last executing test programs:

8m22.404967568s ago: executing program 0 (id=152):
openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
syz_genetlink_get_family_id$auto_ovs_datapath(0x0, 0xffffffffffffffff)
read$auto(0xffffffffffffffff, 0x0, 0x1f40)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2000000000000021, 0x2, 0x10000000000002)
socket(0x2a, 0x2, 0x0)
r0 = socket(0x2a, 0x2, 0x1)
connect$auto(r0, &(0x7f00000000c0)=@qipcrtr={0x2a, 0xffffffff, 0x4001}, 0x55)
bind$auto(0x3, &(0x7f0000000080)=@qipcrtr={0x2a, 0x1, 0x80f0}, 0x6b)

8m22.10524197s ago: executing program 0 (id=155):
unshare$auto(0x40000080)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
listen$auto(0x3, 0x81)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
keyctl$auto(0x1f, 0x1, 0x6, 0x0, 0x3ff)
madvise$auto(0x0, 0x2003f2, 0x15)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)=ANY=[@ANYRES8, @ANYRES16, @ANYBLOB="df250c0000000000000000"], 0x14}}, 0x24048004)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff)
r3 = openat$auto_proc_uid_map_operations_base(0xffffffffffffff9c, &(0x7f00000013c0)='/proc/self/uid_map\x00', 0x8006, 0x0)
write$auto_proc_uid_map_operations_base(r3, 0x0, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)=ANY=[@ANYBLOB="a8000000", @ANYRES16=r2, @ANYBLOB="01002cbd7000fddbdf2502000000810004006e66736600d8efe42d132b72f32e522abaf52d50a407cf2ddf901f8fc81365e252374483326ace7da356b7a16f5ce613bc0ce3aeb87ed3d22b4a27c3ecc90c70c861befe60a7a9414b446427a001f61379e8caf4519e032a5dda1e1174e2d575772b93fc046cd3a674866b80d91473ece248c03d28f9398a63a785998700000008000300850000000800010002000000"], 0xa8}}, 0x4000)
madvise$auto(0x0, 0x200007, 0x19)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/pagemap\x00', 0x404001, 0x0)
mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000)
prctl$auto(0x1000000003b, 0x6, 0x4, 0x1, 0x4d8)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000)
sysfs$auto(0x2, 0x48, 0x0)
r4 = fsopen$auto(0x0, 0x1)
fsconfig$auto(r4, 0x6, 0x0, 0x0, 0x0)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x3b}}, 0x54)
mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
bpf$auto(0xfffffffe, &(0x7f00000001c0)=@query={@target_fd, 0x8, 0x3, 0x5, 0xff, @count=0xe35c, 0x0, 0x5, 0x80000000000006, 0xd9, 0xffffffff}, 0x6f2)

8m20.358696734s ago: executing program 0 (id=161):
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x8080, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$auto_NL802154_CMD_SET_BACKOFF_EXPONENT(r1, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000340)=ANY=[@ANYBLOB='e\x00\x00\x00', @ANYRES64=r2, @ANYBLOB="00042abd7000ffdbdf2510000000050025000100000008000d002a000000050011000800000008001c00", @ANYRES32=0x0, @ANYBLOB="0c001700930000000000000008000c000500000005002500000000000500080006000000"], 0x58}, 0x1, 0x0, 0x0, 0x4040}, 0x4000004)
keyctl$auto(0x5, 0xffffffffffffffff, 0x200008, 0x6, 0x3)
keyctl$auto(0x11, 0xffffffffffffffff, 0x2, 0x3b, 0x9)
ioctl$auto_SOUND_MIXER_READ_CAPS2(r0, 0x80044dfc, &(0x7f0000000080))
socketcall$auto_SYS_ACCEPT(0x5, &(0x7f0000000180)=0x2)
getresuid$auto(0xfffffffffffffffc, 0xfffffffffffffffe, 0xfffffffffffffffc)
r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x2c, r3, 0x200, 0x70bd25, 0x25dfdbfc, {}, [@NL80211_ATTR_TDLS_ACTION={0x5, 0x88, 0x8}, @NL80211_ATTR_TDLS_DIALOG_TOKEN={0x5, 0x89, 0x4}, @NL80211_ATTR_WIPHY_TX_POWER_LEVEL={0x8, 0x62, 0x9}]}, 0x2c}, 0x1, 0x0, 0x0, 0x2840}, 0x4008840)

8m20.19386823s ago: executing program 0 (id=162):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/net/bond0/bonding/primary_reselect\x00', 0x1e2142, 0x0)
sendfile$auto(r0, r0, 0x0, 0x7fff)
sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x20004050}, 0x4000084)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x300)
lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x1c, 0x9, 0x63, 0x0, 0x0, 0x0, 0xffc, 0x8, 0x80000000000000a, 0x0, 0x9, 0x9, 0xffffffff80000000, 0xd, 0x6, 0x200000100103})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x89fc, &(0x7f0000000040)={'bridge0\x00'})

8m19.877999606s ago: executing program 0 (id=164):
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'wg0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$auto_wireguard(&(0x7f0000001140), 0xffffffffffffffff)
sendmsg$auto_WG_CMD_SET_DEVICE(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000002800)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010029bd7000fbdbdf250100000008000100", @ANYRES32=r1, @ANYBLOB="94300880"], 0x20}, 0x1, 0x0, 0x0, 0x20000011}, 0x810)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
mmap$auto(0x0, 0x101, 0x4000000000df, 0xeb1, 0x200000401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r3 = socket(0x2a, 0x2, 0x1)
connect$auto(r3, &(0x7f00000000c0)=@qipcrtr={0x2a, 0x1, 0xfffffffe}, 0x55)
openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0x10002}, 0x1)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x801, 0x84)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/memory/memory12/power/control\x00', 0x100, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x0, 0x0)
ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$auto(0x3, 0x4048aec9, r4)
mmap$auto(0x0, 0x8, 0xdf, 0x29b72, 0x2, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)

8m19.697321944s ago: executing program 3 (id=165):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
getrandom$auto(0x0, 0x6000000, 0x3) (async)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008) (async, rerun: 64)
socket(0x29, 0x2, 0x0) (async, rerun: 64)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket(0x10, 0x2, 0x0) (async)
socket(0xa, 0x5, 0x84) (async, rerun: 64)
openat$auto_urandom_fops_random(0xffffffffffffff9c, &(0x7f0000000000), 0x101b00, 0x0) (async, rerun: 64)
unshare$auto(0x40000080) (async, rerun: 64)
mmap$auto(0x0, 0x7, 0xdf, 0xeb1, 0x401, 0x8000) (async, rerun: 64)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa) (async)
socket(0xa, 0x5, 0x0) (async)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000380)='/sys/devices/system/cpu/cpu1/hotplug/target\x00', 0x800, 0x0)
read$auto(r0, 0x0, 0x7) (async)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0xa, 0x3, 0x7)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x3, 0x1000000000001, 0x8000000008011, 0x3, 0x0) (async, rerun: 64)
socket(0xa, 0x5, 0x0) (async, rerun: 64)
ioctl$auto_VHOST_RESET_OWNER(0xffffffffffffffff, 0xaf02, 0x0) (async, rerun: 32)
socket(0x10, 0x3, 0x6) (async, rerun: 32)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) (async)
socket(0xa, 0x801, 0x84) (async)
syz_clone(0x40180311, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
r2 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000)
mmap$auto(0x0, 0x10008, 0x4000000000df, 0xeb1, 0x401, 0x8000)

8m19.484425365s ago: executing program 0 (id=167):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
mmap$auto(0xf, 0x3, 0xfff, 0x9b72, 0xffffffffffffffff, 0xffffffffffffffff)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
madvise$auto(0x108000, 0x800032, 0x4)
unshare$auto(0x40000080)
r0 = socket(0x2, 0x0, 0x0)
setrlimit$auto(0x0, &(0x7f0000000000)={0x1, 0xfb3})
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x5, 0x40000d, 0xffffffffffffffff, 0x9b72, r0, 0x7ffc)
syz_genetlink_get_family_id$auto_nl802154(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$auto_NL802154_CMD_GET_SEC_LEVEL(0xffffffffffffffff, 0x0, 0x4000080)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x40004)
r1 = io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
syz_clone3(&(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, {0x31}, 0x0, 0x0, 0x0, 0x0, 0x0, {r1}}, 0x58)
r2 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x2, 0x0)
read$auto(r2, 0x0, 0x39b8)
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x305000, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/nbd15/queue/scheduler\x00', 0x103a42, 0x0)
syz_genetlink_get_family_id$auto_mac802154_hwsim(0x0, 0xffffffffffffffff)
r3 = openat$auto_safesetid_gid_file_fops_securityfs(0xffffffffffffff9c, 0x0, 0x200, 0x0)
fanotify_mark$auto(r3, 0x72d, 0x2, 0xffffffffffffffff, 0x0)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyw6\x00', 0x0, 0x0)
openat$auto_stat_fops_per_vm_kvm_main(0xffffffffffffff9c, 0x0, 0x498eefac98835be9, 0x0)
read$auto(r0, 0x0, 0x2)
close_range$auto(0x0, 0xffffffffffffffff, 0x4000000000002)
rt_sigsuspend$auto(0x0, 0x8)
socket$nl_generic(0x10, 0x3, 0x10)

8m19.408835917s ago: executing program 2 (id=168):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_mac80211_hwsim(0x0, r0)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000000040)={0x24, r1, 0x1, 0x70fd2e, 0x25dfdbf8, {}, [@HWSIM_ATTR_REG_CUSTOM_REG={0x8, 0xc, 0x1}, @HWSIM_ATTR_IFTYPE_SUPPORT={0x8, 0x17, 0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x220000c1}, 0x2004c8c4)

8m18.573356634s ago: executing program 2 (id=171):
unshare$auto(0x40000080)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/mtdblock0\x00', 0x14fe02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
close_range$auto(0x0, 0xffffffffffffffff, 0x2)
pidfd_open$auto(0x0, 0xfffffffd)
writev$auto(0x3, &(0x7f00000001c0)={0x0, 0x710f}, 0x80000008)
bpf$auto(0x9, &(0x7f0000000100)=@batch={0x9, 0xffffffffffffffff, 0xfffffffffffffffe, 0x8000, 0xffff, r1, 0x97fccb5, 0xfffffffffffffffd}, 0xa6)
listen$auto(0x3, 0x81)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptye7\x00', 0x60000, 0x0)
close_range$auto(0xffffffffffffffff, 0xa, 0x0)
mmap$auto(0x0, 0x6, 0x3, 0xeb1, 0x7, 0x8000)
ioctl$auto_BLKPG2(0xffffffffffffffff, 0x1269, 0x0)
ioctl$auto_MEMGETINFO(0xffffffffffffffff, 0x80204d01, 0x0)
r2 = openat$auto_tracing_fops_trace(0xffffffffffffff9c, 0x0, 0x60282, 0x0)
mmap$auto(0x0, 0x402000b, 0x4af, 0xeb1, 0x401, 0x8000)
read$auto(0x3, 0x0, 0xfffffdef)
syz_genetlink_get_family_id$auto_batadv(&(0x7f00000002c0), 0xffffffffffffffff)
syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000080), 0xffffffffffffffff)
mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
getsockopt$auto_SO_SNDBUF(r2, 0x73, 0x7, &(0x7f0000000100)='SEG\x85\x00', &(0x7f0000000140)=0x9d9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mbind$auto(0x81c0000, 0x800097, 0x1, 0x0, 0x7, 0x1)
mbind$auto(0x0, 0x800605, 0x1, &(0x7f0000000500)=0xffff, 0xa, 0x3)
ioctl$auto(0x3, 0x402c542b, 0x38)
select$auto(0x32, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000)

8m18.493661043s ago: executing program 3 (id=172):
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r1)
ioctl$auto_KVM_GET_MSRS(r0, 0x4008ae89, &(0x7f00000000c0)={0xdd, 0x0, [{0x10b, 0x400, 0x2}]})
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0)
r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop13\x00', 0x86002, 0x0)
ioctl$auto_BLKIOMIN(r4, 0x1278, 0x0)
ioctl$auto(0x3, 0xae41, r3)
ioctl$auto_KVM_GET_MSRS(r2, 0x4008ae9c, &(0x7f00000000c0)={0x20000ff})

8m18.267025791s ago: executing program 3 (id=173):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
read$auto(r0, 0x0, 0xe8)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000001240)='/proc/thread-self/fail-nth\x00', 0xa0302, 0x0)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3)
mmap$auto(0x0, 0x400008, 0xdf, 0x38, 0xffffffffffffffff, 0x8000)
openat$auto_event_trigger_fops_trace(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/trigger\x00', 0x1, 0x0)
mmap$auto(0x0, 0x202000b, 0x3, 0xf7, 0xfffffffffffffffa, 0x8000)
r2 = socket(0x23, 0x2, 0x0)
futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001)
futex$auto(0x0, 0x1, 0x40000006, 0x0, 0x0, 0x80000001)
connect$auto(0x3, 0x0, 0x58)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
socket(0xa, 0x2, 0x0)
r3 = socket(0xa, 0x3, 0xff)
connect$auto(r3, &(0x7f00000018c0)=@generic={0xa}, 0x55)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe)
mmap$auto(0x1, 0x2020007, 0x3, 0xeb1, r2, 0x8001)
r4 = socket(0x2, 0x801, 0x106)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), r4)
sendmsg$auto_NL80211_CMD_CONTROL_PORT_FRAME(r4, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x40)
io_uring_setup$auto(0x6, 0x0)
getsockopt$auto(r4, 0x11c, 0x1, 0x0, 0x0)
r5 = openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, 0x0, 0x200, 0x0)
ioctl$auto_FS_IOC_UNRESVSP64(r5, 0x4030581e, 0x4)
eventfd$auto(0x7)
open(&(0x7f0000004080)='./file0\x00', 0x40, 0x23)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
getsockopt$auto(0x100000006, 0x0, 0x21, 0xfffffffffffffffe, 0x0)

8m17.868582511s ago: executing program 3 (id=182):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0)
openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
timer_create$auto(0x3, 0x0, &(0x7f0000000280)=0x6)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
r2 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000001cc0)='/sys/kernel/tracing/trace\x00', 0x200c0, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
ioctl$auto_IOCTL_VMCI_VERSION2(r2, 0x7a7, 0x0)
mmap$auto(0x0, 0x7f, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000240)='/dev/snd/midiC2D0\x00', 0x40, 0x0)
r3 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x2, 0x0)
write$auto_tomoyo_operations_securityfs_if(r3, 0x0, 0x0)
r4 = prctl$auto_PR_SCHED_CORE_GET(0x8, 0x0, 0x0, 0xffffffffffffffff, 0x3)
io_uring_register$auto_IORING_REGISTER_BUFFERS2(r4, 0xf, &(0x7f0000001d00)="e0176aaadd65629ff14d4a87049d379e3d775668941afa287d8308", 0x2)
r5 = open(0x0, 0x0, 0x408)
getdents$auto(r5, 0x0, 0x400018)
sendfile$auto(0x3, 0x3, 0x0, 0x400000000006)
r6 = socket(0x1e, 0x4, 0x0)
setsockopt$auto(r6, 0x10f, 0x80, 0x0, 0x14)
r7 = gettid()
shmctl$auto_SHM_INFO(0x3, 0xe, &(0x7f00000002c0)={{0x7, <r8=>0x0, 0xee01, 0x1, 0x9, 0x5, 0x5}, 0x6, 0x6, 0x100020000000000, 0x1000, @inferred, @inferred, 0x9, 0x0, &(0x7f0000000180)="617e2de2c8e3786856f6f335dc392090faed578f6af6f7238e01fa8256b96b5ad4973254e7800e71537cf4b3cbe1aa7d6f7a01f808c4d31f30da71b1e00dbdfeb5ac5637421219707150472255bcf0c1fb1f43f4833b3d6fdd9d9b73de340aa67a145b7bffbea4158004657e2563f037fe08358e338e9b5ba86b0c319515c34dd82e2516b9f06071d76a5dde3d850de754682b0cd5e970af2f365c9d5f12ec48d8893738959c47bd6acc9616ef03ea90fc3ab6d422008eea4f6b55691045bf6e", &(0x7f0000000240)})
sendmsg$auto_OVS_CT_LIMIT_CMD_SET(r6, &(0x7f0000001c80)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000001c40)={&(0x7f0000001d40)={0x17dc, 0x0, 0x300, 0x70bd25, 0x25dfdbfd, {}, [@OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x90, 0x1, 0x0, 0x1, [@typed={0x8, 0x13, 0x0, 0x0, @pid=r7}, @nested={0x81, 0xb6, 0x0, 0x1, [@typed={0x8, 0x21, 0x0, 0x0, @pid}, @generic="23a1c4e46e6e39e9f0d947e7fab46fc8c6b24c483d2cd85499282b61135de389d6714d5ea99fe6a34f2d8eda472208e965dd70a860c15f59142e4036b816ead3adf088cc9c64882cd3824adf490b045493c98e10656ceed4af023fedae75690371b7a53efb194ee0f3cefe5045aa680a09", @nested={0x4, 0x59}]}]}, @OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x194, 0x1, 0x0, 0x1, [@typed={0xc, 0xa3, 0x0, 0x0, @u64}, @typed={0x9b, 0xae, 0x0, 0x0, @binary="21064c32241f436f2388a68ff3123527d04416cf278f9647d96297c095fdd9f4657784f217395faf5fc9285eca9611922914abc996d194a01130dbeb0b689e69887a59eb18e72c55b02678bff8152506d78e9cea2801add9adc18ea182af48c938257d9a3be52445e3f6f5860a4d69b1364a8d43842e3f5602dfae64bed814475fafc9ea9d2a2c68d94bab65bcb28a009bdbd764b4949d"}, @generic="91955526133cac197307ee2ee099a54500f6c293c5dea2257af4c477a3292e6844fcea7a2104047866b13d0fb540da392a86543052233bc26322e94564ff1ea6994815b877194f712082b609fde1c5f5a68009a5274066069d59939b612e773877705f557f0369c6d71ba1837fcdf173dd3235136b084a53cac9b9d050e6a3b38fc71296aba33c01faddc81c7ed01d6541aced8bd19ba74af2ca9ec5087a00d3cb0e52f35eb15f6ef071b7b320c7cb808e42e9ebcbe4164ac46a13b51877fafb6e447e360806957f7117fed916d45f05481f96626150f2ac2589a787d1ebc68b", @typed={0x8, 0x148, 0x0, 0x0, @uid=r8}]}, @OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x557, 0x1, 0x0, 0x1, [@generic="8ba668d388f6e22d8839154cc68c8c6627758978918e4a1cc1fa3275e8e0e18999a3746c7af234d1f7c4120d9bf6e9f770ffff321f684b53e1992151f646f76dd0db705e4dfde492f7364e4c8da67b07fc34cdb832de24e14e28d23dd673bac69884d64e27ccd8ed4b0ffa3567f7c82cfae3302802bc9c871e9d6ce615150b6963fc2992d8841d823e7206f3e298b338cff98251d3fe4804de82ff5bfbd4442bc06689da2902ded66f318e3cab0accc857a88e9e5af5aa9af1ebaf02016af053719ea8477aa9f048bc0f89eb5bd8ffdbcfcea646ff21e7d71806e44bd999e8474dc6041c917b492896fe0f8ee6bac0e930613ceea14e", @typed={0x8, 0xc5, 0x0, 0x0, @ipv4=@multicast1}, @generic="bb9923e0030f8cd16d8c2e9bc8377a55464aa018ad5691d0f9be38da6cec150660b33da9151d57a676cc5641e3548d2bdfa7865be054c8b5e91986453501750ac7ae8591263b59a672ed0cb9c53b1412add2fcde40284ef33215b91110c76542a0f0697a3021890be749ff58e5557b0994bb66b466f0299cd4014c8bde1e7f9126937f412b6de1976bc43e8e88a44395d3f82bf492eefba6ae795db63e738449dcc31c230f5c710cdbe1012a7612e011", @typed={0x8, 0x10d, 0x0, 0x0, @fd=r0}, @generic="0ace894a76df9ffafaebb204c27968955d3d14ee69813cef12cdd6dbd433af8333c071f17c6eafab9525f529324a6ca9996d686d6d2340ced084c968fa77385d2cd08acc13538ce8b111f7b9f44557e0e04bd0a6a3c07076be9703ee4f7746d98a6818abfbe03e7ea6778c516054e1dced32b4b7822d46dca182601ad221ae10314507e4ed811293a15df131f84a27f067a6722d769efe94758c4d32f740350c122b07b5db595a8a4289a255af5e61ea9cf019026b9481ec73c56048b0db8b7f78c102e6139445004cbdfd86cbe4072ca09322b4d8053ca0aeedd5a22727cb2f7a401f9576aeaaae", @typed={0x8, 0xed, 0x0, 0x0, @ipv4=@dev={0xac, 0x14, 0x14, 0xa}}, @nested={0x1d3, 0x4e, 0x0, 0x1, [@generic="9d8cfbaaecb254846d19fbcf54f0e49e56491353080a2c9e7be0fba6076431f6871dba0be8951ea9da1c378e05321c6dc5c09a6f121f001e2c1121dbdb28aa147739ec97775e22245ea5112948dcd38c3703a7fd865a587163e58e14f06a362c7fa29c404565de020f364e5fdf6fb3f245e3288c44aa931ecd", @generic="dbfdc19a724316763ddd700269bf9f4f65a1bbfb5de9ea4b00231aa1ec916e08f47633439a02cc995cad07a27841e04eb968bdd7af9a9234f72e9fa8b6629c0a00b947bf7938ebc2d0c8538c275761e760cd8ab8d02c1a8a364d33074e796a9953dbecc827c612f665ea02e74ff924aa70a38e13c88b67bb", @nested={0xfffffffffffffd60, 0x25}, @generic="cc4c2ef4a77374656b8be2a5e54e9fd887890b31e5aa01983dfac2d27c0a1b87a2dbac4dc172740cef38f55fd7a5017a704a5c1968869d385b9d61a32848a7c2c5e525ff118a420967bc5efd0a153ef576e93f2fb4028f8e1bf8d127496cd7fea1e8395e1beacb7aec520459a0adbb92ae0d1b41b235beb9811f51613061f48fbdb239d4c668395316e5446a2ebeb211e7fb07456b79a11ccb20f06ece4fead19b5cf7dd0fe744724f53c51dd6030b798b31609b561abe1a6bb6d214b8b8ed1838ab847f00fd973f8a3db571c9ecbf148c44", @typed={0x8, 0xc1, 0x0, 0x0, @u32=0x8}]}, @generic="3fc5096366255a8782b31cf927850636d577596a6d2216a94561488211548331953613578639614692ac76a482fff4de2d8ec9b87a93a025448692fccab12d39d01c77aa8147bb358fb04f74e93ea3872f588bd5864fafa6debbaec193b08927bd8332cefcbc0d9a3e8204b7114167fbe405d79b9611e9e2283ec39dcefe5ee30cdc6f7d93802a06ab15d8d9fbe572825183fbe0bd67c77b432cc51ccf6d4dbeb43cbe27f1fb64a1dcb25801d88a152f3e9058e268aa4989461d2ba3118bcb65a8f47da6d2f7e758f5b46940f4765863b9", @nested={0x8, 0x15c, 0x0, 0x1, [@nested={0x4, 0x67}]}]}, @OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x1049, 0x1, 0x0, 0x1, [@typed={0x4, 0x62}, @generic="4e2a9e499b9146e3365eeff55ef22e0e961eeb315aaf21aced021947bfa3b5b4f933bf8ab8", @typed={0x16, 0x0, 0x0, 0x0, @str='/dev/snd/midiC2D0\x00'}, @typed={0x4, 0x35}, @generic="58e5069723389d395da6e34ca4fe4063f20be775657613bd5d307f7da55107fef0a3e156df058a461e204cc4cb1bc0d33c8abf237444be8b8428d875779750cfe2347ff5dd5aebdd4c00fb22a5151a063fd6ac772156da81a84264b9dc94ddf98056ee1fcca00b761d89dac15450b2b6026cc089f18e03020387e1f091dfb5cd861e29fc4430866d532661c3dc4effccca93d523abddd6d764d8317f0a3f49718c14a12c9182b4a0a64ed06aa8d743e56b2dcb387ef1b42e63f3e705208792869f4f9206b6059e7a09638c21b2cc7adeefbade959c2bce86b7d496b9e0a7324e86533237b867c23b3c4988abe08cb53f21fd06260794c95a1402c4acfa9caf007a7a6ed9714f4ef4570ce6e76f7b1c4135a58e80a73ec09c8941b3e682f669f5973ef0349b33abfa226c92a3ab663109c85b61a2d43d4dfe4ec1867f83834f4a2ad1c5c7f734e351d98c2dd7cc857035d9e2192d556145c8d3d88f6d1ed825003fded3905e760193c74328f9d7b306558860cc22694db5c95bbcfa6efe7570444ea0dace7205b9c26d56e8cffbff78673a27785252eb692fe23c6a304b361731f642c04dd19ebc60c18a13a1177c2da395f9b30867ea2893f920e7eb8eae8a3cbcb67bd20d2969658904d420dd325eef1beb099bd0a026f6df103140e2fb9256a2d1fec0876eb80a2125f5f4da1470a921b486d1df7c9d927927c75843b11e080f740a7589b2fbdc84b25bd0fb5476e2c214e3b4c3af9a8a8f7d5a11859b12d448402c8b119d9db3ca97d8d1d2b3501816432cf34de3f34eb0d665c562361eee1b780992b2a561b3485b70643e749a1f2b9a241b3b81c6959ce0824b0fce17c81ae07a3d66f29aa26eb725336c5e3b170b2653380771345ec446c0ce4adeb2f7f86ab6ac28f493d3e9a881c689be49accf0ec44e1330903eea46cc5f664ccf5b9cba1d55ac3dc8b52fde5f0f46663d5708a3bae1a3ac1f65a32543ef35f476adf9841880a87360461cd4e23b3b40648ca87d406c61112c6ced6af465ff92ffe40e44e84dcc560e791d40d30e8ee2c75dea78f5a99d5e461de253a4ff342385fcbdc2e01754931d44e04a916f2f87978936daad89663de05fcf6cb87b578eda1631551a99ba622aa4ed1b9e0cddff79018e26d6c9b7df2354876150b8790402d66b497be55a0f1e309838814652177540eb229f10267cff75b50d076b01ee7415999973966b89761da282c7f2c62b104d6ea961217b278f23e4229da72ad554d256fc5bef6cb26b56cb56ea6c347be87a525a0c8bea76f2e2956f280549d909737d95d6bb82f68169ca181d98e5d781a83eb5e873b6f2059c8ebf4b7de86b667c35db341958a43fe6a8cb1f1ba23c49fe0ec6a682ce5d3dbc021742e0b1ab85b32d834cb2711bd39ac3d539f06577fa3a0c86963a383586f1b687711f44a613bea0abc5c6475abe07a8f6f4bc7c61c61bf671ca48027c261765c835201dbac35440b1adbbb2d0a36963a48c95aeb67ef5023bf0eb3ae15909b41f5b810870561bd38ce65d3870ea45797d552acce9ad248bf11a5a62f8a297576090c4f7702084b5f59829c32259842810de02bf78d137297d4e37460613059afc944c8dd900588d9b3472be19da5abbbcf3705b7bed6b1683efa9d25f011b2c301b4da2536a04f35cedbf304b293b3d06d46779e4f9340da2b0113d498c1d4a4d642d67fda09c88b8f24e6551947453b3f3b7dc238372a388133b8a8d03032d68996af954334268c572cf766230266583decc9ffa5854c1f1d160e20159bee08f35a03c34d396f52adc437801ebb6cf1697b78581fd1c615b8c687266bf612dece529b0f20fbf9f0ff173bc63c342ec4704716082466bd2801e0ecdde3d90d4580a8b28ad9b8c3aea88bc42495a7649872dea64d0cd4193c93684bc7e8dcd991e7c894d52e56be66b096eed803c82e2e9cfc04c8efa575f637ffe66a38129f0e08c3590998f028c4416099970aa00213909714c07da8f7f6364eb52e26d62bb0b756c755e5259b491684ab9f08f9954ad776d6418935526936c133c30c0df484471d655edfa92ce80391b9bb3672ea0113f2b59774a0e45ead96e75f4757996f15b1e8d31f6d96fff777feef6e3ce5917d4cde6e2cf869d75505c456844c6968e8828a6a86dd5ea98ad5456646b24d7fe271a77bedd114cdd9d92357e9e79751a947f23ecfe33f79674e50db24d682c4d078866faf11e864691bfd0f920c55a2f28b51de63573ef1e33902aa07800660e48700323e8a813d125c1f2c83a11febaa77190788f6eec598f7ddf7a8636c38ddaf9eb146edcdcb1b40ceb1398a14a1709ed7a0fe33a090c1e31cf0a0de5ce7d763aec0f8f913d7c2f51eaf27a5e1f7dbb12e1a323ae1c65c19c5c3c28e7df103641562382dd4bcfeccb425b88e6f9e5726ede859d484bbebc303695b4e9f02647314f2625230f1db88022aeb8022a355ecd045ad0d7aa7a5c9887504f30358a62b6997b9c0d5c5fa84adfef1210ff7564772050e6c2e28a3580a86fa482cc6bf5020c9fdd7b789aaaea9de282b5713b2c8e18185a66c93e2c03e4caf3f12c69d270a3a65fa2bb0bd1fe7211b67bd1c6b701dd993d5ae3f81608210120854938fbc7af753bf765c07f1691835f598f9bae84a5d6b9ddd2ef159dc2dd7e092796722df38e94f1c979c102e49edbb422a9b78becfad40debce24716fae5684e94e896a70c17bb5bb271beb100c9be13ed9089fe8889bca7bc639719a4569c3e64c6720e3afe4b77752ea7d1be90ac1055c9a84943c8e6949553dd94b7fde6ad0c9a5bffdd8dcfcabcabd23d3b8bfa5ca7c5cd8cbde29b168262651f1ccafda3c34a6abd4dfea503b0e66ae7bf5b20a3caaf7d715ecd4509fc5a9623a6e8966be76e3c98fb4a50d564f9e72b0694eecc73e424bf00632acfbb1b6459d041123c7b16785066227a050a3ada2f8594389e387875fa19a7fcfa1338bc0f455e01093a6949de3ad1fdad034555b7166c7b714d261a2701c4b25901215d57afda83657b7b6264282e806ba70824a1c6056f424bb159519f2c18c873d5ecfb5320708012a321d85dd195a547d8ef56b9074b0b31104a650a6346ad4eeb7458c890c01ef86490bc2d030af9ca0872b3ad456677e8ebef898721dd01007d0c9f8a120ce4fdf55859802186b1bfe6129ede3202982d9b720cee113e508cafc8d2de09d8d2240b749e75b6f672e987810446b2bce57f747884ef78d06b5fdabc2eba4dc911b72ec4dfa98c9201f8b90ecbdc355834b31e5c24f2dfcf1cc127fd40865523f130e6f9171152a42c9b331d8f456073c58257e6be0d73ad11bac3c34f247897914463e21db3ea8dc2e4a7d6aaf0666df85f71db5edca6f016405b4fecb15e8942309d56d424e98c3c03afdb3b8fdb319728345ce3f9de8b244e67366150f52835df72cb93b79947d97583cd0e06badd8cfb82c10b7c238fc526a86b0f78c16bee9afd8b31c8b9e9a2b530449c9ebe29c9d9e0beee27cae029eb13e4908b9de7dfef1bbb2862c63e749d10ab568d4554278066a41806d10043a406fd0d8436709780b4328e14a96ce0d23b60c99c8c2dc662bdfa0d18325eb2e670a1255ae2f121bbf172a3832ae0459a07bc6acf566e1eeb5f78189890213755d65dc6b9b2d254df0f0e39b2c29a8bc8a35528cc70a1cbc70e73a6f9bc69369f00522a5a3304370ffd0524aca2776e0815ab829a451c5230b1d540daf8f47a2d8acb8d8386d245669c1ad6993d8c550037865671a02afd26554c57474fb937576809bb8ca207bcad9094c31663d3855f2896bc05999360be557cd54bb4836b122183126c07b407e635610bdd69d0830a8c6f716bf432a914a5149d067b12ead40297f477122395353c54e71cb82697321fc5aaa5ead03391386d4a447b8ea24a8a0bfe76fdc576daa23f01f99c76481c936db614df41b1b7cb293ce16b46abdc5694295a6c9b262b037a2710132c28bb59244e7ac16aea0dab7b09c5503be0c2a697368ccc3b5c1433b9083a2f51e11d68753c08cc5affe0411bec4ae123273b91762332a552d5d74b9cf96df03f52be1014a8ed072873ab7881f4ad7d1dd748c44455c06366c38105818edd7d0afd333c46a7b2ebcb8553c2c10da6684a4d8d0d780cab95916be41f6c6da9fb7c447a74f74f1bf0679a04945e9236b3759e592267bb24ad2ad7c4a06320cfc9876812f8dc8388d9f01389c1843da2dd8020ee5a6910dff53673366b89398682b7169aaf4e17cfa8b95bc992204eb597dc650e6881269fce20afa65cdc24e38c550436179802b9548ab1099bbdab357961acf07792e67770bdecaf32fce1f6cb0e0bdc20e322e784267506e9f1a1e1f04d073c9ff9bfdc62a149f5b8c3ddcff3c4c9016e0d247be0f3bbc2c85bbfd94a62f5e81a75f9628953dbb422cf2095a7d1f5629c5b12bf606bc593d148a52bbca315c35f457f8bde28e4652e2c051f9dc2b7def53f13bc3e824223091e2a2efea450c390f2f06a95309a9451fc73d040f412e0d226447d5d61686a67c6662a13220b54dcaf41722027778719b8fb34be218da404a5020040ff6b8999e13e29b433a4f2de76601a5b1f66bfa4982d6b2f32905864a0eac0faf25cc882b2d0893fca0e7e946acac9d76566ec5e5536a2992d3b9d951486b0332edef5233217d966e76735c92a041a6d6c70f66a978b15060c6c295ff90edaba19c291c3d0035d09b5e21e64156a451b196ba15bc10e5a08977f27024a9faabc963282530308595ea61f431d5c84224157de6df1da454c4f927f8955c08ac8b43b0b96dd6fb08bec43be4bf6c5b57f5a8696c91df858c847d56e7ef7adb030e6b8368fe027e1554b7e855e763bbbdfe78aa685dc01484970dfb1b948cd0bccb58520eba04e4764f3682fa4670568e9d03338a3f75124565965d02b69858c58aa93d2f0090e667852856a41f86a7575771480611b28beab24a176e13986394bd5e0632970b23e95b57cbf9dc0715c706266e67c24e06ccbf584448375d376bb216179fb3af09bfa2827865e05404923eb0ae37f6843f1e160defa50025ca2de1a80e6328a984a58a526fac69270c904112d502e1afd5696141040915c8be512fe66e2fdd1aa86a6267d95e7a828ea5dcb6c4c9f5e87e694be62ec26db2015d8ad02516a1bad0fceadec82f72c3c37fb8690da4e93bf567b99e82fdf3f29bd39a5cf8d70cabfda59055f120e68a78a12d230adef53cdf7e52a148ff36baab79cd3a34d6ee19bda92bc76c7cc3f322f8510814943bad0d3ef46f8cacc0f79c4d95595c709ecac7ce1097f393f60d9016a818f09011c0e2df44b0a645f710c16b3f7c937897f4547bd5f757507e439e0ce8c7074c515e4827f89c86d91c404feb9e1cac14e329b1a7fee00d92122c75596d298f883b436354a1ba5db8b0317508a2346948d60966db62515c1d8d66266fded71308acaa7f3699b457f6f777d41c3f67de5d2d0fb868650129ed4fc1745cc7865433143184d2fd3620b2afc2ed91d8c9a516fd176614d8c1598a540df3a83351df8bbf1a6c205db1a15e2e03b16e20549229e2ea71c60317c0683f4a97ec8530170e931d919d2e084761448f84236b914b300e25c17568b49679d5fefccf8f4a2014f4936e82a252c001d8cba0ae3b02c2816a36b6cb032f544c191c4e91f5fec6ed5023564c4c667ee20ed2109f812b80ee938fd637972d068da9b3cdbfe3e9e4f139ac79ec88d113ebdc4eff69653ad5c25036d5975e7a96"]}]}, 0x17dc}, 0x1, 0x0, 0x0, 0x20008000}, 0x20000800)
ioctl$auto_MEMREADOOB(r5, 0xc0104d04, &(0x7f0000000380)={0xc0000, 0x9, &(0x7f0000000340)=':\x00'})
close_range$auto(0x2, 0x8, 0x0)

8m17.483871962s ago: executing program 2 (id=175):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0xfffffffffffff800)
r0 = socket(0x2, 0x3, 0x6)
lsm_list_modules$auto(0x0, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x5, 0x0)
memfd_create$auto(0x0, 0x2)
ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0)
renameat2$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x4000)
mmap$auto(0x0, 0xd49e, 0x8, 0x8000000008011, 0x3, 0x8000)

8m16.946010181s ago: executing program 2 (id=176):
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'wg0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$auto_wireguard(&(0x7f0000001140), 0xffffffffffffffff)
sendmsg$auto_WG_CMD_SET_DEVICE(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000002800)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010029bd7000fbdbdf250100000008000100", @ANYRES32=r1, @ANYBLOB="94300880"], 0x20}, 0x1, 0x0, 0x0, 0x20000011}, 0x810)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
mmap$auto(0x0, 0x101, 0x4000000000df, 0xeb1, 0x200000401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r3 = socket(0x2a, 0x2, 0x1)
connect$auto(r3, &(0x7f00000000c0)=@qipcrtr={0x2a, 0x1, 0xfffffffe}, 0x55)
openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0x10002}, 0x1)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x801, 0x84)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/memory/memory12/power/control\x00', 0x100, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x0, 0x0)
ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$auto(0x3, 0x4048aec9, r4)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)

8m16.276838914s ago: executing program 2 (id=177):
mmap$auto(0x4, 0x20008, 0x10002, 0xeb1, 0xffffffffffffffff, 0x5)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@ethernet={0x6, @random="21c168781b47"}, 0x6a)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0x8, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0x2, 0x801, 0x106)
socket$nl_generic(0x10, 0x3, 0x10)
io_uring_setup$auto(0x6, 0x0)
r0 = socket(0x10, 0x80002, 0x0)
close_range$auto(0x2, 0x8000, 0x0)
io_uring_setup$auto(0x6, 0x0)
timerfd_create$auto(0x0, 0x0)
timerfd_settime$auto(r0, 0x3, 0x0, 0x0)
read$auto(0x3, 0x0, 0x80)
settimeofday$auto(&(0x7f0000000180)={0x10000001f, 0x1}, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x8, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
socket(0xa, 0x1, 0x84)
ioctl$auto_BLKDISCARDZEROES(0xffffffffffffffff, 0x127c, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
unshare$auto(0x40000080)
setsockopt$auto(0x3, 0x10000000084, 0x7c, 0x0, 0x8)
write$auto_console_fops_tty_io(0xffffffffffffffff, 0x0, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)

8m16.276671723s ago: executing program 3 (id=178):
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card1\x00', 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/net/sit0/ifindex\x00', 0x80000, 0x0)
read$auto(r0, 0x0, 0x20)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x202, 0x0)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x2)
ioctl$auto_XFS_IOC_ERROR_INJECTION(0xffffffffffffffff, 0x40085874, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
read$auto_proc_reg_file_ops_compat_inode(0xffffffffffffffff, &(0x7f0000001880)=""/4101, 0x1005)
unlinkat$auto(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x7)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
open(&(0x7f0000000040)='./cgroup.cpu/cgroup.procs\x00', 0x101040, 0x33903f3ada88772b)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0)
openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f00000009c0), 0x0, 0x0)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
io_uring_setup$auto(0x4, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/fs/btrfs/features/supported_checksums\x00', 0x40a00, 0x0)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC0\x00', 0x802, 0x0)
socket(0xa, 0x3, 0x3a)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/irq.pressure\x00', 0x101102, 0x0)
socket(0xa, 0x801, 0x84)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/tty36\x00', 0x80000, 0x0)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0)

8m13.876863333s ago: executing program 3 (id=181):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
mmap$auto(0x0, 0x3, 0xfff, 0x9b72, 0xffffffffffffffff, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
madvise$auto(0x108000, 0x800032, 0x4)
unshare$auto(0x40000080)
r0 = socket(0x2, 0x0, 0x0)
setrlimit$auto(0x0, &(0x7f0000000000)={0x1, 0xfb3})
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x5, 0x40000d, 0xffffffffffffffff, 0x9b72, r0, 0x7ffc)
syz_genetlink_get_family_id$auto_nl802154(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$auto_NL802154_CMD_GET_SEC_LEVEL(0xffffffffffffffff, 0x0, 0x4000080)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x40004)
r1 = io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(0x2, 0x2500, &(0x7f0000000000), 0x3)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
syz_clone3(&(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, {0x31}, 0x0, 0x0, 0x0, 0x0, 0x0, {r1}}, 0x58)
r2 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x2, 0x0)
read$auto(r2, 0x0, 0x39b8)
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x305000, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/nbd15/queue/scheduler\x00', 0x103a42, 0x0)
syz_genetlink_get_family_id$auto_mac802154_hwsim(0x0, 0xffffffffffffffff)
r3 = openat$auto_safesetid_gid_file_fops_securityfs(0xffffffffffffff9c, 0x0, 0x200, 0x0)
fanotify_mark$auto(r3, 0x72d, 0x2, 0xffffffffffffffff, 0x0)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyw6\x00', 0x0, 0x0)
openat$auto_stat_fops_per_vm_kvm_main(0xffffffffffffff9c, 0x0, 0x20000, 0x0)
read$auto(r0, 0x0, 0x2)
close_range$auto(0x0, 0xffffffffffffffff, 0x4000000000002)
rt_sigsuspend$auto(0x0, 0x8)
socket$nl_generic(0x10, 0x3, 0x10)

8m5.612738676s ago: executing program 2 (id=185):
unshare$auto(0x40000080)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
listen$auto(0x3, 0x81)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
keyctl$auto(0x1f, 0x1, 0x6, 0x0, 0x3ff)
madvise$auto(0x0, 0x2003f2, 0x15)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)=ANY=[@ANYRES8, @ANYRES16, @ANYBLOB="df250c0000000000000000"], 0x14}}, 0x24048004)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff)
r3 = openat$auto_proc_uid_map_operations_base(0xffffffffffffff9c, &(0x7f00000013c0)='/proc/self/uid_map\x00', 0x8006, 0x0)
write$auto_proc_uid_map_operations_base(r3, 0x0, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)=ANY=[@ANYBLOB="a8000000", @ANYRES16=r2, @ANYBLOB="01002cbd7000fddbdf2502000000810004006e66736600d8efe42d132b72f32e522abaf52d50a407cf2ddf901f8fc81365e252374483326ace7da356b7a16f5ce613bc0ce3aeb87ed3d22b4a27c3ecc90c70c861befe60a7a9414b446427a001f61379e8caf4519e032a5dda1e1174e2d575772b93fc046cd3a674866b80d91473ece248c03d28f9398a63a785998700000008000300850000000800010002000000"], 0xa8}}, 0x4000)
madvise$auto(0x0, 0x200007, 0x19)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/pagemap\x00', 0x404001, 0x0)
mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000)
prctl$auto(0x1000000003b, 0x6, 0x4, 0x1, 0x4d8)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000)
sysfs$auto(0x2, 0x48, 0x0)
r4 = fsopen$auto(0x0, 0x1)
fsconfig$auto(r4, 0x6, 0x0, 0x0, 0x0)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x3b}}, 0x54)
mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
bpf$auto(0xfffffffe, &(0x7f00000001c0)=@query={@target_fd, 0x8, 0x3, 0x5, 0xff, @count=0xe35c, 0x0, 0x5, 0x80000000000006, 0xd9, 0xffffffff}, 0x6f2)

8m2.67578021s ago: executing program 32 (id=167):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
mmap$auto(0xf, 0x3, 0xfff, 0x9b72, 0xffffffffffffffff, 0xffffffffffffffff)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
madvise$auto(0x108000, 0x800032, 0x4)
unshare$auto(0x40000080)
r0 = socket(0x2, 0x0, 0x0)
setrlimit$auto(0x0, &(0x7f0000000000)={0x1, 0xfb3})
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x5, 0x40000d, 0xffffffffffffffff, 0x9b72, r0, 0x7ffc)
syz_genetlink_get_family_id$auto_nl802154(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$auto_NL802154_CMD_GET_SEC_LEVEL(0xffffffffffffffff, 0x0, 0x4000080)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x40004)
r1 = io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
syz_clone3(&(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, {0x31}, 0x0, 0x0, 0x0, 0x0, 0x0, {r1}}, 0x58)
r2 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x2, 0x0)
read$auto(r2, 0x0, 0x39b8)
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x305000, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/nbd15/queue/scheduler\x00', 0x103a42, 0x0)
syz_genetlink_get_family_id$auto_mac802154_hwsim(0x0, 0xffffffffffffffff)
r3 = openat$auto_safesetid_gid_file_fops_securityfs(0xffffffffffffff9c, 0x0, 0x200, 0x0)
fanotify_mark$auto(r3, 0x72d, 0x2, 0xffffffffffffffff, 0x0)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyw6\x00', 0x0, 0x0)
openat$auto_stat_fops_per_vm_kvm_main(0xffffffffffffff9c, 0x0, 0x498eefac98835be9, 0x0)
read$auto(r0, 0x0, 0x2)
close_range$auto(0x0, 0xffffffffffffffff, 0x4000000000002)
rt_sigsuspend$auto(0x0, 0x8)
socket$nl_generic(0x10, 0x3, 0x10)

7m56.862074236s ago: executing program 33 (id=181):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
mmap$auto(0x0, 0x3, 0xfff, 0x9b72, 0xffffffffffffffff, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
madvise$auto(0x108000, 0x800032, 0x4)
unshare$auto(0x40000080)
r0 = socket(0x2, 0x0, 0x0)
setrlimit$auto(0x0, &(0x7f0000000000)={0x1, 0xfb3})
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x5, 0x40000d, 0xffffffffffffffff, 0x9b72, r0, 0x7ffc)
syz_genetlink_get_family_id$auto_nl802154(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$auto_NL802154_CMD_GET_SEC_LEVEL(0xffffffffffffffff, 0x0, 0x4000080)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x40004)
r1 = io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(0x2, 0x2500, &(0x7f0000000000), 0x3)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
syz_clone3(&(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, {0x31}, 0x0, 0x0, 0x0, 0x0, 0x0, {r1}}, 0x58)
r2 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x2, 0x0)
read$auto(r2, 0x0, 0x39b8)
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x305000, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/nbd15/queue/scheduler\x00', 0x103a42, 0x0)
syz_genetlink_get_family_id$auto_mac802154_hwsim(0x0, 0xffffffffffffffff)
r3 = openat$auto_safesetid_gid_file_fops_securityfs(0xffffffffffffff9c, 0x0, 0x200, 0x0)
fanotify_mark$auto(r3, 0x72d, 0x2, 0xffffffffffffffff, 0x0)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyw6\x00', 0x0, 0x0)
openat$auto_stat_fops_per_vm_kvm_main(0xffffffffffffff9c, 0x0, 0x20000, 0x0)
read$auto(r0, 0x0, 0x2)
close_range$auto(0x0, 0xffffffffffffffff, 0x4000000000002)
rt_sigsuspend$auto(0x0, 0x8)
socket$nl_generic(0x10, 0x3, 0x10)

7m50.389739811s ago: executing program 34 (id=185):
unshare$auto(0x40000080)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
listen$auto(0x3, 0x81)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
keyctl$auto(0x1f, 0x1, 0x6, 0x0, 0x3ff)
madvise$auto(0x0, 0x2003f2, 0x15)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)=ANY=[@ANYRES8, @ANYRES16, @ANYBLOB="df250c0000000000000000"], 0x14}}, 0x24048004)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff)
r3 = openat$auto_proc_uid_map_operations_base(0xffffffffffffff9c, &(0x7f00000013c0)='/proc/self/uid_map\x00', 0x8006, 0x0)
write$auto_proc_uid_map_operations_base(r3, 0x0, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)=ANY=[@ANYBLOB="a8000000", @ANYRES16=r2, @ANYBLOB="01002cbd7000fddbdf2502000000810004006e66736600d8efe42d132b72f32e522abaf52d50a407cf2ddf901f8fc81365e252374483326ace7da356b7a16f5ce613bc0ce3aeb87ed3d22b4a27c3ecc90c70c861befe60a7a9414b446427a001f61379e8caf4519e032a5dda1e1174e2d575772b93fc046cd3a674866b80d91473ece248c03d28f9398a63a785998700000008000300850000000800010002000000"], 0xa8}}, 0x4000)
madvise$auto(0x0, 0x200007, 0x19)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/pagemap\x00', 0x404001, 0x0)
mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000)
prctl$auto(0x1000000003b, 0x6, 0x4, 0x1, 0x4d8)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000)
sysfs$auto(0x2, 0x48, 0x0)
r4 = fsopen$auto(0x0, 0x1)
fsconfig$auto(r4, 0x6, 0x0, 0x0, 0x0)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x3b}}, 0x54)
mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
bpf$auto(0xfffffffe, &(0x7f00000001c0)=@query={@target_fd, 0x8, 0x3, 0x5, 0xff, @count=0xe35c, 0x0, 0x5, 0x80000000000006, 0xd9, 0xffffffff}, 0x6f2)

8.227903889s ago: executing program 5 (id=2199):
r0 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x130)
acct$auto(&(0x7f0000000380)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc')
fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d)
fallocate$auto(r0, 0x1, 0x820, 0x7fff)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x28b42, 0x0)
openat$auto_safesetid_gid_file_fops_securityfs(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
writev$auto(r1, &(0x7f0000000100)={&(0x7f0000000280)="8e8873b5f9dd39182ab801a9e417130ff346eab3d41f954d458b276ffab4f6d5b23e17c1", 0x7115}, 0x8)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14fa02, 0x0)
mmap$auto(0x0, 0xb9f, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0xffffffffffffffff, 0x2000b, 0x4000000000df, 0xeb1, r1, 0x8000)
unshare$auto(0x40000080)
memfd_secret$auto(0x0)
mmap$auto(0x0, 0x810004, 0x400000000ffb, 0x8000000008011, 0x3, 0x8000)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
bpf$auto(0x8, &(0x7f0000000280)=@bpf_attr_7={@btf_id=0x2, 0x6, 0x40000023}, 0x96)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, 0x0, 0x100000a3d9)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)
sendfile$auto(0x3, 0x3, 0x0, 0x400000000006)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/sound/ctl-led/speaker/card2/reset\x00', 0xa001, 0x0)

7.464207238s ago: executing program 1 (id=2208):
mmap$auto(0x4, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = syz_clone(0x4100000, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket(0x2, 0x1, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/workqueue/cpumask\x00', 0xcc4082, 0x0)
socketpair$auto(0x1e, 0x5, 0x9, 0x0)
r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000280)='/dev/ptys5\x00', 0x2000, 0x0)
ioctl$auto_TIOCSETD2(r3, 0x5423, 0x0)
r4 = pidfd_open$auto(0x1, 0x0)
sendmsg$auto_ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000340)=ANY=[@ANYBLOB="5ecb", @ANYRES16=0x0, @ANYRES32=r1, @ANYRES32=r0, @ANYRES64=r4], 0x1fc}, 0x1, 0x0, 0x0, 0x4104}, 0x20044050)
sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(r2, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="080028bd7000fbdbdf2516000000050003000f0000000500020003000000050004000700a80018000180140002006970766c616e31000000000000000000"], 0x44}, 0x1, 0x0, 0x0, 0x24048044}, 0x1)
ioctl$auto_TIOCSTI2(r3, 0x5412, &(0x7f0000000300)="dc00")
mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
openat$auto_ima_measurements_ops_ima_fs(0xffffffffffffff9c, &(0x7f00000002c0), 0x480, 0x0)
mmap$auto(0x0, 0x400008, 0x4, 0x40009b72, 0x2, 0x8000)
io_uring_setup$auto(0x89, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(0x3, 0x0, 0x7fffffff)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r5 = openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, &(0x7f0000000040), 0x2482, 0x0)
pread64$auto(r5, 0x0, 0x20000000001, 0x7fff)
socket$nl_generic(0x10, 0x3, 0x10)
write$auto(r2, 0x0, 0x80000000)
mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
close_range$auto(0x2, 0x8, 0x0)

6.687339571s ago: executing program 4 (id=2211):
r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/neigh/bond_slave_1/mcast_resolicit\x00', 0x40, 0x0)
r1 = openat$auto_fops_x64_ro_(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/ieee80211/phy3/netdev:wlan0/stations/08:02:11:00:00:01/driver_buffered_tids\x00', 0x40000, 0x0)
fadvise64$auto_POSIX_FADV_WILLNEED(r0, 0xffff, 0xe2, 0x3)
read$auto_proc_mem_operations_base(0xffffffffffffffff, &(0x7f00000000c0)=""/143, 0x8f)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nlbl_mgmt(&(0x7f0000000180), r2)
sendmsg$auto_OVS_VPORT_CMD_DEL(r2, &(0x7f00000003c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000380)={&(0x7f0000000200)={0x164, 0x0, 0x800, 0x70bd2c, 0x25dfdbff, {}, [@OVS_VPORT_ATTR_OPTIONS={0x102, 0x4, 0x0, 0x1, [@typed={0x4, 0x129, 0x0, 0x0, @binary}, @generic="3a9dfd89e176d9c73ec3ea3dfc41d543c932dbacb78737628575e92f754d72e58f2e223a6bcc9c2abf138a7b7f3fe3e5d61de98a0b656116a915e2c1dd33be56b4525e2fd9c8", @generic="684f3c71c551197d419cbb1461af45c37194b0f2a1f28328225408b719b889ad127231f9533d24b4b3e5a21b6e2839389b2ae1f75b78abecd97e82c34b2847d72c02783dbabf3cc5113a78df957f27dcc972363a76986da9b3c91ac397d7c700e89073f39c2db02d06fa2eb2b2821fc717ea09ba6b003594b30fe41dea711a736070a47664070df730610b655894cc607ba8be3d858597053cbc1cd346b266d53d74190799a1469e1392125533acd6c1c8064b6c"]}, @OVS_VPORT_ATTR_TYPE={0x8, 0x2, 0x30}, @OVS_VPORT_ATTR_STATS={0x44, 0x6, {0x1, 0xb4, 0x4, 0x7, 0x4, 0x7, 0x400, 0x8}}]}, 0x164}, 0x1, 0x0, 0x0, 0x821}, 0x4)
r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000440), r2)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000480)={'veth1_to_team\x00', <r4=>0x0})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000004c0)={'veth0_vlan\x00', <r5=>0x0})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000500)={'hsr0\x00', <r6=>0x0})
sendmsg$auto_ETHTOOL_MSG_EEE_SET(r2, &(0x7f0000000680)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000640)={&(0x7f0000000540)={0xd4, r3, 0x100, 0x70bd27, 0x25dfdbfb, {}, [@ETHTOOL_A_EEE_MODES_OURS={0x46, 0x2, 0x0, 0x1, [@generic="e3948af34a22a5d809f4a41bf8bfbcc8a9f8", @nested={0x2e, 0x6a, 0x0, 0x1, [@generic="70ba44a2653906cfef051f219f2b317793525c98b17731f646581f146f2fe31c84cc242c69a81a0fd566"]}]}, @ETHTOOL_A_EEE_HEADER={0x6c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x7}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x6}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0xb36}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6erspan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x54}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0\x00'}]}, @ETHTOOL_A_EEE_ENABLED={0x5, 0x5, 0x1}, @ETHTOOL_A_EEE_MODES_OURS={0x4}]}, 0xd4}, 0x1, 0x0, 0x0, 0x40051}, 0x0)
ioctl$auto_VHOST_RESET_OWNER(r2, 0xaf02, 0x0)
sendfile$auto(r2, r1, &(0x7f00000006c0)=0x7, 0x5)
r7 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000740), r2)
sendmsg$auto_NL80211_CMD_STOP_P2P_DEVICE(r2, &(0x7f00000009c0)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000980)={&(0x7f0000000780)={0x1f4, r7, 0x10, 0x70bd29, 0x25dfdbfe, {}, [@NL80211_ATTR_COLOR_CHANGE_COLOR={0x5, 0x130, 0x9}, @NL80211_ATTR_HT_CAPABILITY_MASK={0x1e, 0x94, "b6bcce312cfb1750cc891782c694ff6e1727c885bdd5bfcf05fb"}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_VLAN_ID={0x6, 0x11a, 0xe54}, @NL80211_ATTR_CSA_IES={0x14f, 0xb9, 0x0, 0x1, [@nested={0x81, 0x6, 0x0, 0x1, [@generic="b2e2140079946fc03ebc545fad1fa293c9040d45422e9903381e19a78aacd6a03c4abee1fe538c93ffb07fd7bff498d7d215c18a2ab78989b6b448d74adfff19674d6cf3bee2efd10ce37d3b3e1177a65374edcc93d095102c962de84ddf1a2c60c2c4bb48c35f131e9f015af8d6e12f3801b1c86bbf6264f162217d7a"]}, @generic="27c744336a818e2c06edba30f7618427b937b1a380439cb5813fdc85f10a8e070dceb61bb4398a1cf2dd918adc458ed8551fc3ef4cedb1a9ad17589c7a2ddf0b9c1c3d599fd48ff2be1b2f91783c8660cabf60b5834a5a7b810e1878105429406d9987e10d27230fc69ff501fe5b4969dcfd15a49aa5cb27cd6abbd70b5914e32d186feab4e230b759781d73ecb47c965891f0012e127d4e65979a660fb76ea9fed450530218545afac22c7f4c4ada3c9c2d6f3f8c026d", @generic="51172d59b715d560747e62336bed704d"]}, @NL80211_ATTR_PMKID={0x5a, 0x55, "5ced1a189e2f3b3090787a46af531d0e5d2811821c249764beeba669ff15044cfe3f4121c8f4e3cbe39d9bfd212ffa261ce5b3026f4df5553d35cdf6b66462f8d9e3d690752b266774ef206b65052f3c7de00a96240a"}]}, 0x1f4}, 0x1, 0x0, 0x0, 0x40}, 0x40)
r8 = syz_genetlink_get_family_id$auto_smc_pnetid(&(0x7f0000000a40), r2)
sendmsg$auto_SMC_PNETID_ADD(r2, &(0x7f0000000b40)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000b00)={&(0x7f0000000a80)={0x48, r8, 0x10, 0x70bd2a, 0x25dfdbfe, {}, [@SMC_PNETID_IBNAME={0x5, 0x3, '\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x81}, @SMC_PNETID_ETHNAME={0x8, 0x2, '@*)\x00'}, @SMC_PNETID_ETHNAME={0x9, 0x2, ')%\'\'\x00'}, @SMC_PNETID_IBNAME={0xf, 0x3, 'ip6erspan0\x00'}]}, 0x48}}, 0x4080)
r9 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000bc0), r2)
sendmsg$auto_BATADV_CMD_GET_NEIGHBORS(r2, &(0x7f0000000cc0)={&(0x7f0000000b80)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000c80)={&(0x7f0000000c00)={0x58, r9, 0x800, 0x70bd26, 0x25dfdbfd, {}, [@BATADV_ATTR_LOG_LEVEL={0x8, 0x36, 0x7}, @BATADV_ATTR_TPMETER_RESULT={0x5, 0xa, 0xe5}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x64e7}, @BATADV_ATTR_TPMETER_RESULT={0x5}, @BATADV_ATTR_HARD_IFNAME={0x14}, @BATADV_ATTR_BLA_CRC={0x6, 0x22, 0xab89}, @BATADV_ATTR_BANDWIDTH_UP={0x8, 0x1b, 0x8}]}, 0x58}, 0x1, 0x0, 0x0, 0x24000010}, 0x4)
r10 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000d00), 0x2d0581, 0x0)
r11 = ioctl$auto_TUNSETOFFLOAD2(r10, 0x400454d0, &(0x7f0000000d40)=0x1)
r12 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000dc0), r2)
sendmsg$auto_NL802154_CMD_SET_TX_POWER(r11, &(0x7f0000000e80)={&(0x7f0000000d80)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000e40)={&(0x7f0000000e00)={0x34, r12, 0x10, 0x70bd29, 0x25dfdbff, {}, [@NL802154_ATTR_BEACON_INTERVAL={0x5, 0x26, 0x2}, @NL802154_ATTR_SCAN_DONE_REASON={0x5, 0x25, 0x8}, @NL802154_ATTR_MAX_BE={0x5, 0x10, 0x4}, @NL802154_ATTR_SCAN_CHANNELS={0x8, 0x21, 0x7}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000000}, 0x40894)
r13 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000f00), r11)
sendmsg$auto_L2TP_CMD_TUNNEL_DELETE(r11, &(0x7f0000000fc0)={&(0x7f0000000ec0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000f80)={&(0x7f0000000f40)={0x1c, r13, 0x342dc1e90e1e715e, 0x70bd2d, 0x25dfdbfc, {}, [@L2TP_ATTR_MTU={0x6, 0x1c, 0x43}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0xc000)
fsopen$auto(&(0x7f0000001000)='\x00', 0x6)
openat$auto_ftrace_system_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f0000001040)='/sys/kernel/debug/tracing/events/vmalloc/enable\x00', 0x1a000, 0x0)
sendmsg$auto_SMC_PNETID_ADD(r2, &(0x7f0000001180)={&(0x7f0000001080)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000001140)={&(0x7f00000010c0)={0x50, r8, 0x300, 0x70bd25, 0x25dfdbff, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0xd7}, @SMC_PNETID_ETHNAME={0x9, 0x2, 'hsr0\x00'}, @SMC_PNETID_IBNAME={0x11, 0x3, '/dev/net/tun\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0xd}, @SMC_PNETID_ETHNAME={0x9, 0x2, 'hsr0\x00'}]}, 0x50}, 0x1, 0x0, 0x0, 0x48045}, 0x44081)
sendmsg$auto_KSMBD_EVENT_TREE_CONNECT_REQUEST(r2, &(0x7f00000012c0)={&(0x7f00000011c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000001280)={&(0x7f0000001240)={0x14, 0x0, 0x400, 0x70bd28, 0x25dfdbfc, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x480d0}, 0x20040000)

6.532256598s ago: executing program 4 (id=2212):
close_range$auto(0xffffffffffffffff, 0x8, 0x9)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/afs/stats\x00', 0x0, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
socket(0x2, 0x1, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/bus/pci/00/03.0\x00', 0x181000, 0x0)
ioctl$auto(0x3, 0x50434902, 0x38)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @empty}, 0x51)
r1 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
statx$auto(r1, 0x0, 0x401006, 0x4015, 0x0)
setsockopt$auto(0x3, 0x1, 0x41, 0x0, 0x88)
sendto$auto(0x3, 0x0, 0x2000f, 0x101, 0x0, 0x1c)
readv$auto(0x3, &(0x7f00000000c0)={0x0, 0xfdf3}, 0x1da)
write$auto(0x3, 0x0, 0xfdf3)
r2 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x102, 0x0)
write$auto_console_fops_tty_io(r2, 0x0, 0x0)
socket(0x29, 0x0, 0x3)
mmap$auto(0x200000000, 0x5, 0x8, 0x40009b72, 0x2, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(0x3, 0x0, 0x7fffffff)
write$auto(0x1, 0x0, 0x80000000)
bind$auto(0xffffffffffffffff, &(0x7f0000000000)=@generic={0x10, "a500acb75c9cedd1b5e9a0d76293"}, 0x68)
ioctl$auto_PPPIOCSMRU(0xffffffffffffffff, 0xc004743e, 0x0)
munmap$auto(0x8000, 0xffffffff)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd)
pread64$auto(r0, 0x0, 0x8, 0x7fff)
socket(0x10, 0x2, 0xc)

6.346352354s ago: executing program 1 (id=2214):
mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000)
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x40280, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
io_uring_setup$auto(0x6, 0x0)
sysfs$auto(0x2, 0x5, 0x0)
io_uring_setup$auto(0x4bf15e08, &(0x7f0000000000)={0x405, 0x8, 0x10001, 0x6fb3, 0x8a, 0xfffffff8, 0xffffffffffffffff, [0x7783, 0x9, 0x7c], {0x913, 0x7, 0x3036, 0xe, 0xd, 0x5, 0x6, 0xfffffff9, 0x2000000f08a2b6}, {0x4000, 0xfc, 0xd, 0x0, 0x0, 0xb89, 0xd5, 0x837, 0x8}})
sendmsg$auto_OVS_FLOW_CMD_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x40010}, 0x800)
bpf$auto(0x12, &(0x7f0000000040)=@enable_stats={0x1}, 0x26)
ioctl$auto_SOUND_MIXER_WRITE_RECSRC2(r0, 0xc0044dff, &(0x7f0000000080))
semctl$auto(0x623f, 0x2, 0x93, 0x21)
bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x7, 0x4, 0x700, 0x8a4d, 0x24, 0x1, 0xffffffffffffffff, 0x0, 0x8005}, 0x4f4)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop2\x00', 0x24040, 0x0)
ioctl$auto_BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000240)={"ef65ce6c00cf81000000ffffffffffffff291d000000000700", 0x3ff, 0x408, 0xffc, 0x400004, 0x200000000040000d})
ioctl$auto_BLKTRACETEARDOWN(r1, 0x1276, 0x0)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
setsockopt$auto(0x3, 0x1, 0x4c, 0x0, 0x9)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)

5.733280884s ago: executing program 1 (id=2216):
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x407, 0xffffffff, 0xd29e, 0x47, 0x1, 0x1007182, 0x2, 0x7, 0x6, 0x7, 0x89, 0x8, 0x4, 0x200000000001, 0x3, 0xfffffffffffffffa, 0x500000000000000, 0x0, 0x30, 0x0, 0x862, 0xe, 0x2, 0x9, 0x4, 0x83, 0xfffffffffffffffc, 0x0, 0x0, 0x80000000, 0x0, [0x0, 0x0, 0x0, 0x71, 0x0, 0x40000000000, 0x8, 0x0, 0x0, 0x0, 0x0, 0x3, 0x3, 0x2000000000000, 0x0, 0x0, 0x0, 0xf, 0x20000004, 0x800, 0x0, 0x0, 0x4000000010001, 0x1000000000, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x40000000000000, 0x0, 0x0, 0x2, 0xcc, 0x0, 0x3, 0xfffffffffffffffc, 0x1]}, 0x7, 0x9)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_PHY_GET(0xffffffffffffffff, &(0x7f0000003200)={0x0, 0x0, &(0x7f00000031c0)={&(0x7f0000000180)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010326bd7000ffdbdf252d"], 0x20}, 0x1, 0x0, 0x0, 0x2404c012}, 0x80)
r1 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x3f, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008)

5.556381216s ago: executing program 4 (id=2217):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = socket(0xa, 0x2, 0x73)
unshare$auto(0x40000080)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nbd4\x00', 0x745100, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r2 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000001140)='/dev/psaux\x00', 0x42000, 0x0)
io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7ffffffc, 0x8, 0x3000, 0x6, 0x7, 0x400b, r2, [], {0x6, 0x6, 0x8c48, 0x29a, 0x9, 0x80, 0x104, 0x6, 0x4}, {0x100, 0x1, 0x101, 0x85, 0x2, 0x24, 0xfe000000, 0x8, 0x3}})
r3 = openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000d00), 0x0, 0x0)
read$auto_vhci_fops_hci_vhci(r3, &(0x7f0000000d40)=""/16, 0x10)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000580)={[0x1ff, 0x8000, 0xd, 0x1, 0x948d, 0x3, 0x10015f4da0a, 0xd, 0x7, 0x64c1, 0x8000001f, 0x8, 0x6d3e, 0xc, 0x2, 0x2]}, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
socket(0x2b, 0x1, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003f2, 0x15)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
madvise$auto(0x0, 0x200007, 0x19)
sendto$auto(r0, 0x0, 0x402, 0x0, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x19)

5.115076683s ago: executing program 1 (id=2218):
unshare$auto(0x40000080)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
listen$auto(0x3, 0x81)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003f2, 0x15)
r1 = syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000980)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="010031bd7000fddbf0250c00da36"], 0x14}}, 0x24048084)
madvise$auto(0x0, 0x200007, 0x19)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/pagemap\x00', 0x103003, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x101001, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000001c0), 0x101000, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
r3 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0)
pread64$auto(r3, &(0x7f0000000240)='\x03W\x96l\x15\x00\x00\x00\x00\x00\x01\x00'/21, 0x100000002, 0x100000001)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0xe6e43, 0x0)
ioctl$auto_BLKFLSBUF(r4, 0x1261, 0x0)
prctl$auto(0x1, 0x8, 0x0, 0x3a, 0x1)

5.070405636s ago: executing program 5 (id=2220):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000001500), r0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000001540)={'netdevsim0\x00', <r2=>0x0})
sendmsg$auto_NET_SHAPER_CMD_GROUP(r0, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010029bd7000fedbdf25040000000c000180080001000100000004000a800800080059c9cb413ae26a513f270ba090dc9a0251ba6acc37902dae3262062a4bc58fa651692cee1a3ee2ca6571f2034afb1e46e93ec2e3d3b45b5a52eacad5d49f59c1fa4095b789c6d0ee8b740f98012af322382c9241f883bfee09b8368ad215e377f6a34bb4", @ANYRES32=r2, @ANYBLOB="04000980"], 0x30}, 0x1, 0x0, 0x0, 0x44000}, 0x14)
r3 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0)
ioctl$auto_PAGEMAP_SCAN(r3, 0xc0606610, &(0x7f0000000100)={0x3, 0x2, 0x100000, 0x7fffffffefff, 0x4, 0x1, 0x0, 0xe8, 0x0, 0x2, 0xe4, 0x200000000002})
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6abc2, 0x0)
socket(0x10, 0x4, 0x4)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/system/cpu/cpu0/hotplug/fail\x00', 0xc7c880, 0x0)
write$auto(r4, &(0x7f00000004c0)='1\x00\\\xa0\x04|\xfd\xca\x12\xfa\b\x1c\xc7k\x923\xe05\"3n\x84n#\xd1\xcaso\v\xf0\xda\xbb\x86\xbcX\xb4\x999\\\xa8&;<\xca\xa8\x05\x9d\x9e-\xc3\x93\xaa\xda\x02\x03\xddUbHu\x01\x00\x00\x00\xac\xa7\x93T\aA\xbd\xc0\xb8K\xd7\xed\xcbP\xa1\xfe\xc7\xa1\x8b\xa7\x02\xad\xbc\xfaq*0F\xff&\xbb+\x9b\xe2\xbfd\xf7\xde\xb40\x1d=\x99\xe2\x06\xbf\x9cNS\xbf\x82\x9c\xfb', 0x3)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
mmap$auto(0x0, 0x401, 0x3, 0xeb1, r0, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/nbd5/queue/write_zeroes_max_bytes\x00', 0x0, 0x0)
socket(0x2, 0x3, 0xa)
socket(0x11, 0x80003, 0x300)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket(0x2, 0x801, 0x106)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000003fc0), 0xffffffffffffffff)
sendmsg$auto_OVS_VPORT_CMD_GET(r6, &(0x7f0000004540)={0x0, 0x0, &(0x7f0000004500)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYRES16=r7, @ANYBLOB="ffff2bbd7000fedbdf250300040005"], 0x18}, 0x1, 0x0, 0x0, 0x40081}, 0x20000c50)
write$auto(r5, &(0x7f0000000000)='*\x00', 0xfd)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x2, 0x88)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0xc7f16bff2a10ba01, 0x0)

3.90103468s ago: executing program 5 (id=2222):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0)
ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0)
ioctl$auto_PPPIOCSMRU(r0, 0x40047452, 0x0)
r1 = socket(0xa, 0x2, 0x0)
ioctl$auto(0x3, 0xae41, r1)
mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x3, 0x0, 0xfffffffffffffffc, 0x696b}, 0xed7138c}, 0x2, 0x9)
r2 = socket(0xa, 0x5, 0x84)
sendto$auto(r2, 0x0, 0x401, 0x7f, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe80000700"}, 0x1c)
sendmsg$auto_L2TP_CMD_SESSION_MODIFY(r1, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)={0x314, 0x0, 0xe6d58171215dc1cc, 0x70bd25, 0x25dfdbff, {}, [@L2TP_ATTR_USING_IPSEC={0x5, 0x15, 0x7}, @L2TP_ATTR_STATS={0x2e0, 0x1e, 0x0, 0x1, [@nested={0x10e, 0x3c, 0x0, 0x1, [@generic="e3a65cc7f23fcc9cb8e71c5543f81eb4f6146eb2a23e5884aa35c19ae65d86c32381acd74f795ce86d71b89db4e845f4ce08e7905b9efdcaac795061cee05d4790d0e13414b42adf5daa9e4688676a8bb9809f73e0741c5f40a225ac280bce3cc0f18a5ece1b869d6f7bbacabda343e99c018a455ae572e0955c9584441d7849fd47504cd392c529114af0e90c2d1d93261d42ae3dd3d1f6786b08e871", @generic="ce63cf855300bd38679e9c6236a4fae4a34214716e01fe723ac13afacdcf7ef196e3c50fdea39ec815bb0f54ce5b855effe537aba789d78b8efb21c5d3e597e1a76d84b9eb38880fcae7a0827e6d79cff33713c7bb2f5688033f49beefc7761694506d38d4f25d0874", @nested={0x4, 0xa}]}, @nested={0x161, 0x101, 0x0, 0x1, [@typed={0x5, 0x2b, 0x0, 0x0, @str='\x00'}, @typed={0x4, 0xc5}, @generic="854eda99414cc94bb5a11f790d34b60f59f8dab43a40158d6466175f907af898a1d835c59966b8b859b36929480906e3b265955c8107b67c44a9e7b60e73c4dcd8149168745bd1e0c25d79f33bd1fa55d729fdb1265cbddc143666792df69f93037312b40ceaf890cd5d63a88ab326fd73f6ae0962391f75c435372a0cc54fbf4151356e5acbf0a2d0eabb6a281442c8be8efbf1591f3d418fa192ac71287be2fdbdeba808d41f63aa20e16ec1c37bfcf48a5e9282f1fef8f17d919b1c8332aed6fd50ab33455b5cccd75243975d4f002b5637844db56f82b51b1312d29b89b204783a5a6cb5bc8a", @generic="bb9a8ad4d1a69262ac2eb67b947c431a010d220e5d7774860244305ddd1d58f713a3bac76e7dbf0b783749aad760796e9aaa79af8cad3c9e367c2d80e1291d4d34b5d373164d97eda3", @typed={0x4, 0xbe}, @nested={0x4, 0x9e}, @nested={0x4, 0x4d}, @typed={0x11, 0x138, 0x0, 0x0, @str=']@{^#-{\x14^]::\x00'}]}, @generic="92a8de53bfb4b5b06283654651ef6d31bb11bbd64b3e2db2036aa0ec82957e56997623db2e5746a7f05a228ce95632a7df66c2ed2e18d6f2bc31591b2dfe53272c927940651ca1465ace07998d3d642ccef2c239fd932b590d4acbd62266a1f60e11035d7105143f"]}, @L2TP_ATTR_OFFSET={0x6, 0x3, 0x9}, @L2TP_ATTR_OFFSET={0x6, 0x3, 0x11}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x7}]}, 0x314}, 0x1, 0x0, 0x0, 0x40}, 0x4040041)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x22a02, 0x0)
r3 = socket(0x2, 0x80802, 0x0)
setsockopt$auto(r3, 0x11, 0x65, 0x0, 0x8)
close_range$auto(0x2, 0x8, 0x0)

3.42944884s ago: executing program 5 (id=2223):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xffffffffffffff6a, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4000009}, 0x24004880)
r0 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="010600bd7000fbdbdf250a"], 0x1c}}, 0x20008810)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[], 0x1ac}}, 0x40000)
sendmmsg$auto(r0, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x2, 0x0, 0x0, 0x5}, 0x40005}, 0x7, 0x0)
unshare$auto(0x40000080)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/amidi2\x00', 0x3030c0, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
listen$auto(0x3, 0x81)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
keyctl$auto(0x1f, 0x0, 0x6, 0x0, 0x3ff)
ptrace$auto(0x8000, 0x1, 0x101, 0x180000)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x24048004)
madvise$auto(0x0, 0x200007, 0x19)
r2 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0)
ioctl$auto(r0, 0x6, r2)
mmap$auto(0x8, 0x2, 0xdf, 0xeb1, 0x401, 0x3)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
r3 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/smaps_rollup\x00', 0x40000, 0x0)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
read$auto_proc_pid_maps_operations_internal(r3, &(0x7f00000020c0)=""/4093, 0xffd)
mmap$auto(0x0, 0x400008, 0xdf, 0x38, 0x6, 0x8000)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/platform/dummy_hcd.0/usb1/avoid_reset_quirk\x00', 0x68006, 0x0)
read$auto(r4, 0x0, 0x20)
madvise$auto(0x0, 0x200007, 0x19)

3.396980225s ago: executing program 6 (id=2224):
mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000005cc0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000005d00)={'wlan0\x00', <r2=>0x0})
sendmsg$auto_NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000005e40)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010025bd7000fddbdf253700000008002600e100000008000300", @ANYRES32=r2, @ANYBLOB='\b\x00W'], 0x2c}, 0x1, 0x0, 0x0, 0x24008855}, 0x0)
open$dir(&(0x7f00000001c0)='./file0\x00', 0x201, 0x14)
openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000040), 0x481, 0x0)
open(&(0x7f00000002c0)='./file0\x00', 0x200, 0x1c7)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0x8, 0x0, 0x0, &(0x7f00000002c0)={[0x1fe, 0x7, 0xd, 0x1, 0x948d, 0x1ff, 0x15f4da07, 0x3, 0x8003, 0x65, 0x8000001f, 0x1000, 0x100000000006d3e, 0x9, 0x1, 0x8]}, 0x0)
select$auto(0x9, &(0x7f00000000c0)={[0xeeda, 0x7, 0x100000001, 0x9, 0x6, 0x1ff, 0x6, 0x7, 0x4, 0x0, 0x4000000000003, 0x4303, 0x1, 0x9a8c, 0x9, 0x10001]}, 0x0, 0x0, &(0x7f0000000280)={0x6, 0xcb})
r4 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r5, &(0x7f0000004240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={0xe4, r4, 0x1, 0x70bd25, 0x25dfdbfc, {}, [@HWSIM_ATTR_RADIO_NAME={0xd0, 0x11, 'u)(\xa0\xb66s\xec\xbe\f\x19\"\xbfW:L\x15\x94\x1a\x06\xb27\b\xb7;\x1eF\xe0 .\xdfB\xbb\xe11\xea\xfdX\x95\xa5\x01\xd62\xf4E\xa5O\x1a\x950\xacJkD\xa39\x11\x11\xb4\xb1,>\xc7\xf97=\xe7\x98\xa9\xefPq\'\xc9\x8doJ$2\xae\xd1\xeaF\xd7os7\xffr\n#\x00\x00\x04\x00\xc3\x9fx\a\xc3f\xb1\xc1i\xa4\xaf8y\xf2\x0f\xa3\xcaa\xaf%\xe1\xd3j;U\xd8t\xc9\xf7\xbf\xbf\xb4$\xbb\x8eM\x17c\x9c\xc2\xbfn\x83\r\xcbY\xb4O(\x05[\x90\x9di\xbb\xd3oC\x1f\a\xd7\x1f\xeb\xb1pBr\x8e\a<\xa7?\x05\xf7UI\x92\xa4pt\x9b\xee\x904\x91\xd8\xa4\xcb\x83o\\\xdf&\xae\xe8\xe9\x80nmy\xf0\r[:\xf2\xf3\x1f\x1d\xa4'}]}, 0xe4}, 0x1, 0x0, 0x0, 0x40c8}, 0x4048000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r6 = openat$auto_minstrel_ht_stat_fops_rc80211_minstrel_ht_debugfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/ieee80211/phy4/netdev:wlan1/stations/08:02:11:00:00:00/rc_stats\x00', 0x10001, 0x0)
setsockopt$auto_SO_SNDTIMEO_NEW(r6, 0x1, 0x43, &(0x7f0000000140)='/proc/bus/pci/00/03.0\x00', 0xfffff62b)
r7 = socket(0x2, 0x80002, 0x73)
r8 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000240), r7)
sendmsg$auto_NL80211_CMD_DEL_STATION(r7, &(0x7f0000000380)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000340)={&(0x7f0000000440)={0x1348, r8, 0x20, 0x70bd27, 0x25dfdbff, {}, [@NL80211_ATTR_WIPHY_COVERAGE_CLASS={0x5, 0x59, 0x2}, @NL80211_ATTR_TXQ_LIMIT={0x8, 0x10a, 0x9}, @NL80211_ATTR_STA_SUPPORT_P2P_PS={0x5, 0xe4, 0x3}, @NL80211_ATTR_BSS_SELECT={0x317, 0xe3, 0x0, 0x1, [@generic="00a3d4b01d386fe137526c9a5cf2e32780ce354df970e8b570bf41cb57e50a4480620aa4ed886e033c53ea0c16814922f1c5684317ad9997c31110c1fc4c5bb03f7cbf1f199ad1420e46d49070b3839cc8d73a8bbdeef792102c484fd7dc314069ec73ccb15d8b3512791872269e150dfec4d543afe7a35cc89edbb2567579a2e4ed7da14b368f6faaa0efb139c0b393f405aed879ef49676806322daecf49fab1d781a44193f4dd03e61dbf232e61ac52", @nested={0x83, 0x62, 0x0, 0x1, [@generic="396fbc3c71290a493f52c0cb0bdcadad37e2fdfd86789538f44270b401fb3594b373f74ef3afb7d476ca772b47f006f47fc3484e2c11e3f94cb728b4130368f6b45ae98eb3dec201a05fd1b99bc979d7bb9eec30484cd34a74f769f63752e06c676121f0f12466250e878f4f561ea22de76bd5c21ca7883a1b2088527c16d4"]}, @nested={0x101, 0x9, 0x0, 0x1, [@generic="d34cebcbe1af75a8107970b272c5f0f21af8c5639350d425813933c7e5d86ffdb3cdbd9802fb0e1c50efd316e241d391238b1cc4e3ae3829b23cb2952c3aa233671d17b4715d6bb51ef6e5ae614c07907c91d5fd3046df8da6c3ea7e0f873cf1a4d4d64cea75689f9ca0b4c8ff04e09ea870173470a61f4f72d747a60c8afa4e2cffe1f6ab6e099c29f260ec14226b4115bfe84bb165872bf9df52431e382bcf07490fc912e46b1b4eb05103b7ea63078c89d37fb5aa5286ce7e285ebbe0caba0673469cb5411f42294274ed5d2b65e8a61a8ebe5e9f6aedb39eaad971c2199fe4b5316f014860e3ab0767b2ab2776e6eaa1321c02e7ba4302", @typed={0x4, 0x141}]}, @generic="d1f08d4f9ccc848326c548e951eac5328b4f0ddbece46286211ff221e838a41a3a5598d701186405b20ad85ed752362cdfa8a4d43eb5a9177b4160d649593d4b6430b479c7f4ee1c8aceb8c728bda7209701301471c508806b4a94ba7c8e3ccf8cc9810617b6d7e93551fa2ceadb791c53c447852532347b62ff597ba46faa66aca5a17984db98ecabe75f82d096b5121d7ad6737b3fb71360a4e929baab256b587dd7930a7be965105ce2a52f079d07232abbea7fd2b7b159f0f3b9b0842fc9bc6085acb559f2b2494d7281c7ad29374195535270bb5b25e382"]}, @NL80211_ATTR_S1G_CAPABILITY_MASK={0x1004, 0x129, "15d47868a4674f3b109a7f7d312ad66f67edde20f5645013cc27fc80a8a2ecdbb1f62c3538b31f0cd9c0cb2fa50442b9a34bc848ee89fdccd0f910bde1bae1fd846bbc753d0ed553aa884400a87787fa38dd828042d6db81ad3b44f47e5fa4b242b3b1235019f2a1812a25fe4d661b371eb01b7f5a766a962c043f6b3aedae9a3b8fc693a8c29a2e02a47d5c9f55fd39835987190813c4f4392424100e2cae0a40dee10b69d46b5e2e9fb1efa8df12decdcabc56eae1464d0aa1cd0ee31c9e458faf4fd4a4c21f44ba248f673842e8170f2d54237d80e38902b111aaa433e73cb09341f05b25f1062431389ac53b7f7ef5bc427c5724628fdc3bae5f95e9196a4d017d9e03d543861fc2d52fb12575f4cb5ee3427a89d26b8ac0ec83351c8dddfcf1c05ed59fb7d7e14a505b3b896ca6e2243cc8eb79d361351b35b88dd16a2b5fbed987a68df3ea806ea4e92ea3d480e1399d2b76856eb8feb1f0f6abd0ed6ee4d90f9e822a911f83e12dbe2b460d32e7c2917bb3a914f06b107158876b41ed28ab00b84cdffa905c75ee9055002039e9486bb3780a48bb4df4c66694446f388e1c3088326d1977fe1182fb6244588db2e4b31fc112ebe79f8f75fb49e52a770e8144844ad8fed11cc369f5cb8b3c3646bfc3c199ad438b8f4fdf0bf5741274e190336bd9556918dafcddfb861d503a01f819672390a154067eacdc0a70a12b239735c658f0110e763cbe7ef54afc37e52374f9debbe9a42b08eb90dbd791cd72a3f2eebd64efe3c76c661b8ad324b108b8dc3f318c5111c8d50401df6a53280668d1f221dd2c1cafa89dfc66b708acc1b210494302b3d76c6c0091335468e95559a24292c6c17e527e2f21208240555bc3f90503d23e5d468061d6601722be2813f7ca2ed2b5eeb13740165dca24e538f0f4ee4249acca896c33cf4b36fda4a5a5bea9c14e5ef34492f46fdd1b3ea715119c735f0deec6b34206005b07f69a4163080339b4b46d12c48dc362651d48272a019efbb56f2ad55b2ea4e3792577c50d536c8333db45300dac7f61f3ad95cd68aa3c7f9e49a23dfe0ceb2734289019e203823b8eeed0f3b86e54bb1c4e6ff6e0ed20a89f3d1caf434aa19a94908be635f718bcfe00a3c8ba7023d2c3eea0fbc6c76f6ea0edf194d8170a4f720fd5454aa83764229376420070c93c5fe949e548e42917846d08585e0733e6802255ad3f51141f8689d299419cb2b7a9493348399c1ccc65314c3f3f02643eae5f3c461b21cfa5bba920a897db9d60cdbd05e264dce2430234eb0ae6f0cde7c7f584a311779b7b36332c392d5661731fb7dfde43d0352e30065ca43488a040cb8a238024af1e9ef02c72a7e00031476839dd5dd3dfbbac4ea4207d831c142fa45245f428e34d7df545cba0c4ec83a403b30ec031c0cc76ccef2939f67340c3d02b3cb1fef0dcaa981547b4bffa6f2f7fc1db75cc02c59526758d5f69b3b73ae6935df13a6438f8a67059df1938162cd7cad64baaf691c6ff898ff3a8c66697e437cf312f32a0c5d7b9c7ee71d49d289fad11cd5eb1cbc7067699f4eedd7a39de8b0ce11a0f3d192892e34416dcfd7ee2b7077922392fd0082bb4db84d277894877bbd73a275981bb48f9b8a65a8d37626068f5225a535cf6cc71f5ac98bb07b4f6c36db457fdc0701ee493a7e35784f073b637b45bba9d2e0da09939bf8ab6db080c39808563fbf0af59dbd356a9228020e5e67a2ab3f0dc4e73f209b761486a2661f1549d0d8e623c5657be9979de54898b35e816259729c0cf38d39437baa2a859b37eda811ad4bf34bb2e66515c0277404d4d7250e9985ec88abac055762619033e7dcf3c7949948751ec2c161c582ebb88f3d95fed68d146b50dbd1b90514e90e39e167ac5a144b99d9f282759457a0538db6bb13f0e79f6c6fb5dfbd25130c6f4d1e1ec5ab6d66a5162439896884e81edce3ab7dc574442278fb877910e6e9d3c713bf52dd0acf46f4ba8a43b78e872819eaa95fa6eadddd2d0b0a9004737a5b29d59bf75ef6c0e726575d51af0fedb0c52dd6e822e7877429bdac9d7a74621f588c97a412601a6e236ec7633ff0f5145d59d52c82d3cef98de38945882bd66000849cf6f9afcf60acea6172e066f09c6ce37e110c34d473c488b8141d4d82d9dad84925bca56f9fd8e3507577181879d84b309b12031646844cea61ce625f865fc6b1040160b06a88bec08beaf0476d61d397c8a1e69120b6e015bba6f9d23e36b4057553333710aa191621f44600ec1a46a8c47b5ca7db010e0ebf885812b0429b7154954562eb6c16b8c7b942ca593f7977613cf4335d305197e7e2ae53fbc5207335e4cb1235b60a6e54e5be5b948320301f4b7609f9c36b1408972481aa1b43f6f6cb3369c4ea66ed948ad590503636921c5ec8961fd4fdfafb3a5fddff51c8ff6961411bd8e1e9858ac8faebf432eb89a836cdbdd2bb4ad76beabbae68b6c2e1e0d1126f595f36b70f7b9eab3885a5ba5c63c0cf2a2a289aecb24caddbd1dcbf8512fa7e1ef1f9f1072b58a0fe2f96721c1696aef33bc19ebe3607eba0723e8aff9617a0d38beeef1273ccb0b728fb05ced8e89fd0f60ec3473e411f5cb732bc8dec774c1d0a4e8e0af43fad20cfa91d88115026c459fd94b05c79d148d9c25846106e986ab16623ded6fc6ce797679a1aea81ce1e97616e2b295976b23633310c0a7579521001c36d6ade66e3296b1f59b2f936631197c36379decc9585eacc9a33870fe3fc45e0b85037880f50d657e7ee6aafc97aca2402b79744dd7e54fc3d79b56dbc341e876380127ebae30d36b4dda56394d47962a671b2dea317f24e56b2f604b29d458e9eea71d3c853501288dbbeff9c5469c6bb82f5e9d50e21ad195334a7e571877a39fcaffd62f9a8b4d27c9a6e97ccae977b7b8d68098ac73a948c20f4c251f324ceaf3b1c38fa575b1dc355013eb70534674e5a3cc13bc5f1ff7e98593cbb6771a3be2eed7c303553c8c2c0eb1095b2629b488719880908ceda2d70ffffa7aa730bd864e3b9841a6d7a5936b52ca7abc7e2312682bcbe587bab8b9afc56cd57fd591b60b6d885ddfbd2f2ab96203235cd6a574d1c9d973ed0728cfa19e07c37c9b7b97acad6dc3ebf37e6db6200f1fb05690062f7ca9ad23afd2d51560be03381dd4571f08446e5c62921bd12ae1ddc066a01d41e33db56431b8fefeb299f32ce4864cd5751d3480189dcccffd81db14e25b37c1bff0c4a56edcc3573d9f331fe51911346200b903dfbd1f9448cd37c82b499da9f5f2be912162398735081423960666781aaf5046f71523a03b01d395f1f7a5da3c30bec482c2032ae50657e14a005f982c276f61255b03db28365564433f05c0abf58ffca66b330dfdd1a96c98df3e985391e8b24d560dc742bc13668b903b41565e80f09f3820a1a311b86ce3bbef1edabb7b41744941b7be255809f2b9a3acd7e1b426be84a4eb8907eb030b1aa047dec36b4b6e1d2b3be63de00e816319ab394a92484dfa68f36136715d9dc656d5a8f3234fd158efb6fed6d4e5ebb26bc2426b777f1d0aeab1f22afd149714868b7379eeaa00614c652fcc162a648172152dd3cafd23500dca0fc2e0e69ae5d3b7b7cc5642235486c0efea42744a5f8e5f0c474f7cdb7b14fa588ab5ae002d70885726c629dffcb972d47c9e3f8ab13450a999d336b226766ec90f59bc849815e25f7231e7513db1fcf02ba3c299795efce90e4140f758a6813341aef8030d3edcef4680dd2370121d89c8bb212451b5bf30ff0591fa10665aed62ee60517e41ffd1fcd331cdd588338c1464ffe0c95fbc32961b9b395eced582749d7344d5a87b70db36f0b2ea9355f5e52e15b7948b38c76e5058ee462c2b3661e411cc08b154447af06aeee066babedcf3ef81b02e82a08d7bdd088b07b522d355aa77a2bed94ba04a35ae47c34db41586d3b90be65065e767f6d3d002ea6df249b1a5fc2d2082f1bebe7c91062ed92f723676a014506165ef0615f869e67ef2226049a27e96a37aa4b20ff74c3edc354a1c4e1e6e54c50c8bf8e2defa6c0cc8a983c5d786a96dde19ebd37ef674f0a4233b18bb5ad4d22317a0c41595ef9c244b89dcabaec1fca21220fe16ecef4f6a09da42a0b634ceadd8a2405cf747269eeb51278ac9d06e8046fca71eb0a15bc1f8df58f6597e2f8fc056f4d0006d3ae3f5afff3f618be3a1f840f73c39f60cd7d9e1b24a95537000d8dc5be5f791279e52c6f4f62cdfc9af209daffc0e6fe74ac76fa1084908b2c56b90a20e8109cb7648d7ab70ce093e1bcff0264a42c6db7bdd48631a4f96baffc609b952324d54a01992ee5952c414d033d613fe0be9284e01ca14bea8676b153a0bb9e48568654b8c0ffdcd75bd4384b5c15f05af67bd53d70e12b464c1011bf9c1bcfaa83f69d949e231d5aae2ceb4b78b5a2e432a3922f20e0538ecb47c38db3d3ce0490536d08bbd21ec7312a029663bf44ad684d9de9896e86a0aba084c1fee9c1311447904180a07b2290e5b95d7b79ff9cfccc4c5dd75025cda736941b6f8231e8d7ab0b57e7d786dd8b8f060771293a6ccf099dda68f295d3c4a9924e2ef989ebd6c37bad0ddeff126849af1ddfb4d6d038059e2bf7618aab55cdece411bad1556fcd2d6ab19eee3071b0485f738652b420e1e307528a00a2d019f59b7084ef420c53b79ee211d0b95bf71f0f079f34da8283382b5d02679921a336429211d3f29424b0d5fced2c613ece25b7f28ec1f9f4344593a0dc02c4f164bbf61bd4c66bad23b13fd4fb0d18db0614c50a70880475d55efad03ee17260fca35aa8a5b5d19b11d82d4970a33586fa63bf658cf430f2234a807015e363dd5778f307b345e315476fc3ee1386600ae35adff2fe5e852ed7ac42167287606ee1ae68eb9959a66db946e48a34c88054851832d897619927e1fd4f19739d241abdc08003b2728966914e466823ad71e38edac45e105858d0dd74195127ea625f53172931e5845b5291f4433e700e27a24dd25cae8395eb6b2bdcab5030f476136abc5dbeb0865987cf213df7568019510a39799ae4588eb2c9d145aa16cb25f06bf4acd4c5feadecfc78549aac653595bc95401d81d2baf108d137d00d61ccec5b24dec22376e286aba8d30e57e8f358d321baf88078e2c964d185b6169ff6747af28550afa3bcd9cfd6e829c5d40dc3ae0fd0bbd89674641ff1f4ce956b29ac385e047af3c54ac756dc0b805ced4f4805a2d508f80e3c6efa84e0b51969d2702ca2e6ebc298e27bbc7c4a6523dd359d4a2d271e8e7d9c49ffe867c4ddb393d82812dc16a6abf1fc84eaa921283ade4e2d54244f586fead6f47ac7a4fec459227850c9ae2f517ca0711f04c9cc5a7b4808a08293317271179eefcba3643db55e466941dee06c7d867683b472e71e800529722d76f92d556315998a308d3a44c2f358587324c03f523e76df149929236faf79d461aba626b37b287fb62547caf372a0b6fafed742781e7382c6be4dd38d34ba985514d797d469a2fb5d1f0ab90d4e6e924fd7d2853670f3c3a796dffbfd938a0a14857a263001fb33ea815ef5b0f9f0a1e28fdb2aa924e5eed1faf699f7d1f040934cedb98f1cea8cd78311eea3f40bcea9df63bb60103a69dbb23244d894e1ad6773c70eb7cab75c8946a63e3230a4d5ccd45008ae221d31e878134a9e3be778590ad7ae2547056acf149c0825c7205bd7854b753236c868eb2b5edf4c7d5853b80ca470545cb33587412cc96cf67"}]}, 0x1348}, 0x1, 0x0, 0x0, 0x4000080}, 0x20000081)
socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/bus/pci/00/03.0\x00', 0x181000, 0x0)
inotify_add_watch$auto(0xffffffffffffffff, 0x0, 0x1000e6e)
read$auto_tracing_saved_cmdlines_size_fops_trace(0xffffffffffffffff, &(0x7f0000000180)=""/52, 0x34)

2.459240599s ago: executing program 6 (id=2225):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sysfs$auto(0x2, 0x100000000000036, 0x0)
r0 = signalfd$auto(0xffffffffffffffff, 0x0, 0x8)
timer_create$auto(0x8, 0x0, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000100)=""/4102, 0x1006)
rt_sigprocmask$auto(0x0, &(0x7f0000000000)={0xfffffffffffffe01}, 0x0, 0x8)
timer_settime$auto(0x0, 0x3, &(0x7f00000000c0)={{0x0, 0x400}, {0x0, 0x87}}, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyd8\x00', 0x400000, 0x0)

1.570088794s ago: executing program 5 (id=2226):
mmap$auto(0x0, 0x20009, 0x4000000000da, 0xeb4, 0xffffffffffffffff, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000000800030004020000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a00010000000000000000000a0001000000000000000000080004000900000008000200", @ANYRES32=0x0, @ANYBLOB="08000400f3"], 0x68}, 0x1, 0x0, 0x0, 0x18a64d47ddeca1f0}, 0x40090)
socket(0x2, 0x3, 0x100)
socket(0x10, 0x5, 0x1)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB, @ANYBLOB="13"], 0x1ac}}, 0x4004)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000)
socket(0x2c, 0x3, 0x0)
madvise$auto(0x0, 0xfffffffffffefffd, 0x17)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nl802154(&(0x7f00000000c0), r0)
mmap$auto(0x0, 0x20009, 0xe, 0xeb1, 0x403, 0x8000)
openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x2002, 0x0)
mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', 0x0, 0xf, 0x0)
migrate_pages$auto(0x0, 0x99, 0x0, 0x0)
r1 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000180), 0x40900, 0x0)
ioctl$auto_UBI_IOCATT(r1, 0x40186f40, 0x0)

1.508107577s ago: executing program 6 (id=2227):
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x407, 0xffffffff, 0xd29e, 0x47, 0x1, 0x1007182, 0x2, 0x7, 0x6, 0x7, 0x89, 0x8, 0x4, 0x200000000001, 0x3, 0xfffffffffffffffa, 0x500000000000000, 0x0, 0x30, 0x0, 0x862, 0xe, 0x2, 0x9, 0x4, 0x83, 0xfffffffffffffffc, 0x0, 0x0, 0x80000000, 0x0, [0x0, 0x0, 0x0, 0x71, 0x0, 0x40000000000, 0x8, 0x0, 0x0, 0x0, 0x0, 0x3, 0x3, 0x2000000000000, 0x0, 0x0, 0x0, 0xf, 0x20000004, 0x800, 0x0, 0x0, 0x4000000010001, 0x1000000000, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x40000000000000, 0x0, 0x0, 0x2, 0xcc, 0x0, 0x3, 0xfffffffffffffffc, 0x1]}, 0x7, 0x9)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_PHY_GET(0xffffffffffffffff, &(0x7f0000003200)={0x0, 0x0, &(0x7f00000031c0)={&(0x7f0000000180)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010326bd7000ffdbdf252d"], 0x20}, 0x1, 0x0, 0x0, 0x2404c012}, 0x80)
r1 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x3f, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008)

1.394661831s ago: executing program 4 (id=2228):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socket(0x10, 0x2, 0x4)
recvmmsg$auto(0xffffffffffffffff, &(0x7f0000000100)={{0x0, 0xbb, 0x0, 0x8, &(0x7f0000000040), 0x81, 0x9}, 0xfffffffb}, 0x5, 0x6586, 0x0)
sendmsg$auto_NL802154_CMD_DEL_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x10001}, 0x80)
clock_gettime$auto(0x3, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
mmap$auto(0x0, 0x2020005, 0x203, 0xeb1, 0xffffffffffffffff, 0x8000)
socket(0x2, 0x1, 0x106)
listen$auto(0x3, 0x81)
socket(0x14, 0x80002, 0x77)
setsockopt$auto(0x3, 0x0, 0x11, 0x0, 0x0)
accept$auto(0x3, 0x0, 0x0)
setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9)

1.179673876s ago: executing program 4 (id=2229):
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0x2, 0x1, 0x0)
r0 = socket(0x1e, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0x2, 0x1, 0x0)
setsockopt$auto(r1, 0x6, 0x12, 0x0, 0x72a3)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0x400000000e31, 0xffffffffffffffff, 0x0)
futex$auto(&(0x7f0000000080)=0x1, 0xb, 0x1, 0x0, 0x0, 0xfffffffa)
r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000380)='/proc/thread-self/net/pppol2tp\x00', 0x0, 0x0)
pread64$auto(r2, 0x0, 0xd, 0x6e9)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0)
getrandom$auto(0x0, 0x6000000, 0x3)
mmap$auto(0x0, 0x810004, 0x6, 0x13, 0x3, 0x208000)
futex$auto(&(0x7f00000002c0)=0x6282, 0x9, 0x47e3, &(0x7f00000001c0)={0x4, 0x8}, &(0x7f0000000200)=0x9723, 0x7)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
preadv2$auto(0x3, &(0x7f0000001000)={0x0, 0x9}, 0x5, 0xffffffffffffffff, 0x7, 0x2e)
mmap$auto(0x7, 0x101, 0x4000000000df, 0xeb1, 0x200000401, 0x8000)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
close_range$auto(0x0, 0x5, 0x0)
r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000280)='/dev/tty12\x00', 0x101840, 0x0)
r4 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
ioctl$auto(r3, 0x541c, r4)
syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000040), r0)
shmctl$auto_IPC_RMID(0x0, 0x0, &(0x7f00000001c0)={{0x756, 0xffffffffffffffff, 0x0, 0x8000001, 0xa, 0x7, 0xfc3e}, 0x10001, 0x1000000000000000, 0x5, 0xfffffffffffffcd2, @raw=0xfd, @raw=0x4, 0xf8, 0x0, &(0x7f0000000080)="26baafa6838069e8f2b0c5393b8a5727da1a5e97c4e80ea44b643ad2e20efb1c258cb825a5b472868d27d809a8283b44527401ea76b3692df41fb016f2f7e9f3d453acff1454cc6b7f94daa7bb0e5909a1e9f3a65dbc86605d3d3a756192cd9d0092607adae81774edcea24e9134152d984a10dab36bfa1ffade7e", &(0x7f0000000100)="ea8997a7066e2cb26dcaf6b3a5beb92a25c1755a5cc2002367e2465977e2d168dead7e41b54a056068236667451ee6dd570710c0c9dfcfddfe40b7fd597061a563fb877b2881f4a55ad455e99e5195556e7719d6eb275a057e46746af3f416ca7f9a766b7ff9c8534759f59af9b030462bd89c3193384ebfd56670fcfc91711a48383e6794f7edeed4a1340e9edf51532bd8"})
ioctl$auto_XFS_IOC_ALLOCSP(0xffffffffffffffff, 0x4030580a, &(0x7f0000000240)={0x9ef, 0x4, 0x7, 0x7, 0x3dcb, <r5=>0x0})
r6 = syz_clone(0x4001000, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$auto(0x10, r6, 0x4, 0x7ff)
wait4$auto(r5, 0x0, 0x0, 0x0)

1.179185852s ago: executing program 6 (id=2230):
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty43\x00', 0x800, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x10, 0x2, 0x14)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x9, 0x20000000)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x18, 0xa, 0x1)
socket(0xa, 0x2, 0x0)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa}, 0x55)
semctl$auto(0x7, 0x2, 0x13, 0x1)
lsm_list_modules$auto(0x0, 0x0, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x6c, 0x697c}, 0xed71390}, 0x9a6, 0xff00)
socket(0x11, 0x80003, 0x300)
socket(0x2, 0x1, 0x0)
socket(0x10, 0x2, 0x0)
socket(0x38, 0x5, 0x7ff)
socket(0xa, 0x2, 0x73)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x1, 0x5)
socket(0xa, 0x5, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0x10, 0x2, 0x14)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r1, &(0x7f0000003000)={0x0, 0x0, &(0x7f0000002fc0)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000000a14af"], 0x14}, 0x1, 0x0, 0x0, 0x80c3}, 0x0)
mknod$auto(&(0x7f0000000100)='./file0\x00', 0xb95a, 0x8)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYRES8=r1], 0x1ac}}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4c084}, 0x51)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x2}, 0x3, 0x0)
ioctl$auto_TIOCSWINSZ2(r0, 0x5414, &(0x7f00000001c0))

866.247936ms ago: executing program 5 (id=2231):
socket(0x18, 0x80000, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000040)='/dev/usbmon26\x00', 0x40000, 0x0)
ioctl$auto_MON_IOCG_STATS(r0, 0x80089203, 0xffffffffffffffff)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x4040, 0x0)
mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_ila(&(0x7f0000000040), r1)
sendmsg$auto_ILA_CMD_DEL(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x1c, r2, 0x1, 0x70bd26, 0x6, {}, [@ILA_ATTR_CSUM_MODE={0x5, 0x7, 0x7}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000010}, 0x4000000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0)
ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r3, 0xc004500a, &(0x7f0000000000))
mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(0xffffffffffffffff, 0x0, 0x4000)
read$auto(0x3, 0x0, 0x8080)
socket(0x2c, 0x1, 0x100)
write$auto(0x3, 0x0, 0x9)
unshare$auto(0x40000080)
fsconfig$auto(r3, 0x800, &(0x7f0000000040)='/sys/devices/LNXSYSTM:00/LNXPWRBN:00/power/wakeup_abort_count\x00', 0x0, 0x0)
read$auto_ptdump_curusr_fops_(0xffffffffffffffff, &(0x7f0000001280)=""/228, 0xe4)
write$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffffff, &(0x7f0000000100)="624d1bfe0c60b4342a595046ab5c98199adf5fe5c8ca1812e57c9cfc87260600de0500e8fdffff08000000000000000000", 0x31)
syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_TIPC_NL_BEARER_SET(0xffffffffffffffff, &(0x7f0000002040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000004800)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x44}, 0x40044)
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0)
ioctl$auto(0x3, 0x80000541b, 0x38)
syz_genetlink_get_family_id$auto_taskstats(&(0x7f0000000140), 0xffffffffffffffff)
read$auto(0x3, 0x0, 0x7fffffff)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram1\x00', 0x143e02, 0x0)

865.275226ms ago: executing program 1 (id=2239):
mmap$auto(0x0, 0x20009, 0x4000000000da, 0xeb4, 0xffffffffffffffff, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000000800030004020000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a00010000000000000000000a0001000000000000000000080004000900000008000200", @ANYRES32=0x0, @ANYBLOB="08000400f3"], 0x68}, 0x1, 0x0, 0x0, 0x18a64d47ddeca1f0}, 0x40090)
socket(0x2, 0x3, 0x100)
socket(0x10, 0x5, 0x1)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB, @ANYBLOB="13"], 0x1ac}}, 0x4004)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000)
socket(0x2c, 0x3, 0x0)
madvise$auto(0x0, 0xfffffffffffefffd, 0x17)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nl802154(&(0x7f00000000c0), r0)
mmap$auto(0x0, 0x20009, 0xe, 0xeb1, 0x403, 0x8000)
openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x2002, 0x0)
mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', 0x0, 0xf, 0x0)
migrate_pages$auto(0x0, 0x99, 0x0, 0x0)
r1 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000180), 0x40900, 0x0)
ioctl$auto_UBI_IOCATT(r1, 0x40186f40, 0x0)

668.558145ms ago: executing program 6 (id=2232):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0)
ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0)
ioctl$auto_PPPIOCSMRU(r0, 0x40047452, 0x0)
r1 = socket(0xa, 0x2, 0x0)
ioctl$auto(0x3, 0xae41, r1)
mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x3, 0x0, 0xfffffffffffffffc, 0x696b}, 0xed7138c}, 0x2, 0x9)
r2 = socket(0xa, 0x5, 0x84)
sendto$auto(r2, 0x0, 0x401, 0x7f, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe80000700"}, 0x1c)
sendmsg$auto_L2TP_CMD_SESSION_MODIFY(r1, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)={0x314, 0x0, 0xe6d58171215dc1cc, 0x70bd25, 0x25dfdbff, {}, [@L2TP_ATTR_USING_IPSEC={0x5, 0x15, 0x7}, @L2TP_ATTR_STATS={0x2e0, 0x1e, 0x0, 0x1, [@nested={0x10e, 0x3c, 0x0, 0x1, [@generic="e3a65cc7f23fcc9cb8e71c5543f81eb4f6146eb2a23e5884aa35c19ae65d86c32381acd74f795ce86d71b89db4e845f4ce08e7905b9efdcaac795061cee05d4790d0e13414b42adf5daa9e4688676a8bb9809f73e0741c5f40a225ac280bce3cc0f18a5ece1b869d6f7bbacabda343e99c018a455ae572e0955c9584441d7849fd47504cd392c529114af0e90c2d1d93261d42ae3dd3d1f6786b08e871", @generic="ce63cf855300bd38679e9c6236a4fae4a34214716e01fe723ac13afacdcf7ef196e3c50fdea39ec815bb0f54ce5b855effe537aba789d78b8efb21c5d3e597e1a76d84b9eb38880fcae7a0827e6d79cff33713c7bb2f5688033f49beefc7761694506d38d4f25d0874", @nested={0x4, 0xa}]}, @nested={0x161, 0x101, 0x0, 0x1, [@typed={0x5, 0x2b, 0x0, 0x0, @str='\x00'}, @typed={0x4, 0xc5}, @generic="854eda99414cc94bb5a11f790d34b60f59f8dab43a40158d6466175f907af898a1d835c59966b8b859b36929480906e3b265955c8107b67c44a9e7b60e73c4dcd8149168745bd1e0c25d79f33bd1fa55d729fdb1265cbddc143666792df69f93037312b40ceaf890cd5d63a88ab326fd73f6ae0962391f75c435372a0cc54fbf4151356e5acbf0a2d0eabb6a281442c8be8efbf1591f3d418fa192ac71287be2fdbdeba808d41f63aa20e16ec1c37bfcf48a5e9282f1fef8f17d919b1c8332aed6fd50ab33455b5cccd75243975d4f002b5637844db56f82b51b1312d29b89b204783a5a6cb5bc8a", @generic="bb9a8ad4d1a69262ac2eb67b947c431a010d220e5d7774860244305ddd1d58f713a3bac76e7dbf0b783749aad760796e9aaa79af8cad3c9e367c2d80e1291d4d34b5d373164d97eda3", @typed={0x4, 0xbe}, @nested={0x4, 0x9e}, @nested={0x4, 0x4d}, @typed={0x11, 0x138, 0x0, 0x0, @str=']@{^#-{\x14^]::\x00'}]}, @generic="92a8de53bfb4b5b06283654651ef6d31bb11bbd64b3e2db2036aa0ec82957e56997623db2e5746a7f05a228ce95632a7df66c2ed2e18d6f2bc31591b2dfe53272c927940651ca1465ace07998d3d642ccef2c239fd932b590d4acbd62266a1f60e11035d7105143f"]}, @L2TP_ATTR_OFFSET={0x6, 0x3, 0x9}, @L2TP_ATTR_OFFSET={0x6, 0x3, 0x11}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x7}]}, 0x314}, 0x1, 0x0, 0x0, 0x40}, 0x4040041)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x22a02, 0x0)
r3 = socket(0x2, 0x80802, 0x0)
setsockopt$auto(r3, 0x11, 0x65, 0x0, 0x8)
close_range$auto(0x2, 0x8, 0x0)

335.234082ms ago: executing program 6 (id=2233):
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
r1 = ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
memfd_secret$auto(0x0)
r3 = socket(0x10, 0x2, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
ftruncate$auto(0x3, 0x700)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x801, 0x106)
getsockopt$auto(0x100000006, 0x0, 0x18, 0xfffffffffffffffe, 0x0)
r4 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000240), r3)
sendmsg$auto_L2TP_CMD_SESSION_CREATE(r1, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x2c, r4, 0x100, 0x70bd28, 0x25dfdbfc, {}, [@L2TP_ATTR_IP_SADDR={0x8, 0x18, 0x1}, @L2TP_ATTR_MTU={0x6, 0x1c, 0x7}, @L2TP_ATTR_L2SPEC_LEN={0x5, 0x6, 0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x8010)
r5 = ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
r6 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cec3\x00', 0x0, 0x0)
ioctl$auto_CEC_DQEVENT(r6, 0xc0506107, 0x0)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000080), r5)
r7 = openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000001d40), 0x40a40, 0x0)
ioctl$auto_snd_seq_f_ops_seq_clientmgr(r7, 0xf69, 0x0)
io_uring_register$auto(0x2, 0x1b, &(0x7f00000000c0), 0x1)
r8 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/block/loop6/queue/rq_affinity\x00', 0x121281, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(r8, &(0x7f0000000200)='5', 0x1)
r9 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0)
ppoll$auto(&(0x7f0000000100)={r0, 0x0, 0x7}, 0x7fffffff, &(0x7f0000000140)={0xffffffffffffff29, 0x401}, &(0x7f0000000180)={0x3}, 0x8)
sendfile$auto(r9, r5, 0x0, 0x3)

201.510947ms ago: executing program 1 (id=2234):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000001500), r0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000001540)={'netdevsim0\x00', <r2=>0x0})
sendmsg$auto_NET_SHAPER_CMD_GROUP(r0, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000000440)={0x30, r1, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@NET_SHAPER_A_HANDLE={0xc, 0x1, 0x0, 0x1, [@NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0x1}]}, @NET_SHAPER_A_LEAVES={0x4}, @NET_SHAPER_A_IFINDEX={0x8, 0x8, r2}, @NET_SHAPER_A_PARENT={0x4}]}, 0x30}, 0x1, 0x0, 0x0, 0x44000}, 0x14)
r3 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0)
ioctl$auto_PAGEMAP_SCAN(r3, 0xc0606610, &(0x7f0000000100)={0x60, 0x0, 0x100000, 0x7fffffffefff, 0xfffffffffffffffe, 0x1, 0x0, 0xe8, 0x0, 0x2, 0xe4, 0x2})
r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/system/cpu/cpu0/hotplug/fail\x00', 0x808882, 0x0)
write$auto(r5, &(0x7f00000004c0)='1\x00\\\xa0\x04|\xfd\xca\x12\xfa\b\x1c\xc7k\x923\xe05\"3n\x84n#\xd1\xcaso\v\xf0\xda\xbb\x86\xbcX\xb4\x999\\\xa8&;<\xca\xa8\x05\x9d\x9e-\xc3\x93\xaa\xda\x02\x03\xddUbHu\x01\x00\x00\x00\xac\xa7\x93T\aA\xbd\xc0\xb8K\xd7\xed\xcbP\xa1\xfe\xc7\xa1\x8b\xa7\x02\xad\xbc\xfaq*0F\xff&\xbb+\x9b\xe2\xbfd\xf7\xde\xb40\x1d=\x99\xe2\x06\xbf\x9cNS\xbf\x82\x9c\xfb', 0x3)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
mmap$auto(0x0, 0x401, 0x3, 0xeb1, r0, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/nbd5/queue/write_zeroes_max_bytes\x00', 0x0, 0x0)
sendmsg$auto_IEEE802154_SCAN_REQ(r0, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)={0x74, 0x0, 0x4, 0x70bd2a, 0x25dfdbfc, {}, [@IEEE802154_ATTR_TXPOWER={0x5, 0x21, 0x9}, @IEEE802154_ATTR_COORD_HW_ADDR={0xc, 0x9, 0xffffffffffff7fff}, @IEEE802154_ATTR_LLSEC_ENABLED={0x5}, @IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8, 0x2f, 0xffff103b}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0x1}, @IEEE802154_ATTR_CSMA_RETRIES={0x5, 0x25, 0x2}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "0a77582a60b187fbf0c2f978d9be400d"}, @IEEE802154_ATTR_SF_ORD={0x5, 0x18, 0xe}, @IEEE802154_ATTR_BAT_EXT={0x5, 0x1a, 0x7f}, @IEEE802154_ATTR_CAPABILITY={0x5, 0x11, 0xc1}]}, 0x74}, 0x1, 0x0, 0x0, 0x2005}, 0x8040)
socket(0x2, 0x3, 0xa)
socket(0x11, 0x80003, 0x300)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x2, 0x88)
r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0xc7f16bff2a10ba01, 0x0)
ioctl$auto_TIOCSTI2(r6, 0x5412, &(0x7f0000000080)="baba")
ioctl$auto(0x3, 0xc018aec0, r4)

0s ago: executing program 4 (id=2235):
mmap$auto(0x0, 0x400008, 0xdf, 0xfffffffffffffc10, 0xffffffffffffffff, 0x800008000)
open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) (async)
r0 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154)
r1 = fcntl$auto(r0, 0x400, 0x1)
execve$auto(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
execve$auto(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r2 = fcntl$auto(0x3, 0x10000008, 0x0)
r3 = fcntl$auto(0x3, 0x4, 0xa553)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x46) (async)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x46)
close_range$auto(0x2, 0x8, 0x0) (async)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/tty/ptyvb/uevent\x00', 0xd6142, 0x0) (async)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/tty/ptyvb/uevent\x00', 0xd6142, 0x0)
sendfile$auto(r1, r4, 0x0, 0xbff)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0xe6e43, 0x0) (async)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0xe6e43, 0x0)
keyctl$auto(0x10003, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) (async)
r5 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
write$auto_console_fops_tty_io(r5, &(0x7f0000001bc0)="51426572911c17e9dd66bf94ea32689283bb895dbc0a97721ed6e250c974356905898b7d48acecddf280cf6dd4ba18c1aa3928071c6585025ceab0e2f34f37ddec138ea587fc4def825608b0ab2a6ecac42062bd3c58ba606307b7471b20a40ffa168b91dde6727571c4ec94bfbde1df90ccb265ffda374c98ffb1ee22069af38a3f200532dbbe5e98f4455170e9a137517b9b7b8840359940ab00f37125c2bec0ac36606b6c69edb35967d723fb81a15faea2bd280d1581ad1ef597bb4dc09f6a5d53aaff1877b77c4e425761dc09d34498c1fce72c0ba1041a99b8748a37597b9567cda1de2cbf6962798e5ee11bf7cb2c70a9502f33c43b8e5dc54de743a2e24cb94c22d669b434888a7ce4cb16cd77b324258e07af32adc0cb38f8c622085783f6804edc3913fb9e98c55713fa0bf8101ad0f6f43407ce4be0001d1bb201bec283ade79ab23484c1076e703864629ac9a6031533dc956f705f89f0e0ef7d3109e46859d1f2ad1b8cb3cfcedf868a3be101e8b9acd75e39e6a27a541aa9fe86ad3119b7049c3fad2a901222eb948cabb4b5c3e5ba6ffc02a15bf7d550b00ab0f3dd3002924f7bd0701269ae293c4cb231b9127d1f6b38dd6fbb3429905384eed7eed9330a9c5e732bdd510169d9ca3e420ea2102be3770a0ab598c037b8f01e8910cf8b0942aafb156ac90724cf552df158a7f59c26e62f3fcf32d860c2259cb1b3118a773ff3cfbaf9c5b068dade5cd7778f1ea98700629b62534735fef3071c30afa6ea26f7e651ec140936c07d9e90f1c9faef3e05376b1e121af6a6691616c10e19fd4f16b1858b44d99e597908cda0e8fa8c21d8b700987d7723a4b5a4ff3c371f2d1cb9fb2f054abc58727239ba67a173f1431083fedc7c4304488c13c75e4995a58ac9de085377356ddc5338aeb44e7f3d06f82a5e0c846159c881a0395a3dbf32a9f2530a520721431a752b13b01a89bdf2b38387b72e8a533936623ec396f6ef94ddfcca047bf20a6fe450a03dedb36a57355e2519ff579b5c63095f48407ece8a7c6c4f5b2582616f0a6bba059810c0a28355fb08dceec9e290026452c3135f8ad93f9617f22e590122d43f6fdc1ea0f9ec12c551b5127108443bb081f7a89660034ea4f3c4305108428cc91918dbb28c2a117f09609e40903b13055e92a727afa767b1f97df335ee729686c0113e4cc18aa50f4ad82b1d403cc6c11ac3bf63415560417d7d488df01b69c925ca3fce60ca7ac767fd11df61caf62f3ab67dad043faf1cc334903e0f419c2e97553ecaad5814bf097192e76e9a16bc5c9be932718aba32cd7dbcc6bc634a463c6f709cc81963b39442e710c14c7e107b0aeb7b6a0e3f3757860d10dd741863277c43ce4dcec49f4558959b08f59182baf4f250aa045fee383ceaec280817bf222dfbeeca8c1ec8473176326c1ffd49ea072b5f3c73f36865b6052a1595c1bb76cfe37f976848fbcb408381ddeff9c318a2e6bbfe6c18ef16531fec3c47874a5391238c0d6b0e033db3fce94127cc9c98a4211e5d873f7b4810846d96be2d6cac532fce0ddee737e4d1ddb65b8b2449984a897e4090449ed4fb4006fb9d133e51396d4664a3f0c395c5b24781f8389979ccb565c6461b66db7134d15cff5ae8f935a5bcb23caace2edd2b37a726575e3cb0528de05edd9f03e30feb617767b6a557280a0a288b52af44a1607b6063867e5c9d8d56c44968fd509b5983fa06e6b1eefb2f8cee0c1cb49b8b569cf13b77adbc22ce972cd718167ac571ee41a446d13931f849d5636c729996b36ec84171fde260a4e01e9770cf687591a79833ae6473c51e12c0faab96ef093e6178d485526dbf775c94324c76bd4af2652e9036b1cc0d3df05c9232ee6eef7c4f46a6cf8ad160ad087aba6928bf156bf3ade1d135a965c4a2b283485737da67fe99227f2fbfb3baa74d75fe29122adfd82fcb9325b7ea826a52559654e76d494a374d9535facfcd4ab248e388c516bb8a0dc151b1557e418fd7c625c67ab1c50d6f05b97ba15c55631aeea44b21131aa93ead176f7bfd1418856e38782f004f272738827a64bb695f6b6a08cff8d1917be52a8851bd2bfd57d08bb0660e2ffc23792a419c2e9b006e3b0ad05044d99b97391fd2cceb86cf26acebe089a861340b04fd01e1baa70583032a30ea2e605217b80f7ee16d7e28be43d12bb2b67937dd26a8aeb84fef2f2d52f75232a400e7b279dcfc01953b0c46203477a50b5853e8f7b14b2ba31db742504bca6ed95b18846706c9fd85bf2a3a2642029b9ff2828bf0f7cbd96109a237961be8fe5c62f0fcc04c994f123f4a22f048403eac9308cfd2f2e4350c72e9ef83416ce973d3aa90d281a0275886dd3858b5869784ae58e257aa5af6d373dcc9cf520e364be748833adbb10daa6f6a334b51d27529d86ea5ce874562f9f93da45d244224b936fced3b658abbe7aa1f0d502fffce823f528ab47ea3540722f144733666229ae08cfc7e61247742ea4e3c180938ae7c7b81c1ee975c831f79672e044cefc4", 0x70b)
lseek$auto(0x3, 0x7fbfffffffffffff, 0x1)
openat$auto_btrfs_ctl_fops_super(0xffffffffffffff9c, &(0x7f0000000f40), 0x82100, 0x0)
ioctl$auto_BTRFS_IOC_GET_SUPPORTED_FEATURES(r2, 0x80489439, &(0x7f0000000040)=[{0xe4, 0x2, 0x8000000000000000}, {0x5, 0x5, 0x2}, {0xa6}]) (async)
ioctl$auto_BTRFS_IOC_GET_SUPPORTED_FEATURES(r2, 0x80489439, &(0x7f0000000040)=[{0xe4, 0x2, 0x8000000000000000}, {0x5, 0x5, 0x2}, {0xa6}])
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x20800, 0x0) (async)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x20800, 0x0)
statmount$auto(0x0, 0x0, 0x1fe, 0x5) (async)
statmount$auto(0x0, 0x0, 0x1fe, 0x5)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0x51c, 0x8000)
unshare$auto(0x40000080) (async)
unshare$auto(0x40000080)
mmap$auto(0x2000000000, 0x20009, 0x7, 0x12, r3, 0xf4e)
mmap$auto(0x1, 0x9, 0x7, 0xeb1, 0x404, 0x10008000)
r6 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x101502, 0x0)
write$auto_console_fops_tty_io(r6, &(0x7f0000000840)="5142651f911c17e9dd66bf94ea32689283bb895dbc0a97721ed6e250c974356905898b7d48acecddf280cf6dd4ba18c1aa3928071c6585025ceab0e2f34f37ddec138ea587fc4def825608b0ab2a6ecac42062bd3c58ba606307b7471b20a40ffa168b91dde6727571c4ec94bfbde1df90ccb265ffda374c98ffb1ee22069af38a3f200532dbbe5e98f4455170e9a137517b9b7b8840359940ab00f37125c2bec0ac36606b6c69edb35967d723fb81a15faea2bd280d1581ad1ef597bb4dc09f6a5d53aaff1877b77c4e425761dc09d34498c1fce72c0ba1041a99b8748a37597b9567cda1de2cbf6962798e5ee11bf7cb2c70a9502f33c43b8e5dc54de743a2e24cb94c22d669b434888a7ce4cb16cd77b324258e07af32adc0cb38f8c622085783f6804edc3913fb9e98c55713fa0bf8101ad0f6f43407ce4be0001d1bb201bec283ade79ab23484c1076e703864629ac9a6031533dc956f705f89f0e0ef7d3109e46859d1f2ad1b8cb3cfcedf868a3be101e8b9acd75e39e6a27a541aa9fe86ad3119b7049c3fad2a901222eb948cabb4b5c3e5ba6ffc02a15bf7d550b00ab0f3dd3002924f7bd0701269ae293c4cb231b9127d1f6b38dd6fbb3429905384eed7eed9330a9c5e732bdd510169d9ca3e420ea2102be3770a0ab598c037b8f01e8910cf8b0942aafb156ac90724cf552df158a7f59c26e62f3fcf32d860c2259cb1b3118a773ff3cfbaf9c5b068dade5cd7778f1ea98700629b62534735fef3071c30afa6ea26f7e651ec140936c07d9e90f1c9faef3e05376b1e121af6a6691616c10e19fd4f16b1858b44d99e597908cda0e8fa8c21d8b700987d7723a4b5a4ff3c371f2d1cb9fb2f054abc58727239ba67a173f1431083fedc7c4304488c13c75e4995a58ac9de085377356ddc5338aeb44e7f3d06f82a5e0c846159c881a0395a3dbf32a9f2530a520721431a752b13b01a89bdf2b38387b72e8a533936623ec396f6ef94ddfcca047bf20a6fe450a03dedb36a57355e2519ff579b5c63095f48407ece8a7c6c4f5b2582616f0a6bba059810c0a28355fb12dceec9e290026452c3135f8ad93f9617f22e590122d43f6fdc1ea0f9ec12c551b5127108443bb081f7a89660034ea4f3c4305108428cc91918dbb28c2a117f09609e40903b13055e92a727afa767b1f97df335ee729686c0113e4cc18aa50f4ad82b1d403cc6c11ac3bf63415560417d7d488df01b69c925ca3fce60ca7ac767fd11df61caf62f3ab67dad043faf1cc334903e0f419c2e97553ecaad5814bf097192e76e9a16bc5c9be932718aba32cd7dbcc6bc634a463c6f709cc81963b39442e710c14c7e107b0aeb7b6a0e3f3757860d10dd741863277c43ce4dcec49f4558959b08f59182baf4f250aa045fee383ceaec280817bf222dfbeeca8c1ec8473176326c1ffd49ea072b5f3c73f36865b6052a1595c1bb76cfe37f976848fbcb408381ddeff9c318a2e6bbfe6c18ef16531fec3c47874a5391238c0d6b0e033db3fce94127cc9c98a4211e5d873f7b4810846d96be2d6cac532fce0ddee737e4d1ddb65b8b2449984a897e4090449ed4fb4006fb9d133e51396d4664a3f0c395c5b24781f8389979ccb565c6461b66db7134d15cff5ae8f935a5bcb23caace2edd2b37a726575e3cb0528de05edd9f03e30feb617767b6a557280a0a288b52af44a1607b6063867e5c9d8d56c44968fd509b5983fa06e6b1eefb2f8cee0c1cb49b8b569cf13b77adbc22ce972cd718167ac571ee41a446d13931f849d5636c729996b36ec84171fde260a4e01e9770cf687591a79833ae6473c51e12c0faab96ef093e6178d485526dbf775c94324c76bd4af2652e9036b1cc0d3df05c9232ee6eef7c4f46a6cf8ad160ad087aba6928bf156bf3ade1d135a965c4a2b283485737da67fe99227f2fbfb3baa74d75fe29122adfd82fcb9325b7ea826a52559654e76d494a374d9535facfcd4ab248e388c516bb8a0dc151b1557e418fd7c625c67ab1c50d6f05b97ba15c55631aeea44b21131aa93ead176f7bfd1418856e38782f004f272738827a64bb695f6b6a08cff8d1917be52a8851bd2bfd57d08bb0660e2ffc23792a419c2e9b006e3b0ad05044d99b97391fd2cceb86cf26acebe089a861340b04fd01e1baa70583032a30ea2e605217b80f7ee16d7e28be43d12bb2b67937dd26a8aeb84fef2f2d52f75232a400e7b279dcfc01953b0c46203477a50b5853e8f7b14b2ba31db742504bca6ed95b18846706c9fd85bf2a3a2642029b9ff2828bf0f7cbd96109a237961be8fe5c62f0fcc04c994f123f4a22f048403eac9308cfd2f2e4350c72e9ef83416ce973d3aa90d281a0275886dd3858b5869784ae58e257aa5af6d373dcc9cf520e364be748833adbb10daa6f6a334b51d27529d86ea5ce874562f9f93da45d244224b936fced3b658abbe7aa1f0d502fffce823f528ab47ea3540722f144733666229ae08cfc7e61247742ea4e3c180938ae7c7b81c1ee975c831f79672e044cefc49894c2ab73bba2580ac476cc0e56b6748b8edbb37a3f8dda7ffad4ec07abce7c4d10fc32e40d5a9db37f7b1e3a6eabedbefa9dd8eef189b92363d3391d384af26b7d47958d3d82845c9b668da5bcbd64058dc9e1c6d903ab5d2aa049d197116a11309a1abe9e5b3f9e7f1c623242b1d8089bc369d145a7070e8a9bdf543dbffe899ff9366009a3b0424a634681b530dad9ef23f136a10c7287068e57f3c2de45adf0a105c328e0035b97168f4c17aa4610b2e6e1a6ba0b71c06417b7a9497be4a009b19d7162adfd4d7b6490faf3782a920281333ad09b848ab5f4d15534b8c4e43dc9604b0630f8d349b2c80a98fde04693c31cbed7d460edfc0138dcc5d3974e682bbd555ac19625bf6e0607d8803391ec9c2dc41fc4e8bceae4f53507137324dd02914a067d52a577b812ddac4a34765c26a98839b3edb6290abff0c75991d6f8c1bd7540f38a7f25fec2f3539f894c938e1f3cf0ff1e6994d6a6ecc457a482f045ba712a85e8e31afd49c8e3480dc1c36d56ab2eceac6e5a847455d8ef4e3d45cd463c421bd1bce2ca57dd88f0e7ab3446cdfa8cb3914c240936f1738af7009e9131b240b59af55d7e38307b91fc8f00410cfdcfacaa341607a801afa63640091eb00b860700ea882878a8d9838f5597b970366be7d167ddebfe3c9253b5dbf7f30a67ee4d87dccb3c723c20200aa5fc036caf12811b19ce49c81ce328d7b24587353ecb99bafd327e33303cf447b36800d1bed8ee10df527d55c0d5f7506fb11cb1338074113579e665c6f3cffde5a8ee7fa7bf3f8157986cf7c1c5dbdedaacbe3946b3d8809dec7387f006c062b93b6b481a806e5544ddeea7218fcc15c25a88164bfd0735e6290167cb2dbf4b4a317ba00b1fc27d203a6cff71ef8fe97a97d8e07af2ce1d0a0a2aa9ede7dd0572325075c83c2ecf866aa01654eff55ebe4e489e72152e6a3090e2348732704eb02997ffd23a63faabfbbbd1fb124cab606faed24a393058cea1c1286001ee5c0c1fa26b6a81ebdd4718a94cebdb45bfe812c771df398d3305da03d37ced9d0242b6da212dc9f5c14d7ff999bee20f6621792d1442e449eba8589a823e5e99c65fdffbaefe89e2e32406ec4cf574e335e2d288e4cdad56f4b1b57c364ed3e28809e480d6f410c7ebf43bd2a605d6a8c9facae6b7f8f2c56f792ae21fc0cc5dd9beae0cab3547ebb5467183c2f01bc315bd7bd191088886752dc5108093bdbc91348743440130f33d3dfa9c25490245e5fa904f8660e82253c826b7bea4e9a7a1c627e10c56d71878a644bd176016f29cf5398be14cc0fdec45c65e2b967aedb75212eed1eb05a44da62190009d1c08163b74813b82c27f1e6cd681a4b5150f967444b7bc930da68603fd706e96ba8663b2e50ef0a9b04e321a8a337b08fea7288a3fef5062c7e4c17ad3d490870d39c10b78a74eab25c993527e313a4f59d86de55aa9a8a63f734c2db556692fe993b0cd08e0ab5434c9ec02d5127354f55e6b5d5a7b61685d02edae21ece71d203abf7408211229a9ebbfdeffa2c0f38db274066d0706d80398c172e6daf4a0dce62c2287cbf0d30cfa313d7baf4e5caa18f594f0ab0d854f3cef76ff83e96fa49d0e0f8a47193b51a0a45aee2e1d9a5b372b8ee828f645a06979ec351d798480c7824e846028c02f58b5641acbae1e2079abd86182a662bb1642c9346d7fba628fb012da293acef33b8b76a8885c2e5d685348b6148c5b44409f58d8d5f29344fe8a2e4c2432ae622bb1912ea65d55745eff6aa689e859dcaeff39bff895025bd72cd780d59cbaa0886afd5d6676d2de6266903115525c075cc3f75ce9eba3787a890e1f758f0e502c4c9c0538dc942cf4e2d69742edeeddb66b1d459fcf6f744b2c40111104ab21fd4e99b4477e25cc5a9af59108c8b2f569d4ba227c754f294fdc1e6b383fd89861a203f4d4ee33814aeb21ee411a0d6918533aa2450b1e35c97ab6f01f3829c8a4c33fe0fbc81dd579bbdb44eda4f335d2bc512ca7f38f603c29033c94df2c9533f4422432f574a021e90a0fe3a4cf54de46e25986315b30956face49e26e8dcbcc9e1363627a9f38a2ee8304307dab4013d77f4c337551e2a6ac230788513cdd15e734263e4973c75757d9809c510977adc3be6c5b110597b09c7dad1f54e4506744710b53221e4a7982ac4c59bfae6370258b5af7864a4ca680addd736e35da579cc0e975e6cdefa3d082c8b4b10b205278c5e60507f5bf17a3c822a6e70e087df68022c1315cf499750e86ea1e060e63ebf63973eebe34ba6e687eda5ef020b61896a187842d219b2b9787be7910fc5180b277f2b00d760629816aa6a7240d7b1984158107eab929d79d6264611d404f2331eda49fe426edc34793dd3252aa54eb44544774d060269913cfcb105f55836eb6702c6034a3fe98bc9678850e54903d3", 0xdd4)
r7 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D2\x00', 0x20200, 0x0)
setsockopt$auto_SO_WIFI_STATUS(r7, 0x4, 0x29, &(0x7f0000000300)='\x05\a\x89\xaa([\xa8\x92\x0e=\xc0\xacJ\x9b\xd9u;\x87\x12eDg[\x11\xfed\x03\x9c\xa8oB\xa62\xec\xb7-cs\x03\xd9\xbc\x7f+\xdb\xc02\xf5;\xb1e\x05\xbd#\xf0\xbbf\xd4\xfe\x99\x7f\xc6j\xb3|\x87\x99\xca\x9b\xa4\x02J\xc6\xfb\x04\x95\x94\xa9\xd1\xa7\t\xe7\xb5\xd1\xf8`\xc1\xb8\x13\xfd;\xc3\xb5\xfeC\x01\xe5G(\xc2\xc7r\x90\xd3Op\x95\x925CZa\xcd*J*1ueJ\x9b\x97\x9e\x04\xa6\t\xa0X\x18\x8fl\xd7c\xf9!\xc3+dW\xf4>\xd8\xa4$\xc7\xa1y\xfc\x9b;r\xc7\xbf\xfdg\xc3\xee\x1a\xe3\xb1\xc3o\xb1\x84y\x93\x7f/ngp\xa1\x92\x88H\xfa\xa8\xb1r\xee\x00'/195, 0x40)

kernel console output (not intermixed with test programs):

337][T14865]  mm_release+0x24a/0x2f0
[  566.871378][T14865]  do_exit+0x675/0x2a30
[  566.871413][T14865]  ? __pfx_do_exit+0x10/0x10
[  566.871441][T14865]  ? do_raw_spin_lock+0x128/0x260
[  566.871472][T14865]  ? find_held_lock+0x2b/0x80
[  566.871506][T14865]  ? get_signal+0x7e0/0x21e0
[  566.871562][T14865]  do_group_exit+0xd5/0x2a0
[  566.871596][T14865]  get_signal+0x1ec7/0x21e0
[  566.871645][T14865]  ? ksys_write+0x190/0x250
[  566.871675][T14865]  ? __pfx_get_signal+0x10/0x10
[  566.871717][T14865]  ? do_futex+0x192/0x350
[  566.871747][T14865]  arch_do_signal_or_restart+0x91/0x770
[  566.871782][T14865]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  566.871816][T14865]  ? __pfx___x64_sys_futex+0x10/0x10
[  566.871839][T14865]  ? xfd_validate_state+0x129/0x190
[  566.871880][T14865]  exit_to_user_mode_loop+0x86/0x4a0
[  566.871905][T14865]  ? rcu_is_watching+0x12/0xc0
[  566.871937][T14865]  do_syscall_64+0x668/0xf80
[  566.871975][T14865]  ? clear_bhb_loop+0x40/0x90
[  566.872006][T14865]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  566.872035][T14865] RIP: 0033:0x7f1b2479bf79
[  566.872058][T14865] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  566.872086][T14865] RSP: 002b:00007f1b256ed0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  566.872114][T14865] RAX: fffffffffffffe00 RBX: 00007f1b24a15fa8 RCX: 00007f1b2479bf79
[  566.872134][T14865] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f1b24a15fa8
[  566.872152][T14865] RBP: 00007f1b24a15fa0 R08: 0000000000000000 R09: 0000000000000000
[  566.872170][T14865] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  566.872187][T14865] R13: 00007f1b24a16038 R14: 00007fff6aec24d0 R15: 00007fff6aec25b8
[  566.872226][T14865]  </TASK>
[  567.217380][T14875] FAULT_INJECTION: forcing a failure.
[  567.217380][T14875] name fail_futex, interval 1, probability 0, space 0, times 0
[  567.232574][T14875] CPU: 0 UID: 0 PID: 14875 Comm: syz.6.1931 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  567.232623][T14875] Tainted: [L]=SOFTLOCKUP
[  567.232634][T14875] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  567.232653][T14875] Call Trace:
[  567.232664][T14875]  <TASK>
[  567.232676][T14875]  dump_stack_lvl+0x100/0x190
[  567.232723][T14875]  should_fail_ex.cold+0x5/0xa
[  567.232757][T14875]  get_futex_key+0x1d2/0x1620
[  567.232806][T14875]  ? __pfx_get_futex_key+0x10/0x10
[  567.232863][T14875]  futex_wait_setup+0x81/0x500
[  567.232907][T14875]  __futex_wait+0x19f/0x300
[  567.232944][T14875]  ? __pfx___futex_wait+0x10/0x10
[  567.232985][T14875]  ? __pfx_futex_wake_mark+0x10/0x10
[  567.233023][T14875]  ? futex_hash+0x2c5/0x380
[  567.233076][T14875]  futex_wait+0xed/0x380
[  567.233109][T14875]  ? __pfx_futex_wait+0x10/0x10
[  567.233162][T14875]  do_futex+0x1ef/0x350
[  567.233190][T14875]  ? __pfx_do_futex+0x10/0x10
[  567.233220][T14875]  ? __fget_files+0x21f/0x3d0
[  567.233253][T14875]  __x64_sys_futex+0x34f/0x4d0
[  567.233284][T14875]  ? __pfx___x64_sys_futex+0x10/0x10
[  567.233311][T14875]  ? xfd_validate_state+0x129/0x190
[  567.233358][T14875]  do_syscall_64+0x106/0xf80
[  567.233400][T14875]  ? clear_bhb_loop+0x40/0x90
[  567.233437][T14875]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  567.233467][T14875] RIP: 0033:0x7f290359bf79
[  567.233491][T14875] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  567.233520][T14875] RSP: 002b:00007f29045420e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  567.233557][T14875] RAX: ffffffffffffffda RBX: 00007f2903815fa8 RCX: 00007f290359bf79
[  567.233577][T14875] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f2903815fa8
[  567.233597][T14875] RBP: 00007f2903815fa0 R08: 0000000000000000 R09: 0000000000000000
[  567.233617][T14875] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  567.233635][T14875] R13: 00007f2903816038 R14: 00007ffda4012640 R15: 00007ffda4012728
[  567.233674][T14875]  </TASK>
[  568.235127][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  568.241599][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  570.046542][T14932] FAULT_INJECTION: forcing a failure.
[  570.046542][T14932] name failslab, interval 1, probability 0, space 0, times 0
[  570.091982][T14932] CPU: 0 UID: 0 PID: 14932 Comm: syz.6.1942 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  570.092028][T14932] Tainted: [L]=SOFTLOCKUP
[  570.092047][T14932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  570.092065][T14932] Call Trace:
[  570.092075][T14932]  <TASK>
[  570.092086][T14932]  dump_stack_lvl+0x100/0x190
[  570.092133][T14932]  should_fail_ex.cold+0x5/0xa
[  570.092167][T14932]  should_failslab+0xc2/0x120
[  570.092201][T14932]  ? __register_sysctl_table+0xbe4/0x1650
[  570.092243][T14932]  __kmalloc_noprof+0xf6/0x9c0
[  570.092283][T14932]  ? find_held_lock+0x2b/0x80
[  570.092319][T14932]  ? __register_sysctl_table+0xbc8/0x1650
[  570.092360][T14932]  ? __register_sysctl_table+0xbc8/0x1650
[  570.092409][T14932]  ? __register_sysctl_table+0xbe4/0x1650
[  570.092448][T14932]  __register_sysctl_table+0xbe4/0x1650
[  570.092496][T14932]  ? __pfx___register_sysctl_table+0x10/0x10
[  570.092537][T14932]  ? is_module_address+0x69/0xf0
[  570.092564][T14932]  ? register_net_sysctl_sz+0x222/0x430
[  570.092607][T14932]  __addrconf_sysctl_register+0x1a2/0x360
[  570.092646][T14932]  ? __pfx___addrconf_sysctl_register+0x10/0x10
[  570.092688][T14932]  ? __asan_memcpy+0x3c/0x60
[  570.092735][T14932]  addrconf_init_net+0x4fb/0x8e0
[  570.092769][T14932]  ? __pfx_addrconf_init_net+0x10/0x10
[  570.092802][T14932]  ops_init+0x1e2/0x5f0
[  570.092840][T14932]  setup_net+0x118/0x3a0
[  570.092876][T14932]  ? __pfx_setup_net+0x10/0x10
[  570.092908][T14932]  ? lockdep_init_map_type+0x5c/0x250
[  570.092940][T14932]  ? mutex_init_lockep+0x110/0x150
[  570.092977][T14932]  copy_net_ns+0x46f/0x7c0
[  570.093019][T14932]  create_new_namespaces+0x3ea/0xac0
[  570.093078][T14932]  unshare_nsproxy_namespaces+0xc3/0x1f0
[  570.093124][T14932]  ksys_unshare+0x455/0xab0
[  570.093159][T14932]  ? __pfx_ksys_unshare+0x10/0x10
[  570.093189][T14932]  ? xfd_validate_state+0x129/0x190
[  570.093235][T14932]  __x64_sys_unshare+0x31/0x40
[  570.093266][T14932]  do_syscall_64+0x106/0xf80
[  570.093307][T14932]  ? clear_bhb_loop+0x40/0x90
[  570.093343][T14932]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  570.093372][T14932] RIP: 0033:0x7f290359bf79
[  570.093398][T14932] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  570.093427][T14932] RSP: 002b:00007f2904542028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  570.093456][T14932] RAX: ffffffffffffffda RBX: 00007f2903815fa0 RCX: 00007f290359bf79
[  570.093476][T14932] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  570.093494][T14932] RBP: 00007f29036327e0 R08: 0000000000000000 R09: 0000000000000000
[  570.093513][T14932] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  570.093531][T14932] R13: 00007f2903816038 R14: 00007f2903815fa0 R15: 00007ffda4012728
[  570.093571][T14932]  </TASK>
[  570.093585][T14932] sysctl could not get directory: /net/ipv6/conf/all -12
[  570.805618][T14944] bcache: register_bcache() error : Not a bcache superblock (bad offset)
[  570.818068][T14941] bcache: register_bcache() error : Not a bcache superblock (bad offset)
[  572.897987][T14958] syz.4.1948 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  573.002150][T14958] CPU: 0 UID: 0 PID: 14958 Comm: syz.4.1948 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  573.002194][T14958] Tainted: [L]=SOFTLOCKUP
[  573.002204][T14958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  573.002220][T14958] Call Trace:
[  573.002229][T14958]  <TASK>
[  573.002240][T14958]  dump_stack_lvl+0x100/0x190
[  573.002283][T14958]  dump_header+0xfb/0x606
[  573.002314][T14958]  oom_kill_process.cold+0xd/0x321
[  573.002346][T14958]  out_of_memory+0x340/0x14f0
[  573.002381][T14958]  ? __pfx_out_of_memory+0x10/0x10
[  573.002420][T14958]  mem_cgroup_out_of_memory+0xc6/0x130
[  573.002461][T14958]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  573.002500][T14958]  ? find_held_lock+0x2b/0x80
[  573.002543][T14958]  ? do_raw_spin_unlock+0x145/0x1e0
[  573.002576][T14958]  ? _raw_spin_unlock+0x28/0x50
[  573.002616][T14958]  try_charge_memcg+0x652/0xc90
[  573.002655][T14958]  ? __pfx_try_charge_memcg+0x10/0x10
[  573.002696][T14958]  ? find_held_lock+0x2b/0x80
[  573.002729][T14958]  ? rcu_read_unlock+0x17/0x60
[  573.002761][T14958]  ? rcu_read_unlock+0x17/0x60
[  573.002807][T14958]  charge_memcg+0xa6/0x280
[  573.002839][T14958]  mem_cgroup_swapin_charge_folio+0xeb/0x470
[  573.002881][T14958]  __read_swap_cache_async+0x449/0x610
[  573.002927][T14958]  ? __pfx___read_swap_cache_async+0x10/0x10
[  573.002969][T14958]  ? rcu_is_watching+0x12/0xc0
[  573.002999][T14958]  ? finish_task_switch.isra.0+0x205/0xb80
[  573.003041][T14958]  ? finish_task_switch.isra.0+0x2c6/0xb80
[  573.003087][T14958]  swap_cluster_readahead+0x414/0x770
[  573.003127][T14958]  ? __schedule+0x1035/0x6000
[  573.003170][T14958]  ? __pfx_swap_cluster_readahead+0x10/0x10
[  573.003230][T14958]  ? schedule+0x2bf/0x390
[  573.003269][T14958]  ? get_vma_policy+0x23f/0x3b0
[  573.003305][T14958]  swapin_readahead+0x14b/0x12e0
[  573.003347][T14958]  ? folio_wait_bit_common+0x496/0xa70
[  573.003383][T14958]  ? __pfx_swapin_readahead+0x10/0x10
[  573.003425][T14958]  ? find_held_lock+0x2b/0x80
[  573.003461][T14958]  ? swap_cache_get_folio+0x272/0x920
[  573.003505][T14958]  ? swap_cache_get_folio+0x272/0x920
[  573.003543][T14958]  ? swap_cache_get_folio+0x1f/0x920
[  573.003580][T14958]  ? swap_cache_get_folio+0x2a2/0x920
[  573.003624][T14958]  ? __pfx_swap_cache_get_folio+0x10/0x10
[  573.003662][T14958]  ? __pfx_get_swap_device+0x10/0x10
[  573.003701][T14958]  ? do_swap_page+0x9ba/0x6810
[  573.003739][T14958]  do_swap_page+0x9ba/0x6810
[  573.003790][T14958]  ? __lock_acquire+0x4a5/0x2630
[  573.003821][T14958]  ? __lock_acquire+0x4a5/0x2630
[  573.003851][T14958]  ? __pfx_do_swap_page+0x10/0x10
[  573.003894][T14958]  ? __pfx_default_wake_function+0x10/0x10
[  573.003939][T14958]  ? ptep_set_access_flags+0x103/0x160
[  573.003969][T14958]  ? rcu_is_watching+0x12/0xc0
[  573.004001][T14958]  ? __pte_offset_map+0x179/0x310
[  573.004038][T14958]  __handle_mm_fault+0x18b9/0x2b50
[  573.004086][T14958]  ? reacquire_held_locks+0xce/0x1e0
[  573.004115][T14958]  ? __pfx___handle_mm_fault+0x10/0x10
[  573.004162][T14958]  ? lock_vma_under_rcu+0x17c/0x5a0
[  573.004225][T14958]  handle_mm_fault+0x36d/0xa20
[  573.004274][T14958]  do_user_addr_fault+0x5a3/0x12f0
[  573.004323][T14958]  exc_page_fault+0x6f/0xd0
[  573.004361][T14958]  asm_exc_page_fault+0x26/0x30
[  573.004388][T14958] RIP: 0033:0x7f1b24659392
[  573.004410][T14958] Code: 4c 89 d8 eb ce 48 b8 20 91 10 00 00 86 00 00 eb c2 0f 1f 80 00 00 00 00 53 48 89 fb 48 85 ff 74 47 80 3d 54 c3 ee 00 00 75 1e <80> 3d 1f 8d 3b 00 00 75 55 48 8b 43 18 48 c7 00 00 00 00 00 c6 43
[  573.004437][T14958] RSP: 002b:00007fff6aec2710 EFLAGS: 00010246
[  573.004459][T14958] RAX: 00007f1b24a15fa0 RBX: 00007f1b24a16218 RCX: 0000000000000001
[  573.004477][T14958] RDX: 00007f1b24a16180 RSI: 0000000000000003 RDI: 00007f1b24a16218
[  573.004495][T14958] RBP: 0000000000001090 R08: 00007f1b24a15fa0 R09: 00007fff6aec25b7
[  573.004514][T14958] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000002
[  573.004531][T14958] R13: 00007f1b24a1618c R14: 00007f1b24a16188 R15: 00007f1b24a16180
[  573.004570][T14958]  </TASK>
[  573.004581][T14958] memory: usage 3072kB, limit 3072kB, failcnt 148683
[  573.401238][T14958] memory+swap: usage 64948kB, limit 9007199254740988kB, failcnt 0
[  573.410462][T14958] kmem: usage 2556kB, limit 9007199254740988kB, failcnt 0
[  573.417700][T14958] Memory cgroup stats for /syz5:
[  573.417863][T14958] cache 0
[  573.427139][T14958] rss 0
[  573.429940][T14958] rss_huge 0
[  573.433220][T14958] shmem 0
[  573.436171][T14958] mapped_file 0
[  573.439637][T14958] dirty 0
[  573.442844][T14958] writeback 0
[  573.446140][T14958] workingset_refault_anon 17330
[  573.451090][T14958] workingset_refault_file 23360
[  573.458366][T14958] swap 63361024
[  573.467131][T14958] swapcached 528384
[  573.470980][T14958] pgpgin 362565
[  573.474586][T14958] pgpgout 366174
[  573.478144][T14958] pgfault 286869
[  573.481708][T14958] pgmajfault 8912
[  573.491873][T14958] inactive_anon 77824
[  573.495934][T14958] active_anon 450560
[  573.522207][T14958] inactive_file 0
[  573.525907][T14958] active_file 0
[  573.529469][T14958] unevictable 0
[  573.541856][T14958] hierarchical_memory_limit 3145728
[  573.547112][T14958] hierarchical_memsw_limit 9223372036854771712
[  573.564758][T14958] total_cache 0
[  573.586011][T14958] total_rss 0
[  573.589327][T14958] total_rss_huge 0
[  573.603801][T14958] total_shmem 0
[  573.607351][T14958] total_mapped_file 0
[  573.611318][T14958] total_dirty 0
[  573.618877][T14958] total_writeback 0
[  573.629010][T14958] total_workingset_refault_anon 17330
[  573.650522][T14958] total_workingset_refault_file 23360
[  573.655982][T14958] total_swap 63361024
[  573.659951][T14958] total_swapcached 528384
[  573.679307][T14958] total_pgpgin 362565
[  573.683376][T14958] total_pgpgout 366174
[  573.687433][T14958] total_pgfault 286869
[  573.695791][T14958] total_pgmajfault 8912
[  573.699992][T14958] total_inactive_anon 77824
[  573.707398][T14958] total_active_anon 450560
[  573.712144][T14958] total_inactive_file 0
[  573.721886][T14958] total_active_file 0
[  573.740007][T14958] total_unevictable 0
[  573.744181][T14958] anon_cost 146
[  573.747631][T14958] file_cost 0
[  573.751153][T14958] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz.5.1791,pid=14326,uid=0
[  573.771922][T14958] Memory cgroup out of memory: Killed process 14326 (syz.5.1791) total-vm:102220kB, anon-rss:1248kB, file-rss:55152kB, shmem-rss:0kB, UID:0 pgtables:192kB oom_score_adj:1000
[  573.804663][T14976] netlink: 'syz.6.1951': attribute type 11 has an invalid length.
[  573.830876][T14976] netlink: 'syz.6.1951': attribute type 11 has an invalid length.
[  573.900906][T14976] netlink: 'syz.6.1951': attribute type 11 has an invalid length.
[  573.924224][T14976] netlink: 'syz.6.1951': attribute type 11 has an invalid length.
[  573.943665][T14976] netlink: 'syz.6.1951': attribute type 11 has an invalid length.
[  573.982284][T14976] netlink: 'syz.6.1951': attribute type 11 has an invalid length.
[  573.991133][T14976] netlink: 'syz.6.1951': attribute type 11 has an invalid length.
[  573.999346][T14976] netlink: 'syz.6.1951': attribute type 11 has an invalid length.
[  574.007535][T14976] netlink: 'syz.6.1951': attribute type 11 has an invalid length.
[  574.016177][T14976] netlink: 'syz.6.1951': attribute type 11 has an invalid length.
[  575.887171][T15015] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input24
[  576.364660][T15016] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input25
[  577.071330][T15030] ubi: mtd0 is already attached to ubi0
[  579.166894][T15079] ubi: mtd0 is already attached to ubi0
[  579.755883][ T8410] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 928 with max blocks 1 with error 117
[  579.821892][ T8410] EXT4-fs (sda1): This should not happen!! Data will be lost
[  579.821892][ T8410] 
[  579.854880][ T8410] EXT4-fs (sda1): Delayed block allocation failed for inode 2026 at logical offset 1 with max blocks 2 with error 117
[  579.932032][ T8410] EXT4-fs (sda1): This should not happen!! Data will be lost
[  579.932032][ T8410] 
[  579.942325][T15081] FAULT_INJECTION: forcing a failure.
[  579.942325][T15081] name fail_futex, interval 1, probability 0, space 0, times 0
[  579.985477][ T8410] EXT4-fs (sda1): Delayed block allocation failed for inode 2030 at logical offset 1 with max blocks 6 with error 117
[  580.023297][ T8410] EXT4-fs (sda1): This should not happen!! Data will be lost
[  580.023297][ T8410] 
[  580.036749][T15081] CPU: 1 UID: 0 PID: 15081 Comm: syz.1.1972 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  580.036780][T15081] Tainted: [L]=SOFTLOCKUP
[  580.036786][T15081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  580.036796][T15081] Call Trace:
[  580.036801][T15081]  <TASK>
[  580.036807][T15081]  dump_stack_lvl+0x100/0x190
[  580.036833][T15081]  should_fail_ex.cold+0x5/0xa
[  580.036850][T15081]  get_futex_key+0x295/0x1620
[  580.036875][T15081]  ? __pfx_get_futex_key+0x10/0x10
[  580.036895][T15081]  ? lock_acquire+0x17c/0x330
[  580.036917][T15081]  futex_wake+0xea/0x530
[  580.036935][T15081]  ? __pfx_futex_wake+0x10/0x10
[  580.036952][T15081]  ? exit_mm_release+0x19/0x30
[  580.036972][T15081]  do_futex+0x32b/0x350
[  580.036987][T15081]  ? __pfx_do_futex+0x10/0x10
[  580.036999][T15081]  ? __might_fault+0xc5/0x140
[  580.037027][T15081]  mm_release+0x24a/0x2f0
[  580.037049][T15081]  do_exit+0x675/0x2a30
[  580.037064][T15081]  ? lockdep_hardirqs_on+0x78/0x100
[  580.037089][T15081]  ? __pfx_do_exit+0x10/0x10
[  580.037105][T15081]  ? do_raw_spin_lock+0x128/0x260
[  580.037121][T15081]  ? find_held_lock+0x2b/0x80
[  580.037140][T15081]  ? get_signal+0x7e0/0x21e0
[  580.037164][T15081]  do_group_exit+0xd5/0x2a0
[  580.037182][T15081]  get_signal+0x1ec7/0x21e0
[  580.037213][T15081]  ? ksys_write+0x190/0x250
[  580.037229][T15081]  ? __pfx_get_signal+0x10/0x10
[  580.037251][T15081]  ? do_futex+0x192/0x350
[  580.037267][T15081]  arch_do_signal_or_restart+0x91/0x770
[  580.037284][T15081]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  580.037304][T15081]  ? __pfx___x64_sys_futex+0x10/0x10
[  580.037323][T15081]  exit_to_user_mode_loop+0x86/0x4a0
[  580.037337][T15081]  ? rcu_is_watching+0x12/0xc0
[  580.037355][T15081]  do_syscall_64+0x668/0xf80
[  580.037377][T15081]  ? clear_bhb_loop+0x40/0x90
[  580.037395][T15081]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  580.037410][T15081] RIP: 0033:0x7f1fc3b9bf79
[  580.037423][T15081] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  580.037438][T15081] RSP: 002b:00007f1fc4a790e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  580.037455][T15081] RAX: fffffffffffffe00 RBX: 00007f1fc3e15fa8 RCX: 00007f1fc3b9bf79
[  580.037466][T15081] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f1fc3e15fa8
[  580.037475][T15081] RBP: 00007f1fc3e15fa0 R08: 0000000000000000 R09: 0000000000000000
[  580.037485][T15081] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  580.037493][T15081] R13: 00007f1fc3e16038 R14: 00007ffe13df9550 R15: 00007ffe13df9638
[  580.037512][T15081]  </TASK>
[  580.576943][T15096] net_ratelimit: 8 callbacks suppressed
[  580.576959][T15096] openvswitch: netlink: Flow key attr not present in new flow.
[  580.887542][T15080] syz.5.1970 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  580.937656][T15080] CPU: 1 UID: 0 PID: 15080 Comm: syz.5.1970 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  580.937707][T15080] Tainted: [L]=SOFTLOCKUP
[  580.937718][T15080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  580.937737][T15080] Call Trace:
[  580.937748][T15080]  <TASK>
[  580.937761][T15080]  dump_stack_lvl+0x100/0x190
[  580.937808][T15080]  dump_header+0xfb/0x606
[  580.937843][T15080]  oom_kill_process.cold+0xd/0x321
[  580.937879][T15080]  out_of_memory+0x340/0x14f0
[  580.937921][T15080]  ? __pfx_out_of_memory+0x10/0x10
[  580.937962][T15080]  mem_cgroup_out_of_memory+0xc6/0x130
[  580.938010][T15080]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  580.938054][T15080]  ? find_held_lock+0x2b/0x80
[  580.938103][T15080]  ? do_raw_spin_unlock+0x145/0x1e0
[  580.938141][T15080]  ? _raw_spin_unlock+0x28/0x50
[  580.938184][T15080]  try_charge_memcg+0x652/0xc90
[  580.938226][T15080]  ? __pfx_try_charge_memcg+0x10/0x10
[  580.938262][T15080]  ? find_held_lock+0x2b/0x80
[  580.938301][T15080]  ? rcu_read_unlock+0x17/0x60
[  580.938336][T15080]  ? rcu_read_unlock+0x17/0x60
[  580.938382][T15080]  charge_memcg+0xa6/0x280
[  580.938417][T15080]  __mem_cgroup_charge+0x2b/0x1e0
[  580.938465][T15080]  shmem_alloc_and_add_folio+0x451/0xd40
[  580.938526][T15080]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  580.938580][T15080]  ? shmem_allowable_huge_orders+0x2bd/0x400
[  580.938621][T15080]  shmem_get_folio_gfp+0x6ab/0x1900
[  580.938657][T15080]  ? find_held_lock+0x2b/0x80
[  580.938698][T15080]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  580.938731][T15080]  ? ktime_get_coarse_real_ts64_mg+0x235/0x300
[  580.938782][T15080]  ? lockdep_hardirqs_on+0x78/0x100
[  580.938832][T15080]  shmem_fault+0x1f9/0xa20
[  580.938862][T15080]  ? __lock_acquire+0x4a5/0x2630
[  580.938891][T15080]  ? __pfx_shmem_fault+0x10/0x10
[  580.938925][T15080]  ? __up_read+0x2c5/0x700
[  580.938973][T15080]  ? __pfx_filemap_map_pages+0x10/0x10
[  580.939004][T15080]  __do_fault+0x10d/0x550
[  580.939042][T15080]  ? __pfx_filemap_map_pages+0x10/0x10
[  580.939073][T15080]  do_fault+0x2db/0x1990
[  580.939119][T15080]  __handle_mm_fault+0x1807/0x2b50
[  580.939176][T15080]  ? __pfx___handle_mm_fault+0x10/0x10
[  580.939225][T15080]  ? pte_offset_map_lock+0x174/0x320
[  580.939263][T15080]  ? find_held_lock+0x2b/0x80
[  580.939315][T15080]  ? follow_page_pte+0x5b4/0x1410
[  580.939361][T15080]  handle_mm_fault+0x36d/0xa20
[  580.939415][T15080]  __get_user_pages+0xf9c/0x34d0
[  580.939468][T15080]  ? down_read_killable+0x30e/0x4c0
[  580.939501][T15080]  ? __pfx___get_user_pages+0x10/0x10
[  580.939550][T15080]  faultin_page_range+0x1f1/0x9e0
[  580.939598][T15080]  madvise_do_behavior+0x354/0x510
[  580.939642][T15080]  ? __pfx_madvise_do_behavior+0x10/0x10
[  580.939704][T15080]  do_madvise+0x195/0x240
[  580.939741][T15080]  ? __pfx_do_madvise+0x10/0x10
[  580.939777][T15080]  ? do_futex+0x192/0x350
[  580.939828][T15080]  ? xfd_validate_state+0x129/0x190
[  580.939872][T15080]  __x64_sys_madvise+0xa9/0x110
[  580.939909][T15080]  ? lockdep_hardirqs_on+0x78/0x100
[  580.939951][T15080]  do_syscall_64+0x106/0xf80
[  580.939992][T15080]  ? clear_bhb_loop+0x40/0x90
[  580.940027][T15080]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  580.940057][T15080] RIP: 0033:0x7f953ab9bf79
[  580.940081][T15080] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  580.940110][T15080] RSP: 002b:00007f953b997028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[  580.940138][T15080] RAX: ffffffffffffffda RBX: 00007f953ae16180 RCX: 00007f953ab9bf79
[  580.940159][T15080] RDX: 0000000000000017 RSI: ffffffffffff0005 RDI: 0000000000000000
[  580.940177][T15080] RBP: 00007f953ac327e0 R08: 0000000000000000 R09: 0000000000000000
[  580.940197][T15080] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  580.940215][T15080] R13: 00007f953ae16218 R14: 00007f953ae16180 R15: 00007fff882e72c8
[  580.940255][T15080]  </TASK>
[  580.940764][T15080] memory: usage 3072kB, limit 3072kB, failcnt 149446
[  581.339194][T15080] memory+swap: usage 5764kB, limit 9007199254740988kB, failcnt 0
[  581.347503][T15080] kmem: usage 2972kB, limit 9007199254740988kB, failcnt 0
[  581.354948][T15080] Memory cgroup stats for /syz5:
[  581.355052][T15080] cache 0
[  581.363316][T15080] rss 4096
[  581.366363][T15080] rss_huge 0
[  581.369572][T15080] shmem 0
[  581.372988][T15080] mapped_file 0
[  581.421607][T15080] dirty 0
[  581.444499][T15080] writeback 0
[  581.447828][T15080] workingset_refault_anon 17594
[  581.456853][T15080] workingset_refault_file 23365
[  581.461715][T15080] swap 2756608
[  581.467982][T15080] swapcached 69632
[  581.471727][T15080] pgpgin 363971
[  581.489197][T15080] pgpgout 367976
[  581.503029][T15080] pgfault 289612
[  581.512729][T15080] pgmajfault 9092
[  581.522123][T15080] inactive_anon 65536
[  581.531925][T15080] active_anon 0
[  581.542579][T15080] inactive_file 0
[  581.552161][T15080] active_file 0
[  581.565638][T15080] unevictable 0
[  581.569224][T15080] hierarchical_memory_limit 3145728
[  581.582197][T15080] hierarchical_memsw_limit 9223372036854771712
[  581.602709][T15080] total_cache 0
[  581.611667][T15080] total_rss 4096
[  581.616587][T15080] total_rss_huge 0
[  581.620387][T15080] total_shmem 0
[  581.642321][T15080] total_mapped_file 0
[  581.646337][T15080] total_dirty 0
[  581.661012][T15080] total_writeback 0
[  581.665378][T15080] total_workingset_refault_anon 17594
[  581.671136][T15080] total_workingset_refault_file 23365
[  581.681283][T15080] total_swap 2756608
[  581.685891][T15080] total_swapcached 69632
[  581.697613][T15080] total_pgpgin 363971
[  581.712061][T15080] total_pgpgout 367976
[  581.721953][T15080] total_pgfault 289612
[  581.736294][T15080] total_pgmajfault 9092
[  581.740528][T15080] total_inactive_anon 65536
[  581.765618][T15080] total_active_anon 0
[  581.779810][T15080] total_inactive_file 0
[  581.786714][T15080] total_active_file 0
[  581.794296][T15080] total_unevictable 0
[  581.804439][T15080] anon_cost 151
[  581.811669][T15080] file_cost 0
[  581.828500][T15080] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz.5.1970,pid=15074,uid=0
[  581.865476][T15080] Memory cgroup out of memory: Killed process 15074 (syz.5.1970) total-vm:139620kB, anon-rss:1200kB, file-rss:25664kB, shmem-rss:12kB, UID:0 pgtables:160kB oom_score_adj:1000
[  582.203041][T15125] vhci_hcd: not connected 4
[  582.563497][T15136] FAULT_INJECTION: forcing a failure.
[  582.563497][T15136] name failslab, interval 1, probability 0, space 0, times 0
[  582.972377][T15136] CPU: 0 UID: 0 PID: 15136 Comm: syz.1.1986 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  582.972408][T15136] Tainted: [L]=SOFTLOCKUP
[  582.972413][T15136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  582.972423][T15136] Call Trace:
[  582.972429][T15136]  <TASK>
[  582.972435][T15136]  dump_stack_lvl+0x100/0x190
[  582.972460][T15136]  should_fail_ex.cold+0x5/0xa
[  582.972477][T15136]  should_failslab+0xc2/0x120
[  582.972495][T15136]  __kmalloc_cache_noprof+0x80/0x810
[  582.972518][T15136]  ? call_usermodehelper_setup+0xaf/0x360
[  582.972537][T15136]  ? __kmalloc_node_track_caller_noprof+0x373/0x9d0
[  582.972553][T15136]  ? __pfx_free_modprobe_argv+0x10/0x10
[  582.972570][T15136]  ? call_usermodehelper_setup+0xaf/0x360
[  582.972589][T15136]  call_usermodehelper_setup+0xaf/0x360
[  582.972611][T15136]  __request_module+0x3c7/0x650
[  582.972627][T15136]  ? __pfx___request_module+0x10/0x10
[  582.972651][T15136]  ? find_held_lock+0x2b/0x80
[  582.972670][T15136]  ? inet_create+0xa72/0x1060
[  582.972695][T15136]  inet_create+0xd45/0x1060
[  582.972716][T15136]  ? inet_create+0x94/0x1060
[  582.972739][T15136]  __sock_create+0x339/0x860
[  582.972764][T15136]  __sys_socket+0x14d/0x260
[  582.972784][T15136]  ? fput+0x79/0x100
[  582.972801][T15136]  ? __pfx___sys_socket+0x10/0x10
[  582.972822][T15136]  ? xfd_validate_state+0x129/0x190
[  582.972845][T15136]  __x64_sys_socket+0x72/0xb0
[  582.972865][T15136]  ? lockdep_hardirqs_on+0x78/0x100
[  582.972887][T15136]  do_syscall_64+0x106/0xf80
[  582.972909][T15136]  ? clear_bhb_loop+0x40/0x90
[  582.972927][T15136]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  582.972943][T15136] RIP: 0033:0x7f1fc3b9bf79
[  582.972955][T15136] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  582.972970][T15136] RSP: 002b:00007f1fc4a58028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  582.972989][T15136] RAX: ffffffffffffffda RBX: 00007f1fc3e16090 RCX: 00007f1fc3b9bf79
[  582.972999][T15136] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000002
[  582.973008][T15136] RBP: 00007f1fc3c327e0 R08: 0000000000000000 R09: 0000000000000000
[  582.973016][T15136] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  582.973025][T15136] R13: 00007f1fc3e16128 R14: 00007f1fc3e16090 R15: 00007ffe13df9638
[  582.973045][T15136]  </TASK>
[  583.806795][T15140] syz.5.1982 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  583.879587][T15140] CPU: 1 UID: 0 PID: 15140 Comm: syz.5.1982 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  583.879629][T15140] Tainted: [L]=SOFTLOCKUP
[  583.879638][T15140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  583.879654][T15140] Call Trace:
[  583.879663][T15140]  <TASK>
[  583.879673][T15140]  dump_stack_lvl+0x100/0x190
[  583.879720][T15140]  dump_header+0xfb/0x606
[  583.879752][T15140]  oom_kill_process.cold+0xd/0x321
[  583.879786][T15140]  out_of_memory+0x340/0x14f0
[  583.879825][T15140]  ? __pfx_out_of_memory+0x10/0x10
[  583.879866][T15140]  mem_cgroup_out_of_memory+0xc6/0x130
[  583.879913][T15140]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  583.879953][T15140]  ? find_held_lock+0x2b/0x80
[  583.879998][T15140]  ? do_raw_spin_unlock+0x145/0x1e0
[  583.880033][T15140]  ? _raw_spin_unlock+0x28/0x50
[  583.880074][T15140]  try_charge_memcg+0x652/0xc90
[  583.880115][T15140]  ? __pfx_try_charge_memcg+0x10/0x10
[  583.880147][T15140]  ? find_held_lock+0x2b/0x80
[  583.880182][T15140]  ? rcu_read_unlock+0x17/0x60
[  583.880216][T15140]  ? rcu_read_unlock+0x17/0x60
[  583.880262][T15140]  charge_memcg+0xa6/0x280
[  583.880294][T15140]  __mem_cgroup_charge+0x2b/0x1e0
[  583.880334][T15140]  do_anonymous_page+0xb38/0x1f40
[  583.880390][T15140]  __handle_mm_fault+0x1d3a/0x2b50
[  583.880442][T15140]  ? __pfx___handle_mm_fault+0x10/0x10
[  583.880488][T15140]  ? pte_offset_map_lock+0x174/0x320
[  583.880522][T15140]  ? find_held_lock+0x2b/0x80
[  583.880569][T15140]  ? follow_page_pte+0x5b4/0x1410
[  583.880612][T15140]  handle_mm_fault+0x36d/0xa20
[  583.880662][T15140]  __get_user_pages+0xf9c/0x34d0
[  583.880712][T15140]  ? __pfx___get_user_pages+0x10/0x10
[  583.880760][T15140]  populate_vma_page_range+0x267/0x3f0
[  583.880800][T15140]  ? __pfx_populate_vma_page_range+0x10/0x10
[  583.880837][T15140]  ? __pfx_find_vma_intersection+0x10/0x10
[  583.880892][T15140]  __mm_populate+0x107/0x3a0
[  583.880931][T15140]  ? __pfx___mm_populate+0x10/0x10
[  583.880971][T15140]  ? up_write+0x406/0x4f0
[  583.881007][T15140]  vm_mmap_pgoff+0x37f/0x470
[  583.881048][T15140]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  583.881092][T15140]  ? __x64_sys_futex+0x34f/0x4d0
[  583.881118][T15140]  ? __x64_sys_futex+0x358/0x4d0
[  583.881150][T15140]  ksys_mmap_pgoff+0x7d/0x5b0
[  583.881191][T15140]  __x64_sys_mmap+0x125/0x190
[  583.881231][T15140]  do_syscall_64+0x106/0xf80
[  583.881271][T15140]  ? clear_bhb_loop+0x40/0x90
[  583.881306][T15140]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  583.881335][T15140] RIP: 0033:0x7f953ab9bf79
[  583.881359][T15140] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  583.881387][T15140] RSP: 002b:00007f9538dd5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  583.881414][T15140] RAX: ffffffffffffffda RBX: 00007f953ae16450 RCX: 00007f953ab9bf79
[  583.881434][T15140] RDX: 00000000000000df RSI: 0000000000040009 RDI: 0000000000000000
[  583.881453][T15140] RBP: 00007f953ac327e0 R08: 0000000000000007 R09: 0000000000028000
[  583.881471][T15140] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000
[  583.881489][T15140] R13: 00007f953ae164e8 R14: 00007f953ae16450 R15: 00007fff882e72c8
[  583.881530][T15140]  </TASK>
[  584.184432][T15140] memory: usage 3072kB, limit 3072kB, failcnt 149862
[  584.205667][T15140] memory+swap: usage 5184kB, limit 9007199254740988kB, failcnt 0
[  584.245824][T15140] kmem: usage 2996kB, limit 9007199254740988kB, failcnt 0
[  584.253040][T15140] Memory cgroup stats for /syz5:
[  584.253224][T15140] cache 4096
[  584.261460][T15140] rss 0
[  584.264542][T15140] rss_huge 0
[  584.267943][T15140] shmem 4096
[  584.271154][T15140] mapped_file 4096
[  584.275434][T15140] dirty 0
[  584.278582][T15140] writeback 0
[  584.281934][T15140] workingset_refault_anon 17721
[  584.286794][T15140] workingset_refault_file 23365
[  584.291656][T15140] swap 2260992
[  584.295098][T15140] swapcached 73728
[  584.298916][T15140] pgpgin 364458
[  584.302700][T15140] pgpgout 368672
[  584.306259][T15140] pgfault 290113
[  584.309806][T15140] pgmajfault 9170
[  584.313496][T15140] inactive_anon 77824
[  584.317490][T15140] active_anon 0
[  584.320953][T15140] inactive_file 0
[  584.324652][T15140] active_file 0
[  584.328115][T15140] unevictable 0
[  584.331581][T15140] hierarchical_memory_limit 3145728
[  584.336833][T15140] hierarchical_memsw_limit 9223372036854771712
[  584.343135][T15140] total_cache 4096
[  584.346878][T15140] total_rss 0
[  584.350167][T15140] total_rss_huge 0
[  584.353943][T15140] total_shmem 4096
[  584.357683][T15140] total_mapped_file 4096
[  584.367731][T15140] total_dirty 0
[  584.371242][T15140] total_writeback 0
[  584.375189][T15140] total_workingset_refault_anon 17721
[  584.381309][T15140] total_workingset_refault_file 23365
[  584.386821][T15140] total_swap 2260992
[  584.390734][T15140] total_swapcached 73728
[  584.395164][T15140] total_pgpgin 364458
[  584.399150][T15140] total_pgpgout 368672
[  584.403274][T15140] total_pgfault 290113
[  584.407345][T15140] total_pgmajfault 9170
[  584.411510][T15140] total_inactive_anon 77824
[  584.416069][T15140] total_active_anon 0
[  584.420053][T15140] total_inactive_file 0
[  584.424268][T15140] total_active_file 0
[  584.428254][T15140] total_unevictable 0
[  584.432256][T15140] anon_cost 153
[  584.436061][T15140] file_cost 0
[  584.439351][T15140] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz.5.1982,pid=15119,uid=0
[  584.456044][T15140] Memory cgroup out of memory: Killed process 15119 (syz.5.1982) total-vm:197476kB, anon-rss:1352kB, file-rss:21504kB, shmem-rss:4kB, UID:0 pgtables:132kB oom_score_adj:1000
[  586.121500][T15192] hub 3-0:1.0: USB hub found
[  586.178735][T15192] hub 3-0:1.0: 1 port detected
[  586.248447][T15192] usb usb3: authorized to connect
[  586.471544][T15201] ubi: mtd0 is already attached to ubi0
[  586.924412][T15214] input: jJǸ-�¶š9ã%vø“ûJ86Ö‘ as /devices/virtual/input/input26
[  587.942998][T15239] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2006'.
[  588.036079][T15242] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  588.481176][ T5143] Bluetooth: hci3: unexpected event 0x3e length: 508 > 260
[  588.481219][ T5143] Bluetooth: hci3: unexpected subevent 0x02 length: 507 > 260
[  588.499476][ T5143] Bluetooth: hci3: Dropping invalid advertising data
[  588.506889][ T5143] Bluetooth: hci3: unknown advertising packet type: 0xe9
[  588.506932][ T5143] Bluetooth: hci3: Dropping invalid advertising data
[  588.521106][ T5143] Bluetooth: hci3: Malformed LE Event: 0x02
[  590.443170][T15295] FAULT_INJECTION: forcing a failure.
[  590.443170][T15295] name failslab, interval 1, probability 0, space 0, times 0
[  590.465033][T15295] CPU: 1 UID: 0 PID: 15295 Comm: syz.4.2017 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  590.465082][T15295] Tainted: [L]=SOFTLOCKUP
[  590.465092][T15295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  590.465110][T15295] Call Trace:
[  590.465120][T15295]  <TASK>
[  590.465131][T15295]  dump_stack_lvl+0x100/0x190
[  590.465178][T15295]  should_fail_ex.cold+0x5/0xa
[  590.465213][T15295]  should_failslab+0xc2/0x120
[  590.465243][T15295]  kmem_cache_alloc_noprof+0x83/0x780
[  590.465274][T15295]  ? sk_prot_alloc+0x60/0x2a0
[  590.465314][T15295]  ? sk_prot_alloc+0x60/0x2a0
[  590.465338][T15295]  sk_prot_alloc+0x60/0x2a0
[  590.465373][T15295]  sk_alloc+0x36/0xe80
[  590.465391][T15295]  tipc_sk_create+0xf9/0x23c0
[  590.465418][T15295]  ? find_held_lock+0x2b/0x80
[  590.465438][T15295]  ? __sock_create+0x2f3/0x860
[  590.465459][T15295]  ? __sock_create+0x2f3/0x860
[  590.465482][T15295]  __sock_create+0x339/0x860
[  590.465506][T15295]  __sys_socket+0x14d/0x260
[  590.465528][T15295]  ? __pfx___sys_socket+0x10/0x10
[  590.465550][T15295]  ? __pfx___do_sys_prctl+0x10/0x10
[  590.465571][T15295]  __x64_sys_socket+0x72/0xb0
[  590.465602][T15295]  ? lockdep_hardirqs_on+0x78/0x100
[  590.465626][T15295]  do_syscall_64+0x106/0xf80
[  590.465647][T15295]  ? clear_bhb_loop+0x40/0x90
[  590.465670][T15295]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  590.465690][T15295] RIP: 0033:0x7f1b2479bf79
[  590.465705][T15295] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  590.465720][T15295] RSP: 002b:00007f1b256ed028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  590.465736][T15295] RAX: ffffffffffffffda RBX: 00007f1b24a15fa0 RCX: 00007f1b2479bf79
[  590.465746][T15295] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 000000000000001e
[  590.465756][T15295] RBP: 00007f1b248327e0 R08: 0000000000000000 R09: 0000000000000000
[  590.465766][T15295] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  590.465775][T15295] R13: 00007f1b24a16038 R14: 00007f1b24a15fa0 R15: 00007fff6aec25b8
[  590.465796][T15295]  </TASK>
[  592.358898][T15326] ubi: mtd0 is already attached to ubi0
[  593.194157][T15351] sp0: Synchronizing with TNC
[  593.872060][T15367] FAULT_INJECTION: forcing a failure.
[  593.872060][T15367] name failslab, interval 1, probability 0, space 0, times 0
[  594.116122][T15367] CPU: 0 UID: 0 PID: 15367 Comm: syz.5.2034 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  594.116169][T15367] Tainted: [L]=SOFTLOCKUP
[  594.116178][T15367] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  594.116195][T15367] Call Trace:
[  594.116206][T15367]  <TASK>
[  594.116218][T15367]  dump_stack_lvl+0x100/0x190
[  594.116261][T15367]  should_fail_ex.cold+0x5/0xa
[  594.116299][T15367]  should_failslab+0xc2/0x120
[  594.116332][T15367]  kmem_cache_alloc_node_noprof+0x8c/0x880
[  594.116368][T15367]  ? __alloc_skb+0x156/0x410
[  594.116404][T15367]  ? __alloc_skb+0x156/0x410
[  594.116431][T15367]  __alloc_skb+0x156/0x410
[  594.116456][T15367]  ? __alloc_skb+0x35d/0x410
[  594.116483][T15367]  ? __pfx___alloc_skb+0x10/0x10
[  594.116508][T15367]  ? lockdep_hardirqs_on+0x78/0x100
[  594.116551][T15367]  ? kfree+0x1c7/0x690
[  594.116586][T15367]  ? unregister_sysctl_table+0x4d/0x60
[  594.116628][T15367]  inet_netconf_notify_devconf+0x9d/0x170
[  594.116671][T15367]  inetdev_event+0xa70/0x17f0
[  594.116707][T15367]  ? ib_netdevice_event+0xfc/0x330
[  594.116747][T15367]  ? __pfx_inetdev_event+0x10/0x10
[  594.116785][T15367]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  594.116824][T15367]  notifier_call_chain+0x99/0x3b0
[  594.116856][T15367]  call_netdevice_notifiers_info+0xbe/0x110
[  594.116894][T15367]  unregister_netdevice_many_notify+0x1208/0x2580
[  594.116937][T15367]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  594.116972][T15367]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  594.117021][T15367]  unregister_netdevice_queue+0x30b/0x3c0
[  594.117059][T15367]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  594.117098][T15367]  ? __pfx_locks_remove_file+0x10/0x10
[  594.117135][T15367]  ppp_release+0x211/0x230
[  594.117177][T15367]  ? __pfx_ppp_release+0x10/0x10
[  594.117215][T15367]  __fput+0x3ff/0xb40
[  594.117259][T15367]  task_work_run+0x150/0x240
[  594.117303][T15367]  ? __pfx_task_work_run+0x10/0x10
[  594.117349][T15367]  exit_to_user_mode_loop+0x100/0x4a0
[  594.117378][T15367]  ? rcu_is_watching+0x12/0xc0
[  594.117416][T15367]  do_syscall_64+0x668/0xf80
[  594.117457][T15367]  ? clear_bhb_loop+0x40/0x90
[  594.117493][T15367]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  594.117522][T15367] RIP: 0033:0x7f953ab9bf79
[  594.117552][T15367] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  594.117581][T15367] RSP: 002b:00007f953b9d9028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  594.117611][T15367] RAX: 0000000000000000 RBX: 00007f953ae15fa0 RCX: 00007f953ab9bf79
[  594.117632][T15367] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[  594.117650][T15367] RBP: 00007f953ac327e0 R08: 0000000000000000 R09: 0000000000000000
[  594.117668][T15367] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  594.117686][T15367] R13: 00007f953ae16038 R14: 00007f953ae15fa0 R15: 00007fff882e72c8
[  594.117726][T15367]  </TASK>
[  595.206979][T15384] ubi: mtd0 is already attached to ubi0
[  595.748093][T15394] FAULT_INJECTION: forcing a failure.
[  595.748093][T15394] name fail_futex, interval 1, probability 0, space 0, times 0
[  595.783424][T15394] CPU: 0 UID: 0 PID: 15394 Comm: syz.1.2045 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  595.783476][T15394] Tainted: [L]=SOFTLOCKUP
[  595.783487][T15394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  595.783508][T15394] Call Trace:
[  595.783518][T15394]  <TASK>
[  595.783530][T15394]  dump_stack_lvl+0x100/0x190
[  595.783579][T15394]  should_fail_ex.cold+0x5/0xa
[  595.783612][T15394]  get_futex_key+0x1d2/0x1620
[  595.783662][T15394]  ? __pfx_get_futex_key+0x10/0x10
[  595.783721][T15394]  futex_wake+0xea/0x530
[  595.783757][T15394]  ? __pfx_futex_wake+0x10/0x10
[  595.783790][T15394]  ? lockdep_hardirqs_on+0x78/0x100
[  595.783850][T15394]  do_futex+0x32b/0x350
[  595.783878][T15394]  ? __pfx_do_futex+0x10/0x10
[  595.783906][T15394]  ? __pfx___might_resched+0x10/0x10
[  595.783939][T15394]  ? blkcg_maybe_throttle_current+0x5df/0xeb0
[  595.783984][T15394]  __x64_sys_futex+0x34f/0x4d0
[  595.784014][T15394]  ? __pfx_task_work_run+0x10/0x10
[  595.784048][T15394]  ? __pfx___x64_sys_futex+0x10/0x10
[  595.784092][T15394]  do_syscall_64+0x106/0xf80
[  595.784169][T15394]  ? clear_bhb_loop+0x40/0x90
[  595.784206][T15394]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  595.784237][T15394] RIP: 0033:0x7f1fc3b9bf79
[  595.784261][T15394] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  595.784290][T15394] RSP: 002b:00007f1fc4a580e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  595.784319][T15394] RAX: ffffffffffffffda RBX: 00007f1fc3e16098 RCX: 00007f1fc3b9bf79
[  595.784339][T15394] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f1fc3e1609c
[  595.784358][T15394] RBP: 00007f1fc3e16090 R08: 0000000000000000 R09: 0000000000000000
[  595.784376][T15394] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  595.784394][T15394] R13: 00007f1fc3e16128 R14: 00007ffe13df9550 R15: 00007ffe13df9638
[  595.784438][T15394]  </TASK>
[  596.857432][ T5143] Bluetooth: hci4: unexpected subevent 0x01 length: 123 > 18
[  597.388412][T15386] syz.5.2037 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  597.482879][T15386] CPU: 0 UID: 0 PID: 15386 Comm: syz.5.2037 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  597.482924][T15386] Tainted: [L]=SOFTLOCKUP
[  597.482934][T15386] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  597.482950][T15386] Call Trace:
[  597.482959][T15386]  <TASK>
[  597.482970][T15386]  dump_stack_lvl+0x100/0x190
[  597.483013][T15386]  dump_header+0xfb/0x606
[  597.483043][T15386]  oom_kill_process.cold+0xd/0x321
[  597.483077][T15386]  out_of_memory+0x340/0x14f0
[  597.483114][T15386]  ? __pfx_out_of_memory+0x10/0x10
[  597.483163][T15386]  mem_cgroup_out_of_memory+0xc6/0x130
[  597.483200][T15386]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  597.483237][T15386]  ? find_held_lock+0x2b/0x80
[  597.483279][T15386]  ? do_raw_spin_unlock+0x145/0x1e0
[  597.483310][T15386]  ? _raw_spin_unlock+0x28/0x50
[  597.483350][T15386]  try_charge_memcg+0x652/0xc90
[  597.483386][T15386]  ? __pfx_try_charge_memcg+0x10/0x10
[  597.483425][T15386]  ? find_held_lock+0x2b/0x80
[  597.483460][T15386]  ? rcu_read_unlock+0x17/0x60
[  597.483488][T15386]  ? rcu_read_unlock+0x17/0x60
[  597.483521][T15386]  charge_memcg+0xa6/0x280
[  597.483550][T15386]  mem_cgroup_swapin_charge_folio+0xeb/0x470
[  597.483590][T15386]  __read_swap_cache_async+0x449/0x610
[  597.483634][T15386]  ? __pfx___read_swap_cache_async+0x10/0x10
[  597.483671][T15386]  ? mlock_drain_local+0x254/0x4e0
[  597.483696][T15386]  ? mlock_drain_local+0x254/0x4e0
[  597.483742][T15386]  swap_cluster_readahead+0x541/0x770
[  597.483783][T15386]  ? __schedule+0x1035/0x6000
[  597.483826][T15386]  ? __pfx_swap_cluster_readahead+0x10/0x10
[  597.483867][T15386]  ? __lock_acquire+0x4a5/0x2630
[  597.483893][T15386]  ? __lock_acquire+0x4a5/0x2630
[  597.483936][T15386]  ? get_vma_policy+0x23f/0x3b0
[  597.483972][T15386]  swapin_readahead+0x14b/0x12e0
[  597.484022][T15386]  ? __pfx_swapin_readahead+0x10/0x10
[  597.484061][T15386]  ? find_held_lock+0x2b/0x80
[  597.484094][T15386]  ? swap_cache_get_folio+0x272/0x920
[  597.484135][T15386]  ? swap_cache_get_folio+0x272/0x920
[  597.484169][T15386]  ? swap_cache_get_folio+0x1f/0x920
[  597.484204][T15386]  ? swap_cache_get_folio+0x2a2/0x920
[  597.484243][T15386]  ? __pfx_swap_cache_get_folio+0x10/0x10
[  597.484278][T15386]  ? __pfx_get_swap_device+0x10/0x10
[  597.484315][T15386]  ? do_swap_page+0x9ba/0x6810
[  597.484350][T15386]  do_swap_page+0x9ba/0x6810
[  597.484392][T15386]  ? __lock_acquire+0x4a5/0x2630
[  597.484425][T15386]  ? __pfx_do_swap_page+0x10/0x10
[  597.484465][T15386]  ? __pfx_default_wake_function+0x10/0x10
[  597.484512][T15386]  ? rcu_is_watching+0x12/0xc0
[  597.484542][T15386]  ? __pte_offset_map+0x179/0x310
[  597.484576][T15386]  __handle_mm_fault+0x18b9/0x2b50
[  597.484621][T15386]  ? reacquire_held_locks+0xce/0x1e0
[  597.484647][T15386]  ? __pfx___handle_mm_fault+0x10/0x10
[  597.484691][T15386]  ? lock_vma_under_rcu+0x17c/0x5a0
[  597.484754][T15386]  handle_mm_fault+0x36d/0xa20
[  597.484799][T15386]  do_user_addr_fault+0x5a3/0x12f0
[  597.484845][T15386]  exc_page_fault+0x6f/0xd0
[  597.484882][T15386]  asm_exc_page_fault+0x26/0x30
[  597.484907][T15386] RIP: 0033:0x7f953aa5074d
[  597.484928][T15386] Code: 44 8d 56 04 4c 8d 0d d2 18 3b 00 89 f0 4c 8d 05 c9 f8 3a 00 89 c2 81 e2 ff 1f 00 00 49 8b 0c d1 48 39 f1 74 28 48 85 c9 74 29 <45> 38 1c 10 75 23 83 c0 01 44 39 d0 75 dc 48 89 f0 25 ff 1f 00 00
[  597.484954][T15386] RSP: 002b:00007fff882e7308 EFLAGS: 00010282
[  597.484975][T15386] RAX: 00000000827daa8a RBX: ffffffff827daa8a RCX: ffffffff82564a8a
[  597.484993][T15386] RDX: 0000000000000a8a RSI: ffffffff827daa8a RDI: 0000000000000007
[  597.485010][T15386] RBP: 00000000000007d2 R08: 00007f953ae00000 R09: 00007f953ae02000
[  597.485027][T15386] R10: 00000000827daa8e R11: 0000000000000007 R12: 00007f953ae16218
[  597.485044][T15386] R13: 00000000000537e8 R14: ffffffff827da787 R15: 00007f953b945720
[  597.485062][T15386]  ? page_table_check_set+0x547/0xa10
[  597.485090][T15386]  ? page_table_check_set+0x84a/0xa10
[  597.485118][T15386]  ? __apply_to_page_range+0x108a/0x1520
[  597.485154][T15386]  ? page_table_check_set+0x84a/0xa10
[  597.485186][T15386]  </TASK>
[  597.489634][T15386] memory: usage 3072kB, limit 3072kB, failcnt 154913
[  597.974876][T15386] memory+swap: usage 14180kB, limit 9007199254740988kB, failcnt 0
[  598.058074][T15430] ubi: mtd0 is already attached to ubi0
[  598.069059][T15386] kmem: usage 3012kB, limit 9007199254740988kB, failcnt 0
[  598.105172][T15434] netlink: 25 bytes leftover after parsing attributes in process `syz.4.2047'.
[  598.118910][T15386] Memory cgroup stats for /syz5:
[  598.119021][T15386] cache 0
[  598.147913][T15386] rss 8192
[  598.166871][T15386] rss_huge 0
[  598.175815][T15386] shmem 0
[  598.185489][T15386] mapped_file 0
[  598.196712][T15386] dirty 0
[  598.204176][T15386] writeback 0
[  598.213444][T15386] workingset_refault_anon 18086
[  598.225491][T15386] workingset_refault_file 23365
[  598.238205][T15386] swap 11354112
[  598.247450][T15386] swapcached 53248
[  598.256846][T15386] pgpgin 371326
[  598.270634][T15386] pgpgout 375549
[  598.280318][T15386] pgfault 295481
[  598.294346][T15386] pgmajfault 9432
[  598.306183][T15386] inactive_anon 45056
[  598.317565][T15386] active_anon 0
[  598.328145][T15386] inactive_file 0
[  598.338394][T15386] active_file 0
[  598.394994][T15386] unevictable 0
[  598.402437][T15386] hierarchical_memory_limit 3145728
[  598.417847][T15386] hierarchical_memsw_limit 9223372036854771712
[  598.432794][T15386] total_cache 0
[  598.440885][T15386] total_rss 8192
[  598.449287][T15386] total_rss_huge 0
[  598.458797][T15386] total_shmem 0
[  598.469594][T15386] total_mapped_file 0
[  598.536032][T15386] total_dirty 0
[  598.540642][T15386] total_writeback 0
[  598.550091][T15386] total_workingset_refault_anon 18086
[  598.564096][T15436] FAULT_INJECTION: forcing a failure.
[  598.564096][T15436] name failslab, interval 1, probability 0, space 0, times 0
[  598.577653][T15386] total_workingset_refault_file 23365
[  598.583992][T15386] total_swap 11354112
[  598.589142][T15386] total_swapcached 53248
[  598.598137][T15386] total_pgpgin 371326
[  598.630455][T15386] total_pgpgout 375549
[  598.649338][T15436] CPU: 1 UID: 0 PID: 15436 Comm: syz.6.2048 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  598.649387][T15436] Tainted: [L]=SOFTLOCKUP
[  598.649398][T15436] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  598.649417][T15436] Call Trace:
[  598.649426][T15436]  <TASK>
[  598.649437][T15436]  dump_stack_lvl+0x100/0x190
[  598.649483][T15436]  should_fail_ex.cold+0x5/0xa
[  598.649514][T15436]  should_failslab+0xc2/0x120
[  598.649548][T15436]  ? __register_sysctl_table+0xac/0x1650
[  598.649588][T15436]  __kmalloc_noprof+0xf6/0x9c0
[  598.649647][T15436]  ? __register_sysctl_table+0xac/0x1650
[  598.649686][T15436]  __register_sysctl_table+0xac/0x1650
[  598.649726][T15436]  ? is_module_address+0x5f/0xf0
[  598.649760][T15436]  ? __pfx___register_sysctl_table+0x10/0x10
[  598.649801][T15436]  ? is_module_address+0x69/0xf0
[  598.649829][T15436]  ? register_net_sysctl_sz+0x222/0x430
[  598.649866][T15436]  ? __asan_memcpy+0x3c/0x60
[  598.649914][T15436]  ipv4_sysctl_init_net+0x101/0x350
[  598.649956][T15436]  ? __pfx_ipv4_sysctl_init_net+0x10/0x10
[  598.649995][T15436]  ops_init+0x1e2/0x5f0
[  598.650031][T15436]  setup_net+0x118/0x3a0
[  598.650064][T15436]  ? __pfx_setup_net+0x10/0x10
[  598.650092][T15436]  ? lockdep_init_map_type+0x5c/0x250
[  598.650115][T15436]  ? mutex_init_lockep+0x110/0x150
[  598.650149][T15436]  copy_net_ns+0x46f/0x7c0
[  598.650191][T15436]  create_new_namespaces+0x3ea/0xac0
[  598.650241][T15436]  unshare_nsproxy_namespaces+0xc3/0x1f0
[  598.650285][T15436]  ksys_unshare+0x455/0xab0
[  598.650316][T15436]  ? __pfx_ksys_unshare+0x10/0x10
[  598.650344][T15436]  ? xfd_validate_state+0x129/0x190
[  598.650389][T15436]  __x64_sys_unshare+0x31/0x40
[  598.650416][T15436]  do_syscall_64+0x106/0xf80
[  598.650454][T15436]  ? clear_bhb_loop+0x40/0x90
[  598.650479][T15436]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  598.650494][T15436] RIP: 0033:0x7f290359bf79
[  598.650508][T15436] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  598.650524][T15436] RSP: 002b:00007f2904542028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  598.650540][T15436] RAX: ffffffffffffffda RBX: 00007f2903815fa0 RCX: 00007f290359bf79
[  598.650550][T15436] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  598.650559][T15436] RBP: 00007f29036327e0 R08: 0000000000000000 R09: 0000000000000000
[  598.650568][T15436] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  598.650577][T15436] R13: 00007f2903816038 R14: 00007f2903815fa0 R15: 00007ffda4012728
[  598.650598][T15436]  </TASK>
[  598.703709][T15386] total_pgfault 295481
[  598.973328][T15386] total_pgmajfault 9432
[  598.994332][T15386] total_inactive_anon 45056
[  599.028172][T15386] total_active_anon 0
[  599.047243][T15386] total_inactive_file 0
[  599.067807][T15386] total_active_file 0
[  599.072848][T15386] total_unevictable 0
[  599.077933][T15386] anon_cost 340
[  599.085413][T15386] file_cost 0
[  599.088784][T15386] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz.5.2031,pid=15360,uid=0
[  599.131468][T15386] Memory cgroup out of memory: Killed process 15360 (syz.5.2031) total-vm:104784kB, anon-rss:1384kB, file-rss:31232kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000
[  599.756603][T15443] FAULT_INJECTION: forcing a failure.
[  599.756603][T15443] name failslab, interval 1, probability 0, space 0, times 0
[  599.793997][T15443] CPU: 0 UID: 0 PID: 15443 Comm: syz.4.2050 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  599.794046][T15443] Tainted: [L]=SOFTLOCKUP
[  599.794057][T15443] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  599.794075][T15443] Call Trace:
[  599.794084][T15443]  <TASK>
[  599.794095][T15443]  dump_stack_lvl+0x100/0x190
[  599.794140][T15443]  should_fail_ex.cold+0x5/0xa
[  599.794173][T15443]  should_failslab+0xc2/0x120
[  599.794209][T15443]  kmem_cache_alloc_node_noprof+0x8c/0x880
[  599.794244][T15443]  ? __alloc_skb+0x156/0x410
[  599.794281][T15443]  ? __alloc_skb+0x156/0x410
[  599.794308][T15443]  __alloc_skb+0x156/0x410
[  599.794333][T15443]  ? __alloc_skb+0x35d/0x410
[  599.794361][T15443]  ? __pfx___alloc_skb+0x10/0x10
[  599.794404][T15443]  inet6_ifmcaddr_notify+0xd6/0x1d0
[  599.794446][T15443]  ? __pfx_inet6_ifmcaddr_notify+0x10/0x10
[  599.794502][T15443]  __ipv6_dev_mc_dec+0x297/0x340
[  599.794552][T15443]  ipv6_mc_destroy_dev+0x2cd/0x690
[  599.794586][T15443]  ? __local_bh_enable_ip+0x9e/0x120
[  599.794636][T15443]  addrconf_ifdown.isra.0+0x148a/0x1b70
[  599.794685][T15443]  ? __pfx_addrconf_ifdown.isra.0+0x10/0x10
[  599.794725][T15443]  ? net_generic+0xea/0x2a0
[  599.794763][T15443]  addrconf_notify+0x458/0x19c0
[  599.794804][T15443]  ? ip6mr_device_event+0x1bc/0x230
[  599.794861][T15443]  notifier_call_chain+0x99/0x3b0
[  599.794899][T15443]  call_netdevice_notifiers_info+0xbe/0x110
[  599.794944][T15443]  unregister_netdevice_many_notify+0x1208/0x2580
[  599.794996][T15443]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  599.795036][T15443]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  599.795089][T15443]  unregister_netdevice_queue+0x30b/0x3c0
[  599.795128][T15443]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  599.795167][T15443]  ? __pfx_locks_remove_file+0x10/0x10
[  599.795200][T15443]  ppp_release+0x211/0x230
[  599.795237][T15443]  ? __pfx_ppp_release+0x10/0x10
[  599.795270][T15443]  __fput+0x3ff/0xb40
[  599.795312][T15443]  task_work_run+0x150/0x240
[  599.795347][T15443]  ? __pfx_task_work_run+0x10/0x10
[  599.795391][T15443]  exit_to_user_mode_loop+0x100/0x4a0
[  599.795419][T15443]  ? rcu_is_watching+0x12/0xc0
[  599.795456][T15443]  do_syscall_64+0x668/0xf80
[  599.795498][T15443]  ? clear_bhb_loop+0x40/0x90
[  599.795533][T15443]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  599.795561][T15443] RIP: 0033:0x7f1b2479bf79
[  599.795585][T15443] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  599.795613][T15443] RSP: 002b:00007f1b256ed028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  599.795641][T15443] RAX: 0000000000000000 RBX: 00007f1b24a15fa0 RCX: 00007f1b2479bf79
[  599.795660][T15443] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[  599.795678][T15443] RBP: 00007f1b248327e0 R08: 0000000000000000 R09: 0000000000000000
[  599.795697][T15443] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  599.795714][T15443] R13: 00007f1b24a16038 R14: 00007f1b24a15fa0 R15: 00007fff6aec25b8
[  599.795755][T15443]  </TASK>
[  600.485121][T15459] FAULT_INJECTION: forcing a failure.
[  600.485121][T15459] name fail_futex, interval 1, probability 0, space 0, times 0
[  600.501534][T15459] CPU: 1 UID: 0 PID: 15459 Comm: syz.4.2054 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  600.501560][T15459] Tainted: [L]=SOFTLOCKUP
[  600.501566][T15459] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  600.501576][T15459] Call Trace:
[  600.501581][T15459]  <TASK>
[  600.501587][T15459]  dump_stack_lvl+0x100/0x190
[  600.501612][T15459]  should_fail_ex.cold+0x5/0xa
[  600.501630][T15459]  get_futex_key+0x295/0x1620
[  600.501655][T15459]  ? __pfx_get_futex_key+0x10/0x10
[  600.501675][T15459]  ? lock_acquire+0x17c/0x330
[  600.501696][T15459]  futex_wake+0xea/0x530
[  600.501715][T15459]  ? __pfx_futex_wake+0x10/0x10
[  600.501731][T15459]  ? exit_mm_release+0x19/0x30
[  600.501754][T15459]  do_futex+0x32b/0x350
[  600.501769][T15459]  ? __pfx_do_futex+0x10/0x10
[  600.501793][T15459]  ? __might_fault+0xc5/0x140
[  600.501837][T15459]  mm_release+0x24a/0x2f0
[  600.501874][T15459]  do_exit+0x675/0x2a30
[  600.501907][T15459]  ? __pfx_do_exit+0x10/0x10
[  600.501934][T15459]  ? do_raw_spin_lock+0x128/0x260
[  600.501963][T15459]  ? find_held_lock+0x2b/0x80
[  600.501991][T15459]  ? get_signal+0x7e0/0x21e0
[  600.502015][T15459]  do_group_exit+0xd5/0x2a0
[  600.502033][T15459]  get_signal+0x1ec7/0x21e0
[  600.502060][T15459]  ? ksys_write+0x190/0x250
[  600.502075][T15459]  ? __pfx_get_signal+0x10/0x10
[  600.502098][T15459]  ? do_futex+0x192/0x350
[  600.502113][T15459]  arch_do_signal_or_restart+0x91/0x770
[  600.502130][T15459]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  600.502150][T15459]  ? __pfx___x64_sys_futex+0x10/0x10
[  600.502169][T15459]  exit_to_user_mode_loop+0x86/0x4a0
[  600.502183][T15459]  ? rcu_is_watching+0x12/0xc0
[  600.502202][T15459]  do_syscall_64+0x668/0xf80
[  600.502224][T15459]  ? clear_bhb_loop+0x40/0x90
[  600.502242][T15459]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  600.502257][T15459] RIP: 0033:0x7f1b2479bf79
[  600.502270][T15459] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  600.502285][T15459] RSP: 002b:00007f1b256ed0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  600.502300][T15459] RAX: fffffffffffffe00 RBX: 00007f1b24a15fa8 RCX: 00007f1b2479bf79
[  600.502310][T15459] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f1b24a15fa8
[  600.502319][T15459] RBP: 00007f1b24a15fa0 R08: 0000000000000000 R09: 0000000000000000
[  600.502329][T15459] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  600.502338][T15459] R13: 00007f1b24a16038 R14: 00007fff6aec24d0 R15: 00007fff6aec25b8
[  600.502357][T15459]  </TASK>
[  600.903925][T15450] syz.5.2051 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=1, oom_score_adj=1000
[  600.915720][T15450] CPU: 1 UID: 0 PID: 15450 Comm: syz.5.2051 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  600.915745][T15450] Tainted: [L]=SOFTLOCKUP
[  600.915750][T15450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  600.915760][T15450] Call Trace:
[  600.915767][T15450]  <TASK>
[  600.915774][T15450]  dump_stack_lvl+0x100/0x190
[  600.915800][T15450]  dump_header+0xfb/0x606
[  600.915818][T15450]  oom_kill_process.cold+0xd/0x321
[  600.915836][T15450]  out_of_memory+0x340/0x14f0
[  600.915857][T15450]  ? __pfx_out_of_memory+0x10/0x10
[  600.915878][T15450]  mem_cgroup_out_of_memory+0xc6/0x130
[  600.915902][T15450]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  600.915923][T15450]  ? find_held_lock+0x2b/0x80
[  600.915947][T15450]  ? do_raw_spin_unlock+0x145/0x1e0
[  600.915966][T15450]  ? _raw_spin_unlock+0x28/0x50
[  600.915988][T15450]  try_charge_memcg+0x652/0xc90
[  600.916011][T15450]  ? __pfx_try_charge_memcg+0x10/0x10
[  600.916027][T15450]  ? rcu_read_unlock+0x17/0x60
[  600.916044][T15450]  ? rcu_read_unlock+0x17/0x60
[  600.916067][T15450]  ? get_mem_cgroup_from_objcg+0xd3/0x330
[  600.916092][T15450]  obj_cgroup_charge_account+0x33d/0x640
[  600.916114][T15450]  __memcg_slab_post_alloc_hook+0x2e4/0x880
[  600.916140][T15450]  __kmalloc_cache_noprof+0x62a/0x810
[  600.916163][T15450]  ? ipv6_add_dev+0x1c9/0x1520
[  600.916184][T15450]  ? ipv6_add_dev+0x1c9/0x1520
[  600.916199][T15450]  ipv6_add_dev+0x1c9/0x1520
[  600.916219][T15450]  addrconf_notify+0x563/0x19c0
[  600.916240][T15450]  ? ip6mr_device_event+0x1bc/0x230
[  600.916266][T15450]  notifier_call_chain+0x99/0x3b0
[  600.916285][T15450]  call_netdevice_notifiers_info+0xbe/0x110
[  600.916310][T15450]  register_netdevice+0x16b9/0x21d0
[  600.916333][T15450]  ? __pfx_register_netdevice+0x10/0x10
[  600.916353][T15450]  ? net_generic+0xea/0x2a0
[  600.916372][T15450]  register_netdev+0x34/0x50
[  600.916390][T15450]  ip6_tnl_init_net+0x2ff/0x480
[  600.916406][T15450]  ? __pfx_ip6_tnl_init_net+0x10/0x10
[  600.916422][T15450]  ops_init+0x1e2/0x5f0
[  600.916442][T15450]  setup_net+0x118/0x3a0
[  600.916461][T15450]  ? __pfx_setup_net+0x10/0x10
[  600.916482][T15450]  ? lockdep_init_map_type+0x5c/0x250
[  600.916499][T15450]  ? mutex_init_lockep+0x110/0x150
[  600.916518][T15450]  copy_net_ns+0x46f/0x7c0
[  600.916540][T15450]  create_new_namespaces+0x3ea/0xac0
[  600.916566][T15450]  unshare_nsproxy_namespaces+0xc3/0x1f0
[  600.916590][T15450]  ksys_unshare+0x455/0xab0
[  600.916608][T15450]  ? __pfx_ksys_unshare+0x10/0x10
[  600.916623][T15450]  ? xfd_validate_state+0x129/0x190
[  600.916641][T15450]  ? kcov_ioctl+0x16a/0x720
[  600.916665][T15450]  __x64_sys_unshare+0x31/0x40
[  600.916681][T15450]  do_syscall_64+0x106/0xf80
[  600.916703][T15450]  ? clear_bhb_loop+0x40/0x90
[  600.916721][T15450]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  600.916737][T15450] RIP: 0033:0x7f953ab9bf79
[  600.916751][T15450] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  600.916766][T15450] RSP: 002b:00007f953b976028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  600.916781][T15450] RAX: ffffffffffffffda RBX: 00007f953ae16270 RCX: 00007f953ab9bf79
[  600.916792][T15450] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  600.916801][T15450] RBP: 00007f953ac327e0 R08: 0000000000000000 R09: 0000000000000000
[  600.916811][T15450] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  600.916820][T15450] R13: 00007f953ae16308 R14: 00007f953ae16270 R15: 00007fff882e72c8
[  600.916841][T15450]  </TASK>
[  600.916847][T15450] memory: usage 3072kB, limit 3072kB, failcnt 155101
[  601.337274][T15450] memory+swap: usage 3332kB, limit 9007199254740988kB, failcnt 0
[  601.358714][T15450] kmem: usage 2948kB, limit 9007199254740988kB, failcnt 0
[  601.435231][T15450] Memory cgroup stats for /syz5:
[  601.435434][T15450] cache 0
[  601.504662][T15450] rss 98304
[  601.513835][T15450] rss_huge 0
[  601.525250][T15450] shmem 0
[  601.531997][T15467] ubi: mtd0 is already attached to ubi0
[  601.539814][T15450] mapped_file 0
[  601.552122][T15450] dirty 0
[  601.576599][T15450] writeback 0
[  601.609692][T15450] workingset_refault_anon 18132
[  601.627597][T15450] workingset_refault_file 23365
[  601.671919][T15450] swap 266240
[  601.684198][T15450] swapcached 65536
[  601.721962][T15450] pgpgin 371468
[  601.729206][T15450] pgpgout 375676
[  601.733913][T15450] pgfault 295733
[  601.737662][T15450] pgmajfault 9471
[  601.762315][T15450] inactive_anon 12288
[  601.766398][T15450] active_anon 0
[  601.780206][T15450] inactive_file 0
[  601.785047][T15450] active_file 0
[  601.788541][T15450] unevictable 0
[  601.795043][T15450] hierarchical_memory_limit 3145728
[  601.828987][T15450] hierarchical_memsw_limit 9223372036854771712
[  601.865745][T15450] total_cache 0
[  601.869253][T15450] total_rss 98304
[  601.897254][T15450] total_rss_huge 0
[  601.944302][T15450] total_shmem 0
[  601.947908][T15450] total_mapped_file 0
[  601.987563][T15450] total_dirty 0
[  601.991710][T15450] total_writeback 0
[  602.016093][T15450] total_workingset_refault_anon 18132
[  602.044731][T15450] total_workingset_refault_file 23365
[  602.058264][T15450] total_swap 266240
[  602.063715][T15450] total_swapcached 65536
[  602.067955][T15450] total_pgpgin 371468
[  602.073363][T15450] total_pgpgout 375676
[  602.083744][T15450] total_pgfault 295733
[  602.092204][T15450] total_pgmajfault 9471
[  602.097828][T15450] total_inactive_anon 12288
[  602.106687][T15450] total_active_anon 0
[  602.112960][T15450] total_inactive_file 0
[  602.117337][T15450] total_active_file 0
[  602.122218][T15450] total_unevictable 0
[  602.126525][T15450] anon_cost 278
[  602.130169][T15450] file_cost 0
[  602.134835][T15450] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz.5.2051,pid=15441,uid=0
[  602.153366][T15450] Memory cgroup out of memory: Killed process 15441 (syz.5.2051) total-vm:113264kB, anon-rss:1352kB, file-rss:30256kB, shmem-rss:0kB, UID:0 pgtables:164kB oom_score_adj:1000
[  603.118347][T15486] futex_wake_op: syz.6.2062 tries to shift op by -1; fix this program
[  603.142695][T15486] FAULT_INJECTION: forcing a failure.
[  603.142695][T15486] name failslab, interval 1, probability 0, space 0, times 0
[  603.173099][T15486] CPU: 0 UID: 0 PID: 15486 Comm: syz.6.2062 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  603.173150][T15486] Tainted: [L]=SOFTLOCKUP
[  603.173160][T15486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  603.173178][T15486] Call Trace:
[  603.173189][T15486]  <TASK>
[  603.173200][T15486]  dump_stack_lvl+0x100/0x190
[  603.173247][T15486]  should_fail_ex.cold+0x5/0xa
[  603.173278][T15486]  should_failslab+0xc2/0x120
[  603.173319][T15486]  ? mempool_init_node+0x2f7/0x6e0
[  603.173356][T15486]  __kmalloc_noprof+0xf6/0x9c0
[  603.173408][T15486]  ? __pfx_mempool_kmalloc+0x10/0x10
[  603.173443][T15486]  ? mempool_init_node+0x2f7/0x6e0
[  603.173478][T15486]  ? __pfx_mempool_kmalloc+0x10/0x10
[  603.173512][T15486]  mempool_init_node+0x2f7/0x6e0
[  603.173554][T15486]  ? __pfx_mempool_kmalloc+0x10/0x10
[  603.173587][T15486]  ? __pfx_mempool_kfree+0x10/0x10
[  603.173622][T15486]  mempool_init_noprof+0x3a/0x50
[  603.173664][T15486]  do_fanotify_mark+0x2ee4/0x4010
[  603.173725][T15486]  ? __pfx_do_fanotify_mark+0x10/0x10
[  603.173774][T15486]  ? __x64_sys_futex+0x358/0x4d0
[  603.173807][T15486]  ? xfd_validate_state+0x129/0x190
[  603.173842][T15486]  ? arch_syscall_is_vdso_sigreturn+0xb6/0x200
[  603.173882][T15486]  __x64_sys_fanotify_mark+0xbd/0x160
[  603.173925][T15486]  ? do_syscall_64+0x95/0xf80
[  603.173967][T15486]  ? lockdep_hardirqs_on+0x78/0x100
[  603.174009][T15486]  do_syscall_64+0x106/0xf80
[  603.174049][T15486]  ? clear_bhb_loop+0x40/0x90
[  603.174084][T15486]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  603.174114][T15486] RIP: 0033:0x7f290359bf79
[  603.174139][T15486] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  603.174167][T15486] RSP: 002b:00007f2904542028 EFLAGS: 00000246 ORIG_RAX: 000000000000012d
[  603.174197][T15486] RAX: ffffffffffffffda RBX: 00007f2903815fa0 RCX: 00007f290359bf79
[  603.174217][T15486] RDX: 0000000000008009 RSI: 0000000000000105 RDI: 0000000000000000
[  603.174234][T15486] RBP: 00007f29036327e0 R08: 0000000000000000 R09: 0000000000000000
[  603.174273][T15486] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  603.174297][T15486] R13: 00007f2903816038 R14: 00007f2903815fa0 R15: 00007ffda4012728
[  603.174333][T15486]  </TASK>
[  603.802964][T15495] FAULT_INJECTION: forcing a failure.
[  603.802964][T15495] name failslab, interval 1, probability 0, space 0, times 0
[  603.815937][T15495] CPU: 0 UID: 0 PID: 15495 Comm: syz.1.2064 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  603.815981][T15495] Tainted: [L]=SOFTLOCKUP
[  603.815992][T15495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  603.816010][T15495] Call Trace:
[  603.816018][T15495]  <TASK>
[  603.816028][T15495]  dump_stack_lvl+0x100/0x190
[  603.816072][T15495]  should_fail_ex.cold+0x5/0xa
[  603.816104][T15495]  should_failslab+0xc2/0x120
[  603.816139][T15495]  kmem_cache_alloc_noprof+0x83/0x780
[  603.816172][T15495]  ? vm_area_alloc+0x1f/0x160
[  603.816219][T15495]  ? vm_area_alloc+0x1f/0x160
[  603.816255][T15495]  vm_area_alloc+0x1f/0x160
[  603.816298][T15495]  __mmap_region+0x101e/0x2820
[  603.816350][T15495]  ? __pfx___mmap_region+0x10/0x10
[  603.816424][T15495]  ? finish_task_switch.isra.0+0x205/0xb80
[  603.816465][T15495]  ? lockdep_hardirqs_on+0x78/0x100
[  603.816519][T15495]  ? finish_task_switch.isra.0+0x205/0xb80
[  603.816637][T15495]  ? rcu_is_watching+0x12/0xc0
[  603.816682][T15495]  mmap_region+0x180/0x3e0
[  603.816719][T15495]  do_mmap+0xc63/0x12f0
[  603.816762][T15495]  ? __pfx_do_mmap+0x10/0x10
[  603.816805][T15495]  ? __pfx_down_write_killable+0x10/0x10
[  603.816843][T15495]  vm_mmap_pgoff+0x29e/0x470
[  603.816888][T15495]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  603.816928][T15495]  ? rcu_is_watching+0x12/0xc0
[  603.816963][T15495]  ? irqentry_exit+0x180/0x670
[  603.817008][T15495]  ? irqentry_exit+0x180/0x670
[  603.817057][T15495]  ksys_mmap_pgoff+0x7d/0x5b0
[  603.817099][T15495]  __x64_sys_mmap+0x125/0x190
[  603.817141][T15495]  do_syscall_64+0x106/0xf80
[  603.817182][T15495]  ? clear_bhb_loop+0x40/0x90
[  603.817218][T15495]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  603.817246][T15495] RIP: 0033:0x7f1fc3b9bf79
[  603.817270][T15495] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  603.817299][T15495] RSP: 002b:00007f1fc4a79028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  603.817327][T15495] RAX: ffffffffffffffda RBX: 00007f1fc3e15fa0 RCX: 00007f1fc3b9bf79
[  603.817347][T15495] RDX: 0000000000000005 RSI: 0000000000000009 RDI: 0000000000000000
[  603.817365][T15495] RBP: 00007f1fc3c327e0 R08: 0000000000000002 R09: 0000000000008000
[  603.817383][T15495] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000
[  603.817402][T15495] R13: 00007f1fc3e16038 R14: 00007f1fc3e15fa0 R15: 00007ffe13df9638
[  603.817443][T15495]  </TASK>
[  604.335336][T15489] sp0: Synchronizing with TNC
[  604.567499][T15502] ubi: mtd0 is already attached to ubi0
[  605.774205][T15522] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000
[  605.805142][T15522] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  605.821742][T15522] memcg:ffff888030f43701
[  605.843839][T15522] ksm flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  605.854579][T15522] page_type: f5(slab)
[  605.861692][T15522] raw: 00fff00000000040 ffff88801ca85780 ffffea0001ff4800 dead000000000003
[  605.881441][T15522] raw: 0000000000000000 0000000000150015 00000000f5000000 ffff888030f43701
[  605.891561][T15522] head: 00fff00000000040 ffff88801ca85780 ffffea0001ff4800 dead000000000003
[  605.911252][T15522] head: 0000000000000000 0000000000150015 00000000f5000000 ffff888030f43701
[  605.920385][T15522] head: 00fff00000000001 ffffea0001e00001 00000000ffffffff 00000000ffffffff
[  605.947810][T15522] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[  605.967968][T15522] page dumped because: unmovable page
[  605.979856][T15522] page_owner tracks the page as allocated
[  605.995611][T15522] page last allocated via order 1, migratetype Reclaimable, gfp_mask 0xd20d0(__GFP_RECLAIMABLE|__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5206, tgid 5206 (udevadm), ts 37721358892, free_ts 30812616921
[  606.019808][ T6893] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  606.045569][T15522]  post_alloc_hook+0x1e1/0x250
[  606.059729][T15522]  get_page_from_freelist+0x111d/0x3140
[  606.071479][T15522]  __alloc_frozen_pages_noprof+0x26c/0x2410
[  606.079362][ T6893] CPU: 1 UID: 0 PID: 6893 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  606.079406][ T6893] Tainted: [L]=SOFTLOCKUP
[  606.079417][ T6893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  606.079433][ T6893] Call Trace:
[  606.079443][ T6893]  <TASK>
[  606.079453][ T6893]  dump_stack_lvl+0x100/0x190
[  606.079498][ T6893]  dump_header+0xfb/0x606
[  606.079530][ T6893]  oom_kill_process.cold+0xd/0x321
[  606.079564][ T6893]  out_of_memory+0x340/0x14f0
[  606.079602][ T6893]  ? __pfx_out_of_memory+0x10/0x10
[  606.079643][ T6893]  mem_cgroup_out_of_memory+0xc6/0x130
[  606.079685][ T6893]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  606.079725][ T6893]  ? find_held_lock+0x2b/0x80
[  606.079770][ T6893]  ? do_raw_spin_unlock+0x145/0x1e0
[  606.079805][ T6893]  ? _raw_spin_unlock+0x28/0x50
[  606.079846][ T6893]  try_charge_memcg+0x652/0xc90
[  606.079887][ T6893]  ? __pfx_try_charge_memcg+0x10/0x10
[  606.079928][ T6893]  ? find_held_lock+0x2b/0x80
[  606.079964][ T6893]  ? rcu_read_unlock+0x17/0x60
[  606.079997][ T6893]  ? rcu_read_unlock+0x17/0x60
[  606.080041][ T6893]  charge_memcg+0xa6/0x280
[  606.080075][ T6893]  mem_cgroup_swapin_charge_folio+0xeb/0x470
[  606.080122][ T6893]  __read_swap_cache_async+0x449/0x610
[  606.080172][ T6893]  ? __pfx___read_swap_cache_async+0x10/0x10
[  606.080216][ T6893]  ? rcu_is_watching+0x12/0xc0
[  606.080249][ T6893]  ? finish_task_switch.isra.0+0x205/0xb80
[  606.080289][ T6893]  ? lockdep_hardirqs_on+0x78/0x100
[  606.080330][ T6893]  ? finish_task_switch.isra.0+0x205/0xb80
[  606.080376][ T6893]  swap_cluster_readahead+0x541/0x770
[  606.080418][ T6893]  ? __schedule+0x1035/0x6000
[  606.080464][ T6893]  ? __pfx_swap_cluster_readahead+0x10/0x10
[  606.080509][ T6893]  ? __lock_acquire+0x4a5/0x2630
[  606.080536][ T6893]  ? __lock_acquire+0x4a5/0x2630
[  606.080581][ T6893]  ? get_vma_policy+0x23f/0x3b0
[  606.080620][ T6893]  swapin_readahead+0x14b/0x12e0
[  606.080675][ T6893]  ? __pfx_swapin_readahead+0x10/0x10
[  606.080718][ T6893]  ? find_held_lock+0x2b/0x80
[  606.080755][ T6893]  ? swap_cache_get_folio+0x272/0x920
[  606.080801][ T6893]  ? swap_cache_get_folio+0x272/0x920
[  606.080840][ T6893]  ? swap_cache_get_folio+0x1f/0x920
[  606.080879][ T6893]  ? swap_cache_get_folio+0x2a2/0x920
[  606.080923][ T6893]  ? __pfx_swap_cache_get_folio+0x10/0x10
[  606.080963][ T6893]  ? __pfx_get_swap_device+0x10/0x10
[  606.080996][ T6893]  ? finish_task_switch.isra.0+0x205/0xb80
[  606.081047][ T6893]  ? do_swap_page+0x9ba/0x6810
[  606.081086][ T6893]  do_swap_page+0x9ba/0x6810
[  606.081132][ T6893]  ? __lock_acquire+0x4a5/0x2630
[  606.081170][ T6893]  ? __pfx_do_swap_page+0x10/0x10
[  606.081216][ T6893]  ? __pfx_default_wake_function+0x10/0x10
[  606.081259][ T6893]  ? __free_object+0x2a8/0x400
[  606.081296][ T6893]  ? lockdep_hardirqs_on+0x78/0x100
[  606.081341][ T6893]  ? rcu_is_watching+0x12/0xc0
[  606.081374][ T6893]  ? __pte_offset_map+0x179/0x310
[  606.081413][ T6893]  __handle_mm_fault+0x18b9/0x2b50
[  606.081463][ T6893]  ? reacquire_held_locks+0xce/0x1e0
[  606.081493][ T6893]  ? __pfx___handle_mm_fault+0x10/0x10
[  606.081542][ T6893]  ? lock_vma_under_rcu+0x17c/0x5a0
[  606.081607][ T6893]  handle_mm_fault+0x36d/0xa20
[  606.081658][ T6893]  do_user_addr_fault+0x5a3/0x12f0
[  606.081709][ T6893]  exc_page_fault+0x6f/0xd0
[  606.081750][ T6893]  asm_exc_page_fault+0x26/0x30
[  606.081776][ T6893] RIP: 0033:0x7f953ab5c84e
[  606.081795][ T6893] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  606.081819][ T6893] RSP: 002b:00007fff882e75a8 EFLAGS: 00010246
[  606.081840][ T6893] RAX: 0000000000000000 RBX: 0000555592b2d500 RCX: 00007f953ab5c84e
[  606.081857][ T6893] RDX: 00007fff882e7600 RSI: 0000000000000000 RDI: 0000000000000000
[  606.081873][ T6893] RBP: 00007fff882e766c R08: 0000000000000000 R09: 0000000000000000
[  606.081890][ T6893] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000001388
[  606.081907][ T6893] R13: 00000000000927c0 R14: 0000000000093c88 R15: 00007fff882e76c0
[  606.081947][ T6893]  </TASK>
[  606.476818][T15522]  alloc_pages_mpol+0x1fb/0x550
[  606.476923][T15522]  new_slab+0x2c4/0x440
[  606.476963][T15522]  ___slab_alloc+0xdb3/0x1cb0
[  606.477014][T15522]  __slab_alloc.isra.0+0x63/0x110
[  606.477055][T15522]  kmem_cache_alloc_lru_noprof+0x507/0x7d0
[  606.477088][T15522]  __d_alloc+0x34/0xa80
[  606.477120][T15522]  d_alloc_parallel+0x111/0x14e0
[  606.477161][T15522]  __lookup_slow+0x193/0x460
[  606.477198][T15522]  lookup_slow+0x50/0x70
[  606.477233][T15522]  path_lookupat+0x5e8/0xc40
[  606.477274][T15522]  filename_lookup+0x202/0x590
[  606.477300][T15522]  vfs_statx+0xff/0x3f0
[  606.477331][T15522]  vfs_fstatat+0x77/0xe0
[  606.477365][T15522] page last free pid 1 tgid 1 stack trace:
[  606.477383][T15522]  __free_frozen_pages+0x822/0x1130
[  606.477423][T15522]  free_contig_range+0x1a3/0x520
[  606.477463][T15522]  destroy_args+0xa8/0x7a0
[  606.477506][T15522]  debug_vm_pgtable+0x1b66/0x34b0
[  606.477550][T15522]  do_one_initcall+0x11d/0x690
[  606.477577][T15522]  kernel_init_freeable+0x6e5/0x790
[  606.477622][T15522]  kernel_init+0x1f/0x1e0
[  606.477652][T15522]  ret_from_fork+0x754/0xd80
[  606.477686][T15522]  ret_from_fork_asm+0x1a/0x30
[  606.576327][ T6893] memory: usage 3072kB, limit 3072kB, failcnt 155921
[  606.576355][ T6893] memory+swap: usage 22452kB, limit 9007199254740988kB, failcnt 0
[  606.576375][ T6893] kmem: usage 3004kB, limit 9007199254740988kB, failcnt 0
[  606.576394][ T6893] Memory cgroup stats for /syz5:
[  606.576662][ T6893] cache 16384
[  606.576676][ T6893] rss 0
[  606.576687][ T6893] rss_huge 0
[  606.576698][ T6893] shmem 16384
[  606.576710][ T6893] mapped_file 16384
[  606.576722][ T6893] dirty 0
[  606.576734][ T6893] writeback 0
[  606.576746][ T6893] workingset_refault_anon 18429
[  606.576758][ T6893] workingset_refault_file 23365
[  606.576771][ T6893] swap 19828736
[  606.576783][ T6893] swapcached 57344
[  606.576795][ T6893] pgpgin 374339
[  606.576807][ T6893] pgpgout 380863
[  606.576819][ T6893] pgfault 298695
[  606.576830][ T6893] pgmajfault 9656
[  606.576842][ T6893] inactive_anon 73728
[  606.576855][ T6893] active_anon 0
[  606.576866][ T6893] inactive_file 0
[  606.576878][ T6893] active_file 0
[  606.576890][ T6893] unevictable 0
[  606.576902][ T6893] hierarchical_memory_limit 3145728
[  606.576914][ T6893] hierarchical_memsw_limit 9223372036854771712
[  606.576928][ T6893] total_cache 16384
[  606.576940][ T6893] total_rss 0
[  606.576953][ T6893] total_rss_huge 0
[  606.576965][ T6893] total_shmem 16384
[  606.576977][ T6893] total_mapped_file 16384
[  606.576989][ T6893] total_dirty 0
[  606.577000][ T6893] total_writeback 0
[  606.577013][ T6893] total_workingset_refault_anon 18429
[  606.577026][ T6893] total_workingset_refault_file 23365
[  606.577040][ T6893] total_swap 19828736
[  606.577052][ T6893] total_swapcached 57344
[  606.577065][ T6893] total_pgpgin 374339
[  606.577077][ T6893] total_pgpgout 380863
[  606.577090][ T6893] total_pgfault 298695
[  606.577102][ T6893] total_pgmajfault 9656
[  606.577115][ T6893] total_inactive_anon 73728
[  606.577127][ T6893] total_active_anon 0
[  606.577140][ T6893] total_inactive_file 0
[  606.577153][ T6893] total_active_file 0
[  606.577165][ T6893] total_unevictable 0
[  606.577177][ T6893] anon_cost 304
[  606.577189][ T6893] file_cost 0
[  606.577202][ T6893] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz.5.2063,pid=15481,uid=0
[  606.578427][ T6893] Memory cgroup out of memory: Killed process 15481 (syz.5.2063) total-vm:141668kB, anon-rss:1352kB, file-rss:26336kB, shmem-rss:80kB, UID:0 pgtables:192kB oom_score_adj:1000
[  607.090232][T15539] ubi: mtd0 is already attached to ubi0
[  608.244609][T15564] netlink: 25 bytes leftover after parsing attributes in process `syz.6.2082'.
[  608.560478][T15567] hub 1-0:1.0: USB hub found
[  608.595047][T15567] hub 1-0:1.0: 1 port detected
[  609.036745][T15584] ubi: mtd0 is already attached to ubi0
[  609.306409][ T8411] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 63 with max blocks 1 with error 117
[  609.346631][ T8411] EXT4-fs (sda1): This should not happen!! Data will be lost
[  609.346631][ T8411] 
[  609.373036][ T8411] EXT4-fs (sda1): Delayed block allocation failed for inode 2026 at logical offset 1 with max blocks 2 with error 117
[  609.385880][ T8411] EXT4-fs (sda1): This should not happen!! Data will be lost
[  609.385880][ T8411] 
[  609.408614][ T8411] EXT4-fs (sda1): Delayed block allocation failed for inode 2028 at logical offset 1 with max blocks 1 with error 117
[  609.427532][ T8411] EXT4-fs (sda1): This should not happen!! Data will be lost
[  609.427532][ T8411] 
[  609.591068][ T8411] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 950 with max blocks 74 with error 117
[  609.613103][ T8411] EXT4-fs (sda1): This should not happen!! Data will be lost
[  609.613103][ T8411] 
[  609.726056][T15591] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2088'.
[  610.974309][T15603] sp0: Synchronizing with TNC
[  611.070184][T15615] ubi: mtd0 is already attached to ubi0
[  611.342026][ T5143] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  612.103579][T15643] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2102'.
[  612.371557][T15643] team0: Port device team_slave_0 removed
[  612.993153][T15654] ubi: mtd0 is already attached to ubi0
[  613.410950][ T5143] Bluetooth: hci3: unexpected event 0x14 length: 16 > 6
[  613.495611][T15669] netlink: 25 bytes leftover after parsing attributes in process `syz.5.2109'.
[  614.232707][   T30] audit: type=1800 audit(2147483675.701:24): pid=15672 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2112" name="dbroot" dev="configfs" ino=70735 res=0 errno=0
[  614.263119][T15685] ubi: mtd0 is already attached to ubi0
[  614.470216][T15688] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2118'.
[  614.715761][T15695] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2119'.
[  614.912752][T15695] team0: Port device team_slave_0 removed
[  615.061028][T15699] ubi0: detaching mtd0
[  615.290611][T15699] ubi0: mtd0 is detached
[  616.251652][T15722] ubi0: attaching mtd0
[  616.285053][T15722] ubi0 error: ubi_add_to_av: two LEBs with same sequence number 1
[  616.342545][T15722] eraseblock attaching information dump:
[  616.355889][T15722] 	ec       1
[  616.359365][T15722] 	pnum     0
[  616.371919][T15722] 	lnum     0
[  616.381032][T15722] 	scrub    0
[  616.384747][T15722] 	sqnum    1
[  616.420074][T15722] Volume identifier header dump:
[  616.449048][T15726] FAULT_INJECTION: forcing a failure.
[  616.449048][T15726] name failslab, interval 1, probability 0, space 0, times 0
[  616.472095][T15726] CPU: 1 UID: 0 PID: 15726 Comm: syz.4.2129 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  616.472152][T15726] Tainted: [L]=SOFTLOCKUP
[  616.472163][T15726] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  616.472180][T15726] Call Trace:
[  616.472190][T15726]  <TASK>
[  616.472201][T15726]  dump_stack_lvl+0x100/0x190
[  616.472243][T15726]  should_fail_ex.cold+0x5/0xa
[  616.472277][T15726]  should_failslab+0xc2/0x120
[  616.472309][T15726]  kmem_cache_alloc_node_noprof+0x8c/0x880
[  616.472340][T15726]  ? __alloc_skb+0x156/0x410
[  616.472373][T15726]  ? __alloc_skb+0x156/0x410
[  616.472396][T15726]  __alloc_skb+0x156/0x410
[  616.472419][T15726]  ? __alloc_skb+0x35d/0x410
[  616.472444][T15726]  ? __pfx___alloc_skb+0x10/0x10
[  616.472482][T15726]  inet6_ifmcaddr_notify+0xd6/0x1d0
[  616.472519][T15726]  ? __pfx_inet6_ifmcaddr_notify+0x10/0x10
[  616.472567][T15726]  __ipv6_dev_mc_dec+0x297/0x340
[  616.472599][T15726]  ipv6_mc_destroy_dev+0x2cd/0x690
[  616.472627][T15726]  ? __local_bh_enable_ip+0x9e/0x120
[  616.472670][T15726]  addrconf_ifdown.isra.0+0x148a/0x1b70
[  616.472714][T15726]  ? __pfx_addrconf_ifdown.isra.0+0x10/0x10
[  616.472748][T15726]  ? net_generic+0xea/0x2a0
[  616.472782][T15726]  addrconf_notify+0x458/0x19c0
[  616.472817][T15726]  ? ip6mr_device_event+0x1bc/0x230
[  616.472860][T15726]  notifier_call_chain+0x99/0x3b0
[  616.472893][T15726]  call_netdevice_notifiers_info+0xbe/0x110
[  616.472932][T15726]  unregister_netdevice_many_notify+0x1208/0x2580
[  616.472978][T15726]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  616.473013][T15726]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  616.473060][T15726]  unregister_netdevice_queue+0x30b/0x3c0
[  616.473095][T15726]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  616.473129][T15726]  ? __pfx_locks_remove_file+0x10/0x10
[  616.473183][T15726]  ppp_release+0x211/0x230
[  616.473222][T15726]  ? __pfx_ppp_release+0x10/0x10
[  616.473257][T15726]  __fput+0x3ff/0xb40
[  616.473296][T15726]  task_work_run+0x150/0x240
[  616.473327][T15726]  ? __pfx_task_work_run+0x10/0x10
[  616.473367][T15726]  exit_to_user_mode_loop+0x100/0x4a0
[  616.473392][T15726]  ? rcu_is_watching+0x12/0xc0
[  616.473425][T15726]  do_syscall_64+0x668/0xf80
[  616.473463][T15726]  ? clear_bhb_loop+0x40/0x90
[  616.473495][T15726]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  616.473523][T15726] RIP: 0033:0x7f1b2479bf79
[  616.473545][T15726] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  616.473571][T15726] RSP: 002b:00007f1b256ed028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  616.473599][T15726] RAX: 0000000000000000 RBX: 00007f1b24a15fa0 RCX: 00007f1b2479bf79
[  616.473617][T15726] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[  616.473634][T15726] RBP: 00007f1b248327e0 R08: 0000000000000000 R09: 0000000000000000
[  616.473651][T15726] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  616.473667][T15726] R13: 00007f1b24a16038 R14: 00007f1b24a15fa0 R15: 00007fff6aec25b8
[  616.473703][T15726]  </TASK>
[  616.796242][T15722] 	magic     55424921
[  616.846003][T15722] 	version   1
[  616.869621][T15722] 	vol_type  1
[  616.899280][T15722] 	copy_flag 0
[  616.924410][T15722] 	compat    5
[  616.939755][T15722] 	vol_id    2147479551
[  616.957923][T15722] 	lnum      0
[  616.970784][T15722] 	data_size 0
[  616.992770][T15722] 	used_ebs  0
[  616.996255][T15722] 	data_pad  0
[  617.010881][T15722] 	sqnum     1
[  617.028241][T15722] 	hdr_crc   65b3bd2d
[  617.041357][T15722] Volume identifier header hexdump:
[  617.203352][T15722] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  617.810192][T15735] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.1.2131: iget: checksum invalid
[  617.958588][T15735] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74
[  617.987184][T15735] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.1.2131: iget: checksum invalid
[  618.093542][T15748] mtrr: base(0x100000) is not aligned on a size(0x0000) boundary
[  618.101941][T15735] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74
[  618.112540][T15735] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.1.2131: iget: checksum invalid
[  618.142955][T15735] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74
[  618.158959][T15735] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.1.2131: iget: checksum invalid
[  618.198349][T15735] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74
[  618.225315][T15735] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74
[  618.271148][T15735] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  618.865718][T15776] ubi0: attaching mtd0
[  618.871421][T15776] ubi0 error: ubi_add_to_av: two LEBs with same sequence number 1
[  618.915746][T15776] eraseblock attaching information dump:
[  618.932463][T15776] 	ec       1
[  618.935888][T15776] 	pnum     0
[  618.939292][T15776] 	lnum     0
[  618.942724][T15776] 	scrub    0
[  618.946140][T15776] 	sqnum    1
[  618.949624][T15776] Volume identifier header dump:
[  618.957947][T15776] 	magic     55424921
[  618.978510][T15776] 	version   1
[  619.001604][T15778] FAULT_INJECTION: forcing a failure.
[  619.001604][T15778] name failslab, interval 1, probability 0, space 0, times 0
[  619.002291][T15776] 	vol_type  1
[  619.024711][T15778] CPU: 1 UID: 0 PID: 15778 Comm: syz.6.2139 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  619.024764][T15778] Tainted: [L]=SOFTLOCKUP
[  619.024775][T15778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  619.024795][T15778] Call Trace:
[  619.024805][T15778]  <TASK>
[  619.024817][T15778]  dump_stack_lvl+0x100/0x190
[  619.024865][T15778]  should_fail_ex.cold+0x5/0xa
[  619.024899][T15778]  should_failslab+0xc2/0x120
[  619.024933][T15778]  ? unregister_netdevice_many_notify+0x903/0x2580
[  619.024974][T15778]  __kmalloc_noprof+0xf6/0x9c0
[  619.025036][T15778]  ? unregister_netdevice_many_notify+0x903/0x2580
[  619.025071][T15778]  ? flush_backlogs_alloc+0x5/0x60
[  619.025098][T15778]  unregister_netdevice_many_notify+0x903/0x2580
[  619.025135][T15778]  ? rcu_is_watching+0x12/0xc0
[  619.025174][T15778]  ? __mutex_lock+0x26a/0x1b90
[  619.025222][T15778]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  619.025261][T15778]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  619.025303][T15778]  ? __pfx___mutex_lock+0x10/0x10
[  619.025359][T15778]  unregister_netdevice_queue+0x30b/0x3c0
[  619.025399][T15778]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  619.025438][T15778]  ? __pfx_locks_remove_file+0x10/0x10
[  619.025475][T15778]  ppp_release+0x211/0x230
[  619.025517][T15778]  ? __pfx_ppp_release+0x10/0x10
[  619.025557][T15778]  __fput+0x3ff/0xb40
[  619.025601][T15778]  task_work_run+0x150/0x240
[  619.025637][T15778]  ? __pfx_task_work_run+0x10/0x10
[  619.025683][T15778]  exit_to_user_mode_loop+0x100/0x4a0
[  619.025712][T15778]  ? rcu_is_watching+0x12/0xc0
[  619.025750][T15778]  do_syscall_64+0x668/0xf80
[  619.025791][T15778]  ? clear_bhb_loop+0x40/0x90
[  619.025827][T15778]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  619.025856][T15778] RIP: 0033:0x7f290359bf79
[  619.025880][T15778] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  619.025906][T15778] RSP: 002b:00007f2904542028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  619.025934][T15778] RAX: 0000000000000000 RBX: 00007f2903815fa0 RCX: 00007f290359bf79
[  619.025951][T15778] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[  619.025965][T15778] RBP: 00007f29036327e0 R08: 0000000000000000 R09: 0000000000000000
[  619.025983][T15778] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  619.026010][T15778] R13: 00007f2903816038 R14: 00007f2903815fa0 R15: 00007ffda4012728
[  619.026051][T15778]  </TASK>
[  619.275110][T15776] 	copy_flag 0
[  619.279684][T15776] 	compat    5
[  619.283909][T15776] 	vol_id    2147479551
[  619.288725][T15776] 	lnum      0
[  619.292319][T15776] 	data_size 0
[  619.295807][T15776] 	used_ebs  0
[  619.299698][T15776] 	data_pad  0
[  619.303319][T15776] 	sqnum     1
[  619.306847][T15776] 	hdr_crc   65b3bd2d
[  619.310924][T15776] Volume identifier header hexdump:
[  619.549837][T15776] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  620.098144][T15796] sysfs_service_op_show: Client not running :-5:
[  622.029458][T15805] syz.5.2145 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  622.088750][T15805] CPU: 1 UID: 0 PID: 15805 Comm: syz.5.2145 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  622.088801][T15805] Tainted: [L]=SOFTLOCKUP
[  622.088814][T15805] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  622.088833][T15805] Call Trace:
[  622.088844][T15805]  <TASK>
[  622.088857][T15805]  dump_stack_lvl+0x100/0x190
[  622.088920][T15805]  dump_header+0xfb/0x606
[  622.088959][T15805]  oom_kill_process.cold+0xd/0x321
[  622.088993][T15805]  out_of_memory+0x340/0x14f0
[  622.089030][T15805]  ? __pfx_out_of_memory+0x10/0x10
[  622.089068][T15805]  mem_cgroup_out_of_memory+0xc6/0x130
[  622.089109][T15805]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  622.089148][T15805]  ? find_held_lock+0x2b/0x80
[  622.089191][T15805]  ? do_raw_spin_unlock+0x145/0x1e0
[  622.089227][T15805]  ? _raw_spin_unlock+0x28/0x50
[  622.089271][T15805]  try_charge_memcg+0x652/0xc90
[  622.089301][T15805]  ? __pfx_try_charge_memcg+0x10/0x10
[  622.089317][T15805]  ? rcu_read_unlock+0x17/0x60
[  622.089335][T15805]  ? rcu_read_unlock+0x17/0x60
[  622.089357][T15805]  ? get_mem_cgroup_from_objcg+0xd3/0x330
[  622.089382][T15805]  obj_cgroup_charge_account+0x33d/0x640
[  622.089404][T15805]  __memcg_slab_post_alloc_hook+0x2e4/0x880
[  622.089427][T15805]  ? kasan_save_track+0x14/0x30
[  622.089445][T15805]  kmem_cache_alloc_noprof+0x5d9/0x780
[  622.089462][T15805]  ? sk_prot_alloc+0x60/0x2a0
[  622.089486][T15805]  ? sk_prot_alloc+0x60/0x2a0
[  622.089504][T15805]  sk_prot_alloc+0x60/0x2a0
[  622.089528][T15805]  sk_alloc+0x36/0xe80
[  622.089545][T15805]  inet6_create+0x381/0x12c0
[  622.089564][T15805]  ? inet6_create+0x7f/0x12c0
[  622.089583][T15805]  __sock_create+0x339/0x860
[  622.089608][T15805]  inet_ctl_sock_create+0x94/0x230
[  622.089630][T15805]  ? __pfx_inet_ctl_sock_create+0x10/0x10
[  622.089651][T15805]  ? ndisc_net_init+0x1b1/0x230
[  622.089672][T15805]  ? __pfx_ndisc_net_init+0x10/0x10
[  622.089694][T15805]  igmp6_net_init+0x1b2/0x430
[  622.089718][T15805]  ? __pfx_igmp6_net_init+0x10/0x10
[  622.089752][T15805]  ops_init+0x1e2/0x5f0
[  622.089790][T15805]  setup_net+0x118/0x3a0
[  622.089825][T15805]  ? __pfx_setup_net+0x10/0x10
[  622.089858][T15805]  ? lockdep_init_map_type+0x5c/0x250
[  622.089891][T15805]  ? mutex_init_lockep+0x110/0x150
[  622.089931][T15805]  copy_net_ns+0x46f/0x7c0
[  622.089981][T15805]  create_new_namespaces+0x3ea/0xac0
[  622.090035][T15805]  unshare_nsproxy_namespaces+0xc3/0x1f0
[  622.090083][T15805]  ksys_unshare+0x455/0xab0
[  622.090119][T15805]  ? __pfx_ksys_unshare+0x10/0x10
[  622.090151][T15805]  ? xfd_validate_state+0x129/0x190
[  622.090201][T15805]  __x64_sys_unshare+0x31/0x40
[  622.090233][T15805]  do_syscall_64+0x106/0xf80
[  622.090278][T15805]  ? clear_bhb_loop+0x40/0x90
[  622.090315][T15805]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  622.090347][T15805] RIP: 0033:0x7f953ab9bf79
[  622.090373][T15805] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  622.090402][T15805] RSP: 002b:00007f953b9b8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  622.090433][T15805] RAX: ffffffffffffffda RBX: 00007f953ae16090 RCX: 00007f953ab9bf79
[  622.090455][T15805] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  622.090474][T15805] RBP: 00007f953ac327e0 R08: 0000000000000000 R09: 0000000000000000
[  622.090494][T15805] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  622.090513][T15805] R13: 00007f953ae16128 R14: 00007f953ae16090 R15: 00007fff882e72c8
[  622.090556][T15805]  </TASK>
[  622.091324][T15805] memory: usage 3072kB, limit 3072kB, failcnt 161251
[  622.455105][T15805] memory+swap: usage 3292kB, limit 9007199254740988kB, failcnt 0
[  622.474140][T15805] kmem: usage 3040kB, limit 9007199254740988kB, failcnt 0
[  622.481304][T15805] Memory cgroup stats for /syz5:
[  622.481606][T15805] cache 0
[  622.532592][T15805] rss 8192
[  622.545147][T15805] rss_huge 0
[  622.548352][T15805] shmem 0
[  622.551268][T15805] mapped_file 0
[  622.627496][T15805] dirty 0
[  622.630456][T15805] writeback 0
[  622.663986][T15805] workingset_refault_anon 19020
[  622.741920][T15805] workingset_refault_file 23365
[  622.753769][T15805] swap 229376
[  622.781691][T15805] swapcached 24576
[  622.801426][T15805] pgpgin 383075
[  622.831597][T15805] pgpgout 389771
[  622.862138][T15805] pgfault 310402
[  622.865706][T15805] pgmajfault 10051
[  622.882558][T15805] inactive_anon 4096
[  622.886507][T15805] active_anon 0
[  622.918665][T15805] inactive_file 0
[  622.930000][T15805] active_file 0
[  622.945201][T15805] unevictable 0
[  622.955708][T15805] hierarchical_memory_limit 3145728
[  622.966459][T15805] hierarchical_memsw_limit 9223372036854771712
[  622.999393][T15805] total_cache 0
[  623.003178][T15805] total_rss 8192
[  623.010507][T15805] total_rss_huge 0
[  623.021614][T15805] total_shmem 0
[  623.061918][T15805] total_mapped_file 0
[  623.065920][T15805] total_dirty 0
[  623.069368][T15805] total_writeback 0
[  623.086954][T15837] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input32
[  623.111211][T15805] total_workingset_refault_anon 19020
[  623.136154][T15805] total_workingset_refault_file 23365
[  623.143074][T15841] ubi0: attaching mtd0
[  623.158677][T15841] ubi0 error: ubi_add_to_av: two LEBs with same sequence number 1
[  623.173078][T15805] total_swap 229376
[  623.177178][T15805] total_swapcached 24576
[  623.181408][T15805] total_pgpgin 383075
[  623.202437][T15841] eraseblock attaching information dump:
[  623.220409][T15805] total_pgpgout 389771
[  623.271948][T15805] total_pgfault 310402
[  623.276402][T15805] total_pgmajfault 10051
[  623.280645][T15805] total_inactive_anon 4096
[  623.285258][T15841] 	ec       1
[  623.290284][T15841] 	pnum     0
[  623.296650][T15841] 	lnum     0
[  623.313987][T15841] 	scrub    0
[  623.328919][T15805] total_active_anon 0
[  623.339020][T15841] 	sqnum    1
[  623.355873][T15841] Volume identifier header dump:
[  623.363689][T15841] 	magic     55424921
[  623.381610][T15841] 	version   1
[  623.386097][T15805] total_inactive_file 0
[  623.396422][T15841] 	vol_type  1
[  623.404350][T15841] 	copy_flag 0
[  623.422093][T15841] 	compat    5
[  623.425521][T15841] 	vol_id    2147479551
[  623.441400][T15841] 	lnum      0
[  623.442092][T15805] total_active_file 0
[  623.456736][T15805] total_unevictable 0
[  623.460855][T15841] 	data_size 0
[  623.468516][T15805] anon_cost 291
[  623.475801][T15841] 	used_ebs  0
[  623.485966][T15841] 	data_pad  0
[  623.493869][T15841] 	sqnum     1
[  623.499159][T15805] file_cost 0
[  623.507000][T15841] 	hdr_crc   65b3bd2d
[  623.513290][T15805] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz.5.2145,pid=15802,uid=0
[  623.531092][T15841] Volume identifier header hexdump:
[  623.559864][T15805] Memory cgroup out of memory: Killed process 15805 (syz.5.2145) total-vm:207204kB, anon-rss:1328kB, file-rss:25840kB, shmem-rss:0kB, UID:0 pgtables:160kB oom_score_adj:1000
[  623.691437][T15841] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  623.799664][T15845] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2150'.
[  623.840201][T15839] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input33
[  625.544012][T15871] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.5.2158: iget: checksum invalid
[  625.590712][T15871] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74
[  625.691410][T15871] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.5.2158: iget: checksum invalid
[  625.774422][T15871] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74
[  625.913482][T15871] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.5.2158: iget: checksum invalid
[  625.932393][T15871] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74
[  625.978451][T15871] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.5.2158: iget: checksum invalid
[  626.034168][T15871] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74
[  626.045746][T15871] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74
[  626.061350][T15871] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  626.156423][T15890] binder: 15867:15890 ioctl c018620c 0 returned -1
[  626.463830][T15908] syz.5.2158 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  626.474992][T15908] CPU: 1 UID: 0 PID: 15908 Comm: syz.5.2158 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  626.475033][T15908] Tainted: [L]=SOFTLOCKUP
[  626.475043][T15908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  626.475060][T15908] Call Trace:
[  626.475072][T15908]  <TASK>
[  626.475083][T15908]  dump_stack_lvl+0x100/0x190
[  626.475123][T15908]  dump_header+0xfb/0x606
[  626.475154][T15908]  oom_kill_process.cold+0xd/0x321
[  626.475187][T15908]  out_of_memory+0x340/0x14f0
[  626.475223][T15908]  ? __pfx_out_of_memory+0x10/0x10
[  626.475264][T15908]  mem_cgroup_out_of_memory+0xc6/0x130
[  626.475306][T15908]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  626.475345][T15908]  ? find_held_lock+0x2b/0x80
[  626.475389][T15908]  ? do_raw_spin_unlock+0x145/0x1e0
[  626.475424][T15908]  ? _raw_spin_unlock+0x28/0x50
[  626.475465][T15908]  try_charge_memcg+0x652/0xc90
[  626.475504][T15908]  ? __pfx_try_charge_memcg+0x10/0x10
[  626.475545][T15908]  ? find_held_lock+0x2b/0x80
[  626.475581][T15908]  ? rcu_read_unlock+0x17/0x60
[  626.475622][T15908]  ? rcu_read_unlock+0x17/0x60
[  626.475660][T15908]  charge_memcg+0xa6/0x280
[  626.475694][T15908]  mem_cgroup_swapin_charge_folio+0xeb/0x470
[  626.475738][T15908]  __read_swap_cache_async+0x449/0x610
[  626.475788][T15908]  ? __pfx___read_swap_cache_async+0x10/0x10
[  626.475829][T15908]  ? mlock_drain_local+0x254/0x4e0
[  626.475855][T15908]  ? mlock_drain_local+0x254/0x4e0
[  626.475882][T15908]  swap_cluster_readahead+0x414/0x770
[  626.475910][T15908]  ? __pfx_swap_cluster_readahead+0x10/0x10
[  626.475935][T15908]  ? __lock_acquire+0x4a5/0x2630
[  626.475949][T15908]  ? __lock_acquire+0x4a5/0x2630
[  626.475971][T15908]  ? get_vma_policy+0x23f/0x3b0
[  626.475991][T15908]  swapin_readahead+0x14b/0x12e0
[  626.476020][T15908]  ? __pfx_swapin_readahead+0x10/0x10
[  626.476042][T15908]  ? find_held_lock+0x2b/0x80
[  626.476062][T15908]  ? swap_cache_get_folio+0x272/0x920
[  626.476086][T15908]  ? swap_cache_get_folio+0x272/0x920
[  626.476106][T15908]  ? swap_cache_get_folio+0x1f/0x920
[  626.476126][T15908]  ? swap_cache_get_folio+0x2a2/0x920
[  626.476149][T15908]  ? __pfx_swap_cache_get_folio+0x10/0x10
[  626.476170][T15908]  ? __pfx_get_swap_device+0x10/0x10
[  626.476193][T15908]  ? do_swap_page+0x9ba/0x6810
[  626.476214][T15908]  do_swap_page+0x9ba/0x6810
[  626.476238][T15908]  ? __lock_acquire+0x4a5/0x2630
[  626.476263][T15908]  ? __pfx_do_swap_page+0x10/0x10
[  626.476305][T15908]  ? __pfx_default_wake_function+0x10/0x10
[  626.476348][T15908]  ? do_anonymous_page+0x9e9/0x1f40
[  626.476371][T15908]  ? rcu_is_watching+0x12/0xc0
[  626.476389][T15908]  ? __pte_offset_map+0x179/0x310
[  626.476409][T15908]  __handle_mm_fault+0x18b9/0x2b50
[  626.476435][T15908]  ? reacquire_held_locks+0xce/0x1e0
[  626.476451][T15908]  ? __pfx___handle_mm_fault+0x10/0x10
[  626.476476][T15908]  ? lock_vma_under_rcu+0x17c/0x5a0
[  626.476510][T15908]  handle_mm_fault+0x36d/0xa20
[  626.476536][T15908]  do_user_addr_fault+0x5a3/0x12f0
[  626.476563][T15908]  exc_page_fault+0x6f/0xd0
[  626.476586][T15908]  asm_exc_page_fault+0x26/0x30
[  626.476606][T15908] RIP: 0033:0x7f953aa6253b
[  626.476620][T15908] Code: 31 c0 31 c9 ba 80 00 00 00 48 89 de bf ca 00 00 00 31 c0 e8 37 9a 13 00 8b 03 85 c0 74 e1 c7 45 08 00 00 00 00 45 84 e4 74 31 <80> 3d a3 31 ee 00 00 74 28 80 3d 88 31 ee 00 00 0f b6 35 7e 31 ee
[  626.476635][T15908] RSP: 002b:00007f953b9760f0 EFLAGS: 00010202
[  626.476649][T15908] RAX: 0000000000000001 RBX: 00007f953ae16278 RCX: 00007f953ab9bf79
[  626.476659][T15908] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f953ae16278
[  626.476668][T15908] RBP: 00007f953ae16270 R08: 00007f953b9766c0 R09: 0000000000000000
[  626.476678][T15908] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  626.476687][T15908] R13: 00007f953ae16308 R14: 00007fff882e71e0 R15: 00007fff882e72c8
[  626.476707][T15908]  </TASK>
[  626.476999][T15908] memory: usage 3072kB, limit 3072kB, failcnt 161479
[  626.853153][T15908] memory+swap: usage 3212kB, limit 9007199254740988kB, failcnt 0
[  626.861276][T15908] kmem: usage 2968kB, limit 9007199254740988kB, failcnt 0
[  626.962001][T15908] Memory cgroup stats for /syz5:
[  626.962195][T15908] cache 0
[  626.981660][T15908] rss 0
[  626.992147][T15908] rss_huge 0
[  627.115085][T15908] shmem 0
[  627.118071][T15908] mapped_file 0
[  627.121544][T15908] dirty 0
[  627.174042][T15908] writeback 0
[  627.182000][T15908] workingset_refault_anon 19095
[  627.192705][T15908] workingset_refault_file 23365
[  627.209543][T15908] swap 143360
[  627.213311][T15908] swapcached 106496
[  627.221330][T15908] pgpgin 383229
[  627.244243][T15908] pgpgout 389906
[  627.249011][T15908] pgfault 311326
[  627.272560][T15908] pgmajfault 10086
[  627.291837][T15908] inactive_anon 106496
[  627.313182][T15908] active_anon 0
[  627.318046][T15908] inactive_file 0
[  627.321721][T15908] active_file 0
[  627.372739][T15908] unevictable 0
[  627.376282][T15908] hierarchical_memory_limit 3145728
[  627.390488][T15908] hierarchical_memsw_limit 9223372036854771712
[  627.396860][T15908] total_cache 0
[  627.400492][T15908] total_rss 0
[  627.403979][T15908] total_rss_huge 0
[  627.410052][T15908] total_shmem 0
[  627.414107][T15908] total_mapped_file 0
[  627.425153][T15908] total_dirty 0
[  627.430049][T15908] total_writeback 0
[  627.476876][T15908] total_workingset_refault_anon 19095
[  627.482373][T15908] total_workingset_refault_file 23365
[  627.503647][T15908] total_swap 143360
[  627.551068][T15908] total_swapcached 106496
[  627.581926][T15908] total_pgpgin 383229
[  627.589437][T15908] total_pgpgout 389906
[  627.611558][T15908] total_pgfault 311326
[  627.630098][T15908] total_pgmajfault 10086
[  627.647072][T15908] total_inactive_anon 106496
[  627.661149][T15908] total_active_anon 0
[  627.667947][T15908] total_inactive_file 0
[  627.675617][T15908] total_active_file 0
[  627.680400][T15908] total_unevictable 0
[  627.690217][T15908] anon_cost 288
[  627.704543][T15908] file_cost 0
[  627.735737][T15908] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz.5.2158,pid=15869,uid=0
[  627.776441][T15908] Memory cgroup out of memory: Killed process 15869 (syz.5.2158) total-vm:178544kB, anon-rss:1352kB, file-rss:30252kB, shmem-rss:0kB, UID:0 pgtables:172kB oom_score_adj:1000
[  628.836809][T15946] EXT4-fs (sda1): Delayed block allocation failed for inode 2030 at logical offset 1 with max blocks 1 with error 117
[  628.860091][T15946] EXT4-fs (sda1): This should not happen!! Data will be lost
[  628.860091][T15946] 
[  629.684534][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  629.690930][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  630.071750][T15984] FAULT_INJECTION: forcing a failure.
[  630.071750][T15984] name failslab, interval 1, probability 0, space 0, times 0
[  630.172931][T15984] CPU: 1 UID: 0 PID: 15984 Comm: syz.5.2175 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  630.172980][T15984] Tainted: [L]=SOFTLOCKUP
[  630.172990][T15984] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  630.173006][T15984] Call Trace:
[  630.173016][T15984]  <TASK>
[  630.173028][T15984]  dump_stack_lvl+0x100/0x190
[  630.173074][T15984]  should_fail_ex.cold+0x5/0xa
[  630.173106][T15984]  should_failslab+0xc2/0x120
[  630.173139][T15984]  ? unregister_netdevice_many_notify+0x903/0x2580
[  630.173176][T15984]  __kmalloc_noprof+0xf6/0x9c0
[  630.173224][T15984]  ? unregister_netdevice_many_notify+0x903/0x2580
[  630.173259][T15984]  ? flush_backlogs_alloc+0x5/0x60
[  630.173285][T15984]  unregister_netdevice_many_notify+0x903/0x2580
[  630.173320][T15984]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  630.173366][T15984]  ? __mutex_lock+0x7ca/0x1b90
[  630.173405][T15984]  ? lockdep_hardirqs_on+0x78/0x100
[  630.173448][T15984]  ? __mutex_lock+0x26a/0x1b90
[  630.173499][T15984]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  630.173540][T15984]  ? __pfx___mutex_lock+0x10/0x10
[  630.173590][T15984]  unregister_netdevice_queue+0x30b/0x3c0
[  630.173626][T15984]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  630.173663][T15984]  ? __pfx_locks_remove_file+0x10/0x10
[  630.173696][T15984]  ppp_release+0x211/0x230
[  630.173733][T15984]  ? __pfx_ppp_release+0x10/0x10
[  630.173768][T15984]  __fput+0x3ff/0xb40
[  630.173806][T15984]  task_work_run+0x150/0x240
[  630.173838][T15984]  ? __pfx_task_work_run+0x10/0x10
[  630.173878][T15984]  exit_to_user_mode_loop+0x100/0x4a0
[  630.173903][T15984]  ? rcu_is_watching+0x12/0xc0
[  630.173936][T15984]  do_syscall_64+0x668/0xf80
[  630.173974][T15984]  ? clear_bhb_loop+0x40/0x90
[  630.174005][T15984]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  630.174032][T15984] RIP: 0033:0x7f953ab9bf79
[  630.174053][T15984] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  630.174080][T15984] RSP: 002b:00007f953b9d9028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  630.174109][T15984] RAX: 0000000000000000 RBX: 00007f953ae15fa0 RCX: 00007f953ab9bf79
[  630.174127][T15984] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[  630.174144][T15984] RBP: 00007f953ac327e0 R08: 0000000000000000 R09: 0000000000000000
[  630.174161][T15984] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  630.174178][T15984] R13: 00007f953ae16038 R14: 00007f953ae15fa0 R15: 00007fff882e72c8
[  630.174214][T15984]  </TASK>
[  630.601873][T16001] netlink: 25 bytes leftover after parsing attributes in process `syz.4.2176'.
[  631.497052][T16009] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.4.2178: iget: checksum invalid
[  631.536886][T16009] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74
[  631.551948][T16009] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.4.2178: iget: checksum invalid
[  631.586465][T16009] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74
[  631.597659][T16009] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.4.2178: iget: checksum invalid
[  631.611102][T16009] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74
[  631.623813][T16009] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.4.2178: iget: checksum invalid
[  631.651964][T16009] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74
[  631.686096][T16009] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74
[  631.696126][T16009] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  632.468441][   T49] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 63 with max blocks 1 with error 117
[  632.504939][   T49] EXT4-fs (sda1): This should not happen!! Data will be lost
[  632.504939][   T49] 
[  632.588570][   T49] EXT4-fs (sda1): Delayed block allocation failed for inode 2026 at logical offset 1 with max blocks 1 with error 117
[  632.633321][   T24] Process accounting resumed
[  632.675239][   T49] EXT4-fs (sda1): This should not happen!! Data will be lost
[  632.675239][   T49] 
[  632.752561][   T24] Process accounting resumed
[  632.847849][T16047] Process accounting resumed
[  633.027585][   T49] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 941 with max blocks 83 with error 117
[  633.047261][   T49] EXT4-fs (sda1): This should not happen!! Data will be lost
[  633.047261][   T49] 
[  633.510371][T16057] bridge0: port 3(gretap0) entered blocking state
[  633.546219][T16057] bridge0: port 3(gretap0) entered disabled state
[  633.562701][T16057] gretap0: entered allmulticast mode
[  633.608319][T16057] gretap0: entered promiscuous mode
[  633.646727][T16057] bridge0: port 3(gretap0) entered blocking state
[  633.653369][T16057] bridge0: port 3(gretap0) entered forwarding state
[  635.730982][T16117] ubi0: attaching mtd0
[  635.736842][T16117] ubi0 error: ubi_add_to_av: two LEBs with same sequence number 1
[  635.761872][T16117] eraseblock attaching information dump:
[  635.791932][T16117] 	ec       1
[  635.795279][T16117] 	pnum     0
[  635.798585][T16117] 	lnum     0
[  635.827807][T16117] 	scrub    0
[  635.831146][T16117] 	sqnum    1
[  635.849717][T16117] Volume identifier header dump:
[  635.862652][T16117] 	magic     55424921
[  635.894219][T16117] 	version   1
[  635.898760][T16117] 	vol_type  1
[  635.903376][T16117] 	copy_flag 0
[  635.906782][T16117] 	compat    5
[  635.940689][T16117] 	vol_id    2147479551
[  635.952368][T16117] 	lnum      0
[  635.955759][T16117] 	data_size 0
[  635.967719][T16117] 	used_ebs  0
[  635.986326][T16117] 	data_pad  0
[  636.010686][T16117] 	sqnum     1
[  636.039966][T16117] 	hdr_crc   65b3bd2d
[  636.053753][T16117] Volume identifier header hexdump:
[  636.204144][T16117] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  636.425350][T16133] mkiss: ax0: crc mode is auto.
[  636.599428][T16135] FAULT_INJECTION: forcing a failure.
[  636.599428][T16135] name failslab, interval 1, probability 0, space 0, times 0
[  636.613075][T16135] CPU: 0 UID: 0 PID: 16135 Comm: syz.6.2206 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  636.613120][T16135] Tainted: [L]=SOFTLOCKUP
[  636.613130][T16135] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  636.613147][T16135] Call Trace:
[  636.613156][T16135]  <TASK>
[  636.613167][T16135]  dump_stack_lvl+0x100/0x190
[  636.613210][T16135]  should_fail_ex.cold+0x5/0xa
[  636.613242][T16135]  should_failslab+0xc2/0x120
[  636.613274][T16135]  ? tomoyo_realpath_from_path+0xb6/0x690
[  636.613307][T16135]  __kmalloc_noprof+0xf6/0x9c0
[  636.613347][T16135]  ? kfree+0x2a9/0x690
[  636.613393][T16135]  ? tomoyo_realpath_from_path+0xb6/0x690
[  636.613427][T16135]  tomoyo_realpath_from_path+0xb6/0x690
[  636.613470][T16135]  tomoyo_path_number_perm+0x23c/0x580
[  636.613497][T16135]  ? tomoyo_path_number_perm+0x22e/0x580
[  636.613527][T16135]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  636.613593][T16135]  ? find_held_lock+0x2b/0x80
[  636.613628][T16135]  ? __fget_files+0x215/0x3d0
[  636.613654][T16135]  ? hook_file_ioctl_common+0x146/0x410
[  636.613691][T16135]  ? __fget_files+0x21f/0x3d0
[  636.613724][T16135]  security_file_ioctl+0xd3/0x230
[  636.613762][T16135]  __x64_sys_ioctl+0xb7/0x210
[  636.613805][T16135]  do_syscall_64+0x106/0xf80
[  636.613845][T16135]  ? clear_bhb_loop+0x40/0x90
[  636.613879][T16135]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  636.613908][T16135] RIP: 0033:0x7f290359bf79
[  636.613931][T16135] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  636.613959][T16135] RSP: 002b:00007f2904542028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  636.613986][T16135] RAX: ffffffffffffffda RBX: 00007f2903815fa0 RCX: 00007f290359bf79
[  636.614006][T16135] RDX: 0000200000000080 RSI: 0000000000005412 RDI: 000000000000000b
[  636.614024][T16135] RBP: 00007f2904542090 R08: 0000000000000000 R09: 0000000000000000
[  636.614041][T16135] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  636.614058][T16135] R13: 00007f2903816038 R14: 00007f2903815fa0 R15: 00007ffda4012728
[  636.614096][T16135]  </TASK>
[  636.614108][T16135] ERROR: Out of memory at tomoyo_realpath_from_path.
[  637.737800][T16161] ubi0: attaching mtd0
[  637.777367][T16161] ubi0 error: ubi_add_to_av: two LEBs with same sequence number 1
[  637.805705][T16161] eraseblock attaching information dump:
[  637.814479][T16161] 	ec       1
[  637.818157][T16161] 	pnum     0
[  637.821456][T16161] 	lnum     0
[  637.837767][T16161] 	scrub    0
[  637.841112][T16161] 	sqnum    1
[  637.857760][T16161] Volume identifier header dump:
[  637.877694][T16161] 	magic     55424921
[  637.887854][T16161] 	version   1
[  637.891267][T16161] 	vol_type  1
[  637.910493][T16161] 	copy_flag 0
[  637.921765][T16161] 	compat    5
[  637.926582][T16161] 	vol_id    2147479551
[  637.930748][T16161] 	lnum      0
[  637.965472][T16161] 	data_size 0
[  637.968888][T16161] 	used_ebs  0
[  637.991088][T16161] 	data_pad  0
[  638.005513][T16161] 	sqnum     1
[  638.019370][T16161] 	hdr_crc   65b3bd2d
[  638.038013][T16161] Volume identifier header hexdump:
[  638.218769][T16161] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  638.803241][T16180] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2220'.
[  640.427741][ T3474] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 63 with max blocks 1 with error 117
[  640.506817][ T3474] EXT4-fs (sda1): This should not happen!! Data will be lost
[  640.506817][ T3474] 
[  640.569573][ T3474] EXT4-fs (sda1): Delayed block allocation failed for inode 2026 at logical offset 1 with max blocks 1 with error 117
[  640.666436][ T3474] EXT4-fs (sda1): This should not happen!! Data will be lost
[  640.666436][ T3474] 
[  640.687636][ T3474] EXT4-fs (sda1): Delayed block allocation failed for inode 2028 at logical offset 1 with max blocks 17 with error 117
[  640.731092][ T3474] EXT4-fs (sda1): This should not happen!! Data will be lost
[  640.731092][ T3474] 
[  640.792393][ T3474] EXT4-fs (sda1): Delayed block allocation failed for inode 2030 at logical offset 1 with max blocks 1 with error 117
[  640.833176][ T3474] EXT4-fs (sda1): This should not happen!! Data will be lost
[  640.833176][ T3474] 
[  640.909259][ T8415] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 971 with max blocks 53 with error 117
[  640.969159][ T8415] EXT4-fs (sda1): This should not happen!! Data will be lost
[  640.969159][ T8415] 
[  641.429525][T16195] syz.5.2223 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  641.457987][T16195] CPU: 0 UID: 0 PID: 16195 Comm: syz.5.2223 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  641.458030][T16195] Tainted: [L]=SOFTLOCKUP
[  641.458039][T16195] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  641.458055][T16195] Call Trace:
[  641.458064][T16195]  <TASK>
[  641.458075][T16195]  dump_stack_lvl+0x100/0x190
[  641.458125][T16195]  dump_header+0xfb/0x606
[  641.458155][T16195]  oom_kill_process.cold+0xd/0x321
[  641.458188][T16195]  out_of_memory+0x340/0x14f0
[  641.458223][T16195]  ? __pfx_out_of_memory+0x10/0x10
[  641.458260][T16195]  mem_cgroup_out_of_memory+0xc6/0x130
[  641.458301][T16195]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  641.458339][T16195]  ? find_held_lock+0x2b/0x80
[  641.458378][T16195]  ? do_raw_spin_unlock+0x145/0x1e0
[  641.458409][T16195]  ? _raw_spin_unlock+0x28/0x50
[  641.458445][T16195]  try_charge_memcg+0x652/0xc90
[  641.458483][T16195]  ? __pfx_try_charge_memcg+0x10/0x10
[  641.458521][T16195]  ? find_held_lock+0x2b/0x80
[  641.458554][T16195]  ? rcu_read_unlock+0x17/0x60
[  641.458584][T16195]  ? rcu_read_unlock+0x17/0x60
[  641.458620][T16195]  charge_memcg+0xa6/0x280
[  641.458651][T16195]  mem_cgroup_swapin_charge_folio+0xeb/0x470
[  641.458691][T16195]  __read_swap_cache_async+0x449/0x610
[  641.458732][T16195]  ? __pfx___read_swap_cache_async+0x10/0x10
[  641.458770][T16195]  ? __lock_acquire+0x4a5/0x2630
[  641.458799][T16195]  ? __xa_erase+0xec/0x150
[  641.458822][T16195]  ? __pfx___xa_erase+0x10/0x10
[  641.458853][T16195]  swap_cluster_readahead+0x541/0x770
[  641.458901][T16195]  ? __pfx_swap_cluster_readahead+0x10/0x10
[  641.458947][T16195]  ? __lock_acquire+0x4a5/0x2630
[  641.458975][T16195]  ? _raw_spin_unlock+0x28/0x50
[  641.459008][T16195]  ? move_cluster+0x1f7/0x570
[  641.459049][T16195]  ? get_vma_policy+0x23f/0x3b0
[  641.459087][T16195]  swapin_readahead+0x14b/0x12e0
[  641.459148][T16195]  ? __pfx_swapin_readahead+0x10/0x10
[  641.459191][T16195]  ? find_held_lock+0x2b/0x80
[  641.459228][T16195]  ? swap_cache_get_folio+0x272/0x920
[  641.459273][T16195]  ? swap_cache_get_folio+0x272/0x920
[  641.459311][T16195]  ? swap_cache_get_folio+0x1f/0x920
[  641.459350][T16195]  ? swap_cache_get_folio+0x2a2/0x920
[  641.459391][T16195]  ? __pfx_swap_cache_get_folio+0x10/0x10
[  641.459431][T16195]  ? __pfx_get_swap_device+0x10/0x10
[  641.459468][T16195]  ? do_swap_page+0x9ba/0x6810
[  641.459503][T16195]  do_swap_page+0x9ba/0x6810
[  641.459547][T16195]  ? __lock_acquire+0x4a5/0x2630
[  641.459583][T16195]  ? __pfx_do_swap_page+0x10/0x10
[  641.459624][T16195]  ? __pfx_default_wake_function+0x10/0x10
[  641.459671][T16195]  ? rcu_is_watching+0x12/0xc0
[  641.459708][T16195]  ? __pte_offset_map+0x179/0x310
[  641.459743][T16195]  __handle_mm_fault+0x18b9/0x2b50
[  641.459788][T16195]  ? reacquire_held_locks+0xce/0x1e0
[  641.459815][T16195]  ? __pfx___handle_mm_fault+0x10/0x10
[  641.459860][T16195]  ? lock_vma_under_rcu+0x17c/0x5a0
[  641.459919][T16195]  handle_mm_fault+0x36d/0xa20
[  641.459965][T16195]  do_user_addr_fault+0x5a3/0x12f0
[  641.460011][T16195]  exc_page_fault+0x6f/0xd0
[  641.460049][T16195]  asm_exc_page_fault+0x26/0x30
[  641.460075][T16195] RIP: 0033:0x7f953aa59c8e
[  641.460096][T16195] Code: 8c 1d 00 31 c0 e8 a2 7b ff ff 48 8d 3d e6 8d 1d 00 31 c0 e8 94 7b ff ff 0f 1f 40 00 41 57 41 56 41 55 41 54 55 53 48 83 ec 18 <48> 8b 47 40 48 8b 57 48 48 39 d0 0f 82 5a 18 ff ff 4c 8b 67 38 48
[  641.460129][T16195] RSP: 002b:00007fff882e72c0 EFLAGS: 00010206
[  641.460150][T16195] RAX: 0000000000000000 RBX: ffffffff823f87fd RCX: fffffffffffdbfc8
[  641.460168][T16195] RDX: 00000000000007fd RSI: 0000000000000008 RDI: 00007f953b945720
[  641.460186][T16195] RBP: 00000000000000f8 R08: 00007f953ae00000 R09: 00007f953ae02000
[  641.460203][T16195] R10: 00000000823f8801 R11: 000000000000000e R12: 00007f953ae16128
[  641.460220][T16195] R13: 000000000000011b R14: ffffffff823f8dc0 R15: 00007f953b945720
[  641.460239][T16195]  ? filemap_map_pages+0x2d0/0x2110
[  641.460268][T16195]  ? replace_page_cache_folio+0x80d/0xaf0
[  641.460309][T16195]  </TASK>
[  641.842624][T16195] memory: usage 3060kB, limit 3072kB, failcnt 167754
[  641.849327][T16195] memory+swap: usage 3212kB, limit 9007199254740988kB, failcnt 0
[  641.859485][T16195] kmem: usage 2956kB, limit 9007199254740988kB, failcnt 0
[  641.870523][T16195] Memory cgroup stats for /syz5:
[  641.870673][T16195] cache 0
[  641.878547][T16195] rss 28672
[  641.881648][T16195] rss_huge 0
[  641.884858][T16195] shmem 0
[  641.887780][T16195] mapped_file 0
[  641.891246][T16195] dirty 0
[  641.894192][T16195] writeback 0
[  641.897461][T16195] workingset_refault_anon 19821
[  641.902337][T16195] workingset_refault_file 25143
[  641.907175][T16195] swap 147456
[  641.910451][T16195] swapcached 110592
[  641.914569][T16195] pgpgin 390852
[  641.918183][T16195] pgpgout 397537
[  641.921736][T16195] pgfault 320858
[  641.925690][T16195] pgmajfault 10480
[  641.929425][T16195] inactive_anon 8192
[  641.933391][T16195] active_anon 4096
[  641.937195][T16195] inactive_file 0
[  641.940814][T16195] active_file 0
[  641.944293][T16195] unevictable 0
[  641.947747][T16195] hierarchical_memory_limit 3145728
[  641.953061][T16195] hierarchical_memsw_limit 9223372036854771712
[  641.959205][T16195] total_cache 0
[  641.962663][T16195] total_rss 28672
[  641.966280][T16195] total_rss_huge 0
[  641.969978][T16195] total_shmem 0
[  641.973520][T16195] total_mapped_file 0
[  641.977492][T16195] total_dirty 0
[  641.980946][T16195] total_writeback 0
[  641.984787][T16195] total_workingset_refault_anon 19821
[  641.990148][T16195] total_workingset_refault_file 25143
[  641.995522][T16195] total_swap 147456
[  641.999411][T16195] total_swapcached 110592
[  642.003755][T16195] total_pgpgin 390852
[  642.007732][T16195] total_pgpgout 397537
[  642.011823][T16195] total_pgfault 320858
[  642.016556][T16195] total_pgmajfault 10480
[  642.020808][T16195] total_inactive_anon 8192
[  642.025231][T16195] total_active_anon 4096
[  642.029836][T16195] total_inactive_file 0
[  642.034213][T16195] total_active_file 0
[  642.038177][T16195] total_unevictable 0
[  642.042501][T16195] anon_cost 323
[  642.046071][T16195] file_cost 0
[  642.049355][T16195] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz.5.2223,pid=16195,uid=0
[  642.064427][T16195] Memory cgroup out of memory: Killed process 16195 (syz.5.2223) total-vm:207204kB, anon-rss:1328kB, file-rss:26124kB, shmem-rss:0kB, UID:0 pgtables:160kB oom_score_adj:1000
[  642.089234][ T5143] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  642.503691][T16213] ubi0: attaching mtd0
[  642.516503][T16213] ubi0 error: ubi_add_to_av: two LEBs with same sequence number 1
[  642.531923][T16213] eraseblock attaching information dump:
[  642.537602][T16213] 	ec       1
[  642.541252][T16213] 	pnum     0
[  642.553475][T16213] 	lnum     0
[  642.556803][T16213] 	scrub    0
[  642.560429][T16213] 	sqnum    1
[  642.564337][T16213] Volume identifier header dump:
[  642.569432][T16213] 	magic     55424921
[  642.584869][T16213] 	version   1
[  642.592044][T16213] 	vol_type  1
[  642.604893][T16213] 	copy_flag 0
[  642.604911][T16213] 	compat    5
[  642.604918][T16213] 	vol_id    2147479551
[  642.604925][T16213] 	lnum      0
[  642.604931][T16213] 	data_size 0
[  642.604937][T16213] 	used_ebs  0
[  642.604943][T16213] 	data_pad  0
[  642.604949][T16213] 	sqnum     1
[  642.604955][T16213] 	hdr_crc   65b3bd2d
[  642.604962][T16213] Volume identifier header hexdump:
[  642.723865][T16213] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  642.764639][T16224] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2230'.
[  642.954394][T16229] ubi0: attaching mtd0
[  642.960060][T16229] ubi0 error: ubi_add_to_av: two LEBs with same sequence number 1
[  642.981889][T16229] eraseblock attaching information dump:
[  642.987572][T16229] 	ec       1
[  642.990879][T16229] 	pnum     0
[  643.019842][T16229] 	lnum     0
[  643.031552][T16229] 	scrub    0
[  643.035768][T16229] 	sqnum    1
[  643.039618][T16229] Volume identifier header dump:
[  643.045103][T16229] 	magic     55424921
[  643.049300][T16229] 	version   1
[  643.082014][T16229] 	vol_type  1
[  643.096120][T16229] 	copy_flag 0
[  643.099553][T16229] 	compat    5
[  643.131872][T16229] 	vol_id    2147479551
[  643.142487][T16229] 	lnum      0
[  643.146395][T16229] 	data_size 0
[  643.161930][T16229] 	used_ebs  0
[  643.171637][T16229] 	data_pad  0
[  643.181940][T16229] 	sqnum     1
[  643.185370][T16229] 	hdr_crc   65b3bd2d
[  643.189551][T16229] Volume identifier header hexdump:
[  643.437291][T16229] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  643.962731][T16246] ==================================================================
[  643.962754][T16246] BUG: KASAN: vmalloc-out-of-bounds in sys_imageblit+0x19fb/0x1d60
[  643.962797][T16246] Write of size 8 at addr ffffc900036a9580 by task syz.4.2235/16246
[  643.962821][T16246] 
[  643.962838][T16246] CPU: 0 UID: 0 PID: 16246 Comm: syz.4.2235 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  643.962878][T16246] Tainted: [L]=SOFTLOCKUP
[  643.962887][T16246] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  643.962905][T16246] Call Trace:
[  643.962915][T16246]  <TASK>
[  643.962926][T16246]  dump_stack_lvl+0x100/0x190
[  643.962964][T16246]  print_report+0x156/0x4c9
[  643.963003][T16246]  ? __virt_addr_valid+0x81/0x620
[  643.963034][T16246]  ? sys_imageblit+0x19fb/0x1d60
[  643.963066][T16246]  kasan_report+0xdf/0x1a0
[  643.963096][T16246]  ? sys_imageblit+0x19fb/0x1d60
[  643.963139][T16246]  sys_imageblit+0x19fb/0x1d60
[  643.963177][T16246]  ? __pfx_sys_imageblit+0x10/0x10
[  643.963212][T16246]  ? prb_read_valid+0x78/0xa0
[  643.963241][T16246]  ? __pfx_prb_read_valid+0x10/0x10
[  643.963273][T16246]  drm_fbdev_shmem_defio_imageblit+0x20/0x130
[  643.963315][T16246]  soft_cursor+0x524/0xa10
[  643.963346][T16246]  ? fb_get_color_depth+0x120/0x250
[  643.963391][T16246]  bit_cursor+0xe58/0x16f0
[  643.963422][T16246]  ? __pfx_bit_cursor+0x10/0x10
[  643.963448][T16246]  ? __lock_acquire+0x4a5/0x2630
[  643.963479][T16246]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  643.963517][T16246]  ? get_color+0x1da/0x450
[  643.963555][T16246]  ? __pfx_bit_cursor+0x10/0x10
[  643.963581][T16246]  fbcon_cursor+0x43c/0x5e0
[  643.963620][T16246]  ? add_softcursor+0x220/0x290
[  643.963648][T16246]  set_cursor+0x1db/0x250
[  643.963672][T16246]  con_write+0x89/0xb0
[  643.963701][T16246]  n_tty_write+0x44f/0x12d0
[  643.963741][T16246]  ? __pfx_n_tty_write+0x10/0x10
[  643.963775][T16246]  ? __pfx_woken_wake_function+0x10/0x10
[  643.963809][T16246]  ? file_tty_write.isra.0+0x64e/0x890
[  643.963835][T16246]  ? file_tty_write.isra.0+0x694/0x890
[  643.963864][T16246]  ? __pfx_n_tty_write+0x10/0x10
[  643.963899][T16246]  file_tty_write.isra.0+0x4d2/0x890
[  643.963933][T16246]  redirected_tty_write+0xd4/0x120
[  643.963966][T16246]  vfs_write+0x6ac/0x1070
[  643.963997][T16246]  ? __pfx_redirected_tty_write+0x10/0x10
[  643.964032][T16246]  ? __pfx_vfs_write+0x10/0x10
[  643.964057][T16246]  ? find_held_lock+0x2b/0x80
[  643.964105][T16246]  ksys_write+0x12a/0x250
[  643.964137][T16246]  ? __pfx_ksys_write+0x10/0x10
[  643.964170][T16246]  do_syscall_64+0x106/0xf80
[  643.964211][T16246]  ? clear_bhb_loop+0x40/0x90
[  643.964243][T16246]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  643.964273][T16246] RIP: 0033:0x7f1b2479bf79
[  643.964296][T16246] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  643.964324][T16246] RSP: 002b:00007f1b256ab028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  643.964352][T16246] RAX: ffffffffffffffda RBX: 00007f1b24a16180 RCX: 00007f1b2479bf79
[  643.964373][T16246] RDX: 0000000000000dd4 RSI: 0000200000000840 RDI: 0000000000000008
[  643.964393][T16246] RBP: 00007f1b248327e0 R08: 0000000000000000 R09: 0000000000000000
[  643.964412][T16246] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  643.964430][T16246] R13: 00007f1b24a16218 R14: 00007f1b24a16180 R15: 00007fff6aec25b8
[  643.964460][T16246]  </TASK>
[  643.964471][T16246] 
[  643.964479][T16246] The buggy address belongs to a vmalloc virtual mapping
[  643.964504][T16246] Memory state around the buggy address:
[  643.964519][T16246]  ffffc900036a9480: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  643.964540][T16246]  ffffc900036a9500: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  643.964561][T16246] >ffffc900036a9580: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  643.964578][T16246]                    ^
[  643.964592][T16246]  ffffc900036a9600: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  643.964611][T16246]  ffffc900036a9680: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  643.964626][T16246] ==================================================================
[  643.979538][T16246] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  643.979566][T16246] CPU: 0 UID: 0 PID: 16246 Comm: syz.4.2235 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  643.979608][T16246] Tainted: [L]=SOFTLOCKUP
[  643.979619][T16246] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  643.979638][T16246] Call Trace:
[  643.979648][T16246]  <TASK>
[  643.979659][T16246]  dump_stack_lvl+0x100/0x190
[  643.979701][T16246]  vpanic+0x20d/0x630
[  643.979730][T16246]  panic+0xd1/0xd1
[  643.979756][T16246]  ? __pfx_panic+0x10/0x10
[  643.979784][T16246]  ? sys_imageblit+0x19fb/0x1d60
[  643.979819][T16246]  ? preempt_schedule_common+0x42/0xc0
[  643.979863][T16246]  ? check_panic_on_warn+0x1f/0x90
[  643.979898][T16246]  check_panic_on_warn.cold+0x19/0x34
[  643.979929][T16246]  end_report.part.0+0x3a/0x90
[  643.979969][T16246]  kasan_report.cold+0xe/0x18
[  643.980009][T16246]  ? sys_imageblit+0x19fb/0x1d60
[  643.980047][T16246]  sys_imageblit+0x19fb/0x1d60
[  643.980087][T16246]  ? __pfx_sys_imageblit+0x10/0x10
[  643.980123][T16246]  ? prb_read_valid+0x78/0xa0
[  643.980160][T16246]  ? __pfx_prb_read_valid+0x10/0x10
[  643.980192][T16246]  drm_fbdev_shmem_defio_imageblit+0x20/0x130
[  643.980229][T16246]  soft_cursor+0x524/0xa10
[  643.980260][T16246]  ? fb_get_color_depth+0x120/0x250
[  643.980305][T16246]  bit_cursor+0xe58/0x16f0
[  643.980337][T16246]  ? __pfx_bit_cursor+0x10/0x10
[  643.980364][T16246]  ? __lock_acquire+0x4a5/0x2630
[  643.980396][T16246]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  643.980435][T16246]  ? get_color+0x1da/0x450
[  643.980474][T16246]  ? __pfx_bit_cursor+0x10/0x10
[  643.980500][T16246]  fbcon_cursor+0x43c/0x5e0
[  643.980541][T16246]  ? add_softcursor+0x220/0x290
[  643.980570][T16246]  set_cursor+0x1db/0x250
[  643.980596][T16246]  con_write+0x89/0xb0
[  643.980627][T16246]  n_tty_write+0x44f/0x12d0
[  643.980673][T16246]  ? __pfx_n_tty_write+0x10/0x10
[  643.980713][T16246]  ? __pfx_woken_wake_function+0x10/0x10
[  643.980749][T16246]  ? file_tty_write.isra.0+0x64e/0x890
[  643.980781][T16246]  ? file_tty_write.isra.0+0x694/0x890
[  643.980815][T16246]  ? __pfx_n_tty_write+0x10/0x10
[  643.980854][T16246]  file_tty_write.isra.0+0x4d2/0x890
[  643.980890][T16246]  redirected_tty_write+0xd4/0x120
[  643.980924][T16246]  vfs_write+0x6ac/0x1070
[  643.980951][T16246]  ? __pfx_redirected_tty_write+0x10/0x10
[  643.980985][T16246]  ? __pfx_vfs_write+0x10/0x10
[  643.981010][T16246]  ? find_held_lock+0x2b/0x80
[  643.981058][T16246]  ksys_write+0x12a/0x250
[  643.981086][T16246]  ? __pfx_ksys_write+0x10/0x10
[  643.981118][T16246]  do_syscall_64+0x106/0xf80
[  643.981166][T16246]  ? clear_bhb_loop+0x40/0x90
[  643.981199][T16246]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  643.981228][T16246] RIP: 0033:0x7f1b2479bf79
[  643.981252][T16246] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  643.981280][T16246] RSP: 002b:00007f1b256ab028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  643.981309][T16246] RAX: ffffffffffffffda RBX: 00007f1b24a16180 RCX: 00007f1b2479bf79
[  643.981330][T16246] RDX: 0000000000000dd4 RSI: 0000200000000840 RDI: 0000000000000008
[  643.981349][T16246] RBP: 00007f1b248327e0 R08: 0000000000000000 R09: 0000000000000000
[  643.981369][T16246] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  643.981387][T16246] R13: 00007f1b24a16218 R14: 00007f1b24a16180 R15: 00007fff6aec25b8
[  643.981418][T16246]  </TASK>
[  643.981772][T16246] Kernel Offset: disabled