last executing test programs:

12m16.354184754s ago: executing program 0 (id=2942):
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/all/addr_gen_mode\x00', 0xa0202, 0x0)
r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000580)='/sys/power/disk\x00', 0xc0082, 0x0)
write$auto(r1, &(0x7f0000000340)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,D\xbf&\x9eb|\n\xee\xa1Y\x94V[8\x04c\xdf:]\xd9\x94&\x81\xe2\x13\x8f\xea#\xf8F\xbb\xbb\xf9\xcdz\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x1d\x88mr\xfd\xf1\x1b;\xabt\xd1a}\x10\xab\xeb_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:kJr\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL\x15/\xf9\'\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\aA\xe9(\x00\x00\x00\x00\x00N\xb5J\xc8A\xc7m\xbf\x19\xae\x9d\xcaR\x0f\xa8\xdf\xe4M\xe1>k\x93\x01\xe5\xba(\x96K\xc1=d3\xe00u\"`]\xb3\x11a\x1cSn\xe7\x87\x84\x93\xe4\x90]\x86\x10\xe5\xacK\x99\xc1$\x91\x05\x00\x00\x00O\x01xc\xa8\x9a\x1bK\x00\x00\xf6\xa2\x8a\x7f4\f[BLH$6\xfb,\xd8\xd3\xd0\x8b\xb3yA.\xb4\xbc\td\x9d\\\xd0\xff\xd2Y\xc4\x9fT\xb2\xd5\r\xf1#\xd5\xf2\x9cU\xd1:+\xb63\xae\xc1\xf7\xe1\xd4\x879?\xdd\xd6\xd4\xa3\xc7\xd8 S\xfc:\xe1{\x16\\h\x9d\xbc#KEC\x1a\xf9KH`\x82e:_\x9b\xf1\xc1\x8e\xf0\xc46\x98\xd6u\x90\x18\x8f\xe8\xc3%\x8e9\xab\x7f\x0e\n\xb2\xa4\xef\x90\xb16\x04\xbc\xc9\xdc\xad,\xcc\xad}DY\x1d\x1fv\x90\x97u\xa1\xfb\x13\xa93\xb6XJ\x84\xe3\xc1)\x98\xae5q\xa5L\x87\x1aq\x1d0\xf1\xcb\xe5\xf4F!*\xf9\xb3,w\"\xf2\xd0\xd1Vj\xd0\x06\xcc\xbc\xee0\x98.\xd9dC\x8e9\xfdM\\\xc5&\\\x9b\x81\x88t\xa4\x9f\xd1P\xd2e\x9c\xf9\xd2\xaf\x00\x00\x00\x00\x00\x00\x00 \x00'/478, 0x8000000000b)
mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f00000001c0)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x5, 0x0)
fchown$auto(0xffffffffffffffff, 0xff, 0x5)
fcntl$auto(0xffffffffffffffff, 0x4, 0xfffffffffffffff9)
socket(0xa, 0x5, 0x84)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
r2 = ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, 0xffffffffffffffff)
ioctl$auto_FS_IOC_GET_ENCRYPTION_KEY_STATUS(0xffffffffffffffff, 0xc080661a, &(0x7f0000000180)={{0x3, 0x0, @descriptor="5a9bfa7be934770b"}, '\x00', 0x8, 0x4, 0xb})
openat$auto_set_tracer_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/current_tracer\x00', 0x41, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xa140, 0x0)
ioctl$auto_BLKTRACESETUP32(r2, 0xc0401273, 0x0)
r3 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/oom_adj\x00', 0x8300, 0x0)
read$auto(r3, 0x0, 0x1f40)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x8002, 0x0)
socket(0x10, 0x2, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, 0x0, 0x400, 0x70bd2c, 0x25dfdffb, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x10001}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24008054}, 0x40)
sendmsg$auto_TCP_METRICS_CMD_GET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x0, 0x1, 0x70bd2d, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='Z'], 0x1ac}}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x0, 0x0)
ioctl$auto_TCFLSH2(r4, 0x5453, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x2, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)

12m14.68343966s ago: executing program 0 (id=2937):
r0 = openat$auto_vsock_device_ops_af_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x141000, 0x0)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
setresuid$auto(0xffffffffffffffff, 0x0, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r2 = prctl$auto(0x38, 0xfffffffffffffffd, 0x0, 0x5, 0x5)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003f2, 0x15)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000001c0), r3)
sendmsg$auto_ETHTOOL_MSG_PLCA_GET_STATUS(r3, &(0x7f0000004b00)={0x0, 0x0, &(0x7f0000004ac0)={&(0x7f0000000040)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002dbd7000fcdbdf2529000000180001801400020067656e65766531000000000000000000"], 0x2c}}, 0x60000040)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r2, 0x0, 0x1)
madvise$auto(0x0, 0x200007, 0x19)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x20000, 0x0)
r5 = openat$auto_userio_fops_userio(0xffffffffffffff9c, &(0x7f0000000180), 0x8c00, 0x0)
read$auto(r5, 0x0, 0x9)
mmap$auto(0x20000000000, 0x1000000020009, 0x40, 0xeb1, r2, 0x9)
mmap$auto(0x0, 0x400008, 0xdf, 0x4000000000009b72, 0x2, 0x8000)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000400)='/proc/sys/net/ipv4/tcp_available_congestion_control\x00', 0x0, 0x0)
bpf$auto(0x0, 0x0, 0x4f4)
openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000002040)='/dev/snd/pcmC1D1c\x00', 0x80, 0x0)
r6 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0)
write$auto(r6, 0x0, 0x100000a3d9)
select$auto(0x10, 0x0, 0x0, &(0x7f0000000140)={[0x1ff, 0x4, 0x3f, 0x5, 0x2000000000948b, 0x3, 0x800295f4da0a, 0x2, 0x3, 0x62, 0x80000001, 0x50a7, 0x6d3f, 0x9, 0x3, 0xfffffffffffffffe]}, 0x0)
ioctl$auto(0x3, 0x40, r0)

12m13.526773878s ago: executing program 0 (id=2940):
openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/bluetooth/hci0/force_devcoredump\x00', 0x2, 0x0)
writev$auto(0x3, &(0x7f00000002c0)={0x0, 0x7111}, 0x8)
socket$nl_generic(0x10, 0x3, 0x10)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3)
unshare$auto(0x40000080)
r0 = waitid$auto_P_PID(0x1, 0xffffffffffffffff, 0x0, 0x7, 0x0)
sched_getattr$auto(r0, &(0x7f0000000000)={0xcf86, 0x6, 0x2, 0x200, 0x7, 0xb, 0x6, 0xfffffffffffffff8, 0x8, 0x90}, 0x68, 0xfffffffe)
setsockopt$auto(0xffffffffffffffff, 0xa6a, 0x4, 0x0, 0x0)
fcntl$auto_F_SET_RW_HINT(0xffffffffffffffff, 0x40c, 0x4)
adjtimex$auto(0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
write$auto(0xffffffffffffffff, &(0x7f0000000080)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94&\x81\xe2\x13\x8f\xea#\xf8F\xbbOO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\b\xc1\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(', 0xa)
r1 = getpid()
process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0x1002}, 0x3, &(0x7f0000000280)={&(0x7f00000001c0)="bb663528c996885eb25e8ff1e0a150d354b956c1da2221bb7e30f83b3343aded82b9b5dc1e99db6741cd77caa71904f961b76199db09e6e614ee960e433e92e6c2ba1b867283439df26206b34cbd3b0bb55a75dfcd32e12eff499b3b465d1e51542df8f29fde15b1b568d2955522e53cf91cb5623ad29a8d9252bbc03c1f2b252ecee72f51c822d272d582e83d88c4911103", 0x1}, 0x7, 0x0)
close_range$auto(0x2, 0xffffffffffffffff, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20b42, 0x0)
r2 = socket(0x23, 0x5, 0x1)
setsockopt$auto(r2, 0x65, 0x1, 0x0, 0x800)
syz_genetlink_get_family_id$auto_net_shaper(0x0, 0xffffffffffffffff)
socket(0x10, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'vxcan1\x00'})
bind$auto(0x3, &(0x7f0000000040)=@qipcrtr={0x2a, 0x3, 0x7fff}, 0x68)
bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, 0x0, 0xfd}, 0x6a)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
futex_waitv$auto(&(0x7f0000000180)={0x3fb, 0x6, 0x2, 0xfff}, 0x3, 0xbffffffc, 0x0, 0x81)
close_range$auto(0x2, 0x8, 0x0)
r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000300)='/dev/nbd4\x00', 0x101843, 0x0)
ioctl$auto_HDIO_GETGEO(r3, 0x301, &(0x7f0000000380))
socket(0x2, 0x80802, 0x0)

12m12.780013445s ago: executing program 0 (id=2945):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = fanotify_init$auto(0x5, 0x0) (async)
creat$auto(&(0x7f0000000000)='./file0\x00', 0x3ff)
socket(0xa, 0x2, 0x0)
socket(0xa, 0x5, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x18, 0x4, 0x1) (async)
setsockopt$auto(0x7, 0x111, 0x100006, 0x0, 0x8)
r1 = openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000000600), 0x142, 0x0)
writev$auto(r1, &(0x7f0000000c00)={0x0, 0x7}, 0x4) (async)
fanotify_mark$auto(r0, 0x205, 0xa, 0x4, 0x0) (async)
r2 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000280)='/dev/input/event0\x00', 0x0, 0x0)
ioctl$auto_EVIOCGVERSION(r2, 0x80044501, &(0x7f0000000240)=0xb20) (async, rerun: 64)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) (async, rerun: 64)
r3 = open(0x0, 0xcd1e23e41b02d660, 0x154) (async, rerun: 64)
r4 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/011/001\x00', 0x2, 0x0) (rerun: 64)
read$auto(r4, &(0x7f0000000100)='/dev/bus/usb/011/001\x00', 0x7f) (async)
execveat$auto(r3, &(0x7f0000000200)='\x00', 0x0, 0x0, 0x11000)

12m11.505199725s ago: executing program 0 (id=2950):
mmap$auto(0x0, 0x420009, 0xfff, 0xeb1, 0x401, 0x7ffd)
bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x19, 0x4, 0x4, 0x880b, 0x8, 0xd, 0x66b, 0x4, 0x7ff}, 0x6f4) (async)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0)
mmap$auto(0x0, 0x810004, 0x400000000ffb, 0x8000000008011, 0x3, 0x8000) (async)
sendmsg$auto_NL80211_CMD_GET_STATION(0xffffffffffffffff, 0x0, 0x8000) (async)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) (async)
socket(0xa, 0x1, 0xfffffeff) (async)
r1 = openat$auto_stats_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000004680), 0xffffffffffffffff)
sendmsg$auto_OVS_VPORT_CMD_DEL(r2, &(0x7f00000049c0)={0x0, 0x0, &(0x7f0000004980)={&(0x7f0000000400)=ANY=[@ANYBLOB="2c000000aba801a4c38babd5a7e33330af6c3a6a1d2077118a873990f096fab3ebe99f88f359134e4fe94cfc407df16ad6f3e3dc86c743d5e2416c3a37268e5d27583982924f60f750ba510d98797c9a580a7410b4f47944a36706139f44cf0f8dbd63e3c7f1d854b1cdfdee28a94856062c3d7a77325ef5932461dac7eec90f57102edd991cfd2033a999d31ec1ae3b09a9fb00f68a3bfa9700a041395aed76d17364f1f0a3b43c3cdd320a97a1e161e83b47394c8d413dcb8f5858fb420bd25c00b7c892a3f49a5fa5860d57f9246779c66cc47e", @ANYRES16=r3, @ANYBLOB="010026bd7000fcdbdf2502000000100004800c000880080021000a0000000800020000000000"], 0x2c}, 0x1, 0x0, 0x0, 0x40040801}, 0x44000) (async)
setresuid$auto(0x8, 0x8, 0x0) (async)
setfsuid$auto(0x0) (async)
r4 = socket(0x1d, 0x2, 0x7)
getsockopt$auto(r4, 0x6b, 0xdc5a, 0xfffffffffffffffe, 0x0) (async)
r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x20000, 0x0)
ioctl$auto_TIOCEXCL2(r5, 0x540c, 0x0) (async)
timer_settime$auto(0xcd6, 0x5, &(0x7f00000002c0)={{0x40000000000026b, 0x4}, {0xfffffffffffffffe, 0x200000000083}}, 0x0) (async)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x20000, 0x0) (async)
r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/zram0/reset\x00', 0xa001, 0x0)
write$auto(r6, &(0x7f0000000040)='7\x00\\\xa0\x01\x00\x01\x00\a\x00\x00\x00\xc7k', 0x81) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
bpf$auto(0x5, &(0x7f0000000100)=@task_fd_query={0x2, 0x2, 0x4, 0x0, 0xd, 0x9, 0x9, 0x6, 0x7fff}, 0x3b) (async)
pread64$auto(r1, 0x0, 0x2, 0x3)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async)
write$auto(r0, &(0x7f0000000340)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\x97U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) (async)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) (async)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x181500, 0x0) (async)
sched_setattr$auto(0x0, 0x0, 0x7b) (async)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)

12m4.864696173s ago: executing program 0 (id=2967):
openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, 0x0, 0x4104c0, 0x0)
r0 = io_uring_setup$auto(0x6, 0x0)
r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001d00), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r3=>0x0})
sendmsg$auto_ETHTOOL_MSG_RINGS_SET(r2, &(0x7f0000001dc0)={0x0, 0x0, &(0x7f0000001d80)={&(0x7f0000000000)={0x28, r1, 0x1, 0x70bd3b, 0x25dfdbff, {}, [@ETHTOOL_A_RINGS_RX_MINI={0x8, 0x7, 0x7}, @ETHTOOL_A_RINGS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x40010}, 0x80000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/can/rcvlist_sff\x00', 0x309200, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
madvise$auto(0x0, 0xfffffffffffefffd, 0x1)
ioctl$auto_KVM_HAS_DEVICE_ATTR(r0, 0x4018aee3, 0x0)

11m49.669847632s ago: executing program 32 (id=2967):
openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, 0x0, 0x4104c0, 0x0)
r0 = io_uring_setup$auto(0x6, 0x0)
r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001d00), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r3=>0x0})
sendmsg$auto_ETHTOOL_MSG_RINGS_SET(r2, &(0x7f0000001dc0)={0x0, 0x0, &(0x7f0000001d80)={&(0x7f0000000000)={0x28, r1, 0x1, 0x70bd3b, 0x25dfdbff, {}, [@ETHTOOL_A_RINGS_RX_MINI={0x8, 0x7, 0x7}, @ETHTOOL_A_RINGS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x40010}, 0x80000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/can/rcvlist_sff\x00', 0x309200, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
madvise$auto(0x0, 0xfffffffffffefffd, 0x1)
ioctl$auto_KVM_HAS_DEVICE_ATTR(r0, 0x4018aee3, 0x0)

11m32.126044733s ago: executing program 3 (id=3018):
mmap$auto(0x0, 0x9, 0x72, 0x8b72, 0x2, 0x8000)
io_uring_setup$auto(0x48, 0x0)
keyctl$auto(0xa, 0x3, 0x0, 0x802000, 0xe)
openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/pcmC1D0p\x00', 0x0, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptyyc\x00', 0x0, 0x0)
r0 = open(0x0, 0x161b40, 0x22)
read$auto_rng_chrdev_ops_core(r0, 0x0, 0x0)
ioctl$auto_TIOCSWINSZ2(r0, 0x5414, &(0x7f0000000040)='(')

11m31.942090204s ago: executing program 3 (id=3019):
r0 = socket(0x10, 0x2, 0x0)
sendmsg$auto_IOAM6_CMD_DEL_NAMESPACE(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x200, 0x70bd27, 0x25dfdbff, {}, [@IOAM6_ATTR_NS_ID={0x6, 0x1, 0xf}, @IOAM6_ATTR_NS_ID={0x6, 0x1, 0x81}]}, 0x24}}, 0x4000000)
sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008)

11m31.805919185s ago: executing program 3 (id=3020):
mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000)
read$auto(0xffffffffffffffff, 0x0, 0x20)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x48140, 0x0)
r0 = syz_open_procfs$namespace(0x0, 0x0)
mmap$auto(0x0, 0xe983, 0xa3, 0xeb1, 0xffffffffffffffff, 0x8000)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004040}, 0xc800)
r1 = socket(0xa, 0x5, 0x84)
sendto$auto(r1, 0x0, 0x401, 0x7f, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8080040200"}, 0x1c)
setns(r0, 0x0)
move_pages$auto(0xffffffffffffffff, 0xa6, 0x0, 0x0, 0x0, 0x3)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
timer_create$auto_CLOCK_BOOTTIME(0x7, 0x0, 0x0)
sendmsg$auto_IPVS_CMD_SET_CONFIG(0xffffffffffffffff, 0x0, 0x200000d4)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000)
pwrite64$auto(0xc8, 0x0, 0xfdf2, 0x3a)
semctl$auto(0xeea8, 0x804, 0x2, 0x1)

11m31.512385959s ago: executing program 3 (id=3021):
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x20000, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
close_range$auto(0x0, 0x5, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
socket(0x2, 0x1, 0x106)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x10001, 0x900, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mmap$auto(0x0, 0x7, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000500)='/sys/devices/virtual/block/ram12/queue/read_ahead_kb\x00', 0x80000, 0x0)
read$auto(r1, 0x0, 0x81)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3)
unshare$auto(0x40000080)
close_range$auto(0x2, 0x8, 0x0)
r3 = socket(0x11, 0x3, 0x2)
mmap$auto(0x0, 0x2, 0x7, 0x9b72, 0x7, 0x0)
capget$auto(0x0, 0xfffffffffffffffe)
r4 = socket(0xa, 0x1, 0x84)
getsockopt$auto(r4, 0x84, 0x2007, 0x0, 0x0)
getsockopt$auto(r3, 0x107, 0x7, 0x0, 0x0)
sendmsg$auto_NL80211_CMD_SET_NOACK_MAP(0xffffffffffffffff, 0x0, 0x4084)

11m28.242702156s ago: executing program 3 (id=3026):
r0 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000d80), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_ETHTOOL_MSG_PLCA_SET_CFG(r1, &(0x7f0000001100)={0x0, 0x0, &(0x7f00000010c0)={&(0x7f0000001040)={0x2c, r0, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@ETHTOOL_A_PLCA_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dummy0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x1}, 0x20008800)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
socket(0x2, 0x2, 0x0)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
sendmsg$auto_SEG6_CMD_DUMPHMAC(0xffffffffffffffff, 0x0, 0x2800c840)
semctl$auto(0x7, 0x6, 0x13, 0x1)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r2 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
membarrier$auto(0x2, 0x8000000000000000, 0x800)
io_uring_register$auto_IORING_UNREGISTER_EVENTFD(r2, 0x5, &(0x7f0000000040)="ac661ef21c9d98e8eb3e060b75f073e4d04b2aa8290e02d7e1f972088260407cf08cf5d6384fcf0c0236f13a5d1731be9db0d166631a", 0x25e5)
lsm_list_modules$auto(0x0, 0x0, 0x0)
r3 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0)
read$auto(0xffffffffffffffff, 0x0, 0x7)
r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0)
writev$auto(r4, 0x0, 0x3)
mmap$auto(0x0, 0x4020008, 0xdf, 0xeb1, 0x401, 0x8000)
read$auto(r3, 0x0, 0x7)
writev$auto(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x9}, 0x6)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_SET_FILS_AAD(r5, &(0x7f0000001480)={&(0x7f00000001c0), 0xc, &(0x7f0000001440)={0x0, 0x11f0}, 0x1, 0x0, 0x0, 0x4000000}, 0x80c0)

11m27.262710857s ago: executing program 3 (id=3030):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/pts/ptmx\x00', 0x0, 0x0)
ioctl$auto_TCFLSH2(r1, 0x80045439, 0x0)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
setuid$auto(0xe)
mmap$auto(0x0, 0x4020009, 0x7fffffff, 0xeb1, 0x401, 0x8000)
sysfs$auto(0x2, 0xe, 0x0)
lsm_list_modules$auto(0x0, 0x0, 0x0)
r2 = openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000400), 0x80001, 0x0)
ioctl$auto(r2, 0x3b8a, 0x38)
ioctl$auto(0x3, 0x400454ca, 0x38)
ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0)
ioctl$auto(r0, 0x8925, 0xffffffffffffffff)
futex$auto(0x0, 0x85, 0x10005, 0x0, 0x0, 0x10000007)

11m11.354549821s ago: executing program 33 (id=3030):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/pts/ptmx\x00', 0x0, 0x0)
ioctl$auto_TCFLSH2(r1, 0x80045439, 0x0)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
setuid$auto(0xe)
mmap$auto(0x0, 0x4020009, 0x7fffffff, 0xeb1, 0x401, 0x8000)
sysfs$auto(0x2, 0xe, 0x0)
lsm_list_modules$auto(0x0, 0x0, 0x0)
r2 = openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000400), 0x80001, 0x0)
ioctl$auto(r2, 0x3b8a, 0x38)
ioctl$auto(0x3, 0x400454ca, 0x38)
ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0)
ioctl$auto(r0, 0x8925, 0xffffffffffffffff)
futex$auto(0x0, 0x85, 0x10005, 0x0, 0x0, 0x10000007)

18.929119862s ago: executing program 2 (id=4940):
openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, 0x0, 0x11d802, 0x0)
r0 = socket(0x10, 0x2, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_ETHTOOL_MSG_PLCA_GET_STATUS(r1, &(0x7f00000030c0)={0x0, 0x0, &(0x7f0000003080)={&(0x7f0000000140)=ANY=[@ANYBLOB="140000", @ANYBLOB="0456ed"], 0x14}, 0x1, 0x0, 0x0, 0x4854}, 0x40)
syz_genetlink_get_family_id$auto_netdev(&(0x7f0000003900), r1)
r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), r1)
sendmsg$auto_ETHTOOL_MSG_WOL_SET(r0, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f00000003c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010027bd7000fcdbdf250a9e00ff15000000140001"], 0x2c}, 0x1, 0x0, 0x0, 0x4801}, 0x0)

18.629389523s ago: executing program 2 (id=4943):
mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000)
writev$auto(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000340)="f544b683ec99b517c8b69bcc58ed732810108543bc64a4defa372de29e7bf1d1d400e359010000000000000000000000000000001755dec47d8ab93b143c56d6c3370643456929d6bc9648f373c74e58013d3c04076aa7286071b67f3f6bc253a0adee05160b8289f725a4abaee2c40496ae38e07e286805a17693000e75db9e612e7daa308900c8c1cffcb5626839b2cab8cbf77ab238695bbfe9186ab0817e66586d17969be662ec7655b58333011102552683ea07fff6aef002d203f47ab6e23957ed", 0x8b3}, 0x7)
r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0)
read$auto(r0, 0x0, 0x7)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/set_event_notrace_pid\x00', 0x102, 0x0)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
write$auto(r1, 0x0, 0x81)
mmap$auto(0x0, 0x80, 0x200000df, 0x9b73, 0xffffffffffffffff, 0x40008000)
r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio1\x00', 0x20342, 0x0)
ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r2, 0xc004500a, &(0x7f0000000000))
mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x1a9402, 0x0)
sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(0xffffffffffffffff, 0x0, 0x44890)
timer_create$auto(0x9, 0x0, 0x0)
socket(0xa, 0x1, 0x100)
write$auto(0x3, 0x0, 0xffd8)
unshare$auto(0x40000080)
shmctl$auto_IPC_SET(0x4, 0x1, &(0x7f0000000280)={{0x80, 0xee00, <r3=>0xee00, 0xca6d, 0x8, 0x4bd6, 0x5}, 0xd21, 0x5, 0x8000000000000003, 0x2, @inferred=0xffffffffffffffff, @inferred=0xffffffffffffffff, 0x9, 0x0, &(0x7f0000000140)="4f0d6995e94336e1a6e889b8759a9cfb3ac250420045b1012d24b4881e233d3b51e066bb0a054c9e474be535fd29da", &(0x7f0000000200)="e3ac9b01ee8d985b677531eeeee5cb5bf774d2df4d9ae6dccbc98def20b72c7c2826a585ba3a8d67815abade214708a4ade77c6faa2f2889ca3e7989f32645dd597a3ae1b46e8d8c7e03ae6b8aaa49f6bf64cc5fa98e25"})
fsconfig$auto(r2, 0x800, &(0x7f0000000040)='/sys/devices/LNXSYSTM:00/LNXPWRBN:00/power/wakeup_abort_count\x00', 0x0, r3)
write$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffffff, &(0x7f00000001c0)="624d1bfe595046ab5c98199adf260600de16baef6176e6021e1dce210500e8fdffff0000000000fffffffe00a7ed73de11691c13403c82be", 0x7b)
process_mrelease$auto(0xffffffffffffffff, 0xa)
mmap$auto(0x0, 0x40000f, 0xde, 0x9b7e, 0xffffffffffffffff, 0x8000)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mount$auto(0x0, 0xfffffffffffffffe, 0x0, 0x80, 0xfffffffffffffffe)
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x60042, 0x0)
mkdir$auto(&(0x7f0000000100)='./file0\x00', 0xff)

13.346500829s ago: executing program 2 (id=4955):
mmap$auto(0x40007f9e, 0x7c4076e7, 0x800000000df, 0x9b72, 0xffffffffffffffff, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x400008, 0xe2, 0x9b72, 0xffffffffffffffff, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x3, 0x3a)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
eventfd$auto(0x3)
eventfd$auto(0x0)
socket(0xa, 0x2, 0x88)
io_uring_setup$auto(0x6, 0x0)
socketpair$auto(0xc6, 0x3, 0xfff, &(0x7f0000000000)=0x1)
close_range$auto(0x2, 0x8, 0x0)
r1 = socket(0x11, 0x3, 0x9)
close_range$auto(0x2, r1, 0x0)
r2 = socket(0x11, 0x80000, 0x300)
setsockopt$auto(r2, 0x107, 0x14, 0x0, 0x4)
sendmmsg$auto(r1, &(0x7f0000000400)={{&(0x7f0000000040)="6636ec8d748fd5caa7534e11f8a0d0a11936ab4b1b1c398c5af0bb90d2075511bb6ecb", 0x205ab, &(0x7f0000000080)={0x0, 0x4b}, 0x80000000000001, 0x0, 0x0, 0x401062}, 0x5}, 0xfffffe00, 0x100)
sysfs$auto(0x2, 0x4d, 0x0)
clone$auto(0x9001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6)
socket(0xa, 0x5, 0x0)
getsockopt$auto(r0, 0x9, 0x3ff, 0x0, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/014/001\x00', 0x113802, 0x0)

10.985246693s ago: executing program 2 (id=4964):
socket(0xa, 0x1, 0x84)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x88000, 0x0)
r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x0)
sysfs$auto(0x2, 0xe, 0x7)
r2 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f00000001c0), 0x80100, 0x0)
openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f00000002c0), 0x44100, 0x0)
ioctl$auto_dvb_demux_fops_dmxdev(r2, 0x40146f2c, 0x0)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x10803, 0x0)
fanotify_init$auto(0x6, 0x2000000000002)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x80801, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00'})
sendmsg$auto_NL80211_CMD_SET_WIPHY(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)={0x14, r0, 0x13, 0x70bd2c, 0x25dfdbdd}, 0x14}, 0x1, 0x0, 0x0, 0x24004080}, 0x20040894)
move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x3, 0x100)
mbind$auto(0x9, 0xffffffffffff7fff, 0xff, &(0x7f0000000000)=0x7ca8, 0x5, 0x5)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyv1\x00', 0x202000, 0x0)
ioctl$auto(0x1, 0x8983, 0x4)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
setuid$auto(0x800000000008)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)

10.001240678s ago: executing program 5 (id=4966):
r0 = setfsuid$auto(0xee00)
lstat$auto(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0xd593, 0x4, 0x800, 0x80, <r1=>r0, 0xee01, 0x0, 0x9, 0x200, 0xdd0, 0x1, 0x0, 0x10001, 0xf1, 0x7, 0x1, 0xfe})
r2 = clone$auto(0xfffffffffffffffb, 0xffff, &(0x7f0000000100)=0x2, &(0x7f0000000140)=0xc228, 0x1ff)
fcntl$auto(0xffffffffffffffff, 0xc2c24065, r2)
r3 = setfsuid$auto(r1)
setresuid$auto(r0, r3, r0)
keyctl$auto(0x7, 0x0, r0, 0x0, 0x7)

8.860977909s ago: executing program 5 (id=4967):
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0x20342, 0x0) (async)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async, rerun: 32)
write$auto(0x3, 0x0, 0x7fffffff) (async, rerun: 32)
r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x280, 0x0) (async)
socket(0xa, 0x1, 0x84)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/loop14/queue/dma_alignment\x00', 0x80000, 0x0)
read$auto(r2, 0x0, 0x20) (async)
openat$auto_tracing_saved_cmdlines_size_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/saved_cmdlines_size\x00', 0x61c042, 0x0) (async)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x4}, 0x3)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) (async)
write$auto(0x1, 0x0, 0x80000000) (async)
mmap$auto(0x100000, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) (async, rerun: 64)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) (rerun: 64)
ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) (async)
madvise$auto(0x0, 0x2003f0, 0x15) (async)
ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, 0x0)
r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0) (async)
r5 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
ioctl$auto(r4, 0x541c, r5)
read$auto_sc_seq_fops_netdebug(r5, &(0x7f0000000180)=""/180, 0xb4) (async)
flock$auto(r4, 0x4) (async)
close_range$auto(0xffffffffffffffff, 0xfffffffffffff000, 0x6) (async, rerun: 64)
mmap$auto(0x0, 0x3, 0xdf, 0x9b72, 0x2, 0x8000) (async, rerun: 64)
r6 = openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
read$auto_mISDN_fops_timerdev(r6, &(0x7f0000001a00)=""/4097, 0x1001)
ioctl$auto_IMADDTIMER(r6, 0x80044940, 0x0) (async)
shmctl$auto_SHM_STAT(0x5, 0xd, &(0x7f0000000140)={{0x10001, 0xffffffffffffffff, 0x0, 0x2, 0x3, 0x3, 0x6}, 0x5, 0x9, 0x1, 0x9, @inferred, @inferred, 0x0, 0x0, &(0x7f0000000000)="a92cc5b95cbadeeec0c80a78f129b552aff38f501076b376c850e3181d7ab078b9c2a74d949545259b5a23079c5ddb423ec48eaac2ce48768e1e", &(0x7f0000000100)="899f6eff00"})
msgctl$auto_IPC_SET(0x7f7, 0x1, &(0x7f0000000240)={{0x1000, 0xee00, 0xee01, 0x8, 0x8040, 0x81, 0x786}, &(0x7f00000001c0)=0x54, &(0x7f0000000200)=0x53, 0x100, 0x5, 0xd48b, 0x4056, 0x3, 0xffff, 0x8, 0xff, @raw=0x4})

6.862816964s ago: executing program 2 (id=4969):
socket(0x15, 0x5, 0x0)
syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), 0xffffffffffffffff)
r0 = pidfd_open$auto(0x1, 0x0)
setns(r0, 0x60020000)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
syz_clone3(&(0x7f0000000300)={0x153326100, 0x0, 0x0, 0x0, {0x23}, 0x0, 0x0, 0x0, 0x0, 0x0, {r0}}, 0xa7)
clone$auto(0x9001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x5)
r1 = socket(0xa, 0x5, 0x0)
getsockopt$auto(r1, 0x84, 0x24, 0x0, 0x0)
syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000040), 0xffffffffffffffff)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x80000, 0x0)
ioctl$auto_USB_RAW_IOCTL_RUN(0xffffffffffffffff, 0x5501, 0x0)
setsockopt$auto(0x3, 0x10000000084, 0x14, 0x0, 0x8)
mmap$auto(0x0, 0x400, 0xdf, 0xeb1, 0x1272, 0x8000)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'vcan0\x00'})
close_range$auto(0x2, 0x8, 0x0)
r2 = socket(0x1d, 0x2, 0x7)
r3 = socket(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r4=>0x0})
bind$auto(r2, &(0x7f0000000000)=@can={0x1d, r4}, 0x6a)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0xe, 0x40, 0x801ffdf, 0x1, 0x2000000000000006, 0x3, 0x8, 0x5, 0x6, 0x7, 0x1, 0x9, 0x2, 0x3, 0x5, 0xfffffffffffffffa, 0x0, 0x0, 0x0, 0x0, 0x3b9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0xffffffff00000000, 0x0, 0x200, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb, 0x0, 0x5, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x0, 0x5, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x19, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000000000]}, 0x5, 0x2)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
openat$auto_fops_blob_file(0xffffffffffffff9c, &(0x7f00000000c0), 0x101800, 0x0)
r5 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0xffffff9e, 0x0, 0x1f}, 0x40000)

6.364726524s ago: executing program 5 (id=4973):
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/net/dummy0/ifalias\x00', 0x8041, 0x0)
r0 = setfsuid$auto(0xee00)
setfsuid$auto(0xee01)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x1fd7, 0x401, 0x8000)
r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_CONNECT(r2, &(0x7f00000002c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000680)=ANY=[@ANYBLOB="54010000", @ANYRES16=r1, @ANYBLOB="010025bd7000fedbdf252e000000b3ff0600ab23aedae2697b97301d9587f77081bfe1c5cafbafe46221a0d7e62a298c5af2efe8f24367562bf74d448b7e5b9ba61c67d6fd9d7142bda3c32cc0f58fc33ee5f704065b6601f6be6e3dea8f2951d42204c5581ca124ec7b096140522074050766313bbd3615778134fdae30815cbfa896381018851f39704476d367ad5b8070bb0a975af7de90ac4698d50aaea57928a2e9d0f0f214dfd30c186a879100328274e0652f470568e4951c73eee16302f0ca8cdd97a2f938f53a75c8b1f8cf85feee90833fe7557f267d007efd4e83fc3d97af56564d86ad0000001700e192355082a89cf4c598daf45b85c79927aa0fe917b919e0b92de84ed57b39c9cdd0b9d52e9b039c7b7d0b1a2b94087e93425d10a231e7c67bf40c8c548a7559b28465a737e844b22e9cb18da1cf157641b02b311301f525184706b9236fc642a9f10d77c5a68856810199195c9815a5d357c61e053e2556367c3f8945aa2f2c11a0f491a14d2e1ee3c13f906a1e57c04b1e83a8c74f8cf4148d72da41b2b1e6423632ccbc89b703eb3f73510c2966a311a8068a51fe33fb2991ccb918c73fbf28d7c4121f714ba3f0552889d15f3fc0a2c5d204a97a0b3ade0699dd57e636041ff6831aea7d33afcd0cb5a56392a274bc7843ac4343e2570000d20001000000"], 0xf0}, 0x1, 0x0, 0x0, 0x24008081}, 0x20044841)
socket(0xa, 0x801, 0x88)
semctl$auto(0x1ff, 0x2, 0x13, 0x1)
setsockopt$auto(0x3, 0x10000000084, 0x11, 0x0, 0x8)
setresuid$auto(r0, r0, r0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
unshare$auto(0x40000080)
syz_genetlink_get_family_id$auto_l2tp(0x0, 0xffffffffffffffff)
mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
madvise$auto(0x0, 0x20499d, 0x9)
syz_genetlink_get_family_id$auto_nfsd(0x0, 0xffffffffffffffff)
mmap$auto(0x470000000, 0xd, 0x4000000000000df, 0x109b72, 0xffffffffffffffff, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket$nl_generic(0x10, 0x3, 0x10)
rseq$auto(&(0x7f0000000040)={0x5, 0x8, 0x80000001, 0x1000, 0x4, 0x2}, 0x8001, 0x0, 0x7)
pread64$auto(0xffffffffffffffff, 0x0, 0x3ef, 0x8009)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x20, 0x7)
openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000002940)='/dev/fb0\x00', 0x841, 0x0)
openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f0000000140), 0x84000, 0x0)

6.080170896s ago: executing program 1 (id=4974):
r0 = bpf$auto(0x3, 0x0, 0x6f0)
r1 = bpf$auto(0x0, &(0x7f0000000580)=@task_fd_query={<r2=>0x7, 0x4, 0x200, 0x5, 0x0, 0xf, 0xffffffffffffffff, 0x1, 0x5}, 0x6f4)
write$auto(0xca, &(0x7f00000000c0)='\x04>\x00\x02\x18\x00\x00\xd3b\x01\xbd\x9b@\xb0\x00\x00\x00\x84\xa2\\\x15\xc4>\xa9\x82,\xf9y\xc7p\xf1w\xbe\xde\xe8\xc3\x01#\xcc\tF\xb6\x95\xeeH\xf8}v\xb3\xcb(\xa90Abe\xc3\x8c\xcc\xe7\xb8\x00F\x89#\xb4\xf0F\xa1\xd5\x1e\x8f\t\x9dZ~\xea\xa3\x93\xc2\x04\xe1;b\x99\x85\x00\x00\x00\xe2E\x00\x00-a\xb6n\xbc\xb4=\xf8\xce\x01\x1f]\x85|\xce\xd7\xff\xff\xd3lb\xc5\xee\xdb\xcb\xbb\xd8\x00\x80\x00\x00\xe9e\xe5\x80\x1c\x02\"\xa7&8U\xfd\xdc\x15\xae\xfa5\xb8}\x0e\xb4:\x91\xbb5\xd3{\xb2\xd0\xc0\x93=\xf8E\xceO\x1e\xd5\x8f\xdf\xaa\x1c\xfd\xb0h\xd8\xbc\xecA\xa6\xde\xd1=\xfd)d\x8f\vk\x1c+\xf7, \xf8]\xb3\xe9B\x02\f\'\xcf0\x06', 0x8000000000000001)
r3 = accept$auto(0x3, 0x0, 0x0)
r4 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f00000003c0), 0x521082, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nvmet_tcp/parameters/idle_poll_period_usecs\x00', 0x9801, 0x0)
mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000)
write$auto(0x3, 0x0, 0xffd8)
r5 = socket(0x15, 0x5, 0x0)
setsockopt$auto(r5, 0x114, 0x6, 0x0, 0x2)
r6 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f00000001c0), r1)
write$auto(0x0, 0x0, 0x0)
sendmsg$auto_L2TP_CMD_TUNNEL_DELETE(r0, &(0x7f0000000380)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)=ANY=[@ANYBLOB="24020000", @ANYRES16=r6, @ANYBLOB="000229bd7000ffdbdf2502000000050015008000000008001900050000000500040004000000"], 0x2c}, 0x1, 0x0, 0x0, 0x1}, 0xc000)
mmap$auto(0x0, 0x400008, 0x4, 0x40009b72, 0x2, 0x8000)
close_range$auto(0x0, 0x5, 0x0)
openat$auto_random_fops_random(0xffffffffffffff9c, &(0x7f00000001c0), 0x1, 0x0)
r7 = epoll_create$auto(0x8)
epoll_ctl$auto(r7, 0x1, 0x8000000000000000, 0x0)
ioctl$auto_SNDRV_TIMER_IOCTL_STATUS64(r4, 0x80605414, 0x0)
ioctl$auto_UI_GET_VERSION(r0, 0x8004552d, &(0x7f0000000040)=0x8)
r8 = creat$auto(&(0x7f0000000000)='./file0\x00', 0xffff)
r9 = socket(0x2, 0x80002, 0x73)
r10 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000240), r8)
ioctl$auto_XFS_IOC_ALLOCSP(r3, 0x4030580a, &(0x7f0000000280)={0x0, 0x5, 0xfcd7, 0x7, 0x8, <r11=>0xffffffffffffffff})
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r12 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x68140, 0x0)
ioctl$auto(r12, 0x5405, 0xd8)
r13 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000200), 0x101802, 0x0)
ioctl$auto_SNDRV_TIMER_IOCTL_NEXT_DEVICE(r13, 0x5452, 0x0)
sendmsg$auto_NL802154_CMD_GET_SEC_LEVEL(r3, &(0x7f00000007c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x8000084}, 0xc, &(0x7f0000000780)={&(0x7f0000001640)=ANY=[@ANYRESOCT=r2, @ANYRES16=r10, @ANYBLOB="000225bd7000fddbdf251f00000021042880080014000d00000008001100", @ANYRES32=r11, @ANYBLOB="c0003f00628ca240ac06f880a9ecd38f87a3462ba0b38e4caa29942dcb7d73c6fe2bf8997c405a03e324770784275a11e07a2855191d55523db4381b9f1e23313e3847e3d865e67c465a2144a440da5a8d00baaa974d0ffdee9e4ea6be064e792ed075256ef2e904ac9b726ab173370c33f91b97e89eb83b7d5d4e68ffdf6015aa25eeaed0285fd534e72cf20168558e72db926735e16767e6e91f151e2d972e07a18248faef0e13eba40579343cd971420c973fcee0e172944724f924f34913d7e2f2f87da0610623daadc1c6fe1400278004000d800c00b9000000000000000000fdbaad1b6d6d4d50f4a71570f6f379fb59cca5b78c30df6ab9e2d236e169aa8eddec8d000089afe654036efaad525b75d2dd0acd9adc5d664549abf13c52f6538fa7f6379a51b44a7adcf760f02f83b3d39005f2210f2950eb6176df17b61a269edcd4c8d50c90a3d8e5ad07e0e28f560c55905a5adc9fa81b6ae0eec75071fdba12c9664a009bd7d4c0194f3000d72c2a0e3b060170800400040004004b806e180ec144b33d5b539b2abf7cb01b4df8de54f9285eea3ee2f459e182a5330e640b93f1615b9262aef9139cbe07a787018b3200cab683e846c8046df55919c28802119472421619b5a77d8c182797aa33e906ab288840830a6bae18204eb83962c3726e7ae3411970d8647eeb4a52d7e20717d1b43382984ad6855da4e8f23d84c147c436a4c2163f874a3a87bb0f8706789121af1916abe2ac0475d61d2cb315fc3efca2922c2a1196d0fefc8a3dde72b6f2040e7dd7976007fa2e64780f00ac43312590d69b0dad57180e8cf6da6c5be0031e4d0465cfd59858ccf2438ea01ab82d27fecd88449ff54f5c4c741abc205c8bebbc2c81f16dba0000820134803e0aca27686101126ddf26a70dc6d237f276cbb3359696907686ad533dc1556f8ca793e2df8c6a692549888463164fa20e9a9a0ebce3f29ae6b4d69806735f327597dc61bd7710257f1647904df280eecffd8f88eec6507f24bed77914ca78406fac3aa7feb4c17f1ce227eb719a54607361e27b76fb3e2bac1151f099a32142d5d599928742a3b729d229c8cbe4040044809c45f20e3ee066b290438b7a030aa4536c9885a6266b6376b589bb1c482b98c53bf0e781253d06a3fb8101bfe600479f1f3d29f783803522db26d338d2a12aaf108a575c23643f4f038d95952588eefc0bff7285544f6e84440ce5be02cbd3e39b180c97019f8967944306da0fb651b00afda44b43e298e66ad083cbe100353097a5c7d89b9e3d76678b0a57b0df0686847f68d0904364ef8a8755023cc9d21202d7df3da9ec043042616f6621c6e68cc6fd1583998877914a7acb3854d9bd729a2b78b1fd9feb71b6b5cd0df3d72bae8f2f01e03667b32b46327f62fcb0f2040029800800a200afa3736b9ea64d4c5d847a847eec5184706cdefb960ad29de88745397738252b312255e1e2f0f5cebe8022ae5ec48fc1ca6bcfd833a8d240ffdf6dac0c695ffbe5a24378bc8f447aa9f3df801771fb2eaf78a3e26f675ed8cad99297912c6c7ac815fad1594436c7814022cd571bb9994d53d45f1a885165512a7ffbb6ceb086610928d9b0d9e2f8ae5e1fbb35741a6eda6959f8aa44b5e57dfdcf3c5a3e790546260b9aa9956e71141f144aa91049e3de97388eff0ef5d7e37484b2a23dc22869704d97c925b5ddb9447a72f399fe23148b89a22df5a5160c924ce6dc8c5405567b6c85e76412d1d52aa04c8bc708f37f5b8abd707d775ddfdb64970b47399a4de1ead229b0a5fd3d2c0008fd552115b4d0ce851e60d5dab15a573b4e1863d51e26862343605bf08467af755cd9125a52e36023ad740b94d89cdf4738e110f8858db52f725d516e811e8e0f4772db64162cce6dbb80340fe92ee33675d0365906dfe9b9b3aed14a24bfba4a62b1bbb5a79b6831c483a51bef3e095f0a9468813be8b8ae6113f5dbb1d5e5e8ba2d04b4ac8132d9c96353062f6c38cdf51ee0bce345997b3a1c5342233c01efa0d99c582cfd79c8b299531579aee9a63aa54e4dd9d877ca504286bac79920b1f3b6ec956e5d8815", @ANYBLOB="9aa6ce0f79dff9bfaea9d14cbaeef60b0809336861711f23ca5647cdde7944eefd9b39b205d3da039604ddac8ca9725e9115dd8897501f4ea98ec0c709352bed4c7ba27a2b562a9e56117572af8d544b93", @ANYBLOB="040029800400510000000c00130004000000000000000000000c0017007341000000000000050013000800000005002600b70000000500240000000000140004006261746164765f736c6176655f3100000500070001000000", @ANYRESDEC=r2, @ANYRESOCT=r4, @ANYRES64=r9, @ANYBLOB="076ed2b58447e155c0aeea7b018de6b284ab021c018a94b5624ec383d2480d309b7813fccb502902632afda5a477a15a239530d2bdc292cad7e42d1db1ec917a4f531c33488904d198d56230e916e8c2425ebc4243dbc5ce277d1e92a19bf4282708a6"], 0x478}, 0x1, 0x0, 0x0, 0x20040000}, 0x4)

5.618537295s ago: executing program 1 (id=4977):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyde\x00', 0xa0102, 0x0)
ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) (async)
bpf$auto_BPF_LINK_GET_NEXT_ID(0x1f, &(0x7f00000001c0)=@iter_create={<r1=>r0, 0xfffffffd}, 0x4)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
fchown$auto(r2, 0x0, 0x0) (async)
bpf$auto_BPF_PROG_QUERY(0x10, &(0x7f0000000380)=@bpf_attr_3={0xffff, 0x6, 0x5, 0x8, 0x4, 0x9, 0x1, 0xffffffc3, 0x8001, "54d94459fcd8f82ea19c90aae52aa979", 0x0, 0x6b00, r1, 0x4, 0x54ad, 0x2, 0x10000, 0x100, 0x80000001, 0x80101, @attach_btf_obj_fd=r2, 0x101, 0x6, 0x8, 0x7, 0xfffffff8, r3, r1}, 0x9)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/ip6_vti0/statistics/multicast\x00', 0x200, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000000140)=""/12, 0xc) (async)
socket(0x1d, 0x2, 0x6) (async)
r5 = socket(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'vxcan1\x00', <r6=>0x0}) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0) (async)
r7 = socket(0x15, 0x5, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/mm/ksm/run\x00', 0x88b02, 0x0)
r8 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0)
read$auto(r8, 0x0, 0x20) (async)
mseal$auto(0x2b840f31, 0xdfc, 0xb) (async)
write$auto(0x3, 0x0, 0xfffffdef) (async)
bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r6, 0xfd}, 0x6a) (async)
r9 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r10 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$auto_OVS_FLOW_CMD_DEL(r9, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="18000000", @ANYRES16=r10, @ANYRESDEC=r7], 0x18}, 0x1, 0x0, 0x0, 0x40}, 0x800) (async)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0x7}, 0x1, 0x0, 0x3, 0xa}, 0x8}, 0x5, 0x9)

3.661810574s ago: executing program 1 (id=4978):
unshare$auto(0x40000080)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
listen$auto(0x3, 0x81)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
madvise$auto(0x0, 0x200007, 0x19)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/pagemap\x00', 0x103003, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x101001, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000001c0), 0x101000, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
r2 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0)
pread64$auto(r2, &(0x7f0000000240)='\x03W\x96l\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf4\x00\x00\x00\x00\x00\x00', 0x100000002, 0x100000001)

3.65593296s ago: executing program 4 (id=4979):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
recvmmsg$auto(0xffffffffffffffff, &(0x7f0000000380)={{&(0x7f00000001c0)="a36d3fa58cc14c483eaeefbda25ed11e6584b0e06b6f7d2a0920bb3dac705aa384", 0x7fff, 0x0, 0x9, 0x0, 0x2, 0x9}, 0x2}, 0xfffffffd, 0x3, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0)
mount$auto(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000140)='nfs\x00', 0x1, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/reserved_size\x00', 0x400, 0x0)
socket(0xa, 0x2, 0x3a)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r0, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f0000004300)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\v'], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x810)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r0)
read$auto(r0, &(0x7f0000000000)='\x00', 0x91e2)
socket(0x2b, 0x0, 0x100)
socket(0x10, 0x2, 0x0)
openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000400)='/dev/binderfs/binder0\x00', 0x0, 0x0)
openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000000)='/dev/usbmon7\x00', 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
r2 = socket(0x18, 0x2, 0xfff)
close_range$auto(0x2, 0x8, 0x0)
r3 = socket(0x10, 0x2, 0xc)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYRES8=r3, @ANYBLOB="18000000", @ANYRES8=r1], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x40000f0)
write$auto(r2, &(0x7f0000000000)='\xde\x00', 0xfded)
mmap$auto(0x2, 0x9, 0x4000001000de, 0x15, 0xffffffffffffffff, 0x71d)
prctl$auto_PR_SYS_DISPATCH_OFF(0x15, 0x0, 0x0, 0x9, 0x7)
close_range$auto(0x2, 0xa, 0x0)
socket(0x2, 0x1, 0x106)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/module/kvm/parameters/nx_huge_pages\x00', 0x80302, 0x0)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/rose0/dev_id\x00', 0x80000, 0x0)
read$auto(r4, 0x0, 0x9)

3.398207807s ago: executing program 4 (id=4980):
mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000)
writev$auto(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000340)="f544b683ec99b517c8b69bcc58ed732810108543bc64a4defa372de29e7bf1d1d400e359010000000000000000000000000000001755dec47d8ab93b143c56d6c3370643456929d6bc9648f373c74e58013d3c04076aa7286071b67f3f6bc253a0adee05160b8289f725a4abaee2c40496ae38e07e286805a17693000e75db9e612e7daa308900c8c1cffcb5626839b2cab8cbf77ab238695bbfe9186ab0817e66586d17969be662ec7655b58333011102552683ea07fff6aef002d203f47ab6e23957ed", 0x8b3}, 0x7)
r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0)
read$auto(r0, 0x0, 0x7)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/set_event_notrace_pid\x00', 0x102, 0x0)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
write$auto(r1, 0x0, 0x81)
mmap$auto(0x0, 0x80, 0x200000df, 0x9b73, 0xffffffffffffffff, 0x40008000)
r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio1\x00', 0x20342, 0x0)
ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r2, 0xc004500a, &(0x7f0000000000))
mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x1a9402, 0x0)
sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(0xffffffffffffffff, 0x0, 0x44890)
timer_create$auto(0x9, 0x0, 0x0)
socket(0xa, 0x1, 0x100)
write$auto(0x3, 0x0, 0xffd8)
unshare$auto(0x40000080)
shmctl$auto_IPC_SET(0x4, 0x1, &(0x7f0000000280)={{0x80, 0xee00, <r3=>0xee00, 0xca6d, 0x8, 0x4bd6, 0x5}, 0xd21, 0x5, 0x8000000000000003, 0x2, @inferred=0xffffffffffffffff, @inferred=0xffffffffffffffff, 0x9, 0x0, &(0x7f0000000140)="4f0d6995e94336e1a6e889b8759a9cfb3ac250420045b1012d24b4881e233d3b51e066bb0a054c9e474be535fd29da", &(0x7f0000000200)="e3ac9b01ee8d985b677531eeeee5cb5bf774d2df4d9ae6dccbc98def20b72c7c2826a585ba3a8d67815abade214708a4ade77c6faa2f2889ca3e7989f32645dd597a3ae1b46e8d8c7e03ae6b8aaa49f6bf64cc5fa98e25"})
fsconfig$auto(r2, 0x800, &(0x7f0000000040)='/sys/devices/LNXSYSTM:00/LNXPWRBN:00/power/wakeup_abort_count\x00', 0x0, r3)
write$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffffff, &(0x7f00000001c0)="624d1bfe595046ab5c98199adf260600de16baef6176e6021e1dce210500e8fdffff0000000000fffffffe00a7ed73de11691c13403c82be", 0x7b)
process_mrelease$auto(0xffffffffffffffff, 0xa)
mmap$auto(0x0, 0x40000f, 0xde, 0x9b7e, 0xffffffffffffffff, 0x8000)
r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r4, &(0x7f0000000180)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8\xa6\xb6\xaa\x96/OX\xba\x02\xc5\xc6B\x1d}Y\xbc@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf\xd6f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8', 0x100000a3d6)
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x60042, 0x0)
mkdir$auto(&(0x7f0000000100)='./file0\x00', 0xff)

1.728137482s ago: executing program 2 (id=4981):
r0 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/set_event\x00', 0x121000, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000001400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002bbd7000fcdbdf2504000000040010"], 0x20}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xff7fffffffff0001, 0x15)
close_range$auto(r0, 0x8, 0x0)
brk$auto(0x40008000)
syslog$auto(0x10000, &(0x7f0000000180)='/dev/snapshot\x00', 0xc0)
r3 = fanotify_init$auto(0x5, 0x2000000000002)
r4 = open(&(0x7f0000000000)='.\x00', 0xc00, 0x409)
fanotify_mark$auto(r3, 0x9, 0x9, r4, 0x0)
ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0)
syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e</\xfd\x9b\xe4\x99G\xeaS\x9a\xadu(:\x94:\xaf\x06c=3>1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0xda)
move_pages$auto(0x0, 0x5, &(0x7f0000000380)=&(0x7f0000000280), &(0x7f00000003c0)=0x1, 0x0, 0x2)
r5 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/kcore\x00', 0x28000, 0x0)
pread64$auto(r5, 0x0, 0x800003, 0x270)
mlockall$auto(0x7)
r6 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000100), 0x202, 0x0)
personality$auto(0xfffff032)
ppoll$auto(&(0x7f0000001ac0)={r6, 0x9, 0x7}, 0x8, &(0x7f0000001b00)={0xf2, 0x408000000}, &(0x7f00000002c0)={0x10000}, 0x8)
mprotect$auto(0x110c230000, 0xa588, 0x6)
mremap$auto(0x110c231000, 0x0, 0x101, 0x3, 0x0)
move_pages$auto(0x0, 0x9, 0x0, 0x0, 0x0, 0x2)
msgctl$auto_IPC_RMID(0x1, 0x0, &(0x7f0000001600)={{0x7b0, 0x0, 0x0, 0xd, 0x3ff, 0x7, 0xb}, &(0x7f0000000400)=0x9, &(0x7f0000000440)=0x10, 0x1, 0xd80, 0x9, 0x0, 0x8000000000000000, 0x6, 0xa, 0xfff9, @raw=0x80, @raw=0x9})
r7 = syz_open_procfs$namespace(0x0, &(0x7f0000000040))
r8 = syz_clone(0x20a08200, 0x0, 0x0, 0x0, 0x0, 0x0)
ioprio_set$auto_IOPRIO_WHO_PGRP(0x2, r8, 0x8)
fcntl$auto(r7, 0x402, 0x0)

1.574498658s ago: executing program 4 (id=4982):
unshare$auto(0x40000080) (async)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/mtdblock0\x00', 0x14fe02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x16, r0, 0x8000) (async)
preadv2$auto(r0, &(0x7f0000000040)={0x0, 0x80000003}, 0x6, 0xffffffffffffffff, 0x8000000000000, 0x2f) (async)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async, rerun: 32)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) (async, rerun: 32)
listen$auto(0x3, 0x81) (async)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0x0, 0x0) (async, rerun: 64)
close_range$auto(0xffffffffffffffff, 0xa, 0xfffffffd) (async, rerun: 64)
mmap$auto(0x0, 0x6, 0x3, 0xeb1, 0x7, 0x8000) (async)
futex$auto(0x0, 0x85, 0x38, 0x0, 0x0, 0x80800005) (async)
r3 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x68082, 0x0)
ioctl$auto_BLKPG2(r3, 0x1269, 0x0) (async)
ioctl$auto_MEMGETINFO(r3, 0x80204d01, 0x0) (async)
r4 = openat$auto_tracing_fops_trace(0xffffffffffffff9c, 0x0, 0x40200, 0x0) (async)
mmap$auto(0x0, 0x402000b, 0x4af, 0xeb1, 0x401, 0x8000)
read$auto(0x3, 0x0, 0xfffffdef)
syz_genetlink_get_family_id$auto_batadv(&(0x7f00000002c0), 0xffffffffffffffff) (async)
syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000080), 0xffffffffffffffff)
mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) (async)
getsockopt$auto_SO_SNDBUF(r4, 0x73, 0x7, &(0x7f0000000100)='SEG\x85\x00', &(0x7f0000000140)=0x9d9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mbind$auto(0x1c0000, 0x800097, 0x1, 0x0, 0x3, 0x1) (async, rerun: 32)
mbind$auto(0x0, 0x800605, 0x1, &(0x7f0000000500)=0xffff, 0xa, 0x3) (async, rerun: 32)
ioctl$auto(0x3, 0x402c542b, 0x38)
ioctl$auto_TIOCSTI2(r2, 0x5412, 0x0) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async, rerun: 32)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (rerun: 32)

1.530178161s ago: executing program 1 (id=4983):
r0 = openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/trace\x00', 0x82000, 0x2000)
read$auto_tracing_fops_trace(r0, 0x0, 0x0)
mmap$auto(0x0, 0x1, 0xdf, 0x9b72, 0x2, 0x40008000)
socket(0xa, 0x1, 0x84)
write$auto(0x3, 0x0, 0xfdef)
close_range$auto(0x2, 0x8, 0x0)
shmctl$auto_SHM_UNLOCK(0x2, 0xc, 0x0)
sendmsg$auto_ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0)
ioctl$auto(0xffffffffffffffff, 0x540a, 0xffffffffffffffff)
write$auto(0xffffffffffffffff, 0x0, 0x8)

1.275307915s ago: executing program 1 (id=4984):
mmap$auto(0x0, 0x2020009, 0x8000000003, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) (async)
ioprio_set$auto(0x2, 0x800000000, 0x8) (async)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x710f}, 0xa) (async)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) (async)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, r1, 0x0) (async)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x0, 0x5, 0x0) (async)
pipe$auto(0x0) (async)
socket(0x11, 0x80003, 0x300) (async)
sendfile$auto(0x1, r0, 0x0, 0x8fb5) (async)
r2 = epoll_create$auto(0x3e)
epoll_ctl$auto(r2, 0x1, 0x8000000000000000, 0x0) (async)
openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000340), 0x189400, 0x0) (async)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/cgroup.threads\x00', 0x80302, 0x0) (async)
socket(0x2, 0x3, 0xa) (async)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/adsp1\x00', 0x80502, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) (async)
madvise$auto(0x0, 0x2000040080000004, 0xe)
close_range$auto(0x2, 0x8, 0x0) (async)
socket(0x2, 0x80002, 0x73) (async)
socket(0x28, 0x1, 0x87)
bind$auto(0x3, &(0x7f0000000040)=@sco={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x6a)
connect$auto(r1, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0xc5)
write$auto(0x3, 0x0, 0xfdef) (async)
read$auto(0x3, 0x0, 0x1f40) (async)
ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(0xffffffffffffffff, 0xc0045516, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async)
mmap$auto(0x0, 0xffffffffffffff9f, 0x8001, 0x18, 0x200000401, 0x1000008000)

1.26557225s ago: executing program 5 (id=4985):
mmap$auto(0x0, 0x2020005, 0x203, 0xeb1, 0xffffffffffffffff, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
read$auto(r0, 0x0, 0xe8)
writev$auto(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x7}, 0x3)
r1 = socket(0x2, 0x1, 0x106)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x400000003)
syz_genetlink_get_family_id$auto_ethtool(0x0, r1)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x14, r4, 0x1, 0x70bd2c, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x3f, 0x8000}, 0x8000)

940.623293ms ago: executing program 4 (id=4986):
r0 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000180), 0x101802, 0x0)
write$auto(r0, 0x0, 0x7)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/md_mod/parameters/new_array\x00', 0xa001, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
socket(0x2, 0x801, 0x106)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyqc\x00', 0x800, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/virtual/block/nbd11/queue/stable_writes\x00', 0x1a1842, 0x0)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0)
r3 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
socket(0x10, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
fcntl$auto_F_DUPFD_CLOEXEC(r3, 0x406, r1)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
ioctl$auto(r2, 0x541c, r3)
r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000200)='/proc/fs/cifs/LinuxExtensionsEnabled\x00', 0x48041, 0x0)
write$auto(r4, 0x0, 0x6)

869.950331ms ago: executing program 1 (id=4987):
mmap$auto(0x0, 0x20009, 0x4000000000cf, 0xeb1, 0xffffffffffffffff, 0x8000)
socket(0x2b, 0x1, 0x0)
io_uring_setup$auto(0x6, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
connect$auto(0x3, &(0x7f00000018c0)=@in={0x2, 0x1f00, @loopback=0xac14140a}, 0x55)
r0 = getpid()
process_vm_readv$auto(r0, &(0x7f0000000000)={0x0, 0xfff}, 0x800000001, 0x0, 0x6, 0x0)
setsockopt$auto(0x400000000000003, 0x29, 0xca, 0x0, 0x567)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x2, 0x73)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @loopback}, 0x6a)

654.343969ms ago: executing program 5 (id=4988):
mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000)
read$auto(0xffffffffffffffff, 0x0, 0x20)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x48140, 0x0)
r0 = syz_open_procfs$namespace(0x0, 0x0)
mmap$auto(0x0, 0xe983, 0xa3, 0xeb1, 0xffffffffffffffff, 0x8000)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004040}, 0xc800)
r1 = socket(0xa, 0x5, 0x84)
sendto$auto(r1, 0x0, 0x401, 0x7f, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000002c0100"}, 0x1c)
setns(r0, 0x0)
move_pages$auto(0xffffffffffffffff, 0xa6, 0x0, 0x0, 0x0, 0x3)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
timer_create$auto_CLOCK_BOOTTIME(0x7, 0x0, 0x0)
sendmsg$auto_IPVS_CMD_SET_CONFIG(0xffffffffffffffff, 0x0, 0x200000d4)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000)
pwrite64$auto(0xc8, 0x0, 0xfdf2, 0x3a)
semctl$auto(0xeea8, 0x804, 0x2, 0x1)

639.879816ms ago: executing program 4 (id=4989):
openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, 0x0, 0x11d802, 0x0)
r0 = socket(0x10, 0x2, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_ETHTOOL_MSG_PLCA_GET_STATUS(r1, &(0x7f00000030c0)={0x0, 0x0, &(0x7f0000003080)={&(0x7f0000000140)=ANY=[@ANYBLOB="14000000", @ANYBLOB="0456ed"], 0x14}, 0x1, 0x0, 0x0, 0x4854}, 0x40)
syz_genetlink_get_family_id$auto_netdev(&(0x7f0000003900), r1)
r2 = syz_genetlink_get_family_id$auto_ethtool(0x0, r1)
sendmsg$auto_ETHTOOL_MSG_WOL_SET(r0, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f00000003c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010027bd7000fcdbdf250a9e00ff15000000140001"], 0x2c}, 0x1, 0x0, 0x0, 0x4801}, 0x0)

129.881767ms ago: executing program 5 (id=4991):
unshare$auto(0x40000080)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
socket(0x2b, 0x1, 0x0)
listen$auto(0x3, 0x81)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003f2, 0x15)
r1 = syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000980)={0x14, r1, 0x1, 0x70bd31, 0x25dfdbfd}, 0x14}}, 0x24048084)
madvise$auto(0x0, 0x200007, 0x19)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x101001, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000001c0), 0x101000, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
r3 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0)
pread64$auto(r3, &(0x7f0000000240)='\x03W\x96l\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf4\x00', 0x100000002, 0x100000001)

0s ago: executing program 4 (id=4992):
mmap$auto(0x0, 0x20009, 0x4000000000cf, 0xeb1, 0xffffffffffffffff, 0x8000)
r0 = socket(0x2b, 0x1, 0x0)
r1 = io_uring_setup$auto(0x6, 0x0)
ioctl$auto_RTC_PARAM_GET(r1, 0x40187013, &(0x7f0000000080)={0x4, @svalue=0x2, 0x1})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0)
ioctl$auto_OTPLOCK(r3, 0x800c4d10, &(0x7f0000000200)={0x4, 0x0, 0x1})
r4 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'batadv0\x00', <r5=>0x0})
sendmsg$auto_BATADV_CMD_GET_HARDIF(r2, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000040)={0x1c, r4, 0x600, 0x70b927, 0x25dfdbfe, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x4008000)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'veth0_to_batadv\x00', <r6=>0x0})
sendmsg$auto_BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00022abd7000ffdbdf256e8b000005000a000109000008000d000700000008000600", @ANYRES32=r6, @ANYBLOB="05000a000500000008002c0004000000"], 0x3c}}, 0x0)
socket(0x26, 0x800, 0x82a)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
connect$auto(0x3, &(0x7f00000018c0)=@in={0x2, 0x300, @loopback=0xac14140a}, 0x55)
getpid()
r7 = set_tid_address$auto(&(0x7f0000000200)=0x959)
process_vm_readv$auto(r7, &(0x7f0000000000)={0x0, 0xfff}, 0x800000001, &(0x7f0000000280)={&(0x7f0000000140), 0x1ffffffff}, 0x6, 0x1)
prctl$auto(0x23, 0x80000000000a, 0x80000001, 0x0, 0x0)
r8 = openat$auto_proc_environ_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/environ\x00', 0x2000, 0x0)
read$auto_proc_environ_operations_base(r8, &(0x7f0000000240)=""/80, 0x50)
openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000d00), 0x60100, 0x0)
select$auto(0x4, 0x0, &(0x7f0000000080)={[0x209c, 0xe9e, 0x4, 0x5, 0x1000, 0x100000001, 0xc, 0xf, 0x0, 0x40, 0xe, 0xd59, 0x101, 0xff, 0x2, 0x80080001]}, 0x0, 0x0)
setsockopt$auto(0x400000000000003, 0x29, 0xca, 0x0, 0x567)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
fcntl$auto(r0, 0xe5, 0x0)
socket(0x2, 0x2, 0x73)
bind$auto(r2, &(0x7f0000000040)=@in={0x2, 0x4e1e, @local}, 0x5)
openat$auto_aoe_fops_aoechr(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/etherd/revalidate\x00', 0x4082, 0x0)

kernel console output (not intermixed with test programs):

1707.120028][T27163]  ? do_user_addr_fault+0x8d6/0x12f0
[ 1707.120062][T27163]  do_syscall_64+0xc9/0xf80
[ 1707.120092][T27163]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1707.120117][T27163] RIP: 0033:0x7f114099acb9
[ 1707.120135][T27163] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1707.120165][T27163] RSP: 002b:00007f1141938028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1707.120188][T27163] RAX: ffffffffffffffda RBX: 00007f1140c15fa0 RCX: 00007f114099acb9
[ 1707.120205][T27163] RDX: 0000000000082000 RSI: 0000200000000040 RDI: ffffffffffffff9c
[ 1707.120221][T27163] RBP: 00007f1141938090 R08: 0000000000000000 R09: 0000000000000000
[ 1707.120236][T27163] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1707.120251][T27163] R13: 00007f1140c16038 R14: 00007f1140c15fa0 R15: 00007ffd6ace6ca8
[ 1707.120281][T27163]  </TASK>
[ 1708.826850][   T30] audit: type=1800 audit(4294968193.450:141): pid=27183 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.4802" name="dbroot" dev="configfs" ino=151689 res=0 errno=0
[ 1709.671458][T27203] FAULT_INJECTION: forcing a failure.
[ 1709.671458][T27203] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1709.766811][T27203] CPU: 0 UID: 0 PID: 27203 Comm: syz.5.4806 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1709.766853][T27203] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1709.766863][T27203] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1709.766878][T27203] Call Trace:
[ 1709.766886][T27203]  <TASK>
[ 1709.766895][T27203]  dump_stack_lvl+0x100/0x190
[ 1709.766942][T27203]  should_fail_ex.cold+0x5/0xa
[ 1709.766981][T27203]  _copy_from_user+0x2e/0xd0
[ 1709.767019][T27203]  move_addr_to_kernel+0x65/0x170
[ 1709.767049][T27203]  __sys_connect+0xb5/0x170
[ 1709.767079][T27203]  ? __pfx___sys_connect+0x10/0x10
[ 1709.767108][T27203]  ? __fget_files+0x21f/0x3d0
[ 1709.767144][T27203]  ? __pfx_ksys_write+0x10/0x10
[ 1709.767177][T27203]  __x64_sys_connect+0x72/0xb0
[ 1709.767206][T27203]  ? lockdep_hardirqs_on+0x78/0x100
[ 1709.767234][T27203]  do_syscall_64+0xc9/0xf80
[ 1709.767264][T27203]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1709.767288][T27203] RIP: 0033:0x7f114099acb9
[ 1709.767307][T27203] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1709.767330][T27203] RSP: 002b:00007f1141938028 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[ 1709.767354][T27203] RAX: ffffffffffffffda RBX: 00007f1140c15fa0 RCX: 00007f114099acb9
[ 1709.767371][T27203] RDX: 0000000000000055 RSI: 00002000000018c0 RDI: 0000000000000003
[ 1709.767386][T27203] RBP: 00007f1141938090 R08: 0000000000000000 R09: 0000000000000000
[ 1709.767401][T27203] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1709.767416][T27203] R13: 00007f1140c16038 R14: 00007f1140c15fa0 R15: 00007ffd6ace6ca8
[ 1709.767447][T27203]  </TASK>
[ 1709.997803][T27169] syz.2.4798 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[ 1710.008962][T27169] CPU: 0 UID: 0 PID: 27169 Comm: syz.2.4798 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1710.009002][T27169] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1710.009013][T27169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1710.009029][T27169] Call Trace:
[ 1710.009039][T27169]  <TASK>
[ 1710.009050][T27169]  dump_stack_lvl+0x100/0x190
[ 1710.009082][T27169]  dump_header+0xfb/0x606
[ 1710.009107][T27169]  oom_kill_process.cold+0xd/0x321
[ 1710.009134][T27169]  out_of_memory+0x340/0x14f0
[ 1710.009171][T27169]  ? __pfx_out_of_memory+0x10/0x10
[ 1710.009213][T27169]  mem_cgroup_out_of_memory+0xc6/0x130
[ 1710.009239][T27169]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1710.009263][T27169]  ? find_held_lock+0x2b/0x80
[ 1710.009292][T27169]  ? do_raw_spin_unlock+0x145/0x1e0
[ 1710.009329][T27169]  ? _raw_spin_unlock+0x28/0x50
[ 1710.009356][T27169]  try_charge_memcg+0x652/0xc90
[ 1710.009395][T27169]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1710.009434][T27169]  ? find_held_lock+0x2b/0x80
[ 1710.009456][T27169]  ? rcu_read_unlock+0x17/0x60
[ 1710.009490][T27169]  ? rcu_read_unlock+0x17/0x60
[ 1710.009527][T27169]  charge_memcg+0xa6/0x280
[ 1710.009559][T27169]  mem_cgroup_swapin_charge_folio+0xeb/0x470
[ 1710.009600][T27169]  __read_swap_cache_async+0x449/0x610
[ 1710.009632][T27169]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 1710.009657][T27169]  ? mlock_drain_local+0x254/0x4e0
[ 1710.009686][T27169]  ? mlock_drain_local+0x254/0x4e0
[ 1710.009723][T27169]  swap_cluster_readahead+0x541/0x770
[ 1710.009757][T27169]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 1710.009786][T27169]  ? __lock_acquire+0x4a5/0x2630
[ 1710.009816][T27169]  ? __lock_acquire+0x4a5/0x2630
[ 1710.009859][T27169]  ? get_vma_policy+0x23f/0x3b0
[ 1710.009897][T27169]  swapin_readahead+0x14b/0x12e0
[ 1710.009932][T27169]  ? __pfx_swapin_readahead+0x10/0x10
[ 1710.009965][T27169]  ? find_held_lock+0x2b/0x80
[ 1710.009988][T27169]  ? swap_cache_get_folio+0x272/0x920
[ 1710.010017][T27169]  ? swap_cache_get_folio+0x272/0x920
[ 1710.010041][T27169]  ? swap_cache_get_folio+0x1f/0x920
[ 1710.010064][T27169]  ? swap_cache_get_folio+0x2a2/0x920
[ 1710.010091][T27169]  ? __pfx_swap_cache_get_folio+0x10/0x10
[ 1710.010115][T27169]  ? __pfx_get_swap_device+0x10/0x10
[ 1710.010154][T27169]  ? do_swap_page+0x9ba/0x6810
[ 1710.010176][T27169]  do_swap_page+0x9ba/0x6810
[ 1710.010205][T27169]  ? __lock_acquire+0x4a5/0x2630
[ 1710.010244][T27169]  ? __pfx_do_swap_page+0x10/0x10
[ 1710.010271][T27169]  ? __pfx_default_wake_function+0x10/0x10
[ 1710.010306][T27169]  ? rcu_is_watching+0x12/0xc0
[ 1710.010330][T27169]  ? ___pte_offset_map+0x179/0x310
[ 1710.010367][T27169]  __handle_mm_fault+0x18b9/0x2b50
[ 1710.010398][T27169]  ? reacquire_held_locks+0xce/0x1e0
[ 1710.010431][T27169]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1710.010461][T27169]  ? lock_vma_under_rcu+0x17c/0x5a0
[ 1710.010504][T27169]  handle_mm_fault+0x36d/0xa20
[ 1710.010536][T27169]  do_user_addr_fault+0x5a3/0x12f0
[ 1710.010571][T27169]  exc_page_fault+0x6f/0xd0
[ 1710.010599][T27169]  asm_exc_page_fault+0x26/0x30
[ 1710.010622][T27169] RIP: 0033:0x7fc78cc6f470
[ 1710.010642][T27169] Code: 83 f8 04 75 ec 31 f6 80 7c 24 0e 00 74 70 40 88 74 24 0e 8b 7c 24 08 48 89 de e8 bb 02 fe ff 84 c0 75 5b 80 7c 24 0f 00 75 0d <80> 3d 11 2c 3a 00 00 0f 85 a3 01 00 00 49 83 7f 68 07 77 08 49 c7
[ 1710.010668][T27169] RSP: 002b:00007fffb4ee8fe0 EFLAGS: 00010246
[ 1710.010688][T27169] RAX: 0000000000000000 RBX: ffffffff893e1f3b RCX: ffffffff8b6d9f3b
[ 1710.010704][T27169] RDX: 0000000000001f3b RSI: ffffffff893e1f3b RDI: 0000000000000008
[ 1710.010719][T27169] RBP: 0000000000000000 R08: 00007fc78d000000 R09: 00007fc78d002000
[ 1710.010733][T27169] R10: 00000000893e1f3f R11: 0000000000000008 R12: 00007fc78d016128
[ 1710.010765][T27169] R13: 0000000000000000 R14: ffffffff893e1651 R15: 00007fc78db45720
[ 1710.010781][T27169]  ? __x64_sys_getsockopt+0x11/0x160
[ 1710.010825][T27169]  ? __copy_msghdr+0x28b/0x470
[ 1710.010861][T27169]  ? mas_prev_slot+0x71b/0x1c10
[ 1710.010890][T27169]  ? __copy_msghdr+0x28b/0x470
[ 1710.010928][T27169]  </TASK>
[ 1711.487770][T27169] memory: usage 3068kB, limit 3072kB, failcnt 110104
[ 1711.528275][T27169] memory+swap: usage 3240kB, limit 9007199254740988kB, failcnt 0
[ 1711.558307][T27169] kmem: usage 2876kB, limit 9007199254740988kB, failcnt 0
[ 1711.607663][T27169] Memory cgroup stats for /syz2:
[ 1711.607948][T27169] cache 0
[ 1711.640248][T27169] rss 4096
[ 1711.664504][T27169] rss_huge 0
[ 1711.688088][T27169] shmem 0
[ 1711.709695][T27169] mapped_file 0
[ 1711.738581][T27169] dirty 0
[ 1711.769959][T27169] writeback 0
[ 1711.801872][T27169] workingset_refault_anon 29758
[ 1711.836912][T27169] workingset_refault_file 15348
[ 1711.884493][T27169] swap 172032
[ 1711.913594][T27169] swapcached 200704
[ 1711.947150][T27169] pgpgin 750353
[ 1712.032631][T27169] pgpgout 787702
[ 1712.142584][T27212] FAULT_INJECTION: forcing a failure.
[ 1712.142584][T27212] name failslab, interval 1, probability 0, space 0, times 0
[ 1712.193146][T27169] pgfault 973262
[ 1712.219466][T27169] pgmajfault 13524
[ 1712.223238][T27169] inactive_anon 40960
[ 1712.227243][T27169] active_anon 24576
[ 1712.240614][T27212] CPU: 0 UID: 0 PID: 27212 Comm: syz.1.4808 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1712.240658][T27212] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1712.240672][T27212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1712.240688][T27212] Call Trace:
[ 1712.240697][T27212]  <TASK>
[ 1712.240706][T27212]  dump_stack_lvl+0x100/0x190
[ 1712.240741][T27212]  should_fail_ex.cold+0x5/0xa
[ 1712.240783][T27212]  should_failslab+0xc2/0x120
[ 1712.240817][T27212]  ? kobject_get_path+0xcf/0x2c0
[ 1712.240849][T27212]  __kmalloc_noprof+0xf6/0x9c0
[ 1712.240882][T27212]  ? kobject_get_path+0xcf/0x2c0
[ 1712.240913][T27212]  kobject_get_path+0xcf/0x2c0
[ 1712.240950][T27212]  kobject_uevent_env+0x287/0x18b0
[ 1712.240990][T27212]  ? queue_work_on+0x11b/0x1e0
[ 1712.241033][T27212]  ? bus_to_subsys+0x114/0x150
[ 1712.241077][T27212]  driver_bound+0x13e/0x220
[ 1712.241107][T27212]  device_bind_driver+0x3a/0x70
[ 1712.241136][T27212]  mac80211_hwsim_new_radio+0x3fb/0x57c0
[ 1712.241187][T27212]  ? __asan_memset+0x23/0x50
[ 1712.241214][T27212]  ? __nla_validate_parse+0x1e7/0x28b0
[ 1712.241242][T27212]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[ 1712.241289][T27212]  hwsim_new_radio_nl+0xc1f/0x1340
[ 1712.241324][T27212]  ? genl_family_rcv_msg_attrs_parse.isra.0+0xc8/0x290
[ 1712.241357][T27212]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1712.241402][T27212]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x290
[ 1712.241430][T27212]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1b4/0x290
[ 1712.241464][T27212]  genl_family_rcv_msg_doit+0x214/0x300
[ 1712.241493][T27212]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1712.241520][T27212]  ? genl_get_cmd+0x3ef/0x720
[ 1712.241551][T27212]  ? bpf_lsm_capable+0x9/0x10
[ 1712.241572][T27212]  ? security_capable+0x80/0x260
[ 1712.241603][T27212]  ? ns_capable+0xd2/0xf0
[ 1712.241637][T27212]  genl_rcv_msg+0x560/0x800
[ 1712.241667][T27212]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1712.241693][T27212]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1712.241740][T27212]  netlink_rcv_skb+0x159/0x420
[ 1712.241779][T27212]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1712.241806][T27212]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1712.241857][T27212]  ? netlink_deliver_tap+0x1ae/0xcc0
[ 1712.241898][T27212]  genl_rcv+0x28/0x40
[ 1712.241920][T27212]  netlink_unicast+0x5aa/0x870
[ 1712.241963][T27212]  ? __pfx_netlink_unicast+0x10/0x10
[ 1712.242019][T27212]  netlink_sendmsg+0x8b0/0xda0
[ 1712.242063][T27212]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1712.242101][T27212]  ? __import_iovec+0x1d2/0x640
[ 1712.242143][T27212]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[ 1712.242180][T27212]  ____sys_sendmsg+0xa54/0xc30
[ 1712.242210][T27212]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1712.242241][T27212]  ? try_to_wake_up+0x644/0x1a60
[ 1712.242274][T27212]  ___sys_sendmsg+0x190/0x1e0
[ 1712.242305][T27212]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1712.242333][T27212]  ? futex_private_hash_put+0x107/0x1c0
[ 1712.242378][T27212]  ? find_held_lock+0x2b/0x80
[ 1712.242421][T27212]  __sys_sendmsg+0x170/0x220
[ 1712.242459][T27212]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1712.242495][T27212]  ? __x64_sys_futex+0x34f/0x4d0
[ 1712.242547][T27212]  do_syscall_64+0xc9/0xf80
[ 1712.242579][T27212]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1712.242605][T27212] RIP: 0033:0x7f1a20b9acb9
[ 1712.242625][T27212] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1712.242650][T27212] RSP: 002b:00007f1a21af9028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1712.242674][T27212] RAX: ffffffffffffffda RBX: 00007f1a20e15fa0 RCX: 00007f1a20b9acb9
[ 1712.242691][T27212] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000006
[ 1712.242707][T27212] RBP: 00007f1a20c08bf7 R08: 0000000000000000 R09: 0000000000000000
[ 1712.242722][T27212] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1712.242737][T27212] R13: 00007f1a20e16038 R14: 00007f1a20e15fa0 R15: 00007ffea93879e8
[ 1712.242769][T27212]  </TASK>
[ 1713.099273][T27169] inactive_file 0
[ 1713.105161][T27169] active_file 0
[ 1713.108657][T27169] unevictable 0
[ 1713.167572][T27169] hierarchical_memory_limit 3145728
[ 1713.191215][T27169] hierarchical_memsw_limit 9223372036854771712
[ 1713.197439][T27169] total_cache 0
[ 1713.209841][T27169] total_rss 4096
[ 1713.213445][T27169] total_rss_huge 0
[ 1713.217190][T27169] total_shmem 0
[ 1713.241086][T27169] total_mapped_file 0
[ 1713.245115][T27169] total_dirty 0
[ 1713.248597][T27169] total_writeback 0
[ 1713.260222][T27217] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4809'.
[ 1713.287698][T27169] total_workingset_refault_anon 29758
[ 1713.297709][T27169] total_workingset_refault_file 15348
[ 1713.324714][T27169] total_swap 172032
[ 1713.328579][T27169] total_swapcached 200704
[ 1713.359284][T27169] total_pgpgin 750353
[ 1713.363321][T27169] total_pgpgout 787702
[ 1713.367402][T27169] total_pgfault 973262
[ 1713.387467][T27169] total_pgmajfault 13524
[ 1713.399435][T27169] total_inactive_anon 40960
[ 1713.403996][T27169] total_active_anon 24576
[ 1713.408338][T27169] total_inactive_file 0
[ 1713.429296][T27169] total_active_file 0
[ 1713.433328][T27169] total_unevictable 0
[ 1713.437314][T27169] anon_cost 35
[ 1713.454832][T27169] file_cost 0
[ 1713.464968][T27169] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.4798,pid=27169,uid=0
[ 1713.499291][T27169] Memory cgroup out of memory: Killed process 27169 (syz.2.4798) total-vm:102460kB, anon-rss:1336kB, file-rss:22452kB, shmem-rss:0kB, UID:0 pgtables:140kB oom_score_adj:1000
[ 1713.917606][T27217] macvtap0: entered promiscuous mode
[ 1713.928297][T27217] macvtap0: entered allmulticast mode
[ 1714.628699][T27229] FAULT_INJECTION: forcing a failure.
[ 1714.628699][T27229] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1714.740537][T27229] CPU: 0 UID: 0 PID: 27229 Comm: syz.5.4814 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1714.740580][T27229] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1714.740591][T27229] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1714.740607][T27229] Call Trace:
[ 1714.740616][T27229]  <TASK>
[ 1714.740625][T27229]  dump_stack_lvl+0x100/0x190
[ 1714.740659][T27229]  should_fail_ex.cold+0x5/0xa
[ 1714.740699][T27229]  ? prepare_alloc_pages+0x16d/0x5f0
[ 1714.740740][T27229]  should_fail_alloc_page+0xeb/0x140
[ 1714.740778][T27229]  prepare_alloc_pages+0x1f0/0x5f0
[ 1714.740815][T27229]  ? rcu_is_watching+0x12/0xc0
[ 1714.740843][T27229]  __alloc_frozen_pages_noprof+0x193/0x2410
[ 1714.740883][T27229]  ? stack_trace_save+0x8e/0xc0
[ 1714.740910][T27229]  ? __pfx_stack_trace_save+0x10/0x10
[ 1714.740939][T27229]  ? stack_depot_save_flags+0x27/0x9c0
[ 1714.740979][T27229]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1714.741013][T27229]  ? kasan_save_stack+0x3f/0x50
[ 1714.741047][T27229]  ? kasan_save_stack+0x30/0x50
[ 1714.741076][T27229]  ? kasan_save_track+0x14/0x30
[ 1714.741106][T27229]  ? __kasan_kmalloc+0xaa/0xb0
[ 1714.741137][T27229]  ? do_filp_open+0x1f7/0x420
[ 1714.741165][T27229]  ? do_sys_openat2+0x12e/0x220
[ 1714.741201][T27229]  ? __x64_sys_openat+0x12d/0x210
[ 1714.741238][T27229]  ? do_syscall_64+0xc9/0xf80
[ 1714.741266][T27229]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1714.741296][T27229]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1714.741325][T27229]  ? policy_nodemask+0xed/0x4f0
[ 1714.741363][T27229]  alloc_pages_mpol+0x1fb/0x550
[ 1714.741400][T27229]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1714.741444][T27229]  alloc_pages_noprof+0x131/0x390
[ 1714.741481][T27229]  get_zeroed_page_noprof+0x18/0xb0
[ 1714.741523][T27229]  mon_alloc_buff+0xce/0x1b0
[ 1714.741548][T27229]  ? kasan_save_track+0x14/0x30
[ 1714.741584][T27229]  mon_bin_open+0x207/0x470
[ 1714.741608][T27229]  ? __pfx_mon_bin_open+0x10/0x10
[ 1714.741632][T27229]  chrdev_open+0x234/0x6a0
[ 1714.741662][T27229]  ? __pfx_apparmor_file_open+0x10/0x10
[ 1714.741701][T27229]  ? __pfx_chrdev_open+0x10/0x10
[ 1714.741734][T27229]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[ 1714.741770][T27229]  do_dentry_open+0x73e/0x1570
[ 1714.741799][T27229]  ? __pfx_chrdev_open+0x10/0x10
[ 1714.741831][T27229]  ? security_inode_permission+0xbf/0x250
[ 1714.741873][T27229]  vfs_open+0x82/0x3f0
[ 1714.741912][T27229]  path_openat+0x21dc/0x3120
[ 1714.741951][T27229]  ? __pfx_path_openat+0x10/0x10
[ 1714.741991][T27229]  do_filp_open+0x1f7/0x420
[ 1714.742023][T27229]  ? __pfx_do_filp_open+0x10/0x10
[ 1714.742072][T27229]  ? _raw_spin_unlock+0x28/0x50
[ 1714.742096][T27229]  ? alloc_fd+0x476/0x790
[ 1714.742132][T27229]  do_sys_openat2+0x12e/0x220
[ 1714.742170][T27229]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1714.742210][T27229]  ? __fget_files+0x21f/0x3d0
[ 1714.742243][T27229]  __x64_sys_openat+0x12d/0x210
[ 1714.742282][T27229]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1714.742319][T27229]  ? xfd_validate_state+0x129/0x190
[ 1714.742369][T27229]  do_syscall_64+0xc9/0xf80
[ 1714.742400][T27229]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1714.742426][T27229] RIP: 0033:0x7f114099acb9
[ 1714.742447][T27229] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1714.742472][T27229] RSP: 002b:00007f1141938028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1714.742496][T27229] RAX: ffffffffffffffda RBX: 00007f1140c15fa0 RCX: 00007f114099acb9
[ 1714.742518][T27229] RDX: 0000000000086202 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[ 1714.742534][T27229] RBP: 00007f1140a08bf7 R08: 0000000000000000 R09: 0000000000000000
[ 1714.742550][T27229] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1714.742565][T27229] R13: 00007f1140c16038 R14: 00007f1140c15fa0 R15: 00007ffd6ace6ca8
[ 1714.742596][T27229]  </TASK>
[ 1716.147465][T27238] FAULT_INJECTION: forcing a failure.
[ 1716.147465][T27238] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1716.259454][T27238] CPU: 0 UID: 0 PID: 27238 Comm: syz.2.4816 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1716.259496][T27238] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1716.259507][T27238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1716.259521][T27238] Call Trace:
[ 1716.259529][T27238]  <TASK>
[ 1716.259538][T27238]  dump_stack_lvl+0x100/0x190
[ 1716.259570][T27238]  should_fail_ex.cold+0x5/0xa
[ 1716.259609][T27238]  _copy_to_user+0x32/0xd0
[ 1716.259647][T27238]  simple_read_from_buffer+0xcb/0x170
[ 1716.259674][T27238]  proc_fail_nth_read+0x1af/0x230
[ 1716.259703][T27238]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1716.259732][T27238]  ? rw_verify_area+0xce/0x6d0
[ 1716.259755][T27238]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1716.259785][T27238]  vfs_read+0x1e4/0xb30
[ 1716.259815][T27238]  ? __pfx_vfs_read+0x10/0x10
[ 1716.259839][T27238]  ? find_held_lock+0x2b/0x80
[ 1716.259864][T27238]  ? __fget_files+0x215/0x3d0
[ 1716.259901][T27238]  ? __fget_files+0x21f/0x3d0
[ 1716.259934][T27238]  ksys_read+0x12a/0x250
[ 1716.259960][T27238]  ? __pfx_ksys_read+0x10/0x10
[ 1716.259987][T27238]  ? do_user_addr_fault+0x8d6/0x12f0
[ 1716.260025][T27238]  do_syscall_64+0xc9/0xf80
[ 1716.260056][T27238]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1716.260080][T27238] RIP: 0033:0x7fc78cd5b58e
[ 1716.260098][T27238] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1716.260122][T27238] RSP: 002b:00007fc78dd01fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1716.260144][T27238] RAX: ffffffffffffffda RBX: 00007fc78dd026c0 RCX: 00007fc78cd5b58e
[ 1716.260160][T27238] RDX: 000000000000000f RSI: 00007fc78dd020a0 RDI: 0000000000000003
[ 1716.260175][T27238] RBP: 00007fc78dd02090 R08: 0000000000000000 R09: 0000000000000000
[ 1716.260190][T27238] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1716.260204][T27238] R13: 00007fc78d016128 R14: 00007fc78d016090 R15: 00007fffb4ee8f98
[ 1716.260234][T27238]  </TASK>
[ 1716.926690][T27237] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000
[ 1717.083286][T27237] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 1717.149605][T27237] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 1717.157210][T27237] page_type: f5(slab)
[ 1717.186929][T27237] raw: 00fff00000000040 ffff88813ff27140 ffffea000087c200 dead000000000002
[ 1717.238130][T27237] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[ 1717.281536][T27237] head: 00fff00000000040 ffff88813ff27140 ffffea000087c200 dead000000000002
[ 1717.321967][T27237] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[ 1717.381943][T27237] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff
[ 1717.429357][T27237] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[ 1717.490283][T27237] page dumped because: unmovable page
[ 1717.495712][T27237] page_owner tracks the page as allocated
[ 1717.552945][T27237] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5195, tgid 5195 (udevd), ts 384041949474, free_ts 383095564309
[ 1717.601489][T27256] FAULT_INJECTION: forcing a failure.
[ 1717.601489][T27256] name failslab, interval 1, probability 0, space 0, times 0
[ 1717.669460][T27256] CPU: 0 UID: 0 PID: 27256 Comm: syz.1.4823 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1717.669503][T27256] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1717.669514][T27256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1717.669529][T27256] Call Trace:
[ 1717.669537][T27256]  <TASK>
[ 1717.669546][T27256]  dump_stack_lvl+0x100/0x190
[ 1717.669580][T27256]  should_fail_ex.cold+0x5/0xa
[ 1717.669620][T27256]  should_failslab+0xc2/0x120
[ 1717.669654][T27256]  kmem_cache_alloc_noprof+0x83/0x780
[ 1717.669686][T27256]  ? dst_alloc+0x99/0x1a0
[ 1717.669722][T27256]  ? dst_alloc+0x99/0x1a0
[ 1717.669751][T27256]  dst_alloc+0x99/0x1a0
[ 1717.669783][T27256]  rt_dst_alloc+0x35/0x3a0
[ 1717.669823][T27256]  ip_route_output_key_hash_rcu+0x87a/0x2870
[ 1717.669862][T27256]  ip_route_output_key_hash+0x118/0x2b0
[ 1717.669892][T27256]  ? __pfx_ip_route_output_key_hash+0x10/0x10
[ 1717.669922][T27256]  ? kernel_text_address+0x8d/0x100
[ 1717.669972][T27256]  tcp_v4_connect+0x86b/0x1bf0
[ 1717.670007][T27256]  ? __pfx_tcp_v4_connect+0x10/0x10
[ 1717.670052][T27256]  ? __lock_acquire+0x4a5/0x2630
[ 1717.670090][T27256]  __inet_stream_connect+0x208/0xfa0
[ 1717.670123][T27256]  ? __pfx___inet_stream_connect+0x10/0x10
[ 1717.670150][T27256]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1717.670201][T27256]  ? __local_bh_enable_ip+0x9e/0x120
[ 1717.670234][T27256]  inet_stream_connect+0x57/0xa0
[ 1717.670262][T27256]  kernel_connect+0x107/0x160
[ 1717.670285][T27256]  ? __pfx_kernel_connect+0x10/0x10
[ 1717.670321][T27256]  ? __local_bh_enable_ip+0x9e/0x120
[ 1717.670354][T27256]  smc_connect+0x394/0x750
[ 1717.670384][T27256]  ? __pfx_smc_connect+0x10/0x10
[ 1717.670409][T27256]  __sys_connect_file+0x141/0x1a0
[ 1717.670442][T27256]  __sys_connect+0x141/0x170
[ 1717.670472][T27256]  ? __pfx___sys_connect+0x10/0x10
[ 1717.670501][T27256]  ? __fget_files+0x21f/0x3d0
[ 1717.670538][T27256]  ? __pfx_ksys_write+0x10/0x10
[ 1717.670571][T27256]  __x64_sys_connect+0x72/0xb0
[ 1717.670601][T27256]  ? lockdep_hardirqs_on+0x78/0x100
[ 1717.670628][T27256]  do_syscall_64+0xc9/0xf80
[ 1717.670659][T27256]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1717.670686][T27256] RIP: 0033:0x7f1a20b9acb9
[ 1717.670705][T27256] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1717.670729][T27256] RSP: 002b:00007f1a21af9028 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[ 1717.670752][T27256] RAX: ffffffffffffffda RBX: 00007f1a20e15fa0 RCX: 00007f1a20b9acb9
[ 1717.670768][T27256] RDX: 0000000000000055 RSI: 00002000000018c0 RDI: 0000000000000003
[ 1717.670784][T27256] RBP: 00007f1a21af9090 R08: 0000000000000000 R09: 0000000000000000
[ 1717.670799][T27256] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1717.670814][T27256] R13: 00007f1a20e16038 R14: 00007f1a20e15fa0 R15: 00007ffea93879e8
[ 1717.670845][T27256]  </TASK>
[ 1717.671284][T27237]  post_alloc_hook+0x1e1/0x250
[ 1719.019404][T27237]  get_page_from_freelist+0xe3d/0x2e10
[ 1719.039323][T27237]  __alloc_frozen_pages_noprof+0x26c/0x2410
[ 1719.067924][T27237]  alloc_pages_mpol+0x1fb/0x550
[ 1719.078028][T27237]  new_slab+0x2c4/0x440
[ 1719.102770][T27237]  ___slab_alloc+0xda3/0x1ca0
[ 1719.127964][T27237]  __slab_alloc.isra.0+0x63/0x110
[ 1719.135578][T27237]  __kmalloc_noprof+0x618/0x9c0
[ 1719.155045][T27237]  tomoyo_realpath_from_path+0xb6/0x690
[ 1719.175555][T27237]  tomoyo_path_perm+0x276/0x460
[ 1719.195691][T27237]  tomoyo_path_unlink+0x91/0xe0
[ 1719.212241][T27237]  security_path_unlink+0x145/0x2b0
[ 1719.231873][T27237]  do_unlinkat+0x326/0x6e0
[ 1719.245898][T27237]  __x64_sys_unlink+0xc5/0x110
[ 1719.266385][T27237]  do_syscall_64+0xc9/0xf80
[ 1719.283436][T27237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1719.306786][T27237] page last free pid 5829 tgid 5829 stack trace:
[ 1719.328617][T27237]  __free_frozen_pages+0x822/0x1130
[ 1719.344055][T27237]  __put_partials+0x127/0x160
[ 1719.362294][T27237]  qlist_free_all+0x47/0xe0
[ 1719.378496][T27237]  kasan_quarantine_reduce+0x1a0/0x1f0
[ 1719.398813][T27237]  __kasan_slab_alloc+0x69/0x90
[ 1719.418356][T27237]  __kmalloc_cache_noprof+0x2e1/0x810
[ 1719.436456][T27237]  kernfs_fop_open+0x23d/0xd50
[ 1719.454848][T27237]  do_dentry_open+0x73e/0x1570
[ 1719.470218][T27237]  vfs_open+0x82/0x3f0
[ 1719.484323][T27237]  path_openat+0x21dc/0x3120
[ 1719.498576][T27237]  do_filp_open+0x1f7/0x420
[ 1719.517228][T27237]  do_sys_openat2+0x12e/0x220
[ 1719.535498][T27237]  __x64_sys_openat+0x12d/0x210
[ 1719.551493][T27237]  do_syscall_64+0xc9/0xf80
[ 1719.570772][T27237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1719.878380][T17591] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[ 1720.342269][T17591] CPU: 0 UID: 0 PID: 17591 Comm: syz-executor Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1720.342311][T17591] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1720.342322][T17591] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1720.342336][T17591] Call Trace:
[ 1720.342345][T17591]  <TASK>
[ 1720.342354][T17591]  dump_stack_lvl+0x100/0x190
[ 1720.342387][T17591]  dump_header+0xfb/0x606
[ 1720.342412][T17591]  oom_kill_process.cold+0xd/0x321
[ 1720.342440][T17591]  out_of_memory+0x340/0x14f0
[ 1720.342477][T17591]  ? __pfx_out_of_memory+0x10/0x10
[ 1720.342515][T17591]  mem_cgroup_out_of_memory+0xc6/0x130
[ 1720.342541][T17591]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1720.342565][T17591]  ? find_held_lock+0x2b/0x80
[ 1720.342595][T17591]  ? do_raw_spin_unlock+0x145/0x1e0
[ 1720.342632][T17591]  ? _raw_spin_unlock+0x28/0x50
[ 1720.342659][T17591]  try_charge_memcg+0x652/0xc90
[ 1720.342698][T17591]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1720.342737][T17591]  ? find_held_lock+0x2b/0x80
[ 1720.342759][T17591]  ? rcu_read_unlock+0x17/0x60
[ 1720.342793][T17591]  ? rcu_read_unlock+0x17/0x60
[ 1720.342830][T17591]  charge_memcg+0xa6/0x280
[ 1720.342863][T17591]  mem_cgroup_swapin_charge_folio+0xeb/0x470
[ 1720.342905][T17591]  __read_swap_cache_async+0x449/0x610
[ 1720.342936][T17591]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 1720.342964][T17591]  ? rcu_is_watching+0x12/0xc0
[ 1720.342986][T17591]  ? finish_task_switch.isra.0+0x204/0xb70
[ 1720.343014][T17591]  ? lockdep_hardirqs_on+0x78/0x100
[ 1720.343041][T17591]  ? finish_task_switch.isra.0+0x204/0xb70
[ 1720.343073][T17591]  swap_cluster_readahead+0x414/0x770
[ 1720.343099][T17591]  ? __schedule+0xff6/0x5e10
[ 1720.343129][T17591]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 1720.343157][T17591]  ? rcu_is_watching+0x12/0xc0
[ 1720.343182][T17591]  ? __update_load_avg_se+0x5c7/0xe80
[ 1720.343224][T17591]  ? update_load_avg+0x234/0x2090
[ 1720.343259][T17591]  ? get_vma_policy+0x23f/0x3b0
[ 1720.343297][T17591]  swapin_readahead+0x14b/0x12e0
[ 1720.343333][T17591]  ? __pfx_swapin_readahead+0x10/0x10
[ 1720.343361][T17591]  ? find_held_lock+0x2b/0x80
[ 1720.343385][T17591]  ? swap_cache_get_folio+0x272/0x920
[ 1720.343414][T17591]  ? swap_cache_get_folio+0x272/0x920
[ 1720.343437][T17591]  ? swap_cache_get_folio+0x1f/0x920
[ 1720.343460][T17591]  ? swap_cache_get_folio+0x2a2/0x920
[ 1720.343488][T17591]  ? __pfx_swap_cache_get_folio+0x10/0x10
[ 1720.343513][T17591]  ? __pfx_get_swap_device+0x10/0x10
[ 1720.343551][T17591]  ? do_swap_page+0x9ba/0x6810
[ 1720.343574][T17591]  do_swap_page+0x9ba/0x6810
[ 1720.343603][T17591]  ? __lock_acquire+0x4a5/0x2630
[ 1720.343642][T17591]  ? __pfx_do_swap_page+0x10/0x10
[ 1720.343670][T17591]  ? __pfx_default_wake_function+0x10/0x10
[ 1720.343699][T17591]  ? rcu_is_watching+0x12/0xc0
[ 1720.343721][T17591]  ? __free_object+0x2a8/0x400
[ 1720.343752][T17591]  ? rcu_is_watching+0x12/0xc0
[ 1720.343775][T17591]  ? ___pte_offset_map+0x179/0x310
[ 1720.343812][T17591]  __handle_mm_fault+0x18b9/0x2b50
[ 1720.343844][T17591]  ? reacquire_held_locks+0xce/0x1e0
[ 1720.343876][T17591]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1720.343907][T17591]  ? lock_vma_under_rcu+0x17c/0x5a0
[ 1720.343941][T17591]  ? get_timespec64+0x136/0x1b0
[ 1720.343978][T17591]  handle_mm_fault+0x36d/0xa20
[ 1720.344009][T17591]  do_user_addr_fault+0x5a3/0x12f0
[ 1720.344045][T17591]  exc_page_fault+0x6f/0xd0
[ 1720.344072][T17591]  asm_exc_page_fault+0x26/0x30
[ 1720.344094][T17591] RIP: 0033:0x7fc78cd5b58e
[ 1720.344113][T17591] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1720.344136][T17591] RSP: 002b:00007fffb4ee9278 EFLAGS: 00010246
[ 1720.344155][T17591] RAX: 0000000000000000 RBX: 000055558f3d5500 RCX: 00007fc78cd5b58e
[ 1720.344171][T17591] RDX: 00007fffb4ee92d0 RSI: 0000000000000000 RDI: 0000000000000000
[ 1720.344186][T17591] RBP: 00007fffb4ee933c R08: 0000000000000000 R09: 0000000000000000
[ 1720.344201][T17591] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000001388
[ 1720.344221][T17591] R13: 00000000000927c0 R14: 00000000001a3ac4 R15: 00007fffb4ee9390
[ 1720.344252][T17591]  </TASK>
[ 1720.344261][T17591] memory: usage 3072kB, limit 3072kB, failcnt 112246
[ 1720.852251][T27291] FAULT_INJECTION: forcing a failure.
[ 1720.852251][T27291] name failslab, interval 1, probability 0, space 0, times 0
[ 1720.889398][T27291] CPU: 0 UID: 0 PID: 27291 Comm: syz.4.4832 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1720.889442][T27291] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1720.889454][T27291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1720.889469][T27291] Call Trace:
[ 1720.889478][T27291]  <TASK>
[ 1720.889488][T27291]  dump_stack_lvl+0x100/0x190
[ 1720.889522][T27291]  should_fail_ex.cold+0x5/0xa
[ 1720.889564][T27291]  should_failslab+0xc2/0x120
[ 1720.889600][T27291]  kmem_cache_alloc_noprof+0x83/0x780
[ 1720.889633][T27291]  ? __asan_memcpy+0x3c/0x60
[ 1720.889657][T27291]  ? __kernfs_new_node+0xd2/0x960
[ 1720.889697][T27291]  ? __kernfs_new_node+0xd2/0x960
[ 1720.889750][T27291]  __kernfs_new_node+0xd2/0x960
[ 1720.889789][T27291]  ? __pfx___kernfs_new_node+0x10/0x10
[ 1720.889831][T27291]  ? find_held_lock+0x2b/0x80
[ 1720.889855][T27291]  ? kernfs_root+0xee/0x2a0
[ 1720.889887][T27291]  ? kernfs_root+0xee/0x2a0
[ 1720.889933][T27291]  kernfs_new_node+0x11b/0x1a0
[ 1720.889976][T27291]  kernfs_create_dir_ns+0x4c/0x1a0
[ 1720.890020][T27291]  sysfs_create_dir_ns+0x13a/0x2b0
[ 1720.890054][T27291]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1720.890085][T27291]  ? find_held_lock+0x2b/0x80
[ 1720.890109][T27291]  ? kobject_add_internal+0x25f/0x930
[ 1720.890144][T27291]  ? kobject_add_internal+0x25f/0x930
[ 1720.890179][T27291]  ? wiphy_namespace+0x12/0x50
[ 1720.890201][T27291]  ? device_namespace+0x76/0xa0
[ 1720.890238][T27291]  kobject_add_internal+0x2c8/0x930
[ 1720.890278][T27291]  kobject_add+0x16a/0x1e0
[ 1720.890311][T27291]  ? __pfx_kobject_add+0x10/0x10
[ 1720.890351][T27291]  ? kobject_put+0xb9/0x640
[ 1720.890396][T27291]  device_add+0x294/0x1950
[ 1720.890434][T27291]  ? __pfx_device_add+0x10/0x10
[ 1720.890467][T27291]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1720.890497][T27291]  ? ieee80211_set_bitrate_flags+0x41b/0x6b0
[ 1720.890536][T27291]  wiphy_register+0x1e58/0x2d30
[ 1720.890576][T27291]  ? __rtnl_unlock+0xb9/0xf0
[ 1720.890608][T27291]  ? __pfx_wiphy_register+0x10/0x10
[ 1720.890648][T27291]  ? __asan_memset+0x23/0x50
[ 1720.890676][T27291]  ? minstrel_ht_alloc+0x5e6/0x7f0
[ 1720.890724][T27291]  ieee80211_register_hw+0x2c11/0x4040
[ 1720.890776][T27291]  ? __pfx_ieee80211_register_hw+0x10/0x10
[ 1720.890815][T27291]  ? __pfx___debug_object_init+0x10/0x10
[ 1720.890853][T27291]  ? find_held_lock+0x2b/0x80
[ 1720.890876][T27291]  ? net_generic+0xea/0x2a0
[ 1720.890911][T27291]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1720.890939][T27291]  ? __hrtimer_setup+0x178/0x280
[ 1720.890981][T27291]  mac80211_hwsim_new_radio+0x2847/0x57c0
[ 1720.891037][T27291]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[ 1720.891084][T27291]  hwsim_new_radio_nl+0xc1f/0x1340
[ 1720.891118][T27291]  ? genl_family_rcv_msg_attrs_parse.isra.0+0xc8/0x290
[ 1720.891152][T27291]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1720.891197][T27291]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x290
[ 1720.891225][T27291]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1b4/0x290
[ 1720.891259][T27291]  genl_family_rcv_msg_doit+0x214/0x300
[ 1720.891289][T27291]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1720.891316][T27291]  ? genl_get_cmd+0x3ef/0x720
[ 1720.891347][T27291]  ? bpf_lsm_capable+0x9/0x10
[ 1720.891368][T27291]  ? security_capable+0x80/0x260
[ 1720.891400][T27291]  ? ns_capable+0xd2/0xf0
[ 1720.891430][T27291]  genl_rcv_msg+0x560/0x800
[ 1720.891459][T27291]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1720.891487][T27291]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1720.891533][T27291]  netlink_rcv_skb+0x159/0x420
[ 1720.891573][T27291]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1720.891600][T27291]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1720.891652][T27291]  ? netlink_deliver_tap+0x1ae/0xcc0
[ 1720.891693][T27291]  genl_rcv+0x28/0x40
[ 1720.891715][T27291]  netlink_unicast+0x5aa/0x870
[ 1720.891757][T27291]  ? __pfx_netlink_unicast+0x10/0x10
[ 1720.891808][T27291]  netlink_sendmsg+0x8b0/0xda0
[ 1720.891852][T27291]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1720.891889][T27291]  ? __import_iovec+0x1d2/0x640
[ 1720.891937][T27291]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[ 1720.891973][T27291]  ____sys_sendmsg+0xa54/0xc30
[ 1720.892004][T27291]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1720.892029][T27291]  ? __pfx___futex_wait+0x10/0x10
[ 1720.892057][T27291]  ? __pfx_futex_wake_mark+0x10/0x10
[ 1720.892103][T27291]  ___sys_sendmsg+0x190/0x1e0
[ 1720.892133][T27291]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1720.892176][T27291]  ? find_held_lock+0x2b/0x80
[ 1720.892219][T27291]  __sys_sendmsg+0x170/0x220
[ 1720.892257][T27291]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1720.892292][T27291]  ? __x64_sys_futex+0x34f/0x4d0
[ 1720.892344][T27291]  do_syscall_64+0xc9/0xf80
[ 1720.892377][T27291]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1720.892403][T27291] RIP: 0033:0x7f341eb9acb9
[ 1720.892424][T27291] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1720.892448][T27291] RSP: 002b:00007f341fa60028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1720.892472][T27291] RAX: ffffffffffffffda RBX: 00007f341ee15fa0 RCX: 00007f341eb9acb9
[ 1720.892489][T27291] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000006
[ 1720.892504][T27291] RBP: 00007f341ec08bf7 R08: 0000000000000000 R09: 0000000000000000
[ 1720.892520][T27291] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1720.892535][T27291] R13: 00007f341ee16038 R14: 00007f341ee15fa0 R15: 00007fffdb8cbbf8
[ 1720.892567][T27291]  </TASK>
[ 1720.896739][T27291] kobject: kobject_add_internal failed for phy184 (error: -12 parent: ieee80211)
[ 1722.579298][T17591] memory+swap: usage 6956kB, limit 9007199254740988kB, failcnt 0
[ 1722.587071][T17591] kmem: usage 2480kB, limit 9007199254740988kB, failcnt 0
[ 1722.639295][T17591] Memory cgroup stats for /syz2:
[ 1722.639456][T17591] cache 0
[ 1722.647543][T17591] rss 442368
[ 1722.679873][T17591] rss_huge 0
[ 1722.683117][T17591] shmem 0
[ 1722.686055][T17591] mapped_file 0
[ 1722.706550][T17591] dirty 0
[ 1722.727021][T17591] writeback 0
[ 1722.745163][T17591] workingset_refault_anon 30268
[ 1722.761175][T17591] workingset_refault_file 15348
[ 1722.766110][T17591] swap 3977216
[ 1722.774831][T27304] random: crng reseeded on system resumption
[ 1722.783911][T17591] swapcached 212992
[ 1722.787829][T17591] pgpgin 753022
[ 1722.819372][T17591] pgpgout 790272
[ 1722.822968][T17591] pgfault 976030
[ 1722.844919][T17591] pgmajfault 13688
[ 1722.848761][T17591] inactive_anon 45056
[ 1722.870777][T17591] active_anon 118784
[ 1722.884178][T17591] inactive_file 0
[ 1722.901535][T17591] active_file 0
[ 1722.908904][T17591] unevictable 442368
[ 1722.925362][T17591] hierarchical_memory_limit 3145728
[ 1722.942360][T17591] hierarchical_memsw_limit 9223372036854771712
[ 1722.948559][T17591] total_cache 0
[ 1722.980339][T17591] total_rss 442368
[ 1722.984112][T17591] total_rss_huge 0
[ 1722.987841][T17591] total_shmem 0
[ 1723.024203][T17591] total_mapped_file 0
[ 1723.028229][T17591] total_dirty 0
[ 1723.050311][T17591] total_writeback 0
[ 1723.054165][T17591] total_workingset_refault_anon 30268
[ 1723.081651][T17591] total_workingset_refault_file 15348
[ 1723.099946][T17591] total_swap 3977216
[ 1723.107068][T17591] total_swapcached 212992
[ 1723.113113][T27297] bridge0: port 3(gretap0) entered blocking state
[ 1723.121192][T27297] bridge0: port 3(gretap0) entered disabled state
[ 1723.144018][T27297] gretap0: entered allmulticast mode
[ 1723.149817][T17591] total_pgpgin 753022
[ 1723.154627][T17591] total_pgpgout 790272
[ 1723.158723][T17591] total_pgfault 976030
[ 1723.164753][T27297] FAULT_INJECTION: forcing a failure.
[ 1723.164753][T27297] name failslab, interval 1, probability 0, space 0, times 0
[ 1723.189674][T17591] total_pgmajfault 13688
[ 1723.204199][T17591] total_inactive_anon 45056
[ 1723.208973][T27297] CPU: 0 UID: 0 PID: 27297 Comm: syz.5.4833 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1723.209013][T27297] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1723.209025][T27297] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1723.209041][T27297] Call Trace:
[ 1723.209050][T27297]  <TASK>
[ 1723.209060][T27297]  dump_stack_lvl+0x100/0x190
[ 1723.209095][T27297]  should_fail_ex.cold+0x5/0xa
[ 1723.209135][T27297]  should_failslab+0xc2/0x120
[ 1723.209171][T27297]  kmem_cache_alloc_noprof+0x83/0x780
[ 1723.209209][T27297]  ? __kernfs_new_node+0xd2/0x960
[ 1723.209249][T27297]  ? __kernfs_new_node+0xd2/0x960
[ 1723.209280][T27297]  __kernfs_new_node+0xd2/0x960
[ 1723.209318][T27297]  ? __pfx___kernfs_new_node+0x10/0x10
[ 1723.209359][T27297]  ? find_held_lock+0x2b/0x80
[ 1723.209383][T27297]  ? kernfs_root+0xee/0x2a0
[ 1723.209415][T27297]  ? kernfs_root+0xee/0x2a0
[ 1723.209455][T27297]  kernfs_new_node+0x11b/0x1a0
[ 1723.209510][T27297]  __kernfs_create_file+0x53/0x350
[ 1723.209542][T27297]  sysfs_add_file_mode_ns+0x207/0x3c0
[ 1723.209581][T27297]  sysfs_create_file_ns+0x145/0x1e0
[ 1723.209614][T27297]  ? __pfx_sysfs_create_file_ns+0x10/0x10
[ 1723.209647][T27297]  ? kernfs_create_link+0x1bd/0x240
[ 1723.209681][T27297]  ? kernfs_put+0x3f/0x60
[ 1723.209716][T27297]  ? sysfs_do_create_link_sd+0xbb/0x140
[ 1723.209754][T27297]  br_sysfs_addif+0xe4/0x210
[ 1723.209795][T27297]  br_add_if+0x701/0x1b40
[ 1723.209831][T27297]  ? security_capable+0x80/0x260
[ 1723.209865][T27297]  add_del_if+0x114/0x160
[ 1723.209901][T27297]  br_dev_siocdevprivate+0x8ac/0x1650
[ 1723.209937][T27297]  ? __lock_acquire+0x4a5/0x2630
[ 1723.209970][T27297]  ? __pfx_br_dev_siocdevprivate+0x10/0x10
[ 1723.210016][T27297]  ? do_raw_spin_lock+0x128/0x260
[ 1723.210059][T27297]  ? mark_held_locks+0x40/0x70
[ 1723.210096][T27297]  ? netdev_name_node_lookup+0x107/0x150
[ 1723.210128][T27297]  ? __mutex_lock+0x26a/0x1b90
[ 1723.210162][T27297]  dev_ifsioc+0xc15/0x1eb0
[ 1723.210199][T27297]  ? __pfx_dev_ifsioc+0x10/0x10
[ 1723.210232][T27297]  ? __pfx___mutex_lock+0x10/0x10
[ 1723.210272][T27297]  ? dev_load+0x8e/0x240
[ 1723.210303][T27297]  ? dev_load+0x8e/0x240
[ 1723.210342][T27297]  dev_ioctl+0x70e/0x1070
[ 1723.210378][T27297]  sock_ioctl+0x494/0x6b0
[ 1723.210408][T27297]  ? __pfx_sock_ioctl+0x10/0x10
[ 1723.210449][T27297]  ? __pfx_sock_ioctl+0x10/0x10
[ 1723.210479][T27297]  __x64_sys_ioctl+0x18e/0x210
[ 1723.210522][T27297]  do_syscall_64+0xc9/0xf80
[ 1723.210554][T27297]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1723.210579][T27297] RIP: 0033:0x7f114099acb9
[ 1723.210599][T27297] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1723.210625][T27297] RSP: 002b:00007f11418d5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1723.210649][T27297] RAX: ffffffffffffffda RBX: 00007f1140c16270 RCX: 00007f114099acb9
[ 1723.210666][T27297] RDX: 0000200000000040 RSI: 00000000000089fc RDI: 0000000000000009
[ 1723.210689][T27297] RBP: 00007f1140a08bf7 R08: 0000000000000000 R09: 0000000000000000
[ 1723.210705][T27297] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1723.210720][T27297] R13: 00007f1140c16308 R14: 00007f1140c16270 R15: 00007ffd6ace6ca8
[ 1723.210752][T27297]  </TASK>
[ 1723.859274][T17591] total_active_anon 118784
[ 1723.863785][T17591] total_inactive_file 0
[ 1723.867990][T17591] total_active_file 0
[ 1723.889300][T17591] total_unevictable 442368
[ 1723.893754][T17591] anon_cost 17
[ 1723.897134][T17591] file_cost 0
[ 1723.909269][T17591] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.4824,pid=27257,uid=0
[ 1723.939317][T17591] Memory cgroup out of memory: Killed process 27257 (syz.2.4824) total-vm:110796kB, anon-rss:1592kB, file-rss:26692kB, shmem-rss:0kB, UID:0 pgtables:168kB oom_score_adj:1000
[ 1724.692227][T27297] gretap0: left allmulticast mode
[ 1724.947417][T27297] Process accounting paused
[ 1726.288986][T27336] ref_tracker: memory allocation failure, unreliable refcount tracker.
[ 1726.305930][   T32] oom_reaper: reaped process 27257 (syz.2.4824), now anon-rss:0kB, file-rss:25728kB, shmem-rss:0kB
[ 1727.620353][T27358] netlink: 'syz.5.4848': attribute type 1 has an invalid length.
[ 1728.720207][T27375] FAULT_INJECTION: forcing a failure.
[ 1728.720207][T27375] name failslab, interval 1, probability 0, space 0, times 0
[ 1728.799754][T27375] CPU: 0 UID: 0 PID: 27375 Comm: syz.2.4853 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1728.799799][T27375] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1728.799811][T27375] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1728.799826][T27375] Call Trace:
[ 1728.799835][T27375]  <TASK>
[ 1728.799845][T27375]  dump_stack_lvl+0x100/0x190
[ 1728.799880][T27375]  should_fail_ex.cold+0x5/0xa
[ 1728.799921][T27375]  should_failslab+0xc2/0x120
[ 1728.799956][T27375]  __kmalloc_cache_noprof+0x80/0x810
[ 1728.799983][T27375]  ? __queue_work+0x436/0x10f0
[ 1728.800021][T27375]  ? kobject_uevent_env+0x263/0x18b0
[ 1728.800068][T27375]  ? kobject_uevent_env+0x263/0x18b0
[ 1728.800104][T27375]  kobject_uevent_env+0x263/0x18b0
[ 1728.800147][T27375]  ? queue_work_on+0x11b/0x1e0
[ 1728.800185][T27375]  ? bus_to_subsys+0x114/0x150
[ 1728.800232][T27375]  driver_bound+0x13e/0x220
[ 1728.800262][T27375]  device_bind_driver+0x3a/0x70
[ 1728.800291][T27375]  mac80211_hwsim_new_radio+0x3fb/0x57c0
[ 1728.800343][T27375]  ? __asan_memset+0x23/0x50
[ 1728.800370][T27375]  ? __nla_validate_parse+0x1e7/0x28b0
[ 1728.800405][T27375]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[ 1728.800451][T27375]  hwsim_new_radio_nl+0xc1f/0x1340
[ 1728.800486][T27375]  ? genl_family_rcv_msg_attrs_parse.isra.0+0xc8/0x290
[ 1728.800519][T27375]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1728.800565][T27375]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x290
[ 1728.800592][T27375]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1b4/0x290
[ 1728.800627][T27375]  genl_family_rcv_msg_doit+0x214/0x300
[ 1728.800657][T27375]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1728.800685][T27375]  ? genl_get_cmd+0x3ef/0x720
[ 1728.800716][T27375]  ? bpf_lsm_capable+0x9/0x10
[ 1728.800737][T27375]  ? security_capable+0x80/0x260
[ 1728.800769][T27375]  ? ns_capable+0xd2/0xf0
[ 1728.800798][T27375]  genl_rcv_msg+0x560/0x800
[ 1728.800827][T27375]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1728.800854][T27375]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1728.800900][T27375]  netlink_rcv_skb+0x159/0x420
[ 1728.800940][T27375]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1728.800970][T27375]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1728.801021][T27375]  ? netlink_deliver_tap+0x1ae/0xcc0
[ 1728.801062][T27375]  genl_rcv+0x28/0x40
[ 1728.801085][T27375]  netlink_unicast+0x5aa/0x870
[ 1728.801129][T27375]  ? __pfx_netlink_unicast+0x10/0x10
[ 1728.801180][T27375]  netlink_sendmsg+0x8b0/0xda0
[ 1728.801223][T27375]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1728.801261][T27375]  ? __import_iovec+0x1d2/0x640
[ 1728.801302][T27375]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[ 1728.801338][T27375]  ____sys_sendmsg+0xa54/0xc30
[ 1728.801368][T27375]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1728.801408][T27375]  ? try_to_wake_up+0x644/0x1a60
[ 1728.801441][T27375]  ___sys_sendmsg+0x190/0x1e0
[ 1728.801473][T27375]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1728.801502][T27375]  ? futex_private_hash_put+0x107/0x1c0
[ 1728.801546][T27375]  ? find_held_lock+0x2b/0x80
[ 1728.801589][T27375]  __sys_sendmsg+0x170/0x220
[ 1728.801626][T27375]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1728.801662][T27375]  ? __x64_sys_futex+0x34f/0x4d0
[ 1728.801713][T27375]  do_syscall_64+0xc9/0xf80
[ 1728.801747][T27375]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1728.801773][T27375] RIP: 0033:0x7fc78cd9acb9
[ 1728.801793][T27375] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1728.801817][T27375] RSP: 002b:00007fc78dd23028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1728.801841][T27375] RAX: ffffffffffffffda RBX: 00007fc78d015fa0 RCX: 00007fc78cd9acb9
[ 1728.801858][T27375] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000006
[ 1728.801874][T27375] RBP: 00007fc78ce08bf7 R08: 0000000000000000 R09: 0000000000000000
[ 1728.801890][T27375] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1728.801905][T27375] R13: 00007fc78d016038 R14: 00007fc78d015fa0 R15: 00007fffb4ee8f98
[ 1728.801936][T27375]  </TASK>
[ 1729.989231][T27396] FAULT_INJECTION: forcing a failure.
[ 1729.989231][T27396] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1730.030494][T27396] CPU: 0 UID: 0 PID: 27396 Comm: syz.4.4860 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1730.030540][T27396] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1730.030551][T27396] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1730.030567][T27396] Call Trace:
[ 1730.030576][T27396]  <TASK>
[ 1730.030586][T27396]  dump_stack_lvl+0x100/0x190
[ 1730.030620][T27396]  should_fail_ex.cold+0x5/0xa
[ 1730.030664][T27396]  ? prepare_alloc_pages+0x16d/0x5f0
[ 1730.030710][T27396]  should_fail_alloc_page+0xeb/0x140
[ 1730.030748][T27396]  prepare_alloc_pages+0x1f0/0x5f0
[ 1730.030791][T27396]  __alloc_frozen_pages_noprof+0x193/0x2410
[ 1730.030827][T27396]  ? stack_trace_save+0x8e/0xc0
[ 1730.030854][T27396]  ? __pfx_stack_trace_save+0x10/0x10
[ 1730.030881][T27396]  ? is_bpf_text_address+0x94/0x1a0
[ 1730.030922][T27396]  ? stack_depot_save_flags+0x27/0x9c0
[ 1730.030962][T27396]  ? __kernel_text_address+0xd/0x30
[ 1730.031010][T27396]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1730.031040][T27396]  ? kasan_save_stack+0x3f/0x50
[ 1730.031070][T27396]  ? kasan_save_track+0x14/0x30
[ 1730.031100][T27396]  ? snd_pcm_attach_substream+0x451/0xd60
[ 1730.031139][T27396]  ? snd_pcm_open_substream+0x90/0x1850
[ 1730.031174][T27396]  ? snd_pcm_oss_open+0x735/0x1390
[ 1730.031200][T27396]  ? soundcore_open+0x2e3/0x5a0
[ 1730.031225][T27396]  ? chrdev_open+0x234/0x6a0
[ 1730.031253][T27396]  ? do_dentry_open+0x73e/0x1570
[ 1730.031281][T27396]  ? vfs_open+0x82/0x3f0
[ 1730.031317][T27396]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1730.031350][T27396]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1730.031378][T27396]  ? policy_nodemask+0xed/0x4f0
[ 1730.031420][T27396]  alloc_pages_mpol+0x1fb/0x550
[ 1730.031457][T27396]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1730.031500][T27396]  alloc_pages_noprof+0x131/0x390
[ 1730.031537][T27396]  alloc_pages_exact_noprof+0x32/0xf0
[ 1730.031562][T27396]  snd_pcm_attach_substream+0x478/0xd60
[ 1730.031608][T27396]  snd_pcm_open_substream+0x90/0x1850
[ 1730.031647][T27396]  ? __pfx_snd_pcm_open_substream+0x10/0x10
[ 1730.031692][T27396]  snd_pcm_oss_open+0x735/0x1390
[ 1730.031732][T27396]  ? __pfx_snd_pcm_oss_open+0x10/0x10
[ 1730.031762][T27396]  ? __lock_acquire+0x4a5/0x2630
[ 1730.031796][T27396]  ? __pfx_default_wake_function+0x10/0x10
[ 1730.031825][T27396]  ? __lock_acquire+0x4a5/0x2630
[ 1730.031864][T27396]  ? do_raw_spin_lock+0x128/0x260
[ 1730.031904][T27396]  ? soundcore_open+0x231/0x5a0
[ 1730.031931][T27396]  ? __pfx_snd_pcm_oss_open+0x10/0x10
[ 1730.031962][T27396]  soundcore_open+0x2e3/0x5a0
[ 1730.032004][T27396]  ? __pfx_soundcore_open+0x10/0x10
[ 1730.032030][T27396]  chrdev_open+0x234/0x6a0
[ 1730.032059][T27396]  ? __pfx_apparmor_file_open+0x10/0x10
[ 1730.032093][T27396]  ? __pfx_chrdev_open+0x10/0x10
[ 1730.032125][T27396]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[ 1730.032161][T27396]  do_dentry_open+0x73e/0x1570
[ 1730.032189][T27396]  ? __pfx_chrdev_open+0x10/0x10
[ 1730.032220][T27396]  ? security_inode_permission+0xbf/0x250
[ 1730.032262][T27396]  vfs_open+0x82/0x3f0
[ 1730.032302][T27396]  path_openat+0x21dc/0x3120
[ 1730.032341][T27396]  ? __pfx_path_openat+0x10/0x10
[ 1730.032381][T27396]  do_filp_open+0x1f7/0x420
[ 1730.032412][T27396]  ? __pfx_do_filp_open+0x10/0x10
[ 1730.032462][T27396]  ? _raw_spin_unlock+0x28/0x50
[ 1730.032486][T27396]  ? alloc_fd+0x476/0x790
[ 1730.032521][T27396]  do_sys_openat2+0x12e/0x220
[ 1730.032559][T27396]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1730.032608][T27396]  __x64_sys_openat+0x12d/0x210
[ 1730.032648][T27396]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1730.032685][T27396]  ? xfd_validate_state+0x129/0x190
[ 1730.032734][T27396]  do_syscall_64+0xc9/0xf80
[ 1730.032765][T27396]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1730.032791][T27396] RIP: 0033:0x7f341eb9acb9
[ 1730.032812][T27396] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1730.032837][T27396] RSP: 002b:00007f341fa60028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1730.032861][T27396] RAX: ffffffffffffffda RBX: 00007f341ee15fa0 RCX: 00007f341eb9acb9
[ 1730.032878][T27396] RDX: 0000000000020342 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[ 1730.032894][T27396] RBP: 00007f341ec08bf7 R08: 0000000000000000 R09: 0000000000000000
[ 1730.032910][T27396] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1730.032925][T27396] R13: 00007f341ee16038 R14: 00007f341ee15fa0 R15: 00007fffdb8cbbf8
[ 1730.032957][T27396]  </TASK>
[ 1731.436572][T27406] FAULT_INJECTION: forcing a failure.
[ 1731.436572][T27406] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1731.489773][T27406] CPU: 0 UID: 0 PID: 27406 Comm: syz.4.4861 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1731.489817][T27406] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1731.489828][T27406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1731.489844][T27406] Call Trace:
[ 1731.489853][T27406]  <TASK>
[ 1731.489870][T27406]  dump_stack_lvl+0x100/0x190
[ 1731.489905][T27406]  should_fail_ex.cold+0x5/0xa
[ 1731.489942][T27406]  ? prepare_alloc_pages+0x16d/0x5f0
[ 1731.489983][T27406]  should_fail_alloc_page+0xeb/0x140
[ 1731.490021][T27406]  prepare_alloc_pages+0x1f0/0x5f0
[ 1731.490059][T27406]  ? rcu_is_watching+0x12/0xc0
[ 1731.490087][T27406]  __alloc_frozen_pages_noprof+0x193/0x2410
[ 1731.490122][T27406]  ? stack_trace_save+0x8e/0xc0
[ 1731.490149][T27406]  ? __pfx_stack_trace_save+0x10/0x10
[ 1731.490178][T27406]  ? stack_depot_save_flags+0x27/0x9c0
[ 1731.490217][T27406]  ? find_held_lock+0x2b/0x80
[ 1731.490241][T27406]  ? put_cpu_partial+0xfc/0x310
[ 1731.490268][T27406]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1731.490298][T27406]  ? kasan_save_stack+0x3f/0x50
[ 1731.490328][T27406]  ? kasan_save_track+0x14/0x30
[ 1731.490359][T27406]  ? snd_pcm_attach_substream+0x451/0xd60
[ 1731.490397][T27406]  ? snd_pcm_open_substream+0x90/0x1850
[ 1731.490432][T27406]  ? snd_pcm_oss_open+0x735/0x1390
[ 1731.490459][T27406]  ? soundcore_open+0x2e3/0x5a0
[ 1731.490483][T27406]  ? chrdev_open+0x234/0x6a0
[ 1731.490513][T27406]  ? vfs_open+0x82/0x3f0
[ 1731.490550][T27406]  ? __lock_acquire+0x4a5/0x2630
[ 1731.490588][T27406]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1731.490617][T27406]  ? policy_nodemask+0xed/0x4f0
[ 1731.490654][T27406]  alloc_pages_mpol+0x1fb/0x550
[ 1731.490696][T27406]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1731.490740][T27406]  alloc_pages_noprof+0x131/0x390
[ 1731.490777][T27406]  alloc_pages_exact_noprof+0x32/0xf0
[ 1731.490803][T27406]  snd_pcm_attach_substream+0x4cb/0xd60
[ 1731.490848][T27406]  snd_pcm_open_substream+0x90/0x1850
[ 1731.490897][T27406]  ? __pfx_snd_pcm_open_substream+0x10/0x10
[ 1731.490943][T27406]  snd_pcm_oss_open+0x735/0x1390
[ 1731.490983][T27406]  ? __pfx_snd_pcm_oss_open+0x10/0x10
[ 1731.491013][T27406]  ? __lock_acquire+0x4a5/0x2630
[ 1731.491046][T27406]  ? __pfx_default_wake_function+0x10/0x10
[ 1731.491076][T27406]  ? __lock_acquire+0x4a5/0x2630
[ 1731.491114][T27406]  ? do_raw_spin_lock+0x128/0x260
[ 1731.491154][T27406]  ? soundcore_open+0x231/0x5a0
[ 1731.491187][T27406]  ? __pfx_snd_pcm_oss_open+0x10/0x10
[ 1731.491217][T27406]  soundcore_open+0x2e3/0x5a0
[ 1731.491246][T27406]  ? __pfx_soundcore_open+0x10/0x10
[ 1731.491271][T27406]  chrdev_open+0x234/0x6a0
[ 1731.491302][T27406]  ? __pfx_apparmor_file_open+0x10/0x10
[ 1731.491335][T27406]  ? __pfx_chrdev_open+0x10/0x10
[ 1731.491367][T27406]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[ 1731.491403][T27406]  do_dentry_open+0x73e/0x1570
[ 1731.491431][T27406]  ? __pfx_chrdev_open+0x10/0x10
[ 1731.491462][T27406]  ? security_inode_permission+0xbf/0x250
[ 1731.491505][T27406]  vfs_open+0x82/0x3f0
[ 1731.491544][T27406]  path_openat+0x21dc/0x3120
[ 1731.491583][T27406]  ? __pfx_path_openat+0x10/0x10
[ 1731.491623][T27406]  do_filp_open+0x1f7/0x420
[ 1731.491654][T27406]  ? __pfx_do_filp_open+0x10/0x10
[ 1731.491704][T27406]  ? _raw_spin_unlock+0x28/0x50
[ 1731.491728][T27406]  ? alloc_fd+0x476/0x790
[ 1731.491763][T27406]  do_sys_openat2+0x12e/0x220
[ 1731.491801][T27406]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1731.491850][T27406]  __x64_sys_openat+0x12d/0x210
[ 1731.491895][T27406]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1731.491932][T27406]  ? xfd_validate_state+0x129/0x190
[ 1731.491982][T27406]  do_syscall_64+0xc9/0xf80
[ 1731.492014][T27406]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1731.492039][T27406] RIP: 0033:0x7f341eb9acb9
[ 1731.492059][T27406] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1731.492084][T27406] RSP: 002b:00007f341fa60028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1731.492109][T27406] RAX: ffffffffffffffda RBX: 00007f341ee15fa0 RCX: 00007f341eb9acb9
[ 1731.492126][T27406] RDX: 0000000000020342 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[ 1731.492142][T27406] RBP: 00007f341ec08bf7 R08: 0000000000000000 R09: 0000000000000000
[ 1731.492157][T27406] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1731.492172][T27406] R13: 00007f341ee16038 R14: 00007f341ee15fa0 R15: 00007fffdb8cbbf8
[ 1731.492205][T27406]  </TASK>
[ 1733.823918][T27421] netlink: 342 bytes leftover after parsing attributes in process `syz.2.4866'.
[ 1735.518831][T27448] FAULT_INJECTION: forcing a failure.
[ 1735.518831][T27448] name failslab, interval 1, probability 0, space 0, times 0
[ 1735.615730][T27448] CPU: 0 UID: 0 PID: 27448 Comm: syz.4.4874 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1735.615775][T27448] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1735.615787][T27448] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1735.615803][T27448] Call Trace:
[ 1735.615812][T27448]  <TASK>
[ 1735.615822][T27448]  dump_stack_lvl+0x100/0x190
[ 1735.615856][T27448]  should_fail_ex.cold+0x5/0xa
[ 1735.615898][T27448]  should_failslab+0xc2/0x120
[ 1735.615934][T27448]  __kmalloc_cache_noprof+0x80/0x810
[ 1735.615961][T27448]  ? devlink_fmsg_nest_common.part.0+0x48/0x1f0
[ 1735.616006][T27448]  ? devlink_fmsg_nest_common.part.0+0x48/0x1f0
[ 1735.616044][T27448]  ? devlink_fmsg_put_value+0x84/0x2c0
[ 1735.616081][T27448]  devlink_fmsg_nest_common.part.0+0x48/0x1f0
[ 1735.616123][T27448]  devlink_fmsg_string_pair_put+0x164/0x1c0
[ 1735.616167][T27448]  nsim_dev_dummy_reporter_dump+0x54/0xa0
[ 1735.616195][T27448]  devlink_health_do_dump+0x243/0x5f0
[ 1735.616224][T27448]  devlink_health_report+0x63a/0xa80
[ 1735.616253][T27448]  ? __pfx_devlink_health_report+0x10/0x10
[ 1735.616281][T27448]  ? _copy_from_user+0x59/0xd0
[ 1735.616323][T27448]  nsim_dev_health_break_write+0x166/0x210
[ 1735.616350][T27448]  ? __pfx_nsim_dev_health_break_write+0x10/0x10
[ 1735.616385][T27448]  full_proxy_write+0x135/0x1a0
[ 1735.616429][T27448]  vfs_write+0x2aa/0x1070
[ 1735.616458][T27448]  ? __pfx_full_proxy_write+0x10/0x10
[ 1735.616508][T27448]  ? __pfx_vfs_write+0x10/0x10
[ 1735.616534][T27448]  ? find_held_lock+0x2b/0x80
[ 1735.616560][T27448]  ? __fget_files+0x215/0x3d0
[ 1735.616593][T27448]  ? __fget_files+0x21f/0x3d0
[ 1735.616628][T27448]  ksys_write+0x12a/0x250
[ 1735.616655][T27448]  ? __pfx_ksys_write+0x10/0x10
[ 1735.616692][T27448]  do_syscall_64+0xc9/0xf80
[ 1735.616724][T27448]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1735.616754][T27448] RIP: 0033:0x7f341eb9acb9
[ 1735.616773][T27448] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1735.616798][T27448] RSP: 002b:00007f341fa60028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1735.616822][T27448] RAX: ffffffffffffffda RBX: 00007f341ee15fa0 RCX: 00007f341eb9acb9
[ 1735.616840][T27448] RDX: 0000000000000006 RSI: 0000200000005900 RDI: 0000000000000009
[ 1735.616855][T27448] RBP: 00007f341ec08bf7 R08: 0000000000000000 R09: 0000000000000000
[ 1735.616870][T27448] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1735.616885][T27448] R13: 00007f341ee16038 R14: 00007f341ee15fa0 R15: 00007fffdb8cbbf8
[ 1735.616917][T27448]  </TASK>
[ 1737.383059][T27452] syz.2.4875 invoked oom-killer: gfp_mask=0x400cc0(GFP_KERNEL_ACCOUNT), order=1, oom_score_adj=1000
[ 1737.529502][T27452] CPU: 0 UID: 0 PID: 27452 Comm: syz.2.4875 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1737.529545][T27452] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1737.529556][T27452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1737.529571][T27452] Call Trace:
[ 1737.529579][T27452]  <TASK>
[ 1737.529589][T27452]  dump_stack_lvl+0x100/0x190
[ 1737.529622][T27452]  dump_header+0xfb/0x606
[ 1737.529648][T27452]  oom_kill_process.cold+0xd/0x321
[ 1737.529676][T27452]  out_of_memory+0x340/0x14f0
[ 1737.529713][T27452]  ? __pfx_out_of_memory+0x10/0x10
[ 1737.529753][T27452]  mem_cgroup_out_of_memory+0xc6/0x130
[ 1737.529779][T27452]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1737.529803][T27452]  ? find_held_lock+0x2b/0x80
[ 1737.529833][T27452]  ? do_raw_spin_unlock+0x145/0x1e0
[ 1737.529871][T27452]  ? _raw_spin_unlock+0x28/0x50
[ 1737.529899][T27452]  try_charge_memcg+0x652/0xc90
[ 1737.529939][T27452]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1737.529971][T27452]  ? rcu_read_unlock+0x17/0x60
[ 1737.530006][T27452]  ? rcu_read_unlock+0x17/0x60
[ 1737.530047][T27452]  ? get_mem_cgroup_from_objcg+0xd3/0x330
[ 1737.530078][T27452]  obj_cgroup_charge_account+0x335/0x7e0
[ 1737.530119][T27452]  __memcg_slab_post_alloc_hook+0x2e4/0x880
[ 1737.530165][T27452]  __kmalloc_node_track_caller_noprof+0x77f/0x9d0
[ 1737.530200][T27452]  ? neigh_sysctl_register+0xb4/0x660
[ 1737.530241][T27452]  ? kmemdup_noprof+0x29/0x60
[ 1737.530271][T27452]  kmemdup_noprof+0x29/0x60
[ 1737.530303][T27452]  neigh_sysctl_register+0xb4/0x660
[ 1737.530343][T27452]  ? __pfx_ndisc_ifinfo_sysctl_change+0x10/0x10
[ 1737.530374][T27452]  ? __pfx_neigh_sysctl_register+0x10/0x10
[ 1737.530416][T27452]  ? lockdep_init_map_type+0x5c/0x250
[ 1737.530449][T27452]  ? mld_in_v1_mode+0x2b2/0x3a0
[ 1737.530479][T27452]  addrconf_sysctl_register+0xb9/0x200
[ 1737.530518][T27452]  ipv6_add_dev+0xaf2/0x1520
[ 1737.530558][T27452]  addrconf_notify+0x563/0x19c0
[ 1737.530584][T27452]  ? ip6mr_device_event+0x1bc/0x230
[ 1737.530617][T27452]  notifier_call_chain+0x99/0x3b0
[ 1737.530657][T27452]  call_netdevice_notifiers_info+0xbe/0x110
[ 1737.530690][T27452]  register_netdevice+0x16b9/0x21d0
[ 1737.530735][T27452]  ? __pfx_register_netdevice+0x10/0x10
[ 1737.530783][T27452]  __ip_tunnel_create+0x52b/0x670
[ 1737.530823][T27452]  ? __pfx___ip_tunnel_create+0x10/0x10
[ 1737.530860][T27452]  ? net_generic+0xea/0x2a0
[ 1737.530906][T27452]  ip_tunnel_init_net+0x230/0x780
[ 1737.530932][T27452]  ? __pfx_ip_tunnel_init_net+0x10/0x10
[ 1737.530968][T27452]  ? __pfx_erspan_init_net+0x10/0x10
[ 1737.531001][T27452]  ops_init+0x1e2/0x5f0
[ 1737.531042][T27452]  setup_net+0x118/0x3a0
[ 1737.531081][T27452]  ? __pfx_setup_net+0x10/0x10
[ 1737.531116][T27452]  ? lockdep_init_map_type+0x5c/0x250
[ 1737.531150][T27452]  ? mutex_init_lockep+0x110/0x150
[ 1737.531190][T27452]  copy_net_ns+0x46f/0x7c0
[ 1737.531217][T27452]  create_new_namespaces+0x3ea/0xab0
[ 1737.531251][T27452]  unshare_nsproxy_namespaces+0xc3/0x1f0
[ 1737.531282][T27452]  ksys_unshare+0x455/0xab0
[ 1737.531320][T27452]  ? rcu_is_watching+0x12/0xc0
[ 1737.531345][T27452]  ? __pfx_ksys_unshare+0x10/0x10
[ 1737.531380][T27452]  ? kcov_ioctl+0x16a/0x720
[ 1737.531404][T27452]  ? kcov_ioctl+0x16a/0x720
[ 1737.531428][T27452]  ? fput+0x79/0x100
[ 1737.531465][T27452]  __x64_sys_unshare+0x31/0x40
[ 1737.531499][T27452]  do_syscall_64+0xc9/0xf80
[ 1737.531531][T27452]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1737.531556][T27452] RIP: 0033:0x7fc78cd9acb9
[ 1737.531575][T27452] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1737.531599][T27452] RSP: 002b:00007fc78dd23028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[ 1737.531622][T27452] RAX: ffffffffffffffda RBX: 00007fc78d015fa0 RCX: 00007fc78cd9acb9
[ 1737.531639][T27452] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[ 1737.531654][T27452] RBP: 00007fc78ce08bf7 R08: 0000000000000000 R09: 0000000000000000
[ 1737.531669][T27452] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1737.531684][T27452] R13: 00007fc78d016038 R14: 00007fc78d015fa0 R15: 00007fffb4ee8f98
[ 1737.531716][T27452]  </TASK>
[ 1737.531726][T27452] memory: usage 3072kB, limit 3072kB, failcnt 118315
[ 1738.741344][T27452] memory+swap: usage 3292kB, limit 9007199254740988kB, failcnt 0
[ 1738.790379][T27452] kmem: usage 2928kB, limit 9007199254740988kB, failcnt 0
[ 1738.830037][T27452] Memory cgroup stats for /syz2:
[ 1738.830205][T27452] cache 0
[ 1738.866590][T27452] rss 0
[ 1738.881274][T27452] rss_huge 0
[ 1738.929019][T27452] shmem 0
[ 1738.939503][T27452] mapped_file 0
[ 1738.943010][T27452] dirty 0
[ 1738.987859][T27452] writeback 0
[ 1739.014499][T27452] workingset_refault_anon 31031
[ 1739.057497][T27452] workingset_refault_file 15348
[ 1739.073317][T27452] swap 225280
[ 1739.091076][T27452] swapcached 147456
[ 1739.107050][T27452] pgpgin 759184
[ 1739.117204][T27452] pgpgout 796546
[ 1739.129790][T27452] pgfault 983919
[ 1739.140089][T27452] pgmajfault 14168
[ 1739.155687][T27452] inactive_anon 147456
[ 1739.166871][T27452] active_anon 0
[ 1739.181011][T27452] inactive_file 0
[ 1739.196521][T27452] active_file 0
[ 1739.211040][T27452] unevictable 0
[ 1739.226816][T27452] hierarchical_memory_limit 3145728
[ 1739.238491][T27452] hierarchical_memsw_limit 9223372036854771712
[ 1739.261844][T27452] total_cache 0
[ 1739.270591][T27452] total_rss 0
[ 1739.273928][T27452] total_rss_huge 0
[ 1739.310547][T27452] total_shmem 0
[ 1739.335583][T27452] total_mapped_file 0
[ 1739.351937][T27452] total_dirty 0
[ 1739.359509][T27452] total_writeback 0
[ 1739.372913][T27452] total_workingset_refault_anon 31031
[ 1739.395292][T27452] total_workingset_refault_file 15348
[ 1739.427225][T27452] total_swap 225280
[ 1739.439729][T27452] total_swapcached 147456
[ 1739.454692][T27452] total_pgpgin 759184
[ 1739.458879][T27452] total_pgpgout 796546
[ 1739.482613][T27452] total_pgfault 983919
[ 1739.499321][T27452] total_pgmajfault 14168
[ 1739.503623][T27452] total_inactive_anon 147456
[ 1739.543173][T27452] total_active_anon 0
[ 1739.567543][T27452] total_inactive_file 0
[ 1739.581540][T27452] total_active_file 0
[ 1739.598858][T27452] total_unevictable 0
[ 1739.612192][T27452] anon_cost 6
[ 1739.637586][T27452] file_cost 0
[ 1739.649925][T27452] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.4875,pid=27451,uid=0
[ 1739.705676][T27452] Memory cgroup out of memory: Killed process 27451 (syz.2.4875) total-vm:102460kB, anon-rss:1336kB, file-rss:22288kB, shmem-rss:0kB, UID:0 pgtables:140kB oom_score_adj:1000
[ 1740.789714][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[ 1740.798396][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[ 1744.664312][T27567] FAULT_INJECTION: forcing a failure.
[ 1744.664312][T27567] name failslab, interval 1, probability 0, space 0, times 0
[ 1744.730585][T27567] CPU: 0 UID: 0 PID: 27567 Comm: syz.1.4903 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1744.730629][T27567] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1744.730640][T27567] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1744.730710][T27567] Call Trace:
[ 1744.730719][T27567]  <TASK>
[ 1744.730729][T27567]  dump_stack_lvl+0x100/0x190
[ 1744.730765][T27567]  should_fail_ex.cold+0x5/0xa
[ 1744.730806][T27567]  should_failslab+0xc2/0x120
[ 1744.730841][T27567]  ? kobject_get_path+0xcf/0x2c0
[ 1744.730872][T27567]  __kmalloc_noprof+0xf6/0x9c0
[ 1744.730905][T27567]  ? kobject_get_path+0xcf/0x2c0
[ 1744.730975][T27567]  kobject_get_path+0xcf/0x2c0
[ 1744.731013][T27567]  kobject_uevent_env+0x287/0x18b0
[ 1744.731053][T27567]  ? queue_work_on+0x11b/0x1e0
[ 1744.731091][T27567]  ? bus_to_subsys+0x114/0x150
[ 1744.731133][T27567]  driver_bound+0x13e/0x220
[ 1744.731164][T27567]  device_bind_driver+0x3a/0x70
[ 1744.731192][T27567]  mac80211_hwsim_new_radio+0x3fb/0x57c0
[ 1744.731244][T27567]  ? __asan_memset+0x23/0x50
[ 1744.731270][T27567]  ? __nla_validate_parse+0x1e7/0x28b0
[ 1744.731300][T27567]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[ 1744.731346][T27567]  hwsim_new_radio_nl+0xc1f/0x1340
[ 1744.731380][T27567]  ? genl_family_rcv_msg_attrs_parse.isra.0+0xc8/0x290
[ 1744.731413][T27567]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1744.731458][T27567]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x290
[ 1744.731486][T27567]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1b4/0x290
[ 1744.731520][T27567]  genl_family_rcv_msg_doit+0x214/0x300
[ 1744.731550][T27567]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1744.731577][T27567]  ? genl_get_cmd+0x3ef/0x720
[ 1744.731610][T27567]  ? bpf_lsm_capable+0x9/0x10
[ 1744.731632][T27567]  ? security_capable+0x80/0x260
[ 1744.731670][T27567]  ? ns_capable+0xd2/0xf0
[ 1744.731701][T27567]  genl_rcv_msg+0x560/0x800
[ 1744.731730][T27567]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1744.731757][T27567]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1744.731805][T27567]  netlink_rcv_skb+0x159/0x420
[ 1744.731844][T27567]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1744.731872][T27567]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1744.731923][T27567]  ? netlink_deliver_tap+0x1ae/0xcc0
[ 1744.731964][T27567]  genl_rcv+0x28/0x40
[ 1744.731986][T27567]  netlink_unicast+0x5aa/0x870
[ 1744.732030][T27567]  ? __pfx_netlink_unicast+0x10/0x10
[ 1744.732080][T27567]  netlink_sendmsg+0x8b0/0xda0
[ 1744.732124][T27567]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1744.732161][T27567]  ? __import_iovec+0x1d2/0x640
[ 1744.732202][T27567]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[ 1744.732238][T27567]  ____sys_sendmsg+0xa54/0xc30
[ 1744.732269][T27567]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1744.732300][T27567]  ? try_to_wake_up+0x644/0x1a60
[ 1744.732333][T27567]  ___sys_sendmsg+0x190/0x1e0
[ 1744.732364][T27567]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1744.732400][T27567]  ? futex_private_hash_put+0x107/0x1c0
[ 1744.732445][T27567]  ? find_held_lock+0x2b/0x80
[ 1744.732489][T27567]  __sys_sendmsg+0x170/0x220
[ 1744.732526][T27567]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1744.732563][T27567]  ? __x64_sys_futex+0x34f/0x4d0
[ 1744.732615][T27567]  do_syscall_64+0xc9/0xf80
[ 1744.732652][T27567]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1744.732678][T27567] RIP: 0033:0x7f1a20b9acb9
[ 1744.732699][T27567] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1744.732724][T27567] RSP: 002b:00007f1a21af9028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1744.732747][T27567] RAX: ffffffffffffffda RBX: 00007f1a20e15fa0 RCX: 00007f1a20b9acb9
[ 1744.732764][T27567] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000006
[ 1744.732780][T27567] RBP: 00007f1a20c08bf7 R08: 0000000000000000 R09: 0000000000000000
[ 1744.732795][T27567] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1744.732810][T27567] R13: 00007f1a20e16038 R14: 00007f1a20e15fa0 R15: 00007ffea93879e8
[ 1744.732842][T27567]  </TASK>
[ 1746.458284][T27563] syz.2.4901 invoked oom-killer: gfp_mask=0x440dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO|__GFP_COMP), order=0, oom_score_adj=1000
[ 1746.476947][T27583] FAULT_INJECTION: forcing a failure.
[ 1746.476947][T27583] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1746.541828][T27563] CPU: 0 UID: 0 PID: 27563 Comm: syz.2.4901 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1746.541871][T27563] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1746.541882][T27563] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1746.541897][T27563] Call Trace:
[ 1746.541905][T27563]  <TASK>
[ 1746.541915][T27563]  dump_stack_lvl+0x100/0x190
[ 1746.541948][T27563]  dump_header+0xfb/0x606
[ 1746.541974][T27563]  oom_kill_process.cold+0xd/0x321
[ 1746.542002][T27563]  out_of_memory+0x340/0x14f0
[ 1746.542039][T27563]  ? __pfx_out_of_memory+0x10/0x10
[ 1746.542079][T27563]  mem_cgroup_out_of_memory+0xc6/0x130
[ 1746.542106][T27563]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1746.542130][T27563]  ? find_held_lock+0x2b/0x80
[ 1746.542160][T27563]  ? do_raw_spin_unlock+0x145/0x1e0
[ 1746.542198][T27563]  ? _raw_spin_unlock+0x28/0x50
[ 1746.542226][T27563]  try_charge_memcg+0x652/0xc90
[ 1746.542266][T27563]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1746.542298][T27563]  ? rcu_read_unlock+0x17/0x60
[ 1746.542333][T27563]  ? rcu_read_unlock+0x17/0x60
[ 1746.542374][T27563]  ? get_mem_cgroup_from_objcg+0xd3/0x330
[ 1746.542405][T27563]  __memcg_kmem_charge_page+0xd0/0x530
[ 1746.542445][T27563]  __alloc_frozen_pages_noprof+0x318/0x2410
[ 1746.542478][T27563]  ? kasan_save_track+0x14/0x30
[ 1746.542522][T27563]  ? __lock_acquire+0x4a5/0x2630
[ 1746.542555][T27563]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1746.542588][T27563]  ? __lock_acquire+0x4a5/0x2630
[ 1746.542633][T27563]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1746.542661][T27563]  ? policy_nodemask+0xed/0x4f0
[ 1746.542698][T27563]  alloc_pages_mpol+0x1fb/0x550
[ 1746.542735][T27563]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1746.542769][T27563]  ? __lock_acquire+0x4a5/0x2630
[ 1746.542800][T27563]  ? unwind_get_return_address+0x59/0xa0
[ 1746.542836][T27563]  alloc_pages_noprof+0x131/0x390
[ 1746.542873][T27563]  pte_alloc_one+0x1e/0x3e0
[ 1746.542905][T27563]  __pte_alloc+0x6d/0x3f0
[ 1746.542939][T27563]  ? __pfx___pte_alloc+0x10/0x10
[ 1746.542980][T27563]  copy_page_range+0x3f17/0x6ba0
[ 1746.543010][T27563]  ? __lock_acquire+0x4a5/0x2630
[ 1746.543067][T27563]  ? __pfx_copy_page_range+0x10/0x10
[ 1746.543102][T27563]  ? mas_store+0x666/0xac0
[ 1746.543136][T27563]  ? __pfx_mas_store+0x10/0x10
[ 1746.543185][T27563]  dup_mmap+0xbea/0x1e20
[ 1746.543225][T27563]  ? __pfx_dup_mmap+0x10/0x10
[ 1746.543267][T27563]  copy_process+0x7451/0x7890
[ 1746.543305][T27563]  ? preempt_schedule_thunk+0x16/0x30
[ 1746.543341][T27563]  ? __pfx_copy_process+0x10/0x10
[ 1746.543374][T27563]  ? find_held_lock+0x2b/0x80
[ 1746.543402][T27563]  ? futex_private_hash_put+0x107/0x1c0
[ 1746.543439][T27563]  kernel_clone+0xfc/0x930
[ 1746.543474][T27563]  ? __pfx_kernel_clone+0x10/0x10
[ 1746.543528][T27563]  __do_sys_clone+0xd9/0x120
[ 1746.543561][T27563]  ? __pfx___do_sys_clone+0x10/0x10
[ 1746.543594][T27563]  ? find_held_lock+0x2b/0x80
[ 1746.543628][T27563]  ? xfd_validate_state+0x129/0x190
[ 1746.543677][T27563]  do_syscall_64+0xc9/0xf80
[ 1746.543709][T27563]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1746.543734][T27563] RIP: 0033:0x7fc78cd9acb9
[ 1746.543753][T27563] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1746.543777][T27563] RSP: 002b:00007fc78dd02028 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 1746.543799][T27563] RAX: ffffffffffffffda RBX: 00007fc78d016090 RCX: 00007fc78cd9acb9
[ 1746.543816][T27563] RDX: 0000200000000040 RSI: 0000000000000009 RDI: 0000000000000004
[ 1746.543831][T27563] RBP: 00007fc78ce08bf7 R08: 0000000000000008 R09: 0000000000000000
[ 1746.543845][T27563] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000000
[ 1746.543860][T27563] R13: 00007fc78d016128 R14: 00007fc78d016090 R15: 00007fffb4ee8f98
[ 1746.543892][T27563]  </TASK>
[ 1746.543901][T27563] memory: usage 3072kB, limit 3072kB, failcnt 118809
[ 1746.935702][T27583] CPU: 0 UID: 0 PID: 27583 Comm: syz.4.4909 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1746.935758][T27583] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1746.935769][T27583] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1746.935784][T27583] Call Trace:
[ 1746.935793][T27583]  <TASK>
[ 1746.935803][T27583]  dump_stack_lvl+0x100/0x190
[ 1746.935837][T27583]  should_fail_ex.cold+0x5/0xa
[ 1746.935873][T27583]  ? prepare_alloc_pages+0x16d/0x5f0
[ 1746.935914][T27583]  should_fail_alloc_page+0xeb/0x140
[ 1746.935951][T27583]  prepare_alloc_pages+0x1f0/0x5f0
[ 1746.935990][T27583]  ? rcu_is_watching+0x12/0xc0
[ 1746.936018][T27583]  __alloc_frozen_pages_noprof+0x193/0x2410
[ 1746.936053][T27583]  ? stack_trace_save+0x8e/0xc0
[ 1746.936081][T27583]  ? __pfx_stack_trace_save+0x10/0x10
[ 1746.936108][T27583]  ? is_bpf_text_address+0x94/0x1a0
[ 1746.936148][T27583]  ? stack_depot_save_flags+0x27/0x9c0
[ 1746.936188][T27583]  ? __kernel_text_address+0xd/0x30
[ 1746.936230][T27583]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1746.936260][T27583]  ? kasan_save_stack+0x3f/0x50
[ 1746.936290][T27583]  ? kasan_save_track+0x14/0x30
[ 1746.936321][T27583]  ? snd_pcm_attach_substream+0x451/0xd60
[ 1746.936359][T27583]  ? snd_pcm_open_substream+0x90/0x1850
[ 1746.936394][T27583]  ? snd_pcm_oss_open+0x735/0x1390
[ 1746.936422][T27583]  ? soundcore_open+0x2e3/0x5a0
[ 1746.936446][T27583]  ? chrdev_open+0x234/0x6a0
[ 1746.936475][T27583]  ? vfs_open+0x82/0x3f0
[ 1746.936513][T27583]  ? __lock_acquire+0x4a5/0x2630
[ 1746.936551][T27583]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1746.936585][T27583]  ? policy_nodemask+0xed/0x4f0
[ 1746.936622][T27583]  alloc_pages_mpol+0x1fb/0x550
[ 1746.936660][T27583]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1746.936708][T27583]  alloc_pages_noprof+0x131/0x390
[ 1746.936746][T27583]  alloc_pages_exact_noprof+0x32/0xf0
[ 1746.936771][T27583]  snd_pcm_attach_substream+0x4cb/0xd60
[ 1746.936818][T27583]  snd_pcm_open_substream+0x90/0x1850
[ 1746.936857][T27583]  ? __pfx_snd_pcm_open_substream+0x10/0x10
[ 1746.936903][T27583]  snd_pcm_oss_open+0x735/0x1390
[ 1746.936943][T27583]  ? __pfx_snd_pcm_oss_open+0x10/0x10
[ 1746.936973][T27583]  ? __lock_acquire+0x4a5/0x2630
[ 1746.937007][T27583]  ? __pfx_default_wake_function+0x10/0x10
[ 1746.937036][T27583]  ? __lock_acquire+0x4a5/0x2630
[ 1746.937076][T27583]  ? do_raw_spin_lock+0x128/0x260
[ 1746.937128][T27583]  ? soundcore_open+0x231/0x5a0
[ 1746.937155][T27583]  ? __pfx_snd_pcm_oss_open+0x10/0x10
[ 1746.937185][T27583]  soundcore_open+0x2e3/0x5a0
[ 1746.937212][T27583]  ? __pfx_soundcore_open+0x10/0x10
[ 1746.937243][T27583]  chrdev_open+0x234/0x6a0
[ 1746.937272][T27583]  ? __pfx_apparmor_file_open+0x10/0x10
[ 1746.937304][T27583]  ? __pfx_chrdev_open+0x10/0x10
[ 1746.937335][T27583]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[ 1746.937370][T27583]  do_dentry_open+0x73e/0x1570
[ 1746.937399][T27583]  ? __pfx_chrdev_open+0x10/0x10
[ 1746.937448][T27583]  ? security_inode_permission+0xbf/0x250
[ 1746.937491][T27583]  vfs_open+0x82/0x3f0
[ 1746.937530][T27583]  path_openat+0x21dc/0x3120
[ 1746.937569][T27583]  ? __pfx_path_openat+0x10/0x10
[ 1746.937609][T27583]  do_filp_open+0x1f7/0x420
[ 1746.937641][T27583]  ? __pfx_do_filp_open+0x10/0x10
[ 1746.937690][T27583]  ? _raw_spin_unlock+0x28/0x50
[ 1746.937720][T27583]  ? alloc_fd+0x476/0x790
[ 1746.937757][T27583]  do_sys_openat2+0x12e/0x220
[ 1746.937795][T27583]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1746.937844][T27583]  __x64_sys_openat+0x12d/0x210
[ 1746.937883][T27583]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1746.937920][T27583]  ? xfd_validate_state+0x129/0x190
[ 1746.937969][T27583]  do_syscall_64+0xc9/0xf80
[ 1746.938001][T27583]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1746.938027][T27583] RIP: 0033:0x7f341eb9acb9
[ 1746.938047][T27583] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1746.938075][T27583] RSP: 002b:00007f341fa60028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1746.938100][T27583] RAX: ffffffffffffffda RBX: 00007f341ee15fa0 RCX: 00007f341eb9acb9
[ 1746.938117][T27583] RDX: 0000000000020342 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[ 1746.938133][T27583] RBP: 00007f341ec08bf7 R08: 0000000000000000 R09: 0000000000000000
[ 1746.938149][T27583] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1746.938164][T27583] R13: 00007f341ee16038 R14: 00007f341ee15fa0 R15: 00007fffdb8cbbf8
[ 1746.938196][T27583]  </TASK>
[ 1748.051124][T27563] memory+swap: usage 3300kB, limit 9007199254740988kB, failcnt 0
[ 1748.090229][T27563] kmem: usage 2944kB, limit 9007199254740988kB, failcnt 0
[ 1748.125597][T27563] Memory cgroup stats for /syz2:
[ 1748.125885][T27563] cache 0
[ 1748.153747][T27563] rss 4096
[ 1748.166758][T27563] rss_huge 0
[ 1748.182908][T27563] shmem 0
[ 1748.202264][T27563] mapped_file 0
[ 1748.249916][T27563] dirty 0
[ 1748.271806][T27563] writeback 0
[ 1748.296486][T27563] workingset_refault_anon 31058
[ 1748.334785][T27563] workingset_refault_file 15348
[ 1748.361098][T27563] swap 233472
[ 1748.373651][T27563] swapcached 131072
[ 1748.427153][T27563] pgpgin 759392
[ 1748.445788][T27563] pgpgout 796758
[ 1748.476446][T27563] pgfault 985040
[ 1748.489500][T27563] pgmajfault 14175
[ 1748.540228][T27563] inactive_anon 131072
[ 1748.544351][T27563] active_anon 0
[ 1748.547819][T27563] inactive_file 0
[ 1748.587560][T27563] active_file 0
[ 1748.628166][T27563] unevictable 0
[ 1748.632878][T27563] hierarchical_memory_limit 3145728
[ 1748.659547][T27563] hierarchical_memsw_limit 9223372036854771712
[ 1748.699666][T27563] total_cache 0
[ 1748.703176][T27563] total_rss 4096
[ 1748.732138][T27563] total_rss_huge 0
[ 1748.735921][T27563] total_shmem 0
[ 1748.784920][T27563] total_mapped_file 0
[ 1748.788981][T27563] total_dirty 0
[ 1748.831349][T27563] total_writeback 0
[ 1748.868443][T27563] total_workingset_refault_anon 31058
[ 1748.899521][T27563] total_workingset_refault_file 15348
[ 1748.928200][T27563] total_swap 233472
[ 1748.955613][T27563] total_swapcached 131072
[ 1748.974606][T27563] total_pgpgin 759392
[ 1749.018662][T27563] total_pgpgout 796758
[ 1749.038245][T27563] total_pgfault 985040
[ 1749.075840][T27563] total_pgmajfault 14175
[ 1749.107720][T27563] total_inactive_anon 131072
[ 1749.122689][T27563] total_active_anon 0
[ 1749.126713][T27563] total_inactive_file 0
[ 1749.179051][T27563] total_active_file 0
[ 1749.201753][T27563] total_unevictable 0
[ 1749.222284][T27563] anon_cost 17
[ 1749.272717][T27563] file_cost 0
[ 1749.296711][T27563] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.4901,pid=27558,uid=0
[ 1749.378856][T27563] Memory cgroup out of memory: Killed process 27558 (syz.2.4901) total-vm:102328kB, anon-rss:1336kB, file-rss:22428kB, shmem-rss:0kB, UID:0 pgtables:140kB oom_score_adj:1000
[ 1751.541515][T27637] FAULT_INJECTION: forcing a failure.
[ 1751.541515][T27637] name failslab, interval 1, probability 0, space 0, times 0
[ 1751.651900][T27637] CPU: 0 UID: 0 PID: 27637 Comm: syz.5.4924 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1751.651944][T27637] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1751.651956][T27637] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1751.651971][T27637] Call Trace:
[ 1751.651980][T27637]  <TASK>
[ 1751.651989][T27637]  dump_stack_lvl+0x100/0x190
[ 1751.652033][T27637]  should_fail_ex.cold+0x5/0xa
[ 1751.652075][T27637]  should_failslab+0xc2/0x120
[ 1751.652109][T27637]  __kmalloc_node_track_caller_noprof+0xf9/0x9d0
[ 1751.652142][T27637]  ? kfree+0x2a9/0x690
[ 1751.652165][T27637]  ? snd_pcm_hw_rule_add+0x3b3/0x510
[ 1751.652196][T27637]  ? krealloc_node_align_noprof+0xfe/0x3c0
[ 1751.652226][T27637]  krealloc_node_align_noprof+0xfe/0x3c0
[ 1751.652257][T27637]  ? find_held_lock+0x2b/0x80
[ 1751.652284][T27637]  snd_pcm_hw_rule_add+0x3b3/0x510
[ 1751.652311][T27637]  ? __pfx_snd_pcm_hw_rule_muldivk+0x10/0x10
[ 1751.652340][T27637]  ? __pfx_snd_pcm_hw_rule_add+0x10/0x10
[ 1751.652366][T27637]  ? __pfx_snd_pcm_hw_rule_add+0x10/0x10
[ 1751.652396][T27637]  ? mutex_init_lockep+0x110/0x150
[ 1751.652432][T27637]  ? snd_pcm_attach_substream+0x29b/0xd60
[ 1751.652476][T27637]  snd_pcm_open_substream+0x942/0x1850
[ 1751.652517][T27637]  ? __pfx_snd_pcm_open_substream+0x10/0x10
[ 1751.652562][T27637]  snd_pcm_oss_open+0x735/0x1390
[ 1751.652602][T27637]  ? __pfx_snd_pcm_oss_open+0x10/0x10
[ 1751.652632][T27637]  ? __lock_acquire+0x4a5/0x2630
[ 1751.652665][T27637]  ? __pfx_default_wake_function+0x10/0x10
[ 1751.652695][T27637]  ? __lock_acquire+0x4a5/0x2630
[ 1751.652734][T27637]  ? do_raw_spin_lock+0x128/0x260
[ 1751.652774][T27637]  ? soundcore_open+0x231/0x5a0
[ 1751.652802][T27637]  ? __pfx_snd_pcm_oss_open+0x10/0x10
[ 1751.652833][T27637]  soundcore_open+0x2e3/0x5a0
[ 1751.652861][T27637]  ? __pfx_soundcore_open+0x10/0x10
[ 1751.652888][T27637]  chrdev_open+0x234/0x6a0
[ 1751.652918][T27637]  ? __pfx_apparmor_file_open+0x10/0x10
[ 1751.652951][T27637]  ? __pfx_chrdev_open+0x10/0x10
[ 1751.652984][T27637]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[ 1751.653025][T27637]  do_dentry_open+0x73e/0x1570
[ 1751.653054][T27637]  ? __pfx_chrdev_open+0x10/0x10
[ 1751.653085][T27637]  ? security_inode_permission+0xbf/0x250
[ 1751.653128][T27637]  vfs_open+0x82/0x3f0
[ 1751.653168][T27637]  path_openat+0x21dc/0x3120
[ 1751.653206][T27637]  ? __pfx_path_openat+0x10/0x10
[ 1751.653247][T27637]  do_filp_open+0x1f7/0x420
[ 1751.653279][T27637]  ? __pfx_do_filp_open+0x10/0x10
[ 1751.653328][T27637]  ? _raw_spin_unlock+0x28/0x50
[ 1751.653352][T27637]  ? alloc_fd+0x476/0x790
[ 1751.653388][T27637]  do_sys_openat2+0x12e/0x220
[ 1751.653426][T27637]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1751.653475][T27637]  __x64_sys_openat+0x12d/0x210
[ 1751.653514][T27637]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1751.653551][T27637]  ? xfd_validate_state+0x129/0x190
[ 1751.653601][T27637]  do_syscall_64+0xc9/0xf80
[ 1751.653633][T27637]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1751.653658][T27637] RIP: 0033:0x7f114099acb9
[ 1751.653678][T27637] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1751.653704][T27637] RSP: 002b:00007f1141938028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1751.653728][T27637] RAX: ffffffffffffffda RBX: 00007f1140c15fa0 RCX: 00007f114099acb9
[ 1751.653745][T27637] RDX: 0000000000020342 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[ 1751.653762][T27637] RBP: 00007f1140a08bf7 R08: 0000000000000000 R09: 0000000000000000
[ 1751.653778][T27637] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1751.653794][T27637] R13: 00007f1140c16038 R14: 00007f1140c15fa0 R15: 00007ffd6ace6ca8
[ 1751.653826][T27637]  </TASK>
[ 1753.350528][T27640] syz.2.4925 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[ 1753.386365][T27640] CPU: 0 UID: 0 PID: 27640 Comm: syz.2.4925 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1753.386406][T27640] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1753.386416][T27640] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1753.386431][T27640] Call Trace:
[ 1753.386439][T27640]  <TASK>
[ 1753.386448][T27640]  dump_stack_lvl+0x100/0x190
[ 1753.386481][T27640]  dump_header+0xfb/0x606
[ 1753.386506][T27640]  oom_kill_process.cold+0xd/0x321
[ 1753.386533][T27640]  out_of_memory+0x340/0x14f0
[ 1753.386570][T27640]  ? __pfx_out_of_memory+0x10/0x10
[ 1753.386608][T27640]  mem_cgroup_out_of_memory+0xc6/0x130
[ 1753.386633][T27640]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1753.386676][T27640]  ? find_held_lock+0x2b/0x80
[ 1753.386705][T27640]  ? do_raw_spin_unlock+0x145/0x1e0
[ 1753.386743][T27640]  ? _raw_spin_unlock+0x28/0x50
[ 1753.386769][T27640]  try_charge_memcg+0x652/0xc90
[ 1753.386814][T27640]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1753.386854][T27640]  ? find_held_lock+0x2b/0x80
[ 1753.386876][T27640]  ? rcu_read_unlock+0x17/0x60
[ 1753.386909][T27640]  ? rcu_read_unlock+0x17/0x60
[ 1753.386946][T27640]  charge_memcg+0xa6/0x280
[ 1753.386979][T27640]  mem_cgroup_swapin_charge_folio+0xeb/0x470
[ 1753.387021][T27640]  __read_swap_cache_async+0x449/0x610
[ 1753.387052][T27640]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 1753.387078][T27640]  ? mlock_drain_local+0x254/0x4e0
[ 1753.387105][T27640]  ? mlock_drain_local+0x254/0x4e0
[ 1753.387143][T27640]  swap_cluster_readahead+0x414/0x770
[ 1753.387180][T27640]  ? __pfx_swap_cluster_readahead+0x10/0x10
[ 1753.387209][T27640]  ? __lock_acquire+0x4a5/0x2630
[ 1753.387240][T27640]  ? __lock_acquire+0x4a5/0x2630
[ 1753.387270][T27640]  ? move_cluster+0x1f7/0x570
[ 1753.387308][T27640]  ? get_vma_policy+0x23f/0x3b0
[ 1753.387346][T27640]  swapin_readahead+0x14b/0x12e0
[ 1753.387382][T27640]  ? __pfx_swapin_readahead+0x10/0x10
[ 1753.387409][T27640]  ? find_held_lock+0x2b/0x80
[ 1753.387433][T27640]  ? swap_cache_get_folio+0x272/0x920
[ 1753.387462][T27640]  ? swap_cache_get_folio+0x272/0x920
[ 1753.387486][T27640]  ? swap_cache_get_folio+0x1f/0x920
[ 1753.387509][T27640]  ? swap_cache_get_folio+0x2a2/0x920
[ 1753.387536][T27640]  ? __pfx_swap_cache_get_folio+0x10/0x10
[ 1753.387560][T27640]  ? __pfx_get_swap_device+0x10/0x10
[ 1753.387599][T27640]  ? do_swap_page+0x9ba/0x6810
[ 1753.387622][T27640]  do_swap_page+0x9ba/0x6810
[ 1753.387651][T27640]  ? __lock_acquire+0x4a5/0x2630
[ 1753.387689][T27640]  ? __pfx_do_swap_page+0x10/0x10
[ 1753.387717][T27640]  ? __pfx_default_wake_function+0x10/0x10
[ 1753.387748][T27640]  ? do_anonymous_page+0x9e9/0x1f40
[ 1753.387775][T27640]  ? rcu_is_watching+0x12/0xc0
[ 1753.387803][T27640]  ? ___pte_offset_map+0x179/0x310
[ 1753.387841][T27640]  __handle_mm_fault+0x18b9/0x2b50
[ 1753.387872][T27640]  ? reacquire_held_locks+0xce/0x1e0
[ 1753.387905][T27640]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1753.387936][T27640]  ? lock_vma_under_rcu+0x17c/0x5a0
[ 1753.387979][T27640]  handle_mm_fault+0x36d/0xa20
[ 1753.388011][T27640]  do_user_addr_fault+0x5a3/0x12f0
[ 1753.388046][T27640]  exc_page_fault+0x6f/0xd0
[ 1753.388073][T27640]  asm_exc_page_fault+0x26/0x30
[ 1753.388096][T27640] RIP: 0033:0x7fc78cc4a190
[ 1753.388114][T27640] Code: 68 00 00 00 00 e9 00 00 00 00 ff 25 2a 3f 39 00 68 00 00 00 00 e9 00 00 00 00 ff 25 22 3f 39 00 68 21 00 00 00 e9 90 fe ff ff <ff> 25 1a 3f 39 00 68 0a 00 00 00 e9 80 fe ff ff ff 25 12 3f 39 00
[ 1753.388138][T27640] RSP: 002b:00007fffb4ee8ea8 EFLAGS: 00010206
[ 1753.388157][T27640] RAX: 00007fc78dce1590 RBX: 00007fc78cfe5740 RCX: 000055558f3e8c40
[ 1753.388173][T27640] RDX: 0000000000000130 RSI: 0000000000000000 RDI: 00007fc78dce1590
[ 1753.388188][T27640] RBP: 0000000000000070 R08: 00007fc78cfe4cc0 R09: 0000000000000130
[ 1753.388204][T27640] R10: 0000000000021000 R11: 0000000000000000 R12: 0000000000000001
[ 1753.388218][T27640] R13: 0000000000000001 R14: 00007fc78db479a0 R15: 0000000000000000
[ 1753.388249][T27640]  </TASK>
[ 1753.775047][T27640] memory: usage 3072kB, limit 3072kB, failcnt 119100
[ 1753.781848][T27640] memory+swap: usage 3288kB, limit 9007199254740988kB, failcnt 0
[ 1753.789687][T27640] kmem: usage 2908kB, limit 9007199254740988kB, failcnt 0
[ 1753.796830][T27640] Memory cgroup stats for /syz2:
[ 1753.796991][T27640] cache 0
[ 1753.804959][T27640] rss 0
[ 1753.807796][T27640] rss_huge 0
[ 1753.811306][T27640] shmem 0
[ 1753.814350][T27640] mapped_file 0
[ 1753.817834][T27640] dirty 0
[ 1753.820887][T27640] writeback 0
[ 1753.824183][T27640] workingset_refault_anon 31164
[ 1753.829051][T27640] workingset_refault_file 15348
[ 1753.834017][T27640] swap 221184
[ 1753.837308][T27640] swapcached 167936
[ 1753.841177][T27640] pgpgin 759633
[ 1753.844644][T27640] pgpgout 796990
[ 1753.848192][T27640] pgfault 985511
[ 1753.851879][T27640] pgmajfault 14245
[ 1753.855608][T27640] inactive_anon 49152
[ 1753.861307][T27640] active_anon 118784
[ 1753.865234][T27640] inactive_file 0
[ 1753.868869][T27640] active_file 0
[ 1753.872446][T27640] unevictable 0
[ 1753.875909][T27640] hierarchical_memory_limit 3145728
[ 1753.881321][T27640] hierarchical_memsw_limit 9223372036854771712
[ 1753.887480][T27640] total_cache 0
[ 1753.891046][T27640] total_rss 0
[ 1753.894333][T27640] total_rss_huge 0
[ 1753.898052][T27640] total_shmem 0
[ 1753.901582][T27640] total_mapped_file 0
[ 1753.905570][T27640] total_dirty 0
[ 1753.909029][T27640] total_writeback 0
[ 1753.912956][T27640] total_workingset_refault_anon 31164
[ 1753.918335][T27640] total_workingset_refault_file 15348
[ 1753.923812][T27640] total_swap 221184
[ 1753.927627][T27640] total_swapcached 167936
[ 1753.932084][T27640] total_pgpgin 759633
[ 1753.936094][T27640] total_pgpgout 796990
[ 1753.940238][T27640] total_pgfault 985511
[ 1753.944317][T27640] total_pgmajfault 14245
[ 1753.948566][T27640] total_inactive_anon 49152
[ 1753.953185][T27640] total_active_anon 118784
[ 1753.957621][T27640] total_inactive_file 0
[ 1753.963545][T27640] total_active_file 0
[ 1753.967566][T27640] total_unevictable 0
[ 1753.971808][T27640] anon_cost 17
[ 1753.975197][T27640] file_cost 0
[ 1753.978490][T27640] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.4925,pid=27640,uid=0
[ 1753.993559][T27640] Memory cgroup out of memory: Killed process 27640 (syz.2.4925) total-vm:102592kB, anon-rss:1336kB, file-rss:22576kB, shmem-rss:0kB, UID:0 pgtables:148kB oom_score_adj:1000
[ 1755.826420][T27637] Process accounting resumed
[ 1757.035660][T27703] FAULT_INJECTION: forcing a failure.
[ 1757.035660][T27703] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1757.129320][T27703] CPU: 0 UID: 0 PID: 27703 Comm: syz.2.4943 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1757.129362][T27703] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1757.129377][T27703] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1757.129393][T27703] Call Trace:
[ 1757.129401][T27703]  <TASK>
[ 1757.129411][T27703]  dump_stack_lvl+0x100/0x190
[ 1757.129457][T27703]  should_fail_ex.cold+0x5/0xa
[ 1757.129494][T27703]  ? prepare_alloc_pages+0x16d/0x5f0
[ 1757.129535][T27703]  should_fail_alloc_page+0xeb/0x140
[ 1757.129572][T27703]  prepare_alloc_pages+0x1f0/0x5f0
[ 1757.129610][T27703]  ? rcu_is_watching+0x12/0xc0
[ 1757.129637][T27703]  __alloc_frozen_pages_noprof+0x193/0x2410
[ 1757.129672][T27703]  ? stack_trace_save+0x8e/0xc0
[ 1757.129699][T27703]  ? __pfx_stack_trace_save+0x10/0x10
[ 1757.129726][T27703]  ? is_bpf_text_address+0x94/0x1a0
[ 1757.129766][T27703]  ? stack_depot_save_flags+0x27/0x9c0
[ 1757.129805][T27703]  ? __kernel_text_address+0xd/0x30
[ 1757.129847][T27703]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1757.129877][T27703]  ? kasan_save_stack+0x3f/0x50
[ 1757.129908][T27703]  ? kasan_save_track+0x14/0x30
[ 1757.129937][T27703]  ? snd_pcm_attach_substream+0x451/0xd60
[ 1757.129975][T27703]  ? snd_pcm_open_substream+0x90/0x1850
[ 1757.130010][T27703]  ? snd_pcm_oss_open+0x735/0x1390
[ 1757.130037][T27703]  ? soundcore_open+0x2e3/0x5a0
[ 1757.130061][T27703]  ? chrdev_open+0x234/0x6a0
[ 1757.130091][T27703]  ? vfs_open+0x82/0x3f0
[ 1757.130128][T27703]  ? __lock_acquire+0x4a5/0x2630
[ 1757.130166][T27703]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1757.130195][T27703]  ? policy_nodemask+0xed/0x4f0
[ 1757.130232][T27703]  alloc_pages_mpol+0x1fb/0x550
[ 1757.130268][T27703]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1757.130312][T27703]  alloc_pages_noprof+0x131/0x390
[ 1757.130349][T27703]  alloc_pages_exact_noprof+0x32/0xf0
[ 1757.130374][T27703]  snd_pcm_attach_substream+0x4cb/0xd60
[ 1757.130419][T27703]  snd_pcm_open_substream+0x90/0x1850
[ 1757.130464][T27703]  ? __pfx_snd_pcm_open_substream+0x10/0x10
[ 1757.130510][T27703]  snd_pcm_oss_open+0x735/0x1390
[ 1757.130550][T27703]  ? __pfx_snd_pcm_oss_open+0x10/0x10
[ 1757.130581][T27703]  ? __lock_acquire+0x4a5/0x2630
[ 1757.130614][T27703]  ? __pfx_default_wake_function+0x10/0x10
[ 1757.130644][T27703]  ? __lock_acquire+0x4a5/0x2630
[ 1757.130688][T27703]  ? do_raw_spin_lock+0x128/0x260
[ 1757.130727][T27703]  ? soundcore_open+0x231/0x5a0
[ 1757.130755][T27703]  ? __pfx_snd_pcm_oss_open+0x10/0x10
[ 1757.130786][T27703]  soundcore_open+0x2e3/0x5a0
[ 1757.130815][T27703]  ? __pfx_soundcore_open+0x10/0x10
[ 1757.130841][T27703]  chrdev_open+0x234/0x6a0
[ 1757.130872][T27703]  ? __pfx_apparmor_file_open+0x10/0x10
[ 1757.130905][T27703]  ? __pfx_chrdev_open+0x10/0x10
[ 1757.130938][T27703]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[ 1757.130974][T27703]  do_dentry_open+0x73e/0x1570
[ 1757.131002][T27703]  ? __pfx_chrdev_open+0x10/0x10
[ 1757.131033][T27703]  ? security_inode_permission+0xbf/0x250
[ 1757.131076][T27703]  vfs_open+0x82/0x3f0
[ 1757.131115][T27703]  path_openat+0x21dc/0x3120
[ 1757.131154][T27703]  ? __pfx_path_openat+0x10/0x10
[ 1757.131195][T27703]  do_filp_open+0x1f7/0x420
[ 1757.131226][T27703]  ? __pfx_do_filp_open+0x10/0x10
[ 1757.131276][T27703]  ? _raw_spin_unlock+0x28/0x50
[ 1757.131300][T27703]  ? alloc_fd+0x476/0x790
[ 1757.131336][T27703]  do_sys_openat2+0x12e/0x220
[ 1757.131374][T27703]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1757.131423][T27703]  __x64_sys_openat+0x12d/0x210
[ 1757.131470][T27703]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1757.131508][T27703]  ? xfd_validate_state+0x129/0x190
[ 1757.131558][T27703]  do_syscall_64+0xc9/0xf80
[ 1757.131591][T27703]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1757.131616][T27703] RIP: 0033:0x7fc78cd9acb9
[ 1757.131636][T27703] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1757.131662][T27703] RSP: 002b:00007fc78dd23028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1757.131686][T27703] RAX: ffffffffffffffda RBX: 00007fc78d015fa0 RCX: 00007fc78cd9acb9
[ 1757.131704][T27703] RDX: 0000000000020342 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[ 1757.131720][T27703] RBP: 00007fc78ce08bf7 R08: 0000000000000000 R09: 0000000000000000
[ 1757.131736][T27703] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1757.131752][T27703] R13: 00007fc78d016038 R14: 00007fc78d015fa0 R15: 00007fffb4ee8f98
[ 1757.131784][T27703]  </TASK>
[ 1757.896481][T27706] syz.2.4943 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=2, oom_score_adj=1000
[ 1757.908389][T27706] CPU: 0 UID: 0 PID: 27706 Comm: syz.2.4943 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1757.908431][T27706] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1757.908442][T27706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1757.908457][T27706] Call Trace:
[ 1757.908469][T27706]  <TASK>
[ 1757.908479][T27706]  dump_stack_lvl+0x100/0x190
[ 1757.908513][T27706]  dump_header+0xfb/0x606
[ 1757.908539][T27706]  oom_kill_process.cold+0xd/0x321
[ 1757.908566][T27706]  out_of_memory+0x340/0x14f0
[ 1757.908604][T27706]  ? __pfx_out_of_memory+0x10/0x10
[ 1757.908643][T27706]  mem_cgroup_out_of_memory+0xc6/0x130
[ 1757.908669][T27706]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1757.908693][T27706]  ? find_held_lock+0x2b/0x80
[ 1757.908723][T27706]  ? do_raw_spin_unlock+0x145/0x1e0
[ 1757.908761][T27706]  ? _raw_spin_unlock+0x28/0x50
[ 1757.908794][T27706]  try_charge_memcg+0x652/0xc90
[ 1757.908835][T27706]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1757.908867][T27706]  ? rcu_read_unlock+0x17/0x60
[ 1757.908902][T27706]  ? rcu_read_unlock+0x17/0x60
[ 1757.908943][T27706]  ? get_mem_cgroup_from_objcg+0xd3/0x330
[ 1757.908974][T27706]  obj_cgroup_charge_account+0x335/0x7e0
[ 1757.909015][T27706]  __memcg_slab_post_alloc_hook+0x2e4/0x880
[ 1757.909061][T27706]  __kmalloc_cache_noprof+0x62a/0x810
[ 1757.909088][T27706]  ? ipv6_add_dev+0x670/0x1520
[ 1757.909128][T27706]  ? ipv6_add_dev+0x670/0x1520
[ 1757.909165][T27706]  ipv6_add_dev+0x670/0x1520
[ 1757.909205][T27706]  addrconf_notify+0x563/0x19c0
[ 1757.909238][T27706]  ? ip6mr_device_event+0x1bc/0x230
[ 1757.909271][T27706]  notifier_call_chain+0x99/0x3b0
[ 1757.909311][T27706]  call_netdevice_notifiers_info+0xbe/0x110
[ 1757.909341][T27706]  register_netdevice+0x16b9/0x21d0
[ 1757.909397][T27706]  ? __pfx_register_netdevice+0x10/0x10
[ 1757.909445][T27706]  __ip_tunnel_create+0x52b/0x670
[ 1757.909486][T27706]  ? __pfx___ip_tunnel_create+0x10/0x10
[ 1757.909523][T27706]  ? net_generic+0xea/0x2a0
[ 1757.909568][T27706]  ip_tunnel_init_net+0x230/0x780
[ 1757.909595][T27706]  ? __pfx_ip_tunnel_init_net+0x10/0x10
[ 1757.909631][T27706]  ? __pfx_erspan_init_net+0x10/0x10
[ 1757.909664][T27706]  ops_init+0x1e2/0x5f0
[ 1757.909705][T27706]  setup_net+0x118/0x3a0
[ 1757.909744][T27706]  ? __pfx_setup_net+0x10/0x10
[ 1757.909780][T27706]  ? lockdep_init_map_type+0x5c/0x250
[ 1757.909814][T27706]  ? mutex_init_lockep+0x110/0x150
[ 1757.909854][T27706]  copy_net_ns+0x46f/0x7c0
[ 1757.909880][T27706]  create_new_namespaces+0x3ea/0xab0
[ 1757.909915][T27706]  unshare_nsproxy_namespaces+0xc3/0x1f0
[ 1757.909946][T27706]  ksys_unshare+0x455/0xab0
[ 1757.909983][T27706]  ? __pfx_ksys_unshare+0x10/0x10
[ 1757.910018][T27706]  ? xfd_validate_state+0x129/0x190
[ 1757.910072][T27706]  __x64_sys_unshare+0x31/0x40
[ 1757.910106][T27706]  do_syscall_64+0xc9/0xf80
[ 1757.910139][T27706]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1757.910163][T27706] RIP: 0033:0x7fc78cd9acb9
[ 1757.910184][T27706] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1757.910209][T27706] RSP: 002b:00007fc78dd02028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[ 1757.910233][T27706] RAX: ffffffffffffffda RBX: 00007fc78d016090 RCX: 00007fc78cd9acb9
[ 1757.910249][T27706] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[ 1757.910263][T27706] RBP: 00007fc78ce08bf7 R08: 0000000000000000 R09: 0000000000000000
[ 1757.910279][T27706] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1757.910294][T27706] R13: 00007fc78d016128 R14: 00007fc78d016090 R15: 00007fffb4ee8f98
[ 1757.910326][T27706]  </TASK>
[ 1759.581536][T27706] memory: usage 3072kB, limit 3072kB, failcnt 121657
[ 1759.796461][T27706] memory+swap: usage 7368kB, limit 9007199254740988kB, failcnt 0
[ 1759.862034][T27706] kmem: usage 2900kB, limit 9007199254740988kB, failcnt 0
[ 1759.899288][T27706] Memory cgroup stats for /syz2:
[ 1759.922038][T27706] cache 0
[ 1759.989282][T27706] rss 0
[ 1759.992104][T27706] rss_huge 0
[ 1759.995311][T27706] shmem 0
[ 1759.998296][T27706] mapped_file 0
[ 1760.078093][T27706] dirty 0
[ 1760.103208][T27706] writeback 0
[ 1760.143284][T27706] workingset_refault_anon 31386
[ 1760.148182][T27706] workingset_refault_file 15348
[ 1760.221032][T27706] swap 4399104
[ 1760.224458][T27706] swapcached 167936
[ 1760.228358][T27706] pgpgin 762120
[ 1760.303334][T27706] pgpgout 799477
[ 1760.306939][T27706] pgfault 988454
[ 1760.346249][T27706] pgmajfault 14371
[ 1760.373483][T27706] inactive_anon 49152
[ 1760.377515][T27706] active_anon 118784
[ 1760.428925][T27706] inactive_file 0
[ 1760.469323][T27706] active_file 0
[ 1760.483210][T27706] unevictable 0
[ 1760.493480][T27706] hierarchical_memory_limit 3145728
[ 1760.540952][T27706] hierarchical_memsw_limit 9223372036854771712
[ 1760.583676][T27706] total_cache 0
[ 1760.602954][T27706] total_rss 0
[ 1760.606409][T27706] total_rss_huge 0
[ 1760.638700][T27706] total_shmem 0
[ 1760.658956][T27706] total_mapped_file 0
[ 1760.681157][T27706] total_dirty 0
[ 1760.684714][T27706] total_writeback 0
[ 1760.688538][T27706] total_workingset_refault_anon 31386
[ 1760.739308][T27706] total_workingset_refault_file 15348
[ 1760.776318][T27706] total_swap 4399104
[ 1760.789439][T27706] total_swapcached 167936
[ 1760.793807][T27706] total_pgpgin 762120
[ 1760.831395][T27706] total_pgpgout 799477
[ 1760.835546][T27706] total_pgfault 988454
[ 1760.885811][T27706] total_pgmajfault 14371
[ 1760.906061][T27706] total_inactive_anon 49152
[ 1760.919272][T27706] total_active_anon 118784
[ 1760.942670][T27706] total_inactive_file 0
[ 1760.967330][T27706] total_active_file 0
[ 1760.985034][T27706] total_unevictable 0
[ 1761.009336][T27706] anon_cost 17
[ 1761.022983][T27706] file_cost 0
[ 1761.047535][T27706] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.4943,pid=27702,uid=0
[ 1761.119340][T27706] Memory cgroup out of memory: Killed process 27702 (syz.2.4943) total-vm:135228kB, anon-rss:1336kB, file-rss:22540kB, shmem-rss:0kB, UID:0 pgtables:160kB oom_score_adj:1000
[ 1762.928445][T27750] zswap: compressor  not available
[ 1763.529586][T27764] netlink: 25 bytes leftover after parsing attributes in process `syz.5.4960'.
[ 1765.534957][T27789] FAULT_INJECTION: forcing a failure.
[ 1765.534957][T27789] name failslab, interval 1, probability 0, space 0, times 0
[ 1765.648583][T27789] CPU: 0 UID: 0 PID: 27789 Comm: syz.1.4965 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1765.648628][T27789] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1765.648639][T27789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1765.648654][T27789] Call Trace:
[ 1765.648669][T27789]  <TASK>
[ 1765.648679][T27789]  dump_stack_lvl+0x100/0x190
[ 1765.648714][T27789]  should_fail_ex.cold+0x5/0xa
[ 1765.648756][T27789]  should_failslab+0xc2/0x120
[ 1765.648792][T27789]  __kmalloc_node_track_caller_noprof+0xf9/0x9d0
[ 1765.648825][T27789]  ? kfree+0x2a9/0x690
[ 1765.648848][T27789]  ? snd_pcm_hw_rule_add+0x3b3/0x510
[ 1765.648880][T27789]  ? krealloc_node_align_noprof+0xfe/0x3c0
[ 1765.648910][T27789]  krealloc_node_align_noprof+0xfe/0x3c0
[ 1765.648941][T27789]  ? find_held_lock+0x2b/0x80
[ 1765.648969][T27789]  snd_pcm_hw_rule_add+0x3b3/0x510
[ 1765.648997][T27789]  ? __pfx_snd_pcm_hw_rule_muldivk+0x10/0x10
[ 1765.649026][T27789]  ? __pfx_snd_pcm_hw_rule_add+0x10/0x10
[ 1765.649052][T27789]  ? __pfx_snd_pcm_hw_rule_add+0x10/0x10
[ 1765.649083][T27789]  ? mutex_init_lockep+0x110/0x150
[ 1765.649119][T27789]  ? snd_pcm_attach_substream+0x29b/0xd60
[ 1765.649176][T27789]  snd_pcm_open_substream+0x942/0x1850
[ 1765.649217][T27789]  ? __pfx_snd_pcm_open_substream+0x10/0x10
[ 1765.649263][T27789]  snd_pcm_oss_open+0x735/0x1390
[ 1765.649304][T27789]  ? __pfx_snd_pcm_oss_open+0x10/0x10
[ 1765.649334][T27789]  ? __lock_acquire+0x4a5/0x2630
[ 1765.649367][T27789]  ? __pfx_default_wake_function+0x10/0x10
[ 1765.649397][T27789]  ? __lock_acquire+0x4a5/0x2630
[ 1765.649436][T27789]  ? do_raw_spin_lock+0x128/0x260
[ 1765.649475][T27789]  ? soundcore_open+0x231/0x5a0
[ 1765.649504][T27789]  ? __pfx_snd_pcm_oss_open+0x10/0x10
[ 1765.649535][T27789]  soundcore_open+0x2e3/0x5a0
[ 1765.649563][T27789]  ? __pfx_soundcore_open+0x10/0x10
[ 1765.649589][T27789]  chrdev_open+0x234/0x6a0
[ 1765.649620][T27789]  ? __pfx_apparmor_file_open+0x10/0x10
[ 1765.649653][T27789]  ? __pfx_chrdev_open+0x10/0x10
[ 1765.649695][T27789]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[ 1765.649732][T27789]  do_dentry_open+0x73e/0x1570
[ 1765.649761][T27789]  ? __pfx_chrdev_open+0x10/0x10
[ 1765.649792][T27789]  ? security_inode_permission+0xbf/0x250
[ 1765.649835][T27789]  vfs_open+0x82/0x3f0
[ 1765.649875][T27789]  path_openat+0x21dc/0x3120
[ 1765.649914][T27789]  ? __pfx_path_openat+0x10/0x10
[ 1765.649954][T27789]  do_filp_open+0x1f7/0x420
[ 1765.649986][T27789]  ? __pfx_do_filp_open+0x10/0x10
[ 1765.650035][T27789]  ? _raw_spin_unlock+0x28/0x50
[ 1765.650059][T27789]  ? alloc_fd+0x476/0x790
[ 1765.650095][T27789]  do_sys_openat2+0x12e/0x220
[ 1765.650133][T27789]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1765.650182][T27789]  __x64_sys_openat+0x12d/0x210
[ 1765.650221][T27789]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1765.650259][T27789]  ? xfd_validate_state+0x129/0x190
[ 1765.650309][T27789]  do_syscall_64+0xc9/0xf80
[ 1765.650341][T27789]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1765.650383][T27789] RIP: 0033:0x7f1a20b9acb9
[ 1765.650404][T27789] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1765.650430][T27789] RSP: 002b:00007f1a21af9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1765.650455][T27789] RAX: ffffffffffffffda RBX: 00007f1a20e15fa0 RCX: 00007f1a20b9acb9
[ 1765.650472][T27789] RDX: 0000000000020342 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[ 1765.650489][T27789] RBP: 00007f1a20c08bf7 R08: 0000000000000000 R09: 0000000000000000
[ 1765.650505][T27789] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1765.650520][T27789] R13: 00007f1a20e16038 R14: 00007f1a20e15fa0 R15: 00007ffea93879e8
[ 1765.650551][T27789]  </TASK>
[ 1766.020129][T27779] syz.2.4964 invoked oom-killer: gfp_mask=0x400cc0(GFP_KERNEL_ACCOUNT), order=1, oom_score_adj=1000
[ 1766.031002][T27779] CPU: 0 UID: 0 PID: 27779 Comm: syz.2.4964 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1766.031042][T27779] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1766.031053][T27779] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1766.031068][T27779] Call Trace:
[ 1766.031078][T27779]  <TASK>
[ 1766.031088][T27779]  dump_stack_lvl+0x100/0x190
[ 1766.031121][T27779]  dump_header+0xfb/0x606
[ 1766.031147][T27779]  oom_kill_process.cold+0xd/0x321
[ 1766.031175][T27779]  out_of_memory+0x340/0x14f0
[ 1766.031212][T27779]  ? __pfx_out_of_memory+0x10/0x10
[ 1766.031251][T27779]  mem_cgroup_out_of_memory+0xc6/0x130
[ 1766.031278][T27779]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1766.031302][T27779]  ? find_held_lock+0x2b/0x80
[ 1766.031332][T27779]  ? do_raw_spin_unlock+0x145/0x1e0
[ 1766.031370][T27779]  ? _raw_spin_unlock+0x28/0x50
[ 1766.031397][T27779]  try_charge_memcg+0x652/0xc90
[ 1766.031438][T27779]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1766.031470][T27779]  ? rcu_read_unlock+0x17/0x60
[ 1766.031504][T27779]  ? rcu_read_unlock+0x17/0x60
[ 1766.031546][T27779]  ? get_mem_cgroup_from_objcg+0xd3/0x330
[ 1766.031577][T27779]  obj_cgroup_charge_account+0x335/0x7e0
[ 1766.031618][T27779]  __memcg_slab_post_alloc_hook+0x2e4/0x880
[ 1766.031669][T27779]  __kmalloc_node_track_caller_noprof+0x77f/0x9d0
[ 1766.031705][T27779]  ? neigh_sysctl_register+0xb4/0x660
[ 1766.031746][T27779]  ? kmemdup_noprof+0x29/0x60
[ 1766.031775][T27779]  ? lockdep_hardirqs_on+0x78/0x100
[ 1766.031802][T27779]  kmemdup_noprof+0x29/0x60
[ 1766.031834][T27779]  neigh_sysctl_register+0xb4/0x660
[ 1766.031873][T27779]  ? __pfx_neigh_sysctl_register+0x10/0x10
[ 1766.031907][T27779]  ? inetdev_init+0x245/0x570
[ 1766.031927][T27779]  ? inetdev_event+0x7fa/0x17f0
[ 1766.031959][T27779]  ? notifier_call_chain+0x99/0x3b0
[ 1766.031994][T27779]  ? copy_net_ns+0x46f/0x7c0
[ 1766.032015][T27779]  ? create_new_namespaces+0x3ea/0xab0
[ 1766.032039][T27779]  ? unshare_nsproxy_namespaces+0xc3/0x1f0
[ 1766.032065][T27779]  ? ksys_unshare+0x455/0xab0
[ 1766.032097][T27779]  ? __x64_sys_unshare+0x31/0x40
[ 1766.032128][T27779]  ? do_syscall_64+0xc9/0xf80
[ 1766.032154][T27779]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1766.032182][T27779]  devinet_sysctl_register+0xb6/0x210
[ 1766.032208][T27779]  inetdev_init+0x2b8/0x570
[ 1766.032232][T27779]  inetdev_event+0x7fa/0x17f0
[ 1766.032256][T27779]  ? ib_netdevice_event+0xfc/0x330
[ 1766.032284][T27779]  ? __pfx_inetdev_event+0x10/0x10
[ 1766.032308][T27779]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1766.032338][T27779]  notifier_call_chain+0x99/0x3b0
[ 1766.032375][T27779]  call_netdevice_notifiers_info+0xbe/0x110
[ 1766.032421][T27779]  register_netdevice+0x16b9/0x21d0
[ 1766.032466][T27779]  ? __pfx_register_netdevice+0x10/0x10
[ 1766.032513][T27779]  __ip_tunnel_create+0x52b/0x670
[ 1766.032554][T27779]  ? __pfx___ip_tunnel_create+0x10/0x10
[ 1766.032590][T27779]  ? net_generic+0xea/0x2a0
[ 1766.032635][T27779]  ip_tunnel_init_net+0x230/0x780
[ 1766.032666][T27779]  ? __pfx_ip_tunnel_init_net+0x10/0x10
[ 1766.032701][T27779]  ? __pfx_erspan_init_net+0x10/0x10
[ 1766.032734][T27779]  ops_init+0x1e2/0x5f0
[ 1766.032775][T27779]  setup_net+0x118/0x3a0
[ 1766.032813][T27779]  ? __pfx_setup_net+0x10/0x10
[ 1766.032849][T27779]  ? lockdep_init_map_type+0x5c/0x250
[ 1766.032883][T27779]  ? mutex_init_lockep+0x110/0x150
[ 1766.032922][T27779]  copy_net_ns+0x46f/0x7c0
[ 1766.032949][T27779]  create_new_namespaces+0x3ea/0xab0
[ 1766.032983][T27779]  unshare_nsproxy_namespaces+0xc3/0x1f0
[ 1766.033014][T27779]  ksys_unshare+0x455/0xab0
[ 1766.033050][T27779]  ? __pfx_ksys_unshare+0x10/0x10
[ 1766.033085][T27779]  ? xfd_validate_state+0x129/0x190
[ 1766.033133][T27779]  __x64_sys_unshare+0x31/0x40
[ 1766.033167][T27779]  do_syscall_64+0xc9/0xf80
[ 1766.033198][T27779]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1766.033223][T27779] RIP: 0033:0x7fc78cd9acb9
[ 1766.033243][T27779] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1766.033266][T27779] RSP: 002b:00007fc78dd23028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[ 1766.033288][T27779] RAX: ffffffffffffffda RBX: 00007fc78d015fa0 RCX: 00007fc78cd9acb9
[ 1766.033305][T27779] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[ 1766.033320][T27779] RBP: 00007fc78ce08bf7 R08: 0000000000000000 R09: 0000000000000000
[ 1766.033334][T27779] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1766.033349][T27779] R13: 00007fc78d016038 R14: 00007fc78d015fa0 R15: 00007fffb4ee8f98
[ 1766.033381][T27779]  </TASK>
[ 1766.033390][T27779] memory: usage 3072kB, limit 3072kB, failcnt 123059
[ 1766.788837][T27779] memory+swap: usage 3276kB, limit 9007199254740988kB, failcnt 0
[ 1766.839249][T27779] kmem: usage 2912kB, limit 9007199254740988kB, failcnt 0
[ 1766.846417][T27779] Memory cgroup stats for /syz2:
[ 1766.846591][T27779] cache 0
[ 1766.969336][T27779] rss 0
[ 1767.039250][T27779] rss_huge 0
[ 1767.049266][T27779] shmem 0
[ 1767.052260][T27779] mapped_file 0
[ 1767.055721][T27779] dirty 0
[ 1767.058667][T27779] writeback 0
[ 1767.181419][T27779] workingset_refault_anon 31563
[ 1767.252445][T27779] workingset_refault_file 15348
[ 1767.257366][T27779] swap 208896
[ 1767.327159][T27779] swapcached 163840
[ 1767.367655][T27779] pgpgin 763418
[ 1767.382551][T27779] pgpgout 800776
[ 1767.426624][T27779] pgfault 989932
[ 1767.439922][T27779] pgmajfault 14440
[ 1767.459267][T27779] inactive_anon 126976
[ 1767.463386][T27779] active_anon 0
[ 1767.481593][T27779] inactive_file 0
[ 1767.485276][T27779] active_file 0
[ 1767.488771][T27779] unevictable 0
[ 1767.509934][T27779] hierarchical_memory_limit 3145728
[ 1767.515182][T27779] hierarchical_memsw_limit 9223372036854771712
[ 1767.533723][T27779] total_cache 0
[ 1767.547534][T27779] total_rss 0
[ 1767.551371][T27779] total_rss_huge 0
[ 1767.555101][T27779] total_shmem 0
[ 1767.570474][T27779] total_mapped_file 0
[ 1767.574568][T27779] total_dirty 0
[ 1767.578032][T27779] total_writeback 0
[ 1767.595976][T27779] total_workingset_refault_anon 31563
[ 1767.617596][T27779] total_workingset_refault_file 15348
[ 1767.626404][T27779] total_swap 208896
[ 1767.642054][T27779] total_swapcached 163840
[ 1767.656673][T27779] total_pgpgin 763418
[ 1767.669446][T27779] total_pgpgout 800776
[ 1767.678102][T27779] total_pgfault 989932
[ 1767.691337][T27779] total_pgmajfault 14440
[ 1767.701777][T27779] total_inactive_anon 126976
[ 1767.712135][T27779] total_active_anon 0
[ 1767.721695][T27779] total_inactive_file 0
[ 1767.733191][T27779] total_active_file 0
[ 1767.746538][T27779] total_unevictable 0
[ 1767.756681][T27779] anon_cost 17
[ 1767.764798][T27779] file_cost 0
[ 1767.779926][T27779] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.4964,pid=27778,uid=0
[ 1767.819035][T27779] Memory cgroup out of memory: Killed process 27778 (syz.2.4964) total-vm:170176kB, anon-rss:1336kB, file-rss:22688kB, shmem-rss:0kB, UID:0 pgtables:148kB oom_score_adj:1000
[ 1768.717965][T27810] Invalid ELF header magic: != ELF
[ 1770.492316][T27811] syz.2.4969 invoked oom-killer: gfp_mask=0x400cc0(GFP_KERNEL_ACCOUNT), order=1, oom_score_adj=1000
[ 1770.726925][T27811] CPU: 0 UID: 0 PID: 27811 Comm: syz.2.4969 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1770.726969][T27811] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1770.726980][T27811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1770.726995][T27811] Call Trace:
[ 1770.727003][T27811]  <TASK>
[ 1770.727013][T27811]  dump_stack_lvl+0x100/0x190
[ 1770.727047][T27811]  dump_header+0xfb/0x606
[ 1770.727072][T27811]  oom_kill_process.cold+0xd/0x321
[ 1770.727100][T27811]  out_of_memory+0x340/0x14f0
[ 1770.727137][T27811]  ? __pfx_out_of_memory+0x10/0x10
[ 1770.727176][T27811]  mem_cgroup_out_of_memory+0xc6/0x130
[ 1770.727209][T27811]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1770.727233][T27811]  ? find_held_lock+0x2b/0x80
[ 1770.727263][T27811]  ? do_raw_spin_unlock+0x145/0x1e0
[ 1770.727301][T27811]  ? _raw_spin_unlock+0x28/0x50
[ 1770.727328][T27811]  try_charge_memcg+0x652/0xc90
[ 1770.727368][T27811]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1770.727400][T27811]  ? rcu_read_unlock+0x17/0x60
[ 1770.727435][T27811]  ? rcu_read_unlock+0x17/0x60
[ 1770.727477][T27811]  ? get_mem_cgroup_from_objcg+0xd3/0x330
[ 1770.727507][T27811]  obj_cgroup_charge_account+0x335/0x7e0
[ 1770.727549][T27811]  __memcg_slab_post_alloc_hook+0x2e4/0x880
[ 1770.727595][T27811]  __kmalloc_node_track_caller_noprof+0x77f/0x9d0
[ 1770.727630][T27811]  ? neigh_sysctl_register+0xb4/0x660
[ 1770.727671][T27811]  ? kmemdup_noprof+0x29/0x60
[ 1770.727701][T27811]  ? lockdep_hardirqs_on+0x78/0x100
[ 1770.727728][T27811]  kmemdup_noprof+0x29/0x60
[ 1770.727759][T27811]  neigh_sysctl_register+0xb4/0x660
[ 1770.727802][T27811]  ? __pfx_neigh_sysctl_register+0x10/0x10
[ 1770.727837][T27811]  ? inetdev_init+0x245/0x570
[ 1770.727857][T27811]  ? inetdev_event+0x7fa/0x17f0
[ 1770.727878][T27811]  ? notifier_call_chain+0x99/0x3b0
[ 1770.727915][T27811]  ? copy_net_ns+0x46f/0x7c0
[ 1770.727937][T27811]  ? create_new_namespaces+0x3ea/0xab0
[ 1770.727963][T27811]  ? copy_namespaces+0x468/0x5e0
[ 1770.727987][T27811]  ? copy_process+0x32d5/0x7890
[ 1770.728018][T27811]  ? kernel_clone+0xfc/0x930
[ 1770.728048][T27811]  ? __do_sys_clone3+0x214/0x290
[ 1770.728080][T27811]  ? do_syscall_64+0xc9/0xf80
[ 1770.728111][T27811]  devinet_sysctl_register+0xb6/0x210
[ 1770.728139][T27811]  inetdev_init+0x2b8/0x570
[ 1770.728163][T27811]  inetdev_event+0x7fa/0x17f0
[ 1770.728192][T27811]  ? ib_netdevice_event+0xfc/0x330
[ 1770.728219][T27811]  ? __pfx_inetdev_event+0x10/0x10
[ 1770.728244][T27811]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1770.728275][T27811]  notifier_call_chain+0x99/0x3b0
[ 1770.728314][T27811]  call_netdevice_notifiers_info+0xbe/0x110
[ 1770.728342][T27811]  register_netdevice+0x16b9/0x21d0
[ 1770.728388][T27811]  ? __pfx_register_netdevice+0x10/0x10
[ 1770.728435][T27811]  __ip_tunnel_create+0x52b/0x670
[ 1770.728476][T27811]  ? __pfx___ip_tunnel_create+0x10/0x10
[ 1770.728513][T27811]  ? net_generic+0xea/0x2a0
[ 1770.728558][T27811]  ip_tunnel_init_net+0x230/0x780
[ 1770.728584][T27811]  ? __pfx_ip_tunnel_init_net+0x10/0x10
[ 1770.728620][T27811]  ? __pfx_ipgre_tap_init_net+0x10/0x10
[ 1770.728655][T27811]  ops_init+0x1e2/0x5f0
[ 1770.728696][T27811]  setup_net+0x118/0x3a0
[ 1770.728733][T27811]  ? __pfx_setup_net+0x10/0x10
[ 1770.728769][T27811]  ? lockdep_init_map_type+0x5c/0x250
[ 1770.728803][T27811]  ? mutex_init_lockep+0x110/0x150
[ 1770.728842][T27811]  copy_net_ns+0x46f/0x7c0
[ 1770.728869][T27811]  create_new_namespaces+0x3ea/0xab0
[ 1770.728903][T27811]  copy_namespaces+0x468/0x5e0
[ 1770.728932][T27811]  copy_process+0x32d5/0x7890
[ 1770.728977][T27811]  ? __pfx_copy_process+0x10/0x10
[ 1770.729017][T27811]  ? _copy_from_user+0x59/0xd0
[ 1770.729058][T27811]  kernel_clone+0xfc/0x930
[ 1770.729093][T27811]  ? __pfx_kernel_clone+0x10/0x10
[ 1770.729132][T27811]  ? __pfx_futex_wait+0x10/0x10
[ 1770.729163][T27811]  __do_sys_clone3+0x214/0x290
[ 1770.729201][T27811]  ? __pfx___do_sys_clone3+0x10/0x10
[ 1770.729272][T27811]  do_syscall_64+0xc9/0xf80
[ 1770.729303][T27811]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1770.729328][T27811] RIP: 0033:0x7fc78cd9acb9
[ 1770.729347][T27811] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1770.729372][T27811] RSP: 002b:00007fc78dd22ef8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 1770.729396][T27811] RAX: ffffffffffffffda RBX: 00000000000000a7 RCX: 00007fc78cd9acb9
[ 1770.729413][T27811] RDX: 00007fc78dd22f10 RSI: 00000000000000a7 RDI: 00007fc78dd22f10
[ 1770.729429][T27811] RBP: 00007fc78ce08bf7 R08: 0000000000000000 R09: 00000000000000a7
[ 1770.729445][T27811] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1770.729460][T27811] R13: 00007fc78d016038 R14: 00007fc78d015fa0 R15: 00007fffb4ee8f98
[ 1770.729492][T27811]  </TASK>
[ 1772.134551][T27853] FAULT_INJECTION: forcing a failure.
[ 1772.134551][T27853] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1772.159333][T27853] CPU: 0 UID: 0 PID: 27853 Comm: syz.4.4980 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1772.159376][T27853] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1772.159388][T27853] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1772.159403][T27853] Call Trace:
[ 1772.159412][T27853]  <TASK>
[ 1772.159421][T27853]  dump_stack_lvl+0x100/0x190
[ 1772.159455][T27853]  should_fail_ex.cold+0x5/0xa
[ 1772.159493][T27853]  ? prepare_alloc_pages+0x16d/0x5f0
[ 1772.159534][T27853]  should_fail_alloc_page+0xeb/0x140
[ 1772.159571][T27853]  prepare_alloc_pages+0x1f0/0x5f0
[ 1772.159609][T27853]  ? rcu_is_watching+0x12/0xc0
[ 1772.159637][T27853]  __alloc_frozen_pages_noprof+0x193/0x2410
[ 1772.159672][T27853]  ? stack_trace_save+0x8e/0xc0
[ 1772.159700][T27853]  ? __pfx_stack_trace_save+0x10/0x10
[ 1772.159726][T27853]  ? is_bpf_text_address+0x94/0x1a0
[ 1772.159767][T27853]  ? stack_depot_save_flags+0x27/0x9c0
[ 1772.159806][T27853]  ? __kernel_text_address+0xd/0x30
[ 1772.159848][T27853]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1772.159878][T27853]  ? kasan_save_stack+0x3f/0x50
[ 1772.159908][T27853]  ? kasan_save_track+0x14/0x30
[ 1772.159938][T27853]  ? snd_pcm_attach_substream+0x451/0xd60
[ 1772.159976][T27853]  ? snd_pcm_open_substream+0x90/0x1850
[ 1772.160011][T27853]  ? snd_pcm_oss_open+0x735/0x1390
[ 1772.160038][T27853]  ? soundcore_open+0x2e3/0x5a0
[ 1772.160063][T27853]  ? chrdev_open+0x234/0x6a0
[ 1772.160092][T27853]  ? vfs_open+0x82/0x3f0
[ 1772.160130][T27853]  ? __lock_acquire+0x4a5/0x2630
[ 1772.160168][T27853]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1772.160200][T27853]  ? policy_nodemask+0xed/0x4f0
[ 1772.160237][T27853]  alloc_pages_mpol+0x1fb/0x550
[ 1772.160274][T27853]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1772.160323][T27853]  alloc_pages_noprof+0x131/0x390
[ 1772.160360][T27853]  alloc_pages_exact_noprof+0x32/0xf0
[ 1772.160386][T27853]  snd_pcm_attach_substream+0x4cb/0xd60
[ 1772.160431][T27853]  snd_pcm_open_substream+0x90/0x1850
[ 1772.160471][T27853]  ? __pfx_snd_pcm_open_substream+0x10/0x10
[ 1772.160517][T27853]  snd_pcm_oss_open+0x735/0x1390
[ 1772.160557][T27853]  ? __pfx_snd_pcm_oss_open+0x10/0x10
[ 1772.160587][T27853]  ? __lock_acquire+0x4a5/0x2630
[ 1772.160621][T27853]  ? __pfx_default_wake_function+0x10/0x10
[ 1772.160650][T27853]  ? __lock_acquire+0x4a5/0x2630
[ 1772.160690][T27853]  ? do_raw_spin_lock+0x128/0x260
[ 1772.160732][T27853]  ? soundcore_open+0x231/0x5a0
[ 1772.160760][T27853]  ? __pfx_snd_pcm_oss_open+0x10/0x10
[ 1772.160790][T27853]  soundcore_open+0x2e3/0x5a0
[ 1772.160819][T27853]  ? __pfx_soundcore_open+0x10/0x10
[ 1772.160845][T27853]  chrdev_open+0x234/0x6a0
[ 1772.160874][T27853]  ? __pfx_apparmor_file_open+0x10/0x10
[ 1772.160907][T27853]  ? __pfx_chrdev_open+0x10/0x10
[ 1772.160940][T27853]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[ 1772.160976][T27853]  do_dentry_open+0x73e/0x1570
[ 1772.161004][T27853]  ? __pfx_chrdev_open+0x10/0x10
[ 1772.161035][T27853]  ? security_inode_permission+0xbf/0x250
[ 1772.161077][T27853]  vfs_open+0x82/0x3f0
[ 1772.161117][T27853]  path_openat+0x21dc/0x3120
[ 1772.161156][T27853]  ? __pfx_path_openat+0x10/0x10
[ 1772.161196][T27853]  do_filp_open+0x1f7/0x420
[ 1772.161228][T27853]  ? __pfx_do_filp_open+0x10/0x10
[ 1772.161277][T27853]  ? _raw_spin_unlock+0x28/0x50
[ 1772.161301][T27853]  ? alloc_fd+0x476/0x790
[ 1772.161348][T27853]  do_sys_openat2+0x12e/0x220
[ 1772.161386][T27853]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1772.161436][T27853]  __x64_sys_openat+0x12d/0x210
[ 1772.161475][T27853]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1772.161513][T27853]  ? xfd_validate_state+0x129/0x190
[ 1772.161562][T27853]  do_syscall_64+0xc9/0xf80
[ 1772.161594][T27853]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1772.161620][T27853] RIP: 0033:0x7f341eb9acb9
[ 1772.161640][T27853] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1772.161665][T27853] RSP: 002b:00007f341fa60028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1772.161691][T27853] RAX: ffffffffffffffda RBX: 00007f341ee15fa0 RCX: 00007f341eb9acb9
[ 1772.161708][T27853] RDX: 0000000000020342 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[ 1772.161724][T27853] RBP: 00007f341ec08bf7 R08: 0000000000000000 R09: 0000000000000000
[ 1772.161739][T27853] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1772.161754][T27853] R13: 00007f341ee16038 R14: 00007f341ee15fa0 R15: 00007fffdb8cbbf8
[ 1772.161786][T27853]  </TASK>
[ 1772.751472][T27811] memory: usage 3072kB, limit 3072kB, failcnt 123450
[ 1772.758229][T27811] memory+swap: usage 3276kB, limit 9007199254740988kB, failcnt 0
[ 1772.766037][T27811] kmem: usage 2916kB, limit 9007199254740988kB, failcnt 0
[ 1772.773616][T27811] Memory cgroup stats for /syz2:
[ 1772.773770][T27811] cache 0
[ 1772.781717][T27811] rss 0
[ 1772.784486][T27811] rss_huge 0
[ 1772.787687][T27811] shmem 0
[ 1772.790769][T27811] mapped_file 0
[ 1772.794249][T27811] dirty 0
[ 1772.797205][T27811] writeback 0
[ 1772.800550][T27811] workingset_refault_anon 31634
[ 1772.807433][T27811] workingset_refault_file 15348
[ 1772.812372][T27811] swap 208896
[ 1772.815693][T27811] swapcached 159744
[ 1772.819575][T27811] pgpgin 763528
[ 1772.823255][T27811] pgpgout 800887
[ 1772.827107][T27811] pgfault 990121
[ 1772.830777][T27811] pgmajfault 14502
[ 1772.834514][T27811] inactive_anon 40960
[ 1772.838501][T27811] active_anon 118784
[ 1772.842458][T27811] inactive_file 0
[ 1772.846110][T27811] active_file 0
[ 1772.849615][T27811] unevictable 0
[ 1772.853095][T27811] hierarchical_memory_limit 3145728
[ 1772.858318][T27811] hierarchical_memsw_limit 9223372036854771712
[ 1772.864551][T27811] total_cache 0
[ 1772.868018][T27811] total_rss 0
[ 1772.871386][T27811] total_rss_huge 0
[ 1772.875132][T27811] total_shmem 0
[ 1772.878590][T27811] total_mapped_file 0
[ 1772.882621][T27811] total_dirty 0
[ 1772.886085][T27811] total_writeback 0
[ 1772.889936][T27811] total_workingset_refault_anon 31634
[ 1772.895414][T27811] total_workingset_refault_file 15348
[ 1772.900829][T27811] total_swap 208896
[ 1772.906650][T27811] total_swapcached 159744
[ 1772.911067][T27811] total_pgpgin 763528
[ 1772.915049][T27811] total_pgpgout 800887
[ 1772.919125][T27811] total_pgfault 990121
[ 1772.923274][T27811] total_pgmajfault 14502
[ 1772.927546][T27811] total_inactive_anon 40960
[ 1772.932368][T27811] total_active_anon 118784
[ 1772.936787][T27811] total_inactive_file 0
[ 1772.940981][T27811] total_active_file 0
[ 1772.944968][T27811] total_unevictable 0
[ 1772.948950][T27811] anon_cost 17
[ 1772.952397][T27811] file_cost 0
[ 1772.955688][T27811] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.4969,pid=27809,uid=0
[ 1772.970707][T27811] Memory cgroup out of memory: Killed process 27809 (syz.2.4969) total-vm:102328kB, anon-rss:1336kB, file-rss:22716kB, shmem-rss:0kB, UID:0 pgtables:140kB oom_score_adj:1000
[ 1773.891008][T27858] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4981'.
[ 1775.673859][T19943] ------------[ cut here ]------------
[ 1775.679513][T19943] ODEBUG: free active (active state 0) object: ffff88805b305460 object type: timer_list hint: hci_devcd_timeout+0x0/0x2e0
[ 1775.692336][T19943] WARNING: lib/debugobjects.c:612 at debug_print_object+0x18e/0x2a0, CPU#0: syz-executor/19943
[ 1775.702978][T19943] Modules linked in:
[ 1775.706914][T19943] CPU: 0 UID: 0 PID: 19943 Comm: syz-executor Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1775.718147][T19943] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1775.724756][T19943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1775.735104][T19943] RIP: 0010:debug_print_object+0x19b/0x2a0
[ 1775.741223][T19943] Code: b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 4f 48 8d 3d c2 e0 d4 0b 41 56 48 8b 14 dd 60 44 fa 8b 4c 89 e6 <67> 48 0f b9 3a 58 83 05 1c a3 ca 0b 01 48 83 c4 18 5b 5d 41 5c 41
[ 1775.761239][T19943] RSP: 0018:ffffc9000420f708 EFLAGS: 00010246
[ 1775.767340][T19943] RAX: dffffc0000000000 RBX: 0000000000000003 RCX: 0000000000000000
[ 1775.776469][T19943] RDX: ffffffff8bfa43a0 RSI: ffffffff8bfa3fc0 RDI: ffffffff90c1dff0
[ 1775.785328][T19943] RBP: 0000000000000001 R08: ffff88805b305460 R09: ffffffff8b92b8a0
[ 1775.793722][T19943] R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff8bfa3fc0
[ 1775.801889][T19943] R13: ffffffff8b92b8e0 R14: ffffffff8a8042d0 R15: ffffc9000420f808
[ 1775.810473][T19943] FS:  0000000000000000(0000) GS:ffff8881245e3000(0000) knlGS:0000000000000000
[ 1775.819582][T19943] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1775.826209][T19943] CR2: 00007fc78cfde0b0 CR3: 000000007d78a000 CR4: 00000000003526f0
[ 1775.834269][T19943] Call Trace:
[ 1775.837563][T19943]  <TASK>
[ 1775.840571][T19943]  ? __pfx_hci_devcd_timeout+0x10/0x10
[ 1775.846079][T19943]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 1775.851961][T19943]  debug_check_no_obj_freed+0x4da/0x630
[ 1775.857605][T19943]  ? __pfx_debug_check_no_obj_freed+0x10/0x10
[ 1775.863757][T19943]  ? __page_table_check_zero+0x333/0x410
[ 1775.869433][T19943]  ? __page_table_check_zero+0x333/0x410
[ 1775.876174][T19943]  ? __page_table_check_zero+0x338/0x410
[ 1775.882649][T19943]  __free_frozen_pages+0x358/0x1130
[ 1775.887896][T19943]  hci_release_dev+0x4ef/0x630
[ 1775.892816][T19943]  ? __pfx_hci_release_dev+0x10/0x10
[ 1775.898117][T19943]  ? rcu_is_watching+0x12/0xc0
[ 1775.902967][T19943]  ? kfree+0x2a9/0x690
[ 1775.907058][T19943]  bt_host_release+0x6a/0xb0
[ 1775.911715][T19943]  ? __pfx_bt_host_release+0x10/0x10
[ 1775.917022][T19943]  device_release+0xa4/0x240
[ 1775.921733][T19943]  kobject_put+0x1f7/0x640
[ 1775.926197][T19943]  put_device+0x1f/0x30
[ 1775.930418][T19943]  vhci_release+0x185/0x230
[ 1775.934980][T19943]  ? __pfx_vhci_release+0x10/0x10
[ 1775.940084][T19943]  __fput+0x3ff/0xb40
[ 1775.944123][T19943]  task_work_run+0x150/0x240
[ 1775.948767][T19943]  ? __pfx_task_work_run+0x10/0x10
[ 1775.953946][T19943]  ? do_raw_spin_unlock+0x145/0x1e0
[ 1775.959238][T19943]  do_exit+0x829/0x2a30
[ 1775.963421][T19943]  ? anon_pipe_read+0xc1c/0x1200
[ 1775.968379][T19943]  ? __pfx_do_exit+0x10/0x10
[ 1775.973300][T19943]  ? do_raw_spin_lock+0x128/0x260
[ 1775.979501][T19943]  ? find_held_lock+0x2b/0x80
[ 1775.984211][T19943]  ? get_signal+0x7e0/0x21e0
[ 1775.988913][T19943]  do_group_exit+0xd5/0x2a0
[ 1775.994272][T19943]  get_signal+0x1ec7/0x21e0
[ 1775.998829][T19943]  ? security_file_permission+0x76/0x210
[ 1776.004619][T19943]  ? __pfx_get_signal+0x10/0x10
[ 1776.009579][T19943]  ? __pfx_vfs_read+0x10/0x10
[ 1776.014280][T19943]  ? security_file_free+0xb9/0x180
[ 1776.019500][T19943]  arch_do_signal_or_restart+0x91/0x770
[ 1776.025103][T19943]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1776.031375][T19943]  ? ksys_read+0x1ac/0x250
[ 1776.035821][T19943]  exit_to_user_mode_loop+0x86/0x4b0
[ 1776.041208][T19943]  ? rcu_is_watching+0x12/0xc0
[ 1776.045996][T19943]  do_syscall_64+0x4ea/0xf80
[ 1776.050696][T19943]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1776.056614][T19943] RIP: 0033:0x7f1a20b5b58e
[ 1776.061133][T19943] Code: Unable to access opcode bytes at 0x7f1a20b5b564.
[ 1776.068156][T19943] RSP: 002b:00007ffea9387ce8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1776.076677][T19943] RAX: fffffffffffffe00 RBX: 000055557a0e7500 RCX: 00007f1a20b5b58e
[ 1776.085813][T19943] RDX: 0000000000000030 RSI: 00007ffea9387de0 RDI: 00000000000000f9
[ 1776.094617][T19943] RBP: 00007ffea9387d8c R08: 0000000000000000 R09: 0000000000000000
[ 1776.102660][T19943] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000258
[ 1776.110745][T19943] R13: 00000000000927c0 R14: 00000000001b14fa R15: 00007ffea9387de0
[ 1776.118752][T19943]  </TASK>
[ 1776.121820][T19943] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 1776.129122][T19943] CPU: 0 UID: 0 PID: 19943 Comm: syz-executor Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1776.140254][T19943] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1776.146759][T19943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[ 1776.156825][T19943] Call Trace:
[ 1776.160115][T19943]  <TASK>
[ 1776.163073][T19943]  dump_stack_lvl+0x100/0x190
[ 1776.167773][T19943]  vpanic+0x20d/0x630
[ 1776.171793][T19943]  panic+0xd1/0xd1
[ 1776.175547][T19943]  ? __pfx_panic+0x10/0x10
[ 1776.180000][T19943]  ? check_panic_on_warn+0x1f/0x90
[ 1776.185143][T19943]  check_panic_on_warn.cold+0x19/0x34
[ 1776.190530][T19943]  ? debug_print_object+0x18e/0x2a0
[ 1776.195745][T19943]  __warn.cold+0x191/0x2f8
[ 1776.200185][T19943]  __report_bug+0x296/0x3d0
[ 1776.204702][T19943]  ? debug_print_object+0x18e/0x2a0
[ 1776.209925][T19943]  ? __pfx___report_bug+0x10/0x10
[ 1776.214979][T19943]  ? unwind_next_frame+0x3c8/0x1ea0
[ 1776.220207][T19943]  report_bug_entry+0xe1/0x290
[ 1776.225004][T19943]  ? debug_print_object+0x19b/0x2a0
[ 1776.230233][T19943]  handle_bug+0x1c9/0x2a0
[ 1776.234617][T19943]  exc_invalid_op+0x17/0x50
[ 1776.239168][T19943]  asm_exc_invalid_op+0x1a/0x20
[ 1776.244042][T19943] RIP: 0010:debug_print_object+0x19b/0x2a0
[ 1776.249879][T19943] Code: b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 4f 48 8d 3d c2 e0 d4 0b 41 56 48 8b 14 dd 60 44 fa 8b 4c 89 e6 <67> 48 0f b9 3a 58 83 05 1c a3 ca 0b 01 48 83 c4 18 5b 5d 41 5c 41
[ 1776.269546][T19943] RSP: 0018:ffffc9000420f708 EFLAGS: 00010246
[ 1776.275630][T19943] RAX: dffffc0000000000 RBX: 0000000000000003 RCX: 0000000000000000
[ 1776.283635][T19943] RDX: ffffffff8bfa43a0 RSI: ffffffff8bfa3fc0 RDI: ffffffff90c1dff0
[ 1776.291639][T19943] RBP: 0000000000000001 R08: ffff88805b305460 R09: ffffffff8b92b8a0
[ 1776.299650][T19943] R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff8bfa3fc0
[ 1776.307637][T19943] R13: ffffffff8b92b8e0 R14: ffffffff8a8042d0 R15: ffffc9000420f808
[ 1776.315646][T19943]  ? __pfx_hci_devcd_timeout+0x10/0x10
[ 1776.321165][T19943]  ? __pfx_hci_devcd_timeout+0x10/0x10
[ 1776.326661][T19943]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 1776.332504][T19943]  debug_check_no_obj_freed+0x4da/0x630
[ 1776.338094][T19943]  ? __pfx_debug_check_no_obj_freed+0x10/0x10
[ 1776.344188][T19943]  ? __page_table_check_zero+0x333/0x410
[ 1776.349846][T19943]  ? __page_table_check_zero+0x333/0x410
[ 1776.355509][T19943]  ? __page_table_check_zero+0x338/0x410
[ 1776.361167][T19943]  __free_frozen_pages+0x358/0x1130
[ 1776.366394][T19943]  hci_release_dev+0x4ef/0x630
[ 1776.371180][T19943]  ? __pfx_hci_release_dev+0x10/0x10
[ 1776.376489][T19943]  ? rcu_is_watching+0x12/0xc0
[ 1776.381270][T19943]  ? kfree+0x2a9/0x690
[ 1776.385362][T19943]  bt_host_release+0x6a/0xb0
[ 1776.389977][T19943]  ? __pfx_bt_host_release+0x10/0x10
[ 1776.395283][T19943]  device_release+0xa4/0x240
[ 1776.399908][T19943]  kobject_put+0x1f7/0x640
[ 1776.404358][T19943]  put_device+0x1f/0x30
[ 1776.408527][T19943]  vhci_release+0x185/0x230
[ 1776.413074][T19943]  ? __pfx_vhci_release+0x10/0x10
[ 1776.418122][T19943]  __fput+0x3ff/0xb40
[ 1776.422150][T19943]  task_work_run+0x150/0x240
[ 1776.426792][T19943]  ? __pfx_task_work_run+0x10/0x10
[ 1776.431930][T19943]  ? do_raw_spin_unlock+0x145/0x1e0
[ 1776.437175][T19943]  do_exit+0x829/0x2a30
[ 1776.441380][T19943]  ? anon_pipe_read+0xc1c/0x1200
[ 1776.446422][T19943]  ? __pfx_do_exit+0x10/0x10
[ 1776.451034][T19943]  ? do_raw_spin_lock+0x128/0x260
[ 1776.456079][T19943]  ? find_held_lock+0x2b/0x80
[ 1776.460766][T19943]  ? get_signal+0x7e0/0x21e0
[ 1776.465376][T19943]  do_group_exit+0xd5/0x2a0
[ 1776.469904][T19943]  get_signal+0x1ec7/0x21e0
[ 1776.474433][T19943]  ? security_file_permission+0x76/0x210
[ 1776.480117][T19943]  ? __pfx_get_signal+0x10/0x10
[ 1776.485012][T19943]  ? __pfx_vfs_read+0x10/0x10
[ 1776.489723][T19943]  ? security_file_free+0xb9/0x180
[ 1776.494882][T19943]  arch_do_signal_or_restart+0x91/0x770
[ 1776.500489][T19943]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1776.506741][T19943]  ? ksys_read+0x1ac/0x250
[ 1776.511184][T19943]  exit_to_user_mode_loop+0x86/0x4b0
[ 1776.516516][T19943]  ? rcu_is_watching+0x12/0xc0
[ 1776.521299][T19943]  do_syscall_64+0x4ea/0xf80
[ 1776.526122][T19943]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1776.532036][T19943] RIP: 0033:0x7f1a20b5b58e
[ 1776.536486][T19943] Code: Unable to access opcode bytes at 0x7f1a20b5b564.
[ 1776.543508][T19943] RSP: 002b:00007ffea9387ce8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1776.551946][T19943] RAX: fffffffffffffe00 RBX: 000055557a0e7500 RCX: 00007f1a20b5b58e
[ 1776.559953][T19943] RDX: 0000000000000030 RSI: 00007ffea9387de0 RDI: 00000000000000f9
[ 1776.567938][T19943] RBP: 00007ffea9387d8c R08: 0000000000000000 R09: 0000000000000000
[ 1776.575925][T19943] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000258
[ 1776.583931][T19943] R13: 00000000000927c0 R14: 00000000001b14fa R15: 00007ffea9387de0
[ 1776.591931][T19943]  </TASK>
[ 1776.595041][T19943] Kernel Offset: disabled
[ 1776.599382][T19943] Rebooting in 86400 seconds..