last executing test programs:

13.914059674s ago: executing program 1 (id=890):
mmap$auto(0x0, 0x9, 0x72, 0x8b72, 0x2, 0x8000)
kill$auto(0x0, 0x15)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
ioctl$auto(0x1, 0x5421, 0xa)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_gtp(&(0x7f0000002f80), 0xffffffffffffffff)
sendmsg$auto_GTP_CMD_NEWPDP(r0, &(0x7f0000003080)={0x0, 0x0, &(0x7f0000003040)={&(0x7f0000000040)={0x1c, r1, 0x5, 0x70bd2b, 0x25dfdbfd, {}, [@GTPA_VERSION={0x8, 0x2, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4c000}, 0x80)
r2 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000000040), 0xffffffffffffffff)
r3 = socket(0x15, 0x5, 0x0)
r4 = getsockopt$auto(r3, 0x114, 0x2720, 0xfffffffffffffffc, 0x0)
r5 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000040), r4)
r6 = getpid()
r7 = gettid()
rt_tgsigqueueinfo$auto(r6, r7, 0x21, 0x0)
sendmsg$auto_OVS_FLOW_CMD_GET(r4, &(0x7f00000002c0)={&(0x7f0000000000), 0xc, &(0x7f0000000280)={&(0x7f0000000080)={0x1d0, r5, 0x100, 0x70bd27, 0x25dfdbff, {}, [@OVS_FLOW_ATTR_PROBE={0x4}, @OVS_FLOW_ATTR_MASK={0xc, 0x7, 0x0, 0x1, [@typed={0x8, 0x17, 0x0, 0x0, @pid=r6}]}, @OVS_FLOW_ATTR_ACTIONS={0x19c, 0x2, 0x0, 0x1, [@generic="c147ddf87ef472c11162f52381a55d60d40538408003dc8c471d40b4fb79dbeeeb43d26c84fa41a90cb211d0ba3726", @generic="3479247d40898500d78c61eea1bcdcc3f5caa7dbb6a7331e8c6457b437ed25d8a8fdc2973437e35e82b32e4bf91a4b7d66b4789e3eb403fceb66d03d8700f45bac6b00ed1c6e9530c792b33a11c252a73488abd557e8154f5c5e748aca", @nested={0x10b, 0x27, 0x0, 0x1, [@nested={0x4, 0x2e}, @typed={0xc, 0x124, 0x0, 0x0, @u64=0x95e6}, @generic="c82f9f7754f6573ec2f4736af38480720a0334cabc7856ed2f016ac11ab52f7e282a8c70c1f86c9ec56a961d0d8344a20e85141a0d5b7d709fdac55ec6a74aef9a9e6d62e012ca44d6d2d179d17bf8d37f87439442333523e1e75e5240af0bcc845360e1beb5308f6e1e885b12af740f06e1d4ffbf9551fc80c3caac7bcbbd483af3479cae9b0180af9d439234e8515ec87ea72d223d3d93bf9e2880b338b457dad7584b2b2001832f2f531c2cce5a155dbd36647032995cbf7860a75c8301dcb5fe3528e605c58dc8b21a9e720b1d6087c37eabbd1e12c485efef5b94bae711ddca773010123e9b1c5596cc2b6c05b85ec78c", @nested={0x4, 0x2}]}]}, @OVS_FLOW_ATTR_UFID={0x5, 0x9, 0x43}, @OVS_FLOW_ATTR_CLEAR={0x4}, @OVS_FLOW_ATTR_PROBE={0x4}]}, 0x1d0}}, 0x1)
prctl$auto_PR_SET_MM_ENV_END(0x300, 0xb, r6, 0x1, 0x6)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x60, r2, 0x425, 0x70bd27, 0x25dfdbfc, {}, [@OVS_PACKET_ATTR_PROBE={0x4}, @OVS_PACKET_ATTR_PROBE={0x4}, @OVS_PACKET_ATTR_HASH={0xc, 0xb, 0x6}, @OVS_PACKET_ATTR_HASH={0xc}, @OVS_PACKET_ATTR_HASH={0xc, 0xb, 0xffffffff}, @OVS_PACKET_ATTR_PACKET={0x12, 0x1, "e5a3f764a4a27a95b3a4a9c88a27"}, @OVS_PACKET_ATTR_HASH={0xc, 0xb, 0xb}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)

13.37965061s ago: executing program 1 (id=893):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
getgroups$auto(0x7fd, 0x0)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3)
r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000300)='/dev/snd/controlC2\x00', 0x8100, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f0000000040)=0x5)
r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000580)={{@raw=0x7fffffff, 0xf0ee, 0x20009, 0x3, "790eaa00ffff8eac2cdafc1f64010043eeb0b053030001ffff000e00"}, 0x4, 0x966, 0x3, @raw=0x404, @integer={0x800000000000400e, 0x2000000b752, 0x1}, "6cc1294d63a4f1b4285854c5368de438f8cc142ef6df12bf3373a1183bedbd31b642b4051b078fa1c1c61c329794e5311121c760cb9611c78e6947a99807bcc1"})
ioctl$auto_SNDRV_CTL_IOCTL_TLV_COMMAND(r1, 0xc008551c, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x22a02, 0x0)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000080), 0xc0, 0x0)
write$auto(r2, &(0x7f0000000140)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7\xe6\x04\x8c\x83k', 0x1000000007e)
mremap$auto(0x200001000000, 0x4, 0x4, 0x3, 0x100000000)

6.880931205s ago: executing program 2 (id=918):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
r0 = io_uring_setup$auto(0x86, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0)
r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), r0)
sendmsg$auto_NL80211_CMD_SET_POWER_SAVE(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000180)={&(0x7f0000000940)={0x6f4, r2, 0x202, 0x70bd2c, 0x25dfdbfb, {}, [@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x6}, @NL80211_ATTR_BEACON_TAIL={0x6d0, 0xf, "22764410cbe91080c8e4d4a3b2fb84493dfc4a1dc61aebe1ff0c2f547142e78223fcd126ea4534c4467988cf9fe58e89d11ee24cab8af16f32205fb1ac65062525befe7dbe5f6863e60a29510b54e8ccf7e2f32ab518b62e10dbf19990c5e182ac5435f93115977068d761ca9b9f18e6732de33386495d39105217558f3c2295884abeefd12a3a94a70c66bed42ca97d3628fcec807d24d0fc5d3693b9f341c78f1f4dcb58824400c18956398a66d924dade6cf168de04414f4f03d6a8cac29fcafb2eb9740cbf2d7c776b5a292a17061502482e113e040fd4b70eb696e1253f6b0c7c49ecaf0025a9d464765061f73fdaeb9ee2dccf4f83e04a4eb9215fc6225320a84db48fb563ba8bdcb5c77f2801b6518ae36f4ee19dc68074b8ea6a5f2321b90fcc6754b6212be1b9456d278069c1336506d74ec46103fd7de5cd0294b1e7f520c39683c64d4acf32bf6ceac182f80da7e4c7a05a4a04cbd21ca64dc1ef4337314c9d96716a6996ea27c1083340a3ab4f2c4b5534d39bde84ac48f77ef2fde9d45adf316bd3aae96eb1189069a641a3c45f7ed5efe00b6f7c436230963051275ec1b8ff0a7f059a3a1ccd763b95e9f318ffe96eeb03ac660fc5ab5df45a094d3b777ac054feafe8510f05a3f37c6b10798fd5fb9190f5467f14b8c6fdee471b28f59e54ca63ba115350d71990a73965434cac0d3f67f16b4b3a914c5a6b8b6a1d4064b3cbdc53adfb0cba235124a6af52712ea389104d57563e55d88fc9ca0f82cccf80c5f13c73318d4f63a8f75db96136fee015f3b880595b1c9b5df774d9d891853a0f7b789cf4b5db2df975ff89b63cff612e1a0497f6932e626fe4f83c1e72cdd721232fd96f85182b96ffeb8e55f7668977717698eb5c6aa88a563d74d13a72801a7b4d24ae2491d6814f11df357fe4d1a09df3099a1b161eb68e64402082bee638d6ea35c188974afc8e13445213d96e2d1b5bf733cbe2aef9e8ea1fed4a1481de53da0e30ab65c4446788ec80c2c1d8f96550c73ee14c28387cc62aff4aba0f90399d5b055440624333174307a972c224c6c1f1a50c4418e01fc787309ccff10e00f147a5d5a16b703549f85c861f68f41b2b5784a4d77cc31c1fd469c67eeed10587b8b280696cdea4cb133d940bd39099a84a2ac86e74a31404da034de6ff06bec71df6a9bc13db38e312bcb560d4beefc5c6551515a1504c96a7d66acbb5c4e8a6e04dbd135763263583208ec1af75e8a3a3915af0784eb7b9fb5abc4c1daaa25230de5883ea124c8aa27ba98837e11e78ca097c262687684431a3cc03ab1feb6d26c80605d8a1ae9c0c25e82319313ca1bd5268d5583940c54490efa94ad997b2461ef5d316ef9c93394c39a048557a325fba79a3e3b741505d4660f42caba34ebf785772b5ce7a208b897e20a9f09ca81a9e6784d793955a7504c0a97d422a61fc0e728380aeca13df861a0bbaf4ba67000d513395c67a83856fd6467466a4047d668a48cbf82f2c98643ec10f7fc74c07cd6b46665b25c0f408dbe8d5374aabfb9b01e1ff1cdd794826b05b2667f72a135888f6177f66a2005320682cb1129cc0d30f3967c5f6fbe919050e55c51140fd1fa395a2202d35b84fef0f86a0b25cd530e1be986fac711a32599d61106322ab8bfaf4e1e18626623300e398b25aba6c80e4a9209b87f2fa6ea22d31c6238263baf76875bc99eaba7ef2c0453c601611436a936c5825ce1a3cf77821bb502f9da2889d5e6d2c116573bfb9bac4a29ee1844c502432c82186dd2b3195ca9face8da8f75284333bb400e4765587fdbd16aa236b28065a6daad89de2fd6999d2295c7f0217d6898ea012a9a9be90ecfc998ab721577fd4f66044830af3fd9b76c435eb2b28147bf592ce31e4e52481c23515b0ecd8a997269c89e7b9e0d9cf93c5008e01ac21ee364aae4f5a16927593fcfe8faf3664dc95efe8773885d47dc692065ab8cfc83e5ca65af97f3e05b4dcaf27d88107447ec40734c5bc39f1f49fc879e9f5561ac738674671959a320d8811955480ecf19c499e21894d5a28877210f829686f96c322ec9653a57f1196c04d020cd4ecb9bf11c0a493fa2362ee004a86b33e3e223112028d7891422c30e800ef62672b0abf7cf8c0efcf69bd93c6da75daa72d88d77fac453e0d6508037c575eee06716d6e03fe02932619695219824d2778fecc12beb6b9c3329086d4be4408a9b061019fcd1363acae3f064412f83114e55cdb94dacad643d5d5ae32776e59ad06780fb674be2aa03c83eeef136c2b9dfe5601ff4e86e8847f8e138fdf54ac38c61c88c32c3eac4f0b096248e594c201c90bae0d04fced5cde7ee014c59d0abad76852caf7e2fa371a672a7a754975ec3ee6b9a07e0494f3530faeacb4598887f9e723e26bcac25c33fc09a4bebdaa14b5f8e36bbc5ed0280c086b42438f41fbb"}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0xfffffff9}]}, 0x6f4}, 0x1, 0x0, 0x0, 0x20000841}, 0x4004004)
sendfile$auto(r1, r1, 0x0, 0x7)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0x2020009, 0x203, 0xeb1, 0xfffffffffffffffa, 0x8000)
unshare$auto(0x40000080)
statmount$auto(0x0, 0x0, 0x81, 0x40968c)
r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
unshare$auto(0x1)
syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000080), r0)
fstatfs$auto(0x3, 0x0)
ioctl$auto(r3, 0x4b66, 0x1)

6.407448092s ago: executing program 1 (id=919):
socket(0x11, 0x80003, 0x300)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socket(0x18, 0x3, 0x2)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000)
fcntl$auto(0x0, 0x408, 0x100000)
close_range$auto(0x2, 0xa, 0x0)
socket(0x18, 0xa, 0x1)
socket(0xa, 0x2, 0x0)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x88542, 0x0)
vmsplice$auto(0x1, 0x0, 0x6, 0x8)

5.708647038s ago: executing program 3 (id=921):
sendmsg$auto_IEEE802154_ASSOCIATE_RESP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x20000881)
r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, r0, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
close_range$auto(0x2, 0xa, 0x0)
io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x1000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\x00\x80\x00\x00\x00\x00\x00\x00j<\v\xf47\n\xa7\xd2\x8b\x11e</\xfd\x9b\xe4\x99G\xeaS\x9a\xadu(:\x94:\xaf\x06c=3>1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5)
r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000080))
getdents$auto(r1, 0x0, 0x3f1)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x101002, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/scsi/device_info\x00', 0x40100, 0x0)
writev$auto(0xffffffffffffffff, 0x0, 0x3)

5.197532233s ago: executing program 2 (id=923):
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0xa, 0x1, 0x84)
openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cpuinfo\x00', 0x8800, 0x0)
socket(0xa, 0x2, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer2\x00', 0x100842, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x787806, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r2 = socket(0x10, 0x2, 0x4)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0xc)
sendmsg$auto_TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f0000003780)={0x0, 0x0, &(0x7f0000003740)={&(0x7f0000000000)=ANY=[@ANYBLOB="b1000000", @ANYRES16, @ANYBLOB="01002dbd7000fddbdf25030000000c0001"], 0x20}, 0x1, 0x0, 0x0, 0x41}, 0x40080)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYRES32=0x0, @ANYRES8=r1, @ANYRES8=r1], 0x18}, 0x1, 0x0, 0x0, 0x40000}, 0x2000c082)
write$auto(r2, &(0x7f0000000000)='-\x00', 0xfdef)

4.854981364s ago: executing program 0 (id=924):
mmap$auto(0x0, 0x400008, 0x6, 0x209b72, 0x2, 0x1000000008000)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x109401, 0x0)
socket(0x15, 0x5, 0x0)
socket(0xa, 0x1, 0x84)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
write$auto(0x6, 0x0, 0x100000001)
mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000)
mmap$auto(0x0, 0x400008, 0x1a29, 0x9b72, 0xffffffffffffffff, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/zram-control/hot_remove\x00', 0x8001, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_FRAME(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000dc0)={&(0x7f0000000e00)=ANY=[@ANYBLOB="10110000", @ANYRES16=r1, @ANYBLOB="03042dbd700006dcdb2502000000fc101c80f8100580f410008004100100a9647cf083276d21f547d6ec29a362089095aa9ace17528e7af6c18a70e5a73575e29f9d90812da6a8fc0db86bf180c5208c888eee8dafdb5d423b386bfd17b6bcfd0e03ca7aa6c1d3b648740d64df0826ac5b8c6e696cc4149b702229eca3e126bd9025f1dd3b319c8870dfaabb526a5b6ded0297a14ddeb83df653a7ddaf3963c3eb41ab33aff7d0a005b46e2f9fe80b74e4ef61d1651acd5d626909c2e92baac86e93de85d993350d972e1ae945d65cebc4c3cbd3b0c113f56a530fe67bf8afd076c96032c7d0daebd78fd54ce97d5619fd85a71991bf0a5734beefab3f95f02cd43e23da1d5b9b8e4ec5f8c5469818866656818c16a4fee1742c3d0d1e21040cda8b1e2d64e6cd322a9f05e73d2a89b657810421e3a6f52cb4a09b818aed784b865e775e16d13c4af0a549a743e772bfbd7e7b18bc5181f2d891cf7aa7017e1b1a471e409b2a0f1f0345e58b7a83db238b1243035ef798d161c831f0a3207b0e5b50b7ef4c7e36fe198534435c534794850b964623df7c1302fae2479c38f224af1f997de33b03ff6279c0524b22e3e1d9cdcce48b6013532a40f92888162b47fe57a3fe63129e244eb3332e27de689a61818de10638bae6acf494fe6dd9df55cf56c262d09176d9fe7f8603d92010b4e849b00e7b067664ffb3de944d7f24fc27e6234fc1770df9437b99a6b7256d3aaa6de33e5dcafd94aed373768dea45929b13ab431cb8b004a50a3af281996da9323f48a79ccaf94b2830fb3fda9c332df22eaf139f97c414df926bb2919a7255780a9ed697d33bdafb4b87a61118815232302c1fb09923043e837d854cbe93df4f2dfef3ea00a6ffa32bb30681c259c74c2e754c93f3a2339f781bc06a99e2067e40f8ed652e1dd48f9b88e01e67f1c6da7990c4edccdc89cb6dec630cbcc57ab39eac4858407e3e37ce77d8080720f2e4a44773a65f165bc737a4d830afc286d46cc00fc277ad0f47779fd6104d9bf9bf525fc913a2c12ac657afe669c847cd5867f7104189ce6c2da65d363c3ce4fcf5937c5f054ba77b186ee37e7d58f309eb88b8886a8fd46f634c3d82d261eddbcd88f3bdd292d895c2c8bcb84cead50a5567e65b052fae1b58b5f0b6eb306ae4739271107776b5d0dafd7de5bd30b630b29a4741d3aaeff8d2cf3dab4781c746939be4bb32336189a0f310ce3f2a9fe7a9b4bd42c3ae7a97317c909ca650cb6e6b6d5b62dab732d19fa813f0310b79b048505059f2891f56d33bfaa6ade2e56964f59f0fbfa1790e7ad842ccc79027ae4556924d156ebfb41b9be793648bd7e0c2d1de4873686081841d59f25be32bab0428a7a66a3f307723f92748f9acbd1dd78c5c0d8ef976c7957bbafb2a57e22104569883a890b6c325a89f4c1f5bedf6edf1e4db4b458831e6eef8a858201ebdc9c27808bf199fd1bc12966b94a8a0f2608e861b9b09b32323967b64603bfc4e5d5b6af9f68c78858a56c72a922c3fa56118c9b7ec7b09ad9adeb9cad6fce4532d23a1ed16eddbb583b992ca64e12ddd16d6e908b9e0a432736b76f5d0b5bc71b477da428630c8105d14699eb885bc3afa54f7d9fb74b220a26c6f113614fafdadb314f72cd3025a029ae8ed8d64386bdef864f0f0b69dffe93eed8b4020375d7303cc37e2fb7c7459027f54e448e259df717542e73872fe3799203452f86a270dc0c5c848196803ad3723dbb4b4ab78da79743b9a0d72d0f03fb991e2dcb23b5ecf79c13baccd05621d5bd9631b1ebd9b951b865084198131110bac08e5d6a095993a3d1cca83c0ff5dc601b07912026111351e67d574660961ebc61a572f745e219e48934818fa9ac26c8bb2fc34bba1bd247e9bb7b73fdd3a3d30f2d9fa980c59290b40bbe83653f714f506baf8dae6aa82a738bd68f32466370f2358ea1965cf5f54978e50087eb0ed4856bd9189faa735add45fc58ad91accb6888e9011a1e0affc09aa900ad592225a42a1f86d901fc38c6ee2a4dd577f7fa51e4395eb06263a379adfaf70cf26ea350d0767cbf958bffe6b44851d6869d0bf7e832f8b0d9db438f061cfa37ac735c7851d66d69569229f807aea07abc02855e72e65f3c82ad267c4ba64450ceae56774c8451731fedf3962b5ba48dea5e922698ac963132de330f40f39351c19a47037e0c6987273e2ada67c4b08dd595021e5db24172b09b7a05d984c986031a9e572d7750600bb2e2c410a0fad7655be97e2951e39123a41cd0e517bdce77c865d8cdfcfe789f1347550c9ecce254ca06d162578c19c5eb241c0d88f2406bad2ccb7c44a4ba8eceafa5d4bb1739ef9154e84530cefe565a02c394de550e1a0445ee2c833f12a6b989c7812572ae98e5df95627f42690320cda7949982797ea4ae4864c21acc1f02ff3173f1122db461bbaebc9791b43d39a462f3354e231d10889443bbd2adf0577afada3827110e9d96cdb7f1b138aaa604f7283d5eda294aeb6b91f9a44ec2d1ac31d62ba4d84fa762687ac26b91bfe35c234df29134a5efacd6b4be4a9d58870ca69660d70ce3d4df768a208d459373c2ac70e7ff93f003405d69053fe919f4551add0683cd71ac28bc12513d4d67a7c69d90f1071cad22e21b20052b9ce2dc0915128d3acedf3288f4363806581c42f503fd489eb2ceb4d50e72927dad2d17d1916353f9885f181ec23e738a96c47357e4275464b350b84c84ab80eadac0ae33ce3f18cc28a1fd13737dc60404a5376d9576049ab22fe8463b34e01dad013d94598e13dbc8ecef96e3c7166877b2044c781674790d3c98f72787c5373c379816fa5f5be2efdfd879017d44c5f0a8f0280593dae570432441c0dd3ecab334d36ce3216602c6c2239cdfa4f0aa06b2664b5a2ccd28a746f2f832eee781f12dafda006b9fc917d1a1d78509ad7f24689c0612c390a88380404d214ce789d3d7bd6bda5b2162bb968561b333b841c296407090c11157427bc813754073d44d2b5b4df1f9357ee17b4f497ac7c6465e7b25eb4a08b5defc592635f6f09fcf2d86371d5cd8adc66447c0c332b0b4052e38971dbb163cd9fca2fd6f3c399ed39649b7477885123bda1f3a2675d69f121e8edd7f28e5fcd743e107d5e1707c4e9317ec8c7a2442f6ef8c26c9b882c0f9e3982549a1d27064377609ab13286bd0f73661aa11332dbe68ae91713c5856b38d964a5bbbc8b45a0cf425c6a584bc577caa32c7a93b16897e6612b9a4401fa7ddd3f28af18ca3ef717b706c01a1bfbcc909b1a7cf5b4efadd08f2a1b4ca70abbf3ac202cd35b9c2e6385a361b40ec5b7f7bd396e04aeaa1a721270df522fe202479dcb49407a9fb8bf681e0f3bcd8070494427246bc65f9a6f9de308e37ac158430778e8be48a6a24d11815fe390253aed577cc71baefc2b2c1289cb0277de552a158d39e44d841c677981e2c37e0ad1f229db1fab1aa0a4b98cbb9819d66dc4b4e0054d8698c3ee8fcf145568b023c04fa87f291a620bba67679fc1c1976c45ad60cf079b2b2f5b59451253c4b006e26fb79c6bcf5cc08c34f84dbe986b2f2a57a9e45d175a7e10f10fb162cbd4331842bca189ac494dcfbfa0799347b88b0fca417c83dadd5d8a956bc5dfe946dcca90b784c0915587cdc61025423280a277edd5629be43d44c2775f02a297a01bcd35741cc62191899a2ceb15bb36016dd047f93e93abb206af4cb72f7eb33fdb15507d6cfd60a1a70cdbf936185f466deb97adfac9f13d50d3099e2111f75b99d33240a87ea2bbda24bc6a8ad2fabb826cc4aeb8a9002537342f31e59e9a7a151bd101d233ebfa753e84bd95b41e489a3335f932e830c18fc7613bc40fa0561b3f7a68c024e0de87dba28467c0d1cd150a72ad5c1fb47851d04dcac70fcbbe8a45a81f359c92789274d866793e5e0403ea6ce1924dce9dfc8abc0beb105886a594c5cb206caf3a171f0394760fcbbdf61b061aaf2fe879bd8cdf3dfe909b0ba2bc8e93081fc8094b554d02064e0bf958c9ef8f16dd087676cebf23ceac8e72c82803d9f431da2fd851663258dc88556e06fc7837737373d145134aed117852737fadbcb855782d84c89e98bec3e1b950335a12fe86b12aef7de1eb206334ba6eb801178d7f536c7cd93fea3ea960cc3ee1bf737a29fd1cbd57ab40aa47a01037cd7d7d5cb99c4a12ad8bb338a6a2cdd0829eb8e4775d1e9eae905bfe654543a88961af5e47f2517f6d8780d4ec24e44b51f7070362ee7477ceb0a37ee3d696c987a913b45b365919e91694faed59493dbc68d6f61348003e686e42b51777a405e7c54a5975cb19a7057328a7ef18e9dfbfee7d45c38543ca91f33424f47ffec0280850501d5d9ba44bf865a59b6055caff12db54cde95022fea924cdf67b205ac3f91ae6bfc1658dd04dd014dd5ef13e9c5b1c1bb1d264db229f36f1f9561c9c26910b4379f0f74eaea29ee058d7573bb95c784d70da39beda506c5fcee924ebd0d6d100d4e94d0e2cc2a4638066d6520ed4cf4d029c1a8d0e63da1629bf1c023f4e8fba736791c8705e5b8d61771ec476a893ceda259aaab355978e32dcbb2c16f08a4f91712610dcff63659d86563a032334e29fef70f33b47ab3d3f76f6df07d363ccb11b98759d05e5d3afc87431449cc5e5b52d694414625418b8820e6785579c0cf0463031fff836a3f0dc87445c0305c4c135effa858c4eca2b57d9baacd5f9eff220a5f842e3c481efbb8ec97fb24df86f52fa2e1cdd6c3d0c149eb4cf03fd473560361ebffa34e1d9e28c78e0698ddfb2df2e14c8e86dd4a9546dbcfb9276233660024c55df2b162ff8e7b8a7c84e9ad7820fbf58faf8ece25f2563349e72c533c37c2156724e9ac09041eddb60edae084a5f1bce4f9050f1f22eff55e7c8002731746bf440bcb69f7e2d22ffb886032ee739d6dcba4b6c05b3ea9e723361e94707aa63494c135b70eb2def8729ef1000bc61a4f1c81fc79958f40f3c1bb1b4350b6c4a332585559e0bb5d79f7a4e8ccaced8ef20ddaf2d74c0ff42aec2f97e82004017d0c89bfbbb855390063d3b13690fe4dfc15bf79ce8348411a60b624cb713b55c8106603aee0fa22bb2b4d85cde679773a9e562a757858515729267a82fc86ce344b0d75a9655515b1da6f9108f359e9f8d01b04b597ee7733d2bc202abcc873387f08f5cec92332dab78d73aa87a2a9440890320952db90fc0f8186bf872265ab7bda0934c372a247510f23fae83e57aca7b404515e1eb05e6f547ad706ed830689e646eaee230cb5a720379d38c0d960b2a32b50dbb1a54b40afbfff32536e8787b9aa4435deea4faea80d2c380c584b3b5ace24494d7fec55929c3fa4dca8e67962b9f2d70aa03e30b69b3504f987aae0d3bae15ba0ef4262e34c1f45b96484e7b6a11a4928575eb4290d3a41caaf46c6756cdd876b26981918dcd85901fc1de25c195223f6f8835daed013c2707f0a42d44a0b1e5eea9ff1581897776dc35798eb9126fccb7cab238781dd6990d814699c990dda5bdd6b3b9b2e957c0669e98c4a5a128e0c2437742f084389ac60cc0d5bbbbb4c64de002a568ca5a4e726c78040af3db24f738c20ef088bdf2a0433824faaca8ebecfa28725827a0e5a2a475fe5c1a28a259cc6e73d5fa8d9f83a119d6720dc31c9f2c5dd19539dad6d86376374061adf473c21d02a5d28202e58ee370677c0369c023426cb0b3953fa11cf7024f6d738681b35f0300000000000000f8e61c925b7000eaab0c91e5c5bb8dba280004800c000300000000000100000004000500080002000700000008000200050000000400050008000480040005002900010082e2ab66bd8d244da24b585066fc1229bb2dd36f0f668cabb6fa1d17b0de49e1948415303600000090000100608ed6acf1694fda8fa797edf747132110a9ca57f2ff95db014631f2c21b52daab6278613a6acb29b720512ad5e5f4107e9002f94609a02183e85d3f8430a6264ab698101597f7317680c614d30b91a8325fa0f6494aa4350b3eb3046b18ec7a57d58f660433ba366d9d45a85d9d4b8404b4b42d8e363434ac5e377aba6c983848654e5e8b67a9a66079a0e7"], 0x1110}, 0x1, 0x0, 0x0, 0x80}, 0x8000)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x0, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, r2, 0x0)

4.609679875s ago: executing program 2 (id=925):
futex_waitv$auto(&(0x7f0000000000)={0xf, 0x5d94, 0x4, 0x4}, 0x77, 0x0, 0x0, 0x62bd)
r0 = socket(0xa, 0x3, 0x3a)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x3, 0x6)
socket(0xa, 0x801, 0x106)
socket$nl_generic(0x10, 0x3, 0x10)
eventfd$auto(0x3)
eventfd$auto(0x0)
r1 = socket(0xa, 0x2, 0x88)
bpf$auto(0x0, &(0x7f0000000000)=@link_update={r1, @new_prog_fd=0x4, 0x4, @old_map_fd=r0}, 0xa3)

4.184794562s ago: executing program 2 (id=926):
ioctl$auto_TUNGETIFF2(0xffffffffffffffff, 0x800454d2, &(0x7f0000000040)=0x8)
waitid$auto(0x8, 0xffffffffffffffff, &(0x7f0000000100)={@siginfo_0_0={0xffff, 0x413, 0x0, @_sigsys={&(0x7f0000000080)="bbac2f12a3a001cb9c0970991c572b96ab85fec7c1348db5467c7451143485e06734dc591bad80db23", 0x0, 0x3ff}}}, 0x3, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
rseq$auto(0x0, 0x8000, 0x0, 0x6)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
clock_gettime$auto(0x8, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x1, 0x106)
bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
write$auto(0x3, 0x0, 0x1)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0xa00, 0x0, 0xfffffffffffffffd)
write$auto(0x3, 0x0, 0xfffffdef)
write$auto(0x1, 0x0, 0x80000000)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
vmsplice$auto(0x2, &(0x7f00000000c0)={0x0, 0x7ff}, 0x8000000000000001, 0x0)

4.027987759s ago: executing program 0 (id=927):
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
io_uring_setup$auto(0x6, 0x0)
socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
close_range$auto(0x0, 0xffffeffe, 0x2)
openat$auto_ftrace_system_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/events/vmalloc/enable\x00', 0xa0900, 0x0)
openat$auto_msr_fops_msr(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cpu/0/msr\x00', 0xf82, 0x0)
pipe$auto(0x0)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC1\x00', 0x2, 0x0)
unshare$auto(0x40000080)
setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0xd)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x4, &(0x7f00000002c0)={0x0, 0xffeb}, 0x1, 0x0, 0x5, 0x7}, 0x8}, 0xffffffff, 0xb00)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0xd)

3.910555615s ago: executing program 1 (id=928):
socket(0x11, 0x2, 0x6)
openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/006/001\x00', 0x1, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f00000000c0), 0x222680, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/netfilter/nf_log/3\x00', 0x2a8380, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/009/001\x00', 0xa101, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/mm/transparent_hugepage/hugepages-64kB/stats/nr_anon\x00', 0x0, 0x0)
openat$auto_lowpan_enable_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x109500, 0x0)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x121e81, 0x0)
socketpair$auto(0x4004, 0x8, 0x7, 0x0)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0)
ioctl$auto_TCFLSH2(r0, 0x800455ca, 0x0)

3.638249663s ago: executing program 3 (id=929):
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x29, 0x2, 0x0)
r0 = socket(0x11, 0x3, 0x9)
mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = io_uring_setup$auto(0x6, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r3=>0x0})
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
fanotify_init$auto(0x5, 0x2000000000002)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x26, 0x80805, 0x0)
socket(0xa, 0x3, 0x6)
clone$auto(0x21003b46, 0x2, 0x0, 0x0, 0x6)
bpf$auto(0x0, &(0x7f0000000040)=@bpf_attr_5={@target_ifindex=r3, r2, 0x99, 0x8, 0x1, @relative_id=0x4, 0x9}, 0x8a4)
bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffffffffffffffff, 0x0, 0x3}, 0x6)
bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r0, 0x0, 0x3}, 0xc)

3.358100581s ago: executing program 3 (id=930):
socket(0xa, 0x3, 0x3b)
pipe$auto(&(0x7f0000000000))
bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, <r0=>0x21eb, 0x800, 0x6, 0x2, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f3)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/extfrag/unusable_index\x00', 0xe2000, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x1, 0x0)
socket(0x23, 0x2, 0x0)
memfd_create$auto(&(0x7f00000000c0)='\xc4--:\xdd:,./-${\x00', 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
sendmmsg$auto(r1, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x3, 0x3}, 0xed7138c}, 0x7, 0x0)
r2 = socket(0xa, 0x2, 0x88)
bpf$auto(0x0, &(0x7f0000000000)=@link_update={r2, @new_prog_fd=0x4, 0x4, @old_prog_fd=r0}, 0xa3)

3.346175156s ago: executing program 1 (id=931):
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/fail-nth\x00', 0x80d80, 0x0)
mmap$auto(0x1, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
io_uring_setup$auto(0x59, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
openat$auto_trace_options_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/options/test_nop_accept\x00', 0x202041, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x20281, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
madvise$auto(0x0, 0xfffffffffffeffff, 0x15)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0x2020009, 0x203, 0xeb1, 0xfffffffffffffffa, 0x8000)
unshare$auto(0x40000080)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/platform/mac802154_hwsim/ieee802154/phy1/net/wpan1/queues/tx-0/byte_queue_limits/limit\x00', 0x181382, 0x0)
write$auto(0x3, 0x0, 0x100082)

3.070708348s ago: executing program 2 (id=932):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000002740), 0xffffffffffffffff)
sendmsg$auto_NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x1}, 0x50)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
process_vm_readv$auto(0x0, 0x0, 0x1, 0x0, 0x6, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003f2, 0x15)
madvise$auto(0x0, 0x1010001, 0x100000003)
madvise$auto(0x1000, 0x400050, 0x9)
write$auto(0x1, 0x0, 0x80000000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
capset$auto(0x0, 0x0)
bpf$auto(0x0, &(0x7f0000000400)=@link_update={0xffffffffffffffff, @new_prog_fd=0x4, 0x4, @old_map_fd=0x3ff}, 0xa3)
mmap$auto(0x7fffffffc, 0x694, 0x5, 0xd494, 0xfffffffffffffffa, 0x8002)
munmap$auto(0x8000, 0xffffffff)
shmctl$auto(0x4, 0xe, &(0x7f0000000480)={{0x8, 0xffffffffffffffff, 0x0, 0x2, 0xa2b2, 0xffff, 0xf7f0}, 0x7, 0x8, 0x4, 0x7, @inferred, @inferred, 0x1, 0x0, 0x0, 0x0})

2.578200684s ago: executing program 0 (id=933):
r0 = socket(0x2, 0x5, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
r1 = io_uring_setup$auto(0x1, 0x0)
setsockopt$auto(0x3, 0x0, 0x2, 0x0, 0x3)
write$auto_fops_init_pkru_pkeys(r1, &(0x7f0000000280)="e7c2da8ba23469d9b78d2e257333bedaec957355b8c2c4c78f4a98e7180a2dfeddb935038a6350c625940925fc61f1b8b51df8f60e61c078ff39654003ba048fb5ce9f0cc683aa815dd3ad98c47fb90efa4ba1a790507d91d2a8beb4ce1934ec6dc65f", 0x63)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x10000}, 0x7, 0x0, 0x5, 0xb}, 0xfff}, 0x8, 0x311)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x18dd01, 0x0)
get_robust_list$auto(0x0, 0x0, 0x0)
socket(0x1d, 0x3, 0x1)
mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000)
bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0x7f, 0xeb1, 0x401, 0x8000)
futex$auto(&(0x7f0000000080)=0x2948, 0x0, 0x2948, 0x0, 0x0, 0x5)
futex$auto(&(0x7f0000000080)=0x3, 0x3, 0x0, 0x0, 0x0, 0x440a48d3)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)

2.57755437s ago: executing program 3 (id=934):
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x10, 0x2, 0x0)
io_uring_setup$auto(0x6, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x801, 0x84)
socket(0x2, 0x801, 0x106)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
socket(0xa, 0x2, 0x0)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
socket(0xa, 0x801, 0x84)
socket(0xa, 0x2, 0x3a)
io_uring_setup$auto(0x6, 0x0)
r1 = socket(0xa, 0x2, 0x88)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
bpf$auto(0x0, &(0x7f0000000000)=@link_update={r1, @new_prog_fd=0x4, 0x4, @old_prog_fd=r0}, 0xa3)
bpf$auto(0x1, &(0x7f0000000040)=@query={@target_ifindex, 0x4, 0x7, 0x9, 0x7f, @prog_cnt=0x4, 0x0, 0x80000000, 0xc, 0xb, 0x5}, 0x7)

1.756675069s ago: executing program 3 (id=935):
open(0x0, 0x40800, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0)
pread64$auto(r0, 0x0, 0x10000000d, 0x5)
read$auto(r0, 0x0, 0x2a52)
close_range$auto(0x2, 0x8, 0x0)
socketpair$auto(0x9, 0x2, 0xb, 0x0)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptya7\x00', 0x0, 0x0)
ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0)
ioctl$auto_TCFLSH2(r1, 0x40087101, 0x0)
io_uring_setup$auto(0x59, 0x0)
socket(0xa, 0x1, 0x7)
poll$auto(&(0x7f0000000040)={0x3, 0x1, 0x5}, 0x5, 0x5)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20242, 0x0)
socket(0x2, 0x1, 0x0)
mmap$auto(0x8, 0x420009, 0xdf, 0x10000000000eb1, 0x40000000000a5, 0x5)
setuid$auto(0xe)

1.713297347s ago: executing program 2 (id=936):
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
socket(0xa, 0x3, 0x3b)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1)
unshare$auto(0x40000080)
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={0x0, 0x14}}, 0x24048004)
futex$auto(0x0, 0x9, 0x3e, 0x0, 0x0, 0x0)
r0 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0)
ioctl$auto_UI_DEV_SETUP(r0, 0x405c5503, &(0x7f00000000c0)={{0x9, 0xf2cf, 0x8, 0x80}, "6a034a07c7b82d90b69a39e32576f893fb4a3836d61c9100fefbbabea6ef9368c7996e841f3f1561d4992f726b0a6c36b0b2fd1678e816201cf562367fe6596824588a2e3d84ba165f00", 0xa})
ioctl$auto_UI_DEV_CREATE(r0, 0x5501, 0x0)
writev$auto(r0, &(0x7f0000000340)={0x0, 0x500000}, 0x9)
socket(0xa, 0x1, 0x84)

1.164238239s ago: executing program 0 (id=937):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bond0/bonding/ad_num_ports\x00', 0x0, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0)
socket(0xa, 0x1, 0x84)
socket(0x10, 0x2, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/md_mod/parameters/new_array\x00', 0xa001, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
socket(0x10, 0x2, 0x0)
socket(0x2, 0x1, 0x106)
fanotify_init$auto(0x5, 0x2000000000002)
socket(0x2, 0x801, 0x106)
openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0)
r1 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
ioctl$auto(r0, 0x541c, r1)

831.907202ms ago: executing program 0 (id=938):
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socket(0x10, 0x2, 0x0)
socket(0x2c, 0x3, 0x0)
socket(0x15, 0x5, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x3, 0x100)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x801, 0x84)
socket(0x10, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x801, 0x84)
socket(0x2, 0x801, 0x106)
socket(0xa, 0x2, 0x0)
socket(0xa, 0x2, 0x3a)
io_uring_setup$auto(0x6, 0x0)
r0 = socket(0xa, 0x2, 0x88)
bpf$auto(0x0, &(0x7f0000000000)=@link_update={r0, @new_prog_fd=0x4, 0x8, @old_prog_fd=r0}, 0xa3)

478.361959ms ago: executing program 1 (id=939):
mmap$auto(0x7, 0x400008, 0x1200400000000cd, 0x400049b72, 0xffffffffffffffff, 0x7ff)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r0 = socket(0x2, 0xa, 0x1)
bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_4={0x1f, r0, 0x10000}, 0x10)
socket(0xa, 0x1, 0x84)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(0xffffffffffffffff, 0x0, 0x100000abdb)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0x240007, 0x19)
mmap$auto(0x0, 0x40, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
setsockopt$auto(0xffffffffffffffff, 0x6, 0x3, 0x0, 0xa1)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
unshare$auto(0x40000080)
ioctl$auto(0xffffffffffffffff, 0x6f2d, 0xffffffffffffffff)
openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/tracing/trace\x00', 0x1a6b75d638828712, 0x0)
openat$auto_tracing_free_buffer_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/tracing/free_buffer\x00', 0x4c000, 0xebff)

1.357782ms ago: executing program 0 (id=940):
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
socket(0x29, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
r0 = socket(0xa, 0x801, 0x106)
setsockopt$auto(r0, 0x6, 0x21, 0x0, 0x10)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0)
getrandom$auto(0x0, 0x6000000, 0x3)
mmap$auto(0x0, 0x810004, 0x2000000efb, 0x8000000008011, r1, 0x8000)
ioctl$auto_BLKRRPART(r1, 0x125f, 0x0)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/loop13\x00', 0x8040, 0x0)
ioctl$auto_BLKPBSZGET(r2, 0x127b, 0x0)
madvise$auto(0x0, 0x40004f, 0xe)
r3 = openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000040)='/proc/cpuinfo\x00', 0x2840, 0x0)
read$auto_proc_mountinfo_operations_mnt_namespace(r3, &(0x7f0000001100)=""/4096, 0x1000)
openat$auto_transaction_log_fops_(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/binder/failed_transaction_log\x00', 0x2, 0x0)

0s ago: executing program 3 (id=941):
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r1)
ioctl$auto_KVM_GET_MSRS(r0, 0xc008ae88, &(0x7f0000000080)={0x2, 0x0, [{0x4b564d07, 0x400, 0x718c1257}]})
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x28, 0x801, 0x0)
connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2711}, 0x51)
setsockopt$auto(0xffffffffffffffff, 0x0, 0x21, &(0x7f0000000000)='\x15!\xa8^J/\xddCx4!\x00\xd3\x8f\xff\x1b\x01\x1e\xe2\xa8\xd6\xd9\xc0\xa2\x0f\x88\xb1e\x8a\xd8?\xfe\xda\xc4\xef\xff(i\xc6@\xf2Vw\xbe\x1c$\xddm\x8a\x9d\x91_\v\xb2j\x0eQ\xce\x16\'C\x8c\x01\x80\x92u\xd5\xb8\\\x82,\xe2=y\x9bR\xbcn\xa0c\x16~\x86\"t\x00\x00\x00\x00\xe4\xa5\xfe\xb5h\xae\xec%\xf9\xa3>\xd6,\xf3\x98\'\xb0\t~~\xb4\x98\xbb3=A\x9c\x17\xa2\xce\fh-M\xdb-\x15VX\xfe\xca+\xb3JL\x0fl\xe84\xbd\xa3nO\x9f\xfa\xb1\x06$\b$i\x00\x80\xff\xff\xd6\x1e\xdbB\x9bb\x1cXC\x8c\x8b\xd9\xff\xf2B\xd4\xb4V<!n\n\xc4Pf\x99!Z\x13\xff\xca\xf3e\x015\x9b\x86\xd6$\x1a\r3\x91\xb7\x942\xeb\xadVA\xfc\x1f\xbf1\xb7T\xc1\xbf\xc0\xc2\xfc\xe8w\xd33\xb2,\xb0\x9fA3\xc2\xa2\x1cM\x825\x94*\x1cU\xbbNeb\xd2\xa9\x0f\xed\x8b\xea\xfa\x8a\x04.\xffMIw\x0f\xd6\xae^\xd2\xf1j\xcb\r\xa4\x1d0\x84\xf9\xcb\x8c\xe0\xb4\xce\xa1\x10o\xbdA\x80)d\xca\x81\x9c\x80GL\x0e\xe6\x19\x8au\x1a7\xc5|\xf6\x1e\xe00\xc6\"\x83\x1c\xa2\x9e\a\x1c\xea\xa3\x9c\xe1BF\x05b\xf6\xdcf\x04\xd9B\xb9\x98\x9cq\xbd\xfb\xb5\x04\x82~\xf2\x8d\x9f`\xec\xd0\xafY\xcf\x84*\xe6\x05o\xe1e\xb9)\x15', 0x18000113)
r2 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
write$auto_console_fops_tty_io(r2, &(0x7f0000000000)="c80d1b5d399b39", 0xfdef)

kernel console output (not intermixed with test programs):

se+0x3c/0x50
[  112.976703][ T5999]  __fput+0x3ff/0xb40
[  112.976750][ T5999]  ? _raw_spin_unlock_irq+0x23/0x50
[  112.976794][ T5999]  task_work_run+0x150/0x240
[  112.976826][ T5999]  ? __pfx_task_work_run+0x10/0x10
[  112.976869][ T5999]  exit_to_user_mode_loop+0x100/0x4b0
[  112.976915][ T5999]  ? rcu_is_watching+0x12/0xc0
[  112.976948][ T5999]  do_syscall_64+0x4ea/0xf80
[  112.976997][ T5999]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.977030][ T5999] RIP: 0033:0x7f1e06d9af79
[  112.977064][ T5999] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  112.977096][ T5999] RSP: 002b:00007f1e07cde028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  112.977126][ T5999] RAX: 0000000000000000 RBX: 00007f1e07015fa0 RCX: 00007f1e06d9af79
[  112.977146][ T5999] RDX: 0000000000000000 RSI: 000000000000000a RDI: 0000000000000002
[  112.977165][ T5999] RBP: 00007f1e06e316e0 R08: 0000000000000000 R09: 0000000000000000
[  112.977186][ T5999] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  112.977206][ T5999] R13: 00007f1e07016038 R14: 00007f1e07015fa0 R15: 00007ffc9eb4ca78
[  112.977256][ T5999]  </TASK>
[  113.256613][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  113.306026][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  113.314377][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  114.101829][ T6015] tipc: Withdrawal distribution failure
[  114.166287][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  114.175140][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  114.226729][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[  115.090576][ T6036] netlink: 330 bytes leftover after parsing attributes in process `syz.1.37'.
[  115.260931][ T6038] process 'syz.3.38' launched '/dev/fd/4' with NULL argv: empty string added
[  117.520653][ T6075] mmap: syz.3.51 (6075) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  117.710437][ T6077] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  119.217975][ T6099] netlink: 62 bytes leftover after parsing attributes in process `syz.3.59'.
[  119.869296][ T6101] netlink: 354 bytes leftover after parsing attributes in process `syz.0.58'.
[  122.476825][ T6149] zswap: compressor  not available
[  123.923857][ T6168] zswap: compressor  not available
[  124.396128][   T51] Bluetooth: hci0: unexpected subevent 0x03 length: 253 > 9
[  124.457287][   T51] Bluetooth: hci3: unexpected subevent 0x01 length: 3 < 18
[  127.022682][ T6210] netlink: 13 bytes leftover after parsing attributes in process `syz.1.90'.
[  127.295776][   T51] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  127.926331][   T51] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18
[  128.866574][ T6244] netlink: 338 bytes leftover after parsing attributes in process `syz.2.98'.
[  128.915889][ T6244] netlink: 338 bytes leftover after parsing attributes in process `syz.2.98'.
[  128.956466][ T6244] netlink: 290 bytes leftover after parsing attributes in process `syz.2.98'.
[  129.161894][ T6246] zswap: compressor  not available
[  129.726150][ T6261] netlink: 4 bytes leftover after parsing attributes in process `syz.1.104'.
[  129.747297][ T6261] netlink: 13 bytes leftover after parsing attributes in process `syz.1.104'.
[  130.412743][ T6274] vhci_hcd vhci_hcd.2: invalid port number 255
[  130.670128][ T6278] netlink: 44 bytes leftover after parsing attributes in process `syz.2.109'.
[  130.722641][ T6278] netlink: 44 bytes leftover after parsing attributes in process `syz.2.109'.
[  131.257217][ T6292] FAULT_INJECTION: forcing a failure.
[  131.257217][ T6292] name failslab, interval 1, probability 0, space 0, times 0
[  131.305054][ T6292] CPU: 0 UID: 0 PID: 6292 Comm: syz.1.114 Not tainted syzkaller #0 PREEMPT(full) 
[  131.305096][ T6292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  131.305116][ T6292] Call Trace:
[  131.305126][ T6292]  <TASK>
[  131.305137][ T6292]  dump_stack_lvl+0x100/0x190
[  131.305206][ T6292]  should_fail_ex.cold+0x5/0xa
[  131.305259][ T6292]  should_failslab+0xc2/0x120
[  131.305320][ T6292]  kmem_cache_alloc_noprof+0x83/0x780
[  131.305362][ T6292]  ? __pmd_alloc+0xbf/0x9c0
[  131.305417][ T6292]  ? __pmd_alloc+0xbf/0x9c0
[  131.305463][ T6292]  __pmd_alloc+0xbf/0x9c0
[  131.305515][ T6292]  __handle_mm_fault+0xa99/0x2b50
[  131.305555][ T6292]  ? mt_find+0x45e/0x8e0
[  131.305609][ T6292]  ? __pfx___handle_mm_fault+0x10/0x10
[  131.305640][ T6292]  ? __pfx_mt_find+0x10/0x10
[  131.305723][ T6292]  ? find_vma+0xbf/0x140
[  131.305765][ T6292]  ? __pfx_find_vma+0x10/0x10
[  131.305810][ T6292]  handle_mm_fault+0x36d/0xa20
[  131.305851][ T6292]  do_user_addr_fault+0x74c/0x12f0
[  131.305902][ T6292]  exc_page_fault+0x6f/0xd0
[  131.305946][ T6292]  asm_exc_page_fault+0x26/0x30
[  131.305978][ T6292] RIP: 0010:rep_movs_alternative+0x4a/0x90
[  131.306012][ T6292] Code: cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 c3 cc cc cc cc 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[  131.306043][ T6292] RSP: 0018:ffffc9000c247870 EFLAGS: 00050202
[  131.306079][ T6292] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000080
[  131.306099][ T6292] RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffffc9000c247b90
[  131.306118][ T6292] RBP: 0000000000000080 R08: 0000000000000001 R09: fffff52001848f81
[  131.306138][ T6292] R10: ffffc9000c247c0f R11: 0000000000000000 R12: 0000000000000000
[  131.306158][ T6292] R13: ffffc9000c247b90 R14: ffff888059c45280 R15: ffff888059c452c8
[  131.306200][ T6292]  _copy_from_user+0x98/0xd0
[  131.306235][ T6292]  kvm_arch_vcpu_ioctl+0x27e0/0x53e0
[  131.306287][ T6292]  ? stack_trace_save+0x8e/0xc0
[  131.306326][ T6292]  ? __pfx_kvm_arch_vcpu_ioctl+0x10/0x10
[  131.306374][ T6292]  ? __lock_acquire+0x4a5/0x2630
[  131.306423][ T6292]  ? kasan_save_stack+0x3f/0x50
[  131.306459][ T6292]  ? kasan_save_stack+0x30/0x50
[  131.306496][ T6292]  ? kasan_save_track+0x14/0x30
[  131.306531][ T6292]  ? kasan_save_free_info+0x3b/0x70
[  131.306567][ T6292]  ? __lock_acquire+0x4a5/0x2630
[  131.306627][ T6292]  ? lock_acquire+0x17c/0x330
[  131.306673][ T6292]  ? __pfx___might_resched+0x10/0x10
[  131.306704][ T6292]  ? rcu_is_watching+0x12/0xc0
[  131.306742][ T6292]  ? trace_contention_end+0xd6/0x110
[  131.306790][ T6292]  ? __mutex_lock+0x26a/0x1b90
[  131.306840][ T6292]  ? kvm_vcpu_ioctl+0x322/0x16d0
[  131.306876][ T6292]  ? kasan_quarantine_put+0x104/0x240
[  131.306914][ T6292]  ? __pfx___mutex_lock+0x10/0x10
[  131.306977][ T6292]  ? tomoyo_path_number_perm+0x188/0x580
[  131.307019][ T6292]  ? kvm_vcpu_ioctl+0x8a0/0x16d0
[  131.307047][ T6292]  kvm_vcpu_ioctl+0x8a0/0x16d0
[  131.307083][ T6292]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  131.307116][ T6292]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  131.307153][ T6292]  ? do_vfs_ioctl+0x226/0x13e0
[  131.307205][ T6292]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  131.307266][ T6292]  ? find_held_lock+0x2b/0x80
[  131.307300][ T6292]  ? hook_file_ioctl_common+0x146/0x410
[  131.307344][ T6292]  ? __fget_files+0x21f/0x3d0
[  131.307383][ T6292]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  131.307418][ T6292]  __x64_sys_ioctl+0x18e/0x210
[  131.307473][ T6292]  do_syscall_64+0xc9/0xf80
[  131.307523][ T6292]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.307555][ T6292] RIP: 0033:0x7fcfec39af79
[  131.307592][ T6292] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  131.307623][ T6292] RSP: 002b:00007fcfed306028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  131.307652][ T6292] RAX: ffffffffffffffda RBX: 00007fcfec615fa0 RCX: 00007fcfec39af79
[  131.307673][ T6292] RDX: 0000000000000000 RSI: 000000004080aea2 RDI: 0000000000000004
[  131.307693][ T6292] RBP: 00007fcfec4316e0 R08: 0000000000000000 R09: 0000000000000000
[  131.307712][ T6292] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  131.307737][ T6292] R13: 00007fcfec616038 R14: 00007fcfec615fa0 R15: 00007ffc11bb79b8
[  131.307781][ T6292]  </TASK>
[  132.423225][ T6309] netlink: 28 bytes leftover after parsing attributes in process `syz.0.120'.
[  132.709146][ T6312] FAULT_INJECTION: forcing a failure.
[  132.709146][ T6312] name failslab, interval 1, probability 0, space 0, times 0
[  132.725162][ T6312] CPU: 1 UID: 0 PID: 6312 Comm: syz.1.121 Not tainted syzkaller #0 PREEMPT(full) 
[  132.725209][ T6312] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  132.725229][ T6312] Call Trace:
[  132.725241][ T6312]  <TASK>
[  132.725254][ T6312]  dump_stack_lvl+0x100/0x190
[  132.725303][ T6312]  should_fail_ex.cold+0x5/0xa
[  132.725374][ T6312]  should_failslab+0xc2/0x120
[  132.725423][ T6312]  kmem_cache_alloc_noprof+0x83/0x780
[  132.725469][ T6312]  ? vm_area_alloc+0x1f/0x160
[  132.725511][ T6312]  ? vm_area_alloc+0x1f/0x160
[  132.725544][ T6312]  vm_area_alloc+0x1f/0x160
[  132.725577][ T6312]  __mmap_region+0x101e/0x2820
[  132.725622][ T6312]  ? find_held_lock+0x2b/0x80
[  132.725662][ T6312]  ? ima_match_policy+0x8c4/0x2350
[  132.725699][ T6312]  ? __pfx___mmap_region+0x10/0x10
[  132.725771][ T6312]  ? __pfx___might_resched+0x10/0x10
[  132.725802][ T6312]  ? lockdep_hardirqs_on+0x78/0x100
[  132.725849][ T6312]  ? find_held_lock+0x2b/0x80
[  132.725883][ T6312]  ? process_measurement+0x4c2/0x2400
[  132.725952][ T6312]  ? process_measurement+0x1ea/0x2400
[  132.726073][ T6312]  mmap_region+0x30a/0x3e0
[  132.726119][ T6312]  do_mmap+0xc63/0x12f0
[  132.726176][ T6312]  ? __pfx_do_mmap+0x10/0x10
[  132.726224][ T6312]  ? __pfx_down_write_killable+0x10/0x10
[  132.726285][ T6312]  vm_mmap_pgoff+0x29e/0x470
[  132.726347][ T6312]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  132.726393][ T6312]  ? __fget_files+0x215/0x3d0
[  132.726436][ T6312]  ? __fget_files+0x21f/0x3d0
[  132.726479][ T6312]  ksys_mmap_pgoff+0x328/0x5b0
[  132.726533][ T6312]  __x64_sys_mmap+0x125/0x190
[  132.726572][ T6312]  do_syscall_64+0xc9/0xf80
[  132.726620][ T6312]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.726653][ T6312] RIP: 0033:0x7fcfec39af79
[  132.726680][ T6312] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  132.726713][ T6312] RSP: 002b:00007fcfed306028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  132.726745][ T6312] RAX: ffffffffffffffda RBX: 00007fcfec615fa0 RCX: 00007fcfec39af79
[  132.726766][ T6312] RDX: 0000000000000007 RSI: 00000000003fffff RDI: 0000000000009000
[  132.726786][ T6312] RBP: 00007fcfec4316e0 R08: 00000000000000dd R09: 0000000000000000
[  132.726807][ T6312] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000000
[  132.726826][ T6312] R13: 00007fcfec616038 R14: 00007fcfec615fa0 R15: 00007ffc11bb79b8
[  132.726869][ T6312]  </TASK>
[  133.183084][ T5834] Bluetooth: hci2: Malformed Event: 0x02
[  133.335000][ T6320] netlink: 28 bytes leftover after parsing attributes in process `syz.2.123'.
[  133.619700][ T6328] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  133.981855][ T6331] netlink: 'syz.3.127': attribute type 4 has an invalid length.
[  134.015790][ T6331] netlink: 'syz.3.127': attribute type 32 has an invalid length.
[  134.060665][ T6331] netlink: 46 bytes leftover after parsing attributes in process `syz.3.127'.
[  135.189652][ T6344] FAULT_INJECTION: forcing a failure.
[  135.189652][ T6344] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  135.205086][ T6344] CPU: 0 UID: 0 PID: 6344 Comm: syz.1.132 Not tainted syzkaller #0 PREEMPT(full) 
[  135.205119][ T6344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  135.205133][ T6344] Call Trace:
[  135.205141][ T6344]  <TASK>
[  135.205149][ T6344]  dump_stack_lvl+0x100/0x190
[  135.205262][ T6344]  should_fail_ex.cold+0x5/0xa
[  135.205305][ T6344]  _copy_from_iter+0x1f4/0x1690
[  135.205334][ T6344]  ? __alloc_skb+0x220/0x410
[  135.205373][ T6344]  ? __alloc_skb+0x35d/0x410
[  135.205411][ T6344]  ? __pfx__copy_from_iter+0x10/0x10
[  135.205437][ T6344]  ? netlink_autobind.isra.0+0x80/0x370
[  135.205475][ T6344]  netlink_sendmsg+0x808/0xda0
[  135.205508][ T6344]  ? __pfx_netlink_sendmsg+0x10/0x10
[  135.205532][ T6344]  ? __import_iovec+0x1d2/0x640
[  135.205560][ T6344]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  135.205603][ T6344]  ____sys_sendmsg+0xa54/0xc30
[  135.205639][ T6344]  ? __pfx_____sys_sendmsg+0x10/0x10
[  135.205733][ T6344]  ? __pfx___futex_wait+0x10/0x10
[  135.205793][ T6344]  ? __pfx_futex_wake_mark+0x10/0x10
[  135.205852][ T6344]  ___sys_sendmsg+0x190/0x1e0
[  135.205898][ T6344]  ? __pfx____sys_sendmsg+0x10/0x10
[  135.205947][ T6344]  ? find_held_lock+0x2b/0x80
[  135.205991][ T6344]  __sys_sendmsg+0x170/0x220
[  135.206017][ T6344]  ? __pfx___sys_sendmsg+0x10/0x10
[  135.206042][ T6344]  ? __x64_sys_futex+0x34f/0x4d0
[  135.206093][ T6344]  do_syscall_64+0xc9/0xf80
[  135.206142][ T6344]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  135.206167][ T6344] RIP: 0033:0x7fcfec39af79
[  135.206187][ T6344] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  135.206211][ T6344] RSP: 002b:00007fcfed306028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  135.206234][ T6344] RAX: ffffffffffffffda RBX: 00007fcfec615fa0 RCX: 00007fcfec39af79
[  135.206251][ T6344] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000007
[  135.206266][ T6344] RBP: 00007fcfec4316e0 R08: 0000000000000000 R09: 0000000000000000
[  135.206281][ T6344] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  135.206295][ T6344] R13: 00007fcfec616038 R14: 00007fcfec615fa0 R15: 00007ffc11bb79b8
[  135.206326][ T6344]  </TASK>
[  135.697743][ T5834] Bluetooth: hci3: Malformed Event: 0x02
[  135.987220][ T6352] netlink: 28 bytes leftover after parsing attributes in process `syz.3.134'.
[  136.118661][ T6359] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  139.131628][ T6390] netlink: 'syz.1.153': attribute type 5 has an invalid length.
[  139.149311][ T5834] Bluetooth: hci0: Malformed Event: 0x02
[  139.185551][ T6390] netlink: 'syz.1.153': attribute type 1 has an invalid length.
[  139.207028][ T6390] netlink: 12 bytes leftover after parsing attributes in process `syz.1.153'.
[  139.279158][ T6395] netlink: 'syz.1.153': attribute type 5 has an invalid length.
[  139.353874][ T6395] netlink: 'syz.1.153': attribute type 1 has an invalid length.
[  139.396298][ T6395] netlink: 12 bytes leftover after parsing attributes in process `syz.1.153'.
[  139.727537][ T6403] netlink: 25 bytes leftover after parsing attributes in process `syz.1.149'.
[  140.633574][ T6421] netlink: 330 bytes leftover after parsing attributes in process `syz.3.155'.
[  141.441406][ T6430] netlink: 306 bytes leftover after parsing attributes in process `syz.1.159'.
[  142.301516][ T5834] Bluetooth: hci1: Malformed Event: 0x02
[  142.409812][ T6436] netlink: 28 bytes leftover after parsing attributes in process `syz.3.163'.
[  142.458081][ T6436] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  142.519755][ T6436] batman_adv: batadv0: Removing interface: batadv_slave_0
[  142.560049][ T6436] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  142.616973][ T6436] batman_adv: batadv0: Removing interface: batadv_slave_1
[  143.304089][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  143.310869][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  145.600187][ T6467] FAULT_INJECTION: forcing a failure.
[  145.600187][ T6467] name failslab, interval 1, probability 0, space 0, times 0
[  145.665827][ T6467] CPU: 1 UID: 0 PID: 6467 Comm: syz.0.171 Not tainted syzkaller #0 PREEMPT(full) 
[  145.665871][ T6467] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  145.665891][ T6467] Call Trace:
[  145.665902][ T6467]  <TASK>
[  145.665914][ T6467]  dump_stack_lvl+0x100/0x190
[  145.665963][ T6467]  should_fail_ex.cold+0x5/0xa
[  145.666019][ T6467]  should_failslab+0xc2/0x120
[  145.666062][ T6467]  ? genl_family_rcv_msg_attrs_parse.isra.0+0xc8/0x290
[  145.666110][ T6467]  __kmalloc_noprof+0xf6/0x9c0
[  145.666145][ T6467]  ? __pfx___might_resched+0x10/0x10
[  145.666187][ T6467]  ? genl_family_rcv_msg_attrs_parse.isra.0+0xc8/0x290
[  145.666234][ T6467]  genl_family_rcv_msg_attrs_parse.isra.0+0xc8/0x290
[  145.666290][ T6467]  genl_family_rcv_msg_doit+0xc7/0x300
[  145.666339][ T6467]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  145.666383][ T6467]  ? genl_get_cmd+0x3ef/0x720
[  145.666434][ T6467]  ? bpf_lsm_capable+0x9/0x10
[  145.666495][ T6467]  ? security_capable+0x80/0x260
[  145.666551][ T6467]  ? ns_capable+0xd2/0xf0
[  145.666594][ T6467]  genl_rcv_msg+0x560/0x800
[  145.666643][ T6467]  ? __pfx_genl_rcv_msg+0x10/0x10
[  145.666688][ T6467]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  145.666737][ T6467]  netlink_rcv_skb+0x159/0x420
[  145.666776][ T6467]  ? __pfx_genl_rcv_msg+0x10/0x10
[  145.666822][ T6467]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  145.666878][ T6467]  ? netlink_deliver_tap+0x1ae/0xcc0
[  145.666919][ T6467]  genl_rcv+0x28/0x40
[  145.666958][ T6467]  netlink_unicast+0x5aa/0x870
[  145.667002][ T6467]  ? __pfx_netlink_unicast+0x10/0x10
[  145.667056][ T6467]  netlink_sendmsg+0x8b0/0xda0
[  145.667103][ T6467]  ? __pfx_netlink_sendmsg+0x10/0x10
[  145.667138][ T6467]  ? __import_iovec+0x1d2/0x640
[  145.667179][ T6467]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  145.667240][ T6467]  ____sys_sendmsg+0xa54/0xc30
[  145.667290][ T6467]  ? __pfx_____sys_sendmsg+0x10/0x10
[  145.667333][ T6467]  ? __pfx___futex_wait+0x10/0x10
[  145.667395][ T6467]  ? __pfx_futex_wake_mark+0x10/0x10
[  145.667457][ T6467]  ___sys_sendmsg+0x190/0x1e0
[  145.667515][ T6467]  ? __pfx____sys_sendmsg+0x10/0x10
[  145.667583][ T6467]  ? find_held_lock+0x2b/0x80
[  145.667648][ T6467]  __sys_sendmsg+0x170/0x220
[  145.667685][ T6467]  ? __pfx___sys_sendmsg+0x10/0x10
[  145.667720][ T6467]  ? __x64_sys_futex+0x34f/0x4d0
[  145.667793][ T6467]  do_syscall_64+0xc9/0xf80
[  145.667849][ T6467]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  145.667884][ T6467] RIP: 0033:0x7f87a2f9af79
[  145.667913][ T6467] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  145.667946][ T6467] RSP: 002b:00007f87a3dd4028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  145.667981][ T6467] RAX: ffffffffffffffda RBX: 00007f87a3215fa0 RCX: 00007f87a2f9af79
[  145.668003][ T6467] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000007
[  145.668025][ T6467] RBP: 00007f87a30316e0 R08: 0000000000000000 R09: 0000000000000000
[  145.668046][ T6467] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  145.668066][ T6467] R13: 00007f87a3216038 R14: 00007f87a3215fa0 R15: 00007ffcb4dd8a18
[  145.668111][ T6467]  </TASK>
[  146.507153][ T6479] netlink: 330 bytes leftover after parsing attributes in process `syz.1.175'.
[  146.599966][ T6471] kexec: Could not allocate control_code_buffer
[  148.073973][ T6502] zswap: compressor û not available
[  148.659138][ T6512] random: crng reseeded on system resumption
[  148.801621][ T6516] hub 1-0:1.0: USB hub found
[  148.813356][ T6516] hub 1-0:1.0: 1 port detected
[  148.893540][ T6515] FAULT_INJECTION: forcing a failure.
[  148.893540][ T6515] name failslab, interval 1, probability 0, space 0, times 0
[  148.912157][ T6515] CPU: 1 UID: 0 PID: 6515 Comm: syz.3.184 Not tainted syzkaller #0 PREEMPT(full) 
[  148.912200][ T6515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  148.912220][ T6515] Call Trace:
[  148.912230][ T6515]  <TASK>
[  148.912243][ T6515]  dump_stack_lvl+0x100/0x190
[  148.912293][ T6515]  should_fail_ex.cold+0x5/0xa
[  148.912352][ T6515]  should_failslab+0xc2/0x120
[  148.912400][ T6515]  kmem_cache_alloc_noprof+0x83/0x780
[  148.912446][ T6515]  ? prepare_creds+0x2c/0x950
[  148.912486][ T6515]  ? prepare_creds+0x2c/0x950
[  148.912517][ T6515]  prepare_creds+0x2c/0x950
[  148.912552][ T6515]  __sys_setresgid+0x4a7/0x12f0
[  148.912594][ T6515]  ? rcu_is_watching+0x12/0xc0
[  148.912628][ T6515]  do_syscall_64+0xc9/0xf80
[  148.912679][ T6515]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.912715][ T6515] RIP: 0033:0x7f1e06d9af79
[  148.912742][ T6515] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  148.912776][ T6515] RSP: 002b:00007f1e07cde028 EFLAGS: 00000246 ORIG_RAX: 0000000000000077
[  148.912809][ T6515] RAX: ffffffffffffffda RBX: 00007f1e07015fa0 RCX: 00007f1e06d9af79
[  148.912832][ T6515] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000800
[  148.912852][ T6515] RBP: 00007f1e06e316e0 R08: 0000000000000000 R09: 0000000000000000
[  148.912873][ T6515] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  148.912893][ T6515] R13: 00007f1e07016038 R14: 00007f1e07015fa0 R15: 00007ffc9eb4ca78
[  148.912936][ T6515]  </TASK>
[  149.719336][ T6530] FAULT_INJECTION: forcing a failure.
[  149.719336][ T6530] name failslab, interval 1, probability 0, space 0, times 0
[  149.768066][ T6530] CPU: 0 UID: 0 PID: 6530 Comm: syz.2.188 Not tainted syzkaller #0 PREEMPT(full) 
[  149.768109][ T6530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  149.768129][ T6530] Call Trace:
[  149.768139][ T6530]  <TASK>
[  149.768152][ T6530]  dump_stack_lvl+0x100/0x190
[  149.768196][ T6530]  should_fail_ex.cold+0x5/0xa
[  149.768252][ T6530]  should_failslab+0xc2/0x120
[  149.768296][ T6530]  kmem_cache_alloc_noprof+0x83/0x780
[  149.768338][ T6530]  ? copy_utsname+0x1a8/0x690
[  149.768396][ T6530]  ? copy_utsname+0x1a8/0x690
[  149.768443][ T6530]  copy_utsname+0x1a8/0x690
[  149.768494][ T6530]  create_new_namespaces+0x16a/0xac0
[  149.768533][ T6530]  ? bpf_lsm_capable+0x9/0x10
[  149.768580][ T6530]  ? security_capable+0x80/0x260
[  149.768634][ T6530]  unshare_nsproxy_namespaces+0xc3/0x1f0
[  149.768676][ T6530]  ksys_unshare+0x455/0xab0
[  149.768727][ T6530]  ? __pfx_ksys_unshare+0x10/0x10
[  149.768774][ T6530]  ? xfd_validate_state+0x129/0x190
[  149.768817][ T6530]  __x64_sys_unshare+0x31/0x40
[  149.768898][ T6530]  do_syscall_64+0xc9/0xf80
[  149.768947][ T6530]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.768979][ T6530] RIP: 0033:0x7f364d59af79
[  149.769004][ T6530] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  149.769035][ T6530] RSP: 002b:00007f364e3f1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  149.769067][ T6530] RAX: ffffffffffffffda RBX: 00007f364d816090 RCX: 00007f364d59af79
[  149.769088][ T6530] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000006c000000
[  149.769107][ T6530] RBP: 00007f364d6316e0 R08: 0000000000000000 R09: 0000000000000000
[  149.769128][ T6530] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  149.769147][ T6530] R13: 00007f364d816128 R14: 00007f364d816090 R15: 00007ffce40335f8
[  149.769190][ T6530]  </TASK>
[  151.809645][ T6560] hub 1-0:1.0: USB hub found
[  151.851116][ T6560] hub 1-0:1.0: 1 port detected
[  153.540897][ T6579] FAULT_INJECTION: forcing a failure.
[  153.540897][ T6579] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  153.612677][ T6579] CPU: 1 UID: 0 PID: 6579 Comm: syz.3.200 Not tainted syzkaller #0 PREEMPT(full) 
[  153.612719][ T6579] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  153.612755][ T6579] Call Trace:
[  153.612765][ T6579]  <TASK>
[  153.612776][ T6579]  dump_stack_lvl+0x100/0x190
[  153.612832][ T6579]  should_fail_ex.cold+0x5/0xa
[  153.612885][ T6579]  ? prepare_alloc_pages+0x16d/0x5f0
[  153.612939][ T6579]  should_fail_alloc_page+0xeb/0x140
[  153.612986][ T6579]  prepare_alloc_pages+0x1f0/0x5f0
[  153.613036][ T6579]  ? unwind_get_return_address+0x59/0xa0
[  153.613085][ T6579]  __alloc_frozen_pages_noprof+0x193/0x2410
[  153.613123][ T6579]  ? __lock_acquire+0x4a5/0x2630
[  153.613170][ T6579]  ? __lock_acquire+0x4a5/0x2630
[  153.613221][ T6579]  ? __lock_acquire+0x4a5/0x2630
[  153.613272][ T6579]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  153.613336][ T6579]  ? find_held_lock+0x2b/0x80
[  153.613372][ T6579]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  153.613409][ T6579]  ? policy_nodemask+0xed/0x4f0
[  153.613459][ T6579]  alloc_pages_mpol+0x1fb/0x550
[  153.613507][ T6579]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  153.613551][ T6579]  ? unwind_get_return_address+0x59/0xa0
[  153.613596][ T6579]  ? arch_stack_walk+0xa6/0xf0
[  153.613644][ T6579]  ? __pfx_mac80211_hwsim_link_info_changed+0x10/0x10
[  153.613694][ T6579]  ___kmalloc_large_node+0x104/0x150
[  153.613748][ T6579]  ? __pfx_ieee80211_emulate_add_chanctx+0x10/0x10
[  153.613785][ T6579]  __kmalloc_large_node_noprof+0x1c/0x70
[  153.613843][ T6579]  ? stack_trace_save+0x8e/0xc0
[  153.613877][ T6579]  ? wiphy_new_nm+0x701/0x21a0
[  153.613909][ T6579]  __kmalloc_noprof+0x6b1/0x9c0
[  153.613940][ T6579]  ? stack_depot_save_flags+0x27/0x9c0
[  153.613985][ T6579]  ? __pfx_ieee80211_emulate_remove_chanctx+0x10/0x10
[  153.614024][ T6579]  ? __pfx_ieee80211_emulate_add_chanctx+0x10/0x10
[  153.614059][ T6579]  ? __pfx_mac80211_hwsim_link_info_changed+0x10/0x10
[  153.614111][ T6579]  ? wiphy_new_nm+0x701/0x21a0
[  153.614139][ T6579]  wiphy_new_nm+0x701/0x21a0
[  153.614171][ T6579]  ? __pfx_ieee80211_emulate_remove_chanctx+0x10/0x10
[  153.614208][ T6579]  ? __pfx_ieee80211_emulate_add_chanctx+0x10/0x10
[  153.614243][ T6579]  ? __pfx_mac80211_hwsim_link_info_changed+0x10/0x10
[  153.614294][ T6579]  ieee80211_alloc_hw_nm+0x1ac7/0x22a0
[  153.614329][ T6579]  ? __local_bh_enable_ip+0x9e/0x120
[  153.614379][ T6579]  mac80211_hwsim_new_radio+0x1e1/0x57c0
[  153.614431][ T6579]  ? __asan_memset+0x23/0x50
[  153.614467][ T6579]  ? __nla_validate_parse+0x1e7/0x28b0
[  153.614512][ T6579]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  153.614559][ T6579]  hwsim_new_radio_nl+0xc1f/0x1340
[  153.614590][ T6579]  ? genl_family_rcv_msg_attrs_parse.isra.0+0xc8/0x290
[  153.614642][ T6579]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  153.614689][ T6579]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x290
[  153.614734][ T6579]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1b4/0x290
[  153.614790][ T6579]  genl_family_rcv_msg_doit+0x214/0x300
[  153.614848][ T6579]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  153.614892][ T6579]  ? genl_get_cmd+0x3ef/0x720
[  153.614943][ T6579]  ? bpf_lsm_capable+0x9/0x10
[  153.614993][ T6579]  ? security_capable+0x80/0x260
[  153.615045][ T6579]  ? ns_capable+0xd2/0xf0
[  153.615088][ T6579]  genl_rcv_msg+0x560/0x800
[  153.615136][ T6579]  ? __pfx_genl_rcv_msg+0x10/0x10
[  153.615179][ T6579]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  153.615228][ T6579]  netlink_rcv_skb+0x159/0x420
[  153.615265][ T6579]  ? __pfx_genl_rcv_msg+0x10/0x10
[  153.615308][ T6579]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  153.615363][ T6579]  ? netlink_deliver_tap+0x1ae/0xcc0
[  153.615405][ T6579]  genl_rcv+0x28/0x40
[  153.615442][ T6579]  netlink_unicast+0x5aa/0x870
[  153.615484][ T6579]  ? __pfx_netlink_unicast+0x10/0x10
[  153.615537][ T6579]  netlink_sendmsg+0x8b0/0xda0
[  153.615581][ T6579]  ? __pfx_netlink_sendmsg+0x10/0x10
[  153.615618][ T6579]  ? __import_iovec+0x1d2/0x640
[  153.615663][ T6579]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  153.615720][ T6579]  ____sys_sendmsg+0xa54/0xc30
[  153.615767][ T6579]  ? __pfx_____sys_sendmsg+0x10/0x10
[  153.615808][ T6579]  ? __pfx___futex_wait+0x10/0x10
[  153.615877][ T6579]  ? __pfx_futex_wake_mark+0x10/0x10
[  153.615936][ T6579]  ___sys_sendmsg+0x190/0x1e0
[  153.615984][ T6579]  ? __pfx____sys_sendmsg+0x10/0x10
[  153.616052][ T6579]  ? find_held_lock+0x2b/0x80
[  153.616116][ T6579]  __sys_sendmsg+0x170/0x220
[  153.616152][ T6579]  ? __pfx___sys_sendmsg+0x10/0x10
[  153.616185][ T6579]  ? __x64_sys_futex+0x34f/0x4d0
[  153.616253][ T6579]  do_syscall_64+0xc9/0xf80
[  153.616305][ T6579]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.616339][ T6579] RIP: 0033:0x7f1e06d9af79
[  153.616366][ T6579] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  153.616398][ T6579] RSP: 002b:00007f1e07cde028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  153.616431][ T6579] RAX: ffffffffffffffda RBX: 00007f1e07015fa0 RCX: 00007f1e06d9af79
[  153.616454][ T6579] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000007
[  153.616474][ T6579] RBP: 00007f1e06e316e0 R08: 0000000000000000 R09: 0000000000000000
[  153.616495][ T6579] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  153.616515][ T6579] R13: 00007f1e07016038 R14: 00007f1e07015fa0 R15: 00007ffc9eb4ca78
[  153.616560][ T6579]  </TASK>
[  156.224182][ T6575] kexec: Could not allocate control_code_buffer
[  156.519649][ T5834] Bluetooth: hci0: unexpected event 0x20 length: 123 > 7
[  157.496636][ T6619] netlink: 28 bytes leftover after parsing attributes in process `syz.1.212'.
[  157.586711][ T6619] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  157.627272][ T6619] batman_adv: batadv0: Removing interface: batadv_slave_0
[  157.751134][ T6619] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  157.872516][ T6619] batman_adv: batadv0: Removing interface: batadv_slave_1
[  158.151714][ T6625] syz.0.214 uses obsolete (PF_INET,SOCK_PACKET)
[  158.397628][ T6640] netlink: 16 bytes leftover after parsing attributes in process `syz.0.220'.
[  158.806491][ T6646] netlink: 78 bytes leftover after parsing attributes in process `syz.0.222'.
[  159.155867][ T6653] FAULT_INJECTION: forcing a failure.
[  159.155867][ T6653] name failslab, interval 1, probability 0, space 0, times 0
[  159.249102][ T6653] CPU: 0 UID: 0 PID: 6653 Comm: syz.3.224 Not tainted syzkaller #0 PREEMPT(full) 
[  159.249145][ T6653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  159.249165][ T6653] Call Trace:
[  159.249175][ T6653]  <TASK>
[  159.249188][ T6653]  dump_stack_lvl+0x100/0x190
[  159.249249][ T6653]  should_fail_ex.cold+0x5/0xa
[  159.249305][ T6653]  should_failslab+0xc2/0x120
[  159.249349][ T6653]  kmem_cache_alloc_noprof+0x83/0x780
[  159.249400][ T6653]  ? copy_utsname+0x1a8/0x690
[  159.249459][ T6653]  ? copy_utsname+0x1a8/0x690
[  159.249505][ T6653]  copy_utsname+0x1a8/0x690
[  159.249560][ T6653]  create_new_namespaces+0x16a/0xac0
[  159.249599][ T6653]  ? bpf_lsm_capable+0x9/0x10
[  159.249649][ T6653]  ? security_capable+0x80/0x260
[  159.249702][ T6653]  unshare_nsproxy_namespaces+0xc3/0x1f0
[  159.249747][ T6653]  ksys_unshare+0x455/0xab0
[  159.249800][ T6653]  ? __pfx_ksys_unshare+0x10/0x10
[  159.249849][ T6653]  ? xfd_validate_state+0x129/0x190
[  159.249894][ T6653]  __x64_sys_unshare+0x31/0x40
[  159.249944][ T6653]  do_syscall_64+0xc9/0xf80
[  159.249994][ T6653]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.250027][ T6653] RIP: 0033:0x7f1e06d9af79
[  159.250052][ T6653] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  159.250083][ T6653] RSP: 002b:00007f1e07cbd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  159.250114][ T6653] RAX: ffffffffffffffda RBX: 00007f1e07016090 RCX: 00007f1e06d9af79
[  159.250148][ T6653] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000006c000000
[  159.250167][ T6653] RBP: 00007f1e06e316e0 R08: 0000000000000000 R09: 0000000000000000
[  159.250188][ T6653] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  159.250207][ T6653] R13: 00007f1e07016128 R14: 00007f1e07016090 R15: 00007ffc9eb4ca78
[  159.250251][ T6653]  </TASK>
[  160.743140][ T6667] FAULT_INJECTION: forcing a failure.
[  160.743140][ T6667] name failslab, interval 1, probability 0, space 0, times 0
[  160.826241][ T6667] CPU: 0 UID: 0 PID: 6667 Comm: syz.1.228 Not tainted syzkaller #0 PREEMPT(full) 
[  160.826286][ T6667] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  160.826305][ T6667] Call Trace:
[  160.826316][ T6667]  <TASK>
[  160.826327][ T6667]  dump_stack_lvl+0x100/0x190
[  160.826375][ T6667]  should_fail_ex.cold+0x5/0xa
[  160.826432][ T6667]  should_failslab+0xc2/0x120
[  160.826476][ T6667]  ? snd_pcm_plugin_build+0x434/0x650
[  160.826528][ T6667]  __kmalloc_noprof+0xf6/0x9c0
[  160.826557][ T6667]  ? __pfx_snd_pcm_plugin_build_linear+0x10/0x10
[  160.826605][ T6667]  ? snd_pcm_plugin_build+0x434/0x650
[  160.826656][ T6667]  snd_pcm_plugin_build+0x434/0x650
[  160.826714][ T6667]  snd_pcm_plugin_build_io+0x207/0x5f0
[  160.826747][ T6667]  ? __pfx_snd_pcm_plugin_build_io+0x10/0x10
[  160.826782][ T6667]  ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10
[  160.826845][ T6667]  snd_pcm_oss_change_params_locked+0x2eb3/0x39f0
[  160.826916][ T6667]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  160.826965][ T6667]  ? __pfx___mutex_lock+0x10/0x10
[  160.827055][ T6667]  snd_pcm_oss_get_active_substream+0x175/0x1d0
[  160.827115][ T6667]  snd_pcm_oss_ioctl+0x1c08/0x3720
[  160.827168][ T6667]  ? hook_file_ioctl_common+0x146/0x410
[  160.827208][ T6667]  ? __pfx_snd_pcm_oss_ioctl+0x10/0x10
[  160.827270][ T6667]  ? __fget_files+0x21f/0x3d0
[  160.827313][ T6667]  ? __pfx_snd_pcm_oss_ioctl+0x10/0x10
[  160.827366][ T6667]  __x64_sys_ioctl+0x18e/0x210
[  160.827421][ T6667]  do_syscall_64+0xc9/0xf80
[  160.827482][ T6667]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.827513][ T6667] RIP: 0033:0x7fcfec39af79
[  160.827539][ T6667] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  160.827570][ T6667] RSP: 002b:00007fcfed306028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  160.827600][ T6667] RAX: ffffffffffffffda RBX: 00007fcfec615fa0 RCX: 00007fcfec39af79
[  160.827621][ T6667] RDX: 0000000000000000 RSI: 00000000c0045002 RDI: 0000000000000006
[  160.827639][ T6667] RBP: 00007fcfec4316e0 R08: 0000000000000000 R09: 0000000000000000
[  160.827658][ T6667] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  160.827676][ T6667] R13: 00007fcfec616038 R14: 00007fcfec615fa0 R15: 00007ffc11bb79b8
[  160.827720][ T6667]  </TASK>
[  161.592745][ T6682] netlink: 28 bytes leftover after parsing attributes in process `syz.0.232'.
[  164.459285][ T6713] netlink: 306 bytes leftover after parsing attributes in process `syz.2.239'.
[  166.649115][ T6738] random: crng reseeded on system resumption
[  167.857709][ T6753] FAULT_INJECTION: forcing a failure.
[  167.857709][ T6753] name failslab, interval 1, probability 0, space 0, times 0
[  167.949081][ T6753] CPU: 1 UID: 0 PID: 6753 Comm: syz.2.252 Not tainted syzkaller #0 PREEMPT(full) 
[  167.949125][ T6753] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  167.949146][ T6753] Call Trace:
[  167.949157][ T6753]  <TASK>
[  167.949171][ T6753]  dump_stack_lvl+0x100/0x190
[  167.949221][ T6753]  should_fail_ex.cold+0x5/0xa
[  167.949280][ T6753]  should_failslab+0xc2/0x120
[  167.949327][ T6753]  kmem_cache_alloc_noprof+0x83/0x780
[  167.949383][ T6753]  ? can_rx_register+0x582/0x6f0
[  167.949443][ T6753]  ? can_rx_register+0x582/0x6f0
[  167.949492][ T6753]  can_rx_register+0x582/0x6f0
[  167.949546][ T6753]  ? __pfx_raw_rcv+0x10/0x10
[  167.949582][ T6753]  ? __pfx_can_rx_register+0x10/0x10
[  167.949650][ T6753]  raw_enable_filters+0xe0/0x210
[  167.949694][ T6753]  raw_enable_allfilters+0x8b/0x2b0
[  167.949726][ T6753]  ? __local_bh_enable_ip+0x9e/0x120
[  167.949778][ T6753]  raw_bind+0x1bd/0xdf0
[  167.949809][ T6753]  ? apparmor_socket_bind+0x105/0x1e0
[  167.949869][ T6753]  __sys_bind+0x1a9/0x260
[  167.949919][ T6753]  ? __pfx___sys_bind+0x10/0x10
[  167.949983][ T6753]  ? __sys_setsockopt+0x139/0x190
[  167.950022][ T6753]  __x64_sys_bind+0x72/0xb0
[  167.950066][ T6753]  ? lockdep_hardirqs_on+0x78/0x100
[  167.950111][ T6753]  do_syscall_64+0xc9/0xf80
[  167.950160][ T6753]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.950213][ T6753] RIP: 0033:0x7f364d59af79
[  167.950240][ T6753] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  167.950271][ T6753] RSP: 002b:00007f364e412028 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  167.950302][ T6753] RAX: ffffffffffffffda RBX: 00007f364d815fa0 RCX: 00007f364d59af79
[  167.950323][ T6753] RDX: 000000000000006a RSI: 0000200000000040 RDI: 0000000000000003
[  167.950351][ T6753] RBP: 00007f364d6316e0 R08: 0000000000000000 R09: 0000000000000000
[  167.950371][ T6753] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  167.950391][ T6753] R13: 00007f364d816038 R14: 00007f364d815fa0 R15: 00007ffce40335f8
[  167.950435][ T6753]  </TASK>
[  169.822729][ T6775] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[  169.946898][ T6779] netlink: 186 bytes leftover after parsing attributes in process `syz.1.259'.
[  170.439652][ T6786] netlink: 330 bytes leftover after parsing attributes in process `syz.2.263'.
[  170.529702][ T6786] ›: renamed from bond_slave_0 (while UP)
[  170.579797][ T6786] netlink: 330 bytes leftover after parsing attributes in process `syz.2.263'.
[  170.930711][ T6792] netlink: 25 bytes leftover after parsing attributes in process `syz.2.265'.
[  171.350806][ T5834] Bluetooth: hci3: Unable to find connection for big 0xd2
[  174.313739][ T6818] FAULT_INJECTION: forcing a failure.
[  174.313739][ T6818] name failslab, interval 1, probability 0, space 0, times 0
[  174.349858][ T6818] CPU: 1 UID: 0 PID: 6818 Comm: syz.2.272 Not tainted syzkaller #0 PREEMPT(full) 
[  174.349914][ T6818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  174.349934][ T6818] Call Trace:
[  174.349945][ T6818]  <TASK>
[  174.349958][ T6818]  dump_stack_lvl+0x100/0x190
[  174.350007][ T6818]  should_fail_ex.cold+0x5/0xa
[  174.350066][ T6818]  should_failslab+0xc2/0x120
[  174.350114][ T6818]  ? snd_pcm_plugin_build+0x64/0x650
[  174.350168][ T6818]  __kmalloc_noprof+0xf6/0x9c0
[  174.350199][ T6818]  ? __pfx_snd_pcm_plugin_build_linear+0x10/0x10
[  174.350249][ T6818]  ? snd_pcm_plugin_build+0x64/0x650
[  174.350299][ T6818]  snd_pcm_plugin_build+0x64/0x650
[  174.350357][ T6818]  snd_pcm_plugin_build_io+0x207/0x5f0
[  174.350391][ T6818]  ? __pfx_snd_pcm_plugin_build_io+0x10/0x10
[  174.350426][ T6818]  ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10
[  174.350489][ T6818]  snd_pcm_oss_change_params_locked+0x2eb3/0x39f0
[  174.350562][ T6818]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  174.350612][ T6818]  ? __pfx___mutex_lock+0x10/0x10
[  174.350693][ T6818]  snd_pcm_oss_get_active_substream+0x175/0x1d0
[  174.350750][ T6818]  snd_pcm_oss_ioctl+0x1c08/0x3720
[  174.350804][ T6818]  ? hook_file_ioctl_common+0x146/0x410
[  174.350844][ T6818]  ? __pfx_snd_pcm_oss_ioctl+0x10/0x10
[  174.350910][ T6818]  ? __fget_files+0x21f/0x3d0
[  174.350953][ T6818]  ? __pfx_snd_pcm_oss_ioctl+0x10/0x10
[  174.351005][ T6818]  __x64_sys_ioctl+0x18e/0x210
[  174.351063][ T6818]  do_syscall_64+0xc9/0xf80
[  174.351114][ T6818]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  174.351148][ T6818] RIP: 0033:0x7f364d59af79
[  174.351175][ T6818] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  174.351208][ T6818] RSP: 002b:00007f364e412028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  174.351240][ T6818] RAX: ffffffffffffffda RBX: 00007f364d815fa0 RCX: 00007f364d59af79
[  174.351262][ T6818] RDX: 0000000000000000 RSI: 00000000c0045002 RDI: 0000000000000006
[  174.351282][ T6818] RBP: 00007f364d6316e0 R08: 0000000000000000 R09: 0000000000000000
[  174.351302][ T6818] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  174.351322][ T6818] R13: 00007f364d816038 R14: 00007f364d815fa0 R15: 00007ffce40335f8
[  174.351367][ T6818]  </TASK>
[  174.967571][ T6820] netlink: 342 bytes leftover after parsing attributes in process `syz.1.280'.
[  175.404888][ T6823] usb usb16: usbfs: process 6823 (syz.2.273) did not claim interface 0 before use
[  175.962988][ T6830] FAULT_INJECTION: forcing a failure.
[  175.962988][ T6830] name failslab, interval 1, probability 0, space 0, times 0
[  175.976271][ T6830] CPU: 1 UID: 0 PID: 6830 Comm: syz.2.276 Not tainted syzkaller #0 PREEMPT(full) 
[  175.976317][ T6830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  175.976337][ T6830] Call Trace:
[  175.976349][ T6830]  <TASK>
[  175.976362][ T6830]  dump_stack_lvl+0x100/0x190
[  175.976411][ T6830]  should_fail_ex.cold+0x5/0xa
[  175.976470][ T6830]  should_failslab+0xc2/0x120
[  175.976518][ T6830]  kmem_cache_alloc_lru_noprof+0x8e/0x7d0
[  175.976566][ T6830]  ? alloc_inode+0x183/0x250
[  175.976622][ T6830]  ? alloc_inode+0x183/0x250
[  175.976667][ T6830]  alloc_inode+0x183/0x250
[  175.976725][ T6830]  iget_locked+0x1d9/0x6d0
[  175.976775][ T6830]  ? __pfx_iget_locked+0x10/0x10
[  175.976822][ T6830]  ? kernfs_root+0xee/0x2a0
[  175.976866][ T6830]  ? kernfs_root+0xee/0x2a0
[  175.976920][ T6830]  kernfs_get_inode+0x46/0x470
[  175.976967][ T6830]  kernfs_iop_lookup+0x1a7/0x2d0
[  175.977021][ T6830]  __lookup_slow+0x251/0x460
[  175.977072][ T6830]  ? __pfx___lookup_slow+0x10/0x10
[  175.977143][ T6830]  ? __d_lookup+0x266/0x4a0
[  175.977204][ T6830]  lookup_slow+0x50/0x70
[  175.977254][ T6830]  link_path_walk+0x1377/0x1cc0
[  175.977303][ T6830]  path_openat+0x1be/0x31a0
[  175.977339][ T6830]  ? getname_flags+0x93/0xf0
[  175.977369][ T6830]  ? do_sys_openat2+0xc5/0x220
[  175.977416][ T6830]  ? __x64_sys_openat+0x12d/0x210
[  175.977464][ T6830]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  175.977509][ T6830]  ? __pfx_path_openat+0x10/0x10
[  175.977565][ T6830]  do_filp_open+0x1f7/0x420
[  175.977607][ T6830]  ? __pfx_do_filp_open+0x10/0x10
[  175.977678][ T6830]  ? _raw_spin_unlock+0x28/0x50
[  175.977724][ T6830]  ? alloc_fd+0x476/0x790
[  175.977774][ T6830]  do_sys_openat2+0x12e/0x220
[  175.977825][ T6830]  ? __pfx_do_sys_openat2+0x10/0x10
[  175.977894][ T6830]  __x64_sys_openat+0x12d/0x210
[  175.977946][ T6830]  ? __pfx___x64_sys_openat+0x10/0x10
[  175.977995][ T6830]  ? xfd_validate_state+0x129/0x190
[  175.978043][ T6830]  do_syscall_64+0xc9/0xf80
[  175.978094][ T6830]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  175.978128][ T6830] RIP: 0033:0x7f364d59af79
[  175.978155][ T6830] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  175.978187][ T6830] RSP: 002b:00007f364e412028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  175.978220][ T6830] RAX: ffffffffffffffda RBX: 00007f364d815fa0 RCX: 00007f364d59af79
[  175.978242][ T6830] RDX: 0000000000183841 RSI: 0000200000000280 RDI: ffffffffffffff9c
[  175.978264][ T6830] RBP: 00007f364d6316e0 R08: 0000000000000000 R09: 0000000000000000
[  175.978284][ T6830] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  175.978303][ T6830] R13: 00007f364d816038 R14: 00007f364d815fa0 R15: 00007ffce40335f8
[  175.978349][ T6830]  </TASK>
[  178.122633][ T6857] __vm_enough_memory: pid: 6857, comm: syz.2.284, bytes: 4398046511104 not enough memory for the allocation
[  178.519360][ T6861] netlink: 4 bytes leftover after parsing attributes in process `syz.0.287'.
[  178.567241][ T6861] netlink: 354 bytes leftover after parsing attributes in process `syz.0.287'.
[  178.886543][ T6846] random: crng reseeded on system resumption
[  179.016067][ T5834] Bluetooth: hci0: SCO packet for unknown connection handle 0
[  179.059260][ T6869] netlink: 'syz.2.289': attribute type 1 has an invalid length.
[  179.074704][ T6869] netlink: 306 bytes leftover after parsing attributes in process `syz.2.289'.
[  184.851670][ T6915] netlink: 12 bytes leftover after parsing attributes in process `syz.0.302'.
[  184.918837][ T6915] unsupported nlmsg_type 40
[  185.296707][ T6917] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  185.367186][ T6920] FAULT_INJECTION: forcing a failure.
[  185.367186][ T6920] name failslab, interval 1, probability 0, space 0, times 0
[  185.485314][ T6920] CPU: 1 UID: 0 PID: 6920 Comm: syz.3.303 Not tainted syzkaller #0 PREEMPT(full) 
[  185.485360][ T6920] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  185.485394][ T6920] Call Trace:
[  185.485405][ T6920]  <TASK>
[  185.485419][ T6920]  dump_stack_lvl+0x100/0x190
[  185.485470][ T6920]  should_fail_ex.cold+0x5/0xa
[  185.485530][ T6920]  should_failslab+0xc2/0x120
[  185.485577][ T6920]  ? tomoyo_realpath_from_path+0xb6/0x690
[  185.485621][ T6920]  __kmalloc_noprof+0xf6/0x9c0
[  185.485665][ T6920]  ? kfree+0x2a9/0x690
[  185.485705][ T6920]  ? tomoyo_realpath_from_path+0xb6/0x690
[  185.485749][ T6920]  tomoyo_realpath_from_path+0xb6/0x690
[  185.485805][ T6920]  tomoyo_path_number_perm+0x23c/0x580
[  185.485841][ T6920]  ? tomoyo_path_number_perm+0x22e/0x580
[  185.485882][ T6920]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  185.485949][ T6920]  ? rcu_read_unlock+0x17/0x60
[  185.486036][ T6920]  ? find_held_lock+0x2b/0x80
[  185.486071][ T6920]  ? current_check_access_path+0x27a/0x460
[  185.486117][ T6920]  ? __pfx_current_check_access_path+0x10/0x10
[  185.486163][ T6920]  ? d_alloc_parallel+0x864/0x14e0
[  185.486224][ T6920]  tomoyo_path_mknod+0x164/0x190
[  185.486275][ T6920]  ? __pfx_tomoyo_path_mknod+0x10/0x10
[  185.486324][ T6920]  ? find_held_lock+0x2b/0x80
[  185.486362][ T6920]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  185.486404][ T6920]  security_path_mknod+0x161/0x300
[  185.486453][ T6920]  may_o_create+0x30/0x3a0
[  185.486509][ T6920]  lookup_open.isra.0+0xa0d/0x11b0
[  185.486551][ T6920]  ? __pfx_lookup_open.isra.0+0x10/0x10
[  185.486615][ T6920]  ? __pfx___might_resched+0x10/0x10
[  185.486645][ T6920]  ? mnt_get_write_access+0x52/0x2f0
[  185.486704][ T6920]  ? __pfx_down_write+0x10/0x10
[  185.486755][ T6920]  ? mnt_get_write_access+0x1e9/0x2f0
[  185.486813][ T6920]  path_openat+0x2291/0x31a0
[  185.486867][ T6920]  ? __pfx_path_openat+0x10/0x10
[  185.486933][ T6920]  do_filp_open+0x1f7/0x420
[  185.486977][ T6920]  ? __pfx_do_filp_open+0x10/0x10
[  185.487047][ T6920]  ? _raw_spin_unlock+0x28/0x50
[  185.487085][ T6920]  ? alloc_fd+0x476/0x790
[  185.487135][ T6920]  do_sys_openat2+0x12e/0x220
[  185.487187][ T6920]  ? __pfx_do_sys_openat2+0x10/0x10
[  185.487254][ T6920]  __x64_sys_openat+0x12d/0x210
[  185.487306][ T6920]  ? __pfx___x64_sys_openat+0x10/0x10
[  185.487356][ T6920]  ? xfd_validate_state+0x129/0x190
[  185.487403][ T6920]  do_syscall_64+0xc9/0xf80
[  185.487455][ T6920]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  185.487491][ T6920] RIP: 0033:0x7f1e06d9af79
[  185.487518][ T6920] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  185.487552][ T6920] RSP: 002b:00007f1e07cde028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  185.487585][ T6920] RAX: ffffffffffffffda RBX: 00007f1e07015fa0 RCX: 00007f1e06d9af79
[  185.487607][ T6920] RDX: 0000000000183841 RSI: 0000200000000280 RDI: ffffffffffffff9c
[  185.487629][ T6920] RBP: 00007f1e06e316e0 R08: 0000000000000000 R09: 0000000000000000
[  185.487650][ T6920] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  185.487670][ T6920] R13: 00007f1e07016038 R14: 00007f1e07015fa0 R15: 00007ffc9eb4ca78
[  185.487716][ T6920]  </TASK>
[  186.016980][ T6920] ERROR: Out of memory at tomoyo_realpath_from_path.
[  186.867843][ T6928] netlink: 62 bytes leftover after parsing attributes in process `syz.0.308'.
[  186.910049][ T6928] netlink: 62 bytes leftover after parsing attributes in process `syz.0.308'.
[  186.977121][ T6928] netlink: 62 bytes leftover after parsing attributes in process `syz.0.308'.
[  187.031762][ T6928] netlink: 62 bytes leftover after parsing attributes in process `syz.0.308'.
[  187.255720][ T6928] netlink: 62 bytes leftover after parsing attributes in process `syz.0.308'.
[  187.295585][ T6928] netlink: 62 bytes leftover after parsing attributes in process `syz.0.308'.
[  187.574425][ T6839] delete_channel: no stack
[  188.044012][ T6928] netlink: 62 bytes leftover after parsing attributes in process `syz.0.308'.
[  188.254935][ T6928] netlink: 62 bytes leftover after parsing attributes in process `syz.0.308'.
[  188.285091][ T6928] netlink: 62 bytes leftover after parsing attributes in process `syz.0.308'.
[  189.527203][   T29] audit: type=1326 audit(2147483674.890:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6949 comm="syz.0.314" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f87a2f9af79 code=0x0
[  189.648646][ T6961] FAULT_INJECTION: forcing a failure.
[  189.648646][ T6961] name failslab, interval 1, probability 0, space 0, times 0
[  189.720059][ T6961] CPU: 1 UID: 0 PID: 6961 Comm: syz.2.315 Not tainted syzkaller #0 PREEMPT(full) 
[  189.720107][ T6961] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  189.720128][ T6961] Call Trace:
[  189.720140][ T6961]  <TASK>
[  189.720153][ T6961]  dump_stack_lvl+0x100/0x190
[  189.720205][ T6961]  should_fail_ex.cold+0x5/0xa
[  189.720265][ T6961]  should_failslab+0xc2/0x120
[  189.720313][ T6961]  kmem_cache_alloc_noprof+0x83/0x780
[  189.720358][ T6961]  ? fcntl_setlk+0xaa/0xde0
[  189.720399][ T6961]  ? fcntl_setlk+0xaa/0xde0
[  189.720431][ T6961]  fcntl_setlk+0xaa/0xde0
[  189.720470][ T6961]  ? __pfx_fcntl_setlk+0x10/0x10
[  189.720507][ T6961]  ? find_held_lock+0x2b/0x80
[  189.720542][ T6961]  ? __might_fault+0xc5/0x140
[  189.720577][ T6961]  ? __might_fault+0xc5/0x140
[  189.720644][ T6961]  do_fcntl+0xf39/0x1670
[  189.720695][ T6961]  ? __pfx_do_fcntl+0x10/0x10
[  189.720740][ T6961]  ? __fget_files+0x215/0x3d0
[  189.720790][ T6961]  ? tomoyo_file_fcntl+0x6c/0xc0
[  189.720848][ T6961]  __x64_sys_fcntl+0x163/0x200
[  189.720904][ T6961]  do_syscall_64+0xc9/0xf80
[  189.720957][ T6961]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  189.720992][ T6961] RIP: 0033:0x7f364d59af79
[  189.721019][ T6961] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  189.721051][ T6961] RSP: 002b:00007f364e412028 EFLAGS: 00000246 ORIG_RAX: 0000000000000048
[  189.721084][ T6961] RAX: ffffffffffffffda RBX: 00007f364d815fa0 RCX: 00007f364d59af79
[  189.721106][ T6961] RDX: 0000000000000004 RSI: 0000000000000026 RDI: 0000000000000004
[  189.721126][ T6961] RBP: 00007f364d6316e0 R08: 0000000000000000 R09: 0000000000000000
[  189.721147][ T6961] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  189.721167][ T6961] R13: 00007f364d816038 R14: 00007f364d815fa0 R15: 00007ffce40335f8
[  189.721211][ T6961]  </TASK>
[  189.846667][ T6957] zswap: compressor  not available
[  191.066490][ T6976] __nla_validate_parse: 7 callbacks suppressed
[  191.066517][ T6976] netlink: 4 bytes leftover after parsing attributes in process `syz.1.319'.
[  193.755358][ T7012] netlink: 28 bytes leftover after parsing attributes in process `syz.2.330'.
[  194.538537][ T7023] cougar: G6 mapped to space
[  194.906241][   T29] audit: type=1326 audit(2147483680.270:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7017 comm="syz.2.331" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f364d59af79 code=0x0
[  196.040017][ T7032] netlink: 354 bytes leftover after parsing attributes in process `syz.1.334'.
[  196.563968][ T7043] netlink: 'syz.0.337': attribute type 1 has an invalid length.
[  196.573561][ T7043] netlink: 306 bytes leftover after parsing attributes in process `syz.0.337'.
[  197.186477][ T7057] netlink: 4 bytes leftover after parsing attributes in process `syz.0.343'.
[  197.217503][ T7057] netlink: 25 bytes leftover after parsing attributes in process `syz.0.343'.
[  197.502892][ T7060] netlink: 13 bytes leftover after parsing attributes in process `syz.0.344'.
[  199.009352][ T7072] smc: net device dummy0 applied user defined pnetid DUMMY0
[  199.792263][ T7082] FAULT_INJECTION: forcing a failure.
[  199.792263][ T7082] name failslab, interval 1, probability 0, space 0, times 0
[  199.805707][ T7082] CPU: 0 UID: 0 PID: 7082 Comm: syz.2.350 Not tainted syzkaller #0 PREEMPT(full) 
[  199.805750][ T7082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  199.805777][ T7082] Call Trace:
[  199.805788][ T7082]  <TASK>
[  199.805800][ T7082]  dump_stack_lvl+0x100/0x190
[  199.805849][ T7082]  should_fail_ex.cold+0x5/0xa
[  199.805905][ T7082]  should_failslab+0xc2/0x120
[  199.805952][ T7082]  __kmalloc_cache_noprof+0x80/0x810
[  199.805987][ T7082]  ? tipc_dest_push+0x148/0x310
[  199.806018][ T7082]  ? do_raw_spin_lock+0x128/0x260
[  199.806056][ T7082]  ? tipc_dest_push+0x148/0x310
[  199.806087][ T7082]  tipc_dest_push+0x148/0x310
[  199.806122][ T7082]  tipc_nametbl_lookup_mcast_sockets+0x2b8/0x500
[  199.806171][ T7082]  tipc_sk_mcast_rcv+0x4ec/0xf10
[  199.806228][ T7082]  ? __pfx_tipc_sk_mcast_rcv+0x10/0x10
[  199.806270][ T7082]  ? __pskb_copy_fclone+0x4a7/0xbd0
[  199.806327][ T7082]  ? find_held_lock+0x2b/0x80
[  199.806362][ T7082]  ? tipc_mcast_xmit+0x6d7/0xfc0
[  199.806397][ T7082]  ? tipc_mcast_xmit+0x6d7/0xfc0
[  199.806443][ T7082]  tipc_mcast_xmit+0x713/0xfc0
[  199.806488][ T7082]  ? __pfx_tipc_mcast_xmit+0x10/0x10
[  199.806528][ T7082]  ? skb_put+0x138/0x180
[  199.806580][ T7082]  ? do_raw_spin_lock+0x128/0x260
[  199.806627][ T7082]  ? mark_held_locks+0x40/0x70
[  199.806678][ T7082]  ? tipc_send_group_bcast+0x76b/0xa20
[  199.806708][ T7082]  tipc_send_group_bcast+0x76b/0xa20
[  199.806755][ T7082]  ? __pfx_tipc_send_group_bcast+0x10/0x10
[  199.806804][ T7082]  ? __pfx_woken_wake_function+0x10/0x10
[  199.806841][ T7082]  ? __pfx_css_rstat_updated+0x10/0x10
[  199.806878][ T7082]  ? aa_label_sk_perm+0x194/0x5f0
[  199.806931][ T7082]  ? __lock_acquire+0x4a5/0x2630
[  199.806977][ T7082]  ? place_entity+0x2fa/0x400
[  199.807031][ T7082]  __tipc_sendmsg+0x4a3/0x1a80
[  199.807078][ T7082]  ? __pfx___tipc_sendmsg+0x10/0x10
[  199.807115][ T7082]  ? __lock_acquire+0x4a5/0x2630
[  199.807160][ T7082]  ? __lock_acquire+0x4a5/0x2630
[  199.807240][ T7082]  ? __local_bh_enable_ip+0x9e/0x120
[  199.807291][ T7082]  tipc_sendmsg+0x4f/0x70
[  199.807332][ T7082]  sock_write_iter+0x566/0x610
[  199.807378][ T7082]  ? __pfx_sock_write_iter+0x10/0x10
[  199.807420][ T7082]  ? futex_unqueue+0x133/0x2c0
[  199.807474][ T7082]  ? __futex_wait+0x256/0x300
[  199.807558][ T7082]  do_iter_readv_writev+0x6ee/0x920
[  199.807597][ T7082]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  199.807627][ T7082]  ? common_file_perm+0x1ab/0x4f0
[  199.807670][ T7082]  ? bpf_lsm_file_permission+0x9/0x10
[  199.807714][ T7082]  ? security_file_permission+0x76/0x210
[  199.807755][ T7082]  ? rw_verify_area+0xce/0x6d0
[  199.807799][ T7082]  vfs_writev+0x360/0xe10
[  199.807844][ T7082]  ? __pfx_vfs_writev+0x10/0x10
[  199.807907][ T7082]  ? __fget_files+0x21f/0x3d0
[  199.807954][ T7082]  ? do_writev+0x28a/0x340
[  199.807984][ T7082]  do_writev+0x28a/0x340
[  199.808020][ T7082]  ? __pfx_do_writev+0x10/0x10
[  199.808066][ T7082]  do_syscall_64+0xc9/0xf80
[  199.808117][ T7082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.808151][ T7082] RIP: 0033:0x7f364d59af79
[  199.808179][ T7082] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  199.808211][ T7082] RSP: 002b:00007f364e412028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  199.808244][ T7082] RAX: ffffffffffffffda RBX: 00007f364d815fa0 RCX: 00007f364d59af79
[  199.808267][ T7082] RDX: 0000000000000008 RSI: 0000200000000100 RDI: 0000000000000003
[  199.808287][ T7082] RBP: 00007f364d6316e0 R08: 0000000000000000 R09: 0000000000000000
[  199.808307][ T7082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  199.808327][ T7082] R13: 00007f364d816038 R14: 00007f364d815fa0 R15: 00007ffce40335f8
[  199.808370][ T7082]  </TASK>
[  200.836464][ T7095] netlink: 338 bytes leftover after parsing attributes in process `syz.2.352'.
[  200.873091][ T7088] netlink: 'syz.3.351': attribute type 29 has an invalid length.
[  200.910467][ T7095] netlink: 338 bytes leftover after parsing attributes in process `syz.2.352'.
[  200.956238][ T7088] netlink: 'syz.3.351': attribute type 30 has an invalid length.
[  200.959055][ T7095] netlink: 338 bytes leftover after parsing attributes in process `syz.2.352'.
[  200.964052][ T7088] netlink: 'syz.3.351': attribute type 31 has an invalid length.
[  201.170379][ T7098] netlink: 306 bytes leftover after parsing attributes in process `syz.2.352'.
[  201.345848][ T7088] netlink: 'syz.3.351': attribute type 32 has an invalid length.
[  201.355933][ T7088] netlink: 'syz.3.351': attribute type 33 has an invalid length.
[  201.393092][ T7088] netlink: 'syz.3.351': attribute type 35 has an invalid length.
[  201.443263][ T7088] netlink: 'syz.3.351': attribute type 37 has an invalid length.
[  201.461063][ T7088] netlink: 18 bytes leftover after parsing attributes in process `syz.3.351'.
[  201.601196][ T7095] netlink: 338 bytes leftover after parsing attributes in process `syz.2.352'.
[  201.707276][ T7095] netlink: 338 bytes leftover after parsing attributes in process `syz.2.352'.
[  202.044767][ T7095] netlink: 338 bytes leftover after parsing attributes in process `syz.2.352'.
[  202.058454][ T7104] netlink: 8 bytes leftover after parsing attributes in process `syz.3.353'.
[  202.076885][ T7095] netlink: 338 bytes leftover after parsing attributes in process `syz.2.352'.
[  202.133907][ T7095] netlink: 338 bytes leftover after parsing attributes in process `syz.2.352'.
[  202.456685][ T7108] netlink: 4 bytes leftover after parsing attributes in process `syz.1.355'.
[  202.496817][ T7108] netlink: 354 bytes leftover after parsing attributes in process `syz.1.355'.
[  203.870294][ T7129] sg_write: data in/out 262169/4198358 bytes for SCSI command 0x0-- guessing data in;
[  203.870294][ T7129]    program syz.3.362 not setting count and/or reply_len properly
[  203.947964][ T7129] program syz.3.362 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  204.206975][ T7137] FAULT_INJECTION: forcing a failure.
[  204.206975][ T7137] name failslab, interval 1, probability 0, space 0, times 0
[  204.290577][ T7137] CPU: 1 UID: 0 PID: 7137 Comm: syz.3.365 Not tainted syzkaller #0 PREEMPT(full) 
[  204.290622][ T7137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  204.290643][ T7137] Call Trace:
[  204.290653][ T7137]  <TASK>
[  204.290665][ T7137]  dump_stack_lvl+0x100/0x190
[  204.290715][ T7137]  should_fail_ex.cold+0x5/0xa
[  204.290775][ T7137]  should_failslab+0xc2/0x120
[  204.290822][ T7137]  __kmalloc_cache_noprof+0x80/0x810
[  204.290857][ T7137]  ? drm_atomic_helper_setup_commit+0x56f/0x14f0
[  204.290922][ T7137]  ? drm_atomic_helper_setup_commit+0x56f/0x14f0
[  204.290976][ T7137]  drm_atomic_helper_setup_commit+0x56f/0x14f0
[  204.291047][ T7137]  drm_atomic_helper_commit+0xa9/0x380
[  204.291100][ T7137]  ? __pfx_drm_atomic_helper_commit+0x10/0x10
[  204.291155][ T7137]  drm_atomic_commit+0x230/0x300
[  204.291204][ T7137]  ? __pfx_drm_atomic_commit+0x10/0x10
[  204.291251][ T7137]  ? __pfx___drm_printfn_info+0x10/0x10
[  204.291312][ T7137]  ? drm_client_rotation+0x451/0x6a0
[  204.291400][ T7137]  drm_client_modeset_commit_atomic+0x6a6/0x7e0
[  204.291471][ T7137]  ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10
[  204.291571][ T7137]  drm_client_modeset_commit_locked+0x14d/0x580
[  204.291634][ T7137]  drm_client_modeset_commit+0x4f/0x80
[  204.291690][ T7137]  __drm_fb_helper_restore_fbdev_mode_unlocked.part.0+0x137/0x160
[  204.291751][ T7137]  drm_fb_helper_restore_fbdev_mode_unlocked+0x93/0xc0
[  204.291812][ T7137]  drm_fbdev_client_restore+0x1b/0x30
[  204.291856][ T7137]  ? __pfx_drm_fbdev_client_restore+0x10/0x10
[  204.291902][ T7137]  drm_client_dev_restore+0x205/0x2a0
[  204.291964][ T7137]  drm_release+0x2c6/0x360
[  204.292016][ T7137]  ? __pfx_drm_release+0x10/0x10
[  204.292066][ T7137]  __fput+0x3ff/0xb40
[  204.292121][ T7137]  task_work_run+0x150/0x240
[  204.292155][ T7137]  ? __pfx_task_work_run+0x10/0x10
[  204.292201][ T7137]  exit_to_user_mode_loop+0x100/0x4b0
[  204.292248][ T7137]  ? rcu_is_watching+0x12/0xc0
[  204.292280][ T7137]  do_syscall_64+0x4ea/0xf80
[  204.292343][ T7137]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  204.292377][ T7137] RIP: 0033:0x7f1e06d9af79
[  204.292405][ T7137] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  204.292436][ T7137] RSP: 002b:00007f1e07cde028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  204.292469][ T7137] RAX: 0000000000000000 RBX: 00007f1e07015fa0 RCX: 00007f1e06d9af79
[  204.292490][ T7137] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[  204.292510][ T7137] RBP: 00007f1e06e316e0 R08: 0000000000000000 R09: 0000000000000000
[  204.292530][ T7137] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  204.292549][ T7137] R13: 00007f1e07016038 R14: 00007f1e07015fa0 R15: 00007ffc9eb4ca78
[  204.292594][ T7137]  </TASK>
[  204.759879][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  204.777977][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  205.953358][ T7163] netlink: 'syz.1.373': attribute type 10 has an invalid length.
[  205.962711][ T7163] netlink: 330 bytes leftover after parsing attributes in process `syz.1.373'.
[  206.440863][ T7168] vcan0: tx drop: invalid sa for name 0x00000000000000fd
[  207.427644][ T7180] netlink: 252 bytes leftover after parsing attributes in process `syz.3.379'.
[  207.478688][ T7180] netlink: 252 bytes leftover after parsing attributes in process `syz.3.379'.
[  207.897111][ T7191] vhci_hcd vhci_hcd.2: invalid port number 16
[  207.931536][ T7191] vhci_hcd vhci_hcd.2: invalid port number 16
[  208.916732][ T5834] Bluetooth: Frame is too long (len 54, expected len 4)
[  209.503204][ T7221] FAULT_INJECTION: forcing a failure.
[  209.503204][ T7221] name failslab, interval 1, probability 0, space 0, times 0
[  209.575795][ T7221] CPU: 1 UID: 0 PID: 7221 Comm: syz.1.391 Not tainted syzkaller #0 PREEMPT(full) 
[  209.575838][ T7221] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  209.575858][ T7221] Call Trace:
[  209.575869][ T7221]  <TASK>
[  209.575881][ T7221]  dump_stack_lvl+0x100/0x190
[  209.575938][ T7221]  should_fail_ex.cold+0x5/0xa
[  209.575996][ T7221]  should_failslab+0xc2/0x120
[  209.576041][ T7221]  kmem_cache_alloc_noprof+0x83/0x780
[  209.576084][ T7221]  ? acpi_ut_create_generic_state+0x61/0xc0
[  209.576143][ T7221]  ? acpi_ut_create_generic_state+0x61/0xc0
[  209.576192][ T7221]  acpi_ut_create_generic_state+0x61/0xc0
[  209.576242][ T7221]  acpi_ps_init_scope+0x3a/0x240
[  209.576297][ T7221]  acpi_ds_init_aml_walk+0x1f6/0x680
[  209.576356][ T7221]  acpi_ds_call_control_method+0x3a2/0xab0
[  209.576409][ T7221]  acpi_ps_parse_aml+0xacd/0x1120
[  209.576468][ T7221]  acpi_ps_execute_method+0x5c4/0xe90
[  209.576509][ T7221]  acpi_ns_evaluate+0x640/0x1670
[  209.576555][ T7221]  acpi_evaluate_object+0x420/0xe00
[  209.576602][ T7221]  ? kernfs_fop_read_iter+0x46c/0x610
[  209.576637][ T7221]  ? vfs_read+0x825/0xb30
[  209.576669][ T7221]  ? ksys_read+0x12a/0x250
[  209.576710][ T7221]  ? __pfx_acpi_evaluate_object+0x10/0x10
[  209.576761][ T7221]  ? __pfx___might_resched+0x10/0x10
[  209.576798][ T7221]  acpi_evaluate_integer+0xdf/0x220
[  209.576840][ T7221]  ? __pfx_acpi_evaluate_integer+0x10/0x10
[  209.576907][ T7221]  ? __pfx_status_show+0x10/0x10
[  209.576959][ T7221]  status_show+0xa0/0x120
[  209.577006][ T7221]  ? __pfx_status_show+0x10/0x10
[  209.577063][ T7221]  dev_attr_show+0x52/0xa0
[  209.577096][ T7221]  ? __pfx_dev_attr_show+0x10/0x10
[  209.577125][ T7221]  sysfs_kf_seq_show+0x217/0x3a0
[  209.577174][ T7221]  seq_read_iter+0x32f/0x1270
[  209.577225][ T7221]  kernfs_fop_read_iter+0x46c/0x610
[  209.577263][ T7221]  ? rw_verify_area+0xce/0x6d0
[  209.577294][ T7221]  ? __pfx_kernfs_fop_read_iter+0x10/0x10
[  209.577333][ T7221]  vfs_read+0x825/0xb30
[  209.577374][ T7221]  ? __pfx_vfs_read+0x10/0x10
[  209.577407][ T7221]  ? find_held_lock+0x2b/0x80
[  209.577471][ T7221]  ksys_read+0x12a/0x250
[  209.577508][ T7221]  ? __pfx_ksys_read+0x10/0x10
[  209.577557][ T7221]  do_syscall_64+0xc9/0xf80
[  209.577609][ T7221]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.577643][ T7221] RIP: 0033:0x7fcfec39af79
[  209.577670][ T7221] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  209.577702][ T7221] RSP: 002b:00007fcfed2e5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  209.577733][ T7221] RAX: ffffffffffffffda RBX: 00007fcfec616090 RCX: 00007fcfec39af79
[  209.577755][ T7221] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000005
[  209.577776][ T7221] RBP: 00007fcfec4316e0 R08: 0000000000000000 R09: 0000000000000000
[  209.577797][ T7221] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  209.577816][ T7221] R13: 00007fcfec616128 R14: 00007fcfec616090 R15: 00007ffc11bb79b8
[  209.577863][ T7221]  </TASK>
[  209.578226][ T7221] ACPI Error: Aborting method \_SB.LNKA._STA due to previous error (AE_NO_MEMORY) (20250807/psparse-529)
[  210.167783][ T5834] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260
[  210.167829][ T5834] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260
[  210.182807][ T5834] Bluetooth: hci3: Unknown advertising packet type: 0x7f
[  210.182847][ T5834] Bluetooth: hci3: adv larger than maximum supported
[  210.195736][ T5834] Bluetooth: hci3: adv larger than maximum supported
[  210.202822][ T5834] Bluetooth: hci3: Malformed LE Event: 0x0d
[  210.410968][ T7234] netlink: 86 bytes leftover after parsing attributes in process `syz.3.395'.
[  210.736621][ T7242] netlink: 29 bytes leftover after parsing attributes in process `syz.3.398'.
[  210.845755][ T5834] Bluetooth: hci0: unexpected event 0x02 length: 726 > 260
[  211.623229][ T7260] FAULT_INJECTION: forcing a failure.
[  211.623229][ T7260] name fail_futex, interval 1, probability 0, space 0, times 1
[  211.705796][ T7260] CPU: 1 UID: 0 PID: 7260 Comm: syz.2.405 Not tainted syzkaller #0 PREEMPT(full) 
[  211.705837][ T7260] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  211.705857][ T7260] Call Trace:
[  211.705867][ T7260]  <TASK>
[  211.705878][ T7260]  dump_stack_lvl+0x100/0x190
[  211.705927][ T7260]  should_fail_ex.cold+0x5/0xa
[  211.705996][ T7260]  get_futex_key+0x1d2/0x1620
[  211.706042][ T7260]  ? __pfx_get_futex_key+0x10/0x10
[  211.706079][ T7260]  ? is_bpf_text_address+0x94/0x1a0
[  211.706133][ T7260]  ? kernel_text_address+0x8d/0x100
[  211.706166][ T7260]  ? __kernel_text_address+0xd/0x30
[  211.706198][ T7260]  ? unwind_get_return_address+0x59/0xa0
[  211.706242][ T7260]  ? arch_stack_walk+0xa6/0xf0
[  211.706287][ T7260]  futex_wait_setup+0x81/0x500
[  211.706351][ T7260]  __futex_wait+0x19f/0x300
[  211.706408][ T7260]  ? __pfx___futex_wait+0x10/0x10
[  211.706461][ T7260]  ? check_noncircular+0x97/0x160
[  211.706507][ T7260]  ? __pfx_futex_wake_mark+0x10/0x10
[  211.706587][ T7260]  ? futex_hash+0x2c5/0x380
[  211.706641][ T7260]  futex_wait+0xed/0x380
[  211.706695][ T7260]  ? __pfx_futex_wait+0x10/0x10
[  211.706745][ T7260]  ? release_sock+0x21/0x220
[  211.706791][ T7260]  ? do_raw_spin_lock+0x128/0x260
[  211.706820][ T7260]  ? find_held_lock+0x2b/0x80
[  211.706859][ T7260]  do_futex+0x1ef/0x350
[  211.706904][ T7260]  ? __pfx_do_futex+0x10/0x10
[  211.706958][ T7260]  ? do_fcntl+0x811/0x1670
[  211.707012][ T7260]  __x64_sys_futex+0x34f/0x4d0
[  211.707063][ T7260]  ? __pfx___x64_sys_futex+0x10/0x10
[  211.707109][ T7260]  ? tomoyo_file_fcntl+0xa5/0xc0
[  211.707158][ T7260]  ? fput+0x79/0x100
[  211.707209][ T7260]  do_syscall_64+0xc9/0xf80
[  211.707261][ T7260]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  211.707296][ T7260] RIP: 0033:0x7f364d59af79
[  211.707322][ T7260] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  211.707354][ T7260] RSP: 002b:00007f364e4120e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  211.707386][ T7260] RAX: ffffffffffffffda RBX: 00007f364d815fa8 RCX: 00007f364d59af79
[  211.707408][ T7260] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f364d815fa8
[  211.707428][ T7260] RBP: 00007f364d815fa0 R08: 0000000000000000 R09: 0000000000000000
[  211.707449][ T7260] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  211.707469][ T7260] R13: 00007f364d816038 R14: 00007ffce4033510 R15: 00007ffce40335f8
[  211.707512][ T7260]  </TASK>
[  212.047997][ T7263] netlink: 330 bytes leftover after parsing attributes in process `syz.0.407'.
[  212.472161][ T7272] netlink: 'syz.0.410': attribute type 4 has an invalid length.
[  212.555815][ T7272] netlink: 'syz.0.410': attribute type 5 has an invalid length.
[  212.576197][ T7272] netlink: 10 bytes leftover after parsing attributes in process `syz.0.410'.
[  212.974836][ T7279] netlink: 4 bytes leftover after parsing attributes in process `syz.0.413'.
[  212.985894][ T7279] netlink: 'syz.0.413': attribute type 1 has an invalid length.
[  212.993634][ T7279] netlink: 'syz.0.413': attribute type 6 has an invalid length.
[  213.217134][ T7288] netlink: 'syz.2.414': attribute type 1 has an invalid length.
[  213.248831][ T7287] netlink: 28 bytes leftover after parsing attributes in process `syz.0.417'.
[  213.532525][ T7293] netlink: 25 bytes leftover after parsing attributes in process `syz.3.418'.
[  213.895510][ T7301] netlink: 246 bytes leftover after parsing attributes in process `syz.3.420'.
[  214.215371][ T7305] netlink: 16 bytes leftover after parsing attributes in process `syz.1.422'.
[  214.254810][ T7305] bridge0: entered promiscuous mode
[  214.270428][ T7305] bridge0: entered allmulticast mode
[  214.629297][ T7313] FAULT_INJECTION: forcing a failure.
[  214.629297][ T7313] name failslab, interval 1, probability 0, space 0, times 0
[  214.714859][ T7313] CPU: 1 UID: 0 PID: 7313 Comm: syz.0.425 Not tainted syzkaller #0 PREEMPT(full) 
[  214.714902][ T7313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  214.714922][ T7313] Call Trace:
[  214.714932][ T7313]  <TASK>
[  214.714944][ T7313]  dump_stack_lvl+0x100/0x190
[  214.714994][ T7313]  should_fail_ex.cold+0x5/0xa
[  214.715053][ T7313]  should_failslab+0xc2/0x120
[  214.715103][ T7313]  __kmalloc_cache_noprof+0x80/0x810
[  214.715139][ T7313]  ? alloc_super+0x52/0xd20
[  214.715178][ T7313]  ? alloc_super+0x52/0xd20
[  214.715208][ T7313]  alloc_super+0x52/0xd20
[  214.715245][ T7313]  ? __pfx_mqueue_fill_super+0x10/0x10
[  214.715295][ T7313]  sget_fc+0x117/0xc70
[  214.715328][ T7313]  ? __pfx_set_anon_super_fc+0x10/0x10
[  214.715384][ T7313]  ? __pfx_mqueue_fill_super+0x10/0x10
[  214.715434][ T7313]  get_tree_nodev+0x28/0x190
[  214.715471][ T7313]  mqueue_get_tree+0xf1/0x130
[  214.715532][ T7313]  vfs_get_tree+0x92/0x320
[  214.715586][ T7313]  fc_mount_longterm+0x1a/0x270
[  214.715649][ T7313]  mq_init_ns+0x482/0x820
[  214.715685][ T7313]  copy_ipcs+0x3dd/0x7e0
[  214.715722][ T7313]  create_new_namespaces+0x20a/0xac0
[  214.715764][ T7313]  ? security_capable+0x80/0x260
[  214.715820][ T7313]  unshare_nsproxy_namespaces+0xc3/0x1f0
[  214.715865][ T7313]  ksys_unshare+0x455/0xab0
[  214.715918][ T7313]  ? __pfx_ksys_unshare+0x10/0x10
[  214.715970][ T7313]  ? xfd_validate_state+0x129/0x190
[  214.716015][ T7313]  __x64_sys_unshare+0x31/0x40
[  214.716065][ T7313]  do_syscall_64+0xc9/0xf80
[  214.716118][ T7313]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.716152][ T7313] RIP: 0033:0x7f87a2f9af79
[  214.716180][ T7313] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  214.716213][ T7313] RSP: 002b:00007f87a3dd4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  214.716245][ T7313] RAX: ffffffffffffffda RBX: 00007f87a3215fa0 RCX: 00007f87a2f9af79
[  214.716268][ T7313] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000006c000000
[  214.716288][ T7313] RBP: 00007f87a30316e0 R08: 0000000000000000 R09: 0000000000000000
[  214.716309][ T7313] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  214.716329][ T7313] R13: 00007f87a3216038 R14: 00007f87a3215fa0 R15: 00007ffcb4dd8a18
[  214.716373][ T7313]  </TASK>
[  215.111654][ T7319] netlink: 9 bytes leftover after parsing attributes in process `syz.2.427'.
[  215.917676][ T7333] FAULT_INJECTION: forcing a failure.
[  215.917676][ T7333] name failslab, interval 1, probability 0, space 0, times 0
[  215.955799][ T7333] CPU: 0 UID: 0 PID: 7333 Comm: syz.3.434 Not tainted syzkaller #0 PREEMPT(full) 
[  215.955849][ T7333] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  215.955869][ T7333] Call Trace:
[  215.955881][ T7333]  <TASK>
[  215.955895][ T7333]  dump_stack_lvl+0x100/0x190
[  215.955947][ T7333]  should_fail_ex.cold+0x5/0xa
[  215.956007][ T7333]  should_failslab+0xc2/0x120
[  215.956056][ T7333]  __kmalloc_node_noprof+0xfb/0x9e0
[  215.956098][ T7333]  ? __get_vm_area_node+0x1dc/0x330
[  215.956145][ T7333]  ? __get_vm_area_node+0x208/0x330
[  215.956193][ T7333]  ? __vmalloc_node_range_noprof+0x3dc/0x1530
[  215.956256][ T7333]  ? __vmalloc_node_range_noprof+0x3dc/0x1530
[  215.956310][ T7333]  __vmalloc_node_range_noprof+0x3dc/0x1530
[  215.956376][ T7333]  ? zcomp_cpu_up_prepare+0x16a/0x360
[  215.956453][ T7333]  ? find_held_lock+0x2b/0x80
[  215.956490][ T7333]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  215.956558][ T7333]  ? lruvec_stat_mod_folio+0x239/0x390
[  215.956601][ T7333]  ? zcomp_cpu_up_prepare+0x16a/0x360
[  215.956636][ T7333]  __vmalloc_node_noprof+0xad/0xf0
[  215.956690][ T7333]  ? zcomp_cpu_up_prepare+0x16a/0x360
[  215.956731][ T7333]  zcomp_cpu_up_prepare+0x16a/0x360
[  215.956766][ T7333]  ? trace_cpuhp_multi_enter+0x7f/0x1d0
[  215.956812][ T7333]  ? __pfx_zcomp_cpu_up_prepare+0x10/0x10
[  215.956846][ T7333]  cpuhp_invoke_callback+0x202/0x9a0
[  215.956902][ T7333]  cpuhp_issue_call+0x1b8/0x970
[  215.956958][ T7333]  __cpuhp_state_add_instance_cpuslocked+0x2d7/0x400
[  215.957021][ T7333]  __cpuhp_state_add_instance+0xd7/0x2e0
[  215.957075][ T7333]  zcomp_create+0x33d/0x5f0
[  215.957115][ T7333]  disksize_store+0x2a7/0x510
[  215.957162][ T7333]  ? __pfx_disksize_store+0x10/0x10
[  215.957199][ T7333]  dev_attr_store+0x58/0x80
[  215.957253][ T7333]  ? __pfx_dev_attr_store+0x10/0x10
[  215.957306][ T7333]  sysfs_kf_write+0xf2/0x150
[  215.957350][ T7333]  kernfs_fop_write_iter+0x3e0/0x5f0
[  215.957383][ T7333]  ? __pfx_sysfs_kf_write+0x10/0x10
[  215.957436][ T7333]  vfs_write+0x6ac/0x1070
[  215.957475][ T7333]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  215.957514][ T7333]  ? __pfx_vfs_write+0x10/0x10
[  215.957547][ T7333]  ? find_held_lock+0x2b/0x80
[  215.957611][ T7333]  ksys_write+0x12a/0x250
[  215.957648][ T7333]  ? __pfx_ksys_write+0x10/0x10
[  215.957699][ T7333]  do_syscall_64+0xc9/0xf80
[  215.957754][ T7333]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  215.957789][ T7333] RIP: 0033:0x7f1e06d9af79
[  215.957815][ T7333] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  215.957847][ T7333] RSP: 002b:00007f1e07cde028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  215.957879][ T7333] RAX: ffffffffffffffda RBX: 00007f1e07015fa0 RCX: 00007f1e06d9af79
[  215.957902][ T7333] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003
[  215.957922][ T7333] RBP: 00007f1e06e316e0 R08: 0000000000000000 R09: 0000000000000000
[  215.957943][ T7333] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  215.957963][ T7333] R13: 00007f1e07016038 R14: 00007f1e07015fa0 R15: 00007ffc9eb4ca78
[  215.958009][ T7333]  </TASK>
[  215.958269][ T7333] syz.3.434: vmalloc error: size 8192, failed to allocated page array size 16, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  216.296428][ T7333] CPU: 0 UID: 0 PID: 7333 Comm: syz.3.434 Not tainted syzkaller #0 PREEMPT(full) 
[  216.296470][ T7333] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  216.296491][ T7333] Call Trace:
[  216.296503][ T7333]  <TASK>
[  216.296515][ T7333]  dump_stack_lvl+0x100/0x190
[  216.296566][ T7333]  warn_alloc.cold+0x95/0x1c1
[  216.296627][ T7333]  ? __pfx_warn_alloc+0x10/0x10
[  216.296662][ T7333]  ? dump_stack_lvl+0x17c/0x190
[  216.296713][ T7333]  ? rcu_is_watching+0x12/0xc0
[  216.296746][ T7333]  ? trace_kmalloc+0x83/0xb0
[  216.296789][ T7333]  ? __kmalloc_node_noprof+0x375/0x9e0
[  216.296832][ T7333]  ? __get_vm_area_node+0x1dc/0x330
[  216.296883][ T7333]  ? __get_vm_area_node+0x208/0x330
[  216.296933][ T7333]  ? __vmalloc_node_range_noprof+0x3dc/0x1530
[  216.296997][ T7333]  __vmalloc_node_range_noprof+0x1275/0x1530
[  216.297065][ T7333]  ? zcomp_cpu_up_prepare+0x16a/0x360
[  216.297111][ T7333]  ? find_held_lock+0x2b/0x80
[  216.297150][ T7333]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  216.297218][ T7333]  ? lruvec_stat_mod_folio+0x239/0x390
[  216.297262][ T7333]  ? zcomp_cpu_up_prepare+0x16a/0x360
[  216.297293][ T7333]  __vmalloc_node_noprof+0xad/0xf0
[  216.297348][ T7333]  ? zcomp_cpu_up_prepare+0x16a/0x360
[  216.297390][ T7333]  zcomp_cpu_up_prepare+0x16a/0x360
[  216.297444][ T7333]  ? trace_cpuhp_multi_enter+0x7f/0x1d0
[  216.297492][ T7333]  ? __pfx_zcomp_cpu_up_prepare+0x10/0x10
[  216.297525][ T7333]  cpuhp_invoke_callback+0x202/0x9a0
[  216.297581][ T7333]  cpuhp_issue_call+0x1b8/0x970
[  216.297637][ T7333]  __cpuhp_state_add_instance_cpuslocked+0x2d7/0x400
[  216.297699][ T7333]  __cpuhp_state_add_instance+0xd7/0x2e0
[  216.297751][ T7333]  zcomp_create+0x33d/0x5f0
[  216.297791][ T7333]  disksize_store+0x2a7/0x510
[  216.297838][ T7333]  ? __pfx_disksize_store+0x10/0x10
[  216.297877][ T7333]  dev_attr_store+0x58/0x80
[  216.297929][ T7333]  ? __pfx_dev_attr_store+0x10/0x10
[  216.297981][ T7333]  sysfs_kf_write+0xf2/0x150
[  216.298026][ T7333]  kernfs_fop_write_iter+0x3e0/0x5f0
[  216.298058][ T7333]  ? __pfx_sysfs_kf_write+0x10/0x10
[  216.298104][ T7333]  vfs_write+0x6ac/0x1070
[  216.298143][ T7333]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  216.298182][ T7333]  ? __pfx_vfs_write+0x10/0x10
[  216.298216][ T7333]  ? find_held_lock+0x2b/0x80
[  216.298281][ T7333]  ksys_write+0x12a/0x250
[  216.298318][ T7333]  ? __pfx_ksys_write+0x10/0x10
[  216.298368][ T7333]  do_syscall_64+0xc9/0xf80
[  216.298427][ T7333]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  216.298462][ T7333] RIP: 0033:0x7f1e06d9af79
[  216.298488][ T7333] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  216.298519][ T7333] RSP: 002b:00007f1e07cde028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  216.298551][ T7333] RAX: ffffffffffffffda RBX: 00007f1e07015fa0 RCX: 00007f1e06d9af79
[  216.298573][ T7333] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003
[  216.298593][ T7333] RBP: 00007f1e06e316e0 R08: 0000000000000000 R09: 0000000000000000
[  216.298613][ T7333] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  216.298633][ T7333] R13: 00007f1e07016038 R14: 00007f1e07015fa0 R15: 00007ffc9eb4ca78
[  216.298679][ T7333]  </TASK>
[  216.298784][ T7333] Mem-Info:
[  216.647458][ T7333] active_anon:6802 inactive_anon:0 isolated_anon:182
[  216.647458][ T7333]  active_file:20139 inactive_file:47625 isolated_file:0
[  216.647458][ T7333]  unevictable:768 dirty:512 writeback:0
[  216.647458][ T7333]  slab_reclaimable:11698 slab_unreclaimable:91390
[  216.647458][ T7333]  mapped:25436 shmem:1542 pagetables:1125
[  216.647458][ T7333]  sec_pagetables:0 bounce:0
[  216.647458][ T7333]  kernel_misc_reclaimable:0
[  216.647458][ T7333]  free:1318304 free_pcp:10538 free_cma:0
[  216.745771][ T7333] Node 0 active_anon:26132kB inactive_anon:0kB active_file:80556kB inactive_file:190296kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:101772kB dirty:1944kB writeback:200kB shmem:4632kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11460kB pagetables:4360kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  216.831723][ T7333] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:32kB pagetables:140kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  217.025740][ T7333] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  217.079857][ T7333] lowmem_reserve[]: 0 2477 2478 2478 2478
[  217.121642][ T7333] Node 0 DMA32 free:1351608kB boost:0kB min:34304kB low:42880kB high:51456kB reserved_highatomic:0KB free_highatomic:0KB active_anon:32832kB inactive_anon:0kB active_file:80556kB inactive_file:190296kB unevictable:1536kB writepending:1936kB zspages:0kB present:3129332kB managed:2537308kB mlocked:0kB bounce:0kB free_pcp:35268kB local_pcp:19608kB free_cma:0kB
[  217.156169][ T7333] lowmem_reserve[]: 0 0 1 1 1
[  217.161090][ T7333] Node 0 Normal free:0kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1132kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  217.193745][ T7333] lowmem_reserve[]: 0 0 0 0 0
[  217.201269][ T7333] Node 1 Normal free:3902272kB boost:0kB min:55580kB low:69472kB high:83364kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:4248kB local_pcp:152kB free_cma:0kB
[  217.288470][ T7333] lowmem_reserve[]: 0 0 0 0 0
[  217.293324][ T7333] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  217.308612][ T7333] Node 0 DMA32: 2484*4kB (UM) 2357*8kB (UM) 1280*16kB (UME) 984*32kB (UME) 747*64kB (UME) 491*128kB (UME) 210*256kB (UM) 71*512kB (UM) 23*1024kB (UME) 15*2048kB (UME) 248*4096kB (UM) = 1351608kB
[  217.355991][ T7333] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  217.386859][ T7333] Node 1 Normal: 176*4kB (UME) 50*8kB (UM) 41*16kB (UME) 207*32kB (UME) 92*64kB (UME) 33*128kB (UME) 15*256kB (UM) 6*512kB (UM) 2*1024kB (ME) 2*2048kB (UE) 945*4096kB (UM) = 3902272kB
[  217.435789][ T7333] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  217.454484][ T5834] Bluetooth: hci1: ACL packet for unknown connection handle 0
[  217.475844][ T7333] Node 0 hugepages_total=1 hugepages_free=1 hugepages_surp=1 hugepages_size=2048kB
[  217.488560][ T7333] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  217.515721][ T7333] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  217.531209][ T7333] 69202 total pagecache pages
[  217.558288][ T7333] 27 pages in swap cache
[  217.577327][ T7333] Free swap  = 124888kB
[  217.590829][ T7333] Total swap = 124996kB
[  217.595235][ T7333] 2097051 pages RAM
[  217.601854][ T7333] 0 pages HighMem/MovableOnly
[  217.607892][ T7333] 430826 pages reserved
[  217.612198][ T7333] 0 pages cma reserved
[  217.618334][ T7333] Can't allocate a compression stream
[  217.625081][ T7333] zram: Cannot initialise lzo compressing backend
[  219.410147][ T7379] vcan0: tx drop: invalid sa for name 0x00000000000000fd
[  219.516379][ T5834] Bluetooth: hci0: ACL packet for unknown connection handle 0
[  219.756705][ T7390] netlink: 86 bytes leftover after parsing attributes in process `syz.0.451'.
[  220.236862][ T7394] netlink: 16 bytes leftover after parsing attributes in process `syz.3.452'.
[  220.259484][ T7394] netlink: 12 bytes leftover after parsing attributes in process `syz.3.452'.
[  220.353111][ T7394] i: entered promiscuous mode
[  220.358125][ T7399] netlink: 'syz.0.454': attribute type 1 has an invalid length.
[  220.547177][ T7398] HfR: entered promiscuous mode
[  221.358108][ T7420] netlink: 186 bytes leftover after parsing attributes in process `syz.1.458'.
[  221.504335][ T7409] netlink: 350 bytes leftover after parsing attributes in process `syz.3.456'.
[  221.528946][ T7417] can: request_module (can-proto-5) failed.
[  222.110816][ T7424] vcan0: tx drop: invalid sa for name 0x00000000000000fd
[  223.676293][ T7459] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  223.771596][ T7459] netlink: 25 bytes leftover after parsing attributes in process `syz.2.469'.
[  224.164308][ T7465] FAULT_INJECTION: forcing a failure.
[  224.164308][ T7465] name failslab, interval 1, probability 0, space 0, times 0
[  224.178393][ T7465] CPU: 0 UID: 0 PID: 7465 Comm: syz.2.471 Not tainted syzkaller #0 PREEMPT(full) 
[  224.178438][ T7465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  224.178459][ T7465] Call Trace:
[  224.178470][ T7465]  <TASK>
[  224.178484][ T7465]  dump_stack_lvl+0x100/0x190
[  224.178534][ T7465]  should_fail_ex.cold+0x5/0xa
[  224.178593][ T7465]  should_failslab+0xc2/0x120
[  224.178639][ T7465]  ? usb_hcd_submit_urb+0x601/0x2150
[  224.178691][ T7465]  __kmalloc_noprof+0xf6/0x9c0
[  224.178738][ T7465]  ? usb_hcd_submit_urb+0x601/0x2150
[  224.178775][ T7465]  usb_hcd_submit_urb+0x601/0x2150
[  224.178827][ T7465]  usb_submit_urb+0x8aa/0x1910
[  224.178878][ T7465]  ? __init_swait_queue_head+0xca/0x150
[  224.178916][ T7465]  usb_start_wait_urb+0x106/0x4c0
[  224.178967][ T7465]  ? __pfx_usb_start_wait_urb+0x10/0x10
[  224.179026][ T7465]  ? __asan_memset+0x23/0x50
[  224.179065][ T7465]  usb_control_msg+0x326/0x4a0
[  224.179112][ T7465]  ? __pfx_usb_control_msg+0x10/0x10
[  224.179172][ T7465]  hub_ext_port_status+0x152/0x600
[  224.179229][ T7465]  hub_activate+0x6d8/0x1d50
[  224.179276][ T7465]  ? trace_contention_end+0xd6/0x110
[  224.179337][ T7465]  ? __pfx_hub_activate+0x10/0x10
[  224.179380][ T7465]  ? find_held_lock+0x2b/0x80
[  224.179415][ T7465]  ? usb_generic_driver_resume+0x70/0xa0
[  224.179460][ T7465]  ? usb_generic_driver_resume+0x70/0xa0
[  224.179516][ T7465]  hub_resume+0xb0/0x400
[  224.179562][ T7465]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  224.179612][ T7465]  ? __pfx_hub_resume+0x10/0x10
[  224.179685][ T7465]  ? __pfx_hcd_bus_resume+0x10/0x10
[  224.179733][ T7465]  usb_resume_interface.isra.0+0x2ce/0x3d0
[  224.179772][ T7465]  usb_resume_both+0x237/0x9a0
[  224.179808][ T7465]  ? __pfx_usb_resume_both+0x10/0x10
[  224.179842][ T7465]  ? mark_held_locks+0x40/0x70
[  224.179889][ T7465]  ? __pfx_usb_runtime_resume+0x10/0x10
[  224.179926][ T7465]  __rpm_callback+0xc8/0x620
[  224.179968][ T7465]  ? read_tsc+0x9/0x20
[  224.180008][ T7465]  ? ktime_get_mono_fast_ns+0x1be/0x3c0
[  224.180049][ T7465]  ? __pfx_usb_runtime_resume+0x10/0x10
[  224.180089][ T7465]  rpm_callback+0x16a/0x1b0
[  224.180132][ T7465]  ? __pfx_usb_runtime_resume+0x10/0x10
[  224.180168][ T7465]  rpm_resume+0xcec/0x12f0
[  224.180214][ T7465]  ? __pfx_rpm_resume+0x10/0x10
[  224.180253][ T7465]  ? do_raw_spin_lock+0x128/0x260
[  224.180279][ T7465]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  224.180315][ T7465]  rpm_resume+0x721/0x12f0
[  224.180361][ T7465]  ? __pfx_rpm_resume+0x10/0x10
[  224.180396][ T7465]  ? do_raw_spin_lock+0x128/0x260
[  224.180422][ T7465]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  224.180461][ T7465]  __pm_runtime_resume+0xb6/0x170
[  224.180503][ T7465]  usb_autopm_get_interface+0x20/0xe0
[  224.180534][ T7465]  disable_store+0x1ca/0x450
[  224.180581][ T7465]  ? __pfx_disable_store+0x10/0x10
[  224.180623][ T7465]  ? find_held_lock+0x2b/0x80
[  224.180652][ T7465]  ? sysfs_file_kobj+0xe4/0x290
[  224.180708][ T7465]  ? sysfs_file_kobj+0xe4/0x290
[  224.180744][ T7465]  ? __pfx_disable_store+0x10/0x10
[  224.180786][ T7465]  dev_attr_store+0x58/0x80
[  224.180832][ T7465]  ? __pfx_dev_attr_store+0x10/0x10
[  224.180875][ T7465]  sysfs_kf_write+0xf2/0x150
[  224.180911][ T7465]  kernfs_fop_write_iter+0x3e0/0x5f0
[  224.180940][ T7465]  ? __pfx_sysfs_kf_write+0x10/0x10
[  224.180976][ T7465]  vfs_write+0x6ac/0x1070
[  224.181008][ T7465]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  224.181040][ T7465]  ? __pfx_vfs_write+0x10/0x10
[  224.181068][ T7465]  ? find_held_lock+0x2b/0x80
[  224.181121][ T7465]  ksys_write+0x12a/0x250
[  224.181153][ T7465]  ? __pfx_ksys_write+0x10/0x10
[  224.181203][ T7465]  do_syscall_64+0xc9/0xf80
[  224.181252][ T7465]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.181282][ T7465] RIP: 0033:0x7f364d59af79
[  224.181305][ T7465] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  224.181332][ T7465] RSP: 002b:00007f364e412028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  224.181361][ T7465] RAX: ffffffffffffffda RBX: 00007f364d815fa0 RCX: 00007f364d59af79
[  224.181379][ T7465] RDX: 00000000000005c8 RSI: 0000000000000000 RDI: 0000000000000003
[  224.181396][ T7465] RBP: 00007f364d6316e0 R08: 0000000000000000 R09: 0000000000000000
[  224.181413][ T7465] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  224.181431][ T7465] R13: 00007f364d816038 R14: 00007f364d815fa0 R15: 00007ffce40335f8
[  224.181470][ T7465]  </TASK>
[  224.184397][ T7465] hub 2-0:1.0: hub_ext_port_status failed (err = -12)
[  225.775727][   T29] audit: type=1800 audit(2147483711.136:4): pid=7477 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.476" name="features" dev="configfs" ino=39537 res=0 errno=0
[  226.815600][ T7496] netlink: 28 bytes leftover after parsing attributes in process `syz.3.480'.
[  226.841302][ T7496] veth1_macvtap: entered allmulticast mode
[  227.268479][ T5842] Bluetooth: hci0: command 0x0406 tx timeout
[  227.269653][ T5840] Bluetooth: hci1: command 0x0406 tx timeout
[  227.276575][ T5842] Bluetooth: hci2: command 0x0406 tx timeout
[  227.282122][ T5840] Bluetooth: hci3: command 0x0406 tx timeout
[  228.162287][ T7515] netlink: 354 bytes leftover after parsing attributes in process `syz.2.487'.
[  228.862918][ T7519] netlink: 350 bytes leftover after parsing attributes in process `syz.0.496'.
[  229.579524][ T7531] netlink: 25 bytes leftover after parsing attributes in process `syz.1.491'.
[  229.614774][ T7533] netlink: 'syz.3.490': attribute type 1 has an invalid length.
[  229.874746][ T7536] netlink: 330 bytes leftover after parsing attributes in process `syz.2.492'.
[  230.139122][ T7547] Dead loop on virtual device ip6_vti0, fix it urgently!
[  230.177236][ T7547] Dead loop on virtual device ip6_vti0, fix it urgently!
[  230.184918][ T7547] Dead loop on virtual device ip6_vti0, fix it urgently!
[  230.233808][ T7547] Dead loop on virtual device ip6_vti0, fix it urgently!
[  230.346506][ T7547] Dead loop on virtual device ip6_vti0, fix it urgently!
[  230.354595][ T7547] Dead loop on virtual device ip6_vti0, fix it urgently!
[  230.400929][ T7550] futex_wake_op: syz.0.494 tries to shift op by -2048; fix this program
[  230.410658][ T7550] futex_wake_op: syz.0.494 tries to shift op by -2048; fix this program
[  231.397255][ T7568] netlink: 'syz.1.503': attribute type 4 has an invalid length.
[  231.405408][ T7568] netlink: 'syz.1.503': attribute type 5 has an invalid length.
[  231.413356][ T7568] netlink: 10 bytes leftover after parsing attributes in process `syz.1.503'.
[  232.358367][ T7584] snd_virmidi snd_virmidi.0: control 5:9:1:IAªƒ>/Æ[k<÷ÎÇmgx­Ž¬<Ú5ºœ+-Cî°ÜYÈÝ5:0 is already present
[  234.742902][ T7615] netlink: 'syz.1.513': attribute type 33 has an invalid length.
[  234.816044][ T7615] netlink: 322 bytes leftover after parsing attributes in process `syz.1.513'.
[  236.249806][ T7627] could not allocate digest TFM handle 
[  237.330138][ T7652] netlink: 28 bytes leftover after parsing attributes in process `syz.0.522'.
[  238.165908][ T7662] HfR: entered promiscuous mode
[  238.896250][ T7672] netlink: 98 bytes leftover after parsing attributes in process `syz.0.528'.
[  239.638384][ T7686] netlink: 'syz.3.532': attribute type 1 has an invalid length.
[  239.696700][ T7686] netlink: 9 bytes leftover after parsing attributes in process `syz.3.532'.
[  240.265436][ T7691] netlink: 9 bytes leftover after parsing attributes in process `syz.3.534'.
[  244.495115][ T7740] hub 1-0:1.0: USB hub found
[  244.526117][ T7740] hub 1-0:1.0: 1 port detected
[  245.079780][ T7749] netlink: 4 bytes leftover after parsing attributes in process `syz.2.548'.
[  246.821069][ T7772] netlink: 338 bytes leftover after parsing attributes in process `syz.1.555'.
[  247.892262][ T7783] hub 1-0:1.0: USB hub found
[  247.908407][ T7783] hub 1-0:1.0: 1 port detected
[  248.998873][ T7799] netlink: 25 bytes leftover after parsing attributes in process `syz.3.562'.
[  252.149447][ T7834] hub 1-0:1.0: USB hub found
[  252.185234][ T7834] hub 1-0:1.0: 1 port detected
[  253.862286][ T7858] netlink: 186 bytes leftover after parsing attributes in process `syz.0.577'.
[  258.550552][ T5141] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260
[  258.550586][ T5141] Bluetooth: hci3: unexpected subevent 0x03 length: 725 > 9
[  258.966910][ T7916] FAULT_INJECTION: forcing a failure.
[  258.966910][ T7916] name failslab, interval 1, probability 0, space 0, times 0
[  258.980654][ T7916] CPU: 0 UID: 0 PID: 7916 Comm: syz.0.591 Not tainted syzkaller #0 PREEMPT(full) 
[  258.980687][ T7916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  258.980706][ T7916] Call Trace:
[  258.980716][ T7916]  <TASK>
[  258.980726][ T7916]  dump_stack_lvl+0x100/0x190
[  258.980763][ T7916]  should_fail_ex.cold+0x5/0xa
[  258.980806][ T7916]  should_failslab+0xc2/0x120
[  258.980848][ T7916]  kmem_cache_alloc_noprof+0x83/0x780
[  258.980882][ T7916]  ? getname_flags.part.0+0x4c/0x540
[  258.980924][ T7916]  ? getname_flags.part.0+0x4c/0x540
[  258.980959][ T7916]  getname_flags.part.0+0x4c/0x540
[  258.980999][ T7916]  getname_flags+0x93/0xf0
[  258.981023][ T7916]  do_sys_openat2+0xc5/0x220
[  258.981061][ T7916]  ? __pfx_do_sys_openat2+0x10/0x10
[  258.981100][ T7916]  ? __pfx_sched_core_share_pid+0x10/0x10
[  258.981137][ T7916]  __x64_sys_openat+0x12d/0x210
[  258.981176][ T7916]  ? __pfx___x64_sys_openat+0x10/0x10
[  258.981212][ T7916]  ? xfd_validate_state+0x129/0x190
[  258.981246][ T7916]  do_syscall_64+0xc9/0xf80
[  258.981284][ T7916]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  258.981310][ T7916] RIP: 0033:0x7f87a2f9af79
[  258.981329][ T7916] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  258.981352][ T7916] RSP: 002b:00007f87a3db3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  258.981379][ T7916] RAX: ffffffffffffffda RBX: 00007f87a3216090 RCX: 00007f87a2f9af79
[  258.981395][ T7916] RDX: 0000000000002000 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  258.981411][ T7916] RBP: 00007f87a30316e0 R08: 0000000000000000 R09: 0000000000000000
[  258.981425][ T7916] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  258.981440][ T7916] R13: 00007f87a3216128 R14: 00007f87a3216090 R15: 00007ffcb4dd8a18
[  258.981471][ T7916]  </TASK>
[  259.758592][ T7922] netlink: 28 bytes leftover after parsing attributes in process `syz.2.601'.
[  259.804144][ T7922] veth1_macvtap: left promiscuous mode
[  263.092118][ T7967] netlink: 12 bytes leftover after parsing attributes in process `syz.3.604'.
[  263.149180][ T7967] openvswitch: HfR: Dropping previously announced user features
[  265.747579][ T8005] openvswitch: netlink: IP tunnel TTL not specified.
[  266.156486][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  266.189455][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  266.549545][   T29] audit: type=1800 audit(2147483751.916:5): pid=8010 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.614" name="dbroot" dev="configfs" ino=51866 res=0 errno=0
[  266.885372][ T8015] syz.1.614 (8015): attempted to duplicate a private mapping with mremap.  This is not supported.
[  269.021583][ T8024] netlink: 4 bytes leftover after parsing attributes in process `syz.0.619'.
[  269.032684][ T8024] netlink: 25 bytes leftover after parsing attributes in process `syz.0.619'.
[  272.107305][ T8055] netlink: 9 bytes leftover after parsing attributes in process `syz.0.626'.
[  273.137807][ T8057] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  273.218717][ T8057] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  273.477317][ T8057] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  273.527356][ T8057] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  273.585517][ T8057] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  273.688627][ T8057] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  273.695970][ T8057] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  273.784531][ T8057] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  273.823488][ T8057] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  275.186042][ T5141] Bluetooth: hci1: command 0x0406 tx timeout
[  275.517387][ T5141] Bluetooth: hci2: command 0x0406 tx timeout
[  275.746192][ T5141] Bluetooth: hci3: command 0x0406 tx timeout
[  275.826058][   T51] Bluetooth: hci0: command 0x0406 tx timeout
[  277.265752][   T51] Bluetooth: hci1: command 0x0406 tx timeout
[  277.586503][   T51] Bluetooth: hci2: command 0x0406 tx timeout
[  277.825901][   T51] Bluetooth: hci3: command 0x0406 tx timeout
[  277.910336][   T51] Bluetooth: hci0: command 0x0406 tx timeout
[  279.671336][   T51] Bluetooth: hci2: command 0x0406 tx timeout
[  280.607128][ T8121] =======================================================
[  280.607128][ T8121] WARNING: The mand mount option has been deprecated and
[  280.607128][ T8121]          and is ignored by this kernel. Remove the mand
[  280.607128][ T8121]          option from the mount to silence this warning.
[  280.607128][ T8121] =======================================================
[  286.336034][ T8171] syz.2.660 (8171) used greatest stack depth: 17752 bytes left
[  289.069198][ T8212] netlink: 4 bytes leftover after parsing attributes in process `syz.2.668'.
[  289.114750][ T8212] netlink: 354 bytes leftover after parsing attributes in process `syz.2.668'.
[  293.614857][ T8235] netlink: 2468 bytes leftover after parsing attributes in process `syz.3.676'.
[  294.708602][ T8247] netlink: 13 bytes leftover after parsing attributes in process `syz.3.678'.
[  296.578429][ T8266] tipc: Can't bind to reserved service type 0
[  300.537203][ T8292] netlink: 504 bytes leftover after parsing attributes in process `syz.0.689'.
[  300.640508][ T8299] netlink: 350 bytes leftover after parsing attributes in process `syz.0.689'.
[  304.891492][ T8360] vcan0: tx drop: invalid sa for name 0x00000000000000fd
[  305.263933][ T8358] netlink: 186 bytes leftover after parsing attributes in process `syz.0.707'.
[  308.636782][ T8407] netlink: 158 bytes leftover after parsing attributes in process `syz.0.721'.
[  308.655753][ T8407] netlink: 8 bytes leftover after parsing attributes in process `syz.0.721'.
[  310.619517][ T8433] netlink: 28 bytes leftover after parsing attributes in process `syz.3.728'.
[  310.659500][ T8427] netlink: 50 bytes leftover after parsing attributes in process `syz.0.726'.
[  310.792270][ T8433] hsr_slave_0 (unregistering): left promiscuous mode
[  310.993286][ T8435] netlink: 'syz.1.729': attribute type 3 has an invalid length.
[  311.058153][ T8435] netlink: 306 bytes leftover after parsing attributes in process `syz.1.729'.
[  313.549573][ T8478] netlink: 62 bytes leftover after parsing attributes in process `syz.1.742'.
[  314.751762][ T8501] openvswitch: netlink: IP tunnel TTL not specified.
[  316.643534][ T8516] netlink: 4 bytes leftover after parsing attributes in process `syz.3.750'.
[  316.662390][ T8516] netlink: 354 bytes leftover after parsing attributes in process `syz.3.750'.
[  317.510556][ T8528] FAULT_INJECTION: forcing a failure.
[  317.510556][ T8528] name failslab, interval 1, probability 0, space 0, times 0
[  317.575721][ T8528] CPU: 1 UID: 0 PID: 8528 Comm: syz.3.754 Not tainted syzkaller #0 PREEMPT(full) 
[  317.575766][ T8528] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  317.575786][ T8528] Call Trace:
[  317.575796][ T8528]  <TASK>
[  317.575811][ T8528]  dump_stack_lvl+0x100/0x190
[  317.575863][ T8528]  should_fail_ex.cold+0x5/0xa
[  317.575921][ T8528]  should_failslab+0xc2/0x120
[  317.575963][ T8528]  __kmalloc_cache_noprof+0x80/0x810
[  317.575993][ T8528]  ? zs_create_pool+0x4fe/0xbc0
[  317.576039][ T8528]  ? zs_create_pool+0x4fe/0xbc0
[  317.576077][ T8528]  zs_create_pool+0x4fe/0xbc0
[  317.576121][ T8528]  ? __pfx_zs_create_pool+0x10/0x10
[  317.576167][ T8528]  ? disksize_store+0x117/0x510
[  317.576207][ T8528]  ? __vmalloc_node_noprof+0xad/0xf0
[  317.576254][ T8528]  ? disksize_store+0x117/0x510
[  317.576288][ T8528]  ? __pfx_disksize_store+0x10/0x10
[  317.576321][ T8528]  disksize_store+0x175/0x510
[  317.576355][ T8528]  ? sysfs_file_kobj+0xe4/0x290
[  317.576390][ T8528]  ? __pfx_disksize_store+0x10/0x10
[  317.576421][ T8528]  dev_attr_store+0x58/0x80
[  317.576465][ T8528]  ? __pfx_dev_attr_store+0x10/0x10
[  317.576511][ T8528]  sysfs_kf_write+0xf2/0x150
[  317.576548][ T8528]  kernfs_fop_write_iter+0x3e0/0x5f0
[  317.576574][ T8528]  ? __pfx_sysfs_kf_write+0x10/0x10
[  317.576610][ T8528]  vfs_write+0x6ac/0x1070
[  317.576641][ T8528]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  317.576673][ T8528]  ? __pfx_vfs_write+0x10/0x10
[  317.576700][ T8528]  ? find_held_lock+0x2b/0x80
[  317.576753][ T8528]  ksys_write+0x12a/0x250
[  317.576783][ T8528]  ? __pfx_ksys_write+0x10/0x10
[  317.576829][ T8528]  do_syscall_64+0xc9/0xf80
[  317.576875][ T8528]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  317.576904][ T8528] RIP: 0033:0x7f1e06d9af79
[  317.576927][ T8528] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  317.576955][ T8528] RSP: 002b:00007f1e07cde028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  317.576982][ T8528] RAX: ffffffffffffffda RBX: 00007f1e07015fa0 RCX: 00007f1e06d9af79
[  317.577001][ T8528] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003
[  317.577017][ T8528] RBP: 00007f1e06e316e0 R08: 0000000000000000 R09: 0000000000000000
[  317.577034][ T8528] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  317.577050][ T8528] R13: 00007f1e07016038 R14: 00007f1e07015fa0 R15: 00007ffc9eb4ca78
[  317.577087][ T8528]  </TASK>
[  318.927205][ T8539] Invalid ELF header magic: != ELF
[  320.892874][ T8562] openvswitch: netlink: IP tunnel TTL not specified.
[  321.313271][ T8569] netlink: 4 bytes leftover after parsing attributes in process `syz.1.763'.
[  321.379869][ T8569] netlink: 'syz.1.763': attribute type 1 has an invalid length.
[  321.407227][ T8569] netlink: 'syz.1.763': attribute type 4 has an invalid length.
[  321.445934][ T8569] netlink: 'syz.1.763': attribute type 5 has an invalid length.
[  321.525797][ T8569] netlink: 22724 bytes leftover after parsing attributes in process `syz.1.763'.
[  322.222732][ T8578] sctp: [Deprecated]: syz.3.766 (pid 8578) Use of struct sctp_assoc_value in delayed_ack socket option.
[  322.222732][ T8578] Use struct sctp_sack_info instead
[  327.591444][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  327.605790][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  327.725306][ T8647] zram0: detected capacity change from 0 to 8
[  333.314705][ T8726] zswap: compressor  not available
[  334.432223][ T8743] netlink: 'syz.2.806': attribute type 12 has an invalid length.
[  335.368041][ T8760] netlink: 16 bytes leftover after parsing attributes in process `syz.3.811'.
[  335.397655][ T8760] bond0: entered promiscuous mode
[  335.402956][ T8760] bond_slave_0: entered promiscuous mode
[  335.667288][ T8760] bond_slave_1: entered promiscuous mode
[  335.753868][ T8760] bond0: entered allmulticast mode
[  335.966754][ T8760] bond_slave_0: entered allmulticast mode
[  335.975783][ T8760] bond_slave_1: entered allmulticast mode
[  337.167889][ T8778] netlink: 4 bytes leftover after parsing attributes in process `syz.1.816'.
[  337.199495][ T8778] netlink: 354 bytes leftover after parsing attributes in process `syz.1.816'.
[  340.960907][ T8811] FAULT_INJECTION: forcing a failure.
[  340.960907][ T8811] name failslab, interval 1, probability 0, space 0, times 0
[  340.975773][ T8811] CPU: 0 UID: 0 PID: 8811 Comm: syz.3.824 Not tainted syzkaller #0 PREEMPT(full) 
[  340.975836][ T8811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  340.975857][ T8811] Call Trace:
[  340.975867][ T8811]  <TASK>
[  340.975880][ T8811]  dump_stack_lvl+0x100/0x190
[  340.975932][ T8811]  should_fail_ex.cold+0x5/0xa
[  340.975988][ T8811]  should_failslab+0xc2/0x120
[  340.976033][ T8811]  kmem_cache_alloc_noprof+0x83/0x780
[  340.976073][ T8811]  ? lock_acquire+0x17c/0x330
[  340.976116][ T8811]  ? skb_clone+0x190/0x400
[  340.976157][ T8811]  ? skb_clone+0x190/0x400
[  340.976189][ T8811]  skb_clone+0x190/0x400
[  340.976224][ T8811]  dev_queue_xmit_nit+0x255/0xa60
[  340.976285][ T8811]  dev_hard_start_xmit+0x2fb/0x6c0
[  340.976345][ T8811]  __dev_queue_xmit+0x6dd/0x46f0
[  340.976406][ T8811]  ? find_held_lock+0x2b/0x80
[  340.976444][ T8811]  ? __pfx___dev_queue_xmit+0x10/0x10
[  340.976509][ T8811]  ? __lock_acquire+0x4a5/0x2630
[  340.976594][ T8811]  ip_finish_output2+0xf34/0x24b0
[  340.976643][ T8811]  ? __pfx_ip_finish_output2+0x10/0x10
[  340.976683][ T8811]  ? __pfx_ip_dst_mtu_maybe_forward+0x10/0x10
[  340.976730][ T8811]  __ip_finish_output.part.0+0x444/0x6f0
[  340.976772][ T8811]  ip_output+0x39b/0xec0
[  340.976811][ T8811]  ? __pfx_ip_output+0x10/0x10
[  340.976852][ T8811]  ? __pfx_ip_finish_output+0x10/0x10
[  340.976887][ T8811]  ? ip4_dst_hoplimit+0x1a9/0x400
[  340.976933][ T8811]  __ip_queue_xmit+0x1b73/0x22b0
[  340.976978][ T8811]  ? __pfx_ip_queue_xmit+0x10/0x10
[  340.977017][ T8811]  __tcp_transmit_skb+0x2c62/0x43c0
[  340.977087][ T8811]  ? __pfx___tcp_transmit_skb+0x10/0x10
[  340.977162][ T8811]  ? ktime_get+0x200/0x300
[  340.977199][ T8811]  ? lockdep_hardirqs_on+0x78/0x100
[  340.977264][ T8811]  tcp_write_xmit+0x12a2/0x86f0
[  340.977353][ T8811]  __tcp_push_pending_frames+0xaf/0x3b0
[  340.977408][ T8811]  tcp_send_fin+0x11f/0x10f0
[  340.977468][ T8811]  __tcp_close+0xa0d/0x1110
[  340.977514][ T8811]  ? __local_bh_enable_ip+0x9e/0x120
[  340.977564][ T8811]  tcp_close+0x28/0x110
[  340.977611][ T8811]  inet_release+0xed/0x200
[  340.977657][ T8811]  __sock_release+0xb3/0x260
[  340.977694][ T8811]  ? __pfx_sock_close+0x10/0x10
[  340.977730][ T8811]  sock_close+0x1c/0x30
[  340.977762][ T8811]  __fput+0x3ff/0xb40
[  340.977818][ T8811]  task_work_run+0x150/0x240
[  340.977852][ T8811]  ? __pfx_task_work_run+0x10/0x10
[  340.977885][ T8811]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  340.977943][ T8811]  get_signal+0x1bd/0x21e0
[  340.977985][ T8811]  ? __pfx___fput_deferred+0x10/0x10
[  340.978031][ T8811]  ? __pfx___file_ref_put+0x10/0x10
[  340.978080][ T8811]  ? __pfx_get_signal+0x10/0x10
[  340.978123][ T8811]  ? do_sendfile+0x44d/0xe20
[  340.978168][ T8811]  arch_do_signal_or_restart+0x91/0x770
[  340.978221][ T8811]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  340.978294][ T8811]  ? __x64_sys_sendfile64+0x189/0x220
[  340.978339][ T8811]  ? xfd_validate_state+0x129/0x190
[  340.978381][ T8811]  exit_to_user_mode_loop+0x86/0x4b0
[  340.978427][ T8811]  ? rcu_is_watching+0x12/0xc0
[  340.978460][ T8811]  do_syscall_64+0x4ea/0xf80
[  340.978513][ T8811]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  340.978547][ T8811] RIP: 0033:0x7f1e06d9af79
[  340.978575][ T8811] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  340.978608][ T8811] RSP: 002b:00007f1e07cde028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  340.978641][ T8811] RAX: fffffffffffffe00 RBX: 00007f1e07015fa0 RCX: 00007f1e06d9af79
[  340.978665][ T8811] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000001
[  340.978684][ T8811] RBP: 00007f1e06e316e0 R08: 0000000000000000 R09: 0000000000000000
[  340.978705][ T8811] R10: 00000000000000a1 R11: 0000000000000246 R12: 0000000000000000
[  340.978725][ T8811] R13: 00007f1e07016038 R14: 00007f1e07015fa0 R15: 00007ffc9eb4ca78
[  340.978771][ T8811]  </TASK>
[  342.510777][ T8814] FAULT_INJECTION: forcing a failure.
[  342.510777][ T8814] name failslab, interval 1, probability 0, space 0, times 0
[  342.571263][ T8814] CPU: 1 UID: 0 PID: 8814 Comm: syz.1.826 Not tainted syzkaller #0 PREEMPT(full) 
[  342.571309][ T8814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  342.571329][ T8814] Call Trace:
[  342.571340][ T8814]  <TASK>
[  342.571352][ T8814]  dump_stack_lvl+0x100/0x190
[  342.571399][ T8814]  should_fail_ex.cold+0x5/0xa
[  342.571455][ T8814]  should_failslab+0xc2/0x120
[  342.571501][ T8814]  kmem_cache_alloc_noprof+0x83/0x780
[  342.571544][ T8814]  ? __kernfs_new_node+0xd2/0x960
[  342.571595][ T8814]  ? __kernfs_new_node+0xd2/0x960
[  342.571639][ T8814]  __kernfs_new_node+0xd2/0x960
[  342.571685][ T8814]  ? kernfs_add_one+0x214/0x850
[  342.571737][ T8814]  ? __pfx___kernfs_new_node+0x10/0x10
[  342.571807][ T8814]  ? find_held_lock+0x2b/0x80
[  342.571843][ T8814]  ? kernfs_root+0xee/0x2a0
[  342.571885][ T8814]  ? kernfs_root+0xee/0x2a0
[  342.571940][ T8814]  kernfs_new_node+0x11b/0x1a0
[  342.571998][ T8814]  kernfs_create_link+0xcc/0x240
[  342.572144][ T8814]  sysfs_do_create_link_sd+0x90/0x140
[  342.572202][ T8814]  sysfs_create_link+0x61/0xc0
[  342.572248][ T8814]  device_add+0x553/0x1950
[  342.572282][ T8814]  ? alloc_workqueue_noprof+0x198/0x200
[  342.572332][ T8814]  ? __pfx_device_add+0x10/0x10
[  342.572377][ T8814]  nfc_register_device+0x41/0x3e0
[  342.572432][ T8814]  nci_register_device+0x7f1/0xb80
[  342.572486][ T8814]  ? __pfx_nci_register_device+0x10/0x10
[  342.572533][ T8814]  ? lockdep_init_map_type+0x5c/0x250
[  342.572589][ T8814]  virtual_ncidev_open+0x141/0x220
[  342.572627][ T8814]  ? __pfx_virtual_ncidev_open+0x10/0x10
[  342.572761][ T8814]  misc_open+0x26d/0x450
[  342.572818][ T8814]  ? __pfx_misc_open+0x10/0x10
[  342.572873][ T8814]  chrdev_open+0x234/0x6a0
[  342.572913][ T8814]  ? __pfx_apparmor_file_open+0x10/0x10
[  342.572968][ T8814]  ? __pfx_chrdev_open+0x10/0x10
[  342.573012][ T8814]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  342.573061][ T8814]  do_dentry_open+0x6d8/0x1660
[  342.573099][ T8814]  ? __pfx_chrdev_open+0x10/0x10
[  342.573150][ T8814]  vfs_open+0x82/0x3f0
[  342.573203][ T8814]  path_openat+0x208c/0x31a0
[  342.573255][ T8814]  ? __pfx_path_openat+0x10/0x10
[  342.573306][ T8814]  do_filp_open+0x1f7/0x420
[  342.573349][ T8814]  ? __pfx_do_filp_open+0x10/0x10
[  342.573416][ T8814]  ? _raw_spin_unlock+0x28/0x50
[  342.573458][ T8814]  ? alloc_fd+0x476/0x790
[  342.573507][ T8814]  do_sys_openat2+0x12e/0x220
[  342.573560][ T8814]  ? __pfx_do_sys_openat2+0x10/0x10
[  342.573612][ T8814]  ? __fput+0x68a/0xb40
[  342.573667][ T8814]  __x64_sys_openat+0x12d/0x210
[  342.573718][ T8814]  ? __pfx___x64_sys_openat+0x10/0x10
[  342.573768][ T8814]  ? xfd_validate_state+0x129/0x190
[  342.573816][ T8814]  do_syscall_64+0xc9/0xf80
[  342.573883][ T8814]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  342.573917][ T8814] RIP: 0033:0x7fcfec39af79
[  342.573944][ T8814] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  342.573978][ T8814] RSP: 002b:00007fcfed306028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  342.574010][ T8814] RAX: ffffffffffffffda RBX: 00007fcfec615fa0 RCX: 00007fcfec39af79
[  342.574033][ T8814] RDX: 0000000000000002 RSI: 0000200000000400 RDI: ffffffffffffff9c
[  342.574054][ T8814] RBP: 00007fcfec4316e0 R08: 0000000000000000 R09: 0000000000000000
[  342.574075][ T8814] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  342.574096][ T8814] R13: 00007fcfec616038 R14: 00007fcfec615fa0 R15: 00007ffc11bb79b8
[  342.574138][ T8814]  </TASK>
[  346.603283][ T8861] netlink: 'syz.0.836': attribute type 1 has an invalid length.
[  346.655051][ T8861] netlink: 17 bytes leftover after parsing attributes in process `syz.0.836'.
[  349.824912][ T8894] FAULT_INJECTION: forcing a failure.
[  349.824912][ T8894] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  349.836494][ T8893] netlink: 8 bytes leftover after parsing attributes in process `syz.0.848'.
[  349.895782][ T8894] CPU: 0 UID: 0 PID: 8894 Comm: syz.1.847 Not tainted syzkaller #0 PREEMPT(full) 
[  349.895827][ T8894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  349.895847][ T8894] Call Trace:
[  349.895858][ T8894]  <TASK>
[  349.895872][ T8894]  dump_stack_lvl+0x100/0x190
[  349.895924][ T8894]  should_fail_ex.cold+0x5/0xa
[  349.895977][ T8894]  ? prepare_alloc_pages+0x16d/0x5f0
[  349.896033][ T8894]  should_fail_alloc_page+0xeb/0x140
[  349.896084][ T8894]  prepare_alloc_pages+0x1f0/0x5f0
[  349.896133][ T8894]  ? rcu_is_watching+0x12/0xc0
[  349.896172][ T8894]  __alloc_frozen_pages_noprof+0x193/0x2410
[  349.896215][ T8894]  ? __lock_acquire+0x4a5/0x2630
[  349.896282][ T8894]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  349.896324][ T8894]  ? do_raw_spin_lock+0x128/0x260
[  349.896353][ T8894]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  349.896382][ T8894]  ? find_held_lock+0x2b/0x80
[  349.896428][ T8894]  ? __lock_acquire+0x4a5/0x2630
[  349.896477][ T8894]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  349.896535][ T8894]  ? policy_nodemask+0xed/0x4f0
[  349.896588][ T8894]  alloc_pages_mpol+0x1fb/0x550
[  349.896641][ T8894]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  349.896690][ T8894]  ? __folio_batch_add_and_move+0x5e5/0xc60
[  349.896740][ T8894]  ? __folio_batch_add_and_move+0x5e5/0xc60
[  349.896796][ T8894]  folio_alloc_mpol_noprof+0x36/0x340
[  349.896853][ T8894]  shmem_alloc_folio+0x135/0x160
[  349.896889][ T8894]  shmem_alloc_and_add_folio+0x371/0xd40
[  349.896940][ T8894]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  349.896986][ T8894]  ? shmem_allowable_huge_orders+0x2bd/0x400
[  349.897038][ T8894]  shmem_get_folio_gfp+0x6ab/0x1900
[  349.897090][ T8894]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  349.897135][ T8894]  ? simple_xattr_get+0x179/0x1d0
[  349.897188][ T8894]  shmem_write_begin+0x1a4/0x420
[  349.897234][ T8894]  ? __pfx_shmem_write_begin+0x10/0x10
[  349.897279][ T8894]  ? balance_dirty_pages_ratelimited_flags+0x91/0x1170
[  349.897343][ T8894]  generic_perform_write+0x292/0xa40
[  349.897398][ T8894]  ? __pfx_generic_perform_write+0x10/0x10
[  349.897447][ T8894]  ? file_update_time_flags+0x373/0x500
[  349.897506][ T8894]  shmem_file_write_iter+0x10e/0x140
[  349.897560][ T8894]  vfs_write+0x6ac/0x1070
[  349.897600][ T8894]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  349.897654][ T8894]  ? __pfx_vfs_write+0x10/0x10
[  349.897688][ T8894]  ? find_held_lock+0x2b/0x80
[  349.897752][ T8894]  ksys_write+0x12a/0x250
[  349.897790][ T8894]  ? __pfx_ksys_write+0x10/0x10
[  349.897841][ T8894]  do_syscall_64+0xc9/0xf80
[  349.897894][ T8894]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  349.897929][ T8894] RIP: 0033:0x7fcfec39af79
[  349.897957][ T8894] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  349.897991][ T8894] RSP: 002b:00007fcfed306028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  349.898025][ T8894] RAX: ffffffffffffffda RBX: 00007fcfec615fa0 RCX: 00007fcfec39af79
[  349.898049][ T8894] RDX: 00000000000098c7 RSI: 0000000000000000 RDI: 0000000000000007
[  349.898070][ T8894] RBP: 00007fcfec4316e0 R08: 0000000000000000 R09: 0000000000000000
[  349.898091][ T8894] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  349.898112][ T8894] R13: 00007fcfec616038 R14: 00007fcfec615fa0 R15: 00007ffc11bb79b8
[  349.898158][ T8894]  </TASK>
[  350.818975][ T8896] HSR: entered promiscuous mode
[  350.846405][ T8903] netlink: 16 bytes leftover after parsing attributes in process `syz.2.851'.
[  350.874465][ T8903] bond0: entered promiscuous mode
[  350.896003][ T8903] ›: entered promiscuous mode
[  350.933596][ T8903] bond_slave_1: entered promiscuous mode
[  350.966760][ T8903] bond0: entered allmulticast mode
[  350.972628][ T8903] ›: entered allmulticast mode
[  350.995630][ T8903] bond_slave_1: entered allmulticast mode
[  352.608204][ T5920] smpboot: CPU 1 is now offline
[  352.614063][ T5920] crash hp: kexec_trylock() failed, kdump image may be inaccurate
[  353.706427][ T8933] random: crng reseeded on system resumption
[  353.834758][ T8922] kexec: Could not allocate control_code_buffer
[  354.716569][ T8946] netlink: 186 bytes leftover after parsing attributes in process `syz.0.863'.
[  354.892005][ T8952] netlink: 25 bytes leftover after parsing attributes in process `syz.3.864'.
[  355.230417][ T8955] netlink: 16 bytes leftover after parsing attributes in process `syz.0.865'.
[  355.348633][ T8955] bond0: entered promiscuous mode
[  355.354278][ T8955] bond_slave_0: entered promiscuous mode
[  355.428559][ T8955] bond_slave_1: entered promiscuous mode
[  355.434982][ T8955] bond0: entered allmulticast mode
[  355.517762][ T8955] bond_slave_0: entered allmulticast mode
[  355.550879][ T8955] bond_slave_1: entered allmulticast mode
[  356.822146][   T51] Bluetooth: hci1: Malformed Event: 0x13
[  357.487065][ T8981] netlink: 28 bytes leftover after parsing attributes in process `syz.1.872'.
[  359.324464][ T8994] futex_wake_op: syz.2.876 tries to shift op by -2048; fix this program
[  359.468670][ T8994] futex_wake_op: syz.2.876 tries to shift op by -2048; fix this program
[  359.553983][ T8998] netlink: 330 bytes leftover after parsing attributes in process `syz.3.877'.
[  362.390186][ T9000] delete_channel: no stack
[  364.157160][ T9037] FAULT_INJECTION: forcing a failure.
[  364.157160][ T9037] name failslab, interval 1, probability 0, space 0, times 0
[  364.390711][ T9037] CPU: 0 UID: 0 PID: 9037 Comm: syz.1.887 Not tainted syzkaller #0 PREEMPT(full) 
[  364.390746][ T9037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  364.390762][ T9037] Call Trace:
[  364.390770][ T9037]  <TASK>
[  364.390780][ T9037]  dump_stack_lvl+0x100/0x190
[  364.390816][ T9037]  should_fail_ex.cold+0x5/0xa
[  364.390862][ T9037]  should_failslab+0xc2/0x120
[  364.390898][ T9037]  __kmalloc_cache_noprof+0x80/0x810
[  364.390923][ T9037]  ? minstrel_ht_alloc+0x4f/0x7f0
[  364.390952][ T9037]  ? minstrel_ht_alloc+0x4f/0x7f0
[  364.390974][ T9037]  minstrel_ht_alloc+0x4f/0x7f0
[  364.391006][ T9037]  ieee80211_init_rate_ctrl_alg+0x259/0x3b0
[  364.391036][ T9037]  ieee80211_register_hw+0x285e/0x4040
[  364.391068][ T9037]  ? rt_mutex_lock_interruptible+0x62/0x110
[  364.391103][ T9037]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  364.391129][ T9037]  ? __pfx___debug_object_init+0x10/0x10
[  364.391177][ T9037]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  364.391205][ T9037]  ? __hrtimer_setup+0x178/0x280
[  364.391246][ T9037]  mac80211_hwsim_new_radio+0x2847/0x57c0
[  364.391302][ T9037]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  364.391338][ T9037]  hwsim_new_radio_nl+0xc1f/0x1340
[  364.391361][ T9037]  ? genl_family_rcv_msg_attrs_parse.isra.0+0xc8/0x290
[  364.391401][ T9037]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  364.391435][ T9037]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x290
[  364.391469][ T9037]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1b4/0x290
[  364.391509][ T9037]  genl_family_rcv_msg_doit+0x214/0x300
[  364.391546][ T9037]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  364.391578][ T9037]  ? genl_get_cmd+0x3ef/0x720
[  364.391615][ T9037]  ? bpf_lsm_capable+0x9/0x10
[  364.391653][ T9037]  ? security_capable+0x80/0x260
[  364.391693][ T9037]  ? ns_capable+0xd2/0xf0
[  364.391726][ T9037]  genl_rcv_msg+0x560/0x800
[  364.391765][ T9037]  ? __pfx_genl_rcv_msg+0x10/0x10
[  364.391799][ T9037]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  364.391834][ T9037]  netlink_rcv_skb+0x159/0x420
[  364.391861][ T9037]  ? __pfx_genl_rcv_msg+0x10/0x10
[  364.391894][ T9037]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  364.391934][ T9037]  ? netlink_deliver_tap+0x1ae/0xcc0
[  364.391965][ T9037]  genl_rcv+0x28/0x40
[  364.391993][ T9037]  netlink_unicast+0x5aa/0x870
[  364.392024][ T9037]  ? __pfx_netlink_unicast+0x10/0x10
[  364.392051][ T9037]  ? __pfx___might_resched+0x10/0x10
[  364.392074][ T9037]  ? __lock_acquire+0x4a5/0x2630
[  364.392117][ T9037]  netlink_sendmsg+0x8b0/0xda0
[  364.392149][ T9037]  ? __pfx_netlink_sendmsg+0x10/0x10
[  364.392175][ T9037]  ? __import_iovec+0x1d2/0x640
[  364.392204][ T9037]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  364.392249][ T9037]  ____sys_sendmsg+0xa54/0xc30
[  364.392289][ T9037]  ? __pfx_____sys_sendmsg+0x10/0x10
[  364.392321][ T9037]  ? __pfx___futex_wait+0x10/0x10
[  364.392366][ T9037]  ? __pfx_futex_wake_mark+0x10/0x10
[  364.392412][ T9037]  ___sys_sendmsg+0x190/0x1e0
[  364.392449][ T9037]  ? __pfx____sys_sendmsg+0x10/0x10
[  364.392501][ T9037]  ? find_held_lock+0x2b/0x80
[  364.392545][ T9037]  __sys_sendmsg+0x170/0x220
[  364.392571][ T9037]  ? __pfx___sys_sendmsg+0x10/0x10
[  364.392596][ T9037]  ? __x64_sys_futex+0x34f/0x4d0
[  364.392648][ T9037]  do_syscall_64+0xc9/0xf80
[  364.392685][ T9037]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  364.392711][ T9037] RIP: 0033:0x7fcfec39af79
[  364.392731][ T9037] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  364.392756][ T9037] RSP: 002b:00007fcfed306028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  364.392779][ T9037] RAX: ffffffffffffffda RBX: 00007fcfec615fa0 RCX: 00007fcfec39af79
[  364.392796][ T9037] RDX: 0000000000040000 RSI: 0000200000000000 RDI: 0000000000000005
[  364.392812][ T9037] RBP: 00007fcfec4316e0 R08: 0000000000000000 R09: 0000000000000000
[  364.392827][ T9037] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  364.392841][ T9037] R13: 00007fcfec616038 R14: 00007fcfec615fa0 R15: 00007ffc11bb79b8
[  364.392873][ T9037]  </TASK>
[  365.305977][ T9037] ieee80211 phy14: Failed to select rate control algorithm
[  365.902449][ T9047] netlink: 8 bytes leftover after parsing attributes in process `syz.2.891'.
[  365.993041][ T9053] netlink: 'syz.3.892': attribute type 2 has an invalid length.
[  366.018177][ T9053] netlink: 'syz.3.892': attribute type 3 has an invalid length.
[  366.043427][ T9053] netlink: 158 bytes leftover after parsing attributes in process `syz.3.892'.
[  366.075951][ T9053] netlink: 4 bytes leftover after parsing attributes in process `syz.3.892'.
[  366.940857][ T9071] netlink: 'syz.0.898': attribute type 4 has an invalid length.
[  367.001064][ T9071] netlink: 314 bytes leftover after parsing attributes in process `syz.0.898'.
[  367.310817][ T9073] netlink: 28 bytes leftover after parsing attributes in process `syz.2.899'.
[  367.986521][ T9080] netlink: 306 bytes leftover after parsing attributes in process `syz.0.902'.
[  368.377205][ T9084] FAULT_INJECTION: forcing a failure.
[  368.377205][ T9084] name fail_futex, interval 1, probability 0, space 0, times 0
[  368.798945][ T9084] CPU: 0 UID: 0 PID: 9084 Comm: syz.1.893 Not tainted syzkaller #0 PREEMPT(full) 
[  368.798980][ T9084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  368.798995][ T9084] Call Trace:
[  368.799003][ T9084]  <TASK>
[  368.799013][ T9084]  dump_stack_lvl+0x100/0x190
[  368.799049][ T9084]  should_fail_ex.cold+0x5/0xa
[  368.799088][ T9084]  ? __lock_acquire+0x4a5/0x2630
[  368.799126][ T9084]  get_futex_key+0x1d2/0x1620
[  368.799161][ T9084]  ? __pfx_get_futex_key+0x10/0x10
[  368.799195][ T9084]  ? update_se+0x93/0x700
[  368.799233][ T9084]  futex_wait_setup+0x81/0x500
[  368.799281][ T9084]  __futex_wait+0x19f/0x300
[  368.799323][ T9084]  ? __pfx___futex_wait+0x10/0x10
[  368.799361][ T9084]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  368.799393][ T9084]  ? lockdep_hardirqs_on+0x78/0x100
[  368.799431][ T9084]  ? __pfx_futex_wake_mark+0x10/0x10
[  368.799475][ T9084]  ? find_held_lock+0x2b/0x80
[  368.799500][ T9084]  ? futex_wake+0x456/0x530
[  368.799545][ T9084]  futex_wait+0xed/0x380
[  368.799585][ T9084]  ? __pfx_futex_wait+0x10/0x10
[  368.799636][ T9084]  ? ksys_write+0x190/0x250
[  368.799668][ T9084]  do_futex+0x1ef/0x350
[  368.799701][ T9084]  ? __pfx_do_futex+0x10/0x10
[  368.799732][ T9084]  ? __pfx___do_sys_mremap+0x10/0x10
[  368.799769][ T9084]  __x64_sys_futex+0x34f/0x4d0
[  368.799807][ T9084]  ? __pfx___x64_sys_futex+0x10/0x10
[  368.799840][ T9084]  ? xfd_validate_state+0x129/0x190
[  368.799874][ T9084]  do_syscall_64+0xc9/0xf80
[  368.799911][ T9084]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  368.799945][ T9084] RIP: 0033:0x7fcfec39af79
[  368.799964][ T9084] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  368.799989][ T9084] RSP: 002b:00007fcfed2820e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  368.800014][ T9084] RAX: ffffffffffffffda RBX: 00007fcfec616368 RCX: 00007fcfec39af79
[  368.800030][ T9084] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fcfec616368
[  368.800045][ T9084] RBP: 00007fcfec616360 R08: 0000000000000000 R09: 0000000000000000
[  368.800061][ T9084] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  368.800075][ T9084] R13: 00007fcfec6163f8 R14: 00007ffc11bb78d0 R15: 00007ffc11bb79b8
[  368.800107][ T9084]  </TASK>
[  369.552889][ T9095] netlink: 8 bytes leftover after parsing attributes in process `syz.2.907'.
[  369.880730][    C0] vcan0: j1939_tp_rxtimer: 0xffff888031b52c00: rx timeout, send abort
[  370.391344][    C0] vcan0: j1939_tp_rxtimer: 0xffff888031b52c00: abort rx timeout. Force session deactivation
[  374.944277][ T9153] netlink: 'syz.0.924': attribute type 11 has an invalid length.
[  375.013345][ T9153] netlink: 236 bytes leftover after parsing attributes in process `syz.0.924'.
[  380.028266][ T9219] ==================================================================
[  380.028287][ T9219] BUG: KASAN: vmalloc-out-of-bounds in sys_imageblit+0x19fb/0x1d60
[  380.028327][ T9219] Write of size 8 at addr ffffc90003769200 by task syz.3.941/9219
[  380.028347][ T9219] 
[  380.028358][ T9219] CPU: 0 UID: 0 PID: 9219 Comm: syz.3.941 Not tainted syzkaller #0 PREEMPT(full) 
[  380.028388][ T9219] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  380.028403][ T9219] Call Trace:
[  380.028411][ T9219]  <TASK>
[  380.028420][ T9219]  dump_stack_lvl+0x100/0x190
[  380.028452][ T9219]  print_report+0x156/0x4c9
[  380.028490][ T9219]  ? __virt_addr_valid+0x81/0x620
[  380.028531][ T9219]  ? sys_imageblit+0x19fb/0x1d60
[  380.028558][ T9219]  kasan_report+0xdf/0x1a0
[  380.028593][ T9219]  ? sys_imageblit+0x19fb/0x1d60
[  380.028625][ T9219]  sys_imageblit+0x19fb/0x1d60
[  380.028658][ T9219]  ? __pfx_sys_imageblit+0x10/0x10
[  380.028688][ T9219]  ? prb_read_valid+0x78/0xa0
[  380.028726][ T9219]  ? __pfx_prb_read_valid+0x10/0x10
[  380.028764][ T9219]  drm_fbdev_shmem_defio_imageblit+0x20/0x130
[  380.028797][ T9219]  soft_cursor+0x524/0xa10
[  380.028821][ T9219]  ? fb_get_color_depth+0x120/0x250
[  380.028862][ T9219]  bit_cursor+0xe58/0x16f0
[  380.028887][ T9219]  ? __pfx_bit_cursor+0x10/0x10
[  380.028908][ T9219]  ? __lock_acquire+0x4a5/0x2630
[  380.028951][ T9219]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  380.028978][ T9219]  ? get_color+0x1da/0x450
[  380.029011][ T9219]  ? __pfx_bit_cursor+0x10/0x10
[  380.029032][ T9219]  fbcon_cursor+0x43c/0x5e0
[  380.029068][ T9219]  ? add_softcursor+0x140/0x290
[  380.029107][ T9219]  set_cursor+0x1db/0x250
[  380.029144][ T9219]  con_write+0x89/0xb0
[  380.029169][ T9219]  n_tty_write+0x44f/0x12d0
[  380.029207][ T9219]  ? __pfx_n_tty_write+0x10/0x10
[  380.029240][ T9219]  ? __pfx_woken_wake_function+0x10/0x10
[  380.029265][ T9219]  ? file_tty_write.isra.0+0x64e/0x890
[  380.029292][ T9219]  ? __pfx_n_tty_write+0x10/0x10
[  380.029324][ T9219]  file_tty_write.isra.0+0x4d2/0x890
[  380.029353][ T9219]  redirected_tty_write+0xd4/0x120
[  380.029383][ T9219]  vfs_write+0x6ac/0x1070
[  380.029410][ T9219]  ? __pfx_redirected_tty_write+0x10/0x10
[  380.029438][ T9219]  ? __pfx_vfs_write+0x10/0x10
[  380.029463][ T9219]  ? find_held_lock+0x2b/0x80
[  380.029498][ T9219]  ksys_write+0x12a/0x250
[  380.029524][ T9219]  ? __pfx_ksys_write+0x10/0x10
[  380.029555][ T9219]  do_syscall_64+0xc9/0xf80
[  380.029592][ T9219]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  380.029752][ T9219] RIP: 0033:0x7f1e06d9af79
[  380.029774][ T9219] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  380.029799][ T9219] RSP: 002b:00007f1e07cbd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  380.029823][ T9219] RAX: ffffffffffffffda RBX: 00007f1e07016090 RCX: 00007f1e06d9af79
[  380.029841][ T9219] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 0000000000000004
[  380.029857][ T9219] RBP: 00007f1e06e316e0 R08: 0000000000000000 R09: 0000000000000000
[  380.029873][ T9219] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  380.029888][ T9219] R13: 00007f1e07016128 R14: 00007f1e07016090 R15: 00007ffc9eb4ca78
[  380.029914][ T9219]  </TASK>
[  380.029923][ T9219] 
[  380.029938][ T9219] The buggy address belongs to a vmalloc virtual mapping
[  380.029959][ T9219] Memory state around the buggy address:
[  380.029979][ T9219]  ffffc90003769100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  380.030003][ T9219]  ffffc90003769180: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  380.030021][ T9219] >ffffc90003769200: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  380.030035][ T9219]                    ^
[  380.030048][ T9219]  ffffc90003769280: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  380.030066][ T9219]  ffffc90003769300: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  380.030081][ T9219] ==================================================================
[  380.061185][ T9219] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  380.061210][ T9219] CPU: 0 UID: 0 PID: 9219 Comm: syz.3.941 Not tainted syzkaller #0 PREEMPT(full) 
[  380.061241][ T9219] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  380.061257][ T9219] Call Trace:
[  380.061265][ T9219]  <TASK>
[  380.061274][ T9219]  dump_stack_lvl+0x100/0x190
[  380.061309][ T9219]  vpanic+0x20d/0x630
[  380.061333][ T9219]  panic+0xd1/0xd1
[  380.061354][ T9219]  ? __pfx_panic+0x10/0x10
[  380.061378][ T9219]  ? sys_imageblit+0x19fb/0x1d60
[  380.061407][ T9219]  ? preempt_schedule_common+0x42/0xc0
[  380.061446][ T9219]  check_panic_on_warn.cold+0x19/0x34
[  380.061472][ T9219]  end_report.part.0+0x3a/0x90
[  380.061506][ T9219]  kasan_report.cold+0xe/0x18
[  380.061540][ T9219]  ? sys_imageblit+0x19fb/0x1d60
[  380.061574][ T9219]  sys_imageblit+0x19fb/0x1d60
[  380.061608][ T9219]  ? __pfx_sys_imageblit+0x10/0x10
[  380.061638][ T9219]  ? prb_read_valid+0x78/0xa0
[  380.061675][ T9219]  ? __pfx_prb_read_valid+0x10/0x10
[  380.061729][ T9219]  drm_fbdev_shmem_defio_imageblit+0x20/0x130
[  380.061762][ T9219]  soft_cursor+0x524/0xa10
[  380.061788][ T9219]  ? fb_get_color_depth+0x120/0x250
[  380.061828][ T9219]  bit_cursor+0xe58/0x16f0
[  380.061854][ T9219]  ? __pfx_bit_cursor+0x10/0x10
[  380.061875][ T9219]  ? __lock_acquire+0x4a5/0x2630
[  380.061914][ T9219]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  380.061941][ T9219]  ? get_color+0x1da/0x450
[  380.061975][ T9219]  ? __pfx_bit_cursor+0x10/0x10
[  380.061996][ T9219]  fbcon_cursor+0x43c/0x5e0
[  380.062032][ T9219]  ? add_softcursor+0x140/0x290
[  380.062071][ T9219]  set_cursor+0x1db/0x250
[  380.062108][ T9219]  con_write+0x89/0xb0
[  380.062134][ T9219]  n_tty_write+0x44f/0x12d0
[  380.062173][ T9219]  ? __pfx_n_tty_write+0x10/0x10
[  380.062206][ T9219]  ? __pfx_woken_wake_function+0x10/0x10
[  380.062231][ T9219]  ? file_tty_write.isra.0+0x64e/0x890
[  380.062259][ T9219]  ? __pfx_n_tty_write+0x10/0x10
[  380.062292][ T9219]  file_tty_write.isra.0+0x4d2/0x890
[  380.062321][ T9219]  redirected_tty_write+0xd4/0x120
[  380.062348][ T9219]  vfs_write+0x6ac/0x1070
[  380.062376][ T9219]  ? __pfx_redirected_tty_write+0x10/0x10
[  380.062404][ T9219]  ? __pfx_vfs_write+0x10/0x10
[  380.062429][ T9219]  ? find_held_lock+0x2b/0x80
[  380.062464][ T9219]  ksys_write+0x12a/0x250
[  380.062491][ T9219]  ? __pfx_ksys_write+0x10/0x10
[  380.062523][ T9219]  do_syscall_64+0xc9/0xf80
[  380.062559][ T9219]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  380.062585][ T9219] RIP: 0033:0x7f1e06d9af79
[  380.062604][ T9219] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  380.062630][ T9219] RSP: 002b:00007f1e07cbd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  380.062655][ T9219] RAX: ffffffffffffffda RBX: 00007f1e07016090 RCX: 00007f1e06d9af79
[  380.062673][ T9219] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 0000000000000004
[  380.062696][ T9219] RBP: 00007f1e06e316e0 R08: 0000000000000000 R09: 0000000000000000
[  380.062711][ T9219] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  380.062728][ T9219] R13: 00007f1e07016128 R14: 00007f1e07016090 R15: 00007ffc9eb4ca78
[  380.062753][ T9219]  </TASK>
[  380.062823][ T9219] Kernel Offset: disabled