last executing test programs:

1m9.844630803s ago: executing program 3 (id=2645):
openat$auto_cgwb_debug_stats_fops_(0xffffffffffffff9c, 0x0, 0x2080, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x101200, 0x0)
socket(0xb, 0xa, 0x9)
acct$auto(&(0x7f0000000580)='ovs_flow\x00')
close_range$auto(0x2, 0x8, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0)
r1 = socket(0x2, 0x1, 0x106)
bind$auto(r1, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a)
r2 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_OVS_FLOW_CMD_GET(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x2c, r2, 0x1, 0x70bd25, 0x25dfdc02, {}, [@OVS_FLOW_ATTR_PROBE={0x4}, @OVS_FLOW_ATTR_KEY={0x14, 0x1, 0x0, 0x1, [@nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0xb, 0x0, 0x0, @u64=0x400008}]}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x200400f0}, 0x4)
r4 = syz_clone3(&(0x7f0000000480)={0x2020000, &(0x7f0000000200), &(0x7f0000000240), &(0x7f0000000280), {0x24}, &(0x7f00000002c0)=""/155, 0x9b, &(0x7f0000000380)=""/177, &(0x7f0000000440)=[0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x0], 0x6}, 0x58)
sendmsg$auto_OVS_FLOW_CMD_SET(r1, &(0x7f0000000540)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000500)={&(0x7f00000005c0)={0x4c8, r2, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@OVS_FLOW_ATTR_PROBE={0x4}, @OVS_FLOW_ATTR_UFID={0x5, 0x9, 0x7c}, @OVS_FLOW_ATTR_UFID_FLAGS={0x8, 0xa, 0x6}, @OVS_FLOW_ATTR_KEY={0x49f, 0x1, 0x0, 0x1, [@typed={0x8, 0xcf, 0x0, 0x0, @u32=0x6}, @generic="bd543b0e1b33bef83a387f76caef71d652d3e45dfad7cc820b4ca4c42b3bc4afad00e65a311d486c41ae307a8dd1ce3c94ee237e80fa04bc9b6a168644133c5db76aa7c62f4547bcd278d19b9e6f204eee2459aa46d1ac95e90d694d051bf708003a96dab71ac51bcb661d", @generic="c9647cfe9aef09fb9f345b78f11eb5f973505708fea08aabee865610b2df452fd10a5da2bd63bcd85271cf268665e9e84241f312a091f0c488ee0e4525cd0b8ef794f3d1c90e15c1ca2437b257eb0df01ff255d6f47f90440af276fe71c77d3a3e62869c5c3de1e4d61aeb51991e323d3b418e227c12b65b26df6f11e4051c867f5875ae76d035af26663558fbc0cbe1be3d4cc2207099f67a95298aeff22b6e768959ab", @nested={0x2d0, 0x3a, 0x0, 0x1, [@typed={0x20, 0x50, 0x0, 0x0, @str='/sys/kernel/debug/asoc/dais\x00'}, @nested={0x6f, 0x109, 0x0, 0x1, [@nested={0x4, 0xcd}, @generic="3f6461b77eb33001710c86ce5b7b6c78146de52ff2d0c410490beb848eea82669230664c676aa4366acd9d8454414ba4afe9382d2ffa5d094fdc572788fba26679e99f32008d96bca1d354927382c5835ba3315ae82094b2af98b006d0cadfbe0cc376821569ea"]}, @generic, @typed={0xc, 0x8d, 0x0, 0x0, @str='M}+&#--\x00'}, @typed={0xc, 0x6c, 0x0, 0x0, @u64=0x1}, @nested={0xb4, 0x147, 0x0, 0x1, [@nested={0x4, 0x44}, @typed={0xc, 0xe4, 0x0, 0x0, @u64=0x1000}, @generic="9a7d8afc2b9079ff8f59d16336cee460ff597ac0a4d24129c3e4241ade8676b933b2a52f23783ac8823d02e8007560182c5d30761773876053d7f7d0f9d4a24e0bbb1192e515a43a9943608dec767a6d4cb41bde906bd40549f55a33bbd33770900e5463c88cbf498ab35f38fe5a793759ab930df9d102f33c13d4607d5ff9c0709fa6776136938819e9c3b72ace3c9aa0c1c7abf0a5dee82aff9b05cf07254c"]}, @nested={0x164, 0x43, 0x0, 0x1, [@typed={0x14, 0xa2, 0x0, 0x0, @ipv6=@empty}, @typed={0x14, 0x4b, 0x0, 0x0, @ipv6=@private0={0xfc, 0x0, '\x00', 0x1}}, @generic="4452db6dc4d5b03e20a6df4da1a9487e7eb78543cbb79879b9f512cffc69e4548a837acd6ff60d1e28403a770fa57b41502d8ee71ceadd5fc2416b714aa3db440c9e0f627e6b9683864db080b708cfc270e67f530d873560cd599dec0edbca0c184e6ee495fa28eb213c91765d1c5ca0ca721df6d1deb9e05e2a4f0c771df1e4103685e1312ff10400660ceb6b8e007d3547db74e959daf4750f678ed89dda3c1d7e26287c2fe89ea8c7a6011a2f664e53cde7cf2b7b41b6ab59681b0513306000d5015df6156694", @generic="9212a53ab5af0ea7f69ec16aef3236eb1f93b9898bdfbdf6730e56276c52f755255047ace368333d937a79ecc0fcc0cd47cdfc4a7318912c0ec0661b43e94353264abd078e24e8843556e56963edb956e51e6b89078b422e085834a14ec5aaacd22e098d6545ac41f197fa892c3b59ac"]}, @nested={0xc, 0x24, 0x0, 0x1, [@nested={0x4, 0x4d}, @nested={0x4, 0xda}]}]}, @nested={0x18, 0x15a, 0x0, 0x1, [@typed={0x14, 0x58, 0x0, 0x0, @ipv6=@private1}]}, @typed={0x8, 0x40, 0x0, 0x0, @pid=r4}, @nested={0x10, 0x29, 0x0, 0x1, [@nested={0x4, 0x29}, @typed={0x8, 0x115, 0x0, 0x0, @fd=r0}]}, @generic="1e015482acd01ae374ff207e3f02550a4fa0deac25837528c119ec224f5703139551bf11c5a00960999bfa3b43bb65c59ea93d2ad3f385bd486f3b15007762751eff70fd2ca64820266f62a3e64d7ab27e456abda92dd86a391203ae0dfa830e7721086469bdd4d7e424e67f", @nested={0x18, 0x13, 0x0, 0x1, [@typed={0x14, 0x11, 0x0, 0x0, @ipv6=@empty}]}]}]}, 0x4c8}, 0x1, 0x0, 0x0, 0x4}, 0x24004001)
mmap$auto(0x0, 0x20006, 0xdf, 0xeb1, 0x401, 0x8000)
r5 = socket(0x2, 0x80802, 0x0)
setsockopt$auto(r5, 0x11, 0x68, 0x0, 0x8)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
r6 = openat$auto_dai_list_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x90000, 0x0)
getdents64$auto(r6, &(0x7f00000000c0)={0x40, 0x8, 0x8c, 0xe7, "a808b42c4a8d2bb4fe6aadfe4f2763362a0a1e46f0a41c6f1d94fdf8809ac8b80c9148f99a21042c8c29df52b0fff62a20d0c9ddc03908960d85635c4da2cd42a0b217335ac1147ae7694cdeda53377598b27897f60b52388da8c8e4b8798fb8b5d1cf2024466cbfa2b728ff9f4a6d0bc5d343fb9d822f3ad57bce704a8cf086c271f3"}, 0xc2d)
write$auto(0x3, 0x0, 0xfffffdef)
close_range$auto(0x2, 0x8, 0x0)
ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$auto(0x3, 0xc048aec8, 0xffffffffffffffff)
openat$auto_fake_panic_fops_(0xffffffffffffff9c, &(0x7f0000000b00), 0x10000, 0x0)
clock_settime$auto(0x6, &(0x7f0000000ac0)={0x2, 0x6})

1m8.803916134s ago: executing program 3 (id=2649):
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
r0 = openat$auto_ns_file_operations_nsfs(0xffffffffffffff9c, 0x0, 0x800, 0x0)
open_by_handle_at$auto(r0, 0x0, 0x1)
close_range$auto(0x2, 0x8, 0x0)
socket(0x1e, 0x1, 0x7)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
prctl$auto_PR_SET_VMA_ANON_NAME(0x6, 0x0, 0x0, 0x1, 0x1)
socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x55)
r1 = openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/trace_pipe\x00', 0x800880, 0x0)
read$auto_tracing_pipe_fops_trace(r1, 0x0, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x60800, 0x0)
connect$auto(0x3, &(0x7f0000000000)=@in={0x2, 0x0, @rand_addr=0xfffffffe}, 0x55)
capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48})
capset$auto(0x0, 0x0)
close_range$auto(0x2, 0x8000, 0x0)
r2 = socket(0x11, 0x80003, 0x3ff)
setsockopt$auto(r2, 0x107, 0xf, 0x0, 0x6)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000100)={{&(0x7f0000000000), 0x5ac, &(0x7f00000000c0)={&(0x7f0000000080)="4c0300006b", 0x49}, 0x2, 0x0, 0x5, 0x1}, 0x5}, 0x2, 0x100)
io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x11, 0x6, 0x7fff, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x2df, 0x500, 0x81, 0x101, 0x6, 0x2}, {0x100, 0x1, 0x52, 0x5, 0x10001, 0x40, 0x76c5, 0x8, 0x7fffffffffffffff}})
close_range$auto(0x2, 0x8, 0x0)
socket(0x8, 0x4, 0x0)
socket(0x1d, 0x2, 0x6)
socket(0x2, 0x2, 0x1)
bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, 0x0, 0xfd}, 0x6a)
write$auto(0x3, 0x0, 0x7d)

1m8.110619746s ago: executing program 3 (id=2651):
openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
socket(0x2, 0x80002, 0x73)
unshare$auto(0x40000080)
lstat$auto(0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), 0xffffffffffffffff)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/cpu/smt/control\x00', 0x2ab42, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000040)='1', 0x1)
sendmsg$auto_NL80211_CMD_VENDOR(r0, &(0x7f0000001780)={0x0, 0x0, &(0x7f0000001740)={&(0x7f0000001700)={0x1c, r1, 0x705, 0x70bd27, 0x25dfdbfb, {}, [@NL80211_ATTR_SAE_PWE={0x5, 0x12a, 0x40}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x80)
openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x4000, 0x0)
socket(0xa, 0x1, 0x84)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54)
shutdown$auto(0x200000003, 0x2)
mmap$auto(0x200, 0x400008, 0xdc, 0x9b72, 0x2, 0x8000)
capget$auto(0x0, 0xfffffffffffffffe)
capset$auto(0x0, &(0x7f0000000000)={0x3, 0x7, 0x8})
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000005c0)='/sys/devices/virtual/nfc/nfc1/rfkill1/soft\x00', 0xa3182, 0x0)
sendfile$auto(r3, r3, 0x0, 0xffffffff)
write$auto(0x3, 0x0, 0xfdef)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ioam6(&(0x7f0000000040), 0xffffffffffffffff)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
mmap$auto(0x1, 0x20009, 0xdf, 0x12, 0x40000000000a5, 0x8000)
ioctl$auto(0x3, 0x402c542d, 0xffffffffffffffff)
r4 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x501, 0x0)
ioctl$auto_FUSE_DEV_IOC_CLONE(r4, 0x8004e500, 0x0)
mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x80000, 0x0)
r5 = socket(0x2c, 0x80000, 0x6)
setsockopt$auto(r5, 0x29, 0x19, 0x0, 0x0)

1m6.59572863s ago: executing program 3 (id=2657):
mmap$auto(0x1000000000, 0x2020009, 0xfffffffffffffffd, 0x14, 0xfffffffffffffffa, 0x8d8)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0)
openat$auto_evm_key_ops_evm_secfs(0xffffffffffffff9c, &(0x7f00000000c0), 0x38000, 0x0)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x2, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x2, 0x0)
r1 = epoll_create$auto(0x8800001)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
epoll_ctl$auto(r1, 0x1, r0, 0x0)

1m6.369092154s ago: executing program 3 (id=2659):
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
r0 = openat$auto_ns_file_operations_nsfs(0xffffffffffffff9c, 0x0, 0x800, 0x0)
open_by_handle_at$auto(r0, 0x0, 0x1)
close_range$auto(0x2, 0x8, 0x0)
socket(0x1e, 0x1, 0x7)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
prctl$auto_PR_SET_VMA_ANON_NAME(0x6, 0x0, 0x0, 0x1, 0x1)
socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x55)
r1 = openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/trace_pipe\x00', 0x800880, 0x0)
read$auto_tracing_pipe_fops_trace(r1, 0x0, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x60800, 0x0)
connect$auto(0x3, &(0x7f0000000000)=@in={0x2, 0x0, @rand_addr=0xfffffffe}, 0x55)
capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48})
capset$auto(0x0, 0x0)
close_range$auto(0x2, 0x8000, 0x0)
r2 = socket(0x11, 0x80003, 0x3ff)
setsockopt$auto(r2, 0x107, 0xf, 0x0, 0x6)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000100)={{&(0x7f0000000000), 0x5ac, &(0x7f00000000c0)={&(0x7f0000000080)="4c0300006b", 0x49}, 0x2, 0x0, 0x5, 0x1}, 0x5}, 0x2, 0x100)
io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x11, 0x6, 0x7fff, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x2df, 0x500, 0x81, 0x101, 0x6, 0x2}, {0x100, 0x1, 0x52, 0x5, 0x10001, 0x40, 0x76c5, 0x8, 0x7fffffffffffffff}})
close_range$auto(0x2, 0x8, 0x0)
socket(0x8, 0x4, 0x0)
socket(0x1d, 0x2, 0x6)
socket(0x2, 0x2, 0x1)
bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, 0x0, 0xfd}, 0x6a)
write$auto(0x3, 0x0, 0x7d)

1m5.169198117s ago: executing program 3 (id=2661):
r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
write$auto_console_fops_tty_io(r0, &(0x7f0000000000)="c80d1b5d399b5b", 0xfdef) (fail_nth: 4)

1m1.775257253s ago: executing program 1 (id=2673):
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
socket(0x2c, 0x1, 0x0)
mknodat$auto(0xffffffffffffffff, 0x0, 0xfff, 0xfffffff8)
read$auto(0xffffffffffffffff, &(0x7f0000000100)='nl80211\x00', 0xbe62)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000400), r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000140)={'wlan1\x00', <r3=>0x0})
sendmsg$auto_NL80211_CMD_GET_INTERFACE(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="010b27bd7000fda5c5a62073660008000300", @ANYRES32=r3], 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x4040080)
syz_genetlink_get_family_id$auto_nl802154(0x0, r0)

1m1.407999157s ago: executing program 1 (id=2675):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0x400053, 0x9)
socket(0xb, 0x80000, 0x400003)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
socket(0x2b, 0x2, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000002)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xfffffffffffffffb)
ioctl$auto_SOUND_PCM_READ_CHANNELS(r0, 0x80045006, &(0x7f0000000240))
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x787b, 0x7000000)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0)
r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/fail-nth\x00', 0x100102, 0x0)
write$auto(r3, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x3)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84L\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xff\a\x00\x00\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000000), r1)

1m0.374967755s ago: executing program 1 (id=2678):
write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9)
r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
write$auto_console_fops_tty_io(r0, &(0x7f0000000000)="c8001b5d399b50", 0x7)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, 0x0, 0x121000, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0)
write$auto_ocfs2_control_fops_stack_user(r1, &(0x7f0000003900)='\t', 0x1)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/memory_hotplug/parameters/online_policy\x00', 0x2, 0x0)
read$auto(r2, 0x0, 0x800)
mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, 0xffffffffffffffff, 0x8000)
keyctl$auto(0x1f, 0x1, 0x6, 0x0, 0x3ff)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0x8, 0xe)

59.305398434s ago: executing program 1 (id=2684):
mmap$auto(0x1000000000, 0x2020009, 0xfffffffffffffffd, 0x14, 0xfffffffffffffffa, 0x8d8)
r0 = openat$auto_evm_key_ops_evm_secfs(0xffffffffffffff9c, 0x0, 0x38000, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, r0, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x2, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
open(&(0x7f0000000040)='./cgroup.cpu/cgroup.procs\x00', 0x101840, 0x33903f3ada88772b)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x2, 0x0)
capset$auto(0x0, 0x0)
r2 = epoll_create$auto(0x8800001)
r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
write$auto(r3, &(0x7f0000000280)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
epoll_ctl$auto(r2, 0x1, r1, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r4=>0x0})
bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r4}, 0x6a)
sendto$auto(0xffffffffffffffff, 0x0, 0x6fffff9, 0xfffffff8, &(0x7f0000000440)=@can, 0x36)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0x4)
r5 = socket(0x1d, 0x2, 0x7)
r6 = socket(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'vcan0\x00'})
bind$auto(r5, &(0x7f0000000000)=@nl=@kern={0x10, 0x0, 0x0, 0x20}, 0x6a)
connect$auto(0x3, &(0x7f00000018c0)=@can, 0x18)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0x1ffcc}, 0x1, 0x0, 0x0, 0x6b6}, 0x7}, 0x3, 0xff)

58.975709504s ago: executing program 1 (id=2686):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0x400053, 0x9)
socket(0xb, 0x80000, 0x400003)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
socket(0x2b, 0x2, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000002)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xfffffffffffffffb)
ioctl$auto_SOUND_PCM_READ_CHANNELS(r0, 0x80045006, &(0x7f0000000240))
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x787b, 0x7000000)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0)
r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/fail-nth\x00', 0x100102, 0x0)
write$auto(r3, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x3)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84L\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xff\a\x00\x00\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000000), r1)

57.876267471s ago: executing program 1 (id=2690):
socket(0x2, 0x1, 0x106)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
getcwd$auto(0x0, 0xffffffffffffffff)
setsockopt$auto(0x3, 0x0, 0x1, 0x0, 0x2)
r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0)
ioctl$auto_UDMABUF_CREATE_LIST(0xffffffffffffffff, 0x40087543, &(0x7f00000000c0)={0x4, 0x8, [{0xffffffffffffffff, 0x0, 0xfffffffffffffffe, 0x8000000ba1}, {0xffffffffffffffff, 0x0, 0x400, 0x5}, {0xffffffffffffffff, 0x0, 0x2, 0x2}]})
ioctl$auto_FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080))
mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0xa)
rt_sigqueueinfo$auto(0x0, 0x4, &(0x7f0000000000)={@siginfo_0_0={0xf5, 0x14, 0x7e73, @_timer={0x0, 0x80000001, @sival_int=0x81, 0x1}}})
r1 = socket(0x11, 0x3, 0x9)
sendmmsg$auto(r1, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000100)={&(0x7f00000004c0)="5959e7488ae601000000000086dd", 0xe7}, 0x8, &(0x7f0000000180), 0x5, 0x2}, 0x5}, 0xffffffff, 0xfd)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000002180)='/dev/snd/pcmC0D0p\x00', 0x5dd4da66949dcc61, 0x0)
r2 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/renderD128\x00', 0x0, 0x0)
ioctl$auto(r2, 0x800064d1, r2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/tty17\x00', 0x20001, 0x0)
write$auto_tty_fops_tty_io(r4, &(0x7f0000000380)="976f09bd68850edbe36136c8dda8a7f1165cca065833fd9b640f0000000000f6c02b55fba44503225c5a3b744483659ef0c4613e29c45e81dc254bfbf94d8d9ee2ab6b2bd118171e0f8b5196a37d4a987e883f68f01b0da50221d5e9bc0b0d91a686f83437ebf120bea1748257fd60f911f4", 0x72)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/power/resume\x00', 0x189002, 0x0)
io_uring_register$auto_IORING_REGISTER_IOWQ_MAX_WORKERS(r3, 0x13, &(0x7f0000000000)="468bd6b7f8f6c10e17d14c5a17cc2d74f93072ff2187c16ce1e1b50688eafd033b7b85573464b46fc1947beecc12300196a4bfc5021559cfc5067c53fdf5c044641a8acbb64f4e4dc881da61aeb77e5e2e71920bf4a0ddb0f8d0f26d58005573b6dec76d88c813c3864ec473", 0x6)
openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000180), 0x8203f, 0x0)
timerfd_settime$auto(0xffffffffffffffff, 0x3, &(0x7f0000004540)={{0xfffffffffffffff7, 0x8}, {0x9, 0x3}}, 0x0)
r5 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(r5, r5, 0x0)
r6 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vbi3\x00', 0x2af01, 0x0)
ioctl$auto(r6, 0xc0585611, r6)

49.362242385s ago: executing program 32 (id=2661):
r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
write$auto_console_fops_tty_io(r0, &(0x7f0000000000)="c80d1b5d399b5b", 0xfdef) (fail_nth: 4)

41.921001573s ago: executing program 33 (id=2690):
socket(0x2, 0x1, 0x106)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
getcwd$auto(0x0, 0xffffffffffffffff)
setsockopt$auto(0x3, 0x0, 0x1, 0x0, 0x2)
r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0)
ioctl$auto_UDMABUF_CREATE_LIST(0xffffffffffffffff, 0x40087543, &(0x7f00000000c0)={0x4, 0x8, [{0xffffffffffffffff, 0x0, 0xfffffffffffffffe, 0x8000000ba1}, {0xffffffffffffffff, 0x0, 0x400, 0x5}, {0xffffffffffffffff, 0x0, 0x2, 0x2}]})
ioctl$auto_FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080))
mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0xa)
rt_sigqueueinfo$auto(0x0, 0x4, &(0x7f0000000000)={@siginfo_0_0={0xf5, 0x14, 0x7e73, @_timer={0x0, 0x80000001, @sival_int=0x81, 0x1}}})
r1 = socket(0x11, 0x3, 0x9)
sendmmsg$auto(r1, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000100)={&(0x7f00000004c0)="5959e7488ae601000000000086dd", 0xe7}, 0x8, &(0x7f0000000180), 0x5, 0x2}, 0x5}, 0xffffffff, 0xfd)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000002180)='/dev/snd/pcmC0D0p\x00', 0x5dd4da66949dcc61, 0x0)
r2 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/renderD128\x00', 0x0, 0x0)
ioctl$auto(r2, 0x800064d1, r2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/tty17\x00', 0x20001, 0x0)
write$auto_tty_fops_tty_io(r4, &(0x7f0000000380)="976f09bd68850edbe36136c8dda8a7f1165cca065833fd9b640f0000000000f6c02b55fba44503225c5a3b744483659ef0c4613e29c45e81dc254bfbf94d8d9ee2ab6b2bd118171e0f8b5196a37d4a987e883f68f01b0da50221d5e9bc0b0d91a686f83437ebf120bea1748257fd60f911f4", 0x72)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/power/resume\x00', 0x189002, 0x0)
io_uring_register$auto_IORING_REGISTER_IOWQ_MAX_WORKERS(r3, 0x13, &(0x7f0000000000)="468bd6b7f8f6c10e17d14c5a17cc2d74f93072ff2187c16ce1e1b50688eafd033b7b85573464b46fc1947beecc12300196a4bfc5021559cfc5067c53fdf5c044641a8acbb64f4e4dc881da61aeb77e5e2e71920bf4a0ddb0f8d0f26d58005573b6dec76d88c813c3864ec473", 0x6)
openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000180), 0x8203f, 0x0)
timerfd_settime$auto(0xffffffffffffffff, 0x3, &(0x7f0000004540)={{0xfffffffffffffff7, 0x8}, {0x9, 0x3}}, 0x0)
r5 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(r5, r5, 0x0)
r6 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vbi3\x00', 0x2af01, 0x0)
ioctl$auto(r6, 0xc0585611, r6)

11.769811108s ago: executing program 4 (id=2797):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x10, 0x2, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x6, 0x1, 0x9, 0x7, 0x3b, 0x3fe, 0x1ffde, 0x7, 0x6, 0x2, 0x9, 0x3, 0x6, 0x4, 0xb2, 0x9, 0x3, 0xfffc, 0x80, 0x7, 0x40000, 0x7, 0x2000, 0x200, 0x0, 0x81, 0x0, 0x7, 0x0, 0x0, 0x0, [0x1000000001, 0x0, 0x4, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x3, 0x0, 0x9, 0x0, 0x0, 0x0, 0x7]}, 0x202, 0xd)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x8100, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x5}, 0x7, 0x0)

9.925904885s ago: executing program 4 (id=2804):
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/block2mtd/parameters/block2mtd\x00', 0x601, 0x0)
r0 = open(&(0x7f0000000800)='./file0\x00', 0x62240, 0x154)
close_range$auto(0x0, 0xfffffffffffff001, 0x2)
socket(0x2, 0x1, 0x0)
r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r0)
sendmsg$auto_NL80211_CMD_UNEXPECTED_FRAME(r0, &(0x7f0000000380)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x227feb1f88605b98}, 0xc, &(0x7f0000000340)={&(0x7f00000001c0)={0x18, r1, 0x400, 0x70bd2c, 0x25dfdbfe, {}, [@NL80211_ATTR_MLO_LINK_DISABLED={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x40040095}, 0x0)
socket(0xa, 0x1, 0x0)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, r2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/kernel/soft_watchdog\x00', 0x0, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
readv$auto(0x3, &(0x7f0000003080)={0x0, 0x4}, 0x9)
r3 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100)
read$auto(0x3, 0x0, 0x7fffffff)
r4 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x810c00, 0x0)
ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r4, 0xc0285700, &(0x7f00000000c0)={0xfffffff7, "d01862fe819e604d4e68badb85f86d195c2182760db15e9e566832bae4a502d1", @inferred=r3})
write$auto(0x3, 0x0, 0xfffffdef)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
r5 = syz_clone(0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$auto(0x10, r5, 0x4, 0x8000040006)
ptrace$auto_PTRACE_GETSIGMASK(0x420a, r5, 0x1, 0x9)
semtimedop$auto(0x2, 0x0, 0xa2, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000000), 0x902, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/003/001\x00', 0x8001, 0x0)

9.338415495s ago: executing program 2 (id=2806):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0x400053, 0x9)
r0 = socket(0xb, 0x80000, 0x400003)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
r1 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xfffffffffffffffb)
ioctl$auto_SOUND_PCM_READ_CHANNELS(r1, 0x80045006, &(0x7f0000000240))
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x787b, 0x7000000)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r3 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/020/001\x00', 0xa901, 0x0)
ioctl$auto_USBDEVFS_SUBMITURB32(r3, 0x802c550a, &(0x7f0000000180)=ANY=[@ANYBLOB, @ANYRES16, @ANYRES8])
ioctl$auto(0xffffffffffffffff, 0x4008550d, r3)
ioctl$auto(0xffffffffffffffff, 0x4b30, 0xffffffffffffffff)
write$auto(r0, 0x0, 0x200)
write$auto(0x3, 0x0, 0x100082)
r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0)
r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/fail-nth\x00', 0x100102, 0x0)
write$auto(r5, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x3)
write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84L\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xff\a\x00\x00\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000000), r2)
r6 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r6, 0xae01, 0x0)
mlock$auto(0x112, 0x80006)

8.751208492s ago: executing program 4 (id=2809):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket(0xa, 0x2, 0x0)
close_range$auto(0x2, 0x8000, 0x0)
socket(0x18, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r0)
ioctl$auto_KVM_CREATE_VM(r1, 0xc018ae85, 0x0)

7.626960277s ago: executing program 0 (id=2810):
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
r0 = openat$auto_ns_file_operations_nsfs(0xffffffffffffff9c, 0x0, 0x800, 0x0)
open_by_handle_at$auto(r0, 0x0, 0x1)
close_range$auto(0x2, 0x8, 0x0)
socket(0x1e, 0x1, 0x7)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
prctl$auto_PR_SET_VMA_ANON_NAME(0x6, 0x0, 0x0, 0x1, 0x1)
socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x55)
r1 = openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/trace_pipe\x00', 0x800880, 0x0)
read$auto_tracing_pipe_fops_trace(r1, 0x0, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x60800, 0x0)
connect$auto(0x3, &(0x7f0000000000)=@in={0x2, 0x0, @rand_addr=0xfffffffe}, 0x55)
capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48})
capset$auto(0x0, 0x0)
close_range$auto(0x2, 0x8000, 0x0)
socket(0x11, 0x80003, 0x3ff)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000100)={{&(0x7f0000000000), 0x5ac, &(0x7f00000000c0)={&(0x7f0000000080)="4c0300006b", 0x49}, 0x2, 0x0, 0x5, 0x1}, 0x5}, 0x2, 0x100)
io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x11, 0x6, 0x7fff, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x2df, 0x500, 0x81, 0x101, 0x6, 0x2}, {0x100, 0x1, 0x52, 0x5, 0x10001, 0x40, 0x76c5, 0x8, 0x7fffffffffffffff}})
close_range$auto(0x2, 0x8, 0x0)
socket(0x8, 0x4, 0x0)
r2 = socket(0x2, 0x2, 0x1)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'vxcan1\x00', <r3=>0x0})
bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r3, 0xfd}, 0x6a)
write$auto(0x3, 0x0, 0x7d)

7.477339168s ago: executing program 2 (id=2811):
mmap$auto(0x0, 0x402000a, 0xffffffffffffffff, 0x400eb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) (async)
madvise$auto(0x0, 0xffffffffffff0005, 0x19) (async)
sysinfo$auto(&(0x7f0000000000)={0x6, [0x6, 0x9, 0xc70], 0x5, 0x6, 0x3, 0x7, 0x3, 0x0, 0x902, 0x0, 0x3, 0x9, 0x7})
close_range$auto(0x2, 0x8, 0x0) (async)
socket(0x2, 0x3, 0x2) (async, rerun: 32)
setsockopt$auto(0x3, 0x0, 0xc8, 0xfffffffffffffffc, 0x4) (rerun: 32)
setsockopt$auto(0x3, 0x0, 0xc8, 0xfffffffffffffffc, 0x4)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x204880, 0x0) (async, rerun: 32)
socket$nl_generic(0x10, 0x3, 0x10) (rerun: 32)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101200, 0x0)
close_range$auto(0x2, 0x8, 0x0) (async)
r1 = socketcall$auto(0xa, 0x0) (async, rerun: 64)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) (rerun: 64)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) (async)
ioctl$auto(0x3, 0xae41, r1) (async, rerun: 64)
ioctl$auto_KVM_GET_MSRS(r0, 0x4008ae90, &(0x7f0000000000)={0x2, 0x0, [{0x80000008, 0x1, 0xffffffffffff5cb8}]}) (rerun: 64)
madvise$auto(0x0, 0x81a4, 0xf)
openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, 0x0, 0x283f4, 0x0) (async)
socket(0x10, 0x7, 0x936)

7.428433657s ago: executing program 0 (id=2812):
openat$auto_proc_setgroups_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/setgroups\x00', 0x149002, 0x0)
write$auto(0xffffffffffffffff, &(0x7f0000000080)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94&\x81\xe2\x13\x8f\xea#\xf8F\xbbOO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\b\xc1\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(', 0xa)
unshare$auto(0x40000080)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x0, 0x0, 0xffffffffffffffff, 0x1000)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
socket(0x2b, 0x1, 0x0)
listen$auto(0x3, 0x81)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x202000a, 0xffffffff, 0xdc, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0xc000000, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003f2, 0x15)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(r1, &(0x7f0000000040)='//\xf2\x00', 0x9)
getrlimit$auto(0x3, 0x0)
ioctl$auto_BLKPBSZGET(r1, 0x127b, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)

7.039192916s ago: executing program 5 (id=2813):
r0 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/security/tomoyo/profile\x00', 0x40802, 0x0)
read$auto(r0, 0x0, 0xb4d3)
mmap$auto(0x2, 0xee7, 0xdf, 0xeb0, 0x401, 0x7fffffffffffffff)
r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000340)='/proc/sys/net/ipv6/conf/veth0_to_bond/proxy_ndp\x00', 0x2, 0x0)
setsockopt$auto(r1, 0x2000006, 0xd, &(0x7f0000000200)='/proc/sys/net/ipv6onf\'veth0_to_bond/proxy_ndp\x00', 0x100003)
mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000)
write$auto(r1, &(0x7f00000001c0), 0x80000000)
write$auto(0xffffffffffffffff, 0x0, 0x2)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
waitid$auto_P_PID(0x1, 0x0, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0)
ioctl$auto(r3, 0x4b71, 0x1)
sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1e, 0x4, 0x0)
r4 = socket(0x1e, 0x4, 0x0)
get_robust_list$auto(0x0, 0x0, 0x0)
setsockopt$auto(r4, 0x10f, 0x87, 0x0, 0x14)
setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14)
recvmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0x2, &(0x7f0000000140)={0x0, 0x4da}, 0x6, 0x0, 0x8, 0x7ff}, 0x1000}, 0xffffffff, 0x4, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x230)
setgroups$auto(0xe32, 0x0)
write$auto(0x3, 0x0, 0xffd8)

6.791767553s ago: executing program 2 (id=2814):
mmap$auto(0x1000000000, 0x2020009, 0xfffffffffffffffd, 0x14, 0xfffffffffffffffa, 0x8d8)
r0 = openat$auto_evm_key_ops_evm_secfs(0xffffffffffffff9c, 0x0, 0x38000, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, r0, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x2, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
open(&(0x7f0000000040)='./cgroup.cpu/cgroup.procs\x00', 0x101840, 0x33903f3ada88772b)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x2, 0x0)
capset$auto(0x0, 0x0)
r2 = epoll_create$auto(0x8800001)
r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
write$auto(r3, &(0x7f0000000280)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
epoll_ctl$auto(r2, 0x1, r1, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@can, 0x6a)
sendto$auto(0xffffffffffffffff, 0x0, 0x6fffff9, 0xfffffff8, &(0x7f0000000440)=@can, 0x36)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0x4)
r4 = socket(0x1d, 0x2, 0x7)
r5 = socket(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'vcan0\x00'})
bind$auto(r4, &(0x7f0000000000)=@nl=@kern={0x10, 0x0, 0x0, 0x20}, 0x6a)
connect$auto(0x3, &(0x7f00000018c0)=@can, 0x18)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0x1ffcc}, 0x1, 0x0, 0x0, 0x6b6}, 0x7}, 0x3, 0xff)

6.027248369s ago: executing program 0 (id=2815):
close_range$auto(0x0, 0xfffffffffffff000, 0x0)
memfd_create$auto(&(0x7f00000000c0)='IPVS\x00\x84\x94\xbf\x7f\xe0(\xc7^M\xbe\x92\x98?I\xa5\x95V\xf2{\xd6\xc1\xc4.\xc3ja\xe8\xa1o\xb5-Z\x9dc\x152\xaew`0M\x1b3\r\x8afQ\xc2\x82W?r$\xf0\xce\x7f\x15\xa1\x13\xb2\x84\x04\xad<\x91\x85\xb22G\xf6\x8b\xba<\xe9&\x17%\x1a\xa5c\xe8\x06\xd4ok\x8a\xb2\xbaz\xf1\v\xf4\xaa\xda\x91\xfb\xea\x17~C\xb3\xc4S\xce\x83\x13\xd9\xbd{d\xfdB]\xb0R\x05b\x1b\xa5\xb8\x85\xa9\xbc5-9\x94\xa4QG\x06Z3#\x1cK\xbe\x16\xebaE~\x00\x00\x00\x00\x00', 0xa)
fchmod$auto(0x0, 0x4)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0xffffffffffffffff, 0x0)
r0 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$auto_dma_heap_fops_dma_heap(r0, 0xfbffffffffdffe00, &(0x7f0000000140)=';')
socket(0xa, 0x3, 0x3a)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/ksm/advisor_mode\x00', 0xa0340, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, 0x0, 0x0)
io_uring_setup$auto(0x2, 0x0)
socket(0xa, 0x5, 0x84)
io_uring_setup$auto(0x2, 0x0)
setsockopt$auto(0x3, 0x10000000084, 0x14, 0x0, 0x8)
timerfd_create$auto_CLOCK_BOOTTIME_ALARM(0x9, 0x7)
preadv2$auto(0xffffffffffffffff, 0x0, 0x10, 0x2, 0x3, 0xa2)
setsockopt$auto(0x400000000000003, 0x29, 0xc8, 0x0, 0x567)
unshare$auto(0x40000080)
close_range$auto(0x2, 0x8, 0x0)
ioctl$auto(0x3, 0x40086203, 0x38)

5.706930609s ago: executing program 5 (id=2816):
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
r0 = socket(0xa, 0x3, 0x3b)
connect$auto(0x3, &(0x7f0000000000)=@ethernet={0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xe}}, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mmap$auto(0x0, 0x3, 0x4000000000df, 0x400000000040eb1, r0, 0x41)
unshare$auto(0x40000080)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000540), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_GET_RADIO(r1, &(0x7f0000001900)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="26760942cceebc2ff3eb9894a2d30238264ce95fb9fd5ac0f0357b93bd9147bfb50000392dea6f0c66c981b25f3990e0ed60912d4d7af9933fc7b83352f4ea8127407b6f45c8c83793a51ca75038524948cbd1e4a00c82c11ab8b963b20676e9f6c86200000000000000caf3694df36cb5d85a4197293ed9a733214e6d206a0ed5fc3e0800000000000000c7feda8385525099787f05fa7179e73f", @ANYRES16=r2, @ANYBLOB="cf5728bd7000fedbdf2506000000"], 0x14}, 0x1, 0x0, 0x0, 0x884}, 0x8020)
read$auto(0xffffffffffffffff, 0x0, 0x7f)
mprotect$auto(0x8000, 0x8, 0x8)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x488, 0x0)
mmap$auto(0x0, 0x8, 0x2, 0x12, 0x2, 0x8000)
setresuid$auto(0x2, 0x7, 0x0)
prctl$auto(0x10, 0x2, 0x0, 0x20000004, 0x2)
madvise$auto(0x0, 0x2003f2, 0x15)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, 0x0, 0x40, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$auto_TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, 0x0)
r4 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r3, &(0x7f0000001400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002bbd7000fcdbdf2504"], 0x20}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800)
read$auto(r3, 0x0, 0x6)
mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)

5.706750171s ago: executing program 4 (id=2817):
r0 = openat$auto_lowpan_control_fops_6lowpan(0xffffffffffffff9c, &(0x7f0000002140), 0x0, 0x0)
pread64$auto(r0, 0x0, 0x663, 0x6)
r1 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000001cc0), 0x101440, 0x0)
ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f00000000c0)={{0x0, 0x2, 0x200800, 0xffffffff, 0xfffffffb}, "0dd7fd004929347eeeccdf0732f77b1f6de0d6d51768a257a97ca5e9ca6310ea"})
mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0xffffffffffffffff, 0x300000000000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
ioctl$auto_SNDRV_TIMER_IOCTL_STATUS64(r1, 0x80605414, &(0x7f0000000000)={0x6, 0x1, 0x200, 0xba44, 0x2, 0xb, "e00026e8fdffdbcd2c02d3c293faa80c2f5336d79fc5b8202cb37f6b6d22c42432352deb58e78afdbae70400"})
capset$auto(&(0x7f0000000100)={0x3ff, <r2=>0xffffffffffffffff}, &(0x7f0000000140)={0x4, 0x0, 0x7})
r3 = openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/set_event_notrace_pid\x00', 0x582, 0x0)
write$auto_console_fops_tty_io(r3, &(0x7f0000001240)='4', 0x1)
rt_sigqueueinfo$auto_SIGCONT(r2, 0x12, &(0x7f0000000280)={@siginfo_0_0={0x3, 0x4, 0x1, @_sigsys={&(0x7f0000000180)="b7a5571746d7fcb28bc8da4533bcc4f3999e5bcd29518450a4dc318aecea5ce9cdfec9ce240c45b6692f7eed6ae26daac7142d4a034827a8b49fe1fe9adbb6a4b325b2f917da87fe54d75595f4c5ebb58d869c62a25dad1c74ef12973f3726dd8c4a13bda50d13c58e577bd9f5baacb703b7283ab3eabbc850af5e0d33ba0456be4a1aadb63253404e67e23494f2985194b7fc5da78df2a0f73a9356ffc4cc2e7f26a6b6d1ca8ee50c8cb772950b7a124c700eb1a1395825f2836d99e4d6e017c30c3d96c46f336e395af85bee1d86aa90e543b0aab000fabea8ced4214c575a0d2157745f9fc06bf3a99a4bd6182296c708059f", 0x1, 0x7}}})
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x20009, 0x10000, 0x11, 0x40000000000a5, 0x8002)
r4 = socket(0xb, 0x3, 0x100)
recvfrom$auto(r4, 0x0, 0x0, 0x3, 0x0, 0x0)
openat$auto_dfs_cpu_ops_debugfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/x86/topo/cpus/0\x00', 0x200, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x6, 0x400008, 0x8, 0x9b72, r1, 0x5)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
set_mempolicy$auto(0x3, &(0x7f0000000000)=0x7, 0x9)
kexec_load$auto(0x5, 0x2, &(0x7f0000000040)={@buf=&(0x7f0000000300)="0bb4af88f806f64fb481cf3996785ba63a1f0a26a2667bd57ce36945dd7b79f1d95204c257475ff66286da7f976db7ed1035debf88c49671bb24bd648de95ed1408046333de41e58a511dfc37d83fc6798de8b374402b3b0cfbfb0", 0x800c000, 0x4800c000, 0x800c000}, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x22, 0x2, 0x24)
socket(0x1, 0x3, 0x4)
close_range$auto(0x0, 0xfffffffffffff000, 0x0)

5.430477589s ago: executing program 4 (id=2818):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socketpair$auto(0xfffffffd, 0x5, 0xffffffff, 0x0)
unshare$auto(0x40000080)
setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0xd)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
mmap$auto(0x0, 0xe983, 0x3, 0x14, 0xffffffffffffffff, 0x8000)
fcntl$auto(0x3, 0x4, 0xa553)
swapon$auto(0x0, 0x4)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x24)

4.989731289s ago: executing program 2 (id=2819):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0x400053, 0x9)
r0 = socket(0xb, 0x80000, 0x400003)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
r1 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xfffffffffffffffb)
ioctl$auto_SOUND_PCM_READ_CHANNELS(r1, 0x80045006, &(0x7f0000000240))
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x787b, 0x7000000)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r3 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/020/001\x00', 0xa901, 0x0)
ioctl$auto_USBDEVFS_SUBMITURB32(r3, 0x802c550a, &(0x7f0000000180)=ANY=[@ANYBLOB, @ANYRES16, @ANYRES8])
ioctl$auto(0xffffffffffffffff, 0x4008550d, r3)
ioctl$auto(0xffffffffffffffff, 0x4b30, 0xffffffffffffffff)
write$auto(r0, 0x0, 0x200)
write$auto(0x3, 0x0, 0x100082)
r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0)
r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/fail-nth\x00', 0x100102, 0x0)
write$auto(r5, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x3)
write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84L\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xff\a\x00\x00\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000000), r2)
r6 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r6, 0xae01, 0x0)
mlock$auto(0x112, 0x80006)

4.807252918s ago: executing program 0 (id=2820):
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000002)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/020/001\x00', 0xa901, 0x0)
ioctl$auto_USBDEVFS_SUBMITURB32(r0, 0x802c550a, 0x0)
ioctl$auto(0xffffffffffffffff, 0x4b30, 0xffffffffffffffff)
write$auto(0xffffffffffffffff, 0x0, 0x200)
write$auto(0x3, 0x0, 0x100082)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/fail-nth\x00', 0x100102, 0x0)
write$auto(r2, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x3)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84L\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xff\a\x00\x00\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)

4.59478365s ago: executing program 5 (id=2821):
r0 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/security/tomoyo/profile\x00', 0x40802, 0x0)
read$auto(r0, 0x0, 0xb4d3)
mmap$auto(0x2, 0xee7, 0xdf, 0xeb0, 0x401, 0x7fffffffffffffff)
r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000340)='/proc/sys/net/ipv6/conf/veth0_to_bond/proxy_ndp\x00', 0x2, 0x0)
setsockopt$auto(r1, 0x2000006, 0xd, &(0x7f0000000200)='/proc/sys/net/ipv6onf\'veth0_to_bond/proxy_ndp\x00', 0x100003)
mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000)
write$auto(r1, &(0x7f00000001c0), 0x80000000)
write$auto(0xffffffffffffffff, 0x0, 0x2)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
waitid$auto_P_PID(0x1, 0x0, 0x0, 0x0, &(0x7f0000000240)={{0x2, 0x34}, {0x9c, 0x3}, 0x779e, 0x3ff, 0x6, 0x0, 0x8, 0x10001, 0x3, 0x1, 0x100, 0x6, 0x5, 0x4b, 0x80000000, 0x40000})
socket$nl_generic(0x10, 0x3, 0x10)
r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0)
ioctl$auto(r3, 0x4b71, 0x1)
sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1e, 0x4, 0x0)
r4 = socket(0x1e, 0x4, 0x0)
get_robust_list$auto(0x0, 0x0, 0x0)
setsockopt$auto(r4, 0x10f, 0x87, 0x0, 0x14)
setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14)
recvmmsg$auto(r4, 0x0, 0xffffffff, 0x4, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
setgroups$auto(0xe32, 0x0)

2.770662887s ago: executing program 2 (id=2822):
write$auto(0xffffffffffffffff, &(0x7f0000000080)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94&\x81\xe2\x13\x8f\xea#\xf8F\xbbOO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\b\xc1\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(', 0xa)
unshare$auto(0x40000080)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r0, 0x0, 0x100000a3d9)
listen$auto(0x3, 0x81)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x202000a, 0xffffffff, 0xdc, 0xfffffffffffffffa, 0x8000)
r1 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003f2, 0x15)
mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r1)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r5=>0x0})
sendmsg$auto_NL80211_CMD_SET_WIPHY(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)={0x20, r3, 0x13, 0x70bd2e, 0x25dfdbdd, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r5}, @NL80211_ATTR_WIPHY_DYN_ACK={0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x4c0d4}, 0x20040894)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_802_15_4_mac(&(0x7f0000000240), r6)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$auto_NBD_CMD_STATUS(r7, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)={0x1c, r8, 0x1, 0x70bd2b, 0x25dfdbfe, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x40)
write$auto(r2, &(0x7f0000000040)='//\xf2\x00', 0x9)
getrlimit$auto(0x3, 0x0)
socket(0x29, 0x2, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0)
close_range$auto(0x2, 0x8, 0x0)
r9 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sysvipc/sem\x00', 0x0, 0x0)
lseek$auto(r9, 0x7fd, 0x1)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)

2.286970493s ago: executing program 5 (id=2823):
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
r0 = openat$auto_ns_file_operations_nsfs(0xffffffffffffff9c, 0x0, 0x800, 0x0)
open_by_handle_at$auto(r0, 0x0, 0x1)
close_range$auto(0x2, 0x8, 0x0)
socket(0x1e, 0x1, 0x7)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
prctl$auto_PR_SET_VMA_ANON_NAME(0x6, 0x0, 0x0, 0x1, 0x1)
socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x55)
r1 = openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/trace_pipe\x00', 0x800880, 0x0)
read$auto_tracing_pipe_fops_trace(r1, 0x0, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x60800, 0x0)
connect$auto(0x3, &(0x7f0000000000)=@in={0x2, 0x0, @rand_addr=0xfffffffe}, 0x55)
capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48})
capset$auto(0x0, 0x0)
close_range$auto(0x2, 0x8000, 0x0)
socket(0x11, 0x80003, 0x3ff)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000100)={{&(0x7f0000000000), 0x5ac, &(0x7f00000000c0)={&(0x7f0000000080)="4c0300006b", 0x49}, 0x2, 0x0, 0x5, 0x1}, 0x5}, 0x2, 0x100)
io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x11, 0x6, 0x7fff, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x2df, 0x500, 0x81, 0x101, 0x6, 0x2}, {0x100, 0x1, 0x52, 0x5, 0x10001, 0x40, 0x76c5, 0x8, 0x7fffffffffffffff}})
close_range$auto(0x2, 0x8, 0x0)
socket(0x8, 0x4, 0x0)
r2 = socket(0x2, 0x2, 0x1)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'vxcan1\x00', <r3=>0x0})
bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r3, 0xfd}, 0x6a)
write$auto(0x3, 0x0, 0x7d)

2.160330422s ago: executing program 0 (id=2824):
r0 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/security/tomoyo/profile\x00', 0x40802, 0x0)
read$auto(r0, 0x0, 0xb4d3)
mmap$auto(0x2, 0xee7, 0xdf, 0xeb0, 0x401, 0x7fffffffffffffff)
r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000340)='/proc/sys/net/ipv6/conf/veth0_to_bond/proxy_ndp\x00', 0x2, 0x0)
setsockopt$auto(r1, 0x2000006, 0xd, &(0x7f0000000200)='/proc/sys/net/ipv6onf\'veth0_to_bond/proxy_ndp\x00', 0x100003)
mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000)
write$auto(r1, &(0x7f00000001c0), 0x80000000)
write$auto(0xffffffffffffffff, 0x0, 0x2)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
waitid$auto_P_PID(0x1, 0x0, 0x0, 0x0, &(0x7f0000000240)={{0x2, 0x34}, {0x9c, 0x3}, 0x779e, 0x3ff, 0x6, 0x0, 0x8, 0x10001, 0x3, 0x1, 0x100, 0x6, 0x5, 0x4b, 0x80000000, 0x40000})
socket$nl_generic(0x10, 0x3, 0x10)
r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0)
ioctl$auto(r3, 0x4b71, 0x1)
sendmsg$auto_NL80211_CMD_GET_REG(r2, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1e, 0x4, 0x0)
r4 = socket(0x1e, 0x4, 0x0)
get_robust_list$auto(0x0, 0x0, 0x0)
setsockopt$auto(r4, 0x10f, 0x87, 0x0, 0x14)
setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14)
recvmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0x2, &(0x7f0000000140)={0x0, 0x4da}, 0x6, 0x0, 0x8, 0x7ff}, 0x1000}, 0xffffffff, 0x4, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x230)
setgroups$auto(0xe32, 0x0)
write$auto(0x3, 0x0, 0xffd8)

1.873533065s ago: executing program 5 (id=2825):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder1\x00', 0x8041, 0x0)
ioctl$auto_BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000140)="43391e7fbefb9d8fa2217e4c07b55434d2c1ee70")
socket(0x10, 0x2, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00022dbd7000fbdbdf781d"], 0x24}, 0x1, 0x0, 0x0, 0x400c0}, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x7, 0x800008000)
r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x4a402, 0x0)
read$auto(r1, 0x0, 0x80000000)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r2, &(0x7f0000000200)={0x0, 0x9}, 0x5)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x1, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x4082, 0x0)

1.111552942s ago: executing program 0 (id=2826):
r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000280)='/proc/tty/driver/serial\x00', 0x8000, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000000040), r1)
r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x1c7602, 0x0)
fadvise64$auto(r3, 0x8, 0x4000000003, 0x5)
r4 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
mmap$auto(0x0, 0x402000b, 0xdf, 0xeb1, 0x401, 0x8000)
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
read$auto(r5, 0x0, 0x10001)
syz_genetlink_get_family_id$auto_nl802154(&(0x7f00000000c0), r4)
sendmsg$auto_NL802154_CMD_NEW_INTERFACE(r4, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000140)={0x0, 0x38}, 0x1, 0x0, 0x0, 0x4001}, 0x2000c000)
kcmp$auto_KCMP_FILE(0x0, 0xffffffffffffffff, 0x0, r4, r5)
r6 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r6, &(0x7f0000000240)={0x0, 0x7}, 0x2)
setresgid$auto(0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r4)
sendmsg$auto_NL802154_CMD_SET_PAN_ID(r7, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
r9 = ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
r10 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000002c0), 0x80, 0x0)
inotify_rm_watch$auto(r10, 0xffff3ea1)
sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r7, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="05082dbd7000fbb807257e0000004b1a0c00", @ANYRES32=r9, @ANYBLOB="0c002e010010000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x4004044}, 0x8000)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x3c, r2, 0x1b, 0x70bd26, 0x25dfdbfd, {}, [@OVS_PACKET_ATTR_PROBE={0x4}, @OVS_PACKET_ATTR_PACKET={0x0, 0x1, "57f8af683aeea3b731f408acfb6b"}, @OVS_PACKET_ATTR_PROBE, @OVS_PACKET_ATTR_KEY={0x4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800)
read$auto_proc_iter_file_ops_compat_inode(r0, &(0x7f0000000040)=""/211, 0xd3)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
setuid$auto(0x800000000008)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
clone3$auto(&(0x7f0000000000)={0x200, 0x5, 0x7, 0x2, 0x1, 0x87, 0x8, 0xb, 0x4, 0x2, 0xcb6}, 0xaa)
socket$nl_generic(0x10, 0x3, 0x10)

596.63366ms ago: executing program 4 (id=2827):
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x300c00, 0x0)
ioctl$auto_TIOCGDEV2(r0, 0x80045432, &(0x7f0000000040)=0xddc)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0xa, 0x3, 0x3b)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000240), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000002c0)={'caif0\x00', <r3=>0x0})
sendmsg$auto_MACSEC_CMD_ADD_RXSC(r1, &(0x7f0000004100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)={0x2c, r2, 0x1, 0x70bd26, 0x25dfdbfc, {}, [@MACSEC_ATTR_RXSC_CONFIG={0x10, 0x2, 0x0, 0x1, [@typed={0xc, 0x1, 0x0, 0x0, @u64=0x3f}]}, @MACSEC_ATTR_IFINDEX={0x8, 0x1, r3}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20040801}, 0x4000040)
r4 = prctl$auto(0x4, 0xfffffffffffffffb, 0x0, 0x1, 0x1ffffffffffd)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, r4, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$auto_OVS_FLOW_CMD_NEW(r5, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000001240)={&(0x7f0000000080)={0x20, r6, 0x1, 0x70bd2c, 0x25dfdbfc, {}, [@OVS_FLOW_ATTR_PROBE={0x4}, @OVS_FLOW_ATTR_UFID_FLAGS={0x8, 0xa, 0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x40)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
process_vm_readv$auto(0x0, 0x0, 0x1, 0x0, 0x6, 0x4a7)
migrate_pages$auto(0x0, 0xa, &(0x7f0000000100)=0x5, &(0x7f0000000140)=0x2)
move_pages$auto(0x0, 0x1002, 0x0, &(0x7f0000001140), 0x0, 0x2)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r4, 0xc1105517, 0x0)
mmap$auto(0x0, 0x20009, 0x4, 0xeb1, 0xd4, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x3, 0x7)
mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001)
chroot$auto(&(0x7f0000000080)='}[,&*}\x00')
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x400008, 0xde, 0x9b72, 0x2, 0x800008000)

127.46943ms ago: executing program 2 (id=2828):
r0 = ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_LEAVE_IBSS(r0, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000280)={&(0x7f0000000340)={0x24, r1, 0x300, 0x70bd25, 0x25dfdbff, {}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x1}, @NL80211_ATTR_WIPHY_FREQ={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x80}, 0x84)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x48840, 0x0)
r3 = open(&(0x7f0000000100)='.\x00', 0x591002, 0x408)
r4 = epoll_create$auto(0x5a5d)
move_mount$auto(r3, 0x0, r4, 0x0, 0x176)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x2000000, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000)
openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000011c0), 0xa2741, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0)
openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000000080), 0xb0202, 0x0)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x9}, 0x8)
write$auto(r2, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x84)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=<r5=>0x0, @ANYBLOB="00022dbd7000fbdbdf781d"], 0x24}, 0x1, 0x0, 0x0, 0x400c0}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r7 = openat$auto_ocfs2_control_fops_stack_user(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
readv$auto(r7, &(0x7f00000001c0)={0x0, 0xf7}, 0x7)
bind$auto(0x3, &(0x7f0000000000)=@generic={0x10, "a500acb75c9cedd1b5e9a0d76293"}, 0x68)
getsockopt$auto(r6, 0x10e, 0x9, 0xfffffffffffffffe, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}}, 0x20000092)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001340)=ANY=[@ANYBLOB="44b053888a415cddb898c18f365a50dc6c40ee9a123e81aac04643a4b526030d4dd14bce4a3d925750673ee251da391ca1f918c147c3dadcb4dc5b6f51d7d819a5fbc1f19e8a8fe5f140f0686f90b01f71cc3fa9a76d89179ecfbd8d18e571cbfe22e9fd100f6c8fc92ae7bf6858966eade30c2639d484f4c0a8bce65d02846700de26466b5910e56dde518faf8f702698aab26f41f57b4dec65236bad6ef9de721b8e9fdac6a205a254ffcfb05f99a18c99960570bfa30759d2cef8dd7b77c04d4b871239c729c3e08b1136856435b20f84c648b86830a49179508114b692738b027cb6fcb6dbc16b42f8018ee1aba51cdbe3229b45c7cd6cd713c68f2a9f3aa4867d21ef9a6670273afd03143d496bd47b7e01bbd4d56bea26a9a2c12af72c4d25be3c7cda04611581310cdf499fc7dca3141303ec2d312a98989af4e3be00c2ff5676475429b0d862a6f90667d28527e1452219aa00b7445d3a24a94b0061437457f0020b5acfda5825943270ddeb179b77edf5d3ab170fef064406b497679ae012006047590dde3ecd4865ec887206fe30713aa0b32f11af6ff39607d8265c63d537e6299863b29bb4ed461ab217df642c34480b4652c436cd21afe4a3d005cabe6a7c5405eff3b6cd67123aa340a8fef9d19d6cdf6db236b96065365a27b662c1099f21d1aeaaf5a4a602476c083d0b3ff099c8b528346970461f7f224a0d7c2f47c6f223ec7999f0efbb39d8fd84fa158f23daed4a8fce7dbefdb8443b67d15d2306b8b4363229d716475c086eba4e4ea7234e923ff2cb1ba9a465d4e74ee52d0eb750d3c3f7272a05b08c956969dbbe33650d17b7c3c5945d8981d416357a69cf647687b95005ed717efa286ca2310f692e83b61a161dfcdabb367e2abd626ac22b882afb7e4dd1571e40d13861b2a259c33b240de93aad1e1f3e052d6dc8f0cffbc985a4700218df83472649f39b0c7da56f4136327028ccd3b7e5b13ac8613c44b59b0f7cabf53579465351b412f1f83e0049c698af9d2b6a96a2a41fcf44642aae514c4b03c569efd55cf2d168d103fe1b6ebd13ce605215fb26df24ccaa1ab63bcd587c343821a6b820afe4a482a0066af97cbe4791ce6a33fa25490b0c4e564d9eced6a0040222326b53c02e19168c375c46b083aaeccdd9cf937036054a5dfe10fd81eacda98a4f0af0c33108c9547e1e409a0aedba2f50c63aefe7fcadcdcc7d3ef1c1c9a89ad3eca892b37c25a439e172dffaa8af9b76267692606e8c4433e5cb9b4729dc245bfd5acdd2756eaf59b9559417e7c53bdc409338b775e9aeececfc6f9033b486f2c32c0fb3ea0a79fb81c902ab26c12b84a96abe4b8c0e89ff3f1b8e58055a3db0a3fc4db2b6570ff0ccaaff83f0fcea11aeed31c612523f970e270465f70217f308a8a250407f04ddde62fcbbf75b70c7fcb855a7a0b72c977e2159c8bba66cc71305445000f326fc8e928e4955e7054a892679a20efff40c59ed338cafa3080e74a32442ddaaba36ba500490006a387c5a21b58137b9375de5073b5429ac3439e20d9eb0269f1212264466f231ec28ad99186df378cebc776b97da8bfaa8f4084e4a3505761f88bb170c0d6f7fc661df0f537aefd782dd5970149bb710ef0ba3e4e0c5e00791dad673d797b7f1cd41f8424b40fae02dbe821cb17cbf1d9852d146aa6ff6eadbf7c5a4b0c204edbc355a09d1cfef1ca5bc54f14b9cceb4bb923f1955388b32c090bbda605eb774e2e03aeb4bf7d0db0f3cbc4a0fa0d320d58d63a5f862b28317401c207670931f3b4989824e65149a7ba39711f054612445276dcdb19181948e5e51784dcea68d45a8c10c0b3e847fcf2e589b3d386b9a4dff3ed3f29dd0b7193aabb2937269a707590c830554c9f9ef40956f2b8a878436d4a61bf8d59ca73ea85b1906d949cbdddae06ba3799f13d7a5495d7dbcf0937f38b6f42ade6b5965dcee2d97564254cd6c2689eeac1272a2f8cc32cf82940664ba3a9f209746a4ddc8db375517ca2b6590ead4f4c264607b1c4ce9067d48c434acddc3b6bb69794de9180c36916ba4b8a7740496718bac889022039bac249d2789617394cc779eb71be2ca83ac0a5af9ef780bb59d6168571b8e15a732d425233b9a908063df9616eb7d5082c715bdcfc27a6015889667090903492f295b9d9936ca5384f98bd6c6ff4c01d03be16fae4466885c0996dcd23e014ec5ff85fd9d35746c0b8e2e806ae0dc46cc044bbddae50d65d75794d2cf0c435354e3b3e8abe5376e7fc14b256ab73d4ec4d32a3fb1cd53c874c091431306bb605d56da3cf1d96973f9edce8719212e6fd720cbef888c92a328b68d0f6273509252da33ec0f0327778d7ead7cab1f52eee850ba4d3ec19f41db75c1f2d817abe9d6053d693e77b62f3ae6f3518929b66557f9f61680ac17749d42b6126e553763413c088a2c73bf811205f0510e679f767d8b84a77b81f9750e4bdd67aa5bffc39064b39c35cf624fa36c8e2faa505ed956a21302e4a6574b0c3f8077e8e83227bf78b2f0b495672a221975539c6413fcf0a8acab1e9aea9c22741630921af0989d9ef09c02ed5ebcc1e83c576c8d1961ad7d7467ded721c063dc693dbd262bebe6a025214b3d8a06c88adbac12eb2dbac4e803ee32356786d3945bc6c801c82da326f86f661f9b045af65520a1657e082f03e320e5b3e574b17e6d9eb571bd6ca842bb18efc65f8440f86ea74a0d25e405bb813b461b862dcb56789cbd408e7e786fd5f021e4dd9817781cff9b3331b1c320d11a441fe35aa8dafacbf7d2863421478c754f36a14153099b1bee5d82ceb98390d5f753fcad2e24779249db9a6ef81191e861b5211a0d55efba30869355da5b90182c1fa3561208cd0a4cf63964569e6748aec16a0e0776b9cd6101f469b92a1d6a982999fd9badc6fee3be68aea81446d4347f0e7e689a13ce4b75e57444a8f8e98c7af9135922509472fba3c19482a398a27868a123437280293a76adb2fb5df4e4c59ea08e5ff1e562129238e320869d25fc88ec805f6b22c6150398698495a6b4cda7f70ef1d2275fa2b34408b40181555a1ff102dffed77f91b78971f4ff95fefd2c37dcd5ca3db38d617ac8b8a42c207d8a06ee177be353fa8e5251a3af87be74ad5258a8bb2f0556948e079e5dc2f4ae92dc47776113ed25425d55ed371502e2d9c9f8e019fe8e3fefd5a8ec709fd91fca892cdba122b19cc983bfb25fcfaa00f6fc90ce48c8d2db70695a18c5ce90e34fde3d06595633025b915d4cb5e7f5c5360850bd892722986435a5c2b549dd57aaab038cffd4658234e63a2dbcc1552ef51dca4501be294b3975d8f7442db9eeca9c80e851fae4d0d4f964a884873ffac475e1a3bb5b685c62362665ec11894bf0c0ba04b28e49c912250590cba4371098ab619690fd3cb6ada13759219894128968df4b483fb5780460c27d1bdf58771a82cd6c1dbbfdaa7d9e2a97154ad38903f5c2b781dd29e1472662cba7d66188045e9a4add44e41c2731794a1315a659790748aec85d94845fc491ebbe4275d922435bb4151685aa92eb9f100626dc626719c16688630cb323f4902927b6ba5f4c96e0a5785e63401a42f395a380b487980d74accee3fc038c348a2c320aed733df8b837d15028b9377dd8eac2041d96068911ecd97885a5661db93697ad9dd905d9d07b1f49b000f12df8cc151d7676490372ba003245bda013d16810714d5c45dca44df39ef01e352b98cbf03249a909cbeb9b711c5c5dc61c6143cf853b23488c6e8002954cb178bb3a4b640024458f01467464dc73222af1492f43ad128e26e38b30dfba3a583999e36516be58c1193ec63fed47f674583099878cf91071299154b39c38f35d3e2b46e968ccd3ea7484bd056ca359e8b591b60ff1c7e34d5188f81bd627ff48c96878936c149d95ca2523598c95a83d3404df9ea60423099943ee8ca43bf16d2eebad3556483444653aad5b88cc58f1926ce5a21c61f462d9f1b530dcd439919294d2e7ee27b87f50856f194bbe766b168c6a1000c5e7f760fe6a2aea67b7747a0f0a29d671cc686331b4719ed0e57983b0df579bbf1d6d73d9d1ba83d30db527fb2b9637a1549d3b83e2fea326a04caf92784db3e5f77fb15a8975c394b4c0926bde168dacdde5cf4c186d5568188198b2e8f60cba2f1a635a4748328e27ac9703e98e5dfc9cdc2aa6ccdd2ac48b0f529e4167ec55b91c36fbe2819a55a359ab7e95869915440032e4950741e601068243bc128da0dd6c96d51b4d03a95a078aecead7a786da6cb631d3405a8b9f04a98ce59473c58cb818989241158a3f26db5e9bf5e97a8d26ff5cfb706acd1d399390b7540bb8d038a200848ba06de880230cb7f8b7c2bb6e6922a07e8d715898552480912a6401dbc3ab398530d0690956b69c7136dc274e112265f28ef61bdb690b3932df90d019ff43d72ccf011000bc764582d75047b67ae8869f9d7fd79ae9b1275ea024159195f3bbb44fcce0d7c9887c3b52d07cfe08c34662ed483a1bde4ba276c42a86e2be9fc737b6056809ae907ffd138331781dd514477a784bc8c0686cfaffab59e1b9cff4bf7b1be2c03aea69329a36ffc3e82196539df7b269750cc1640bd4398d8da064989c8e987ac1bd8e2113b2e66d6ddc4a7f2977cb85f8d41b2d85b91400504262b3fb95e4d99e8cf1fc53cb87a5f6ded77f880cfe975675e628eef9ecb7b8530f98a85d2a5b64da7a1f21dfa345bc6006f12ffa559d11da1ba8c09a100df6623d76a58db92201ceb7eda6c7f9cc01e605c51bd90d9e0e3555437559e6c19100af092e7f6449c616408f7a14d53653ac9f5ff928f3a36ca11862e3ccb221a730186273d610692ebc98168559a46617050d0673c537f76334987d0039c8dcfd72ed31caa5bdb52ae87578e79093ea14731165089c7febba8ee71bbd31f0a451ee8f971b872d72c3ecffa39b544894649bcd98e51c679253b3371c1891b5b11d729659e851b745d553224f11e8ba08daa60eba00b510302daab39bdb42cc49c7b5247d0e51246389e262792a21963ea71c1f8c7787a43678e0f3de510ce8bda0d85f72d52c65aa16ebfb803d33fa1e9b4e5a517eaa63ad9e20ec07c0fe4b391bd8ae0a9a8901df89fcb1c22e9b07c73fc9a39802459263aee7622ab3327f116493271b505affe9fcaa2a3ebe0380e51d8d7019d64bb8f8da7d6b4c474b4c7837d83840cce1a816af249ad0249f3a1c4348aea6d4cc6f668daf4ec27b87346711518a3ed6dccf8ead00a6ce5a2787d9ff62657b28e58026c0631b5409b8aa922deba0e166199c3c61ff10be6b04e76a8dd88e2c17f2221723eb4b9fc8b1e6de881f501c65c6f3311ad0ee89ed9490be7464d484a1226d969178c9e77998cb79a8a1dec4c068bebfc0aca7c61e0cbae91edcfd9ff55919e4ccf5dc622483024f0d9cdb9ba85948df20e2128d1451d0d1df372cfd698796dab6d850075577c188bf00e6f7df1724256a2c4200baa66cb9166557d881660ef9b4a529367c429b5809a17c9e2de71f30efa0e3b5f63ad876f03b12af274ef2555ee3d21938aabb38392d25197701a61dd2549d8c2cea9009d93dca673a227fbaf0cacc5b6b35ac307e81bf54348eef7134449cf4897453354e1717a517e47addc302441c2840e919d9ae6c93fb8c2f473d01f39568deeffe3fcd4a99095abd09de7a62f48a1e258f9ba63a0103285c50d4bc02d1f86d17fde39526c3e29dbd5766b34d67ebdb34c1b710eb9b9258fe2a1fca02ed437690154f21cd6b2ed92762f00f809b2ecdbae7acf04851cf1ec81d4287ef336e3ae2662aa5c997db161e535812", @ANYRESOCT=r5], 0x1ac}, 0x1, 0x0, 0x0, 0x22004885}, 0xc821)
ioctl$auto_TUNDETACHFILTER(0xffffffffffffffff, 0x401054d6, &(0x7f00000000c0)={0x4, &(0x7f0000000080)={0x4, 0x9, 0x1, @raw=0x2}})
write$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000100)="da518ed75fcc9f1a8be03501757c05ab6f5a5b36148695b3115a77b09872bf8a5e4c18ed50fc7653bb12525189093819ba59de56fb2504684cfb4f2a2fd2f9f6e2b9418bd2758adb0f57e8ddd982db4206c2b33c55455cfc5dfe1ddc725fd46849d1dcb59678cc1f78ecec38868c1f514ed226e66821923de93165e2805e2e89f8c1d14629e9cea74e8bb76297e617accc6b9d824259b5bd3f6c8068692e8580b1ad399ee8818c436111bd3f", 0xac)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(0xffffffffffffffff, &(0x7f0000000c00)={&(0x7f0000000180), 0x7}, 0x4)
mmap$auto(0x0, 0x6, 0x1ff, 0x14, 0x401, 0x8000)

0s ago: executing program 5 (id=2829):
r0 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event2\x00', 0x20881, 0x0)
waitid$auto_P_ALL(0x0, 0x2, 0x0, 0x71, &(0x7f0000000100)={{0xfffffffffffffffa}, {0x10001, 0x3}, 0x3, 0x8, 0xe8eb, 0x6, 0x6, 0x0, 0x2cb1, 0x5, 0x9b4, 0x6, 0xfffffffffffffff9, 0x100000000, 0x3, 0x3})
write$auto(r0, &(0x7f0000000040)='/dev/input/event1\x00', 0x10001)
mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r2, &(0x7f0000004240)={0x0, 0x0, &(0x7f0000004200)={&(0x7f0000000140)=ANY=[@ANYBLOB="1400000d", @ANYRES16=r1, @ANYBLOB="010025bd7000fedbdf2504000000"], 0x14}, 0x1, 0x0, 0x0, 0x40c8}, 0x4048000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r3 = open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84)
ftruncate$auto(r3, 0xa0)
lseek$auto(0x3, 0x2, 0x4)
r4 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder1\x00', 0x1, 0x0)
ioctl$auto(r4, 0x4018620d, 0x9)
openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder1\x00', 0x1, 0x0)
socketpair$auto(0x5, 0x5, 0x6, 0x0)
open(0x0, 0x22240, 0x55)
socket(0x2, 0x3, 0xa)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8)
connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55)
sendmmsg$auto(0x3, 0x0, 0x4194, 0xe000)
setrlimit$auto(0xb, 0x0)
seccomp$auto(0xffffff7f, 0x8, &(0x7f00000000c0)="738838cec75cecaaa2915e79d51f4dbf705d9c0ac5659910f76b31234b38ca23d8522b3b2cf9f799fec7d68a7b0167e4963dd61b6274")
getpid()
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/platform/dummy_hcd.2/usb3/3-0:1.0/authorized\x00', 0x220080, 0x0)
mmap$auto(0x0, 0x83, 0xdf, 0x9b72, 0x7, 0x28000)
socket(0x2, 0x3, 0xa)
sendfile$auto(0x1, 0xffffffffffffffff, 0x0, 0x7ffff000)

kernel console output (not intermixed with test programs):

10
[  898.595692][T17991]  handle_mm_fault+0x36d/0xa20
[  898.595728][T17991]  __get_user_pages+0xf9c/0x34d0
[  898.595764][T17991]  ? __pfx___get_user_pages+0x10/0x10
[  898.595799][T17991]  populate_vma_page_range+0x267/0x3f0
[  898.595829][T17991]  ? __pfx_populate_vma_page_range+0x10/0x10
[  898.595856][T17991]  ? __pfx_find_vma_intersection+0x10/0x10
[  898.595882][T17991]  ? __pfx_apply_vma_lock_flags+0x10/0x10
[  898.595928][T17991]  __mm_populate+0x107/0x3a0
[  898.595957][T17991]  ? __pfx___mm_populate+0x10/0x10
[  898.596005][T17991]  ? up_write+0x290/0x4f0
[  898.596043][T17991]  do_mlock+0x3f0/0x7f0
[  898.596082][T17991]  ? __pfx_do_mlock+0x10/0x10
[  898.596115][T17991]  ? __x64_sys_futex+0x34f/0x4d0
[  898.596153][T17991]  ? __x64_sys_futex+0x358/0x4d0
[  898.596189][T17991]  ? xfd_validate_state+0x129/0x190
[  898.596233][T17991]  __x64_sys_mlock+0x59/0x80
[  898.596270][T17991]  do_syscall_64+0x106/0xf80
[  898.596306][T17991]  ? clear_bhb_loop+0x40/0x90
[  898.596334][T17991]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  898.596358][T17991] RIP: 0033:0x7fbfd339c799
[  898.596378][T17991] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  898.596401][T17991] RSP: 002b:00007fbfd41b7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000095
[  898.596423][T17991] RAX: ffffffffffffffda RBX: 00007fbfd3615fa0 RCX: 00007fbfd339c799
[  898.596439][T17991] RDX: 0000000000000000 RSI: 0000000000080006 RDI: 0000000000000112
[  898.596454][T17991] RBP: 00007fbfd3432c99 R08: 0000000000000000 R09: 0000000000000000
[  898.596468][T17991] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  898.596483][T17991] R13: 00007fbfd3616038 R14: 00007fbfd3615fa0 R15: 00007ffdcd739208
[  898.596513][T17991]  </TASK>
[  898.735565][T17993] FAULT_INJECTION: forcing a failure.
[  898.735565][T17993] name failslab, interval 1, probability 0, space 0, times 0
[  898.735604][T17993] CPU: 0 UID: 0 PID: 17993 Comm: syz.4.2710 Tainted: G     U  W    L XTNJ syzkaller #0 PREEMPT(full) 
[  898.735653][T17993] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL
[  898.735666][T17993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  898.735681][T17993] Call Trace:
[  898.735689][T17993]  <TASK>
[  898.735698][T17993]  dump_stack_lvl+0x100/0x190
[  898.735739][T17993]  should_fail_ex.cold+0x5/0xa
[  898.735768][T17993]  should_failslab+0xc2/0x120
[  898.735795][T17993]  __kmalloc_cache_noprof+0x7a/0x6f0
[  898.735829][T17993]  ? snd_timer_instance_new+0x47/0x2e0
[  898.735865][T17993]  snd_timer_instance_new+0x47/0x2e0
[  898.735895][T17993]  snd_seq_timer_open+0x1d4/0x600
[  898.735935][T17993]  ? __pfx_snd_seq_timer_open+0x10/0x10
[  898.735981][T17993]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  898.736017][T17993]  ? lockdep_hardirqs_on+0x78/0x100
[  898.736054][T17993]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  898.736099][T17993]  queue_use+0xdc/0x1f0
[  898.736131][T17993]  snd_seq_queue_alloc+0x2e5/0x590
[  898.736168][T17993]  snd_seq_ioctl_create_queue+0xa9/0x370
[  898.736211][T17993]  call_seq_client_ctl+0xa3/0x130
[  898.736237][T17993]  snd_seq_kernel_client_ctl+0x77/0xd0
[  898.736264][T17993]  alloc_seq_queue+0xdb/0x180
[  898.736290][T17993]  ? __pfx_alloc_seq_queue+0x10/0x10
[  898.736331][T17993]  ? mark_held_locks+0x40/0x70
[  898.736362][T17993]  ? _raw_spin_unlock_irq+0x23/0x50
[  898.736395][T17993]  ? lockdep_hardirqs_on+0x78/0x100
[  898.736434][T17993]  snd_seq_oss_open+0x2b2/0xa10
[  898.736466][T17993]  odev_open+0x79/0xc0
[  898.736488][T17993]  ? __pfx_odev_open+0x10/0x10
[  898.736512][T17993]  soundcore_open+0x2e3/0x5a0
[  898.736539][T17993]  ? __pfx_soundcore_open+0x10/0x10
[  898.736565][T17993]  chrdev_open+0x234/0x6a0
[  898.736590][T17993]  ? __pfx_apparmor_file_open+0x10/0x10
[  898.736616][T17993]  ? __pfx_chrdev_open+0x10/0x10
[  898.736643][T17993]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  898.736676][T17993]  do_dentry_open+0x6d8/0x1660
[  898.736701][T17993]  ? __pfx_chrdev_open+0x10/0x10
[  898.736734][T17993]  vfs_open+0x82/0x3f0
[  898.736769][T17993]  path_openat+0x208c/0x31a0
[  898.736804][T17993]  ? __pfx_path_openat+0x10/0x10
[  898.736841][T17993]  do_file_open+0x20e/0x430
[  898.736869][T17993]  ? __pfx_do_file_open+0x10/0x10
[  898.736915][T17993]  ? alloc_fd+0x476/0x790
[  898.736942][T17993]  ? do_getname+0x191/0x390
[  898.736976][T17993]  do_sys_openat2+0x10d/0x1e0
[  898.737009][T17993]  ? __pfx_do_sys_openat2+0x10/0x10
[  898.737064][T17993]  ? __fget_files+0x21f/0x3d0
[  898.737101][T17993]  __x64_sys_openat+0x12d/0x210
[  898.737137][T17993]  ? __pfx___x64_sys_openat+0x10/0x10
[  898.737184][T17993]  do_syscall_64+0x106/0xf80
[  898.737222][T17993]  ? clear_bhb_loop+0x40/0x90
[  898.737253][T17993]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  898.737279][T17993] RIP: 0033:0x7fbfd339c799
[  898.737299][T17993] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  898.737325][T17993] RSP: 002b:00007fbfd41b7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  898.737349][T17993] RAX: ffffffffffffffda RBX: 00007fbfd3615fa0 RCX: 00007fbfd339c799
[  898.737365][T17993] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  898.737381][T17993] RBP: 00007fbfd3432c99 R08: 0000000000000000 R09: 0000000000000000
[  898.737395][T17993] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  898.737410][T17993] R13: 00007fbfd3616038 R14: 00007fbfd3615fa0 R15: 00007ffdcd739208
[  898.737442][T17993]  </TASK>
[  898.808009][T16002] Bluetooth: hci3: command tx timeout
[  898.911978][T17995] FAULT_INJECTION: forcing a failure.
[  898.911978][T17995] name failslab, interval 1, probability 0, space 0, times 0
[  898.912018][T17995] CPU: 0 UID: 0 PID: 17995 Comm: syz.4.2711 Tainted: G     U  W    L XTNJ syzkaller #0 PREEMPT(full) 
[  898.912064][T17995] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL
[  898.912078][T17995] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  898.912102][T17995] Call Trace:
[  898.912110][T17995]  <TASK>
[  898.912119][T17995]  dump_stack_lvl+0x100/0x190
[  898.912160][T17995]  should_fail_ex.cold+0x5/0xa
[  898.912188][T17995]  should_failslab+0xc2/0x120
[  898.912216][T17995]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  898.912253][T17995]  ? ep_ptable_queue_proc+0x5b/0x280
[  898.912282][T17995]  ep_ptable_queue_proc+0x5b/0x280
[  898.912306][T17995]  ? __pfx_ep_ptable_queue_proc+0x10/0x10
[  898.912330][T17995]  snd_seq_pool_poll_wait+0x5b/0x190
[  898.912362][T17995]  snd_seq_kernel_client_write_poll+0xa5/0x110
[  898.912391][T17995]  snd_seq_oss_poll+0x17d/0x1d0
[  898.912422][T17995]  ? __pfx_odev_poll+0x10/0x10
[  898.912446][T17995]  odev_poll+0x4a/0x90
[  898.912469][T17995]  ep_item_poll+0x141/0x1f0
[  898.912495][T17995]  do_epoll_ctl+0x1f33/0x36a0
[  898.912533][T17995]  ? __pfx_do_epoll_ctl+0x10/0x10
[  898.912561][T17995]  ? __pfx_ep_ptable_queue_proc+0x10/0x10
[  898.912588][T17995]  ? rep_movs_alternative+0x30/0x90
[  898.912621][T17995]  ? __x64_sys_epoll_ctl+0x15c/0x1e0
[  898.912647][T17995]  __x64_sys_epoll_ctl+0x15c/0x1e0
[  898.912675][T17995]  ? __pfx___x64_sys_epoll_ctl+0x10/0x10
[  898.912711][T17995]  do_syscall_64+0x106/0xf80
[  898.912746][T17995]  ? clear_bhb_loop+0x40/0x90
[  898.912776][T17995]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  898.912801][T17995] RIP: 0033:0x7fbfd339c799
[  898.912820][T17995] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  898.912843][T17995] RSP: 002b:00007fbfd41b7028 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[  898.912866][T17995] RAX: ffffffffffffffda RBX: 00007fbfd3615fa0 RCX: 00007fbfd339c799
[  898.912882][T17995] RDX: 0000000000000004 RSI: 0000000000000001 RDI: 0000000000000005
[  898.912896][T17995] RBP: 00007fbfd3432c99 R08: 0000000000000000 R09: 0000000000000000
[  898.912911][T17995] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  898.912926][T17995] R13: 00007fbfd3616038 R14: 00007fbfd3615fa0 R15: 00007ffdcd739208
[  898.912956][T17995]  </TASK>
[  900.199158][T18004] FAULT_INJECTION: forcing a failure.
[  900.199158][T18004] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  900.199197][T18004] CPU: 0 UID: 0 PID: 18004 Comm: syz.4.2714 Tainted: G     U  W    L XTNJ syzkaller #0 PREEMPT(full) 
[  900.199242][T18004] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL
[  900.199256][T18004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  900.199270][T18004] Call Trace:
[  900.199277][T18004]  <TASK>
[  900.199286][T18004]  dump_stack_lvl+0x100/0x190
[  900.199324][T18004]  should_fail_ex.cold+0x5/0xa
[  900.199347][T18004]  ? prepare_alloc_pages+0x16d/0x5f0
[  900.199378][T18004]  should_fail_alloc_page+0xeb/0x140
[  900.199406][T18004]  prepare_alloc_pages+0x1f0/0x5f0
[  900.199438][T18004]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  900.199475][T18004]  ? find_held_lock+0x2b/0x80
[  900.199497][T18004]  ? is_bpf_text_address+0x8a/0x1a0
[  900.199534][T18004]  ? is_bpf_text_address+0x8a/0x1a0
[  900.199570][T18004]  ? bpf_ksym_find+0x124/0x1c0
[  900.199599][T18004]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  900.199626][T18004]  ? is_bpf_text_address+0x94/0x1a0
[  900.199662][T18004]  ? kernel_text_address+0x8d/0x100
[  900.199698][T18004]  ? __kernel_text_address+0xd/0x30
[  900.199732][T18004]  ? unwind_get_return_address+0x59/0xa0
[  900.199759][T18004]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  900.199807][T18004]  ? __pfx_stack_trace_save+0x10/0x10
[  900.199832][T18004]  ? stack_depot_save_flags+0x27/0x9d0
[  900.199862][T18004]  ? stack_trace_save+0x8e/0xc0
[  900.199886][T18004]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  900.199912][T18004]  ? policy_nodemask+0xed/0x4f0
[  900.199939][T18004]  alloc_pages_mpol+0x1fb/0x550
[  900.199966][T18004]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  900.199999][T18004]  alloc_pages_noprof+0x131/0x390
[  900.200033][T18004]  kimage_alloc_pages+0x72/0x380
[  900.200060][T18004]  kimage_alloc_control_pages+0x157/0xa20
[  900.200092][T18004]  ? __pfx_kimage_alloc_control_pages+0x10/0x10
[  900.200126][T18004]  do_kexec_load+0x275/0x810
[  900.200154][T18004]  ? __pfx_do_kexec_load+0x10/0x10
[  900.200183][T18004]  ? _copy_from_user+0x59/0xd0
[  900.200214][T18004]  __x64_sys_kexec_load+0x1bf/0x230
[  900.200243][T18004]  do_syscall_64+0x106/0xf80
[  900.200278][T18004]  ? clear_bhb_loop+0x40/0x90
[  900.200307][T18004]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  900.200330][T18004] RIP: 0033:0x7fbfd339c799
[  900.200349][T18004] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  900.200372][T18004] RSP: 002b:00007fbfd41b7028 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6
[  900.200394][T18004] RAX: ffffffffffffffda RBX: 00007fbfd3615fa0 RCX: 00007fbfd339c799
[  900.200410][T18004] RDX: 0000200000000080 RSI: 0000000000000002 RDI: 0000000000000070
[  900.200425][T18004] RBP: 00007fbfd41b7090 R08: 0000000000000000 R09: 0000000000000000
[  900.200439][T18004] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000001
[  900.200453][T18004] R13: 00007fbfd3616038 R14: 00007fbfd3615fa0 R15: 00007ffdcd739208
[  900.200483][T18004]  </TASK>
[  900.200492][T18004] kexec: Could not allocate control_code_buffer
[  900.430261][T18006] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  900.585270][T18009] futex_wake_op: syz.4.2715 tries to shift op by -2048; fix this program
[  900.890060][T16002] Bluetooth: hci3: command tx timeout
[  902.029212][T18014] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[  902.076250][T18020] FAULT_INJECTION: forcing a failure.
[  902.076250][T18020] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  902.169881][T18020] CPU: 0 UID: 0 PID: 18020 Comm: syz.0.2718 Tainted: G     U  W    L XTNJ syzkaller #0 PREEMPT(full) 
[  902.169933][T18020] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL
[  902.169947][T18020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  902.169963][T18020] Call Trace:
[  902.169971][T18020]  <TASK>
[  902.169981][T18020]  dump_stack_lvl+0x100/0x190
[  902.170023][T18020]  should_fail_ex.cold+0x5/0xa
[  902.170049][T18020]  ? prepare_alloc_pages+0x16d/0x5f0
[  902.170081][T18020]  should_fail_alloc_page+0xeb/0x140
[  902.170110][T18020]  prepare_alloc_pages+0x1f0/0x5f0
[  902.170144][T18020]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  902.170199][T18020]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  902.170258][T18020]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  902.170285][T18020]  ? policy_nodemask+0xed/0x4f0
[  902.170313][T18020]  alloc_pages_mpol+0x1fb/0x550
[  902.170341][T18020]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  902.170375][T18020]  alloc_pages_noprof+0x131/0x390
[  902.170403][T18020]  pte_alloc_one+0x1c/0x3d0
[  902.170432][T18020]  do_huge_pmd_anonymous_page+0x7fc/0x1c40
[  902.170477][T18020]  __handle_mm_fault+0x1e9e/0x2b60
[  902.170517][T18020]  ? mt_find+0x45e/0x8e0
[  902.170540][T18020]  ? __pfx___handle_mm_fault+0x10/0x10
[  902.170572][T18020]  ? __pfx_mt_find+0x10/0x10
[  902.170616][T18020]  handle_mm_fault+0x36d/0xa20
[  902.170657][T18020]  __get_user_pages+0xf9c/0x34d0
[  902.170693][T18020]  ? down_read_killable+0x30e/0x4c0
[  902.170718][T18020]  ? __lock_acquire+0x4a5/0x2630
[  902.170750][T18020]  ? __pfx___get_user_pages+0x10/0x10
[  902.170777][T18020]  ? __lock_acquire+0x4a5/0x2630
[  902.170815][T18020]  __gup_longterm_locked+0x87d/0x16f0
[  902.170858][T18020]  ? __pfx___gup_longterm_locked+0x10/0x10
[  902.170892][T18020]  ? try_get_folio+0x262/0x750
[  902.170915][T18020]  ? pmd_write+0xd3/0x150
[  902.170939][T18020]  ? sanity_check_pinned_pages+0x5f6/0x1250
[  902.170973][T18020]  gup_fast_fallback+0x18c6/0x2460
[  902.171022][T18020]  ? __pfx_gup_fast_fallback+0x10/0x10
[  902.171053][T18020]  ? kasan_save_stack+0x30/0x50
[  902.171074][T18020]  ? kasan_save_track+0x14/0x30
[  902.171094][T18020]  ? __kasan_slab_alloc+0x89/0x90
[  902.171118][T18020]  ? mempool_alloc_noprof+0x1b7/0x310
[  902.171144][T18020]  ? bvec_alloc+0x197/0x210
[  902.171167][T18020]  ? bio_alloc_bioset+0x59e/0x850
[  902.171192][T18020]  ? blkdev_direct_IO+0xeae/0x1fb0
[  902.171227][T18020]  ? blkdev_write_iter+0x703/0xd70
[  902.171261][T18020]  ? vfs_write+0x6ac/0x1070
[  902.171282][T18020]  ? ksys_write+0x12a/0x250
[  902.171303][T18020]  ? do_syscall_64+0x106/0xf80
[  902.171338][T18020]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  902.171368][T18020]  pin_user_pages_fast+0xa7/0xf0
[  902.171398][T18020]  ? __pfx_pin_user_pages_fast+0x10/0x10
[  902.171429][T18020]  ? iov_iter_advance+0xac/0x6d0
[  902.171461][T18020]  iov_iter_extract_pages+0xa0d/0x1ef0
[  902.171501][T18020]  ? __pfx_iov_iter_extract_pages+0x10/0x10
[  902.171538][T18020]  ? iov_iter_revert+0x252/0x5b0
[  902.171564][T18020]  ? bio_associate_blkg_from_css+0x394/0x13f0
[  902.171603][T18020]  iov_iter_extract_bvecs+0x10e/0xf40
[  902.171645][T18020]  ? __pfx_iov_iter_extract_bvecs+0x10/0x10
[  902.171678][T18020]  ? bio_init+0x404/0x610
[  902.171719][T18020]  bio_iov_iter_get_pages+0x26a/0x970
[  902.171756][T18020]  blkdev_direct_IO+0x1302/0x1fb0
[  902.171806][T18020]  ? __pfx_blkdev_direct_IO+0x10/0x10
[  902.171861][T18020]  blkdev_write_iter+0x703/0xd70
[  902.171903][T18020]  vfs_write+0x6ac/0x1070
[  902.171928][T18020]  ? __pfx_blkdev_write_iter+0x10/0x10
[  902.171968][T18020]  ? __pfx_vfs_write+0x10/0x10
[  902.171989][T18020]  ? find_held_lock+0x2b/0x80
[  902.172030][T18020]  ksys_write+0x12a/0x250
[  902.172052][T18020]  ? __pfx_ksys_write+0x10/0x10
[  902.172084][T18020]  do_syscall_64+0x106/0xf80
[  902.172119][T18020]  ? clear_bhb_loop+0x40/0x90
[  902.172149][T18020]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  902.172173][T18020] RIP: 0033:0x7f66f0d9c799
[  902.172193][T18020] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  902.172217][T18020] RSP: 002b:00007f66f1ba9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  902.172240][T18020] RAX: ffffffffffffffda RBX: 00007f66f1016090 RCX: 00007f66f0d9c799
[  902.172256][T18020] RDX: 000000100000a3d9 RSI: 00002000000000c0 RDI: 0000000000000005
[  902.172271][T18020] RBP: 00007f66f0e32c99 R08: 0000000000000000 R09: 0000000000000000
[  902.172286][T18020] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  902.172301][T18020] R13: 00007f66f1016128 R14: 00007f66f1016090 R15: 00007ffd9b468a88
[  902.172331][T18020]  </TASK>
[  902.957287][T18026] FAULT_INJECTION: forcing a failure.
[  902.957287][T18026] name failslab, interval 1, probability 0, space 0, times 0
[  902.972515][T18026] CPU: 0 UID: 0 PID: 18026 Comm: syz.2.2720 Tainted: G     U  W    L XTNJ syzkaller #0 PREEMPT(full) 
[  902.972565][T18026] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL
[  902.972579][T18026] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  902.972594][T18026] Call Trace:
[  902.972602][T18026]  <TASK>
[  902.972611][T18026]  dump_stack_lvl+0x100/0x190
[  902.972652][T18026]  should_fail_ex.cold+0x5/0xa
[  902.972681][T18026]  should_failslab+0xc2/0x120
[  902.972708][T18026]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  902.972745][T18026]  ? ep_ptable_queue_proc+0x5b/0x280
[  902.972768][T18026]  ? obj_cgroup_charge_account+0x2c4/0x640
[  902.972807][T18026]  ep_ptable_queue_proc+0x5b/0x280
[  902.972850][T18026]  ? __pfx_ep_ptable_queue_proc+0x10/0x10
[  902.972874][T18026]  snd_seq_oss_readq_poll+0x56/0xb0
[  902.972915][T18026]  snd_seq_oss_poll+0x122/0x1d0
[  902.972946][T18026]  ? __pfx_odev_poll+0x10/0x10
[  902.972971][T18026]  odev_poll+0x4a/0x90
[  902.972996][T18026]  ep_item_poll+0x141/0x1f0
[  902.973022][T18026]  do_epoll_ctl+0x1f33/0x36a0
[  902.973062][T18026]  ? __pfx_do_epoll_ctl+0x10/0x10
[  902.973090][T18026]  ? __pfx_ep_ptable_queue_proc+0x10/0x10
[  902.973119][T18026]  ? rep_movs_alternative+0x30/0x90
[  902.973153][T18026]  ? __x64_sys_epoll_ctl+0x15c/0x1e0
[  902.973180][T18026]  __x64_sys_epoll_ctl+0x15c/0x1e0
[  902.973208][T18026]  ? __pfx___x64_sys_epoll_ctl+0x10/0x10
[  902.973245][T18026]  do_syscall_64+0x106/0xf80
[  902.973282][T18026]  ? clear_bhb_loop+0x40/0x90
[  902.973312][T18026]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  902.973338][T18026] RIP: 0033:0x7f8e1df9c799
[  902.973358][T18026] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  902.973383][T18026] RSP: 002b:00007f8e1ee14028 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[  902.973407][T18026] RAX: ffffffffffffffda RBX: 00007f8e1e215fa0 RCX: 00007f8e1df9c799
[  902.973424][T18026] RDX: 0000000000000003 RSI: 0000000000000001 RDI: 0000000000000004
[  902.973439][T18026] RBP: 00007f8e1e032c99 R08: 0000000000000000 R09: 0000000000000000
[  902.973454][T18026] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  902.973469][T18026] R13: 00007f8e1e216038 R14: 00007f8e1e215fa0 R15: 00007ffc8a9fc588
[  902.973501][T18026]  </TASK>
[  903.400086][ T7268] Bluetooth: hci3: command tx timeout
[  903.413584][ T7521] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  903.425526][ T7521] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  903.436748][ T7521] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  903.509835][ T7268] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  903.518964][ T7268] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  903.989392][T15988] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  904.175078][T15988] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  904.309350][T15988] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  904.401455][T15988] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  905.057021][T15988] bridge_slave_1: left allmulticast mode
[  905.095075][T15988] bridge_slave_1: left promiscuous mode
[  905.137907][T15988] bridge0: port 2(bridge_slave_1) entered disabled state
[  905.187131][T15988] bridge_slave_0: left allmulticast mode
[  905.221217][T15988] bridge_slave_0: left promiscuous mode
[  905.260289][T15988] bridge0: port 1(bridge_slave_0) entered disabled state
[  905.274743][T18064] FAULT_INJECTION: forcing a failure.
[  905.274743][T18064] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  905.398211][T18064] CPU: 0 UID: 0 PID: 18064 Comm: syz.2.2727 Tainted: G     U  W    L XTNJ syzkaller #0 PREEMPT(full) 
[  905.398268][T18064] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL
[  905.398283][T18064] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  905.398298][T18064] Call Trace:
[  905.398306][T18064]  <TASK>
[  905.398316][T18064]  dump_stack_lvl+0x100/0x190
[  905.398357][T18064]  should_fail_ex.cold+0x5/0xa
[  905.398381][T18064]  ? prepare_alloc_pages+0x16d/0x5f0
[  905.398412][T18064]  should_fail_alloc_page+0xeb/0x140
[  905.398442][T18064]  prepare_alloc_pages+0x1f0/0x5f0
[  905.398476][T18064]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  905.398519][T18064]  ? __lock_acquire+0x4a5/0x2630
[  905.398553][T18064]  ? set_next_entity+0x11e/0x9c0
[  905.398599][T18064]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  905.398639][T18064]  ? __lock_acquire+0x4a5/0x2630
[  905.398672][T18064]  ? trace_ignore_this_task+0xbc/0x100
[  905.398710][T18064]  ? trace_ignore_this_task+0xbc/0x100
[  905.398753][T18064]  ? lock_acquire+0x1cf/0x380
[  905.398785][T18064]  ? find_held_lock+0x2b/0x80
[  905.398811][T18064]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  905.398838][T18064]  ? policy_nodemask+0xed/0x4f0
[  905.398866][T18064]  alloc_pages_mpol+0x1fb/0x550
[  905.398894][T18064]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  905.398929][T18064]  alloc_pages_noprof+0x131/0x390
[  905.398960][T18064]  pte_alloc_one+0x1c/0x3d0
[  905.398989][T18064]  do_huge_pmd_anonymous_page+0x7fc/0x1c40
[  905.399034][T18064]  __handle_mm_fault+0x1e9e/0x2b60
[  905.399073][T18064]  ? mt_find+0x45e/0x8e0
[  905.399098][T18064]  ? __pfx___handle_mm_fault+0x10/0x10
[  905.399132][T18064]  ? __pfx_mt_find+0x10/0x10
[  905.399176][T18064]  handle_mm_fault+0x36d/0xa20
[  905.399216][T18064]  __get_user_pages+0xf9c/0x34d0
[  905.399252][T18064]  ? down_read_killable+0x30e/0x4c0
[  905.399277][T18064]  ? __lock_acquire+0x4a5/0x2630
[  905.399309][T18064]  ? __pfx___get_user_pages+0x10/0x10
[  905.399335][T18064]  ? __lock_acquire+0x4a5/0x2630
[  905.399373][T18064]  __gup_longterm_locked+0x87d/0x16f0
[  905.399410][T18064]  ? __pfx___gup_longterm_locked+0x10/0x10
[  905.399442][T18064]  ? try_get_folio+0x262/0x750
[  905.399465][T18064]  ? pmd_write+0xd3/0x150
[  905.399489][T18064]  ? sanity_check_pinned_pages+0x5f6/0x1250
[  905.399522][T18064]  gup_fast_fallback+0x18c6/0x2460
[  905.399577][T18064]  ? __pfx_gup_fast_fallback+0x10/0x10
[  905.399607][T18064]  ? kasan_save_stack+0x30/0x50
[  905.399628][T18064]  ? kasan_save_track+0x14/0x30
[  905.399648][T18064]  ? __kasan_slab_alloc+0x89/0x90
[  905.399672][T18064]  ? mempool_alloc_noprof+0x1b7/0x310
[  905.399698][T18064]  ? bvec_alloc+0x197/0x210
[  905.399722][T18064]  ? bio_alloc_bioset+0x59e/0x850
[  905.399747][T18064]  ? blkdev_direct_IO+0xeae/0x1fb0
[  905.399781][T18064]  ? blkdev_write_iter+0x703/0xd70
[  905.399815][T18064]  ? vfs_write+0x6ac/0x1070
[  905.399836][T18064]  ? ksys_write+0x12a/0x250
[  905.399857][T18064]  ? do_syscall_64+0x106/0xf80
[  905.399892][T18064]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  905.399921][T18064]  pin_user_pages_fast+0xa7/0xf0
[  905.399951][T18064]  ? __pfx_pin_user_pages_fast+0x10/0x10
[  905.399982][T18064]  ? iov_iter_advance+0xac/0x6d0
[  905.400014][T18064]  iov_iter_extract_pages+0xa0d/0x1ef0
[  905.400054][T18064]  ? __pfx_iov_iter_extract_pages+0x10/0x10
[  905.400109][T18064]  ? iov_iter_revert+0x252/0x5b0
[  905.400136][T18064]  ? bio_associate_blkg_from_css+0x394/0x13f0
[  905.400177][T18064]  iov_iter_extract_bvecs+0x10e/0xf40
[  905.400220][T18064]  ? __pfx_iov_iter_extract_bvecs+0x10/0x10
[  905.400253][T18064]  ? bio_init+0x404/0x610
[  905.400296][T18064]  bio_iov_iter_get_pages+0x26a/0x970
[  905.400335][T18064]  blkdev_direct_IO+0x1302/0x1fb0
[  905.400385][T18064]  ? __pfx_blkdev_direct_IO+0x10/0x10
[  905.400436][T18064]  blkdev_write_iter+0x703/0xd70
[  905.400480][T18064]  vfs_write+0x6ac/0x1070
[  905.400504][T18064]  ? __pfx_blkdev_write_iter+0x10/0x10
[  905.400544][T18064]  ? __pfx_vfs_write+0x10/0x10
[  905.400566][T18064]  ? find_held_lock+0x2b/0x80
[  905.400614][T18064]  ksys_write+0x12a/0x250
[  905.400650][T18064]  ? __pfx_ksys_write+0x10/0x10
[  905.400682][T18064]  do_syscall_64+0x106/0xf80
[  905.400718][T18064]  ? clear_bhb_loop+0x40/0x90
[  905.400765][T18064]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  905.400790][T18064] RIP: 0033:0x7f8e1df9c799
[  905.400811][T18064] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  905.400836][T18064] RSP: 002b:00007f8e1ed90028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  905.400859][T18064] RAX: ffffffffffffffda RBX: 00007f8e1e216360 RCX: 00007f8e1df9c799
[  905.400887][T18064] RDX: 000000100000a3d9 RSI: 00002000000000c0 RDI: 0000000000000007
[  905.400902][T18064] RBP: 00007f8e1e032c99 R08: 0000000000000000 R09: 0000000000000000
[  905.400917][T18064] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  905.400932][T18064] R13: 00007f8e1e2163f8 R14: 00007f8e1e216360 R15: 00007ffc8a9fc588
[  905.400962][T18064]  </TASK>
[  906.054012][ T7268] Bluetooth: hci5: command tx timeout
[  906.380984][T18077] FAULT_INJECTION: forcing a failure.
[  906.380984][T18077] name fail_futex, interval 1, probability 0, space 0, times 0
[  906.393935][T18077] CPU: 0 UID: 0 PID: 18077 Comm: syz.2.2729 Tainted: G     U  W    L XTNJ syzkaller #0 PREEMPT(full) 
[  906.393988][T18077] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL
[  906.394003][T18077] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  906.394019][T18077] Call Trace:
[  906.394029][T18077]  <TASK>
[  906.394040][T18077]  dump_stack_lvl+0x100/0x190
[  906.394088][T18077]  should_fail_ex.cold+0x5/0xa
[  906.394118][T18077]  get_futex_key+0x1d2/0x1620
[  906.394153][T18077]  ? __pfx_get_futex_key+0x10/0x10
[  906.394187][T18077]  ? blk_finish_plug+0x83/0xa0
[  906.394223][T18077]  ? madvise_do_behavior+0x1fc/0x510
[  906.394258][T18077]  futex_wake+0xea/0x530
[  906.394294][T18077]  ? madvise_unlock+0x154/0x220
[  906.394325][T18077]  ? __pfx_futex_wake+0x10/0x10
[  906.394369][T18077]  ? madvise_unlock+0xa9/0x220
[  906.394402][T18077]  do_futex+0x32b/0x350
[  906.394436][T18077]  ? __pfx_do_futex+0x10/0x10
[  906.394484][T18077]  __x64_sys_futex+0x34f/0x4d0
[  906.394522][T18077]  ? __pfx___x64_sys_futex+0x10/0x10
[  906.394568][T18077]  do_syscall_64+0x106/0xf80
[  906.394606][T18077]  ? clear_bhb_loop+0x40/0x90
[  906.394637][T18077]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  906.394663][T18077] RIP: 0033:0x7f8e1df9c799
[  906.394685][T18077] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  906.394709][T18077] RSP: 002b:00007f8e1ee140e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  906.394732][T18077] RAX: ffffffffffffffda RBX: 00007f8e1e215fa8 RCX: 00007f8e1df9c799
[  906.394749][T18077] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f8e1e215fac
[  906.394764][T18077] RBP: 00007f8e1e215fa0 R08: 0000000000000000 R09: 0000000000000000
[  906.394779][T18077] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[  906.394794][T18077] R13: 00007f8e1e216038 R14: 00007ffc8a9fc4a0 R15: 00007ffc8a9fc588
[  906.394825][T18077]  </TASK>
[  906.812614][T15988] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  906.827562][T15988] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  906.837642][T15988] bond0 (unregistering): Released all slaves
[  907.049694][T18021] chnl_net:caif_netlink_parms(): no params data found
[  907.500812][T15988] hsr_slave_0: left promiscuous mode
[  907.520242][T15988] hsr_slave_1: left promiscuous mode
[  907.544431][T15988] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  907.571831][T15988] batman_adv: batadv0: Removing interface: batadv_slave_0
[  907.602086][T15988] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  907.630675][T15988] batman_adv: batadv0: Removing interface: batadv_slave_1
[  907.678838][T15988] veth1_macvtap: left promiscuous mode
[  907.708331][T15988] veth0_macvtap: left promiscuous mode
[  907.729101][T15988] veth1_vlan: left promiscuous mode
[  907.743389][T15988] veth0_vlan: left promiscuous mode
[  908.050056][T18097] FAULT_INJECTION: forcing a failure.
[  908.050056][T18097] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  908.070234][T15988] team0 (unregistering): Port device team_slave_1 removed
[  908.094399][ T7268] Bluetooth: hci5: command tx timeout
[  908.112172][T15988] team0 (unregistering): Port device team_slave_0 removed
[  908.124609][T18097] CPU: 0 UID: 0 PID: 18097 Comm: syz.2.2732 Tainted: G     U  W    L XTNJ syzkaller #0 PREEMPT(full) 
[  908.124663][T18097] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL
[  908.124677][T18097] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  908.124692][T18097] Call Trace:
[  908.124700][T18097]  <TASK>
[  908.124710][T18097]  dump_stack_lvl+0x100/0x190
[  908.124753][T18097]  should_fail_ex.cold+0x5/0xa
[  908.124778][T18097]  ? prepare_alloc_pages+0x16d/0x5f0
[  908.124810][T18097]  should_fail_alloc_page+0xeb/0x140
[  908.124839][T18097]  prepare_alloc_pages+0x1f0/0x5f0
[  908.124874][T18097]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  908.124919][T18097]  ? lock_acquire+0x1cf/0x380
[  908.124958][T18097]  ? lock_acquire+0x1cf/0x380
[  908.124991][T18097]  ? find_held_lock+0x2b/0x80
[  908.125015][T18097]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  908.125054][T18097]  ? is_bpf_text_address+0x8a/0x1a0
[  908.125097][T18097]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  908.125125][T18097]  ? is_bpf_text_address+0x94/0x1a0
[  908.125168][T18097]  ? __lock_acquire+0x4a5/0x2630
[  908.125204][T18097]  ? __lock_acquire+0x4a5/0x2630
[  908.125248][T18097]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  908.125275][T18097]  ? policy_nodemask+0xed/0x4f0
[  908.125315][T18097]  alloc_pages_mpol+0x1fb/0x550
[  908.125344][T18097]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  908.125378][T18097]  alloc_pages_noprof+0x131/0x390
[  908.125407][T18097]  pte_alloc_one+0x1c/0x3d0
[  908.125436][T18097]  do_huge_pmd_anonymous_page+0x7fc/0x1c40
[  908.125482][T18097]  __handle_mm_fault+0x1e9e/0x2b60
[  908.125520][T18097]  ? mt_find+0x45e/0x8e0
[  908.125544][T18097]  ? __pfx___handle_mm_fault+0x10/0x10
[  908.125577][T18097]  ? __pfx_mt_find+0x10/0x10
[  908.125620][T18097]  handle_mm_fault+0x36d/0xa20
[  908.125661][T18097]  __get_user_pages+0xf9c/0x34d0
[  908.125696][T18097]  ? down_read_killable+0x30e/0x4c0
[  908.125721][T18097]  ? __lock_acquire+0x4a5/0x2630
[  908.125753][T18097]  ? __pfx___get_user_pages+0x10/0x10
[  908.125779][T18097]  ? __lock_acquire+0x4a5/0x2630
[  908.125818][T18097]  __gup_longterm_locked+0x87d/0x16f0
[  908.125855][T18097]  ? __pfx___gup_longterm_locked+0x10/0x10
[  908.125887][T18097]  ? try_get_folio+0x262/0x750
[  908.125910][T18097]  ? pmd_write+0xd3/0x150
[  908.125933][T18097]  ? sanity_check_pinned_pages+0x5f6/0x1250
[  908.125966][T18097]  gup_fast_fallback+0x18c6/0x2460
[  908.126014][T18097]  ? __pfx_gup_fast_fallback+0x10/0x10
[  908.126043][T18097]  ? kasan_save_stack+0x30/0x50
[  908.126064][T18097]  ? kasan_save_track+0x14/0x30
[  908.126085][T18097]  ? __kasan_slab_alloc+0x89/0x90
[  908.126108][T18097]  ? mempool_alloc_noprof+0x1b7/0x310
[  908.126134][T18097]  ? bvec_alloc+0x197/0x210
[  908.126158][T18097]  ? bio_alloc_bioset+0x59e/0x850
[  908.126182][T18097]  ? blkdev_direct_IO+0xeae/0x1fb0
[  908.126217][T18097]  ? blkdev_write_iter+0x703/0xd70
[  908.126251][T18097]  ? vfs_write+0x6ac/0x1070
[  908.126271][T18097]  ? ksys_write+0x12a/0x250
[  908.126292][T18097]  ? do_syscall_64+0x106/0xf80
[  908.126332][T18097]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  908.126362][T18097]  pin_user_pages_fast+0xa7/0xf0
[  908.126392][T18097]  ? __pfx_pin_user_pages_fast+0x10/0x10
[  908.126424][T18097]  ? iov_iter_advance+0xac/0x6d0
[  908.126456][T18097]  iov_iter_extract_pages+0xa0d/0x1ef0
[  908.126496][T18097]  ? __pfx_iov_iter_extract_pages+0x10/0x10
[  908.126532][T18097]  ? iov_iter_revert+0x252/0x5b0
[  908.126559][T18097]  ? bio_associate_blkg_from_css+0x394/0x13f0
[  908.126597][T18097]  iov_iter_extract_bvecs+0x10e/0xf40
[  908.126638][T18097]  ? __pfx_iov_iter_extract_bvecs+0x10/0x10
[  908.126671][T18097]  ? bio_init+0x404/0x610
[  908.126712][T18097]  bio_iov_iter_get_pages+0x26a/0x970
[  908.126750][T18097]  blkdev_direct_IO+0x1302/0x1fb0
[  908.126799][T18097]  ? __pfx_blkdev_direct_IO+0x10/0x10
[  908.126848][T18097]  blkdev_write_iter+0x703/0xd70
[  908.126890][T18097]  vfs_write+0x6ac/0x1070
[  908.126913][T18097]  ? __pfx_blkdev_write_iter+0x10/0x10
[  908.126953][T18097]  ? __pfx_vfs_write+0x10/0x10
[  908.126973][T18097]  ? find_held_lock+0x2b/0x80
[  908.127015][T18097]  ksys_write+0x12a/0x250
[  908.127037][T18097]  ? __pfx_ksys_write+0x10/0x10
[  908.127068][T18097]  do_syscall_64+0x106/0xf80
[  908.127103][T18097]  ? clear_bhb_loop+0x40/0x90
[  908.127133][T18097]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  908.127158][T18097] RIP: 0033:0x7f8e1df9c799
[  908.127178][T18097] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  908.127201][T18097] RSP: 002b:00007f8e1ed90028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  908.127224][T18097] RAX: ffffffffffffffda RBX: 00007f8e1e216360 RCX: 00007f8e1df9c799
[  908.127240][T18097] RDX: 000000100000a3d9 RSI: 00002000000000c0 RDI: 0000000000000007
[  908.127255][T18097] RBP: 00007f8e1e032c99 R08: 0000000000000000 R09: 0000000000000000
[  908.127270][T18097] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  908.127285][T18097] R13: 00007f8e1e2163f8 R14: 00007f8e1e216360 R15: 00007ffc8a9fc588
[  908.127320][T18097]  </TASK>
[  908.964220][T18021] bridge0: port 1(bridge_slave_0) entered blocking state
[  908.971349][T18021] bridge0: port 1(bridge_slave_0) entered disabled state
[  908.981966][T18021] bridge_slave_0: entered allmulticast mode
[  908.989734][T18021] bridge_slave_0: entered promiscuous mode
[  908.998164][T18021] bridge0: port 2(bridge_slave_1) entered blocking state
[  909.006217][T18021] bridge0: port 2(bridge_slave_1) entered disabled state
[  909.015126][T18021] bridge_slave_1: entered allmulticast mode
[  909.022451][T18021] bridge_slave_1: entered promiscuous mode
[  909.055101][T18021] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  909.067085][T18021] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  909.108858][T18021] team0: Port device team_slave_0 added
[  909.118517][T18021] team0: Port device team_slave_1 added
[  909.145510][T18021] batman_adv: batadv0: Adding interface: batadv_slave_0
[  909.152593][T18021] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  909.253565][T18021] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  909.324659][T18021] batman_adv: batadv0: Adding interface: batadv_slave_1
[  909.331682][T18021] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  909.413005][T18021] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  909.448524][T18103] futex_wake_op: syz.0.2733 tries to shift op by -2048; fix this program
[  909.465466][T18103] futex_wake_op: syz.0.2733 tries to shift op by -2048; fix this program
[  909.524748][T18105] 0x000000000001-0x000000020000 : ""
[  909.706390][T18021] hsr_slave_0: entered promiscuous mode
[  909.726379][T18105] ftl_cs: FTL header corrupt!
[  909.783839][T18021] hsr_slave_1: entered promiscuous mode
[  909.839000][T18021] debugfs: 'hsr0' already exists in 'hsr'
[  909.895234][T18021] Cannot create hsr debugfs directory
[  910.175696][ T7268] Bluetooth: hci5: command tx timeout
[  910.259152][T18124] FAULT_INJECTION: forcing a failure.
[  910.259152][T18124] name failslab, interval 1, probability 0, space 0, times 0
[  910.318671][T18124] CPU: 0 UID: 0 PID: 18124 Comm: syz.4.2736 Tainted: G     U  W    L XTNJ syzkaller #0 PREEMPT(full) 
[  910.318722][T18124] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL
[  910.318736][T18124] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  910.318751][T18124] Call Trace:
[  910.318758][T18124]  <TASK>
[  910.318768][T18124]  dump_stack_lvl+0x100/0x190
[  910.318814][T18124]  should_fail_ex.cold+0x5/0xa
[  910.318844][T18124]  should_failslab+0xc2/0x120
[  910.318872][T18124]  __kmalloc_cache_noprof+0x7a/0x6f0
[  910.318905][T18124]  ? vkms_plane_duplicate_state+0x45/0x130
[  910.318940][T18124]  vkms_plane_duplicate_state+0x45/0x130
[  910.318968][T18124]  drm_atomic_get_plane_state+0x279/0x760
[  910.319022][T18124]  drm_client_modeset_commit_atomic+0x237/0x7e0
[  910.319062][T18124]  ? trace_contention_end+0x140/0x180
[  910.319102][T18124]  ? __mutex_lock+0x26a/0x1b90
[  910.319150][T18124]  ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10
[  910.319203][T18124]  ? drm_master_internal_acquire+0x21/0x80
[  910.319265][T18124]  drm_client_modeset_commit_locked+0x14d/0x580
[  910.319327][T18124]  drm_client_modeset_commit+0x4f/0x80
[  910.319366][T18124]  __drm_fb_helper_restore_fbdev_mode_unlocked.part.0+0x137/0x160
[  910.319409][T18124]  drm_fb_helper_restore_fbdev_mode_unlocked+0x93/0xc0
[  910.319449][T18124]  drm_fbdev_client_restore+0x1b/0x30
[  910.319480][T18124]  ? __pfx_drm_fbdev_client_restore+0x10/0x10
[  910.319509][T18124]  drm_client_dev_restore+0x205/0x2a0
[  910.319551][T18124]  drm_release+0x2c6/0x360
[  910.319594][T18124]  ? __pfx_drm_release+0x10/0x10
[  910.319628][T18124]  __fput+0x3ff/0xb40
[  910.319666][T18124]  task_work_run+0x150/0x240
[  910.319705][T18124]  ? __pfx_task_work_run+0x10/0x10
[  910.319751][T18124]  exit_to_user_mode_loop+0x100/0x4a0
[  910.319788][T18124]  do_syscall_64+0x668/0xf80
[  910.319826][T18124]  ? clear_bhb_loop+0x40/0x90
[  910.319856][T18124]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  910.319881][T18124] RIP: 0033:0x7fbfd339c799
[  910.319902][T18124] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  910.319927][T18124] RSP: 002b:00007fbfd41b7028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  910.319951][T18124] RAX: 0000000000000000 RBX: 00007fbfd3615fa0 RCX: 00007fbfd339c799
[  910.319967][T18124] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[  910.319982][T18124] RBP: 00007fbfd3432c99 R08: 0000000000000000 R09: 0000000000000000
[  910.319997][T18124] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  910.320013][T18124] R13: 00007fbfd3616038 R14: 00007fbfd3615fa0 R15: 00007ffdcd739208
[  910.320045][T18124]  </TASK>
[  911.777963][T18146] delete_channel: no stack
[  912.013482][T18021] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  912.149224][T18021] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  912.255497][ T7268] Bluetooth: hci5: command tx timeout
[  912.306110][T18021] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  912.551569][T18021] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  912.579691][T18164] FAULT_INJECTION: forcing a failure.
[  912.579691][T18164] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  912.655816][T18164] CPU: 0 UID: 0 PID: 18164 Comm: syz.0.2743 Tainted: G     U  W    L XTNJ syzkaller #0 PREEMPT(full) 
[  912.655869][T18164] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL
[  912.655883][T18164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  912.655899][T18164] Call Trace:
[  912.655918][T18164]  <TASK>
[  912.655927][T18164]  dump_stack_lvl+0x100/0x190
[  912.655970][T18164]  should_fail_ex.cold+0x5/0xa
[  912.655995][T18164]  ? prepare_alloc_pages+0x16d/0x5f0
[  912.656027][T18164]  should_fail_alloc_page+0xeb/0x140
[  912.656055][T18164]  prepare_alloc_pages+0x1f0/0x5f0
[  912.656088][T18164]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  912.656144][T18164]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  912.656202][T18164]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  912.656230][T18164]  ? policy_nodemask+0xed/0x4f0
[  912.656259][T18164]  alloc_pages_mpol+0x1fb/0x550
[  912.656287][T18164]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  912.656333][T18164]  alloc_pages_noprof+0x131/0x390
[  912.656360][T18164]  pte_alloc_one+0x1c/0x3d0
[  912.656387][T18164]  do_huge_pmd_anonymous_page+0x7fc/0x1c40
[  912.656429][T18164]  __handle_mm_fault+0x1e9e/0x2b60
[  912.656465][T18164]  ? mt_find+0x45e/0x8e0
[  912.656487][T18164]  ? __pfx___handle_mm_fault+0x10/0x10
[  912.656518][T18164]  ? __pfx_mt_find+0x10/0x10
[  912.656560][T18164]  handle_mm_fault+0x36d/0xa20
[  912.656616][T18164]  __get_user_pages+0xf9c/0x34d0
[  912.656652][T18164]  ? down_read_killable+0x30e/0x4c0
[  912.656676][T18164]  ? __lock_acquire+0x4a5/0x2630
[  912.656708][T18164]  ? __pfx___get_user_pages+0x10/0x10
[  912.656734][T18164]  ? __lock_acquire+0x4a5/0x2630
[  912.656772][T18164]  __gup_longterm_locked+0x87d/0x16f0
[  912.656809][T18164]  ? __pfx___gup_longterm_locked+0x10/0x10
[  912.656841][T18164]  ? try_get_folio+0x262/0x750
[  912.656864][T18164]  ? pmd_write+0xd3/0x150
[  912.656891][T18164]  ? sanity_check_pinned_pages+0x5f6/0x1250
[  912.656932][T18164]  gup_fast_fallback+0x18c6/0x2460
[  912.656981][T18164]  ? __pfx_gup_fast_fallback+0x10/0x10
[  912.657010][T18164]  ? kasan_save_stack+0x30/0x50
[  912.657031][T18164]  ? kasan_save_track+0x14/0x30
[  912.657051][T18164]  ? __kasan_slab_alloc+0x89/0x90
[  912.657086][T18164]  ? mempool_alloc_noprof+0x1b7/0x310
[  912.657111][T18164]  ? bvec_alloc+0x197/0x210
[  912.657152][T18164]  ? bio_alloc_bioset+0x59e/0x850
[  912.657177][T18164]  ? blkdev_direct_IO+0xeae/0x1fb0
[  912.657211][T18164]  ? blkdev_write_iter+0x703/0xd70
[  912.657245][T18164]  ? vfs_write+0x6ac/0x1070
[  912.657266][T18164]  ? ksys_write+0x12a/0x250
[  912.657288][T18164]  ? do_syscall_64+0x106/0xf80
[  912.657325][T18164]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  912.657355][T18164]  pin_user_pages_fast+0xa7/0xf0
[  912.657385][T18164]  ? __pfx_pin_user_pages_fast+0x10/0x10
[  912.657416][T18164]  ? iov_iter_advance+0xac/0x6d0
[  912.657448][T18164]  iov_iter_extract_pages+0xa0d/0x1ef0
[  912.657489][T18164]  ? __pfx_iov_iter_extract_pages+0x10/0x10
[  912.657526][T18164]  ? iov_iter_revert+0x252/0x5b0
[  912.657552][T18164]  ? bio_associate_blkg_from_css+0x394/0x13f0
[  912.657592][T18164]  iov_iter_extract_bvecs+0x10e/0xf40
[  912.657633][T18164]  ? __pfx_iov_iter_extract_bvecs+0x10/0x10
[  912.657666][T18164]  ? bio_init+0x404/0x610
[  912.657708][T18164]  bio_iov_iter_get_pages+0x26a/0x970
[  912.657746][T18164]  blkdev_direct_IO+0x1302/0x1fb0
[  912.657796][T18164]  ? __pfx_blkdev_direct_IO+0x10/0x10
[  912.657846][T18164]  blkdev_write_iter+0x703/0xd70
[  912.657888][T18164]  vfs_write+0x6ac/0x1070
[  912.657920][T18164]  ? __pfx_blkdev_write_iter+0x10/0x10
[  912.657960][T18164]  ? __pfx_vfs_write+0x10/0x10
[  912.657982][T18164]  ? find_held_lock+0x2b/0x80
[  912.658025][T18164]  ksys_write+0x12a/0x250
[  912.658048][T18164]  ? __pfx_ksys_write+0x10/0x10
[  912.658079][T18164]  do_syscall_64+0x106/0xf80
[  912.658115][T18164]  ? clear_bhb_loop+0x40/0x90
[  912.658145][T18164]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  912.658170][T18164] RIP: 0033:0x7f66f0d9c799
[  912.658191][T18164] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  912.658215][T18164] RSP: 002b:00007f66f1ba9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  912.658238][T18164] RAX: ffffffffffffffda RBX: 00007f66f1016090 RCX: 00007f66f0d9c799
[  912.658254][T18164] RDX: 000000100000a3d9 RSI: 00002000000000c0 RDI: 0000000000000005
[  912.658270][T18164] RBP: 00007f66f0e32c99 R08: 0000000000000000 R09: 0000000000000000
[  912.658285][T18164] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  912.658300][T18164] R13: 00007f66f1016128 R14: 00007f66f1016090 R15: 00007ffd9b468a88
[  912.658331][T18164]  </TASK>
[  913.907914][T18190] FAULT_INJECTION: forcing a failure.
[  913.907914][T18190] name fail_futex, interval 1, probability 0, space 0, times 0
[  913.973783][T18190] CPU: 0 UID: 0 PID: 18190 Comm: syz.2.2745 Tainted: G     U  W    L XTNJ syzkaller #0 PREEMPT(full) 
[  913.973834][T18190] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL
[  913.973848][T18190] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  913.973863][T18190] Call Trace:
[  913.973871][T18190]  <TASK>
[  913.973881][T18190]  dump_stack_lvl+0x100/0x190
[  913.973934][T18190]  should_fail_ex.cold+0x5/0xa
[  913.973961][T18190]  get_futex_key+0x295/0x1620
[  913.973996][T18190]  ? __pfx_get_futex_key+0x10/0x10
[  913.974023][T18190]  ? lock_acquire+0x1cf/0x380
[  913.974068][T18190]  futex_wake+0xea/0x530
[  913.974126][T18190]  ? __pfx_futex_wake+0x10/0x10
[  913.974163][T18190]  ? exit_mm_release+0x19/0x30
[  913.974201][T18190]  do_futex+0x32b/0x350
[  913.974234][T18190]  ? __pfx_do_futex+0x10/0x10
[  913.974263][T18190]  ? __might_fault+0xc5/0x140
[  913.974306][T18190]  mm_release+0x24a/0x2f0
[  913.974331][T18190]  do_exit+0x704/0x2b60
[  913.974368][T18190]  ? __pfx_do_exit+0x10/0x10
[  913.974399][T18190]  ? do_raw_spin_lock+0x128/0x260
[  913.974434][T18190]  ? find_held_lock+0x2b/0x80
[  913.974456][T18190]  ? get_signal+0x7e0/0x21e0
[  913.974486][T18190]  do_group_exit+0xd5/0x2a0
[  913.974521][T18190]  get_signal+0x1ec7/0x21e0
[  913.974558][T18190]  ? __pfx_get_signal+0x10/0x10
[  913.974586][T18190]  ? do_futex+0x192/0x350
[  913.974621][T18190]  arch_do_signal_or_restart+0x91/0x770
[  913.974654][T18190]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  913.974693][T18190]  ? __pfx___x64_sys_futex+0x10/0x10
[  913.974732][T18190]  exit_to_user_mode_loop+0x86/0x4a0
[  913.974769][T18190]  do_syscall_64+0x668/0xf80
[  913.974812][T18190]  ? clear_bhb_loop+0x40/0x90
[  913.974841][T18190]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  913.974865][T18190] RIP: 0033:0x7f8e1df9c799
[  913.974886][T18190] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  913.974909][T18190] RSP: 002b:00007f8e1ee140e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  913.974931][T18190] RAX: fffffffffffffe00 RBX: 00007f8e1e215fa8 RCX: 00007f8e1df9c799
[  913.974947][T18190] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f8e1e215fa8
[  913.974962][T18190] RBP: 00007f8e1e215fa0 R08: 0000000000000000 R09: 0000000000000000
[  913.974977][T18190] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  913.974991][T18190] R13: 00007f8e1e216038 R14: 00007ffc8a9fc4a0 R15: 00007ffc8a9fc588
[  913.975022][T18190]  </TASK>
[  914.748808][   T29] audit: type=1800 audit(1774542608.246:10): pid=18208 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2748" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0
[  915.171397][T18021] 8021q: adding VLAN 0 to HW filter on device bond0
[  915.230229][T18218] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied.
[  915.252499][T18021] 8021q: adding VLAN 0 to HW filter on device team0
[  915.334242][ T7706] bridge0: port 1(bridge_slave_0) entered blocking state
[  915.341944][ T7706] bridge0: port 1(bridge_slave_0) entered forwarding state
[  915.431611][T18220] netlink: 186 bytes leftover after parsing attributes in process `syz.2.2749'.
[  915.463016][ T7267] bridge0: port 2(bridge_slave_1) entered blocking state
[  915.470178][ T7267] bridge0: port 2(bridge_slave_1) entered forwarding state
[  915.566438][T18223] FAULT_INJECTION: forcing a failure.
[  915.566438][T18223] name failslab, interval 1, probability 0, space 0, times 0
[  915.653355][T18223] CPU: 0 UID: 0 PID: 18223 Comm: syz.0.2750 Tainted: G     U  W    L XTNJ syzkaller #0 PREEMPT(full) 
[  915.653408][T18223] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL
[  915.653423][T18223] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  915.653438][T18223] Call Trace:
[  915.653447][T18223]  <TASK>
[  915.653456][T18223]  dump_stack_lvl+0x100/0x190
[  915.653500][T18223]  should_fail_ex.cold+0x5/0xa
[  915.653531][T18223]  should_failslab+0xc2/0x120
[  915.653558][T18223]  __kmalloc_cache_noprof+0x7a/0x6f0
[  915.653593][T18223]  ? nfc_genl_rcv_nl_event+0xc1/0x300
[  915.653625][T18223]  nfc_genl_rcv_nl_event+0xc1/0x300
[  915.653651][T18223]  notifier_call_chain+0x99/0x420
[  915.653691][T18223]  blocking_notifier_call_chain+0x69/0xa0
[  915.653751][T18223]  netlink_release+0x166a/0x1ff0
[  915.653796][T18223]  ? netlink_release+0x1d8/0x1ff0
[  915.653843][T18223]  ? __pfx_netlink_release+0x10/0x10
[  915.653906][T18223]  ? __pfx_locks_remove_file+0x10/0x10
[  915.653939][T18223]  __sock_release+0xb3/0x260
[  915.653979][T18223]  ? __pfx_sock_close+0x10/0x10
[  915.654018][T18223]  sock_close+0x1c/0x30
[  915.654064][T18223]  __fput+0x3ff/0xb40
[  915.654097][T18223]  ? _raw_spin_unlock_irq+0x23/0x50
[  915.654135][T18223]  task_work_run+0x150/0x240
[  915.654183][T18223]  ? __pfx_task_work_run+0x10/0x10
[  915.654229][T18223]  exit_to_user_mode_loop+0x100/0x4a0
[  915.654267][T18223]  do_syscall_64+0x668/0xf80
[  915.654305][T18223]  ? clear_bhb_loop+0x40/0x90
[  915.654335][T18223]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  915.654361][T18223] RIP: 0033:0x7f66f0d9c799
[  915.654381][T18223] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  915.654406][T18223] RSP: 002b:00007f66f1bca028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  915.654430][T18223] RAX: 0000000000000000 RBX: 00007f66f1015fa0 RCX: 00007f66f0d9c799
[  915.654446][T18223] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[  915.654462][T18223] RBP: 00007f66f0e32c99 R08: 0000000000000000 R09: 0000000000000000
[  915.654477][T18223] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  915.654492][T18223] R13: 00007f66f1016038 R14: 00007f66f1015fa0 R15: 00007ffd9b468a88
[  915.654524][T18223]  </TASK>
[  917.090315][T18238] FAULT_INJECTION: forcing a failure.
[  917.090315][T18238] name fail_futex, interval 1, probability 0, space 0, times 0
[  917.197881][T18238] CPU: 0 UID: 0 PID: 18238 Comm: syz.0.2753 Tainted: G     U  W    L XTNJ syzkaller #0 PREEMPT(full) 
[  917.197930][T18238] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL
[  917.197942][T18238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  917.197956][T18238] Call Trace:
[  917.197964][T18238]  <TASK>
[  917.197984][T18238]  dump_stack_lvl+0x100/0x190
[  917.198023][T18238]  should_fail_ex.cold+0x5/0xa
[  917.198048][T18238]  get_futex_key+0x295/0x1620
[  917.198079][T18238]  ? __pfx_get_futex_key+0x10/0x10
[  917.198103][T18238]  ? lock_acquire+0x1cf/0x380
[  917.198140][T18238]  futex_wake+0xea/0x530
[  917.198178][T18238]  ? __pfx_futex_wake+0x10/0x10
[  917.198211][T18238]  ? exit_mm_release+0x19/0x30
[  917.198245][T18238]  do_futex+0x32b/0x350
[  917.198274][T18238]  ? __pfx_do_futex+0x10/0x10
[  917.198301][T18238]  ? __might_fault+0xc5/0x140
[  917.198339][T18238]  mm_release+0x24a/0x2f0
[  917.198361][T18238]  do_exit+0x704/0x2b60
[  917.198393][T18238]  ? __pfx_do_exit+0x10/0x10
[  917.198421][T18238]  ? do_raw_spin_lock+0x128/0x260
[  917.198453][T18238]  ? find_held_lock+0x2b/0x80
[  917.198472][T18238]  ? get_signal+0x7e0/0x21e0
[  917.198506][T18238]  do_group_exit+0xd5/0x2a0
[  917.198538][T18238]  get_signal+0x1ec7/0x21e0
[  917.198570][T18238]  ? __pfx_get_signal+0x10/0x10
[  917.198595][T18238]  ? do_futex+0x192/0x350
[  917.198626][T18238]  arch_do_signal_or_restart+0x91/0x770
[  917.198655][T18238]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  917.198690][T18238]  ? __pfx___x64_sys_futex+0x10/0x10
[  917.198725][T18238]  exit_to_user_mode_loop+0x86/0x4a0
[  917.198757][T18238]  do_syscall_64+0x668/0xf80
[  917.198790][T18238]  ? clear_bhb_loop+0x40/0x90
[  917.198816][T18238]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  917.198838][T18238] RIP: 0033:0x7f66f0d9c799
[  917.198856][T18238] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  917.198877][T18238] RSP: 002b:00007f66f1bca0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  917.198898][T18238] RAX: fffffffffffffe00 RBX: 00007f66f1015fa8 RCX: 00007f66f0d9c799
[  917.198913][T18238] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f66f1015fa8
[  917.198926][T18238] RBP: 00007f66f1015fa0 R08: 0000000000000000 R09: 0000000000000000
[  917.198939][T18238] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  917.198952][T18238] R13: 00007f66f1016038 R14: 00007ffd9b4689a0 R15: 00007ffd9b468a88
[  917.198979][T18238]  </TASK>
[  918.269833][T18021] 8021q: adding VLAN 0 to HW filter on device batadv0
[  919.994652][T18021] veth0_vlan: entered promiscuous mode
[  920.259641][T18021] veth1_vlan: entered promiscuous mode
[  920.564620][T18021] veth0_macvtap: entered promiscuous mode
[  920.631660][T18021] veth1_macvtap: entered promiscuous mode
[  920.722164][T18294] FAULT_INJECTION: forcing a failure.
[  920.722164][T18294] name failslab, interval 1, probability 0, space 0, times 0
[  920.751328][T18021] batman_adv: batadv0: Interface activated: batadv_slave_0
[  920.786501][T18021] batman_adv: batadv0: Interface activated: batadv_slave_1
[  920.804368][T18294] CPU: 0 UID: 0 PID: 18294 Comm: syz.4.2761 Tainted: G     U  W    L XTNJ syzkaller #0 PREEMPT(full) 
[  920.804421][T18294] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL
[  920.804436][T18294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  920.804451][T18294] Call Trace:
[  920.804459][T18294]  <TASK>
[  920.804468][T18294]  dump_stack_lvl+0x100/0x190
[  920.804511][T18294]  should_fail_ex.cold+0x5/0xa
[  920.804541][T18294]  should_failslab+0xc2/0x120
[  920.804569][T18294]  __kmalloc_cache_noprof+0x7a/0x6f0
[  920.804603][T18294]  ? nfc_genl_rcv_nl_event+0xc1/0x300
[  920.804636][T18294]  nfc_genl_rcv_nl_event+0xc1/0x300
[  920.804663][T18294]  notifier_call_chain+0x99/0x420
[  920.804703][T18294]  blocking_notifier_call_chain+0x69/0xa0
[  920.804742][T18294]  netlink_release+0x166a/0x1ff0
[  920.804789][T18294]  ? netlink_release+0x1d8/0x1ff0
[  920.804831][T18294]  ? __pfx_netlink_release+0x10/0x10
[  920.804874][T18294]  ? __pfx_locks_remove_file+0x10/0x10
[  920.804907][T18294]  __sock_release+0xb3/0x260
[  920.804947][T18294]  ? __pfx_sock_close+0x10/0x10
[  920.804986][T18294]  sock_close+0x1c/0x30
[  920.805023][T18294]  __fput+0x3ff/0xb40
[  920.805056][T18294]  ? _raw_spin_unlock_irq+0x23/0x50
[  920.805093][T18294]  task_work_run+0x150/0x240
[  920.805133][T18294]  ? __pfx_task_work_run+0x10/0x10
[  920.805179][T18294]  exit_to_user_mode_loop+0x100/0x4a0
[  920.805224][T18294]  do_syscall_64+0x668/0xf80
[  920.805262][T18294]  ? clear_bhb_loop+0x40/0x90
[  920.805305][T18294]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  920.805329][T18294] RIP: 0033:0x7fbfd339c799
[  920.805349][T18294] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  920.805373][T18294] RSP: 002b:00007fbfd41b7028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  920.805395][T18294] RAX: 0000000000000000 RBX: 00007fbfd3615fa0 RCX: 00007fbfd339c799
[  920.805410][T18294] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[  920.805425][T18294] RBP: 00007fbfd3432c99 R08: 0000000000000000 R09: 0000000000000000
[  920.805439][T18294] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  920.805453][T18294] R13: 00007fbfd3616038 R14: 00007fbfd3615fa0 R15: 00007ffdcd739208
[  920.805484][T18294]  </TASK>
[  921.578864][ T7273] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  921.599919][ T7273] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  921.608740][ T7273] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  921.853912][ T7273] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  922.109222][ T7267] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  922.143287][ T7267] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  922.275900][ T7267] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  922.304475][ T7267] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  922.706074][T18313] FAULT_INJECTION: forcing a failure.
[  922.706074][T18313] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  922.720404][T18314] binder: 18312:18314 ioctl c0306201 200000000140 returned -14
[  922.764845][T18314] FAULT_INJECTION: forcing a failure.
[  922.764845][T18314] name failslab, interval 1, probability 0, space 0, times 0
[  922.792679][T18313] CPU: 0 UID: 0 PID: 18313 Comm: syz.2.2766 Tainted: G     U  W    L XTNJ syzkaller #0 PREEMPT(full) 
[  922.792732][T18313] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL
[  922.792747][T18313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  922.792763][T18313] Call Trace:
[  922.792771][T18313]  <TASK>
[  922.792780][T18313]  dump_stack_lvl+0x100/0x190
[  922.792824][T18313]  should_fail_ex.cold+0x5/0xa
[  922.792849][T18313]  ? prepare_alloc_pages+0x16d/0x5f0
[  922.792882][T18313]  should_fail_alloc_page+0xeb/0x140
[  922.792912][T18313]  prepare_alloc_pages+0x1f0/0x5f0
[  922.792947][T18313]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  922.792999][T18313]  ? find_held_lock+0x2b/0x80
[  922.793032][T18313]  ? unwind_next_frame+0x3be/0x1ea0
[  922.793059][T18313]  ? unwind_next_frame+0x3be/0x1ea0
[  922.793087][T18313]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  922.793132][T18313]  ? do_file_open+0x20e/0x430
[  922.793161][T18313]  ? do_sys_openat2+0x10d/0x1e0
[  922.793193][T18313]  ? __kernel_text_address+0xd/0x30
[  922.793242][T18313]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  922.793270][T18313]  ? policy_nodemask+0xed/0x4f0
[  922.793300][T18313]  alloc_pages_mpol+0x1fb/0x550
[  922.793329][T18313]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  922.793364][T18313]  alloc_pages_noprof+0x131/0x390
[  922.793394][T18313]  pte_alloc_one+0x1c/0x3d0
[  922.793423][T18313]  do_huge_pmd_anonymous_page+0x7fc/0x1c40
[  922.793471][T18313]  __handle_mm_fault+0x1e9e/0x2b60
[  922.793511][T18313]  ? mt_find+0x45e/0x8e0
[  922.793536][T18313]  ? __pfx___handle_mm_fault+0x10/0x10
[  922.793570][T18313]  ? __pfx_mt_find+0x10/0x10
[  922.793615][T18313]  handle_mm_fault+0x36d/0xa20
[  922.793659][T18313]  __get_user_pages+0xf9c/0x34d0
[  922.793696][T18313]  ? down_read_killable+0x30e/0x4c0
[  922.793721][T18313]  ? __lock_acquire+0x4a5/0x2630
[  922.793754][T18313]  ? __pfx___get_user_pages+0x10/0x10
[  922.793781][T18313]  ? __lock_acquire+0x4a5/0x2630
[  922.793821][T18313]  __gup_longterm_locked+0x87d/0x16f0
[  922.793859][T18313]  ? __pfx___gup_longterm_locked+0x10/0x10
[  922.793892][T18313]  ? try_get_folio+0x262/0x750
[  922.793916][T18313]  ? pmd_write+0xd3/0x150
[  922.793941][T18313]  ? sanity_check_pinned_pages+0x5f6/0x1250
[  922.793975][T18313]  gup_fast_fallback+0x18c6/0x2460
[  922.794031][T18313]  ? __pfx_gup_fast_fallback+0x10/0x10
[  922.794066][T18313]  ? kasan_save_stack+0x30/0x50
[  922.794088][T18313]  ? kasan_save_track+0x14/0x30
[  922.794110][T18313]  ? __kasan_slab_alloc+0x89/0x90
[  922.794134][T18313]  ? mempool_alloc_noprof+0x1b7/0x310
[  922.794161][T18313]  ? bvec_alloc+0x197/0x210
[  922.794186][T18313]  ? bio_alloc_bioset+0x59e/0x850
[  922.794212][T18313]  ? blkdev_direct_IO+0xeae/0x1fb0
[  922.794248][T18313]  ? blkdev_write_iter+0x703/0xd70
[  922.794283][T18313]  ? vfs_write+0x6ac/0x1070
[  922.794305][T18313]  ? ksys_write+0x12a/0x250
[  922.794327][T18313]  ? do_syscall_64+0x106/0xf80
[  922.794363][T18313]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  922.794393][T18313]  pin_user_pages_fast+0xa7/0xf0
[  922.794423][T18313]  ? __pfx_pin_user_pages_fast+0x10/0x10
[  922.794455][T18313]  ? iov_iter_advance+0xac/0x6d0
[  922.794488][T18313]  iov_iter_extract_pages+0xa0d/0x1ef0
[  922.794530][T18313]  ? __pfx_iov_iter_extract_pages+0x10/0x10
[  922.794568][T18313]  ? iov_iter_revert+0x252/0x5b0
[  922.794595][T18313]  ? bio_associate_blkg_from_css+0x394/0x13f0
[  922.794635][T18313]  iov_iter_extract_bvecs+0x10e/0xf40
[  922.794677][T18313]  ? __pfx_iov_iter_extract_bvecs+0x10/0x10
[  922.794712][T18313]  ? bio_init+0x404/0x610
[  922.794755][T18313]  bio_iov_iter_get_pages+0x26a/0x970
[  922.794793][T18313]  blkdev_direct_IO+0x1302/0x1fb0
[  922.794844][T18313]  ? __pfx_blkdev_direct_IO+0x10/0x10
[  922.794895][T18313]  blkdev_write_iter+0x703/0xd70
[  922.794938][T18313]  vfs_write+0x6ac/0x1070
[  922.794963][T18313]  ? __pfx_blkdev_write_iter+0x10/0x10
[  922.795003][T18313]  ? __pfx_vfs_write+0x10/0x10
[  922.795029][T18313]  ? find_held_lock+0x2b/0x80
[  922.795072][T18313]  ksys_write+0x12a/0x250
[  922.795096][T18313]  ? __pfx_ksys_write+0x10/0x10
[  922.795129][T18313]  do_syscall_64+0x106/0xf80
[  922.795166][T18313]  ? clear_bhb_loop+0x40/0x90
[  922.795197][T18313]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  922.795223][T18313] RIP: 0033:0x7f8e1df9c799
[  922.795256][T18313] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  922.795280][T18313] RSP: 002b:00007f8e1ee14028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  922.795302][T18313] RAX: ffffffffffffffda RBX: 00007f8e1e215fa0 RCX: 00007f8e1df9c799
[  922.795319][T18313] RDX: 000000100000a3d9 RSI: 00002000000000c0 RDI: 0000000000000005
[  922.795334][T18313] RBP: 00007f8e1e032c99 R08: 0000000000000000 R09: 0000000000000000
[  922.795349][T18313] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  922.795363][T18313] R13: 00007f8e1e216038 R14: 00007f8e1e215fa0 R15: 00007ffc8a9fc588
[  922.795393][T18313]  </TASK>
[  923.285910][T18314] CPU: 0 UID: 0 PID: 18314 Comm: syz.0.2767 Tainted: G     U  W    L XTNJ syzkaller #0 PREEMPT(full) 
[  923.285962][T18314] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL
[  923.285977][T18314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  923.285991][T18314] Call Trace:
[  923.285999][T18314]  <TASK>
[  923.286008][T18314]  dump_stack_lvl+0x100/0x190
[  923.286057][T18314]  should_fail_ex.cold+0x5/0xa
[  923.286085][T18314]  should_failslab+0xc2/0x120
[  923.286110][T18314]  __kmalloc_node_track_caller_noprof+0xe3/0x850
[  923.286148][T18314]  ? snd_timer_instance_new+0x65/0x2e0
[  923.286180][T18314]  kstrdup+0x51/0xe0
[  923.286202][T18314]  snd_timer_instance_new+0x65/0x2e0
[  923.286236][T18314]  snd_seq_timer_open+0x1d4/0x600
[  923.286293][T18314]  ? __pfx_snd_seq_timer_open+0x10/0x10
[  923.286340][T18314]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  923.286375][T18314]  ? lockdep_hardirqs_on+0x78/0x100
[  923.286412][T18314]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  923.286450][T18314]  queue_use+0xdc/0x1f0
[  923.286481][T18314]  snd_seq_queue_alloc+0x2e5/0x590
[  923.286518][T18314]  snd_seq_ioctl_create_queue+0xa9/0x370
[  923.286560][T18314]  call_seq_client_ctl+0xa3/0x130
[  923.286586][T18314]  snd_seq_kernel_client_ctl+0x77/0xd0
[  923.286613][T18314]  alloc_seq_queue+0xdb/0x180
[  923.286639][T18314]  ? __pfx_alloc_seq_queue+0x10/0x10
[  923.286680][T18314]  ? mark_held_locks+0x40/0x70
[  923.286712][T18314]  ? _raw_spin_unlock_irq+0x23/0x50
[  923.286744][T18314]  ? lockdep_hardirqs_on+0x78/0x100
[  923.286784][T18314]  snd_seq_oss_open+0x2b2/0xa10
[  923.286816][T18314]  odev_open+0x79/0xc0
[  923.286841][T18314]  ? __pfx_odev_open+0x10/0x10
[  923.286864][T18314]  soundcore_open+0x2e3/0x5a0
[  923.286892][T18314]  ? __pfx_soundcore_open+0x10/0x10
[  923.286918][T18314]  chrdev_open+0x234/0x6a0
[  923.286943][T18314]  ? __pfx_apparmor_file_open+0x10/0x10
[  923.286968][T18314]  ? __pfx_chrdev_open+0x10/0x10
[  923.286998][T18314]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  923.287033][T18314]  do_dentry_open+0x6d8/0x1660
[  923.287058][T18314]  ? __pfx_chrdev_open+0x10/0x10
[  923.287091][T18314]  vfs_open+0x82/0x3f0
[  923.287126][T18314]  path_openat+0x208c/0x31a0
[  923.287162][T18314]  ? __pfx_path_openat+0x10/0x10
[  923.287198][T18314]  do_file_open+0x20e/0x430
[  923.287232][T18314]  ? __pfx_do_file_open+0x10/0x10
[  923.287279][T18314]  ? alloc_fd+0x476/0x790
[  923.287307][T18314]  ? do_getname+0x191/0x390
[  923.287342][T18314]  do_sys_openat2+0x10d/0x1e0
[  923.287376][T18314]  ? __pfx_do_sys_openat2+0x10/0x10
[  923.287411][T18314]  ? __fget_files+0x21f/0x3d0
[  923.287441][T18314]  __x64_sys_openat+0x12d/0x210
[  923.287475][T18314]  ? __pfx___x64_sys_openat+0x10/0x10
[  923.287520][T18314]  do_syscall_64+0x106/0xf80
[  923.287555][T18314]  ? clear_bhb_loop+0x40/0x90
[  923.287585][T18314]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  923.287609][T18314] RIP: 0033:0x7f66f0d9c799
[  923.287629][T18314] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  923.287652][T18314] RSP: 002b:00007f66f1bca028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  923.287674][T18314] RAX: ffffffffffffffda RBX: 00007f66f1015fa0 RCX: 00007f66f0d9c799
[  923.287691][T18314] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  923.287707][T18314] RBP: 00007f66f0e32c99 R08: 0000000000000000 R09: 0000000000000000
[  923.287722][T18314] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  923.287736][T18314] R13: 00007f66f1016038 R14: 00007f66f1015fa0 R15: 00007ffd9b468a88
[  923.287766][T18314]  </TASK>
[  923.874529][T18324] sysfs_service_op_store: Client not running :-5:
[  923.916375][T18320] FAULT_INJECTION: forcing a failure.
[  923.916375][T18320] name failslab, interval 1, probability 0, space 0, times 0
[  923.929304][T18320] CPU: 0 UID: 0 PID: 18320 Comm: syz.4.2768 Tainted: G     U  W    L XTNJ syzkaller #0 PREEMPT(full) 
[  923.929354][T18320] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL
[  923.929367][T18320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  923.929380][T18320] Call Trace:
[  923.929388][T18320]  <TASK>
[  923.929396][T18320]  dump_stack_lvl+0x100/0x190
[  923.929435][T18320]  should_fail_ex.cold+0x5/0xa
[  923.929462][T18320]  should_failslab+0xc2/0x120
[  923.929487][T18320]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  923.929522][T18320]  ? do_getname+0x35/0x390
[  923.929557][T18320]  do_getname+0x35/0x390
[  923.929588][T18320]  do_sys_openat2+0xc5/0x1e0
[  923.929620][T18320]  ? __pfx_do_sys_openat2+0x10/0x10
[  923.929660][T18320]  __x64_sys_openat+0x12d/0x210
[  923.929692][T18320]  ? __pfx___x64_sys_openat+0x10/0x10
[  923.929734][T18320]  do_syscall_64+0x106/0xf80
[  923.929768][T18320]  ? clear_bhb_loop+0x40/0x90
[  923.929795][T18320]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  923.929818][T18320] RIP: 0033:0x7fbfd339c799
[  923.929836][T18320] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  923.929859][T18320] RSP: 002b:00007fbfd41b7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  923.929879][T18320] RAX: ffffffffffffffda RBX: 00007fbfd3615fa0 RCX: 00007fbfd339c799
[  923.929894][T18320] RDX: 0000000000182b02 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  923.929908][T18320] RBP: 00007fbfd3432c99 R08: 0000000000000000 R09: 0000000000000000
[  923.929922][T18320] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  923.929936][T18320] R13: 00007fbfd3616038 R14: 00007fbfd3615fa0 R15: 00007ffdcd739208
[  923.929971][T18320]  </TASK>
[  925.750347][T18362] FAULT_INJECTION: forcing a failure.
[  925.750347][T18362] name failslab, interval 1, probability 0, space 0, times 0
[  925.807129][T18362] CPU: 0 UID: 0 PID: 18362 Comm: syz.4.2778 Tainted: G     U  W    L XTNJ syzkaller #0 PREEMPT(full) 
[  925.807181][T18362] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL
[  925.807195][T18362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  925.807209][T18362] Call Trace:
[  925.807218][T18362]  <TASK>
[  925.807227][T18362]  dump_stack_lvl+0x100/0x190
[  925.807268][T18362]  should_fail_ex.cold+0x5/0xa
[  925.807297][T18362]  should_failslab+0xc2/0x120
[  925.807324][T18362]  __kmalloc_cache_noprof+0x7a/0x6f0
[  925.807357][T18362]  ? nfc_genl_rcv_nl_event+0xc1/0x300
[  925.807389][T18362]  nfc_genl_rcv_nl_event+0xc1/0x300
[  925.807415][T18362]  notifier_call_chain+0x99/0x420
[  925.807454][T18362]  blocking_notifier_call_chain+0x69/0xa0
[  925.807491][T18362]  netlink_release+0x166a/0x1ff0
[  925.807536][T18362]  ? netlink_release+0x1d8/0x1ff0
[  925.807578][T18362]  ? __pfx_netlink_release+0x10/0x10
[  925.807619][T18362]  ? __pfx_locks_remove_file+0x10/0x10
[  925.807651][T18362]  __sock_release+0xb3/0x260
[  925.807689][T18362]  ? __pfx_sock_close+0x10/0x10
[  925.807726][T18362]  sock_close+0x1c/0x30
[  925.807762][T18362]  __fput+0x3ff/0xb40
[  925.807794][T18362]  ? _raw_spin_unlock_irq+0x23/0x50
[  925.807830][T18362]  task_work_run+0x150/0x240
[  925.807875][T18362]  ? __pfx_task_work_run+0x10/0x10
[  925.807920][T18362]  exit_to_user_mode_loop+0x100/0x4a0
[  925.807957][T18362]  do_syscall_64+0x668/0xf80
[  925.807994][T18362]  ? clear_bhb_loop+0x40/0x90
[  925.808023][T18362]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  925.808048][T18362] RIP: 0033:0x7fbfd339c799
[  925.808067][T18362] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  925.808091][T18362] RSP: 002b:00007fbfd41b7028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  925.808114][T18362] RAX: 0000000000000000 RBX: 00007fbfd3615fa0 RCX: 00007fbfd339c799
[  925.808129][T18362] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[  925.808144][T18362] RBP: 00007fbfd3432c99 R08: 0000000000000000 R09: 0000000000000000
[  925.808162][T18362] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  925.808176][T18362] R13: 00007fbfd3616038 R14: 00007fbfd3615fa0 R15: 00007ffdcd739208
[  925.808207][T18362]  </TASK>
[  926.396546][T18370] binder: 18369:18370 ioctl c0306201 200000000140 returned -14
[  926.438676][T18370] FAULT_INJECTION: forcing a failure.
[  926.438676][T18370] name failslab, interval 1, probability 0, space 0, times 0
[  926.479309][T18370] CPU: 0 UID: 0 PID: 18370 Comm: syz.4.2782 Tainted: G     U  W    L XTNJ syzkaller #0 PREEMPT(full) 
[  926.479362][T18370] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL
[  926.479376][T18370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  926.479391][T18370] Call Trace:
[  926.479400][T18370]  <TASK>
[  926.479409][T18370]  dump_stack_lvl+0x100/0x190
[  926.479452][T18370]  should_fail_ex.cold+0x5/0xa
[  926.479481][T18370]  should_failslab+0xc2/0x120
[  926.479508][T18370]  __kmalloc_node_track_caller_noprof+0xe3/0x850
[  926.479550][T18370]  ? snd_timer_instance_new+0x65/0x2e0
[  926.479586][T18370]  kstrdup+0x51/0xe0
[  926.479609][T18370]  snd_timer_instance_new+0x65/0x2e0
[  926.479640][T18370]  snd_seq_timer_open+0x1d4/0x600
[  926.479680][T18370]  ? __pfx_snd_seq_timer_open+0x10/0x10
[  926.479727][T18370]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  926.479762][T18370]  ? lockdep_hardirqs_on+0x78/0x100
[  926.479798][T18370]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  926.479845][T18370]  queue_use+0xdc/0x1f0
[  926.479876][T18370]  snd_seq_queue_alloc+0x2e5/0x590
[  926.479913][T18370]  snd_seq_ioctl_create_queue+0xa9/0x370
[  926.479957][T18370]  call_seq_client_ctl+0xa3/0x130
[  926.480002][T18370]  snd_seq_kernel_client_ctl+0x77/0xd0
[  926.480030][T18370]  alloc_seq_queue+0xdb/0x180
[  926.480057][T18370]  ? __pfx_alloc_seq_queue+0x10/0x10
[  926.480100][T18370]  ? mark_held_locks+0x40/0x70
[  926.480133][T18370]  ? _raw_spin_unlock_irq+0x23/0x50
[  926.480166][T18370]  ? lockdep_hardirqs_on+0x78/0x100
[  926.480207][T18370]  snd_seq_oss_open+0x2b2/0xa10
[  926.480240][T18370]  odev_open+0x79/0xc0
[  926.480263][T18370]  ? __pfx_odev_open+0x10/0x10
[  926.480287][T18370]  soundcore_open+0x2e3/0x5a0
[  926.480316][T18370]  ? __pfx_soundcore_open+0x10/0x10
[  926.480342][T18370]  chrdev_open+0x234/0x6a0
[  926.480368][T18370]  ? __pfx_apparmor_file_open+0x10/0x10
[  926.480394][T18370]  ? __pfx_chrdev_open+0x10/0x10
[  926.480423][T18370]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  926.480457][T18370]  do_dentry_open+0x6d8/0x1660
[  926.480483][T18370]  ? __pfx_chrdev_open+0x10/0x10
[  926.480517][T18370]  vfs_open+0x82/0x3f0
[  926.480553][T18370]  path_openat+0x208c/0x31a0
[  926.480589][T18370]  ? __pfx_path_openat+0x10/0x10
[  926.480627][T18370]  do_file_open+0x20e/0x430
[  926.480656][T18370]  ? __pfx_do_file_open+0x10/0x10
[  926.480704][T18370]  ? alloc_fd+0x476/0x790
[  926.480733][T18370]  ? do_getname+0x191/0x390
[  926.480768][T18370]  do_sys_openat2+0x10d/0x1e0
[  926.480808][T18370]  ? __pfx_do_sys_openat2+0x10/0x10
[  926.480846][T18370]  ? __fget_files+0x21f/0x3d0
[  926.480878][T18370]  __x64_sys_openat+0x12d/0x210
[  926.480915][T18370]  ? __pfx___x64_sys_openat+0x10/0x10
[  926.480961][T18370]  do_syscall_64+0x106/0xf80
[  926.480999][T18370]  ? clear_bhb_loop+0x40/0x90
[  926.481029][T18370]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  926.481067][T18370] RIP: 0033:0x7fbfd339c799
[  926.481087][T18370] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  926.481110][T18370] RSP: 002b:00007fbfd41b7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  926.481132][T18370] RAX: ffffffffffffffda RBX: 00007fbfd3615fa0 RCX: 00007fbfd339c799
[  926.481149][T18370] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  926.481183][T18370] RBP: 00007fbfd3432c99 R08: 0000000000000000 R09: 0000000000000000
[  926.481198][T18370] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  926.481213][T18370] R13: 00007fbfd3616038 R14: 00007fbfd3615fa0 R15: 00007ffdcd739208
[  926.481259][T18370]  </TASK>
[  927.019530][T18377] FAULT_INJECTION: forcing a failure.
[  927.019530][T18377] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  927.033092][T18377] CPU: 0 UID: 0 PID: 18377 Comm: syz.4.2784 Tainted: G     U  W    L XTNJ syzkaller #0 PREEMPT(full) 
[  927.033142][T18377] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL
[  927.033156][T18377] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  927.033171][T18377] Call Trace:
[  927.033179][T18377]  <TASK>
[  927.033188][T18377]  dump_stack_lvl+0x100/0x190
[  927.033229][T18377]  should_fail_ex.cold+0x5/0xa
[  927.033254][T18377]  ? prepare_alloc_pages+0x16d/0x5f0
[  927.033285][T18377]  should_fail_alloc_page+0xeb/0x140
[  927.033313][T18377]  prepare_alloc_pages+0x1f0/0x5f0
[  927.033347][T18377]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  927.033402][T18377]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  927.033462][T18377]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  927.033489][T18377]  ? policy_nodemask+0xed/0x4f0
[  927.033518][T18377]  alloc_pages_mpol+0x1fb/0x550
[  927.033546][T18377]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  927.033580][T18377]  alloc_pages_noprof+0x131/0x390
[  927.033609][T18377]  pte_alloc_one+0x1c/0x3d0
[  927.033643][T18377]  do_huge_pmd_anonymous_page+0x7fc/0x1c40
[  927.033688][T18377]  __handle_mm_fault+0x1e9e/0x2b60
[  927.033727][T18377]  ? mt_find+0x45e/0x8e0
[  927.033751][T18377]  ? __pfx___handle_mm_fault+0x10/0x10
[  927.033784][T18377]  ? __pfx_mt_find+0x10/0x10
[  927.033828][T18377]  handle_mm_fault+0x36d/0xa20
[  927.033867][T18377]  __get_user_pages+0xf9c/0x34d0
[  927.033903][T18377]  ? down_read_killable+0x30e/0x4c0
[  927.033928][T18377]  ? __lock_acquire+0x4a5/0x2630
[  927.033980][T18377]  ? __pfx___get_user_pages+0x10/0x10
[  927.034008][T18377]  ? __lock_acquire+0x4a5/0x2630
[  927.034048][T18377]  __gup_longterm_locked+0x87d/0x16f0
[  927.034089][T18377]  ? __pfx___gup_longterm_locked+0x10/0x10
[  927.034122][T18377]  ? try_get_folio+0x262/0x750
[  927.034146][T18377]  ? pmd_write+0xd3/0x150
[  927.034171][T18377]  ? sanity_check_pinned_pages+0x5f6/0x1250
[  927.034205][T18377]  gup_fast_fallback+0x18c6/0x2460
[  927.034255][T18377]  ? __pfx_gup_fast_fallback+0x10/0x10
[  927.034285][T18377]  ? kasan_save_stack+0x30/0x50
[  927.034307][T18377]  ? kasan_save_track+0x14/0x30
[  927.034328][T18377]  ? __kasan_slab_alloc+0x89/0x90
[  927.034351][T18377]  ? mempool_alloc_noprof+0x1b7/0x310
[  927.034378][T18377]  ? bvec_alloc+0x197/0x210
[  927.034402][T18377]  ? bio_alloc_bioset+0x59e/0x850
[  927.034428][T18377]  ? blkdev_direct_IO+0xeae/0x1fb0
[  927.034463][T18377]  ? blkdev_write_iter+0x703/0xd70
[  927.034498][T18377]  ? vfs_write+0x6ac/0x1070
[  927.034520][T18377]  ? ksys_write+0x12a/0x250
[  927.034541][T18377]  ? do_syscall_64+0x106/0xf80
[  927.034578][T18377]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  927.034608][T18377]  pin_user_pages_fast+0xa7/0xf0
[  927.034644][T18377]  ? __pfx_pin_user_pages_fast+0x10/0x10
[  927.034677][T18377]  ? iov_iter_advance+0xac/0x6d0
[  927.034711][T18377]  iov_iter_extract_pages+0xa0d/0x1ef0
[  927.034753][T18377]  ? __pfx_iov_iter_extract_pages+0x10/0x10
[  927.034791][T18377]  ? iov_iter_revert+0x252/0x5b0
[  927.034818][T18377]  ? bio_associate_blkg_from_css+0x394/0x13f0
[  927.034858][T18377]  iov_iter_extract_bvecs+0x10e/0xf40
[  927.034901][T18377]  ? __pfx_iov_iter_extract_bvecs+0x10/0x10
[  927.034935][T18377]  ? bio_init+0x404/0x610
[  927.034978][T18377]  bio_iov_iter_get_pages+0x26a/0x970
[  927.035016][T18377]  blkdev_direct_IO+0x1302/0x1fb0
[  927.035067][T18377]  ? __pfx_blkdev_direct_IO+0x10/0x10
[  927.035118][T18377]  blkdev_write_iter+0x703/0xd70
[  927.035162][T18377]  vfs_write+0x6ac/0x1070
[  927.035186][T18377]  ? __pfx_blkdev_write_iter+0x10/0x10
[  927.035226][T18377]  ? __pfx_vfs_write+0x10/0x10
[  927.035260][T18377]  ? find_held_lock+0x2b/0x80
[  927.035301][T18377]  ksys_write+0x12a/0x250
[  927.035324][T18377]  ? __pfx_ksys_write+0x10/0x10
[  927.035356][T18377]  do_syscall_64+0x106/0xf80
[  927.035391][T18377]  ? clear_bhb_loop+0x40/0x90
[  927.035420][T18377]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  927.035445][T18377] RIP: 0033:0x7fbfd339c799
[  927.035465][T18377] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  927.035489][T18377] RSP: 002b:00007fbfd4196028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  927.035510][T18377] RAX: ffffffffffffffda RBX: 00007fbfd3616090 RCX: 00007fbfd339c799
[  927.035527][T18377] RDX: 000000100000a3d9 RSI: 00002000000000c0 RDI: 0000000000000005
[  927.035543][T18377] RBP: 00007fbfd3432c99 R08: 0000000000000000 R09: 0000000000000000
[  927.035558][T18377] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  927.035573][T18377] R13: 00007fbfd3616128 R14: 00007fbfd3616090 R15: 00007ffdcd739208
[  927.035604][T18377]  </TASK>
[  929.778143][T18426] delete_channel: no stack
[  930.074546][T18430] FAULT_INJECTION: forcing a failure.
[  930.074546][T18430] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  930.295245][T18430] CPU: 0 UID: 0 PID: 18430 Comm: syz.4.2794 Tainted: G     U  W    L XTNJ syzkaller #0 PREEMPT(full) 
[  930.295299][T18430] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL
[  930.295314][T18430] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  930.295330][T18430] Call Trace:
[  930.295338][T18430]  <TASK>
[  930.295347][T18430]  dump_stack_lvl+0x100/0x190
[  930.295435][T18430]  should_fail_ex.cold+0x5/0xa
[  930.295460][T18430]  ? prepare_alloc_pages+0x16d/0x5f0
[  930.295506][T18430]  should_fail_alloc_page+0xeb/0x140
[  930.295534][T18430]  prepare_alloc_pages+0x1f0/0x5f0
[  930.295568][T18430]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  930.295610][T18430]  ? lock_acquire+0x1cf/0x380
[  930.295648][T18430]  ? lock_acquire+0x1cf/0x380
[  930.295679][T18430]  ? find_held_lock+0x2b/0x80
[  930.295722][T18430]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  930.295761][T18430]  ? is_bpf_text_address+0x8a/0x1a0
[  930.295803][T18430]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  930.295831][T18430]  ? is_bpf_text_address+0x94/0x1a0
[  930.295874][T18430]  ? __lock_acquire+0x4a5/0x2630
[  930.295910][T18430]  ? __lock_acquire+0x4a5/0x2630
[  930.295942][T18430]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  930.295969][T18430]  ? policy_nodemask+0xed/0x4f0
[  930.295998][T18430]  alloc_pages_mpol+0x1fb/0x550
[  930.296026][T18430]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  930.296062][T18430]  alloc_pages_noprof+0x131/0x390
[  930.296091][T18430]  pte_alloc_one+0x1c/0x3d0
[  930.296119][T18430]  do_huge_pmd_anonymous_page+0x7fc/0x1c40
[  930.296179][T18430]  __handle_mm_fault+0x1e9e/0x2b60
[  930.296218][T18430]  ? mt_find+0x45e/0x8e0
[  930.296242][T18430]  ? __pfx___handle_mm_fault+0x10/0x10
[  930.296275][T18430]  ? __pfx_mt_find+0x10/0x10
[  930.296319][T18430]  handle_mm_fault+0x36d/0xa20
[  930.296359][T18430]  __get_user_pages+0xf9c/0x34d0
[  930.296395][T18430]  ? down_read_killable+0x30e/0x4c0
[  930.296426][T18430]  ? __lock_acquire+0x4a5/0x2630
[  930.296458][T18430]  ? __pfx___get_user_pages+0x10/0x10
[  930.296485][T18430]  ? __lock_acquire+0x4a5/0x2630
[  930.296523][T18430]  __gup_longterm_locked+0x87d/0x16f0
[  930.296561][T18430]  ? __pfx___gup_longterm_locked+0x10/0x10
[  930.296593][T18430]  ? try_get_folio+0x262/0x750
[  930.296616][T18430]  ? pmd_write+0xd3/0x150
[  930.296639][T18430]  ? sanity_check_pinned_pages+0x5f6/0x1250
[  930.296672][T18430]  gup_fast_fallback+0x18c6/0x2460
[  930.296721][T18430]  ? __pfx_gup_fast_fallback+0x10/0x10
[  930.296749][T18430]  ? kasan_save_stack+0x30/0x50
[  930.296770][T18430]  ? kasan_save_track+0x14/0x30
[  930.296790][T18430]  ? __kasan_slab_alloc+0x89/0x90
[  930.296813][T18430]  ? mempool_alloc_noprof+0x1b7/0x310
[  930.296839][T18430]  ? bvec_alloc+0x197/0x210
[  930.296875][T18430]  ? bio_alloc_bioset+0x59e/0x850
[  930.296898][T18430]  ? blkdev_direct_IO+0xeae/0x1fb0
[  930.296929][T18430]  ? blkdev_write_iter+0x703/0xd70
[  930.296961][T18430]  ? vfs_write+0x6ac/0x1070
[  930.296980][T18430]  ? ksys_write+0x12a/0x250
[  930.296999][T18430]  ? do_syscall_64+0x106/0xf80
[  930.297032][T18430]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  930.297059][T18430]  pin_user_pages_fast+0xa7/0xf0
[  930.297086][T18430]  ? __pfx_pin_user_pages_fast+0x10/0x10
[  930.297117][T18430]  ? iov_iter_advance+0xac/0x6d0
[  930.297148][T18430]  iov_iter_extract_pages+0xa0d/0x1ef0
[  930.297185][T18430]  ? __pfx_iov_iter_extract_pages+0x10/0x10
[  930.297219][T18430]  ? iov_iter_revert+0x252/0x5b0
[  930.297243][T18430]  ? bio_associate_blkg_from_css+0x394/0x13f0
[  930.297280][T18430]  iov_iter_extract_bvecs+0x10e/0xf40
[  930.297318][T18430]  ? __pfx_iov_iter_extract_bvecs+0x10/0x10
[  930.297368][T18430]  ? bio_init+0x404/0x610
[  930.297430][T18430]  bio_iov_iter_get_pages+0x26a/0x970
[  930.297468][T18430]  blkdev_direct_IO+0x1302/0x1fb0
[  930.297518][T18430]  ? __pfx_blkdev_direct_IO+0x10/0x10
[  930.297568][T18430]  blkdev_write_iter+0x703/0xd70
[  930.297611][T18430]  vfs_write+0x6ac/0x1070
[  930.297634][T18430]  ? __pfx_blkdev_write_iter+0x10/0x10
[  930.297673][T18430]  ? __pfx_vfs_write+0x10/0x10
[  930.297694][T18430]  ? find_held_lock+0x2b/0x80
[  930.297735][T18430]  ksys_write+0x12a/0x250
[  930.297758][T18430]  ? __pfx_ksys_write+0x10/0x10
[  930.297790][T18430]  do_syscall_64+0x106/0xf80
[  930.297825][T18430]  ? clear_bhb_loop+0x40/0x90
[  930.297855][T18430]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  930.297880][T18430] RIP: 0033:0x7fbfd339c799
[  930.297900][T18430] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  930.297924][T18430] RSP: 002b:00007fbfd11f4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  930.297947][T18430] RAX: ffffffffffffffda RBX: 00007fbfd3616270 RCX: 00007fbfd339c799
[  930.297963][T18430] RDX: 000000100000a3d9 RSI: 00002000000000c0 RDI: 0000000000000007
[  930.297979][T18430] RBP: 00007fbfd3432c99 R08: 0000000000000000 R09: 0000000000000000
[  930.297993][T18430] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  930.298007][T18430] R13: 00007fbfd3616308 R14: 00007fbfd3616270 R15: 00007ffdcd739208
[  930.298037][T18430]  </TASK>
[  931.372608][T18439] FAULT_INJECTION: forcing a failure.
[  931.372608][T18439] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  931.455927][T18439] CPU: 0 UID: 0 PID: 18439 Comm: syz.5.2796 Tainted: G     U  W    L XTNJ syzkaller #0 PREEMPT(full) 
[  931.455984][T18439] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL
[  931.455999][T18439] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  931.456014][T18439] Call Trace:
[  931.456023][T18439]  <TASK>
[  931.456033][T18439]  dump_stack_lvl+0x100/0x190
[  931.456075][T18439]  should_fail_ex.cold+0x5/0xa
[  931.456101][T18439]  ? prepare_alloc_pages+0x16d/0x5f0
[  931.456134][T18439]  should_fail_alloc_page+0xeb/0x140
[  931.456164][T18439]  prepare_alloc_pages+0x1f0/0x5f0
[  931.456199][T18439]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  931.456245][T18439]  ? __lock_acquire+0x4a5/0x2630
[  931.456283][T18439]  ? __lock_acquire+0x4a5/0x2630
[  931.456319][T18439]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  931.456361][T18439]  ? __lock_acquire+0x4a5/0x2630
[  931.456409][T18439]  ? find_held_lock+0x2b/0x80
[  931.456433][T18439]  ? is_bpf_text_address+0x8a/0x1a0
[  931.456473][T18439]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  931.456501][T18439]  ? policy_nodemask+0xed/0x4f0
[  931.456539][T18439]  alloc_pages_mpol+0x1fb/0x550
[  931.456569][T18439]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  931.456599][T18439]  ? arch_stack_walk+0xa6/0xf0
[  931.456631][T18439]  folio_alloc_mpol_noprof+0x36/0x340
[  931.456665][T18439]  shmem_alloc_folio+0x135/0x160
[  931.456699][T18439]  shmem_alloc_and_add_folio+0x371/0xd40
[  931.456746][T18439]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  931.456788][T18439]  ? shmem_allowable_huge_orders+0x2bd/0x400
[  931.456835][T18439]  shmem_get_folio_gfp+0x6ab/0x1900
[  931.456881][T18439]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  931.456923][T18439]  ? filemap_map_pages+0xe69/0x2020
[  931.456967][T18439]  shmem_fault+0x1f9/0xa20
[  931.457005][T18439]  ? __lock_acquire+0x4a5/0x2630
[  931.457050][T18439]  ? __pfx_shmem_fault+0x10/0x10
[  931.457091][T18439]  ? rcu_is_watching+0x12/0xc0
[  931.457129][T18439]  ? __pfx_filemap_map_pages+0x10/0x10
[  931.457174][T18439]  __do_fault+0x10d/0x550
[  931.457201][T18439]  do_fault+0xabb/0x1990
[  931.457246][T18439]  ? __pmd_alloc+0x3fb/0x950
[  931.457278][T18439]  __handle_mm_fault+0x180f/0x2b60
[  931.457322][T18439]  ? mt_find+0x45e/0x8e0
[  931.457345][T18439]  ? __pfx___handle_mm_fault+0x10/0x10
[  931.457384][T18439]  ? __pfx_mt_find+0x10/0x10
[  931.457440][T18439]  ? find_vma+0xbf/0x140
[  931.457464][T18439]  ? __pfx_find_vma+0x10/0x10
[  931.457492][T18439]  handle_mm_fault+0x36d/0xa20
[  931.457542][T18439]  do_user_addr_fault+0x74c/0x12f0
[  931.457578][T18439]  exc_page_fault+0x6f/0xd0
[  931.457617][T18439]  asm_exc_page_fault+0x26/0x30
[  931.457642][T18439] RIP: 0010:rep_movs_alternative+0x30/0x90
[  931.457673][T18439] Code: 83 f9 08 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 fd 93 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08
[  931.457698][T18439] RSP: 0018:ffffc90004bafe38 EFLAGS: 00050202
[  931.457718][T18439] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 000000000000000c
[  931.457734][T18439] RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffffc90004bafe90
[  931.457749][T18439] RBP: 000000000000000c R08: 0000000000000001 R09: fffff52000975fd3
[  931.457765][T18439] R10: 0000000000000003 R11: 0000000000000000 R12: 0000000000000000
[  931.457780][T18439] R13: ffffc90004bafe90 R14: 0000000000000001 R15: 0000000000000005
[  931.457809][T18439]  _copy_from_user+0x98/0xd0
[  931.457842][T18439]  __x64_sys_epoll_ctl+0x131/0x1e0
[  931.457872][T18439]  ? __pfx___x64_sys_epoll_ctl+0x10/0x10
[  931.457910][T18439]  do_syscall_64+0x106/0xf80
[  931.457947][T18439]  ? clear_bhb_loop+0x40/0x90
[  931.457977][T18439]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  931.458002][T18439] RIP: 0033:0x7f5ff199c799
[  931.458021][T18439] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  931.458045][T18439] RSP: 002b:00007f5ff28f2028 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[  931.458066][T18439] RAX: ffffffffffffffda RBX: 00007f5ff1c15fa0 RCX: 00007f5ff199c799
[  931.458083][T18439] RDX: 0000000000000004 RSI: 0000000000000001 RDI: 0000000000000005
[  931.458098][T18439] RBP: 00007f5ff1a32c99 R08: 0000000000000000 R09: 0000000000000000
[  931.458113][T18439] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  931.458127][T18439] R13: 00007f5ff1c16038 R14: 00007f5ff1c15fa0 R15: 00007ffc3aa042d8
[  931.458158][T18439]  </TASK>
[  932.000410][T18442] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2797'.
[  932.040324][T18445] binder: 18444:18445 ioctl c0306201 200000000140 returned -14
[  932.052945][T18445] FAULT_INJECTION: forcing a failure.
[  932.052945][T18445] name failslab, interval 1, probability 0, space 0, times 0
[  932.068100][T18445] CPU: 0 UID: 0 PID: 18445 Comm: syz.5.2798 Tainted: G     U  W    L XTNJ syzkaller #0 PREEMPT(full) 
[  932.068147][T18445] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL
[  932.068161][T18445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  932.068175][T18445] Call Trace:
[  932.068183][T18445]  <TASK>
[  932.068191][T18445]  dump_stack_lvl+0x100/0x190
[  932.068236][T18445]  should_fail_ex.cold+0x5/0xa
[  932.068264][T18445]  should_failslab+0xc2/0x120
[  932.068289][T18445]  __kmalloc_cache_noprof+0x7a/0x6f0
[  932.068321][T18445]  ? snd_timer_instance_new+0x47/0x2e0
[  932.068355][T18445]  snd_timer_instance_new+0x47/0x2e0
[  932.068383][T18445]  snd_seq_timer_open+0x1d4/0x600
[  932.068421][T18445]  ? __pfx_snd_seq_timer_open+0x10/0x10
[  932.068465][T18445]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  932.068498][T18445]  ? lockdep_hardirqs_on+0x78/0x100
[  932.068533][T18445]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  932.068568][T18445]  queue_use+0xdc/0x1f0
[  932.068597][T18445]  snd_seq_queue_alloc+0x2e5/0x590
[  932.068632][T18445]  snd_seq_ioctl_create_queue+0xa9/0x370
[  932.068672][T18445]  call_seq_client_ctl+0xa3/0x130
[  932.068696][T18445]  snd_seq_kernel_client_ctl+0x77/0xd0
[  932.068721][T18445]  alloc_seq_queue+0xdb/0x180
[  932.068745][T18445]  ? __pfx_alloc_seq_queue+0x10/0x10
[  932.068784][T18445]  ? mark_held_locks+0x40/0x70
[  932.068814][T18445]  ? _raw_spin_unlock_irq+0x23/0x50
[  932.068845][T18445]  ? lockdep_hardirqs_on+0x78/0x100
[  932.068882][T18445]  snd_seq_oss_open+0x2b2/0xa10
[  932.068913][T18445]  odev_open+0x79/0xc0
[  932.068933][T18445]  ? __pfx_odev_open+0x10/0x10
[  932.068955][T18445]  soundcore_open+0x2e3/0x5a0
[  932.068987][T18445]  ? __pfx_soundcore_open+0x10/0x10
[  932.069012][T18445]  chrdev_open+0x234/0x6a0
[  932.069036][T18445]  ? __pfx_apparmor_file_open+0x10/0x10
[  932.069061][T18445]  ? __pfx_chrdev_open+0x10/0x10
[  932.069087][T18445]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  932.069118][T18445]  do_dentry_open+0x6d8/0x1660
[  932.069141][T18445]  ? __pfx_chrdev_open+0x10/0x10
[  932.069172][T18445]  vfs_open+0x82/0x3f0
[  932.069204][T18445]  path_openat+0x208c/0x31a0
[  932.069242][T18445]  ? __pfx_path_openat+0x10/0x10
[  932.069277][T18445]  do_file_open+0x20e/0x430
[  932.069304][T18445]  ? __pfx_do_file_open+0x10/0x10
[  932.069348][T18445]  ? alloc_fd+0x476/0x790
[  932.069374][T18445]  ? do_getname+0x191/0x390
[  932.069407][T18445]  do_sys_openat2+0x10d/0x1e0
[  932.069438][T18445]  ? __pfx_do_sys_openat2+0x10/0x10
[  932.069471][T18445]  ? __fget_files+0x21f/0x3d0
[  932.069499][T18445]  __x64_sys_openat+0x12d/0x210
[  932.069532][T18445]  ? __pfx___x64_sys_openat+0x10/0x10
[  932.069574][T18445]  do_syscall_64+0x106/0xf80
[  932.069608][T18445]  ? clear_bhb_loop+0x40/0x90
[  932.069635][T18445]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  932.069659][T18445] RIP: 0033:0x7f5ff199c799
[  932.069677][T18445] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  932.069700][T18445] RSP: 002b:00007f5ff28f2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  932.069721][T18445] RAX: ffffffffffffffda RBX: 00007f5ff1c15fa0 RCX: 00007f5ff199c799
[  932.069736][T18445] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  932.069750][T18445] RBP: 00007f5ff1a32c99 R08: 0000000000000000 R09: 0000000000000000
[  932.069764][T18445] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  932.069778][T18445] R13: 00007f5ff1c16038 R14: 00007f5ff1c15fa0 R15: 00007ffc3aa042d8
[  932.069807][T18445]  </TASK>
[  932.494843][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  932.501265][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  932.869575][T18452] FAULT_INJECTION: forcing a failure.
[  932.869575][T18452] name failslab, interval 1, probability 0, space 0, times 0
[  932.882683][T18452] CPU: 0 UID: 0 PID: 18452 Comm: syz.2.2801 Tainted: G     U  W    L XTNJ syzkaller #0 PREEMPT(full) 
[  932.882733][T18452] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL
[  932.882747][T18452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  932.882761][T18452] Call Trace:
[  932.882768][T18452]  <TASK>
[  932.882777][T18452]  dump_stack_lvl+0x100/0x190
[  932.882819][T18452]  should_fail_ex.cold+0x5/0xa
[  932.882848][T18452]  should_failslab+0xc2/0x120
[  932.882874][T18452]  __kmalloc_node_track_caller_noprof+0xe3/0x850
[  932.882916][T18452]  ? kvasprintf_const+0x66/0x1a0
[  932.882953][T18452]  kvasprintf+0xbc/0x150
[  932.882983][T18452]  ? __pfx_kvasprintf+0x10/0x10
[  932.883016][T18452]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  932.883051][T18452]  ? __debug_object_init+0x2de/0x3d0
[  932.883080][T18452]  kvasprintf_const+0x66/0x1a0
[  932.883111][T18452]  kobject_set_name_vargs+0x5a/0x140
[  932.883139][T18452]  dev_set_name+0xc7/0x100
[  932.883174][T18452]  ? __pfx_dev_set_name+0x10/0x10
[  932.883208][T18452]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  932.883235][T18452]  ? lockdep_init_map_type+0x5c/0x250
[  932.883270][T18452]  ? __init_waitqueue_head+0xca/0x150
[  932.883314][T18452]  wakeup_source_device_create+0x204/0x2e0
[  932.883347][T18452]  wakeup_source_sysfs_add+0x1c/0x90
[  932.883377][T18452]  wakeup_source_register+0x154/0x3e0
[  932.883403][T18452]  ep_create_wakeup_source+0x1df/0x2e0
[  932.883429][T18452]  ? __pfx_ep_create_wakeup_source+0x10/0x10
[  932.883466][T18452]  ? do_epoll_ctl+0x1012/0x36a0
[  932.883497][T18452]  ? do_epoll_ctl+0x1012/0x36a0
[  932.883530][T18452]  do_epoll_ctl+0x1eee/0x36a0
[  932.883567][T18452]  ? __pfx_do_epoll_ctl+0x10/0x10
[  932.883593][T18452]  ? find_held_lock+0x2b/0x80
[  932.883616][T18452]  ? __might_fault+0xc5/0x140
[  932.883651][T18452]  ? __might_fault+0xc5/0x140
[  932.883696][T18452]  ? __x64_sys_epoll_ctl+0x15c/0x1e0
[  932.883722][T18452]  __x64_sys_epoll_ctl+0x15c/0x1e0
[  932.883749][T18452]  ? __pfx___x64_sys_epoll_ctl+0x10/0x10
[  932.883786][T18452]  do_syscall_64+0x106/0xf80
[  932.883822][T18452]  ? clear_bhb_loop+0x40/0x90
[  932.883852][T18452]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  932.883876][T18452] RIP: 0033:0x7f8e1df9c799
[  932.883896][T18452] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  932.883920][T18452] RSP: 002b:00007f8e1ee14028 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[  932.883943][T18452] RAX: ffffffffffffffda RBX: 00007f8e1e215fa0 RCX: 00007f8e1df9c799
[  932.883959][T18452] RDX: 0000000000000004 RSI: 0000000000000001 RDI: 0000000000000005
[  932.883973][T18452] RBP: 00007f8e1e032c99 R08: 0000000000000000 R09: 0000000000000000
[  932.883988][T18452] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  932.884003][T18452] R13: 00007f8e1e216038 R14: 00007f8e1e215fa0 R15: 00007ffc8a9fc588
[  932.884034][T18452]  </TASK>
[  933.595294][T18442] ipvlan0: entered promiscuous mode
[  933.617786][T18442] ipvlan0: entered allmulticast mode
[  933.655331][T18442] veth0_vlan: entered allmulticast mode
[  933.893939][T18464] futex_wake_op: syz.0.2803 tries to shift op by -2048; fix this program
[  934.014602][T18464] futex_wake_op: syz.0.2803 tries to shift op by -2048; fix this program
[  934.925391][T18488] FAULT_INJECTION: forcing a failure.
[  934.925391][T18488] name failslab, interval 1, probability 0, space 0, times 0
[  935.006520][T18491] binder: 18489:18491 ioctl c0306201 200000000140 returned -14
[  935.096462][T18491] FAULT_INJECTION: forcing a failure.
[  935.096462][T18491] name failslab, interval 1, probability 0, space 0, times 0
[  935.122667][T18488] CPU: 0 UID: 0 PID: 18488 Comm: syz.2.2806 Tainted: G     U  W    L XTNJ syzkaller #0 PREEMPT(full) 
[  935.122715][T18488] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL
[  935.122728][T18488] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  935.122742][T18488] Call Trace:
[  935.122749][T18488]  <TASK>
[  935.122758][T18488]  dump_stack_lvl+0x100/0x190
[  935.122797][T18488]  should_fail_ex.cold+0x5/0xa
[  935.122825][T18488]  should_failslab+0xc2/0x120
[  935.122850][T18488]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  935.122885][T18488]  ? ptlock_alloc+0x1f/0x70
[  935.122920][T18488]  ptlock_alloc+0x1f/0x70
[  935.122959][T18488]  pte_alloc_one+0x82/0x3d0
[  935.122987][T18488]  do_huge_pmd_anonymous_page+0x7fc/0x1c40
[  935.123030][T18488]  __handle_mm_fault+0x1e9e/0x2b60
[  935.123067][T18488]  ? mt_find+0x45e/0x8e0
[  935.123089][T18488]  ? __pfx___handle_mm_fault+0x10/0x10
[  935.123119][T18488]  ? __pfx_mt_find+0x10/0x10
[  935.123161][T18488]  handle_mm_fault+0x36d/0xa20
[  935.123198][T18488]  __get_user_pages+0xf9c/0x34d0
[  935.123233][T18488]  ? down_read_killable+0x30e/0x4c0
[  935.123257][T18488]  ? __lock_acquire+0x4a5/0x2630
[  935.123287][T18488]  ? __pfx___get_user_pages+0x10/0x10
[  935.123311][T18488]  ? __lock_acquire+0x4a5/0x2630
[  935.123347][T18488]  __gup_longterm_locked+0x87d/0x16f0
[  935.123381][T18488]  ? __pfx___gup_longterm_locked+0x10/0x10
[  935.123411][T18488]  ? try_get_folio+0x262/0x750
[  935.123433][T18488]  ? pmd_write+0xd3/0x150
[  935.123473][T18488]  ? sanity_check_pinned_pages+0x5f6/0x1250
[  935.123506][T18488]  gup_fast_fallback+0x18c6/0x2460
[  935.123555][T18488]  ? __pfx_gup_fast_fallback+0x10/0x10
[  935.123585][T18488]  ? kasan_save_stack+0x30/0x50
[  935.123605][T18488]  ? kasan_save_track+0x14/0x30
[  935.123626][T18488]  ? __kasan_slab_alloc+0x89/0x90
[  935.123649][T18488]  ? mempool_alloc_noprof+0x1b7/0x310
[  935.123675][T18488]  ? bvec_alloc+0x197/0x210
[  935.123699][T18488]  ? bio_alloc_bioset+0x59e/0x850
[  935.123724][T18488]  ? blkdev_direct_IO+0xeae/0x1fb0
[  935.123759][T18488]  ? blkdev_write_iter+0x703/0xd70
[  935.123793][T18488]  ? vfs_write+0x6ac/0x1070
[  935.123814][T18488]  ? ksys_write+0x12a/0x250
[  935.123835][T18488]  ? do_syscall_64+0x106/0xf80
[  935.123890][T18488]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  935.123921][T18488]  pin_user_pages_fast+0xa7/0xf0
[  935.123958][T18488]  ? __pfx_pin_user_pages_fast+0x10/0x10
[  935.123990][T18488]  ? iov_iter_advance+0xac/0x6d0
[  935.124024][T18488]  iov_iter_extract_pages+0xa0d/0x1ef0
[  935.124071][T18488]  ? __pfx_iov_iter_extract_pages+0x10/0x10
[  935.124109][T18488]  ? iov_iter_revert+0x252/0x5b0
[  935.124137][T18488]  ? bio_associate_blkg_from_css+0x394/0x13f0
[  935.124177][T18488]  iov_iter_extract_bvecs+0x10e/0xf40
[  935.124221][T18488]  ? __pfx_iov_iter_extract_bvecs+0x10/0x10
[  935.124256][T18488]  ? bio_init+0x404/0x610
[  935.124299][T18488]  bio_iov_iter_get_pages+0x26a/0x970
[  935.124338][T18488]  blkdev_direct_IO+0x1302/0x1fb0
[  935.124390][T18488]  ? __pfx_blkdev_direct_IO+0x10/0x10
[  935.124442][T18488]  blkdev_write_iter+0x703/0xd70
[  935.124486][T18488]  vfs_write+0x6ac/0x1070
[  935.124511][T18488]  ? __pfx_blkdev_write_iter+0x10/0x10
[  935.124551][T18488]  ? __pfx_vfs_write+0x10/0x10
[  935.124573][T18488]  ? find_held_lock+0x2b/0x80
[  935.124616][T18488]  ksys_write+0x12a/0x250
[  935.124639][T18488]  ? __pfx_ksys_write+0x10/0x10
[  935.124672][T18488]  do_syscall_64+0x106/0xf80
[  935.124709][T18488]  ? clear_bhb_loop+0x40/0x90
[  935.124739][T18488]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  935.124765][T18488] RIP: 0033:0x7f8e1df9c799
[  935.124786][T18488] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  935.124809][T18488] RSP: 002b:00007f8e1edb1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  935.124833][T18488] RAX: ffffffffffffffda RBX: 00007f8e1e216270 RCX: 00007f8e1df9c799
[  935.124850][T18488] RDX: 000000100000a3d9 RSI: 00002000000000c0 RDI: 0000000000000007
[  935.124866][T18488] RBP: 00007f8e1e032c99 R08: 0000000000000000 R09: 0000000000000000
[  935.124881][T18488] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  935.124896][T18488] R13: 00007f8e1e216308 R14: 00007f8e1e216270 R15: 00007ffc8a9fc588
[  935.124927][T18488]  </TASK>
[  935.602863][T18491] CPU: 0 UID: 0 PID: 18491 Comm: syz.0.2808 Tainted: G     U  W    L XTNJ syzkaller #0 PREEMPT(full) 
[  935.602926][T18491] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL
[  935.602941][T18491] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  935.602956][T18491] Call Trace:
[  935.602964][T18491]  <TASK>
[  935.602973][T18491]  dump_stack_lvl+0x100/0x190
[  935.603016][T18491]  should_fail_ex.cold+0x5/0xa
[  935.603047][T18491]  should_failslab+0xc2/0x120
[  935.603074][T18491]  __kmalloc_node_track_caller_noprof+0xe3/0x850
[  935.603118][T18491]  ? snd_timer_instance_new+0x65/0x2e0
[  935.603159][T18491]  kstrdup+0x51/0xe0
[  935.603187][T18491]  snd_timer_instance_new+0x65/0x2e0
[  935.603218][T18491]  snd_seq_timer_open+0x1d4/0x600
[  935.603259][T18491]  ? __pfx_snd_seq_timer_open+0x10/0x10
[  935.603307][T18491]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  935.603342][T18491]  ? lockdep_hardirqs_on+0x78/0x100
[  935.603380][T18491]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  935.603419][T18491]  queue_use+0xdc/0x1f0
[  935.603451][T18491]  snd_seq_queue_alloc+0x2e5/0x590
[  935.603489][T18491]  snd_seq_ioctl_create_queue+0xa9/0x370
[  935.603532][T18491]  call_seq_client_ctl+0xa3/0x130
[  935.603558][T18491]  snd_seq_kernel_client_ctl+0x77/0xd0
[  935.603586][T18491]  alloc_seq_queue+0xdb/0x180
[  935.603613][T18491]  ? __pfx_alloc_seq_queue+0x10/0x10
[  935.603655][T18491]  ? mark_held_locks+0x40/0x70
[  935.603687][T18491]  ? _raw_spin_unlock_irq+0x23/0x50
[  935.603734][T18491]  ? lockdep_hardirqs_on+0x78/0x100
[  935.603792][T18491]  snd_seq_oss_open+0x2b2/0xa10
[  935.603826][T18491]  odev_open+0x79/0xc0
[  935.603848][T18491]  ? __pfx_odev_open+0x10/0x10
[  935.603872][T18491]  soundcore_open+0x2e3/0x5a0
[  935.603908][T18491]  ? __pfx_soundcore_open+0x10/0x10
[  935.603935][T18491]  chrdev_open+0x234/0x6a0
[  935.603961][T18491]  ? __pfx_apparmor_file_open+0x10/0x10
[  935.603988][T18491]  ? __pfx_chrdev_open+0x10/0x10
[  935.604017][T18491]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  935.604051][T18491]  do_dentry_open+0x6d8/0x1660
[  935.604079][T18491]  ? __pfx_chrdev_open+0x10/0x10
[  935.604113][T18491]  vfs_open+0x82/0x3f0
[  935.604148][T18491]  path_openat+0x208c/0x31a0
[  935.604185][T18491]  ? __pfx_path_openat+0x10/0x10
[  935.604223][T18491]  do_file_open+0x20e/0x430
[  935.604252][T18491]  ? __pfx_do_file_open+0x10/0x10
[  935.604300][T18491]  ? alloc_fd+0x476/0x790
[  935.604328][T18491]  ? do_getname+0x191/0x390
[  935.604363][T18491]  do_sys_openat2+0x10d/0x1e0
[  935.604398][T18491]  ? __pfx_do_sys_openat2+0x10/0x10
[  935.604434][T18491]  ? __fget_files+0x21f/0x3d0
[  935.604464][T18491]  __x64_sys_openat+0x12d/0x210
[  935.604500][T18491]  ? __pfx___x64_sys_openat+0x10/0x10
[  935.604550][T18491]  do_syscall_64+0x106/0xf80
[  935.604587][T18491]  ? clear_bhb_loop+0x40/0x90
[  935.604618][T18491]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  935.604644][T18491] RIP: 0033:0x7f66f0d9c799
[  935.604664][T18491] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  935.604689][T18491] RSP: 002b:00007f66f1bca028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  935.604712][T18491] RAX: ffffffffffffffda RBX: 00007f66f1015fa0 RCX: 00007f66f0d9c799
[  935.604728][T18491] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  935.604744][T18491] RBP: 00007f66f0e32c99 R08: 0000000000000000 R09: 0000000000000000
[  935.604759][T18491] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  935.604774][T18491] R13: 00007f66f1016038 R14: 00007f66f1015fa0 R15: 00007ffd9b468a88
[  935.604806][T18491]  </TASK>
[  937.036820][T18523] FAULT_INJECTION: forcing a failure.
[  937.036820][T18523] name failslab, interval 1, probability 0, space 0, times 0
[  937.196547][T18523] CPU: 0 UID: 0 PID: 18523 Comm: syz.2.2814 Tainted: G     U  W    L XTNJ syzkaller #0 PREEMPT(full) 
[  937.196598][T18523] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL
[  937.196612][T18523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  937.196626][T18523] Call Trace:
[  937.196634][T18523]  <TASK>
[  937.196643][T18523]  dump_stack_lvl+0x100/0x190
[  937.196685][T18523]  should_fail_ex.cold+0x5/0xa
[  937.196714][T18523]  should_failslab+0xc2/0x120
[  937.196740][T18523]  __kmalloc_node_track_caller_noprof+0xe3/0x850
[  937.196793][T18523]  ? kvasprintf_const+0x66/0x1a0
[  937.196823][T18523]  ? do_raw_spin_lock+0x128/0x260
[  937.196865][T18523]  kvasprintf+0xbc/0x150
[  937.196894][T18523]  ? __pfx_kvasprintf+0x10/0x10
[  937.196939][T18523]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  937.196972][T18523]  ? __debug_object_init+0x2de/0x3d0
[  937.197021][T18523]  kvasprintf_const+0x66/0x1a0
[  937.197054][T18523]  kobject_set_name_vargs+0x5a/0x140
[  937.197082][T18523]  dev_set_name+0xc7/0x100
[  937.197117][T18523]  ? __pfx_dev_set_name+0x10/0x10
[  937.197152][T18523]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  937.197179][T18523]  ? lockdep_init_map_type+0x5c/0x250
[  937.197214][T18523]  ? __init_waitqueue_head+0xca/0x150
[  937.197258][T18523]  wakeup_source_device_create+0x204/0x2e0
[  937.197302][T18523]  wakeup_source_sysfs_add+0x1c/0x90
[  937.197330][T18523]  wakeup_source_register+0x154/0x3e0
[  937.197355][T18523]  ep_create_wakeup_source+0x1df/0x2e0
[  937.197379][T18523]  ? __pfx_ep_create_wakeup_source+0x10/0x10
[  937.197406][T18523]  ? do_epoll_ctl+0x1012/0x36a0
[  937.197430][T18523]  ? do_epoll_ctl+0x1012/0x36a0
[  937.197459][T18523]  do_epoll_ctl+0x1eee/0x36a0
[  937.197495][T18523]  ? __pfx_do_epoll_ctl+0x10/0x10
[  937.197518][T18523]  ? find_held_lock+0x2b/0x80
[  937.197539][T18523]  ? __might_fault+0xc5/0x140
[  937.197572][T18523]  ? __might_fault+0xc5/0x140
[  937.197614][T18523]  ? __x64_sys_epoll_ctl+0x15c/0x1e0
[  937.197638][T18523]  __x64_sys_epoll_ctl+0x15c/0x1e0
[  937.197664][T18523]  ? __pfx___x64_sys_epoll_ctl+0x10/0x10
[  937.197698][T18523]  do_syscall_64+0x106/0xf80
[  937.197731][T18523]  ? clear_bhb_loop+0x40/0x90
[  937.197787][T18523]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  937.197811][T18523] RIP: 0033:0x7f8e1df9c799
[  937.197830][T18523] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  937.197853][T18523] RSP: 002b:00007f8e1ee14028 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[  937.197874][T18523] RAX: ffffffffffffffda RBX: 00007f8e1e215fa0 RCX: 00007f8e1df9c799
[  937.197890][T18523] RDX: 0000000000000004 RSI: 0000000000000001 RDI: 0000000000000005
[  937.197903][T18523] RBP: 00007f8e1e032c99 R08: 0000000000000000 R09: 0000000000000000
[  937.197917][T18523] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  937.197931][T18523] R13: 00007f8e1e216038 R14: 00007f8e1e215fa0 R15: 00007ffc8a9fc588
[  937.197959][T18523]  </TASK>
[  938.182610][T18539] delete_channel: no stack
[  938.393388][ T7276] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  938.566517][ T7276] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  938.804817][ T7276] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  939.035071][T18554] FAULT_INJECTION: forcing a failure.
[  939.035071][T18554] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  939.117599][T18554] CPU: 0 UID: 0 PID: 18554 Comm: syz.0.2820 Tainted: G     U  W    L XTNJ syzkaller #0 PREEMPT(full) 
[  939.117658][T18554] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL
[  939.117673][T18554] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  939.117687][T18554] Call Trace:
[  939.117696][T18554]  <TASK>
[  939.117705][T18554]  dump_stack_lvl+0x100/0x190
[  939.117759][T18554]  should_fail_ex.cold+0x5/0xa
[  939.117783][T18554]  ? prepare_alloc_pages+0x16d/0x5f0
[  939.117813][T18554]  should_fail_alloc_page+0xeb/0x140
[  939.117842][T18554]  prepare_alloc_pages+0x1f0/0x5f0
[  939.117874][T18554]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  939.117924][T18554]  ? find_held_lock+0x2b/0x80
[  939.117947][T18554]  ? unwind_next_frame+0x3be/0x1ea0
[  939.117975][T18554]  ? unwind_next_frame+0x3be/0x1ea0
[  939.118002][T18554]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  939.118044][T18554]  ? do_file_open+0x20e/0x430
[  939.118072][T18554]  ? do_sys_openat2+0x10d/0x1e0
[  939.118103][T18554]  ? __kernel_text_address+0xd/0x30
[  939.118151][T18554]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  939.118177][T18554]  ? policy_nodemask+0xed/0x4f0
[  939.118206][T18554]  alloc_pages_mpol+0x1fb/0x550
[  939.118233][T18554]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  939.118267][T18554]  alloc_pages_noprof+0x131/0x390
[  939.118295][T18554]  pte_alloc_one+0x1c/0x3d0
[  939.118323][T18554]  do_huge_pmd_anonymous_page+0x7fc/0x1c40
[  939.118368][T18554]  __handle_mm_fault+0x1e9e/0x2b60
[  939.118406][T18554]  ? mt_find+0x45e/0x8e0
[  939.118430][T18554]  ? __pfx___handle_mm_fault+0x10/0x10
[  939.118463][T18554]  ? __pfx_mt_find+0x10/0x10
[  939.118507][T18554]  handle_mm_fault+0x36d/0xa20
[  939.118546][T18554]  __get_user_pages+0xf9c/0x34d0
[  939.118582][T18554]  ? down_read_killable+0x30e/0x4c0
[  939.118612][T18554]  ? __lock_acquire+0x4a5/0x2630
[  939.118644][T18554]  ? __pfx___get_user_pages+0x10/0x10
[  939.118671][T18554]  ? __lock_acquire+0x4a5/0x2630
[  939.118710][T18554]  __gup_longterm_locked+0x87d/0x16f0
[  939.118748][T18554]  ? __pfx___gup_longterm_locked+0x10/0x10
[  939.118780][T18554]  ? try_get_folio+0x262/0x750
[  939.118804][T18554]  ? pmd_write+0xd3/0x150
[  939.118828][T18554]  ? sanity_check_pinned_pages+0x5f6/0x1250
[  939.118861][T18554]  gup_fast_fallback+0x18c6/0x2460
[  939.118910][T18554]  ? __pfx_gup_fast_fallback+0x10/0x10
[  939.118940][T18554]  ? kasan_save_stack+0x30/0x50
[  939.118961][T18554]  ? kasan_save_track+0x14/0x30
[  939.118981][T18554]  ? __kasan_slab_alloc+0x89/0x90
[  939.119004][T18554]  ? mempool_alloc_noprof+0x1b7/0x310
[  939.119030][T18554]  ? bvec_alloc+0x197/0x210
[  939.119054][T18554]  ? bio_alloc_bioset+0x59e/0x850
[  939.119078][T18554]  ? blkdev_direct_IO+0xeae/0x1fb0
[  939.119113][T18554]  ? blkdev_write_iter+0x703/0xd70
[  939.119147][T18554]  ? vfs_write+0x6ac/0x1070
[  939.119168][T18554]  ? ksys_write+0x12a/0x250
[  939.119189][T18554]  ? do_syscall_64+0x106/0xf80
[  939.119224][T18554]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  939.119254][T18554]  pin_user_pages_fast+0xa7/0xf0
[  939.119284][T18554]  ? __pfx_pin_user_pages_fast+0x10/0x10
[  939.119316][T18554]  ? iov_iter_advance+0xac/0x6d0
[  939.119349][T18554]  iov_iter_extract_pages+0xa0d/0x1ef0
[  939.119390][T18554]  ? __pfx_iov_iter_extract_pages+0x10/0x10
[  939.119427][T18554]  ? iov_iter_revert+0x252/0x5b0
[  939.119453][T18554]  ? bio_associate_blkg_from_css+0x394/0x13f0
[  939.119493][T18554]  iov_iter_extract_bvecs+0x10e/0xf40
[  939.119534][T18554]  ? __pfx_iov_iter_extract_bvecs+0x10/0x10
[  939.119568][T18554]  ? bio_init+0x404/0x610
[  939.119614][T18554]  bio_iov_iter_get_pages+0x26a/0x970
[  939.119652][T18554]  blkdev_direct_IO+0x1302/0x1fb0
[  939.119702][T18554]  ? __pfx_blkdev_direct_IO+0x10/0x10
[  939.119752][T18554]  blkdev_write_iter+0x703/0xd70
[  939.119794][T18554]  vfs_write+0x6ac/0x1070
[  939.119818][T18554]  ? __pfx_blkdev_write_iter+0x10/0x10
[  939.119857][T18554]  ? __pfx_vfs_write+0x10/0x10
[  939.119878][T18554]  ? find_held_lock+0x2b/0x80
[  939.119919][T18554]  ksys_write+0x12a/0x250
[  939.119942][T18554]  ? __pfx_ksys_write+0x10/0x10
[  939.119974][T18554]  do_syscall_64+0x106/0xf80
[  939.120010][T18554]  ? clear_bhb_loop+0x40/0x90
[  939.120039][T18554]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  939.120063][T18554] RIP: 0033:0x7f66f0d9c799
[  939.120083][T18554] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  939.120107][T18554] RSP: 002b:00007f66f1bca028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  939.120129][T18554] RAX: ffffffffffffffda RBX: 00007f66f1015fa0 RCX: 00007f66f0d9c799
[  939.120145][T18554] RDX: 000000100000a3d9 RSI: 00002000000000c0 RDI: 0000000000000005
[  939.120161][T18554] RBP: 00007f66f0e32c99 R08: 0000000000000000 R09: 0000000000000000
[  939.120175][T18554] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  939.120190][T18554] R13: 00007f66f1016038 R14: 00007f66f1015fa0 R15: 00007ffd9b468a88
[  939.120221][T18554]  </TASK>
[  939.612075][T18557] FAULT_INJECTION: forcing a failure.
[  939.612075][T18557] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  939.625447][T18557] CPU: 0 UID: 0 PID: 18557 Comm: syz.2.2819 Tainted: G     U  W    L XTNJ syzkaller #0 PREEMPT(full) 
[  939.625518][T18557] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL
[  939.625533][T18557] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  939.625548][T18557] Call Trace:
[  939.625557][T18557]  <TASK>
[  939.625567][T18557]  dump_stack_lvl+0x100/0x190
[  939.625609][T18557]  should_fail_ex.cold+0x5/0xa
[  939.625634][T18557]  ? prepare_alloc_pages+0x16d/0x5f0
[  939.625674][T18557]  should_fail_alloc_page+0xeb/0x140
[  939.625704][T18557]  prepare_alloc_pages+0x1f0/0x5f0
[  939.625739][T18557]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  939.625789][T18557]  ? __lock_acquire+0x4a5/0x2630
[  939.625821][T18557]  ? __lock_acquire+0x4a5/0x2630
[  939.625856][T18557]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  939.625895][T18557]  ? __lock_acquire+0x4a5/0x2630
[  939.625943][T18557]  ? __lock_acquire+0x4a5/0x2630
[  939.625975][T18557]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  939.626002][T18557]  ? policy_nodemask+0xed/0x4f0
[  939.626031][T18557]  alloc_pages_mpol+0x1fb/0x550
[  939.626060][T18557]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  939.626095][T18557]  alloc_pages_noprof+0x131/0x390
[  939.626124][T18557]  pte_alloc_one+0x1c/0x3d0
[  939.626152][T18557]  do_huge_pmd_anonymous_page+0x7fc/0x1c40
[  939.626199][T18557]  __handle_mm_fault+0x1e9e/0x2b60
[  939.626238][T18557]  ? mt_find+0x45e/0x8e0
[  939.626262][T18557]  ? __pfx___handle_mm_fault+0x10/0x10
[  939.626296][T18557]  ? __pfx_mt_find+0x10/0x10
[  939.626341][T18557]  handle_mm_fault+0x36d/0xa20
[  939.626381][T18557]  __get_user_pages+0xf9c/0x34d0
[  939.626417][T18557]  ? down_read_killable+0x30e/0x4c0
[  939.626443][T18557]  ? __lock_acquire+0x4a5/0x2630
[  939.626475][T18557]  ? __pfx___get_user_pages+0x10/0x10
[  939.626502][T18557]  ? __lock_acquire+0x4a5/0x2630
[  939.626544][T18557]  __gup_longterm_locked+0x87d/0x16f0
[  939.626581][T18557]  ? __pfx___gup_longterm_locked+0x10/0x10
[  939.626614][T18557]  ? try_get_folio+0x262/0x750
[  939.626638][T18557]  ? pmd_write+0xd3/0x150
[  939.626669][T18557]  ? sanity_check_pinned_pages+0x5f6/0x1250
[  939.626704][T18557]  gup_fast_fallback+0x18c6/0x2460
[  939.626755][T18557]  ? __pfx_gup_fast_fallback+0x10/0x10
[  939.626786][T18557]  ? kasan_save_stack+0x30/0x50
[  939.626807][T18557]  ? kasan_save_track+0x14/0x30
[  939.626829][T18557]  ? __kasan_slab_alloc+0x89/0x90
[  939.626854][T18557]  ? mempool_alloc_noprof+0x1b7/0x310
[  939.626881][T18557]  ? bvec_alloc+0x197/0x210
[  939.626905][T18557]  ? bio_alloc_bioset+0x59e/0x850
[  939.626931][T18557]  ? blkdev_direct_IO+0xeae/0x1fb0
[  939.626966][T18557]  ? blkdev_write_iter+0x703/0xd70
[  939.627001][T18557]  ? vfs_write+0x6ac/0x1070
[  939.627023][T18557]  ? ksys_write+0x12a/0x250
[  939.627045][T18557]  ? do_syscall_64+0x106/0xf80
[  939.627081][T18557]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  939.627111][T18557]  pin_user_pages_fast+0xa7/0xf0
[  939.627141][T18557]  ? __pfx_pin_user_pages_fast+0x10/0x10
[  939.627173][T18557]  ? iov_iter_advance+0xac/0x6d0
[  939.627206][T18557]  iov_iter_extract_pages+0xa0d/0x1ef0
[  939.627247][T18557]  ? __pfx_iov_iter_extract_pages+0x10/0x10
[  939.627284][T18557]  ? iov_iter_revert+0x252/0x5b0
[  939.627311][T18557]  ? bio_associate_blkg_from_css+0x394/0x13f0
[  939.627351][T18557]  iov_iter_extract_bvecs+0x10e/0xf40
[  939.627393][T18557]  ? __pfx_iov_iter_extract_bvecs+0x10/0x10
[  939.627426][T18557]  ? bio_init+0x404/0x610
[  939.627468][T18557]  bio_iov_iter_get_pages+0x26a/0x970
[  939.627507][T18557]  blkdev_direct_IO+0x1302/0x1fb0
[  939.627556][T18557]  ? __pfx_blkdev_direct_IO+0x10/0x10
[  939.627607][T18557]  blkdev_write_iter+0x703/0xd70
[  939.627669][T18557]  vfs_write+0x6ac/0x1070
[  939.627693][T18557]  ? __pfx_blkdev_write_iter+0x10/0x10
[  939.627732][T18557]  ? __pfx_vfs_write+0x10/0x10
[  939.627753][T18557]  ? find_held_lock+0x2b/0x80
[  939.627795][T18557]  ksys_write+0x12a/0x250
[  939.627818][T18557]  ? __pfx_ksys_write+0x10/0x10
[  939.627849][T18557]  do_syscall_64+0x106/0xf80
[  939.627885][T18557]  ? clear_bhb_loop+0x40/0x90
[  939.627914][T18557]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  939.627939][T18557] RIP: 0033:0x7f8e1df9c799
[  939.627958][T18557] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  939.627981][T18557] RSP: 002b:00007f8e1edb1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  939.628004][T18557] RAX: ffffffffffffffda RBX: 00007f8e1e216270 RCX: 00007f8e1df9c799
[  939.628021][T18557] RDX: 000000100000a3d9 RSI: 00002000000000c0 RDI: 0000000000000007
[  939.628036][T18557] RBP: 00007f8e1e032c99 R08: 0000000000000000 R09: 0000000000000000
[  939.628051][T18557] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  939.628066][T18557] R13: 00007f8e1e216308 R14: 00007f8e1e216270 R15: 00007ffc8a9fc588
[  939.628097][T18557]  </TASK>
[  940.629415][ T7276] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  941.212370][ T7276] bridge_slave_1: left allmulticast mode
[  941.232469][ T7276] bridge_slave_1: left promiscuous mode
[  941.244318][ T7276] bridge0: port 2(bridge_slave_1) entered disabled state
[  941.278988][ T7276] bridge_slave_0: left allmulticast mode
[  941.297530][ T7276] bridge_slave_0: left promiscuous mode
[  941.309399][ T7276] bridge0: port 1(bridge_slave_0) entered disabled state
[  941.992352][T18587] binder: 18586:18587 ioctl c0306201 200000000140 returned -14
[  942.053961][T18587] FAULT_INJECTION: forcing a failure.
[  942.053961][T18587] name failslab, interval 1, probability 0, space 0, times 0
[  942.115653][ T7276] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  942.129097][T18587] CPU: 0 UID: 0 PID: 18587 Comm: syz.5.2825 Tainted: G     U  W    L XTNJ syzkaller #0 PREEMPT(full) 
[  942.129148][T18587] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL
[  942.129162][T18587] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  942.129177][T18587] Call Trace:
[  942.129186][T18587]  <TASK>
[  942.129195][T18587]  dump_stack_lvl+0x100/0x190
[  942.129237][T18587]  should_fail_ex.cold+0x5/0xa
[  942.129266][T18587]  should_failslab+0xc2/0x120
[  942.129293][T18587]  __kmalloc_node_track_caller_noprof+0xe3/0x850
[  942.129334][T18587]  ? snd_timer_instance_new+0x65/0x2e0
[  942.129370][T18587]  kstrdup+0x51/0xe0
[  942.129394][T18587]  snd_timer_instance_new+0x65/0x2e0
[  942.129429][T18587]  snd_seq_timer_open+0x1d4/0x600
[  942.129474][T18587]  ? __pfx_snd_seq_timer_open+0x10/0x10
[  942.129521][T18587]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  942.129556][T18587]  ? lockdep_hardirqs_on+0x78/0x100
[  942.129592][T18587]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  942.129630][T18587]  queue_use+0xdc/0x1f0
[  942.129661][T18587]  snd_seq_queue_alloc+0x2e5/0x590
[  942.129698][T18587]  snd_seq_ioctl_create_queue+0xa9/0x370
[  942.129741][T18587]  call_seq_client_ctl+0xa3/0x130
[  942.129766][T18587]  snd_seq_kernel_client_ctl+0x77/0xd0
[  942.129793][T18587]  alloc_seq_queue+0xdb/0x180
[  942.129819][T18587]  ? __pfx_alloc_seq_queue+0x10/0x10
[  942.129860][T18587]  ? mark_held_locks+0x40/0x70
[  942.129891][T18587]  ? _raw_spin_unlock_irq+0x23/0x50
[  942.129943][T18587]  ? lockdep_hardirqs_on+0x78/0x100
[  942.129984][T18587]  snd_seq_oss_open+0x2b2/0xa10
[  942.130017][T18587]  odev_open+0x79/0xc0
[  942.130039][T18587]  ? __pfx_odev_open+0x10/0x10
[  942.130063][T18587]  soundcore_open+0x2e3/0x5a0
[  942.130092][T18587]  ? __pfx_soundcore_open+0x10/0x10
[  942.130118][T18587]  chrdev_open+0x234/0x6a0
[  942.130144][T18587]  ? __pfx_apparmor_file_open+0x10/0x10
[  942.130170][T18587]  ? __pfx_chrdev_open+0x10/0x10
[  942.130198][T18587]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  942.130247][T18587]  do_dentry_open+0x6d8/0x1660
[  942.130272][T18587]  ? __pfx_chrdev_open+0x10/0x10
[  942.130305][T18587]  vfs_open+0x82/0x3f0
[  942.130342][T18587]  path_openat+0x208c/0x31a0
[  942.130379][T18587]  ? __pfx_path_openat+0x10/0x10
[  942.130422][T18587]  do_file_open+0x20e/0x430
[  942.130451][T18587]  ? __pfx_do_file_open+0x10/0x10
[  942.130499][T18587]  ? alloc_fd+0x476/0x790
[  942.130527][T18587]  ? do_getname+0x191/0x390
[  942.130562][T18587]  do_sys_openat2+0x10d/0x1e0
[  942.130597][T18587]  ? __pfx_do_sys_openat2+0x10/0x10
[  942.130634][T18587]  ? __fget_files+0x21f/0x3d0
[  942.130664][T18587]  __x64_sys_openat+0x12d/0x210
[  942.130700][T18587]  ? __pfx___x64_sys_openat+0x10/0x10
[  942.130746][T18587]  do_syscall_64+0x106/0xf80
[  942.130783][T18587]  ? clear_bhb_loop+0x40/0x90
[  942.130813][T18587]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  942.130838][T18587] RIP: 0033:0x7f5ff199c799
[  942.130859][T18587] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  942.130883][T18587] RSP: 002b:00007f5ff28f2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  942.130907][T18587] RAX: ffffffffffffffda RBX: 00007f5ff1c15fa0 RCX: 00007f5ff199c799
[  942.130924][T18587] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  942.130940][T18587] RBP: 00007f5ff1a32c99 R08: 0000000000000000 R09: 0000000000000000
[  942.130956][T18587] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  942.130971][T18587] R13: 00007f5ff1c16038 R14: 00007f5ff1c15fa0 R15: 00007ffc3aa042d8
[  942.131003][T18587]  </TASK>
[  942.649544][T18592] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2826'.
[  942.708235][T18593] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2826'.
[  942.738844][ T7276] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  942.759168][ T7276] bond0 (unregistering): Released all slaves
[  943.338065][T18602] openvswitch: netlink: Flow key attr not present in new flow.
[  943.633264][ T7276] hsr_slave_0: left promiscuous mode
[  943.711703][ T7276] hsr_slave_1: left promiscuous mode
[  943.760614][ T7276] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  943.820407][ T7276] batman_adv: batadv0: Removing interface: batadv_slave_0
[  943.876072][T18609] ==================================================================
[  943.876091][T18609] BUG: KASAN: slab-out-of-bounds in fbcon_prepare_logo+0x94e/0xc60
[  943.876124][T18609] Read of size 26 at addr ffff888029588ae8 by task syz.2.2828/18609
[  943.876144][T18609] 
[  943.876158][T18609] CPU: 0 UID: 0 PID: 18609 Comm: syz.2.2828 Tainted: G     U  W    L XTNJ syzkaller #0 PREEMPT(full) 
[  943.876226][T18609] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL
[  943.876241][T18609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  943.876255][T18609] Call Trace:
[  943.876263][T18609]  <TASK>
[  943.876272][T18609]  dump_stack_lvl+0x100/0x190
[  943.876308][T18609]  print_report+0x156/0x4c9
[  943.876343][T18609]  ? __virt_addr_valid+0x81/0x620
[  943.876374][T18609]  ? __phys_addr+0xe8/0x180
[  943.876405][T18609]  ? fbcon_prepare_logo+0x94e/0xc60
[  943.876431][T18609]  kasan_report+0xdf/0x1e0
[  943.876457][T18609]  ? fbcon_prepare_logo+0x94e/0xc60
[  943.876487][T18609]  kasan_check_range+0x10f/0x1e0
[  943.876517][T18609]  __asan_memcpy+0x23/0x60
[  943.876551][T18609]  fbcon_prepare_logo+0x94e/0xc60
[  943.876583][T18609]  fbcon_init+0x10a0/0x1820
[  943.876612][T18609]  visual_init+0x320/0x620
[  943.876641][T18609]  do_bind_con_driver.isra.0+0x636/0x9c0
[  943.876680][T18609]  store_bind+0x609/0x730
[  943.876715][T18609]  ? __pfx_store_bind+0x10/0x10
[  943.876747][T18609]  dev_attr_store+0x58/0x80
[  943.876775][T18609]  ? __pfx_dev_attr_store+0x10/0x10
[  943.876804][T18609]  sysfs_kf_write+0xf2/0x150
[  943.876835][T18609]  kernfs_fop_write_iter+0x3e0/0x5f0
[  943.876860][T18609]  ? __pfx_sysfs_kf_write+0x10/0x10
[  943.876892][T18609]  vfs_write+0x6ac/0x1070
[  943.876914][T18609]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  943.876942][T18609]  ? __pfx_vfs_write+0x10/0x10
[  943.876973][T18609]  ksys_write+0x12a/0x250
[  943.876995][T18609]  ? __pfx_ksys_write+0x10/0x10
[  943.877022][T18609]  do_syscall_64+0x106/0xf80
[  943.877058][T18609]  ? clear_bhb_loop+0x40/0x90
[  943.877085][T18609]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  943.877109][T18609] RIP: 0033:0x7f8e1df9c799
[  943.877127][T18609] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  943.877151][T18609] RSP: 002b:00007f8e1ee14028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  943.877173][T18609] RAX: ffffffffffffffda RBX: 00007f8e1e215fa0 RCX: 00007f8e1df9c799
[  943.877195][T18609] RDX: 0000000000000084 RSI: 0000200000000040 RDI: 0000000000000003
[  943.877211][T18609] RBP: 00007f8e1e032c99 R08: 0000000000000000 R09: 0000000000000000
[  943.877226][T18609] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  943.877241][T18609] R13: 00007f8e1e216038 R14: 00007f8e1e215fa0 R15: 00007ffc8a9fc588
[  943.877265][T18609]  </TASK>
[  943.877273][T18609] 
[  943.877280][T18609] Allocated by task 15999:
[  943.877292][T18609]  kasan_save_stack+0x30/0x50
[  943.877312][T18609]  kasan_save_track+0x14/0x30
[  943.877331][T18609]  __kasan_kmalloc+0xaa/0xb0
[  943.877366][T18609]  __kmalloc_node_track_caller_noprof+0x304/0x850
[  943.877406][T18609]  kmemdup_noprof+0x29/0x60
[  943.877425][T18609]  neigh_parms_alloc+0x85/0x5e0
[  943.877460][T18609]  ipv6_add_dev+0x3f7/0x1520
[  943.877492][T18609]  addrconf_notify+0x563/0x19c0
[  943.877516][T18609]  notifier_call_chain+0x99/0x420
[  943.877545][T18609]  call_netdevice_notifiers_info+0xbe/0x110
[  943.877569][T18609]  register_netdevice+0x16e6/0x2210
[  943.877605][T18609]  wg_newlink+0x3af/0x7a0
[  943.877650][T18609]  rtnl_newlink+0x1494/0x2380
[  943.877681][T18609]  rtnetlink_rcv_msg+0x95e/0xe90
[  943.877713][T18609]  netlink_rcv_skb+0x159/0x420
[  943.877732][T18609]  netlink_unicast+0x5aa/0x870
[  943.877750][T18609]  netlink_sendmsg+0x8b0/0xda0
[  943.877768][T18609]  __sys_sendto+0x468/0x4b0
[  943.877796][T18609]  __x64_sys_sendto+0xe0/0x1c0
[  943.877824][T18609]  do_syscall_64+0x106/0xf80
[  943.877856][T18609]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  943.877878][T18609] 
[  943.877883][T18609] The buggy address belongs to the object at ffff888029588a00
[  943.877883][T18609]  which belongs to the cache kmalloc-192 of size 192
[  943.877901][T18609] The buggy address is located 72 bytes to the right of
[  943.877901][T18609]  allocated 160-byte region [ffff888029588a00, ffff888029588aa0)
[  943.877926][T18609] 
[  943.877933][T18609] The buggy address belongs to the physical page:
[  943.877942][T18609] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x29588
[  943.877962][T18609] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  943.877980][T18609] page_type: f5(slab)
[  943.877999][T18609] raw: 00fff00000000000 ffff88813fe393c0 dead000000000100 dead000000000122
[  943.878020][T18609] raw: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000
[  943.878034][T18609] page dumped because: kasan: bad access detected
[  943.878045][T18609] page_owner tracks the page as allocated
[  943.878054][T18609] page last allocated via order 0, migratetype Unmovable, gfp_mask 0xd2cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 8303976328, free_ts 8269006855
[  943.878092][T18609]  post_alloc_hook+0x153/0x170
[  943.878122][T18609]  get_page_from_freelist+0x111d/0x3140
[  943.878154][T18609]  __alloc_frozen_pages_noprof+0x27c/0x2ba0
[  943.878188][T18609]  new_slab+0xa6/0x6b0
[  943.878219][T18609]  refill_objects+0x26b/0x400
[  943.878249][T18609]  __pcs_replace_empty_main+0x1ab/0x660
[  943.878283][T18609]  __kmalloc_noprof+0x688/0x850
[  943.878315][T18609]  __register_sysctl_table+0xbe4/0x1650
[  943.878336][T18609]  __devinet_sysctl_register+0x1b9/0x360
[  943.878357][T18609]  devinet_sysctl_register+0x17b/0x210
[  943.878376][T18609]  inetdev_init+0x2b8/0x570
[  943.878394][T18609]  inetdev_event+0x7fa/0x17f0
[  943.878412][T18609]  notifier_call_chain+0x99/0x420
[  943.878440][T18609]  call_netdevice_notifiers_info+0xbe/0x110
[  943.878463][T18609]  register_netdevice+0x16e6/0x2210
[  943.878516][T18609]  ifb_init_module+0x105/0x170
[  943.878550][T18609] page last free pid 42 tgid 42 stack trace:
[  943.878562][T18609]  __free_frozen_pages+0x7e1/0x10d0
[  943.878607][T18609]  vfree.part.0+0x12b/0x9d0
[  943.878633][T18609]  delayed_vfree_work+0x8e/0xd0
[  943.878660][T18609]  process_one_work+0xa23/0x19a0
[  943.878694][T18609]  worker_thread+0x5ef/0xe50
[  943.878726][T18609]  kthread+0x370/0x450
[  943.878755][T18609]  ret_from_fork+0x754/0xd80
[  943.878789][T18609]  ret_from_fork_asm+0x1a/0x30
[  943.878814][T18609] 
[  943.878819][T18609] Memory state around the buggy address:
[  943.878832][T18609]  ffff888029588980: 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc
[  943.878849][T18609]  ffff888029588a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  943.878866][T18609] >ffff888029588a80: 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc
[  943.878880][T18609]                                                           ^
[  943.878894][T18609]  ffff888029588b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  943.878911][T18609]  ffff888029588b80: 00 00 00 04 fc fc fc fc fc fc fc fc fc fc fc fc
[  943.878925][T18609] ==================================================================
[  943.878945][T18609] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  943.878963][T18609] CPU: 0 UID: 0 PID: 18609 Comm: syz.2.2828 Tainted: G     U  W    L XTNJ syzkaller #0 PREEMPT(full) 
[  943.879010][T18609] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL
[  943.879024][T18609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  943.879039][T18609] Call Trace:
[  943.879047][T18609]  <TASK>
[  943.879056][T18609]  dump_stack_lvl+0x100/0x190
[  943.879092][T18609]  vpanic+0x552/0x970
[  943.879114][T18609]  ? __pfx_vpanic+0x10/0x10
[  943.879137][T18609]  ? __pfx_vprintk_emit+0x10/0x10
[  943.879162][T18609]  ? fbcon_prepare_logo+0x94e/0xc60
[  943.879194][T18609]  panic+0xd1/0xe0
[  943.879216][T18609]  ? __pfx_panic+0x10/0x10
[  943.879243][T18609]  ? fbcon_prepare_logo+0x94e/0xc60
[  943.879271][T18609]  check_panic_on_warn.cold+0x19/0x34
[  943.879302][T18609]  end_report.part.0+0x3a/0x90
[  943.879336][T18609]  kasan_report.cold+0xe/0x18
[  943.879370][T18609]  ? fbcon_prepare_logo+0x94e/0xc60
[  943.879400][T18609]  kasan_check_range+0x10f/0x1e0
[  943.879431][T18609]  __asan_memcpy+0x23/0x60
[  943.879465][T18609]  fbcon_prepare_logo+0x94e/0xc60
[  943.879497][T18609]  fbcon_init+0x10a0/0x1820
[  943.879527][T18609]  visual_init+0x320/0x620
[  943.879555][T18609]  do_bind_con_driver.isra.0+0x636/0x9c0
[  943.879594][T18609]  store_bind+0x609/0x730
[  943.879629][T18609]  ? __pfx_store_bind+0x10/0x10
[  943.879661][T18609]  dev_attr_store+0x58/0x80
[  943.879689][T18609]  ? __pfx_dev_attr_store+0x10/0x10
[  943.879717][T18609]  sysfs_kf_write+0xf2/0x150
[  943.879748][T18609]  kernfs_fop_write_iter+0x3e0/0x5f0
[  943.879790][T18609]  ? __pfx_sysfs_kf_write+0x10/0x10
[  943.879820][T18609]  vfs_write+0x6ac/0x1070
[  943.879841][T18609]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  943.879867][T18609]  ? __pfx_vfs_write+0x10/0x10
[  943.879896][T18609]  ksys_write+0x12a/0x250
[  943.879917][T18609]  ? __pfx_ksys_write+0x10/0x10
[  943.879943][T18609]  do_syscall_64+0x106/0xf80
[  943.879986][T18609]  ? clear_bhb_loop+0x40/0x90
[  943.880010][T18609]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  943.880032][T18609] RIP: 0033:0x7f8e1df9c799
[  943.880047][T18609] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  943.880068][T18609] RSP: 002b:00007f8e1ee14028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  943.880107][T18609] RAX: ffffffffffffffda RBX: 00007f8e1e215fa0 RCX: 00007f8e1df9c799
[  943.880122][T18609] RDX: 0000000000000084 RSI: 0000200000000040 RDI: 0000000000000003
[  943.880137][T18609] RBP: 00007f8e1e032c99 R08: 0000000000000000 R09: 0000000000000000
[  943.880152][T18609] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  943.880166][T18609] R13: 00007f8e1e216038 R14: 00007f8e1e215fa0 R15: 00007ffc8a9fc588
[  943.880194][T18609]  </TASK>
[  943.880255][T18609] Kernel Offset: disabled