+0x10/0x10
[  831.522528][T16864]  ? find_held_lock+0x2b/0x80
[  831.522543][T16864]  ? do_mbind+0x555/0xfd0
[  831.522565][T16864]  ? up_write+0x290/0x4f0
[  831.522588][T16864]  do_mbind+0x5a4/0xfd0
[  831.522613][T16864]  ? __pfx_do_mbind+0x10/0x10
[  831.522631][T16864]  ? ksys_write+0x190/0x250
[  831.522646][T16864]  ? ksys_write+0x190/0x250
[  831.522676][T16864]  ? __pfx_get_nodes+0x10/0x10
[  831.522697][T16864]  kernel_mbind+0x1b7/0x200
[  831.522719][T16864]  ? __pfx_kernel_mbind+0x10/0x10
[  831.522745][T16864]  do_syscall_64+0x106/0xf80
[  831.522761][T16864]  ? clear_bhb_loop+0x40/0x90
[  831.522780][T16864]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  831.522797][T16864] RIP: 0033:0x7f758a79c819
[  831.522811][T16864] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  831.522835][T16864] RSP: 002b:00007f758b661028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed
[  831.522851][T16864] RAX: ffffffffffffffda RBX: 00007f758aa16090 RCX: 00007f758a79c819
[  831.522862][T16864] RDX: 0000000000000004 RSI: 00000000002091d2 RDI: 0000000000000000
[  831.522871][T16864] RBP: 00007f758a832c91 R08: 0000002000000006 R09: 0000000000000002
[  831.522881][T16864] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  831.522891][T16864] R13: 00007f758aa16128 R14: 00007f758aa16090 R15: 00007fff99ccf4b8
[  831.522911][T16864]  </TASK>
[  832.819243][T16857] Bluetooth: hci4: command tx timeout
[  832.830325][T16868] vhci_hcd: not connected 4
[  833.053511][ T9925] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  833.069375][T16872] FAULT_INJECTION: forcing a failure.
[  833.069375][T16872] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  833.111148][T16872] CPU: 0 UID: 0 PID: 16872 Comm: syz.1.2375 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  833.111174][T16872] Tainted: [L]=SOFTLOCKUP
[  833.111179][T16872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  833.111188][T16872] Call Trace:
[  833.111194][T16872]  <TASK>
[  833.111201][T16872]  dump_stack_lvl+0x100/0x190
[  833.111229][T16872]  should_fail_ex.cold+0x5/0xa
[  833.111249][T16872]  _copy_to_user+0x32/0xd0
[  833.111270][T16872]  simple_read_from_buffer+0xcb/0x170
[  833.111296][T16872]  proc_fail_nth_read+0x1af/0x230
[  833.111317][T16872]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  833.111337][T16872]  ? rw_verify_area+0xce/0x6d0
[  833.111360][T16872]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  833.111379][T16872]  vfs_read+0x1e4/0xb30
[  833.111396][T16872]  ? __pfx_vfs_read+0x10/0x10
[  833.111410][T16872]  ? __fget_files+0x215/0x3d0
[  833.111429][T16872]  ? __fget_files+0x21f/0x3d0
[  833.111449][T16872]  ksys_read+0x12a/0x250
[  833.111464][T16872]  ? __pfx_ksys_read+0x10/0x10
[  833.111484][T16872]  do_syscall_64+0x106/0xf80
[  833.111500][T16872]  ? clear_bhb_loop+0x40/0x90
[  833.111519][T16872]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  833.111535][T16872] RIP: 0033:0x7ff0c4b5d04e
[  833.111548][T16872] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  833.111563][T16872] RSP: 002b:00007ff0c5aa5fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  833.111676][T16872] RAX: ffffffffffffffda RBX: 00007ff0c5aa66c0 RCX: 00007ff0c4b5d04e
[  833.111690][T16872] RDX: 000000000000000f RSI: 00007ff0c5aa60a0 RDI: 0000000000000004
[  833.111699][T16872] RBP: 00007ff0c5aa6090 R08: 0000000000000000 R09: 0000000000000000
[  833.111709][T16872] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  833.111718][T16872] R13: 00007ff0c4e16038 R14: 00007ff0c4e15fa0 R15: 00007ffc890583a8
[  833.111741][T16872]  </TASK>
[  833.940192][ T9925] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  834.009148][T16856] chnl_net:caif_netlink_parms(): no params data found
[  834.072160][ T9925] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  834.424245][T16877] zswap: compressor  not available
[  834.467257][ T9925] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  834.775227][T16856] bridge0: port 1(bridge_slave_0) entered blocking state
[  834.801671][T16856] bridge0: port 1(bridge_slave_0) entered disabled state
[  834.801832][T16856] bridge_slave_0: entered allmulticast mode
[  834.802930][T16856] bridge_slave_0: entered promiscuous mode
[  834.861266][T16856] bridge0: port 2(bridge_slave_1) entered blocking state
[  834.861331][T16856] bridge0: port 2(bridge_slave_1) entered disabled state
[  834.861494][T16856] bridge_slave_1: entered allmulticast mode
[  834.862607][T16856] bridge_slave_1: entered promiscuous mode
[  834.894576][T16857] Bluetooth: hci4: command tx timeout
[  835.048015][T16856] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  835.099089][T16856] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  835.138731][T16893] FAULT_INJECTION: forcing a failure.
[  835.138731][T16893] name failslab, interval 1, probability 0, space 0, times 0
[  835.138760][T16893] CPU: 0 UID: 0 PID: 16893 Comm: syz.0.2379 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  835.138782][T16893] Tainted: [L]=SOFTLOCKUP
[  835.138787][T16893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  835.138797][T16893] Call Trace:
[  835.138803][T16893]  <TASK>
[  835.138809][T16893]  dump_stack_lvl+0x100/0x190
[  835.138837][T16893]  should_fail_ex.cold+0x5/0xa
[  835.138857][T16893]  should_failslab+0xc2/0x120
[  835.138874][T16893]  __kmalloc_cache_noprof+0x7a/0x6f0
[  835.138895][T16893]  ? __request_module+0x2b7/0x6c0
[  835.138915][T16893]  ? lockdep_hardirqs_on+0x78/0x100
[  835.138934][T16893]  __request_module+0x2b7/0x6c0
[  835.138955][T16893]  ? __pfx___request_module+0x10/0x10
[  835.138982][T16893]  ? __wake_up+0x3f/0x60
[  835.138999][T16893]  ? rcu_is_watching+0x12/0xc0
[  835.139022][T16893]  ? lockdep_hardirqs_on+0x78/0x100
[  835.139041][T16893]  netlink_create+0x450/0x610
[  835.139060][T16893]  __sock_create+0x339/0x860
[  835.139083][T16893]  __sys_socket+0x14d/0x260
[  835.139103][T16893]  ? __pfx___sys_socket+0x10/0x10
[  835.139129][T16893]  __x64_sys_socket+0x72/0xb0
[  835.139148][T16893]  ? lockdep_hardirqs_on+0x78/0x100
[  835.139164][T16893]  do_syscall_64+0x106/0xf80
[  835.139185][T16893]  ? clear_bhb_loop+0x40/0x90
[  835.139203][T16893]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  835.139219][T16893] RIP: 0033:0x7f0e3839c819
[  835.139233][T16893] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  835.139248][T16893] RSP: 002b:00007f0e392e2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  835.139263][T16893] RAX: ffffffffffffffda RBX: 00007f0e38615fa0 RCX: 00007f0e3839c819
[  835.139273][T16893] RDX: 000000000000001f RSI: 0000000000000003 RDI: 0000000000000010
[  835.139282][T16893] RBP: 00007f0e38432c91 R08: 0000000000000000 R09: 0000000000000000
[  835.139291][T16893] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  835.139301][T16893] R13: 00007f0e38616038 R14: 00007f0e38615fa0 R15: 00007ffefe201b48
[  835.139321][T16893]  </TASK>
[  835.227581][ T9925] bridge_slave_1: left allmulticast mode
[  835.227624][ T9925] bridge_slave_1: left promiscuous mode
[  835.227773][ T9925] bridge0: port 2(bridge_slave_1) entered disabled state
[  835.277949][ T9925] bridge_slave_0: left allmulticast mode
[  835.277973][ T9925] bridge_slave_0: left promiscuous mode
[  835.278146][ T9925] bridge0: port 1(bridge_slave_0) entered disabled state
[  835.932387][ T9925] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  836.007409][ T9925] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  836.008381][ T9925] bond0 (unregistering): Released all slaves
[  836.053753][T16856] team0: Port device team_slave_0 added
[  836.109337][ T9925] ovs_: left promiscuous mode
[  836.131319][T16856] team0: Port device team_slave_1 added
[  836.420485][T16856] batman_adv: batadv0: Adding interface: batadv_slave_0
[  836.420502][T16856] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  836.420521][T16856] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  836.421742][T16856] batman_adv: batadv0: Adding interface: batadv_slave_1
[  836.421755][T16856] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  836.421774][T16856] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  836.889553][T16856] hsr_slave_0: entered promiscuous mode
[  836.904208][T16856] hsr_slave_1: entered promiscuous mode
[  836.904694][T16856] debugfs: 'hsr0' already exists in 'hsr'
[  836.904711][T16856] Cannot create hsr debugfs directory
[  836.974185][T16857] Bluetooth: hci4: command tx timeout
[  837.084882][ T9925] hsr_slave_0: left promiscuous mode
[  837.088868][ T9925] hsr_slave_1: left promiscuous mode
[  837.089362][ T9925] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  837.089416][ T9925] batman_adv: batadv0: Removing interface: batadv_slave_0
[  837.090013][ T9925] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  837.090028][ T9925] batman_adv: batadv0: Removing interface: batadv_slave_1
[  837.100800][ T9925] veth1_macvtap: left promiscuous mode
[  837.100840][ T9925] veth0_macvtap: left promiscuous mode
[  837.100895][ T9925] veth1_vlan: left promiscuous mode
[  837.100932][ T9925] veth0_vlan: left promiscuous mode
[  837.754291][ T9925] team0 (unregistering): Port device team_slave_1 removed
[  837.781261][ T9925] team0 (unregistering): Port device team_slave_0 removed
[  838.881444][T16922] FAULT_INJECTION: forcing a failure.
[  838.881444][T16922] name failslab, interval 1, probability 0, space 0, times 0
[  838.881538][T16922] CPU: 0 UID: 0 PID: 16922 Comm: syz.2.2387 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  838.881561][T16922] Tainted: [L]=SOFTLOCKUP
[  838.881567][T16922] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  838.881577][T16922] Call Trace:
[  838.881583][T16922]  <TASK>
[  838.881589][T16922]  dump_stack_lvl+0x100/0x190
[  838.881618][T16922]  should_fail_ex.cold+0x5/0xa
[  838.881637][T16922]  should_failslab+0xc2/0x120
[  838.881655][T16922]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  838.881679][T16922]  ? skb_clone+0x190/0x400
[  838.881697][T16922]  skb_clone+0x190/0x400
[  838.881713][T16922]  netlink_broadcast_filtered+0xb6a/0xf50
[  838.881736][T16922]  ? __alloc_skb+0x5b7/0x710
[  838.881759][T16922]  ? __pfx_netlink_broadcast_filtered+0x10/0x10
[  838.881776][T16922]  ? netlink_has_listeners+0x20f/0x430
[  838.881790][T16922]  ? netlink_has_listeners+0x20f/0x430
[  838.881808][T16922]  netlink_broadcast+0x39/0x50
[  838.881825][T16922]  kobject_uevent_env+0xcdd/0x18b0
[  838.881850][T16922]  ? bus_to_subsys+0x114/0x150
[  838.881875][T16922]  device_add+0x116e/0x1950
[  838.881898][T16922]  ? __pfx_device_add+0x10/0x10
[  838.881925][T16922]  nfc_register_device+0x41/0x3e0
[  838.881943][T16922]  nci_register_device+0x7f1/0xb80
[  838.881965][T16922]  ? __pfx_nci_register_device+0x10/0x10
[  838.881989][T16922]  ? lockdep_init_map_type+0x5c/0x250
[  838.882015][T16922]  virtual_ncidev_open+0x141/0x220
[  838.882038][T16922]  ? __pfx_virtual_ncidev_open+0x10/0x10
[  838.882060][T16922]  misc_open+0x26d/0x450
[  838.882084][T16922]  ? __pfx_misc_open+0x10/0x10
[  838.882103][T16922]  chrdev_open+0x234/0x6a0
[  838.882120][T16922]  ? __pfx_apparmor_file_open+0x10/0x10
[  838.882137][T16922]  ? __pfx_chrdev_open+0x10/0x10
[  838.882162][T16922]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  838.882185][T16922]  do_dentry_open+0x6d8/0x1660
[  838.882201][T16922]  ? __pfx_chrdev_open+0x10/0x10
[  838.882223][T16922]  vfs_open+0x82/0x3f0
[  838.882246][T16922]  path_openat+0x208c/0x31a0
[  838.882271][T16922]  ? __pfx_path_openat+0x10/0x10
[  838.882295][T16922]  do_file_open+0x20e/0x430
[  838.882313][T16922]  ? __pfx_do_file_open+0x10/0x10
[  838.882343][T16922]  ? alloc_fd+0x476/0x790
[  838.882361][T16922]  ? do_getname+0x191/0x390
[  838.882383][T16922]  do_sys_openat2+0x10d/0x1e0
[  838.882403][T16922]  ? __pfx_do_sys_openat2+0x10/0x10
[  838.882425][T16922]  ? __fget_files+0x21f/0x3d0
[  838.882444][T16922]  __x64_sys_openat+0x12d/0x210
[  838.882465][T16922]  ? __pfx___x64_sys_openat+0x10/0x10
[  838.882493][T16922]  do_syscall_64+0x106/0xf80
[  838.882509][T16922]  ? clear_bhb_loop+0x40/0x90
[  838.882528][T16922]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  838.882544][T16922] RIP: 0033:0x7f758a79c819
[  838.882559][T16922] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  838.882573][T16922] RSP: 002b:00007f758b682028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  838.882589][T16922] RAX: ffffffffffffffda RBX: 00007f758aa15fa0 RCX: 00007f758a79c819
[  838.882599][T16922] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  838.882610][T16922] RBP: 00007f758a832c91 R08: 0000000000000000 R09: 0000000000000000
[  838.882619][T16922] R10: 000000000000003e R11: 0000000000000246 R12: 0000000000000000
[  838.882629][T16922] R13: 00007f758aa16038 R14: 00007f758aa15fa0 R15: 00007fff99ccf4b8
[  838.882650][T16922]  </TASK>
[  839.054975][T16857] Bluetooth: hci4: command tx timeout
[  839.569841][T16856] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  839.586556][T16856] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  839.597951][T16856] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  839.607710][T16856] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  839.848670][T16856] 8021q: adding VLAN 0 to HW filter on device bond0
[  839.905978][T16856] 8021q: adding VLAN 0 to HW filter on device team0
[  839.936553][   T79] bridge0: port 1(bridge_slave_0) entered blocking state
[  839.936641][   T79] bridge0: port 1(bridge_slave_0) entered forwarding state
[  839.937778][   T79] bridge0: port 2(bridge_slave_1) entered blocking state
[  839.937840][   T79] bridge0: port 2(bridge_slave_1) entered forwarding state
[  840.015720][T16856] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  840.517732][T16856] 8021q: adding VLAN 0 to HW filter on device batadv0
[  840.633555][T16856] veth0_vlan: entered promiscuous mode
[  840.653591][T16856] veth1_vlan: entered promiscuous mode
[  840.729208][T16856] veth0_macvtap: entered promiscuous mode
[  840.752010][T16856] veth1_macvtap: entered promiscuous mode
[  840.774044][T16944] FAULT_INJECTION: forcing a failure.
[  840.774044][T16944] name failslab, interval 1, probability 0, space 0, times 0
[  840.774076][T16944] CPU: 0 UID: 0 PID: 16944 Comm: syz.2.2389 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  840.774099][T16944] Tainted: [L]=SOFTLOCKUP
[  840.774105][T16944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  840.774115][T16944] Call Trace:
[  840.774121][T16944]  <TASK>
[  840.774127][T16944]  dump_stack_lvl+0x100/0x190
[  840.774156][T16944]  should_fail_ex.cold+0x5/0xa
[  840.774176][T16944]  should_failslab+0xc2/0x120
[  840.774194][T16944]  __kmalloc_cache_node_noprof+0x7d/0x770
[  840.774210][T16944]  ? __alloc_workqueue+0x711/0x1880
[  840.774229][T16944]  ? lockdep_init_map_type+0x5c/0x250
[  840.774253][T16944]  __alloc_workqueue+0x711/0x1880
[  840.774274][T16944]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  840.774301][T16944]  alloc_workqueue_noprof+0xd2/0x200
[  840.774319][T16944]  ? __pfx_alloc_workqueue_noprof+0x10/0x10
[  840.774343][T16944]  ? __pfx___debug_object_init+0x10/0x10
[  840.774365][T16944]  nci_register_device+0x394/0xb80
[  840.774388][T16944]  ? __pfx_nci_register_device+0x10/0x10
[  840.774412][T16944]  ? lockdep_init_map_type+0x5c/0x250
[  840.774436][T16944]  virtual_ncidev_open+0x141/0x220
[  840.774460][T16944]  ? __pfx_virtual_ncidev_open+0x10/0x10
[  840.774482][T16944]  misc_open+0x26d/0x450
[  840.774501][T16944]  ? __pfx_misc_open+0x10/0x10
[  840.774520][T16944]  chrdev_open+0x234/0x6a0
[  840.774536][T16944]  ? __pfx_apparmor_file_open+0x10/0x10
[  840.774554][T16944]  ? __pfx_chrdev_open+0x10/0x10
[  840.774572][T16944]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  840.774593][T16944]  do_dentry_open+0x6d8/0x1660
[  840.774609][T16944]  ? __pfx_chrdev_open+0x10/0x10
[  840.774630][T16944]  vfs_open+0x82/0x3f0
[  840.774652][T16944]  path_openat+0x208c/0x31a0
[  840.774675][T16944]  ? __pfx_path_openat+0x10/0x10
[  840.774699][T16944]  do_file_open+0x20e/0x430
[  840.774716][T16944]  ? __pfx_do_file_open+0x10/0x10
[  840.774747][T16944]  ? alloc_fd+0x476/0x790
[  840.774764][T16944]  ? do_getname+0x191/0x390
[  840.774786][T16944]  do_sys_openat2+0x10d/0x1e0
[  840.774806][T16944]  ? __pfx_do_sys_openat2+0x10/0x10
[  840.774834][T16944]  __x64_sys_openat+0x12d/0x210
[  840.774855][T16944]  ? __pfx___x64_sys_openat+0x10/0x10
[  840.774883][T16944]  do_syscall_64+0x106/0xf80
[  840.774898][T16944]  ? clear_bhb_loop+0x40/0x90
[  840.774916][T16944]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  840.774932][T16944] RIP: 0033:0x7f758a79c819
[  840.774946][T16944] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  840.774961][T16944] RSP: 002b:00007f758b682028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  840.774976][T16944] RAX: ffffffffffffffda RBX: 00007f758aa15fa0 RCX: 00007f758a79c819
[  840.774986][T16944] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  840.774995][T16944] RBP: 00007f758a832c91 R08: 0000000000000000 R09: 0000000000000000
[  840.775005][T16944] R10: 000000000000003e R11: 0000000000000246 R12: 0000000000000000
[  840.775014][T16944] R13: 00007f758aa16038 R14: 00007f758aa15fa0 R15: 00007fff99ccf4b8
[  840.775043][T16944]  </TASK>
[  840.791723][T16856] batman_adv: batadv0: Interface activated: batadv_slave_0
[  840.825934][T16856] batman_adv: batadv0: Interface activated: batadv_slave_1
[  840.850638][ T9924] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  840.850674][ T9924] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  840.850699][ T9924] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  840.850724][ T9924] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  841.045221][ T9924] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  841.045238][ T9924] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  841.130596][   T79] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  841.130617][   T79] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  841.627528][T16957] [U] ^\
[  842.916974][T16968] FAULT_INJECTION: forcing a failure.
[  842.916974][T16968] name failslab, interval 1, probability 0, space 0, times 0
[  842.917008][T16968] CPU: 0 UID: 0 PID: 16968 Comm: syz.2.2393 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  842.917032][T16968] Tainted: [L]=SOFTLOCKUP
[  842.917038][T16968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  842.917048][T16968] Call Trace:
[  842.917053][T16968]  <TASK>
[  842.917060][T16968]  dump_stack_lvl+0x100/0x190
[  842.917088][T16968]  should_fail_ex.cold+0x5/0xa
[  842.917107][T16968]  should_failslab+0xc2/0x120
[  842.917125][T16968]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  842.917148][T16968]  ? __mpol_dup+0x74/0x390
[  842.917171][T16968]  __mpol_dup+0x74/0x390
[  842.917190][T16968]  ? __pfx___mpol_dup+0x10/0x10
[  842.917208][T16968]  ? kmem_cache_alloc_noprof+0x292/0x6e0
[  842.917229][T16968]  ? sp_alloc+0x27/0x160
[  842.917251][T16968]  sp_alloc+0x4d/0x160
[  842.917270][T16968]  mpol_set_shared_policy+0xa5/0x890
[  842.917293][T16968]  ? __pfx_shmem_set_policy+0x10/0x10
[  842.917311][T16968]  mbind_range+0x339/0x550
[  842.917333][T16968]  do_mbind+0x7dc/0xfd0
[  842.917355][T16968]  ? __might_fault+0xc5/0x140
[  842.917377][T16968]  ? __pfx_do_mbind+0x10/0x10
[  842.917400][T16968]  ? _copy_from_user+0x59/0xd0
[  842.917425][T16968]  ? __pfx_get_nodes+0x10/0x10
[  842.917444][T16968]  kernel_mbind+0x1b7/0x200
[  842.917465][T16968]  ? __pfx_kernel_mbind+0x10/0x10
[  842.917490][T16968]  do_syscall_64+0x106/0xf80
[  842.917506][T16968]  ? clear_bhb_loop+0x40/0x90
[  842.917524][T16968]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  842.917540][T16968] RIP: 0033:0x7f758a79c819
[  842.917554][T16968] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  842.917570][T16968] RSP: 002b:00007f758b682028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed
[  842.917585][T16968] RAX: ffffffffffffffda RBX: 00007f758aa15fa0 RCX: 00007f758a79c819
[  842.917595][T16968] RDX: 0000000000008003 RSI: 0000000000800605 RDI: 0000000000000000
[  842.917604][T16968] RBP: 00007f758a832c91 R08: 0000000000000003 R09: 0000000000000003
[  842.917613][T16968] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000000
[  842.917622][T16968] R13: 00007f758aa16038 R14: 00007f758aa15fa0 R15: 00007fff99ccf4b8
[  842.917642][T16968]  </TASK>
[  844.821023][T16881] Process accounting paused
[  845.145518][ T5837] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  845.157849][ T5837] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  845.166209][ T5837] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  845.174513][ T5837] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  845.183099][ T5837] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  846.138569][ T9925] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  846.253428][T17009] FAULT_INJECTION: forcing a failure.
[  846.253428][T17009] name failslab, interval 1, probability 0, space 0, times 0
[  846.348946][T17009] CPU: 0 UID: 0 PID: 17009 Comm: syz.1.2402 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  846.348975][T17009] Tainted: [L]=SOFTLOCKUP
[  846.348981][T17009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  846.348991][T17009] Call Trace:
[  846.348998][T17009]  <TASK>
[  846.349005][T17009]  dump_stack_lvl+0x100/0x190
[  846.349035][T17009]  should_fail_ex.cold+0x5/0xa
[  846.349054][T17009]  should_failslab+0xc2/0x120
[  846.349072][T17009]  __kmalloc_cache_noprof+0x7a/0x6f0
[  846.349093][T17009]  ? __request_module+0x2b7/0x6c0
[  846.349113][T17009]  ? lockdep_hardirqs_on+0x78/0x100
[  846.349132][T17009]  __request_module+0x2b7/0x6c0
[  846.349153][T17009]  ? __pfx___request_module+0x10/0x10
[  846.349184][T17009]  ? __wake_up+0x3f/0x60
[  846.349202][T17009]  ? rcu_is_watching+0x12/0xc0
[  846.349226][T17009]  ? lockdep_hardirqs_on+0x78/0x100
[  846.349245][T17009]  netlink_create+0x450/0x610
[  846.349264][T17009]  __sock_create+0x339/0x860
[  846.349287][T17009]  __sys_socket+0x14d/0x260
[  846.349307][T17009]  ? __pfx___sys_socket+0x10/0x10
[  846.349333][T17009]  __x64_sys_socket+0x72/0xb0
[  846.349352][T17009]  ? lockdep_hardirqs_on+0x78/0x100
[  846.349369][T17009]  do_syscall_64+0x106/0xf80
[  846.349384][T17009]  ? clear_bhb_loop+0x40/0x90
[  846.349403][T17009]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  846.349419][T17009] RIP: 0033:0x7ff0c4b9c819
[  846.349433][T17009] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  846.349448][T17009] RSP: 002b:00007ff0c5aa6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  846.349462][T17009] RAX: ffffffffffffffda RBX: 00007ff0c4e15fa0 RCX: 00007ff0c4b9c819
[  846.349473][T17009] RDX: 000000000000001f RSI: 0000000000000003 RDI: 0000000000000010
[  846.349482][T17009] RBP: 00007ff0c4c32c91 R08: 0000000000000000 R09: 0000000000000000
[  846.349491][T17009] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  846.349500][T17009] R13: 00007ff0c4e16038 R14: 00007ff0c4e15fa0 R15: 00007ffc890583a8
[  846.349519][T17009]  </TASK>
[  846.887784][ T9925] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  847.286068][ T9925] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  847.301419][ T5837] Bluetooth: hci3: command tx timeout
[  847.345749][T16994] chnl_net:caif_netlink_parms(): no params data found
[  847.506116][ T9925] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  847.926132][T16994] bridge0: port 1(bridge_slave_0) entered blocking state
[  847.954849][T16994] bridge0: port 1(bridge_slave_0) entered disabled state
[  847.993283][T16994] bridge_slave_0: entered allmulticast mode
[  848.028330][T16994] bridge_slave_0: entered promiscuous mode
[  848.133472][T16994] bridge0: port 2(bridge_slave_1) entered blocking state
[  848.170170][T16994] bridge0: port 2(bridge_slave_1) entered disabled state
[  848.230686][T16994] bridge_slave_1: entered allmulticast mode
[  848.280047][T16994] bridge_slave_1: entered promiscuous mode
[  848.421869][ T9925] bridge_slave_1: left allmulticast mode
[  848.438169][ T9925] bridge_slave_1: left promiscuous mode
[  848.456060][ T9925] bridge0: port 2(bridge_slave_1) entered disabled state
[  848.496639][ T9925] bridge_slave_0: left allmulticast mode
[  848.522277][ T9925] bridge_slave_0: left promiscuous mode
[  848.542828][ T9925] bridge0: port 1(bridge_slave_0) entered disabled state
[  849.114465][ T9925] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  849.196838][ T9925] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  849.226192][ T9925] bond0 (unregistering): Released all slaves
[  849.374680][ T5837] Bluetooth: hci3: command tx timeout
[  849.441250][T16994] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  849.535549][ T9925] ovs_: left promiscuous mode
[  849.624411][T16994] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  850.172661][T16994] team0: Port device team_slave_0 added
[  850.198461][T16994] team0: Port device team_slave_1 added
[  850.353012][T16994] batman_adv: batadv0: Adding interface: batadv_slave_0
[  850.388154][T16994] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  850.475265][T16994] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  850.549672][T16994] batman_adv: batadv0: Adding interface: batadv_slave_1
[  850.573992][T16994] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  850.664794][T16994] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  850.736450][ T9925] hsr_slave_0: left promiscuous mode
[  850.772003][ T9925] hsr_slave_1: left promiscuous mode
[  850.797432][ T9925] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  850.837062][ T9925] batman_adv: batadv0: Removing interface: batadv_slave_0
[  850.863369][ T9925] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  850.902639][ T9925] batman_adv: batadv0: Removing interface: batadv_slave_1
[  850.975796][ T9925] veth1_macvtap: left promiscuous mode
[  850.981326][ T9925] veth0_macvtap: left promiscuous mode
[  851.016706][ T9925] veth1_vlan: left promiscuous mode
[  851.022135][ T9925] veth0_vlan: left promiscuous mode
[  851.454579][ T5837] Bluetooth: hci3: command tx timeout
[  851.723658][ T9925] team0 (unregistering): Port device team_slave_1 removed
[  851.785951][ T9925] team0 (unregistering): Port device team_slave_0 removed
[  852.484053][T16994] hsr_slave_0: entered promiscuous mode
[  852.524745][T16994] hsr_slave_1: entered promiscuous mode
[  853.506532][T17093] FAULT_INJECTION: forcing a failure.
[  853.506532][T17093] name failslab, interval 1, probability 0, space 0, times 0
[  853.534651][ T5837] Bluetooth: hci3: command tx timeout
[  853.568073][T17093] CPU: 0 UID: 0 PID: 17093 Comm: syz.1.2429 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  853.568100][T17093] Tainted: [L]=SOFTLOCKUP
[  853.568106][T17093] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  853.568117][T17093] Call Trace:
[  853.568123][T17093]  <TASK>
[  853.568130][T17093]  dump_stack_lvl+0x100/0x190
[  853.568160][T17093]  should_fail_ex.cold+0x5/0xa
[  853.568179][T17093]  should_failslab+0xc2/0x120
[  853.568197][T17093]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  853.568221][T17093]  ? vm_area_alloc+0x1f/0x160
[  853.568242][T17093]  ? vma_merge_new_range+0x38b/0xa30
[  853.568264][T17093]  ? __pfx___sanitizer_cov_trace_const_cmp2+0x10/0x10
[  853.568283][T17093]  vm_area_alloc+0x1f/0x160
[  853.568306][T17093]  __mmap_region+0x118c/0x2a50
[  853.568331][T17093]  ? __pfx___mmap_region+0x10/0x10
[  853.568358][T17093]  ? set_next_entity+0x11e/0x9c0
[  853.568383][T17093]  ? __lock_acquire+0x4a5/0x2630
[  853.568402][T17093]  ? find_held_lock+0x2b/0x80
[  853.568424][T17093]  ? find_held_lock+0x2b/0x80
[  853.568438][T17093]  ? finish_task_switch.isra.0+0x200/0xb80
[  853.568455][T17093]  ? finish_task_switch.isra.0+0x200/0xb80
[  853.568479][T17093]  ? trace_sched_exit_tp+0x13a/0x180
[  853.568498][T17093]  ? __schedule+0x1000/0x6120
[  853.568537][T17093]  ? rcu_is_watching+0x12/0xc0
[  853.568560][T17093]  ? cap_capable+0x107/0x460
[  853.568579][T17093]  mmap_region+0x180/0x3e0
[  853.568605][T17093]  do_mmap+0xc63/0x12f0
[  853.568626][T17093]  ? __pfx_do_mmap+0x10/0x10
[  853.568644][T17093]  ? __pfx_down_write_killable+0x10/0x10
[  853.568666][T17093]  vm_mmap_pgoff+0x29e/0x470
[  853.568688][T17093]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  853.568707][T17093]  ? do_futex+0x192/0x350
[  853.568727][T17093]  ? __pfx_do_futex+0x10/0x10
[  853.568746][T17093]  ? find_held_lock+0x2b/0x80
[  853.568763][T17093]  ksys_mmap_pgoff+0xe1/0x650
[  853.568780][T17093]  ? __x64_sys_futex+0x34f/0x4d0
[  853.568799][T17093]  ? __x64_sys_futex+0x358/0x4d0
[  853.568819][T17093]  ? __pfx_ksys_mmap_pgoff+0x10/0x10
[  853.568836][T17093]  ? xfd_validate_state+0x129/0x190
[  853.568862][T17093]  __x64_sys_mmap+0x125/0x190
[  853.568886][T17093]  do_syscall_64+0x106/0xf80
[  853.568901][T17093]  ? clear_bhb_loop+0x40/0x90
[  853.568920][T17093]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  853.568936][T17093] RIP: 0033:0x7ff0c4b9c819
[  853.568950][T17093] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  853.568965][T17093] RSP: 002b:00007ff0c5aa6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  853.568981][T17093] RAX: ffffffffffffffda RBX: 00007ff0c4e15fa0 RCX: 00007ff0c4b9c819
[  853.568991][T17093] RDX: 0000000000000003 RSI: 0000000002020009 RDI: 0000000000000000
[  853.569000][T17093] RBP: 00007ff0c4c32c91 R08: ffff7ffffffffffa R09: 0000000000008000
[  853.569010][T17093] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000
[  853.569019][T17093] R13: 00007ff0c4e16038 R14: 00007ff0c4e15fa0 R15: 00007ffc890583a8
[  853.569040][T17093]  </TASK>
[  854.836885][T17109] ima: Unable to open file: /surit‹¯Ṛy/integrity?iqa/policy (-2)
[  855.576949][T17106] ima: policy update failed
[  855.648639][   T29] audit: type=1802 audit(1775768273.096:14): pid=17106 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.2431" res=0 errno=0
[  855.781608][T16994] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  855.856690][T16994] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  855.923396][T16994] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  855.990213][T16994] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  856.492300][T16994] 8021q: adding VLAN 0 to HW filter on device bond0
[  856.597397][T16994] 8021q: adding VLAN 0 to HW filter on device team0
[  856.658351][   T79] bridge0: port 1(bridge_slave_0) entered blocking state
[  856.665568][   T79] bridge0: port 1(bridge_slave_0) entered forwarding state
[  856.725849][   T79] bridge0: port 2(bridge_slave_1) entered blocking state
[  856.732991][   T79] bridge0: port 2(bridge_slave_1) entered forwarding state
[  857.115699][T17135] __nla_validate_parse: 48 callbacks suppressed
[  857.115718][T17135] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2437'.
[  857.258253][T17139] FAULT_INJECTION: forcing a failure.
[  857.258253][T17139] name failslab, interval 1, probability 0, space 0, times 0
[  857.340498][T17139] CPU: 0 UID: 0 PID: 17139 Comm: syz.1.2438 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  857.340528][T17139] Tainted: [L]=SOFTLOCKUP
[  857.340534][T17139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  857.340543][T17139] Call Trace:
[  857.340549][T17139]  <TASK>
[  857.340555][T17139]  dump_stack_lvl+0x100/0x190
[  857.340585][T17139]  should_fail_ex.cold+0x5/0xa
[  857.340604][T17139]  ? constrain_params_by_rules+0x175/0xcc0
[  857.340627][T17139]  should_failslab+0xc2/0x120
[  857.340644][T17139]  __kmalloc_noprof+0xe0/0x850
[  857.340667][T17139]  ? unwind_get_return_address+0x59/0xa0
[  857.340688][T17139]  constrain_params_by_rules+0x175/0xcc0
[  857.340715][T17139]  ? stack_trace_save+0x8e/0xc0
[  857.340734][T17139]  ? __pfx_constrain_params_by_rules+0x10/0x10
[  857.340761][T17139]  ? __kasan_kmalloc+0xaa/0xb0
[  857.340774][T17139]  ? snd_pcm_oss_change_params_locked+0x247/0x39f0
[  857.340796][T17139]  ? snd_pcm_oss_make_ready_locked+0xb7/0x130
[  857.340826][T17139]  ? snd_pcm_oss_sync+0x265/0x840
[  857.340854][T17139]  ? rcu_is_watching+0x12/0xc0
[  857.340879][T17139]  ? snd_interval_refine+0x2d0/0x580
[  857.340898][T17139]  snd_pcm_hw_refine+0x7e7/0xad0
[  857.340924][T17139]  ? __pfx_snd_pcm_hw_refine+0x10/0x10
[  857.340953][T17139]  ? __asan_memset+0x23/0x50
[  857.340974][T17139]  ? _snd_pcm_hw_param_min+0x1ea/0x670
[  857.340997][T17139]  snd_pcm_oss_change_params_locked+0x2594/0x39f0
[  857.341026][T17139]  ? snd_pcm_oss_sync+0x243/0x840
[  857.341046][T17139]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  857.341070][T17139]  ? __pfx___mutex_lock+0x10/0x10
[  857.341099][T17139]  snd_pcm_oss_make_ready_locked+0xb7/0x130
[  857.341122][T17139]  snd_pcm_oss_sync+0x265/0x840
[  857.341145][T17139]  snd_pcm_oss_release+0x238/0x300
[  857.341167][T17139]  ? __pfx_snd_pcm_oss_release+0x10/0x10
[  857.341188][T17139]  __fput+0x3ff/0xb40
[  857.341211][T17139]  task_work_run+0x150/0x240
[  857.341235][T17139]  ? __pfx_task_work_run+0x10/0x10
[  857.341262][T17139]  exit_to_user_mode_loop+0x100/0x4a0
[  857.341286][T17139]  do_syscall_64+0x668/0xf80
[  857.341301][T17139]  ? clear_bhb_loop+0x40/0x90
[  857.341321][T17139]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  857.341336][T17139] RIP: 0033:0x7ff0c4b9c819
[  857.341352][T17139] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  857.341366][T17139] RSP: 002b:00007ff0c5aa6028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  857.341382][T17139] RAX: 0000000000000000 RBX: 00007ff0c4e15fa0 RCX: 00007ff0c4b9c819
[  857.341393][T17139] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[  857.341403][T17139] RBP: 00007ff0c4c32c91 R08: 0000000000000000 R09: 0000000000000000
[  857.341412][T17139] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  857.341421][T17139] R13: 00007ff0c4e16038 R14: 00007ff0c4e15fa0 R15: 00007ffc890583a8
[  857.341441][T17139]  </TASK>
[  858.808519][T17156] FAULT_INJECTION: forcing a failure.
[  858.808519][T17156] name failslab, interval 1, probability 0, space 0, times 0
[  858.853987][T17156] CPU: 0 UID: 0 PID: 17156 Comm: syz.2.2442 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  858.854019][T17156] Tainted: [L]=SOFTLOCKUP
[  858.854025][T17156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  858.854035][T17156] Call Trace:
[  858.854041][T17156]  <TASK>
[  858.854047][T17156]  dump_stack_lvl+0x100/0x190
[  858.854077][T17156]  should_fail_ex.cold+0x5/0xa
[  858.854097][T17156]  should_failslab+0xc2/0x120
[  858.854115][T17156]  __kmalloc_node_track_caller_noprof+0xe3/0x850
[  858.854132][T17156]  ? kasprintf+0xc7/0x100
[  858.854152][T17156]  ? __lock_acquire+0x4a5/0x2630
[  858.854178][T17156]  kvasprintf+0xbc/0x150
[  858.854198][T17156]  ? __pfx_kvasprintf+0x10/0x10
[  858.854227][T17156]  kasprintf+0xc7/0x100
[  858.854247][T17156]  ? __pfx_kasprintf+0x10/0x10
[  858.854268][T17156]  ? __is_module_percpu_address+0x1c2/0x430
[  858.854294][T17156]  alloc_workqueue_noprof+0x114/0x200
[  858.854315][T17156]  ? __pfx_alloc_workqueue_noprof+0x10/0x10
[  858.854339][T17156]  ? __pfx___debug_object_init+0x10/0x10
[  858.854360][T17156]  nci_register_device+0x511/0xb80
[  858.854384][T17156]  ? __pfx_nci_register_device+0x10/0x10
[  858.854410][T17156]  ? lockdep_init_map_type+0x5c/0x250
[  858.854434][T17156]  virtual_ncidev_open+0x141/0x220
[  858.854459][T17156]  ? __pfx_virtual_ncidev_open+0x10/0x10
[  858.854481][T17156]  misc_open+0x26d/0x450
[  858.854501][T17156]  ? __pfx_misc_open+0x10/0x10
[  858.854521][T17156]  chrdev_open+0x234/0x6a0
[  858.854537][T17156]  ? __pfx_apparmor_file_open+0x10/0x10
[  858.854555][T17156]  ? __pfx_chrdev_open+0x10/0x10
[  858.854572][T17156]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  858.854596][T17156]  do_dentry_open+0x6d8/0x1660
[  858.854612][T17156]  ? __pfx_chrdev_open+0x10/0x10
[  858.854633][T17156]  vfs_open+0x82/0x3f0
[  858.854674][T17156]  path_openat+0x208c/0x31a0
[  858.854699][T17156]  ? __pfx_path_openat+0x10/0x10
[  858.854722][T17156]  do_file_open+0x20e/0x430
[  858.854740][T17156]  ? __pfx_do_file_open+0x10/0x10
[  858.854771][T17156]  ? alloc_fd+0x476/0x790
[  858.854789][T17156]  ? do_getname+0x191/0x390
[  858.854811][T17156]  do_sys_openat2+0x10d/0x1e0
[  858.854832][T17156]  ? __pfx_do_sys_openat2+0x10/0x10
[  858.854859][T17156]  __x64_sys_openat+0x12d/0x210
[  858.854880][T17156]  ? __pfx___x64_sys_openat+0x10/0x10
[  858.854909][T17156]  do_syscall_64+0x106/0xf80
[  858.854926][T17156]  ? clear_bhb_loop+0x40/0x90
[  858.854946][T17156]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  858.854962][T17156] RIP: 0033:0x7f758a79c819
[  858.854977][T17156] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  858.854991][T17156] RSP: 002b:00007f758b682028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  858.855006][T17156] RAX: ffffffffffffffda RBX: 00007f758aa15fa0 RCX: 00007f758a79c819
[  858.855021][T17156] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  858.855031][T17156] RBP: 00007f758a832c91 R08: 0000000000000000 R09: 0000000000000000
[  858.855041][T17156] R10: 000000000000003e R11: 0000000000000246 R12: 0000000000000000
[  858.855051][T17156] R13: 00007f758aa16038 R14: 00007f758aa15fa0 R15: 00007fff99ccf4b8
[  858.855072][T17156]  </TASK>
[  859.183291][T17167] futex_wake_op: syz.1.2445 tries to shift op by -2048; fix this program
[  859.718865][T16994] 8021q: adding VLAN 0 to HW filter on device batadv0
[  859.830769][T16994] veth0_vlan: entered promiscuous mode
[  859.862488][T16994] veth1_vlan: entered promiscuous mode
[  859.903145][T16994] veth0_macvtap: entered promiscuous mode
[  859.985376][T16994] veth1_macvtap: entered promiscuous mode
[  860.010001][T16994] batman_adv: batadv0: Interface activated: batadv_slave_0
[  860.214548][T16994] batman_adv: batadv0: Interface activated: batadv_slave_1
[  860.246402][T14858] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  860.466619][ T9924] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  860.475988][ T9924] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  860.568071][ T9924] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  860.838316][ T9923] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  860.876343][ T9923] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  860.973278][ T9923] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  861.024395][ T9923] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  861.501057][T17193] ==================================================================
[  861.501083][T17193] BUG: KASAN: vmalloc-out-of-bounds in sys_imageblit+0x19fb/0x1d60
[  861.501115][T17193] Write of size 8 at addr ffffc900045c90c0 by task syz.1.2451/17193
[  861.501132][T17193] 
[  861.501144][T17193] CPU: 0 UID: 0 PID: 17193 Comm: syz.1.2451 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  861.501168][T17193] Tainted: [L]=SOFTLOCKUP
[  861.501175][T17193] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  861.501185][T17193] Call Trace:
[  861.501190][T17193]  <TASK>
[  861.501196][T17193]  dump_stack_lvl+0x100/0x190
[  861.501221][T17193]  print_report+0x156/0x4c9
[  861.501242][T17193]  ? _raw_spin_lock_irqsave+0x52/0x60
[  861.501269][T17193]  ? sys_imageblit+0x19fb/0x1d60
[  861.501290][T17193]  kasan_report+0xdf/0x1e0
[  861.501307][T17193]  ? sys_imageblit+0x19fb/0x1d60
[  861.501340][T17193]  sys_imageblit+0x19fb/0x1d60
[  861.501365][T17193]  ? __pfx_sys_imageblit+0x10/0x10
[  861.501391][T17193]  drm_fbdev_shmem_defio_imageblit+0x20/0x130
[  861.501415][T17193]  soft_cursor+0x524/0xa10
[  861.501437][T17193]  bit_cursor+0xe58/0x16f0
[  861.501459][T17193]  ? __pfx_bit_cursor+0x10/0x10
[  861.501481][T17193]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  861.501498][T17193]  ? get_color+0x1da/0x450
[  861.501514][T17193]  ? __pfx_bit_cursor+0x10/0x10
[  861.501540][T17193]  fbcon_cursor+0x43c/0x5e0
[  861.501557][T17193]  ? mark_held_locks+0x40/0x70
[  861.501578][T17193]  hide_cursor+0x87/0x230
[  861.501599][T17193]  do_con_write+0x23fe/0x8540
[  861.501613][T17193]  ? trace_contention_end+0x140/0x180
[  861.501634][T17193]  ? __mutex_lock+0x26a/0x1b90
[  861.501653][T17193]  ? __pfx___mutex_lock+0x10/0x10
[  861.501669][T17193]  ? do_raw_spin_lock+0x128/0x260
[  861.501690][T17193]  ? __pfx_do_con_write+0x10/0x10
[  861.501708][T17193]  con_write+0x23/0xb0
[  861.501721][T17193]  n_tty_write+0x44f/0x12d0
[  861.501742][T17193]  ? __pfx_n_tty_write+0x10/0x10
[  861.501759][T17193]  ? trace_kmalloc+0x101/0x130
[  861.501775][T17193]  ? __pfx_woken_wake_function+0x10/0x10
[  861.501798][T17193]  ? rcu_is_watching+0x12/0xc0
[  861.501820][T17193]  ? file_tty_write.isra.0+0x694/0x890
[  861.501843][T17193]  ? kfree+0x2ec/0x6b0
[  861.501861][T17193]  ? __pfx_n_tty_write+0x10/0x10
[  861.501879][T17193]  file_tty_write.isra.0+0x4d2/0x890
[  861.501904][T17193]  redirected_tty_write+0xd4/0x120
[  861.501927][T17193]  vfs_write+0x6ac/0x1070
[  861.501942][T17193]  ? __pfx_redirected_tty_write+0x10/0x10
[  861.501966][T17193]  ? __pfx_vfs_write+0x10/0x10
[  861.501979][T17193]  ? find_held_lock+0x2b/0x80
[  861.501999][T17193]  ksys_write+0x12a/0x250
[  861.502012][T17193]  ? __pfx_ksys_write+0x10/0x10
[  861.502029][T17193]  do_syscall_64+0x106/0xf80
[  861.502045][T17193]  ? clear_bhb_loop+0x40/0x90
[  861.502063][T17193]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  861.502078][T17193] RIP: 0033:0x7ff0c4b9c819
[  861.502092][T17193] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  861.502107][T17193] RSP: 002b:00007ff0c5aa6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  861.502123][T17193] RAX: ffffffffffffffda RBX: 00007ff0c4e15fa0 RCX: 00007ff0c4b9c819
[  861.502133][T17193] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 0000000000000003
[  861.502143][T17193] RBP: 00007ff0c4c32c91 R08: 0000000000000000 R09: 0000000000000000
[  861.502153][T17193] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  861.502162][T17193] R13: 00007ff0c4e16038 R14: 00007ff0c4e15fa0 R15: 00007ffc890583a8
[  861.502178][T17193]  </TASK>
[  861.502184][T17193] 
[  861.502189][T17193] The buggy address belongs to a vmalloc virtual mapping
[  861.502202][T17193] Memory state around the buggy address:
[  861.502211][T17193]  ffffc900045c8f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  861.502234][T17193]  ffffc900045c9000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  861.502246][T17193] >ffffc900045c9080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  861.502255][T17193]                                            ^
[  861.502264][T17193]  ffffc900045c9100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  861.502275][T17193]  ffffc900045c9180: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  861.502284][T17193] ==================================================================
[  861.502300][T17193] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  861.502312][T17193] CPU: 0 UID: 0 PID: 17193 Comm: syz.1.2451 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  861.502335][T17193] Tainted: [L]=SOFTLOCKUP
[  861.502341][T17193] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  861.502351][T17193] Call Trace:
[  861.502357][T17193]  <TASK>
[  861.502364][T17193]  dump_stack_lvl+0x100/0x190
[  861.502389][T17193]  vpanic+0x552/0x970
[  861.502405][T17193]  ? __pfx_vpanic+0x10/0x10
[  861.502421][T17193]  ? __pfx_vprintk_emit+0x10/0x10
[  861.502437][T17193]  ? sys_imageblit+0x19fb/0x1d60
[  861.502460][T17193]  panic+0xd1/0xe0
[  861.502473][T17193]  ? __pfx_panic+0x10/0x10
[  861.502489][T17193]  ? sys_imageblit+0x19fb/0x1d60
[  861.502513][T17193]  check_panic_on_warn.cold+0x19/0x34
[  861.502536][T17193]  end_report.part.0+0x3a/0x90
[  861.502557][T17193]  kasan_report.cold+0xe/0x18
[  861.502580][T17193]  ? sys_imageblit+0x19fb/0x1d60
[  861.502605][T17193]  sys_imageblit+0x19fb/0x1d60
[  861.502630][T17193]  ? __pfx_sys_imageblit+0x10/0x10
[  861.502656][T17193]  drm_fbdev_shmem_defio_imageblit+0x20/0x130
[  861.502676][T17193]  soft_cursor+0x524/0xa10
[  861.502705][T17193]  bit_cursor+0xe58/0x16f0
[  861.502726][T17193]  ? __pfx_bit_cursor+0x10/0x10
[  861.502748][T17193]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  861.502764][T17193]  ? get_color+0x1da/0x450
[  861.502783][T17193]  ? __pfx_bit_cursor+0x10/0x10
[  861.502802][T17193]  fbcon_cursor+0x43c/0x5e0
[  861.502818][T17193]  ? mark_held_locks+0x40/0x70
[  861.502838][T17193]  hide_cursor+0x87/0x230
[  861.502859][T17193]  do_con_write+0x23fe/0x8540
[  861.502872][T17193]  ? trace_contention_end+0x140/0x180
[  861.502893][T17193]  ? __mutex_lock+0x26a/0x1b90
[  861.502913][T17193]  ? __pfx___mutex_lock+0x10/0x10
[  861.502929][T17193]  ? do_raw_spin_lock+0x128/0x260
[  861.502952][T17193]  ? __pfx_do_con_write+0x10/0x10
[  861.502972][T17193]  con_write+0x23/0xb0
[  861.502985][T17193]  n_tty_write+0x44f/0x12d0
[  861.503007][T17193]  ? __pfx_n_tty_write+0x10/0x10
[  861.503023][T17193]  ? trace_kmalloc+0x101/0x130
[  861.503040][T17193]  ? __pfx_woken_wake_function+0x10/0x10
[  861.503062][T17193]  ? rcu_is_watching+0x12/0xc0
[  861.503085][T17193]  ? file_tty_write.isra.0+0x694/0x890
[  861.503107][T17193]  ? kfree+0x2ec/0x6b0
[  861.503129][T17193]  ? __pfx_n_tty_write+0x10/0x10
[  861.503147][T17193]  file_tty_write.isra.0+0x4d2/0x890
[  861.503172][T17193]  redirected_tty_write+0xd4/0x120
[  861.503195][T17193]  vfs_write+0x6ac/0x1070
[  861.503210][T17193]  ? __pfx_redirected_tty_write+0x10/0x10
[  861.503234][T17193]  ? __pfx_vfs_write+0x10/0x10
[  861.503248][T17193]  ? find_held_lock+0x2b/0x80
[  861.503267][T17193]  ksys_write+0x12a/0x250
[  861.503282][T17193]  ? __pfx_ksys_write+0x10/0x10
[  861.503298][T17193]  do_syscall_64+0x106/0xf80
[  861.503316][T17193]  ? clear_bhb_loop+0x40/0x90
[  861.503334][T17193]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  861.503349][T17193] RIP: 0033:0x7ff0c4b9c819
[  861.503361][T17193] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  861.503376][T17193] RSP: 002b:00007ff0c5aa6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  861.503391][T17193] RAX: ffffffffffffffda RBX: 00007ff0c4e15fa0 RCX: 00007ff0c4b9c819
[  861.503402][T17193] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 0000000000000003
[  861.503411][T17193] RBP: 00007ff0c4c32c91 R08: 0000000000000000 R09: 0000000000000000
[  861.503421][T17193] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  861.503430][T17193] R13: 00007ff0c4e16038 R14: 00007ff0c4e15fa0 R15: 00007ffc890583a8
[  861.503445][T17193]  </TASK>
[  861.503511][T17193] Kernel Offset: disabled