last executing test programs:

8m49.958465552s ago: executing program 3 (id=3685):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0xa, 0x1, 0x84)
sendto$auto(0x3, 0x0, 0x2000f, 0x101, &(0x7f0000000000)=@in={0x2, 0x4e22, @rand_addr=0x64010100}, 0x1c)
listen$auto(0x3, 0x81)
accept$auto(0x3, 0x0, 0x0)
close_range$auto(0x2, 0x8000, 0x0)

8m49.423186984s ago: executing program 3 (id=3688):
mmap$auto(0x0, 0x4000b, 0x7, 0x9b72, 0x7, 0x28000)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
memfd_create$auto(0x0, 0xe)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/system/memory/memory15/valid_zones\x00', 0x0, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000800)='/sys/devices/virtual/bdi/43:384/max_bytes\x00', 0x181482, 0x0)
read$auto(r0, 0x0, 0x9)
openat$auto_proc_coredump_filter_operations_base(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
write$auto(0x3, 0x0, 0xfdef)

8m49.20795086s ago: executing program 3 (id=3689):
openat$auto_fragmentation_threshold_ops_(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ieee80211/phy10/fragmentation_threshold\x00', 0x301002, 0x0)
madvise$auto(0x0, 0x2000000080000001, 0x3)
mmap$auto(0x0, 0x2020006, 0x1000000000000007, 0xeb1, 0x0, 0x1008000)
io_cancel$auto(0x6, 0x0, 0x0)
r0 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000080), 0x48180, 0x0)
ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000280)={{0x1, 0x3968, 0x1, 0x1, 0x1}, "654c6dbc7a4d30983899a7e1325bc5d82b3f184410ba9f74e82a3fa6c3ccf1bf"})
io_uring_setup$auto(0x6, 0x0)
ioctl$auto_SNDRV_TIMER_IOCTL_STATUS64(r0, 0x80605414, 0x0)

8m48.945457643s ago: executing program 3 (id=3690):
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x3, 0x6)
lsm_list_modules$auto(0x0, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0)
mkdir$auto(0x0, 0x353)

8m48.496139162s ago: executing program 3 (id=3693):
write$auto_ocfs2_control_fops_stack_user(0xffffffffffffffff, 0x0, 0x0)
mmap$auto(0x0, 0x9, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
sysfs$auto(0x2, 0x7, 0x0)
socketpair$auto(0x9, 0x2, 0x8000000000000000, 0x0)
r0 = openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000008040), 0x2, 0x0)
ioctl$auto_I2C_SMBUS(r0, 0x720, 0x0)

8m47.656652087s ago: executing program 3 (id=3698):
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(0xffffffffffffffff, 0xc4c85512, 0x0)
ioctl$auto_CEC_DQEVENT(0xffffffffffffffff, 0xc0506107, 0x0)
openat$auto_xfs_dir_file_operations_xfs_file(0xffffffffffffff9c, 0x0, 0x2100, 0x0)
r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
mmap$auto(0x0, 0x9, 0x3, 0x8012, 0x3, 0x8000)
fsconfig$auto(0xffffffffffffffff, 0x8, 0x0, 0x0, 0x0)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)

8m47.378249052s ago: executing program 32 (id=3698):
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(0xffffffffffffffff, 0xc4c85512, 0x0)
ioctl$auto_CEC_DQEVENT(0xffffffffffffffff, 0xc0506107, 0x0)
openat$auto_xfs_dir_file_operations_xfs_file(0xffffffffffffff9c, 0x0, 0x2100, 0x0)
r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
mmap$auto(0x0, 0x9, 0x3, 0x8012, 0x3, 0x8000)
fsconfig$auto(0xffffffffffffffff, 0x8, 0x0, 0x0, 0x0)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)

7m0.879006047s ago: executing program 2 (id=4517):
capget$auto(0x0, 0xfffffffffffffffe)
ioctl$auto(0xffffffffffffffff, 0x4bfa, 0xffffffffffffffff)
write$auto_drm_edid_fops_drm_debugfs(0xffffffffffffffff, &(0x7f0000000580)="b7a53caf1b305860206af11a0ec35e7e5c46caffe279de8e9945d6e37dfaf9058103dbe387321e23d5f21c271069baa482db442a5748c1fec17e92c29d2df967f9c1ce0bd79ec3d67c9f0aff55674e238d4b83e2372ae3a03950aaa641f736e6f9065e5b9af9e2de49f8a01693aa28b5e53dd7d970575e42c6720cff2f6f9bf902791bf83abd9acf9dc3968a36b1851ffc6497e410d51f340b92b74f972cd68de180f42bcfc5ac64a8977e242b9ca63c58d603fea4fad558f0071db6e24de9bda2b835957f69a06c0d0000000000000000d4b8db86be62388110e03ef34b1fadaffc761c3fa220dac9bf9e94d03a0fe70ca30710a7", 0xf5)
mmap$auto(0x0, 0x400008, 0x200, 0x9b72, 0x2, 0x8000)
madvise$auto(0x2, 0x2000040080000004, 0xe)
r0 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x401, 0x0)
write$auto_proc_mem_operations_base(r0, &(0x7f0000001680)="a7", 0xfffffc96)
mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
syz_clone(0xa00c2000, 0x0, 0x0, 0x0, 0x0, 0x0)

7m0.153020022s ago: executing program 2 (id=4523):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
getrandom$auto(0x0, 0x6000000, 0x3)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008)
r0 = socket(0x29, 0x2, 0x0)
r1 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000)
mmap$auto(0x0, 0x10008, 0x4000000000df, 0xeb1, 0x401, 0x8000)
recvmmsg$auto(r1, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x6}, 0xfffffff9, 0x10, 0x0)
ioctl$auto(r0, 0x89f0, 0x24)

6m58.324290425s ago: executing program 2 (id=4535):
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x103080, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r1)
ioctl$auto_KVM_GET_MSRS(r0, 0x4008ae89, &(0x7f0000000080)={0x2, 0x0, [{0x491, 0x400, 0x718c1257}]})

6m57.804663817s ago: executing program 2 (id=4538):
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, r0, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r1)
ioctl$auto_KVM_GET_MSRS(r0, 0x4008ae89, &(0x7f00000000c0)={0xdd, 0x0, [{0x40000108, 0x400}]})

6m57.499004889s ago: executing program 2 (id=4540):
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
r0 = socket(0x2, 0x3, 0x6)
lsm_list_modules$auto(0x0, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8643, 0x15e)
ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0)
rename$auto(&(0x7f0000000480)='./file0\x00', 0x0)

6m57.264708921s ago: executing program 2 (id=4543):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
io_uring_setup$auto(0x1, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/memory/memory12/power/control\x00', 0x100, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0x4038ae7a, r0)

6m42.097148943s ago: executing program 33 (id=4543):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
io_uring_setup$auto(0x1, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/memory/memory12/power/control\x00', 0x100, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0x4038ae7a, r0)

7.705691485s ago: executing program 4 (id=6687):
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0x2, 0x80002, 0x73)
io_uring_setup$auto(0x6, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
bind$auto(0x3, &(0x7f0000000080), 0x6b)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x18, 0x5, 0x0)
socket(0xa, 0x2, 0x73)
socket(0x2, 0x80002, 0x73)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
fsconfig$auto(0xffffffffffffffff, 0x2, &(0x7f0000000080)='I\xee\"\xe3\xb7\xcfD\xe5\xb1\x05\x1e#\xff1<\xd9h[e\xdf\xc0M\xa2\x00\v\x97\xb5\xd4\x94\x99u\x9e\xf4O\x1a\xb1\x05\xb8\xcb\x96X\a\xc8\xb7\x97\xc7M\x83\'^\xc9\x9e\xccAsv\xce8sw\v\xac\xcd\xa2B\xf8.\xce\xe6n\xfe\xd6\xc8^W>Rz`C+\x0e\x8c<\xc5\x8f\xe6\x0f\x14\xfa\x9ea4>\xd8O[{\xede\xfd\xbc\xc7\xbd4_\xbc\xc6\x06\xe5h\x9e\xf5/4\xe8\xcfc\x95\xbb~\xd9.\xb3\x84\xb8K\xa7\xca\xda\xc8\x11u\xa1\x1d\x9d\xe1%\xc0m\xf6%1\xba\xe7^\xed0\xdc\x86\xeaG)?p,Up \xe9\b\x14\xaf\xbf\xd9\xc3,\xb8\x17\x10\x9f\x92\x95@),A\xb4\x92Q\x86\xbe\xed=p\x9c\xbd\xba#_]K\xce.\x00\x00\x00\x8eDv\x0fl\xed\x93ey\xf9\x19\xf0\x9d\xf5\xfe\xed\xc7Q\xc0ZJ\xc9*7\xf2\x1a\xa7\xb3\xc6v\v\xe1u\x16:\x15\xefel\xf0\x8c/\xa2\x95\xc1\xacd\xc9\a\xe5\x888F\xaa\xce\x94\xa2:sx\xea\x96\x7f~]\xdbj\xd1#\x94K\xcf\x11l\xe5Z\xec\xa6B\x90\xb6\xa3`\x88\xd4\x87\x17\x8a\x00\x00x\x95#\x83\x99\x00\xc6Z\x1au\x8e\xa7}\xa7\xe9\x83X\xa3\xad\xe2T\xea\xa0\xba\xd7R8T\x8e0h\x8ck4\x15\xf3sh0\xd3\x1e\xedU@\xab\xc0g\xeeT\xc5\x8d\x9b\x188x)\xf0i]\xdcf\xdd\xf9\xffA\"ZQ\x8d\x15\xff\xf3\xb36\x1d\x8e7\xb2d3\xe8\xf4\x1e3\xec\xfe\xbf\xbbo\xbb\xd2Z\x89:\xa2\xc8n8k\xa8\xba\xa5E\x9f\xbe>3,\xcb\xa2\xa7q \xe2P\x8a\xb1Vh\x94$\xe9\xea\x0f!G\xb9\xb3\x11\xe1\xae\tg\xc2?8\x8e8\xce\xbf\x01W\xbc\x8b\xab\xa9\x91j\xcd\xb9`F\x02\'\x05\xb1d\xff\xedB\xa5W(q\xfa\xad\x9be\xbfX\x14\xb9\xf8\x1a\xe9\xed\xe6\x1a', 0x0, 0x0)
bind$auto(0x3, &(0x7f0000000080), 0x6b)

7.177469397s ago: executing program 4 (id=6691):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0xb60)
pwrite64$auto(0xffffffffffffffff, 0x0, 0x400000, 0xc)
socket(0xa, 0x5, 0x84)
r0 = gettid()
prlimit64$auto(r0, 0x6, &(0x7f00000000c0)={0x5, 0x945}, &(0x7f0000000240)={0x4})
mbind$auto(0x2000, 0x100000008, 0x2100000000, 0x0, 0x6, 0x2)
accept4$auto(0xffffffffffffffff, 0x0, 0x0, 0xffffffff)
mprotect$auto(0x0, 0x806121, 0x8)
connect$auto(0xffffffffffffffff, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x50)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0)

5.724049301s ago: executing program 5 (id=6699):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1e, 0x4, 0x0)
r0 = socket(0x1e, 0x4, 0x0)
get_robust_list$auto(0x0, 0x0, 0x0)
setsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x14)
setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x28080, 0x0)
read$auto(r2, 0x0, 0x20)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x3}, 0x3)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x101d0}, 0x8)

5.517915277s ago: executing program 4 (id=6700):
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
socket(0xa, 0x3, 0x3b)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = socket(0x2, 0x1, 0x0)
bpf$auto_BPF_OBJ_GET_INFO_BY_FD(0xf, &(0x7f00000002c0)=@test={r0, 0x0, 0x856, 0x189, 0x8, 0x7fff, 0x7fff, 0x10000, 0xc91a, 0x7, 0x5, 0x3, 0x3, 0x3, 0x6}, 0x1)
mmap$auto(0x0, 0xa00006, 0x400002, 0x40ebe, 0xffffffffffffffff, 0x300000000000)
close_range$auto(0x2, 0xa, 0x0)
r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x42, 0x0)
write$auto(r1, &(0x7f0000000200)='/de\xef\xe7audio1\x00', 0xa3d9)

5.487046469s ago: executing program 1 (id=6701):
mmap$auto(0x0, 0x40009, 0xa, 0x9b72, 0x2, 0x28000)
close_range$auto(0x0, 0xfffffffffffff001, 0x2)
r0 = socket(0x1e, 0x1, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r1 = socket(0x2, 0x2, 0x88)
setsockopt$auto(r1, 0x88, 0xa, &(0x7f0000000000)='\xba\xba\xd3\xc8[&P\x9c\xe7AJz\'\x91\xce=B}v+7n\xa2r0\x92\xc3\x0eE\x96\xf63\xec\xe0\xb2\f\xa86v\xeb\xf1\xcb\xd4\xa9\v\xe1\xcc\x18', 0x80000e)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
openat$auto_ftrace_set_event_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/set_event_pid\x00', 0x121c82, 0x0)
socketpair$auto(0x8, 0x1, 0x8000000000000000, 0x0)
r2 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vbi0\x00', 0x80382, 0x0)
ioctl$auto(r2, 0xc0045627, r0)

5.281690486s ago: executing program 5 (id=6702):
mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000)
socket(0x10, 0x2, 0x0)
socket(0x10, 0x2, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x801, 0x84)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
socket(0xa, 0x2, 0x0)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
socket(0xa, 0x801, 0x84)
r1 = io_uring_setup$auto(0x6, 0x0)
r2 = socket(0xa, 0x2, 0x88)
r3 = bpf$auto(0x0, &(0x7f0000000000)=@link_update={<r4=>r2, @new_prog_fd=0x4, 0x4, @old_prog_fd=r0}, 0xa3)
bpf$auto(0x4, &(0x7f0000000040)=@link_update={r3, @new_prog_fd=r4, 0x1, @old_prog_fd=r1}, 0x9)

5.18122568s ago: executing program 1 (id=6703):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket(0x1e, 0x4, 0x0)
get_robust_list$auto(0x0, 0x0, 0x0)
setsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x14)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x20000, 0x0)
read$auto(r2, 0x0, 0x20)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x3}, 0x3)
bind$auto(0x3, 0x0, 0x9)
close_range$auto(0x2, 0xa, 0x0)

4.803332368s ago: executing program 5 (id=6704):
mmap$auto(0x0, 0x402000a, 0xffffffffffffffff, 0x400eb1, 0x401, 0x8000)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff)
getresuid$auto(&(0x7f00000000c0)=0x3, 0x0, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'veth0\x00'})
close_range$auto(0x0, 0xffffffffffffffff, 0x2)
socket(0xa, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x801, 0x84)
r0 = socket(0x18, 0x5, 0x1)
connect$auto(r0, &(0x7f0000000000)=@in={0x2, 0x100}, 0x3a)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)

4.689386403s ago: executing program 1 (id=6705):
close_range$auto(0x0, 0xfffffffffffff000, 0x0)
bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x7, 0x4, 0x200, 0x3, 0x8, 0xc, 0x2e, 0x0, 0x3}, 0x6f4)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
pidfd_open$auto(0x1, 0x0)
socket(0x2, 0x3, 0x100)
bpf$auto(0x2, &(0x7f00000001c0)=@batch={0x8000000000009, 0x80000001, 0x10008, 0x8250, 0xa6d5, 0xffffffffffffffff, 0x7, 0x6}, 0x103)
sendmsg$auto_NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="d8010000", @ANYRES16, @ANYBLOB="01002dbd7000fcdbdf25010000000c0002000500000000000000c5000700c1007cf7c27c120e3984130834a73f9221887ac28e443c4a1a7da8d2ddcf2890cce5822826764f3f410e53f43f300d2e04700395778e7935c99f6a38f6f3e56e7d8a18d15791b3b4f9378d743a8f0cbbe1c604a782030626ead26826f4790233f19c29fbaf1da77e1b84522d05ca0f4237b24aead87b47d41805fa9967d02ad2deba1895652b8d630c30213ed8f72c1066f1bb9fb1b242d08a55d32398d8d3c635008f2c61049c8abf600a98d1d2d0b0027aecaf27d20b6ff4129883e111e1c858000000dc00090069fccb38f57447a8af8c40a03b92af7adc0c48af4308483b99aa587ed8711b4a79a383c263698842365af6807d1be1800fd492770983a6df345fb472e9fa41b667af43bc36d7063b6b93ab7661925e8d71452acd95b788c31a32ae903b96b9ed9a5e3542c625105e8f21a5b41ff3d17f8704581f4b8b75ae741d0fba8cab2e187c93eeea89f6cf6ab7cc496e0bd9759cc0b408bbe0c6eae2aa29c2d97d48a55fc0ff937c90173d61cf652f97cb301e4d7e3bac0026732e22eadd3a6c5ffa4faed6855a86814c920a650a61936305d2713db1c92a238e265c080001007f0e00000c0002"], 0x1d8}, 0x1, 0x0, 0x0, 0x40080}, 0x20040000)
sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01"], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x8000)
r0 = socket(0x10, 0x2, 0x4)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000011c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x4004)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

4.532358101s ago: executing program 0 (id=6706):
mmap$auto(0x200, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x3)
mmap$auto(0x0, 0x10, 0xdf, 0x1a, 0x2, 0x8000)
set_mempolicy$auto(0xfbf, 0x0, 0x800001b)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
writev$auto(0xffffffffffffffff, 0x0, 0xa)
unshare$auto(0x40000080)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2506, &(0x7f00000002c0)={0x0, 0xac}, 0x5, 0x0, 0x1, 0x3a32182}, 0xed7138b}, 0x2, 0x9)
sendmsg$auto_CGROUPSTATS_CMD_GET(r0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2841}, 0x14)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/virtual/block/loop4/queue/wbt_lat_usec\x00', 0x10b142, 0x0)
symlink$auto(&(0x7f0000000000)='.\x00', &(0x7f0000000040)='./file0\x00')
openat2$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0/../file0\x00', &(0x7f0000000100)={0x84281, 0x0, 0x8}, 0x18)

3.67667808s ago: executing program 5 (id=6707):
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x40000, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, r0, 0x0)
r2 = socket(0x10, 0x2, 0x4)
sendmsg$auto_ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, &(0x7f0000001dc0)={0x0, 0x0, &(0x7f0000001d80)={&(0x7f0000000000)={0x20, 0x0, 0x1, 0x70bd37, 0x25dfdbff, {}, [@ETHTOOL_A_RINGS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x40010}, 0x80000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0xc)
r3 = socket(0x10, 0x2, 0xc)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYRES8=r3, @ANYRES8=r1], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x4000050)
write$auto(r2, &(0x7f0000000000)='-\x00', 0xfdef)

3.676026684s ago: executing program 0 (id=6715):
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
fanotify_init$auto(0x400, 0x2000000000002)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000040)='ns/time\x00')
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_mac80211_hwsim(0x0, 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_GET_RADIO(r1, 0x0, 0x0)
sendmsg$auto_HWSIM_CMD_TX_INFO_FRAME(r0, 0x0, 0x11)
socket$nl_generic(0x10, 0x3, 0x10)
sysfs$auto(0x2, 0xe, 0x0)
open(0x0, 0x1652c2, 0xe1d2b27bdc14aa98)
fanotify_mark$auto(0x0, 0x1, 0x9, 0x4, 0x0)
close_range$auto(0x0, 0xffffffffffffffff, 0x2)

3.675544571s ago: executing program 1 (id=6708):
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
close_range$auto(0x0, 0x5, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x5, 0x0)
r0 = socket(0xa, 0x5, 0x84)
close_range$auto(0x0, 0x5, 0x0)
io_uring_setup$auto(0x1, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/memory/memory12/power/control\x00', 0x100, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$auto(r0, 0xc040aed4, r1)
close_range$auto(0x2, 0x8, 0x0)

3.498974994s ago: executing program 1 (id=6709):
socket(0x1f, 0x6, 0xffffffff)
bind$auto(0x3, 0x0, 0x6a)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
unshare$auto(0x40000080)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x8c00, 0x0)
unshare$auto(0x40000080)
exit$auto(0x7)
mount$auto(0x0, &(0x7f00000000c0)='.\x00', 0x0, 0x7, 0x0)
io_uring_setup$auto(0x59, 0x0)
syz_clone(0x0, 0x0, 0xfffffffffffffd55, 0x0, 0x0, 0x0)

3.454794637s ago: executing program 0 (id=6710):
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = open(&(0x7f0000000000)='./file0\x00', 0x222c0, 0x0)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7ffff000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x20, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptywe\x00', 0x40001, 0x0)
write$auto(0x3, 0x0, 0xfdef)
ioctl$auto(0x3, 0x541a, r0)

3.130810886s ago: executing program 4 (id=6711):
openat$auto_uhid_fops_uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2201, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
socket(0x2, 0x1, 0x0)
socketpair$auto(0x3, 0x5, 0x7, 0x0)
write$auto(0x3, 0x0, 0xfffffdef)

2.727797556s ago: executing program 4 (id=6712):
socket(0x2b, 0x1, 0x0)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000001080)='/proc/self/mountinfo\x00', 0x121302, 0x0)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x55)
socket(0x2, 0x3, 0xa)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8)
connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0xe000)
write$auto(0x3, 0x0, 0x800)
socket$nl_generic(0x10, 0x3, 0x10)

2.726840757s ago: executing program 5 (id=6713):
r0 = socket(0xa, 0x1, 0x84)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
fanotify_init$auto(0x65, 0x2)
pipe$auto(0x0)
dup2$auto(0x5, 0x4)
splice$auto(0x4, 0x0, 0x2, 0x0, 0x80000001, 0x9)
write$auto(0x6, 0x0, 0x100000001)
setsockopt$auto(0x3, 0x1, 0x10, 0x0, 0x9)
setresuid$auto(0x2, 0x7, 0x8080)
recvmmsg$auto(r0, &(0x7f0000000100)={{0x0, 0xbb, 0x0, 0x8, &(0x7f0000000040), 0x81, 0x9}, 0xfffffffb}, 0x5, 0x6586, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

1.64299273s ago: executing program 5 (id=6714):
write$auto_cachefiles_daemon_fops_internal(0xffffffffffffffff, &(0x7f0000000300)="a04f", 0x2)
unshare$auto(0x40000080)
r0 = ioctl$auto_NS_GET_TGID_IN_PIDNS(0xffffffffffffffff, 0x8004b709, &(0x7f0000000040)=0x5)
unshare$auto(0x40000080)
openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, 0x0, 0x101901, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0)
mmap$auto(0x9d4, 0x6, 0x2, 0x17, r1, 0x7fffffff)
prctl$auto(0x3e, 0x1, r0, 0x1, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0)
write$auto_ocfs2_control_fops_stack_user(r2, &(0x7f0000000280)='\t', 0x1)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/module/libceph/parameters/supported_features\x00', 0x40000, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000003940)=""/4119, 0x1017)

1.642122066s ago: executing program 0 (id=6723):
sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, 0x0, 0x4000804)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
read$auto(r0, 0x0, 0x20)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3)
unshare$auto(0x4)
socket(0x25, 0x1, 0x5)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_OVS_DP_CMD_NEW(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x34, r3, 0x1, 0x2070bd26, 0x25dfdbf8, {}, [@OVS_DP_ATTR_UPCALL_PID={0xfffffffffffffeee, 0x2, 0x4}, @OVS_DP_ATTR_NAME={0x8, 0x1, 'HfR\x00'}, @OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x9}, @OVS_DP_ATTR_MASKS_CACHE_SIZE={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x801}, 0x80)

1.576756962s ago: executing program 1 (id=6716):
mmap$auto(0x200, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x3)
mmap$auto(0x0, 0x10, 0xdf, 0x1a, 0x2, 0x8000)
set_mempolicy$auto(0xfbf, 0x0, 0x800001b)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
writev$auto(0xffffffffffffffff, 0x0, 0xa)
unshare$auto(0x40000080)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2506, &(0x7f00000002c0)={0x0, 0xac}, 0x5, 0x0, 0x1, 0x3a32182}, 0xed7138b}, 0x2, 0x9)
sendmsg$auto_CGROUPSTATS_CMD_GET(r0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2841}, 0x14)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/virtual/block/loop4/queue/wbt_lat_usec\x00', 0x10b142, 0x0)
symlink$auto(&(0x7f0000000000)='.\x00', &(0x7f0000000040)='./file0\x00')
openat2$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0/../file0\x00', &(0x7f0000000100)={0x84281, 0x0, 0x8}, 0x18)

330.024951ms ago: executing program 0 (id=6717):
mmap$auto(0x0, 0x402000a, 0xffffffffffffffff, 0x400eb1, 0x401, 0x8000)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff)
getresuid$auto(&(0x7f00000000c0)=0x3, 0x0, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'veth0\x00'})
close_range$auto(0x0, 0xffffffffffffffff, 0x2)
socket(0xa, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x801, 0x84)
r0 = socket(0x18, 0x5, 0x1)
connect$auto(r0, &(0x7f0000000000)=@in={0x2, 0x100}, 0x3a)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)

243.56082ms ago: executing program 4 (id=6718):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/platform/dummy_hcd.7/usb8/ep_00/direction\x00', 0x20400, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x64842, 0x0)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000011c0)='/dev/ptyq3\x00', 0x40001, 0x0)
ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0)
ioctl$auto(0x3, 0x8926, 0x10000000000402)

0s ago: executing program 0 (id=6719):
prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0)
open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x130)
open(&(0x7f00000000c0)='./file0\x00', 0x40000, 0x31)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x403, 0x8000)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080))
syz_clone(0x8000400, &(0x7f0000000840)="1f7ae026d45c74adaa9af8be5a9bf04d55bb9f8912cd8b55ba629c1f93087838d679ec19ab25bda7c33800eb77af5ae2f9de647892fa149fe4f718156a38f4da8c027960d605e6733b5b06228ccc260f265495f471b6dd8bdbfef3f918f7a6b39c3b9e695b6ff77ba73ad1cce9a8891647140310aec31d6a54611767554081b007bfb560ed361f307b5171669bf1bb905c22eb66939a4870834575dc21fb12ec6f9cdbff02e59809db2000d5bbbc3e7e1d14fed4ee9bfd384e9b054b765c3ddb7b34e52fb81c4b943e21c43de214c9b0c62842c3def76b8b1086c6b28dd71511bf93f4fd216f5ab306f057e0ed53da9ab205001b59f0f450cc2bbe75cc6f0f6e62bc3bb02c9c843575fb18439c37f59d26e08e9fe993b1bb26693348d2d0240a41816dc4b5269c76f6714b2e131fde84477c618c7298933c7af7ee02d86d06988e02f80d7ca04ab3dfb79ace2d51b3b61f92329d6d95745e27a45d6408edf563be3e195dd7f2b972ea673dcbce40fbe34c7e66cfbe215c70e43fabf5599a863b17ad99a59ec45c962dc463cf08e9bcbae6f281a8714637704aadc9c72db48284703bb0259b723f7425aaa3f2d597f42d5db5394625d2fcb2c32726a592a9a86f361eb3b88f16468701de9e982ed63ec608ed8276a8edcecf203d634eca0cf3790fcf19c80a57b13faf868d2434e00791c4d9d9f6d0b3d823d028c433385ee8ae3efbe4f035b9a065b20bfdd644d604e627c2dc014141372d55f1e210430e9ed081d97bd20baf658db590a8b4e0db0bd8d3d9e262578a47c4f98a92c7c6ec43069f3b377499c793143679a6ecd813b76ad0dc3d44bef1839ff4b34fa7113729d23000b907fae2431ff91f62b8fff83b4b1e5dc72b2b634773d58786d1d34679d15c389711f47bc81fa9e52b23a5b37c80197c252b9fb264408d46d9ce07fcc449bd5f5357ad57b972cb50d0569454c3a8d9062f22db78fd1a7219a3bcea7c4a9069fc1e94b61d4da3ec94f40f4e1cbfef83392e617bad809be81945f4d9b0864585be4e70acc81e492091a4ff40859d509bfb35ac6353c735842462af2046cd772e9fd8dcdc69bdb444d0fe80ef77dd06c33dcfd38c33f2ef00b757733282b1801a0df1941d8cd6764e192fc5240dbe65f9c39c5ac9763b76147b43358bf5eccb6bc8d703d2b23d4eb5506b801aa187f60c9f5691658e17603ff4ee725ce88219260b8c69e14227f99a0df6ebdf06d54fb2be9fa29aac9e69882d68358824037dcc8c227d52c8da3de520b69af1b2cac04dbdc50aaa87b8431798e80391ab4b0a821289a1cbea6644f82815061fbbb3e3dbeffdc1ed22b6e01729b5d84489b882e7f264071495ebe882afe472fce55f970fd0cbdcb6128d32e2978a4ea9d557d79c1cdfcd26d744ae5f4be84edd966b6c380766bfb6e43868f6ea58d1b3c20a0d8c4c20d11fa2c7eddf2717374614742a2c67e6feaed81c80dc6a76902a97e7132576f55fead3baf3cd9f5086497049ba6d9d849982eb5cf6b4b268f9d21886ce34138ca6b17bb6eafca1a077169387b1a444bfa8b7abd50d767983a4de0350c5f2f1908b4b06f3ca6b3dcb334861ceaadb030dceab19707ceb7d1d3afa7ed756282e90ab51ff3953fa30e1481093fcd756aeef7a079a8dd3c878e77d8734b86afb85315ed13e9cefbcbd85c01648151ce7bf5747934f895bf747cf263e488ee4e494f6f7a33041b00079e1b5d17fd4d7e0af1e906a5c09c06f0980b8b976b6bbcfa6e2bf587f3237170dbb300126557154c1487f808b18d1f53819f04ba1df29cc", 0x501, 0x0, 0x0, 0x0)
r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
r1 = socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x11}}, 0x54)
getsockopt$auto(r1, 0x84, 0x18, 0x0, &(0x7f0000000000)=0x7ffe)
write$auto_console_fops_tty_io(r0, &(0x7f0000000000)="c80d1b5d399b39", 0xfdef)

kernel console output (not intermixed with test programs):

][T21208] netlink: 18 bytes leftover after parsing attributes in process `syz.0.5408'.
[  767.992587][T21290] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  768.021023][T21290] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  768.031147][T21290] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  768.057548][T21290] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  768.073058][T21290] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  768.089421][T21290] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  769.712084][T21320] vhci_hcd vhci_hcd.0: default hub control req: 0000 v0000 i0000 l0
[  770.015706][T21315] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  770.041571][T21315] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  770.061016][T21315] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  770.306867][   T67] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  770.411945][ T5831] Bluetooth: hci0: command 0x0406 tx timeout
[  770.423590][   T67] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  770.539660][   T67] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  770.679534][T21331] netlink: 266 bytes leftover after parsing attributes in process `syz.0.5458'.
[  770.692063][   T67] netdevsim netdevsim5 netdevsim0 (unregistering): left allmulticast mode
[  770.723197][   T67] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  770.930450][ T5141] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  770.941717][ T5141] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  770.950516][ T5141] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  770.958753][ T5141] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  770.968306][ T5141] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  771.194621][   T67] bridge_slave_1: left allmulticast mode
[  771.222487][   T67] bridge_slave_1: left promiscuous mode
[  771.262092][   T67] bridge0: port 2(bridge_slave_1) entered disabled state
[  771.321542][   T67] bridge_slave_0: left allmulticast mode
[  771.354907][   T67] bridge_slave_0: left promiscuous mode
[  771.377607][   T67] bridge0: port 1(bridge_slave_0) entered disabled state
[  771.920329][   T67] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  771.972617][   T67] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  772.016317][   T67] bond0 (unregistering): Released all slaves
[  772.082000][ T5831] Bluetooth: hci3: command 0x0406 tx timeout
[  772.088064][ T5141] Bluetooth: hci1: command 0x040f tx timeout
[  772.935758][   T67] hsr_slave_0: left promiscuous mode
[  772.953993][   T67] hsr_slave_1: left promiscuous mode
[  773.001190][   T67] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  773.032242][   T67] batman_adv: batadv0: Removing interface: batadv_slave_0
[  773.040449][ T5141] Bluetooth: hci2: command tx timeout
[  773.067660][   T67] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  773.095515][   T67] batman_adv: batadv0: Removing interface: batadv_slave_1
[  773.164068][   T67] veth1_macvtap: left promiscuous mode
[  773.183704][   T67] veth0_macvtap: left promiscuous mode
[  773.205984][   T67] veth1_vlan: left promiscuous mode
[  773.228839][   T67] veth0_vlan: left promiscuous mode
[  773.935908][   T67] team0 (unregistering): Port device team_slave_1 removed
[  774.009716][   T67] team0 (unregistering): Port device team_slave_0 removed
[  774.407993][T21334] chnl_net:caif_netlink_parms(): no params data found
[  774.865390][T21334] bridge0: port 1(bridge_slave_0) entered blocking state
[  774.920977][T21334] bridge0: port 1(bridge_slave_0) entered disabled state
[  774.960773][T21334] bridge_slave_0: entered allmulticast mode
[  774.998837][T21334] bridge_slave_0: entered promiscuous mode
[  775.109613][ T5141] Bluetooth: hci2: command tx timeout
[  775.125138][T21334] bridge0: port 2(bridge_slave_1) entered blocking state
[  775.144885][T21334] bridge0: port 2(bridge_slave_1) entered disabled state
[  775.176339][T21334] bridge_slave_1: entered allmulticast mode
[  775.226230][T21334] bridge_slave_1: entered promiscuous mode
[  775.559212][T21334] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  775.719883][T21334] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  775.929490][T21334] team0: Port device team_slave_0 added
[  775.979564][T21334] team0: Port device team_slave_1 added
[  776.286245][T21334] batman_adv: batadv0: Adding interface: batadv_slave_0
[  776.320606][T21334] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  776.407475][T21334] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  776.486364][T21334] batman_adv: batadv0: Adding interface: batadv_slave_1
[  776.508069][T21334] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  776.594933][T21334] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  776.807136][T21334] hsr_slave_0: entered promiscuous mode
[  776.849865][T21334] hsr_slave_1: entered promiscuous mode
[  776.855935][T21334] debugfs: 'hsr0' already exists in 'hsr'
[  776.903120][T21334] Cannot create hsr debugfs directory
[  777.177567][ T5141] Bluetooth: hci2: command tx timeout
[  778.419861][T21479] netlink: 'syz.0.5477': attribute type 21 has an invalid length.
[  778.452036][T21479] netlink: 326 bytes leftover after parsing attributes in process `syz.0.5477'.
[  778.971040][T21334] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  779.065952][T21334] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  779.169892][T21334] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  779.240548][T21334] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  779.251683][ T5141] Bluetooth: hci2: command tx timeout
[  779.589489][T21334] 8021q: adding VLAN 0 to HW filter on device bond0
[  779.680196][T21334] 8021q: adding VLAN 0 to HW filter on device team0
[  779.746620][   T67] bridge0: port 1(bridge_slave_0) entered blocking state
[  779.753727][   T67] bridge0: port 1(bridge_slave_0) entered forwarding state
[  779.837550][   T67] bridge0: port 2(bridge_slave_1) entered blocking state
[  779.844710][   T67] bridge0: port 2(bridge_slave_1) entered forwarding state
[  780.009671][T21334] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  780.636080][T21334] 8021q: adding VLAN 0 to HW filter on device batadv0
[  780.879005][T21535] FAULT_INJECTION: forcing a failure.
[  780.879005][T21535] name failslab, interval 1, probability 393216, space 0, times 0
[  780.939860][T21535] CPU: 0 UID: 0 PID: 21535 Comm: syz.0.5486 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  780.939889][T21535] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  780.939896][T21535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  780.939906][T21535] Call Trace:
[  780.939912][T21535]  <TASK>
[  780.939919][T21535]  dump_stack_lvl+0x100/0x190
[  780.939946][T21535]  should_fail_ex.cold+0x5/0xa
[  780.939965][T21535]  should_failslab+0xc2/0x120
[  780.939988][T21535]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  780.940008][T21535]  ? __alloc_skb+0x140/0x710
[  780.940026][T21535]  __alloc_skb+0x140/0x710
[  780.940040][T21535]  ? __alloc_skb+0x5b7/0x710
[  780.940054][T21535]  ? __pfx___alloc_skb+0x10/0x10
[  780.940067][T21535]  ? rtnl_prop_list_size+0x144/0x2c0
[  780.940085][T21535]  ? if_nlmsg_size+0x4a4/0xb30
[  780.940104][T21535]  rtmsg_ifinfo_build_skb+0x81/0x260
[  780.940126][T21535]  unregister_netdevice_many_notify+0x12b6/0x2580
[  780.940153][T21535]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  780.940172][T21535]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  780.940203][T21535]  unregister_netdevice_queue+0x30b/0x3c0
[  780.940221][T21535]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  780.940240][T21535]  ? __pfx_locks_remove_file+0x10/0x10
[  780.940264][T21535]  ppp_release+0x211/0x230
[  780.940281][T21535]  ? __pfx_ppp_release+0x10/0x10
[  780.940296][T21535]  __fput+0x3ff/0xb40
[  780.940315][T21535]  task_work_run+0x150/0x240
[  780.940336][T21535]  ? __pfx_task_work_run+0x10/0x10
[  780.940361][T21535]  exit_to_user_mode_loop+0x100/0x4a0
[  780.940381][T21535]  do_syscall_64+0x668/0xf80
[  780.940398][T21535]  ? clear_bhb_loop+0x40/0x90
[  780.940416][T21535]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  780.940432][T21535] RIP: 0033:0x7fa77579bf79
[  780.940446][T21535] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  780.940461][T21535] RSP: 002b:00007fa776671028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  780.940484][T21535] RAX: 0000000000000000 RBX: 00007fa775a16090 RCX: 00007fa77579bf79
[  780.940494][T21535] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[  780.940504][T21535] RBP: 00007fa7758327e0 R08: 0000000000000000 R09: 0000000000000000
[  780.940514][T21535] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  780.940523][T21535] R13: 00007fa775a16128 R14: 00007fa775a16090 R15: 00007ffe90f756c8
[  780.940544][T21535]  </TASK>
[  781.645438][T21540] netlink: 342 bytes leftover after parsing attributes in process `syz.4.5487'.
[  781.905063][T21547] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5489'.
[  782.399177][T21549] sp0: Synchronizing with TNC
[  782.978074][T21334] veth0_vlan: entered promiscuous mode
[  783.064641][T21334] veth1_vlan: entered promiscuous mode
[  783.168135][T21334] veth0_macvtap: entered promiscuous mode
[  783.253903][T21334] veth1_macvtap: entered promiscuous mode
[  783.329356][T21581] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5497'.
[  783.364899][T21334] batman_adv: batadv0: Interface activated: batadv_slave_0
[  783.384368][T21581] netlink: 13 bytes leftover after parsing attributes in process `syz.1.5497'.
[  783.421193][T21334] batman_adv: batadv0: Interface activated: batadv_slave_1
[  783.525066][   T48] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  783.562120][   T48] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  783.632402][   T48] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  783.677307][   T48] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  783.912328][T13684] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  783.977813][T13684] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  784.079514][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  784.108414][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  785.003514][T21636] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5512'.
[  785.054622][T21636] veth1_vlan: entered allmulticast mode
[  785.719956][T21653] FAULT_INJECTION: forcing a failure.
[  785.719956][T21653] name failslab, interval 1, probability 393216, space 0, times 0
[  785.762859][T21653] CPU: 0 UID: 0 PID: 21653 Comm: syz.5.5518 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  785.762886][T21653] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  785.762893][T21653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  785.762903][T21653] Call Trace:
[  785.762909][T21653]  <TASK>
[  785.762915][T21653]  dump_stack_lvl+0x100/0x190
[  785.762942][T21653]  should_fail_ex.cold+0x5/0xa
[  785.762961][T21653]  ? kobject_get_path+0xcf/0x2c0
[  785.762979][T21653]  should_failslab+0xc2/0x120
[  785.763003][T21653]  __kmalloc_noprof+0xe0/0x850
[  785.763026][T21653]  kobject_get_path+0xcf/0x2c0
[  785.763047][T21653]  kobject_uevent_env+0x287/0x18b0
[  785.763071][T21653]  ? kernfs_remove_by_name_ns+0x9f/0xf0
[  785.763094][T21653]  __kobject_del+0x168/0x220
[  785.763113][T21653]  kobject_put+0x348/0x640
[  785.763132][T21653]  netdev_queue_update_kobjects+0x4e5/0x6f0
[  785.763159][T21653]  netdev_unregister_kobject+0x168/0x540
[  785.763177][T21653]  ? rtmsg_ifinfo_send+0xcc/0x110
[  785.763198][T21653]  unregister_netdevice_many_notify+0x1817/0x2580
[  785.763224][T21653]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  785.763242][T21653]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  785.763274][T21653]  unregister_netdevice_queue+0x30b/0x3c0
[  785.763292][T21653]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  785.763310][T21653]  ? __pfx_locks_remove_file+0x10/0x10
[  785.763335][T21653]  ppp_release+0x211/0x230
[  785.763352][T21653]  ? __pfx_ppp_release+0x10/0x10
[  785.763367][T21653]  __fput+0x3ff/0xb40
[  785.763386][T21653]  task_work_run+0x150/0x240
[  785.763408][T21653]  ? __pfx_task_work_run+0x10/0x10
[  785.763434][T21653]  exit_to_user_mode_loop+0x100/0x4a0
[  785.763455][T21653]  do_syscall_64+0x668/0xf80
[  785.763471][T21653]  ? clear_bhb_loop+0x40/0x90
[  785.763489][T21653]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  785.763505][T21653] RIP: 0033:0x7fcb3f19bf79
[  785.763520][T21653] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  785.763535][T21653] RSP: 002b:00007fcb3ffdc028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  785.763551][T21653] RAX: 0000000000000000 RBX: 00007fcb3f415fa0 RCX: 00007fcb3f19bf79
[  785.763561][T21653] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[  785.763570][T21653] RBP: 00007fcb3f2327e0 R08: 0000000000000000 R09: 0000000000000000
[  785.763579][T21653] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  785.763588][T21653] R13: 00007fcb3f416038 R14: 00007fcb3f415fa0 R15: 00007ffd8c3952e8
[  785.763609][T21653]  </TASK>
[  786.043011][T21658] sp0: Synchronizing with TNC
[  787.064152][T21700] netlink: 138 bytes leftover after parsing attributes in process `syz.0.5535'.
[  787.896421][T21724] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5545'.
[  788.009619][T21724] veth1_vlan: entered allmulticast mode
[  788.259132][T21730] sp0: Synchronizing with TNC
[  790.215720][T21762] zswap: compressor  not available
[  790.363878][T21767] netlink: 'syz.1.5561': attribute type 27 has an invalid length.
[  790.445266][T21767] netlink: 'syz.1.5561': attribute type 28 has an invalid length.
[  790.453101][T21767] netlink: 'syz.1.5561': attribute type 29 has an invalid length.
[  790.636697][T21767] netlink: 'syz.1.5561': attribute type 30 has an invalid length.
[  790.752743][T21767] netlink: 'syz.1.5561': attribute type 31 has an invalid length.
[  790.846639][T21767] netlink: 'syz.1.5561': attribute type 32 has an invalid length.
[  790.954910][T21767] netlink: 'syz.1.5561': attribute type 33 has an invalid length.
[  791.057837][T21767] netlink: 'syz.1.5561': attribute type 35 has an invalid length.
[  791.224691][T21767] netlink: 'syz.1.5561': attribute type 37 has an invalid length.
[  791.337118][T21767] netlink: 18 bytes leftover after parsing attributes in process `syz.1.5561'.
[  792.145535][T21793] netlink: 330 bytes leftover after parsing attributes in process `syz.1.5568'.
[  793.713179][T21812] netlink: 186 bytes leftover after parsing attributes in process `syz.1.5576'.
[  794.487620][T21815] mkiss: ax0: crc mode is auto.
[  796.505264][T21834] zswap: compressor  not available
[  796.895604][T21854] netlink: 214 bytes leftover after parsing attributes in process `syz.1.5589'.
[  797.030013][T21855] netlink: 274 bytes leftover after parsing attributes in process `syz.1.5589'.
[  797.733441][T21870] netlink: 'syz.0.5594': attribute type 27 has an invalid length.
[  797.793660][T21870] netlink: 'syz.0.5594': attribute type 28 has an invalid length.
[  797.851126][T21858] netlink: 326 bytes leftover after parsing attributes in process `syz.4.5590'.
[  797.905482][T21870] netlink: 'syz.0.5594': attribute type 29 has an invalid length.
[  797.962408][T21870] netlink: 'syz.0.5594': attribute type 30 has an invalid length.
[  798.010247][T21870] netlink: 'syz.0.5594': attribute type 31 has an invalid length.
[  798.058549][T21870] netlink: 'syz.0.5594': attribute type 32 has an invalid length.
[  798.125350][T21870] netlink: 'syz.0.5594': attribute type 33 has an invalid length.
[  798.170711][T21870] netlink: 'syz.0.5594': attribute type 35 has an invalid length.
[  798.224332][T21870] netlink: 'syz.0.5594': attribute type 37 has an invalid length.
[  798.288765][T21870] netlink: 18 bytes leftover after parsing attributes in process `syz.0.5594'.
[  798.781380][T21888] netlink: 25 bytes leftover after parsing attributes in process `syz.5.5601'.
[  799.056922][T21895] netlink: 338 bytes leftover after parsing attributes in process `syz.5.5605'.
[  799.134538][T21895] netlink: 338 bytes leftover after parsing attributes in process `syz.5.5605'.
[  799.216638][T21901] netlink: 134 bytes leftover after parsing attributes in process `syz.5.5605'.
[  799.597747][T21908] netlink: 'syz.5.5608': attribute type 27 has an invalid length.
[  799.638758][T21908] netlink: 18 bytes leftover after parsing attributes in process `syz.5.5608'.
[  799.993954][T21914] netlink: 98 bytes leftover after parsing attributes in process `syz.5.5610'.
[  801.676666][T21944] FAULT_INJECTION: forcing a failure.
[  801.676666][T21944] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  801.769844][T21944] CPU: 0 UID: 0 PID: 21944 Comm: syz.5.5623 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  801.769873][T21944] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  801.769880][T21944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  801.769890][T21944] Call Trace:
[  801.769896][T21944]  <TASK>
[  801.769904][T21944]  dump_stack_lvl+0x100/0x190
[  801.769932][T21944]  should_fail_ex.cold+0x5/0xa
[  801.769949][T21944]  ? prepare_alloc_pages+0x16d/0x5f0
[  801.769975][T21944]  should_fail_alloc_page+0xeb/0x140
[  801.769998][T21944]  prepare_alloc_pages+0x1f0/0x5f0
[  801.770025][T21944]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  801.770046][T21944]  ? xa_load+0x153/0x2c0
[  801.770064][T21944]  ? __pfx_xa_load+0x10/0x10
[  801.770086][T21944]  ? __lock_acquire+0x4a5/0x2630
[  801.770105][T21944]  ? workingset_refault+0x477/0xf60
[  801.770125][T21944]  ? workingset_refault+0x477/0xf60
[  801.770147][T21944]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  801.770172][T21944]  ? __lock_acquire+0x4a5/0x2630
[  801.770196][T21944]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  801.770219][T21944]  ? policy_nodemask+0xed/0x4f0
[  801.770242][T21944]  alloc_pages_mpol+0x1fb/0x550
[  801.770265][T21944]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  801.770287][T21944]  ? swap_entry_swapped+0x1ff/0x2b0
[  801.770309][T21944]  ? __pfx_swap_entry_swapped+0x10/0x10
[  801.770341][T21944]  folio_alloc_mpol_noprof+0x36/0x340
[  801.770359][T21944]  swap_cache_alloc_folio+0x1a8/0x300
[  801.770379][T21944]  ? __pfx_swap_cache_alloc_folio+0x10/0x10
[  801.770397][T21944]  ? __pfx_get_swap_device+0x10/0x10
[  801.770419][T21944]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  801.770443][T21944]  read_swap_cache_async+0xd9/0x480
[  801.770463][T21944]  ? __pfx_read_swap_cache_async+0x10/0x10
[  801.770481][T21944]  ? find_held_lock+0x2b/0x80
[  801.770512][T21944]  ? find_held_lock+0x2b/0x80
[  801.770533][T21944]  ? swapin_walk_pmd_entry+0x2d9/0x640
[  801.770563][T21944]  ? swapin_walk_pmd_entry+0x2d9/0x640
[  801.770591][T21944]  swapin_walk_pmd_entry+0x2fd/0x640
[  801.770617][T21944]  ? __pfx_swapin_walk_pmd_entry+0x10/0x10
[  801.770641][T21944]  ? tomoyo_path_perm+0x29c/0x460
[  801.770664][T21944]  ? kasan_save_stack+0x3f/0x50
[  801.770683][T21944]  ? kasan_save_stack+0x30/0x50
[  801.770701][T21944]  ? kasan_save_track+0x14/0x30
[  801.770721][T21944]  ? __kasan_slab_free+0x5f/0x80
[  801.770741][T21944]  ? kfree+0x1f6/0x6b0
[  801.770755][T21944]  ? tomoyo_path_perm+0x29c/0x460
[  801.770777][T21944]  ? security_file_truncate+0xb5/0x1e0
[  801.770793][T21944]  ? path_openat+0x1c6e/0x31a0
[  801.770813][T21944]  ? do_file_open+0x20e/0x430
[  801.770834][T21944]  ? __pfx_swapin_walk_pmd_entry+0x10/0x10
[  801.770858][T21944]  walk_pgd_range+0xc04/0x1eb0
[  801.770894][T21944]  ? __pfx_walk_pgd_range+0x10/0x10
[  801.770915][T21944]  ? set_next_entity+0x11b/0x9c0
[  801.770937][T21944]  __walk_page_range+0x163/0x820
[  801.770958][T21944]  ? __lock_acquire+0x4a5/0x2630
[  801.770976][T21944]  ? find_held_lock+0x2b/0x80
[  801.771003][T21944]  walk_page_range_vma_unsafe+0x209/0x8f0
[  801.771026][T21944]  ? __pfx_walk_page_range_vma_unsafe+0x10/0x10
[  801.771047][T21944]  ? finish_task_switch.isra.0+0x200/0xb80
[  801.771071][T21944]  walk_page_range_vma+0x63/0x90
[  801.771092][T21944]  madvise_vma_behavior+0x1cbc/0x2ec0
[  801.771108][T21944]  ? mas_prev_setup.constprop.0+0xb6/0x9c0
[  801.771126][T21944]  ? __pfx_madvise_vma_behavior+0x10/0x10
[  801.771150][T21944]  ? mas_prev+0x9b/0xf0
[  801.771167][T21944]  ? __pfx_mas_prev+0x10/0x10
[  801.771189][T21944]  ? find_vma_prev+0xd8/0x150
[  801.771211][T21944]  ? futex_unqueue+0x133/0x2c0
[  801.771228][T21944]  ? __pfx_find_vma_prev+0x10/0x10
[  801.771255][T21944]  ? __futex_wait+0x256/0x300
[  801.771279][T21944]  madvise_walk_vmas+0x2fe/0xa90
[  801.771304][T21944]  ? __pfx_madvise_walk_vmas+0x10/0x10
[  801.771335][T21944]  madvise_do_behavior+0x1ea/0x510
[  801.771353][T21944]  ? __pfx_madvise_do_behavior+0x10/0x10
[  801.771369][T21944]  ? down_read+0x13b/0x460
[  801.771398][T21944]  do_madvise+0x195/0x240
[  801.771412][T21944]  ? __pfx_do_madvise+0x10/0x10
[  801.771428][T21944]  ? do_futex+0x192/0x350
[  801.771451][T21944]  ? __fget_files+0x21f/0x3d0
[  801.771484][T21944]  __x64_sys_madvise+0xa9/0x110
[  801.771499][T21944]  ? lockdep_hardirqs_on+0x78/0x100
[  801.771515][T21944]  do_syscall_64+0x106/0xf80
[  801.771531][T21944]  ? clear_bhb_loop+0x40/0x90
[  801.771550][T21944]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  801.771566][T21944] RIP: 0033:0x7fcb3f19bf79
[  801.771581][T21944] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  801.771598][T21944] RSP: 002b:00007fcb3ffdc028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[  801.771619][T21944] RAX: ffffffffffffffda RBX: 00007fcb3f415fa0 RCX: 00007fcb3f19bf79
[  801.771631][T21944] RDX: 0000000100000003 RSI: 0000000001010001 RDI: 0000000000000000
[  801.771641][T21944] RBP: 00007fcb3f2327e0 R08: 0000000000000000 R09: 0000000000000000
[  801.771650][T21944] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  801.771660][T21944] R13: 00007fcb3f416038 R14: 00007fcb3f415fa0 R15: 00007ffd8c3952e8
[  801.771680][T21944]  </TASK>
[  803.633775][T21963] __nla_validate_parse: 6 callbacks suppressed
[  803.633793][T21963] netlink: 342 bytes leftover after parsing attributes in process `syz.1.5629'.
[  803.728030][T21963] netlink: 302 bytes leftover after parsing attributes in process `syz.1.5629'.
[  804.639826][T21980] netlink: 334 bytes leftover after parsing attributes in process `syz.5.5636'.
[  805.747075][T22001] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5641'.
[  806.511166][T22021] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5649'.
[  806.590997][T22021] bridge0: port 2(bridge_slave_1) entered disabled state
[  806.649251][T22021] bridge_slave_1 (unregistering): left allmulticast mode
[  806.674242][T22021] bridge_slave_1 (unregistering): left promiscuous mode
[  806.710149][T22021] bridge0: port 2(bridge_slave_1) entered disabled state
[  808.528364][T22058] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5662'.
[  808.617479][T22058] bridge0: port 2(bridge_slave_1) entered disabled state
[  808.635603][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  808.642087][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  808.732762][T22058] bridge_slave_1 (unregistering): left allmulticast mode
[  808.757917][T22058] bridge_slave_1 (unregistering): left promiscuous mode
[  808.803521][T22058] bridge0: port 2(bridge_slave_1) entered disabled state
[  809.897022][T22079] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5670'.
[  810.437957][T22092] input: jJǸ-���9�%v���J86�� as /devices/virtual/input/input18
[  810.485856][ T5175] ERROR: Out of memory at tomoyo_memory_ok.
[  811.302031][T22106] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5680'.
[  811.412016][T22106] bridge_slave_1 (unregistering): left allmulticast mode
[  811.478153][T22106] bridge_slave_1 (unregistering): left promiscuous mode
[  811.512421][T22106] bridge0: port 2(bridge_slave_1) entered disabled state
[  811.821943][T22112] netlink: 338 bytes leftover after parsing attributes in process `syz.5.5683'.
[  811.887338][T22112] bond_slave_0: entered allmulticast mode
[  812.669179][T22128] netlink: 318 bytes leftover after parsing attributes in process `syz.4.5689'.
[  813.467037][T22155] netlink: 338 bytes leftover after parsing attributes in process `syz.1.5695'.
[  813.534315][T22155] bond_slave_0: entered allmulticast mode
[  814.306928][T22167] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5700'.
[  814.445867][T22167] team0 (unregistering): Port device team_slave_0 removed
[  814.516645][T22167] team0 (unregistering): Port device team_slave_1 removed
[  814.911542][T22172] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5701'.
[  816.626865][T22200] netlink: 318 bytes leftover after parsing attributes in process `syz.0.5713'.
[  816.784767][T22210] netlink: 338 bytes leftover after parsing attributes in process `syz.4.5716'.
[  818.143529][T22242] netlink: 50 bytes leftover after parsing attributes in process `syz.5.5729'.
[  818.606215][T22255] netlink: 338 bytes leftover after parsing attributes in process `syz.5.5731'.
[  819.127056][T22263] lo: entered allmulticast mode
[  819.182761][T22263] lo: left allmulticast mode
[  820.331583][T22278] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5740'.
[  821.131715][T22289] FAULT_INJECTION: forcing a failure.
[  821.131715][T22289] name failslab, interval 1, probability 393216, space 0, times 0
[  821.223465][T22289] CPU: 0 UID: 0 PID: 22289 Comm: syz.4.5744 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  821.223494][T22289] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  821.223500][T22289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  821.223511][T22289] Call Trace:
[  821.223517][T22289]  <TASK>
[  821.223525][T22289]  dump_stack_lvl+0x100/0x190
[  821.223553][T22289]  should_fail_ex.cold+0x5/0xa
[  821.223572][T22289]  should_failslab+0xc2/0x120
[  821.223594][T22289]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  821.223614][T22289]  ? security_inode_alloc+0x3b/0x2c0
[  821.223636][T22289]  ? lockdep_init_map_type+0x5c/0x250
[  821.223658][T22289]  security_inode_alloc+0x3b/0x2c0
[  821.223682][T22289]  inode_init_always_gfp+0xced/0x1040
[  821.223706][T22289]  alloc_inode+0x8e/0x250
[  821.223723][T22289]  new_inode+0x22/0x1c0
[  821.223741][T22289]  shmem_get_inode+0x197/0xf30
[  821.223758][T22289]  ? __vm_enough_memory+0x184/0x390
[  821.223783][T22289]  __shmem_file_setup+0x279/0x330
[  821.223809][T22289]  shmem_zero_setup+0x93/0x1b0
[  821.223832][T22289]  __mmap_region+0x20b5/0x2760
[  821.223853][T22289]  ? set_next_entity+0x11b/0x9c0
[  821.223873][T22289]  ? __pfx___mmap_region+0x10/0x10
[  821.223895][T22289]  ? find_held_lock+0x2b/0x80
[  821.223917][T22289]  ? trace_ignore_this_task+0x56/0x100
[  821.223937][T22289]  ? trace_ignore_this_task+0x56/0x100
[  821.223963][T22289]  ? finish_task_switch.isra.0+0x200/0xb80
[  821.223978][T22289]  ? finish_task_switch.isra.0+0x200/0xb80
[  821.223994][T22289]  ? rcu_is_watching+0x12/0xc0
[  821.224021][T22289]  ? __schedule+0x1000/0x60e0
[  821.224035][T22289]  ? trace_ignore_this_task+0x56/0x100
[  821.224054][T22289]  ? trace_ignore_this_task+0x56/0x100
[  821.224098][T22289]  ? rcu_is_watching+0x12/0xc0
[  821.224118][T22289]  ? cap_capable+0x107/0x460
[  821.224142][T22289]  mmap_region+0x180/0x3e0
[  821.224165][T22289]  do_mmap+0xc63/0x12f0
[  821.224191][T22289]  ? __pfx_do_mmap+0x10/0x10
[  821.224213][T22289]  ? __pfx_down_write_killable+0x10/0x10
[  821.224236][T22289]  vm_mmap_pgoff+0x29e/0x470
[  821.224262][T22289]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  821.224289][T22289]  ? __x64_sys_futex+0x34f/0x4d0
[  821.224306][T22289]  ? __x64_sys_futex+0x358/0x4d0
[  821.224325][T22289]  ksys_mmap_pgoff+0x7d/0x5b0
[  821.224350][T22289]  __x64_sys_mmap+0x125/0x190
[  821.224374][T22289]  do_syscall_64+0x106/0xf80
[  821.224389][T22289]  ? clear_bhb_loop+0x40/0x90
[  821.224408][T22289]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  821.224424][T22289] RIP: 0033:0x7f22bc39bf79
[  821.224439][T22289] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  821.224454][T22289] RSP: 002b:00007f22bd1d4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  821.224468][T22289] RAX: ffffffffffffffda RBX: 00007f22bc615fa0 RCX: 00007f22bc39bf79
[  821.224478][T22289] RDX: 0000000000000003 RSI: 0000000002020009 RDI: 0000000000000000
[  821.224491][T22289] RBP: 00007f22bc4327e0 R08: fffffffffffffffa R09: 0000000000008000
[  821.224501][T22289] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000
[  821.224510][T22289] R13: 00007f22bc616038 R14: 00007f22bc615fa0 R15: 00007ffea850b7b8
[  821.224530][T22289]  </TASK>
[  822.068733][T22296] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  822.102098][T22296] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5747'.
[  822.217494][T22296] veth1_macvtap: left promiscuous mode
[  823.001224][T22318] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.0.5754: iget: checksum invalid
[  824.265602][T22318] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74
[  824.460058][T22318] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.0.5754: iget: checksum invalid
[  824.577365][T22318] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74
[  824.577514][T22318] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.0.5754: iget: checksum invalid
[  824.577855][T22318] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74
[  824.577962][T22318] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.0.5754: iget: checksum invalid
[  824.583988][T22318] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74
[  824.584021][T22318] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74
[  824.584038][T22318] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  826.656390][T22375] FAULT_INJECTION: forcing a failure.
[  826.656390][T22375] name failslab, interval 1, probability 393216, space 0, times 0
[  826.758932][T22375] CPU: 0 UID: 0 PID: 22375 Comm: syz.5.5771 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  826.758963][T22375] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  826.758970][T22375] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  826.758981][T22375] Call Trace:
[  826.758988][T22375]  <TASK>
[  826.758996][T22375]  dump_stack_lvl+0x100/0x190
[  826.759025][T22375]  should_fail_ex.cold+0x5/0xa
[  826.759044][T22375]  ? acpi_ns_get_normalized_pathname+0x95/0x250
[  826.759065][T22375]  should_failslab+0xc2/0x120
[  826.759097][T22375]  __kmalloc_noprof+0xe0/0x850
[  826.759119][T22375]  ? acpi_ut_trace_ptr+0x1d2/0x2a0
[  826.759139][T22375]  acpi_ns_get_normalized_pathname+0x95/0x250
[  826.759162][T22375]  acpi_ex_start_trace_method+0x30/0x4f0
[  826.759185][T22375]  acpi_ds_begin_method_execution+0x60/0xc20
[  826.759211][T22375]  acpi_ds_call_control_method+0x1cc/0xab0
[  826.759236][T22375]  acpi_ps_parse_aml+0xacd/0x1120
[  826.759256][T22375]  acpi_ps_execute_method+0x5c4/0xe90
[  826.759278][T22375]  acpi_ns_evaluate+0x640/0x1670
[  826.759300][T22375]  acpi_evaluate_object+0x420/0xe00
[  826.759322][T22375]  ? kasan_save_stack+0x30/0x50
[  826.759341][T22375]  ? kasan_save_track+0x14/0x30
[  826.759364][T22375]  ? __pfx_acpi_evaluate_object+0x10/0x10
[  826.759392][T22375]  acpi_evaluate_integer+0xdf/0x220
[  826.759413][T22375]  ? __pfx_acpi_evaluate_integer+0x10/0x10
[  826.759440][T22375]  ? __pfx_status_show+0x10/0x10
[  826.759461][T22375]  status_show+0xa0/0x120
[  826.759483][T22375]  ? __pfx_status_show+0x10/0x10
[  826.759509][T22375]  dev_attr_show+0x52/0xa0
[  826.759525][T22375]  ? __pfx_dev_attr_show+0x10/0x10
[  826.759540][T22375]  sysfs_kf_seq_show+0x217/0x3a0
[  826.759567][T22375]  seq_read_iter+0x32f/0x1270
[  826.759597][T22375]  kernfs_fop_read_iter+0x46c/0x610
[  826.759627][T22375]  ? rw_verify_area+0xce/0x6d0
[  826.759646][T22375]  ? __pfx_kernfs_fop_read_iter+0x10/0x10
[  826.759669][T22375]  vfs_read+0x825/0xb30
[  826.759693][T22375]  ? __pfx_vfs_read+0x10/0x10
[  826.759726][T22375]  ksys_read+0x12a/0x250
[  826.759746][T22375]  ? __pfx_ksys_read+0x10/0x10
[  826.759772][T22375]  do_syscall_64+0x106/0xf80
[  826.759789][T22375]  ? clear_bhb_loop+0x40/0x90
[  826.759807][T22375]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  826.759823][T22375] RIP: 0033:0x7fcb3f19bf79
[  826.759838][T22375] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  826.759853][T22375] RSP: 002b:00007fcb3ffdc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  826.759869][T22375] RAX: ffffffffffffffda RBX: 00007fcb3f415fa0 RCX: 00007fcb3f19bf79
[  826.759879][T22375] RDX: 000000000000007a RSI: 0000200000000240 RDI: 0000000000000005
[  826.759888][T22375] RBP: 00007fcb3f2327e0 R08: 0000000000000000 R09: 0000000000000000
[  826.759898][T22375] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  826.759907][T22375] R13: 00007fcb3f416038 R14: 00007fcb3f415fa0 R15: 00007ffd8c3952e8
[  826.759928][T22375]  </TASK>
[  826.759938][T22375] ACPI Error: Could not allocate 10 bytes (20251212/nsnames-308)
[  829.146548][T22400] netlink: 186 bytes leftover after parsing attributes in process `syz.5.5781'.
[  829.546410][ T5141] Bluetooth: hci1: unexpected event 0x09 length: 435 > 3
[  829.578095][T22412] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5784'.
[  829.684990][T22414] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5786'.
[  829.754998][T22414] netlink: 13 bytes leftover after parsing attributes in process `syz.1.5786'.
[  833.734032][T22485] FAULT_INJECTION: forcing a failure.
[  833.734032][T22485] name fail_futex, interval 1, probability 0, space 0, times 0
[  833.817741][T22486] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5811'.
[  833.848186][T22485] CPU: 0 UID: 0 PID: 22485 Comm: syz.5.5808 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  833.848215][T22485] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  833.848222][T22485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  833.848232][T22485] Call Trace:
[  833.848238][T22485]  <TASK>
[  833.848244][T22485]  dump_stack_lvl+0x100/0x190
[  833.848271][T22485]  should_fail_ex.cold+0x5/0xa
[  833.848290][T22485]  get_futex_key+0x1d2/0x1620
[  833.848309][T22485]  ? __pfx_get_futex_key+0x10/0x10
[  833.848325][T22485]  ? find_held_lock+0x2b/0x80
[  833.848348][T22485]  ? futex_wake+0x456/0x530
[  833.848372][T22485]  futex_wake+0xea/0x530
[  833.848392][T22485]  ? __lock_acquire+0x4a5/0x2630
[  833.848410][T22485]  ? __pfx_futex_wake+0x10/0x10
[  833.848438][T22485]  do_futex+0x32b/0x350
[  833.848456][T22485]  ? __pfx_do_futex+0x10/0x10
[  833.848474][T22485]  ? __fget_files+0x21f/0x3d0
[  833.848497][T22485]  __x64_sys_futex+0x34f/0x4d0
[  833.848516][T22485]  ? __pfx___x64_sys_futex+0x10/0x10
[  833.848542][T22485]  do_syscall_64+0x106/0xf80
[  833.848558][T22485]  ? clear_bhb_loop+0x40/0x90
[  833.848576][T22485]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  833.848592][T22485] RIP: 0033:0x7fcb3f19bf79
[  833.848606][T22485] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  833.848622][T22485] RSP: 002b:00007fcb3ffbb0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  833.848637][T22485] RAX: ffffffffffffffda RBX: 00007fcb3f416098 RCX: 00007fcb3f19bf79
[  833.848647][T22485] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fcb3f41609c
[  833.848657][T22485] RBP: 00007fcb3f416090 R08: 0000000000000000 R09: 0000000000000000
[  833.848666][T22485] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[  833.848683][T22485] R13: 00007fcb3f416128 R14: 00007ffd8c395200 R15: 00007ffd8c3952e8
[  833.848703][T22485]  </TASK>
[  834.366800][T22486] team0 (unregistering): Port device team_slave_0 removed
[  834.430896][T22486] team0 (unregistering): Port device team_slave_1 removed
[  834.639290][T22495] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5815'.
[  839.465603][T22552] netlink: 330 bytes leftover after parsing attributes in process `syz.0.5839'.
[  841.208189][T22585] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5842'.
[  841.337101][T22585] team0 (unregistering): Port device team_slave_0 removed
[  841.428028][T22585] team0 (unregistering): Port device team_slave_1 removed
[  841.489426][T22586] netlink: 186 bytes leftover after parsing attributes in process `syz.0.5850'.
[  841.935286][T22590] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.1.5853: iget: checksum invalid
[  842.012854][T22590] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74
[  842.087001][T22590] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.1.5853: iget: checksum invalid
[  842.153045][T22590] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74
[  842.221583][T22590] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.1.5853: iget: checksum invalid
[  842.294311][T22590] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74
[  842.367357][T22590] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.1.5853: iget: checksum invalid
[  842.447777][T22590] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74
[  842.516383][T22590] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74
[  842.576222][T22590] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  843.779628][T22615] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5855'.
[  843.872733][T22615] team0 (unregistering): Port device team_slave_0 removed
[  844.057980][T22615] team0 (unregistering): Port device team_slave_1 removed
[  844.519552][T22623] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[  845.105951][T22630] zswap: compressor  not available
[  850.468071][T22746] �: entered promiscuous mode
[  851.363932][T22756] FAULT_INJECTION: forcing a failure.
[  851.363932][T22756] name failslab, interval 1, probability 393216, space 0, times 0
[  851.632024][T22756] CPU: 0 UID: 0 PID: 22756 Comm: syz.0.5901 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  851.632054][T22756] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  851.632060][T22756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  851.632070][T22756] Call Trace:
[  851.632080][T22756]  <TASK>
[  851.632086][T22756]  dump_stack_lvl+0x100/0x190
[  851.632114][T22756]  should_fail_ex.cold+0x5/0xa
[  851.632132][T22756]  should_failslab+0xc2/0x120
[  851.632156][T22756]  __kmalloc_cache_noprof+0x7a/0x6f0
[  851.632174][T22756]  ? kobject_uevent_env+0x263/0x18b0
[  851.632199][T22756]  kobject_uevent_env+0x263/0x18b0
[  851.632222][T22756]  ? kvm_uevent_notify_change.part.0+0x321/0x450
[  851.632241][T22756]  ? kfree+0x1f6/0x6b0
[  851.632262][T22756]  kvm_uevent_notify_change.part.0+0x3a6/0x450
[  851.632281][T22756]  ? __pfx_kvm_vm_release+0x10/0x10
[  851.632297][T22756]  kvm_put_kvm+0xe4/0xb10
[  851.632313][T22756]  ? lockdep_hardirqs_on+0x78/0x100
[  851.632330][T22756]  ? _raw_spin_unlock_irq+0x2e/0x50
[  851.632354][T22756]  ? __pfx_kvm_vm_release+0x10/0x10
[  851.632370][T22756]  kvm_vm_release+0x3c/0x50
[  851.632385][T22756]  __fput+0x3ff/0xb40
[  851.632404][T22756]  task_work_run+0x150/0x240
[  851.632426][T22756]  ? __pfx_task_work_run+0x10/0x10
[  851.632451][T22756]  exit_to_user_mode_loop+0x100/0x4a0
[  851.632472][T22756]  do_syscall_64+0x668/0xf80
[  851.632488][T22756]  ? clear_bhb_loop+0x40/0x90
[  851.632507][T22756]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  851.632523][T22756] RIP: 0033:0x7fa77579bf79
[  851.632538][T22756] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  851.632555][T22756] RSP: 002b:00007fa776692028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  851.632571][T22756] RAX: 0000000000000000 RBX: 00007fa775a15fa0 RCX: 00007fa77579bf79
[  851.632581][T22756] RDX: 0000000000000000 RSI: 000000000000000a RDI: 0000000000000002
[  851.632591][T22756] RBP: 00007fa7758327e0 R08: 0000000000000000 R09: 0000000000000000
[  851.632600][T22756] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  851.632610][T22756] R13: 00007fa775a16038 R14: 00007fa775a15fa0 R15: 00007ffe90f756c8
[  851.632630][T22756]  </TASK>
[  853.449556][T22793] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.4.5915: iget: checksum invalid
[  853.509064][T22793] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74
[  853.575063][T22793] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.4.5915: iget: checksum invalid
[  853.678297][T22793] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74
[  853.753304][T22793] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.4.5915: iget: checksum invalid
[  853.837517][T22793] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74
[  853.887321][T22793] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.4.5915: iget: checksum invalid
[  853.976794][T22793] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74
[  854.036912][T22793] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74
[  854.093855][T22793] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  855.020892][T22812] FAULT_INJECTION: forcing a failure.
[  855.020892][T22812] name failslab, interval 1, probability 393216, space 0, times 0
[  855.177076][T22812] CPU: 0 UID: 0 PID: 22812 Comm: syz.0.5922 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  855.177106][T22812] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  855.177113][T22812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  855.177123][T22812] Call Trace:
[  855.177129][T22812]  <TASK>
[  855.177136][T22812]  dump_stack_lvl+0x100/0x190
[  855.177165][T22812]  should_fail_ex.cold+0x5/0xa
[  855.177183][T22812]  should_failslab+0xc2/0x120
[  855.177206][T22812]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  855.177225][T22812]  ? __anon_vma_prepare+0x344/0x5e0
[  855.177246][T22812]  __anon_vma_prepare+0x344/0x5e0
[  855.177263][T22812]  ? rcu_read_unlock+0x2d/0xb0
[  855.177282][T22812]  __vmf_anon_prepare+0x11f/0x250
[  855.177306][T22812]  do_wp_page+0xe4d/0x4f00
[  855.177335][T22812]  ? __pfx_do_wp_page+0x10/0x10
[  855.177359][T22812]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  855.177385][T22812]  __handle_mm_fault+0x1ac8/0x2b60
[  855.177408][T22812]  ? __pfx___handle_mm_fault+0x10/0x10
[  855.177427][T22812]  ? pte_offset_map_lock+0x174/0x320
[  855.177447][T22812]  ? vm_normal_page+0x1b6/0x330
[  855.177468][T22812]  ? find_held_lock+0x2b/0x80
[  855.177496][T22812]  ? follow_page_pte+0x5b3/0x1400
[  855.177522][T22812]  handle_mm_fault+0x36d/0xa20
[  855.177543][T22812]  __get_user_pages+0xf9c/0x34d0
[  855.177573][T22812]  ? __pfx___get_user_pages+0x10/0x10
[  855.177605][T22812]  populate_vma_page_range+0x267/0x3f0
[  855.177622][T22812]  ? __pfx_populate_vma_page_range+0x10/0x10
[  855.177638][T22812]  ? __pfx_find_vma_intersection+0x10/0x10
[  855.177662][T22812]  ? do_mmap+0x93f/0x12f0
[  855.177688][T22812]  __mm_populate+0x107/0x3a0
[  855.177704][T22812]  ? __pfx___mm_populate+0x10/0x10
[  855.177721][T22812]  ? up_write+0x290/0x4f0
[  855.177750][T22812]  vm_mmap_pgoff+0x37f/0x470
[  855.177777][T22812]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  855.177799][T22812]  ? __fget_files+0x215/0x3d0
[  855.177823][T22812]  ? __fget_files+0x21f/0x3d0
[  855.177847][T22812]  ksys_mmap_pgoff+0x328/0x5b0
[  855.177872][T22812]  __x64_sys_mmap+0x125/0x190
[  855.177896][T22812]  do_syscall_64+0x106/0xf80
[  855.177914][T22812]  ? clear_bhb_loop+0x40/0x90
[  855.177933][T22812]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  855.177949][T22812] RIP: 0033:0x7fa77579bf79
[  855.177984][T22812] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  855.178002][T22812] RSP: 002b:00007fa776692028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  855.178019][T22812] RAX: ffffffffffffffda RBX: 00007fa775a15fa0 RCX: 00007fa77579bf79
[  855.178030][T22812] RDX: 0000000000000003 RSI: 0000000000000009 RDI: 0000000000000000
[  855.178040][T22812] RBP: 00007fa7758327e0 R08: 0000000000000003 R09: 0000000000008000
[  855.178051][T22812] R10: 0000000000008012 R11: 0000000000000246 R12: 0000000000000000
[  855.178061][T22812] R13: 00007fa775a16038 R14: 00007fa775a15fa0 R15: 00007ffe90f756c8
[  855.178082][T22812]  </TASK>
[  856.068567][T22816] netlink: 62 bytes leftover after parsing attributes in process `syz.0.5924'.
[  858.625933][T22840] __vm_enough_memory: pid: 22840, comm: syz.1.5931, bytes: 4398046511104 not enough memory for the allocation
[  859.027306][T22846] FAULT_INJECTION: forcing a failure.
[  859.027306][T22846] name failslab, interval 1, probability 393216, space 0, times 0
[  859.120227][T22846] CPU: 0 UID: 0 PID: 22846 Comm: syz.0.5935 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  859.120258][T22846] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  859.120265][T22846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  859.120275][T22846] Call Trace:
[  859.120281][T22846]  <TASK>
[  859.120288][T22846]  dump_stack_lvl+0x100/0x190
[  859.120316][T22846]  should_fail_ex.cold+0x5/0xa
[  859.120335][T22846]  should_failslab+0xc2/0x120
[  859.120358][T22846]  __kmalloc_node_track_caller_noprof+0xe3/0x850
[  859.120380][T22846]  ? drm_edid_alloc+0x4d/0x120
[  859.120408][T22846]  ? __might_fault+0xc5/0x140
[  859.120430][T22846]  kmemdup_noprof+0x29/0x60
[  859.120452][T22846]  drm_edid_alloc+0x4d/0x120
[  859.120473][T22846]  drm_edid_override_set+0x27/0x2c0
[  859.120498][T22846]  edid_write+0xe3/0x180
[  859.120521][T22846]  full_proxy_write+0x135/0x1a0
[  859.120546][T22846]  vfs_write+0x2aa/0x1070
[  859.120567][T22846]  ? __pfx_full_proxy_write+0x10/0x10
[  859.120591][T22846]  ? __pfx_vfs_write+0x10/0x10
[  859.120611][T22846]  ? __fget_files+0x215/0x3d0
[  859.120636][T22846]  ? __fget_files+0x21f/0x3d0
[  859.120661][T22846]  ksys_write+0x12a/0x250
[  859.120681][T22846]  ? __pfx_ksys_write+0x10/0x10
[  859.120707][T22846]  do_syscall_64+0x106/0xf80
[  859.120723][T22846]  ? clear_bhb_loop+0x40/0x90
[  859.120741][T22846]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  859.120758][T22846] RIP: 0033:0x7fa77579bf79
[  859.120772][T22846] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  859.120787][T22846] RSP: 002b:00007fa776692028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  859.120802][T22846] RAX: ffffffffffffffda RBX: 00007fa775a15fa0 RCX: 00007fa77579bf79
[  859.120812][T22846] RDX: 00000000000005c8 RSI: 0000000000000000 RDI: 0000000000000003
[  859.120821][T22846] RBP: 00007fa7758327e0 R08: 0000000000000000 R09: 0000000000000000
[  859.120831][T22846] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  859.120840][T22846] R13: 00007fa775a16038 R14: 00007fa775a15fa0 R15: 00007ffe90f756c8
[  859.120861][T22846]  </TASK>
[  863.387090][T22915] sp0: Synchronizing with TNC
[  863.412466][T22916] sp0: Found TNC
[  869.034030][T22988] FAULT_INJECTION: forcing a failure.
[  869.034030][T22988] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  869.147143][T22988] CPU: 0 UID: 0 PID: 22988 Comm: syz.4.5984 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  869.147174][T22988] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  869.147180][T22988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  869.147189][T22988] Call Trace:
[  869.147196][T22988]  <TASK>
[  869.147203][T22988]  dump_stack_lvl+0x100/0x190
[  869.147231][T22988]  should_fail_ex.cold+0x5/0xa
[  869.147250][T22988]  _copy_from_user+0x2e/0xd0
[  869.147266][T22988]  post_copy_siginfo_from_user.isra.0+0x16e/0x300
[  869.147289][T22988]  ? __pfx_post_copy_siginfo_from_user.isra.0+0x10/0x10
[  869.147311][T22988]  ? find_held_lock+0x2b/0x80
[  869.147345][T22988]  __x64_sys_rt_tgsigqueueinfo+0x151/0x210
[  869.147366][T22988]  ? __pfx___x64_sys_rt_tgsigqueueinfo+0x10/0x10
[  869.147395][T22988]  do_syscall_64+0x106/0xf80
[  869.147411][T22988]  ? clear_bhb_loop+0x40/0x90
[  869.147430][T22988]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  869.147446][T22988] RIP: 0033:0x7f22bc39bf79
[  869.147460][T22988] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  869.147475][T22988] RSP: 002b:00007f22bd1d4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000129
[  869.147497][T22988] RAX: ffffffffffffffda RBX: 00007f22bc615fa0 RCX: 00007f22bc39bf79
[  869.147508][T22988] RDX: 000000000000527b RSI: 000000000000058e RDI: 000000000000058d
[  869.147519][T22988] RBP: 00007f22bc4327e0 R08: 0000000000000000 R09: 0000000000000000
[  869.147529][T22988] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  869.147539][T22988] R13: 00007f22bc616038 R14: 00007f22bc615fa0 R15: 00007ffea850b7b8
[  869.147559][T22988]  </TASK>
[  869.646099][T22996] validate_nla: 8 callbacks suppressed
[  869.646116][T22996] netlink: 'syz.4.5987': attribute type 27 has an invalid length.
[  869.722668][T22996] netlink: 146 bytes leftover after parsing attributes in process `syz.4.5987'.
[  869.822480][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  869.828805][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  871.570577][T23031] netlink: 330 bytes leftover after parsing attributes in process `syz.1.6000'.
[  874.852190][T23078] FAULT_INJECTION: forcing a failure.
[  874.852190][T23078] name failslab, interval 1, probability 393216, space 0, times 0
[  874.956817][T23078] CPU: 0 UID: 0 PID: 23078 Comm: syz.4.6016 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  874.956848][T23078] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  874.956854][T23078] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  874.956864][T23078] Call Trace:
[  874.956870][T23078]  <TASK>
[  874.956877][T23078]  dump_stack_lvl+0x100/0x190
[  874.956905][T23078]  should_fail_ex.cold+0x5/0xa
[  874.956924][T23078]  should_failslab+0xc2/0x120
[  874.956947][T23078]  __kmalloc_cache_noprof+0x7a/0x6f0
[  874.956964][T23078]  ? tomoyo_init_log+0x1a0/0x20c0
[  874.956985][T23078]  tomoyo_init_log+0x1a0/0x20c0
[  874.957003][T23078]  ? __pfx_format_decode+0x10/0x10
[  874.957025][T23078]  ? number+0x983/0xc90
[  874.957044][T23078]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  874.957071][T23078]  ? __pfx_tomoyo_init_log+0x10/0x10
[  874.957094][T23078]  tomoyo_write_log2+0x2ed/0xbc0
[  874.957114][T23078]  tomoyo_supervisor+0x15e/0x1340
[  874.957137][T23078]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  874.957158][T23078]  ? tomoyo_realpath_from_path+0x19c/0x690
[  874.957182][T23078]  ? tomoyo_realpath_from_path+0x19c/0x690
[  874.957198][T23078]  ? kfree+0x1f6/0x6b0
[  874.957215][T23078]  ? tomoyo_check_path_number_acl+0x1e6/0x2f0
[  874.957244][T23078]  tomoyo_path_number_perm+0x445/0x580
[  874.957269][T23078]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  874.957292][T23078]  ? futex_wait+0x125/0x380
[  874.957330][T23078]  ? find_held_lock+0x2b/0x80
[  874.957352][T23078]  ? __fget_files+0x215/0x3d0
[  874.957371][T23078]  ? hook_file_ioctl_common+0x146/0x410
[  874.957398][T23078]  ? __fget_files+0x21f/0x3d0
[  874.957421][T23078]  security_file_ioctl+0xd3/0x230
[  874.957447][T23078]  __x64_sys_ioctl+0xb7/0x210
[  874.957466][T23078]  do_syscall_64+0x106/0xf80
[  874.957482][T23078]  ? clear_bhb_loop+0x40/0x90
[  874.957501][T23078]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  874.957516][T23078] RIP: 0033:0x7f22bc39bf79
[  874.957531][T23078] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  874.957548][T23078] RSP: 002b:00007f22bd1b3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  874.957563][T23078] RAX: ffffffffffffffda RBX: 00007f22bc616090 RCX: 00007f22bc39bf79
[  874.957573][T23078] RDX: 0000000000000000 RSI: 0000000000001261 RDI: 0000000000000003
[  874.957582][T23078] RBP: 00007f22bc4327e0 R08: 0000000000000000 R09: 0000000000000000
[  874.957592][T23078] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  874.957602][T23078] R13: 00007f22bc616128 R14: 00007f22bc616090 R15: 00007ffea850b7b8
[  874.957622][T23078]  </TASK>
[  876.135250][   T29] audit: type=1806 audit(1771105369.437:21): xattr="" res=-22
[  877.614561][T23111] FAULT_INJECTION: forcing a failure.
[  877.614561][T23111] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  877.872185][T23111] CPU: 0 UID: 0 PID: 23111 Comm: syz.0.6026 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  877.872215][T23111] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  877.872221][T23111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  877.872231][T23111] Call Trace:
[  877.872237][T23111]  <TASK>
[  877.872243][T23111]  dump_stack_lvl+0x100/0x190
[  877.872271][T23111]  should_fail_ex.cold+0x5/0xa
[  877.872290][T23111]  _copy_from_user+0x2e/0xd0
[  877.872307][T23111]  copy_msghdr_from_user+0x9f/0x4f0
[  877.872329][T23111]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  877.872354][T23111]  ? rcu_is_watching+0x12/0xc0
[  877.872375][T23111]  ? ___sys_sendmsg+0x19d/0x1e0
[  877.872418][T23111]  ? kfree+0x2ec/0x6b0
[  877.872438][T23111]  ___sys_sendmsg+0x106/0x1e0
[  877.872500][T23111]  ? __pfx____sys_sendmsg+0x10/0x10
[  877.872540][T23111]  ? __pfx___might_resched+0x10/0x10
[  877.872566][T23111]  __sys_sendmmsg+0x205/0x430
[  877.872585][T23111]  ? __pfx___sys_sendmmsg+0x10/0x10
[  877.872600][T23111]  ? __local_bh_enable_ip+0x9e/0x120
[  877.872621][T23111]  ? __pfx_do_futex+0x10/0x10
[  877.872647][T23111]  ? xfd_validate_state+0x129/0x190
[  877.872672][T23111]  __x64_sys_sendmmsg+0x9c/0x100
[  877.872688][T23111]  ? lockdep_hardirqs_on+0x78/0x100
[  877.872704][T23111]  do_syscall_64+0x106/0xf80
[  877.872719][T23111]  ? clear_bhb_loop+0x40/0x90
[  877.872738][T23111]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  877.872757][T23111] RIP: 0033:0x7fa77579bf79
[  877.872772][T23111] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  877.872788][T23111] RSP: 002b:00007fa776692028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  877.872804][T23111] RAX: ffffffffffffffda RBX: 00007fa775a15fa0 RCX: 00007fa77579bf79
[  877.872815][T23111] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003
[  877.872825][T23111] RBP: 00007fa7758327e0 R08: 0000000000000000 R09: 0000000000000000
[  877.872834][T23111] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  877.872844][T23111] R13: 00007fa775a16038 R14: 00007fa775a15fa0 R15: 00007ffe90f756c8
[  877.872864][T23111]  </TASK>
[  879.497611][T23118] netlink: 194 bytes leftover after parsing attributes in process `syz.1.6028'.
[  881.144412][T23145] netlink: 330 bytes leftover after parsing attributes in process `syz.1.6039'.
[  882.533370][T23167] input: 00
[  882.533370][T23167]  as /devices/virtual/input/input19
[  883.230694][T23177] netlink: 86 bytes leftover after parsing attributes in process `syz.1.6048'.
[  883.681645][T23181] netlink: 18 bytes leftover after parsing attributes in process `syz.4.6049'.
[  885.759929][T23220] netlink: 'syz.1.6061': attribute type 1 has an invalid length.
[  885.837020][T23220] netlink: 330 bytes leftover after parsing attributes in process `syz.1.6061'.
[  885.896057][T23214] zswap: compressor  not available
[  886.822001][T23226] mkiss: ax0: crc mode is auto.
[  887.289737][T23237] netlink: 504 bytes leftover after parsing attributes in process `syz.1.6065'.
[  891.803783][T23291] netlink: 'syz.5.6083': attribute type 10 has an invalid length.
[  891.891334][T23291] netlink: 230 bytes leftover after parsing attributes in process `syz.5.6083'.
[  894.626321][T23327] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6094'.
[  894.716501][T23327] veth1_macvtap: left promiscuous mode
[  895.181273][T23342] netlink: 13 bytes leftover after parsing attributes in process `syz.4.6099'.
[  896.088383][T23360] netlink: 'syz.0.6105': attribute type 28 has an invalid length.
[  896.132617][T23360] netlink: 'syz.0.6105': attribute type 3 has an invalid length.
[  896.191965][T23360] netlink: 306 bytes leftover after parsing attributes in process `syz.0.6105'.
[  897.338738][ T5831] Bluetooth: hci2: command 0x0406 tx timeout
[  897.353896][T23383] netlink: 'syz.4.6113': attribute type 19 has an invalid length.
[  897.413506][T23383] netlink: 226 bytes leftover after parsing attributes in process `syz.4.6113'.
[  898.714914][T23406] netlink: 342 bytes leftover after parsing attributes in process `syz.0.6121'.
[  900.261987][T23427] netlink: 'syz.0.6128': attribute type 10 has an invalid length.
[  900.315242][T23427] netlink: 230 bytes leftover after parsing attributes in process `syz.0.6128'.
[  900.383991][T23427] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[  902.378560][T23461] netlink: 330 bytes leftover after parsing attributes in process `syz.4.6139'.
[  902.530214][T23463] binder: 23462:23463 ioctl c0306201 0 returned -14
[  902.922678][T23467] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6141'.
[  902.961040][T23471] netlink: 342 bytes leftover after parsing attributes in process `syz.4.6143'.
[  905.181131][T23519] netlink: 186 bytes leftover after parsing attributes in process `syz.4.6163'.
[  905.250088][T23519] netlink: 186 bytes leftover after parsing attributes in process `syz.4.6163'.
[  905.576040][T23524] netlink: 252 bytes leftover after parsing attributes in process `syz.5.6165'.
[  905.657155][T23524] netlink: 252 bytes leftover after parsing attributes in process `syz.5.6165'.
[  905.929940][T23530] netlink: 330 bytes leftover after parsing attributes in process `syz.4.6168'.
[  906.452468][   T29] audit: type=1800 audit(1771105399.968:22): pid=23541 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.6173" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0
[  907.813514][T23548] ima: policy update failed
[  907.859408][   T29] audit: type=1107 audit(1771105401.385:23): pid=23552 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[  907.967784][   T29] audit: type=1802 audit(1771105401.405:24): pid=23548 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.5.6175" res=0 errno=0
[  908.114570][   T29] audit: type=1107 audit(1771105401.496:25): pid=23552 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[  908.726886][T23564] zswap: compressor  not available
[  908.885858][T23578] netlink: 62 bytes leftover after parsing attributes in process `syz.1.6181'.
[  910.771939][T23594] netlink: 62 bytes leftover after parsing attributes in process `syz.0.6186'.
[  914.612099][T23657] FAULT_INJECTION: forcing a failure.
[  914.612099][T23657] name failslab, interval 1, probability 393216, space 0, times 0
[  914.716615][T23660] netlink: 334 bytes leftover after parsing attributes in process `syz.4.6207'.
[  914.752155][T23657] CPU: 0 UID: 0 PID: 23657 Comm: syz.5.6206 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  914.752185][T23657] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  914.752191][T23657] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  914.752201][T23657] Call Trace:
[  914.752207][T23657]  <TASK>
[  914.752214][T23657]  dump_stack_lvl+0x100/0x190
[  914.752242][T23657]  should_fail_ex.cold+0x5/0xa
[  914.752262][T23657]  should_failslab+0xc2/0x120
[  914.752285][T23657]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  914.752307][T23657]  ? __alloc_skb+0x140/0x710
[  914.752326][T23657]  __alloc_skb+0x140/0x710
[  914.752340][T23657]  ? __pfx___alloc_skb+0x10/0x10
[  914.752360][T23657]  tipc_buf_acquire+0x26/0xe0
[  914.752385][T23657]  tipc_msg_reverse+0x1e7/0x940
[  914.752412][T23657]  tipc_sk_respond+0xfe/0x300
[  914.752434][T23657]  ? __pfx_tipc_sk_respond+0x10/0x10
[  914.752455][T23657]  ? tipc_node_remove_conn+0x2f2/0x490
[  914.752470][T23657]  ? tipc_sk_push_backlog+0x334/0xa00
[  914.752486][T23657]  ? __lock_acquire+0x4a5/0x2630
[  914.752507][T23657]  __tipc_shutdown+0x833/0xed0
[  914.752527][T23657]  ? __lock_acquire+0x485/0x2630
[  914.752547][T23657]  ? __pfx___tipc_shutdown+0x10/0x10
[  914.752568][T23657]  ? do_raw_spin_lock+0x128/0x260
[  914.752588][T23657]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  914.752608][T23657]  ? __pfx_woken_wake_function+0x10/0x10
[  914.752632][T23657]  ? tipc_sk_filtering+0x47d/0x590
[  914.752655][T23657]  tipc_release+0xdb/0x16b0
[  914.752676][T23657]  ? down_write+0x146/0x1f0
[  914.752694][T23657]  ? __pfx_down_write+0x10/0x10
[  914.752713][T23657]  ? __pfx_locks_remove_file+0x10/0x10
[  914.752743][T23657]  __sock_release+0xb3/0x260
[  914.752761][T23657]  ? __pfx_sock_close+0x10/0x10
[  914.752778][T23657]  sock_close+0x1c/0x30
[  914.752794][T23657]  __fput+0x3ff/0xb40
[  914.752814][T23657]  task_work_run+0x150/0x240
[  914.752835][T23657]  ? __pfx_task_work_run+0x10/0x10
[  914.752860][T23657]  exit_to_user_mode_loop+0x100/0x4a0
[  914.752880][T23657]  do_syscall_64+0x668/0xf80
[  914.752896][T23657]  ? clear_bhb_loop+0x40/0x90
[  914.752914][T23657]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  914.752930][T23657] RIP: 0033:0x7fcb3f19bf79
[  914.752945][T23657] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  914.752959][T23657] RSP: 002b:00007fcb3ffdc028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  914.752975][T23657] RAX: 0000000000000000 RBX: 00007fcb3f415fa0 RCX: 00007fcb3f19bf79
[  914.752985][T23657] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[  914.752994][T23657] RBP: 00007fcb3f2327e0 R08: 0000000000000000 R09: 0000000000000000
[  914.753003][T23657] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  914.753013][T23657] R13: 00007fcb3f416038 R14: 00007fcb3f415fa0 R15: 00007ffd8c3952e8
[  914.753033][T23657]  </TASK>
[  915.478159][ T5141] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18
[  916.175465][T23669] zswap: compressor  not available
[  917.465908][T23697] FAULT_INJECTION: forcing a failure.
[  917.465908][T23697] name failslab, interval 1, probability 393216, space 0, times 0
[  917.479347][T23697] CPU: 0 UID: 0 PID: 23697 Comm: syz.5.6216 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  917.479375][T23697] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  917.479382][T23697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  917.479393][T23697] Call Trace:
[  917.479400][T23697]  <TASK>
[  917.479407][T23697]  dump_stack_lvl+0x100/0x190
[  917.479434][T23697]  should_fail_ex.cold+0x5/0xa
[  917.479454][T23697]  should_failslab+0xc2/0x120
[  917.479478][T23697]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  917.479498][T23697]  ? radix_tree_node_alloc.constprop.0+0x66/0x340
[  917.479526][T23697]  radix_tree_node_alloc.constprop.0+0x66/0x340
[  917.479553][T23697]  idr_get_free+0x52e/0xa00
[  917.479583][T23697]  idr_alloc_u32+0x1ac/0x320
[  917.479600][T23697]  ? __pfx_idr_alloc_u32+0x10/0x10
[  917.479618][T23697]  ? lock_acquire+0x1cf/0x380
[  917.479639][T23697]  idr_alloc_cyclic+0x10b/0x230
[  917.479656][T23697]  ? __pfx_idr_alloc_cyclic+0x10/0x10
[  917.479670][T23697]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  917.479696][T23697]  map_create+0x14d8/0x2ba0
[  917.479718][T23697]  ? preempt_schedule_thunk+0x16/0x30
[  917.479742][T23697]  ? __pfx_map_create+0x10/0x10
[  917.479762][T23697]  ? __might_fault+0xc5/0x140
[  917.479779][T23697]  ? __might_fault+0xc5/0x140
[  917.479804][T23697]  __sys_bpf+0x2091/0x4b90
[  917.479819][T23697]  ? futex_private_hash_put+0x107/0x1c0
[  917.479837][T23697]  ? __pfx___sys_bpf+0x10/0x10
[  917.479854][T23697]  ? __pfx_futex_wake+0x10/0x10
[  917.479876][T23697]  ? ksys_write+0x190/0x250
[  917.479900][T23697]  ? do_futex+0x192/0x350
[  917.479927][T23697]  ? xfd_validate_state+0x129/0x190
[  917.479953][T23697]  __x64_sys_bpf+0x7b/0xc0
[  917.479968][T23697]  ? lockdep_hardirqs_on+0x78/0x100
[  917.479984][T23697]  do_syscall_64+0x106/0xf80
[  917.479999][T23697]  ? clear_bhb_loop+0x40/0x90
[  917.480018][T23697]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  917.480034][T23697] RIP: 0033:0x7fcb3f19bf79
[  917.480050][T23697] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  917.480065][T23697] RSP: 002b:00007fcb3ffbb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  917.480080][T23697] RAX: ffffffffffffffda RBX: 00007fcb3f416090 RCX: 00007fcb3f19bf79
[  917.480090][T23697] RDX: 000000000000000f RSI: 00002000000001c0 RDI: 0000000000000000
[  917.480099][T23697] RBP: 00007fcb3f2327e0 R08: 0000000000000000 R09: 0000000000000000
[  917.480109][T23697] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  917.480125][T23697] R13: 00007fcb3f416128 R14: 00007fcb3f416090 R15: 00007ffd8c3952e8
[  917.480146][T23697]  </TASK>
[  921.133609][T23751] ERROR: Out of memory at tomoyo_memory_ok.
[  921.712553][T23763] netlink: 'syz.1.6239': attribute type 10 has an invalid length.
[  921.772946][T23763] netlink: 'syz.1.6239': attribute type 13 has an invalid length.
[  922.041869][T23769] netlink: 186 bytes leftover after parsing attributes in process `syz.1.6242'.
[  922.102624][T23769] netlink: 186 bytes leftover after parsing attributes in process `syz.1.6242'.
[  922.919071][T23783] FAULT_INJECTION: forcing a failure.
[  922.919071][T23783] name failslab, interval 1, probability 393216, space 0, times 0
[  923.007476][T23783] CPU: 0 UID: 0 PID: 23783 Comm: syz.0.6246 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  923.007506][T23783] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  923.007512][T23783] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  923.007522][T23783] Call Trace:
[  923.007528][T23783]  <TASK>
[  923.007535][T23783]  dump_stack_lvl+0x100/0x190
[  923.007564][T23783]  should_fail_ex.cold+0x5/0xa
[  923.007583][T23783]  should_failslab+0xc2/0x120
[  923.007607][T23783]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  923.007627][T23783]  ? __alloc_skb+0x140/0x710
[  923.007645][T23783]  __alloc_skb+0x140/0x710
[  923.007658][T23783]  ? __alloc_skb+0x5b7/0x710
[  923.007672][T23783]  ? __pfx___alloc_skb+0x10/0x10
[  923.007687][T23783]  ? aa_label_sk_perm+0x194/0x5f0
[  923.007706][T23783]  alloc_skb_with_frags+0xe0/0x810
[  923.007726][T23783]  ? __lock_acquire+0x4a5/0x2630
[  923.007746][T23783]  sock_alloc_send_pskb+0x801/0x980
[  923.007776][T23783]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  923.007799][T23783]  ? __pfx_autoremove_wake_function+0x10/0x10
[  923.007823][T23783]  caif_stream_sendmsg+0x446/0x800
[  923.007845][T23783]  ? __pfx_caif_stream_sendmsg+0x10/0x10
[  923.007863][T23783]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  923.007886][T23783]  sock_write_iter+0x566/0x610
[  923.007907][T23783]  ? __pfx_sock_write_iter+0x10/0x10
[  923.007925][T23783]  ? futex_unqueue+0x133/0x2c0
[  923.007941][T23783]  ? futex_unqueue+0x133/0x2c0
[  923.007962][T23783]  ? __futex_wait+0x256/0x300
[  923.007986][T23783]  do_iter_readv_writev+0x6ee/0x920
[  923.008007][T23783]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  923.008025][T23783]  ? common_file_perm+0x1ab/0x4f0
[  923.008043][T23783]  ? bpf_lsm_file_permission+0x9/0x10
[  923.008063][T23783]  ? security_file_permission+0x76/0x210
[  923.008080][T23783]  ? rw_verify_area+0xce/0x6d0
[  923.008099][T23783]  vfs_writev+0x360/0xe10
[  923.008123][T23783]  ? __pfx_vfs_writev+0x10/0x10
[  923.008154][T23783]  ? __fget_files+0x21f/0x3d0
[  923.008179][T23783]  ? do_writev+0x28a/0x340
[  923.008197][T23783]  do_writev+0x28a/0x340
[  923.008216][T23783]  ? __pfx_do_writev+0x10/0x10
[  923.008240][T23783]  do_syscall_64+0x106/0xf80
[  923.008255][T23783]  ? clear_bhb_loop+0x40/0x90
[  923.008274][T23783]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  923.008289][T23783] RIP: 0033:0x7fa77579bf79
[  923.008304][T23783] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  923.008352][T23783] RSP: 002b:00007fa776692028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  923.008368][T23783] RAX: ffffffffffffffda RBX: 00007fa775a15fa0 RCX: 00007fa77579bf79
[  923.008379][T23783] RDX: 0000000000000008 RSI: 0000200000000100 RDI: 0000000000000003
[  923.008389][T23783] RBP: 00007fa7758327e0 R08: 0000000000000000 R09: 0000000000000000
[  923.008399][T23783] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  923.008409][T23783] R13: 00007fa775a16038 R14: 00007fa775a15fa0 R15: 00007ffe90f756c8
[  923.008429][T23783]  </TASK>
[  924.061741][T23790] vivid-007: =================  START STATUS  =================
[  924.117773][T23790] vivid-007: Enable Output Cropping: true grabbed
[  924.154333][T23790] vivid-007: Enable Output Composing: true grabbed
[  924.185122][T23790] vivid-007: Enable Output Scaler: true grabbed
[  924.208097][T23790] vivid-007: Tx RGB Quantization Range: Automatic grabbed
[  924.247355][T23790] vivid-007: Transmit Mode: HDMI grabbed
[  924.278959][T23790] vivid-007: Hotplug Present: 0x00000000
[  924.303687][T23790] vivid-007: RxSense Present: 0x00000000
[  924.331864][T23790] vivid-007: EDID Present: 0x00000000
[  924.354164][T23790] vivid-007: ==================  END STATUS  ==================
[  925.509608][T23805] futex_wake_op: syz.5.6253 tries to shift op by -2048; fix this program
[  926.411185][T23829] vhci_hcd vhci_hcd.1: default hub control req: 0000 v0000 i0000 l0
[  926.882203][T23838] vcan0: tx drop: invalid sa for name 0x00000000000000fd
[  927.949636][T23854] netlink: 226 bytes leftover after parsing attributes in process `syz.4.6270'.
[  928.013934][T23854] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6270'.
[  928.085104][T23854] A link change request failed with some changes committed already. Interface wg1 may have been left with an inconsistent configuration, please check.
[  928.559142][T23872] netlink: 354 bytes leftover after parsing attributes in process `syz.0.6275'.
[  930.923406][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  930.935884][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  931.442466][T23924] FAULT_INJECTION: forcing a failure.
[  931.442466][T23924] name failslab, interval 1, probability 393216, space 0, times 0
[  931.568589][T23924] CPU: 0 UID: 0 PID: 23924 Comm: syz.5.6292 Tainted: G     U  W    L XTNJ syzkaller #0 PREEMPT(full) 
[  931.568626][T23924] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL
[  931.568635][T23924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  931.568645][T23924] Call Trace:
[  931.568651][T23924]  <TASK>
[  931.568658][T23924]  dump_stack_lvl+0x100/0x190
[  931.568685][T23924]  should_fail_ex.cold+0x5/0xa
[  931.568704][T23924]  ? vkms_crtc_atomic_check+0x388/0x800
[  931.568720][T23924]  should_failslab+0xc2/0x120
[  931.568742][T23924]  __kmalloc_noprof+0xe0/0x850
[  931.568761][T23924]  ? drm_atomic_add_affected_planes+0x32b/0x3f0
[  931.568782][T23924]  vkms_crtc_atomic_check+0x388/0x800
[  931.568802][T23924]  ? __pfx_vkms_crtc_atomic_check+0x10/0x10
[  931.568817][T23924]  drm_atomic_helper_check_planes+0x4dc/0x900
[  931.568839][T23924]  drm_atomic_helper_check+0xae/0x190
[  931.568858][T23924]  vkms_atomic_check+0x1d9/0x250
[  931.568878][T23924]  ? __pfx_vkms_atomic_check+0x10/0x10
[  931.568900][T23924]  drm_atomic_check_only+0x19ea/0x31b0
[  931.568926][T23924]  drm_atomic_commit+0x132/0x300
[  931.568941][T23924]  ? __pfx_drm_atomic_commit+0x10/0x10
[  931.568956][T23924]  ? __pfx___drm_printfn_info+0x10/0x10
[  931.568977][T23924]  ? drm_client_rotation+0x451/0x6a0
[  931.568998][T23924]  drm_client_modeset_commit_atomic+0x6a6/0x7e0
[  931.569021][T23924]  ? __mutex_lock+0x26a/0x1b90
[  931.569039][T23924]  ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10
[  931.569058][T23924]  ? drm_master_internal_acquire+0x21/0x80
[  931.569096][T23924]  drm_client_modeset_commit_locked+0x14d/0x580
[  931.569118][T23924]  drm_client_modeset_commit+0x4f/0x80
[  931.569137][T23924]  __drm_fb_helper_restore_fbdev_mode_unlocked.part.0+0x137/0x160
[  931.569159][T23924]  drm_fb_helper_restore_fbdev_mode_unlocked+0x93/0xc0
[  931.569180][T23924]  drm_fbdev_client_restore+0x1b/0x30
[  931.569202][T23924]  ? __pfx_drm_fbdev_client_restore+0x10/0x10
[  931.569225][T23924]  drm_client_dev_restore+0x205/0x2a0
[  931.569247][T23924]  drm_release+0x2c6/0x360
[  931.569264][T23924]  ? __pfx_drm_release+0x10/0x10
[  931.569280][T23924]  __fput+0x3ff/0xb40
[  931.569309][T23924]  task_work_run+0x150/0x240
[  931.569334][T23924]  ? __pfx_task_work_run+0x10/0x10
[  931.569361][T23924]  exit_to_user_mode_loop+0x100/0x4a0
[  931.569384][T23924]  do_syscall_64+0x668/0xf80
[  931.569400][T23924]  ? clear_bhb_loop+0x40/0x90
[  931.569425][T23924]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  931.569441][T23924] RIP: 0033:0x7fcb3f19bf79
[  931.569456][T23924] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  931.569471][T23924] RSP: 002b:00007fcb3ffdc028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  931.569486][T23924] RAX: 0000000000000000 RBX: 00007fcb3f415fa0 RCX: 00007fcb3f19bf79
[  931.569497][T23924] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[  931.569506][T23924] RBP: 00007fcb3f2327e0 R08: 0000000000000000 R09: 0000000000000000
[  931.569516][T23924] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  931.569525][T23924] R13: 00007fcb3f416038 R14: 00007fcb3f415fa0 R15: 00007ffd8c3952e8
[  931.569547][T23924]  </TASK>
[  931.569668][T23925] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6291'.
[  934.773778][T23982] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6311'.
[  934.813252][T23982] netlink: 25 bytes leftover after parsing attributes in process `syz.1.6311'.
[  935.588851][T23994] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.0.6316: iget: checksum invalid
[  935.705517][T23994] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74
[  935.816976][T23994] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.0.6316: iget: checksum invalid
[  935.973061][T23994] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74
[  936.090841][T23994] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.0.6316: iget: checksum invalid
[  936.227261][T23994] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74
[  936.375384][T23994] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.0.6316: iget: checksum invalid
[  936.558742][T23994] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74
[  936.620709][T23994] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74
[  936.728383][T23994] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  937.538993][T24018] zswap: compressor  not available
[  937.612380][T24029] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6327'.
[  937.680843][T24029] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  937.688271][T24029] batman_adv: batadv0: Removing interface: batadv_slave_0
[  937.758032][T24029] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  937.784914][T24029] batman_adv: batadv0: Removing interface: batadv_slave_1
[  939.532499][T24065] random: crng reseeded on system resumption
[  940.204854][T24077] netlink: 50 bytes leftover after parsing attributes in process `syz.4.6342'.
[  940.688351][T24088] input: f�
 as /devices/virtual/input/input21
[  940.695674][ T5175] ERROR: Out of memory at tomoyo_memory_ok.
[  941.251823][T24092] kmem.tcp.limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  941.271304][T24097] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6348'.
[  941.338982][T24097] netlink: 25 bytes leftover after parsing attributes in process `syz.5.6348'.
[  942.031622][T24114] random: crng reseeded on system resumption
[  942.686364][T24117] bond0: invalid ARP target specified
[  942.765545][T24120] bond0: invalid ARP target specified
[  942.850322][T24117] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6355'.
[  942.973311][T24117] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  943.077057][T24117] batman_adv: batadv0: Removing interface: batadv_slave_0
[  943.288544][T24117] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  943.339796][T24117] batman_adv: batadv0: Removing interface: batadv_slave_1
[  944.945699][T24155] netlink: 354 bytes leftover after parsing attributes in process `syz.1.6365'.
[  946.417170][T24175] FAULT_INJECTION: forcing a failure.
[  946.417170][T24175] name fail_futex, interval 1, probability 0, space 0, times 0
[  946.902691][T24175] CPU: 0 UID: 0 PID: 24175 Comm: syz.0.6369 Tainted: G     U  W    L XTNJ syzkaller #0 PREEMPT(full) 
[  946.902733][T24175] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL
[  946.902743][T24175] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  946.902752][T24175] Call Trace:
[  946.902760][T24175]  <TASK>
[  946.902768][T24175]  dump_stack_lvl+0x100/0x190
[  946.902796][T24175]  should_fail_ex.cold+0x5/0xa
[  946.902815][T24175]  get_futex_key+0x1d2/0x1620
[  946.902835][T24175]  ? __pfx_get_futex_key+0x10/0x10
[  946.902858][T24175]  futex_wake+0xea/0x530
[  946.902882][T24175]  ? __pfx_futex_wake+0x10/0x10
[  946.902905][T24175]  ? putname+0xb1/0x110
[  946.902926][T24175]  ? kmem_cache_free+0x124/0x6a0
[  946.902957][T24175]  do_futex+0x32b/0x350
[  946.902975][T24175]  ? __pfx_do_futex+0x10/0x10
[  946.902992][T24175]  ? __pfx_do_sys_openat2+0x10/0x10
[  946.903011][T24175]  ? __fget_files+0x21f/0x3d0
[  946.903033][T24175]  __x64_sys_futex+0x34f/0x4d0
[  946.903052][T24175]  ? __x64_sys_openat+0x12d/0x210
[  946.903068][T24175]  ? __pfx___x64_sys_futex+0x10/0x10
[  946.903093][T24175]  do_syscall_64+0x106/0xf80
[  946.903110][T24175]  ? clear_bhb_loop+0x40/0x90
[  946.903128][T24175]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  946.903147][T24175] RIP: 0033:0x7fa77579bf79
[  946.903178][T24175] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  946.903194][T24175] RSP: 002b:00007fa7766500e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  946.903211][T24175] RAX: ffffffffffffffda RBX: 00007fa775a16188 RCX: 00007fa77579bf79
[  946.903222][T24175] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fa775a1618c
[  946.903232][T24175] RBP: 00007fa775a16180 R08: 0000000000000000 R09: 0000000000000000
[  946.903242][T24175] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000000
[  946.903252][T24175] R13: 00007fa775a16218 R14: 00007ffe90f755e0 R15: 00007ffe90f756c8
[  946.903272][T24175]  </TASK>
[  953.376034][T24226] zswap: compressor  not available
[  955.382063][T24257] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.4.6395: iget: checksum invalid
[  955.541976][T24257] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74
[  955.686871][T24257] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.4.6395: iget: checksum invalid
[  955.847144][T24257] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74
[  956.007093][T24257] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.4.6395: iget: checksum invalid
[  956.222369][T24257] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74
[  956.361543][T24257] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.4.6395: iget: checksum invalid
[  956.533072][T24257] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74
[  956.542513][T24257] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74
[  956.816180][T24257] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  957.345737][T24274] netlink: 25 bytes leftover after parsing attributes in process `syz.4.6397'.
[  958.324046][T24283] netlink: 354 bytes leftover after parsing attributes in process `syz.5.6398'.
[  961.346202][T24308] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6411'.
[  962.831220][T24325] FAULT_INJECTION: forcing a failure.
[  962.831220][T24325] name failslab, interval 1, probability 393216, space 0, times 0
[  962.874240][T24324] netlink: 25 bytes leftover after parsing attributes in process `syz.5.6417'.
[  962.999206][T24325] CPU: 0 UID: 0 PID: 24325 Comm: syz.4.6418 Tainted: G     U  W    L XTNJ syzkaller #0 PREEMPT(full) 
[  962.999242][T24325] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL
[  962.999251][T24325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  962.999261][T24325] Call Trace:
[  962.999267][T24325]  <TASK>
[  962.999274][T24325]  dump_stack_lvl+0x100/0x190
[  962.999304][T24325]  should_fail_ex.cold+0x5/0xa
[  962.999323][T24325]  should_failslab+0xc2/0x120
[  962.999346][T24325]  __kmalloc_cache_noprof+0x7a/0x6f0
[  962.999363][T24325]  ? tomoyo_init_log+0x1a0/0x20c0
[  962.999384][T24325]  tomoyo_init_log+0x1a0/0x20c0
[  962.999401][T24325]  ? __pfx_format_decode+0x10/0x10
[  962.999427][T24325]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  962.999454][T24325]  ? __pfx_tomoyo_init_log+0x10/0x10
[  962.999477][T24325]  tomoyo_write_log2+0x2ed/0xbc0
[  962.999498][T24325]  tomoyo_supervisor+0x15e/0x1340
[  962.999521][T24325]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  962.999550][T24325]  ? kasan_quarantine_put+0x104/0x240
[  962.999571][T24325]  ? tomoyo_check_path_acl+0x141/0x210
[  962.999595][T24325]  ? tomoyo_check_acl+0x1f7/0x410
[  962.999618][T24325]  tomoyo_path_permission+0x270/0x3b0
[  962.999644][T24325]  tomoyo_check_open_permission+0x34d/0x3c0
[  962.999669][T24325]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  962.999728][T24325]  ? do_raw_spin_lock+0x128/0x260
[  962.999751][T24325]  ? path_get+0x61/0x80
[  962.999777][T24325]  tomoyo_file_open+0x6b/0x90
[  962.999804][T24325]  security_file_open+0xb5/0x1e0
[  962.999822][T24325]  do_dentry_open+0x5aa/0x1660
[  962.999846][T24325]  ? security_inode_permission+0xbf/0x250
[  962.999872][T24325]  vfs_open+0x82/0x3f0
[  962.999891][T24325]  path_openat+0x208c/0x31a0
[  962.999919][T24325]  ? __pfx_path_openat+0x10/0x10
[  962.999947][T24325]  do_file_open+0x20e/0x430
[  962.999970][T24325]  ? __pfx_do_file_open+0x10/0x10
[  963.000005][T24325]  ? alloc_fd+0x476/0x790
[  963.000028][T24325]  ? do_getname+0x191/0x390
[  963.000044][T24325]  do_sys_openat2+0x10d/0x1e0
[  963.000061][T24325]  ? __pfx_do_sys_openat2+0x10/0x10
[  963.000078][T24325]  ? __fget_files+0x21f/0x3d0
[  963.000102][T24325]  __x64_sys_openat+0x12d/0x210
[  963.000119][T24325]  ? __pfx___x64_sys_openat+0x10/0x10
[  963.000143][T24325]  do_syscall_64+0x106/0xf80
[  963.000158][T24325]  ? clear_bhb_loop+0x40/0x90
[  963.000177][T24325]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  963.000192][T24325] RIP: 0033:0x7f22bc39bf79
[  963.000207][T24325] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  963.000222][T24325] RSP: 002b:00007f22bd1d4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  963.000238][T24325] RAX: ffffffffffffffda RBX: 00007f22bc615fa0 RCX: 00007f22bc39bf79
[  963.000248][T24325] RDX: 0000000000101901 RSI: 0000200000002c00 RDI: ffffffffffffff9c
[  963.000258][T24325] RBP: 00007f22bc4327e0 R08: 0000000000000000 R09: 0000000000000000
[  963.000267][T24325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  963.000277][T24325] R13: 00007f22bc616038 R14: 00007f22bc615fa0 R15: 00007ffea850b7b8
[  963.000298][T24325]  </TASK>
[  964.120865][T24335] netlink: 354 bytes leftover after parsing attributes in process `syz.4.6419'.
[  967.663842][T24363] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000
[  967.735614][T24363] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  967.795059][T24363] memcg:ffff888078000811
[  967.804442][T24363] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  967.854755][T24363] page_type: f5(slab)
[  967.878174][T24363] raw: 00fff00000000040 ffff88813fe523c0 dead000000000100 dead000000000122
[  967.957890][T24363] raw: 0000000000000000 0000100000080008 00000000f5000000 ffff888078000811
[  968.015643][T24363] head: 00fff00000000040 ffff88813fe523c0 dead000000000100 dead000000000122
[  968.065906][T24363] head: 0000000000000000 0000100000080008 00000000f5000000 ffff888078000811
[  968.131880][T24363] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff
[  968.241266][T24363] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  968.302399][T24363] page dumped because: unmovable page
[  968.307825][T24363] page_owner tracks the page as allocated
[  968.323045][ T5172] ERROR: Out of memory at tomoyo_memory_ok.
[  968.376866][T24363] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 16443, tgid 16443 (syz-executor), ts 526208257901, free_ts 526189347723
[  968.524549][T24363]  post_alloc_hook+0x153/0x170
[  968.529363][T24363]  get_page_from_freelist+0x111d/0x3140
[  968.599456][T24363]  __alloc_frozen_pages_noprof+0x27c/0x2ba0
[  968.640383][T24363]  new_slab+0xa6/0x6e0
[  968.649977][T24363]  refill_objects+0x26b/0x400
[  968.679632][T24363]  __pcs_replace_empty_main+0x19f/0x600
[  968.722299][T24363]  __kmalloc_cache_noprof+0x493/0x6f0
[  968.762735][T24363]  ipv6_add_dev+0x1c9/0x1520
[  968.767361][T24363]  addrconf_notify+0x563/0x19c0
[  968.831513][T24363]  notifier_call_chain+0x99/0x420
[  968.836612][T24363]  call_netdevice_notifiers_info+0xbe/0x110
[  968.893384][T24363]  register_netdevice+0x16e6/0x2210
[  968.937301][T24363]  veth_newlink+0x316/0xa00
[  968.969709][T24363]  rtnl_newlink+0x1494/0x2380
[  968.998155][T24363]  rtnetlink_rcv_msg+0x95e/0xe90
[  969.032415][T24363]  netlink_rcv_skb+0x159/0x420
[  969.061256][T24363] page last free pid 16443 tgid 16443 stack trace:
[  969.105676][T24363]  __free_frozen_pages+0x7ca/0x10a0
[  969.149460][T24363]  qlist_free_all+0x47/0xe0
[  969.179571][T24363]  kasan_quarantine_reduce+0x1a0/0x1f0
[  969.220896][T24363]  __kasan_slab_alloc+0x69/0x90
[  969.252626][T24363]  kmem_cache_alloc_node_noprof+0x25a/0x6f0
[  969.291836][T24363]  kmalloc_reserve+0x148/0x350
[  969.333265][T24363]  __alloc_skb+0x185/0x710
[  969.357018][T24363]  netlink_ack+0x117/0xb80
[  969.361910][T24363]  netlink_rcv_skb+0x333/0x420
[  969.424702][T24363]  netlink_unicast+0x5aa/0x870
[  969.465919][T24363]  netlink_sendmsg+0x8b0/0xda0
[  969.470719][T24363]  __sys_sendto+0x4aa/0x520
[  969.475227][T24363]  __x64_sys_sendto+0xe0/0x1c0
[  969.545127][T24363]  do_syscall_64+0x106/0xf80
[  969.549790][T24363]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  970.795320][T24400] FAULT_INJECTION: forcing a failure.
[  970.795320][T24400] name failslab, interval 1, probability 393216, space 0, times 0
[  970.992529][T24400] CPU: 0 UID: 0 PID: 24400 Comm: syz.0.6442 Tainted: G     U  W    L XTNJ syzkaller #0 PREEMPT(full) 
[  970.992566][T24400] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL
[  970.992576][T24400] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  970.992586][T24400] Call Trace:
[  970.992592][T24400]  <TASK>
[  970.992600][T24400]  dump_stack_lvl+0x100/0x190
[  970.992627][T24400]  should_fail_ex.cold+0x5/0xa
[  970.992646][T24400]  should_failslab+0xc2/0x120
[  970.992669][T24400]  __kmalloc_cache_noprof+0x7a/0x6f0
[  970.992685][T24400]  ? tomoyo_init_log+0x1a0/0x20c0
[  970.992707][T24400]  tomoyo_init_log+0x1a0/0x20c0
[  970.992724][T24400]  ? __pfx_format_decode+0x10/0x10
[  970.992748][T24400]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  970.992776][T24400]  ? __pfx_tomoyo_init_log+0x10/0x10
[  970.992798][T24400]  tomoyo_write_log2+0x2ed/0xbc0
[  970.992819][T24400]  tomoyo_supervisor+0x15e/0x1340
[  970.992843][T24400]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  970.992871][T24400]  ? kasan_quarantine_put+0x104/0x240
[  970.992893][T24400]  ? tomoyo_check_path_acl+0x141/0x210
[  970.992916][T24400]  ? tomoyo_check_acl+0x1f7/0x410
[  970.992940][T24400]  tomoyo_path_permission+0x270/0x3b0
[  970.992965][T24400]  tomoyo_check_open_permission+0x34d/0x3c0
[  970.992989][T24400]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  970.993031][T24400]  ? do_raw_spin_lock+0x128/0x260
[  970.993052][T24400]  ? path_get+0x61/0x80
[  970.993077][T24400]  tomoyo_file_open+0x6b/0x90
[  970.993097][T24400]  security_file_open+0xb5/0x1e0
[  970.993113][T24400]  do_dentry_open+0x5aa/0x1660
[  970.993136][T24400]  ? security_inode_permission+0xbf/0x250
[  970.993163][T24400]  vfs_open+0x82/0x3f0
[  970.993181][T24400]  path_openat+0x208c/0x31a0
[  970.993209][T24400]  ? __pfx_path_openat+0x10/0x10
[  970.993243][T24400]  do_file_open+0x20e/0x430
[  970.993268][T24400]  ? __pfx_do_file_open+0x10/0x10
[  970.993305][T24400]  ? alloc_fd+0x476/0x790
[  970.993328][T24400]  ? do_getname+0x191/0x390
[  970.993345][T24400]  do_sys_openat2+0x10d/0x1e0
[  970.993363][T24400]  ? __pfx_do_sys_openat2+0x10/0x10
[  970.993381][T24400]  ? __fget_files+0x21f/0x3d0
[  970.993406][T24400]  __x64_sys_openat+0x12d/0x210
[  970.993423][T24400]  ? __pfx___x64_sys_openat+0x10/0x10
[  970.993447][T24400]  do_syscall_64+0x106/0xf80
[  970.993463][T24400]  ? clear_bhb_loop+0x40/0x90
[  970.993481][T24400]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  970.993497][T24400] RIP: 0033:0x7fa77579bf79
[  970.993511][T24400] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  970.993526][T24400] RSP: 002b:00007fa776692028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  970.993542][T24400] RAX: ffffffffffffffda RBX: 00007fa775a15fa0 RCX: 00007fa77579bf79
[  970.993556][T24400] RDX: 0000000000101901 RSI: 0000200000002c00 RDI: ffffffffffffff9c
[  970.993566][T24400] RBP: 00007fa7758327e0 R08: 0000000000000000 R09: 0000000000000000
[  970.993576][T24400] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  970.993585][T24400] R13: 00007fa775a16038 R14: 00007fa775a15fa0 R15: 00007ffe90f756c8
[  970.993605][T24400]  </TASK>
[  972.541586][T24413] FAULT_INJECTION: forcing a failure.
[  972.541586][T24413] name failslab, interval 1, probability 393216, space 0, times 0
[  972.607412][T24413] CPU: 0 UID: 0 PID: 24413 Comm: syz.4.6447 Tainted: G     U  W    L XTNJ syzkaller #0 PREEMPT(full) 
[  972.607452][T24413] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL
[  972.607465][T24413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  972.607475][T24413] Call Trace:
[  972.607484][T24413]  <TASK>
[  972.607491][T24413]  dump_stack_lvl+0x100/0x190
[  972.607521][T24413]  should_fail_ex.cold+0x5/0xa
[  972.607540][T24413]  should_failslab+0xc2/0x120
[  972.607562][T24413]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  972.607582][T24413]  ? __proc_create+0x2cb/0x8c0
[  972.607604][T24413]  __proc_create+0x2cb/0x8c0
[  972.607622][T24413]  ? __pfx___proc_create+0x10/0x10
[  972.607643][T24413]  ? _raw_write_unlock+0x28/0x50
[  972.607658][T24413]  ? proc_register+0x559/0x8a0
[  972.607678][T24413]  proc_create_reg+0x75/0x170
[  972.607699][T24413]  proc_create_seq_private+0x8e/0x180
[  972.607718][T24413]  ? __pfx_proc_create_seq_private+0x10/0x10
[  972.607739][T24413]  ? __pfx_proc_create_net_data+0x10/0x10
[  972.607757][T24413]  ? __pfx_uevent_net_rcv+0x10/0x10
[  972.607779][T24413]  ? __pfx_dev_proc_net_init+0x10/0x10
[  972.607802][T24413]  dev_proc_net_init+0xac/0x230
[  972.607826][T24413]  ops_init+0x1e2/0x5f0
[  972.607845][T24413]  setup_net+0x118/0x3a0
[  972.607870][T24413]  ? __pfx_setup_net+0x10/0x10
[  972.607886][T24413]  ? lockdep_init_map_type+0x5c/0x250
[  972.607906][T24413]  ? mutex_init_lockep+0x110/0x150
[  972.607928][T24413]  copy_net_ns+0x46f/0x7c0
[  972.607949][T24413]  create_new_namespaces+0x3ea/0xac0
[  972.607977][T24413]  unshare_nsproxy_namespaces+0xc3/0x1f0
[  972.607994][T24413]  ksys_unshare+0x455/0xab0
[  972.608014][T24413]  ? __pfx_ksys_unshare+0x10/0x10
[  972.608039][T24413]  __x64_sys_unshare+0x31/0x40
[  972.608056][T24413]  do_syscall_64+0x106/0xf80
[  972.608072][T24413]  ? clear_bhb_loop+0x40/0x90
[  972.608090][T24413]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  972.608106][T24413] RIP: 0033:0x7f22bc39bf79
[  972.608120][T24413] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  972.608139][T24413] RSP: 002b:00007f22bd1b3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  972.608155][T24413] RAX: ffffffffffffffda RBX: 00007f22bc616090 RCX: 00007f22bc39bf79
[  972.608165][T24413] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  972.608175][T24413] RBP: 00007f22bc4327e0 R08: 0000000000000000 R09: 0000000000000000
[  972.608184][T24413] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  972.608194][T24413] R13: 00007f22bc616128 R14: 00007f22bc616090 R15: 00007ffea850b7b8
[  972.608215][T24413]  </TASK>
[  973.917729][T24426] netlink: 246 bytes leftover after parsing attributes in process `syz.5.6451'.
[  975.137952][T24419] netlink: 'syz.1.6449': attribute type 10 has an invalid length.
[  975.305298][T24419] netlink: 230 bytes leftover after parsing attributes in process `syz.1.6449'.
[  976.635256][T24450] netlink: 13 bytes leftover after parsing attributes in process `syz.1.6457'.
[  977.088666][T24454] FAULT_INJECTION: forcing a failure.
[  977.088666][T24454] name failslab, interval 1, probability 393216, space 0, times 0
[  977.179555][T24454] CPU: 0 UID: 0 PID: 24454 Comm: syz.4.6459 Tainted: G     U  W    L XTNJ syzkaller #0 PREEMPT(full) 
[  977.179592][T24454] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL
[  977.179601][T24454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  977.179611][T24454] Call Trace:
[  977.179617][T24454]  <TASK>
[  977.179625][T24454]  dump_stack_lvl+0x100/0x190
[  977.179653][T24454]  should_fail_ex.cold+0x5/0xa
[  977.179671][T24454]  ? unregister_netdevice_many_notify+0x903/0x2580
[  977.179691][T24454]  should_failslab+0xc2/0x120
[  977.179715][T24454]  __kmalloc_noprof+0xe0/0x850
[  977.179739][T24454]  unregister_netdevice_many_notify+0x903/0x2580
[  977.179758][T24454]  ? rcu_is_watching+0x12/0xc0
[  977.179782][T24454]  ? __mutex_lock+0x26a/0x1b90
[  977.179801][T24454]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  977.179820][T24454]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  977.179844][T24454]  ? __pfx___mutex_lock+0x10/0x10
[  977.179866][T24454]  unregister_netdevice_queue+0x30b/0x3c0
[  977.179885][T24454]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  977.179903][T24454]  ? __pfx_locks_remove_file+0x10/0x10
[  977.179929][T24454]  ppp_release+0x211/0x230
[  977.179946][T24454]  ? __pfx_ppp_release+0x10/0x10
[  977.179961][T24454]  __fput+0x3ff/0xb40
[  977.179980][T24454]  task_work_run+0x150/0x240
[  977.180003][T24454]  ? __pfx_task_work_run+0x10/0x10
[  977.180032][T24454]  exit_to_user_mode_loop+0x100/0x4a0
[  977.180053][T24454]  do_syscall_64+0x668/0xf80
[  977.180069][T24454]  ? clear_bhb_loop+0x40/0x90
[  977.180088][T24454]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  977.180104][T24454] RIP: 0033:0x7f22bc39bf79
[  977.180119][T24454] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  977.180136][T24454] RSP: 002b:00007f22bd1d4028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  977.180151][T24454] RAX: 0000000000000000 RBX: 00007f22bc615fa0 RCX: 00007f22bc39bf79
[  977.180161][T24454] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[  977.180170][T24454] RBP: 00007f22bc4327e0 R08: 0000000000000000 R09: 0000000000000000
[  977.180180][T24454] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  977.180189][T24454] R13: 00007f22bc616038 R14: 00007f22bc615fa0 R15: 00007ffea850b7b8
[  977.180210][T24454]  </TASK>
[  979.232320][T24465] FAULT_INJECTION: forcing a failure.
[  979.232320][T24465] name failslab, interval 1, probability 393216, space 0, times 0
[  979.331178][T24465] CPU: 0 UID: 0 PID: 24465 Comm: syz.4.6463 Tainted: G     U  W    L XTNJ syzkaller #0 PREEMPT(full) 
[  979.331216][T24465] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL
[  979.331225][T24465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  979.331234][T24465] Call Trace:
[  979.331240][T24465]  <TASK>
[  979.331247][T24465]  dump_stack_lvl+0x100/0x190
[  979.331281][T24465]  should_fail_ex.cold+0x5/0xa
[  979.331300][T24465]  should_failslab+0xc2/0x120
[  979.331324][T24465]  __kmalloc_cache_noprof+0x7a/0x6f0
[  979.331340][T24465]  ? do_signalfd4+0x14e/0x480
[  979.331359][T24465]  do_signalfd4+0x14e/0x480
[  979.331376][T24465]  __x64_sys_signalfd+0x120/0x1a0
[  979.331392][T24465]  ? __pfx___x64_sys_signalfd+0x10/0x10
[  979.331413][T24465]  do_syscall_64+0x106/0xf80
[  979.331429][T24465]  ? clear_bhb_loop+0x40/0x90
[  979.331447][T24465]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  979.331463][T24465] RIP: 0033:0x7f22bc39bf79
[  979.331477][T24465] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  979.331492][T24465] RSP: 002b:00007f22bd1d4028 EFLAGS: 00000246 ORIG_RAX: 000000000000011a
[  979.331507][T24465] RAX: ffffffffffffffda RBX: 00007f22bc615fa0 RCX: 00007f22bc39bf79
[  979.331518][T24465] RDX: 0000000000000008 RSI: 0000000000000000 RDI: 00000000ffffffff
[  979.331527][T24465] RBP: 00007f22bc4327e0 R08: 0000000000000000 R09: 0000000000000000
[  979.331536][T24465] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  979.331545][T24465] R13: 00007f22bc616038 R14: 00007f22bc615fa0 R15: 00007ffea850b7b8
[  979.331564][T24465]  </TASK>
[  983.812774][T24517] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6478'.
[  983.990804][T24520] netlink: 25 bytes leftover after parsing attributes in process `syz.5.6478'.
[  985.010983][T24525] random: crng reseeded on system resumption
[  985.923596][T24523] FAULT_INJECTION: forcing a failure.
[  985.923596][T24523] name failslab, interval 1, probability 393216, space 0, times 0
[  986.069426][T24523] CPU: 0 UID: 0 PID: 24523 Comm: syz.5.6480 Tainted: G     U  W    L XTNJ syzkaller #0 PREEMPT(full) 
[  986.069463][T24523] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL
[  986.069474][T24523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  986.069484][T24523] Call Trace:
[  986.069490][T24523]  <TASK>
[  986.069496][T24523]  dump_stack_lvl+0x100/0x190
[  986.069524][T24523]  should_fail_ex.cold+0x5/0xa
[  986.069542][T24523]  should_failslab+0xc2/0x120
[  986.069565][T24523]  __kmalloc_cache_noprof+0x7a/0x6f0
[  986.069582][T24523]  ? fscontext_alloc_log+0x4a/0x1b0
[  986.069599][T24523]  ? v9fs_init_fs_context+0x43d/0x590
[  986.069618][T24523]  fscontext_alloc_log+0x4a/0x1b0
[  986.069635][T24523]  __x64_sys_fsopen+0x159/0x220
[  986.069652][T24523]  do_syscall_64+0x106/0xf80
[  986.069677][T24523]  ? clear_bhb_loop+0x40/0x90
[  986.069698][T24523]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  986.069714][T24523] RIP: 0033:0x7fcb3f19bf79
[  986.069728][T24523] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  986.069744][T24523] RSP: 002b:00007fcb3ffdc028 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae
[  986.069760][T24523] RAX: ffffffffffffffda RBX: 00007fcb3f415fa0 RCX: 00007fcb3f19bf79
[  986.069770][T24523] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  986.069779][T24523] RBP: 00007fcb3f2327e0 R08: 0000000000000000 R09: 0000000000000000
[  986.069795][T24523] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  986.069804][T24523] R13: 00007fcb3f416038 R14: 00007fcb3f415fa0 R15: 00007ffd8c3952e8
[  986.069824][T24523]  </TASK>
[  990.254973][T24585] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3562660123 (7125320246 ns) > initial count (2882038626 ns). Using initial count to start timer.
[  990.923702][T24591] netlink: 330 bytes leftover after parsing attributes in process `syz.1.6500'.
[  992.044509][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  992.053327][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  993.851285][T24623] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6512'.
[  994.102452][T24627] netlink: 246 bytes leftover after parsing attributes in process `syz.0.6511'.
[  995.046509][T24635] binder: 24634:24635 ioctl c0306201 0 returned -14
[  996.505810][T24647] sp0: Synchronizing with TNC
[  997.227668][T24661] Invalid ELF header magic: != ELF
[  998.076294][T24678] netlink: 354 bytes leftover after parsing attributes in process `syz.0.6526'.
[ 1000.602847][T24723] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6539'.
[ 1002.467891][T24747] netlink: 334 bytes leftover after parsing attributes in process `syz.0.6556'.
[ 1003.623362][T24755] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6558'.
[ 1004.364540][T24759] zswap: compressor  not available
[ 1004.657804][   T29] audit: type=1800 audit(4294967379.789:26): pid=24770 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.6550" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0
[ 1007.301284][T24782] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6564'.
[ 1012.304165][T24841] Page cache invalidation failure on direct I/O.  Possible data corruption due to collision with buffered I/O!
[ 1012.508694][T24841] File: /dev/nullb0 PID: 24841 Comm: syz.0.6566
[ 1013.001058][ T5831] Bluetooth: hci3: unexpected event for opcode 0x7c89
[ 1013.236503][ T5831] Bluetooth: hci2: unexpected subevent 0x01 length: 3 < 18
[ 1013.594000][   T29] audit: type=1107 audit(4294967388.775:27): pid=24857 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[ 1013.663358][   T29] audit: type=1107 audit(4294967388.775:28): pid=24857 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[ 1014.249441][ T5831] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18
[ 1019.855563][T24929] zswap: compressor  not available
[ 1023.096930][ T5141] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[ 1024.900867][T24988] netlink: 'syz.5.6607': attribute type 1 has an invalid length.
[ 1024.960661][T24988] netlink: 13 bytes leftover after parsing attributes in process `syz.5.6607'.
[ 1027.372856][T25023] FAULT_INJECTION: forcing a failure.
[ 1027.372856][T25023] name failslab, interval 1, probability 393216, space 0, times 0
[ 1027.414672][T25025] FAULT_INJECTION: forcing a failure.
[ 1027.414672][T25025] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1027.474082][T25023] CPU: 0 UID: 0 PID: 25023 Comm: syz.4.6617 Tainted: G     U  W    L XTNJ syzkaller #0 PREEMPT(full) 
[ 1027.474118][T25023] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL
[ 1027.474127][T25023] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1027.474138][T25023] Call Trace:
[ 1027.474144][T25023]  <TASK>
[ 1027.474151][T25023]  dump_stack_lvl+0x100/0x190
[ 1027.474180][T25023]  should_fail_ex.cold+0x5/0xa
[ 1027.474198][T25023]  should_failslab+0xc2/0x120
[ 1027.474220][T25023]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[ 1027.474241][T25023]  ? __alloc_skb+0x140/0x710
[ 1027.474259][T25023]  __alloc_skb+0x140/0x710
[ 1027.474273][T25023]  ? __alloc_skb+0x5b7/0x710
[ 1027.474286][T25023]  ? __pfx___alloc_skb+0x10/0x10
[ 1027.474301][T25023]  ? aa_label_sk_perm+0x194/0x5f0
[ 1027.474321][T25023]  alloc_skb_with_frags+0xe0/0x810
[ 1027.474344][T25023]  ? __lock_acquire+0x4a5/0x2630
[ 1027.474364][T25023]  sock_alloc_send_pskb+0x801/0x980
[ 1027.474393][T25023]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[ 1027.474417][T25023]  ? __pfx_autoremove_wake_function+0x10/0x10
[ 1027.474441][T25023]  caif_stream_sendmsg+0x446/0x800
[ 1027.474464][T25023]  ? __pfx_caif_stream_sendmsg+0x10/0x10
[ 1027.474481][T25023]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[ 1027.474506][T25023]  sock_write_iter+0x566/0x610
[ 1027.474527][T25023]  ? __pfx_sock_write_iter+0x10/0x10
[ 1027.474545][T25023]  ? futex_unqueue+0x133/0x2c0
[ 1027.474561][T25023]  ? futex_unqueue+0x133/0x2c0
[ 1027.474583][T25023]  ? __futex_wait+0x256/0x300
[ 1027.474606][T25023]  do_iter_readv_writev+0x6ee/0x920
[ 1027.474627][T25023]  ? __pfx_do_iter_readv_writev+0x10/0x10
[ 1027.474645][T25023]  ? common_file_perm+0x1ab/0x4f0
[ 1027.474663][T25023]  ? bpf_lsm_file_permission+0x9/0x10
[ 1027.474683][T25023]  ? security_file_permission+0x76/0x210
[ 1027.474700][T25023]  ? rw_verify_area+0xce/0x6d0
[ 1027.474723][T25023]  vfs_writev+0x360/0xe10
[ 1027.474747][T25023]  ? __pfx_vfs_writev+0x10/0x10
[ 1027.474779][T25023]  ? __fget_files+0x21f/0x3d0
[ 1027.474803][T25023]  ? do_writev+0x28a/0x340
[ 1027.474820][T25023]  do_writev+0x28a/0x340
[ 1027.474840][T25023]  ? __pfx_do_writev+0x10/0x10
[ 1027.474863][T25023]  do_syscall_64+0x106/0xf80
[ 1027.474879][T25023]  ? clear_bhb_loop+0x40/0x90
[ 1027.474897][T25023]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1027.474920][T25023] RIP: 0033:0x7f22bc39bf79
[ 1027.474936][T25023] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1027.474951][T25023] RSP: 002b:00007f22bd1d4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 1027.474967][T25023] RAX: ffffffffffffffda RBX: 00007f22bc615fa0 RCX: 00007f22bc39bf79
[ 1027.474977][T25023] RDX: 0000000000000008 RSI: 0000200000000100 RDI: 0000000000000003
[ 1027.474986][T25023] RBP: 00007f22bc4327e0 R08: 0000000000000000 R09: 0000000000000000
[ 1027.474995][T25023] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1027.475005][T25023] R13: 00007f22bc616038 R14: 00007f22bc615fa0 R15: 00007ffea850b7b8
[ 1027.475024][T25023]  </TASK>
[ 1027.825468][T25027] futex_wake_op: syz.0.6620 tries to shift op by -2048; fix this program
[ 1027.845539][T25025] CPU: 0 UID: 0 PID: 25025 Comm: syz.5.6619 Tainted: G     U  W    L XTNJ syzkaller #0 PREEMPT(full) 
[ 1027.845576][T25025] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL
[ 1027.845585][T25025] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1027.845595][T25025] Call Trace:
[ 1027.845602][T25025]  <TASK>
[ 1027.845608][T25025]  dump_stack_lvl+0x100/0x190
[ 1027.845636][T25025]  should_fail_ex.cold+0x5/0xa
[ 1027.845652][T25025]  ? prepare_alloc_pages+0x16d/0x5f0
[ 1027.845677][T25025]  should_fail_alloc_page+0xeb/0x140
[ 1027.845702][T25025]  prepare_alloc_pages+0x1f0/0x5f0
[ 1027.845725][T25025]  ? rcu_is_watching+0x12/0xc0
[ 1027.845749][T25025]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[ 1027.845768][T25025]  ? __alloc_frozen_pages_noprof+0x2b1/0x2ba0
[ 1027.845788][T25025]  ? __pfx_css_rstat_updated+0x10/0x10
[ 1027.845811][T25025]  ? find_held_lock+0x2b/0x80
[ 1027.845833][T25025]  ? rcu_read_unlock+0x17/0x60
[ 1027.845855][T25025]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1027.845883][T25025]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1027.845904][T25025]  ? page_counter_charge+0x1d2/0x240
[ 1027.845922][T25025]  ? rcu_is_watching+0x12/0xc0
[ 1027.845944][T25025]  ? trace_mm_page_alloc+0x17a/0x1d0
[ 1027.845975][T25025]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1027.845998][T25025]  ? policy_nodemask+0xed/0x4f0
[ 1027.846022][T25025]  alloc_pages_mpol+0x1fb/0x550
[ 1027.846044][T25025]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1027.846066][T25025]  ? do_raw_spin_lock+0x128/0x260
[ 1027.846086][T25025]  ? find_held_lock+0x2b/0x80
[ 1027.846106][T25025]  ? __pud_alloc+0x575/0x760
[ 1027.846123][T25025]  alloc_pages_noprof+0x131/0x390
[ 1027.846146][T25025]  __pmd_alloc+0x3b/0x9c0
[ 1027.846159][T25025]  ? __pud_alloc+0x57a/0x760
[ 1027.846174][T25025]  walk_to_pmd+0x3a3/0x4c0
[ 1027.846191][T25025]  get_locked_pte+0x25/0xc0
[ 1027.846206][T25025]  map_ldt_struct+0x3c1/0xa70
[ 1027.846235][T25025]  ? __pfx_map_ldt_struct+0x10/0x10
[ 1027.846258][T25025]  ? alloc_pages_noprof+0x233/0x390
[ 1027.846283][T25025]  write_ldt+0x6d3/0xd40
[ 1027.846310][T25025]  ? __pfx_write_ldt+0x10/0x10
[ 1027.846334][T25025]  ? xfd_validate_state+0x129/0x190
[ 1027.846360][T25025]  __x64_sys_modify_ldt+0xb1/0x170
[ 1027.846375][T25025]  do_syscall_64+0x106/0xf80
[ 1027.846391][T25025]  ? clear_bhb_loop+0x40/0x90
[ 1027.846410][T25025]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1027.846426][T25025] RIP: 0033:0x7fcb3f19bf79
[ 1027.846441][T25025] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1027.846457][T25025] RSP: 002b:00007fcb3ffdc028 EFLAGS: 00000246 ORIG_RAX: 000000000000009a
[ 1027.846472][T25025] RAX: ffffffffffffffda RBX: 00007fcb3f415fa0 RCX: 00007fcb3f19bf79
[ 1027.846483][T25025] RDX: 0000000000000010 RSI: 00002000000001c0 RDI: 0000000000000001
[ 1027.846493][T25025] RBP: 00007fcb3f2327e0 R08: 0000000000000000 R09: 0000000000000000
[ 1027.846503][T25025] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1027.846512][T25025] R13: 00007fcb3f416038 R14: 00007fcb3f415fa0 R15: 00007ffd8c3952e8
[ 1027.846533][T25025]  </TASK>
[ 1028.370647][   T29] audit: type=1800 audit(4294967403.552:29): pid=25030 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.6619" name="trace_marker" dev="tracefs" ino=3291 res=0 errno=0
[ 1028.815034][T25041] netlink: 354 bytes leftover after parsing attributes in process `syz.4.6627'.
[ 1028.858608][T25042] vcan0: tx drop: invalid sa for name 0x00000000000000fd
[ 1030.119953][T25060] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6632'.
[ 1030.194642][T25062] netlink: 13 bytes leftover after parsing attributes in process `syz.5.6632'.
[ 1032.366488][ T5831] Bluetooth: hci3: unexpected subevent 0x01 length: 3 < 18
[ 1032.430091][T25096] FAULT_INJECTION: forcing a failure.
[ 1032.430091][T25096] name failslab, interval 1, probability 393216, space 0, times 0
[ 1032.533081][T25096] CPU: 0 UID: 0 PID: 25096 Comm: syz.5.6645 Tainted: G     U  W    L XTNJ syzkaller #0 PREEMPT(full) 
[ 1032.533117][T25096] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL
[ 1032.533126][T25096] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1032.533136][T25096] Call Trace:
[ 1032.533142][T25096]  <TASK>
[ 1032.533149][T25096]  dump_stack_lvl+0x100/0x190
[ 1032.533177][T25096]  should_fail_ex.cold+0x5/0xa
[ 1032.533196][T25096]  should_failslab+0xc2/0x120
[ 1032.533219][T25096]  __kmalloc_cache_noprof+0x7a/0x6f0
[ 1032.533235][T25096]  ? vkms_plane_duplicate_state+0x45/0x130
[ 1032.533263][T25096]  vkms_plane_duplicate_state+0x45/0x130
[ 1032.533285][T25096]  drm_atomic_get_plane_state+0x279/0x760
[ 1032.533313][T25096]  drm_client_modeset_commit_atomic+0x237/0x7e0
[ 1032.533333][T25096]  ? trace_contention_end+0x140/0x180
[ 1032.533355][T25096]  ? __mutex_lock+0x26a/0x1b90
[ 1032.533373][T25096]  ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10
[ 1032.533392][T25096]  ? drm_master_internal_acquire+0x21/0x80
[ 1032.533429][T25096]  drm_client_modeset_commit_locked+0x14d/0x580
[ 1032.533452][T25096]  drm_client_modeset_commit+0x4f/0x80
[ 1032.533472][T25096]  __drm_fb_helper_restore_fbdev_mode_unlocked.part.0+0x137/0x160
[ 1032.533493][T25096]  drm_fb_helper_restore_fbdev_mode_unlocked+0x93/0xc0
[ 1032.533514][T25096]  drm_fbdev_client_restore+0x1b/0x30
[ 1032.533537][T25096]  ? __pfx_drm_fbdev_client_restore+0x10/0x10
[ 1032.533560][T25096]  drm_client_dev_restore+0x205/0x2a0
[ 1032.533582][T25096]  drm_release+0x2c6/0x360
[ 1032.533598][T25096]  ? __pfx_drm_release+0x10/0x10
[ 1032.533615][T25096]  __fput+0x3ff/0xb40
[ 1032.533634][T25096]  task_work_run+0x150/0x240
[ 1032.533655][T25096]  ? __pfx_task_work_run+0x10/0x10
[ 1032.533681][T25096]  exit_to_user_mode_loop+0x100/0x4a0
[ 1032.533710][T25096]  do_syscall_64+0x668/0xf80
[ 1032.533726][T25096]  ? clear_bhb_loop+0x40/0x90
[ 1032.533746][T25096]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1032.533765][T25096] RIP: 0033:0x7fcb3f19bf79
[ 1032.533780][T25096] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1032.533795][T25096] RSP: 002b:00007fcb3ffdc028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 1032.533811][T25096] RAX: 0000000000000000 RBX: 00007fcb3f415fa0 RCX: 00007fcb3f19bf79
[ 1032.533821][T25096] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[ 1032.533831][T25096] RBP: 00007fcb3f2327e0 R08: 0000000000000000 R09: 0000000000000000
[ 1032.533841][T25096] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1032.533850][T25096] R13: 00007fcb3f416038 R14: 00007fcb3f415fa0 R15: 00007ffd8c3952e8
[ 1032.533872][T25096]  </TASK>
[ 1034.322437][T25110] netlink: 'syz.1.6649': attribute type 5 has an invalid length.
[ 1034.377099][T25112] netlink: 'syz.1.6649': attribute type 5 has an invalid length.
[ 1034.441906][T25110] netlink: 'syz.1.6649': attribute type 1 has an invalid length.
[ 1034.454060][T25114] vivid-007: =================  START STATUS  =================
[ 1034.505231][T25112] netlink: 'syz.1.6649': attribute type 1 has an invalid length.
[ 1034.548376][T25114] vivid-007: Enable Output Cropping: true grabbed
[ 1034.568868][T25110] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6649'.
[ 1034.628978][T25114] vivid-007: Enable Output Composing: true grabbed
[ 1034.646629][T25112] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6649'.
[ 1034.682132][T25114] vivid-007: Enable Output Scaler: true grabbed
[ 1034.733894][T25114] vivid-007: Tx RGB Quantization Range: Automatic grabbed
[ 1034.795878][T25114] vivid-007: Transmit Mode: HDMI grabbed
[ 1034.839856][T25114] vivid-007: Hotplug Present: 0x00000000
[ 1034.887031][T25114] vivid-007: RxSense Present: 0x00000000
[ 1034.922251][T25114] vivid-007: EDID Present: 0x00000000
[ 1034.951196][T25114] vivid-007: ==================  END STATUS  ==================
[ 1035.504710][T25132] tipc: Withdrawal distribution failure
[ 1035.712675][T25142] netlink: 306 bytes leftover after parsing attributes in process `syz.0.6658'.
[ 1036.041615][T25151] netlink: 13 bytes leftover after parsing attributes in process `syz.0.6662'.
[ 1036.170527][T25153] netlink: 330 bytes leftover after parsing attributes in process `syz.4.6663'.
[ 1036.410866][T25158] FAULT_INJECTION: forcing a failure.
[ 1036.410866][T25158] name failslab, interval 1, probability 393216, space 0, times 0
[ 1036.533222][T25158] CPU: 0 UID: 0 PID: 25158 Comm: syz.0.6664 Tainted: G     U  W    L XTNJ syzkaller #0 PREEMPT(full) 
[ 1036.533259][T25158] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL
[ 1036.533268][T25158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1036.533277][T25158] Call Trace:
[ 1036.533283][T25158]  <TASK>
[ 1036.533290][T25158]  dump_stack_lvl+0x100/0x190
[ 1036.533317][T25158]  should_fail_ex.cold+0x5/0xa
[ 1036.533336][T25158]  should_failslab+0xc2/0x120
[ 1036.533359][T25158]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[ 1036.533379][T25158]  ? __d_alloc+0x34/0xa80
[ 1036.533406][T25158]  __d_alloc+0x34/0xa80
[ 1036.533430][T25158]  d_alloc+0x4a/0x1e0
[ 1036.533454][T25158]  lookup_one_qstr_excl+0x175/0x250
[ 1036.533472][T25158]  start_dirop+0x59/0xb0
[ 1036.533493][T25158]  simple_start_creating+0xf9/0x110
[ 1036.533513][T25158]  ? __pfx_simple_start_creating+0x10/0x10
[ 1036.533534][T25158]  ? mntput+0x70/0xa0
[ 1036.533553][T25158]  ? simple_pin_fs+0xa3/0x190
[ 1036.533571][T25158]  debugfs_start_creating.part.0+0x82/0x170
[ 1036.533590][T25158]  __debugfs_create_file+0xb3/0x4f0
[ 1036.533610][T25158]  debugfs_create_file_full+0x41/0x60
[ 1036.533629][T25158]  ref_tracker_dir_debugfs+0x19e/0x2e0
[ 1036.533647][T25158]  ? __pfx_ref_tracker_dir_debugfs+0x10/0x10
[ 1036.533679][T25158]  ? __kvmalloc_node_noprof+0x37b/0xa00
[ 1036.533699][T25158]  ? alloc_netdev_mqs+0xd7/0x14f0
[ 1036.533716][T25158]  ? lockdep_init_map_type+0x5c/0x250
[ 1036.533737][T25158]  ? __pfx_sl_setup+0x10/0x10
[ 1036.533753][T25158]  alloc_netdev_mqs+0x314/0x14f0
[ 1036.533774][T25158]  slip_open+0x367/0x1120
[ 1036.533793][T25158]  ? __pfx___might_resched+0x10/0x10
[ 1036.533815][T25158]  ? find_held_lock+0x2b/0x80
[ 1036.533837][T25158]  ? __pfx_slip_open+0x10/0x10
[ 1036.533853][T25158]  ? tty_set_ldisc+0x2b1/0x740
[ 1036.533874][T25158]  ? __pfx_slip_open+0x10/0x10
[ 1036.533891][T25158]  tty_ldisc_open+0xa2/0x120
[ 1036.533908][T25158]  tty_set_ldisc+0x325/0x740
[ 1036.533928][T25158]  tty_ioctl+0x695/0x1690
[ 1036.533947][T25158]  ? __pfx_tty_ioctl+0x10/0x10
[ 1036.533972][T25158]  ? find_held_lock+0x2b/0x80
[ 1036.533993][T25158]  ? __fget_files+0x215/0x3d0
[ 1036.534013][T25158]  ? hook_file_ioctl_common+0x146/0x410
[ 1036.534041][T25158]  ? __fget_files+0x21f/0x3d0
[ 1036.534064][T25158]  ? __pfx_tty_ioctl+0x10/0x10
[ 1036.534083][T25158]  __x64_sys_ioctl+0x18e/0x210
[ 1036.534103][T25158]  do_syscall_64+0x106/0xf80
[ 1036.534120][T25158]  ? clear_bhb_loop+0x40/0x90
[ 1036.534148][T25158]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1036.534165][T25158] RIP: 0033:0x7fa77579bf79
[ 1036.534179][T25158] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1036.534195][T25158] RSP: 002b:00007fa776671028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1036.534210][T25158] RAX: ffffffffffffffda RBX: 00007fa775a16090 RCX: 00007fa77579bf79
[ 1036.534221][T25158] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 0000000000000005
[ 1036.534231][T25158] RBP: 00007fa7758327e0 R08: 0000000000000000 R09: 0000000000000000
[ 1036.534241][T25158] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1036.534250][T25158] R13: 00007fa775a16128 R14: 00007fa775a16090 R15: 00007ffe90f756c8
[ 1036.534272][T25158]  </TASK>
[ 1039.653532][T25200] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6673'.
[ 1039.839628][T25205] netlink: 25 bytes leftover after parsing attributes in process `syz.5.6673'.
[ 1040.861125][T25229] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6678'.
[ 1040.861651][T25229] netlink: 25 bytes leftover after parsing attributes in process `syz.0.6678'.
[ 1041.751641][T25248] netlink: 'syz.1.6681': attribute type 27 has an invalid length.
[ 1041.829247][T25248] netlink: 'syz.1.6681': attribute type 28 has an invalid length.
[ 1041.890449][T25248] netlink: 'syz.1.6681': attribute type 29 has an invalid length.
[ 1041.973883][T25248] netlink: 'syz.1.6681': attribute type 30 has an invalid length.
[ 1042.068050][T25248] netlink: 'syz.1.6681': attribute type 31 has an invalid length.
[ 1042.118055][T25248] netlink: 'syz.1.6681': attribute type 32 has an invalid length.
[ 1042.180828][T25248] netlink: 'syz.1.6681': attribute type 33 has an invalid length.
[ 1042.226285][T25251] smpboot: Booting Node 0 Processor 1 APIC 0x1
[ 1042.266983][T25248] netlink: 'syz.1.6681': attribute type 35 has an invalid length.
[ 1042.470758][T25248] netlink: 'syz.1.6681': attribute type 37 has an invalid length.
[ 1042.544756][T25251] MDS CPU bug present and SMT on, data leak possible. See https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/mds.html for more details.
[ 1042.563546][T25251] TAA CPU bug present and SMT on, data leak possible. See https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/tsx_async_abort.html for more details.
[ 1042.578143][T25248] netlink: 'syz.1.6681': attribute type 39 has an invalid length.
[ 1042.625176][T25251] MMIO Stale Data CPU bug present and SMT on, data leak possible. See https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/processor_mmio_stale_data.html for more details.
[ 1042.664603][T25248] netlink: 14 bytes leftover after parsing attributes in process `syz.1.6681'.
[ 1045.393242][T25302] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6696'.
[ 1045.433719][T25302] netlink: 13 bytes leftover after parsing attributes in process `syz.0.6696'.
[ 1048.122254][T25341] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6707'.
[ 1048.177478][T25346] validate_nla: 2 callbacks suppressed
[ 1048.177501][T25346] netlink: 'syz.5.6707': attribute type 1 has an invalid length.
[ 1048.251292][T25346] netlink: 13 bytes leftover after parsing attributes in process `syz.5.6707'.
[ 1049.973697][T25367] FAULT_INJECTION: forcing a failure.
[ 1049.973697][T25367] name failslab, interval 1, probability 393216, space 0, times 0
[ 1050.038469][T25367] CPU: 0 UID: 0 PID: 25367 Comm: syz.0.6723 Tainted: G     U  W    L XTNJ syzkaller #0 PREEMPT(full) 
[ 1050.038534][T25367] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL
[ 1050.038552][T25367] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1050.038570][T25367] Call Trace:
[ 1050.038580][T25367]  <TASK>
[ 1050.038592][T25367]  dump_stack_lvl+0x100/0x190
[ 1050.038641][T25367]  should_fail_ex.cold+0x5/0xa
[ 1050.038675][T25367]  should_failslab+0xc2/0x120
[ 1050.038717][T25367]  __kmalloc_cache_noprof+0x7a/0x6f0
[ 1050.038749][T25367]  ? tbl_mask_cache_alloc+0x82/0x230
[ 1050.038796][T25367]  tbl_mask_cache_alloc+0x82/0x230
[ 1050.038837][T25367]  ovs_flow_tbl_masks_cache_resize+0xf4/0x240
[ 1050.038885][T25367]  ovs_dp_change+0x48f/0x6f0
[ 1050.038930][T25367]  ovs_dp_cmd_new+0x5b8/0xdf0
[ 1050.038981][T25367]  ? __pfx_ovs_dp_cmd_new+0x10/0x10
[ 1050.039032][T25367]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x290
[ 1050.039072][T25367]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1b4/0x290
[ 1050.039119][T25367]  genl_family_rcv_msg_doit+0x214/0x300
[ 1050.039169][T25367]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1050.039208][T25367]  ? genl_get_cmd+0x3ef/0x720
[ 1050.039254][T25367]  ? bpf_lsm_capable+0x9/0x10
[ 1050.039298][T25367]  ? security_capable+0x80/0x260
[ 1050.039341][T25367]  ? ns_capable+0xd2/0xf0
[ 1050.039388][T25367]  genl_rcv_msg+0x560/0x800
[ 1050.039429][T25367]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1050.039467][T25367]  ? __pfx_ovs_dp_cmd_new+0x10/0x10
[ 1050.039522][T25367]  netlink_rcv_skb+0x159/0x420
[ 1050.039555][T25367]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1050.039594][T25367]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1050.039644][T25367]  ? netlink_deliver_tap+0x1ae/0xcc0
[ 1050.039686][T25367]  genl_rcv+0x28/0x40
[ 1050.039718][T25367]  netlink_unicast+0x5aa/0x870
[ 1050.039758][T25367]  ? __pfx_netlink_unicast+0x10/0x10
[ 1050.039804][T25367]  netlink_sendmsg+0x8b0/0xda0
[ 1050.039843][T25367]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1050.039873][T25367]  ? __import_iovec+0x1d2/0x640
[ 1050.039906][T25367]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[ 1050.039951][T25367]  ____sys_sendmsg+0xa54/0xc30
[ 1050.039987][T25367]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1050.040031][T25367]  ? __pfx_futex_wake_mark+0x10/0x10
[ 1050.040071][T25367]  ___sys_sendmsg+0x190/0x1e0
[ 1050.040111][T25367]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1050.040200][T25367]  __sys_sendmsg+0x170/0x220
[ 1050.040232][T25367]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1050.040261][T25367]  ? __x64_sys_futex+0x34f/0x4d0
[ 1050.040314][T25367]  do_syscall_64+0x106/0xf80
[ 1050.040342][T25367]  ? clear_bhb_loop+0x40/0x90
[ 1050.040373][T25367]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1050.040398][T25367] RIP: 0033:0x7fa77579bf79
[ 1050.040420][T25367] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1050.040444][T25367] RSP: 002b:00007fa776671028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1050.040469][T25367] RAX: ffffffffffffffda RBX: 00007fa775a16090 RCX: 00007fa77579bf79
[ 1050.040487][T25367] RDX: 0000000000000080 RSI: 0000200000000140 RDI: 0000000000000006
[ 1050.040505][T25367] RBP: 00007fa7758327e0 R08: 0000000000000000 R09: 0000000000000000
[ 1050.040521][T25367] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1050.040537][T25367] R13: 00007fa775a16128 R14: 00007fa775a16090 R15: 00007ffe90f756c8
[ 1050.040575][T25367]  </TASK>
[ 1051.892484][T25383] BUG: unable to handle page fault for address: fffff520008fd214
[ 1051.892507][T25383] #PF: supervisor read access in kernel mode
[ 1051.892524][T25383] #PF: error_code(0x0000) - not-present page
[ 1051.892540][T25383] PGD 23fff5067 P4D 23fff5067 PUD 1c6b6067 PMD 25cb0067 PTE 0
[ 1051.892588][T25383] Oops: Oops: 0000 [#1] SMP KASAN PTI
[ 1051.892618][T25383] CPU: 1 UID: 0 PID: 25383 Comm: syz.0.6719 Tainted: G     U  W    L XTNJ syzkaller #0 PREEMPT(full) 
[ 1051.892670][T25383] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL
[ 1051.892685][T25383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1051.892703][T25383] RIP: 0010:sys_imageblit+0x16c1/0x1d60
[ 1051.892756][T25383] Code: 7c cd 00 48 89 fe 48 c1 ee 03 80 3c 1e 00 0f 85 aa 05 00 00 4d 63 f6 48 8b 8c cc 88 00 00 00 4f 8d 34 f7 4c 89 f6 48 c1 ee 03 <80> 3c 1e 00 0f 85 1b 03 00 00 49 89 0e 41 89 c6 8d 4d fd 41 c1 ee
[ 1051.892787][T25383] RSP: 0018:ffffc90004327528 EFLAGS: 00010a06
[ 1051.892813][T25383] RAX: 0000000000000000 RBX: dffffc0000000000 RCX: 0000400000004000
[ 1051.892833][T25383] RDX: 0000000000000000 RSI: 1ffff920008fd214 RDI: ffffc900043275b0
[ 1051.892853][T25383] RBP: 0000000000000004 R08: 0000000000000005 R09: 0000000000000003
[ 1051.892871][T25383] R10: 0000000000000004 R11: 0000000000000000 R12: ffff88802675c2c1
[ 1051.892890][T25383] R13: ffffc900043275b0 R14: ffffc900047e90a0 R15: ffffc900047e90a0
[ 1051.892911][T25383] FS:  00007fa7766926c0(0000) GS:ffff88812445f000(0000) knlGS:0000000000000000
[ 1051.892937][T25383] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1051.892954][T25383] CR2: fffff520008fd214 CR3: 0000000051ad4000 CR4: 00000000003526f0
[ 1051.892972][T25383] Call Trace:
[ 1051.892980][T25383]  <TASK>
[ 1051.892993][T25383]  ? _prb_read_valid+0x72a/0x880
[ 1051.893032][T25383]  ? __pfx_sys_imageblit+0x10/0x10
[ 1051.893070][T25383]  ? __pfx__prb_read_valid+0x10/0x10
[ 1051.893104][T25383]  ? __asan_memcpy+0x3c/0x60
[ 1051.893139][T25383]  drm_fbdev_shmem_defio_imageblit+0x20/0x130
[ 1051.893183][T25383]  soft_cursor+0x524/0xa10
[ 1051.893214][T25383]  ? fb_get_color_depth+0x120/0x250
[ 1051.893259][T25383]  bit_cursor+0xe58/0x16f0
[ 1051.893291][T25383]  ? __pfx_bit_cursor+0x10/0x10
[ 1051.893325][T25383]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1051.893368][T25383]  ? get_color+0x1da/0x450
[ 1051.893407][T25383]  ? __pfx_bit_cursor+0x10/0x10
[ 1051.893434][T25383]  fbcon_cursor+0x43c/0x5e0
[ 1051.893478][T25383]  hide_cursor+0x87/0x230
[ 1051.893508][T25383]  do_con_write+0x2403/0x8550
[ 1051.893546][T25383]  ? rcu_is_watching+0x12/0xc0
[ 1051.893585][T25383]  ? trace_contention_end+0x140/0x180
[ 1051.893636][T25383]  ? __mutex_lock+0x26a/0x1b90
[ 1051.893670][T25383]  ? find_held_lock+0x2b/0x80
[ 1051.893715][T25383]  ? n_tty_write+0x512/0x12d0
[ 1051.893756][T25383]  ? n_tty_write+0x47e/0x12d0
[ 1051.893799][T25383]  ? __pfx_do_con_write+0x10/0x10
[ 1051.893835][T25383]  ? __pfx___mutex_lock+0x10/0x10
[ 1051.893868][T25383]  ? __mutex_unlock_slowpath+0x15c/0x790
[ 1051.893901][T25383]  ? __pfx_console_unlock+0x10/0x10
[ 1051.893942][T25383]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1051.893977][T25383]  con_write+0x23/0xb0
[ 1051.894012][T25383]  do_output_char+0x63b/0x850
[ 1051.894052][T25383]  n_tty_write+0x528/0x12d0
[ 1051.894099][T25383]  ? __pfx_n_tty_write+0x10/0x10
[ 1051.894141][T25383]  ? __pfx_woken_wake_function+0x10/0x10
[ 1051.894181][T25383]  ? __pfx___might_resched+0x10/0x10
[ 1051.894219][T25383]  ? __pfx_n_tty_write+0x10/0x10
[ 1051.894261][T25383]  file_tty_write.isra.0+0x4d2/0x890
[ 1051.894300][T25383]  redirected_tty_write+0xd4/0x120
[ 1051.894336][T25383]  vfs_write+0x6ac/0x1070
[ 1051.894374][T25383]  ? __pfx_redirected_tty_write+0x10/0x10
[ 1051.894412][T25383]  ? __pfx_vfs_write+0x10/0x10
[ 1051.894449][T25383]  ? find_held_lock+0x2b/0x80
[ 1051.894501][T25383]  ksys_write+0x12a/0x250
[ 1051.894538][T25383]  ? __pfx_ksys_write+0x10/0x10
[ 1051.894580][T25383]  do_syscall_64+0x106/0xf80
[ 1051.894609][T25383]  ? clear_bhb_loop+0x40/0x90
[ 1051.894642][T25383]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1051.894672][T25383] RIP: 0033:0x7fa77579bf79
[ 1051.894695][T25383] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1051.894732][T25383] RSP: 002b:00007fa776692028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1051.894761][T25383] RAX: ffffffffffffffda RBX: 00007fa775a15fa0 RCX: 00007fa77579bf79
[ 1051.894780][T25383] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 0000000000000006
[ 1051.894798][T25383] RBP: 00007fa7758327e0 R08: 0000000000000000 R09: 0000000000000000
[ 1051.894814][T25383] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1051.894833][T25383] R13: 00007fa775a16038 R14: 00007fa775a15fa0 R15: 00007ffe90f756c8
[ 1051.894857][T25383]  </TASK>
[ 1051.894867][T25383] Modules linked in:
[ 1051.894883][T25383] CR2: fffff520008fd214
[ 1051.894917][T25383] ---[ end trace 0000000000000000 ]---
[ 1051.894935][T25383] RIP: 0010:sys_imageblit+0x16c1/0x1d60
[ 1051.894974][T25383] Code: 7c cd 00 48 89 fe 48 c1 ee 03 80 3c 1e 00 0f 85 aa 05 00 00 4d 63 f6 48 8b 8c cc 88 00 00 00 4f 8d 34 f7 4c 89 f6 48 c1 ee 03 <80> 3c 1e 00 0f 85 1b 03 00 00 49 89 0e 41 89 c6 8d 4d fd 41 c1 ee
[ 1051.895003][T25383] RSP: 0018:ffffc90004327528 EFLAGS: 00010a06
[ 1051.895027][T25383] RAX: 0000000000000000 RBX: dffffc0000000000 RCX: 0000400000004000
[ 1051.895047][T25383] RDX: 0000000000000000 RSI: 1ffff920008fd214 RDI: ffffc900043275b0
[ 1051.895066][T25383] RBP: 0000000000000004 R08: 0000000000000005 R09: 0000000000000003
[ 1051.895085][T25383] R10: 0000000000000004 R11: 0000000000000000 R12: ffff88802675c2c1
[ 1051.895104][T25383] R13: ffffc900043275b0 R14: ffffc900047e90a0 R15: ffffc900047e90a0
[ 1051.895124][T25383] FS:  00007fa7766926c0(0000) GS:ffff88812445f000(0000) knlGS:0000000000000000
[ 1051.895151][T25383] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1051.895172][T25383] CR2: fffff520008fd214 CR3: 0000000051ad4000 CR4: 00000000003526f0
[ 1051.895194][T25383] Kernel panic - not syncing: Fatal exception
[ 1051.895537][T25383] Kernel Offset: disabled