last executing test programs:

4m27.877324208s ago: executing program 2 (id=381):
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r1)
ioctl$auto_KVM_GET_MSRS(r0, 0x4008ae89, &(0x7f00000000c0)={0xdd, 0x0, [{0x400000b0, 0x400, 0x2}]})

4m27.465359126s ago: executing program 2 (id=383):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
bpf$auto(0x0, 0x0, 0x6f4)
arch_prctl$auto_ARCH_REQ_XCOMP_GUEST_PERM(0x1025, 0xfffffffffffffff7)
sendmmsg$auto(0xffffffffffffffff, 0x0, 0x8, 0xe4)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
socket(0x2, 0x2, 0x1)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
sendto$auto(0x3, 0x0, 0xffeb, 0xe, &(0x7f0000000100)=@in={0x2, 0x4e22, @multicast2}, 0x19)

4m27.385549759s ago: executing program 2 (id=384):
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
r0 = getpid()
process_vm_readv$auto(r0, 0x0, 0x1, 0x0, 0x6, 0x0)
migrate_pages$auto(0x0, 0xa, &(0x7f0000000100)=0x5, &(0x7f0000000140)=0x2)
move_pages$auto(0x0, 0x1002, 0x0, &(0x7f0000001140), 0x0, 0x2)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0xa, 0x1, 0x84)
setsockopt$auto(0x3, 0x10000000084, 0xa, 0x0, 0x20)

4m26.561558107s ago: executing program 2 (id=392):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2b, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xfffffffd}, 0x10001}, 0x5, 0x20000000)
setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd)
syz_genetlink_get_family_id$auto_tipcv2(0x0, r0)
write$auto(0x3, 0x0, 0x7fffffff)
sendmsg$auto_ETHTOOL_MSG_MODULE_FW_FLASH_ACT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0x0, 0x8, 0x70bd2a, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x11)

4m25.554937041s ago: executing program 2 (id=402):
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
r0 = socket(0x2, 0x3, 0x6)
lsm_list_modules$auto(0x0, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8643, 0x15e)
ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0)
rename$auto(&(0x7f0000000480)='./file0\x00', 0x0)

4m25.4244168s ago: executing program 2 (id=404):
socket(0x10, 0x2, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000229bd70090000004a0003000000000008"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
r0 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), 0xffffffffffffffff)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2000, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmsg$auto_BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r0, @ANYBLOB="8b632abd7000fedbdf250a"], 0x1c}, 0x1, 0x0, 0x0, 0x14}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="18"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

4m10.344044254s ago: executing program 32 (id=404):
socket(0x10, 0x2, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000229bd70090000004a0003000000000008"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
r0 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), 0xffffffffffffffff)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2000, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmsg$auto_BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r0, @ANYBLOB="8b632abd7000fedbdf250a"], 0x1c}, 0x1, 0x0, 0x0, 0x14}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="18"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

6.22607249s ago: executing program 0 (id=2068):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x0)
bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x7, 0x4, 0x200, 0x3, 0x8, 0xc, 0x2e, 0x0, 0x3}, 0x6f4)
pidfd_open$auto(0x1, 0x0)
socket(0x2, 0x3, 0x100)
sendmsg$auto_NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="d8010000", @ANYRES16, @ANYBLOB="01002dbd7000fcdbdf25010000000c0002000500000000000000c5000700c1007cf7c27c120e3984130834a73f9221887ac28e443c4a1a7da8d2ddcf2890cce5822826764f3f410e53f43f300d2e04700395778e7935c99f6a38f6f3e56e7d8a18d15791b3b4f9378d743a8f0cbbe1c604a782030626ead26826f4790233f19c29fbaf1da77e1b84522d05ca0f4237b24aead87b47d41805fa9967d02ad2deba1895652b8d630c30213ed8f72c1066f1bb9fb1b242d08a55d32398d8d3c635008f2c61049c8abf600a98d1d2d0b0027aecaf27d20b6ff4129883e111e1c858000000dc00090069fccb38f57447a8af8c40a03b92af7adc0c48af4308483b99aa587ed8711b4a79a383c263698842365af6807d1be1800fd492770983a6df345fb472e9fa41b667af43bc36d7063b6b93ab7661925e8d71452acd95b788c31a32ae903b96b9ed9a5e3542c625105e8f21a5b41ff3d17f8704581f4b8b75ae741d0fba8cab2e187c93eeea89f6cf6ab7cc496e0bd9759cc0b408bbe0c6eae2aa29c2d97d48a55fc0ff937c90173d61cf652f97cb301e4d7e3bac0026732e22eadd3a6c5ffa4faed6855a86814c920a650a61936305d2713db1c92a238e265c080001007f0e00000c0002"], 0x1d8}, 0x1, 0x0, 0x0, 0x40080}, 0x20040000)
sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01"], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x8000)
r0 = socket(0x10, 0x2, 0x4)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000011c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x4004)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

5.849711267s ago: executing program 4 (id=2070):
unshare$auto(0x40000080)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
set_mempolicy$auto(0x1, 0x0, 0x803)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
memfd_create$auto(0x0, 0xe)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
mmap$auto(0x0, 0x810006, 0xffb, 0x8000000008011, 0x3, 0x0)
msync$auto(0x0, 0xe0, 0x6)
madvise$auto(0x0, 0xfffffffffffefffd, 0x17)
pkey_free$auto(0xfffffffd)

5.066782661s ago: executing program 0 (id=2077):
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x5, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
open(0x0, 0x22240, 0x154)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0xb5f0, 0x7352, 0x39, 0x65f, 0x80000001, 0x7, 0x3, 0x2, 0x7, 0x7, 0x0, 0x4, 0xb4, 0x3, 0x9, 0x10003, 0x80, 0x8, 0x0, 0x7, 0x2000, 0x3, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, [0xc, 0x200000000000, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1]}, 0x1fe, 0x5)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
connect$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x7, @local}, 0x55)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="1100"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
r0 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x1f, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008)

4.202912798s ago: executing program 3 (id=2083):
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/mtdblock0\x00', 0x14fe02, 0x0)
openat$auto_hwsim_fops_rx_rssi_(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ieee80211/phy1/hwsim/rx_rssi\x00', 0x140, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0)
statx$auto(0x2, 0x0, 0x1000, 0x8, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, 0x0, 0x1541, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r0 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x1000, 0x0)
r1 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$auto_VHOST_SET_OWNER(r1, 0xaf01, 0x5)
ioctl$auto(r1, 0x4008af13, r0)

3.947367151s ago: executing program 3 (id=2085):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x55)
r0 = socket(0xa, 0x3, 0x87)
close_range$auto(0x2, 0xa, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_TIPC_NL_PEER_REMOVE(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x14, 0x0, 0x4, 0x70bd27, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x48891}, 0x20)
setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9)
syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), r1)
mq_notify$auto(0x5cf5, &(0x7f00000006c0)={@sival_ptr=0x0, @inferred=r0, 0x2, @_sigev_thread={0x0, 0x0}})

3.796783268s ago: executing program 0 (id=2086):
mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x9, 0xdf, 0x1000000eb1, 0x401, 0x8000)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000)
getsockname$auto(0xffffffffffffffff, &(0x7f0000000000)=@tipc=@nameseq={0x1e, 0x1, 0x2, {0x1, 0x0, 0x2}}, 0x0)
close_range$auto(0x2, 0xa, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1e, 0x4, 0x0)
r0 = socket(0x1e, 0x4, 0x0)
setsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x14)
setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0xc, 0x0, 0x13c, 0x0, 0x0, 0xd}, 0x5af}, 0x40, 0x100)

3.20910472s ago: executing program 1 (id=2089):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000140), r0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'wlan0\x00', <r2=>0x0})
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="2f212cbd7010ca705d845526cc0008000380", @ANYRES32=r2], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x8810)
close_range$auto(0x2, 0x8, 0x0)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/block/loop15/queue/atomic_write_boundary_bytes\x00', 0x141900, 0x0)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
capget$auto(0x0, 0xfffffffffffffffe)
capset$auto(0x0, &(0x7f0000000180)={0x1, 0x7, 0x6})
r4 = socket(0xa, 0x1, 0x84)
setsockopt$auto(r4, 0x0, 0x40, 0x0, 0x5f)
read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000040)=""/124, 0x7c)

2.977702454s ago: executing program 0 (id=2090):
r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/vm/compaction_proactiveness\x00', 0xc0781, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x28, 0x801, 0x0)
mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x8000000000000003, 0x8000)
io_uring_setup$auto(0x401, 0x0)
bind$auto(0x3, 0x0, 0x6a)
connect$auto(0x3, 0x0, 0x54)
getsockopt$auto(0xffffffffffffffff, 0x84, 0x1a, 0x0, 0x0)
connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2711}, 0x51)
shutdown$auto(0x200000003, 0x2)
write$auto_proc_sys_file_operations_proc_sysctl(r0, 0x0, 0x0)

2.804665381s ago: executing program 3 (id=2091):
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0x4)
socket(0x10, 0x3, 0x6)
socket(0x11, 0x80003, 0x300)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket(0x10, 0x2, 0x4)
r1 = socket(0x10, 0x3, 0x6)
r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB="f0020000", @ANYRES16=r2, @ANYBLOB="01002dbd7000fedbdf2505000000da0203800800c000e000000204002a000400110008002e00", @ANYRES32, @ANYBLOB="d152e64e22695352dd73864415aa8a78c65e6ab752fb4d469a47a092ae7d5061cdd9690cac4138553ecfbb1b32dd7c33b14cc842bc1e2a5da4203e64ceaa9db5223aa655b6313c011b3e73a75f1aa1f7b2ea43344b15bd494886e355cf6d92c8fe670a42bc677830013e9c4aa4fa30c3e6630bf0ed13206d5a18f6813c6fb03466112aedf5d67bb5b99fe96a6dcd279916b0bce029925b63c48d41ca8a76e46c6014100005800c00c50003000000000000000c02368008027a8087010c800800e800", @ANYRES32=r0, @ANYBLOB="0800fb00", @ANYRES32=r1], 0x2f0}, 0x1, 0x0, 0x0, 0x40000}, 0x50)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

2.728102245s ago: executing program 1 (id=2092):
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x400, 0x7}, 0x9, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
lstat$auto(0x0, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2, 0x4, 0x8000000a041000a, 0x40000402, 0x10000, 0x8, 0xffffffff80000000, 0xe0, 0x6, 0x240000100103})
sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4)
r0 = socket(0x10, 0x2, 0x6)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4004810}, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x0, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

2.352625842s ago: executing program 4 (id=2093):
mmap$auto(0x2, 0x400008, 0xdf, 0x9b72, 0x2, 0x10000000008000)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x787b, 0x7000000)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
msgctl$auto_IPC_STAT(0x0, 0x2, 0x0)
pread64$auto(0xffffffffffffffff, 0x0, 0x200000000003, 0x2f4a3a23)
ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/ip6_vti0/stable_secret\x00', 0x2, 0x0)
writev$auto(r0, &(0x7f0000000300)={&(0x7f0000000200), 0x200}, 0x3)

2.352017966s ago: executing program 1 (id=2101):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000)
getsockname$auto(0xffffffffffffffff, &(0x7f0000000000)=@tipc=@nameseq={0x1e, 0x1, 0x0, {0x0, 0x0, 0x2003}}, 0x0)
sysfs$auto(0x2, 0x1f, 0x0)
close_range$auto(0x2, 0xa, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1e, 0x4, 0x0)
r0 = socket(0x1e, 0x4, 0x0)
setsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x14)
setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x101d0, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

2.13573698s ago: executing program 3 (id=2094):
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
r1 = socket(0x10, 0x2, 0x4)
openat$auto_binder_ctl_fops_binderfs(0xffffffffffffff9c, &(0x7f0000000000), 0x82c00, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r2 = socket(0x10, 0x2, 0xc)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYRES8=r2, @ANYBLOB="18000000", @ANYRES8=r0], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x40000f0)
write$auto(r1, &(0x7f0000000000)='-\x00', 0x30)

2.109955393s ago: executing program 1 (id=2095):
r0 = socket(0x2a, 0x2, 0x1)
connect$auto(r0, &(0x7f00000000c0)=@qipcrtr={0x2a, 0xffffffff, 0xfffffffe}, 0x55)
ioctl$auto(0xffffffffffffffff, 0x8, 0x1)
bind$auto(0x3, 0x0, 0x6a)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r1 = socket(0xa, 0x801, 0x84)
setsockopt$auto(r1, 0x10000000084, 0x83, 0x0, 0x10)
io_uring_setup$auto(0x1, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0x40000000c07)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x11, 0x80003, 0x300)

1.809102718s ago: executing program 0 (id=2096):
mmap$auto(0x0, 0xe985, 0xdb, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x3, 0x4)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4000894}, 0x800)
bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_11={0x1, 0x6, 0x6, 0x7, 0x1bb080, 0x97, 0xff, r0}, 0x6f3)
sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d4000000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708003600", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c000180080003"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000)
rt_tgsigqueueinfo$auto(0x3, 0x96, 0x7, &(0x7f0000000180)={@siginfo_0_0={0x0, 0x9c2a, 0xffffffff, @_sigsys={0x0, 0x5d35, 0x6}}})
open(&(0x7f00000001c0)='./cgroup\x00', 0x0, 0x6f)
sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f0000000180)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYBLOB="010027bd"], 0x2c}, 0x1, 0x0, 0x0, 0x4801}, 0x8040)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

1.719510044s ago: executing program 3 (id=2097):
mmap$auto(0x0, 0x9, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
get_robust_list$auto(0x0, 0x0, 0x0)
lsm_list_modules$auto(0x0, 0x0, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
open(&(0x7f0000000100)='.\x00', 0x40000, 0x0)
clone$auto(0x100000020003b49, 0x80000000002, 0x0, 0x0, 0x4)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8000, 0x0)
io_uring_setup$auto(0x59, &(0x7f0000000080)={0x2, 0xd, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x6, 0x2}, {0x100, 0x1, 0x52, 0x2, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}})
landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x400, 0x7}, 0x9, 0x0)
landlock_add_rule$auto(r0, 0x1, 0x0, 0x0)

1.574597888s ago: executing program 1 (id=2098):
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x8000, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = open(&(0x7f0000000000)='./file0\x00', 0xa61c2, 0x84)
ioctl$auto_FS_IOC_GETFLAGS(r2, 0x80086601, 0x7fffffffbfffffff)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000e3d9)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
unshare$auto(0x40000080)
getsockopt$auto(r1, 0x1, 0x2, &(0x7f0000000040)='/dev/cec27\x00', 0x0)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio1/resetafter\x00', 0xa2382, 0x0)
sendfile$auto(r3, r3, 0x0, 0x1)

1.478054607s ago: executing program 3 (id=2099):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1e, 0x4, 0x0)
r0 = socket(0x1e, 0x4, 0x0)
syz_clone3(&(0x7f0000000100)={0x2000000, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58)
get_robust_list$auto(0x0, 0x0, 0x0)
setsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x14)
setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14)
recvmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x2, &(0x7f0000000140)={0x0, 0x4da}, 0x6, 0x0, 0x8, 0x7ff}, 0x1000}, 0xffffffff, 0x4, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

1.395275008s ago: executing program 0 (id=2100):
mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
close_range$auto(0xffffffffffffffff, 0x8, 0xfffffffc)
socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x9}, 0x3, 0x0)
ioctl$auto(0x3, 0x80108907, 0x38)
r0 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
statx$auto(r0, 0x0, 0x401006, 0x4015, 0x0)
setsockopt$auto(0x3, 0x1, 0x41, 0x0, 0x88)

1.263524638s ago: executing program 4 (id=2102):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x2002, 0x0)
r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48442, 0x0)
read$auto(r0, 0x0, 0x9a28)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r1, &(0x7f0000000140)={0x0, 0x7}, 0x3)
write$auto_snd_pcm_f_ops_pcm(0xffffffffffffffff, 0x0, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x182b02, 0x0)
sendfile$auto(r2, r2, 0x0, 0x3)
write$auto(0xca, &(0x7f0000000280)='\x04>V\x1b\x89\x0e\x82\xd5\x99\xb6\x00\xeb\xbc(ex\x8c6\x9aK\x13\xa9m\xa5\vL\x00\x00\x00\x00\x00o\x9eR_\x03\x82]\xdc\a\b\xda\xe2\xadi\xf0\xa6\x068\xdb\xb12k\r\xd7\fC\b\f\x9fA>\xb3/\x0f\xc3\f\xf3\x95-\xc9\xe2\x84+O\x922+\b\a\xf4S\xab\x9a8\xa8\xa2\xf6$^N\xb5.\xc5%m\xaeeP\xd7M\xe0\xfb\x86\xcd\xf9\x844\xa5H\xf9\xf2e\n\xc0\x11_T\x16*p\xcf\x7f\xc3\x94\xdb_\x9d\xe5\xd5\xc4\xf0\xc2<\xb0\xb4\xc9\xf2\xdd+\xe3\xb5)&[\x7f\xb2R\x11o8\xb6\xc0\x80?b\xa7\x03=E\x98\xd5\xa2Z\x8e-\xc2J\xaaM\xe10Dh\x143\x02V\xec\xce\x9cD\xff\x85=\x82g\xfe\xc8\xfa\xecK\xc1\x8c\x8cA\f\xfe', 0x80)
sendmmsg$auto(0x3, 0x0, 0x3, 0x0)

404.711091ms ago: executing program 4 (id=2103):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0\x00'})
close_range$auto(0x0, 0xffffffffffffffff, 0x2)
socket(0xa, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x801, 0x84)
r1 = socket(0x18, 0x5, 0x1)
connect$auto(r1, &(0x7f0000000000)=@in={0x2, 0x100}, 0x3a)
sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x24004141)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="1100000012"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000)
sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x1, 0x3}, 0xed7138c}, 0x7, 0x3f00)

258.672019ms ago: executing program 4 (id=2104):
mmap$auto(0x0, 0x2000c, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x155)
socket(0x2, 0x80802, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
connect$auto(0x3, 0x0, 0x55)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000)
sendmmsg$auto(0xffffffffffffffff, &(0x7f00000000c0)={{0x0, 0x6, 0x0, 0xa7, &(0x7f0000000040)='\'', 0x8001, 0x9}, 0x8}, 0x1, 0x9)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0xff, 0x0, 0x1, 0x3}, 0xed7138c}, 0xb, 0x0)
sendmsg$auto_L2TP_CMD_SESSION_GET(0xffffffffffffffff, 0x0, 0x24000004)

243.260302ms ago: executing program 1 (id=2105):
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
r0 = io_uring_setup$auto(0x5, 0x0)
close_range$auto(0x2, r0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2b, 0x1, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6d)
listen$auto(0x3, 0x81)
r1 = socket(0x2b, 0x1, 0x0)
sendmmsg$auto(r1, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x24, 0xfffffffd}, 0x10001}, 0x5, 0x20000000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101e81, 0x0)
poll$auto(&(0x7f0000000080)={0x3, 0x1, 0xa}, 0x5, 0x108)

0s ago: executing program 4 (id=2106):
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
sendmsg$auto_GTP_CMD_ECHOREQ(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="ddffff", @ANYRES16=0x0, @ANYBLOB="01002abd7000fbdbdf2503000000080001"], 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x40000d4)
sendmsg$auto_OVS_DP_CMD_DEL(0xffffffffffffffff, 0x0, 0x4001090)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000)
sendmmsg$auto(0xffffffffffffffff, 0x0, 0x7, 0x8)
socket(0xa, 0x801, 0x84)
readv$auto(0x3, 0x0, 0x9)
r0 = socket(0x10, 0x2, 0x0)
sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f0026bd7000fcdbdf9907"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="18000000", @ANYBLOB='V'], 0x1ac}}, 0x40000)
sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008)

kernel console output (not intermixed with test programs):

alk+0x6ef/0x9b0
[  225.369943][ T9317]  __mmap_region+0x492/0x29e0
[  225.369984][ T9317]  ? update_cfs_rq_load_avg+0x51/0x550
[  225.370016][ T9317]  ? __pfx___mmap_region+0x10/0x10
[  225.370064][ T9317]  ? set_next_entity+0x11b/0x9c0
[  225.370111][ T9317]  ? __lock_acquire+0x4a5/0x2630
[  225.370145][ T9317]  ? update_cfs_rq_load_avg+0x51/0x550
[  225.370189][ T9317]  ? lock_acquire+0x1cf/0x380
[  225.370221][ T9317]  ? find_held_lock+0x2b/0x80
[  225.370246][ T9317]  ? finish_task_switch.isra.0+0x200/0xb80
[  225.370276][ T9317]  ? finish_task_switch.isra.0+0x200/0xb80
[  225.370320][ T9317]  ? trace_sched_exit_tp+0x13a/0x180
[  225.370351][ T9317]  ? __schedule+0x1000/0x60e0
[  225.370427][ T9317]  ? rcu_is_watching+0x12/0xc0
[  225.370485][ T9317]  ? cap_capable+0x107/0x460
[  225.370528][ T9317]  mmap_region+0x180/0x3e0
[  225.370575][ T9317]  do_mmap+0xc63/0x12f0
[  225.370613][ T9317]  ? __pfx_do_mmap+0x10/0x10
[  225.370650][ T9317]  ? __pfx_down_write_killable+0x10/0x10
[  225.370695][ T9317]  vm_mmap_pgoff+0x29e/0x470
[  225.370733][ T9317]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  225.370767][ T9317]  ? do_futex+0x192/0x350
[  225.370803][ T9317]  ? __pfx_do_futex+0x10/0x10
[  225.370845][ T9317]  ksys_mmap_pgoff+0xe1/0x650
[  225.370874][ T9317]  ? __x64_sys_futex+0x34f/0x4d0
[  225.370906][ T9317]  ? __x64_sys_futex+0x358/0x4d0
[  225.370942][ T9317]  ? __pfx_ksys_mmap_pgoff+0x10/0x10
[  225.370972][ T9317]  ? xfd_validate_state+0x129/0x190
[  225.371018][ T9317]  __x64_sys_mmap+0x125/0x190
[  225.371062][ T9317]  do_syscall_64+0x106/0xf80
[  225.371093][ T9317]  ? clear_bhb_loop+0x40/0x90
[  225.371127][ T9317]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  225.371156][ T9317] RIP: 0033:0x7fa04019c799
[  225.371180][ T9317] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  225.371207][ T9317] RSP: 002b:00007fa041119028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  225.371233][ T9317] RAX: ffffffffffffffda RBX: 00007fa040415fa0 RCX: 00007fa04019c799
[  225.371257][ T9317] RDX: 00000000000000df RSI: 0000000000000005 RDI: 0000000000000000
[  225.371272][ T9317] RBP: 00007fa040232bd9 R08: 0000000000000002 R09: 0000000000008000
[  225.371288][ T9317] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000
[  225.371304][ T9317] R13: 00007fa040416038 R14: 00007fa040415fa0 R15: 00007ffe4d69e658
[  225.371339][ T9317]  </TASK>
[  226.098806][ T9330] netlink: 17 bytes leftover after parsing attributes in process `syz.4.1088'.
[  226.298852][ T9334] netlink: 326 bytes leftover after parsing attributes in process `syz.0.1090'.
[  226.521101][ T9345] FAULT_INJECTION: forcing a failure.
[  226.521101][ T9345] name failslab, interval 1, probability 0, space 0, times 0
[  226.555324][ T9345] CPU: 1 UID: 0 PID: 9345 Comm: syz.1.1092 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  226.555375][ T9345] Tainted: [L]=SOFTLOCKUP
[  226.555385][ T9345] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  226.555403][ T9345] Call Trace:
[  226.555412][ T9345]  <TASK>
[  226.555424][ T9345]  dump_stack_lvl+0x100/0x190
[  226.555473][ T9345]  should_fail_ex.cold+0x5/0xa
[  226.555507][ T9345]  ? ima_alloc_init_template+0x19d/0x6d0
[  226.555548][ T9345]  should_failslab+0xc2/0x120
[  226.555577][ T9345]  __kmalloc_noprof+0xe0/0x850
[  226.555620][ T9345]  ? take_dentry_name_snapshot+0x30b/0x7c0
[  226.555664][ T9345]  ima_alloc_init_template+0x19d/0x6d0
[  226.555707][ T9345]  ? take_dentry_name_snapshot+0x310/0x7c0
[  226.555756][ T9345]  ima_store_measurement+0x1e3/0x5b0
[  226.555802][ T9345]  ? __pfx_ima_store_measurement+0x10/0x10
[  226.555860][ T9345]  ? __pfx_ima_get_hash_algo+0x10/0x10
[  226.555904][ T9345]  process_measurement+0x19cc/0x2350
[  226.555953][ T9345]  ? stack_trace_save+0x8e/0xc0
[  226.555982][ T9345]  ? __pfx_process_measurement+0x10/0x10
[  226.556021][ T9345]  ? __lock_acquire+0x4a5/0x2630
[  226.556055][ T9345]  ? __kasan_slab_alloc+0x89/0x90
[  226.556080][ T9345]  ? kmem_cache_alloc_noprof+0x241/0x6e0
[  226.556121][ T9345]  ? init_file+0x95/0x480
[  226.556150][ T9345]  ? alloc_empty_file+0x73/0x1c0
[  226.556182][ T9345]  ? alloc_file_pseudo+0x13a/0x230
[  226.556216][ T9345]  ? ksys_mmap_pgoff+0x232/0x650
[  226.556242][ T9345]  ? __x64_sys_mmap+0x125/0x190
[  226.556281][ T9345]  ? do_syscall_64+0x106/0xf80
[  226.556356][ T9345]  ? __pfx_aa_file_perm+0x10/0x10
[  226.556400][ T9345]  ima_file_mmap+0x1c4/0x1f0
[  226.556439][ T9345]  ? __pfx_ima_file_mmap+0x10/0x10
[  226.556485][ T9345]  security_mmap_file+0x278/0x9b0
[  226.556517][ T9345]  vm_mmap_pgoff+0xec/0x470
[  226.556553][ T9345]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  226.556583][ T9345]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  226.556620][ T9345]  ? hugetlbfs_get_inode+0x36e/0x750
[  226.556662][ T9345]  ksys_mmap_pgoff+0x273/0x650
[  226.556693][ T9345]  ? __x64_sys_futex+0x358/0x4d0
[  226.556732][ T9345]  ? __pfx_ksys_mmap_pgoff+0x10/0x10
[  226.556759][ T9345]  ? xfd_validate_state+0x129/0x190
[  226.556800][ T9345]  __x64_sys_mmap+0x125/0x190
[  226.556842][ T9345]  do_syscall_64+0x106/0xf80
[  226.556895][ T9345]  ? clear_bhb_loop+0x40/0x90
[  226.556929][ T9345]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.556956][ T9345] RIP: 0033:0x7fa04019c799
[  226.556978][ T9345] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  226.557004][ T9345] RSP: 002b:00007fa0410d7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  226.557029][ T9345] RAX: ffffffffffffffda RBX: 00007fa040416180 RCX: 00007fa04019c799
[  226.557047][ T9345] RDX: 0000000000009c0f RSI: 000000000000000c RDI: 0000000000000000
[  226.557064][ T9345] RBP: 00007fa040232bd9 R08: ffffffffffffffff R09: 0000300000020000
[  226.557082][ T9345] R10: 0000000000044eb2 R11: 0000000000000246 R12: 0000000000000000
[  226.557097][ T9345] R13: 00007fa040416218 R14: 00007fa040416180 R15: 00007ffe4d69e658
[  226.557132][ T9345]  </TASK>
[  226.890568][   T30] audit: type=1804 audit(1772400932.647:4): pid=9345 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.1.1092" name="anon_hugepage" dev="hugetlbfs" ino=31002 res=0 errno=0
[  227.487592][ T9374] netlink: 'syz.4.1102': attribute type 7 has an invalid length.
[  227.501890][ T9374] netlink: 17 bytes leftover after parsing attributes in process `syz.4.1102'.
[  227.635189][ T9379] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1104'.
[  228.533098][ T9411] FAULT_INJECTION: forcing a failure.
[  228.533098][ T9411] name failslab, interval 1, probability 0, space 0, times 0
[  228.596125][ T9411] CPU: 0 UID: 0 PID: 9411 Comm: syz.0.1112 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  228.596170][ T9411] Tainted: [L]=SOFTLOCKUP
[  228.596181][ T9411] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  228.596198][ T9411] Call Trace:
[  228.596208][ T9411]  <TASK>
[  228.596215][ T9411]  dump_stack_lvl+0x100/0x190
[  228.596242][ T9411]  should_fail_ex.cold+0x5/0xa
[  228.596260][ T9411]  should_failslab+0xc2/0x120
[  228.596275][ T9411]  __kmalloc_cache_noprof+0x7a/0x6f0
[  228.596297][ T9411]  ? snd_seq_timer_new+0x44/0x1b0
[  228.596321][ T9411]  snd_seq_timer_new+0x44/0x1b0
[  228.596339][ T9411]  snd_seq_queue_alloc+0x177/0x590
[  228.596358][ T9411]  snd_seq_ioctl_create_queue+0xa9/0x370
[  228.596379][ T9411]  call_seq_client_ctl+0xa3/0x130
[  228.596400][ T9411]  snd_seq_kernel_client_ctl+0x77/0xd0
[  228.596421][ T9411]  alloc_seq_queue+0xdb/0x180
[  228.596441][ T9411]  ? __pfx_alloc_seq_queue+0x10/0x10
[  228.596472][ T9411]  ? mark_held_locks+0x40/0x70
[  228.596490][ T9411]  ? _raw_spin_unlock_irq+0x23/0x50
[  228.596506][ T9411]  ? lockdep_hardirqs_on+0x78/0x100
[  228.596524][ T9411]  snd_seq_oss_open+0x2b2/0xa10
[  228.596556][ T9411]  odev_open+0x79/0xc0
[  228.596575][ T9411]  ? __pfx_odev_open+0x10/0x10
[  228.596595][ T9411]  soundcore_open+0x2e3/0x5a0
[  228.596618][ T9411]  ? __pfx_soundcore_open+0x10/0x10
[  228.596638][ T9411]  chrdev_open+0x234/0x6a0
[  228.596652][ T9411]  ? __pfx_apparmor_file_open+0x10/0x10
[  228.596673][ T9411]  ? __pfx_chrdev_open+0x10/0x10
[  228.596689][ T9411]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  228.596708][ T9411]  do_dentry_open+0x6d8/0x1660
[  228.596733][ T9411]  ? __pfx_chrdev_open+0x10/0x10
[  228.596767][ T9411]  vfs_open+0x82/0x3f0
[  228.596805][ T9411]  path_openat+0x208c/0x31a0
[  228.596846][ T9411]  ? __pfx_path_openat+0x10/0x10
[  228.596888][ T9411]  do_file_open+0x20e/0x430
[  228.596919][ T9411]  ? __pfx_do_file_open+0x10/0x10
[  228.596967][ T9411]  ? alloc_fd+0x476/0x790
[  228.596984][ T9411]  ? do_getname+0x191/0x390
[  228.597003][ T9411]  do_sys_openat2+0x10d/0x1e0
[  228.597022][ T9411]  ? __pfx_do_sys_openat2+0x10/0x10
[  228.597042][ T9411]  ? __fget_files+0x21f/0x3d0
[  228.597059][ T9411]  __x64_sys_openat+0x12d/0x210
[  228.597078][ T9411]  ? __pfx___x64_sys_openat+0x10/0x10
[  228.597105][ T9411]  do_syscall_64+0x106/0xf80
[  228.597121][ T9411]  ? clear_bhb_loop+0x40/0x90
[  228.597143][ T9411]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  228.597170][ T9411] RIP: 0033:0x7f88f439c799
[  228.597193][ T9411] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  228.597220][ T9411] RSP: 002b:00007f88f51b5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  228.597246][ T9411] RAX: ffffffffffffffda RBX: 00007f88f4615fa0 RCX: 00007f88f439c799
[  228.597264][ T9411] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  228.597280][ T9411] RBP: 00007f88f4432bd9 R08: 0000000000000000 R09: 0000000000000000
[  228.597296][ T9411] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  228.597313][ T9411] R13: 00007f88f4616038 R14: 00007f88f4615fa0 R15: 00007ffc69ca2028
[  228.597351][ T9411]  </TASK>
[  229.621509][ T9415] netlink: 25 bytes leftover after parsing attributes in process `syz.0.1113'.
[  230.987908][ T9444] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1128'.
[  231.037237][ T9444] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1128'.
[  231.068625][ T9444] netlink: 170 bytes leftover after parsing attributes in process `syz.0.1128'.
[  231.582322][ T9466] FAULT_INJECTION: forcing a failure.
[  231.582322][ T9466] name failslab, interval 1, probability 0, space 0, times 0
[  231.611304][ T9466] CPU: 0 UID: 0 PID: 9466 Comm: syz.4.1137 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  231.611352][ T9466] Tainted: [L]=SOFTLOCKUP
[  231.611364][ T9466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  231.611380][ T9466] Call Trace:
[  231.611390][ T9466]  <TASK>
[  231.611400][ T9466]  dump_stack_lvl+0x100/0x190
[  231.611449][ T9466]  should_fail_ex.cold+0x5/0xa
[  231.611483][ T9466]  should_failslab+0xc2/0x120
[  231.611512][ T9466]  __kmalloc_cache_noprof+0x7a/0x6f0
[  231.611548][ T9466]  ? sctp_add_bind_addr+0xae/0x3e0
[  231.611578][ T9466]  ? __sctp_v6_cmp_addr+0x206/0x530
[  231.611620][ T9466]  sctp_add_bind_addr+0xae/0x3e0
[  231.611655][ T9466]  sctp_copy_local_addr_list+0x349/0x550
[  231.611694][ T9466]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  231.611733][ T9466]  ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360
[  231.611770][ T9466]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  231.611819][ T9466]  sctp_bind_addr_copy+0xe0/0x530
[  231.611858][ T9466]  sctp_connect_new_asoc+0x1c9/0x770
[  231.611901][ T9466]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  231.611945][ T9466]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  231.611997][ T9466]  __sctp_connect+0x3e7/0xc70
[  231.612054][ T9466]  ? __pfx___sctp_connect+0x10/0x10
[  231.612099][ T9466]  ? __pfx_sctp_inet_connect+0x10/0x10
[  231.612142][ T9466]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  231.612191][ T9466]  ? __pfx_sctp_inet_connect+0x10/0x10
[  231.612230][ T9466]  sctp_inet_connect+0x15f/0x220
[  231.612273][ T9466]  __sys_connect_file+0x141/0x1a0
[  231.612306][ T9466]  __sys_connect+0x141/0x170
[  231.612335][ T9466]  ? __pfx___sys_connect+0x10/0x10
[  231.612389][ T9466]  __x64_sys_connect+0x72/0xb0
[  231.612416][ T9466]  ? lockdep_hardirqs_on+0x78/0x100
[  231.612450][ T9466]  do_syscall_64+0x106/0xf80
[  231.612480][ T9466]  ? clear_bhb_loop+0x40/0x90
[  231.612515][ T9466]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  231.612544][ T9466] RIP: 0033:0x7f1399d9c799
[  231.612567][ T9466] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  231.612595][ T9466] RSP: 002b:00007f139ad2f028 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  231.612623][ T9466] RAX: ffffffffffffffda RBX: 00007f139a015fa0 RCX: 00007f1399d9c799
[  231.612641][ T9466] RDX: 0000000000000054 RSI: 0000200000000080 RDI: 0000000000000003
[  231.612659][ T9466] RBP: 00007f1399e32bd9 R08: 0000000000000000 R09: 0000000000000000
[  231.612676][ T9466] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  231.612693][ T9466] R13: 00007f139a016038 R14: 00007f139a015fa0 R15: 00007ffe64f4f168
[  231.612731][ T9466]  </TASK>
[  234.068760][ T9510] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1150'.
[  234.093865][ T9505] FAULT_INJECTION: forcing a failure.
[  234.093865][ T9505] name failslab, interval 1, probability 0, space 0, times 0
[  234.119036][ T9505] CPU: 1 UID: 0 PID: 9505 Comm: syz.1.1149 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  234.119077][ T9505] Tainted: [L]=SOFTLOCKUP
[  234.119086][ T9505] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  234.119101][ T9505] Call Trace:
[  234.119110][ T9505]  <TASK>
[  234.119121][ T9505]  dump_stack_lvl+0x100/0x190
[  234.119167][ T9505]  should_fail_ex.cold+0x5/0xa
[  234.119200][ T9505]  should_failslab+0xc2/0x120
[  234.119229][ T9505]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  234.119268][ T9505]  ? anon_vma_clone+0x2bd/0xc70
[  234.119308][ T9505]  anon_vma_clone+0x2bd/0xc70
[  234.119350][ T9505]  __split_vma+0x51f/0xd90
[  234.119398][ T9505]  ? __pfx___split_vma+0x10/0x10
[  234.119454][ T9505]  ? __pfx_mas_prev+0x10/0x10
[  234.119488][ T9505]  ? __mm_populate+0x107/0x3a0
[  234.119527][ T9505]  vms_gather_munmap_vmas+0x39f/0x1500
[  234.119574][ T9505]  ? __pfx_vms_gather_munmap_vmas+0x10/0x10
[  234.119617][ T9505]  ? mas_walk+0x6ef/0x9b0
[  234.119658][ T9505]  __mmap_region+0x492/0x29e0
[  234.119697][ T9505]  ? update_cfs_rq_load_avg+0x51/0x550
[  234.119728][ T9505]  ? __pfx___mmap_region+0x10/0x10
[  234.119776][ T9505]  ? set_next_entity+0x11b/0x9c0
[  234.119822][ T9505]  ? __lock_acquire+0x4a5/0x2630
[  234.119855][ T9505]  ? place_entity+0x2fa/0x400
[  234.119902][ T9505]  ? lock_acquire+0x1cf/0x380
[  234.119934][ T9505]  ? find_held_lock+0x2b/0x80
[  234.119965][ T9505]  ? finish_task_switch.isra.0+0x200/0xb80
[  234.119994][ T9505]  ? finish_task_switch.isra.0+0x200/0xb80
[  234.120038][ T9505]  ? trace_sched_exit_tp+0x13a/0x180
[  234.120071][ T9505]  ? __schedule+0x1000/0x60e0
[  234.120139][ T9505]  ? rcu_is_watching+0x12/0xc0
[  234.120177][ T9505]  ? cap_capable+0x107/0x460
[  234.120216][ T9505]  mmap_region+0x180/0x3e0
[  234.120256][ T9505]  do_mmap+0xc63/0x12f0
[  234.120288][ T9505]  ? __pfx_do_mmap+0x10/0x10
[  234.120317][ T9505]  ? __pfx_down_write_killable+0x10/0x10
[  234.120360][ T9505]  vm_mmap_pgoff+0x29e/0x470
[  234.120399][ T9505]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  234.120432][ T9505]  ? do_futex+0x192/0x350
[  234.120470][ T9505]  ? __pfx_do_futex+0x10/0x10
[  234.120512][ T9505]  ksys_mmap_pgoff+0xe1/0x650
[  234.120541][ T9505]  ? __x64_sys_futex+0x34f/0x4d0
[  234.120576][ T9505]  ? __x64_sys_futex+0x358/0x4d0
[  234.120613][ T9505]  ? __pfx_ksys_mmap_pgoff+0x10/0x10
[  234.120643][ T9505]  ? xfd_validate_state+0x129/0x190
[  234.120691][ T9505]  __x64_sys_mmap+0x125/0x190
[  234.120733][ T9505]  do_syscall_64+0x106/0xf80
[  234.120765][ T9505]  ? clear_bhb_loop+0x40/0x90
[  234.120801][ T9505]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  234.120830][ T9505] RIP: 0033:0x7fa04019c799
[  234.120854][ T9505] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  234.120881][ T9505] RSP: 002b:00007fa041119028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  234.120908][ T9505] RAX: ffffffffffffffda RBX: 00007fa040415fa0 RCX: 00007fa04019c799
[  234.120928][ T9505] RDX: 00000000000000df RSI: 0000000000000005 RDI: 0000000000000000
[  234.120945][ T9505] RBP: 00007fa040232bd9 R08: 0000000000000002 R09: 0000000000008000
[  234.120971][ T9505] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000
[  234.120989][ T9505] R13: 00007fa040416038 R14: 00007fa040415fa0 R15: 00007ffe4d69e658
[  234.121028][ T9505]  </TASK>
[  235.990453][ T9546] netlink: 93 bytes leftover after parsing attributes in process `syz.0.1164'.
[  236.040718][ T9545] netlink: 93 bytes leftover after parsing attributes in process `syz.0.1164'.
[  237.093051][ T9574] FAULT_INJECTION: forcing a failure.
[  237.093051][ T9574] name failslab, interval 1, probability 0, space 0, times 0
[  237.106135][ T9574] CPU: 1 UID: 0 PID: 9574 Comm: syz.1.1175 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  237.106175][ T9574] Tainted: [L]=SOFTLOCKUP
[  237.106185][ T9574] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  237.106201][ T9574] Call Trace:
[  237.106211][ T9574]  <TASK>
[  237.106222][ T9574]  dump_stack_lvl+0x100/0x190
[  237.106254][ T9574]  should_fail_ex.cold+0x5/0xa
[  237.106273][ T9574]  should_failslab+0xc2/0x120
[  237.106288][ T9574]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  237.106310][ T9574]  ? dst_alloc+0x99/0x1a0
[  237.106326][ T9574]  ? __pfx_ip6_dst_gc+0x10/0x10
[  237.106342][ T9574]  dst_alloc+0x99/0x1a0
[  237.106358][ T9574]  ip6_rt_cache_alloc+0x1ea/0x8e0
[  237.106379][ T9574]  ? __pfx_ip6_rt_cache_alloc+0x10/0x10
[  237.106406][ T9574]  ip6_pol_route+0xd59/0x1230
[  237.106429][ T9574]  ? __pfx_ip6_pol_route+0x10/0x10
[  237.106452][ T9574]  ? find_held_lock+0x2b/0x80
[  237.106468][ T9574]  ? bpf_ksym_find+0x124/0x1c0
[  237.106488][ T9574]  ? __pfx_ip6_pol_route_output+0x10/0x10
[  237.106508][ T9574]  fib6_rule_lookup+0x24c/0x720
[  237.106527][ T9574]  ? __kernel_text_address+0xd/0x30
[  237.106547][ T9574]  ? unwind_get_return_address+0x59/0xa0
[  237.106563][ T9574]  ? __pfx_fib6_rule_lookup+0x10/0x10
[  237.106589][ T9574]  ? __pfx_rt6_probe+0x10/0x10
[  237.106606][ T9574]  ? stack_trace_save+0x8e/0xc0
[  237.106619][ T9574]  ? rt6_score_route+0x14a/0xa60
[  237.106641][ T9574]  ip6_route_output_flags+0x1d0/0x650
[  237.106671][ T9574]  ip6_dst_lookup_tail.constprop.0+0x116/0x2110
[  237.106696][ T9574]  ? __pfx___find_rr_leaf+0x10/0x10
[  237.106724][ T9574]  ? __pfx___find_rr_leaf+0x10/0x10
[  237.106761][ T9574]  ? __pfx_ip6_dst_lookup_tail.constprop.0+0x10/0x10
[  237.106797][ T9574]  ? __pfx_ip6_compressed_string+0x10/0x10
[  237.106841][ T9574]  ? __lock_acquire+0x4a5/0x2630
[  237.106873][ T9574]  ? rcu_is_watching+0x12/0xc0
[  237.106918][ T9574]  ip6_dst_lookup_flow+0x99/0x1d0
[  237.106954][ T9574]  ? __pfx_ip6_dst_lookup_flow+0x10/0x10
[  237.106989][ T9574]  ? find_held_lock+0x2b/0x80
[  237.107012][ T9574]  ? rawv6_sendmsg+0xb3c/0x4750
[  237.107044][ T9574]  ? rawv6_sendmsg+0xb3c/0x4750
[  237.107086][ T9574]  rawv6_sendmsg+0xe61/0x4750
[  237.107123][ T9574]  ? aa_profile_af_perm+0x2e1/0x3a0
[  237.107173][ T9574]  ? __pfx_rawv6_sendmsg+0x10/0x10
[  237.107255][ T9574]  ? __import_iovec+0x1d2/0x640
[  237.107286][ T9574]  ? __pfx_rawv6_sendmsg+0x10/0x10
[  237.107323][ T9574]  ? inet_sendmsg+0x11c/0x140
[  237.107360][ T9574]  inet_sendmsg+0x11c/0x140
[  237.107403][ T9574]  ____sys_sendmsg+0x9ad/0xc30
[  237.107446][ T9574]  ? __pfx_____sys_sendmsg+0x10/0x10
[  237.107492][ T9574]  ? futex_unqueue+0x133/0x2c0
[  237.107536][ T9574]  ___sys_sendmsg+0x190/0x1e0
[  237.107580][ T9574]  ? __pfx____sys_sendmsg+0x10/0x10
[  237.107622][ T9574]  ? __pfx___futex_wait+0x10/0x10
[  237.107668][ T9574]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  237.107717][ T9574]  ? find_held_lock+0x2b/0x80
[  237.107767][ T9574]  __sys_sendmmsg+0x205/0x430
[  237.107806][ T9574]  ? __pfx___sys_sendmmsg+0x10/0x10
[  237.107851][ T9574]  ? __pfx_do_futex+0x10/0x10
[  237.107904][ T9574]  ? xfd_validate_state+0x129/0x190
[  237.107949][ T9574]  __x64_sys_sendmmsg+0x9c/0x100
[  237.107978][ T9574]  ? lockdep_hardirqs_on+0x78/0x100
[  237.108009][ T9574]  do_syscall_64+0x106/0xf80
[  237.108037][ T9574]  ? clear_bhb_loop+0x40/0x90
[  237.108068][ T9574]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  237.108096][ T9574] RIP: 0033:0x7fa04019c799
[  237.108118][ T9574] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  237.108133][ T9574] RSP: 002b:00007fa041119028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  237.108149][ T9574] RAX: ffffffffffffffda RBX: 00007fa040415fa0 RCX: 00007fa04019c799
[  237.108159][ T9574] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003
[  237.108168][ T9574] RBP: 00007fa040232bd9 R08: 0000000000000000 R09: 0000000000000000
[  237.108177][ T9574] R10: 0000000007fffffe R11: 0000000000000246 R12: 0000000000000000
[  237.108186][ T9574] R13: 00007fa040416038 R14: 00007fa040415fa0 R15: 00007ffe4d69e658
[  237.108207][ T9574]  </TASK>
[  237.512707][  T293] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 1002 with max blocks 2 with error 117
[  237.525652][  T293] EXT4-fs (sda1): This should not happen!! Data will be lost
[  237.525652][  T293] 
[  238.720982][ T9613] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1188'.
[  238.732288][ T9613] veth0_vlan: entered allmulticast mode
[  238.982462][ T9619] netdevsim netdevsim0 netdevsim0: entered allmulticast mode
[  239.558897][ T9633] netlink: 'syz.1.1196': attribute type 2 has an invalid length.
[  239.575936][   T30] audit: type=1326 audit(1772419289.331:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9632 comm="syz.1.1196" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa04019c799 code=0x0
[  239.924931][ T9650] FAULT_INJECTION: forcing a failure.
[  239.924931][ T9650] name failslab, interval 1, probability 0, space 0, times 0
[  239.939995][ T9650] CPU: 1 UID: 8 PID: 9650 Comm: syz.4.1204 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  239.940075][ T9650] Tainted: [L]=SOFTLOCKUP
[  239.940089][ T9650] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  239.940104][ T9650] Call Trace:
[  239.940112][ T9650]  <TASK>
[  239.940124][ T9650]  dump_stack_lvl+0x100/0x190
[  239.940169][ T9650]  should_fail_ex.cold+0x5/0xa
[  239.940212][ T9650]  should_failslab+0xc2/0x120
[  239.940249][ T9650]  __kmalloc_node_track_caller_noprof+0xe3/0x850
[  239.940297][ T9650]  ? key_alloc+0x423/0x1310
[  239.940322][ T9650]  ? kmem_cache_alloc_noprof+0x292/0x6e0
[  239.940367][ T9650]  kmemdup_noprof+0x29/0x60
[  239.940420][ T9650]  key_alloc+0x423/0x1310
[  239.940462][ T9650]  ? __pfx_key_alloc+0x10/0x10
[  239.940488][ T9650]  ? __pfx_key_default_cmp+0x10/0x10
[  239.940522][ T9650]  ? __pfx_keyring_search_iterator+0x10/0x10
[  239.940561][ T9650]  keyring_alloc+0x44/0xc0
[  239.940595][ T9650]  look_up_user_keyrings+0x465/0x790
[  239.940643][ T9650]  ? __pfx_look_up_user_keyrings+0x10/0x10
[  239.940680][ T9650]  ? futex_wait+0x125/0x380
[  239.940735][ T9650]  ? __pfx_futex_wait+0x10/0x10
[  239.940786][ T9650]  lookup_user_key+0xbb1/0x1300
[  239.940839][ T9650]  ? __pfx_lookup_user_key+0x10/0x10
[  239.940893][ T9650]  ? __pfx_lookup_user_key_possessed+0x10/0x10
[  239.940942][ T9650]  ? __x64_sys_futex+0x34f/0x4d0
[  239.940975][ T9650]  ? __x64_sys_futex+0x358/0x4d0
[  239.941019][ T9650]  keyctl_session_to_parent+0x28/0xae0
[  239.941065][ T9650]  __do_sys_keyctl+0x2b1/0x5a0
[  239.941104][ T9650]  do_syscall_64+0x106/0xf80
[  239.941135][ T9650]  ? clear_bhb_loop+0x40/0x90
[  239.941167][ T9650]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.941196][ T9650] RIP: 0033:0x7f1399d9c799
[  239.941219][ T9650] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  239.941246][ T9650] RSP: 002b:00007f139ad2f028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa
[  239.941276][ T9650] RAX: ffffffffffffffda RBX: 00007f139a015fa0 RCX: 00007f1399d9c799
[  239.941294][ T9650] RDX: fffffffffffffffd RSI: fffffffffffffffc RDI: 0000000000000012
[  239.941311][ T9650] RBP: 00007f1399e32bd9 R08: 0000000000000001 R09: 0000000000000000
[  239.941326][ T9650] R10: fffffffffffffffd R11: 0000000000000246 R12: 0000000000000000
[  239.941341][ T9650] R13: 00007f139a016038 R14: 00007f139a015fa0 R15: 00007ffe64f4f168
[  239.941382][ T9650]  </TASK>
[  240.269203][ T9654] vivid-007: =================  START STATUS  =================
[  240.277754][ T9654] vivid-007: Generate PTS: true
[  240.287181][ T9654] vivid-007: Generate SCR: true
[  240.292153][ T9654] tpg source WxH: 320x240 (Y'CbCr)
[  240.307592][ T9654] tpg field: 1
[  240.313269][ T9654] tpg crop: (0,0)/320x240
[  240.324339][ T9654] tpg compose: (0,0)/320x240
[  240.329075][ T9654] tpg colorspace: 8
[  240.332889][ T9654] tpg transfer function: 0/0
[  240.337667][ T9654] tpg Y'CbCr encoding: 0/0
[  240.342099][ T9654] tpg quantization: 0/0
[  240.346257][ T9654] tpg RGB range: 0/2
[  240.350284][ T9654] vivid-007: ==================  END STATUS  ==================
[  240.904521][ T9682] FAULT_INJECTION: forcing a failure.
[  240.904521][ T9682] name failslab, interval 1, probability 0, space 0, times 0
[  240.929524][ T9682] CPU: 0 UID: 0 PID: 9682 Comm: syz.1.1215 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  240.929572][ T9682] Tainted: [L]=SOFTLOCKUP
[  240.929582][ T9682] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  240.929599][ T9682] Call Trace:
[  240.929609][ T9682]  <TASK>
[  240.929620][ T9682]  dump_stack_lvl+0x100/0x190
[  240.929668][ T9682]  should_fail_ex.cold+0x5/0xa
[  240.929701][ T9682]  should_failslab+0xc2/0x120
[  240.929732][ T9682]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  240.929773][ T9682]  ? dup_fd+0x4d/0xd10
[  240.929800][ T9682]  ? do_futex+0x192/0x350
[  240.929839][ T9682]  dup_fd+0x4d/0xd10
[  240.929865][ T9682]  ? bpf_lsm_capable+0x9/0x10
[  240.929893][ T9682]  ? security_capable+0x80/0x260
[  240.929940][ T9682]  __x64_sys_close_range+0x405/0x5d0
[  240.929974][ T9682]  ? __pfx___x64_sys_close_range+0x10/0x10
[  240.930019][ T9682]  do_syscall_64+0x106/0xf80
[  240.930052][ T9682]  ? clear_bhb_loop+0x40/0x90
[  240.930087][ T9682]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  240.930116][ T9682] RIP: 0033:0x7fa04019c799
[  240.930141][ T9682] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  240.930168][ T9682] RSP: 002b:00007fa041119028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  240.930196][ T9682] RAX: ffffffffffffffda RBX: 00007fa040415fa0 RCX: 00007fa04019c799
[  240.930215][ T9682] RDX: 0000000000000002 RSI: fffffffffffff001 RDI: 0000000000000000
[  240.930232][ T9682] RBP: 00007fa040232bd9 R08: 0000000000000000 R09: 0000000000000000
[  240.930249][ T9682] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  240.930265][ T9682] R13: 00007fa040416038 R14: 00007fa040415fa0 R15: 00007ffe4d69e658
[  240.930303][ T9682]  </TASK>
[  241.861070][ T9673] syz.4.1210 (9673): /proc/9665/oom_adj is deprecated, please use /proc/9665/oom_score_adj instead.
[  243.324887][ T9737] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1229'.
[  243.335985][ T9736] FAULT_INJECTION: forcing a failure.
[  243.335985][ T9736] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  243.354966][ T9737] veth1_vlan: entered allmulticast mode
[  243.362140][ T9736] CPU: 1 UID: 0 PID: 9736 Comm: syz.3.1230 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  243.362188][ T9736] Tainted: [L]=SOFTLOCKUP
[  243.362199][ T9736] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  243.362221][ T9736] Call Trace:
[  243.362230][ T9736]  <TASK>
[  243.362240][ T9736]  dump_stack_lvl+0x100/0x190
[  243.362289][ T9736]  should_fail_ex.cold+0x5/0xa
[  243.362315][ T9736]  ? prepare_alloc_pages+0x16d/0x5f0
[  243.362352][ T9736]  should_fail_alloc_page+0xeb/0x140
[  243.362383][ T9736]  prepare_alloc_pages+0x1f0/0x5f0
[  243.362414][ T9736]  ? workingset_test_recent+0x42d/0xe90
[  243.362461][ T9736]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  243.362500][ T9736]  ? workingset_test_recent+0x143/0xe90
[  243.362545][ T9736]  ? local_lock_release+0x99/0x130
[  243.362586][ T9736]  ? __lock_acquire+0x4a5/0x2630
[  243.362620][ T9736]  ? mod_memcg_lruvec_state+0x1a6/0x630
[  243.362663][ T9736]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  243.362717][ T9736]  ? __lock_acquire+0x4a5/0x2630
[  243.362765][ T9736]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  243.362822][ T9736]  ? policy_nodemask+0xed/0x4f0
[  243.362856][ T9736]  alloc_pages_mpol+0x1fb/0x550
[  243.362886][ T9736]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  243.362915][ T9736]  ? swap_entry_swapped+0x1ff/0x2b0
[  243.362943][ T9736]  ? __pfx_swap_entry_swapped+0x10/0x10
[  243.362976][ T9736]  folio_alloc_mpol_noprof+0x36/0x340
[  243.363011][ T9736]  swap_cache_alloc_folio+0x1a8/0x300
[  243.363051][ T9736]  ? __pfx_swap_cache_alloc_folio+0x10/0x10
[  243.363089][ T9736]  ? __pfx_get_swap_device+0x10/0x10
[  243.363130][ T9736]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  243.363178][ T9736]  read_swap_cache_async+0xd9/0x480
[  243.363218][ T9736]  ? __pfx_read_swap_cache_async+0x10/0x10
[  243.363258][ T9736]  ? find_held_lock+0x2b/0x80
[  243.363283][ T9736]  ? find_held_lock+0x2b/0x80
[  243.363308][ T9736]  ? swapin_walk_pmd_entry+0x2d9/0x640
[  243.363339][ T9736]  ? swapin_walk_pmd_entry+0x2d9/0x640
[  243.363377][ T9736]  swapin_walk_pmd_entry+0x2fd/0x640
[  243.363413][ T9736]  ? __pfx_swapin_walk_pmd_entry+0x10/0x10
[  243.363450][ T9736]  ? __lock_acquire+0x4a5/0x2630
[  243.363486][ T9736]  ? tomoyo_path_perm+0x29c/0x460
[  243.363524][ T9736]  ? kasan_save_stack+0x3f/0x50
[  243.363563][ T9736]  ? kasan_save_stack+0x30/0x50
[  243.363603][ T9736]  ? __pfx_swapin_walk_pmd_entry+0x10/0x10
[  243.363636][ T9736]  walk_pgd_range+0xc04/0x1eb0
[  243.363681][ T9736]  ? css_rstat_updated+0x1ce/0x5a0
[  243.363723][ T9736]  ? __pfx_walk_pgd_range+0x10/0x10
[  243.363767][ T9736]  ? update_cfs_rq_load_avg+0x51/0x550
[  243.363814][ T9736]  __walk_page_range+0x163/0x820
[  243.363861][ T9736]  ? set_next_entity+0x11b/0x9c0
[  243.363905][ T9736]  walk_page_range_vma_unsafe+0x209/0x8f0
[  243.363957][ T9736]  ? __pfx_walk_page_range_vma_unsafe+0x10/0x10
[  243.364000][ T9736]  ? kvm_sched_clock_read+0x11/0x20
[  243.364037][ T9736]  ? lock_acquire+0x1cf/0x380
[  243.364067][ T9736]  ? find_held_lock+0x2b/0x80
[  243.364094][ T9736]  walk_page_range_vma+0x63/0x90
[  243.364137][ T9736]  madvise_vma_behavior+0x1e14/0x3050
[  243.364173][ T9736]  ? __pfx_madvise_vma_behavior+0x10/0x10
[  243.364203][ T9736]  ? mas_prev_setup.constprop.0+0xb6/0x9c0
[  243.364241][ T9736]  ? mas_prev+0x9b/0xf0
[  243.364276][ T9736]  ? __pfx_mas_prev+0x10/0x10
[  243.364317][ T9736]  ? find_vma_prev+0xd8/0x150
[  243.364347][ T9736]  ? __pfx_find_vma_prev+0x10/0x10
[  243.364372][ T9736]  ? __pfx___schedule+0x10/0x10
[  243.364421][ T9736]  madvise_walk_vmas+0x2fe/0xa90
[  243.364459][ T9736]  ? __pfx_madvise_walk_vmas+0x10/0x10
[  243.364502][ T9736]  madvise_do_behavior+0x1ea/0x510
[  243.364532][ T9736]  ? futex_private_hash_put+0x107/0x1c0
[  243.364568][ T9736]  ? __pfx_madvise_do_behavior+0x10/0x10
[  243.364599][ T9736]  ? down_read+0x13b/0x460
[  243.364649][ T9736]  do_madvise+0x195/0x240
[  243.364679][ T9736]  ? __pfx_do_madvise+0x10/0x10
[  243.364708][ T9736]  ? do_futex+0x192/0x350
[  243.364750][ T9736]  ? __fget_files+0x21f/0x3d0
[  243.364811][ T9736]  __x64_sys_madvise+0xa9/0x110
[  243.364844][ T9736]  ? lockdep_hardirqs_on+0x78/0x100
[  243.364877][ T9736]  do_syscall_64+0x106/0xf80
[  243.364908][ T9736]  ? clear_bhb_loop+0x40/0x90
[  243.364941][ T9736]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  243.364970][ T9736] RIP: 0033:0x7f6d1859c799
[  243.364995][ T9736] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  243.365022][ T9736] RSP: 002b:00007f6d193ef028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[  243.365058][ T9736] RAX: ffffffffffffffda RBX: 00007f6d18815fa0 RCX: 00007f6d1859c799
[  243.365077][ T9736] RDX: 0000000100000003 RSI: 0000000001010001 RDI: 0000000000000000
[  243.365095][ T9736] RBP: 00007f6d18632bd9 R08: 0000000000000000 R09: 0000000000000000
[  243.365111][ T9736] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  243.365128][ T9736] R13: 00007f6d18816038 R14: 00007f6d18815fa0 R15: 00007ffe73e27728
[  243.365165][ T9736]  </TASK>
[  244.272257][ T9749] netlink: 'syz.4.1236': attribute type 21 has an invalid length.
[  244.280202][ T9749] netlink: 326 bytes leftover after parsing attributes in process `syz.4.1236'.
[  246.578932][    C0] vcan0: j1939_tp_rxtimer: 0xffff88802c2b5800: rx timeout, send abort
[  246.589095][    C0] vcan0: j1939_tp_rxtimer: 0xffff88805c6a2400: rx timeout, send abort
[  246.597660][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88802c2b5800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  246.613608][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88805c6a2400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  247.008140][ T9792] netlink: 186 bytes leftover after parsing attributes in process `syz.0.1251'.
[  247.213849][ T9798] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1254'.
[  247.316359][ T9800] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1253'.
[  247.403304][ T9800] team0 (unregistering): Port device team_slave_0 removed
[  247.465890][ T9800] team0 (unregistering): Port device team_slave_1 removed
[  248.561049][ T9836] vivid-007: =================  START STATUS  =================
[  248.608445][ T9836] vivid-007: Generate PTS: true
[  248.613431][ T9836] vivid-007: Generate SCR: true
[  248.643870][ T9838] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  248.673048][ T9836] tpg source WxH: 320x240 (Y'CbCr)
[  248.723257][ T9836] tpg field: 1
[  248.727705][ T9836] tpg crop: (0,0)/320x240
[  248.732068][ T9836] tpg compose: (0,0)/320x240
[  248.762739][ T9836] tpg colorspace: 8
[  248.766595][ T9836] tpg transfer function: 0/0
[  248.819117][ T9836] tpg Y'CbCr encoding: 0/0
[  248.847657][ T9836] tpg quantization: 0/0
[  248.914750][ T9836] tpg RGB range: 0/2
[  248.935001][ T9836] vivid-007: ==================  END STATUS  ==================
[  248.967643][ T9850] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1268'.
[  248.991116][ T9850] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1268'.
[  249.008698][ T9850] netlink: 290 bytes leftover after parsing attributes in process `syz.0.1268'.
[  250.516689][ T9884] binder: 9883:9884 ioctl 4018620d 9 returned -22
[  252.012152][ T9925] FAULT_INJECTION: forcing a failure.
[  252.012152][ T9925] name failslab, interval 1, probability 0, space 0, times 0
[  252.077605][ T9925] CPU: 1 UID: 0 PID: 9925 Comm: syz.1.1285 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  252.077648][ T9925] Tainted: [L]=SOFTLOCKUP
[  252.077657][ T9925] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  252.077673][ T9925] Call Trace:
[  252.077681][ T9925]  <TASK>
[  252.077692][ T9925]  dump_stack_lvl+0x100/0x190
[  252.077737][ T9925]  should_fail_ex.cold+0x5/0xa
[  252.077768][ T9925]  should_failslab+0xc2/0x120
[  252.077795][ T9925]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  252.077833][ T9925]  ? locks_get_lock_context+0x94/0x640
[  252.077878][ T9925]  locks_get_lock_context+0x94/0x640
[  252.077929][ T9925]  posix_lock_inode+0xcc/0x2440
[  252.077970][ T9925]  ? __pfx_posix_lock_inode+0x10/0x10
[  252.078007][ T9925]  vfs_lock_file+0xfb/0x150
[  252.078035][ T9925]  fcntl_setlk+0x782/0xe40
[  252.078066][ T9925]  ? __pfx_fcntl_setlk+0x10/0x10
[  252.078109][ T9925]  ? rep_movs_alternative+0x30/0x90
[  252.078159][ T9925]  do_fcntl+0xf39/0x1670
[  252.078195][ T9925]  ? __pfx_do_fcntl+0x10/0x10
[  252.078226][ T9925]  ? __fget_files+0x215/0x3d0
[  252.078263][ T9925]  ? tomoyo_file_fcntl+0x6c/0xc0
[  252.078304][ T9925]  __x64_sys_fcntl+0x163/0x200
[  252.078345][ T9925]  do_syscall_64+0x106/0xf80
[  252.078378][ T9925]  ? clear_bhb_loop+0x40/0x90
[  252.078414][ T9925]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  252.078442][ T9925] RIP: 0033:0x7fa04019c799
[  252.078465][ T9925] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  252.078489][ T9925] RSP: 002b:00007fa041119028 EFLAGS: 00000246 ORIG_RAX: 0000000000000048
[  252.078515][ T9925] RAX: ffffffffffffffda RBX: 00007fa040415fa0 RCX: 00007fa04019c799
[  252.078535][ T9925] RDX: 0000000000001298 RSI: 0000000000000026 RDI: 0000000000000004
[  252.078551][ T9925] RBP: 00007fa040232bd9 R08: 0000000000000000 R09: 0000000000000000
[  252.078567][ T9925] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  252.078584][ T9925] R13: 00007fa040416038 R14: 00007fa040415fa0 R15: 00007ffe4d69e658
[  252.078620][ T9925]  </TASK>
[  252.935645][ T9960] netlink: 306 bytes leftover after parsing attributes in process `syz.1.1291'.
[  252.948991][ T9963] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1292'.
[  255.671624][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  255.678085][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  256.266561][T10061] netlink: 'syz.3.1318': attribute type 21 has an invalid length.
[  256.308792][T10061] netlink: 326 bytes leftover after parsing attributes in process `syz.3.1318'.
[  256.336299][T10061] IPv6: NLM_F_CREATE should be specified when creating new route
[  256.587798][T10064] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1319'.
[  257.801889][T10085] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1325'.
[  257.932268][T10083] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1324'.
[  257.969181][T10075] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  257.976855][T10075] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  257.990869][T10075] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  258.013772][T10075] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  258.030499][T10075] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  258.173063][T10075] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  258.181944][T10083] gretap0: refused to change device tx_queue_len
[  259.346935][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout
[  259.419614][T10117] FAULT_INJECTION: forcing a failure.
[  259.419614][T10117] name failslab, interval 1, probability 0, space 0, times 0
[  259.475197][T10117] CPU: 1 UID: 0 PID: 10117 Comm: syz.1.1336 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  259.475255][T10117] Tainted: [L]=SOFTLOCKUP
[  259.475266][T10117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  259.475284][T10117] Call Trace:
[  259.475293][T10117]  <TASK>
[  259.475305][T10117]  dump_stack_lvl+0x100/0x190
[  259.475360][T10117]  should_fail_ex.cold+0x5/0xa
[  259.475395][T10117]  should_failslab+0xc2/0x120
[  259.475425][T10117]  __kmalloc_cache_noprof+0x7a/0x6f0
[  259.475461][T10117]  ? trace_pid_list_alloc+0x2fe/0x480
[  259.475509][T10117]  trace_pid_list_alloc+0x2fe/0x480
[  259.475556][T10117]  trace_pid_write+0x110/0x460
[  259.475600][T10117]  ? __pfx_trace_pid_write+0x10/0x10
[  259.475665][T10117]  event_pid_write.isra.0+0x1e4/0x800
[  259.475712][T10117]  ? __pfx_event_pid_write.isra.0+0x10/0x10
[  259.475769][T10117]  vfs_write+0x2aa/0x1070
[  259.475814][T10117]  ? __pfx_ftrace_event_npid_write+0x10/0x10
[  259.475862][T10117]  ? __pfx_vfs_write+0x10/0x10
[  259.475901][T10117]  ? __fget_files+0x215/0x3d0
[  259.475934][T10117]  ? __fget_files+0x21f/0x3d0
[  259.475971][T10117]  ksys_write+0x12a/0x250
[  259.476013][T10117]  ? __pfx_ksys_write+0x10/0x10
[  259.476067][T10117]  do_syscall_64+0x106/0xf80
[  259.476100][T10117]  ? clear_bhb_loop+0x40/0x90
[  259.476133][T10117]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.476157][T10117] RIP: 0033:0x7fa04019c799
[  259.476176][T10117] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  259.476203][T10117] RSP: 002b:00007fa041119028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  259.476230][T10117] RAX: ffffffffffffffda RBX: 00007fa040415fa0 RCX: 00007fa04019c799
[  259.476259][T10117] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003
[  259.476274][T10117] RBP: 00007fa040232bd9 R08: 0000000000000000 R09: 0000000000000000
[  259.476290][T10117] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  259.476304][T10117] R13: 00007fa040416038 R14: 00007fa040415fa0 R15: 00007ffe4d69e658
[  259.476335][T10117]  </TASK>
[  260.007753][ T5829] Bluetooth: hci1: command 0x0c1a tx timeout
[  260.068287][ T5829] Bluetooth: hci2: command 0x0c1a tx timeout
[  260.074344][ T5829] Bluetooth: hci3: command 0x0c1a tx timeout
[  261.589506][T10138] FAULT_INJECTION: forcing a failure.
[  261.589506][T10138] name fail_futex, interval 1, probability 0, space 0, times 1
[  261.623268][   T36] EXT4-fs (sda1): Delayed block allocation failed for inode 2026 at logical offset 1 with max blocks 1 with error 117
[  261.636800][T10138] CPU: 0 UID: 0 PID: 10138 Comm: syz.4.1342 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  261.636840][T10138] Tainted: [L]=SOFTLOCKUP
[  261.636849][T10138] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  261.636865][T10138] Call Trace:
[  261.636874][T10138]  <TASK>
[  261.636886][T10138]  dump_stack_lvl+0x100/0x190
[  261.636950][T10138]  should_fail_ex.cold+0x5/0xa
[  261.636981][T10138]  get_futex_key+0x1d2/0x1620
[  261.637021][T10138]  ? __pfx_get_futex_key+0x10/0x10
[  261.637061][T10138]  futex_wake+0xea/0x530
[  261.637103][T10138]  ? __pfx_futex_wake+0x10/0x10
[  261.637143][T10138]  ? __call_rcu_common.constprop.0+0x3f0/0x9b0
[  261.637193][T10138]  do_futex+0x32b/0x350
[  261.637228][T10138]  ? __pfx_do_futex+0x10/0x10
[  261.637263][T10138]  ? __pfx___might_resched+0x10/0x10
[  261.637302][T10138]  ? blkcg_maybe_throttle_current+0x5df/0xeb0
[  261.637343][T10138]  __x64_sys_futex+0x34f/0x4d0
[  261.637380][T10138]  ? __pfx_task_work_run+0x10/0x10
[  261.637426][T10138]  ? __pfx___x64_sys_futex+0x10/0x10
[  261.637462][T10138]  ? exit_to_user_mode_loop+0xdd/0x4a0
[  261.637510][T10138]  do_syscall_64+0x106/0xf80
[  261.637542][T10138]  ? clear_bhb_loop+0x40/0x90
[  261.637577][T10138]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  261.637605][T10138] RIP: 0033:0x7f1399d9c799
[  261.637629][T10138] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  261.637657][T10138] RSP: 002b:00007f139ad0e0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  261.637683][T10138] RAX: ffffffffffffffda RBX: 00007f139a016098 RCX: 00007f1399d9c799
[  261.637702][T10138] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f139a01609c
[  261.637720][T10138] RBP: 00007f139a016090 R08: 0000000000000000 R09: 0000000000000000
[  261.637744][T10138] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  261.637760][T10138] R13: 00007f139a016128 R14: 00007ffe64f4f080 R15: 00007ffe64f4f168
[  261.637798][T10138]  </TASK>
[  261.956879][   T36] EXT4-fs (sda1): This should not happen!! Data will be lost
[  261.956879][   T36] 
[  262.148149][ T5829] Bluetooth: hci2: command 0x0c1a tx timeout
[  262.578818][T10151] netlink: 266 bytes leftover after parsing attributes in process `syz.4.1345'.
[  262.589261][T10151] IPv6: NLM_F_CREATE should be specified when creating new route
[  263.126877][   T30] audit: type=1800 audit(1772419312.871:6): pid=10156 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1348" name="trace_marker" dev="tracefs" ino=571 res=0 errno=0
[  264.253952][ T5829] Bluetooth: hci2: command 0x0c1a tx timeout
[  265.032630][T10205] mkiss: ax0: crc mode is auto.
[  266.301234][T10228] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1370'.
[  266.389820][ T5829] Bluetooth: hci3: unexpected event 0x20 length: 123 > 7
[  267.537616][   T12] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 1002 with max blocks 2 with error 117
[  267.586881][   T12] EXT4-fs (sda1): This should not happen!! Data will be lost
[  267.586881][   T12] 
[  268.242883][T10263] zswap: compressor  not available
[  268.280457][T10261] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1382'.
[  272.486201][T10347] FAULT_INJECTION: forcing a failure.
[  272.486201][T10347] name failslab, interval 1, probability 0, space 0, times 0
[  272.499814][T10347] CPU: 0 UID: 0 PID: 10347 Comm: syz.3.1408 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  272.499862][T10347] Tainted: [L]=SOFTLOCKUP
[  272.499879][T10347] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  272.499896][T10347] Call Trace:
[  272.499905][T10347]  <TASK>
[  272.499917][T10347]  dump_stack_lvl+0x100/0x190
[  272.499966][T10347]  should_fail_ex.cold+0x5/0xa
[  272.499998][T10347]  should_failslab+0xc2/0x120
[  272.500028][T10347]  __kmalloc_cache_noprof+0x7a/0x6f0
[  272.500065][T10347]  ? madvise_collapse+0x1b5/0xbe0
[  272.500104][T10347]  madvise_collapse+0x1b5/0xbe0
[  272.500143][T10347]  ? find_held_lock+0x2b/0x80
[  272.500167][T10347]  ? finish_task_switch.isra.0+0x200/0xb80
[  272.500198][T10347]  ? __pfx_madvise_collapse+0x10/0x10
[  272.500231][T10347]  ? __pfx_rcu_is_watching+0x1/0x10
[  272.500283][T10347]  madvise_vma_behavior+0x1987/0x3050
[  272.500321][T10347]  ? __pfx_madvise_vma_behavior+0x10/0x10
[  272.500353][T10347]  ? mas_prev_setup.constprop.0+0xb6/0x9c0
[  272.500391][T10347]  ? mas_prev+0x9b/0xf0
[  272.500426][T10347]  ? __pfx_mas_prev+0x10/0x10
[  272.500470][T10347]  ? find_vma_prev+0xd8/0x150
[  272.500496][T10347]  ? futex_unqueue+0x133/0x2c0
[  272.500526][T10347]  ? __pfx_find_vma_prev+0x10/0x10
[  272.500562][T10347]  ? __futex_wait+0x256/0x300
[  272.500607][T10347]  madvise_walk_vmas+0x2fe/0xa90
[  272.500643][T10347]  ? __pfx_madvise_walk_vmas+0x10/0x10
[  272.500685][T10347]  madvise_do_behavior+0x1ea/0x510
[  272.500721][T10347]  ? __pfx_madvise_do_behavior+0x10/0x10
[  272.500753][T10347]  ? down_read+0x13b/0x460
[  272.500805][T10347]  do_madvise+0x195/0x240
[  272.500836][T10347]  ? __pfx_do_madvise+0x10/0x10
[  272.500864][T10347]  ? do_futex+0x192/0x350
[  272.500927][T10347]  ? arch_syscall_is_vdso_sigreturn+0xb6/0x200
[  272.500969][T10347]  __x64_sys_madvise+0xa9/0x110
[  272.501001][T10347]  ? lockdep_hardirqs_on+0x78/0x100
[  272.501031][T10347]  do_syscall_64+0x106/0xf80
[  272.501062][T10347]  ? clear_bhb_loop+0x40/0x90
[  272.501097][T10347]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  272.501125][T10347] RIP: 0033:0x7f6d1859c799
[  272.501148][T10347] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  272.501176][T10347] RSP: 002b:00007f6d193ef028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[  272.501204][T10347] RAX: ffffffffffffffda RBX: 00007f6d18815fa0 RCX: 00007f6d1859c799
[  272.501221][T10347] RDX: 0000000000000019 RSI: ffffffffffff0005 RDI: 0000000000000000
[  272.501237][T10347] RBP: 00007f6d18632bd9 R08: 0000000000000000 R09: 0000000000000000
[  272.501254][T10347] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  272.501270][T10347] R13: 00007f6d18816038 R14: 00007f6d18815fa0 R15: 00007ffe73e27728
[  272.501305][T10347]  </TASK>
[  275.809455][T10405] zswap: compressor  not available
[  280.302316][T10475] netlink: 186 bytes leftover after parsing attributes in process `syz.0.1446'.
[  280.319037][T10475] netlink: 186 bytes leftover after parsing attributes in process `syz.0.1446'.
[  280.708785][T10489] netlink: 202 bytes leftover after parsing attributes in process `syz.0.1450'.
[  280.987650][T10495] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1452'.
[  280.997204][T10492] netlink: 'syz.0.1451': attribute type 27 has an invalid length.
[  281.005148][T10492] netlink: 'syz.0.1451': attribute type 28 has an invalid length.
[  281.027034][T10492] netlink: 'syz.0.1451': attribute type 29 has an invalid length.
[  281.035024][T10492] netlink: 'syz.0.1451': attribute type 30 has an invalid length.
[  281.043482][T10492] netlink: 'syz.0.1451': attribute type 31 has an invalid length.
[  281.060451][T10492] netlink: 'syz.0.1451': attribute type 32 has an invalid length.
[  281.068859][T10492] netlink: 'syz.0.1451': attribute type 33 has an invalid length.
[  281.077241][T10492] netlink: 'syz.0.1451': attribute type 35 has an invalid length.
[  281.096820][T10492] netlink: 'syz.0.1451': attribute type 37 has an invalid length.
[  281.108883][T10492] netlink: 18 bytes leftover after parsing attributes in process `syz.0.1451'.
[  281.292464][T10499] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1453'.
[  281.303608][T10499] netlink: 13 bytes leftover after parsing attributes in process `syz.4.1453'.
[  282.350898][T10516] netlink: 186 bytes leftover after parsing attributes in process `syz.3.1457'.
[  282.362216][T10516] netlink: 186 bytes leftover after parsing attributes in process `syz.3.1457'.
[  282.993100][T10533] zswap: compressor  not available
[  283.261937][T10539] zswap: compressor  not available
[  286.054968][T10581] FAULT_INJECTION: forcing a failure.
[  286.054968][T10581] name failslab, interval 1, probability 0, space 0, times 0
[  286.086923][T10581] CPU: 1 UID: 0 PID: 10581 Comm: syz.1.1476 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  286.086967][T10581] Tainted: [L]=SOFTLOCKUP
[  286.086978][T10581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  286.086995][T10581] Call Trace:
[  286.087004][T10581]  <TASK>
[  286.087016][T10581]  dump_stack_lvl+0x100/0x190
[  286.087064][T10581]  should_fail_ex.cold+0x5/0xa
[  286.087099][T10581]  should_failslab+0xc2/0x120
[  286.087128][T10581]  __kmalloc_node_track_caller_noprof+0xe3/0x850
[  286.087172][T10581]  ? __request_module+0x2d5/0x6c0
[  286.087214][T10581]  kstrdup+0x51/0xe0
[  286.087257][T10581]  __request_module+0x2d5/0x6c0
[  286.087296][T10581]  ? __pfx___request_module+0x10/0x10
[  286.087336][T10581]  ? __mutex_unlock_slowpath+0x15c/0x790
[  286.087378][T10581]  ? __up_read+0x2c5/0x700
[  286.087417][T10581]  ? __pfx___up_read+0x10/0x10
[  286.087454][T10581]  ? ctrl_getfamily+0x1c9/0x550
[  286.087494][T10581]  ? ctrl_getfamily+0x1c9/0x550
[  286.087543][T10581]  ctrl_getfamily+0x1e7/0x550
[  286.087585][T10581]  ? __pfx_ctrl_getfamily+0x10/0x10
[  286.087629][T10581]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280
[  286.087671][T10581]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280
[  286.087720][T10581]  genl_family_rcv_msg_doit+0x214/0x300
[  286.087771][T10581]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  286.087812][T10581]  ? genl_get_cmd+0x3ef/0x720
[  286.087860][T10581]  ? __dev_queue_xmit+0x5af/0x4800
[  286.087904][T10581]  ? __radix_tree_lookup+0x217/0x2b0
[  286.087938][T10581]  genl_rcv_msg+0x560/0x800
[  286.087982][T10581]  ? __pfx_genl_rcv_msg+0x10/0x10
[  286.088024][T10581]  ? __pfx_ctrl_getfamily+0x10/0x10
[  286.088077][T10581]  netlink_rcv_skb+0x159/0x420
[  286.088113][T10581]  ? __pfx_genl_rcv_msg+0x10/0x10
[  286.088154][T10581]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  286.088204][T10581]  ? netlink_deliver_tap+0x1ae/0xcc0
[  286.088243][T10581]  genl_rcv+0x28/0x40
[  286.088278][T10581]  netlink_unicast+0x5aa/0x870
[  286.088319][T10581]  ? __pfx_netlink_unicast+0x10/0x10
[  286.088368][T10581]  netlink_sendmsg+0x8b0/0xda0
[  286.088409][T10581]  ? __pfx_netlink_sendmsg+0x10/0x10
[  286.088449][T10581]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  286.088493][T10581]  __sys_sendto+0x4aa/0x520
[  286.088525][T10581]  ? __pfx___sys_sendto+0x10/0x10
[  286.088567][T10581]  ? count_memcg_events_mm.constprop.0+0xfa/0x2a0
[  286.088613][T10581]  ? count_memcg_events_mm.constprop.0+0xfa/0x2a0
[  286.088682][T10581]  __x64_sys_sendto+0xe0/0x1c0
[  286.088711][T10581]  ? do_syscall_64+0x95/0xf80
[  286.088742][T10581]  ? lockdep_hardirqs_on+0x78/0x100
[  286.088781][T10581]  do_syscall_64+0x106/0xf80
[  286.088812][T10581]  ? clear_bhb_loop+0x40/0x90
[  286.088849][T10581]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  286.088878][T10581] RIP: 0033:0x7fa04015cfce
[  286.088902][T10581] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  286.088930][T10581] RSP: 002b:00007fa041117e88 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  286.088958][T10581] RAX: ffffffffffffffda RBX: 00007fa0411196c0 RCX: 00007fa04015cfce
[  286.088976][T10581] RDX: 000000000000001c RSI: 00007fa041118000 RDI: 0000000000000003
[  286.088994][T10581] RBP: 0000000000000000 R08: 00007fa041117f04 R09: 000000000000000c
[  286.089011][T10581] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003
[  286.089027][T10581] R13: 00007fa041117f58 R14: 00007fa041118000 R15: 0000000000000000
[  286.089064][T10581]  </TASK>
[  286.941315][T10585] zswap: compressor  not available
[  288.389994][T10606] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1482'.
[  288.453280][T10606] netlink: 13 bytes leftover after parsing attributes in process `syz.3.1482'.
[  288.537589][T10605] netlink: 186 bytes leftover after parsing attributes in process `syz.1.1481'.
[  288.553714][T10605] netlink: 186 bytes leftover after parsing attributes in process `syz.1.1481'.
[  288.769181][T10616] FAULT_INJECTION: forcing a failure.
[  288.769181][T10616] name failslab, interval 1, probability 0, space 0, times 0
[  288.816811][T10616] CPU: 1 UID: 0 PID: 10616 Comm: syz.4.1485 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  288.816855][T10616] Tainted: [L]=SOFTLOCKUP
[  288.816866][T10616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  288.816883][T10616] Call Trace:
[  288.816893][T10616]  <TASK>
[  288.816904][T10616]  dump_stack_lvl+0x100/0x190
[  288.816948][T10616]  should_fail_ex.cold+0x5/0xa
[  288.816981][T10616]  should_failslab+0xc2/0x120
[  288.817009][T10616]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  288.817048][T10616]  ? security_file_alloc+0x34/0x2c0
[  288.817073][T10616]  ? trace_kmem_cache_alloc+0xf3/0x120
[  288.817111][T10616]  security_file_alloc+0x34/0x2c0
[  288.817141][T10616]  init_file+0x95/0x480
[  288.817175][T10616]  alloc_empty_file+0x73/0x1c0
[  288.817211][T10616]  dentry_open+0x46/0xd0
[  288.817244][T10616]  ima_calc_file_hash+0x2ad/0x480
[  288.817287][T10616]  ima_collect_measurement+0x887/0xa40
[  288.817340][T10616]  ? __pfx_ima_collect_measurement+0x10/0x10
[  288.817382][T10616]  ? lock_acquire+0x1cf/0x380
[  288.817437][T10616]  ? process_measurement+0x5ab/0x2350
[  288.817474][T10616]  ? is_bad_inode+0xd/0x40
[  288.817520][T10616]  ? xattr_resolve_name+0x27d/0x3f0
[  288.817570][T10616]  ? vfs_getxattr_alloc+0xec/0x350
[  288.817607][T10616]  ? ima_get_hash_algo+0x22d/0x400
[  288.817641][T10616]  ? __pfx_ima_get_hash_algo+0x10/0x10
[  288.817683][T10616]  ? process_measurement+0xdfe/0x2350
[  288.817718][T10616]  process_measurement+0xdfe/0x2350
[  288.817768][T10616]  ? __pfx_process_measurement+0x10/0x10
[  288.817819][T10616]  ? find_held_lock+0x2b/0x80
[  288.817843][T10616]  ? rcu_read_unlock+0x17/0x60
[  288.817873][T10616]  ? rcu_read_unlock+0x17/0x60
[  288.817932][T10616]  ? mutex_init_lockep+0x110/0x150
[  288.817972][T10616]  ? seq_open+0x116/0x170
[  288.818004][T10616]  ? inode_to_bdi+0x9e/0x160
[  288.818035][T10616]  ima_file_check+0xcc/0x120
[  288.818072][T10616]  ? __pfx_ima_file_check+0x10/0x10
[  288.818120][T10616]  security_file_post_open+0xc4/0x210
[  288.818166][T10616]  path_openat+0x1418/0x31a0
[  288.818207][T10616]  ? __pfx_path_openat+0x10/0x10
[  288.818250][T10616]  do_file_open+0x20e/0x430
[  288.818281][T10616]  ? __pfx_do_file_open+0x10/0x10
[  288.818338][T10616]  ? alloc_fd+0x476/0x790
[  288.818368][T10616]  ? do_getname+0x191/0x390
[  288.818406][T10616]  do_sys_openat2+0x10d/0x1e0
[  288.818441][T10616]  ? __pfx_do_sys_openat2+0x10/0x10
[  288.818499][T10616]  __x64_sys_openat+0x12d/0x210
[  288.818537][T10616]  ? __pfx___x64_sys_openat+0x10/0x10
[  288.818590][T10616]  do_syscall_64+0x106/0xf80
[  288.818622][T10616]  ? clear_bhb_loop+0x40/0x90
[  288.818657][T10616]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  288.818685][T10616] RIP: 0033:0x7f1399d9c799
[  288.818708][T10616] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  288.818736][T10616] RSP: 002b:00007f139ad2f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  288.818763][T10616] RAX: ffffffffffffffda RBX: 00007f139a015fa0 RCX: 00007f1399d9c799
[  288.818783][T10616] RDX: 0000000000020803 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  288.818801][T10616] RBP: 00007f1399e32bd9 R08: 0000000000000000 R09: 0000000000000000
[  288.818818][T10616] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  288.818834][T10616] R13: 00007f139a016038 R14: 00007f139a015fa0 R15: 00007ffe64f4f168
[  288.818873][T10616]  </TASK>
[  288.820360][   T30] audit: type=1800 audit(1772419338.581:7): pid=10616 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1485" name="set_event_notrace_pid" dev="tracefs" ino=30 res=0 errno=0
[  290.499132][T10646] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 999 with max blocks 3 with error 117
[  290.517352][T10646] EXT4-fs (sda1): This should not happen!! Data will be lost
[  290.517352][T10646] 
[  290.847388][T10652] zswap: compressor  not available
[  292.183450][T10683] netlink: 266 bytes leftover after parsing attributes in process `syz.0.1507'.
[  293.313418][T10694] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1510'.
[  293.447570][T10698] netlink: 194 bytes leftover after parsing attributes in process `syz.4.1512'.
[  294.001598][T10715] sp0: Synchronizing with TNC
[  294.579704][  T293] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  294.730175][  T293] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  294.880670][  T293] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  294.991516][  T293] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  295.067867][T10729] netlink: 318 bytes leftover after parsing attributes in process `syz.0.1525'.
[  295.124978][ T5145] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  295.147099][ T5145] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  295.155485][ T5145] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  295.198052][ T5145] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  295.277069][ T5145] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  295.705298][  T293] bridge_slave_1: left allmulticast mode
[  295.736892][  T293] bridge_slave_1: left promiscuous mode
[  295.765061][  T293] bridge0: port 2(bridge_slave_1) entered disabled state
[  295.891617][  T293] bridge_slave_0: left allmulticast mode
[  295.912703][  T293] bridge_slave_0: left promiscuous mode
[  295.943265][  T293] bridge0: port 1(bridge_slave_0) entered disabled state
[  296.641254][  T293] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  296.679208][  T293] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  296.714931][  T293] bond0 (unregistering): Released all slaves
[  296.852816][  T293] �: left promiscuous mode
[  297.109497][T10735] chnl_net:caif_netlink_parms(): no params data found
[  297.349271][ T5145] Bluetooth: hci2: command tx timeout
[  297.380642][  T293] hsr_slave_0: left promiscuous mode
[  297.396603][  T293] hsr_slave_1: left promiscuous mode
[  297.413686][  T293] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  297.432295][  T293] batman_adv: batadv0: Removing interface: batadv_slave_0
[  297.487538][  T293] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  297.494963][  T293] batman_adv: batadv0: Removing interface: batadv_slave_1
[  297.523993][  T293] veth1_macvtap: left promiscuous mode
[  297.536935][  T293] veth0_macvtap: left promiscuous mode
[  297.542630][  T293] veth1_vlan: left promiscuous mode
[  297.548770][  T293] veth0_vlan: left promiscuous mode
[  297.598362][   T58] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 1002 with max blocks 2 with error 117
[  297.626923][   T58] EXT4-fs (sda1): This should not happen!! Data will be lost
[  297.626923][   T58] 
[  298.022800][  T293] team0 (unregistering): Port device team_slave_1 removed
[  298.047418][  T293] team0 (unregistering): Port device team_slave_0 removed
[  298.570603][T10735] bridge0: port 1(bridge_slave_0) entered blocking state
[  298.594238][T10735] bridge0: port 1(bridge_slave_0) entered disabled state
[  298.614634][T10735] bridge_slave_0: entered allmulticast mode
[  298.630993][T10735] bridge_slave_0: entered promiscuous mode
[  298.659794][T10735] bridge0: port 2(bridge_slave_1) entered blocking state
[  298.667104][T10735] bridge0: port 2(bridge_slave_1) entered disabled state
[  298.675107][T10735] bridge_slave_1: entered allmulticast mode
[  298.683771][T10735] bridge_slave_1: entered promiscuous mode
[  298.888219][T10735] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  298.910477][T10735] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  299.056386][T10735] team0: Port device team_slave_0 added
[  299.081720][T10735] team0: Port device team_slave_1 added
[  299.221612][T10735] batman_adv: batadv0: Adding interface: batadv_slave_0
[  299.229110][T10735] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  299.313280][T10735] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  299.427165][ T5145] Bluetooth: hci2: command tx timeout
[  299.635189][T10735] batman_adv: batadv0: Adding interface: batadv_slave_1
[  299.668906][T10735] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  299.732237][T10735] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  299.901079][T10735] hsr_slave_0: entered promiscuous mode
[  299.952472][T10735] hsr_slave_1: entered promiscuous mode
[  299.960416][T10735] debugfs: 'hsr0' already exists in 'hsr'
[  299.966174][T10735] Cannot create hsr debugfs directory
[  301.506885][ T5145] Bluetooth: hci2: command tx timeout
[  301.671259][T10881] futex_wake_op: syz.3.1555 tries to shift op by -2048; fix this program
[  301.707500][T10881] futex_wake_op: syz.3.1555 tries to shift op by -2048; fix this program
[  301.775096][T10735] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  301.832351][T10735] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  301.860029][T10735] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  301.897552][T10735] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  302.168174][T10735] 8021q: adding VLAN 0 to HW filter on device bond0
[  302.669777][T10735] 8021q: adding VLAN 0 to HW filter on device team0
[  302.766475][ T1101] bridge0: port 1(bridge_slave_0) entered blocking state
[  302.773699][ T1101] bridge0: port 1(bridge_slave_0) entered forwarding state
[  302.785304][ T1101] bridge0: port 2(bridge_slave_1) entered blocking state
[  302.792499][ T1101] bridge0: port 2(bridge_slave_1) entered forwarding state
[  303.467695][T10735] 8021q: adding VLAN 0 to HW filter on device batadv0
[  303.587607][ T5145] Bluetooth: hci2: command tx timeout
[  303.948565][T10953] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  303.954732][T10953] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  303.965012][T10953] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  303.992389][T10953] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  304.031896][T10953] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  304.101457][T10953] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  304.256441][T10735] veth0_vlan: entered promiscuous mode
[  304.273307][T10735] veth1_vlan: entered promiscuous mode
[  304.322263][T10735] veth0_macvtap: entered promiscuous mode
[  304.335329][T10735] veth1_macvtap: entered promiscuous mode
[  304.361877][T10735] batman_adv: batadv0: Interface activated: batadv_slave_0
[  304.379594][T10735] batman_adv: batadv0: Interface activated: batadv_slave_1
[  304.399625][   T36] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  304.435752][   T36] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  304.446088][   T36] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  304.473652][   T36] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  304.556052][ T1087] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  304.574135][ T1087] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  304.618668][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  304.626535][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  305.657774][T10992] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1566'.
[  305.669740][T10992] team_slave_0: entered allmulticast mode
[  305.987176][ T5145] Bluetooth: hci3: command 0x0c1a tx timeout
[  305.993251][ T5145] Bluetooth: hci1: command 0x0c1a tx timeout
[  305.995768][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout
[  306.015147][T10995] netlink: 186 bytes leftover after parsing attributes in process `syz.0.1574'.
[  306.066826][ T5829] Bluetooth: hci2: command 0x0c1a tx timeout
[  308.150489][ T5829] Bluetooth: hci2: command 0x0c1a tx timeout
[  308.166828][   T30] audit: type=1804 audit(1772419357.911:8): pid=11047 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1587" name="file0" dev="tmpfs" ino=2202 res=1 errno=0
[  308.282414][   T30] audit: type=1804 audit(1772419357.981:9): pid=11050 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.1587" name="file0" dev="tmpfs" ino=2202 res=1 errno=0
[  309.285912][T11076] FAULT_INJECTION: forcing a failure.
[  309.285912][T11076] name failslab, interval 1, probability 0, space 0, times 0
[  309.333338][T11076] CPU: 0 UID: 0 PID: 11076 Comm: syz.1.1593 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  309.333387][T11076] Tainted: [L]=SOFTLOCKUP
[  309.333397][T11076] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  309.333417][T11076] Call Trace:
[  309.333426][T11076]  <TASK>
[  309.333448][T11076]  dump_stack_lvl+0x100/0x190
[  309.333503][T11076]  should_fail_ex.cold+0x5/0xa
[  309.333554][T11076]  should_failslab+0xc2/0x120
[  309.333592][T11076]  __kmalloc_cache_noprof+0x7a/0x6f0
[  309.333634][T11076]  ? snd_ctl_open+0x174/0x5f0
[  309.333679][T11076]  ? _raw_spin_unlock+0x28/0x50
[  309.333714][T11076]  ? snd_card_file_add+0x26e/0x340
[  309.333775][T11076]  snd_ctl_open+0x174/0x5f0
[  309.333818][T11076]  ? __pfx_snd_ctl_open+0x10/0x10
[  309.333880][T11076]  snd_open+0x22d/0x4c0
[  309.333919][T11076]  ? __pfx_snd_open+0x10/0x10
[  309.333955][T11076]  chrdev_open+0x234/0x6a0
[  309.333982][T11076]  ? __pfx_apparmor_file_open+0x10/0x10
[  309.334022][T11076]  ? __pfx_chrdev_open+0x10/0x10
[  309.334051][T11076]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  309.334086][T11076]  do_dentry_open+0x6d8/0x1660
[  309.334110][T11076]  ? __pfx_chrdev_open+0x10/0x10
[  309.334146][T11076]  vfs_open+0x82/0x3f0
[  309.334198][T11076]  path_openat+0x208c/0x31a0
[  309.334251][T11076]  ? __pfx_path_openat+0x10/0x10
[  309.334291][T11076]  do_file_open+0x20e/0x430
[  309.334323][T11076]  ? __pfx_do_file_open+0x10/0x10
[  309.334382][T11076]  ? alloc_fd+0x476/0x790
[  309.334425][T11076]  ? do_getname+0x191/0x390
[  309.334465][T11076]  do_sys_openat2+0x10d/0x1e0
[  309.334493][T11076]  ? __pfx_do_sys_openat2+0x10/0x10
[  309.334535][T11076]  ? __fget_files+0x21f/0x3d0
[  309.334567][T11076]  __x64_sys_openat+0x12d/0x210
[  309.334608][T11076]  ? __pfx___x64_sys_openat+0x10/0x10
[  309.334660][T11076]  do_syscall_64+0x106/0xf80
[  309.334695][T11076]  ? clear_bhb_loop+0x40/0x90
[  309.334734][T11076]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  309.334765][T11076] RIP: 0033:0x7fa04019c799
[  309.334790][T11076] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  309.334821][T11076] RSP: 002b:00007fa041119028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  309.334850][T11076] RAX: ffffffffffffffda RBX: 00007fa040415fa0 RCX: 00007fa04019c799
[  309.334871][T11076] RDX: 0000000000000a02 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  309.334891][T11076] RBP: 00007fa040232bd9 R08: 0000000000000000 R09: 0000000000000000
[  309.334911][T11076] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  309.334931][T11076] R13: 00007fa040416038 R14: 00007fa040415fa0 R15: 00007ffe4d69e658
[  309.334971][T11076]  </TASK>
[  309.932394][T11087] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1596'.
[  310.236495][ T5829] Bluetooth: hci2: command 0x0c1a tx timeout
[  310.541802][T11102] netlink: 'syz.1.1601': attribute type 27 has an invalid length.
[  310.557188][T11102] netlink: 146 bytes leftover after parsing attributes in process `syz.1.1601'.
[  312.379968][   T30] audit: type=1804 audit(1772419362.141:10): pid=11140 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1612" name="/newroot/428/file0" dev="tmpfs" ino=2228 res=1 errno=0
[  312.496787][   T30] audit: type=1804 audit(1772419362.231:11): pid=11143 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.1612" name="/newroot/428/file0" dev="tmpfs" ino=2228 res=1 errno=0
[  313.153701][T11158] netlink: 'syz.1.1618': attribute type 1 has an invalid length.
[  313.188959][T11158] netlink: 'syz.1.1618': attribute type 6 has an invalid length.
[  313.346299][T11161] futex_wake_op: syz.4.1620 tries to shift op by -2048; fix this program
[  313.362949][T11161] futex_wake_op: syz.4.1620 tries to shift op by -2048; fix this program
[  313.393238][T11161] 0x001c00000000-0x100002c00000200 : ""
[  313.400719][T11161] mtd: partition "" is out of reach -- disabled
[  313.435546][T11161] ftl_cs: FTL header not found.
[  315.721756][T11197] FAULT_INJECTION: forcing a failure.
[  315.721756][T11197] name failslab, interval 1, probability 0, space 0, times 0
[  315.831393][T11197] CPU: 1 UID: 0 PID: 11197 Comm: syz.3.1627 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  315.831435][T11197] Tainted: [L]=SOFTLOCKUP
[  315.831444][T11197] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  315.831467][T11197] Call Trace:
[  315.831481][T11197]  <TASK>
[  315.831491][T11197]  dump_stack_lvl+0x100/0x190
[  315.831536][T11197]  should_fail_ex.cold+0x5/0xa
[  315.831580][T11197]  ? tomoyo_supervisor+0x65d/0x1340
[  315.831617][T11197]  should_failslab+0xc2/0x120
[  315.831652][T11197]  __kmalloc_noprof+0xe0/0x850
[  315.831703][T11197]  tomoyo_supervisor+0x65d/0x1340
[  315.831741][T11197]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  315.831776][T11197]  ? tomoyo_realpath_from_path+0x19c/0x690
[  315.831819][T11197]  ? tomoyo_realpath_from_path+0x19c/0x690
[  315.831848][T11197]  ? kfree+0x1f6/0x6b0
[  315.831885][T11197]  ? tomoyo_check_path_number_acl+0x1e6/0x2f0
[  315.831938][T11197]  tomoyo_path_number_perm+0x445/0x580
[  315.831981][T11197]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  315.832022][T11197]  ? rcu_read_unlock+0x17/0x60
[  315.832059][T11197]  ? do_raw_spin_lock+0x128/0x260
[  315.832124][T11197]  ? find_held_lock+0x2b/0x80
[  315.832150][T11197]  ? __pfx_d_add+0x10/0x10
[  315.832181][T11197]  ? d_alloc+0x176/0x1e0
[  315.832210][T11197]  ? current_check_access_path+0x281/0x460
[  315.832249][T11197]  ? simple_lookup+0x105/0x1d0
[  315.832293][T11197]  tomoyo_path_mknod+0x164/0x190
[  315.832326][T11197]  ? __pfx_tomoyo_path_mknod+0x10/0x10
[  315.832360][T11197]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  315.832410][T11197]  security_path_mknod+0x161/0x300
[  315.832442][T11197]  filename_mknodat+0x241/0x7f0
[  315.832478][T11197]  ? __pfx_filename_mknodat+0x10/0x10
[  315.832508][T11197]  ? strncpy_from_user+0x19d/0x2d0
[  315.832562][T11197]  ? do_getname+0x191/0x390
[  315.832599][T11197]  __x64_sys_mknod+0x8f/0xc0
[  315.832629][T11197]  do_syscall_64+0x106/0xf80
[  315.832662][T11197]  ? clear_bhb_loop+0x40/0x90
[  315.832698][T11197]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  315.832728][T11197] RIP: 0033:0x7f6d1859c799
[  315.832751][T11197] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  315.832778][T11197] RSP: 002b:00007f6d193ef028 EFLAGS: 00000246 ORIG_RAX: 0000000000000085
[  315.832805][T11197] RAX: ffffffffffffffda RBX: 00007f6d18815fa0 RCX: 00007f6d1859c799
[  315.832823][T11197] RDX: 0000000000000006 RSI: 0000000000000002 RDI: 0000000000000000
[  315.832840][T11197] RBP: 00007f6d18632bd9 R08: 0000000000000000 R09: 0000000000000000
[  315.832857][T11197] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  315.832874][T11197] R13: 00007f6d18816038 R14: 00007f6d18815fa0 R15: 00007ffe73e27728
[  315.832920][T11197]  </TASK>
[  316.311510][T11212] futex_wake_op: syz.3.1633 tries to shift op by -2048; fix this program
[  316.321300][T11212] futex_wake_op: syz.3.1633 tries to shift op by -2048; fix this program
[  316.353072][T11212] 0x001c00000000-0x100002c00000200 : ""
[  316.368229][T11212] mtd: partition "" is out of reach -- disabled
[  316.418935][T11212] ftl_cs: FTL header not found.
[  316.813397][T11226] FAULT_INJECTION: forcing a failure.
[  316.813397][T11226] name failslab, interval 1, probability 0, space 0, times 0
[  316.826387][T11226] CPU: 1 UID: 0 PID: 11226 Comm: syz.4.1637 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  316.826429][T11226] Tainted: [L]=SOFTLOCKUP
[  316.826439][T11226] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  316.826454][T11226] Call Trace:
[  316.826462][T11226]  <TASK>
[  316.826472][T11226]  dump_stack_lvl+0x100/0x190
[  316.826519][T11226]  should_fail_ex.cold+0x5/0xa
[  316.826550][T11226]  should_failslab+0xc2/0x120
[  316.826580][T11226]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  316.826621][T11226]  ? mempool_init_node+0x2f7/0x6e0
[  316.826651][T11226]  ? mempool_init_noprof+0x3a/0x50
[  316.826684][T11226]  ? __pfx_mempool_alloc_slab+0x10/0x10
[  316.826724][T11226]  mempool_init_node+0x2f7/0x6e0
[  316.826760][T11226]  ? __pfx_mempool_alloc_slab+0x10/0x10
[  316.826788][T11226]  ? __pfx_mempool_free_slab+0x10/0x10
[  316.826817][T11226]  mempool_init_noprof+0x3a/0x50
[  316.826850][T11226]  bioset_init+0x37e/0x8a0
[  316.826892][T11226]  ? __pfx_bioset_init+0x10/0x10
[  316.826948][T11226]  __alloc_disk_node+0x83/0x6b0
[  316.826994][T11226]  __blk_mq_alloc_disk+0x89/0x120
[  316.827033][T11226]  loop_add+0x498/0xb60
[  316.827065][T11226]  ? __pfx_loop_add+0x10/0x10
[  316.827119][T11226]  ? find_held_lock+0x2b/0x80
[  316.827143][T11226]  ? __fget_files+0x215/0x3d0
[  316.827172][T11226]  loop_control_ioctl+0xae/0x620
[  316.827202][T11226]  ? __pfx_loop_control_ioctl+0x10/0x10
[  316.827236][T11226]  ? __pfx_loop_control_ioctl+0x10/0x10
[  316.827268][T11226]  __x64_sys_ioctl+0x18e/0x210
[  316.827307][T11226]  do_syscall_64+0x106/0xf80
[  316.827339][T11226]  ? clear_bhb_loop+0x40/0x90
[  316.827374][T11226]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  316.827403][T11226] RIP: 0033:0x7fc3f539c799
[  316.827427][T11226] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  316.827453][T11226] RSP: 002b:00007fc3f61e7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  316.827480][T11226] RAX: ffffffffffffffda RBX: 00007fc3f5615fa0 RCX: 00007fc3f539c799
[  316.827499][T11226] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000008
[  316.827517][T11226] RBP: 00007fc3f5432bd9 R08: 0000000000000000 R09: 0000000000000000
[  316.827535][T11226] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  316.827551][T11226] R13: 00007fc3f5616038 R14: 00007fc3f5615fa0 R15: 00007ffc7c2d48d8
[  316.827589][T11226]  </TASK>
[  317.127656][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  317.134005][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  318.961956][   T30] audit: type=1804 audit(1772419368.721:12): pid=11255 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1646" name="/newroot/408/file0" dev="tmpfs" ino=2123 res=1 errno=0
[  319.044500][   T30] audit: type=1804 audit(1772419368.801:13): pid=11255 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.1646" name="/newroot/408/file0" dev="tmpfs" ino=2123 res=1 errno=0
[  320.078179][T11285] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1656'.
[  320.489271][T11298] raw_sendmsg: syz.0.1661 forgot to set AF_INET. Fix it!
[  321.775617][T11327] netlink: 'syz.0.1669': attribute type 1 has an invalid length.
[  321.787004][T11327] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1669'.
[  321.858114][T11323] ubi0: attaching mtd0
[  321.889228][T11323] ubi0: scanning is finished
[  321.904192][T11323] ubi0 error: ubi_read_volume_table: the layout volume was not found
[  322.220673][T11323] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  326.188232][T11401] ubi0: attaching mtd0
[  326.194318][T11401] ubi0: scanning is finished
[  326.206859][T11401] ubi0 error: ubi_read_volume_table: the layout volume was not found
[  326.329663][T11401] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  326.572414][T11414] [U] 
[  326.575260][T11414] [U] 
[  326.577971][T11414] [U] 
[  326.580665][T11414] [U] 
[  326.611916][T11414] [U] 
[  326.614667][T11414] [U] 
[  326.617390][T11414] [U] 
[  326.620097][T11414] [U] 
[  326.652359][T11414] [U] 
[  326.655109][T11414] [U] 
[  326.657823][T11414] [U] 
[  326.660535][T11414] [U] 
[  326.681038][T11414] [U] 
[  326.683787][T11414] [U] 
[  326.686501][T11414] [U] 
[  326.689211][T11414] [U] 
[  326.721778][T11414] [U] 
[  326.724529][T11414] [U] 
[  326.727242][T11414] [U] 
[  326.729959][T11414] [U] 
[  326.754489][T11414] [U] 
[  326.757240][T11414] [U] 
[  326.759951][T11414] [U] 
[  326.762671][T11414] [U] 
[  326.784441][T11414] [U] 
[  326.787194][T11414] [U] 
[  326.789912][T11414] [U] 
[  326.792626][T11414] [U] 
[  326.812704][T11414] [U] 
[  326.815459][T11414] [U] 
[  326.818169][T11414] [U] 
[  326.820878][T11414] [U] 
[  326.839868][T11414] [U] 
[  326.842615][T11414] [U] 
[  326.845323][T11414] [U] 
[  326.848033][T11414] [U] 
[  326.872833][T11414] [U] 
[  326.875585][T11414] [U] 
[  326.878315][T11414] [U] 
[  326.881034][T11414] [U] 
[  326.900016][T11414] [U] 
[  326.902762][T11414] [U] 
[  326.905477][T11414] [U] 
[  326.908186][T11414] [U] 
[  326.947042][T11414] [U] 
[  326.949793][T11414] [U] 
[  326.952524][T11414] [U] 
[  326.955232][T11414] [U] 
[  326.985403][T11414] [U] 
[  326.988156][T11414] [U] 
[  326.990866][T11414] [U] 
[  326.993579][T11414] [U] 
[  327.614978][T11414] [U] 
[  327.617727][T11414] [U] 
[  327.620446][T11414] [U] 
[  327.623152][T11414] [U] 
[  327.697161][  T293] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 1003 with max blocks 1 with error 117
[  327.710548][T11414] [U] 
[  327.713276][T11414] [U] 
[  327.715984][T11414] [U] 
[  327.718690][T11414] [U] 
[  327.783933][  T293] EXT4-fs (sda1): This should not happen!! Data will be lost
[  327.783933][  T293] 
[  327.827432][T11414] [U] 
[  327.830175][T11414] [U] 
[  327.832881][T11414] [U] 
[  327.835585][T11414] [U] 
[  327.934731][T11414] [U] 
[  328.057109][ T3528] EXT4-fs (sda1): Delayed block allocation failed for inode 2030 at logical offset 1 with max blocks 1 with error 117
[  328.147275][ T3528] EXT4-fs (sda1): This should not happen!! Data will be lost
[  328.147275][ T3528] 
[  330.392359][T11452] futex_wake_op: syz.1.1707 tries to shift op by -2048; fix this program
[  330.442641][T11452] futex_wake_op: syz.1.1707 tries to shift op by -2048; fix this program
[  330.469584][T11457] 0x001c00000000-0x100002c00000200 : ""
[  330.507162][T11457] mtd: partition "" is out of reach -- disabled
[  330.542631][T11457] ftl_cs: FTL header not found.
[  331.291955][T11479] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1717'.
[  332.096050][T11504] futex_wake_op: syz.4.1724 tries to shift op by -2048; fix this program
[  332.105787][T11504] futex_wake_op: syz.4.1724 tries to shift op by -2048; fix this program
[  332.150729][T11504] 0x001c00000000-0x100002c00000200 : ""
[  332.197360][T11504] mtd: partition "" is out of reach -- disabled
[  332.253971][T11504] ftl_cs: FTL header not found.
[  332.859640][T11519] netlink: 62 bytes leftover after parsing attributes in process `syz.1.1729'.
[  333.041049][T11522] zswap: compressor  not available
[  333.224020][T11537] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1735'.
[  333.240351][T11535] FAULT_INJECTION: forcing a failure.
[  333.240351][T11535] name failslab, interval 1, probability 0, space 0, times 0
[  333.274081][T11535] CPU: 0 UID: 0 PID: 11535 Comm: syz.3.1734 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  333.274133][T11535] Tainted: [L]=SOFTLOCKUP
[  333.274143][T11535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  333.274160][T11535] Call Trace:
[  333.274169][T11535]  <TASK>
[  333.274179][T11535]  dump_stack_lvl+0x100/0x190
[  333.274223][T11535]  should_fail_ex.cold+0x5/0xa
[  333.274256][T11535]  should_failslab+0xc2/0x120
[  333.274289][T11535]  __kmalloc_cache_noprof+0x7a/0x6f0
[  333.274323][T11535]  ? netdev_init+0xa0/0x3c0
[  333.274359][T11535]  ? __pfx_proc_create_net_data+0x10/0x10
[  333.274400][T11535]  ? __pfx_uevent_net_rcv+0x10/0x10
[  333.274446][T11535]  netdev_init+0xa0/0x3c0
[  333.274485][T11535]  ? __pfx_netdev_init+0x10/0x10
[  333.274524][T11535]  ops_init+0x1e2/0x5f0
[  333.274563][T11535]  setup_net+0x118/0x3a0
[  333.274597][T11535]  ? __pfx_setup_net+0x10/0x10
[  333.274627][T11535]  ? lockdep_init_map_type+0x5c/0x250
[  333.274665][T11535]  ? mutex_init_lockep+0x110/0x150
[  333.274710][T11535]  copy_net_ns+0x46f/0x7c0
[  333.274752][T11535]  create_new_namespaces+0x3ea/0xac0
[  333.274804][T11535]  unshare_nsproxy_namespaces+0xc3/0x1f0
[  333.274840][T11535]  ksys_unshare+0x473/0xad0
[  333.274880][T11535]  ? __pfx_ksys_unshare+0x10/0x10
[  333.274932][T11535]  __x64_sys_unshare+0x31/0x40
[  333.274967][T11535]  do_syscall_64+0x106/0xf80
[  333.275000][T11535]  ? clear_bhb_loop+0x40/0x90
[  333.275035][T11535]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  333.275065][T11535] RIP: 0033:0x7f6d1859c799
[  333.275091][T11535] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  333.275119][T11535] RSP: 002b:00007f6d193ef028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  333.275148][T11535] RAX: ffffffffffffffda RBX: 00007f6d18815fa0 RCX: 00007f6d1859c799
[  333.275174][T11535] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  333.275192][T11535] RBP: 00007f6d18632bd9 R08: 0000000000000000 R09: 0000000000000000
[  333.275210][T11535] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  333.275227][T11535] R13: 00007f6d18816038 R14: 00007f6d18815fa0 R15: 00007ffe73e27728
[  333.275269][T11535]  </TASK>
[  333.854764][T11544] futex_wake_op: syz.0.1737 tries to shift op by -2048; fix this program
[  333.887653][T11545] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1736'.
[  333.923287][T11545] vlan1: entered promiscuous mode
[  333.928791][T11545] vlan1: entered allmulticast mode
[  333.936957][T11545] veth0_vlan: entered allmulticast mode
[  334.847203][T11563] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1743'.
[  335.429890][T11580] futex_wake_op: syz.1.1748 tries to shift op by -2048; fix this program
[  335.447335][T11580] futex_wake_op: syz.1.1748 tries to shift op by -2048; fix this program
[  335.459213][T11580] 0x001c00000000-0x100002c00000200 : ""
[  335.476478][T11580] mtd: partition "" is out of reach -- disabled
[  335.518172][T11580] ftl_cs: FTL header not found.
[  335.722772][T11586] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1749'.
[  335.749714][T11586] netlink: 13 bytes leftover after parsing attributes in process `syz.3.1749'.
[  336.367902][T11598] [U] 
[  336.370696][T11598] [U] 
[  336.373365][T11598] [U] 
[  336.376038][T11598] [U] 
[  336.400860][T11598] [U] 
[  336.403564][T11598] [U] 
[  336.406233][T11598] [U] 
[  336.408925][T11598] [U] 
[  336.418288][T11598] [U] 
[  336.421029][T11598] [U] 
[  336.423738][T11598] [U] 
[  336.426428][T11598] [U] 
[  336.442858][T11598] [U] 
[  336.445598][T11598] [U] 
[  336.448311][T11598] [U] 
[  336.451021][T11598] [U] 
[  336.477122][T11598] [U] 
[  336.479866][T11598] [U] 
[  336.482583][T11598] [U] 
[  336.485297][T11598] [U] 
[  336.497292][T11598] [U] 
[  336.500013][T11598] [U] 
[  336.502688][T11598] [U] 
[  336.505361][T11598] [U] 
[  336.528119][T11598] [U] 
[  336.530863][T11598] [U] 
[  336.533577][T11598] [U] 
[  336.536296][T11598] [U] 
[  336.561346][T11598] [U] 
[  336.564086][T11598] [U] 
[  336.566805][T11598] [U] 
[  336.569528][T11598] [U] 
[  336.628481][T11598] [U] 
[  336.631188][T11598] [U] 
[  336.633883][T11598] [U] 
[  336.636572][T11598] [U] 
[  336.666835][T11598] [U] 
[  336.669539][T11598] [U] 
[  336.672210][T11598] [U] 
[  336.674876][T11598] [U] 
[  336.713669][T11598] [U] 
[  336.716401][T11598] [U] 
[  336.719114][T11598] [U] 
[  336.721827][T11598] [U] 
[  336.822646][T11598] [U] 
[  336.825375][T11598] [U] 
[  336.828073][T11598] [U] 
[  336.830769][T11598] [U] 
[  336.857038][T11598] [U] 
[  336.859757][T11598] [U] 
[  336.862434][T11598] [U] 
[  336.865099][T11598] [U] 
[  336.897461][T11598] [U] 
[  336.900165][T11598] [U] 
[  336.902834][T11598] [U] 
[  336.905533][T11598] [U] 
[  336.933092][T11598] [U] 
[  336.935822][T11598] [U] 
[  336.938527][T11598] [U] 
[  336.941217][T11598] [U] 
[  337.060244][T11598] [U] 
[  338.487671][T11614] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1756'.
[  338.817764][T11626] zswap: compressor  not available
[  340.073999][T11658] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  340.131216][T11656] FAULT_INJECTION: forcing a failure.
[  340.131216][T11656] name failslab, interval 1, probability 0, space 0, times 0
[  340.176770][T11656] CPU: 0 UID: 0 PID: 11656 Comm: syz.1.1768 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  340.176819][T11656] Tainted: [L]=SOFTLOCKUP
[  340.176829][T11656] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  340.176847][T11656] Call Trace:
[  340.176857][T11656]  <TASK>
[  340.176867][T11656]  dump_stack_lvl+0x100/0x190
[  340.176918][T11656]  should_fail_ex.cold+0x5/0xa
[  340.176960][T11656]  should_failslab+0xc2/0x120
[  340.176997][T11656]  __kmalloc_cache_noprof+0x7a/0x6f0
[  340.177035][T11656]  ? kvm_uevent_notify_change.part.0+0x94/0x450
[  340.177081][T11656]  kvm_uevent_notify_change.part.0+0x94/0x450
[  340.177119][T11656]  ? __pfx_kvm_vm_release+0x10/0x10
[  340.177150][T11656]  kvm_put_kvm+0xe4/0xb10
[  340.177185][T11656]  ? lockdep_hardirqs_on+0x78/0x100
[  340.177218][T11656]  ? _raw_spin_unlock_irq+0x2e/0x50
[  340.177250][T11656]  ? __pfx_kvm_vm_release+0x10/0x10
[  340.177281][T11656]  kvm_vm_release+0x3c/0x50
[  340.177311][T11656]  __fput+0x3ff/0xb40
[  340.177355][T11656]  ? _raw_spin_unlock_irq+0x23/0x50
[  340.177388][T11656]  task_work_run+0x150/0x240
[  340.177431][T11656]  ? __pfx_task_work_run+0x10/0x10
[  340.177481][T11656]  exit_to_user_mode_loop+0x100/0x4a0
[  340.177523][T11656]  do_syscall_64+0x668/0xf80
[  340.177555][T11656]  ? clear_bhb_loop+0x40/0x90
[  340.177591][T11656]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  340.177619][T11656] RIP: 0033:0x7fa04019c799
[  340.177645][T11656] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  340.177674][T11656] RSP: 002b:00007fa0410f8028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  340.177702][T11656] RAX: 0000000000000000 RBX: 00007fa040416090 RCX: 00007fa04019c799
[  340.177721][T11656] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[  340.177737][T11656] RBP: 00007fa040232bd9 R08: 0000000000000000 R09: 0000000000000000
[  340.177754][T11656] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  340.177772][T11656] R13: 00007fa040416128 R14: 00007fa040416090 R15: 00007ffe4d69e658
[  340.177811][T11656]  </TASK>
[  343.884554][T11713] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1786'.
[  343.906635][T11713] netlink: 'syz.1.1786': attribute type 1 has an invalid length.
[  343.927125][T11713] netlink: 13 bytes leftover after parsing attributes in process `syz.1.1786'.
[  344.338525][T11718] netlink: 186 bytes leftover after parsing attributes in process `syz.1.1790'.
[  345.562289][T11742] futex_wake_op: syz.0.1795 tries to shift op by -2048; fix this program
[  346.964217][T11771] lo: entered allmulticast mode
[  346.973787][T11771] lo: left allmulticast mode
[  346.991441][T11773] netlink: 86 bytes leftover after parsing attributes in process `syz.3.1803'.
[  347.127750][T11775] netlink: 50 bytes leftover after parsing attributes in process `syz.0.1806'.
[  347.360422][T11786] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1810'.
[  347.382395][T11786] team0 (unregistering): Port device team_slave_0 removed
[  347.396372][T11786] team0 (unregistering): Port device team_slave_1 removed
[  347.695257][T11796] FAULT_INJECTION: forcing a failure.
[  347.695257][T11796] name failslab, interval 1, probability 0, space 0, times 0
[  347.716806][T11796] CPU: 0 UID: 0 PID: 11796 Comm: syz.1.1814 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  347.716856][T11796] Tainted: [L]=SOFTLOCKUP
[  347.716868][T11796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  347.716886][T11796] Call Trace:
[  347.716895][T11796]  <TASK>
[  347.716907][T11796]  dump_stack_lvl+0x100/0x190
[  347.716956][T11796]  should_fail_ex.cold+0x5/0xa
[  347.716991][T11796]  should_failslab+0xc2/0x120
[  347.717021][T11796]  __kmalloc_cache_noprof+0x7a/0x6f0
[  347.717057][T11796]  ? nexthop_net_init+0x73/0x140
[  347.717085][T11796]  ? lockdep_init_map_type+0x5c/0x250
[  347.717125][T11796]  ? __pfx_nexthop_net_init+0x10/0x10
[  347.717154][T11796]  nexthop_net_init+0x73/0x140
[  347.717181][T11796]  ? tcf_net_init+0x55/0x150
[  347.717211][T11796]  ops_init+0x1e2/0x5f0
[  347.717252][T11796]  setup_net+0x118/0x3a0
[  347.717289][T11796]  ? __pfx_setup_net+0x10/0x10
[  347.717321][T11796]  ? lockdep_init_map_type+0x5c/0x250
[  347.717360][T11796]  ? mutex_init_lockep+0x110/0x150
[  347.717402][T11796]  copy_net_ns+0x46f/0x7c0
[  347.717443][T11796]  create_new_namespaces+0x3ea/0xac0
[  347.717483][T11796]  unshare_nsproxy_namespaces+0xc3/0x1f0
[  347.717517][T11796]  ksys_unshare+0x473/0xad0
[  347.717555][T11796]  ? __pfx_ksys_unshare+0x10/0x10
[  347.717604][T11796]  __x64_sys_unshare+0x31/0x40
[  347.717646][T11796]  do_syscall_64+0x106/0xf80
[  347.717678][T11796]  ? clear_bhb_loop+0x40/0x90
[  347.717714][T11796]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  347.717744][T11796] RIP: 0033:0x7fa04019c799
[  347.717768][T11796] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  347.717798][T11796] RSP: 002b:00007fa041119028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  347.717830][T11796] RAX: ffffffffffffffda RBX: 00007fa040415fa0 RCX: 00007fa04019c799
[  347.717850][T11796] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  347.717868][T11796] RBP: 00007fa040232bd9 R08: 0000000000000000 R09: 0000000000000000
[  347.717885][T11796] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  347.717903][T11796] R13: 00007fa040416038 R14: 00007fa040415fa0 R15: 00007ffe4d69e658
[  347.717942][T11796]  </TASK>
[  349.288631][T11828] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1826'.
[  349.341067][T11831] usb usb2: usbfs: process 11831 (syz.4.1826) did not claim interface 4 before use
[  349.541002][T11833] mkiss: ax0: crc mode is auto.
[  352.376882][T11899] sg_write: data in/out 100663260/90 bytes for SCSI command 0x0-- guessing data in;
[  352.376882][T11899]    program syz.1.1846 not setting count and/or reply_len properly
[  354.333421][T11917] [U] 
[  354.336238][T11917] [U] 
[  354.338935][T11917] [U] 
[  354.341630][T11917] [U] 
[  354.367026][T11917] [U] 
[  354.369745][T11917] [U] 
[  354.372418][T11917] [U] 
[  354.375109][T11917] [U] 
[  354.395850][T11917] [U] 
[  354.398578][T11917] [U] 
[  354.401299][T11917] [U] 
[  354.404012][T11917] [U] 
[  354.436449][T11917] [U] 
[  354.439153][T11917] [U] 
[  354.441825][T11917] [U] 
[  354.444497][T11917] [U] 
[  354.469058][T11917] [U] 
[  354.471764][T11917] [U] 
[  354.474435][T11917] [U] 
[  354.477106][T11917] [U] 
[  354.515734][T11917] [U] 
[  354.518466][T11917] [U] 
[  354.521183][T11917] [U] 
[  354.523901][T11917] [U] 
[  354.560661][T11917] [U] 
[  354.563392][T11917] [U] 
[  354.566067][T11917] [U] 
[  354.568768][T11917] [U] 
[  354.583584][T11917] [U] 
[  354.586326][T11917] [U] 
[  354.589027][T11917] [U] 
[  354.591725][T11917] [U] 
[  354.611838][T11917] [U] 
[  354.614571][T11917] [U] 
[  354.617256][T11917] [U] 
[  354.619931][T11917] [U] 
[  354.633753][T11917] [U] 
[  354.636473][T11917] [U] 
[  354.639150][T11917] [U] 
[  354.641822][T11917] [U] 
[  354.682214][T11917] [U] 
[  354.684972][T11917] [U] 
[  354.687730][T11917] [U] 
[  354.690423][T11917] [U] 
[  354.708619][T11917] [U] 
[  354.711366][T11917] [U] 
[  354.714085][T11917] [U] 
[  354.716798][T11917] [U] 
[  354.778533][T11917] [U] 
[  354.781288][T11917] [U] 
[  354.784009][T11917] [U] 
[  354.786727][T11917] [U] 
[  354.821643][T11917] [U] 
[  354.824394][T11917] [U] 
[  354.827107][T11917] [U] 
[  354.829796][T11917] [U] 
[  354.853633][T11917] [U] 
[  355.331574][T11953] vhci_hcd vhci_hcd.1: default hub control req: 0000 v0000 i0000 l0
[  355.385712][T11958] netlink: 'syz.1.1864': attribute type 10 has an invalid length.
[  355.401250][T11958] netlink: 230 bytes leftover after parsing attributes in process `syz.1.1864'.
[  355.480322][T11958] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[  355.961246][ T5829] Bluetooth: hci0: unexpected event 0x09 length: 435 > 3
[  357.289885][T11997] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1875'.
[  357.332545][T11998] netlink: 'syz.0.1876': attribute type 19 has an invalid length.
[  357.387109][T11998] netlink: 226 bytes leftover after parsing attributes in process `syz.0.1876'.
[  357.570214][ T5829] Bluetooth: hci1: unexpected event 0x07 length: 435 > 255
[  357.693828][T12010] netlink: 'syz.3.1881': attribute type 28 has an invalid length.
[  357.723514][T12010] netlink: 'syz.3.1881': attribute type 3 has an invalid length.
[  357.735803][T12010] netlink: 306 bytes leftover after parsing attributes in process `syz.3.1881'.
[  357.812215][T12014] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1882'.
[  357.887813][ T3528] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 1003 with max blocks 1 with error 117
[  357.917018][ T3528] EXT4-fs (sda1): This should not happen!! Data will be lost
[  357.917018][ T3528] 
[  358.551885][T12030] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1887'.
[  358.672641][T12037] usb usb2: usbfs: process 12037 (syz.1.1887) did not claim interface 4 before use
[  360.350689][T12064] FAULT_INJECTION: forcing a failure.
[  360.350689][T12064] name failslab, interval 1, probability 0, space 0, times 0
[  360.363633][T12064] CPU: 1 UID: 0 PID: 12064 Comm: syz.1.1896 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  360.363674][T12064] Tainted: [L]=SOFTLOCKUP
[  360.363683][T12064] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  360.363699][T12064] Call Trace:
[  360.363707][T12064]  <TASK>
[  360.363718][T12064]  dump_stack_lvl+0x100/0x190
[  360.363762][T12064]  should_fail_ex.cold+0x5/0xa
[  360.363794][T12064]  should_failslab+0xc2/0x120
[  360.363823][T12064]  __kvmalloc_node_noprof+0xfa/0xa00
[  360.363861][T12064]  ? alloc_fdtable+0x17f/0x2d0
[  360.363906][T12064]  alloc_fdtable+0x17f/0x2d0
[  360.363943][T12064]  dup_fd+0x995/0xd10
[  360.363972][T12064]  ? __fget_files+0x21f/0x3d0
[  360.364001][T12064]  ksys_unshare+0x7ad/0xad0
[  360.364038][T12064]  ? __pfx_ksys_unshare+0x10/0x10
[  360.364087][T12064]  __x64_sys_unshare+0x31/0x40
[  360.364120][T12064]  do_syscall_64+0x106/0xf80
[  360.364152][T12064]  ? clear_bhb_loop+0x40/0x90
[  360.364195][T12064]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  360.364223][T12064] RIP: 0033:0x7fa04019c799
[  360.364246][T12064] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  360.364273][T12064] RSP: 002b:00007fa041119028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  360.364299][T12064] RAX: ffffffffffffffda RBX: 00007fa040415fa0 RCX: 00007fa04019c799
[  360.364317][T12064] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000400
[  360.364333][T12064] RBP: 00007fa040232bd9 R08: 0000000000000000 R09: 0000000000000000
[  360.364350][T12064] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  360.364366][T12064] R13: 00007fa040416038 R14: 00007fa040415fa0 R15: 00007ffe4d69e658
[  360.364403][T12064]  </TASK>
[  361.163016][T12082] FAULT_INJECTION: forcing a failure.
[  361.163016][T12082] name failslab, interval 1, probability 0, space 0, times 0
[  361.178229][T12082] CPU: 0 UID: 0 PID: 12082 Comm: syz.3.1902 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  361.178272][T12082] Tainted: [L]=SOFTLOCKUP
[  361.178283][T12082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  361.178299][T12082] Call Trace:
[  361.178316][T12082]  <TASK>
[  361.178327][T12082]  dump_stack_lvl+0x100/0x190
[  361.178377][T12082]  should_fail_ex.cold+0x5/0xa
[  361.178410][T12082]  should_failslab+0xc2/0x120
[  361.178441][T12082]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  361.178485][T12082]  ? __alloc_skb+0x140/0x710
[  361.178521][T12082]  __alloc_skb+0x140/0x710
[  361.178548][T12082]  ? __alloc_skb+0x5b7/0x710
[  361.178575][T12082]  ? __pfx___alloc_skb+0x10/0x10
[  361.178603][T12082]  ? aa_label_sk_perm+0x194/0x5f0
[  361.178649][T12082]  alloc_skb_with_frags+0xe0/0x810
[  361.178685][T12082]  ? __lock_acquire+0x4a5/0x2630
[  361.178718][T12082]  sock_alloc_send_pskb+0x801/0x980
[  361.178753][T12082]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  361.178780][T12082]  ? __pfx_autoremove_wake_function+0x10/0x10
[  361.178811][T12082]  ? finish_task_switch.isra.0+0x205/0xb80
[  361.178846][T12082]  caif_stream_sendmsg+0x446/0x800
[  361.178875][T12082]  ? __pfx_caif_stream_sendmsg+0x10/0x10
[  361.178893][T12082]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  361.178917][T12082]  sock_write_iter+0x566/0x610
[  361.178940][T12082]  ? __pfx_sock_write_iter+0x10/0x10
[  361.178973][T12082]  do_iter_readv_writev+0x6ee/0x920
[  361.178995][T12082]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  361.179019][T12082]  ? bpf_lsm_file_permission+0x9/0x10
[  361.179041][T12082]  ? security_file_permission+0x76/0x210
[  361.179057][T12082]  ? rw_verify_area+0xce/0x6d0
[  361.179078][T12082]  vfs_writev+0x360/0xe10
[  361.179104][T12082]  ? __pfx_vfs_writev+0x10/0x10
[  361.179137][T12082]  ? __fget_files+0x21f/0x3d0
[  361.179155][T12082]  ? do_writev+0x28a/0x340
[  361.179174][T12082]  do_writev+0x28a/0x340
[  361.179195][T12082]  ? __pfx_do_writev+0x10/0x10
[  361.179221][T12082]  do_syscall_64+0x106/0xf80
[  361.179238][T12082]  ? clear_bhb_loop+0x40/0x90
[  361.179256][T12082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  361.179271][T12082] RIP: 0033:0x7f6d1859c799
[  361.179284][T12082] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  361.179298][T12082] RSP: 002b:00007f6d193ef028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  361.179321][T12082] RAX: ffffffffffffffda RBX: 00007f6d18815fa0 RCX: 00007f6d1859c799
[  361.179331][T12082] RDX: 0000000000000008 RSI: 0000200000000100 RDI: 0000000000000003
[  361.179340][T12082] RBP: 00007f6d18632bd9 R08: 0000000000000000 R09: 0000000000000000
[  361.179350][T12082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  361.179359][T12082] R13: 00007f6d18816038 R14: 00007f6d18815fa0 R15: 00007ffe73e27728
[  361.179379][T12082]  </TASK>
[  362.328032][T12099] FAULT_INJECTION: forcing a failure.
[  362.328032][T12099] name failslab, interval 1, probability 0, space 0, times 0
[  362.357739][T12099] CPU: 0 UID: 0 PID: 12099 Comm: syz.3.1908 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  362.357785][T12099] Tainted: [L]=SOFTLOCKUP
[  362.357796][T12099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  362.357814][T12099] Call Trace:
[  362.357823][T12099]  <TASK>
[  362.357832][T12099]  dump_stack_lvl+0x100/0x190
[  362.357876][T12099]  should_fail_ex.cold+0x5/0xa
[  362.357907][T12099]  should_failslab+0xc2/0x120
[  362.357933][T12099]  __kvmalloc_node_noprof+0xfa/0xa00
[  362.357969][T12099]  ? alloc_fdtable+0x17f/0x2d0
[  362.358016][T12099]  alloc_fdtable+0x17f/0x2d0
[  362.358053][T12099]  dup_fd+0x995/0xd10
[  362.358079][T12099]  ? __fget_files+0x21f/0x3d0
[  362.358105][T12099]  ksys_unshare+0x7ad/0xad0
[  362.358137][T12099]  ? __pfx_ksys_unshare+0x10/0x10
[  362.358188][T12099]  __x64_sys_unshare+0x31/0x40
[  362.358219][T12099]  do_syscall_64+0x106/0xf80
[  362.358254][T12099]  ? clear_bhb_loop+0x40/0x90
[  362.358285][T12099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  362.358310][T12099] RIP: 0033:0x7f6d1859c799
[  362.358331][T12099] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  362.358356][T12099] RSP: 002b:00007f6d193ef028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  362.358380][T12099] RAX: ffffffffffffffda RBX: 00007f6d18815fa0 RCX: 00007f6d1859c799
[  362.358396][T12099] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000400
[  362.358412][T12099] RBP: 00007f6d18632bd9 R08: 0000000000000000 R09: 0000000000000000
[  362.358427][T12099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  362.358442][T12099] R13: 00007f6d18816038 R14: 00007f6d18815fa0 R15: 00007ffe73e27728
[  362.358473][T12099]  </TASK>
[  362.621654][T12113] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1915'.
[  362.689247][T12117] usb usb2: usbfs: process 12117 (syz.3.1915) did not claim interface 4 before use
[  366.658717][T12189] FAULT_INJECTION: forcing a failure.
[  366.658717][T12189] name failslab, interval 1, probability 0, space 0, times 0
[  366.692836][T12189] CPU: 1 UID: 0 PID: 12189 Comm: syz.4.1935 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  366.692883][T12189] Tainted: [L]=SOFTLOCKUP
[  366.692892][T12189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  366.692909][T12189] Call Trace:
[  366.692918][T12189]  <TASK>
[  366.692929][T12189]  dump_stack_lvl+0x100/0x190
[  366.692974][T12189]  should_fail_ex.cold+0x5/0xa
[  366.693004][T12189]  should_failslab+0xc2/0x120
[  366.693032][T12189]  __kmalloc_cache_noprof+0x7a/0x6f0
[  366.693066][T12189]  ? tty_alloc_file+0x3f/0xa0
[  366.693100][T12189]  ? kobject_get_unless_zero+0x156/0x200
[  366.693140][T12189]  ? __pfx_ptmx_open+0x10/0x10
[  366.693167][T12189]  tty_alloc_file+0x3f/0xa0
[  366.693199][T12189]  ptmx_open+0x61/0x3c0
[  366.693226][T12189]  ? __pfx_ptmx_open+0x10/0x10
[  366.693252][T12189]  chrdev_open+0x234/0x6a0
[  366.693279][T12189]  ? __pfx_apparmor_file_open+0x10/0x10
[  366.693319][T12189]  ? __pfx_chrdev_open+0x10/0x10
[  366.693348][T12189]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  366.693384][T12189]  do_dentry_open+0x6d8/0x1660
[  366.693413][T12189]  ? __pfx_chrdev_open+0x10/0x10
[  366.693450][T12189]  vfs_open+0x82/0x3f0
[  366.693487][T12189]  path_openat+0x208c/0x31a0
[  366.693527][T12189]  ? __pfx_path_openat+0x10/0x10
[  366.693569][T12189]  do_file_open+0x20e/0x430
[  366.693600][T12189]  ? __pfx_do_file_open+0x10/0x10
[  366.693654][T12189]  ? alloc_fd+0x476/0x790
[  366.693684][T12189]  ? do_getname+0x191/0x390
[  366.693730][T12189]  do_sys_openat2+0x10d/0x1e0
[  366.693767][T12189]  ? __pfx_do_sys_openat2+0x10/0x10
[  366.693816][T12189]  __x64_sys_openat+0x12d/0x210
[  366.693853][T12189]  ? __pfx___x64_sys_openat+0x10/0x10
[  366.693903][T12189]  do_syscall_64+0x106/0xf80
[  366.693935][T12189]  ? clear_bhb_loop+0x40/0x90
[  366.693969][T12189]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  366.693998][T12189] RIP: 0033:0x7fc3f539c799
[  366.694022][T12189] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  366.694050][T12189] RSP: 002b:00007fc3f61e7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  366.694077][T12189] RAX: ffffffffffffffda RBX: 00007fc3f5615fa0 RCX: 00007fc3f539c799
[  366.694097][T12189] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  366.694115][T12189] RBP: 00007fc3f5432bd9 R08: 0000000000000000 R09: 0000000000000000
[  366.694133][T12189] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  366.694150][T12189] R13: 00007fc3f5616038 R14: 00007fc3f5615fa0 R15: 00007ffc7c2d48d8
[  366.694187][T12189]  </TASK>
[  368.048813][T12209] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000
[  368.074247][T12209] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  368.108395][T12209] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  368.126268][T12209] page_type: f5(slab)
[  368.130430][T12209] raw: 00fff00000000040 ffff88801ce90280 dead000000000100 dead000000000122
[  368.149432][T12209] raw: 0000000000000000 0000000800190019 00000000f5000000 0000000000000000
[  368.158725][T12209] head: 00fff00000000040 ffff88801ce90280 dead000000000100 dead000000000122
[  368.176856][T12209] head: 0000000000000000 0000000800190019 00000000f5000000 0000000000000000
[  368.196635][T12209] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff
[  368.212235][T12209] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  368.221542][T12209] page dumped because: unmovable page
[  368.231245][T12209] page_owner tracks the page as allocated
[  368.239405][T12209] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0xd20d0(__GFP_RECLAIMABLE|__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5208, tgid 5208 (udevadm), ts 30679892700, free_ts 23698878562
[  368.262727][T12209]  post_alloc_hook+0x153/0x170
[  368.267895][T12209]  get_page_from_freelist+0x111d/0x3140
[  368.273706][T12209]  __alloc_frozen_pages_noprof+0x27c/0x2ba0
[  368.280265][T12209]  new_slab+0xa6/0x6d0
[  368.284591][T12209]  refill_objects+0x26b/0x400
[  368.289803][T12209]  __pcs_replace_empty_main+0x19f/0x600
[  368.295611][T12209]  kmem_cache_alloc_lru_noprof+0x485/0x6e0
[  368.326236][T12209]  alloc_inode+0x183/0x250
[  368.349161][T12209]  iget_locked+0x1d9/0x6d0
[  368.376793][T12209]  kernfs_get_inode+0x46/0x470
[  368.392121][T12209]  kernfs_iop_lookup+0x1a7/0x2d0
[  368.405572][T12209]  __lookup_slow+0x251/0x460
[  368.428746][T12209]  lookup_slow+0x50/0x70
[  368.443598][T12209]  link_path_walk+0x1377/0x1cc0
[  368.462448][T12209]  path_lookupat+0x74/0xc40
[  368.481394][T12209]  filename_lookup+0x202/0x590
[  368.513488][T12209] page last free pid 1 tgid 1 stack trace:
[  368.520380][T12209]  __free_frozen_pages+0x7e1/0x10d0
[  368.541954][T12209]  free_contig_range+0xde/0x1d0
[  368.569858][T12209]  destroy_args+0xa8/0x7a0
[  368.577059][T12209]  debug_vm_pgtable+0x1b66/0x34c0
[  368.590335][T12209]  do_one_initcall+0x11d/0x760
[  368.595255][T12209]  kernel_init_freeable+0x6e5/0x7a0
[  368.606786][T12209]  kernel_init+0x1f/0x1e0
[  368.616994][T12209]  ret_from_fork+0x754/0xd80
[  368.627955][T12209]  ret_from_fork_asm+0x1a/0x30
[  369.111257][T12226] zswap: compressor  not available
[  370.561504][T12248] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1950'.
[  370.599357][T12240] sp0: Synchronizing with TNC
[  370.938156][T12251] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1951'.
[  371.613521][T12265] netlink: 354 bytes leftover after parsing attributes in process `syz.0.1953'.
[  371.943936][T12270] FAULT_INJECTION: forcing a failure.
[  371.943936][T12270] name failslab, interval 1, probability 0, space 0, times 0
[  372.124270][T12270] CPU: 0 UID: 0 PID: 12270 Comm: syz.1.1959 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  372.124311][T12270] Tainted: [L]=SOFTLOCKUP
[  372.124321][T12270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  372.124339][T12270] Call Trace:
[  372.124349][T12270]  <TASK>
[  372.124361][T12270]  dump_stack_lvl+0x100/0x190
[  372.124407][T12270]  should_fail_ex.cold+0x5/0xa
[  372.124436][T12270]  should_failslab+0xc2/0x120
[  372.124464][T12270]  __kmalloc_cache_noprof+0x7a/0x6f0
[  372.124495][T12270]  ? __alloc_workqueue+0x1a0/0x1880
[  372.124533][T12270]  __alloc_workqueue+0x1a0/0x1880
[  372.124565][T12270]  ? __pfx_vsnprintf+0x10/0x10
[  372.124594][T12270]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  372.124626][T12270]  ? lockdep_hardirqs_on+0x78/0x100
[  372.124658][T12270]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  372.124692][T12270]  alloc_workqueue_noprof+0xd2/0x200
[  372.124725][T12270]  ? __pfx_alloc_workqueue_noprof+0x10/0x10
[  372.124767][T12270]  ? __pfx___debug_object_init+0x10/0x10
[  372.124815][T12270]  nci_register_device+0x21e/0xb80
[  372.124859][T12270]  ? __pfx_nci_register_device+0x10/0x10
[  372.124917][T12270]  ? lockdep_init_map_type+0x5c/0x250
[  372.124962][T12270]  virtual_ncidev_open+0x141/0x220
[  372.124995][T12270]  ? __pfx_virtual_ncidev_open+0x10/0x10
[  372.125026][T12270]  misc_open+0x26d/0x450
[  372.125068][T12270]  ? __pfx_misc_open+0x10/0x10
[  372.125110][T12270]  chrdev_open+0x234/0x6a0
[  372.125137][T12270]  ? __pfx_apparmor_file_open+0x10/0x10
[  372.125175][T12270]  ? __pfx_chrdev_open+0x10/0x10
[  372.125205][T12270]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  372.125242][T12270]  do_dentry_open+0x6d8/0x1660
[  372.125268][T12270]  ? __pfx_chrdev_open+0x10/0x10
[  372.125313][T12270]  vfs_open+0x82/0x3f0
[  372.125352][T12270]  path_openat+0x208c/0x31a0
[  372.125394][T12270]  ? __pfx_path_openat+0x10/0x10
[  372.125435][T12270]  do_file_open+0x20e/0x430
[  372.125465][T12270]  ? __pfx_do_file_open+0x10/0x10
[  372.125517][T12270]  ? alloc_fd+0x476/0x790
[  372.125547][T12270]  ? do_getname+0x191/0x390
[  372.125585][T12270]  do_sys_openat2+0x10d/0x1e0
[  372.125620][T12270]  ? __pfx_do_sys_openat2+0x10/0x10
[  372.125658][T12270]  ? __fget_files+0x21f/0x3d0
[  372.125691][T12270]  __x64_sys_openat+0x12d/0x210
[  372.125729][T12270]  ? __pfx___x64_sys_openat+0x10/0x10
[  372.125779][T12270]  do_syscall_64+0x106/0xf80
[  372.125812][T12270]  ? clear_bhb_loop+0x40/0x90
[  372.125848][T12270]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  372.125878][T12270] RIP: 0033:0x7fa04019c799
[  372.125901][T12270] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  372.125936][T12270] RSP: 002b:00007fa041119028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  372.125963][T12270] RAX: ffffffffffffffda RBX: 00007fa040415fa0 RCX: 00007fa04019c799
[  372.125982][T12270] RDX: 0000000000000002 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  372.126000][T12270] RBP: 00007fa040232bd9 R08: 0000000000000000 R09: 0000000000000000
[  372.126017][T12270] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  372.126034][T12270] R13: 00007fa040416038 R14: 00007fa040415fa0 R15: 00007ffe4d69e658
[  372.126073][T12270]  </TASK>
[  373.888759][T12294] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1968'.
[  373.914347][T12296] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1969'.
[  373.965487][T12296] netlink: 25 bytes leftover after parsing attributes in process `syz.0.1969'.
[  374.315815][T12301] netlink: 'syz.0.1971': attribute type 10 has an invalid length.
[  374.338856][T12301] netlink: 'syz.0.1971': attribute type 13 has an invalid length.
[  375.602632][T12328] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1982'.
[  375.627234][T12328] netlink: 'syz.4.1982': attribute type 1 has an invalid length.
[  375.660029][T12328] netlink: 13 bytes leftover after parsing attributes in process `syz.4.1982'.
[  376.728630][T12351] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1988'.
[  376.770013][T12351] netlink: 13 bytes leftover after parsing attributes in process `syz.4.1988'.
[  377.006015][T12354] netlink: 246 bytes leftover after parsing attributes in process `syz.0.1987'.
[  378.551480][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  378.560973][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  379.868663][T12403] netlink: 54 bytes leftover after parsing attributes in process `syz.3.2003'.
[  380.844844][T12415] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2013'.
[  380.854786][T12415] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  380.900767][T12415] batman_adv: batadv0: Removing interface: batadv_slave_0
[  382.019691][   T58] EXT4-fs (sda1): Delayed block allocation failed for inode 2026 at logical offset 1 with max blocks 1 with error 117
[  382.053079][   T58] EXT4-fs (sda1): This should not happen!! Data will be lost
[  382.053079][   T58] 
[  382.338771][T12437] �: entered promiscuous mode
[  382.688277][T12446] FAULT_INJECTION: forcing a failure.
[  382.688277][T12446] name failslab, interval 1, probability 0, space 0, times 0
[  382.707388][T12446] CPU: 1 UID: 0 PID: 12446 Comm: syz.4.2019 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  382.707435][T12446] Tainted: [L]=SOFTLOCKUP
[  382.707445][T12446] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  382.707462][T12446] Call Trace:
[  382.707471][T12446]  <TASK>
[  382.707482][T12446]  dump_stack_lvl+0x100/0x190
[  382.707528][T12446]  should_fail_ex.cold+0x5/0xa
[  382.707561][T12446]  ? acpi_ns_get_normalized_pathname+0x95/0x250
[  382.707596][T12446]  should_failslab+0xc2/0x120
[  382.707626][T12446]  __kmalloc_noprof+0xe0/0x850
[  382.707675][T12446]  acpi_ns_get_normalized_pathname+0x95/0x250
[  382.707713][T12446]  acpi_ds_call_control_method+0x5d4/0xab0
[  382.707758][T12446]  acpi_ps_parse_aml+0xacd/0x1120
[  382.707808][T12446]  acpi_ps_execute_method+0x5c4/0xe90
[  382.707844][T12446]  acpi_ns_evaluate+0x640/0x1670
[  382.707882][T12446]  acpi_evaluate_object+0x420/0xe00
[  382.707919][T12446]  ? kasan_save_stack+0x30/0x50
[  382.707957][T12446]  ? kasan_save_track+0x14/0x30
[  382.708003][T12446]  ? __pfx_acpi_evaluate_object+0x10/0x10
[  382.708056][T12446]  acpi_evaluate_integer+0xdf/0x220
[  382.708089][T12446]  ? __pfx_acpi_evaluate_integer+0x10/0x10
[  382.708139][T12446]  ? __pfx_status_show+0x10/0x10
[  382.708189][T12446]  status_show+0xa0/0x120
[  382.708228][T12446]  ? __pfx_status_show+0x10/0x10
[  382.708277][T12446]  dev_attr_show+0x52/0xa0
[  382.708305][T12446]  ? __pfx_dev_attr_show+0x10/0x10
[  382.708332][T12446]  sysfs_kf_seq_show+0x217/0x3a0
[  382.708375][T12446]  seq_read_iter+0x32f/0x1270
[  382.708434][T12446]  kernfs_fop_read_iter+0x46c/0x610
[  382.708466][T12446]  ? rw_verify_area+0xce/0x6d0
[  382.708504][T12446]  ? __pfx_kernfs_fop_read_iter+0x10/0x10
[  382.708538][T12446]  vfs_read+0x825/0xb30
[  382.708585][T12446]  ? __pfx_vfs_read+0x10/0x10
[  382.708651][T12446]  ksys_read+0x12a/0x250
[  382.708692][T12446]  ? __pfx_ksys_read+0x10/0x10
[  382.708746][T12446]  do_syscall_64+0x106/0xf80
[  382.708779][T12446]  ? clear_bhb_loop+0x40/0x90
[  382.708816][T12446]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  382.708845][T12446] RIP: 0033:0x7fc3f539c799
[  382.708869][T12446] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  382.708897][T12446] RSP: 002b:00007fc3f61e7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  382.708923][T12446] RAX: ffffffffffffffda RBX: 00007fc3f5615fa0 RCX: 00007fc3f539c799
[  382.708942][T12446] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000005
[  382.708958][T12446] RBP: 00007fc3f5432bd9 R08: 0000000000000000 R09: 0000000000000000
[  382.708974][T12446] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  382.708989][T12446] R13: 00007fc3f5616038 R14: 00007fc3f5615fa0 R15: 00007ffc7c2d48d8
[  382.709026][T12446]  </TASK>
[  382.711336][T12446] ACPI Error: 
[  382.784238][T12451] random: crng reseeded on system resumption
[  382.793984][T12446] Could not allocate 10 bytes
[  382.853163][T12446]  (20251212/nsnames-308)
[  385.017541][T12492] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input9
[  385.323262][T12495] netlink: 25 bytes leftover after parsing attributes in process `syz.4.2030'.
[  385.462401][T12499] Kernel: The 'panic_print' parameter is now deprecated. Please use 'panic_sys_info' and 'panic_console_replay' instead.
[  385.771360][T12509] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2046'.
[  385.822530][T12509] netlink: 25 bytes leftover after parsing attributes in process `syz.1.2046'.
[  386.142621][T12503] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  387.977110][ T1101] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 1003 with max blocks 1 with error 117
[  388.035761][ T1101] EXT4-fs (sda1): This should not happen!! Data will be lost
[  388.035761][ T1101] 
[  388.110051][T12556] vivid-007: =================  START STATUS  =================
[  388.120766][T12556] vivid-007: Enable Output Cropping: true grabbed
[  388.145727][T12556] vivid-007: Enable Output Composing: true grabbed
[  388.166588][T12556] vivid-007: Enable Output Scaler: true grabbed
[  388.185466][T12556] vivid-007: Tx RGB Quantization Range: Automatic grabbed
[  388.242246][T12556] vivid-007: Transmit Mode: HDMI grabbed
[  388.266779][T12556] vivid-007: Hotplug Present: 0x00000000
[  388.296526][T12556] vivid-007: RxSense Present: 0x00000000
[  388.341123][T12556] vivid-007: EDID Present: 0x00000000
[  388.346571][T12556] vivid-007: ==================  END STATUS  ==================
[  388.819313][ T5829] Bluetooth: hci2: unexpected subevent 0x18 length: 123 > 19
[  388.820010][T12577] binder: 12572:12577 ioctl c0306201 200000000000 returned -11
[  388.826921][ T5829] Bluetooth: hci2: Unable to find connection for dst f9:56:cc:cc:70:a9 sid 0x00
[  388.857652][T12574] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2064'.
[  390.426527][T12597] futex_wake_op: syz.3.2065 tries to shift op by -2048; fix this program
[  390.447164][T12597] futex_wake_op: syz.3.2065 tries to shift op by -2048; fix this program
[  390.458651][T12597] 0x000000000001-0x000000020000 : ""
[  390.491475][T12597] ftl_cs: FTL header corrupt!
[  390.735243][T12606] FAULT_INJECTION: forcing a failure.
[  390.735243][T12606] name failslab, interval 1, probability 0, space 0, times 0
[  390.748041][T12606] CPU: 1 UID: 0 PID: 12606 Comm: syz.3.2067 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  390.748085][T12606] Tainted: [L]=SOFTLOCKUP
[  390.748095][T12606] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  390.748113][T12606] Call Trace:
[  390.748122][T12606]  <TASK>
[  390.748133][T12606]  dump_stack_lvl+0x100/0x190
[  390.748181][T12606]  should_fail_ex.cold+0x5/0xa
[  390.748215][T12606]  should_failslab+0xc2/0x120
[  390.748246][T12606]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[  390.748288][T12606]  ? alloc_inode+0x183/0x250
[  390.748332][T12606]  ? do_raw_spin_lock+0x128/0x260
[  390.748378][T12606]  alloc_inode+0x183/0x250
[  390.748415][T12606]  alloc_anon_inode+0x2a/0x3e0
[  390.748445][T12606]  anon_inode_make_secure_inode+0x2f/0x140
[  390.748482][T12606]  __anon_inode_getfile+0x1cf/0x280
[  390.748519][T12606]  new_userfaultfd+0x255/0x400
[  390.748562][T12606]  __x64_sys_userfaultfd+0x4b/0xb0
[  390.748605][T12606]  do_syscall_64+0x106/0xf80
[  390.748637][T12606]  ? clear_bhb_loop+0x40/0x90
[  390.748672][T12606]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  390.748700][T12606] RIP: 0033:0x7f6d1859c799
[  390.748724][T12606] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  390.748752][T12606] RSP: 002b:00007f6d193ef028 EFLAGS: 00000246 ORIG_RAX: 0000000000000143
[  390.748780][T12606] RAX: ffffffffffffffda RBX: 00007f6d18815fa0 RCX: 00007f6d1859c799
[  390.748800][T12606] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  390.748817][T12606] RBP: 00007f6d18632bd9 R08: 0000000000000000 R09: 0000000000000000
[  390.748834][T12606] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  390.748851][T12606] R13: 00007f6d18816038 R14: 00007f6d18815fa0 R15: 00007ffe73e27728
[  390.748887][T12606]  </TASK>
[  392.666325][T12640] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2077'.
[  394.697392][T12678] netlink: 186 bytes leftover after parsing attributes in process `syz.1.2092'.
[  394.734864][T12678] netlink: 186 bytes leftover after parsing attributes in process `syz.1.2092'.
[  394.909364][T12679] netlink: 252 bytes leftover after parsing attributes in process `syz.3.2091'.
[  394.928377][T12679] netlink: 252 bytes leftover after parsing attributes in process `syz.3.2091'.
[  395.329182][T12688] netlink: 25 bytes leftover after parsing attributes in process `syz.3.2094'.
[  396.179388][T12705] FAULT_INJECTION: forcing a failure.
[  396.179388][T12705] name failslab, interval 1, probability 0, space 0, times 0
[  396.192227][T12705] CPU: 1 UID: 0 PID: 12705 Comm: syz.4.2102 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  396.192253][T12705] Tainted: [L]=SOFTLOCKUP
[  396.192258][T12705] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  396.192268][T12705] Call Trace:
[  396.192274][T12705]  <TASK>
[  396.192282][T12705]  dump_stack_lvl+0x100/0x190
[  396.192312][T12705]  should_fail_ex.cold+0x5/0xa
[  396.192330][T12705]  should_failslab+0xc2/0x120
[  396.192345][T12705]  __kmalloc_cache_noprof+0x7a/0x6f0
[  396.192368][T12705]  ? nci_hci_allocate+0x45/0x330
[  396.192385][T12705]  ? mutex_init_lockep+0x110/0x150
[  396.192407][T12705]  nci_hci_allocate+0x45/0x330
[  396.192423][T12705]  nci_allocate_device+0x26f/0x410
[  396.192447][T12705]  virtual_ncidev_open+0x6f/0x220
[  396.192465][T12705]  ? __pfx_virtual_ncidev_open+0x10/0x10
[  396.192480][T12705]  misc_open+0x26d/0x450
[  396.192504][T12705]  ? __pfx_misc_open+0x10/0x10
[  396.192526][T12705]  chrdev_open+0x234/0x6a0
[  396.192540][T12705]  ? __pfx_apparmor_file_open+0x10/0x10
[  396.192561][T12705]  ? __pfx_chrdev_open+0x10/0x10
[  396.192576][T12705]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  396.192599][T12705]  do_dentry_open+0x6d8/0x1660
[  396.192613][T12705]  ? __pfx_chrdev_open+0x10/0x10
[  396.192632][T12705]  vfs_open+0x82/0x3f0
[  396.192652][T12705]  path_openat+0x208c/0x31a0
[  396.192673][T12705]  ? __pfx_path_openat+0x10/0x10
[  396.192695][T12705]  do_file_open+0x20e/0x430
[  396.192710][T12705]  ? __pfx_do_file_open+0x10/0x10
[  396.192747][T12705]  ? alloc_fd+0x476/0x790
[  396.192763][T12705]  ? do_getname+0x191/0x390
[  396.192783][T12705]  do_sys_openat2+0x10d/0x1e0
[  396.192803][T12705]  ? __pfx_do_sys_openat2+0x10/0x10
[  396.192829][T12705]  __x64_sys_openat+0x12d/0x210
[  396.192849][T12705]  ? __pfx___x64_sys_openat+0x10/0x10
[  396.192875][T12705]  do_syscall_64+0x106/0xf80
[  396.192892][T12705]  ? clear_bhb_loop+0x40/0x90
[  396.192910][T12705]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  396.192926][T12705] RIP: 0033:0x7fc3f539c799
[  396.192939][T12705] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  396.192954][T12705] RSP: 002b:00007fc3f61e7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  396.192969][T12705] RAX: ffffffffffffffda RBX: 00007fc3f5615fa0 RCX: 00007fc3f539c799
[  396.192979][T12705] RDX: 0000000000000002 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  396.192988][T12705] RBP: 00007fc3f5432bd9 R08: 0000000000000000 R09: 0000000000000000
[  396.192997][T12705] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  396.193006][T12705] R13: 00007fc3f5616038 R14: 00007fc3f5615fa0 R15: 00007ffc7c2d48d8
[  396.193029][T12705]  </TASK>
[  396.476810][ T5829] Bluetooth: hci2: Malformed LE Event: 0x1b
[  397.620390][T12713] 
[  397.622749][T12713] ======================================================
[  397.629766][T12713] WARNING: possible circular locking dependency detected
[  397.636786][T12713] syzkaller #0 Tainted: G             L     
[  397.642763][T12713] ------------------------------------------------------
[  397.649774][T12713] syz.1.2105/12713 is trying to acquire lock:
[  397.655835][T12713] ffff88805d53bc68 ((work_completion)(&new_smc->smc_listen_work)){+.+.}-{0:0}, at: __flush_work+0x4ca/0xcb0
[  397.667357][T12713] 
[  397.667357][T12713] but task is already holding lock:
[  397.674715][T12713] ffff88805d53cd60 (sk_lock-AF_SMC/1){+.+.}-{0:0}, at: smc_release+0x3a5/0x620
[  397.683725][T12713] 
[  397.683725][T12713] which lock already depends on the new lock.
[  397.683725][T12713] 
[  397.694123][T12713] 
[  397.694123][T12713] the existing dependency chain (in reverse order) is:
[  397.703136][T12713] 
[  397.703136][T12713] -> #1 (sk_lock-AF_SMC/1){+.+.}-{0:0}:
[  397.710891][T12713]        lock_sock_nested+0x41/0xf0
[  397.716101][T12713]        smc_listen_out+0x1f5/0x4b0
[  397.721306][T12713]        smc_listen_work+0x4c2/0x50e0
[  397.726688][T12713]        process_one_work+0x9d7/0x1920
[  397.732148][T12713]        worker_thread+0x5da/0xe40
[  397.737258][T12713]        kthread+0x370/0x450
[  397.741845][T12713]        ret_from_fork+0x754/0xd80
[  397.746958][T12713]        ret_from_fork_asm+0x1a/0x30
[  397.752243][T12713] 
[  397.752243][T12713] -> #0 ((work_completion)(&new_smc->smc_listen_work)){+.+.}-{0:0}:
[  397.762403][T12713]        __lock_acquire+0x14b8/0x2630
[  397.767776][T12713]        lock_acquire+0x1cf/0x380
[  397.772794][T12713]        __flush_work+0x4de/0xcb0
[  397.777820][T12713]        cancel_work_sync+0xd1/0xf0
[  397.783008][T12713]        smc_clcsock_release+0x5f/0xe0
[  397.788457][T12713]        __smc_release+0x5c2/0x880
[  397.793574][T12713]        smc_close_non_accepted+0xda/0x200
[  397.799388][T12713]        smc_close_active+0x4ff/0x1070
[  397.804842][T12713]        __smc_release+0x634/0x880
[  397.809951][T12713]        smc_release+0x1fc/0x620
[  397.814891][T12713]        __sock_release+0xb3/0x260
[  397.819999][T12713]        sock_close+0x1c/0x30
[  397.824670][T12713]        __fput+0x3ff/0xb40
[  397.829164][T12713]        task_work_run+0x150/0x240
[  397.834275][T12713]        exit_to_user_mode_loop+0x100/0x4a0
[  397.840162][T12713]        do_syscall_64+0x668/0xf80
[  397.845265][T12713]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  397.851672][T12713] 
[  397.851672][T12713] other info that might help us debug this:
[  397.851672][T12713] 
[  397.861883][T12713]  Possible unsafe locking scenario:
[  397.861883][T12713] 
[  397.869411][T12713]        CPU0                    CPU1
[  397.874779][T12713]        ----                    ----
[  397.880142][T12713]   lock(sk_lock-AF_SMC/1);
[  397.884653][T12713]                                lock((work_completion)(&new_smc->smc_listen_work));
[  397.894105][T12713]                                lock(sk_lock-AF_SMC/1);
[  397.901131][T12713]   lock((work_completion)(&new_smc->smc_listen_work));
[  397.908068][T12713] 
[  397.908068][T12713]  *** DEADLOCK ***
[  397.908068][T12713] 
[  397.916199][T12713] 3 locks held by syz.1.2105/12713:
[  397.921385][T12713]  #0: ffff88805a2db008 (&sb->s_type->i_mutex_key#14){+.+.}-{4:4}, at: __sock_release+0x86/0x260
[  397.931937][T12713]  #1: ffff88805d53cd60 (sk_lock-AF_SMC/1){+.+.}-{0:0}, at: smc_release+0x3a5/0x620
[  397.941357][T12713]  #2: ffffffff8e7e9220 (rcu_read_lock){....}-{1:3}, at: __flush_work+0xfd/0xcb0
[  397.950507][T12713] 
[  397.950507][T12713] stack backtrace:
[  397.956390][T12713] CPU: 1 UID: 0 PID: 12713 Comm: syz.1.2105 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  397.956423][T12713] Tainted: [L]=SOFTLOCKUP
[  397.956431][T12713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  397.956444][T12713] Call Trace:
[  397.956452][T12713]  <TASK>
[  397.956461][T12713]  dump_stack_lvl+0x100/0x190
[  397.956491][T12713]  print_circular_bug.cold+0x178/0x1c7
[  397.956525][T12713]  check_noncircular+0x146/0x160
[  397.956554][T12713]  __lock_acquire+0x14b8/0x2630
[  397.956584][T12713]  lock_acquire+0x1cf/0x380
[  397.956608][T12713]  ? __flush_work+0x4ca/0xcb0
[  397.956640][T12713]  ? mark_held_locks+0x40/0x70
[  397.956666][T12713]  ? __flush_work+0x4ca/0xcb0
[  397.956694][T12713]  __flush_work+0x4de/0xcb0
[  397.956722][T12713]  ? __flush_work+0x4ca/0xcb0
[  397.956753][T12713]  ? __pfx___flush_work+0x10/0x10
[  397.956783][T12713]  ? __pfx_wq_barrier_func+0x10/0x10
[  397.956811][T12713]  ? __pfx___might_resched+0x10/0x10
[  397.956842][T12713]  cancel_work_sync+0xd1/0xf0
[  397.956863][T12713]  smc_clcsock_release+0x5f/0xe0
[  397.956885][T12713]  __smc_release+0x5c2/0x880
[  397.956917][T12713]  ? __pfx_sock_def_readable+0x10/0x10
[  397.956940][T12713]  smc_close_non_accepted+0xda/0x200
[  397.956962][T12713]  smc_close_active+0x4ff/0x1070
[  397.956985][T12713]  __smc_release+0x634/0x880
[  397.957016][T12713]  smc_release+0x1fc/0x620
[  397.957047][T12713]  __sock_release+0xb3/0x260
[  397.957072][T12713]  ? __pfx_sock_close+0x10/0x10
[  397.957096][T12713]  sock_close+0x1c/0x30
[  397.957119][T12713]  __fput+0x3ff/0xb40
[  397.957144][T12713]  ? _raw_spin_unlock_irq+0x23/0x50
[  397.957168][T12713]  task_work_run+0x150/0x240
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  397.957196][T12713]  ? __pfx_task_work_run+0x10/0x10
[  397.957228][T12713]  exit_to_user_mode_loop+0x100/0x4a0
[  397.957256][T12713]  do_syscall_64+0x668/0xf80
[  397.957279][T12713]  ? clear_bhb_loop+0x40/0x90
[  397.957304][T12713]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  397.957332][T12713] RIP: 0033:0x7fa04019c799
[  397.957350][T12713] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  397.957372][T12713] RSP: 002b:00007ffe4d69e7b8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  397.957392][T12713] RAX: 0000000000000000 RBX: 00007fa040417da0 RCX: 00007fa04019c799
[  397.957407][T12713] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  397.957420][T12713] RBP: 00007fa040417da0 R08: 00007fa040416038 R09: 0000000000000000
[  397.957434][T12713] R10: 00000000005d7aa4 R11: 0000000000000246 R12: 0000000000061298
[  397.957448][T12713] R13: 00007fa040415fac R14: 000000000006108a R15: 00007ffe4d69e8c0
[  397.957469][T12713]  </TASK>
[  398.034178][T12723] netlink: 226 bytes leftover after parsing attributes in process `syz.4.2107'.
[  398.314814][T12723] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2107'.
[  398.387521][T12723] A link change request failed with some changes committed already. Interface wg1 may have been left with an inconsistent configuration, please check.
[  398.856374][ T6008] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem
[  398.857550][T12696] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem
[  398.913454][ T6008] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem
[  398.915467][T12696] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem
[  398.935810][   T58] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  399.001348][   T58] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  399.062228][   T58] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  399.115646][T12696] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem
[  399.125931][T12665] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem
[  399.141273][   T58] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  399.177525][T12568] EXT4-fs error (device sda1): ext4_discard_preallocations:5702: comm syz.4.2055: Error -117 reading block bitmap for 2
[  399.188549][T12665] EXT4-fs error (device sda1): ext4_discard_preallocations:5702: comm syz.0.2086: Error -117 reading block bitmap for 2
[  399.206444][T12568] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem
[  399.215104][T12665] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem
[  399.337629][   T58] bridge_slave_1: left allmulticast mode
[  399.343301][   T58] bridge_slave_1: left promiscuous mode
[  399.377956][   T58] bridge0: port 2(bridge_slave_1) entered disabled state
[  399.398349][   T58] bridge_slave_0: left allmulticast mode
[  399.404012][   T58] bridge_slave_0: left promiscuous mode
[  399.432577][   T58] bridge0: port 1(bridge_slave_0) entered disabled state
[  399.797292][   T58] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  399.826433][   T58] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  399.876990][   T58] bond0 (unregistering): Released all slaves
[  399.987807][   T58] �: left promiscuous mode
[  400.115492][   T58] hsr_slave_0: left promiscuous mode
[  400.130195][   T58] hsr_slave_1: left promiscuous mode
[  400.135954][   T58] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  400.166933][   T58] batman_adv: batadv0: Removing interface: batadv_slave_0
[  400.178625][   T58] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  400.186019][   T58] batman_adv: batadv0: Removing interface: batadv_slave_1
[  400.216966][   T58] veth1_vlan: left promiscuous mode
[  400.222234][   T58] veth0_vlan: left promiscuous mode
[  400.378906][   T58] team0 (unregistering): Port device team_slave_1 removed
[  400.389903][   T58] team0 (unregistering): Port device team_slave_0 removed
[  400.712390][   T58] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  400.783128][   T58] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  400.857045][   T58] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  400.944362][   T58] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  401.026382][   T58] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  401.072449][   T58] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  401.103655][   T58] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  401.161981][   T58] netdevsim netdevsim0 netdevsim0 (unregistering): left allmulticast mode
[  401.175267][   T58] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  401.267456][   T58] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  401.334604][   T58] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  401.371011][   T58] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  401.434763][   T58] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  401.517473][   T58] bridge_slave_1: left allmulticast mode
[  401.523253][   T58] bridge_slave_1: left promiscuous mode
[  401.529298][   T58] bridge0: port 2(bridge_slave_1) entered disabled state
[  401.539760][   T58] bridge_slave_0: left allmulticast mode
[  401.545427][   T58] bridge_slave_0: left promiscuous mode
[  401.554532][   T58] bridge0: port 1(bridge_slave_0) entered disabled state
[  401.564268][   T58] bridge_slave_1: left allmulticast mode
[  401.571638][   T58] bridge_slave_1: left promiscuous mode
[  401.578262][   T58] bridge0: port 2(bridge_slave_1) entered disabled state
[  401.587681][   T58] bridge_slave_0: left allmulticast mode
[  401.593363][   T58] bridge_slave_0: left promiscuous mode
[  401.600204][   T58] bridge0: port 1(bridge_slave_0) entered disabled state
[  401.609744][   T58] bridge_slave_1: left allmulticast mode
[  401.615392][   T58] bridge_slave_1: left promiscuous mode
[  401.621807][   T58] bridge0: port 2(bridge_slave_1) entered disabled state
[  401.630276][   T58] bridge_slave_0: left allmulticast mode
[  401.635926][   T58] bridge_slave_0: left promiscuous mode
[  401.642863][   T58] bridge0: port 1(bridge_slave_0) entered disabled state
[  401.768969][   T58] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  401.779083][   T58] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  401.788676][   T58] bond0 (unregistering): Released all slaves
[  401.830814][   T58] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  401.841900][   T58] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  401.851483][   T58] bond0 (unregistering): Released all slaves
[  401.906346][   T58] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  401.916228][   T58] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  401.925973][   T58] bond0 (unregistering): Released all slaves
[  401.998278][   T58] �: left promiscuous mode
[  402.030627][   T58] �: left promiscuous mode
[  402.352265][   T58] hsr_slave_0: left promiscuous mode
[  402.359598][   T58] hsr_slave_1: left promiscuous mode
[  402.367090][   T58] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  402.374481][   T58] batman_adv: batadv0: Removing interface: batadv_slave_0
[  402.382517][   T58] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  402.395665][   T58] batman_adv: batadv0: Removing interface: batadv_slave_1
[  402.404969][   T58] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  402.412643][   T58] batman_adv: batadv0: Removing interface: batadv_slave_1
[  402.422484][   T58] hsr_slave_0: left promiscuous mode
[  402.429930][   T58] hsr_slave_1: left promiscuous mode
[  402.435695][   T58] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  402.443806][   T58] batman_adv: batadv0: Removing interface: batadv_slave_0
[  402.452644][   T58] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  402.460228][   T58] batman_adv: batadv0: Removing interface: batadv_slave_1
[  402.475695][   T58] veth1_macvtap: left promiscuous mode
[  402.481467][   T58] veth0_macvtap: left promiscuous mode
[  402.487054][   T58] veth1_vlan: left promiscuous mode
[  402.492328][   T58] veth0_vlan: left promiscuous mode
[  402.502175][   T58] veth0_vlan: left promiscuous mode
[  402.509037][   T58] veth1_vlan: left promiscuous mode
[  402.685342][   T58] team0 (unregistering): Port device team_slave_1 removed
[  402.696026][   T58] team0 (unregistering): Port device team_slave_0 removed