Warning: Permanently added '10.128.1.75' (ED25519) to the list of known hosts.
2025/12/01 06:45:06 parsed 1 programs
[   79.894020][ T4271] cgroup: Unknown subsys name 'net'
[   80.031432][ T4271] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   81.611846][ T4271] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k FS
[   84.303456][ T4304] chnl_net:caif_netlink_parms(): no params data found
[   84.358821][ T4304] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.366610][ T4304] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.374903][ T4304] device bridge_slave_0 entered promiscuous mode
[   84.386627][ T4304] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.393923][ T4304] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.401900][ T4304] device bridge_slave_1 entered promiscuous mode
[   84.426365][ T4304] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   84.440348][ T4304] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   84.467756][ T4304] team0: Port device team_slave_0 added
[   84.476635][ T4304] team0: Port device team_slave_1 added
[   84.502822][ T4304] batman_adv: batadv0: Adding interface: batadv_slave_0
[   84.509826][ T4304] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   84.536173][ T4304] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   84.549280][ T4304] batman_adv: batadv0: Adding interface: batadv_slave_1
[   84.557004][ T4304] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   84.583054][ T4304] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   84.621209][ T4304] device hsr_slave_0 entered promiscuous mode
[   84.628418][ T4304] device hsr_slave_1 entered promiscuous mode
[   84.762139][ T4304] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   84.774423][ T4304] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   84.785044][ T4304] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   84.794380][ T4304] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   84.827898][ T4304] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.835195][ T4304] bridge0: port 2(bridge_slave_1) entered forwarding state
[   84.843517][ T4304] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.850659][ T4304] bridge0: port 1(bridge_slave_0) entered forwarding state
[   84.906167][ T4304] 8021q: adding VLAN 0 to HW filter on device bond0
[   84.919497][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   84.931459][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.940986][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.949828][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   84.969911][ T4304] 8021q: adding VLAN 0 to HW filter on device team0
[   84.982644][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   84.992250][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.999635][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[   85.011612][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   85.021520][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.028707][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[   85.052154][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   85.061180][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   85.077801][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   85.096671][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   85.111194][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   85.123245][ T4304] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   85.326751][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   85.335315][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   85.360325][ T4304] 8021q: adding VLAN 0 to HW filter on device batadv0
[   85.380038][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   85.389464][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   85.413634][ T4321] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   85.423507][ T4321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   85.433224][ T4321] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   85.441338][ T4321] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   85.453100][ T4304] device veth0_vlan entered promiscuous mode
[   85.466890][ T4304] device veth1_vlan entered promiscuous mode
[   85.495206][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   85.505126][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   85.514423][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   85.523845][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   85.535410][ T4304] device veth0_macvtap entered promiscuous mode
[   85.546639][ T4304] device veth1_macvtap entered promiscuous mode
[   85.564508][ T4304] batman_adv: batadv0: Interface activated: batadv_slave_0
[   85.572182][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   85.581217][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   85.590765][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   85.600156][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   85.612146][ T4304] batman_adv: batadv0: Interface activated: batadv_slave_1
[   85.621121][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   85.630614][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   85.642787][ T4304] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   85.651727][ T4304] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   85.661155][ T4304] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   85.670196][ T4304] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   85.793554][   T56] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   86.157611][ T4341] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   86.166877][ T4341] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   86.175873][ T4341] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   86.184550][ T4341] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   86.192351][ T4341] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   86.199891][ T4341] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   86.419654][ T4321] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   86.429867][ T4321] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   86.446646][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   86.460987][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   86.470494][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   86.480597][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   87.025046][  T126] cfg80211: failed to load regulatory.db
2025/12/01 06:45:16 executed programs: 0
[   87.882318][ T4341] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   87.890582][ T4341] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   87.898685][ T4341] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   87.907476][ T4341] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   87.915702][ T4341] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   87.923916][ T4341] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   88.064009][ T4366] chnl_net:caif_netlink_parms(): no params data found
[   88.111300][ T4366] bridge0: port 1(bridge_slave_0) entered blocking state
[   88.118777][ T4366] bridge0: port 1(bridge_slave_0) entered disabled state
[   88.126862][ T4366] device bridge_slave_0 entered promiscuous mode
[   88.135933][ T4366] bridge0: port 2(bridge_slave_1) entered blocking state
[   88.143574][ T4366] bridge0: port 2(bridge_slave_1) entered disabled state
[   88.151505][ T4366] device bridge_slave_1 entered promiscuous mode
[   88.178275][ T4366] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   88.190478][ T4366] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   88.218486][ T4366] team0: Port device team_slave_0 added
[   88.226435][ T4366] team0: Port device team_slave_1 added
[   88.249511][ T4366] batman_adv: batadv0: Adding interface: batadv_slave_0
[   88.257129][ T4366] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   88.283594][ T4366] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   88.298759][ T4366] batman_adv: batadv0: Adding interface: batadv_slave_1
[   88.305957][ T4366] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   88.332238][ T4366] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   88.360595][   T56] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.394051][ T4366] device hsr_slave_0 entered promiscuous mode
[   88.401468][ T4366] device hsr_slave_1 entered promiscuous mode
[   88.408822][ T4366] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   88.417014][ T4366] Cannot create hsr debugfs directory
[   89.983963][   T48] Bluetooth: hci0: command 0x0409 tx timeout
[   90.704894][   T56] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.796920][   T56] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.649011][ T4366] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   91.661821][ T4366] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   91.684000][   T56] device hsr_slave_0 left promiscuous mode
[   91.690927][   T56] device hsr_slave_1 left promiscuous mode
[   91.700680][   T56] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   91.708696][   T56] batman_adv: batadv0: Removing interface: batadv_slave_0
[   91.720376][   T56] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   91.728262][   T56] batman_adv: batadv0: Removing interface: batadv_slave_1
[   91.738511][   T56] device bridge_slave_1 left promiscuous mode
[   91.746678][   T56] bridge0: port 2(bridge_slave_1) entered disabled state
[   91.761352][   T56] device bridge_slave_0 left promiscuous mode
[   91.769121][   T56] bridge0: port 1(bridge_slave_0) entered disabled state
[   91.801296][   T56] device veth1_macvtap left promiscuous mode
[   91.807841][   T56] device veth0_macvtap left promiscuous mode
[   91.817554][   T56] device veth1_vlan left promiscuous mode
[   91.824181][   T56] device veth0_vlan left promiscuous mode
[   92.065808][   T48] Bluetooth: hci0: command 0x041b tx timeout
[   92.229736][   T56] team0 (unregistering): Port device team_slave_1 removed
[   92.261198][   T56] team0 (unregistering): Port device team_slave_0 removed
[   92.290796][   T56] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   92.322847][   T56] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   92.614491][   T56] bond0 (unregistering): Released all slaves
[   92.673021][ T4366] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   92.683988][ T4366] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   92.775187][ T4366] 8021q: adding VLAN 0 to HW filter on device bond0
[   92.808441][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   92.816742][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   92.827851][ T4366] 8021q: adding VLAN 0 to HW filter on device team0
[   92.843019][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   92.852967][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   92.861619][   T41] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.868840][   T41] bridge0: port 1(bridge_slave_0) entered forwarding state
[   92.877352][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   92.889518][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   92.900481][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   92.910968][   T41] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.918150][   T41] bridge0: port 2(bridge_slave_1) entered forwarding state
[   92.930630][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   92.943936][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   92.964438][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   92.974199][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   92.991830][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   93.000397][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   93.009525][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   93.019289][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   93.028111][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   93.036830][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   93.045462][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   93.056859][ T4366] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   93.323778][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   93.331333][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   93.344365][ T4366] 8021q: adding VLAN 0 to HW filter on device batadv0
[   93.380215][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   93.391396][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   93.429451][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   93.439565][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   93.450309][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   93.458688][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   93.470287][ T4366] device veth0_vlan entered promiscuous mode
[   93.482491][ T4366] device veth1_vlan entered promiscuous mode
[   93.505327][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   93.514212][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   93.524817][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   93.534417][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   93.546041][ T4366] device veth0_macvtap entered promiscuous mode
[   93.558467][ T4366] device veth1_macvtap entered promiscuous mode
[   93.574231][ T4366] batman_adv: batadv0: Interface activated: batadv_slave_0
[   93.581611][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   93.591307][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   93.600320][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   93.609595][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   93.621908][ T4366] batman_adv: batadv0: Interface activated: batadv_slave_1
[   93.629600][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   93.638708][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   93.650582][ T4366] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   93.660366][ T4366] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   93.670942][ T4366] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   93.679990][ T4366] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   93.739560][   T41] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   93.754381][   T41] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.765087][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   93.779946][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
2025/12/01 06:45:22 executed programs: 2
[   93.788523][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.797955][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   93.868452][ T4431] FAULT_INJECTION: forcing a failure.
[   93.868452][ T4431] name failslab, interval 1, probability 0, space 0, times 1
[   93.882523][ T4431] CPU: 1 PID: 4431 Comm: syz.0.17 Not tainted syzkaller #0
[   93.889868][ T4431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   93.899960][ T4431] Call Trace:
[   93.903252][ T4431]  <TASK>
[   93.906189][ T4431]  dump_stack_lvl+0x168/0x22e
[   93.910894][ T4431]  ? show_regs_print_info+0x12/0x12
[   93.916111][ T4431]  ? load_image+0x3b0/0x3b0
[   93.920633][ T4431]  ? __might_sleep+0xd0/0xd0
[   93.925285][ T4431]  ? __lock_acquire+0x7c50/0x7c50
[   93.930324][ T4431]  ? rcu_is_watching+0x11/0xa0
[   93.935107][ T4431]  should_fail_ex+0x399/0x4d0
[   93.939800][ T4431]  should_failslab+0x5/0x20
[   93.944323][ T4431]  slab_pre_alloc_hook+0x59/0x310
[   93.949362][ T4431]  kmem_cache_alloc+0x56/0x2f0
[   93.954135][ T4431]  ? mas_alloc_nodes+0x2ec/0x890
[   93.959089][ T4431]  mas_alloc_nodes+0x2ec/0x890
[   93.963869][ T4431]  mas_preallocate+0x161/0x3c0
[   93.968647][ T4431]  do_mas_align_munmap+0x1f3/0x1220
[   93.973890][ T4431]  ? do_mas_munmap+0x2b0/0x2b0
[   93.978709][ T4431]  ? mtree_range_walk+0x672/0x7b0
[   93.983760][ T4431]  ? mas_walk+0x15f/0x180
[   93.988105][ T4431]  ? mas_find+0x1e8/0x230
[   93.992515][ T4431]  do_mas_munmap+0x240/0x2b0
[   93.997197][ T4431]  do_munmap+0xd2/0x120
[   94.001409][ T4431]  ? do_mas_align_munmap+0x1220/0x1220
[   94.006895][ T4431]  ? clear_vma_resv_huge_pages+0x441/0x510
[   94.012748][ T4431]  ? ksm_madvise+0xab/0x340
[   94.017311][ T4431]  ? mremap_userfaultfd_prep+0x10f/0x1f0
[   94.022975][ T4431]  move_vma+0x8b8/0xc70
[   94.027188][ T4431]  ? vma_expandable+0xf0/0xf0
[   94.031892][ T4431]  ? cap_mmap_addr+0x165/0x2e0
[   94.036681][ T4431]  ? do_mas_align_munmap+0x1220/0x1220
[   94.042156][ T4431]  ? mtree_load+0x90a/0xa40
[   94.046700][ T4431]  ? bpf_lsm_mmap_addr+0x5/0x10
[   94.051577][ T4431]  ? security_mmap_addr+0x6e/0x90
[   94.056618][ T4431]  ? get_unmapped_area+0x30c/0x370
[   94.061747][ T4431]  mremap_to+0x529/0x5d0
[   94.066020][ T4431]  __se_sys_mremap+0x603/0x10f0
[   94.070892][ T4431]  ? kmem_cache_free+0xf7/0x290
[   94.075769][ T4431]  ? do_sys_openat2+0x1fe/0x490
[   94.080637][ T4431]  ? __x64_sys_mremap+0xc0/0xc0
[   94.085599][ T4431]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[   94.091623][ T4431]  ? lock_chain_count+0x20/0x20
[   94.096487][ T4431]  ? lockdep_hardirqs_on+0x94/0x140
[   94.101791][ T4431]  ? __x64_sys_mremap+0x1c/0xc0
[   94.106686][ T4431]  do_syscall_64+0x4c/0xa0
[   94.111124][ T4431]  ? clear_bhb_loop+0x60/0xb0
[   94.115815][ T4431]  ? clear_bhb_loop+0x60/0xb0
[   94.120513][ T4431]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   94.126430][ T4431] RIP: 0033:0x7f52fb38f749
[   94.130887][ T4431] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   94.150603][ T4431] RSP: 002b:00007ffeb94171e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[   94.159038][ T4431] RAX: ffffffffffffffda RBX: 00007f52fb5e5fa0 RCX: 00007f52fb38f749
[   94.167031][ T4431] RDX: 0000000000400000 RSI: 0000000000c00000 RDI: 0000200000000000
[   94.173069][   T48] Bluetooth: hci0: command 0x040f tx timeout
[   94.175008][ T4431] RBP: 00007ffeb9417240 R08: 0000200000c00000 R09: 0000000000000000
[   94.189011][ T4431] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000002
[   94.197000][ T4431] R13: 00007f52fb5e5fa0 R14: 00007f52fb5e5fa0 R15: 0000000000000005
[   94.205003][ T4431]  </TASK>
[   94.250780][ T4432] FAULT_INJECTION: forcing a failure.
[   94.250780][ T4432] name failslab, interval 1, probability 0, space 0, times 0
[   94.264355][ T4432] CPU: 1 PID: 4432 Comm: syz.0.18 Not tainted syzkaller #0
[   94.271613][ T4432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   94.281855][ T4432] Call Trace:
[   94.285144][ T4432]  <TASK>
[   94.288079][ T4432]  dump_stack_lvl+0x168/0x22e
[   94.292781][ T4432]  ? show_regs_print_info+0x12/0x12
[   94.297994][ T4432]  ? load_image+0x3b0/0x3b0
[   94.302521][ T4432]  ? __might_sleep+0xd0/0xd0
[   94.307151][ T4432]  ? __lock_acquire+0x7c50/0x7c50
[   94.312194][ T4432]  ? rcu_is_watching+0x11/0xa0
[   94.316983][ T4432]  should_fail_ex+0x399/0x4d0
[   94.321694][ T4432]  should_failslab+0x5/0x20
[   94.326231][ T4432]  slab_pre_alloc_hook+0x59/0x310
[   94.331285][ T4432]  kmem_cache_alloc+0x56/0x2f0
[   94.336106][ T4432]  ? mas_alloc_nodes+0x2ec/0x890
[   94.341076][ T4432]  mas_alloc_nodes+0x2ec/0x890
[   94.345868][ T4432]  mas_preallocate+0x161/0x3c0
[   94.350659][ T4432]  do_mas_align_munmap+0x1f3/0x1220
[   94.355933][ T4432]  ? do_mas_munmap+0x2b0/0x2b0
[   94.360736][ T4432]  ? mtree_range_walk+0x672/0x7b0
[   94.365806][ T4432]  ? mas_walk+0x15f/0x180
[   94.370190][ T4432]  ? mas_find+0x1e8/0x230
[   94.374543][ T4432]  do_mas_munmap+0x240/0x2b0
[   94.379189][ T4432]  do_munmap+0xd2/0x120
[   94.383390][ T4432]  ? do_mas_align_munmap+0x1220/0x1220
[   94.388931][ T4432]  ? clear_vma_resv_huge_pages+0x441/0x510
[   94.394790][ T4432]  ? ksm_madvise+0xab/0x340
[   94.399320][ T4432]  ? mremap_userfaultfd_prep+0x10f/0x1f0
[   94.404987][ T4432]  move_vma+0x8b8/0xc70
[   94.409183][ T4432]  ? vma_expandable+0xf0/0xf0
[   94.413890][ T4432]  ? cap_mmap_addr+0x165/0x2e0
[   94.418678][ T4432]  ? do_mas_align_munmap+0x1220/0x1220
[   94.424160][ T4432]  ? mtree_load+0x90a/0xa40
[   94.428731][ T4432]  ? bpf_lsm_mmap_addr+0x5/0x10
[   94.433607][ T4432]  ? security_mmap_addr+0x6e/0x90
[   94.438681][ T4432]  ? get_unmapped_area+0x30c/0x370
[   94.443822][ T4432]  mremap_to+0x529/0x5d0
[   94.448107][ T4432]  __se_sys_mremap+0x603/0x10f0
[   94.452997][ T4432]  ? kmem_cache_free+0xf7/0x290
[   94.457876][ T4432]  ? do_sys_openat2+0x1fe/0x490
[   94.462760][ T4432]  ? __x64_sys_mremap+0xc0/0xc0
[   94.467640][ T4432]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[   94.473695][ T4432]  ? lock_chain_count+0x20/0x20
[   94.478577][ T4432]  ? lockdep_hardirqs_on+0x94/0x140
[   94.483802][ T4432]  ? __x64_sys_mremap+0x1c/0xc0
[   94.488681][ T4432]  do_syscall_64+0x4c/0xa0
[   94.493120][ T4432]  ? clear_bhb_loop+0x60/0xb0
[   94.497816][ T4432]  ? clear_bhb_loop+0x60/0xb0
[   94.502517][ T4432]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   94.508437][ T4432] RIP: 0033:0x7f52fb38f749
[   94.512874][ T4432] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   94.532509][ T4432] RSP: 002b:00007ffeb94171e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[   94.540954][ T4432] RAX: ffffffffffffffda RBX: 00007f52fb5e5fa0 RCX: 00007f52fb38f749
[   94.548997][ T4432] RDX: 0000000000400000 RSI: 0000000000c00000 RDI: 0000200000000000
[   94.556999][ T4432] RBP: 00007ffeb9417240 R08: 0000200000c00000 R09: 0000000000000000
[   94.564993][ T4432] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000002
[   94.572993][ T4432] R13: 00007f52fb5e5fa0 R14: 00007f52fb5e5fa0 R15: 0000000000000005
[   94.581032][ T4432]  </TASK>
[   94.629617][ T4434] FAULT_INJECTION: forcing a failure.
[   94.629617][ T4434] name failslab, interval 1, probability 0, space 0, times 0
[   94.645088][ T4434] CPU: 0 PID: 4434 Comm: syz.0.19 Not tainted syzkaller #0
[   94.652379][ T4434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   94.662480][ T4434] Call Trace:
[   94.665801][ T4434]  <TASK>
[   94.668787][ T4434]  dump_stack_lvl+0x168/0x22e
[   94.673527][ T4434]  ? show_regs_print_info+0x12/0x12
[   94.678766][ T4434]  ? load_image+0x3b0/0x3b0
[   94.683303][ T4434]  ? __might_sleep+0xd0/0xd0
[   94.687934][ T4434]  ? __lock_acquire+0x7c50/0x7c50
[   94.692974][ T4434]  ? rcu_is_watching+0x11/0xa0
[   94.697763][ T4434]  should_fail_ex+0x399/0x4d0
[   94.702506][ T4434]  should_failslab+0x5/0x20
[   94.707158][ T4434]  slab_pre_alloc_hook+0x59/0x310
[   94.712211][ T4434]  kmem_cache_alloc+0x56/0x2f0
[   94.717006][ T4434]  ? mas_alloc_nodes+0x2ec/0x890
[   94.721979][ T4434]  mas_alloc_nodes+0x2ec/0x890
[   94.726766][ T4434]  mas_preallocate+0x161/0x3c0
[   94.731658][ T4434]  do_mas_align_munmap+0x1f3/0x1220
[   94.736902][ T4434]  ? do_mas_munmap+0x2b0/0x2b0
[   94.741689][ T4434]  ? mtree_range_walk+0x672/0x7b0
[   94.746741][ T4434]  ? mas_walk+0x15f/0x180
[   94.751126][ T4434]  ? mas_find+0x1e8/0x230
[   94.755487][ T4434]  do_mas_munmap+0x240/0x2b0
[   94.760106][ T4434]  do_munmap+0xd2/0x120
[   94.764286][ T4434]  ? do_mas_align_munmap+0x1220/0x1220
[   94.769773][ T4434]  ? clear_vma_resv_huge_pages+0x441/0x510
[   94.775623][ T4434]  ? ksm_madvise+0xab/0x340
[   94.780155][ T4434]  ? mremap_userfaultfd_prep+0x10f/0x1f0
[   94.785821][ T4434]  move_vma+0x8b8/0xc70
[   94.790015][ T4434]  ? vma_expandable+0xf0/0xf0
[   94.794717][ T4434]  ? cap_mmap_addr+0x165/0x2e0
[   94.799500][ T4434]  ? do_mas_align_munmap+0x1220/0x1220
[   94.804994][ T4434]  ? mtree_load+0x90a/0xa40
[   94.809516][ T4434]  ? bpf_lsm_mmap_addr+0x5/0x10
[   94.814391][ T4434]  ? security_mmap_addr+0x6e/0x90
[   94.819447][ T4434]  ? get_unmapped_area+0x30c/0x370
[   94.824586][ T4434]  mremap_to+0x529/0x5d0
[   94.828864][ T4434]  __se_sys_mremap+0x603/0x10f0
[   94.833742][ T4434]  ? kmem_cache_free+0xf7/0x290
[   94.838634][ T4434]  ? do_sys_openat2+0x1fe/0x490
[   94.843508][ T4434]  ? __x64_sys_mremap+0xc0/0xc0
[   94.848388][ T4434]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[   94.854396][ T4434]  ? lock_chain_count+0x20/0x20
[   94.859302][ T4434]  ? lockdep_hardirqs_on+0x94/0x140
[   94.864662][ T4434]  ? __x64_sys_mremap+0x1c/0xc0
[   94.869542][ T4434]  do_syscall_64+0x4c/0xa0
[   94.873978][ T4434]  ? clear_bhb_loop+0x60/0xb0
[   94.878678][ T4434]  ? clear_bhb_loop+0x60/0xb0
[   94.883399][ T4434]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   94.889324][ T4434] RIP: 0033:0x7f52fb38f749
[   94.893757][ T4434] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   94.913386][ T4434] RSP: 002b:00007ffeb94171e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[   94.921825][ T4434] RAX: ffffffffffffffda RBX: 00007f52fb5e5fa0 RCX: 00007f52fb38f749
[   94.929821][ T4434] RDX: 0000000000400000 RSI: 0000000000c00000 RDI: 0000200000000000
[   94.937850][ T4434] RBP: 00007ffeb9417240 R08: 0000200000c00000 R09: 0000000000000000
[   94.945864][ T4434] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000002
[   94.953856][ T4434] R13: 00007f52fb5e5fa0 R14: 00007f52fb5e5fa0 R15: 0000000000000005
[   94.961885][ T4434]  </TASK>
[   95.005398][ T4435] FAULT_INJECTION: forcing a failure.
[   95.005398][ T4435] name failslab, interval 1, probability 0, space 0, times 0
[   95.018260][ T4435] CPU: 0 PID: 4435 Comm: syz.0.20 Not tainted syzkaller #0
[   95.025507][ T4435] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   95.035602][ T4435] Call Trace:
[   95.038912][ T4435]  <TASK>
[   95.041848][ T4435]  dump_stack_lvl+0x168/0x22e
[   95.046544][ T4435]  ? show_regs_print_info+0x12/0x12
[   95.051759][ T4435]  ? load_image+0x3b0/0x3b0
[   95.056287][ T4435]  ? __might_sleep+0xd0/0xd0
[   95.060899][ T4435]  ? __lock_acquire+0x7c50/0x7c50
[   95.065942][ T4435]  ? rcu_is_watching+0x11/0xa0
[   95.070747][ T4435]  should_fail_ex+0x399/0x4d0
[   95.075465][ T4435]  should_failslab+0x5/0x20
[   95.080016][ T4435]  slab_pre_alloc_hook+0x59/0x310
[   95.085099][ T4435]  kmem_cache_alloc+0x56/0x2f0
[   95.089878][ T4435]  ? mas_alloc_nodes+0x2ec/0x890
[   95.094833][ T4435]  mas_alloc_nodes+0x2ec/0x890
[   95.099635][ T4435]  mas_preallocate+0x161/0x3c0
[   95.104586][ T4435]  do_mas_align_munmap+0x1f3/0x1220
[   95.109837][ T4435]  ? do_mas_munmap+0x2b0/0x2b0
[   95.114640][ T4435]  ? mtree_range_walk+0x672/0x7b0
[   95.119698][ T4435]  ? mas_walk+0x15f/0x180
[   95.124059][ T4435]  ? mas_find+0x1e8/0x230
[   95.128407][ T4435]  do_mas_munmap+0x240/0x2b0
[   95.133066][ T4435]  do_munmap+0xd2/0x120
[   95.137252][ T4435]  ? do_mas_align_munmap+0x1220/0x1220
[   95.142731][ T4435]  ? clear_vma_resv_huge_pages+0x441/0x510
[   95.148555][ T4435]  ? ksm_madvise+0xab/0x340
[   95.153103][ T4435]  ? mremap_userfaultfd_prep+0x10f/0x1f0
[   95.158858][ T4435]  move_vma+0x8b8/0xc70
[   95.163053][ T4435]  ? vma_expandable+0xf0/0xf0
[   95.167746][ T4435]  ? cap_mmap_addr+0x165/0x2e0
[   95.172529][ T4435]  ? do_mas_align_munmap+0x1220/0x1220
[   95.178029][ T4435]  ? mtree_load+0x90a/0xa40
[   95.182562][ T4435]  ? bpf_lsm_mmap_addr+0x5/0x10
[   95.187460][ T4435]  ? security_mmap_addr+0x6e/0x90
[   95.192527][ T4435]  ? get_unmapped_area+0x30c/0x370
[   95.197687][ T4435]  mremap_to+0x529/0x5d0
[   95.201956][ T4435]  __se_sys_mremap+0x603/0x10f0
[   95.206833][ T4435]  ? kmem_cache_free+0xf7/0x290
[   95.211703][ T4435]  ? do_sys_openat2+0x1fe/0x490
[   95.216577][ T4435]  ? __x64_sys_mremap+0xc0/0xc0
[   95.221446][ T4435]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[   95.227449][ T4435]  ? lock_chain_count+0x20/0x20
[   95.232323][ T4435]  ? lockdep_hardirqs_on+0x94/0x140
[   95.237543][ T4435]  ? __x64_sys_mremap+0x1c/0xc0
[   95.242412][ T4435]  do_syscall_64+0x4c/0xa0
[   95.246850][ T4435]  ? clear_bhb_loop+0x60/0xb0
[   95.251537][ T4435]  ? clear_bhb_loop+0x60/0xb0
[   95.256232][ T4435]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   95.262140][ T4435] RIP: 0033:0x7f52fb38f749
[   95.266568][ T4435] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   95.286190][ T4435] RSP: 002b:00007ffeb94171e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[   95.294629][ T4435] RAX: ffffffffffffffda RBX: 00007f52fb5e5fa0 RCX: 00007f52fb38f749
[   95.302642][ T4435] RDX: 0000000000400000 RSI: 0000000000c00000 RDI: 0000200000000000
[   95.310650][ T4435] RBP: 00007ffeb9417240 R08: 0000200000c00000 R09: 0000000000000000
[   95.318644][ T4435] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000002
[   95.326633][ T4435] R13: 00007f52fb5e5fa0 R14: 00007f52fb5e5fa0 R15: 0000000000000005
[   95.334639][ T4435]  </TASK>
[   95.368848][ T4436] FAULT_INJECTION: forcing a failure.
[   95.368848][ T4436] name failslab, interval 1, probability 0, space 0, times 0
[   95.399733][ T4436] CPU: 0 PID: 4436 Comm: syz.0.21 Not tainted syzkaller #0
[   95.407022][ T4436] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   95.417118][ T4436] Call Trace:
[   95.420432][ T4436]  <TASK>
[   95.423438][ T4436]  dump_stack_lvl+0x168/0x22e
[   95.428150][ T4436]  ? show_regs_print_info+0x12/0x12
[   95.433456][ T4436]  ? load_image+0x3b0/0x3b0
[   95.437991][ T4436]  ? __might_sleep+0xd0/0xd0
[   95.442607][ T4436]  ? __lock_acquire+0x7c50/0x7c50
[   95.447663][ T4436]  ? rcu_is_watching+0x11/0xa0
[   95.452457][ T4436]  should_fail_ex+0x399/0x4d0
[   95.457166][ T4436]  should_failslab+0x5/0x20
[   95.461697][ T4436]  slab_pre_alloc_hook+0x59/0x310
[   95.466742][ T4436]  kmem_cache_alloc+0x56/0x2f0
[   95.471526][ T4436]  ? mas_alloc_nodes+0x2ec/0x890
[   95.476500][ T4436]  mas_alloc_nodes+0x2ec/0x890
[   95.481287][ T4436]  mas_preallocate+0x161/0x3c0
[   95.486098][ T4436]  do_mas_align_munmap+0x1f3/0x1220
[   95.491332][ T4436]  ? do_mas_munmap+0x2b0/0x2b0
[   95.496145][ T4436]  ? mtree_range_walk+0x672/0x7b0
[   95.501200][ T4436]  ? mas_walk+0x15f/0x180
[   95.505564][ T4436]  ? mas_find+0x1e8/0x230
[   95.509919][ T4436]  do_mas_munmap+0x240/0x2b0
[   95.514545][ T4436]  do_munmap+0xd2/0x120
[   95.518725][ T4436]  ? do_mas_align_munmap+0x1220/0x1220
[   95.524212][ T4436]  ? clear_vma_resv_huge_pages+0x441/0x510
[   95.530053][ T4436]  ? ksm_madvise+0xab/0x340
[   95.534582][ T4436]  ? mremap_userfaultfd_prep+0x10f/0x1f0
[   95.540243][ T4436]  move_vma+0x8b8/0xc70
[   95.544431][ T4436]  ? vma_expandable+0xf0/0xf0
[   95.549131][ T4436]  ? cap_mmap_addr+0x165/0x2e0
[   95.553910][ T4436]  ? do_mas_align_munmap+0x1220/0x1220
[   95.559396][ T4436]  ? mtree_load+0x90a/0xa40
[   95.563917][ T4436]  ? bpf_lsm_mmap_addr+0x5/0x10
[   95.568797][ T4436]  ? security_mmap_addr+0x6e/0x90
[   95.573846][ T4436]  ? get_unmapped_area+0x30c/0x370
[   95.579023][ T4436]  mremap_to+0x529/0x5d0
[   95.583340][ T4436]  __se_sys_mremap+0x603/0x10f0
[   95.588237][ T4436]  ? kmem_cache_free+0xf7/0x290
[   95.593137][ T4436]  ? do_sys_openat2+0x1fe/0x490
[   95.598016][ T4436]  ? __x64_sys_mremap+0xc0/0xc0
[   95.602900][ T4436]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[   95.608900][ T4436]  ? lock_chain_count+0x20/0x20
[   95.613774][ T4436]  ? lockdep_hardirqs_on+0x94/0x140
[   95.618996][ T4436]  ? __x64_sys_mremap+0x1c/0xc0
[   95.623871][ T4436]  do_syscall_64+0x4c/0xa0
[   95.628305][ T4436]  ? clear_bhb_loop+0x60/0xb0
[   95.633026][ T4436]  ? clear_bhb_loop+0x60/0xb0
[   95.637742][ T4436]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   95.643747][ T4436] RIP: 0033:0x7f52fb38f749
[   95.648184][ T4436] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   95.667843][ T4436] RSP: 002b:00007ffeb94171e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[   95.676288][ T4436] RAX: ffffffffffffffda RBX: 00007f52fb5e5fa0 RCX: 00007f52fb38f749
[   95.684287][ T4436] RDX: 0000000000400000 RSI: 0000000000c00000 RDI: 0000200000000000
[   95.692287][ T4436] RBP: 00007ffeb9417240 R08: 0000200000c00000 R09: 0000000000000000
[   95.700286][ T4436] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000002
[   95.708279][ T4436] R13: 00007f52fb5e5fa0 R14: 00007f52fb5e5fa0 R15: 0000000000000005
[   95.716286][ T4436]  </TASK>
[   95.757055][ T4437] FAULT_INJECTION: forcing a failure.
[   95.757055][ T4437] name failslab, interval 1, probability 0, space 0, times 0
[   95.771167][ T4437] CPU: 0 PID: 4437 Comm: syz.0.22 Not tainted syzkaller #0
[   95.778427][ T4437] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   95.788532][ T4437] Call Trace:
[   95.791854][ T4437]  <TASK>
[   95.794827][ T4437]  dump_stack_lvl+0x168/0x22e
[   95.799554][ T4437]  ? show_regs_print_info+0x12/0x12
[   95.804807][ T4437]  ? load_image+0x3b0/0x3b0
[   95.809340][ T4437]  ? __might_sleep+0xd0/0xd0
[   95.813962][ T4437]  ? __lock_acquire+0x7c50/0x7c50
[   95.819044][ T4437]  should_fail_ex+0x399/0x4d0
[   95.823786][ T4437]  should_failslab+0x5/0x20
[   95.828448][ T4437]  slab_pre_alloc_hook+0x59/0x310
[   95.833550][ T4437]  kmem_cache_alloc+0x56/0x2f0
[   95.838356][ T4437]  ? mas_alloc_nodes+0x2ec/0x890
[   95.843337][ T4437]  mas_alloc_nodes+0x2ec/0x890
[   95.848148][ T4437]  mas_preallocate+0x161/0x3c0
[   95.852955][ T4437]  vma_link+0xca/0x280
[   95.857076][ T4437]  ? __lock_acquire+0x7c50/0x7c50
[   95.862169][ T4437]  ? insert_vm_struct+0x3e0/0x3e0
[   95.867264][ T4437]  ? hugetlb_vm_op_open+0x23c/0x540
[   95.872511][ T4437]  ? hugetlb_unshare_pmds+0xca0/0xca0
[   95.877921][ T4437]  copy_vma+0x5e1/0x770
[   95.882113][ T4437]  ? vma_link+0x280/0x280
[   95.886472][ T4437]  ? mtree_load+0xeb/0xa40
[   95.890907][ T4437]  ? ksm_madvise+0xab/0x340
[   95.895442][ T4437]  move_vma+0x49b/0xc70
[   95.899630][ T4437]  ? vma_expandable+0xf0/0xf0
[   95.904343][ T4437]  ? cap_mmap_addr+0x165/0x2e0
[   95.909130][ T4437]  ? do_mas_align_munmap+0x1220/0x1220
[   95.914616][ T4437]  ? mtree_load+0x90a/0xa40
[   95.919140][ T4437]  ? bpf_lsm_mmap_addr+0x5/0x10
[   95.924013][ T4437]  ? security_mmap_addr+0x6e/0x90
[   95.929094][ T4437]  ? get_unmapped_area+0x30c/0x370
[   95.934248][ T4437]  mremap_to+0x529/0x5d0
[   95.938548][ T4437]  __se_sys_mremap+0x603/0x10f0
[   95.943518][ T4437]  ? kmem_cache_free+0xf7/0x290
[   95.948401][ T4437]  ? do_sys_openat2+0x1fe/0x490
[   95.953273][ T4437]  ? __x64_sys_mremap+0xc0/0xc0
[   95.958154][ T4437]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[   95.964244][ T4437]  ? lock_chain_count+0x20/0x20
[   95.969116][ T4437]  ? lockdep_hardirqs_on+0x94/0x140
[   95.974333][ T4437]  ? __x64_sys_mremap+0x1c/0xc0
[   95.979220][ T4437]  do_syscall_64+0x4c/0xa0
[   95.983647][ T4437]  ? clear_bhb_loop+0x60/0xb0
[   95.988340][ T4437]  ? clear_bhb_loop+0x60/0xb0
[   95.993029][ T4437]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   95.998938][ T4437] RIP: 0033:0x7f52fb38f749
[   96.003365][ T4437] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   96.022990][ T4437] RSP: 002b:00007ffeb94171e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[   96.031422][ T4437] RAX: ffffffffffffffda RBX: 00007f52fb5e5fa0 RCX: 00007f52fb38f749
[   96.039405][ T4437] RDX: 0000000000400000 RSI: 0000000000c00000 RDI: 0000200000000000
[   96.047421][ T4437] RBP: 00007ffeb9417240 R08: 0000200000c00000 R09: 0000000000000000
[   96.055415][ T4437] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000002
[   96.063493][ T4437] R13: 00007f52fb5e5fa0 R14: 00007f52fb5e5fa0 R15: 0000000000000005
[   96.071502][ T4437]  </TASK>
[   96.093718][ T4437] ------------[ cut here ]------------
[   96.099269][ T4437] page_counter underflow: -1024 nr_pages=1024
[   96.143501][ T4437] WARNING: CPU: 1 PID: 4437 at mm/page_counter.c:56 page_counter_uncharge+0xee/0x110
[   96.153154][ T4437] Modules linked in:
[   96.157090][ T4437] CPU: 1 PID: 4437 Comm: syz.0.22 Not tainted syzkaller #0
[   96.164406][ T4437] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   96.174611][ T4437] RIP: 0010:page_counter_uncharge+0xee/0x110
[   96.180705][ T4437] Code: 74 2f e8 05 ad a9 ff e9 5d ff ff ff e8 fb ac a9 ff c6 05 aa dc 33 0c 01 48 c7 c7 40 4a 98 8a 4c 89 fe 48 89 da e8 c2 d1 75 ff <0f> 0b e9 74 ff ff ff e8 d6 ac a9 ff eb 05 e8 cf ac a9 ff 5b 41 5c
[   96.200459][ T4437] RSP: 0018:ffffc900040c79c0 EFLAGS: 00010246
[   96.206654][ T4437] RAX: 8a20ac9aeb7b4e00 RBX: 0000000000000400 RCX: ffff88801a7ed940
[   96.214778][ T4437] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000002
[   96.222900][ T4437] RBP: ffff88805c481d20 R08: dffffc0000000000 R09: fffff52000818ec9
[   96.230917][ T4437] R10: fffff52000818ec9 R11: 1ffff92000818ec8 R12: dffffc0000000000
[   96.232682][   T48] Bluetooth: hci0: command 0x0419 tx timeout
[   96.238986][ T4437] R13: fffffffffffffc00 R14: ffff88807df50380 R15: fffffffffffffc00
[   96.253083][ T4437] FS:  0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[   96.262063][ T4437] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   96.268741][ T4437] CR2: 000000c008318000 CR3: 000000007e23d000 CR4: 00000000003506e0
[   96.276826][ T4437] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   96.284885][ T4437] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   96.292939][ T4437] Call Trace:
[   96.296244][ T4437]  <TASK>
[   96.299189][ T4437]  hugetlb_cgroup_uncharge_counter+0xc3/0x120
[   96.305352][ T4437]  hugetlb_vm_op_close+0x550/0x930
[   96.310512][ T4437]  ? hugetlb_vm_op_open+0x540/0x540
[   96.315831][ T4437]  vma_close+0x6b/0xa0
[   96.319948][ T4437]  exit_mmap+0x3e8/0x8e0
[   96.324283][ T4437]  ? vm_brk+0x20/0x20
[   96.328309][ T4437]  ? __mutex_unlock_slowpath+0x19e/0x6a0
[   96.334069][ T4437]  ? exit_mm+0x1d6/0x2c0
[   96.338366][ T4437]  ? uprobe_clear_state+0x274/0x290
[   96.343662][ T4437]  ? mm_update_next_owner+0x525/0x650
[   96.349092][ T4437]  __mmput+0x118/0x3c0
[   96.353256][ T4437]  exit_mm+0x1e6/0x2c0
[   96.357378][ T4437]  ? do_exit+0x2400/0x2400
[   96.361816][ T4437]  ? taskstats_exit+0x35a/0x9d0
[   96.366834][ T4437]  do_exit+0x8c1/0x2400
[   96.371062][ T4437]  ? put_task_struct+0x80/0x80
[   96.375957][ T4437]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[   96.382008][ T4437]  ? lock_chain_count+0x20/0x20
[   96.386958][ T4437]  ? _raw_spin_lock_irq+0xab/0xe0
[   96.392034][ T4437]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[   96.397506][ T4437]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[   96.403611][ T4437]  ? _raw_spin_unlock_irq+0x1f/0x40
[   96.408874][ T4437]  ? lockdep_hardirqs_on+0x94/0x140
[   96.414160][ T4437]  do_group_exit+0x217/0x2d0
[   96.418800][ T4437]  __x64_sys_exit_group+0x3b/0x40
[   96.423966][ T4437]  do_syscall_64+0x4c/0xa0
[   96.428423][ T4437]  ? clear_bhb_loop+0x60/0xb0
[   96.433191][ T4437]  ? clear_bhb_loop+0x60/0xb0
[   96.437930][ T4437]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   96.443894][ T4437] RIP: 0033:0x7f52fb38f749
[   96.448340][ T4437] Code: Unable to access opcode bytes at 0x7f52fb38f71f.
[   96.455444][ T4437] RSP: 002b:00007ffeb9417498 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[   96.463959][ T4437] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f52fb38f749
[   96.471952][ T4437] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000
[   96.480008][ T4437] RBP: 00007ffeb94174fc R08: 00000002b941758f R09: 00000000000927c0
[   96.488057][ T4437] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000005
[   96.496664][ T4437] R13: 00000000000927c0 R14: 00000000000175c3 R15: 00007ffeb9417550
[   96.504787][ T4437]  </TASK>
[   96.507865][ T4437] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   96.515176][ T4437] CPU: 1 PID: 4437 Comm: syz.0.22 Not tainted syzkaller #0
[   96.522388][ T4437] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   96.532464][ T4437] Call Trace:
[   96.535765][ T4437]  <TASK>
[   96.538713][ T4437]  dump_stack_lvl+0x168/0x22e
[   96.543509][ T4437]  ? memcpy+0x3c/0x60
[   96.547524][ T4437]  ? show_regs_print_info+0x12/0x12
[   96.552749][ T4437]  ? load_image+0x3b0/0x3b0
[   96.557315][ T4437]  panic+0x2c9/0x710
[   96.561248][ T4437]  ? bpf_jit_dump+0xd0/0xd0
[   96.565799][ T4437]  __warn+0x2f8/0x4f0
[   96.569824][ T4437]  ? page_counter_uncharge+0xee/0x110
[   96.575230][ T4437]  ? page_counter_uncharge+0xee/0x110
[   96.580668][ T4437]  report_bug+0x2ba/0x4f0
[   96.585025][ T4437]  ? page_counter_uncharge+0xee/0x110
[   96.590423][ T4437]  handle_bug+0x3a/0x70
[   96.594601][ T4437]  exc_invalid_op+0x16/0x40
[   96.599158][ T4437]  asm_exc_invalid_op+0x16/0x20
[   96.604029][ T4437] RIP: 0010:page_counter_uncharge+0xee/0x110
[   96.610029][ T4437] Code: 74 2f e8 05 ad a9 ff e9 5d ff ff ff e8 fb ac a9 ff c6 05 aa dc 33 0c 01 48 c7 c7 40 4a 98 8a 4c 89 fe 48 89 da e8 c2 d1 75 ff <0f> 0b e9 74 ff ff ff e8 d6 ac a9 ff eb 05 e8 cf ac a9 ff 5b 41 5c
[   96.629656][ T4437] RSP: 0018:ffffc900040c79c0 EFLAGS: 00010246
[   96.635746][ T4437] RAX: 8a20ac9aeb7b4e00 RBX: 0000000000000400 RCX: ffff88801a7ed940
[   96.643739][ T4437] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000002
[   96.651729][ T4437] RBP: ffff88805c481d20 R08: dffffc0000000000 R09: fffff52000818ec9
[   96.659748][ T4437] R10: fffff52000818ec9 R11: 1ffff92000818ec8 R12: dffffc0000000000
[   96.667745][ T4437] R13: fffffffffffffc00 R14: ffff88807df50380 R15: fffffffffffffc00
[   96.675753][ T4437]  hugetlb_cgroup_uncharge_counter+0xc3/0x120
[   96.681851][ T4437]  hugetlb_vm_op_close+0x550/0x930
[   96.687001][ T4437]  ? hugetlb_vm_op_open+0x540/0x540
[   96.692223][ T4437]  vma_close+0x6b/0xa0
[   96.696324][ T4437]  exit_mmap+0x3e8/0x8e0
[   96.700606][ T4437]  ? vm_brk+0x20/0x20
[   96.704614][ T4437]  ? __mutex_unlock_slowpath+0x19e/0x6a0
[   96.710283][ T4437]  ? exit_mm+0x1d6/0x2c0
[   96.714566][ T4437]  ? uprobe_clear_state+0x274/0x290
[   96.719812][ T4437]  ? mm_update_next_owner+0x525/0x650
[   96.725218][ T4437]  __mmput+0x118/0x3c0
[   96.729310][ T4437]  exit_mm+0x1e6/0x2c0
[   96.733410][ T4437]  ? do_exit+0x2400/0x2400
[   96.737872][ T4437]  ? taskstats_exit+0x35a/0x9d0
[   96.742752][ T4437]  do_exit+0x8c1/0x2400
[   96.746943][ T4437]  ? put_task_struct+0x80/0x80
[   96.751735][ T4437]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[   96.757746][ T4437]  ? lock_chain_count+0x20/0x20
[   96.762618][ T4437]  ? _raw_spin_lock_irq+0xab/0xe0
[   96.767705][ T4437]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[   96.773104][ T4437]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[   96.779113][ T4437]  ? _raw_spin_unlock_irq+0x1f/0x40
[   96.784888][ T4437]  ? lockdep_hardirqs_on+0x94/0x140
[   96.790121][ T4437]  do_group_exit+0x217/0x2d0
[   96.794744][ T4437]  __x64_sys_exit_group+0x3b/0x40
[   96.799799][ T4437]  do_syscall_64+0x4c/0xa0
[   96.804272][ T4437]  ? clear_bhb_loop+0x60/0xb0
[   96.808973][ T4437]  ? clear_bhb_loop+0x60/0xb0
[   96.813671][ T4437]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   96.819586][ T4437] RIP: 0033:0x7f52fb38f749
[   96.824032][ T4437] Code: Unable to access opcode bytes at 0x7f52fb38f71f.
[   96.831066][ T4437] RSP: 002b:00007ffeb9417498 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[   96.839500][ T4437] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f52fb38f749
[   96.847558][ T4437] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000
[   96.855583][ T4437] RBP: 00007ffeb94174fc R08: 00000002b941758f R09: 00000000000927c0
[   96.863582][ T4437] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000005
[   96.871693][ T4437] R13: 00000000000927c0 R14: 00000000000175c3 R15: 00007ffeb9417550
[   96.879701][ T4437]  </TASK>
[   96.883067][ T4437] Kernel Offset: disabled
[   96.887513][ T4437] Rebooting in 86400 seconds..