last executing test programs:

22.061312517s ago: executing program 2 (id=364):
mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000)
r0 = socket(0x1d, 0x2, 0x6)
setsockopt$auto(r0, 0x6a, 0x5, 0x0, 0x3)
r1 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0)
ioctl$auto_PAGEMAP_SCAN(r1, 0xc0606610, &(0x7f0000000100)={0x60, 0x0, 0x100000, 0x7fffffffefff, 0x40, 0x5, 0xe4, 0x0, 0x0, 0x2, 0x0, 0x6})
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0xa, 0x3, 0x3b)
sysfs$auto(0x2, 0x23, 0x0)
r2 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0)
write$auto(r2, 0x0, 0x3)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
io_uring_setup$auto(0x6, 0x0)
r3 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$auto_VHOST_SET_FEATURES(r3, 0x4008af00, &(0x7f0000000000)=0x200000000)
read$auto(r3, 0x0, 0x3ff)
close_range$auto(0x2, 0x8, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/midi2\x00', 0x80102, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/midi2\x00', 0x201, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
unshare$auto(0x400)
select$auto(0xd, &(0x7f0000000140)={[0x6, 0x1, 0x0, 0x96, 0x1, 0x46, 0x100, 0x1, 0x4, 0xd1, 0xbb95, 0x1, 0x2, 0x2]}, &(0x7f0000000240)={[0x7, 0x2, 0xff, 0x1, 0x2, 0x4, 0x3, 0x4, 0x2, 0x6, 0x9, 0x8, 0x28d3, 0x6, 0x1, 0x7]}, &(0x7f00000002c0)={[0xffff, 0xfffffffffffff734, 0x4, 0xf94, 0x2, 0x7f, 0x8, 0x49, 0x8, 0x40, 0x9, 0xffffffffffffffff, 0x7, 0x10000, 0x5, 0x6]}, &(0x7f0000000040)={0x7ff})
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0)

21.415892287s ago: executing program 2 (id=368):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_macsec(&(0x7f00000001c0), 0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'macsec0\x00'})
mmap$auto(0x5c, 0x40000000000006, 0x8, 0x480014, 0xffffffffffffffff, 0x28000)
setresgid$auto(0x0, 0xffffffffffffffff, 0xffffffffffffffff)
close_range$auto(0x2, 0xa, 0x0)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)
close_range$auto(0x2, 0x8, 0x0)
setitimer$auto(0x0, &(0x7f0000000140)={{0x40000000002, 0x5}, {0x20000, 0x8}}, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/pci0000:00/0000:00:01.1/ata1/host0/scsi_host/host0/scan\x00', 0x5c5100, 0x0)
open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x147)
socket(0xa, 0x801, 0x84)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
write$auto(r1, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xcfk', 0x81)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x130)
fallocate$auto(0x8000000000000003, 0x0, 0x19, 0x4cbd5f)
mmap$auto(0x9, 0x200, 0x4, 0x18, 0x3, 0x0)
mmap$auto(0x0, 0x2020009, 0x100003, 0x9000000eb1, 0xfffffffffffffffa, 0x0)
socket(0x2, 0x1, 0x106)
open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x147)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x80, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000)

20.786056031s ago: executing program 2 (id=370):
mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x130)
r1 = open(&(0x7f00000000c0)='./file0\x00', 0x40000, 0x31)
fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d)
mmap$auto(0x0, 0x1, 0xfd5, 0x12, r1, 0x40000000)
mmap$auto(0x9, 0x1ff, 0x4, 0x14, 0x3, 0x0)
socket(0xa, 0x3, 0x73)
getcwd$auto(&(0x7f00000003c0)=':%,^*#\')\x00', 0x8)
mmap$auto(0xfffffffffffffff9, 0x2000a, 0x100000000009f, 0xeb2, 0x401, 0x8000)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/input/event0\x00', 0x668401, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D3\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f00000000c0)='/dev/audio1\x00', 0x100000a3d9)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x3, 0x0, 0xfffffffffffffffc, 0x2}, 0xed7138c}, 0x2, 0x9)
finit_module$auto(r2, &(0x7f0000000140)='7\x00\\\xa0\x01\x00\x01\x00\x00\x00\x00\x00\xc7k', 0x5)
r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x8800, 0x0)
cachestat$auto(r3, &(0x7f0000000640)={0x8, 0x4000000000008}, 0x0, 0x0)
read$auto_i2cdev_fops_i2c_dev(r0, &(0x7f00000001c0)=""/214, 0xd6)
r4 = socket(0xa, 0x5, 0x84)
sendmsg$auto_NFC_CMD_DEP_LINK_UP(r4, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x1c, 0x0, 0x10, 0x70bd2a, 0x25dfdbfc, {}, [@NFC_ATTR_COMM_MODE={0x5, 0xa, 0x6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x4040010)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000400)='/dev/video41\x00', 0x40, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/module/nfs/parameters/nfs_mountpoint_expiry_timeout\x00', 0xa001, 0x0)
sendto$auto(r4, 0x0, 0x401, 0x7f, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe80000700"}, 0x1c)
r5 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000340)='/dev/video2\x00', 0x80000, 0x0)
ppoll$auto(&(0x7f0000000000)={r5, 0x5687, 0x8}, 0x3, 0x0, 0x0, 0x8)

19.776590475s ago: executing program 2 (id=372):
mmap$auto(0x0, 0x400008, 0x5f, 0x9b72, 0x2, 0x10)
close_range$auto(0x2, 0x8, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bind$auto(0x3, &(0x7f0000000040)=@xdp={0x2c, 0xa, 0x0, 0x7}, 0x6a)
write$auto(r0, 0x0, 0x100076)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
socket$nl_generic(0x10, 0x3, 0x10)
unshare$auto(0x40000080)
setsockopt$auto(0x3, 0x10000000084, 0x5, 0x0, 0x7ff)
io_uring_setup$auto(0x1ff, 0x0)
setsockopt$auto(0x3, 0x1, 0xd, 0x0, 0x9)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0x62, 0x40000010, 0xffffffffffffffff, 0xfffffffffffffffb)
recvmmsg$auto(r0, 0x0, 0x10001, 0x0, 0x0)
pread64$auto(0xffffffffffffffff, 0x0, 0x200000000003, 0x2f4a3a23)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = socket(0x25, 0x801, 0x106)
getsockopt$auto(r1, 0x6, 0x19, 0x0, &(0x7f0000000040)=0x1)
mmap$auto(0x0, 0x8001, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
io_uring_setup$auto(0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
r2 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cec26\x00', 0x1a1600, 0x0)
ioctl$auto_CEC_RECEIVE(r2, 0xc0386106, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x0)

19.057954826s ago: executing program 2 (id=374):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x8040, 0x0)
openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x8040, 0x0)
r0 = ioctl$auto_TUNGETFILTER(0xffffffffffffffff, 0x801054db, &(0x7f0000000040)={0x1000, &(0x7f0000000000)={0x1ff, 0x9, 0xdf, @raw=0x4}})
r1 = socket(0x22, 0x2, 0x1)
sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x44814}, 0x801)
sendmsg$auto_TIPC_NL_BEARER_ADD(r0, &(0x7f0000000100)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)={0x85c, 0x0, 0x800, 0x70bd26, 0x25dfdbff, {}, [@TIPC_NLA_PUBL={0x848, 0x3, 0x0, 0x1, [@nested={0x257, 0x7b, 0x0, 0x1, [@generic="0e8bd4b17c714ae89c2aa6140dd6b5d824e29e4d7020a4708e286981065eea40fa85c68e25690f4c1ed63effb275c720a70eed32eacca65b8616469fbb830ea0e890a9ba81944222a8a314e7d10d38eedbff9d1489faf6fd2aa236fbfcdbbed154f51a0a5c930b8db82b183294f86f987edef0266132bd8a323cf23ffb4d069221ef6dc45a9ca3e4fe26e36e7f853328ee0ab7a6e5843ba72ee754118bc95c04b76dd5b96576dfd30ba530e3f910c73f22c5283df417e9af75807630b143cec4eb086e716da181a0e2721d5b100a650b284d0fabf829fb71438ee2e6205ab1", @generic="ce2f171acc0030a6c420e27b0065a9a3a6a7957d1213927a39936fb0b7502b7a5bbad77b9af3b2c70b58511f9bff3f9a0dc50f2e3fa5b7ababb2405309a9e7a60de15b0e9b7d35a99d00fd6b1da0", @nested={0x4, 0xc}, @generic="ae42852d03daedf4c8813fcdfc82307af5b69e139a79e329399f5f464ad519fdda7470c15e4fb9f03233c5636c9defdaedc092a08d7ba06eb38728c967b3752b74", @nested={0x4, 0xf9}, @typed={0x8, 0x136, 0x0, 0x0, @u32=0xc}, @generic="d011ff7fd48e2e6cb817ef9268f2a6", @typed={0x8, 0xcf, 0x0, 0x0, @fd=r1}, @generic="40e99f00a51871daab22e59247207e5118d22508c68f5f2d1e31cbbba6113bbd0f087a7d5872c71886cf04ae87c9fd35fb53a23536639c445b32f5520c6bbfc5106825a37416af1e01eb934fba929b7cc7f5007f9ba2191d47109f9bb7152ea9bc2b9ef8e149b5a85b1f196814d40f1c9865f0936a2547a0dc81569f74a6350a6dceff23f041a834ed8be7893dfc5045c1ba451286fa40aa44151b3d5d0e18d0494447e90f7005977495d853df9b7734aa73616f613a7cea477d749e7fae"]}, @nested={0x11d, 0xef, 0x0, 0x1, [@typed={0xc, 0xbc, 0x0, 0x0, @u64=0x1000000000000000}, @nested={0x4, 0xc2}, @nested={0x4, 0x89}, @generic="86683543838868d2c9e9884db6264495992f1fc58df7a858e765440905371452bc83add1a163907ea37effb9f4adabcb4baefe0571a95b39230a45a68f31f252050a8ba171a41e93620446663c82ce118684b65ad2f661013f2c3a16ce3e34326e6be3ea34bcad4a500ee4bf2c3d0a3e6c450e16ac6bea31f70f158216dd9e3f5aa701fc333925c691692e3d9edace657e890838bdb264fa7ddc37299622247bb7a2fba774433c9f5ea88ee2c2dd4ab0ced73ea38713d636c841d36fed684cd879f2ebe8f26a615ef2599b5178bac9b4d0badae95674a879984360322a25c278cf88183c8b26de42495dda60aab08f59140d9e774f", @nested={0x4, 0x9}, @typed={0x8, 0x2c, 0x0, 0x0, @uid}, @nested={0x4, 0x11e}]}, @nested={0x2dd, 0x64, 0x0, 0x1, [@generic="ad6ca2f5acfd59eacf0b35807a8670", @typed={0x3f, 0xd0, 0x0, 0x0, @binary="4af68d696486f517dee400baae6b20fcb02210803f1b3506bbe048a8e84a41995992b01f4229cc3bbbe6af0ede91517631553afe632333ec86bc9d"}, @generic="bda6a741008a93db88a4b7c62aacb083fc365bc2e50c6373017712c1b17e5b4429712a0ae601db9dadd2437ca2354b6106deb96653a80e7d65f668f8df76da5b9c4280f2f3dfcb51371df533990b53fcc6797ef7584a2fbb9d01699052107a5dfca9b2e7674283236ccdf6665b6fa27a8777230403a3ede6a5f1399d2a29dcd55d7cb743ea0ba4e14724a6ea6631737ef404d33f0fc1071c40247f739c2f7136b466d5dfb509a7e6cce658bccea29156090dd1cea496e8ab9d0c5448", @nested={0x4, 0x25}, @generic="f82f4893596653dc1d811a850d1f666bd98723e3aea38518f5d96ac769ec2d0075e1d80810cf9002eb97858733d173d0396c918b63f2d9c2d3de7d62dc289a3287e9e65ca3827318f7c9b286a719c4cddba9c251cb1d55a1909960094b48e64112fe97770c5152a62ab15644fccf19d2df40ae608d6a070f502fc84a13d44b88a463ad06f5234545ce398f0876f6a8f076789d35953f8d228c0be72595e809890380f3998ace2cc2f6278e1f91d9a647e785996203e3e5b627d5cc92e565ca3155c010dccdb1efab9444f91659f80c2e1f9e99d54f23dddf52f72dda603ac1", @nested={0x4, 0xc}, @generic="33cca945b6e1d40a2db8354c562ea80441993bf62062e7473d18443d3cae9f52ac7a8955ca886831b2f3f271b8e2b24013c8fc98f842f59bb47f997f8a63c61f3f388b2777f6551619c836fe56459534a074687c36c57c5b6e275a3c5a4e1c6eadb2ff38dae7ad97ed7800815b4fa79e85fdc5878914e24e7b406522cfb4960f07282eeafb48d91066e302c66cda2380b8b5c8e0bdd200d6bfc0420eb452fc379a91e9c00101bfd0b2e0ebec1039199b517e4da73ca349e5183cc37e4ff0f38909ea819cc43272f5cef79ded010e90fa2f86788a6428cead65e9c46f8e2974a063cbc1994e9f87"]}, @typed={0x14, 0xa1, 0x0, 0x0, @ipv6=@empty}, @typed={0x1f, 0x105, 0x0, 0x0, @binary="d8c34f85474ac8e3828f9116665bc30a9f9aa0ac11507684b53059"}, @typed={0x8, 0x35, 0x0, 0x0, @u32=0xc52}, @nested={0x18a, 0x9, 0x0, 0x1, [@generic="b0c7a4ba5c54ec7b0b947267d169e66e5f3f6c6d060c1fe4e34598e76d22d607ccfadc7ddf3d81bdc506b330b9b2bd4521db2476e78cab2f806e4014ebca95829be15dc705f0d74caa6dc286d393363f8c961e823d079e10c20358a9a168ce9a4cf40ef4f388ef34724935f2af8193208b172f24d1cc19d3a65da44144cbd7b59e96e033601e59f6698e6f673abacc5cde583c3c6f4bfd7f333b3ec34775224f43450a5f130166b939c4b539b4743af337d93c49eceb6f24475495aafc6e1c6bbb8fadcf899b", @generic="88cce4b66e7662456fe56013a4db44431ed218f5a679b72036f8346952871f390e15345c3adc0525e33f37601c3d4a8570183cb3c92fd8f69780b25162133dc8157fdeba8ff9eff38b27de7b4148e2b55a1af84db098e5879f279f3ab052d5c6b84fc6a0a26e2d3674fe1e161a34a11fad4ef048fef0f9f3c12ed0f170e275b8e99ff208de3b4e654e21718f0188cf8fa00877066c13c0a252b65dbbc82e1506181a7172d76725e0e128ae695c0525faeea4a41a09beee6ea785dcd6d104f3ba"]}, @nested={0x24, 0x10b, 0x0, 0x1, [@nested={0x4, 0x35}, @typed={0x4, 0x4}, @typed={0xc, 0x156, 0x0, 0x0, @u64=0xd86}, @nested={0x4, 0xbb}, @typed={0x8, 0x8c, 0x0, 0x0, @ipv4=@dev={0xac, 0x14, 0x14, 0x2e}}]}]}]}, 0x85c}, 0x1, 0x0, 0x0, 0x20000800}, 0x80)
io_uring_setup$auto(0x4005, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x10100)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
io_uring_setup$auto(0x2, 0x0)
getpid()
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ram11\x00', 0x1ef683, 0x0)
preadv2$auto(r2, &(0x7f00000011c0)={0x0, 0x8}, 0x10, 0x2, 0x3, 0xa2)
openat$auto_stat_fops_(0xffffffffffffff9c, &(0x7f0000003300), 0x80880, 0x0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000040)='ns/user\x00')
mmap$auto(0xffffffffffffffe, 0xfffffffbffffffff, 0xdf, 0x9b72, r2, 0x9)
ustat$auto(0x801, 0x0)
open(0x0, 0x22240, 0x155)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio1\x00', 0x4a0442, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x1e, 0x805, 0x0)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x802, 0x0)
ioctl$auto(0x3, 0x40045532, 0x38)
r3 = open(&(0x7f0000000540)='./cgroup\x00', 0x0, 0x310)
fcntl$auto(r3, 0x402, 0x1)

18.744703843s ago: executing program 2 (id=375):
r0 = waitid$auto(0x8, 0xffffffffffffffff, 0x0, 0x3, &(0x7f0000000180)={{0xfffffffffffffff9, 0x80}, {0x2, 0x6}, 0x4, 0x5, 0x1, 0x3, 0x0, 0x8000, 0x80000000, 0x7, 0xb7, 0x5d9, 0x5, 0x7ff, 0x2055})
ioctl$auto_XFS_IOC_ALLOCSP64(0xffffffffffffffff, 0x40305824, &(0x7f0000000040)={0x1, 0x3, 0x81, 0x2, 0x82e9, 0xffffffffffffffff})
prctl$auto(0x36, 0x1, r0, 0x100001, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f00000002c0), 0x40000, 0x0)
socket(0x1a, 0x2, 0xffffff03)
close_range$auto(0x2, 0x8, 0x0)
socket(0x15, 0x5, 0x0)
openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/input/mice\x00', 0x22002, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0)
read$auto(r1, 0x0, 0x7)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
write$auto(r2, 0x0, 0x81)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x404400, 0x0)
openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x8000, 0x0)
write$auto(0x3, 0x0, 0xfffffdef)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
write$auto(0x3, 0x0, 0x70)
io_cancel$auto(0x6, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x787b, 0x7000000)
pread64$auto(0xffffffffffffffff, 0x0, 0x200000000003, 0x2f4a3a23)

6.702879624s ago: executing program 3 (id=409):
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev6\x00', 0x169000, 0x0)
socket(0xa, 0x1, 0x84) (async)
io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x29f, 0x100, 0x83, 0x101, 0x6, 0x2}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}}) (async)
openat$auto_proc_pid_numa_maps_operations_internal(0xffffffffffffff9c, 0x0, 0x22000, 0x0) (async, rerun: 64)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (rerun: 64)
io_uring_setup$auto(0x1, 0x0)
r0 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x8040, 0x0)
ioctl$auto_dvb_demux_fops_dmxdev(r0, 0x403c6f2b, 0x0) (async)
r1 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x88040, 0x0)
ioctl$auto_dvb_demux_fops_dmxdev(r1, 0x403c6f2b, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
r2 = socket(0xa, 0x800, 0x84)
getsockopt$auto(r2, 0x84, 0x3, 0x0, 0x0) (async)
openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000000)='/dev/usbmon33\x00', 0x121200, 0x0) (async)
mmap$auto(0x0, 0x4000002, 0xfffffffffffffe01, 0x8051, 0x3, 0x0) (async)
syz_clone(0x5004000, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async)
r4 = openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, 0x0, 0x503083, 0x0)
syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), 0xffffffffffffffff) (async)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r3, 0x0, 0x40800) (async, rerun: 32)
unshare$auto(0x40000080) (async, rerun: 32)
keyctl$auto(0x7, 0xfffffffb, 0x0, 0x3e, 0x8)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r5) (async)
sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r5, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x4004044}, 0x8000) (async)
bpf$auto(0x5, &(0x7f0000000080)=@bpf_attr_7={@btf_id=0x2, 0x92f1, 0x4, r4}, 0xa) (async, rerun: 64)
r6 = open(&(0x7f0000000100)='.\x00', 0x595002, 0x408) (rerun: 64)
write$auto(r6, 0x0, 0xfffffdf1) (async)
linkat$auto(r6, 0x0, 0xffffffffffffff9c, &(0x7f0000000080)='&&\x00', 0x1000)

6.17611618s ago: executing program 3 (id=411):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x10, 0x2, 0x0)
openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0)
io_uring_setup$auto(0x59, 0x0)
getpid()
unshare$auto(0x40000080)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
listen$auto(0x3, 0x81)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003f2, 0x15)
r1 = syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000700)=ANY=[@ANYBLOB="6cc21024d68cf34240ceb1eeb2a3c087ed6ce2a41c27de537bb17530ca641221ad2c5a04cdfa7fa501f298cb4475f2159121ac0b22f8c53c6b091a2147c47586ec135ed7b9af0da762b126be2dd6a8fee7adc2b45d04c6d25226dd64ae9f08d69137f3ac3e8366df5da01e768fae996da3bf60e7a0804d", @ANYRES16=r1, @ANYBLOB="010031bd7000fddbdf250c000000"], 0x14}}, 0x24048084)
madvise$auto(0x0, 0x200007, 0x19)
getcpu$auto(0xfffffffffffffffc, 0xffffffffffffffff, 0xfffffffffffffffd)
fanotify_init$auto(0x65, 0x2)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
unshare$auto(0x20000080)
syz_clone3(&(0x7f0000000380)={0x2c022000, 0x0, 0x0, 0x0, {0x1f}, 0x0, 0x0, 0x0, 0x0}, 0x58)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x101001, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000001c0), 0x101000, 0x0)
sendmsg$auto_NL80211_CMD_DEL_TX_TS(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000200)={&(0x7f0000000480)={0x26c, 0x0, 0x100, 0x70bd2c, 0x25dfdbff, {}, [@NL80211_ATTR_KEY_DATA={0x15, 0x7, "f6ff64389b62872b26f97bc80d052696ab"}, @NL80211_ATTR_MESH_ID={0x22, 0x18, "3eed9b1465d94ee937d70efbcdd93f95cb35b0d61936ae811703d63b6d71"}, @NL80211_ATTR_SAR_SPEC={0x208, 0x12c, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS={0x124, 0x2, 0x0, 0x1, [{0x14, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x3}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0xa}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x2}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x1}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x48}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x9}]}, {0x2c, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x7}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x6}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0xd}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x4}]}, {0x3c, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x401}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x200}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x7}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x1000}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x8}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x7}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x8}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x6}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0xfffffffd}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0xffff1e6d}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x452}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x4}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x7}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x4}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x2}]}, {0x4}, {0x24, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0xbb02}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x9}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0xb19}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x20}]}]}, @NL80211_SAR_ATTR_SPECS={0xe0, 0x2, 0x0, 0x1, [{0x34, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x497819ce}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x9}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x100}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0xc59b}]}, {0x34, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x18}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x4}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x7ff}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x7}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0xc6000000}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x7}]}, {0x34, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x9}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x4}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x20000}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x7fff}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0xd}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x5}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x7}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x7fff}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x100}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x5}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x8}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0xfff}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x6}]}]}]}, @NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM={0x6, 0xfb, 0x3}, @NL80211_ATTR_AP_ISOLATE={0x5, 0x60, 0x4}, @NL80211_ATTR_TDLS_EXTERNAL_SETUP={0x4}]}, 0x26c}, 0x1, 0x0, 0x0, 0x24040081}, 0x40094)
r2 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0)
pread64$auto(r2, &(0x7f0000000240)='\x03W\x96l\x15\x00\x00\x00\x00\xf4\x00'/21, 0x100000002, 0x100000001)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x101c82, 0x0)
prctl$auto(0x42, 0x0, 0x0, 0x1, 0x0)

4.761511835s ago: executing program 3 (id=417):
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
mmap$auto(0x0, 0x8000, 0xdf, 0xeb1, 0x401, 0x2)
read$auto(0x3, 0x0, 0x80)
sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10}, 0x4044000)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x642, 0x0)
socketpair$auto(0x1e, 0x5, 0x3, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x155)
socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0)
openat$auto_vhost_net_fops_net(0xffffffffffffff9c, 0x0, 0x42001, 0x0)
write$auto(0x3, 0x0, 0xfdef)
bpf$auto_BPF_LINK_UPDATE(0x26, &(0x7f0000000180)=@iter_create={0xffffffffffffffff, 0x2}, 0x3fd)
sendfile$auto(0x3, r0, 0x0, 0x400000000006)
shutdown$auto(0x200000003, 0x5)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL802154_CMD_DEL_SEC_KEY(r1, 0x0, 0x4)
r2 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f00000039c0), 0xffffffffffffffff)
sendmsg$auto_TIPC_NL_MEDIA_SET(r1, &(0x7f0000003b00)={0x0, 0x0, &(0x7f0000003ac0)={&(0x7f0000003a00)=ANY=[@ANYBLOB="d25a1808", @ANYRES16=r2, @ANYBLOB="01022bbd7000fcdbdf250c000000"], 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x4044)
sendmsg$auto_NL80211_CMD_SET_MULTICAST_TO_UNICAST(0xffffffffffffffff, 0x0, 0x0)
socket(0x1f, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcsa1\x00', 0x0, 0x0)

4.246076058s ago: executing program 1 (id=418):
mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000)
r0 = socket(0x1d, 0x2, 0x6)
setsockopt$auto(r0, 0x6a, 0x5, 0x0, 0x3)
r1 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0)
ioctl$auto_PAGEMAP_SCAN(r1, 0xc0606610, &(0x7f0000000100)={0x60, 0x0, 0x100000, 0x7fffffffefff, 0x40, 0x5, 0xe4, 0x0, 0x0, 0x2, 0x0, 0x6})
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0xa, 0x3, 0x3b)
sysfs$auto(0x2, 0x23, 0x0)
r2 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0)
write$auto(r2, 0x0, 0x3)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
io_uring_setup$auto(0x6, 0x0)
r3 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$auto_VHOST_SET_FEATURES(r3, 0x4008af00, &(0x7f0000000000)=0x200000000)
read$auto(r3, 0x0, 0x3ff)
close_range$auto(0x2, 0x8, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x80102, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/midi2\x00', 0x201, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
unshare$auto(0x400)
select$auto(0xd, &(0x7f0000000140)={[0x6, 0x1, 0x0, 0x96, 0x1, 0x46, 0x100, 0x1, 0x4, 0xd1, 0xbb95, 0x1, 0x2, 0x2]}, &(0x7f0000000240)={[0x7, 0x2, 0xff, 0x1, 0x2, 0x4, 0x3, 0x4, 0x2, 0x6, 0x9, 0x8, 0x28d3, 0x6, 0x1, 0x7]}, &(0x7f00000002c0)={[0xffff, 0xfffffffffffff734, 0x4, 0xf94, 0x2, 0x7f, 0x8, 0x49, 0x8, 0x40, 0x9, 0xffffffffffffffff, 0x7, 0x10000, 0x5, 0x6]}, &(0x7f0000000040)={0x7ff})
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0)

4.012979962s ago: executing program 0 (id=419):
r0 = set_tid_address$auto(0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_IPVS_CMD_GET_SERVICE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x14, r2, 0x301, 0x70bd27, 0x25dfdc03}, 0x14}, 0x1, 0x0, 0x0, 0x2000001c}, 0x20000800)
r3 = pidfd_open$auto(0x1, 0x0)
ioctl$auto_FS_IOC_GETVERSION(r3, 0xff01, &(0x7f0000000080)=0x80)
waitid$auto_P_PID(0x1, r0, 0x0, 0x4, 0x0)

3.894763622s ago: executing program 1 (id=420):
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x1008000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mbind$auto(0x2000, 0x100000004, 0x1, 0x0, 0xffffffffffffff39, 0x1)
ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nbd8\x00', 0x4041, 0x0)
mprotect$auto(0x200000000000, 0x806121, 0x8)
socket(0x21, 0x2, 0xa)
write$auto(0x3, 0x0, 0x100082)
shmget$auto(0x0, 0x200000005, 0x7d)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8)
ppoll$auto(0x0, 0x6, &(0x7f0000000240)={0x0, 0x2}, 0x0, 0x8)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/fs/cifs/SecurityFlags\x00', 0x480c1, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x28, 0x801, 0x0)
connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2711, @my=0x0}, 0x6)
epoll_ctl$auto_EPOLL_CTL_DEL(0xffffffffffffffff, 0x2, 0xffffffffffffffff, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
io_uring_setup$auto(0xa, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
close_range$auto(0x2, 0xa, 0x0)

3.716552527s ago: executing program 0 (id=421):
r0 = open(0x0, 0x22240, 0x155)
ioctl$auto_FIONREAD(r0, 0x541b, 0x401)
mmap$auto(0x0, 0x20009, 0xe, 0xeb1, 0x403, 0x8000)
r1 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
ioctl$auto(0x3, 0x400454da, r1)
ioctl$auto__ctl_fops_dm_ioctl(r0, 0x4, &(0x7f0000000000)="0ecb055624f7f08f604469be2812fa4151baa9bdf2c20dcb4981add26be40f745d9cad4126e0fc9332a995dc2ca9966b656a3f5df63388b83a2f198eedd412361cf5acacf7dc39")
futex$auto(&(0x7f0000000080)=0x140005, 0x9, 0x1, 0x0, 0x0, 0x7)
clock_adjtime$auto(0x10000, &(0x7f00000000c0)={0xa6, 0x0, 0x0, 0x9, 0x8, 0x4, 0x4, 0x0, 0x5, 0x1, 0x3, {0x100000000, 0x8}, 0x7f, 0x1, 0x3, 0x8, 0x0, 0x9, 0x0, 0x2, 0xad, 0x4, 0x2})

3.661241424s ago: executing program 32 (id=375):
r0 = waitid$auto(0x8, 0xffffffffffffffff, 0x0, 0x3, &(0x7f0000000180)={{0xfffffffffffffff9, 0x80}, {0x2, 0x6}, 0x4, 0x5, 0x1, 0x3, 0x0, 0x8000, 0x80000000, 0x7, 0xb7, 0x5d9, 0x5, 0x7ff, 0x2055})
ioctl$auto_XFS_IOC_ALLOCSP64(0xffffffffffffffff, 0x40305824, &(0x7f0000000040)={0x1, 0x3, 0x81, 0x2, 0x82e9, 0xffffffffffffffff})
prctl$auto(0x36, 0x1, r0, 0x100001, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f00000002c0), 0x40000, 0x0)
socket(0x1a, 0x2, 0xffffff03)
close_range$auto(0x2, 0x8, 0x0)
socket(0x15, 0x5, 0x0)
openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/input/mice\x00', 0x22002, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0)
read$auto(r1, 0x0, 0x7)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
write$auto(r2, 0x0, 0x81)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x404400, 0x0)
openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x8000, 0x0)
write$auto(0x3, 0x0, 0xfffffdef)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
write$auto(0x3, 0x0, 0x70)
io_cancel$auto(0x6, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x787b, 0x7000000)
pread64$auto(0xffffffffffffffff, 0x0, 0x200000000003, 0x2f4a3a23)

3.581600541s ago: executing program 0 (id=423):
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000001480)='/proc/self/net/rxrpc/conns\x00', 0x0, 0x0)
pread64$auto(r0, &(0x7f0000000040)='veth1\x00', 0x200000000006, 0x3ff)
ioctl$auto_RTC_IRQP_SET(0xffffffffffffffff, 0x4008700c, &(0x7f0000000440)=0x77b)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/block/nbd7/power/autosuspend_delay_ms\x00', 0x22902, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x189401, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r2 = socketcall$auto(0xa, 0x0)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$auto(0x3, 0xae60, 0x10000000000402)
sendmmsg$auto(0xffffffffffffffff, &(0x7f00000002c0)={{0x0, 0x9, &(0x7f0000000080)={&(0x7f0000000180)="cb7978ababe605edf078e6f2726ae03e663c080c0d6c169eec931ca2ea579299bf44495b1fe078f2e9c5586ae69caa813549", 0x1}, 0xfffffffffffffff7, 0x0, 0x5, 0x24b}, 0x800}, 0x8, 0xff)
ioctl$auto(0x3, 0xae41, r2)
ioctl$auto_KVM_GET_MSRS(r1, 0x4400ae8f, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae80, 0x0)

3.415054752s ago: executing program 1 (id=424):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
bpf$auto(0x3, &(0x7f0000000040)=@query={@target_ifindex, 0x4, 0x7, 0x9, 0x0, @prog_cnt=0x1, 0x0, 0x80000000, 0x10000000c, 0xe, 0x5}, 0x7)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/block2mtd/parameters/block2mtd\x00', 0x603, 0x0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000040)='ns/user\x00')
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/netfilter/nf_log/6\x00', 0x0, 0x0)
ustat$auto(0x801, 0x0)
open(0x0, 0x22240, 0x155)
socket(0x2, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x400008, 0xdf, 0x100000009b72, 0x2, 0x8000)
io_uring_setup$auto(0x6, 0x0)
socketpair$auto(0xc6, 0x3, 0xfff, &(0x7f0000000000)=0x1)
close_range$auto(0x2, 0x8, 0x0)
r0 = socket(0x11, 0x3, 0x9)
close_range$auto(0x2, r0, 0x0)
r1 = socket(0x11, 0x80003, 0x300)
setsockopt$auto(r1, 0x107, 0x14, 0x0, 0x4)
sendmmsg$auto(r0, &(0x7f0000000400)={{&(0x7f0000000000), 0x205aa, &(0x7f0000000100)={0x0, 0x4b}, 0x1, 0x0, 0x5, 0x1060}, 0x5}, 0x2, 0x100)

3.3630473s ago: executing program 3 (id=425):
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000200)='/proc/fs/cifs/SecurityFlags\x00', 0x40, 0x0)
r1 = socket(0x15, 0x80000, 0x9)
mmap$auto(0x0, 0x400008, 0xff, 0xfffffffffffffffc, r0, 0xb511)
close_range$auto(0x2, r1, 0x5)
r2 = openat$auto_ftrace_event_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/tracing/events/vmalloc/free_vmap_area_noflush/filter\x00', 0x2, 0x0)
r3 = openat$auto_nsim_dev_trap_fa_cookie_fops_dev(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/netdevsim/netdevsim2/trap_flow_action_cookie\x00', 0x2204c2, 0x0)
ioctl$auto(r2, 0x6643, r3)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000012c0)='/sys/module/nvme/parameters/write_queues\x00', 0x0, 0x0)
landlock_create_ruleset$auto(&(0x7f00000001c0)={0x7fff, 0x0, 0x4}, 0x2, 0x0)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0)
read$auto(r4, 0x0, 0x20)
write$auto(0x3, 0x0, 0x5ca)
sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, 0x0, 0x20004088)
r5 = bpf$auto_BPF_PROG_LOAD(0x5, &(0x7f0000000040)=@bpf_attr_5={@target_ifindex, <r6=>r0, 0xb, 0x6, r0, @relative_id=0x400, 0x400}, 0x9fe)
ioctl$auto(r6, 0x5, r5)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/fs/jfs/loglevel\x00', 0x40080, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000000), r5)
openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000100)='/dev/binderfs/binder1\x00', 0x0, 0x0)
r7 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder0\x00', 0x0, 0x0)
ioctl$auto_BINDER_FREEZE(r7, 0x400c620e, &(0x7f00000001c0))
pread64$auto(r0, 0x0, 0x80000000, 0x9fffffffd)

3.165152596s ago: executing program 3 (id=426):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x10, 0x2, 0x0)
openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0)
io_uring_setup$auto(0x59, 0x0)
getpid()
unshare$auto(0x40000080)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
listen$auto(0x3, 0x81)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003f2, 0x15)
r0 = syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000700)=ANY=[@ANYBLOB="6cc21024d68cf34240ceb1eeb2a3c087ed6ce2a41c27de537bb17530ca641221ad2c5a04cdfa7fa501f298cb4475f2159121ac0b22f8c53c6b091a2147c47586ec135ed7b9af0da762b126be2dd6a8fee7adc2b45d04c6d25226dd64ae9f08d69137f3ac3e8366df5da01e768fae996da3bf60e7a0804d", @ANYRES16=r0, @ANYBLOB="010031bd7000fddbdf250c000000"], 0x14}}, 0x24048084)
madvise$auto(0x0, 0x200007, 0x19)
getcpu$auto(0xfffffffffffffffc, 0xffffffffffffffff, 0xfffffffffffffffd)
fanotify_init$auto(0x65, 0x2)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
unshare$auto(0x20000080)
syz_clone3(&(0x7f0000000380)={0x2c022000, 0x0, 0x0, 0x0, {0x1f}, 0x0, 0x0, 0x0, 0x0}, 0x58)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x101001, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000001c0), 0x101000, 0x0)
sendmsg$auto_NL80211_CMD_DEL_TX_TS(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000200)={&(0x7f0000000480)={0x26c, 0x0, 0x100, 0x70bd2c, 0x25dfdbff, {}, [@NL80211_ATTR_KEY_DATA={0x15, 0x7, "f6ff64389b62872b26f97bc80d052696ab"}, @NL80211_ATTR_MESH_ID={0x22, 0x18, "3eed9b1465d94ee937d70efbcdd93f95cb35b0d61936ae811703d63b6d71"}, @NL80211_ATTR_SAR_SPEC={0x208, 0x12c, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS={0x124, 0x2, 0x0, 0x1, [{0x14, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x3}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0xa}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x2}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x1}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x48}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x9}]}, {0x2c, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x7}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x6}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0xd}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x4}]}, {0x3c, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x401}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x200}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x7}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x1000}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x8}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x7}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x8}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x6}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0xfffffffd}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0xffff1e6d}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x452}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x4}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x7}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x4}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x2}]}, {0x4}, {0x24, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0xbb02}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x9}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0xb19}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x20}]}]}, @NL80211_SAR_ATTR_SPECS={0xe0, 0x2, 0x0, 0x1, [{0x34, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x497819ce}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x9}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x100}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0xc59b}]}, {0x34, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x18}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x4}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x7ff}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x7}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0xc6000000}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x7}]}, {0x34, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x9}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x4}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x20000}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x7fff}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0xd}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x5}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x7}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x7fff}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x100}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x5}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x8}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0xfff}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x6}]}]}]}, @NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM={0x6, 0xfb, 0x3}, @NL80211_ATTR_AP_ISOLATE={0x5, 0x60, 0x4}, @NL80211_ATTR_TDLS_EXTERNAL_SETUP={0x4}]}, 0x26c}, 0x1, 0x0, 0x0, 0x24040081}, 0x40094)
r1 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0)
pread64$auto(r1, &(0x7f0000000240)='\x03W\x96l\x15\x00\x00\x00\x00\xf4\x00'/21, 0x100000002, 0x100000001)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x101c82, 0x0)
prctl$auto(0x42, 0x0, 0x0, 0x1, 0x0)

3.103193908s ago: executing program 0 (id=427):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_macsec(&(0x7f00000001c0), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_MACSEC_CMD_UPD_OFFLOAD(r0, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="44010000", @ANYRES16=r1, @ANYBLOB="01002dbd7000fddbdf250a00000008000100", @ANYRES32, @ANYBLOB="280109800c00"], 0x144}, 0x1, 0x0, 0x0, 0x4040085}, 0x0)
mmap$auto(0x5c, 0x40000000000006, 0x8, 0x480014, 0xffffffffffffffff, 0x28000)
setresgid$auto(0x0, 0xffffffffffffffff, 0xffffffffffffffff)
close_range$auto(0x2, 0xa, 0x0)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)
close_range$auto(0x2, 0x8, 0x0)
setitimer$auto(0x0, &(0x7f0000000140)={{0x40000000002, 0x5}, {0x20000, 0x8}}, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/pci0000:00/0000:00:01.1/ata1/host0/scsi_host/host0/scan\x00', 0x5c5100, 0x0)
open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x147)
socket(0xa, 0x801, 0x84)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
write$auto(r2, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xcfk', 0x81)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x130)
fallocate$auto(0x8000000000000003, 0x0, 0x19, 0x4cbd5f)
mmap$auto(0x9, 0x200, 0x4, 0x18, 0x3, 0x0)
mmap$auto(0x0, 0x2020009, 0x100003, 0x9000000eb1, 0xfffffffffffffffa, 0x0)
socket(0x2, 0x1, 0x106)
open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x147)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x80, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000)

2.09071314s ago: executing program 1 (id=428):
mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x130)
r1 = open(&(0x7f00000000c0)='./file0\x00', 0x40000, 0x31)
fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d)
mmap$auto(0x0, 0x1, 0xfd5, 0x12, r1, 0x40000000)
mmap$auto(0x9, 0x1ff, 0x4, 0x14, 0x3, 0x0)
socket(0xa, 0x3, 0x73)
getcwd$auto(&(0x7f00000003c0)=':%,^*#\')\x00', 0x8)
mmap$auto(0xfffffffffffffff9, 0x2000a, 0x100000000009f, 0xeb2, 0x401, 0x8000)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/input/event0\x00', 0x668401, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D3\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f00000000c0)='/dev/audio1\x00', 0x100000a3d9)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x3, 0x0, 0xfffffffffffffffc, 0x2}, 0xed7138c}, 0x2, 0x9)
finit_module$auto(r2, &(0x7f0000000140)='7\x00\\\xa0\x01\x00\x01\x00\x00\x00\x00\x00\xc7k', 0x5)
r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x8800, 0x0)
cachestat$auto(r3, &(0x7f0000000640)={0x8, 0x4000000000008}, 0x0, 0x0)
read$auto_i2cdev_fops_i2c_dev(r0, &(0x7f00000001c0)=""/214, 0xd6)
r4 = socket(0xa, 0x5, 0x84)
sendmsg$auto_NFC_CMD_DEP_LINK_UP(r4, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x24, 0x0, 0x10, 0x70bd2a, 0x25dfdbfc, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_COMM_MODE={0x5, 0xa, 0x6}]}, 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x4040010)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x40, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/module/nfs/parameters/nfs_mountpoint_expiry_timeout\x00', 0xa001, 0x0)
sendto$auto(r4, 0x0, 0x401, 0x7f, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe80000700"}, 0x1c)
r5 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000340)='/dev/video2\x00', 0x80000, 0x0)
ppoll$auto(&(0x7f0000000000)={r5, 0x5687, 0x8}, 0x3, 0x0, 0x0, 0x8)

2.020527349s ago: executing program 0 (id=429):
mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000)
r0 = socket(0x1d, 0x2, 0x6)
setsockopt$auto(r0, 0x6a, 0x5, 0x0, 0x3)
r1 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0)
ioctl$auto_PAGEMAP_SCAN(r1, 0xc0606610, &(0x7f0000000100)={0x60, 0x0, 0x100000, 0x7fffffffefff, 0x40, 0x5, 0xe4, 0x0, 0x0, 0x2, 0x0, 0x6})
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0xa, 0x3, 0x3b)
sysfs$auto(0x2, 0x23, 0x0)
r2 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0)
write$auto(r2, 0x0, 0x3)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
io_uring_setup$auto(0x6, 0x0)
r3 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$auto_VHOST_SET_FEATURES(r3, 0x4008af00, &(0x7f0000000000)=0x200000000)
read$auto(r3, 0x0, 0x3ff)
close_range$auto(0x2, 0x8, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x80102, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/midi2\x00', 0x201, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
unshare$auto(0x400)
select$auto(0xd, &(0x7f0000000140)={[0x6, 0x1, 0x0, 0x96, 0x1, 0x46, 0x100, 0x1, 0x4, 0xd1, 0xbb95, 0x1, 0x2, 0x2]}, &(0x7f0000000240)={[0x7, 0x2, 0xff, 0x1, 0x2, 0x4, 0x3, 0x4, 0x2, 0x6, 0x9, 0x8, 0x28d3, 0x6, 0x1, 0x7]}, &(0x7f00000002c0)={[0xffff, 0xfffffffffffff734, 0x4, 0xf94, 0x2, 0x7f, 0x8, 0x49, 0x8, 0x40, 0x9, 0xffffffffffffffff, 0x7, 0x10000, 0x5, 0x6]}, &(0x7f0000000040)={0x7ff})
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000000200), 0x200, 0x0)

1.992042937s ago: executing program 3 (id=430):
unshare$auto(0x40000080)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
listen$auto(0x3, 0x81)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003f2, 0x15)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0xffffffffffffffff, 0x2)
openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000000)='/dev/usbmon7\x00', 0x40080, 0x0)
epoll_ctl$auto(0xffffffffffffffff, 0x1, 0x8000000000000000, 0x0)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
madvise$auto(0x0, 0x200007, 0x19)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x103003, 0x0)
getcpu$auto(0xfffffffffffffffc, 0xffffffffffffffff, 0xfffffffffffffffd)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x101001, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000001c0), 0x101000, 0x0)
r1 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0)
pread64$auto(r1, &(0x7f0000000240)='\x03W\x96l\x15\x00'/21, 0x100000002, 0x100000001)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x101c82, 0x0)
r2 = prctl$auto(0x41, 0x7, 0x0, 0x1, 0x400781)
ioctl$auto_BLKROSET(r2, 0x125d, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
madvise$auto(0x6, 0x1, 0x7fffffff)
r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0xe6e43, 0x0)
ioctl$auto_BLKFLSBUF(r3, 0x1261, 0x0)

1.124011171s ago: executing program 0 (id=431):
set_mempolicy$auto(0x2, 0x0, 0x4)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f0000000580)={{@raw=0x7fdfffff, 0xf0ee, 0x40020009, 0x3, "790eaa833e6fc65b6b3cf705001900ffff8eac2cdafc1f64010043eeb0b0530300000000000e00"}, 0x4, 0x966, 0x3, @inferred=<r0=>0x0, @integer={0x100000000, 0x2000000b752, 0x1}, "6cc1294d63a4f1b4285854c5368de438f8cc142ef6df12bf3373a1183bedbd31b642b4051b078fa1c1c61c329794e5311121c760cb9611c78e6947a99807bcc1"})
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
socket(0xa, 0x3, 0x3b)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/cgroup.threads\x00', 0x80302, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x8, 0x1, r0, 0x5, 0x97a)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r2 = socket(0x2, 0x1, 0x0)
prctl$auto(0x29, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x202000a, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
sysfs$auto(0x2, 0x7, 0x70000000)
socketpair$auto(0x1ffe, 0xffffffff, 0x8000000000000000, 0x0)
io_uring_setup$auto(0x2, &(0x7f0000000040)={0x2, 0x3, 0xe127, 0x3ff, 0x6, 0x1, r2, [0x80000000, 0x6, 0x80], {0x8000, 0x3ff, 0x0, 0x1, 0x0, 0x1, 0x3495, 0x73, 0x100}, {0xcbf, 0x6, 0x9, 0x3, 0x390, 0x8, 0x8, 0xa, 0x3}})
r3 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card1\x00', 0x0, 0x0)
ioctl$auto(r3, 0x900064b4, 0x2000000000000c37)
openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000008040), 0x302, 0x0)
r4 = socket(0x2c, 0x80003, 0x0)
sendmsg$auto_NL802154_CMD_SET_SEC_PARAMS(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x44040}, 0x4000)
r5 = syz_genetlink_get_family_id$auto_ncsi(&(0x7f0000000140), r1)
sendmsg$auto_NCSI_CMD_SET_CHANNEL_MASK(r4, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='0\x00 \x00', @ANYRES16=r5, @ANYBLOB="000425bd7000fddbdf2506000000080007000700000004000280080004000600000008000400db9c9c23"], 0x30}, 0x1, 0x0, 0x0, 0x20044000}, 0x20000850)
socket(0x22, 0x3, 0x0)

1.003931915s ago: executing program 1 (id=432):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x100000000, 0x2000d, 0x1, 0xeb1, 0xffffffffffffffff, 0x100000000)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x1, 0x0)
semget$auto(0x0, 0x13c, 0x1ff)
recvmmsg$auto(0xffffffffffffffff, 0x0, 0x3, 0x1, 0x0)
openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000040)='/proc/version\x00', 0x101001, 0x0) (async)
r1 = openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000040)='/proc/version\x00', 0x101001, 0x0)
pread64$auto(r1, &(0x7f0000000240)='}\xf7\x1dG\x9d\x95\xc3%9\x8d\x1c\xba\x95\x03\xd7\xe3\xf5\x03\x9aI3\xc6\xc2\x90Q\x18\xb93\x16\\zW\xe2\xe8&`(\xd8<H[\x91L5\xb4\x8a.\x13\xcc\x19,\xeby~v\x8e\x0f\x81\xc0j;\x85\r\xe2\xc7\xb9\xc1%\xc5\xc1\xe2\xf5s\x1fr\x16\fS\x0e\xe0qD\x9dE^\xc0\x92\nz1\x01\x9d\xbb(\xdc8]UE\xcd\xe8yT\xb3\xdck\x9a\xa3ZX0\x84\xd3\x8a\xef\x82\xae\x8b\x17\xbbG/N\x1aw\x95\b\x80\xe8%\xef\xbb\xd9;\xe0S@\xe1\xe5\xbd\x88}\xdf\f\xea\x81\xce', 0x81, 0x2) (async)
pread64$auto(r1, &(0x7f0000000240)='}\xf7\x1dG\x9d\x95\xc3%9\x8d\x1c\xba\x95\x03\xd7\xe3\xf5\x03\x9aI3\xc6\xc2\x90Q\x18\xb93\x16\\zW\xe2\xe8&`(\xd8<H[\x91L5\xb4\x8a.\x13\xcc\x19,\xeby~v\x8e\x0f\x81\xc0j;\x85\r\xe2\xc7\xb9\xc1%\xc5\xc1\xe2\xf5s\x1fr\x16\fS\x0e\xe0qD\x9dE^\xc0\x92\nz1\x01\x9d\xbb(\xdc8]UE\xcd\xe8yT\xb3\xdck\x9a\xa3ZX0\x84\xd3\x8a\xef\x82\xae\x8b\x17\xbbG/N\x1aw\x95\b\x80\xe8%\xef\xbb\xd9;\xe0S@\xe1\xe5\xbd\x88}\xdf\f\xea\x81\xce', 0x81, 0x2)
write$auto_console_fops_tty_io(r1, &(0x7f0000000180)="ca91619fc5598d7ac973b84714e2bdc0098dc505dd62130633", 0x19)
openat$auto_urandom_fops_random(0xffffffffffffff9c, &(0x7f0000000000), 0x212002, 0x0) (async)
openat$auto_urandom_fops_random(0xffffffffffffff9c, &(0x7f0000000000), 0x212002, 0x0)
socket(0xa, 0x5, 0x0)
mmap$auto(0xfffffffffffffffe, 0x2c, 0xa01, 0x400000000eb1, 0x401, 0x8000)
r2 = pipe$auto(0x0)
ioctl$auto_SNDRV_PCM_IOCTL_RESUME2(r2, 0x4147, 0x0)
write$auto_tracing_mark_fops_trace(r2, &(0x7f0000000080)="4e848cd7d3ab9bed924968b34583569e3fa58ac12036f156e4e83f28de5285d733de957b8f60e58d0c23f72df6c6e37b2c2cbacc4c79586e477cfd3f852447cdca9283011228692577e1fd8827c4c5d91ef4a684197afae14df32fa6a4de17fdf7ef62a59e431e8b8ab0bb87a49c00dd772e7dc030582246cdaafb1cc035ef2e70ba2a49031ec82db777026a56f67fcfee11949e6ba12f2e6fd91d1f1155ac90fa762fa968a6e8271d30fdfbeec1fa3d73ac94143638c318b527288d459075b26e446dd0126c8de2", 0xc8)
sendfile$auto(0x3, 0x3, 0x0, 0x400000000006)
write$auto_ocfs2_control_fops_stack_user(r2, 0x0, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/uvcvideo/parameters/clock\x00', 0xb02, 0x0) (async)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/uvcvideo/parameters/clock\x00', 0xb02, 0x0)
sendfile$auto(r3, r3, 0x0, 0x7ff)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
unshare$auto(0x40000080)
prctl$auto(0x200003e, 0xffffffffffffffff, 0x0, 0x20001, 0x2) (async)
prctl$auto(0x200003e, 0xffffffffffffffff, 0x0, 0x20001, 0x2)
write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9)
socket(0x10, 0x2, 0x0) (async)
r4 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB='&\x00', @ANYBLOB="5de1"], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) (async)
sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB='&\x00', @ANYBLOB="5de1"], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40000)
read$auto(r4, 0x0, 0xfdef)
mmap$auto(0x4, 0x7, 0x400002, 0x41eb5, r0, 0x300000000000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) (async)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6a980, 0x0) (async)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6a980, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f00000000c0), 0x80, 0x0)

0s ago: executing program 1 (id=433):
r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r2=>0x0})
sendmsg$auto_NL80211_CMD_SET_WIPHY(r1, &(0x7f00000000c0)={0x0, 0x4b, &(0x7f0000000040)={&(0x7f0000000440)={0x2c, r0, 0x13, 0x70bd2c, 0x25dfdbdd, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r2}, @NL80211_ATTR_WIPHY_TX_POWER_SETTING={0x8, 0x61, 0x4}, @NL80211_ATTR_WIPHY_TX_POWER_LEVEL={0x8}]}, 0x2c}, 0x1, 0xfff0, 0x0, 0x24004080}, 0x20040894)

kernel console output (not intermixed with test programs):

ributes in process `syz.2.238'.
[  161.609979][ T6864] FAULT_INJECTION: forcing a failure.
[  161.609979][ T6864] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  161.617362][   T30] audit: type=1804 audit(1773801716.095:63): pid=6860 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.235" name="/newroot/57/file0" dev="tmpfs" ino=320 res=1 errno=0
[  161.654169][ T6864] CPU: 0 UID: 0 PID: 6864 Comm: syz.2.238 Not tainted syzkaller #0 PREEMPT(full) 
[  161.654209][ T6864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  161.654228][ T6864] Call Trace:
[  161.654247][ T6864]  <TASK>
[  161.654259][ T6864]  dump_stack_lvl+0x100/0x190
[  161.654310][ T6864]  should_fail_ex.cold+0x5/0xa
[  161.654339][ T6864]  ? prepare_alloc_pages+0x16d/0x5f0
[  161.654380][ T6864]  should_fail_alloc_page+0xeb/0x140
[  161.654416][ T6864]  prepare_alloc_pages+0x1f0/0x5f0
[  161.654457][ T6864]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  161.654508][ T6864]  ? rcu_is_watching+0x12/0xc0
[  161.654556][ T6864]  ? trace_mm_page_alloc+0x17a/0x1d0
[  161.654592][ T6864]  ? __alloc_frozen_pages_noprof+0x2b1/0x2ba0
[  161.654646][ T6864]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  161.654693][ T6864]  ? stack_trace_save+0x8e/0xc0
[  161.654726][ T6864]  ? stack_depot_save_flags+0x27/0x9d0
[  161.654764][ T6864]  ? is_bpf_text_address+0x8a/0x1a0
[  161.654809][ T6864]  ? is_bpf_text_address+0x8a/0x1a0
[  161.654860][ T6864]  ? kasan_save_stack+0x3f/0x50
[  161.654913][ T6864]  ? kasan_save_track+0x14/0x30
[  161.654961][ T6864]  ? kmem_cache_alloc_node_noprof+0x25a/0x6f0
[  161.655007][ T6864]  ? alloc_vmap_area+0x640/0x2bd0
[  161.655035][ T6864]  ? __get_vm_area_node+0x1ca/0x330
[  161.655067][ T6864]  ? __vmalloc_node_range_noprof+0x213/0x1530
[  161.655105][ T6864]  ? __vmalloc_node_noprof+0xad/0xf0
[  161.655139][ T6864]  ? copy_process+0x5ec/0x7a40
[  161.655172][ T6864]  ? kernel_clone+0xfc/0x9a0
[  161.655205][ T6864]  ? __do_sys_clone+0xd9/0x120
[  161.655245][ T6864]  ? do_syscall_64+0x106/0xf80
[  161.655299][ T6864]  alloc_pages_bulk_noprof+0x782/0x1490
[  161.655362][ T6864]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  161.655425][ T6864]  ? alloc_pages_noprof+0x233/0x390
[  161.655462][ T6864]  __kasan_populate_vmalloc+0xf0/0x210
[  161.655515][ T6864]  alloc_vmap_area+0x95d/0x2bd0
[  161.655565][ T6864]  ? __pfx_alloc_vmap_area+0x10/0x10
[  161.655607][ T6864]  __get_vm_area_node+0x1ca/0x330
[  161.655647][ T6864]  __vmalloc_node_range_noprof+0x213/0x1530
[  161.655686][ T6864]  ? kernel_clone+0xfc/0x9a0
[  161.655717][ T6864]  ? find_held_lock+0x2b/0x80
[  161.655745][ T6864]  ? local_lock_release+0x99/0x130
[  161.655777][ T6864]  ? local_lock_release+0x99/0x130
[  161.655813][ T6864]  ? kernel_clone+0xfc/0x9a0
[  161.655856][ T6864]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  161.655897][ T6864]  ? __memcg_slab_post_alloc_hook+0x51b/0x990
[  161.655937][ T6864]  ? rcu_is_watching+0x12/0xc0
[  161.655978][ T6864]  ? trace_kmem_cache_alloc+0xf3/0x120
[  161.656013][ T6864]  ? kernel_clone+0xfc/0x9a0
[  161.656043][ T6864]  __vmalloc_node_noprof+0xad/0xf0
[  161.656077][ T6864]  ? kernel_clone+0xfc/0x9a0
[  161.656113][ T6864]  copy_process+0x5ec/0x7a40
[  161.656147][ T6864]  ? preempt_schedule_thunk+0x16/0x30
[  161.656190][ T6864]  ? try_to_wake_up+0x644/0x1a80
[  161.656225][ T6864]  ? __pfx_copy_process+0x10/0x10
[  161.656267][ T6864]  ? find_held_lock+0x2b/0x80
[  161.656303][ T6864]  ? futex_private_hash_put+0x107/0x1c0
[  161.656347][ T6864]  kernel_clone+0xfc/0x9a0
[  161.656383][ T6864]  ? __pfx_kernel_clone+0x10/0x10
[  161.656440][ T6864]  __do_sys_clone+0xd9/0x120
[  161.656474][ T6864]  ? __pfx___do_sys_clone+0x10/0x10
[  161.656540][ T6864]  do_syscall_64+0x106/0xf80
[  161.656580][ T6864]  ? clear_bhb_loop+0x40/0x90
[  161.656618][ T6864]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  161.656643][ T6864] RIP: 0033:0x7f808999c799
[  161.656665][ T6864] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  161.656688][ T6864] RSP: 002b:00007f808a8d9fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  161.656712][ T6864] RAX: ffffffffffffffda RBX: 00007f8089c15fa0 RCX: 00007f808999c799
[  161.656728][ T6864] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011
[  161.656742][ T6864] RBP: 00007f8089a32c99 R08: 0000000000000000 R09: 0000000000000000
[  161.656756][ T6864] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  161.656771][ T6864] R13: 00007f8089c16038 R14: 00007f8089c15fa0 R15: 00007ffd40e74698
[  161.656802][ T6864]  </TASK>
[  161.656995][ T6864] warn_alloc: 3 callbacks suppressed
[  161.657013][ T6864] syz.2.238: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  162.123323][ T6864] CPU: 0 UID: 0 PID: 6864 Comm: syz.2.238 Not tainted syzkaller #0 PREEMPT(full) 
[  162.123361][ T6864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  162.123375][ T6864] Call Trace:
[  162.123383][ T6864]  <TASK>
[  162.123391][ T6864]  dump_stack_lvl+0x100/0x190
[  162.123432][ T6864]  warn_alloc.cold+0x95/0x1c1
[  162.123473][ T6864]  ? __pfx_warn_alloc+0x10/0x10
[  162.123510][ T6864]  ? lockdep_hardirqs_on+0x78/0x100
[  162.123565][ T6864]  ? __get_vm_area_node+0x2c5/0x330
[  162.123605][ T6864]  ? __get_vm_area_node+0x208/0x330
[  162.123645][ T6864]  __vmalloc_node_range_noprof+0xbf4/0x1530
[  162.123680][ T6864]  ? find_held_lock+0x2b/0x80
[  162.123706][ T6864]  ? local_lock_release+0x99/0x130
[  162.123740][ T6864]  ? local_lock_release+0x99/0x130
[  162.123778][ T6864]  ? kernel_clone+0xfc/0x9a0
[  162.123822][ T6864]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  162.123860][ T6864]  ? __memcg_slab_post_alloc_hook+0x51b/0x990
[  162.123900][ T6864]  ? rcu_is_watching+0x12/0xc0
[  162.123942][ T6864]  ? trace_kmem_cache_alloc+0xf3/0x120
[  162.123980][ T6864]  ? kernel_clone+0xfc/0x9a0
[  162.124015][ T6864]  __vmalloc_node_noprof+0xad/0xf0
[  162.124054][ T6864]  ? kernel_clone+0xfc/0x9a0
[  162.124094][ T6864]  copy_process+0x5ec/0x7a40
[  162.124132][ T6864]  ? preempt_schedule_thunk+0x16/0x30
[  162.124173][ T6864]  ? try_to_wake_up+0x644/0x1a80
[  162.124207][ T6864]  ? __pfx_copy_process+0x10/0x10
[  162.124239][ T6864]  ? find_held_lock+0x2b/0x80
[  162.124269][ T6864]  ? futex_private_hash_put+0x107/0x1c0
[  162.124310][ T6864]  kernel_clone+0xfc/0x9a0
[  162.124348][ T6864]  ? __pfx_kernel_clone+0x10/0x10
[  162.124405][ T6864]  __do_sys_clone+0xd9/0x120
[  162.124442][ T6864]  ? __pfx___do_sys_clone+0x10/0x10
[  162.124510][ T6864]  do_syscall_64+0x106/0xf80
[  162.124560][ T6864]  ? clear_bhb_loop+0x40/0x90
[  162.124597][ T6864]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  162.124627][ T6864] RIP: 0033:0x7f808999c799
[  162.124652][ T6864] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  162.124681][ T6864] RSP: 002b:00007f808a8d9fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  162.124710][ T6864] RAX: ffffffffffffffda RBX: 00007f8089c15fa0 RCX: 00007f808999c799
[  162.124731][ T6864] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011
[  162.124748][ T6864] RBP: 00007f8089a32c99 R08: 0000000000000000 R09: 0000000000000000
[  162.124766][ T6864] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  162.124784][ T6864] R13: 00007f8089c16038 R14: 00007f8089c15fa0 R15: 00007ffd40e74698
[  162.124824][ T6864]  </TASK>
[  162.124835][ T6864] Mem-Info:
[  162.587432][ T6864] active_anon:5394 inactive_anon:0 isolated_anon:0
[  162.587432][ T6864]  active_file:2959 inactive_file:39522 isolated_file:0
[  162.587432][ T6864]  unevictable:768 dirty:12 writeback:0
[  162.587432][ T6864]  slab_reclaimable:10715 slab_unreclaimable:90396
[  162.587432][ T6864]  mapped:24643 shmem:1484 pagetables:987
[  162.587432][ T6864]  sec_pagetables:0 bounce:0
[  162.587432][ T6864]  kernel_misc_reclaimable:0
[  162.587432][ T6864]  free:1346362 free_pcp:12032 free_cma:0
[  162.658071][ T6864] Node 0 active_anon:21976kB inactive_anon:0kB active_file:11836kB inactive_file:157960kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:98772kB dirty:48kB writeback:0kB shmem:4500kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11260kB pagetables:3788kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  162.829650][ T6864] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:128kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:64kB pagetables:160kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  162.868225][ T6864] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  162.899851][ T6864] lowmem_reserve[]: 0 2477 2478 2478 2478
[  162.910027][ T6864] Node 0 DMA32 free:1431992kB boost:0kB min:34056kB low:42568kB high:51080kB reserved_highatomic:0KB free_highatomic:0KB active_anon:25876kB inactive_anon:0kB active_file:11836kB inactive_file:157960kB unevictable:1536kB writepending:48kB zspages:0kB present:3129332kB managed:2537380kB mlocked:0kB bounce:0kB free_pcp:43324kB local_pcp:24372kB free_cma:0kB
[  162.949636][ T6864] lowmem_reserve[]: 0 0 1 1 1
[  163.012818][ T6864] Node 0 Normal free:8kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1060kB mlocked:0kB bounce:0kB free_pcp:20kB local_pcp:8kB free_cma:0kB
[  163.097723][ T6864] lowmem_reserve[]: 0 0 0 0 0
[  163.102551][ T6864] Node 1 Normal free:3937968kB boost:0kB min:55828kB low:69784kB high:83740kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:128kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  163.211474][ T6864] lowmem_reserve[]: 0 0 0 0 0
[  163.216239][ T6864] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  163.290367][ T6864] Node 0 DMA32: 2310*4kB (UME) 1358*8kB (UME) 562*16kB (UM) 165*32kB (UME) 95*64kB (UME) 74*128kB (UM) 69*256kB (UM) 25*512kB (ME) 11*1024kB (M) 3*2048kB (UM) 327*4096kB (UM) = 1437192kB
[  163.335083][ T6880] FAULT_INJECTION: forcing a failure.
[  163.335083][ T6880] name failslab, interval 1, probability 0, space 0, times 0
[  163.352274][ T6880] CPU: 1 UID: 0 PID: 6880 Comm: syz.3.242 Not tainted syzkaller #0 PREEMPT(full) 
[  163.352318][ T6880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  163.352336][ T6880] Call Trace:
[  163.352347][ T6880]  <TASK>
[  163.352359][ T6880]  dump_stack_lvl+0x100/0x190
[  163.352412][ T6880]  should_fail_ex.cold+0x5/0xa
[  163.352447][ T6880]  should_failslab+0xc2/0x120
[  163.352547][ T6880]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  163.352598][ T6880]  ? audit_log_start+0x29d/0x930
[  163.352648][ T6880]  audit_log_start+0x29d/0x930
[  163.352695][ T6880]  ? __pfx_audit_log_start+0x10/0x10
[  163.352748][ T6880]  ? integrity_audit_msg+0x41/0x60
[  163.352794][ T6880]  integrity_audit_message+0x10c/0x4f0
[  163.352841][ T6880]  ? __pfx_integrity_audit_message+0x10/0x10
[  163.352888][ T6880]  ? __pfx_ima_add_template_entry+0x10/0x10
[  163.352936][ T6880]  integrity_audit_msg+0x41/0x60
[  163.352984][ T6880]  ima_add_violation+0x1b9/0x3c0
[  163.353023][ T6880]  ? __pfx_ima_add_violation+0x10/0x10
[  163.353056][ T6880]  ? ima_d_path+0x137/0x260
[  163.353085][ T6880]  ? __pfx_ima_d_path+0x10/0x10
[  163.353124][ T6880]  ? __pfx_down_write+0x10/0x10
[  163.353180][ T6880]  process_measurement+0x148f/0x2350
[  163.353234][ T6880]  ? __pfx_process_measurement+0x10/0x10
[  163.353351][ T6880]  ? seq_open+0x116/0x170
[  163.353396][ T6880]  ? inode_to_bdi+0x9e/0x160
[  163.353432][ T6880]  ima_file_check+0xcc/0x120
[  163.353494][ T6880]  ? __pfx_ima_file_check+0x10/0x10
[  163.353554][ T6880]  security_file_post_open+0xc4/0x210
[  163.353594][ T6880]  path_openat+0x1418/0x31a0
[  163.353642][ T6880]  ? __pfx_path_openat+0x10/0x10
[  163.353691][ T6880]  do_file_open+0x20e/0x430
[  163.353727][ T6880]  ? __pfx_do_file_open+0x10/0x10
[  163.353792][ T6880]  ? alloc_fd+0x476/0x790
[  163.353828][ T6880]  ? do_getname+0x191/0x390
[  163.353871][ T6880]  do_sys_openat2+0x10d/0x1e0
[  163.353915][ T6880]  ? __pfx_do_sys_openat2+0x10/0x10
[  163.353971][ T6880]  __x64_sys_openat+0x12d/0x210
[  163.354022][ T6880]  ? __pfx___x64_sys_openat+0x10/0x10
[  163.354080][ T6880]  do_syscall_64+0x106/0xf80
[  163.354122][ T6880]  ? clear_bhb_loop+0x40/0x90
[  163.354161][ T6880]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.354190][ T6880] RIP: 0033:0x7fc3f1d9c799
[  163.354218][ T6880] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  163.354246][ T6880] RSP: 002b:00007fc3efff6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  163.354277][ T6880] RAX: ffffffffffffffda RBX: 00007fc3f2015fa0 RCX: 00007fc3f1d9c799
[  163.354297][ T6880] RDX: 0000000000008000 RSI: 0000200000000100 RDI: ffffffffffffff9c
[  163.354316][ T6880] RBP: 00007fc3f1e32c99 R08: 0000000000000000 R09: 0000000000000000
[  163.354334][ T6880] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  163.354352][ T6880] R13: 00007fc3f2016038 R14: 00007fc3f2015fa0 R15: 00007ffc4e8f1508
[  163.354391][ T6880]  </TASK>
[  163.356095][ T6880] audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64
[  163.697391][ T6864] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB
[  163.774217][ T6880] audit: out of memory in audit_log_start
[  163.780124][ T6864] Node 1 Normal: 6*4kB (UM) 7*8kB (UM) 8*16kB (UM) 11*32kB (UM) 10*64kB (UM) 2*128kB (UM) 5*256kB (UM) 4*512kB (UM) 1*1024kB (M) 0*2048kB 960*4096kB (M) = 3937968kB
[  163.840900][ T6864] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  163.889821][ T6864] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  163.947475][ T6864] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  163.957107][ T6864] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  163.977391][ T6864] 44108 total pagecache pages
[  163.982099][ T6864] 0 pages in swap cache
[  163.986251][ T6864] Free swap  = 122952kB
[  164.022457][ T6864] Total swap = 124996kB
[  164.026747][ T6864] 2097051 pages RAM
[  164.055278][ T6864] 0 pages HighMem/MovableOnly
[  164.060603][ T6864] 430826 pages reserved
[  164.064995][ T6864] 0 pages cma reserved
[  164.129296][ T6889] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=544108393 (1088216786 ns) > initial count (3830 ns). Using initial count to start timer.
[  164.780263][   T30] audit: type=1804 audit(1773801719.326:64): pid=6904 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.248" name="/newroot/67/file0" dev="tmpfs" ino=374 res=1 errno=0
[  164.907914][   T30] audit: type=1804 audit(1773801719.326:65): pid=6905 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.248" name="/newroot/67/file0" dev="tmpfs" ino=374 res=1 errno=0
[  166.018170][ T6927] netlink: 280 bytes leftover after parsing attributes in process `syz.3.254'.
[  166.065480][ T6927] FAULT_INJECTION: forcing a failure.
[  166.065480][ T6927] name failslab, interval 1, probability 0, space 0, times 0
[  166.167543][ T6927] CPU: 1 UID: 0 PID: 6927 Comm: syz.3.254 Not tainted syzkaller #0 PREEMPT(full) 
[  166.167587][ T6927] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  166.167606][ T6927] Call Trace:
[  166.167617][ T6927]  <TASK>
[  166.167629][ T6927]  dump_stack_lvl+0x100/0x190
[  166.167683][ T6927]  should_fail_ex.cold+0x5/0xa
[  166.167721][ T6927]  should_failslab+0xc2/0x120
[  166.167755][ T6927]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  166.167801][ T6927]  ? dup_fd+0x4d/0xd10
[  166.167830][ T6927]  ? trace_kmalloc+0x101/0x130
[  166.167867][ T6927]  dup_fd+0x4d/0xd10
[  166.167903][ T6927]  ? apparmor_task_alloc+0x2c1/0x3b0
[  166.167957][ T6927]  copy_process+0x268f/0x7a40
[  166.167994][ T6927]  ? preempt_schedule_thunk+0x16/0x30
[  166.168050][ T6927]  ? __pfx_copy_process+0x10/0x10
[  166.168088][ T6927]  ? find_held_lock+0x2b/0x80
[  166.168124][ T6927]  ? futex_private_hash_put+0x107/0x1c0
[  166.168170][ T6927]  kernel_clone+0xfc/0x9a0
[  166.168208][ T6927]  ? __pfx_kernel_clone+0x10/0x10
[  166.168267][ T6927]  __do_sys_clone+0xd9/0x120
[  166.168305][ T6927]  ? __pfx___do_sys_clone+0x10/0x10
[  166.168375][ T6927]  do_syscall_64+0x106/0xf80
[  166.168418][ T6927]  ? clear_bhb_loop+0x40/0x90
[  166.168464][ T6927]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.168497][ T6927] RIP: 0033:0x7fc3f1d9c799
[  166.168525][ T6927] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  166.168554][ T6927] RSP: 002b:00007fc3efff5fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  166.168584][ T6927] RAX: ffffffffffffffda RBX: 00007fc3f2015fa0 RCX: 00007fc3f1d9c799
[  166.168605][ T6927] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011
[  166.168623][ T6927] RBP: 00007fc3f1e32c99 R08: 0000000000000000 R09: 0000000000000000
[  166.168642][ T6927] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  166.168660][ T6927] R13: 00007fc3f2016038 R14: 00007fc3f2015fa0 R15: 00007ffc4e8f1508
[  166.168702][ T6927]  </TASK>
[  167.384140][   T30] audit: type=1804 audit(1773801721.928:66): pid=6949 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.260" name="/newroot/64/file0" dev="tmpfs" ino=357 res=1 errno=0
[  167.463011][   T30] audit: type=1804 audit(1773801721.988:67): pid=6947 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.260" name="/newroot/64/file0" dev="tmpfs" ino=357 res=1 errno=0
[  168.230503][ T6968] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=544108393 (1088216786 ns) > initial count (3830 ns). Using initial count to start timer.
[  168.418636][ T6973] netlink: 280 bytes leftover after parsing attributes in process `syz.3.268'.
[  168.522242][ T6978] FAULT_INJECTION: forcing a failure.
[  168.522242][ T6978] name failslab, interval 1, probability 0, space 0, times 0
[  168.584015][ T6978] CPU: 1 UID: 0 PID: 6978 Comm: syz.3.268 Not tainted syzkaller #0 PREEMPT(full) 
[  168.584047][ T6978] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  168.584059][ T6978] Call Trace:
[  168.584065][ T6978]  <TASK>
[  168.584073][ T6978]  dump_stack_lvl+0x100/0x190
[  168.584107][ T6978]  should_fail_ex.cold+0x5/0xa
[  168.584128][ T6978]  ? lsm_blob_alloc+0x68/0x90
[  168.584153][ T6978]  should_failslab+0xc2/0x120
[  168.584173][ T6978]  __kmalloc_noprof+0xe0/0x850
[  168.584208][ T6978]  ? audit_alloc+0xa2/0x7b0
[  168.584233][ T6978]  lsm_blob_alloc+0x68/0x90
[  168.584259][ T6978]  security_task_alloc+0x2a/0x260
[  168.584284][ T6978]  copy_process+0x258f/0x7a40
[  168.584318][ T6978]  ? __pfx_copy_process+0x10/0x10
[  168.584340][ T6978]  ? find_held_lock+0x2b/0x80
[  168.584366][ T6978]  kernel_clone+0xfc/0x9a0
[  168.584385][ T6978]  ? __pfx_futex_wait+0x10/0x10
[  168.584415][ T6978]  ? __pfx_kernel_clone+0x10/0x10
[  168.584448][ T6978]  __do_sys_clone+0xd9/0x120
[  168.584469][ T6978]  ? __pfx___do_sys_clone+0x10/0x10
[  168.584509][ T6978]  do_syscall_64+0x106/0xf80
[  168.584534][ T6978]  ? clear_bhb_loop+0x40/0x90
[  168.584556][ T6978]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.584575][ T6978] RIP: 0033:0x7fc3f1d9c799
[  168.584590][ T6978] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  168.584608][ T6978] RSP: 002b:00007fc3effd4fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  168.584627][ T6978] RAX: ffffffffffffffda RBX: 00007fc3f2016090 RCX: 00007fc3f1d9c799
[  168.584638][ T6978] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011
[  168.584649][ T6978] RBP: 00007fc3f1e32c99 R08: 0000000000000000 R09: 0000000000000000
[  168.584660][ T6978] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  168.584670][ T6978] R13: 00007fc3f2016128 R14: 00007fc3f2016090 R15: 00007ffc4e8f1508
[  168.584694][ T6978]  </TASK>
[  169.560597][   T30] audit: type=1804 audit(1773801724.011:68): pid=6993 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.271" name="/newroot/68/file0" dev="tmpfs" ino=379 res=1 errno=0
[  169.628743][   T30] audit: type=1804 audit(1773801724.131:69): pid=6994 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.271" name="/newroot/68/file0" dev="tmpfs" ino=379 res=1 errno=0
[  170.473636][   T30] audit: type=1804 audit(1773801725.023:70): pid=7013 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.276" name="/newroot/sys/kernel/tracing/set_event" dev="tracefs" ino=19 res=1 errno=0
[  170.527483][   T30] audit: type=1804 audit(1773801725.023:71): pid=7010 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.275" name="/newroot/sys/kernel/tracing/set_event" dev="tracefs" ino=19 res=1 errno=0
[  170.919738][ T7018] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=544108393 (1088216786 ns) > initial count (3830 ns). Using initial count to start timer.
[  171.030179][ T7023] netlink: 280 bytes leftover after parsing attributes in process `syz.0.279'.
[  171.052648][ T7023] FAULT_INJECTION: forcing a failure.
[  171.052648][ T7023] name failslab, interval 1, probability 0, space 0, times 0
[  171.110315][ T7023] CPU: 0 UID: 0 PID: 7023 Comm: syz.0.279 Not tainted syzkaller #0 PREEMPT(full) 
[  171.110360][ T7023] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  171.110375][ T7023] Call Trace:
[  171.110384][ T7023]  <TASK>
[  171.110394][ T7023]  dump_stack_lvl+0x100/0x190
[  171.110444][ T7023]  should_fail_ex.cold+0x5/0xa
[  171.110479][ T7023]  should_failslab+0xc2/0x120
[  171.110509][ T7023]  __kmalloc_cache_noprof+0x7a/0x6f0
[  171.110558][ T7023]  ? alloc_fdtable+0xbd/0x2d0
[  171.110602][ T7023]  ? find_held_lock+0x2b/0x80
[  171.110629][ T7023]  ? dup_fd+0x924/0xd10
[  171.110662][ T7023]  alloc_fdtable+0xbd/0x2d0
[  171.110711][ T7023]  dup_fd+0x995/0xd10
[  171.110744][ T7023]  ? apparmor_task_alloc+0x2c1/0x3b0
[  171.110795][ T7023]  copy_process+0x268f/0x7a40
[  171.110833][ T7023]  ? preempt_schedule_thunk+0x16/0x30
[  171.110886][ T7023]  ? __pfx_copy_process+0x10/0x10
[  171.110921][ T7023]  ? find_held_lock+0x2b/0x80
[  171.110954][ T7023]  ? futex_private_hash_put+0x107/0x1c0
[  171.110994][ T7023]  kernel_clone+0xfc/0x9a0
[  171.111020][ T7023]  ? __pfx_kernel_clone+0x10/0x10
[  171.111058][ T7023]  __do_sys_clone+0xd9/0x120
[  171.111080][ T7023]  ? __pfx___do_sys_clone+0x10/0x10
[  171.111129][ T7023]  do_syscall_64+0x106/0xf80
[  171.111154][ T7023]  ? clear_bhb_loop+0x40/0x90
[  171.111178][ T7023]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.111197][ T7023] RIP: 0033:0x7f748df9c799
[  171.111213][ T7023] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  171.111231][ T7023] RSP: 002b:00007f748ef17fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  171.111250][ T7023] RAX: ffffffffffffffda RBX: 00007f748e215fa0 RCX: 00007f748df9c799
[  171.111263][ T7023] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011
[  171.111274][ T7023] RBP: 00007f748e032c99 R08: 0000000000000000 R09: 0000000000000000
[  171.111285][ T7023] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  171.111296][ T7023] R13: 00007f748e216038 R14: 00007f748e215fa0 R15: 00007fffdf1ba5a8
[  171.111319][ T7023]  </TASK>
[  172.611445][   T30] audit: type=1804 audit(1773801727.153:72): pid=7045 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.284" name="/newroot/77/file0" dev="tmpfs" ino=429 res=1 errno=0
[  172.634274][   T30] audit: type=1804 audit(1773801727.173:73): pid=7046 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.284" name="/newroot/77/file0" dev="tmpfs" ino=429 res=1 errno=0
[  172.679659][ T7048] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  172.721763][ T7048] FAULT_INJECTION: forcing a failure.
[  172.721763][ T7048] name failslab, interval 1, probability 0, space 0, times 0
[  172.762292][ T7048] CPU: 1 UID: 0 PID: 7048 Comm: syz.2.285 Not tainted syzkaller #0 PREEMPT(full) 
[  172.762320][ T7048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  172.762331][ T7048] Call Trace:
[  172.762338][ T7048]  <TASK>
[  172.762345][ T7048]  dump_stack_lvl+0x100/0x190
[  172.762378][ T7048]  should_fail_ex.cold+0x5/0xa
[  172.762399][ T7048]  ? ima_write_template_field_data+0x59/0x1d0
[  172.762424][ T7048]  should_failslab+0xc2/0x120
[  172.762442][ T7048]  __kmalloc_noprof+0xe0/0x850
[  172.762475][ T7048]  ima_write_template_field_data+0x59/0x1d0
[  172.762503][ T7048]  ima_eventname_init_common+0x1c6/0x2a0
[  172.762529][ T7048]  ? __pfx_ima_eventname_init_common+0x10/0x10
[  172.762559][ T7048]  ? __kmalloc_noprof+0x320/0x850
[  172.762590][ T7048]  ima_alloc_init_template+0x399/0x6d0
[  172.762616][ T7048]  ima_add_violation+0x128/0x3c0
[  172.762637][ T7048]  ? __pfx_ima_add_violation+0x10/0x10
[  172.762655][ T7048]  ? ima_d_path+0x137/0x260
[  172.762673][ T7048]  ? __pfx_ima_d_path+0x10/0x10
[  172.762696][ T7048]  ? __pfx_down_write+0x10/0x10
[  172.762728][ T7048]  process_measurement+0x148f/0x2350
[  172.762764][ T7048]  ? __pfx_process_measurement+0x10/0x10
[  172.762821][ T7048]  ? seq_open+0x116/0x170
[  172.762845][ T7048]  ? inode_to_bdi+0x9e/0x160
[  172.762865][ T7048]  ima_file_check+0xcc/0x120
[  172.762895][ T7048]  ? __pfx_ima_file_check+0x10/0x10
[  172.762929][ T7048]  security_file_post_open+0xc4/0x210
[  172.762951][ T7048]  path_openat+0x1418/0x31a0
[  172.762977][ T7048]  ? __pfx_path_openat+0x10/0x10
[  172.763004][ T7048]  do_file_open+0x20e/0x430
[  172.763024][ T7048]  ? __pfx_do_file_open+0x10/0x10
[  172.763058][ T7048]  ? alloc_fd+0x476/0x790
[  172.763079][ T7048]  ? do_getname+0x191/0x390
[  172.763113][ T7048]  do_sys_openat2+0x10d/0x1e0
[  172.763138][ T7048]  ? __pfx_do_sys_openat2+0x10/0x10
[  172.763171][ T7048]  __x64_sys_openat+0x12d/0x210
[  172.763197][ T7048]  ? __pfx___x64_sys_openat+0x10/0x10
[  172.763231][ T7048]  do_syscall_64+0x106/0xf80
[  172.763255][ T7048]  ? clear_bhb_loop+0x40/0x90
[  172.763278][ T7048]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  172.763297][ T7048] RIP: 0033:0x7f808999c799
[  172.763315][ T7048] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  172.763332][ T7048] RSP: 002b:00007f808a8da028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  172.763351][ T7048] RAX: ffffffffffffffda RBX: 00007f8089c15fa0 RCX: 00007f808999c799
[  172.763362][ T7048] RDX: 0000000000008000 RSI: 0000200000000100 RDI: ffffffffffffff9c
[  172.763373][ T7048] RBP: 00007f8089a32c99 R08: 0000000000000000 R09: 0000000000000000
[  172.763384][ T7048] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  172.763394][ T7048] R13: 00007f8089c16038 R14: 00007f8089c15fa0 R15: 00007ffd40e74698
[  172.763417][ T7048]  </TASK>
[  173.068212][   T30] audit: type=1804 audit(1773801727.303:74): pid=7048 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.285" name="/newroot/sys/kernel/tracing/set_event" dev="tracefs" ino=19 res=0 errno=0
[  173.442892][ T7063] netlink: 280 bytes leftover after parsing attributes in process `syz.0.287'.
[  173.461788][ T7063] FAULT_INJECTION: forcing a failure.
[  173.461788][ T7063] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  173.475656][ T7063] CPU: 1 UID: 0 PID: 7063 Comm: syz.0.287 Not tainted syzkaller #0 PREEMPT(full) 
[  173.475700][ T7063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  173.475719][ T7063] Call Trace:
[  173.475728][ T7063]  <TASK>
[  173.475740][ T7063]  dump_stack_lvl+0x100/0x190
[  173.475791][ T7063]  should_fail_ex.cold+0x5/0xa
[  173.475820][ T7063]  ? prepare_alloc_pages+0x16d/0x5f0
[  173.475855][ T7063]  should_fail_alloc_page+0xeb/0x140
[  173.475891][ T7063]  prepare_alloc_pages+0x1f0/0x5f0
[  173.475932][ T7063]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  173.475979][ T7063]  ? rcu_is_watching+0x12/0xc0
[  173.476022][ T7063]  ? trace_mm_page_alloc+0x17a/0x1d0
[  173.476059][ T7063]  ? __alloc_frozen_pages_noprof+0x2b1/0x2ba0
[  173.476106][ T7063]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  173.476164][ T7063]  ? stack_trace_save+0x8e/0xc0
[  173.476199][ T7063]  ? stack_depot_save_flags+0x27/0x9d0
[  173.476236][ T7063]  ? is_bpf_text_address+0x8a/0x1a0
[  173.476281][ T7063]  ? is_bpf_text_address+0x8a/0x1a0
[  173.476330][ T7063]  ? kasan_save_stack+0x3f/0x50
[  173.476372][ T7063]  ? kasan_save_track+0x14/0x30
[  173.476411][ T7063]  ? kmem_cache_alloc_node_noprof+0x25a/0x6f0
[  173.476453][ T7063]  ? alloc_vmap_area+0x640/0x2bd0
[  173.476479][ T7063]  ? __get_vm_area_node+0x1ca/0x330
[  173.476510][ T7063]  ? __vmalloc_node_range_noprof+0x213/0x1530
[  173.476544][ T7063]  ? __vmalloc_node_noprof+0xad/0xf0
[  173.476577][ T7063]  ? copy_process+0x5ec/0x7a40
[  173.476610][ T7063]  ? kernel_clone+0xfc/0x9a0
[  173.476639][ T7063]  ? __do_sys_clone+0xd9/0x120
[  173.476671][ T7063]  ? do_syscall_64+0x106/0xf80
[  173.476722][ T7063]  alloc_pages_bulk_noprof+0x782/0x1490
[  173.476784][ T7063]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  173.476841][ T7063]  ? alloc_pages_noprof+0x233/0x390
[  173.476877][ T7063]  __kasan_populate_vmalloc+0xf0/0x210
[  173.476931][ T7063]  alloc_vmap_area+0x95d/0x2bd0
[  173.476981][ T7063]  ? __pfx_alloc_vmap_area+0x10/0x10
[  173.477025][ T7063]  __get_vm_area_node+0x1ca/0x330
[  173.477066][ T7063]  __vmalloc_node_range_noprof+0x213/0x1530
[  173.477106][ T7063]  ? kernel_clone+0xfc/0x9a0
[  173.477138][ T7063]  ? find_held_lock+0x2b/0x80
[  173.477174][ T7063]  ? local_lock_release+0x99/0x130
[  173.477209][ T7063]  ? local_lock_release+0x99/0x130
[  173.477255][ T7063]  ? kernel_clone+0xfc/0x9a0
[  173.477289][ T7063]  ? find_held_lock+0x2b/0x80
[  173.477314][ T7063]  ? rcu_read_unlock+0x17/0x60
[  173.477346][ T7063]  ? rcu_read_unlock+0x17/0x60
[  173.477377][ T7063]  ? obj_cgroup_charge_account+0x46d/0x640
[  173.477411][ T7063]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  173.477454][ T7063]  ? __memcg_slab_post_alloc_hook+0x51b/0x990
[  173.477494][ T7063]  ? rcu_is_watching+0x12/0xc0
[  173.477539][ T7063]  ? trace_kmem_cache_alloc+0xf3/0x120
[  173.477574][ T7063]  ? kernel_clone+0xfc/0x9a0
[  173.477606][ T7063]  __vmalloc_node_noprof+0xad/0xf0
[  173.477643][ T7063]  ? kernel_clone+0xfc/0x9a0
[  173.477682][ T7063]  copy_process+0x5ec/0x7a40
[  173.477717][ T7063]  ? preempt_schedule_thunk+0x16/0x30
[  173.477762][ T7063]  ? try_to_wake_up+0x644/0x1a80
[  173.477798][ T7063]  ? __pfx_copy_process+0x10/0x10
[  173.477835][ T7063]  ? find_held_lock+0x2b/0x80
[  173.477871][ T7063]  ? futex_private_hash_put+0x107/0x1c0
[  173.477914][ T7063]  kernel_clone+0xfc/0x9a0
[  173.477952][ T7063]  ? __pfx_kernel_clone+0x10/0x10
[  173.478008][ T7063]  __do_sys_clone+0xd9/0x120
[  173.478045][ T7063]  ? __pfx___do_sys_clone+0x10/0x10
[  173.478112][ T7063]  do_syscall_64+0x106/0xf80
[  173.478163][ T7063]  ? clear_bhb_loop+0x40/0x90
[  173.478199][ T7063]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  173.478232][ T7063] RIP: 0033:0x7f748df9c799
[  173.478261][ T7063] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  173.478291][ T7063] RSP: 002b:00007f748ef17fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  173.478321][ T7063] RAX: ffffffffffffffda RBX: 00007f748e215fa0 RCX: 00007f748df9c799
[  173.478342][ T7063] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011
[  173.478360][ T7063] RBP: 00007f748e032c99 R08: 0000000000000000 R09: 0000000000000000
[  173.478378][ T7063] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  173.478395][ T7063] R13: 00007f748e216038 R14: 00007f748e215fa0 R15: 00007fffdf1ba5a8
[  173.478436][ T7063]  </TASK>
[  173.937716][ T7063] syz.0.287: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  173.964663][ T7063] CPU: 0 UID: 0 PID: 7063 Comm: syz.0.287 Not tainted syzkaller #0 PREEMPT(full) 
[  173.964707][ T7063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  173.964725][ T7063] Call Trace:
[  173.964736][ T7063]  <TASK>
[  173.964747][ T7063]  dump_stack_lvl+0x100/0x190
[  173.964796][ T7063]  warn_alloc.cold+0x95/0x1c1
[  173.964847][ T7063]  ? __pfx_warn_alloc+0x10/0x10
[  173.964886][ T7063]  ? lockdep_hardirqs_on+0x78/0x100
[  173.964934][ T7063]  ? __get_vm_area_node+0x2c5/0x330
[  173.964975][ T7063]  ? __get_vm_area_node+0x208/0x330
[  173.965016][ T7063]  __vmalloc_node_range_noprof+0xbf4/0x1530
[  173.965052][ T7063]  ? find_held_lock+0x2b/0x80
[  173.965080][ T7063]  ? local_lock_release+0x99/0x130
[  173.965112][ T7063]  ? local_lock_release+0x99/0x130
[  173.965151][ T7063]  ? kernel_clone+0xfc/0x9a0
[  173.965186][ T7063]  ? find_held_lock+0x2b/0x80
[  173.965211][ T7063]  ? rcu_read_unlock+0x17/0x60
[  173.965243][ T7063]  ? rcu_read_unlock+0x17/0x60
[  173.965275][ T7063]  ? obj_cgroup_charge_account+0x46d/0x640
[  173.965309][ T7063]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  173.965356][ T7063]  ? __memcg_slab_post_alloc_hook+0x51b/0x990
[  173.965395][ T7063]  ? rcu_is_watching+0x12/0xc0
[  173.965438][ T7063]  ? trace_kmem_cache_alloc+0xf3/0x120
[  173.965472][ T7063]  ? kernel_clone+0xfc/0x9a0
[  173.965505][ T7063]  __vmalloc_node_noprof+0xad/0xf0
[  173.965540][ T7063]  ? kernel_clone+0xfc/0x9a0
[  173.965577][ T7063]  copy_process+0x5ec/0x7a40
[  173.965610][ T7063]  ? preempt_schedule_thunk+0x16/0x30
[  173.965659][ T7063]  ? try_to_wake_up+0x644/0x1a80
[  173.965693][ T7063]  ? __pfx_copy_process+0x10/0x10
[  173.965726][ T7063]  ? find_held_lock+0x2b/0x80
[  173.965758][ T7063]  ? futex_private_hash_put+0x107/0x1c0
[  173.965799][ T7063]  kernel_clone+0xfc/0x9a0
[  173.965834][ T7063]  ? __pfx_kernel_clone+0x10/0x10
[  173.965889][ T7063]  __do_sys_clone+0xd9/0x120
[  173.965924][ T7063]  ? __pfx___do_sys_clone+0x10/0x10
[  173.965989][ T7063]  do_syscall_64+0x106/0xf80
[  173.966028][ T7063]  ? clear_bhb_loop+0x40/0x90
[  173.966064][ T7063]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  173.966092][ T7063] RIP: 0033:0x7f748df9c799
[  173.966118][ T7063] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  173.966146][ T7063] RSP: 002b:00007f748ef17fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  173.966176][ T7063] RAX: ffffffffffffffda RBX: 00007f748e215fa0 RCX: 00007f748df9c799
[  173.966195][ T7063] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011
[  173.966212][ T7063] RBP: 00007f748e032c99 R08: 0000000000000000 R09: 0000000000000000
[  173.966230][ T7063] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  173.966246][ T7063] R13: 00007f748e216038 R14: 00007f748e215fa0 R15: 00007fffdf1ba5a8
[  173.966285][ T7063]  </TASK>
[  173.966391][ T7063] Mem-Info:
[  174.327563][ T7063] active_anon:5352 inactive_anon:0 isolated_anon:0
[  174.327563][ T7063]  active_file:2959 inactive_file:39528 isolated_file:0
[  174.327563][ T7063]  unevictable:768 dirty:309 writeback:0
[  174.327563][ T7063]  slab_reclaimable:10728 slab_unreclaimable:90416
[  174.327563][ T7063]  mapped:24581 shmem:1358 pagetables:1042
[  174.327563][ T7063]  sec_pagetables:0 bounce:0
[  174.327563][ T7063]  kernel_misc_reclaimable:0
[  174.327563][ T7063]  free:1348721 free_pcp:9369 free_cma:0
[  174.384801][ T7063] Node 0 active_anon:20708kB inactive_anon:0kB active_file:11836kB inactive_file:157984kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:102324kB dirty:1236kB writeback:0kB shmem:3896kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11300kB pagetables:4008kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  174.431039][ T7063] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:128kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:64kB pagetables:160kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  174.477892][ T7063] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  174.514642][ T7063] lowmem_reserve[]: 0 2477 2478 2478 2478
[  174.529586][ T7063] Node 0 DMA32 free:1441036kB boost:0kB min:34056kB low:42568kB high:51080kB reserved_highatomic:0KB free_highatomic:0KB active_anon:20608kB inactive_anon:0kB active_file:11836kB inactive_file:157984kB unevictable:1536kB writepending:1236kB zspages:0kB present:3129332kB managed:2537380kB mlocked:0kB bounce:0kB free_pcp:38524kB local_pcp:22492kB free_cma:0kB
[  174.566917][ T7063] lowmem_reserve[]: 0 0 1 1 1
[  174.573067][ T7063] Node 0 Normal free:8kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1060kB mlocked:0kB bounce:0kB free_pcp:20kB local_pcp:12kB free_cma:0kB
[  174.605682][ T7063] lowmem_reserve[]: 0 0 0 0 0
[  174.611563][ T7063] Node 1 Normal free:3937968kB boost:0kB min:55828kB low:69784kB high:83740kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:128kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  174.713439][ T7063] lowmem_reserve[]: 0 0 0 0 0
[  174.723786][ T7063] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  174.739763][ T7074] netlink: 280 bytes leftover after parsing attributes in process `syz.2.292'.
[  174.752788][ T7063] Node 0 DMA32: 2219*4kB (UME) 1402*8kB (UME) 615*16kB (UM) 184*32kB (ME) 154*64kB (ME) 71*128kB (UM) 69*256kB (M) 37*512kB (UME) 14*1024kB (UM) 0*2048kB 325*4096kB (UM) = 1436908kB
[  174.818586][ T7074] FAULT_INJECTION: forcing a failure.
[  174.818586][ T7074] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  174.847596][ T7074] CPU: 0 UID: 0 PID: 7074 Comm: syz.2.292 Not tainted syzkaller #0 PREEMPT(full) 
[  174.847639][ T7074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  174.847659][ T7074] Call Trace:
[  174.847670][ T7074]  <TASK>
[  174.847681][ T7074]  dump_stack_lvl+0x100/0x190
[  174.847736][ T7074]  should_fail_ex.cold+0x5/0xa
[  174.847764][ T7074]  ? prepare_alloc_pages+0x16d/0x5f0
[  174.847804][ T7074]  should_fail_alloc_page+0xeb/0x140
[  174.847837][ T7074]  prepare_alloc_pages+0x1f0/0x5f0
[  174.847876][ T7074]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  174.847924][ T7074]  ? rcu_is_watching+0x12/0xc0
[  174.847968][ T7074]  ? trace_mm_page_alloc+0x17a/0x1d0
[  174.848003][ T7074]  ? __alloc_frozen_pages_noprof+0x2b1/0x2ba0
[  174.848056][ T7074]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  174.848103][ T7074]  ? stack_trace_save+0x8e/0xc0
[  174.848135][ T7074]  ? stack_depot_save_flags+0x27/0x9d0
[  174.848174][ T7074]  ? is_bpf_text_address+0x8a/0x1a0
[  174.848222][ T7074]  ? is_bpf_text_address+0x8a/0x1a0
[  174.848273][ T7074]  ? kasan_save_stack+0x3f/0x50
[  174.848332][ T7074]  ? kasan_save_track+0x14/0x30
[  174.848378][ T7074]  ? kmem_cache_alloc_node_noprof+0x25a/0x6f0
[  174.848426][ T7074]  ? alloc_vmap_area+0x186c/0x2bd0
[  174.848458][ T7074]  ? __get_vm_area_node+0x1ca/0x330
[  174.848491][ T7074]  ? __vmalloc_node_range_noprof+0x213/0x1530
[  174.848529][ T7074]  ? __vmalloc_node_noprof+0xad/0xf0
[  174.848568][ T7074]  ? copy_process+0x5ec/0x7a40
[  174.848603][ T7074]  ? kernel_clone+0xfc/0x9a0
[  174.848636][ T7074]  ? __do_sys_clone+0xd9/0x120
[  174.848672][ T7074]  ? do_syscall_64+0x106/0xf80
[  174.848728][ T7074]  alloc_pages_bulk_noprof+0x782/0x1490
[  174.848793][ T7074]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  174.848854][ T7074]  ? alloc_pages_noprof+0x233/0x390
[  174.848889][ T7074]  __kasan_populate_vmalloc+0xf0/0x210
[  174.848942][ T7074]  alloc_vmap_area+0x95d/0x2bd0
[  174.848988][ T7074]  ? __pfx_alloc_vmap_area+0x10/0x10
[  174.849029][ T7074]  __get_vm_area_node+0x1ca/0x330
[  174.849068][ T7074]  __vmalloc_node_range_noprof+0x213/0x1530
[  174.849107][ T7074]  ? kernel_clone+0xfc/0x9a0
[  174.849140][ T7074]  ? find_held_lock+0x2b/0x80
[  174.849168][ T7074]  ? local_lock_release+0x99/0x130
[  174.849205][ T7074]  ? local_lock_release+0x99/0x130
[  174.849248][ T7074]  ? kernel_clone+0xfc/0x9a0
[  174.849286][ T7074]  ? find_held_lock+0x2b/0x80
[  174.849329][ T7074]  ? rcu_read_unlock+0x17/0x60
[  174.849363][ T7074]  ? rcu_read_unlock+0x17/0x60
[  174.849397][ T7074]  ? obj_cgroup_charge_account+0x46d/0x640
[  174.849435][ T7074]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  174.849479][ T7074]  ? __memcg_slab_post_alloc_hook+0x51b/0x990
[  174.849522][ T7074]  ? rcu_is_watching+0x12/0xc0
[  174.849570][ T7074]  ? trace_kmem_cache_alloc+0xf3/0x120
[  174.849609][ T7074]  ? kernel_clone+0xfc/0x9a0
[  174.849643][ T7074]  __vmalloc_node_noprof+0xad/0xf0
[  174.849683][ T7074]  ? kernel_clone+0xfc/0x9a0
[  174.849724][ T7074]  copy_process+0x5ec/0x7a40
[  174.849761][ T7074]  ? preempt_schedule_thunk+0x16/0x30
[  174.849815][ T7074]  ? try_to_wake_up+0x644/0x1a80
[  174.849852][ T7074]  ? __pfx_copy_process+0x10/0x10
[  174.849890][ T7074]  ? find_held_lock+0x2b/0x80
[  174.849927][ T7074]  ? futex_private_hash_put+0x107/0x1c0
[  174.849972][ T7074]  kernel_clone+0xfc/0x9a0
[  174.850013][ T7074]  ? __pfx_kernel_clone+0x10/0x10
[  174.850072][ T7074]  __do_sys_clone+0xd9/0x120
[  174.850120][ T7074]  ? __pfx___do_sys_clone+0x10/0x10
[  174.850261][ T7074]  do_syscall_64+0x106/0xf80
[  174.850408][ T7074]  ? clear_bhb_loop+0x40/0x90
[  174.850455][ T7074]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  174.850488][ T7074] RIP: 0033:0x7f808999c799
[  174.850516][ T7074] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  174.850555][ T7074] RSP: 002b:00007f808a8d9fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  174.850587][ T7074] RAX: ffffffffffffffda RBX: 00007f8089c15fa0 RCX: 00007f808999c799
[  174.850607][ T7074] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011
[  174.850627][ T7074] RBP: 00007f8089a32c99 R08: 0000000000000000 R09: 0000000000000000
[  174.850645][ T7074] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  174.850664][ T7074] R13: 00007f8089c16038 R14: 00007f8089c15fa0 R15: 00007ffd40e74698
[  174.850707][ T7074]  </TASK>
[  174.854563][ T7063] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB
[  175.427406][ T7063] Node 1 Normal: 6*4kB (UM) 7*8kB (UM) 8*16kB (UM) 11*32kB (UM) 10*64kB (UM) 2*128kB (UM) 5*256kB (UM) 4*512kB (UM) 1*1024kB (M) 0*2048kB 960*4096kB (M) = 3937968kB
[  175.557828][ T7063] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  175.637684][ T7063] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  175.687487][ T7063] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  175.724553][ T7063] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  175.790563][ T7063] 44368 total pagecache pages
[  175.814144][ T7063] 0 pages in swap cache
[  175.833468][ T7063] Free swap  = 122084kB
[  175.871840][ T7063] Total swap = 124996kB
[  175.876250][ T7063] 2097051 pages RAM
[  175.919386][ T7063] 0 pages HighMem/MovableOnly
[  175.924470][ T7063] 430826 pages reserved
[  175.957392][ T7063] 0 pages cma reserved
[  176.027674][   T30] audit: type=1804 audit(1773801730.553:75): pid=7093 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.295" name="/newroot/sys/kernel/tracing/set_event" dev="tracefs" ino=19 res=1 errno=0
[  176.467397][   T30] audit: type=1804 audit(1773801731.003:76): pid=7100 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.296" name="/newroot/79/file0" dev="tmpfs" ino=440 res=1 errno=0
[  176.569343][   T30] audit: type=1804 audit(1773801731.053:77): pid=7107 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.296" name="/newroot/79/file0" dev="tmpfs" ino=440 res=1 errno=0
[  177.948756][ T7121] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=544108393 (1088216786 ns) > initial count (3830 ns). Using initial count to start timer.
[  178.427768][ T7130] netlink: 280 bytes leftover after parsing attributes in process `syz.1.302'.
[  178.515049][ T7133] FAULT_INJECTION: forcing a failure.
[  178.515049][ T7133] name failslab, interval 1, probability 0, space 0, times 0
[  178.545412][ T7133] CPU: 1 UID: 0 PID: 7133 Comm: syz.1.302 Not tainted syzkaller #0 PREEMPT(full) 
[  178.545440][ T7133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  178.545451][ T7133] Call Trace:
[  178.545458][ T7133]  <TASK>
[  178.545465][ T7133]  dump_stack_lvl+0x100/0x190
[  178.545499][ T7133]  should_fail_ex.cold+0x5/0xa
[  178.545521][ T7133]  should_failslab+0xc2/0x120
[  178.545541][ T7133]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  178.545577][ T7133]  ? dup_fd+0x4d/0xd10
[  178.545605][ T7133]  ? trace_kmalloc+0x101/0x130
[  178.545640][ T7133]  dup_fd+0x4d/0xd10
[  178.545673][ T7133]  ? apparmor_task_alloc+0x2c1/0x3b0
[  178.545724][ T7133]  copy_process+0x268f/0x7a40
[  178.545776][ T7133]  ? __pfx_copy_process+0x10/0x10
[  178.545810][ T7133]  ? find_held_lock+0x2b/0x80
[  178.545854][ T7133]  kernel_clone+0xfc/0x9a0
[  178.545886][ T7133]  ? __pfx_futex_wait+0x10/0x10
[  178.545932][ T7133]  ? __pfx_kernel_clone+0x10/0x10
[  178.545987][ T7133]  __do_sys_clone+0xd9/0x120
[  178.546021][ T7133]  ? __pfx___do_sys_clone+0x10/0x10
[  178.546087][ T7133]  do_syscall_64+0x106/0xf80
[  178.546192][ T7133]  ? clear_bhb_loop+0x40/0x90
[  178.546229][ T7133]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  178.546260][ T7133] RIP: 0033:0x7f27a9f9c799
[  178.546284][ T7133] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  178.546312][ T7133] RSP: 002b:00007f27aaecffd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  178.546339][ T7133] RAX: ffffffffffffffda RBX: 00007f27aa216090 RCX: 00007f27a9f9c799
[  178.546357][ T7133] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011
[  178.546374][ T7133] RBP: 00007f27aa032c99 R08: 0000000000000000 R09: 0000000000000000
[  178.546391][ T7133] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  178.546408][ T7133] R13: 00007f27aa216128 R14: 00007f27aa216090 R15: 00007fffbb42c878
[  178.546447][ T7133]  </TASK>
[  180.085106][ T7151] netlink: 280 bytes leftover after parsing attributes in process `syz.1.306'.
[  180.140670][ T7151] FAULT_INJECTION: forcing a failure.
[  180.140670][ T7151] name failslab, interval 1, probability 0, space 0, times 0
[  180.154550][ T7151] CPU: 0 UID: 0 PID: 7151 Comm: syz.1.306 Not tainted syzkaller #0 PREEMPT(full) 
[  180.154594][ T7151] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  180.154613][ T7151] Call Trace:
[  180.154624][ T7151]  <TASK>
[  180.154636][ T7151]  dump_stack_lvl+0x100/0x190
[  180.154691][ T7151]  should_fail_ex.cold+0x5/0xa
[  180.154730][ T7151]  should_failslab+0xc2/0x120
[  180.154765][ T7151]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  180.154813][ T7151]  ? dup_fd+0x4d/0xd10
[  180.154844][ T7151]  ? trace_kmalloc+0x101/0x130
[  180.154884][ T7151]  dup_fd+0x4d/0xd10
[  180.154932][ T7151]  ? apparmor_task_alloc+0x2c1/0x3b0
[  180.154988][ T7151]  copy_process+0x268f/0x7a40
[  180.155047][ T7151]  ? __pfx_copy_process+0x10/0x10
[  180.155086][ T7151]  ? find_held_lock+0x2b/0x80
[  180.155125][ T7151]  kernel_clone+0xfc/0x9a0
[  180.155151][ T7151]  ? __pfx_futex_wait+0x10/0x10
[  180.155202][ T7151]  ? __pfx_kernel_clone+0x10/0x10
[  180.155262][ T7151]  __do_sys_clone+0xd9/0x120
[  180.155302][ T7151]  ? __pfx___do_sys_clone+0x10/0x10
[  180.155407][ T7151]  do_syscall_64+0x106/0xf80
[  180.155453][ T7151]  ? clear_bhb_loop+0x40/0x90
[  180.155493][ T7151]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  180.155527][ T7151] RIP: 0033:0x7f27a9f9c799
[  180.155554][ T7151] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  180.155587][ T7151] RSP: 002b:00007f27aaef0fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  180.155618][ T7151] RAX: ffffffffffffffda RBX: 00007f27aa215fa0 RCX: 00007f27a9f9c799
[  180.155639][ T7151] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011
[  180.155658][ T7151] RBP: 00007f27aa032c99 R08: 0000000000000000 R09: 0000000000000000
[  180.155678][ T7151] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  180.155696][ T7151] R13: 00007f27aa216038 R14: 00007f27aa215fa0 R15: 00007fffbb42c878
[  180.155737][ T7151]  </TASK>
[  180.454766][   T30] audit: type=1804 audit(1773801734.993:78): pid=7155 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.307" name="/newroot/73/file0" dev="tmpfs" ino=409 res=1 errno=0
[  180.526249][   T30] audit: type=1804 audit(1773801735.023:79): pid=7156 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.307" name="/newroot/73/file0" dev="tmpfs" ino=409 res=1 errno=0
[  181.201912][ T7175] netlink: 280 bytes leftover after parsing attributes in process `syz.2.313'.
[  181.299918][ T7179] FAULT_INJECTION: forcing a failure.
[  181.299918][ T7179] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  181.317670][ T7179] CPU: 1 UID: 0 PID: 7179 Comm: syz.2.313 Not tainted syzkaller #0 PREEMPT(full) 
[  181.317706][ T7179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  181.317718][ T7179] Call Trace:
[  181.317725][ T7179]  <TASK>
[  181.317732][ T7179]  dump_stack_lvl+0x100/0x190
[  181.317764][ T7179]  should_fail_ex.cold+0x5/0xa
[  181.317782][ T7179]  ? prepare_alloc_pages+0x16d/0x5f0
[  181.317806][ T7179]  should_fail_alloc_page+0xeb/0x140
[  181.317826][ T7179]  prepare_alloc_pages+0x1f0/0x5f0
[  181.317851][ T7179]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  181.317883][ T7179]  ? rcu_is_watching+0x12/0xc0
[  181.317910][ T7179]  ? trace_mm_page_alloc+0x17a/0x1d0
[  181.317931][ T7179]  ? __alloc_frozen_pages_noprof+0x2b1/0x2ba0
[  181.317963][ T7179]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  181.317994][ T7179]  ? find_held_lock+0x2b/0x80
[  181.318010][ T7179]  ? is_bpf_text_address+0x8a/0x1a0
[  181.318037][ T7179]  ? is_bpf_text_address+0x8a/0x1a0
[  181.318067][ T7179]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  181.318095][ T7179]  ? is_bpf_text_address+0x94/0x1a0
[  181.318122][ T7179]  ? kernel_text_address+0x8d/0x100
[  181.318149][ T7179]  ? __kernel_text_address+0xd/0x30
[  181.318175][ T7179]  ? unwind_get_return_address+0x59/0xa0
[  181.318200][ T7179]  alloc_pages_bulk_noprof+0x782/0x1490
[  181.318237][ T7179]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  181.318267][ T7179]  ? kasan_save_stack+0x30/0x50
[  181.318299][ T7179]  ? alloc_pages_noprof+0x233/0x390
[  181.318321][ T7179]  __kasan_populate_vmalloc+0xf0/0x210
[  181.318357][ T7179]  alloc_vmap_area+0x95d/0x2bd0
[  181.318385][ T7179]  ? __pfx_alloc_vmap_area+0x10/0x10
[  181.318409][ T7179]  __get_vm_area_node+0x1ca/0x330
[  181.318433][ T7179]  __vmalloc_node_range_noprof+0x213/0x1530
[  181.318457][ T7179]  ? kernel_clone+0xfc/0x9a0
[  181.318476][ T7179]  ? find_held_lock+0x2b/0x80
[  181.318492][ T7179]  ? local_lock_release+0x99/0x130
[  181.318512][ T7179]  ? local_lock_release+0x99/0x130
[  181.318536][ T7179]  ? kernel_clone+0xfc/0x9a0
[  181.318557][ T7179]  ? find_held_lock+0x2b/0x80
[  181.318573][ T7179]  ? rcu_read_unlock+0x17/0x60
[  181.318592][ T7179]  ? rcu_read_unlock+0x17/0x60
[  181.318612][ T7179]  ? obj_cgroup_charge_account+0x46d/0x640
[  181.318633][ T7179]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  181.318657][ T7179]  ? __memcg_slab_post_alloc_hook+0x51b/0x990
[  181.318681][ T7179]  ? rcu_is_watching+0x12/0xc0
[  181.318708][ T7179]  ? trace_kmem_cache_alloc+0xf3/0x120
[  181.318728][ T7179]  ? kernel_clone+0xfc/0x9a0
[  181.318748][ T7179]  __vmalloc_node_noprof+0xad/0xf0
[  181.318770][ T7179]  ? kernel_clone+0xfc/0x9a0
[  181.318792][ T7179]  copy_process+0x5ec/0x7a40
[  181.318814][ T7179]  ? __pfx___futex_wait+0x10/0x10
[  181.318840][ T7179]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  181.318864][ T7179]  ? lockdep_hardirqs_on+0x78/0x100
[  181.318904][ T7179]  ? __pfx_copy_process+0x10/0x10
[  181.318926][ T7179]  ? find_held_lock+0x2b/0x80
[  181.318951][ T7179]  kernel_clone+0xfc/0x9a0
[  181.318971][ T7179]  ? __pfx_futex_wait+0x10/0x10
[  181.319000][ T7179]  ? __pfx_kernel_clone+0x10/0x10
[  181.319033][ T7179]  __do_sys_clone+0xd9/0x120
[  181.319056][ T7179]  ? __pfx___do_sys_clone+0x10/0x10
[  181.319100][ T7179]  do_syscall_64+0x106/0xf80
[  181.319125][ T7179]  ? clear_bhb_loop+0x40/0x90
[  181.319146][ T7179]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  181.319165][ T7179] RIP: 0033:0x7f808999c799
[  181.319183][ T7179] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  181.319200][ T7179] RSP: 002b:00007f808a8b8fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  181.319219][ T7179] RAX: ffffffffffffffda RBX: 00007f8089c16090 RCX: 00007f808999c799
[  181.319230][ T7179] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011
[  181.319241][ T7179] RBP: 00007f8089a32c99 R08: 0000000000000000 R09: 0000000000000000
[  181.319251][ T7179] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  181.319262][ T7179] R13: 00007f8089c16128 R14: 00007f8089c16090 R15: 00007ffd40e74698
[  181.319283][ T7179]  </TASK>
[  182.548755][   T30] audit: type=1804 audit(1773801737.083:80): pid=7186 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.316" name="/newroot/sys/kernel/tracing/set_event" dev="tracefs" ino=19 res=1 errno=0
[  183.162485][ T7199] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=544108393 (1088216786 ns) > initial count (1077952576 ns). Using initial count to start timer.
[  183.603468][ T7209] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=544108393 (1088216786 ns) > initial count (3830 ns). Using initial count to start timer.
[  183.762614][ T7215] netlink: 280 bytes leftover after parsing attributes in process `syz.0.324'.
[  183.775604][ T7215] FAULT_INJECTION: forcing a failure.
[  183.775604][ T7215] name failslab, interval 1, probability 0, space 0, times 0
[  183.788552][ T7215] CPU: 0 UID: 0 PID: 7215 Comm: syz.0.324 Not tainted syzkaller #0 PREEMPT(full) 
[  183.788579][ T7215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  183.788589][ T7215] Call Trace:
[  183.788596][ T7215]  <TASK>
[  183.788603][ T7215]  dump_stack_lvl+0x100/0x190
[  183.788635][ T7215]  should_fail_ex.cold+0x5/0xa
[  183.788656][ T7215]  should_failslab+0xc2/0x120
[  183.788676][ T7215]  __kmalloc_cache_noprof+0x7a/0x6f0
[  183.788701][ T7215]  ? alloc_fdtable+0xbd/0x2d0
[  183.788728][ T7215]  ? find_held_lock+0x2b/0x80
[  183.788745][ T7215]  ? dup_fd+0x924/0xd10
[  183.788764][ T7215]  alloc_fdtable+0xbd/0x2d0
[  183.788794][ T7215]  dup_fd+0x995/0xd10
[  183.788813][ T7215]  ? apparmor_task_alloc+0x2c1/0x3b0
[  183.788845][ T7215]  copy_process+0x268f/0x7a40
[  183.788867][ T7215]  ? preempt_schedule_thunk+0x16/0x30
[  183.788899][ T7215]  ? __pfx_copy_process+0x10/0x10
[  183.788919][ T7215]  ? find_held_lock+0x2b/0x80
[  183.788939][ T7215]  ? futex_private_hash_put+0x107/0x1c0
[  183.788965][ T7215]  kernel_clone+0xfc/0x9a0
[  183.788987][ T7215]  ? __pfx_kernel_clone+0x10/0x10
[  183.789022][ T7215]  __do_sys_clone+0xd9/0x120
[  183.789044][ T7215]  ? __pfx___do_sys_clone+0x10/0x10
[  183.789082][ T7215]  do_syscall_64+0x106/0xf80
[  183.789107][ T7215]  ? clear_bhb_loop+0x40/0x90
[  183.789129][ T7215]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  183.789148][ T7215] RIP: 0033:0x7f748df9c799
[  183.789163][ T7215] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  183.789181][ T7215] RSP: 002b:00007f748ef17fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  183.789199][ T7215] RAX: ffffffffffffffda RBX: 00007f748e215fa0 RCX: 00007f748df9c799
[  183.789210][ T7215] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011
[  183.789221][ T7215] RBP: 00007f748e032c99 R08: 0000000000000000 R09: 0000000000000000
[  183.789231][ T7215] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  183.789250][ T7215] R13: 00007f748e216038 R14: 00007f748e215fa0 R15: 00007fffdf1ba5a8
[  183.789272][ T7215]  </TASK>
[  184.324234][   T30] audit: type=1804 audit(1773801738.863:81): pid=7217 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.323" name="/newroot/77/file0" dev="tmpfs" ino=430 res=1 errno=0
[  184.417158][   T30] audit: type=1804 audit(1773801738.933:82): pid=7218 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.323" name="/newroot/77/file0" dev="tmpfs" ino=430 res=1 errno=0
[  185.018086][   T30] audit: type=1804 audit(1773801739.553:83): pid=7233 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.327" name="/newroot/89/file0" dev="tmpfs" ino=495 res=1 errno=0
[  185.202436][ T7241] FAULT_INJECTION: forcing a failure.
[  185.202436][ T7241] name failslab, interval 1, probability 0, space 0, times 0
[  185.265242][ T7241] CPU: 1 UID: 0 PID: 7241 Comm: syz.1.329 Not tainted syzkaller #0 PREEMPT(full) 
[  185.265283][ T7241] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  185.265301][ T7241] Call Trace:
[  185.265309][ T7241]  <TASK>
[  185.265319][ T7241]  dump_stack_lvl+0x100/0x190
[  185.265370][ T7241]  should_fail_ex.cold+0x5/0xa
[  185.265401][ T7241]  ? ima_write_template_field_data+0x59/0x1d0
[  185.265425][ T7241]  should_failslab+0xc2/0x120
[  185.265444][ T7241]  __kmalloc_noprof+0xe0/0x850
[  185.265471][ T7241]  ? __x64_sys_openat+0x12d/0x210
[  185.265494][ T7241]  ? do_syscall_64+0x106/0xf80
[  185.265523][ T7241]  ima_write_template_field_data+0x59/0x1d0
[  185.265551][ T7241]  ima_eventdigest_init_common+0x158/0x460
[  185.265578][ T7241]  ? __pfx_ima_eventdigest_init_common+0x10/0x10
[  185.265615][ T7241]  ? trace_kmalloc+0x30/0x130
[  185.265633][ T7241]  ? __kasan_kmalloc+0xaa/0xb0
[  185.265661][ T7241]  ? __kmalloc_noprof+0x320/0x850
[  185.265693][ T7241]  ima_alloc_init_template+0x399/0x6d0
[  185.265717][ T7241]  ima_add_violation+0x128/0x3c0
[  185.265739][ T7241]  ? __pfx_ima_add_violation+0x10/0x10
[  185.265757][ T7241]  ? ima_d_path+0x137/0x260
[  185.265776][ T7241]  ? __pfx_ima_d_path+0x10/0x10
[  185.265798][ T7241]  ? __pfx_down_write+0x10/0x10
[  185.265831][ T7241]  process_measurement+0x148f/0x2350
[  185.265867][ T7241]  ? __pfx_process_measurement+0x10/0x10
[  185.265903][ T7241]  ? find_held_lock+0x2b/0x80
[  185.265919][ T7241]  ? rcu_read_unlock+0x17/0x60
[  185.265938][ T7241]  ? rcu_read_unlock+0x17/0x60
[  185.265957][ T7241]  ? obj_cgroup_charge_account+0x2c4/0x640
[  185.265997][ T7241]  ? seq_open+0x116/0x170
[  185.266021][ T7241]  ? inode_to_bdi+0x9e/0x160
[  185.266041][ T7241]  ima_file_check+0xcc/0x120
[  185.266120][ T7241]  ? __pfx_ima_file_check+0x10/0x10
[  185.266156][ T7241]  security_file_post_open+0xc4/0x210
[  185.266178][ T7241]  path_openat+0x1418/0x31a0
[  185.266205][ T7241]  ? __pfx_path_openat+0x10/0x10
[  185.266233][ T7241]  do_file_open+0x20e/0x430
[  185.266254][ T7241]  ? __pfx_do_file_open+0x10/0x10
[  185.266290][ T7241]  ? alloc_fd+0x476/0x790
[  185.266313][ T7241]  ? do_getname+0x191/0x390
[  185.266338][ T7241]  do_sys_openat2+0x10d/0x1e0
[  185.266362][ T7241]  ? __pfx_do_sys_openat2+0x10/0x10
[  185.266395][ T7241]  __x64_sys_openat+0x12d/0x210
[  185.266419][ T7241]  ? __pfx___x64_sys_openat+0x10/0x10
[  185.266453][ T7241]  do_syscall_64+0x106/0xf80
[  185.266478][ T7241]  ? clear_bhb_loop+0x40/0x90
[  185.266501][ T7241]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  185.266521][ T7241] RIP: 0033:0x7f27a9f9c799
[  185.266538][ T7241] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  185.266555][ T7241] RSP: 002b:00007f27aaed0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  185.266573][ T7241] RAX: ffffffffffffffda RBX: 00007f27aa216090 RCX: 00007f27a9f9c799
[  185.266584][ T7241] RDX: 0000000000008000 RSI: 0000200000000100 RDI: ffffffffffffff9c
[  185.266595][ T7241] RBP: 00007f27aa032c99 R08: 0000000000000000 R09: 0000000000000000
[  185.266606][ T7241] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  185.266616][ T7241] R13: 00007f27aa216128 R14: 00007f27aa216090 R15: 00007fffbb42c878
[  185.266640][ T7241]  </TASK>
[  185.607681][   T30] audit: type=1804 audit(1773801739.803:84): pid=7241 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.329" name="/newroot/sys/kernel/tracing/set_event" dev="tracefs" ino=19 res=0 errno=0
[  186.749490][ T7262] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=544108393 (1088216786 ns) > initial count (3830 ns). Using initial count to start timer.
[  187.441104][ T7277] netlink: 280 bytes leftover after parsing attributes in process `syz.1.337'.
[  187.495582][ T7279] FAULT_INJECTION: forcing a failure.
[  187.495582][ T7279] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  187.511097][ T7279] CPU: 1 UID: 0 PID: 7279 Comm: syz.1.337 Not tainted syzkaller #0 PREEMPT(full) 
[  187.511128][ T7279] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  187.511140][ T7279] Call Trace:
[  187.511147][ T7279]  <TASK>
[  187.511155][ T7279]  dump_stack_lvl+0x100/0x190
[  187.511188][ T7279]  should_fail_ex.cold+0x5/0xa
[  187.511206][ T7279]  ? prepare_alloc_pages+0x16d/0x5f0
[  187.511241][ T7279]  should_fail_alloc_page+0xeb/0x140
[  187.511263][ T7279]  prepare_alloc_pages+0x1f0/0x5f0
[  187.511287][ T7279]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  187.511319][ T7279]  ? rcu_is_watching+0x12/0xc0
[  187.511348][ T7279]  ? trace_mm_page_alloc+0x17a/0x1d0
[  187.511369][ T7279]  ? __alloc_frozen_pages_noprof+0x2b1/0x2ba0
[  187.511400][ T7279]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  187.511433][ T7279]  ? find_held_lock+0x2b/0x80
[  187.511449][ T7279]  ? is_bpf_text_address+0x8a/0x1a0
[  187.511476][ T7279]  ? is_bpf_text_address+0x8a/0x1a0
[  187.511508][ T7279]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  187.511528][ T7279]  ? is_bpf_text_address+0x94/0x1a0
[  187.511556][ T7279]  ? kernel_text_address+0x8d/0x100
[  187.511582][ T7279]  ? __kernel_text_address+0xd/0x30
[  187.511608][ T7279]  ? unwind_get_return_address+0x59/0xa0
[  187.511633][ T7279]  alloc_pages_bulk_noprof+0x782/0x1490
[  187.511669][ T7279]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  187.511699][ T7279]  ? kasan_save_stack+0x30/0x50
[  187.511731][ T7279]  ? alloc_pages_noprof+0x233/0x390
[  187.511752][ T7279]  __kasan_populate_vmalloc+0xf0/0x210
[  187.511787][ T7279]  alloc_vmap_area+0x95d/0x2bd0
[  187.511815][ T7279]  ? __pfx_alloc_vmap_area+0x10/0x10
[  187.511839][ T7279]  __get_vm_area_node+0x1ca/0x330
[  187.511864][ T7279]  __vmalloc_node_range_noprof+0x213/0x1530
[  187.511887][ T7279]  ? kernel_clone+0xfc/0x9a0
[  187.511906][ T7279]  ? find_held_lock+0x2b/0x80
[  187.511922][ T7279]  ? local_lock_release+0x99/0x130
[  187.511942][ T7279]  ? local_lock_release+0x99/0x130
[  187.511966][ T7279]  ? kernel_clone+0xfc/0x9a0
[  187.511994][ T7279]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  187.512019][ T7279]  ? __memcg_slab_post_alloc_hook+0x51b/0x990
[  187.512042][ T7279]  ? rcu_is_watching+0x12/0xc0
[  187.512069][ T7279]  ? trace_kmem_cache_alloc+0xf3/0x120
[  187.512090][ T7279]  ? kernel_clone+0xfc/0x9a0
[  187.512109][ T7279]  __vmalloc_node_noprof+0xad/0xf0
[  187.512131][ T7279]  ? kernel_clone+0xfc/0x9a0
[  187.512154][ T7279]  copy_process+0x5ec/0x7a40
[  187.512174][ T7279]  ? preempt_schedule_thunk+0x16/0x30
[  187.512201][ T7279]  ? try_to_wake_up+0x644/0x1a80
[  187.512229][ T7279]  ? __pfx_copy_process+0x10/0x10
[  187.512250][ T7279]  ? find_held_lock+0x2b/0x80
[  187.512270][ T7279]  ? futex_private_hash_put+0x107/0x1c0
[  187.512295][ T7279]  kernel_clone+0xfc/0x9a0
[  187.512317][ T7279]  ? __pfx_kernel_clone+0x10/0x10
[  187.512349][ T7279]  __do_sys_clone+0xd9/0x120
[  187.512371][ T7279]  ? __pfx___do_sys_clone+0x10/0x10
[  187.512410][ T7279]  do_syscall_64+0x106/0xf80
[  187.512435][ T7279]  ? clear_bhb_loop+0x40/0x90
[  187.512457][ T7279]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  187.512475][ T7279] RIP: 0033:0x7f27a9f9c799
[  187.512493][ T7279] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  187.512510][ T7279] RSP: 002b:00007f27aaecffd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  187.512530][ T7279] RAX: ffffffffffffffda RBX: 00007f27aa216090 RCX: 00007f27a9f9c799
[  187.512541][ T7279] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011
[  187.512551][ T7279] RBP: 00007f27aa032c99 R08: 0000000000000000 R09: 0000000000000000
[  187.512562][ T7279] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  187.512572][ T7279] R13: 00007f27aa216128 R14: 00007f27aa216090 R15: 00007fffbb42c878
[  187.512595][ T7279]  </TASK>
[  187.512659][ T7279] warn_alloc: 2 callbacks suppressed
[  187.512669][ T7279] syz.1.337: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  188.030143][ T7279] CPU: 0 UID: 0 PID: 7279 Comm: syz.1.337 Not tainted syzkaller #0 PREEMPT(full) 
[  188.030170][ T7279] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  188.030181][ T7279] Call Trace:
[  188.030187][ T7279]  <TASK>
[  188.030194][ T7279]  dump_stack_lvl+0x100/0x190
[  188.030228][ T7279]  warn_alloc.cold+0x95/0x1c1
[  188.030262][ T7279]  ? __pfx_warn_alloc+0x10/0x10
[  188.030287][ T7279]  ? lockdep_hardirqs_on+0x78/0x100
[  188.030314][ T7279]  ? __get_vm_area_node+0x2c5/0x330
[  188.030339][ T7279]  ? __get_vm_area_node+0x208/0x330
[  188.030363][ T7279]  __vmalloc_node_range_noprof+0xbf4/0x1530
[  188.030386][ T7279]  ? find_held_lock+0x2b/0x80
[  188.030403][ T7279]  ? local_lock_release+0x99/0x130
[  188.030424][ T7279]  ? local_lock_release+0x99/0x130
[  188.030447][ T7279]  ? kernel_clone+0xfc/0x9a0
[  188.030474][ T7279]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  188.030499][ T7279]  ? __memcg_slab_post_alloc_hook+0x51b/0x990
[  188.030522][ T7279]  ? rcu_is_watching+0x12/0xc0
[  188.030552][ T7279]  ? trace_kmem_cache_alloc+0xf3/0x120
[  188.030573][ T7279]  ? kernel_clone+0xfc/0x9a0
[  188.030592][ T7279]  __vmalloc_node_noprof+0xad/0xf0
[  188.030615][ T7279]  ? kernel_clone+0xfc/0x9a0
[  188.030637][ T7279]  copy_process+0x5ec/0x7a40
[  188.030658][ T7279]  ? preempt_schedule_thunk+0x16/0x30
[  188.030684][ T7279]  ? try_to_wake_up+0x644/0x1a80
[  188.030705][ T7279]  ? __pfx_copy_process+0x10/0x10
[  188.030726][ T7279]  ? find_held_lock+0x2b/0x80
[  188.030746][ T7279]  ? futex_private_hash_put+0x107/0x1c0
[  188.030771][ T7279]  kernel_clone+0xfc/0x9a0
[  188.030793][ T7279]  ? __pfx_kernel_clone+0x10/0x10
[  188.030825][ T7279]  __do_sys_clone+0xd9/0x120
[  188.030846][ T7279]  ? __pfx___do_sys_clone+0x10/0x10
[  188.030884][ T7279]  do_syscall_64+0x106/0xf80
[  188.030908][ T7279]  ? clear_bhb_loop+0x40/0x90
[  188.030930][ T7279]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  188.030949][ T7279] RIP: 0033:0x7f27a9f9c799
[  188.030964][ T7279] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  188.030989][ T7279] RSP: 002b:00007f27aaecffd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  188.031007][ T7279] RAX: ffffffffffffffda RBX: 00007f27aa216090 RCX: 00007f27a9f9c799
[  188.031018][ T7279] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011
[  188.031028][ T7279] RBP: 00007f27aa032c99 R08: 0000000000000000 R09: 0000000000000000
[  188.031039][ T7279] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  188.031049][ T7279] R13: 00007f27aa216128 R14: 00007f27aa216090 R15: 00007fffbb42c878
[  188.031071][ T7279]  </TASK>
[  188.031077][ T7279] Mem-Info:
[  188.447470][ T7279] active_anon:9167 inactive_anon:0 isolated_anon:0
[  188.447470][ T7279]  active_file:2959 inactive_file:39532 isolated_file:0
[  188.447470][ T7279]  unevictable:768 dirty:439 writeback:0
[  188.447470][ T7279]  slab_reclaimable:10798 slab_unreclaimable:90571
[  188.447470][ T7279]  mapped:30759 shmem:2383 pagetables:1091
[  188.447470][ T7279]  sec_pagetables:0 bounce:0
[  188.447470][ T7279]  kernel_misc_reclaimable:0
[  188.447470][ T7279]  free:1346914 free_pcp:6592 free_cma:0
[  188.767656][ T7279] Node 0 active_anon:50684kB inactive_anon:0kB active_file:11836kB inactive_file:158008kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:123304kB dirty:1800kB writeback:0kB shmem:8172kB shmem_thp:4096kB shmem_pmdmapped:4096kB anon_thp:0kB kernel_stack:11692kB pagetables:4144kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  189.068080][ T7279] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:128kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:64kB pagetables:160kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  189.288439][ T7279] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  189.381545][   T30] audit: type=1804 audit(1773801743.913:85): pid=7292 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.339" name="/newroot/82/file0" dev="tmpfs" ino=455 res=1 errno=0
[  189.437738][   T30] audit: type=1804 audit(1773801743.913:86): pid=7294 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.339" name="/newroot/82/file0" dev="tmpfs" ino=455 res=1 errno=0
[  189.532085][ T7279] lowmem_reserve[]: 0 2477 2478 2478 2478
[  189.547365][ T7279] Node 0 DMA32 free:1409116kB boost:0kB min:34056kB low:42568kB high:51080kB reserved_highatomic:0KB free_highatomic:0KB active_anon:45784kB inactive_anon:0kB active_file:11836kB inactive_file:158008kB unevictable:1536kB writepending:1980kB zspages:0kB present:3129332kB managed:2537380kB mlocked:0kB bounce:0kB free_pcp:46204kB local_pcp:21764kB free_cma:0kB
[  189.651970][ T7279] lowmem_reserve[]: 0 0 1 1 1
[  189.712970][ T7279] Node 0 Normal free:8kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1060kB mlocked:0kB bounce:0kB free_pcp:20kB local_pcp:12kB free_cma:0kB
[  189.879712][ T7279] lowmem_reserve[]: 0 0 0 0 0
[  189.886579][ T7279] Node 1 Normal free:3937968kB boost:0kB min:55828kB low:69784kB high:83740kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:128kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  189.922916][ T7279] lowmem_reserve[]: 0 0 0 0 0
[  189.930913][ T7279] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  189.946785][ T7279] Node 0 DMA32: 2179*4kB (UME) 1481*8kB (UME) 617*16kB (UME) 37*32kB (ME) 8*64kB (M) 42*128kB (M) 79*256kB (UM) 44*512kB (ME) 21*1024kB (UM) 1*2048kB (M) 321*4096kB (UM) = 1418628kB
[  189.965980][ T7279] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB
[  190.035916][ T7279] Node 1 Normal: 6*4kB (UM) 7*8kB (UM) 8*16kB (UM) 11*32kB (UM) 10*64kB (UM) 2*128kB (UM) 5*256kB (UM) 4*512kB (UM) 1*1024kB (M) 0*2048kB 960*4096kB (M) = 3937968kB
[  190.122174][ T7279] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  190.142916][ T7296] FAULT_INJECTION: forcing a failure.
[  190.142916][ T7296] name fail_futex, interval 1, probability 0, space 0, times 0
[  190.177336][ T7296] CPU: 1 UID: 0 PID: 7296 Comm: syz.2.340 Not tainted syzkaller #0 PREEMPT(full) 
[  190.177377][ T7296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  190.177394][ T7296] Call Trace:
[  190.177405][ T7296]  <TASK>
[  190.177416][ T7296]  dump_stack_lvl+0x100/0x190
[  190.177468][ T7296]  should_fail_ex.cold+0x5/0xa
[  190.177507][ T7296]  get_futex_key+0x1d2/0x1620
[  190.177550][ T7296]  ? __pfx_get_futex_key+0x10/0x10
[  190.177603][ T7296]  futex_wake+0xea/0x530
[  190.177655][ T7296]  ? __pfx_futex_wake+0x10/0x10
[  190.177708][ T7296]  ? putname+0xb1/0x110
[  190.177740][ T7296]  ? kmem_cache_free+0x124/0x6a0
[  190.177792][ T7296]  do_futex+0x32b/0x350
[  190.177835][ T7296]  ? __pfx_do_futex+0x10/0x10
[  190.177873][ T7296]  ? __pfx_do_sys_openat2+0x10/0x10
[  190.177926][ T7296]  __x64_sys_futex+0x34f/0x4d0
[  190.177979][ T7296]  ? __x64_sys_openat+0x12d/0x210
[  190.178022][ T7296]  ? __pfx___x64_sys_futex+0x10/0x10
[  190.178080][ T7296]  do_syscall_64+0x106/0xf80
[  190.178125][ T7296]  ? clear_bhb_loop+0x40/0x90
[  190.178166][ T7296]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.178198][ T7296] RIP: 0033:0x7f808999c799
[  190.178225][ T7296] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  190.178255][ T7296] RSP: 002b:00007f808a8da0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  190.178286][ T7296] RAX: ffffffffffffffda RBX: 00007f8089c15fa8 RCX: 00007f808999c799
[  190.178306][ T7296] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f8089c15fac
[  190.178325][ T7296] RBP: 00007f8089c15fa0 R08: 0000000000000000 R09: 0000000000000000
[  190.178343][ T7296] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000
[  190.178361][ T7296] R13: 00007f8089c16038 R14: 00007ffd40e745b0 R15: 00007ffd40e74698
[  190.178402][ T7296]  </TASK>
[  190.258189][ T7279] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  190.406062][ T7279] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  190.477702][ T7279] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  190.493332][ T7279] 44103 total pagecache pages
[  190.510924][ T7279] 0 pages in swap cache
[  190.524829][ T7279] Free swap  = 124996kB
[  190.537372][ T7279] Total swap = 124996kB
[  190.545007][ T7279] 2097051 pages RAM
[  190.557383][ T7279] 0 pages HighMem/MovableOnly
[  190.577404][ T7279] 430826 pages reserved
[  190.590098][ T7279] 0 pages cma reserved
[  190.998887][ T7315] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=544108393 (1088216786 ns) > initial count (3830 ns). Using initial count to start timer.
[  191.767354][   T30] audit: type=1804 audit(1773801746.303:87): pid=7331 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.350" name="/newroot/85/file0" dev="tmpfs" ino=473 res=1 errno=0
[  191.879828][   T30] audit: type=1804 audit(1773801746.333:88): pid=7334 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.350" name="/newroot/85/file0" dev="tmpfs" ino=473 res=1 errno=0
[  192.287148][ T7339] FAULT_INJECTION: forcing a failure.
[  192.287148][ T7339] name failslab, interval 1, probability 0, space 0, times 0
[  192.346443][ T7339] CPU: 1 UID: 0 PID: 7339 Comm: syz.1.351 Not tainted syzkaller #0 PREEMPT(full) 
[  192.346473][ T7339] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  192.346484][ T7339] Call Trace:
[  192.346491][ T7339]  <TASK>
[  192.346498][ T7339]  dump_stack_lvl+0x100/0x190
[  192.346531][ T7339]  should_fail_ex.cold+0x5/0xa
[  192.346552][ T7339]  should_failslab+0xc2/0x120
[  192.346581][ T7339]  __kmalloc_cache_noprof+0x7a/0x6f0
[  192.346618][ T7339]  ? ima_add_digest_entry+0x52/0x520
[  192.346668][ T7339]  ima_add_digest_entry+0x52/0x520
[  192.346711][ T7339]  ima_add_template_entry+0x476/0x800
[  192.346744][ T7339]  ? __pfx_ima_add_template_entry+0x10/0x10
[  192.346774][ T7339]  ? ima_alloc_init_template+0x51f/0x6d0
[  192.346797][ T7339]  ima_add_violation+0x184/0x3c0
[  192.346819][ T7339]  ? __pfx_ima_add_violation+0x10/0x10
[  192.346837][ T7339]  ? ima_d_path+0x137/0x260
[  192.346855][ T7339]  ? __pfx_ima_d_path+0x10/0x10
[  192.346877][ T7339]  ? __pfx_down_write+0x10/0x10
[  192.346918][ T7339]  process_measurement+0x148f/0x2350
[  192.346954][ T7339]  ? __pfx_process_measurement+0x10/0x10
[  192.346991][ T7339]  ? find_held_lock+0x2b/0x80
[  192.347009][ T7339]  ? rcu_read_unlock+0x17/0x60
[  192.347030][ T7339]  ? rcu_read_unlock+0x17/0x60
[  192.347050][ T7339]  ? obj_cgroup_charge_account+0x2c4/0x640
[  192.347182][ T7339]  ? seq_open+0x116/0x170
[  192.347219][ T7339]  ? inode_to_bdi+0x9e/0x160
[  192.347252][ T7339]  ima_file_check+0xcc/0x120
[  192.347302][ T7339]  ? __pfx_ima_file_check+0x10/0x10
[  192.347355][ T7339]  security_file_post_open+0xc4/0x210
[  192.347393][ T7339]  path_openat+0x1418/0x31a0
[  192.347421][ T7339]  ? __pfx_path_openat+0x10/0x10
[  192.347450][ T7339]  do_file_open+0x20e/0x430
[  192.347472][ T7339]  ? __pfx_do_file_open+0x10/0x10
[  192.347509][ T7339]  ? alloc_fd+0x476/0x790
[  192.347530][ T7339]  ? do_getname+0x191/0x390
[  192.347556][ T7339]  do_sys_openat2+0x10d/0x1e0
[  192.347582][ T7339]  ? __pfx_do_sys_openat2+0x10/0x10
[  192.347616][ T7339]  __x64_sys_openat+0x12d/0x210
[  192.347643][ T7339]  ? __pfx___x64_sys_openat+0x10/0x10
[  192.347677][ T7339]  do_syscall_64+0x106/0xf80
[  192.347705][ T7339]  ? clear_bhb_loop+0x40/0x90
[  192.347728][ T7339]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.347748][ T7339] RIP: 0033:0x7f27a9f9c799
[  192.347768][ T7339] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  192.347787][ T7339] RSP: 002b:00007f27aaef1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  192.347806][ T7339] RAX: ffffffffffffffda RBX: 00007f27aa215fa0 RCX: 00007f27a9f9c799
[  192.347819][ T7339] RDX: 0000000000008000 RSI: 0000200000000100 RDI: ffffffffffffff9c
[  192.347830][ T7339] RBP: 00007f27aa032c99 R08: 0000000000000000 R09: 0000000000000000
[  192.347842][ T7339] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  192.347853][ T7339] R13: 00007f27aa216038 R14: 00007f27aa215fa0 R15: 00007fffbb42c878
[  192.347878][ T7339]  </TASK>
[  192.667862][ T7339] ima: OUT OF MEMORY ERROR creating queue entry
[  192.676379][   T30] audit: type=1804 audit(1773801747.213:89): pid=7339 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.1.351" name="/newroot/sys/kernel/tracing/set_event" dev="tracefs" ino=19 res=0 errno=0
[  192.861237][   T30] audit: type=1804 audit(1773801747.213:90): pid=7339 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.351" name="/newroot/sys/kernel/tracing/set_event" dev="tracefs" ino=19 res=0 errno=0
[  193.723088][ T7362] netlink: 280 bytes leftover after parsing attributes in process `syz.2.357'.
[  193.791271][ T7364] FAULT_INJECTION: forcing a failure.
[  193.791271][ T7364] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  193.887488][ T7364] CPU: 1 UID: 0 PID: 7364 Comm: syz.2.357 Not tainted syzkaller #0 PREEMPT(full) 
[  193.887517][ T7364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  193.887528][ T7364] Call Trace:
[  193.887537][ T7364]  <TASK>
[  193.887545][ T7364]  dump_stack_lvl+0x100/0x190
[  193.887578][ T7364]  should_fail_ex.cold+0x5/0xa
[  193.887596][ T7364]  ? prepare_alloc_pages+0x16d/0x5f0
[  193.887619][ T7364]  should_fail_alloc_page+0xeb/0x140
[  193.887641][ T7364]  prepare_alloc_pages+0x1f0/0x5f0
[  193.887666][ T7364]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  193.887698][ T7364]  ? rcu_is_watching+0x12/0xc0
[  193.887727][ T7364]  ? trace_mm_page_alloc+0x17a/0x1d0
[  193.887748][ T7364]  ? __alloc_frozen_pages_noprof+0x2b1/0x2ba0
[  193.887786][ T7364]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  193.887818][ T7364]  ? find_held_lock+0x2b/0x80
[  193.887835][ T7364]  ? is_bpf_text_address+0x8a/0x1a0
[  193.887863][ T7364]  ? is_bpf_text_address+0x8a/0x1a0
[  193.887892][ T7364]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  193.887912][ T7364]  ? is_bpf_text_address+0x94/0x1a0
[  193.887939][ T7364]  ? kernel_text_address+0x8d/0x100
[  193.887974][ T7364]  ? __kernel_text_address+0xd/0x30
[  193.888000][ T7364]  ? unwind_get_return_address+0x59/0xa0
[  193.888025][ T7364]  alloc_pages_bulk_noprof+0x782/0x1490
[  193.888062][ T7364]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  193.888093][ T7364]  ? kasan_save_stack+0x30/0x50
[  193.888126][ T7364]  ? alloc_pages_noprof+0x233/0x390
[  193.888149][ T7364]  __kasan_populate_vmalloc+0xf0/0x210
[  193.888182][ T7364]  alloc_vmap_area+0x95d/0x2bd0
[  193.888215][ T7364]  ? __pfx_alloc_vmap_area+0x10/0x10
[  193.888240][ T7364]  __get_vm_area_node+0x1ca/0x330
[  193.888265][ T7364]  __vmalloc_node_range_noprof+0x213/0x1530
[  193.888289][ T7364]  ? kernel_clone+0xfc/0x9a0
[  193.888309][ T7364]  ? find_held_lock+0x2b/0x80
[  193.888325][ T7364]  ? local_lock_release+0x99/0x130
[  193.888346][ T7364]  ? local_lock_release+0x99/0x130
[  193.888370][ T7364]  ? kernel_clone+0xfc/0x9a0
[  193.888390][ T7364]  ? find_held_lock+0x2b/0x80
[  193.888406][ T7364]  ? rcu_read_unlock+0x17/0x60
[  193.888425][ T7364]  ? rcu_read_unlock+0x17/0x60
[  193.888444][ T7364]  ? obj_cgroup_charge_account+0x46d/0x640
[  193.888465][ T7364]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  193.888490][ T7364]  ? __memcg_slab_post_alloc_hook+0x51b/0x990
[  193.888514][ T7364]  ? rcu_is_watching+0x12/0xc0
[  193.888541][ T7364]  ? trace_kmem_cache_alloc+0xf3/0x120
[  193.888562][ T7364]  ? kernel_clone+0xfc/0x9a0
[  193.888582][ T7364]  __vmalloc_node_noprof+0xad/0xf0
[  193.888605][ T7364]  ? kernel_clone+0xfc/0x9a0
[  193.888627][ T7364]  copy_process+0x5ec/0x7a40
[  193.888650][ T7364]  ? __pfx___futex_wait+0x10/0x10
[  193.888676][ T7364]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  193.888700][ T7364]  ? lockdep_hardirqs_on+0x78/0x100
[  193.888732][ T7364]  ? __pfx_copy_process+0x10/0x10
[  193.888753][ T7364]  ? find_held_lock+0x2b/0x80
[  193.888779][ T7364]  kernel_clone+0xfc/0x9a0
[  193.888798][ T7364]  ? __pfx_futex_wait+0x10/0x10
[  193.888827][ T7364]  ? __pfx_kernel_clone+0x10/0x10
[  193.888860][ T7364]  __do_sys_clone+0xd9/0x120
[  193.888882][ T7364]  ? __pfx___do_sys_clone+0x10/0x10
[  193.888922][ T7364]  do_syscall_64+0x106/0xf80
[  193.888956][ T7364]  ? clear_bhb_loop+0x40/0x90
[  193.888981][ T7364]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  193.889002][ T7364] RIP: 0033:0x7f808999c799
[  193.889019][ T7364] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  193.889038][ T7364] RSP: 002b:00007f808a8b8fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  193.889058][ T7364] RAX: ffffffffffffffda RBX: 00007f8089c16090 RCX: 00007f808999c799
[  193.889070][ T7364] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011
[  193.889081][ T7364] RBP: 00007f8089a32c99 R08: 0000000000000000 R09: 0000000000000000
[  193.889092][ T7364] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  193.889102][ T7364] R13: 00007f8089c16128 R14: 00007f8089c16090 R15: 00007ffd40e74698
[  193.889127][ T7364]  </TASK>
[  194.607961][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  194.614689][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  195.507966][   T30] audit: type=1804 audit(1773801750.053:91): pid=7383 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.361" name="/newroot/85/file0" dev="tmpfs" ino=471 res=1 errno=0
[  195.574109][   T30] audit: type=1804 audit(1773801750.113:92): pid=7384 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.361" name="/newroot/85/file0" dev="tmpfs" ino=471 res=1 errno=0
[  196.393650][ T7393] FAULT_INJECTION: forcing a failure.
[  196.393650][ T7393] name fail_futex, interval 1, probability 0, space 0, times 0
[  196.406845][ T7393] CPU: 1 UID: 0 PID: 7393 Comm: syz.3.362 Not tainted syzkaller #0 PREEMPT(full) 
[  196.406893][ T7393] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  196.406911][ T7393] Call Trace:
[  196.406924][ T7393]  <TASK>
[  196.406932][ T7393]  dump_stack_lvl+0x100/0x190
[  196.406964][ T7393]  should_fail_ex.cold+0x5/0xa
[  196.406986][ T7393]  get_futex_key+0x1d2/0x1620
[  196.407012][ T7393]  ? __pfx_get_futex_key+0x10/0x10
[  196.407036][ T7393]  ? lock_acquire+0x1cf/0x380
[  196.407062][ T7393]  futex_wake+0xea/0x530
[  196.407091][ T7393]  ? __pfx_futex_wake+0x10/0x10
[  196.407119][ T7393]  ? fdget_pos+0x2aa/0x380
[  196.407142][ T7393]  ? ksys_write+0x190/0x250
[  196.407157][ T7393]  ? ksys_write+0x190/0x250
[  196.407178][ T7393]  do_futex+0x32b/0x350
[  196.407201][ T7393]  ? __pfx_do_futex+0x10/0x10
[  196.407240][ T7393]  __x64_sys_futex+0x34f/0x4d0
[  196.407278][ T7393]  ? fput+0x79/0x100
[  196.407309][ T7393]  ? __pfx___x64_sys_futex+0x10/0x10
[  196.407344][ T7393]  ? ksys_write+0x1ac/0x250
[  196.407369][ T7393]  ? __pfx_ksys_write+0x10/0x10
[  196.407409][ T7393]  do_syscall_64+0x106/0xf80
[  196.407452][ T7393]  ? clear_bhb_loop+0x40/0x90
[  196.407488][ T7393]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.407519][ T7393] RIP: 0033:0x7fc3f1d9c799
[  196.407544][ T7393] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  196.407573][ T7393] RSP: 002b:00007fc3efff60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  196.407602][ T7393] RAX: ffffffffffffffda RBX: 00007fc3f2015fa8 RCX: 00007fc3f1d9c799
[  196.407621][ T7393] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fc3f2015fac
[  196.407640][ T7393] RBP: 00007fc3f2015fa0 R08: 0000000000000000 R09: 0000000000000000
[  196.407658][ T7393] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[  196.407676][ T7393] R13: 00007fc3f2016038 R14: 00007ffc4e8f1420 R15: 00007ffc4e8f1508
[  196.407716][ T7393]  </TASK>
[  197.516530][ T7408] FAULT_INJECTION: forcing a failure.
[  197.516530][ T7408] name failslab, interval 1, probability 0, space 0, times 0
[  197.555956][ T7408] CPU: 1 UID: 0 PID: 7408 Comm: syz.2.368 Not tainted syzkaller #0 PREEMPT(full) 
[  197.556001][ T7408] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  197.556020][ T7408] Call Trace:
[  197.556030][ T7408]  <TASK>
[  197.556042][ T7408]  dump_stack_lvl+0x100/0x190
[  197.556097][ T7408]  should_fail_ex.cold+0x5/0xa
[  197.556132][ T7408]  should_failslab+0xc2/0x120
[  197.556166][ T7408]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  197.556212][ T7408]  ? dup_fd+0x4d/0xd10
[  197.556241][ T7408]  ? trace_kmalloc+0x101/0x130
[  197.556279][ T7408]  dup_fd+0x4d/0xd10
[  197.556316][ T7408]  ? apparmor_task_alloc+0x2c1/0x3b0
[  197.556373][ T7408]  copy_process+0x268f/0x7a40
[  197.556430][ T7408]  ? __pfx_copy_process+0x10/0x10
[  197.556467][ T7408]  ? find_held_lock+0x2b/0x80
[  197.556514][ T7408]  kernel_clone+0xfc/0x9a0
[  197.556547][ T7408]  ? __pfx_futex_wait+0x10/0x10
[  197.556597][ T7408]  ? __pfx_kernel_clone+0x10/0x10
[  197.556656][ T7408]  __do_sys_clone+0xd9/0x120
[  197.556689][ T7408]  ? __pfx___do_sys_clone+0x10/0x10
[  197.556756][ T7408]  do_syscall_64+0x106/0xf80
[  197.556797][ T7408]  ? clear_bhb_loop+0x40/0x90
[  197.556836][ T7408]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  197.556869][ T7408] RIP: 0033:0x7f808999c799
[  197.556904][ T7408] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  197.556934][ T7408] RSP: 002b:00007f808a8d9fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  197.556965][ T7408] RAX: ffffffffffffffda RBX: 00007f8089c15fa0 RCX: 00007f808999c799
[  197.556985][ T7408] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011
[  197.557003][ T7408] RBP: 00007f8089a32c99 R08: 0000000000000000 R09: 0000000000000000
[  197.557021][ T7408] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  197.557040][ T7408] R13: 00007f8089c16038 R14: 00007f8089c15fa0 R15: 00007ffd40e74698
[  197.557082][ T7408]  </TASK>
[  197.559588][ T7406] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=544108393 (1088216786 ns) > initial count (3830 ns). Using initial count to start timer.
[  198.324346][   T30] audit: type=1804 audit(1773801752.863:93): pid=7420 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.370" name="/newroot/92/file0" dev="tmpfs" ino=512 res=1 errno=0
[  198.457440][   T30] audit: type=1804 audit(1773801752.893:94): pid=7422 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.370" name="/newroot/92/file0" dev="tmpfs" ino=512 res=1 errno=0
[  198.516347][   T30] audit: type=1804 audit(1773801752.923:95): pid=7419 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.369" name="/newroot/89/file0" dev="tmpfs" ino=494 res=1 errno=0
[  200.389901][ T7447] FAULT_INJECTION: forcing a failure.
[  200.389901][ T7447] name failslab, interval 1, probability 0, space 0, times 0
[  200.416546][ T7447] CPU: 0 UID: 0 PID: 7447 Comm: syz.2.375 Not tainted syzkaller #0 PREEMPT(full) 
[  200.416592][ T7447] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  200.416612][ T7447] Call Trace:
[  200.416623][ T7447]  <TASK>
[  200.416635][ T7447]  dump_stack_lvl+0x100/0x190
[  200.416688][ T7447]  should_fail_ex.cold+0x5/0xa
[  200.416723][ T7447]  ? ima_write_template_field_data+0x59/0x1d0
[  200.416764][ T7447]  should_failslab+0xc2/0x120
[  200.416797][ T7447]  __kmalloc_noprof+0xe0/0x850
[  200.416844][ T7447]  ? __x64_sys_openat+0x12d/0x210
[  200.416893][ T7447]  ? do_syscall_64+0x106/0xf80
[  200.416944][ T7447]  ima_write_template_field_data+0x59/0x1d0
[  200.416989][ T7447]  ima_eventdigest_init_common+0x158/0x460
[  200.417031][ T7447]  ? __pfx_ima_eventdigest_init_common+0x10/0x10
[  200.417098][ T7447]  ? trace_kmalloc+0x30/0x130
[  200.417128][ T7447]  ? __kasan_kmalloc+0xaa/0xb0
[  200.417178][ T7447]  ? __kmalloc_noprof+0x320/0x850
[  200.417238][ T7447]  ima_alloc_init_template+0x399/0x6d0
[  200.417278][ T7447]  ima_add_violation+0x128/0x3c0
[  200.417315][ T7447]  ? __pfx_ima_add_violation+0x10/0x10
[  200.417347][ T7447]  ? ima_d_path+0x137/0x260
[  200.417380][ T7447]  ? __pfx_ima_d_path+0x10/0x10
[  200.417419][ T7447]  ? __pfx_down_write+0x10/0x10
[  200.417475][ T7447]  process_measurement+0x148f/0x2350
[  200.417538][ T7447]  ? __pfx_process_measurement+0x10/0x10
[  200.417596][ T7447]  ? find_held_lock+0x2b/0x80
[  200.417625][ T7447]  ? rcu_read_unlock+0x17/0x60
[  200.417658][ T7447]  ? rcu_read_unlock+0x17/0x60
[  200.417692][ T7447]  ? obj_cgroup_charge_account+0x2c4/0x640
[  200.417760][ T7447]  ? seq_open+0x116/0x170
[  200.417802][ T7447]  ? inode_to_bdi+0x9e/0x160
[  200.417838][ T7447]  ima_file_check+0xcc/0x120
[  200.417896][ T7447]  ? __pfx_ima_file_check+0x10/0x10
[  200.417957][ T7447]  security_file_post_open+0xc4/0x210
[  200.417995][ T7447]  path_openat+0x1418/0x31a0
[  200.418045][ T7447]  ? __pfx_path_openat+0x10/0x10
[  200.418093][ T7447]  do_file_open+0x20e/0x430
[  200.418128][ T7447]  ? __pfx_do_file_open+0x10/0x10
[  200.418192][ T7447]  ? alloc_fd+0x476/0x790
[  200.418228][ T7447]  ? do_getname+0x191/0x390
[  200.418270][ T7447]  do_sys_openat2+0x10d/0x1e0
[  200.418312][ T7447]  ? __pfx_do_sys_openat2+0x10/0x10
[  200.418370][ T7447]  __x64_sys_openat+0x12d/0x210
[  200.418413][ T7447]  ? __pfx___x64_sys_openat+0x10/0x10
[  200.418468][ T7447]  do_syscall_64+0x106/0xf80
[  200.418511][ T7447]  ? clear_bhb_loop+0x40/0x90
[  200.418551][ T7447]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  200.418584][ T7447] RIP: 0033:0x7f808999c799
[  200.418612][ T7447] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  200.418644][ T7447] RSP: 002b:00007f808a8da028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  200.418677][ T7447] RAX: ffffffffffffffda RBX: 00007f8089c15fa0 RCX: 00007f808999c799
[  200.418698][ T7447] RDX: 0000000000008000 RSI: 0000200000000100 RDI: ffffffffffffff9c
[  200.418719][ T7447] RBP: 00007f8089a32c99 R08: 0000000000000000 R09: 0000000000000000
[  200.418738][ T7447] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  200.418758][ T7447] R13: 00007f8089c16038 R14: 00007f8089c15fa0 R15: 00007ffd40e74698
[  200.418801][ T7447]  </TASK>
[  200.887324][   T30] audit: type=1804 audit(1773801755.423:96): pid=7447 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.375" name="/newroot/sys/kernel/tracing/set_event" dev="tracefs" ino=19 res=0 errno=0
[  201.041143][   T30] audit: type=1804 audit(1773801755.583:97): pid=7452 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.376" name="/newroot/sys/kernel/tracing/set_event" dev="tracefs" ino=19 res=1 errno=0
[  201.359205][ T7458] FAULT_INJECTION: forcing a failure.
[  201.359205][ T7458] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  201.396583][ T7458] CPU: 0 UID: 0 PID: 7458 Comm: syz.1.378 Not tainted syzkaller #0 PREEMPT(full) 
[  201.396627][ T7458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  201.396646][ T7458] Call Trace:
[  201.396658][ T7458]  <TASK>
[  201.396671][ T7458]  dump_stack_lvl+0x100/0x190
[  201.396723][ T7458]  should_fail_ex.cold+0x5/0xa
[  201.396753][ T7458]  ? prepare_alloc_pages+0x16d/0x5f0
[  201.396793][ T7458]  should_fail_alloc_page+0xeb/0x140
[  201.396829][ T7458]  prepare_alloc_pages+0x1f0/0x5f0
[  201.396887][ T7458]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  201.396941][ T7458]  ? rcu_is_watching+0x12/0xc0
[  201.396990][ T7458]  ? trace_mm_page_alloc+0x17a/0x1d0
[  201.397029][ T7458]  ? __alloc_frozen_pages_noprof+0x2b1/0x2ba0
[  201.397085][ T7458]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  201.397139][ T7458]  ? find_held_lock+0x2b/0x80
[  201.397168][ T7458]  ? is_bpf_text_address+0x8a/0x1a0
[  201.397214][ T7458]  ? is_bpf_text_address+0x8a/0x1a0
[  201.397264][ T7458]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  201.397296][ T7458]  ? is_bpf_text_address+0x94/0x1a0
[  201.397335][ T7458]  ? kernel_text_address+0x8d/0x100
[  201.397376][ T7458]  ? __kernel_text_address+0xd/0x30
[  201.397414][ T7458]  ? unwind_get_return_address+0x59/0xa0
[  201.397459][ T7458]  alloc_pages_bulk_noprof+0x782/0x1490
[  201.397521][ T7458]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  201.397570][ T7458]  ? kasan_save_stack+0x30/0x50
[  201.397629][ T7458]  ? alloc_pages_noprof+0x233/0x390
[  201.397666][ T7458]  __kasan_populate_vmalloc+0xf0/0x210
[  201.397723][ T7458]  alloc_vmap_area+0x95d/0x2bd0
[  201.397773][ T7458]  ? __pfx_alloc_vmap_area+0x10/0x10
[  201.397816][ T7458]  __get_vm_area_node+0x1ca/0x330
[  201.397859][ T7458]  __vmalloc_node_range_noprof+0x213/0x1530
[  201.397911][ T7458]  ? kernel_clone+0xfc/0x9a0
[  201.397945][ T7458]  ? find_held_lock+0x2b/0x80
[  201.397973][ T7458]  ? local_lock_release+0x99/0x130
[  201.398009][ T7458]  ? local_lock_release+0x99/0x130
[  201.398050][ T7458]  ? kernel_clone+0xfc/0x9a0
[  201.398086][ T7458]  ? find_held_lock+0x2b/0x80
[  201.398114][ T7458]  ? rcu_read_unlock+0x17/0x60
[  201.398145][ T7458]  ? rcu_read_unlock+0x17/0x60
[  201.398178][ T7458]  ? obj_cgroup_charge_account+0x46d/0x640
[  201.398213][ T7458]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  201.398255][ T7458]  ? __memcg_slab_post_alloc_hook+0x51b/0x990
[  201.398296][ T7458]  ? rcu_is_watching+0x12/0xc0
[  201.398341][ T7458]  ? trace_kmem_cache_alloc+0xf3/0x120
[  201.398377][ T7458]  ? kernel_clone+0xfc/0x9a0
[  201.398411][ T7458]  __vmalloc_node_noprof+0xad/0xf0
[  201.398449][ T7458]  ? kernel_clone+0xfc/0x9a0
[  201.398488][ T7458]  copy_process+0x5ec/0x7a40
[  201.398526][ T7458]  ? __pfx___futex_wait+0x10/0x10
[  201.398571][ T7458]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  201.398612][ T7458]  ? lockdep_hardirqs_on+0x78/0x100
[  201.398668][ T7458]  ? __pfx_copy_process+0x10/0x10
[  201.398704][ T7458]  ? find_held_lock+0x2b/0x80
[  201.398751][ T7458]  kernel_clone+0xfc/0x9a0
[  201.398784][ T7458]  ? __pfx_futex_wait+0x10/0x10
[  201.398831][ T7458]  ? __pfx_kernel_clone+0x10/0x10
[  201.398900][ T7458]  __do_sys_clone+0xd9/0x120
[  201.398937][ T7458]  ? __pfx___do_sys_clone+0x10/0x10
[  201.399008][ T7458]  do_syscall_64+0x106/0xf80
[  201.399051][ T7458]  ? clear_bhb_loop+0x40/0x90
[  201.399090][ T7458]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  201.399121][ T7458] RIP: 0033:0x7f27a9f9c799
[  201.399148][ T7458] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  201.399178][ T7458] RSP: 002b:00007f27aaef0fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  201.399209][ T7458] RAX: ffffffffffffffda RBX: 00007f27aa215fa0 RCX: 00007f27a9f9c799
[  201.399230][ T7458] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011
[  201.399248][ T7458] RBP: 00007f27aa032c99 R08: 0000000000000000 R09: 0000000000000000
[  201.399266][ T7458] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  201.399285][ T7458] R13: 00007f27aa216038 R14: 00007f27aa215fa0 R15: 00007fffbb42c878
[  201.399326][ T7458]  </TASK>
[  201.948004][ T7458] warn_alloc: 1 callbacks suppressed
[  201.948030][ T7458] syz.1.378: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  202.161755][ T7458] CPU: 1 UID: 0 PID: 7458 Comm: syz.1.378 Not tainted syzkaller #0 PREEMPT(full) 
[  202.161797][ T7458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  202.161817][ T7458] Call Trace:
[  202.161827][ T7458]  <TASK>
[  202.161840][ T7458]  dump_stack_lvl+0x100/0x190
[  202.161885][ T7458]  warn_alloc.cold+0x95/0x1c1
[  202.161927][ T7458]  ? __pfx_warn_alloc+0x10/0x10
[  202.161967][ T7458]  ? lockdep_hardirqs_on+0x78/0x100
[  202.162016][ T7458]  ? __get_vm_area_node+0x2c5/0x330
[  202.162061][ T7458]  ? __get_vm_area_node+0x208/0x330
[  202.162114][ T7458]  __vmalloc_node_range_noprof+0xbf4/0x1530
[  202.162158][ T7458]  ? find_held_lock+0x2b/0x80
[  202.162187][ T7458]  ? local_lock_release+0x99/0x130
[  202.162223][ T7458]  ? local_lock_release+0x99/0x130
[  202.162265][ T7458]  ? kernel_clone+0xfc/0x9a0
[  202.162302][ T7458]  ? find_held_lock+0x2b/0x80
[  202.162330][ T7458]  ? rcu_read_unlock+0x17/0x60
[  202.162363][ T7458]  ? rcu_read_unlock+0x17/0x60
[  202.162396][ T7458]  ? obj_cgroup_charge_account+0x46d/0x640
[  202.162433][ T7458]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  202.162474][ T7458]  ? __memcg_slab_post_alloc_hook+0x51b/0x990
[  202.162515][ T7458]  ? rcu_is_watching+0x12/0xc0
[  202.162561][ T7458]  ? trace_kmem_cache_alloc+0xf3/0x120
[  202.162597][ T7458]  ? kernel_clone+0xfc/0x9a0
[  202.162631][ T7458]  __vmalloc_node_noprof+0xad/0xf0
[  202.162668][ T7458]  ? kernel_clone+0xfc/0x9a0
[  202.162707][ T7458]  copy_process+0x5ec/0x7a40
[  202.162745][ T7458]  ? __pfx___futex_wait+0x10/0x10
[  202.162789][ T7458]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  202.162830][ T7458]  ? lockdep_hardirqs_on+0x78/0x100
[  202.162882][ T7458]  ? __pfx_copy_process+0x10/0x10
[  202.162917][ T7458]  ? find_held_lock+0x2b/0x80
[  202.162962][ T7458]  kernel_clone+0xfc/0x9a0
[  202.162994][ T7458]  ? __pfx_futex_wait+0x10/0x10
[  202.163042][ T7458]  ? __pfx_kernel_clone+0x10/0x10
[  202.163100][ T7458]  __do_sys_clone+0xd9/0x120
[  202.163145][ T7458]  ? __pfx___do_sys_clone+0x10/0x10
[  202.163216][ T7458]  do_syscall_64+0x106/0xf80
[  202.163257][ T7458]  ? clear_bhb_loop+0x40/0x90
[  202.163294][ T7458]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.163326][ T7458] RIP: 0033:0x7f27a9f9c799
[  202.163352][ T7458] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  202.163381][ T7458] RSP: 002b:00007f27aaef0fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  202.163412][ T7458] RAX: ffffffffffffffda RBX: 00007f27aa215fa0 RCX: 00007f27a9f9c799
[  202.163432][ T7458] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011
[  202.163450][ T7458] RBP: 00007f27aa032c99 R08: 0000000000000000 R09: 0000000000000000
[  202.163469][ T7458] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  202.163488][ T7458] R13: 00007f27aa216038 R14: 00007f27aa215fa0 R15: 00007fffbb42c878
[  202.163530][ T7458]  </TASK>
[  202.352984][ T7458] Mem-Info:
[  202.623497][ T7458] active_anon:6409 inactive_anon:0 isolated_anon:0
[  202.623497][ T7458]  active_file:2959 inactive_file:39514 isolated_file:0
[  202.623497][ T7458]  unevictable:768 dirty:361 writeback:0
[  202.623497][ T7458]  slab_reclaimable:10853 slab_unreclaimable:90475
[  202.623497][ T7458]  mapped:24849 shmem:1612 pagetables:1006
[  202.623497][ T7458]  sec_pagetables:0 bounce:0
[  202.623497][ T7458]  kernel_misc_reclaimable:0
[  202.623497][ T7458]  free:1350326 free_pcp:7317 free_cma:0
[  202.676320][ T7458] Node 0 active_anon:25636kB inactive_anon:0kB active_file:11836kB inactive_file:157928kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:99396kB dirty:1444kB writeback:0kB shmem:4912kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11208kB pagetables:3864kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  202.713024][ T7458] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:128kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:64kB pagetables:160kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  202.750004][ T7458] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  202.784610][ T7458] lowmem_reserve[]: 0 2477 2478 2478 2478
[  202.790570][ T7458] Node 0 DMA32 free:1448020kB boost:0kB min:34056kB low:42568kB high:51080kB reserved_highatomic:0KB free_highatomic:0KB active_anon:25636kB inactive_anon:0kB active_file:11836kB inactive_file:157928kB unevictable:1536kB writepending:1444kB zspages:0kB present:3129332kB managed:2537380kB mlocked:0kB bounce:0kB free_pcp:29604kB local_pcp:9048kB free_cma:0kB
[  202.829250][ T7458] lowmem_reserve[]: 0 0 1 1 1
[  202.834777][ T7458] Node 0 Normal free:8kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1060kB mlocked:0kB bounce:0kB free_pcp:20kB local_pcp:12kB free_cma:0kB
[  202.867402][ T7458] lowmem_reserve[]: 0 0 0 0 0
[  202.872212][ T7458] Node 1 Normal free:3937916kB boost:0kB min:55828kB low:69784kB high:83740kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:128kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  202.907281][ T7458] lowmem_reserve[]: 0 0 0 0 0
[  202.912405][ T7458] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  202.977470][ T7458] Node 0 DMA32: 2503*4kB (UME) 1657*8kB (UME) 713*16kB (UME) 247*32kB (UME) 178*64kB (UM) 113*128kB (UME) 83*256kB (UME) 41*512kB (M) 25*1024kB (UM) 5*2048kB (UM) 318*4096kB (UM) = 1449044kB
[  203.004575][ T7458] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB
[  203.027535][ T7458] Node 1 Normal: 5*4kB (UM) 7*8kB (UM) 8*16kB (UM) 11*32kB (UM) 10*64kB (UM) 2*128kB (UM) 5*256kB (UM) 4*512kB (UM) 1*1024kB (M) 0*2048kB 960*4096kB (M) = 3937964kB
[  203.086515][ T7458] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  203.105264][ T7458] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  203.139390][ T7468] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=544108393 (1088216786 ns) > initial count (3830 ns). Using initial count to start timer.
[  203.197635][ T7458] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  203.223870][ T7458] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  203.237964][ T7458] 44085 total pagecache pages
[  203.243705][ T7458] 0 pages in swap cache
[  203.263288][ T7458] Free swap  = 124996kB
[  203.274887][ T7458] Total swap = 124996kB
[  203.295129][ T7458] 2097051 pages RAM
[  203.327356][ T7458] 0 pages HighMem/MovableOnly
[  203.341735][ T7458] 430826 pages reserved
[  203.346053][ T7458] 0 pages cma reserved
[  203.874735][   T30] audit: type=1804 audit(1773801758.413:98): pid=7481 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.381" name="/newroot/101/file0" dev="tmpfs" ino=559 res=1 errno=0
[  204.001577][   T30] audit: type=1804 audit(1773801758.453:99): pid=7483 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.381" name="/newroot/101/file0" dev="tmpfs" ino=559 res=1 errno=0
[  206.799825][ T7513] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=544108393 (1088216786 ns) > initial count (3830 ns). Using initial count to start timer.
[  206.922337][ T5833] Bluetooth: hci0: command 0x0406 tx timeout
[  206.924387][ T5144] Bluetooth: hci1: command 0x0406 tx timeout
[  206.928937][ T5834] Bluetooth: hci3: command 0x0406 tx timeout
[  206.938517][ T5144] Bluetooth: hci2: command 0x0406 tx timeout
[  207.156559][ T7518] FAULT_INJECTION: forcing a failure.
[  207.156559][ T7518] name failslab, interval 1, probability 0, space 0, times 0
[  207.207621][ T7518] CPU: 1 UID: 0 PID: 7518 Comm: syz.3.392 Not tainted syzkaller #0 PREEMPT(full) 
[  207.207678][ T7518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  207.207697][ T7518] Call Trace:
[  207.207708][ T7518]  <TASK>
[  207.207720][ T7518]  dump_stack_lvl+0x100/0x190
[  207.207773][ T7518]  should_fail_ex.cold+0x5/0xa
[  207.207819][ T7518]  should_failslab+0xc2/0x120
[  207.207854][ T7518]  __kmalloc_cache_noprof+0x7a/0x6f0
[  207.207895][ T7518]  ? alloc_fdtable+0xbd/0x2d0
[  207.207940][ T7518]  ? find_held_lock+0x2b/0x80
[  207.207969][ T7518]  ? dup_fd+0x924/0xd10
[  207.208003][ T7518]  alloc_fdtable+0xbd/0x2d0
[  207.208051][ T7518]  dup_fd+0x995/0xd10
[  207.208097][ T7518]  ? apparmor_task_alloc+0x2c1/0x3b0
[  207.208151][ T7518]  copy_process+0x268f/0x7a40
[  207.208200][ T7518]  ? preempt_schedule_thunk+0x16/0x30
[  207.208254][ T7518]  ? __pfx_copy_process+0x10/0x10
[  207.208299][ T7518]  ? find_held_lock+0x2b/0x80
[  207.208335][ T7518]  ? futex_private_hash_put+0x107/0x1c0
[  207.208380][ T7518]  kernel_clone+0xfc/0x9a0
[  207.208417][ T7518]  ? __pfx_kernel_clone+0x10/0x10
[  207.208469][ T7518]  __do_sys_clone+0xd9/0x120
[  207.208507][ T7518]  ? __pfx___do_sys_clone+0x10/0x10
[  207.208572][ T7518]  do_syscall_64+0x106/0xf80
[  207.208612][ T7518]  ? clear_bhb_loop+0x40/0x90
[  207.208650][ T7518]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  207.208681][ T7518] RIP: 0033:0x7fc3f1d9c799
[  207.208708][ T7518] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  207.208737][ T7518] RSP: 002b:00007fc3efff5fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  207.208768][ T7518] RAX: ffffffffffffffda RBX: 00007fc3f2015fa0 RCX: 00007fc3f1d9c799
[  207.208797][ T7518] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011
[  207.208815][ T7518] RBP: 00007fc3f1e32c99 R08: 0000000000000000 R09: 0000000000000000
[  207.208833][ T7518] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  207.208850][ T7518] R13: 00007fc3f2016038 R14: 00007fc3f2015fa0 R15: 00007ffc4e8f1508
[  207.208891][ T7518]  </TASK>
[  207.580443][   T30] audit: type=1804 audit(1773801762.073:100): pid=7521 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.393" name="/newroot/105/file0" dev="tmpfs" ino=581 res=1 errno=0
[  207.669071][   T30] audit: type=1804 audit(1773801762.103:101): pid=7521 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.393" name="/newroot/105/file0" dev="tmpfs" ino=581 res=1 errno=0
[  208.119637][ T7529] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  208.523749][ T7544] FAULT_INJECTION: forcing a failure.
[  208.523749][ T7544] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  208.583128][ T7544] CPU: 0 UID: 0 PID: 7544 Comm: syz.0.399 Not tainted syzkaller #0 PREEMPT(full) 
[  208.583173][ T7544] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  208.583192][ T7544] Call Trace:
[  208.583203][ T7544]  <TASK>
[  208.583215][ T7544]  dump_stack_lvl+0x100/0x190
[  208.583267][ T7544]  should_fail_ex.cold+0x5/0xa
[  208.583304][ T7544]  _copy_from_iter+0x1f4/0x1690
[  208.583350][ T7544]  ? __pfx__copy_from_iter+0x10/0x10
[  208.583397][ T7544]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  208.583442][ T7544]  skb_copy_datagram_from_iter+0x11f/0x720
[  208.583494][ T7544]  tun_get_user+0x1884/0x3e10
[  208.583546][ T7544]  ? __pfx_tun_get_user+0x10/0x10
[  208.583581][ T7544]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  208.583645][ T7544]  ? find_held_lock+0x2b/0x80
[  208.583674][ T7544]  ? tun_get+0x191/0x370
[  208.583700][ T7544]  ? tun_get+0x191/0x370
[  208.583738][ T7544]  tun_chr_write_iter+0xdc/0x200
[  208.583772][ T7544]  vfs_write+0x6ac/0x1070
[  208.583812][ T7544]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  208.583848][ T7544]  ? __pfx_vfs_write+0x10/0x10
[  208.583874][ T7544]  ? find_held_lock+0x2b/0x80
[  208.583929][ T7544]  __x64_sys_pwrite64+0x1eb/0x250
[  208.583962][ T7544]  ? __pfx___x64_sys_pwrite64+0x10/0x10
[  208.584006][ T7544]  do_syscall_64+0x106/0xf80
[  208.584048][ T7544]  ? clear_bhb_loop+0x40/0x90
[  208.584092][ T7544]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  208.584124][ T7544] RIP: 0033:0x7f748df9c799
[  208.584151][ T7544] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  208.584182][ T7544] RSP: 002b:00007f748eef7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000012
[  208.584213][ T7544] RAX: ffffffffffffffda RBX: 00007f748e216090 RCX: 00007f748df9c799
[  208.584233][ T7544] RDX: 000000000000ce80 RSI: 0000200000000140 RDI: 00000000000000c8
[  208.584252][ T7544] RBP: 00007f748e032c99 R08: 0000000000000000 R09: 0000000000000000
[  208.584271][ T7544] R10: 0000000000000039 R11: 0000000000000246 R12: 0000000000000000
[  208.584290][ T7544] R13: 00007f748e216128 R14: 00007f748e216090 R15: 00007fffdf1ba5a8
[  208.584332][ T7544]  </TASK>
[  210.249901][   T30] audit: type=1804 audit(1773801764.793:102): pid=7561 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.403" name="/newroot/109/file0" dev="tmpfs" ino=603 res=1 errno=0
[  210.365267][   T30] audit: type=1804 audit(1773801764.903:103): pid=7562 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.403" name="/newroot/109/file0" dev="tmpfs" ino=603 res=1 errno=0
[  210.622048][ T7569] netlink: 280 bytes leftover after parsing attributes in process `syz.3.405'.
[  210.669014][ T7569] FAULT_INJECTION: forcing a failure.
[  210.669014][ T7569] name failslab, interval 1, probability 0, space 0, times 0
[  210.710800][ T7569] CPU: 0 UID: 0 PID: 7569 Comm: syz.3.405 Not tainted syzkaller #0 PREEMPT(full) 
[  210.710828][ T7569] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  210.710840][ T7569] Call Trace:
[  210.710846][ T7569]  <TASK>
[  210.710854][ T7569]  dump_stack_lvl+0x100/0x190
[  210.710886][ T7569]  should_fail_ex.cold+0x5/0xa
[  210.710907][ T7569]  should_failslab+0xc2/0x120
[  210.710927][ T7569]  __kmalloc_node_noprof+0xe6/0x850
[  210.710955][ T7569]  ? __vmalloc_node_range_noprof+0x3dc/0x1530
[  210.710982][ T7569]  __vmalloc_node_range_noprof+0x3dc/0x1530
[  210.711005][ T7569]  ? find_held_lock+0x2b/0x80
[  210.711022][ T7569]  ? local_lock_release+0x99/0x130
[  210.711047][ T7569]  ? kernel_clone+0xfc/0x9a0
[  210.711069][ T7569]  ? find_held_lock+0x2b/0x80
[  210.711085][ T7569]  ? rcu_read_unlock+0x17/0x60
[  210.711105][ T7569]  ? obj_cgroup_charge_account+0x46d/0x640
[  210.711125][ T7569]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  210.711150][ T7569]  ? __memcg_slab_post_alloc_hook+0x51b/0x990
[  210.711174][ T7569]  ? rcu_is_watching+0x12/0xc0
[  210.711201][ T7569]  ? trace_kmem_cache_alloc+0xf3/0x120
[  210.711222][ T7569]  ? kernel_clone+0xfc/0x9a0
[  210.711241][ T7569]  __vmalloc_node_noprof+0xad/0xf0
[  210.711263][ T7569]  ? kernel_clone+0xfc/0x9a0
[  210.711285][ T7569]  copy_process+0x5ec/0x7a40
[  210.711306][ T7569]  ? preempt_schedule_thunk+0x16/0x30
[  210.711333][ T7569]  ? try_to_wake_up+0x644/0x1a80
[  210.711354][ T7569]  ? __pfx_copy_process+0x10/0x10
[  210.711374][ T7569]  ? find_held_lock+0x2b/0x80
[  210.711394][ T7569]  ? futex_private_hash_put+0x107/0x1c0
[  210.711419][ T7569]  kernel_clone+0xfc/0x9a0
[  210.711442][ T7569]  ? __pfx_kernel_clone+0x10/0x10
[  210.711475][ T7569]  __do_sys_clone+0xd9/0x120
[  210.711496][ T7569]  ? __pfx___do_sys_clone+0x10/0x10
[  210.711535][ T7569]  do_syscall_64+0x106/0xf80
[  210.711560][ T7569]  ? clear_bhb_loop+0x40/0x90
[  210.711582][ T7569]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.711601][ T7569] RIP: 0033:0x7fc3f1d9c799
[  210.711618][ T7569] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  210.711636][ T7569] RSP: 002b:00007fc3efff5fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  210.711655][ T7569] RAX: ffffffffffffffda RBX: 00007fc3f2015fa0 RCX: 00007fc3f1d9c799
[  210.711668][ T7569] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011
[  210.711679][ T7569] RBP: 00007fc3f1e32c99 R08: 0000000000000000 R09: 0000000000000000
[  210.711689][ T7569] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  210.711700][ T7569] R13: 00007fc3f2016038 R14: 00007fc3f2015fa0 R15: 00007ffc4e8f1508
[  210.711736][ T7569]  </TASK>
[  211.467350][   T30] audit: type=1800 audit(1773801766.003:104): pid=7573 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.406" name="lu_gp_id" dev="configfs" ino=18643 res=0 errno=0
[  211.489630][ T7573] kstrtoul() returned -22 for lu_gp_id
[  212.744167][   T30] audit: type=1326 audit(1773801767.283:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7590 comm="syz.0.410" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f748df9c799 code=0x0
[  212.797661][ T5827] Bluetooth: hci1: unexpected subevent 0x04 length: 122 > 11
[  213.808662][   T30] audit: type=1804 audit(1773801768.323:106): pid=7615 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.415" name="/newroot/113/file0" dev="tmpfs" ino=624 res=1 errno=0
[  213.867456][   T30] audit: type=1804 audit(1773801768.323:107): pid=7617 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.415" name="/newroot/113/file0" dev="tmpfs" ino=624 res=1 errno=0
[  213.958108][ T7620] netlink: 280 bytes leftover after parsing attributes in process `syz.1.416'.
[  214.002188][ T7620] FAULT_INJECTION: forcing a failure.
[  214.002188][ T7620] name failslab, interval 1, probability 0, space 0, times 0
[  214.055100][ T7620] CPU: 1 UID: 0 PID: 7620 Comm: syz.1.416 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  214.055148][ T7620] Tainted: [L]=SOFTLOCKUP
[  214.055158][ T7620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  214.055175][ T7620] Call Trace:
[  214.055184][ T7620]  <TASK>
[  214.055195][ T7620]  dump_stack_lvl+0x100/0x190
[  214.055243][ T7620]  should_fail_ex.cold+0x5/0xa
[  214.055277][ T7620]  should_failslab+0xc2/0x120
[  214.055307][ T7620]  __kmalloc_cache_noprof+0x7a/0x6f0
[  214.055343][ T7620]  ? alloc_fdtable+0xbd/0x2d0
[  214.055382][ T7620]  ? find_held_lock+0x2b/0x80
[  214.055408][ T7620]  ? dup_fd+0x924/0xd10
[  214.055439][ T7620]  alloc_fdtable+0xbd/0x2d0
[  214.055481][ T7620]  dup_fd+0x995/0xd10
[  214.055514][ T7620]  ? apparmor_task_alloc+0x2c1/0x3b0
[  214.055559][ T7620]  copy_process+0x268f/0x7a40
[  214.055591][ T7620]  ? preempt_schedule_thunk+0x16/0x30
[  214.055638][ T7620]  ? __pfx_copy_process+0x10/0x10
[  214.055669][ T7620]  ? find_held_lock+0x2b/0x80
[  214.055700][ T7620]  ? futex_private_hash_put+0x107/0x1c0
[  214.055739][ T7620]  kernel_clone+0xfc/0x9a0
[  214.055773][ T7620]  ? __pfx_kernel_clone+0x10/0x10
[  214.055826][ T7620]  __do_sys_clone+0xd9/0x120
[  214.055858][ T7620]  ? __pfx___do_sys_clone+0x10/0x10
[  214.055920][ T7620]  do_syscall_64+0x106/0xf80
[  214.055968][ T7620]  ? clear_bhb_loop+0x40/0x90
[  214.056002][ T7620]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.056030][ T7620] RIP: 0033:0x7f27a9f9c799
[  214.056055][ T7620] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  214.056082][ T7620] RSP: 002b:00007f27aaef0fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  214.056110][ T7620] RAX: ffffffffffffffda RBX: 00007f27aa215fa0 RCX: 00007f27a9f9c799
[  214.056129][ T7620] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011
[  214.056146][ T7620] RBP: 00007f27aa032c99 R08: 0000000000000000 R09: 0000000000000000
[  214.056163][ T7620] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  214.056179][ T7620] R13: 00007f27aa216038 R14: 00007f27aa215fa0 R15: 00007fffbb42c878
[  214.056218][ T7620]  </TASK>
[  215.548019][ T5821] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  215.558648][ T7644] binder: 7643:7644 ioctl 400c620e 2000000001c0 returned -22
[  215.566604][ T5821] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  215.576277][ T5821] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  215.594801][ T5821] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  215.605569][ T5821] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  215.752910][ T7649] netlink: 280 bytes leftover after parsing attributes in process `syz.0.427'.
[  215.787204][ T7649] FAULT_INJECTION: forcing a failure.
[  215.787204][ T7649] name failslab, interval 1, probability 0, space 0, times 0
[  215.843631][ T7649] CPU: 0 UID: 0 PID: 7649 Comm: syz.0.427 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  215.843683][ T7649] Tainted: [L]=SOFTLOCKUP
[  215.843694][ T7649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  215.843712][ T7649] Call Trace:
[  215.843723][ T7649]  <TASK>
[  215.843734][ T7649]  dump_stack_lvl+0x100/0x190
[  215.843787][ T7649]  should_fail_ex.cold+0x5/0xa
[  215.843824][ T7649]  should_failslab+0xc2/0x120
[  215.843857][ T7649]  __kmalloc_cache_noprof+0x7a/0x6f0
[  215.843898][ T7649]  ? alloc_fdtable+0xbd/0x2d0
[  215.843953][ T7649]  ? find_held_lock+0x2b/0x80
[  215.843983][ T7649]  ? dup_fd+0x924/0xd10
[  215.844018][ T7649]  alloc_fdtable+0xbd/0x2d0
[  215.844068][ T7649]  dup_fd+0x995/0xd10
[  215.844105][ T7649]  ? apparmor_task_alloc+0x2c1/0x3b0
[  215.844160][ T7649]  copy_process+0x268f/0x7a40
[  215.844197][ T7649]  ? preempt_schedule_thunk+0x16/0x30
[  215.844250][ T7649]  ? __pfx_copy_process+0x10/0x10
[  215.844286][ T7649]  ? find_held_lock+0x2b/0x80
[  215.844322][ T7649]  ? futex_private_hash_put+0x107/0x1c0
[  215.844366][ T7649]  kernel_clone+0xfc/0x9a0
[  215.844405][ T7649]  ? __pfx_kernel_clone+0x10/0x10
[  215.844464][ T7649]  __do_sys_clone+0xd9/0x120
[  215.844502][ T7649]  ? __pfx___do_sys_clone+0x10/0x10
[  215.844572][ T7649]  do_syscall_64+0x106/0xf80
[  215.844614][ T7649]  ? clear_bhb_loop+0x40/0x90
[  215.844654][ T7649]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  215.844683][ T7649] RIP: 0033:0x7f748df9c799
[  215.844709][ T7649] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  215.844733][ T7649] RSP: 002b:00007f748ef17fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  215.844761][ T7649] RAX: ffffffffffffffda RBX: 00007f748e215fa0 RCX: 00007f748df9c799
[  215.844779][ T7649] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011
[  215.844795][ T7649] RBP: 00007f748e032c99 R08: 0000000000000000 R09: 0000000000000000
[  215.844813][ T7649] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  215.844830][ T7649] R13: 00007f748e216038 R14: 00007f748e215fa0 R15: 00007fffdf1ba5a8
[  215.844869][ T7649]  </TASK>
[  216.472968][ T7645] chnl_net:caif_netlink_parms(): no params data found
[  216.905163][ T7645] bridge0: port 1(bridge_slave_0) entered blocking state
[  216.937604][ T7645] bridge0: port 1(bridge_slave_0) entered disabled state
[  216.945016][ T7645] bridge_slave_0: entered allmulticast mode
[  216.973760][ T7645] bridge_slave_0: entered promiscuous mode
[  216.988069][   T30] audit: type=1804 audit(1773801771.523:108): pid=7669 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.428" name="/newroot/106/file0" dev="tmpfs" ino=588 res=1 errno=0
[  217.019232][ T7645] bridge0: port 2(bridge_slave_1) entered blocking state
[  217.026448][ T7645] bridge0: port 2(bridge_slave_1) entered disabled state
[  217.068445][ T7645] bridge_slave_1: entered allmulticast mode
[  217.086312][   T30] audit: type=1804 audit(1773801771.623:109): pid=7673 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.428" name="/newroot/106/file0" dev="tmpfs" ino=588 res=1 errno=0
[  217.122307][ T7645] bridge_slave_1: entered promiscuous mode
[  217.424299][ T7645] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  217.540634][ T7645] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  217.637946][ T5827] Bluetooth: hci4: command tx timeout
[  217.926241][ T7645] team0: Port device team_slave_0 added
[  218.074536][ T7645] team0: Port device team_slave_1 added
[  218.253318][ T7645] batman_adv: batadv0: Adding interface: batadv_slave_0
[  218.294421][ T7645] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  218.418278][ T7645] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  218.495718][ T7645] batman_adv: batadv0: Adding interface: batadv_slave_1
[  218.524979][ T7645] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  218.600147][ T7645] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  219.015642][ T7645] hsr_slave_0: entered promiscuous mode
[  219.024020][ T7450] ------------[ cut here ]------------
[  219.029711][ T7450] ODEBUG: free active (active state 0) object: ffff8880334ed460 object type: timer_list hint: hci_devcd_timeout+0x0/0x2e0
[  219.042828][ T7450] WARNING: lib/debugobjects.c:629 at debug_print_object+0x18e/0x2a0, CPU#1: syz.2.375/7450
[  219.052995][ T7450] Modules linked in:
[  219.056903][ T7450] CPU: 1 UID: 0 PID: 7450 Comm: syz.2.375 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  219.067956][ T7450] Tainted: [L]=SOFTLOCKUP
[  219.072453][ T7450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  219.083270][ T7450] RIP: 0010:debug_print_object+0x19b/0x2a0
[  219.089264][ T7450] Code: b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 4f 48 8d 3d e2 2d e8 0b 41 56 48 8b 14 dd 60 1b 1b 8c 4c 89 e6 <67> 48 0f b9 3a 58 83 05 4c cb dd 0b 01 48 83 c4 18 5b 5d 41 5c 41
[  219.109372][ T7450] RSP: 0018:ffffc90005d67708 EFLAGS: 00010246
[  219.115447][ T7450] RAX: dffffc0000000000 RBX: 0000000000000003 RCX: 0000000000000000
[  219.125091][ T7450] RDX: ffffffff8c1b1aa0 RSI: ffffffff8c1b16c0 RDI: ffffffff90e45670
[  219.134203][ T7450] RBP: 0000000000000001 R08: ffff8880334ed460 R09: ffffffff8bb2b9a0
[  219.142520][ T7450] R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff8c1b16c0
[  219.150633][ T7450] R13: ffffffff8bb2b9e0 R14: ffffffff8a9654f0 R15: ffffc90005d67808
[  219.158743][ T7450] FS:  0000000000000000(0000) GS:ffff88812444a000(0000) knlGS:0000000000000000
[  219.167926][ T7450] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  219.174630][ T7450] CR2: 00007f27aad4da08 CR3: 0000000031264000 CR4: 00000000003526f0
[  219.182689][ T7450] Call Trace:
[  219.186007][ T7450]  <TASK>
[  219.189203][ T7450]  ? __pfx_hci_devcd_timeout+0x10/0x10
[  219.194686][ T7450]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  219.200890][ T7450]  debug_check_no_obj_freed+0x4da/0x630
[  219.206473][ T7450]  ? __pfx_debug_check_no_obj_freed+0x10/0x10
[  219.212925][ T7450]  ? __page_table_check_zero+0x333/0x410
[  219.218871][ T7450]  ? __page_table_check_zero+0x338/0x410
[  219.225334][ T7450]  __free_frozen_pages+0x392/0x10d0
[  219.231994][ T7450]  hci_release_dev+0x4ef/0x630
[  219.236912][ T7450]  ? __pfx_hci_release_dev+0x10/0x10
[  219.242991][ T7450]  ? device_release+0x69/0x240
[  219.248259][ T7450]  ? rcu_is_watching+0x12/0xc0
[  219.253063][ T7450]  ? device_release+0x69/0x240
[  219.257939][ T7450]  ? kfree+0x2ec/0x6b0
[  219.262026][ T7450]  bt_host_release+0x6a/0xb0
[  219.266631][ T7450]  ? __pfx_bt_host_release+0x10/0x10
[  219.268995][ T7645] hsr_slave_1: entered promiscuous mode
[  219.271989][ T7450]  device_release+0xa4/0x240
[  219.281840][ T7645] debugfs: 'hsr0' already exists in 'hsr'
[  219.283177][ T7450]  kobject_put+0x1f7/0x640
[  219.293512][ T7450]  put_device+0x1f/0x30
[  219.297386][ T7645] Cannot create hsr debugfs directory
[  219.297806][ T7450]  vhci_release+0x185/0x230
[  219.307917][ T7450]  ? __pfx_vhci_release+0x10/0x10
[  219.313014][ T7450]  __fput+0x3ff/0xb40
[  219.317081][ T7450]  task_work_run+0x150/0x240
[  219.321931][ T7450]  ? __pfx_task_work_run+0x10/0x10
[  219.327956][ T7450]  do_exit+0x8b8/0x2b60
[  219.332147][ T7450]  ? __pfx___might_resched+0x10/0x10
[  219.337920][ T7450]  ? __pfx_do_exit+0x10/0x10
[  219.342550][ T7450]  ? do_raw_spin_lock+0x128/0x260
[  219.347856][ T7450]  ? find_held_lock+0x2b/0x80
[  219.352568][ T7450]  ? get_signal+0x7e0/0x21e0
[  219.357203][ T7450]  do_group_exit+0xd5/0x2a0
[  219.361919][ T7450]  get_signal+0x1ec7/0x21e0
[  219.366536][ T7450]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  219.372499][ T7450]  ? task_work_add+0x201/0x3b0
[  219.377388][ T7450]  ? __pfx_get_signal+0x10/0x10
[  219.382287][ T7450]  ? __pfx_vfs_write+0x10/0x10
[  219.387160][ T7450]  arch_do_signal_or_restart+0x91/0x770
[  219.393365][ T7450]  ? __pfx___fput_deferred+0x10/0x10
[  219.398774][ T7450]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  219.405244][ T7450]  ? ksys_write+0x1ac/0x250
[  219.409924][ T7450]  exit_to_user_mode_loop+0x86/0x4a0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  219.415238][ T7450]  do_syscall_64+0x668/0xf80
[  219.419886][ T7450]  ? clear_bhb_loop+0x40/0x90
[  219.424580][ T7450]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  219.431153][ T7450] RIP: 0033:0x7f808999c799
[  219.435671][ T7450] Code: Unable to access opcode bytes at 0x7f808999c76f.
[  219.443405][ T7450] RSP: 002b:00007f808a8b9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  219.451894][ T7450] RAX: fffffffffffffff2 RBX: 00007f8089c16090 RCX: 00007f808999c799
[  219.460248][ T7450] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003
[  219.468447][ T7450] RBP: 00007f8089a32c99 R08: 0000000000000000 R09: 0000000000000000
[  219.477130][ T7450] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  219.485506][ T7450] R13: 00007f8089c16128 R14: 00007f8089c16090 R15: 00007ffd40e74698
[  219.493868][ T7450]  </TASK>
[  219.497027][ T7450] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  219.504356][ T7450] CPU: 1 UID: 0 PID: 7450 Comm: syz.2.375 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  219.515270][ T7450] Tainted: [L]=SOFTLOCKUP
[  219.519721][ T7450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  219.529875][ T7450] Call Trace:
[  219.533334][ T7450]  <TASK>
[  219.536378][ T7450]  dump_stack_lvl+0x100/0x190
[  219.541068][ T7450]  vpanic+0x552/0x970
[  219.545095][ T7450]  ? __pfx_vpanic+0x10/0x10
[  219.549665][ T7450]  panic+0xd1/0xe0
[  219.553421][ T7450]  ? __pfx_panic+0x10/0x10
[  219.558041][ T7450]  ? check_panic_on_warn+0x1f/0x90
[  219.563181][ T7450]  check_panic_on_warn.cold+0x19/0x34
[  219.568674][ T7450]  ? debug_print_object+0x18e/0x2a0
[  219.574238][ T7450]  __warn.cold+0x191/0x348
[  219.578729][ T7450]  __report_bug+0x296/0x3d0
[  219.583438][ T7450]  ? debug_print_object+0x18e/0x2a0
[  219.588656][ T7450]  ? __pfx___report_bug+0x10/0x10
[  219.593964][ T7450]  ? __lock_acquire+0x4a5/0x2630
[  219.598993][ T7450]  ? unwind_next_frame+0x3c8/0x1ea0
[  219.604380][ T7450]  report_bug_entry+0xe1/0x290
[  219.609374][ T7450]  ? debug_print_object+0x19b/0x2a0
[  219.614767][ T7450]  handle_bug+0x1cd/0x2a0
[  219.619487][ T7450]  exc_invalid_op+0x17/0x50
[  219.624096][ T7450]  asm_exc_invalid_op+0x1a/0x20
[  219.628968][ T7450] RIP: 0010:debug_print_object+0x19b/0x2a0
[  219.634822][ T7450] Code: b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 4f 48 8d 3d e2 2d e8 0b 41 56 48 8b 14 dd 60 1b 1b 8c 4c 89 e6 <67> 48 0f b9 3a 58 83 05 4c cb dd 0b 01 48 83 c4 18 5b 5d 41 5c 41
[  219.654524][ T7450] RSP: 0018:ffffc90005d67708 EFLAGS: 00010246
[  219.660617][ T7450] RAX: dffffc0000000000 RBX: 0000000000000003 RCX: 0000000000000000
[  219.668761][ T7450] RDX: ffffffff8c1b1aa0 RSI: ffffffff8c1b16c0 RDI: ffffffff90e45670
[  219.676989][ T7450] RBP: 0000000000000001 R08: ffff8880334ed460 R09: ffffffff8bb2b9a0
[  219.685057][ T7450] R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff8c1b16c0
[  219.693037][ T7450] R13: ffffffff8bb2b9e0 R14: ffffffff8a9654f0 R15: ffffc90005d67808
[  219.701128][ T7450]  ? __pfx_hci_devcd_timeout+0x10/0x10
[  219.706623][ T7450]  ? __pfx_hci_devcd_timeout+0x10/0x10
[  219.712114][ T7450]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  219.717940][ T7450]  debug_check_no_obj_freed+0x4da/0x630
[  219.723498][ T7450]  ? __pfx_debug_check_no_obj_freed+0x10/0x10
[  219.729653][ T7450]  ? __page_table_check_zero+0x333/0x410
[  219.735350][ T7450]  ? __page_table_check_zero+0x338/0x410
[  219.741007][ T7450]  __free_frozen_pages+0x392/0x10d0
[  219.746492][ T7450]  hci_release_dev+0x4ef/0x630
[  219.751451][ T7450]  ? __pfx_hci_release_dev+0x10/0x10
[  219.756788][ T7450]  ? device_release+0x69/0x240
[  219.761754][ T7450]  ? rcu_is_watching+0x12/0xc0
[  219.766536][ T7450]  ? device_release+0x69/0x240
[  219.771316][ T7450]  ? kfree+0x2ec/0x6b0
[  219.775394][ T7450]  bt_host_release+0x6a/0xb0
[  219.780017][ T7450]  ? __pfx_bt_host_release+0x10/0x10
[  219.785460][ T7450]  device_release+0xa4/0x240
[  219.790259][ T7450]  kobject_put+0x1f7/0x640
[  219.794718][ T7450]  put_device+0x1f/0x30
[  219.798903][ T7450]  vhci_release+0x185/0x230
[  219.803420][ T7450]  ? __pfx_vhci_release+0x10/0x10
[  219.808454][ T7450]  __fput+0x3ff/0xb40
[  219.812486][ T7450]  task_work_run+0x150/0x240
[  219.817109][ T7450]  ? __pfx_task_work_run+0x10/0x10
[  219.822342][ T7450]  do_exit+0x8b8/0x2b60
[  219.826520][ T7450]  ? __pfx___might_resched+0x10/0x10
[  219.831838][ T7450]  ? __pfx_do_exit+0x10/0x10
[  219.836714][ T7450]  ? do_raw_spin_lock+0x128/0x260
[  219.841856][ T7450]  ? find_held_lock+0x2b/0x80
[  219.846556][ T7450]  ? get_signal+0x7e0/0x21e0
[  219.851184][ T7450]  do_group_exit+0xd5/0x2a0
[  219.855822][ T7450]  get_signal+0x1ec7/0x21e0
[  219.860353][ T7450]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  219.866273][ T7450]  ? task_work_add+0x201/0x3b0
[  219.871111][ T7450]  ? __pfx_get_signal+0x10/0x10
[  219.876154][ T7450]  ? __pfx_vfs_write+0x10/0x10
[  219.880950][ T7450]  arch_do_signal_or_restart+0x91/0x770
[  219.886520][ T7450]  ? __pfx___fput_deferred+0x10/0x10
[  219.891823][ T7450]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  219.898087][ T7450]  ? ksys_write+0x1ac/0x250
[  219.903206][ T7450]  exit_to_user_mode_loop+0x86/0x4a0
[  219.908590][ T7450]  do_syscall_64+0x668/0xf80
[  219.913314][ T7450]  ? clear_bhb_loop+0x40/0x90
[  219.918216][ T7450]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  219.924122][ T7450] RIP: 0033:0x7f808999c799
[  219.928639][ T7450] Code: Unable to access opcode bytes at 0x7f808999c76f.
[  219.935756][ T7450] RSP: 002b:00007f808a8b9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  219.944348][ T7450] RAX: fffffffffffffff2 RBX: 00007f8089c16090 RCX: 00007f808999c799
[  219.952412][ T7450] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003
[  219.960440][ T7450] RBP: 00007f8089a32c99 R08: 0000000000000000 R09: 0000000000000000
[  219.968429][ T7450] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  219.976589][ T7450] R13: 00007f8089c16128 R14: 00007f8089c16090 R15: 00007ffd40e74698
[  219.984602][ T7450]  </TASK>
[  219.988412][ T7450] Kernel Offset: disabled
[  219.992761][ T7450] Rebooting in 86400 seconds..