last executing test programs:

1m51.555340889s ago: executing program 0 (id=3532):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1e, 0x4, 0x0)
r0 = socket(0x1e, 0x4, 0x0)
r1 = socket(0x1e, 0x4, 0x0)
get_robust_list$auto(0x0, 0x0, 0x0)
setsockopt$auto(r1, 0x10f, 0x87, 0x0, 0x14)
setsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x14)
setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)
close_range$auto(0x2, 0x8, 0x0)

1m51.247826543s ago: executing program 0 (id=3536):
socket(0x200000000000011, 0x2, 0x0)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/radio18\x00', 0xf74932cf302485a, 0x0)
statmount$auto(0x0, 0x0, 0x1fe, 0x81)
ppoll$auto(&(0x7f0000000140)={0xffffffffffffffff, 0x3ff, 0x4}, 0x7f, 0x0, 0x0, 0x8)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000440)='/dev/ptyzf\x00', 0x2200, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(0xffffffffffffffff, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
write$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000200), 0x0)
capset$auto(&(0x7f0000000340)={0x19980330}, 0x0)

1m51.091510365s ago: executing program 0 (id=3538):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r0, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f0000004300)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\v'], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x810)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r0)
read$auto(r0, &(0x7f0000000100)='nl80211\x00', 0xbe62)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000000800030004020000060007000080000000000600010000000a0005000000000000000000b3fc010000000000000000000a0001000000000000000000060006000500000008000200", @ANYRES32=0x0, @ANYBLOB="080004000301"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40090)
socket(0x2, 0x3, 0x6)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

1m50.764875607s ago: executing program 0 (id=3540):
r0 = openat$auto_nst_seq_fops_netdebug(0xffffffffffffff9c, &(0x7f0000000180), 0x662080, 0x0)
r1 = ioctl$auto_TUNSETVNETBE2(0xffffffffffffffff, 0x400454de, &(0x7f0000000040)=0x4)
fcntl$auto_F_DUPFD_CLOEXEC(r0, 0x406, r1)
pipe$auto(0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000)
move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$auto_NLBL_UNLABEL_C_STATICADD(r3, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10010}, 0xc, &(0x7f00000000c0)={&(0x7f0000001500)=ANY=[], 0x1094}, 0x1, 0x0, 0x0, 0x4081}, 0xc000)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154)
execve$auto(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000100)=&(0x7f0000000300)='#\xdc\xfe\xd8E\xc8\x8bu4\xd9n\xcb\xca\xc7zw \x96\x9ejh\xad\x9eEc\xae\x1e\x89\x92\x9a\xbbP[B\xae\x9cf)\x15\xac\x90)l\x06\xf0\t\x12\x05zz\xa6\xb3\xce=\x00\x00\x00\xf20/\xc4T\x1f\xe5P\xff\xb4\xb7s0\x02\xc5\x81\x93\xc6\xc8\xb6Sp\x1a{8\xfc\xe0,X\xc7BU\xd0\x97\x7f1\x16\x99\x04\xabu/a0\x02\x7f\xbb\xbd\x906\xa8\xce\xee\xcd\xd7\t\x00\xfb\x83\xc8\x8aO\xe9\xbe=\xf7\xf4\x84,\x06\xd3j\x99b\xe6\xf6Y3A\xbb\xa4\xb2\f\x1b\xc3\x8a,g\xc6\xe8[\xdf\x88\x01\x9f7\xb5\x19m\xd8\xc0\f-6\xfe\xa8\xed/u\x81_G\xfeR\xbb\x12|\x97\xabB4J\xed+-\xf8u0/n\xcf\x8b\x95\x9d\xab\xa8\xc47\xa6\x0e\xdeOq\\\xc3\'{\b\xd3m\x94\xc2\xdd{\xeaO\x0e\xe4\xe0\xb9N:\xd60\x17,\x06\xc7B#Y0\x99\xeb\x02\xfe\xd3k\xd5\xdcZ\xdcP\x8e+\xd8\xc7C\xcb\x15\x13c\xbf\xe8\xbd\"\x8f3\"\x14\xf8(\xda\x19\xcd\xec\x03.\xd9^\xc3A\xda\r[\x1a\xda\\#/\xd4\xaf\xd0\xe8\xa2\xdd\xc5{\xfa\xe0\x90\x8f\x99lQ\xec\x84h^\x11+\x93\b\xe0c\xe6\xd22\xf9\xa5\x94\xd0\xf5\xe7\xca\x00\x00\x00\x00\x00\x00\x00\x00\x00')

1m50.532515205s ago: executing program 0 (id=3541):
r0 = socket(0xa, 0x5, 0x84)
mmap$auto(0x0, 0x400108, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
r1 = socket(0x2, 0x5, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0x2, 0x1, 0x84)
setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0x8)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311)
setsockopt$auto(r0, 0x10000000084, 0x23, 0x0, 0x8)

1m49.874325744s ago: executing program 0 (id=3549):
openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x180b01, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
read$auto_proc_single_file_operations_base(0xffffffffffffffff, &(0x7f00000000c0)=""/41, 0x11)
bind$auto(0xffffffffffffffff, &(0x7f0000000100)=@nl=@unspec, 0x0)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2)
write$auto(0x3, 0x0, 0xfffffdef)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000)
unshare$auto(0x40000080)
r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0xa0202, 0x0)
close_range$auto(0x2, 0x8, 0x0)
bpf$auto(0xfff, &(0x7f0000000040)=@bpf_attr_4={0x1, r0, 0x5, r0}, 0x800)

1m34.639166625s ago: executing program 32 (id=3549):
openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x180b01, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
read$auto_proc_single_file_operations_base(0xffffffffffffffff, &(0x7f00000000c0)=""/41, 0x11)
bind$auto(0xffffffffffffffff, &(0x7f0000000100)=@nl=@unspec, 0x0)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2)
write$auto(0x3, 0x0, 0xfffffdef)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000)
unshare$auto(0x40000080)
r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0xa0202, 0x0)
close_range$auto(0x2, 0x8, 0x0)
bpf$auto(0xfff, &(0x7f0000000040)=@bpf_attr_4={0x1, r0, 0x5, r0}, 0x800)

1m19.35913669s ago: executing program 4 (id=3663):
mbind$auto(0xfffffffffffff000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
open(&(0x7f0000000300)='./file0\x00', 0x7ffd, 0x12)
write$auto(0x3, 0x0, 0x100082)
clone$auto(0x7, 0x2000400000d, 0xfffffffffffffffc, 0x0, 0x3)
io_uring_setup$auto(0x6, 0x0)
madvise$auto(0x0, 0x200007, 0x19)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x29a02, 0x0)
r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/rds/tcp/rds_tcp_sndbuf\x00', 0x40001, 0x0)
write$auto(r0, 0x0, 0xfffffdef)

1m18.297369715s ago: executing program 4 (id=3674):
mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001)
socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
shutdown$auto(0x200000003, 0x0)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
sendmmsg$auto(0x3, &(0x7f00000000c0)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
write$auto(0x3, 0x0, 0xfffffdef)
ioctl$auto_MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, &(0x7f0000000100)={0x0, 0x2000004, 0x7})
rseq$auto(0x0, 0x7ffd, 0xfffffff4, 0x8)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)
ioctl$auto_FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS(0xffffffffffffffff, 0xc0406619, &(0x7f0000000040)={{0x1, 0x0, @identifier="aee4dc34f64778a8e9973fb44f60abd5"}, 0x3})

1m16.980421984s ago: executing program 4 (id=3680):
mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000)
r0 = socket(0xa, 0x2, 0x0)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = open(0x0, 0x22240, 0x155)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x155)
socket(0x2, 0x3, 0xa)
connect$auto(0x3, &(0x7f0000000240)=@in={0x2, 0x4e22}, 0x55)
r2 = open(0x0, 0xc162, 0x0)
ftruncate$auto(r2, 0xdaaf)
sendfile$auto(r0, r1, 0x0, 0x10000007fffeffa)

1m16.721028077s ago: executing program 4 (id=3684):
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/pci0000:00/0000:00:03.0/resource0\x00', 0x103000, 0x0)
mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000)
io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0x8901, 0x0)
ioctl$auto(r0, 0x5522, r0)
ioctl$auto(r0, 0x5523, r0)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/fail-nth\x00', 0x902, 0x0)
writev$auto(r1, 0x0, 0x3)
r2 = openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, 0x0, 0x101041, 0x0)
write$auto(r2, 0x0, 0x5)
getrandom$auto(0x0, 0x6000000, 0x3)

1m16.114977758s ago: executing program 4 (id=3687):
socket(0x2, 0x1, 0x0)
socket(0x1e, 0x1, 0x0)
socket(0x10, 0x2, 0x0)
r0 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYBLOB='^\x00', @ANYRES32, @ANYRES32, @ANYRES64, @ANYRES32], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40)
socket(0x1d, 0x2, 0x6)
recvmmsg$auto(r0, &(0x7f0000000180)={{0x0, 0x10001, &(0x7f0000000080)={&(0x7f0000000040), 0x200}, 0x4, 0x0, 0x8, 0x7}, 0x7}, 0x5, 0x66a6, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r2=>0x0})
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
bpf$auto(0x0, &(0x7f0000000040)=@bpf_attr_5={@target_ifindex=r2, r1, 0x99, 0x8, 0x1, @relative_id=0x8, 0x5}, 0x92)
bpf$auto(0x2, 0x0, 0x101)

1m15.806892709s ago: executing program 4 (id=3690):
mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, 0xfffefffffffffffa, 0x8000)
unshare$auto(0x40000080)
io_uring_setup$auto(0x6, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
read$auto(r0, 0x0, 0x20)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f00000000c0), r2)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001440)={0x18, r3, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@HWSIM_ATTR_REG_STRICT_REG={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800)

1m0.386969606s ago: executing program 33 (id=3690):
mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, 0xfffefffffffffffa, 0x8000)
unshare$auto(0x40000080)
io_uring_setup$auto(0x6, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
read$auto(r0, 0x0, 0x20)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f00000000c0), r2)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001440)={0x18, r3, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@HWSIM_ATTR_REG_STRICT_REG={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800)

40.360008569s ago: executing program 2 (id=3782):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0\x00'})
close_range$auto(0x0, 0xffffffffffffffff, 0x2)
socket(0xa, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0x18, 0x5, 0x1)
connect$auto(r1, &(0x7f0000000000)=@in={0x2, 0x100}, 0x3a)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x80047437, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sysfs$auto(0x2, 0x3b, 0x0)
fsopen$auto(0x0, 0x1)
close_range$auto(0x2, 0x8, 0x0)

40.0059686s ago: executing program 2 (id=3784):
mmap$auto(0x0, 0x9, 0xdf, 0x9b72, 0x0, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
socket$nl_generic(0x10, 0x3, 0x10)
pidfd_open$auto(0x1, 0x0)
socket(0x2, 0x3, 0x100)
bpf$auto(0x2, &(0x7f00000001c0)=@batch={0x8000000000008, 0x80000001, 0x20000000010008, 0xffffffffffffc32b, 0xa6d5, 0xffffffffffffffff, 0x7, 0x6}, 0x106)
sendmsg$auto_NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="d8010000", @ANYRES16, @ANYBLOB="01002dbd7000fcdbdf25010000000c0002000500000000000000c5000700c1007cf7c27c120e3984130834a73f9221887ac28e443c4a1a7da8d2ddcf2890cce5822826764f3f410e53f43f300d2e04700395778e7935c99f6a38f6f3e56e7d8a18d15791b3b4f9378d743a8f0cbbe1c604a782030626ead26826f4790233f19c29fbaf1da77e1b84522d05ca0f4237b24aead87b47d41805fa9967d02ad2deba1895652b8d630c30213ed8f72c1066f1bb9fb1b242d08a55d32398d8d3c635008f2c61049c8abf600a98d1d2d0b0027aecaf27d20b6ff4129883e111e1c858000000dc00090069fccb38f57447a8af8c40a03b92af7adc0c48af4308483b99aa587ed8711b4a79a383c263698842365af6807d1be1800fd492770983a6df345fb472e9fa41b667af43bc36d7063b6b93ab7661925e8d71452acd95b788c31a32ae903b96b9ed9a5e3542c625105e8f21a5b41ff3d17f8704581f4b8b75ae741d0fba8cab2e187c93eeea89f6cf6ab7cc496e0bd9759cc0b408bbe0c6eae2aa29c2d97d48a55fc0ff937c90173d61cf652f97cb301e4d7e3bac0026732e22eadd3a6c5ffa4faed6855a86814c920a650a61936305d2713db1c92a238e265c080001007f0e00000c0002"], 0x1d8}, 0x1, 0x0, 0x0, 0x40080}, 0x20040000)
sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01"], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x8000)
r0 = socket(0x10, 0x2, 0x4)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000011c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x4004)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

39.727240766s ago: executing program 2 (id=3787):
mmap$auto(0x0, 0x9, 0x2, 0x40eb2, 0x401, 0x300000000000)
r0 = socket(0x2, 0x801, 0x106)
io_uring_setup$auto(0x6, 0x0)
getsockopt$auto(r0, 0x11c, 0x1, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
fanotify_init$auto(0x65, 0x2)
socket(0x1d, 0x2, 0x2)
connect$auto(0x3, 0x0, 0x55)
socket(0x10, 0x3, 0x6)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
write$auto(0x3, 0x0, 0x5c8)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc8}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x1f00)

39.302129102s ago: executing program 2 (id=3789):
mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xffffffffffffffff, 0x8000)
madvise$auto_MADV_HUGEPAGE(0x0, 0x80000001, 0xe)
prctl$auto_PR_GET_TID_ADDRESS(0x28, 0x9, 0x0, 0x5, 0x8)
madvise$auto_MADV_HUGEPAGE(0x0, 0xdc28, 0xe)
fcntl$auto(0xffffffffffffffff, 0x4400, 0x0)
socket(0x2, 0x2, 0x1)
socket(0x2, 0x1, 0x106)
openat$auto_rfkill_fops_core(0xffffffffffffff9c, 0x0, 0x183440, 0x0)
ioctl$auto_USB_RAW_IOCTL_CONFIGURE(0xffffffffffffffff, 0x5509, 0x0)
unshare$auto(0x40000080)
syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000000), 0xffffffffffffffff)
select$auto(0x0, 0x0, 0x0, &(0x7f00000001c0)={[0x1fb, 0x7, 0x80000001, 0x1, 0x9, 0x4460, 0x15f4da0c, 0x8000000000000001, 0x3, 0x300000000000000, 0x80000003, 0x4, 0x0, 0x9, 0x6]}, 0x0)

38.146061699s ago: executing program 2 (id=3794):
r0 = socket(0xa, 0x3, 0x87)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_TIPC_NL_PEER_REMOVE(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x14, 0x0, 0x4, 0x70bd27, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x48891}, 0x20)
setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9)
syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), r1)
syz_genetlink_get_family_id$auto_nl80211(0x0, r1)
mq_notify$auto(0x5cf5, &(0x7f00000006c0)={@sival_ptr=0x0, @inferred, 0x2, @_sigev_thread={0x0, 0x0}})
socket(0xa, 0x801, 0x106)
setsockopt$auto(0x4, 0x29, 0x1a, 0x0, 0x200577)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), r0)

37.066753005s ago: executing program 2 (id=3802):
r0 = socket(0x18, 0x5, 0x1)
fdatasync$auto(r0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r1 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000040), 0x2002, 0x0)
capget$auto(&(0x7f0000000240)={0xff, 0xffffffffffffffff}, &(0x7f0000000280)={0x80, 0xe3c, 0x5})
setsockopt$auto_SO_BSDCOMPAT(r0, 0x2, 0xe, &(0x7f0000000080)='/dev/net/tun\x00', 0xfffffff6)
ioctl$auto(r1, 0x400454da, 0x38)
unshare$auto(0x40000080)
mmap$auto(0x800000, 0x8, 0x0, 0x40eb2, 0x401, 0x300000000000)
munmap$auto(0x0, 0xffffffff)
ioprio_set$auto(0x1, 0x0, 0x0)
ioprio_get$auto(0x2000000002, 0x0)

21.920154776s ago: executing program 34 (id=3802):
r0 = socket(0x18, 0x5, 0x1)
fdatasync$auto(r0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r1 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000040), 0x2002, 0x0)
capget$auto(&(0x7f0000000240)={0xff, 0xffffffffffffffff}, &(0x7f0000000280)={0x80, 0xe3c, 0x5})
setsockopt$auto_SO_BSDCOMPAT(r0, 0x2, 0xe, &(0x7f0000000080)='/dev/net/tun\x00', 0xfffffff6)
ioctl$auto(r1, 0x400454da, 0x38)
unshare$auto(0x40000080)
mmap$auto(0x800000, 0x8, 0x0, 0x40eb2, 0x401, 0x300000000000)
munmap$auto(0x0, 0xffffffff)
ioprio_set$auto(0x1, 0x0, 0x0)
ioprio_get$auto(0x2000000002, 0x0)

7.087100763s ago: executing program 1 (id=3922):
mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
read$auto(r0, 0x0, 0x20)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3)
r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x8080, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc4c85513, 0x0)
openat$auto_regulator_summary_fops_(0xffffffffffffff9c, 0x0, 0x40000, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
remap_file_pages$auto(0x4, 0x200000000000002, 0x0, 0x58, 0x5)
io_uring_setup$auto(0x6, 0x0)
mknod$auto(0x0, 0x402, 0x7fffffff)
mremap$auto(0x110c231000, 0x4, 0x4, 0x7, 0x100000000)

6.552730692s ago: executing program 1 (id=3924):
mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000)
r0 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
socket(0x2, 0x3, 0xa)
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/ip6_tables_targets\x00', 0x608100, 0x0)
r1 = openat$auto_sco_debugfs_fops_(0xffffffffffffff9c, 0x0, 0x242, 0x0)
read$auto_sco_debugfs_fops_(r1, 0x0, 0x0)
r2 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0)
ioctl$auto_SNDRV_TIMER_IOCTL_TREAD64(r2, 0x400454a4, &(0x7f0000000100))
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
pread64$auto(r0, &(0x7f0000000200)='/proc/self/net/ip6_tables_targets\x00', 0x34b, 0x10000)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)

6.139007359s ago: executing program 6 (id=3931):
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
socket(0xa, 0x1, 0x84)
r0 = open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r2=>0x0})
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
fanotify_init$auto(0x5, 0x2000000000002)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x26, 0x80805, 0x0)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
pidfd_getfd$auto(0x3, 0x1, 0x100000000)
bpf$auto(0x0, &(0x7f0000000040)=@bpf_attr_5={@target_ifindex=r2, r1, 0x99, 0x8, 0x1, @relative_id=0x8, 0x5}, 0x92)
bpf$auto(0x1, &(0x7f00000001c0)=@raw_tracepoint={0x5, r0, 0x0, 0x6}, 0xc)

5.871092451s ago: executing program 6 (id=3932):
socket(0xa, 0x2, 0x88)
openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcsa\x00', 0x2a801, 0x0)
mmap$auto(0x0, 0x4, 0xffffffffffffffff, 0x400eb1, 0xfffffffffffffffa, 0x8000)
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/fs/ext4/sda1/mb_stats\x00', 0x88000, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x0, 0x0)
openat$auto_nsim_psample_enable_fops_psample(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim0/psample/enable\x00', 0x2, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/virtual/block/loop10/queue/add_random\x00', 0x80302, 0x0)
r0 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(r0, 0xffffffffffffffff, 0x0)
r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/video0\x00', 0xa200, 0x0)
ioctl$auto(r1, 0xc0585611, r1)

5.545243408s ago: executing program 1 (id=3935):
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x787b, 0x7000000)
sched_get_priority_min$auto(0x40)
openat$auto_proc_projid_map_operations_base(0xffffffffffffff9c, 0x0, 0x981082, 0x0)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
close_range$auto(0x2, 0x8, 0x0)
fstatfs$auto(0x3, 0xfffffffffffffffd)
r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
write$auto_console_fops_tty_io(r0, &(0x7f0000000440)="671d2647dd69b6440843b6e6688a2b5ad9df2669e6f9cd2365", 0xfdef)

5.439920544s ago: executing program 6 (id=3936):
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
writev$auto(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x40}, 0x8)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0x2003f0, 0x15)
mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000)
getpid()
mincore$auto(0x1000, 0x8001, 0x0)
r1 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0)
read$auto(r1, 0x0, 0xb4d3)
write$auto(0x3, 0x0, 0xffd8)

3.671953578s ago: executing program 6 (id=3939):
mmap$auto(0x0, 0x2020009, 0xc, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004)
eventfd2$auto(0xff, 0xa99)
r0 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0)
r1 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/personality\x00', 0x40, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x3, 0x7)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0x2003f0, 0x15)
splice$auto(0x6, 0xfffffffffffffffd, 0x5, 0xfffffffffffffffc, 0x526, 0x7)
landlock_add_rule$auto(0xffffffffffffffff, 0x6, 0x0, 0x8)
pread64$auto(r1, &(0x7f0000001800)='#\\h,\x00', 0x3, 0x8)
ioctl$auto_PAGEMAP_SCAN(r0, 0xc0606610, &(0x7f0000000100)={0x60, 0x0, 0x100000, 0x7fffffffefff, 0xfffffffffffffffe, 0x1, 0x6, 0x50b301a, 0x0, 0x2, 0x0, 0x2})

3.671244045s ago: executing program 1 (id=3948):
r0 = socket(0x10, 0x2, 0x0)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_WOL_SET(r0, 0x0, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0xa0202, 0x0)
mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
lstat$auto(0x0, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
eventfd2$auto(0xa0, 0x0)

3.670749804s ago: executing program 5 (id=3940):
mmap$auto(0x0, 0x400, 0xdf, 0xeb1, 0x1272, 0x8000)
sysfs$auto(0x2, 0x1f, 0x0)
lsm_list_modules$auto(0x0, 0x0, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0x2, 0x801, 0x106)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket(0x10, 0x80002, 0x0)
close_range$auto(0x2, 0x8000, 0x0)
modify_ldt$auto(0x2, 0x0, 0x80)
timerfd_create$auto(0x9, 0x0)
timerfd_settime$auto(r0, 0x3, 0x0, 0x0)
modify_ldt$auto(0x1, 0x0, 0x10)
modify_ldt$auto(0x807ff0000000000, 0x0, 0x40100000000aa)

3.508152387s ago: executing program 5 (id=3942):
r0 = socket(0x2, 0x2, 0x0)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
sendmsg$auto_NL802154_CMD_NEW_SEC_LEVEL(r0, 0x0, 0x4)
lsm_list_modules$auto(0x0, 0x0, 0x0)
mmap$auto(0x0, 0xe983, 0x3, 0xeb1, r0, 0x8000)
pwrite64$auto(0xc8, 0x0, 0x10, 0x6)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
fallocate$auto(r0, 0x9, 0x0, 0x40)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
syz_genetlink_get_family_id$auto_ovs_packet(0x0, 0xffffffffffffffff)
prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0)
prctl$auto(0x43, 0x0, 0x0, 0x0, 0x0)

3.049166118s ago: executing program 3 (id=3944):
io_uring_setup$auto(0x6, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
read$auto(r0, 0x0, 0x20)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f00000000c0), r2)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001480), r4)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_SET(r4, 0x0, 0x0)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001440)={0x14, r3, 0x1, 0x70bd29, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800)

2.994798974s ago: executing program 5 (id=3945):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = socket(0x10, 0x2, 0x0)
sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="0700000000000000df250a"], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a00"], 0x1ac}}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
recvmmsg$auto(r0, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0d566b3dd008e4edd9650200000000000008"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0x200000c4)
sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="010600bd7000fbdbdf250a"], 0x1c}, 0x1, 0x0, 0x0, 0x20040004}, 0x20008810)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="18"], 0x1ac}}, 0x40000)
r1 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r1, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x2, 0x0, 0x6, 0x1}, 0x5}, 0x3, 0x0)

2.408562114s ago: executing program 6 (id=3946):
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x2, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x2, 0x1, 0x0)
socket(0x2, 0x5, 0x0)
sysfs$auto(0x2, 0x0, 0x0)
r0 = epoll_create$auto(0x7)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
epoll_ctl$auto(0x5, 0x1, r1, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
epoll_ctl$auto(0x5, 0x3, r1, 0x0)
epoll_wait$auto(r0, 0x0, 0xe007, 0x1)

2.282778833s ago: executing program 5 (id=3947):
openat2$dir(0xffffffffffffff9c, 0x0, &(0x7f0000000000)={0x408c2, 0x3f47a4eada317936, 0x8}, 0x18)
pselect6$auto(0xe6d8, &(0x7f0000000000)={[0x77d8, 0x7f, 0x10001, 0x7ff, 0x0, 0x6, 0x9, 0x5, 0x8001, 0xa4, 0x8, 0x8001, 0x8, 0xffffffffffffffff, 0x2, 0x200000000b5]}, 0x0, 0x0, 0x0, 0x0)
keyctl$auto(0x4, 0xfffffffe, 0xffffffffffffffff, 0x0, 0xe)
keyctl$auto(0xe, 0x2, 0x76f, 0x9, 0xf13)
openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, 0x0, 0x109041, 0x0)
mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000)
io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
ioctl$auto_TIOCSTI2(r0, 0x545c, 0x0)

2.162871376s ago: executing program 3 (id=3949):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
socket(0xa, 0x2, 0x3a)
socket(0x11, 0x80003, 0x300)
socket(0x10, 0x2, 0x0)
socket(0x2, 0x3, 0x2)
socket(0x2, 0x3, 0x104)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000004000)='/dev/audio\x00', 0x102, 0x0)
socketpair$auto(0x3, 0x5, 0x7, 0x0)
setsockopt$auto(0x3, 0x0, 0xf, 0x0, 0xb)
bind$auto(0x3, 0x0, 0x6b)

1.942295768s ago: executing program 3 (id=3950):
ioctl$auto(0x3, 0x400454ca, 0x38)
io_uring_setup$auto(0x33, 0x0)
readv$auto(0x3, 0x0, 0x1)
mmap$auto(0x0, 0xc, 0x0, 0x44eb2, 0x10006, 0x300000000000)
semctl$auto_IPC_INFO(0xffc9, 0xfffff801, 0x3, 0xfffffffffffffffa)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x5bc3015b2b547776, 0x0)
read$auto(0x3, 0x0, 0x80)
fsconfig$auto_SHMEM_HUGE_WITHIN_SIZE(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x2)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x100, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r0, 0x0, 0x0)
r1 = socket(0x2, 0x3, 0xa)
getsockopt$auto(r1, 0x0, 0x30, 0x0, &(0x7f0000000040)=0x2)

1.588479986s ago: executing program 1 (id=3951):
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
writev$auto(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x40}, 0x8)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0x2003f0, 0x15)
mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000)
getpid()
mincore$auto(0x1000, 0x8001, 0x0)
r1 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0)
read$auto(r1, 0x0, 0xb4d3)
write$auto(0x3, 0x0, 0xffd8)

1.588309438s ago: executing program 6 (id=3952):
sendmsg$auto_TIPC_NL_MON_PEER_GET(0xffffffffffffffff, 0x0, 0x4c848)
sendmsg$auto_NET_SHAPER_CMD_GROUP(0xffffffffffffffff, 0x0, 0x14)
openat$auto_tracing_iter_fops_trace(0xffffffffffffff9c, 0x0, 0x2, 0x0)
pipe$auto(0x0)
futimesat$auto(0xffffffffffffffff, 0x0, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
unshare$auto(0x40000080)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r0 = socket(0x2b, 0x1, 0x1)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
ioctl$auto(r0, 0x8941, 0x4)

1.588187768s ago: executing program 3 (id=3953):
socket(0x15, 0x5, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000)
io_uring_setup$auto(0x6, 0x0)
io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0x8901, 0x0)
openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000003b80)='/dev/snd/pcmC0D0c\x00', 0x8100, 0x0)
r0 = open(0x0, 0x261c2, 0x84)
close_range$auto(0x2, 0x8, 0x0)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptyd9\x00', 0x0, 0x0)
ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0)
read$auto_ptdump_curusr_fops_(r0, 0x0, 0x0)

1.141912754s ago: executing program 5 (id=3954):
getsockopt$auto_SO_TIMESTAMPNS_NEW(0xffffffffffffffff, 0x8, 0x40, 0x0, 0x0)
mmap$auto(0x3, 0x40000b, 0xdf, 0x9b72, 0x2, 0x2)
r0 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$auto_USB_RAW_IOCTL_INIT(r0, 0x41015500, 0x0)
ppoll$auto(0x0, 0xd6, 0x0, 0x0, 0x8)
ioctl$auto_USB_RAW_IOCTL_RUN(r0, 0x5501, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
socket(0x18, 0xa, 0x1)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x802, 0x0)
ioctl$auto(0x3, 0x80045500, 0x38)
r1 = openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000400), 0x80001, 0x0)
ioctl$auto(r1, 0x3b8a, 0x38)

952.080607ms ago: executing program 5 (id=3955):
mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xffffffffffffffff, 0x8000)
madvise$auto_MADV_HUGEPAGE(0x0, 0x80000001, 0xe)
prctl$auto_PR_GET_TID_ADDRESS(0x28, 0x9, 0x0, 0x5, 0x8)
madvise$auto_MADV_HUGEPAGE(0x0, 0xdc28, 0xe)
fcntl$auto(0xffffffffffffffff, 0x4400, 0x0)
socket(0x2, 0x2, 0x1)
socket(0x2, 0x1, 0x106)
openat$auto_rfkill_fops_core(0xffffffffffffff9c, 0x0, 0x183440, 0x0)
ioctl$auto_USB_RAW_IOCTL_CONFIGURE(0xffffffffffffffff, 0x5509, 0x0)
unshare$auto(0x40000080)
syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000000), 0xffffffffffffffff)
select$auto(0x0, 0x0, 0x0, &(0x7f00000001c0)={[0x1fb, 0x7, 0x80000001, 0x1, 0x9, 0x4460, 0x15f4da0c, 0x8000000000000001, 0x3, 0x300000000000000, 0x80000003, 0x4, 0x0, 0x9, 0x6]}, 0x0)

628.110164ms ago: executing program 3 (id=3956):
mmap$auto(0x0, 0x88b, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000500)='/sys/devices/virtual/block/ram12/queue/read_ahead_kb\x00', 0x80000, 0x0)
read$auto(r0, 0x0, 0x20)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0xa, 0x801, 0x84)
iopl$auto(0x2)
mknod$auto(&(0x7f0000000180)=':,\x00', 0xcb, 0xfffffffa)
execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
symlinkat$auto(&(0x7f0000000000)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00')
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)

332.095215ms ago: executing program 1 (id=3957):
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
read$auto(r0, 0x0, 0x20)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3fd, 0x8000)
r2 = getpgid(0x0)
r3 = getpid()
process_vm_readv$auto(r3, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={0x0, 0xffffffff}, 0x6, 0x0)
kcmp$auto_KCMP_FILE(r2, r3, 0x0, r1, r1)
memfd_create$auto(0x0, 0xe)
socket(0x1d, 0x2, 0x7)
openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/usb/usbmon/36u\x00', 0x0, 0x0)

0s ago: executing program 3 (id=3958):
mmap$auto(0x0, 0x20009, 0x4000000000db, 0xeb1, 0x400, 0x8000)
rt_sigaction$auto(0x11, &(0x7f0000000040)={0x0, 0x100000001, 0x0, {0x7}}, 0x0, 0x8)
fanotify_init$auto(0x200, 0x1)
open(0x0, 0x4140, 0x0)
socketpair$auto(0x1e, 0x5, 0x200000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x55)
socket(0x2, 0x3, 0xa)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8)
connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55)
recvmmsg$auto(0xffffffffffffffff, &(0x7f0000000100)={{0x0, 0xbb, 0x0, 0x8, &(0x7f0000000040), 0x81, 0x9}, 0xfffffffb}, 0x5, 0x6586, 0x0)
sendmsg$auto_NL802154_CMD_DEL_INTERFACE(0xffffffffffffffff, &(0x7f0000000000)={&(0x7f0000000040), 0xc, 0x0, 0x1, 0x0, 0x0, 0x20050001}, 0x80)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

kernel console output (not intermixed with test programs):

2][T15611]  _copy_from_iter+0x383/0x16f0
[  628.726321][T15611]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  628.726373][T15611]  ? __pfx__copy_from_iter+0x10/0x10
[  628.726411][T15611]  ? alloc_pages_mpol+0x25a/0x550
[  628.726465][T15611]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  628.726524][T15611]  copy_page_from_iter+0xde/0x180
[  628.726574][T15611]  anon_pipe_write+0xbe7/0x1a70
[  628.726638][T15611]  ? __pfx_anon_pipe_write+0x10/0x10
[  628.726689][T15611]  ? __pfx_autoremove_wake_function+0x10/0x10
[  628.726750][T15611]  ? bpf_lsm_file_permission+0x9/0x10
[  628.726805][T15611]  ? security_file_permission+0x71/0x210
[  628.726857][T15611]  ? rw_verify_area+0xcf/0x680
[  628.726898][T15611]  vfs_write+0x6c7/0x1150
[  628.726941][T15611]  ? __pfx_anon_pipe_write+0x10/0x10
[  628.726992][T15611]  ? __pfx_vfs_write+0x10/0x10
[  628.727032][T15611]  ? find_held_lock+0x2b/0x80
[  628.727108][T15611]  ksys_write+0x1f8/0x250
[  628.727150][T15611]  ? __pfx_ksys_write+0x10/0x10
[  628.727207][T15611]  do_syscall_64+0xcd/0x490
[  628.727258][T15611]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  628.727294][T15611] RIP: 0033:0x7fd78b18e969
[  628.727321][T15611] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  628.727356][T15611] RSP: 002b:00007fd78bfd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  628.727390][T15611] RAX: ffffffffffffffda RBX: 00007fd78b3b5fa0 RCX: 00007fd78b18e969
[  628.727412][T15611] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 0000000000000001
[  628.727434][T15611] RBP: 00007fd78b210ab1 R08: 0000000000000000 R09: 0000000000000000
[  628.727456][T15611] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  628.727477][T15611] R13: 0000000000000000 R14: 00007fd78b3b5fa0 R15: 00007ffcab600f28
[  628.727524][T15611]  </TASK>
[  629.480419][T15625] netlink: 25 bytes leftover after parsing attributes in process `syz.1.3468'.
[  630.370634][T15643] FAULT_INJECTION: forcing a failure.
[  630.370634][T15643] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  630.424985][T15643] CPU: 1 UID: 0 PID: 15643 Comm: syz.2.3472 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  630.425035][T15643] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  630.425057][T15643] Call Trace:
[  630.425068][T15643]  <TASK>
[  630.425082][T15643]  dump_stack_lvl+0x16c/0x1f0
[  630.425144][T15643]  should_fail_ex+0x512/0x640
[  630.425206][T15643]  should_fail_alloc_page+0xe7/0x130
[  630.425261][T15643]  prepare_alloc_pages+0x3c2/0x610
[  630.425296][T15643]  ? rcu_is_watching+0x12/0xc0
[  630.425351][T15643]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  630.425404][T15643]  ? rcu_is_watching+0x12/0xc0
[  630.425454][T15643]  ? trace_mm_page_alloc+0x11f/0x1a0
[  630.425507][T15643]  ? __alloc_frozen_pages_noprof+0x294/0x23f0
[  630.425554][T15643]  ? __pfx_stack_trace_save+0x10/0x10
[  630.425605][T15643]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  630.425663][T15643]  ? alloc_vmap_area+0x645/0x29c0
[  630.425715][T15643]  ? __vmalloc_node_range_noprof+0x271/0x14b0
[  630.425752][T15643]  ? __do_sys_listmount+0x1c2/0xec0
[  630.425785][T15643]  ? do_syscall_64+0xcd/0x490
[  630.425829][T15643]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  630.425882][T15643]  alloc_pages_bulk_noprof+0x71c/0x1410
[  630.425927][T15643]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  630.425973][T15643]  ? policy_nodemask+0xea/0x4e0
[  630.426027][T15643]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  630.426074][T15643]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  630.426142][T15643]  kasan_populate_vmalloc+0xf1/0x1f0
[  630.426194][T15643]  alloc_vmap_area+0x959/0x29c0
[  630.426265][T15643]  ? __pfx_alloc_vmap_area+0x10/0x10
[  630.426330][T15643]  __get_vm_area_node+0x1ca/0x330
[  630.426372][T15643]  __vmalloc_node_range_noprof+0x271/0x14b0
[  630.426412][T15643]  ? __do_sys_listmount+0x1c2/0xec0
[  630.426459][T15643]  ? __lock_acquire+0xb8a/0x1c90
[  630.426493][T15643]  ? __do_sys_listmount+0x1c2/0xec0
[  630.426539][T15643]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  630.426578][T15643]  ? __alloc_pages_noprof+0xb/0x1b0
[  630.426620][T15643]  ? ___kmalloc_large_node+0x84/0x1e0
[  630.426650][T15643]  ? find_held_lock+0x2b/0x80
[  630.426704][T15643]  __kvmalloc_node_noprof+0x308/0x620
[  630.426747][T15643]  ? __do_sys_listmount+0x1c2/0xec0
[  630.426784][T15643]  ? __do_sys_listmount+0x1c2/0xec0
[  630.426827][T15643]  ? __do_sys_listmount+0x1c2/0xec0
[  630.426860][T15643]  __do_sys_listmount+0x1c2/0xec0
[  630.426906][T15643]  ? __x64_sys_futex+0x1e0/0x4c0
[  630.426938][T15643]  ? __x64_sys_futex+0x1e9/0x4c0
[  630.426972][T15643]  ? __pfx___do_sys_listmount+0x10/0x10
[  630.427009][T15643]  ? __pfx___x64_sys_futex+0x10/0x10
[  630.427058][T15643]  do_syscall_64+0xcd/0x490
[  630.427106][T15643]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  630.427147][T15643] RIP: 0033:0x7fdf2e58e969
[  630.427175][T15643] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  630.427210][T15643] RSP: 002b:00007fdf2c3d5038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca
[  630.427243][T15643] RAX: ffffffffffffffda RBX: 00007fdf2e7b6080 RCX: 00007fdf2e58e969
[  630.427266][T15643] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100
[  630.427289][T15643] RBP: 00007fdf2e610ab1 R08: 0000000000000000 R09: 0000000000000000
[  630.427310][T15643] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  630.427332][T15643] R13: 0000000000000000 R14: 00007fdf2e7b6080 R15: 00007ffc38fbf428
[  630.427376][T15643]  </TASK>
[  630.428797][T15643] warn_alloc: 1 callbacks suppressed
[  630.428817][T15643] syz.2.3472: vmalloc error: size 8000000, vm_struct allocation failed, mode:0x400cc0(GFP_KERNEL_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1
[  630.975164][T15643] CPU: 0 UID: 0 PID: 15643 Comm: syz.2.3472 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  630.975214][T15643] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  630.975236][T15643] Call Trace:
[  630.975249][T15643]  <TASK>
[  630.975262][T15643]  dump_stack_lvl+0x16c/0x1f0
[  630.975317][T15643]  warn_alloc+0x248/0x3a0
[  630.975366][T15643]  ? __pfx_warn_alloc+0x10/0x10
[  630.975415][T15643]  ? kfree+0x2b4/0x4d0
[  630.975460][T15643]  ? __get_vm_area_node+0x208/0x330
[  630.975503][T15643]  __vmalloc_node_range_noprof+0xb2d/0x14b0
[  630.975553][T15643]  ? __lock_acquire+0xb8a/0x1c90
[  630.975589][T15643]  ? __do_sys_listmount+0x1c2/0xec0
[  630.975636][T15643]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  630.975676][T15643]  ? __alloc_pages_noprof+0xb/0x1b0
[  630.975720][T15643]  ? ___kmalloc_large_node+0x84/0x1e0
[  630.975756][T15643]  ? find_held_lock+0x2b/0x80
[  630.975813][T15643]  __kvmalloc_node_noprof+0x308/0x620
[  630.975856][T15643]  ? __do_sys_listmount+0x1c2/0xec0
[  630.975893][T15643]  ? __do_sys_listmount+0x1c2/0xec0
[  630.975938][T15643]  ? __do_sys_listmount+0x1c2/0xec0
[  630.975971][T15643]  __do_sys_listmount+0x1c2/0xec0
[  630.976016][T15643]  ? __x64_sys_futex+0x1e0/0x4c0
[  630.976048][T15643]  ? __x64_sys_futex+0x1e9/0x4c0
[  630.976102][T15643]  ? __pfx___do_sys_listmount+0x10/0x10
[  630.976148][T15643]  ? __pfx___x64_sys_futex+0x10/0x10
[  630.976200][T15643]  do_syscall_64+0xcd/0x490
[  630.976251][T15643]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  630.976286][T15643] RIP: 0033:0x7fdf2e58e969
[  630.976314][T15643] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  630.976349][T15643] RSP: 002b:00007fdf2c3d5038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca
[  630.976383][T15643] RAX: ffffffffffffffda RBX: 00007fdf2e7b6080 RCX: 00007fdf2e58e969
[  630.976407][T15643] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100
[  630.976429][T15643] RBP: 00007fdf2e610ab1 R08: 0000000000000000 R09: 0000000000000000
[  630.976452][T15643] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  630.976473][T15643] R13: 0000000000000000 R14: 00007fdf2e7b6080 R15: 00007ffc38fbf428
[  630.976518][T15643]  </TASK>
[  630.976640][T15643] Mem-Info:
[  631.255079][T15643] active_anon:133486 inactive_anon:3 isolated_anon:0
[  631.255079][T15643]  active_file:17253 inactive_file:42414 isolated_file:0
[  631.255079][T15643]  unevictable:768 dirty:742 writeback:0
[  631.255079][T15643]  slab_reclaimable:11580 slab_unreclaimable:107965
[  631.255079][T15643]  mapped:30201 shmem:121551 pagetables:1199
[  631.255079][T15643]  sec_pagetables:0 bounce:0
[  631.255079][T15643]  kernel_misc_reclaimable:0
[  631.255079][T15643]  free:1163415 free_pcp:29184 free_cma:0
[  631.397984][T15643] Node 0 active_anon:537544kB inactive_anon:12kB active_file:63508kB inactive_file:169392kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:123504kB dirty:2964kB writeback:0kB shmem:486464kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11396kB pagetables:4748kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  631.407700][T15657] random: crng reseeded on system resumption
[  631.497649][T15643] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:136kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:3040kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:148kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  631.551743][T15643] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  631.605473][T15643] lowmem_reserve[]: 0 2481 2483 2483 2483
[  631.612487][T15643] Node 0 DMA32 free:747800kB boost:0kB min:34092kB low:42612kB high:51132kB reserved_highatomic:0KB free_highatomic:0KB active_anon:542396kB inactive_anon:12kB active_file:63508kB inactive_file:167836kB unevictable:1536kB writepending:2964kB present:3129332kB managed:2541088kB mlocked:0kB bounce:0kB free_pcp:81524kB local_pcp:51904kB free_cma:0kB
[  631.685496][T15643] lowmem_reserve[]: 0 0 1 1 1
[  631.692066][T15643] Node 0 Normal free:20kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1556kB unevictable:0kB writepending:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:20kB local_pcp:8kB free_cma:0kB
[  631.743500][T15643] lowmem_reserve[]: 0 0 0 0 0
[  631.752988][T15643] Node 1 Normal free:3890060kB boost:0kB min:55788kB low:69732kB high:83676kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:136kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:33140kB local_pcp:9560kB free_cma:0kB
[  631.792790][T15643] lowmem_reserve[]: 0 0 0 0 0
[  631.800446][T15643] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  631.816387][T15643] Node 0 DMA32: 7749*4kB (UM) 2329*8kB (UME) 1436*16kB (UME) 717*32kB (M) 405*64kB (M) 159*128kB (UME) 54*256kB (UME) 24*512kB (UM) 14*1024kB (UM) 8*2048kB (UM) 134*4096kB (UM) = 747516kB
[  631.844661][T15643] Node 0 Normal: 1*4kB (M) 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 20kB
[  631.861537][T15643] Node 1 Normal: 139*4kB (UM) 86*8kB (UME) 77*16kB (UME) 127*32kB (UME) 54*64kB (UME) 29*128kB (UME) 10*256kB (UM) 8*512kB (UME) 5*1024kB (UME) 7*2048kB (UME) 940*4096kB (UM) = 3890060kB
[  631.886190][T15643] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  631.898916][T15643] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  631.910739][T15643] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  631.923836][T15643] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  631.935912][T15643] 182455 total pagecache pages
[  631.941812][T15643] 9 pages in swap cache
[  631.975732][T15643] Free swap  = 123872kB
[  631.980806][T15643] Total swap = 124996kB
[  631.992519][T15643] 2097051 pages RAM
[  631.997351][T15643] 0 pages HighMem/MovableOnly
[  632.004164][T15643] 429737 pages reserved
[  632.015643][T15643] 0 pages cma reserved
[  632.388207][T15672] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3482'.
[  632.434425][T15672] bridge0: port 2(bridge_slave_1) entered disabled state
[  632.487260][T15672] bridge_slave_1 (unregistering): left allmulticast mode
[  632.514698][T15672] bridge_slave_1 (unregistering): left promiscuous mode
[  632.530656][T15672] bridge0: port 2(bridge_slave_1) entered disabled state
[  633.699193][T15700] FAULT_INJECTION: forcing a failure.
[  633.699193][T15700] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  633.760297][T15700] CPU: 1 UID: 0 PID: 15700 Comm: syz.3.3491 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  633.760333][T15700] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  633.760348][T15700] Call Trace:
[  633.760356][T15700]  <TASK>
[  633.760367][T15700]  dump_stack_lvl+0x16c/0x1f0
[  633.760406][T15700]  should_fail_ex+0x512/0x640
[  633.760449][T15700]  should_fail_alloc_page+0xe7/0x130
[  633.760487][T15700]  prepare_alloc_pages+0x3c2/0x610
[  633.760511][T15700]  ? rcu_is_watching+0x12/0xc0
[  633.760549][T15700]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  633.760590][T15700]  ? rcu_is_watching+0x12/0xc0
[  633.760625][T15700]  ? trace_mm_page_alloc+0x11f/0x1a0
[  633.760665][T15700]  ? __alloc_frozen_pages_noprof+0x294/0x23f0
[  633.760699][T15700]  ? __pfx_stack_trace_save+0x10/0x10
[  633.760736][T15700]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  633.760778][T15700]  ? alloc_vmap_area+0xdc8/0x29c0
[  633.760815][T15700]  ? __vmalloc_node_range_noprof+0x271/0x14b0
[  633.760841][T15700]  ? __do_sys_listmount+0x1c2/0xec0
[  633.760868][T15700]  ? do_syscall_64+0xcd/0x490
[  633.760900][T15700]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  633.760937][T15700]  alloc_pages_bulk_noprof+0x71c/0x1410
[  633.760969][T15700]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  633.761001][T15700]  ? policy_nodemask+0xea/0x4e0
[  633.761039][T15700]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  633.761074][T15700]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  633.761129][T15700]  kasan_populate_vmalloc+0xf1/0x1f0
[  633.761165][T15700]  alloc_vmap_area+0x959/0x29c0
[  633.761216][T15700]  ? __pfx_alloc_vmap_area+0x10/0x10
[  633.761263][T15700]  __get_vm_area_node+0x1ca/0x330
[  633.761292][T15700]  __vmalloc_node_range_noprof+0x271/0x14b0
[  633.761319][T15700]  ? __do_sys_listmount+0x1c2/0xec0
[  633.761351][T15700]  ? __lock_acquire+0xb8a/0x1c90
[  633.761383][T15700]  ? __do_sys_listmount+0x1c2/0xec0
[  633.761415][T15700]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  633.761443][T15700]  ? __alloc_pages_noprof+0xb/0x1b0
[  633.761474][T15700]  ? ___kmalloc_large_node+0x84/0x1e0
[  633.761496][T15700]  ? find_held_lock+0x2b/0x80
[  633.761536][T15700]  __kvmalloc_node_noprof+0x308/0x620
[  633.761571][T15700]  ? __do_sys_listmount+0x1c2/0xec0
[  633.761602][T15700]  ? __do_sys_listmount+0x1c2/0xec0
[  633.761637][T15700]  ? __do_sys_listmount+0x1c2/0xec0
[  633.761661][T15700]  __do_sys_listmount+0x1c2/0xec0
[  633.761692][T15700]  ? __x64_sys_futex+0x1e0/0x4c0
[  633.761715][T15700]  ? __x64_sys_futex+0x1e9/0x4c0
[  633.761739][T15700]  ? __pfx___do_sys_listmount+0x10/0x10
[  633.761778][T15700]  do_syscall_64+0xcd/0x490
[  633.761814][T15700]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  633.761839][T15700] RIP: 0033:0x7fd78b18e969
[  633.761858][T15700] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  633.761886][T15700] RSP: 002b:00007fd78bfb4038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca
[  633.761910][T15700] RAX: ffffffffffffffda RBX: 00007fd78b3b6080 RCX: 00007fd78b18e969
[  633.761927][T15700] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100
[  633.761942][T15700] RBP: 00007fd78b210ab1 R08: 0000000000000000 R09: 0000000000000000
[  633.761957][T15700] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  633.761972][T15700] R13: 0000000000000000 R14: 00007fd78b3b6080 R15: 00007ffcab600f28
[  633.762002][T15700]  </TASK>
[  634.783434][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  634.791553][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  635.832488][T15724] sctp: [Deprecated]: syz.3.3498 (pid 15724) Use of int in maxseg socket option.
[  635.832488][T15724] Use struct sctp_assoc_value instead
[  637.980324][    C1] bridge0: port 3(team0) entered forwarding state
[  637.988141][    C1] bridge0: topology change detected, propagating
[  638.012507][T15761] FAULT_INJECTION: forcing a failure.
[  638.012507][T15761] name failslab, interval 1, probability 0, space 0, times 0
[  638.071036][T15761] CPU: 0 UID: 0 PID: 15761 Comm: syz.3.3508 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  638.071090][T15761] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  638.071113][T15761] Call Trace:
[  638.071125][T15761]  <TASK>
[  638.071140][T15761]  dump_stack_lvl+0x16c/0x1f0
[  638.071194][T15761]  should_fail_ex+0x512/0x640
[  638.071248][T15761]  ? __kmalloc_noprof+0xbf/0x510
[  638.071297][T15761]  ? tracing_log_err+0x4b4/0x6a0
[  638.071332][T15761]  should_failslab+0xc2/0x120
[  638.071383][T15761]  __kmalloc_noprof+0xd2/0x510
[  638.071431][T15761]  ? kasan_save_track+0x14/0x30
[  638.071482][T15761]  tracing_log_err+0x4b4/0x6a0
[  638.071530][T15761]  append_filter_err+0x380/0x5e0
[  638.071593][T15761]  apply_subsystem_event_filter+0x678/0x1450
[  638.071643][T15761]  ? __pfx_apply_subsystem_event_filter+0x10/0x10
[  638.071693][T15761]  ? _copy_from_user+0x59/0xd0
[  638.071740][T15761]  subsystem_filter_write+0x95/0x120
[  638.071779][T15761]  ? __pfx_subsystem_filter_write+0x10/0x10
[  638.071813][T15761]  vfs_write+0x2a0/0x1150
[  638.071864][T15761]  ? __pfx___mutex_lock+0x10/0x10
[  638.071912][T15761]  ? __pfx_vfs_write+0x10/0x10
[  638.071967][T15761]  ? __fget_files+0x20e/0x3c0
[  638.072019][T15761]  ksys_write+0x12a/0x250
[  638.072060][T15761]  ? __pfx_ksys_write+0x10/0x10
[  638.072115][T15761]  do_syscall_64+0xcd/0x490
[  638.072167][T15761]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  638.072202][T15761] RIP: 0033:0x7fd78b18e969
[  638.072235][T15761] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  638.072272][T15761] RSP: 002b:00007fd78bfd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  638.072306][T15761] RAX: ffffffffffffffda RBX: 00007fd78b3b5fa0 RCX: 00007fd78b18e969
[  638.072330][T15761] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000004
[  638.072350][T15761] RBP: 00007fd78b210ab1 R08: 0000000000000000 R09: 0000000000000000
[  638.072370][T15761] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  638.072391][T15761] R13: 0000000000000000 R14: 00007fd78b3b5fa0 R15: 00007ffcab600f28
[  638.072436][T15761]  </TASK>
[  638.698370][T15774] netlink: 'syz.3.3515': attribute type 10 has an invalid length.
[  638.708407][T15774] netlink: 230 bytes leftover after parsing attributes in process `syz.3.3515'.
[  638.730718][T15774] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[  639.019235][T15776] snd_aloop snd_aloop.0: control 16781581:65539:6:�'x?F���/��zF˷fC���:7 is already present
[  639.303897][T15125] Bluetooth: hci2: Received unexpected HCI Event 0x00
[  639.313226][T15125] Bluetooth: hci2: ACL packet for unknown connection handle 0
[  639.427848][T15782] could not allocate digest TFM handle 
[  640.901713][T15811] FAULT_INJECTION: forcing a failure.
[  640.901713][T15811] name failslab, interval 1, probability 0, space 0, times 0
[  640.918933][T15811] CPU: 1 UID: 0 PID: 15811 Comm: syz.3.3523 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  640.918981][T15811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  640.919004][T15811] Call Trace:
[  640.919016][T15811]  <TASK>
[  640.919030][T15811]  dump_stack_lvl+0x16c/0x1f0
[  640.919082][T15811]  should_fail_ex+0x512/0x640
[  640.919205][T15811]  ? __kvmalloc_node_noprof+0x122/0x620
[  640.919262][T15811]  should_failslab+0xc2/0x120
[  640.919312][T15811]  __kvmalloc_node_noprof+0x135/0x620
[  640.919354][T15811]  ? lockdep_init_map_type+0x5c/0x280
[  640.919393][T15811]  ? alloc_netdev_mqs+0xb5b/0x1570
[  640.919457][T15811]  ? alloc_netdev_mqs+0xb5b/0x1570
[  640.919507][T15811]  alloc_netdev_mqs+0xb5b/0x1570
[  640.919568][T15811]  slip_open+0x35c/0x1150
[  640.919616][T15811]  ? __pfx___might_resched+0x10/0x10
[  640.919676][T15811]  ? __pfx_n_tty_close+0x10/0x10
[  640.919724][T15811]  ? find_held_lock+0x2b/0x80
[  640.919770][T15811]  ? __pfx_slip_open+0x10/0x10
[  640.919810][T15811]  ? down_write+0x14d/0x200
[  640.919858][T15811]  ? __pfx_slip_open+0x10/0x10
[  640.919904][T15811]  tty_ldisc_open+0x9f/0x120
[  640.919957][T15811]  tty_set_ldisc+0x32b/0x780
[  640.920015][T15811]  tty_ioctl+0xc42/0x1610
[  640.920055][T15811]  ? __pfx_tty_ioctl+0x10/0x10
[  640.920141][T15811]  ? hook_file_ioctl_common+0x145/0x410
[  640.920204][T15811]  ? __pfx_tty_ioctl+0x10/0x10
[  640.920239][T15811]  __x64_sys_ioctl+0x18b/0x210
[  640.920277][T15811]  do_syscall_64+0xcd/0x490
[  640.920328][T15811]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  640.920363][T15811] RIP: 0033:0x7fd78b18e969
[  640.920390][T15811] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  640.920426][T15811] RSP: 002b:00007fd78bfd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  640.920459][T15811] RAX: ffffffffffffffda RBX: 00007fd78b3b5fa0 RCX: 00007fd78b18e969
[  640.920483][T15811] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 0000000000000001
[  640.920503][T15811] RBP: 00007fd78b210ab1 R08: 0000000000000000 R09: 0000000000000000
[  640.920524][T15811] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  640.920546][T15811] R13: 0000000000000000 R14: 00007fd78b3b5fa0 R15: 00007ffcab600f28
[  640.920591][T15811]  </TASK>
[  642.169652][T15830] netlink: 'syz.0.3529': attribute type 29 has an invalid length.
[  642.179695][T15830] netlink: 'syz.0.3529': attribute type 30 has an invalid length.
[  642.201358][T15830] netlink: 'syz.0.3529': attribute type 31 has an invalid length.
[  642.237142][T15830] netlink: 'syz.0.3529': attribute type 32 has an invalid length.
[  642.293777][T15830] netlink: 'syz.0.3529': attribute type 33 has an invalid length.
[  642.310745][T15830] netlink: 'syz.0.3529': attribute type 35 has an invalid length.
[  642.334693][T15830] netlink: 'syz.0.3529': attribute type 37 has an invalid length.
[  642.366061][T15830] netlink: 18 bytes leftover after parsing attributes in process `syz.0.3529'.
[  642.747939][T15834] kmem.tcp.limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  643.144560][T15851] netlink: 'syz.0.3538': attribute type 10 has an invalid length.
[  643.171201][T15851] netlink: 230 bytes leftover after parsing attributes in process `syz.0.3538'.
[  643.223138][T15851] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[  644.025880][T15871] netlink: 25 bytes leftover after parsing attributes in process `syz.3.3546'.
[  644.078858][T15876] netlink: 330 bytes leftover after parsing attributes in process `syz.1.3547'.
[  648.741300][T15949] netlink: 330 bytes leftover after parsing attributes in process `syz.1.3565'.
[  649.067589][T15958] netlink: 334 bytes leftover after parsing attributes in process `syz.1.3568'.
[  649.453639][T15966] FAULT_INJECTION: forcing a failure.
[  649.453639][T15966] name failslab, interval 1, probability 0, space 0, times 0
[  649.481284][T15964] netlink: 306 bytes leftover after parsing attributes in process `syz.2.3570'.
[  649.502206][T15966] CPU: 0 UID: 0 PID: 15966 Comm: syz.1.3571 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  649.502259][T15966] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  649.502287][T15966] Call Trace:
[  649.502300][T15966]  <TASK>
[  649.502314][T15966]  dump_stack_lvl+0x16c/0x1f0
[  649.502369][T15966]  should_fail_ex+0x512/0x640
[  649.502425][T15966]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  649.502467][T15966]  ? __pfx_mon_text_open+0x10/0x10
[  649.502519][T15966]  should_failslab+0xc2/0x120
[  649.502569][T15966]  __kmalloc_cache_noprof+0x6a/0x3e0
[  649.502610][T15966]  ? lockdep_init_map_type+0x5c/0x280
[  649.502647][T15966]  ? mon_text_open+0xd5/0x4f0
[  649.502704][T15966]  ? __pfx_mon_text_open+0x10/0x10
[  649.502757][T15966]  mon_text_open+0xd5/0x4f0
[  649.502811][T15966]  ? __pfx_mon_text_open+0x10/0x10
[  649.502862][T15966]  ? __debugfs_file_get+0x1fe/0x840
[  649.502913][T15966]  ? __pfx___debugfs_file_get+0x10/0x10
[  649.502965][T15966]  ? __pfx_apparmor_file_open+0x10/0x10
[  649.503011][T15966]  ? lockdown_is_locked_down+0x3f/0x130
[  649.503064][T15966]  ? bpf_lsm_locked_down+0x9/0x10
[  649.503105][T15966]  ? __pfx_mon_text_open+0x10/0x10
[  649.503157][T15966]  full_proxy_open_regular+0x1b6/0x360
[  649.503223][T15966]  do_dentry_open+0x741/0x1c10
[  649.503270][T15966]  ? __pfx_full_proxy_open_regular+0x10/0x10
[  649.503341][T15966]  vfs_open+0x82/0x3f0
[  649.503396][T15966]  path_openat+0x1de4/0x2cb0
[  649.503454][T15966]  ? __pfx_path_openat+0x10/0x10
[  649.503499][T15966]  ? __lock_acquire+0xb8a/0x1c90
[  649.503540][T15966]  do_filp_open+0x20b/0x470
[  649.503582][T15966]  ? __pfx_do_filp_open+0x10/0x10
[  649.503655][T15966]  ? alloc_fd+0x471/0x7d0
[  649.503707][T15966]  do_sys_openat2+0x11b/0x1d0
[  649.503739][T15966]  ? __pfx_do_sys_openat2+0x10/0x10
[  649.503812][T15966]  __x64_sys_openat+0x174/0x210
[  649.503845][T15966]  ? __pfx___x64_sys_openat+0x10/0x10
[  649.503897][T15966]  do_syscall_64+0xcd/0x490
[  649.503948][T15966]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  649.503984][T15966] RIP: 0033:0x7f1d4d18e969
[  649.504011][T15966] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  649.504046][T15966] RSP: 002b:00007f1d4e027038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  649.504078][T15966] RAX: ffffffffffffffda RBX: 00007f1d4d3b5fa0 RCX: 00007f1d4d18e969
[  649.504100][T15966] RDX: 0000000000000800 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[  649.504122][T15966] RBP: 00007f1d4d210ab1 R08: 0000000000000000 R09: 0000000000000000
[  649.504143][T15966] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  649.504163][T15966] R13: 0000000000000000 R14: 00007f1d4d3b5fa0 R15: 00007ffed0ef9168
[  649.504206][T15966]  </TASK>
[  649.900847][T15966] Console: switching to colour VGA+ 80x25
[  651.593345][T15990] FAULT_INJECTION: forcing a failure.
[  651.593345][T15990] name failslab, interval 1, probability 0, space 0, times 0
[  651.626299][T15990] CPU: 0 UID: 0 PID: 15990 Comm: syz.1.3577 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  651.626352][T15990] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  651.626372][T15990] Call Trace:
[  651.626381][T15990]  <TASK>
[  651.626393][T15990]  dump_stack_lvl+0x16c/0x1f0
[  651.626440][T15990]  should_fail_ex+0x512/0x640
[  651.626486][T15990]  ? __kvmalloc_node_noprof+0x122/0x620
[  651.626526][T15990]  should_failslab+0xc2/0x120
[  651.626567][T15990]  __kvmalloc_node_noprof+0x135/0x620
[  651.626605][T15990]  ? alloc_netdev_mqs+0xfbe/0x1570
[  651.626653][T15990]  ? alloc_netdev_mqs+0xfbe/0x1570
[  651.626691][T15990]  alloc_netdev_mqs+0xfbe/0x1570
[  651.626741][T15990]  slip_open+0x35c/0x1150
[  651.626780][T15990]  ? __pfx___might_resched+0x10/0x10
[  651.626822][T15990]  ? __pfx_n_tty_close+0x10/0x10
[  651.626856][T15990]  ? find_held_lock+0x2b/0x80
[  651.626896][T15990]  ? __pfx_slip_open+0x10/0x10
[  651.626932][T15990]  ? down_write+0x14d/0x200
[  651.626978][T15990]  ? __pfx_slip_open+0x10/0x10
[  651.627015][T15990]  tty_ldisc_open+0x9f/0x120
[  651.627059][T15990]  tty_set_ldisc+0x32b/0x780
[  651.627107][T15990]  tty_ioctl+0xc42/0x1610
[  651.627134][T15990]  ? __pfx_tty_ioctl+0x10/0x10
[  651.627173][T15990]  ? hook_file_ioctl_common+0x145/0x410
[  651.627223][T15990]  ? __pfx_tty_ioctl+0x10/0x10
[  651.627251][T15990]  __x64_sys_ioctl+0x18b/0x210
[  651.627288][T15990]  do_syscall_64+0xcd/0x490
[  651.627332][T15990]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  651.627362][T15990] RIP: 0033:0x7f1d4d18e969
[  651.627386][T15990] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  651.627415][T15990] RSP: 002b:00007f1d4e027038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  651.627443][T15990] RAX: ffffffffffffffda RBX: 00007f1d4d3b5fa0 RCX: 00007f1d4d18e969
[  651.627463][T15990] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 0000000000000001
[  651.627481][T15990] RBP: 00007f1d4d210ab1 R08: 0000000000000000 R09: 0000000000000000
[  651.627499][T15990] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  651.627517][T15990] R13: 0000000000000000 R14: 00007f1d4d3b5fa0 R15: 00007ffed0ef9168
[  651.627554][T15990]  </TASK>
[  652.149402][T15994] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3579'.
[  652.238195][T15994] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3579'.
[  652.446283][T16002] FAULT_INJECTION: forcing a failure.
[  652.446283][T16002] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  652.472938][T16002] CPU: 0 UID: 0 PID: 16002 Comm: syz.1.3580 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  652.472988][T16002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  652.473010][T16002] Call Trace:
[  652.473021][T16002]  <TASK>
[  652.473034][T16002]  dump_stack_lvl+0x16c/0x1f0
[  652.473089][T16002]  should_fail_ex+0x512/0x640
[  652.473153][T16002]  should_fail_alloc_page+0xe7/0x130
[  652.473216][T16002]  prepare_alloc_pages+0x3c2/0x610
[  652.473252][T16002]  ? rcu_is_watching+0x12/0xc0
[  652.473307][T16002]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  652.473360][T16002]  ? rcu_is_watching+0x12/0xc0
[  652.473412][T16002]  ? trace_mm_page_alloc+0x11f/0x1a0
[  652.473469][T16002]  ? __alloc_frozen_pages_noprof+0x294/0x23f0
[  652.473518][T16002]  ? __pfx_stack_trace_save+0x10/0x10
[  652.473573][T16002]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  652.473633][T16002]  ? alloc_vmap_area+0x645/0x29c0
[  652.473685][T16002]  ? __vmalloc_node_range_noprof+0x271/0x14b0
[  652.473722][T16002]  ? __do_sys_listmount+0x1c2/0xec0
[  652.473757][T16002]  ? do_syscall_64+0xcd/0x490
[  652.473803][T16002]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  652.473857][T16002]  alloc_pages_bulk_noprof+0x71c/0x1410
[  652.473902][T16002]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  652.473967][T16002]  ? policy_nodemask+0xea/0x4e0
[  652.474023][T16002]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  652.474072][T16002]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  652.474140][T16002]  kasan_populate_vmalloc+0xf1/0x1f0
[  652.474197][T16002]  alloc_vmap_area+0x959/0x29c0
[  652.474271][T16002]  ? __pfx_alloc_vmap_area+0x10/0x10
[  652.474338][T16002]  __get_vm_area_node+0x1ca/0x330
[  652.474381][T16002]  __vmalloc_node_range_noprof+0x271/0x14b0
[  652.474420][T16002]  ? __do_sys_listmount+0x1c2/0xec0
[  652.474466][T16002]  ? __lock_acquire+0xb8a/0x1c90
[  652.474502][T16002]  ? __do_sys_listmount+0x1c2/0xec0
[  652.474549][T16002]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  652.474590][T16002]  ? __alloc_pages_noprof+0xb/0x1b0
[  652.474633][T16002]  ? ___kmalloc_large_node+0x84/0x1e0
[  652.474665][T16002]  ? find_held_lock+0x2b/0x80
[  652.474720][T16002]  __kvmalloc_node_noprof+0x308/0x620
[  652.474764][T16002]  ? __do_sys_listmount+0x1c2/0xec0
[  652.474803][T16002]  ? __do_sys_listmount+0x1c2/0xec0
[  652.474847][T16002]  ? __do_sys_listmount+0x1c2/0xec0
[  652.474881][T16002]  __do_sys_listmount+0x1c2/0xec0
[  652.474925][T16002]  ? __x64_sys_futex+0x1e0/0x4c0
[  652.474957][T16002]  ? __x64_sys_futex+0x1e9/0x4c0
[  652.474992][T16002]  ? __pfx___do_sys_listmount+0x10/0x10
[  652.475050][T16002]  do_syscall_64+0xcd/0x490
[  652.475101][T16002]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  652.475136][T16002] RIP: 0033:0x7f1d4d18e969
[  652.475164][T16002] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  652.475206][T16002] RSP: 002b:00007f1d4e006038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca
[  652.475239][T16002] RAX: ffffffffffffffda RBX: 00007f1d4d3b6080 RCX: 00007f1d4d18e969
[  652.475262][T16002] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100
[  652.475283][T16002] RBP: 00007f1d4d210ab1 R08: 0000000000000000 R09: 0000000000000000
[  652.475304][T16002] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  652.475325][T16002] R13: 0000000000000000 R14: 00007f1d4d3b6080 R15: 00007ffed0ef9168
[  652.475368][T16002]  </TASK>
[  652.892588][T16002] warn_alloc: 2 callbacks suppressed
[  652.892617][T16002] syz.1.3580: vmalloc error: size 8000000, vm_struct allocation failed, mode:0x400cc0(GFP_KERNEL_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1
[  653.046287][T16002] CPU: 1 UID: 0 PID: 16002 Comm: syz.1.3580 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  653.046363][T16002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  653.046398][T16002] Call Trace:
[  653.046411][T16002]  <TASK>
[  653.046424][T16002]  dump_stack_lvl+0x16c/0x1f0
[  653.046479][T16002]  warn_alloc+0x248/0x3a0
[  653.046527][T16002]  ? __pfx_warn_alloc+0x10/0x10
[  653.046575][T16002]  ? kfree+0x2b4/0x4d0
[  653.046621][T16002]  ? __get_vm_area_node+0x208/0x330
[  653.046664][T16002]  __vmalloc_node_range_noprof+0xb2d/0x14b0
[  653.046714][T16002]  ? __lock_acquire+0xb8a/0x1c90
[  653.046750][T16002]  ? __do_sys_listmount+0x1c2/0xec0
[  653.046797][T16002]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  653.046837][T16002]  ? __alloc_pages_noprof+0xb/0x1b0
[  653.046881][T16002]  ? ___kmalloc_large_node+0x84/0x1e0
[  653.046912][T16002]  ? find_held_lock+0x2b/0x80
[  653.046969][T16002]  __kvmalloc_node_noprof+0x308/0x620
[  653.047013][T16002]  ? __do_sys_listmount+0x1c2/0xec0
[  653.047052][T16002]  ? __do_sys_listmount+0x1c2/0xec0
[  653.047096][T16002]  ? __do_sys_listmount+0x1c2/0xec0
[  653.047138][T16002]  __do_sys_listmount+0x1c2/0xec0
[  653.047183][T16002]  ? __x64_sys_futex+0x1e0/0x4c0
[  653.047217][T16002]  ? __x64_sys_futex+0x1e9/0x4c0
[  653.047251][T16002]  ? __pfx___do_sys_listmount+0x10/0x10
[  653.047308][T16002]  do_syscall_64+0xcd/0x490
[  653.047361][T16002]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  653.047396][T16002] RIP: 0033:0x7f1d4d18e969
[  653.047425][T16002] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  653.047460][T16002] RSP: 002b:00007f1d4e006038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca
[  653.047493][T16002] RAX: ffffffffffffffda RBX: 00007f1d4d3b6080 RCX: 00007f1d4d18e969
[  653.047517][T16002] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100
[  653.047540][T16002] RBP: 00007f1d4d210ab1 R08: 0000000000000000 R09: 0000000000000000
[  653.047562][T16002] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  653.047584][T16002] R13: 0000000000000000 R14: 00007f1d4d3b6080 R15: 00007ffed0ef9168
[  653.047626][T16002]  </TASK>
[  653.047639][T16002] Mem-Info:
[  653.556376][T16002] active_anon:100828 inactive_anon:49413 isolated_anon:0
[  653.556376][T16002]  active_file:14144 inactive_file:44152 isolated_file:0
[  653.556376][T16002]  unevictable:768 dirty:282 writeback:0
[  653.556376][T16002]  slab_reclaimable:11738 slab_unreclaimable:117732
[  653.556376][T16002]  mapped:33153 shmem:134744 pagetables:1211
[  653.556376][T16002]  sec_pagetables:0 bounce:0
[  653.556376][T16002]  kernel_misc_reclaimable:0
[  653.556376][T16002]  free:1156159 free_pcp:11100 free_cma:0
[  653.636490][T16002] Node 0 active_anon:404812kB inactive_anon:196852kB active_file:56576kB inactive_file:176472kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:134012kB dirty:1128kB writeback:0kB shmem:536636kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12204kB pagetables:4796kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  653.706594][T16002] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:136kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:3040kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:148kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  653.806524][T16002] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  653.886562][T16002] lowmem_reserve[]: 0 2481 2483 2483 2483
[  653.893590][T16002] Node 0 DMA32 free:692152kB boost:0kB min:34092kB low:42612kB high:51132kB reserved_highatomic:0KB free_highatomic:0KB active_anon:407264kB inactive_anon:189552kB active_file:56576kB inactive_file:174916kB unevictable:1536kB writepending:1128kB present:3129332kB managed:2541088kB mlocked:0kB bounce:0kB free_pcp:42076kB local_pcp:17212kB free_cma:0kB
[  653.948779][T16002] lowmem_reserve[]: 0 0 1 1 1
[  653.954817][T16002] Node 0 Normal free:20kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1556kB unevictable:0kB writepending:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:20kB local_pcp:8kB free_cma:0kB
[  653.997259][T16002] lowmem_reserve[]: 0 0 0 0 0
[  654.003046][T16002] Node 1 Normal free:3922624kB boost:0kB min:55788kB low:69732kB high:83676kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:136kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:500kB local_pcp:0kB free_cma:0kB
[  654.041235][T16002] lowmem_reserve[]: 0 0 0 0 0
[  654.047336][T16002] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  654.063380][T16002] Node 0 DMA32: 2589*4kB (UM) 550*8kB (UM) 908*16kB (UME) 291*32kB (M) 427*64kB (UM) 170*128kB (UME) 48*256kB (M) 18*512kB (UM) 27*1024kB (UM) 4*2048kB (UM) 134*4096kB (ME) = 693892kB
[  654.086602][T16002] Node 0 Normal: 3*4kB (M) 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 20kB
[  654.107272][T16002] Node 1 Normal: 91*4kB (UM) 55*8kB (UME) 45*16kB (UME) 238*32kB (UME) 97*64kB (UME) 30*128kB (UME) 12*256kB (UM) 10*512kB (UME) 4*1024kB (UME) 4*2048kB (UME) 948*4096kB (UM) = 3922676kB
[  654.130738][T16002] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  654.142657][T16002] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  654.154404][T16002] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  654.166456][T16002] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  654.178105][T16002] 192793 total pagecache pages
[  654.183868][T16002] 1065 pages in swap cache
[  654.189681][T16002] Free swap  = 119648kB
[  654.194702][T16002] Total swap = 124996kB
[  654.200297][T16002] 2097051 pages RAM
[  654.204898][T16002] 0 pages HighMem/MovableOnly
[  654.227345][T16002] 429737 pages reserved
[  654.233047][T16002] 0 pages cma reserved
[  654.568154][T16016] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3585'.
[  654.621049][T16016] bridge0: port 2(bridge_slave_1) entered disabled state
[  654.745385][T16016] bridge_slave_1 (unregistering): left allmulticast mode
[  654.754701][T16016] bridge_slave_1 (unregistering): left promiscuous mode
[  654.763420][T16016] bridge0: port 2(bridge_slave_1) entered disabled state
[  655.809087][T16038] FAULT_INJECTION: forcing a failure.
[  655.809087][T16038] name failslab, interval 1, probability 0, space 0, times 0
[  655.828080][T16038] CPU: 0 UID: 0 PID: 16038 Comm: syz.2.3591 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  655.828116][T16038] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  655.828130][T16038] Call Trace:
[  655.828138][T16038]  <TASK>
[  655.828148][T16038]  dump_stack_lvl+0x16c/0x1f0
[  655.828186][T16038]  should_fail_ex+0x512/0x640
[  655.828226][T16038]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  655.828257][T16038]  should_failslab+0xc2/0x120
[  655.828293][T16038]  __kmalloc_cache_noprof+0x6a/0x3e0
[  655.828320][T16038]  ? __pfx_trace_seq_printf+0x10/0x10
[  655.828358][T16038]  ? tracing_log_err+0x490/0x6a0
[  655.828388][T16038]  tracing_log_err+0x490/0x6a0
[  655.828421][T16038]  append_filter_err+0x380/0x5e0
[  655.828465][T16038]  apply_subsystem_event_filter+0x678/0x1450
[  655.828500][T16038]  ? __pfx_apply_subsystem_event_filter+0x10/0x10
[  655.828535][T16038]  ? _copy_from_user+0x59/0xd0
[  655.828563][T16038]  subsystem_filter_write+0x95/0x120
[  655.828589][T16038]  ? __pfx_subsystem_filter_write+0x10/0x10
[  655.828617][T16038]  vfs_write+0x2a0/0x1150
[  655.828651][T16038]  ? __pfx___mutex_lock+0x10/0x10
[  655.828685][T16038]  ? __pfx_vfs_write+0x10/0x10
[  655.828723][T16038]  ? __fget_files+0x20e/0x3c0
[  655.828760][T16038]  ksys_write+0x12a/0x250
[  655.828789][T16038]  ? __pfx_ksys_write+0x10/0x10
[  655.828827][T16038]  do_syscall_64+0xcd/0x490
[  655.828870][T16038]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  655.828895][T16038] RIP: 0033:0x7fdf2e58e969
[  655.828915][T16038] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  655.828939][T16038] RSP: 002b:00007fdf2c3f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  655.828962][T16038] RAX: ffffffffffffffda RBX: 00007fdf2e7b5fa0 RCX: 00007fdf2e58e969
[  655.828979][T16038] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000004
[  655.828994][T16038] RBP: 00007fdf2e610ab1 R08: 0000000000000000 R09: 0000000000000000
[  655.829009][T16038] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  655.829023][T16038] R13: 0000000000000000 R14: 00007fdf2e7b5fa0 R15: 00007ffc38fbf428
[  655.829054][T16038]  </TASK>
[  656.519140][T16043] netlink: 338 bytes leftover after parsing attributes in process `syz.1.3594'.
[  656.531893][T16043] netlink: 338 bytes leftover after parsing attributes in process `syz.1.3594'.
[  656.548889][T16043] netlink: 290 bytes leftover after parsing attributes in process `syz.1.3594'.
[  656.560396][T16043] veth0_macvtap: left promiscuous mode
[  658.196393][T16072] FAULT_INJECTION: forcing a failure.
[  658.196393][T16072] name failslab, interval 1, probability 0, space 0, times 0
[  658.212146][T16072] CPU: 1 UID: 0 PID: 16072 Comm: syz.1.3603 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  658.212193][T16072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  658.212215][T16072] Call Trace:
[  658.212226][T16072]  <TASK>
[  658.212240][T16072]  dump_stack_lvl+0x16c/0x1f0
[  658.212290][T16072]  should_fail_ex+0x512/0x640
[  658.212338][T16072]  ? __kmalloc_noprof+0xbf/0x510
[  658.212398][T16072]  ? tracing_log_err+0xb9/0x6a0
[  658.212433][T16072]  should_failslab+0xc2/0x120
[  658.212482][T16072]  __kmalloc_noprof+0xd2/0x510
[  658.212523][T16072]  ? __pfx_trace_seq_printf+0x10/0x10
[  658.212587][T16072]  tracing_log_err+0xb9/0x6a0
[  658.212633][T16072]  append_filter_err+0x380/0x5e0
[  658.212697][T16072]  apply_subsystem_event_filter+0x678/0x1450
[  658.212748][T16072]  ? __pfx_apply_subsystem_event_filter+0x10/0x10
[  658.212799][T16072]  ? _copy_from_user+0x59/0xd0
[  658.212839][T16072]  subsystem_filter_write+0x95/0x120
[  658.212879][T16072]  ? __pfx_subsystem_filter_write+0x10/0x10
[  658.212913][T16072]  vfs_write+0x2a0/0x1150
[  658.212962][T16072]  ? __pfx___mutex_lock+0x10/0x10
[  658.213012][T16072]  ? __pfx_vfs_write+0x10/0x10
[  658.213067][T16072]  ? __fget_files+0x20e/0x3c0
[  658.213121][T16072]  ksys_write+0x12a/0x250
[  658.213163][T16072]  ? __pfx_ksys_write+0x10/0x10
[  658.213220][T16072]  do_syscall_64+0xcd/0x490
[  658.213270][T16072]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  658.213306][T16072] RIP: 0033:0x7f1d4d18e969
[  658.213334][T16072] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  658.213402][T16072] RSP: 002b:00007f1d4e027038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  658.213436][T16072] RAX: ffffffffffffffda RBX: 00007f1d4d3b5fa0 RCX: 00007f1d4d18e969
[  658.213460][T16072] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000004
[  658.213482][T16072] RBP: 00007f1d4d210ab1 R08: 0000000000000000 R09: 0000000000000000
[  658.213505][T16072] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  658.213525][T16072] R13: 0000000000000000 R14: 00007f1d4d3b5fa0 R15: 00007ffed0ef9168
[  658.213572][T16072]  </TASK>
[  660.238760][T16092] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  660.252850][T16092] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  660.262924][T16092] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  660.290889][T16092] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  660.301943][T16092] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  660.655479][T16091] chnl_net:caif_netlink_parms(): no params data found
[  660.790437][T16091] bridge0: port 1(bridge_slave_0) entered blocking state
[  660.799177][T16091] bridge0: port 1(bridge_slave_0) entered disabled state
[  660.808697][T16091] bridge_slave_0: entered allmulticast mode
[  660.818852][T16091] bridge_slave_0: entered promiscuous mode
[  660.836312][T16091] bridge0: port 2(bridge_slave_1) entered blocking state
[  660.845565][T16091] bridge0: port 2(bridge_slave_1) entered disabled state
[  660.855269][T16091] bridge_slave_1: entered allmulticast mode
[  660.865166][T16091] bridge_slave_1: entered promiscuous mode
[  660.922556][T16091] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  660.947150][T16091] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  661.007615][T16091] team0: Port device team_slave_0 added
[  661.019649][T16091] team0: Port device team_slave_1 added
[  661.076596][T16091] batman_adv: batadv0: Adding interface: batadv_slave_0
[  661.085528][T16091] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  661.118646][T16091] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  661.135115][T16091] batman_adv: batadv0: Adding interface: batadv_slave_1
[  661.143882][T16091] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  661.182222][T16091] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  661.257370][T16091] hsr_slave_0: entered promiscuous mode
[  661.266292][T16091] hsr_slave_1: entered promiscuous mode
[  661.274909][T16091] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  661.292298][T16091] Cannot create hsr debugfs directory
[  661.568634][T16091] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  661.586998][T16091] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  661.625522][T16091] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  661.641075][T16091] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  661.788160][T16091] 8021q: adding VLAN 0 to HW filter on device bond0
[  661.825378][T16091] 8021q: adding VLAN 0 to HW filter on device team0
[  661.850226][T15687] bridge0: port 1(bridge_slave_0) entered blocking state
[  661.858932][T15687] bridge0: port 1(bridge_slave_0) entered forwarding state
[  661.893303][T15687] bridge0: port 2(bridge_slave_1) entered blocking state
[  661.902127][T15687] bridge0: port 2(bridge_slave_1) entered forwarding state
[  662.278330][T16091] 8021q: adding VLAN 0 to HW filter on device batadv0
[  662.392788][T16092] Bluetooth: hci4: command tx timeout
[  662.724785][T16091] veth0_vlan: entered promiscuous mode
[  662.744078][T16091] veth1_vlan: entered promiscuous mode
[  662.794477][T16091] veth0_macvtap: entered promiscuous mode
[  662.809078][T16091] veth1_macvtap: entered promiscuous mode
[  662.850407][T16091] batman_adv: batadv0: Interface activated: batadv_slave_0
[  662.872756][T16091] batman_adv: batadv0: Interface activated: batadv_slave_1
[  662.892966][T16091] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  662.904838][T16091] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  662.917533][T16091] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  662.928254][T16091] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  663.097807][T15687] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  663.123790][T15687] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  663.195523][T15197] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  663.207975][T15197] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  663.421853][T16117] netlink: 338 bytes leftover after parsing attributes in process `syz.2.3618'.
[  663.445005][T16117] netlink: 338 bytes leftover after parsing attributes in process `syz.2.3618'.
[  663.467095][T16117] netlink: 290 bytes leftover after parsing attributes in process `syz.2.3618'.
[  663.478478][T16117] veth0_macvtap: left promiscuous mode
[  663.724745][T16125] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3612'.
[  663.772353][T16124] ima: policy update failed
[  663.789694][   T30] audit: type=1802 audit(6043758107.323:15): pid=16124 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.3612" res=0 errno=0
[  664.472368][T16092] Bluetooth: hci4: command tx timeout
[  665.006440][T16136] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  665.038290][T16136] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  665.063624][T16136] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  665.071052][T16136] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  665.099388][T16136] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  665.114630][T16136] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  665.152746][T16136] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  665.926986][T16152] netlink: 330 bytes leftover after parsing attributes in process `syz.3.3630'.
[  665.958342][T16152] : renamed from bond0 (while UP)
[  666.412889][T16166] FAULT_INJECTION: forcing a failure.
[  666.412889][T16166] name failslab, interval 1, probability 0, space 0, times 0
[  666.462932][T16166] CPU: 0 UID: 0 PID: 16166 Comm: syz.4.3623 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  666.462980][T16166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  666.463001][T16166] Call Trace:
[  666.463012][T16166]  <TASK>
[  666.463024][T16166]  dump_stack_lvl+0x16c/0x1f0
[  666.463073][T16166]  should_fail_ex+0x512/0x640
[  666.463124][T16166]  ? __kmalloc_noprof+0xbf/0x510
[  666.463169][T16166]  ? tracing_log_err+0xb9/0x6a0
[  666.463201][T16166]  should_failslab+0xc2/0x120
[  666.463249][T16166]  __kmalloc_noprof+0xd2/0x510
[  666.463288][T16166]  ? __pfx_trace_seq_printf+0x10/0x10
[  666.463346][T16166]  tracing_log_err+0xb9/0x6a0
[  666.463389][T16166]  append_filter_err+0x380/0x5e0
[  666.463448][T16166]  apply_subsystem_event_filter+0x678/0x1450
[  666.463494][T16166]  ? __pfx_apply_subsystem_event_filter+0x10/0x10
[  666.463542][T16166]  ? _copy_from_user+0x59/0xd0
[  666.463587][T16166]  subsystem_filter_write+0x95/0x120
[  666.463624][T16166]  ? __pfx_subsystem_filter_write+0x10/0x10
[  666.463656][T16166]  vfs_write+0x2a0/0x1150
[  666.463701][T16166]  ? __pfx___mutex_lock+0x10/0x10
[  666.463744][T16166]  ? __pfx_vfs_write+0x10/0x10
[  666.463791][T16166]  ? __fget_files+0x20e/0x3c0
[  666.463840][T16166]  ksys_write+0x12a/0x250
[  666.463878][T16166]  ? __pfx_ksys_write+0x10/0x10
[  666.463928][T16166]  do_syscall_64+0xcd/0x490
[  666.463975][T16166]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  666.464006][T16166] RIP: 0033:0x7efd5db8e969
[  666.464032][T16166] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  666.464065][T16166] RSP: 002b:00007efd5ea2e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  666.464095][T16166] RAX: ffffffffffffffda RBX: 00007efd5ddb5fa0 RCX: 00007efd5db8e969
[  666.464117][T16166] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000004
[  666.464138][T16166] RBP: 00007efd5dc10ab1 R08: 0000000000000000 R09: 0000000000000000
[  666.464159][T16166] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  666.464179][T16166] R13: 0000000000000000 R14: 00007efd5ddb5fa0 R15: 00007ffc25b1c428
[  666.464222][T16166]  </TASK>
[  666.955590][T16171] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3627'.
[  666.981603][T16171] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  666.995418][T16171] batman_adv: batadv0: Removing interface: batadv_slave_0
[  667.012854][T16171] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  667.024173][T16171] batman_adv: batadv0: Removing interface: batadv_slave_1
[  667.035019][T16092] Bluetooth: hci0: command 0x0406 tx timeout
[  667.115179][T16092] Bluetooth: hci4: command 0x0419 tx timeout
[  667.124057][T15125] Bluetooth: hci3: command 0x0406 tx timeout
[  667.131268][T15125] Bluetooth: hci2: command 0x0406 tx timeout
[  667.139329][T16092] Bluetooth: hci1: command 0x0406 tx timeout
[  668.815103][T16202] netlink: 'syz.4.3636': attribute type 10 has an invalid length.
[  668.836397][T16202] netlink: 230 bytes leftover after parsing attributes in process `syz.4.3636'.
[  669.111395][T16209] ima: policy update failed
[  669.166638][   T30] audit: type=1802 audit(6043758112.711:16): pid=16209 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.3639" res=0 errno=0
[  669.194513][T16092] Bluetooth: hci4: command 0x0419 tx timeout
[  670.311888][T16221] could not allocate digest TFM handle binfmt_misc
[  671.275685][T16092] Bluetooth: hci4: command 0x0419 tx timeout
[  672.379560][T16260] netlink: 266 bytes leftover after parsing attributes in process `syz.4.3655'.
[  672.390812][T16260] IPv6: NLM_F_CREATE should be specified when creating new route
[  673.396420][T16092] Bluetooth: hci4: command 0x0419 tx timeout
[  674.547929][T16282] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  674.578021][T16282] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  674.587421][T16282] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  674.616914][T16282] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  674.625530][T16282] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  674.981733][T16294] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3669'.
[  675.009867][T16294] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  675.054578][T16294] batman_adv: batadv0: Removing interface: batadv_slave_1
[  676.273836][T16322] FAULT_INJECTION: forcing a failure.
[  676.273836][T16322] name failslab, interval 1, probability 0, space 0, times 0
[  676.290494][T16322] CPU: 1 UID: 0 PID: 16322 Comm: syz.2.3676 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  676.290540][T16322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  676.290562][T16322] Call Trace:
[  676.290574][T16322]  <TASK>
[  676.290587][T16322]  dump_stack_lvl+0x16c/0x1f0
[  676.290670][T16322]  should_fail_ex+0x512/0x640
[  676.290725][T16322]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  676.290770][T16322]  should_failslab+0xc2/0x120
[  676.290819][T16322]  __kmalloc_cache_noprof+0x6a/0x3e0
[  676.290860][T16322]  ? ieee80211_init_rate_ctrl_alg+0x175/0x6b0
[  676.290921][T16322]  ieee80211_init_rate_ctrl_alg+0x175/0x6b0
[  676.290984][T16322]  ieee80211_register_hw+0x2124/0x4140
[  676.291052][T16322]  ? __debug_object_init+0x1f1/0x3d0
[  676.291101][T16322]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  676.291166][T16322]  ? find_held_lock+0x2b/0x80
[  676.291217][T16322]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  676.291264][T16322]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  676.291305][T16322]  ? __hrtimer_setup+0x176/0x280
[  676.291354][T16322]  mac80211_hwsim_new_radio+0x3034/0x54d0
[  676.291437][T16322]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  676.291507][T16322]  hwsim_new_radio_nl+0xb51/0x12c0
[  676.291592][T16322]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  676.291671][T16322]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  676.291715][T16322]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  676.291768][T16322]  genl_family_rcv_msg_doit+0x206/0x2f0
[  676.291811][T16322]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  676.291851][T16322]  ? trace_cap_capable+0x18d/0x200
[  676.291900][T16322]  ? bpf_lsm_capable+0x9/0x10
[  676.291936][T16322]  ? security_capable+0x7e/0x260
[  676.291974][T16322]  ? ns_capable+0xd7/0x110
[  676.292030][T16322]  genl_rcv_msg+0x55c/0x800
[  676.292074][T16322]  ? __pfx_genl_rcv_msg+0x10/0x10
[  676.292114][T16322]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  676.292186][T16322]  netlink_rcv_skb+0x155/0x420
[  676.292219][T16322]  ? __pfx_genl_rcv_msg+0x10/0x10
[  676.292261][T16322]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  676.292314][T16322]  ? netlink_deliver_tap+0x1ae/0xd30
[  676.292375][T16322]  genl_rcv+0x28/0x40
[  676.292408][T16322]  netlink_unicast+0x53a/0x7f0
[  676.292471][T16322]  ? __pfx_netlink_unicast+0x10/0x10
[  676.292540][T16322]  netlink_sendmsg+0x8d1/0xdd0
[  676.292581][T16322]  ? __pfx_netlink_sendmsg+0x10/0x10
[  676.292662][T16322]  ____sys_sendmsg+0xa95/0xc70
[  676.292699][T16322]  ? copy_msghdr_from_user+0x10a/0x160
[  676.292748][T16322]  ? __pfx_____sys_sendmsg+0x10/0x10
[  676.292781][T16322]  ? preempt_schedule_thunk+0x16/0x30
[  676.292832][T16322]  ? try_to_wake_up+0xa2f/0x1680
[  676.292890][T16322]  ___sys_sendmsg+0x134/0x1d0
[  676.292942][T16322]  ? __pfx____sys_sendmsg+0x10/0x10
[  676.292986][T16322]  ? __lock_acquire+0x622/0x1c90
[  676.293077][T16322]  __sys_sendmsg+0x16d/0x220
[  676.293128][T16322]  ? __pfx___sys_sendmsg+0x10/0x10
[  676.293176][T16322]  ? __x64_sys_futex+0x1e0/0x4c0
[  676.293238][T16322]  do_syscall_64+0xcd/0x490
[  676.293291][T16322]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  676.293326][T16322] RIP: 0033:0x7fdf2e58e969
[  676.293356][T16322] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  676.293392][T16322] RSP: 002b:00007fdf2c3d5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  676.293425][T16322] RAX: ffffffffffffffda RBX: 00007fdf2e7b6080 RCX: 00007fdf2e58e969
[  676.293449][T16322] RDX: 0000000000018800 RSI: 0000200000001400 RDI: 0000000000000005
[  676.293471][T16322] RBP: 00007fdf2e610ab1 R08: 0000000000000000 R09: 0000000000000000
[  676.293492][T16322] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  676.293513][T16322] R13: 0000000000000000 R14: 00007fdf2e7b6080 R15: 00007ffc38fbf428
[  676.293558][T16322]  </TASK>
[  676.293865][T16322] ieee80211 phy31: Failed to select rate control algorithm
[  676.648242][T16092] Bluetooth: hci4: command 0x0419 tx timeout
[  676.740176][T15125] Bluetooth: hci3: command 0x0406 tx timeout
[  676.776505][T15125] Bluetooth: hci2: command 0x0406 tx timeout
[  676.783858][T15125] Bluetooth: hci1: command 0x0406 tx timeout
[  676.873115][T16315] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  676.881449][T16315] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  676.888885][T16315] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  676.896825][T16315] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  676.905729][T16315] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  678.239006][T16092] Bluetooth: hci0: command 0x0406 tx timeout
[  678.275878][T16360] netlink: 25 bytes leftover after parsing attributes in process `syz.3.3689'.
[  678.576222][T16368] FAULT_INJECTION: forcing a failure.
[  678.576222][T16368] name failslab, interval 1, probability 0, space 0, times 0
[  678.636453][T16368] CPU: 1 UID: 0 PID: 16368 Comm: syz.4.3690 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  678.636506][T16368] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  678.636529][T16368] Call Trace:
[  678.636546][T16368]  <TASK>
[  678.636561][T16368]  dump_stack_lvl+0x16c/0x1f0
[  678.636627][T16368]  should_fail_ex+0x512/0x640
[  678.636683][T16368]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  678.636734][T16368]  should_failslab+0xc2/0x120
[  678.636786][T16368]  __kmalloc_cache_noprof+0x6a/0x3e0
[  678.636830][T16368]  ? device_add+0xccc/0x1a70
[  678.636876][T16368]  device_add+0xccc/0x1a70
[  678.636924][T16368]  ? __pfx_device_add+0x10/0x10
[  678.636960][T16368]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  678.637008][T16368]  ? ieee80211_set_bitrate_flags+0x243/0x6b0
[  678.637070][T16368]  wiphy_register+0x1c9c/0x2850
[  678.637108][T16368]  ? netdev_run_todo+0x864/0x1320
[  678.637175][T16368]  ? __pfx_wiphy_register+0x10/0x10
[  678.637229][T16368]  ? ieee80211_init_rate_ctrl_alg+0x125/0x6b0
[  678.637295][T16368]  ieee80211_register_hw+0x24ac/0x4140
[  678.637369][T16368]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  678.637437][T16368]  ? find_held_lock+0x2b/0x80
[  678.637497][T16368]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  678.637539][T16368]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  678.637582][T16368]  ? __hrtimer_setup+0x176/0x280
[  678.637638][T16368]  mac80211_hwsim_new_radio+0x3034/0x54d0
[  678.637727][T16368]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  678.637804][T16368]  hwsim_new_radio_nl+0xb51/0x12c0
[  678.637869][T16368]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  678.637943][T16368]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  678.637990][T16368]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  678.638044][T16368]  genl_family_rcv_msg_doit+0x206/0x2f0
[  678.638091][T16368]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  678.638132][T16368]  ? trace_cap_capable+0x18d/0x200
[  678.638185][T16368]  ? bpf_lsm_capable+0x9/0x10
[  678.638221][T16368]  ? security_capable+0x7e/0x260
[  678.638263][T16368]  ? ns_capable+0xd7/0x110
[  678.638317][T16368]  genl_rcv_msg+0x55c/0x800
[  678.638367][T16368]  ? __pfx_genl_rcv_msg+0x10/0x10
[  678.638408][T16368]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  678.638483][T16368]  netlink_rcv_skb+0x155/0x420
[  678.638516][T16368]  ? __pfx_genl_rcv_msg+0x10/0x10
[  678.638562][T16368]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  678.638624][T16368]  ? netlink_deliver_tap+0x1ae/0xd30
[  678.638689][T16368]  genl_rcv+0x28/0x40
[  678.638726][T16368]  netlink_unicast+0x53a/0x7f0
[  678.638787][T16368]  ? __pfx_netlink_unicast+0x10/0x10
[  678.638852][T16368]  netlink_sendmsg+0x8d1/0xdd0
[  678.638892][T16368]  ? __pfx_netlink_sendmsg+0x10/0x10
[  678.638966][T16368]  ____sys_sendmsg+0xa95/0xc70
[  678.639004][T16368]  ? copy_msghdr_from_user+0x10a/0x160
[  678.639052][T16368]  ? __pfx_____sys_sendmsg+0x10/0x10
[  678.639084][T16368]  ? preempt_schedule_thunk+0x16/0x30
[  678.639134][T16368]  ? try_to_wake_up+0xa2f/0x1680
[  678.639190][T16368]  ___sys_sendmsg+0x134/0x1d0
[  678.639240][T16368]  ? __pfx____sys_sendmsg+0x10/0x10
[  678.639285][T16368]  ? __lock_acquire+0x622/0x1c90
[  678.639375][T16368]  __sys_sendmsg+0x16d/0x220
[  678.639424][T16368]  ? __pfx___sys_sendmsg+0x10/0x10
[  678.639471][T16368]  ? __x64_sys_futex+0x1e0/0x4c0
[  678.639532][T16368]  do_syscall_64+0xcd/0x490
[  678.639583][T16368]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  678.639625][T16368] RIP: 0033:0x7efd5db8e969
[  678.639653][T16368] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  678.639689][T16368] RSP: 002b:00007efd5ea0d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  678.639723][T16368] RAX: ffffffffffffffda RBX: 00007efd5ddb6080 RCX: 00007efd5db8e969
[  678.639746][T16368] RDX: 0000000000018800 RSI: 0000200000001400 RDI: 0000000000000005
[  678.639769][T16368] RBP: 00007efd5dc10ab1 R08: 0000000000000000 R09: 0000000000000000
[  678.639791][T16368] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  678.639812][T16368] R13: 0000000000000000 R14: 00007efd5ddb6080 R15: 00007ffc25b1c428
[  678.639858][T16368]  </TASK>
[  679.011615][T16092] Bluetooth: hci4: command 0x0419 tx timeout
[  679.040052][T16370] netlink: 13 bytes leftover after parsing attributes in process `syz.3.3692'.
[  679.060288][T15129] Bluetooth: hci3: command 0x0406 tx timeout
[  679.060367][T15129] Bluetooth: hci2: command 0x0406 tx timeout
[  679.155880][T15125] Bluetooth: hci1: command 0x0406 tx timeout
[  679.358325][T16374] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3695'.
[  694.378959][T16176] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  694.392042][T16176] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  694.407543][T16176] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  694.420285][T16176] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  694.430951][T16176] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  694.785610][T16414] chnl_net:caif_netlink_parms(): no params data found
[  694.924016][T16414] bridge0: port 1(bridge_slave_0) entered blocking state
[  694.932852][T16414] bridge0: port 1(bridge_slave_0) entered disabled state
[  694.943506][T16414] bridge_slave_0: entered allmulticast mode
[  694.953904][T16414] bridge_slave_0: entered promiscuous mode
[  694.973611][T16414] bridge0: port 2(bridge_slave_1) entered blocking state
[  694.982581][T16414] bridge0: port 2(bridge_slave_1) entered disabled state
[  694.991471][T16414] bridge_slave_1: entered allmulticast mode
[  695.001156][T16414] bridge_slave_1: entered promiscuous mode
[  695.061760][T16414] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  695.087769][T16414] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  695.153797][T16414] team0: Port device team_slave_0 added
[  695.166053][T16414] team0: Port device team_slave_1 added
[  695.228349][T16414] batman_adv: batadv0: Adding interface: batadv_slave_0
[  695.236753][T16414] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  695.270262][T16414] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  695.286572][T16414] batman_adv: batadv0: Adding interface: batadv_slave_1
[  695.303803][T16414] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  695.336238][T16414] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  695.420111][T16414] hsr_slave_0: entered promiscuous mode
[  695.429102][T16414] hsr_slave_1: entered promiscuous mode
[  695.436883][T16414] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  695.448295][T16414] Cannot create hsr debugfs directory
[  695.730363][T16414] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  695.745916][T16414] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  695.760347][T16414] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  695.773590][T16414] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  695.868756][T16414] 8021q: adding VLAN 0 to HW filter on device bond0
[  695.893034][T16414] 8021q: adding VLAN 0 to HW filter on device team0
[  695.908694][T15135] bridge0: port 1(bridge_slave_0) entered blocking state
[  695.917226][T15135] bridge0: port 1(bridge_slave_0) entered forwarding state
[  695.936826][T15246] bridge0: port 2(bridge_slave_1) entered blocking state
[  695.945421][T15246] bridge0: port 2(bridge_slave_1) entered forwarding state
[  696.195514][T16414] 8021q: adding VLAN 0 to HW filter on device batadv0
[  696.253482][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  696.261211][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  696.488782][T16176] Bluetooth: hci5: command tx timeout
[  696.492802][T16414] veth0_vlan: entered promiscuous mode
[  696.520476][T16414] veth1_vlan: entered promiscuous mode
[  696.554032][T16414] veth0_macvtap: entered promiscuous mode
[  696.566256][T16414] veth1_macvtap: entered promiscuous mode
[  696.590208][T16414] batman_adv: batadv0: Interface activated: batadv_slave_0
[  696.607565][T16414] batman_adv: batadv0: Interface activated: batadv_slave_1
[  696.626962][T16414] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  696.638116][T16414] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  696.649610][T16414] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  696.660691][T16414] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  696.756548][T15124] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  696.781219][T15124] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  696.813369][T15135] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  696.824563][T15135] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  697.019543][T16439] sp0: Synchronizing with TNC
[  698.066935][T16458] FAULT_INJECTION: forcing a failure.
[  698.066935][T16458] name failslab, interval 1, probability 0, space 0, times 0
[  698.091968][T16458] CPU: 1 UID: 0 PID: 16458 Comm: syz.2.3707 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  698.092013][T16458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  698.092036][T16458] Call Trace:
[  698.092048][T16458]  <TASK>
[  698.092061][T16458]  dump_stack_lvl+0x16c/0x1f0
[  698.092115][T16458]  should_fail_ex+0x512/0x640
[  698.092169][T16458]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  698.092213][T16458]  should_failslab+0xc2/0x120
[  698.092262][T16458]  __kmalloc_cache_noprof+0x6a/0x3e0
[  698.092304][T16458]  ? drm_atomic_state_alloc+0xb8/0x120
[  698.092354][T16458]  drm_atomic_state_alloc+0xb8/0x120
[  698.092399][T16458]  drm_client_modeset_commit_atomic+0xcc/0x7e0
[  698.092443][T16458]  ? __pfx___might_resched+0x10/0x10
[  698.092498][T16458]  ? rcu_is_watching+0x12/0xc0
[  698.092546][T16458]  ? trace_contention_end+0xdd/0x130
[  698.092587][T16458]  ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10
[  698.092687][T16458]  drm_client_modeset_commit_locked+0x14d/0x580
[  698.092737][T16458]  drm_client_modeset_commit+0x4f/0x80
[  698.092780][T16458]  __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200
[  698.092819][T16458]  ? __pfx_drm_fbdev_client_restore+0x10/0x10
[  698.092872][T16458]  drm_fbdev_client_restore+0x2c/0x40
[  698.092922][T16458]  drm_client_dev_restore+0x1f3/0x2a0
[  698.092971][T16458]  drm_release+0x2c4/0x360
[  698.093009][T16458]  ? __pfx_drm_release+0x10/0x10
[  698.093043][T16458]  __fput+0x3ff/0xb70
[  698.093104][T16458]  task_work_run+0x150/0x240
[  698.093149][T16458]  ? __pfx_task_work_run+0x10/0x10
[  698.093193][T16458]  ? __pfx___do_sys_close_range+0x10/0x10
[  698.093248][T16458]  exit_to_user_mode_loop+0xeb/0x110
[  698.093299][T16458]  do_syscall_64+0x3f6/0x490
[  698.093351][T16458]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  698.093385][T16458] RIP: 0033:0x7fdf2e58e969
[  698.093413][T16458] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  698.093450][T16458] RSP: 002b:00007fdf2c3f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  698.093483][T16458] RAX: 0000000000000000 RBX: 00007fdf2e7b5fa0 RCX: 00007fdf2e58e969
[  698.093506][T16458] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[  698.093526][T16458] RBP: 00007fdf2e610ab1 R08: 0000000000000000 R09: 0000000000000000
[  698.093543][T16458] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  698.093560][T16458] R13: 0000000000000000 R14: 00007fdf2e7b5fa0 R15: 00007ffc38fbf428
[  698.093597][T16458]  </TASK>
[  698.571577][T16176] Bluetooth: hci5: command tx timeout
[  699.276384][T16482] FAULT_INJECTION: forcing a failure.
[  699.276384][T16482] name failslab, interval 1, probability 0, space 0, times 0
[  699.298735][T16482] CPU: 0 UID: 0 PID: 16482 Comm: syz.5.3721 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  699.298782][T16482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  699.298802][T16482] Call Trace:
[  699.298814][T16482]  <TASK>
[  699.298827][T16482]  dump_stack_lvl+0x16c/0x1f0
[  699.298878][T16482]  should_fail_ex+0x512/0x640
[  699.298934][T16482]  should_failslab+0xc2/0x120
[  699.298980][T16482]  __kmalloc_cache_noprof+0x6a/0x3e0
[  699.299022][T16482]  ? sctp_add_bind_addr+0xae/0x3f0
[  699.299072][T16482]  sctp_add_bind_addr+0xae/0x3f0
[  699.299119][T16482]  sctp_copy_local_addr_list+0x39d/0x5a0
[  699.299176][T16482]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  699.299236][T16482]  ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360
[  699.299295][T16482]  ? sctp_bind_addr_copy+0x331/0x530
[  699.299350][T16482]  sctp_bind_addr_copy+0x331/0x530
[  699.299405][T16482]  sctp_connect_new_asoc+0x1d7/0x790
[  699.299447][T16482]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  699.299488][T16482]  ? sctp_get_af_specific+0x62/0x70
[  699.299536][T16482]  ? sctp_sockaddr_af+0x2a3/0x340
[  699.299584][T16482]  __sctp_connect+0x3f3/0xc60
[  699.299627][T16482]  ? __pfx___sctp_connect+0x10/0x10
[  699.299660][T16482]  ? __might_fault+0x13b/0x190
[  699.299714][T16482]  __sctp_setsockopt_connectx+0xfc/0x170
[  699.299755][T16482]  sctp_getsockopt+0x29d6/0x6b10
[  699.299790][T16482]  ? __pfx_aa_label_sk_perm+0x10/0x10
[  699.299836][T16482]  ? __pfx_sctp_getsockopt+0x10/0x10
[  699.299871][T16482]  ? __pfx___futex_wait+0x10/0x10
[  699.299931][T16482]  ? __pfx___might_resched+0x10/0x10
[  699.299990][T16482]  ? find_held_lock+0x2b/0x80
[  699.300033][T16482]  ? __might_fault+0xe3/0x190
[  699.300071][T16482]  ? __might_fault+0xe3/0x190
[  699.300108][T16482]  ? __might_fault+0x13b/0x190
[  699.300155][T16482]  ? sock_common_getsockopt+0x21/0xb0
[  699.300205][T16482]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  699.300258][T16482]  do_sock_getsockopt+0x3fc/0x800
[  699.300293][T16482]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  699.300336][T16482]  ? __fget_files+0x204/0x3c0
[  699.300396][T16482]  __sys_getsockopt+0x123/0x1b0
[  699.300451][T16482]  __x64_sys_getsockopt+0xbd/0x160
[  699.300492][T16482]  ? do_syscall_64+0x91/0x490
[  699.300537][T16482]  ? lockdep_hardirqs_on+0x7c/0x110
[  699.300578][T16482]  do_syscall_64+0xcd/0x490
[  699.300625][T16482]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  699.300657][T16482] RIP: 0033:0x7f23e2b8e969
[  699.300683][T16482] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  699.300715][T16482] RSP: 002b:00007f23e3a30038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  699.300746][T16482] RAX: ffffffffffffffda RBX: 00007f23e2db5fa0 RCX: 00007f23e2b8e969
[  699.300768][T16482] RDX: 000000000000006f RSI: 0000000000000084 RDI: 0000000000000003
[  699.300788][T16482] RBP: 00007f23e2c10ab1 R08: 0000200000000000 R09: 0000000000000000
[  699.300809][T16482] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  699.300828][T16482] R13: 0000000000000000 R14: 00007f23e2db5fa0 R15: 00007ffd9bc2d858
[  699.300869][T16482]  </TASK>
[  700.093249][T16490] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed
[  700.149476][T16490] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff)
[  700.475178][T16495] netlink: 186 bytes leftover after parsing attributes in process `syz.3.3725'.
[  700.650044][T16176] Bluetooth: hci5: command tx timeout
[  702.081266][T16523] FAULT_INJECTION: forcing a failure.
[  702.081266][T16523] name fail_futex, interval 1, probability 0, space 0, times 0
[  702.099429][T16523] CPU: 0 UID: 0 PID: 16523 Comm: syz.2.3734 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  702.099476][T16523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  702.099498][T16523] Call Trace:
[  702.099509][T16523]  <TASK>
[  702.099523][T16523]  dump_stack_lvl+0x16c/0x1f0
[  702.099571][T16523]  should_fail_ex+0x512/0x640
[  702.099629][T16523]  get_futex_key+0x293/0x1540
[  702.099687][T16523]  ? __pfx_get_futex_key+0x10/0x10
[  702.099740][T16523]  ? __mutex_trylock_common+0xe9/0x250
[  702.099781][T16523]  futex_wake+0xea/0x530
[  702.099811][T16523]  ? __pfx_futex_wake+0x10/0x10
[  702.099835][T16523]  ? __lock_acquire+0xb8a/0x1c90
[  702.099872][T16523]  do_futex+0x1e3/0x350
[  702.099894][T16523]  ? __pfx_do_futex+0x10/0x10
[  702.099914][T16523]  ? __might_fault+0xe3/0x190
[  702.099950][T16523]  mm_release+0x24e/0x300
[  702.099986][T16523]  do_exit+0x683/0x2bd0
[  702.100017][T16523]  ? __pfx_do_exit+0x10/0x10
[  702.100040][T16523]  ? do_raw_spin_lock+0x12c/0x2b0
[  702.100079][T16523]  ? find_held_lock+0x2b/0x80
[  702.100117][T16523]  do_group_exit+0xd3/0x2a0
[  702.100145][T16523]  get_signal+0x2673/0x26d0
[  702.100187][T16523]  ? snd_mixer_oss_ioctl_card+0x109/0x170
[  702.100226][T16523]  ? __pfx_get_signal+0x10/0x10
[  702.100262][T16523]  ? do_futex+0x122/0x350
[  702.100284][T16523]  ? __pfx_do_futex+0x10/0x10
[  702.100311][T16523]  arch_do_signal_or_restart+0x8f/0x790
[  702.100349][T16523]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  702.100401][T16523]  exit_to_user_mode_loop+0x84/0x110
[  702.100432][T16523]  do_syscall_64+0x3f6/0x490
[  702.100467][T16523]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  702.100491][T16523] RIP: 0033:0x7fdf2e58e969
[  702.100509][T16523] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  702.100532][T16523] RSP: 002b:00007fdf2c3d50e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  702.100555][T16523] RAX: fffffffffffffe00 RBX: 00007fdf2e7b6088 RCX: 00007fdf2e58e969
[  702.100570][T16523] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fdf2e7b6088
[  702.100584][T16523] RBP: 00007fdf2e7b6080 R08: 0000000000000000 R09: 0000000000000000
[  702.100598][T16523] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fdf2e7b608c
[  702.100613][T16523] R13: 0000000000000000 R14: 00007ffc38fbf340 R15: 00007ffc38fbf428
[  702.100641][T16523]  </TASK>
[  702.742416][T16176] Bluetooth: hci5: command tx timeout
[  704.067576][T16557] netlink: 25 bytes leftover after parsing attributes in process `syz.3.3744'.
[  704.129519][T16561] netlink: 'syz.2.3745': attribute type 5 has an invalid length.
[  704.140554][T16561] netlink: 'syz.2.3745': attribute type 1 has an invalid length.
[  704.150433][T16561] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3745'.
[  704.180468][T16561] netlink: 'syz.2.3745': attribute type 5 has an invalid length.
[  704.221068][T16557] ima: policy update failed
[  704.229287][T16561] netlink: 'syz.2.3745': attribute type 1 has an invalid length.
[  704.250778][   T30] audit: type=1802 audit(6043758147.771:17): pid=16557 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.3744" res=0 errno=0
[  704.288146][T16561] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3745'.
[  704.773463][T16568] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3748'.
[  706.885320][T16581] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  707.356660][T16587] FAULT_INJECTION: forcing a failure.
[  707.356660][T16587] name failslab, interval 1, probability 0, space 0, times 0
[  707.375211][T16587] CPU: 1 UID: 0 PID: 16587 Comm: syz.5.3756 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  707.375261][T16587] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  707.375284][T16587] Call Trace:
[  707.375297][T16587]  <TASK>
[  707.375311][T16587]  dump_stack_lvl+0x16c/0x1f0
[  707.375366][T16587]  should_fail_ex+0x512/0x640
[  707.375422][T16587]  ? __kmalloc_noprof+0xbf/0x510
[  707.375471][T16587]  ? vkms_crtc_atomic_check+0x3c5/0x880
[  707.375515][T16587]  should_failslab+0xc2/0x120
[  707.375564][T16587]  __kmalloc_noprof+0xd2/0x510
[  707.375609][T16587]  ? drm_atomic_add_affected_planes+0x32b/0x3f0
[  707.375662][T16587]  vkms_crtc_atomic_check+0x3c5/0x880
[  707.375719][T16587]  ? __pfx_vkms_crtc_atomic_check+0x10/0x10
[  707.375763][T16587]  drm_atomic_helper_check_planes+0x4dd/0x900
[  707.375845][T16587]  drm_atomic_helper_check+0xae/0x190
[  707.375907][T16587]  vkms_atomic_check+0x1d9/0x250
[  707.375945][T16587]  ? __pfx_vkms_atomic_check+0x10/0x10
[  707.375986][T16587]  drm_atomic_check_only+0x19ca/0x3130
[  707.376050][T16587]  drm_atomic_commit+0x136/0x300
[  707.376089][T16587]  ? __pfx_drm_atomic_commit+0x10/0x10
[  707.376129][T16587]  ? __pfx___drm_printfn_info+0x10/0x10
[  707.376184][T16587]  ? drm_client_rotation+0x4da/0x6a0
[  707.376230][T16587]  drm_client_modeset_commit_atomic+0x69d/0x7e0
[  707.376287][T16587]  ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10
[  707.376374][T16587]  drm_client_modeset_commit_locked+0x14d/0x580
[  707.376424][T16587]  drm_client_modeset_commit+0x4f/0x80
[  707.376466][T16587]  __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200
[  707.376506][T16587]  ? __pfx_drm_fbdev_client_restore+0x10/0x10
[  707.376560][T16587]  drm_fbdev_client_restore+0x2c/0x40
[  707.376610][T16587]  drm_client_dev_restore+0x1f3/0x2a0
[  707.376657][T16587]  drm_release+0x2c4/0x360
[  707.376697][T16587]  ? __pfx_drm_release+0x10/0x10
[  707.376732][T16587]  __fput+0x3ff/0xb70
[  707.376802][T16587]  task_work_run+0x150/0x240
[  707.376849][T16587]  ? __pfx_task_work_run+0x10/0x10
[  707.376895][T16587]  ? __pfx___do_sys_close_range+0x10/0x10
[  707.376949][T16587]  exit_to_user_mode_loop+0xeb/0x110
[  707.376997][T16587]  do_syscall_64+0x3f6/0x490
[  707.377048][T16587]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  707.377083][T16587] RIP: 0033:0x7f23e2b8e969
[  707.377110][T16587] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  707.377144][T16587] RSP: 002b:00007f23e3a30038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  707.377176][T16587] RAX: 0000000000000000 RBX: 00007f23e2db5fa0 RCX: 00007f23e2b8e969
[  707.377198][T16587] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[  707.377219][T16587] RBP: 00007f23e2c10ab1 R08: 0000000000000000 R09: 0000000000000000
[  707.377240][T16587] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  707.377260][T16587] R13: 0000000000000000 R14: 00007f23e2db5fa0 R15: 00007ffd9bc2d858
[  707.377303][T16587]  </TASK>
[  707.730329][    C1] vcan0: j1939_tp_rxtimer: 0xffff88807e911400: rx timeout, send abort
[  708.133095][T16589] [U] 
[  708.136765][T16589] [U] 
[  708.140067][T16589] [U] 
[  708.143353][T16589] [U] 
[  708.200237][T16589] [U] 
[  708.203552][T16589] [U] 
[  708.206857][T16589] [U] 
[  708.210122][T16589] [U] 
[  708.240229][    C1] vcan0: j1939_tp_rxtimer: 0xffff88807e911400: abort rx timeout. Force session deactivation
[  708.243280][T16589] [U] 
[  708.255690][T16589] [U] 
[  708.258974][T16589] [U] 
[  708.262264][T16589] [U] 
[  708.362932][T16594] [U] 
[  712.749672][T16658] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3774'.
[  712.896238][T16658] mac80211_hwsim hwsim3 wlan1: entered allmulticast mode
[  713.171744][T16665] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3778'.
[  713.239634][T16665] netlink: 25 bytes leftover after parsing attributes in process `syz.2.3778'.
[  713.482624][T16669] netlink: 346 bytes leftover after parsing attributes in process `syz.1.3777'.
[  714.374807][T16689] sp0: Synchronizing with TNC
[  715.776701][T16718] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3792'.
[  715.789870][T16718] netlink: 'syz.5.3792': attribute type 1 has an invalid length.
[  715.799879][T16718] netlink: 13 bytes leftover after parsing attributes in process `syz.5.3792'.
[  717.060684][T16176] Bluetooth: hci3: unexpected event 0x3e length: 728 > 260
[  717.060730][T16176] Bluetooth: hci3: unexpected subevent 0x0c length: 727 > 5
[  717.300811][T16747] netlink: 25 bytes leftover after parsing attributes in process `syz.1.3803'.
[  718.830495][T16775] netlink: 'syz.5.3809': attribute type 10 has an invalid length.
[  718.859201][T16775] netlink: 230 bytes leftover after parsing attributes in process `syz.5.3809'.
[  718.961080][T16775] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  719.815863][T16786] netlink: 226 bytes leftover after parsing attributes in process `syz.1.3813'.
[  719.877516][T16786] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3813'.
[  720.226226][T16801] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3817'.
[  720.703737][T16813] : Can't lookup blockdev
[  721.845775][T16798] kexec: Could not allocate control_code_buffer
[  721.959880][T16822] delete_channel: no stack
[  721.966660][T16821] FAULT_INJECTION: forcing a failure.
[  721.966660][T16821] name fail_futex, interval 1, probability 0, space 0, times 0
[  721.983329][T16821] CPU: 1 UID: 0 PID: 16821 Comm: syz.3.3823 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  721.983380][T16821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  721.983403][T16821] Call Trace:
[  721.983420][T16821]  <TASK>
[  721.983434][T16821]  dump_stack_lvl+0x16c/0x1f0
[  721.983491][T16821]  should_fail_ex+0x512/0x640
[  721.983553][T16821]  get_futex_key+0x1d0/0x1540
[  721.983615][T16821]  ? __pfx_get_futex_key+0x10/0x10
[  721.983684][T16821]  futex_wait_setup+0x9d/0x550
[  721.983739][T16821]  __futex_wait+0x194/0x2f0
[  721.983782][T16821]  ? __pfx___futex_wait+0x10/0x10
[  721.983831][T16821]  ? __pfx_futex_wake_mark+0x10/0x10
[  721.983897][T16821]  futex_wait+0xe8/0x380
[  721.983938][T16821]  ? __pfx_futex_wait+0x10/0x10
[  721.983990][T16821]  ? read_tsc+0x9/0x20
[  721.984038][T16821]  ? ktime_get_ts64+0x256/0x400
[  721.984080][T16821]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  721.984132][T16821]  do_futex+0x229/0x350
[  721.984167][T16821]  ? __pfx_do_futex+0x10/0x10
[  721.984212][T16821]  __x64_sys_futex+0x1e0/0x4c0
[  721.984253][T16821]  ? __pfx___x64_sys_futex+0x10/0x10
[  721.984303][T16821]  do_syscall_64+0xcd/0x490
[  721.984356][T16821]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  721.984391][T16821] RIP: 0033:0x7fd78b18e969
[  721.984419][T16821] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  721.984456][T16821] RSP: 002b:00007fd78bfd50e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  721.984490][T16821] RAX: ffffffffffffffda RBX: 00007fd78b3b5fa8 RCX: 00007fd78b18e969
[  721.984513][T16821] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fd78b3b5fa8
[  721.984534][T16821] RBP: 00007fd78b3b5fa0 R08: 0000000000000000 R09: 0000000000000000
[  721.984555][T16821] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd78b3b5fac
[  721.984577][T16821] R13: 0000000000000000 R14: 00007ffcab600e40 R15: 00007ffcab600f28
[  721.984619][T16821]  </TASK>
[  722.539936][T16831] FAULT_INJECTION: forcing a failure.
[  722.539936][T16831] name fail_futex, interval 1, probability 0, space 0, times 0
[  722.614513][T16831] CPU: 1 UID: 0 PID: 16831 Comm: syz.5.3826 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  722.614562][T16831] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  722.614583][T16831] Call Trace:
[  722.614595][T16831]  <TASK>
[  722.614608][T16831]  dump_stack_lvl+0x16c/0x1f0
[  722.614660][T16831]  should_fail_ex+0x512/0x640
[  722.614719][T16831]  get_futex_key+0x1d0/0x1540
[  722.614781][T16831]  ? __pfx_get_futex_key+0x10/0x10
[  722.614850][T16831]  futex_wake+0xea/0x530
[  722.614891][T16831]  ? rcu_is_watching+0x12/0xc0
[  722.614943][T16831]  ? __pfx_futex_wake+0x10/0x10
[  722.614987][T16831]  ? kmem_cache_free+0x2d1/0x4d0
[  722.615029][T16831]  ? fd_install+0x225/0x750
[  722.615065][T16831]  ? putname+0x154/0x1a0
[  722.615122][T16831]  do_futex+0x1e3/0x350
[  722.615156][T16831]  ? __pfx_do_futex+0x10/0x10
[  722.615201][T16831]  __x64_sys_futex+0x1e0/0x4c0
[  722.615248][T16831]  ? __x64_sys_openat+0x174/0x210
[  722.615282][T16831]  ? __pfx___x64_sys_futex+0x10/0x10
[  722.615317][T16831]  ? xfd_validate_state+0x61/0x180
[  722.615367][T16831]  do_syscall_64+0xcd/0x490
[  722.615419][T16831]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  722.615455][T16831] RIP: 0033:0x7f23e2b8e969
[  722.615481][T16831] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  722.615518][T16831] RSP: 002b:00007f23e3a0f0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  722.615551][T16831] RAX: ffffffffffffffda RBX: 00007f23e2db6088 RCX: 00007f23e2b8e969
[  722.615574][T16831] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f23e2db608c
[  722.615596][T16831] RBP: 00007f23e2db6080 R08: 00007f23e3a31000 R09: 0000000000000000
[  722.615617][T16831] R10: 0000000000000006 R11: 0000000000000246 R12: 00007f23e2db608c
[  722.615638][T16831] R13: 0000000000000000 R14: 00007ffd9bc2d770 R15: 00007ffd9bc2d858
[  722.615681][T16831]  </TASK>
[  723.509151][T16846] sp0: Synchronizing with TNC
[  724.047884][T16857] netlink: 306 bytes leftover after parsing attributes in process `syz.1.3834'.
[  725.976504][T16876] FAULT_INJECTION: forcing a failure.
[  725.976504][T16876] name failslab, interval 1, probability 0, space 0, times 0
[  725.992416][T16876] CPU: 1 UID: 0 PID: 16876 Comm: syz.5.3838 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  725.992465][T16876] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  725.992488][T16876] Call Trace:
[  725.992500][T16876]  <TASK>
[  725.992514][T16876]  dump_stack_lvl+0x16c/0x1f0
[  725.992568][T16876]  should_fail_ex+0x512/0x640
[  725.992622][T16876]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  725.992667][T16876]  should_failslab+0xc2/0x120
[  725.992716][T16876]  __kmalloc_cache_noprof+0x6a/0x3e0
[  725.992758][T16876]  ? resv_map_alloc+0x7e/0x400
[  725.992806][T16876]  ? kasan_save_track+0x14/0x30
[  725.992852][T16876]  resv_map_alloc+0x7e/0x400
[  725.992999][T16876]  hugetlb_reserve_pages+0x799/0xe10
[  725.993052][T16876]  ? __pfx_hugetlb_reserve_pages+0x10/0x10
[  725.993090][T16876]  ? atime_needs_update+0x8b/0x710
[  725.993161][T16876]  hugetlbfs_file_mmap+0x4a1/0x730
[  725.993225][T16876]  __mmap_region+0x1292/0x25e0
[  725.993277][T16876]  ? __pfx___mmap_region+0x10/0x10
[  725.993336][T16876]  ? is_bpf_text_address+0x94/0x1a0
[  725.993379][T16876]  ? kernel_text_address+0x8d/0x100
[  725.993431][T16876]  ? __kernel_text_address+0xd/0x40
[  725.993475][T16876]  ? unwind_get_return_address+0x59/0xa0
[  725.993522][T16876]  ? arch_stack_walk+0xa6/0x100
[  725.993588][T16876]  ? __pfx_stack_trace_save+0x10/0x10
[  725.993639][T16876]  ? stack_depot_save_flags+0x28/0xa40
[  725.993746][T16876]  ? trace_cap_capable+0x18d/0x200
[  725.993800][T16876]  mmap_region+0x1ab/0x3f0
[  725.993844][T16876]  ? __get_unmapped_area+0x267/0x440
[  725.993906][T16876]  do_mmap+0xa3e/0x1210
[  725.993962][T16876]  ? __pfx_do_mmap+0x10/0x10
[  725.993996][T16876]  ? __pfx_down_write_killable+0x10/0x10
[  725.994061][T16876]  vm_mmap_pgoff+0x281/0x450
[  725.994123][T16876]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  725.994172][T16876]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  725.994231][T16876]  ? hugetlbfs_get_inode+0x31f/0x730
[  725.994301][T16876]  ksys_mmap_pgoff+0x1c8/0x5c0
[  725.994365][T16876]  __x64_sys_mmap+0x125/0x190
[  725.994407][T16876]  do_syscall_64+0xcd/0x490
[  725.994461][T16876]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  725.994495][T16876] RIP: 0033:0x7f23e2b8e969
[  725.994525][T16876] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  725.994557][T16876] RSP: 002b:00007f23e3a30038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  725.994591][T16876] RAX: ffffffffffffffda RBX: 00007f23e2db5fa0 RCX: 00007f23e2b8e969
[  725.994614][T16876] RDX: 0000000000000002 RSI: 0000000000000009 RDI: 0000000000000000
[  725.994635][T16876] RBP: 00007f23e2c10ab1 R08: 0000000000000401 R09: 0000300000000000
[  725.994657][T16876] R10: 0000000000040eb2 R11: 0000000000000246 R12: 0000000000000000
[  725.994679][T16876] R13: 0000000000000000 R14: 00007f23e2db5fa0 R15: 00007ffd9bc2d858
[  725.994722][T16876]  </TASK>
[  726.960598][T16892] FAULT_INJECTION: forcing a failure.
[  726.960598][T16892] name failslab, interval 1, probability 0, space 0, times 0
[  727.120371][T16892] CPU: 0 UID: 0 PID: 16892 Comm: syz.1.3843 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  727.120424][T16892] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  727.120446][T16892] Call Trace:
[  727.120459][T16892]  <TASK>
[  727.120475][T16892]  dump_stack_lvl+0x16c/0x1f0
[  727.120533][T16892]  should_fail_ex+0x512/0x640
[  727.120592][T16892]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  727.120641][T16892]  should_failslab+0xc2/0x120
[  727.120694][T16892]  __kmalloc_cache_noprof+0x6a/0x3e0
[  727.120737][T16892]  ? drm_atomic_helper_connector_duplicate_state+0x70/0xd0
[  727.120793][T16892]  drm_atomic_helper_connector_duplicate_state+0x70/0xd0
[  727.120841][T16892]  drm_atomic_get_connector_state+0x38b/0x740
[  727.120905][T16892]  drm_atomic_add_affected_connectors+0x2e0/0x3f0
[  727.120955][T16892]  ? __pfx_drm_atomic_add_affected_connectors+0x10/0x10
[  727.120998][T16892]  ? ww_mutex_lock+0x37/0x160
[  727.121051][T16892]  ? modeset_lock+0x114/0x6e0
[  727.121116][T16892]  __drm_atomic_helper_set_config+0x5ef/0xea0
[  727.121168][T16892]  ? __pfx___drm_atomic_helper_set_config+0x10/0x10
[  727.121220][T16892]  ? drm_client_rotation+0x4da/0x6a0
[  727.121268][T16892]  drm_client_modeset_commit_atomic+0x53d/0x7e0
[  727.121333][T16892]  ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10
[  727.121426][T16892]  drm_client_modeset_commit_locked+0x14d/0x580
[  727.121480][T16892]  drm_client_modeset_commit+0x4f/0x80
[  727.121526][T16892]  __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200
[  727.121565][T16892]  ? __pfx_drm_fbdev_client_restore+0x10/0x10
[  727.121618][T16892]  drm_fbdev_client_restore+0x2c/0x40
[  727.121657][T16892]  drm_client_dev_restore+0x1f3/0x2a0
[  727.121694][T16892]  drm_release+0x2c4/0x360
[  727.121728][T16892]  ? __pfx_drm_release+0x10/0x10
[  727.121756][T16892]  __fput+0x3ff/0xb70
[  727.121808][T16892]  task_work_run+0x150/0x240
[  727.121847][T16892]  ? __pfx_task_work_run+0x10/0x10
[  727.121896][T16892]  ? __pfx___do_sys_close_range+0x10/0x10
[  727.121944][T16892]  exit_to_user_mode_loop+0xeb/0x110
[  727.121984][T16892]  do_syscall_64+0x3f6/0x490
[  727.122031][T16892]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  727.122064][T16892] RIP: 0033:0x7f1d4d18e969
[  727.122089][T16892] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  727.122119][T16892] RSP: 002b:00007f1d4e027038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  727.122147][T16892] RAX: 0000000000000000 RBX: 00007f1d4d3b5fa0 RCX: 00007f1d4d18e969
[  727.122167][T16892] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[  727.122185][T16892] RBP: 00007f1d4d210ab1 R08: 0000000000000000 R09: 0000000000000000
[  727.122204][T16892] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  727.122223][T16892] R13: 0000000000000000 R14: 00007f1d4d3b5fa0 R15: 00007ffed0ef9168
[  727.122265][T16892]  </TASK>
[  727.967839][T16902] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3852'.
[  728.068485][T16902] netlink: 13 bytes leftover after parsing attributes in process `syz.5.3852'.
[  728.893840][T16915] vivid-002: =================  START STATUS  =================
[  728.904737][T16915] vivid-002: ==================  END STATUS  ==================
[  729.169841][T16919] netlink: 354 bytes leftover after parsing attributes in process `syz.1.3850'.
[  729.837638][T16931] FAULT_INJECTION: forcing a failure.
[  729.837638][T16931] name failslab, interval 1, probability 0, space 0, times 0
[  729.854535][T16931] CPU: 0 UID: 0 PID: 16931 Comm: syz.5.3855 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  729.854586][T16931] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  729.854607][T16931] Call Trace:
[  729.854618][T16931]  <TASK>
[  729.854631][T16931]  dump_stack_lvl+0x16c/0x1f0
[  729.854683][T16931]  should_fail_ex+0x512/0x640
[  729.854736][T16931]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  729.854785][T16931]  should_failslab+0xc2/0x120
[  729.854833][T16931]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  729.854875][T16931]  ? __proc_create+0xc3/0x8c0
[  729.854922][T16931]  ? __proc_create+0x2ce/0x8c0
[  729.854972][T16931]  __proc_create+0x2ce/0x8c0
[  729.855020][T16931]  ? __pfx___proc_create+0x10/0x10
[  729.855062][T16931]  ? _raw_write_unlock+0x28/0x50
[  729.855099][T16931]  ? proc_register+0x314/0x5f0
[  729.855153][T16931]  _proc_mkdir+0xb9/0x200
[  729.855203][T16931]  ? __pfx__proc_mkdir+0x10/0x10
[  729.855249][T16931]  ? kmem_cache_alloc_noprof+0x21e/0x3b0
[  729.855302][T16931]  ? __pfx_netfilter_net_init+0x10/0x10
[  729.855366][T16931]  netfilter_net_init+0x37b/0x4b0
[  729.855415][T16931]  ? sysctl_net_init+0x27/0x30
[  729.855467][T16931]  ops_init+0x1e2/0x5f0
[  729.855520][T16931]  setup_net+0x1ff/0x510
[  729.855567][T16931]  ? lockdep_init_map_type+0x5c/0x280
[  729.855606][T16931]  ? __pfx_setup_net+0x10/0x10
[  729.855659][T16931]  ? debug_mutex_init+0x37/0x70
[  729.855709][T16931]  copy_net_ns+0x2a6/0x5f0
[  729.855743][T16931]  create_new_namespaces+0x3ea/0xa90
[  729.855806][T16931]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  729.855865][T16931]  ksys_unshare+0x45b/0xa40
[  729.855903][T16931]  ? __pfx_ksys_unshare+0x10/0x10
[  729.855941][T16931]  ? xfd_validate_state+0x61/0x180
[  729.855991][T16931]  __x64_sys_unshare+0x31/0x40
[  729.856027][T16931]  do_syscall_64+0xcd/0x490
[  729.856079][T16931]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  729.856113][T16931] RIP: 0033:0x7f23e2b8e969
[  729.856141][T16931] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  729.856175][T16931] RSP: 002b:00007f23e3a30038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  729.856209][T16931] RAX: ffffffffffffffda RBX: 00007f23e2db5fa0 RCX: 00007f23e2b8e969
[  729.856233][T16931] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  729.856255][T16931] RBP: 00007f23e2c10ab1 R08: 0000000000000000 R09: 0000000000000000
[  729.856277][T16931] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  729.856298][T16931] R13: 0000000000000000 R14: 00007f23e2db5fa0 R15: 00007ffd9bc2d858
[  729.856351][T16931]  </TASK>
[  729.858616][T16931] cannot create netfilter proc entry
[  730.392917][T16938] FAULT_INJECTION: forcing a failure.
[  730.392917][T16938] name failslab, interval 1, probability 0, space 0, times 0
[  730.421720][T16938] CPU: 0 UID: 0 PID: 16938 Comm: syz.3.3858 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  730.421768][T16938] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  730.421789][T16938] Call Trace:
[  730.421801][T16938]  <TASK>
[  730.421814][T16938]  dump_stack_lvl+0x16c/0x1f0
[  730.421867][T16938]  should_fail_ex+0x512/0x640
[  730.421926][T16938]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  730.421972][T16938]  should_failslab+0xc2/0x120
[  730.422021][T16938]  __kmalloc_cache_noprof+0x6a/0x3e0
[  730.422061][T16938]  ? alloc_ucounts+0x13d/0x440
[  730.422097][T16938]  alloc_ucounts+0x13d/0x440
[  730.422129][T16938]  ? __pfx_alloc_ucounts+0x10/0x10
[  730.422172][T16938]  set_cred_ucounts+0xcd/0x200
[  730.422226][T16938]  __sys_setuid+0x2b6/0x440
[  730.422277][T16938]  do_syscall_64+0xcd/0x490
[  730.422328][T16938]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  730.422364][T16938] RIP: 0033:0x7fd78b18e969
[  730.422391][T16938] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  730.422426][T16938] RSP: 002b:00007fd78bfd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000069
[  730.422459][T16938] RAX: ffffffffffffffda RBX: 00007fd78b3b5fa0 RCX: 00007fd78b18e969
[  730.422483][T16938] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000e
[  730.422504][T16938] RBP: 00007fd78b210ab1 R08: 0000000000000000 R09: 0000000000000000
[  730.422525][T16938] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  730.422545][T16938] R13: 0000000000000000 R14: 00007fd78b3b5fa0 R15: 00007ffcab600f28
[  730.422585][T16938]  </TASK>
[  731.588481][T16961] FAULT_INJECTION: forcing a failure.
[  731.588481][T16961] name failslab, interval 1, probability 0, space 0, times 0
[  731.616520][T16961] CPU: 0 UID: 0 PID: 16961 Comm: syz.5.3866 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  731.616571][T16961] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  731.616595][T16961] Call Trace:
[  731.616608][T16961]  <TASK>
[  731.616623][T16961]  dump_stack_lvl+0x16c/0x1f0
[  731.616678][T16961]  should_fail_ex+0x512/0x640
[  731.616733][T16961]  ? __kvmalloc_node_noprof+0x122/0x620
[  731.616782][T16961]  should_failslab+0xc2/0x120
[  731.616833][T16961]  __kvmalloc_node_noprof+0x135/0x620
[  731.616874][T16961]  ? rcu_is_watching+0x12/0xc0
[  731.616925][T16961]  ? trace_contention_end+0xdd/0x130
[  731.616963][T16961]  ? alloc_netdev_mqs+0xd2/0x1570
[  731.617020][T16961]  ? __pfx_ipgre_tap_setup+0x10/0x10
[  731.617071][T16961]  ? alloc_netdev_mqs+0xd2/0x1570
[  731.617162][T16961]  alloc_netdev_mqs+0xd2/0x1570
[  731.617225][T16961]  __ip_tunnel_create+0x3ad/0x6e0
[  731.617264][T16961]  ? __pfx___ip_tunnel_create+0x10/0x10
[  731.617312][T16961]  ip_tunnel_init_net+0x22f/0x7d0
[  731.617355][T16961]  ? __pfx_ip_tunnel_init_net+0x10/0x10
[  731.617402][T16961]  ? trace_kmalloc+0x2b/0xd0
[  731.617452][T16961]  ? __kmalloc_noprof+0x242/0x510
[  731.617495][T16961]  ? lockdep_init_map_type+0x5c/0x280
[  731.617545][T16961]  ? __pfx_ipgre_tap_init_net+0x10/0x10
[  731.617599][T16961]  ops_init+0x1e2/0x5f0
[  731.617655][T16961]  setup_net+0x1ff/0x510
[  731.617705][T16961]  ? lockdep_init_map_type+0x5c/0x280
[  731.617745][T16961]  ? __pfx_setup_net+0x10/0x10
[  731.617799][T16961]  ? debug_mutex_init+0x37/0x70
[  731.617853][T16961]  copy_net_ns+0x2a6/0x5f0
[  731.617889][T16961]  create_new_namespaces+0x3ea/0xa90
[  731.617952][T16961]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  731.618011][T16961]  ksys_unshare+0x45b/0xa40
[  731.618048][T16961]  ? __pfx_ksys_unshare+0x10/0x10
[  731.618087][T16961]  ? xfd_validate_state+0x61/0x180
[  731.618171][T16961]  __x64_sys_unshare+0x31/0x40
[  731.618208][T16961]  do_syscall_64+0xcd/0x490
[  731.618261][T16961]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  731.618296][T16961] RIP: 0033:0x7f23e2b8e969
[  731.618326][T16961] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  731.618362][T16961] RSP: 002b:00007f23e3a30038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  731.618395][T16961] RAX: ffffffffffffffda RBX: 00007f23e2db5fa0 RCX: 00007f23e2b8e969
[  731.618418][T16961] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  731.618439][T16961] RBP: 00007f23e2c10ab1 R08: 0000000000000000 R09: 0000000000000000
[  731.618460][T16961] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  731.618480][T16961] R13: 0000000000000000 R14: 00007f23e2db5fa0 R15: 00007ffd9bc2d858
[  731.618525][T16961]  </TASK>
[  732.965358][T15129] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  732.981245][T15129] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  733.009276][T15129] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  733.024903][T15129] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  733.039549][T15129] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  733.795458][T16979] chnl_net:caif_netlink_parms(): no params data found
[  733.919613][T16979] bridge0: port 1(bridge_slave_0) entered blocking state
[  733.928857][T16979] bridge0: port 1(bridge_slave_0) entered disabled state
[  733.944770][T16979] bridge_slave_0: entered allmulticast mode
[  733.961500][T16979] bridge_slave_0: entered promiscuous mode
[  733.972496][T16979] bridge0: port 2(bridge_slave_1) entered blocking state
[  733.981205][T16979] bridge0: port 2(bridge_slave_1) entered disabled state
[  733.990670][T16979] bridge_slave_1: entered allmulticast mode
[  734.000669][T16979] bridge_slave_1: entered promiscuous mode
[  734.071178][T16979] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  734.088345][T16979] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  734.150976][T16979] team0: Port device team_slave_0 added
[  734.168847][T16979] team0: Port device team_slave_1 added
[  734.223534][T16979] batman_adv: batadv0: Adding interface: batadv_slave_0
[  734.233203][T16979] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  734.267748][T16979] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  734.292854][T16979] batman_adv: batadv0: Adding interface: batadv_slave_1
[  734.302022][T16979] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  734.337902][T16979] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  734.424535][T16979] hsr_slave_0: entered promiscuous mode
[  734.434882][T16979] hsr_slave_1: entered promiscuous mode
[  734.443578][T16979] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  734.453849][T16979] Cannot create hsr debugfs directory
[  734.774079][T16979] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  734.788151][T16979] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  734.803338][T16979] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  734.818426][T16979] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  734.980177][T16979] 8021q: adding VLAN 0 to HW filter on device bond0
[  735.018730][T16979] 8021q: adding VLAN 0 to HW filter on device team0
[  735.036343][T15687] bridge0: port 1(bridge_slave_0) entered blocking state
[  735.045025][T15687] bridge0: port 1(bridge_slave_0) entered forwarding state
[  735.105243][T15687] bridge0: port 2(bridge_slave_1) entered blocking state
[  735.113937][T15687] bridge0: port 2(bridge_slave_1) entered forwarding state
[  735.131847][T15129] Bluetooth: hci6: command tx timeout
[  735.486079][T16979] 8021q: adding VLAN 0 to HW filter on device batadv0
[  735.911082][T16979] veth0_vlan: entered promiscuous mode
[  735.929353][T16979] veth1_vlan: entered promiscuous mode
[  735.975809][T16979] veth0_macvtap: entered promiscuous mode
[  735.988812][T16979] veth1_macvtap: entered promiscuous mode
[  736.017030][T16979] batman_adv: batadv0: Interface activated: batadv_slave_0
[  736.036376][T16979] batman_adv: batadv0: Interface activated: batadv_slave_1
[  736.052694][T16979] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  736.063340][T16979] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  736.075599][T16979] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  736.086563][T16979] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  736.232434][T15197] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  736.250252][T15197] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  736.320973][T15687] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  736.338135][T15687] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  737.211002][T16176] Bluetooth: hci6: command tx timeout
[  737.383153][T17025] netlink: 25 bytes leftover after parsing attributes in process `syz.1.3875'.
[  737.966538][T17041] netlink: 354 bytes leftover after parsing attributes in process `syz.1.3885'.
[  738.450867][T17053] loop6: detected capacity change from 0 to 8192
[  739.291749][T15129] Bluetooth: hci6: command tx timeout
[  739.815646][T17079] serio: Serial port pty233
[  741.379662][T15129] Bluetooth: hci6: command tx timeout
[  741.993430][T17107] netlink: 13 bytes leftover after parsing attributes in process `syz.1.3912'.
[  742.685327][T17119] FAULT_INJECTION: forcing a failure.
[  742.685327][T17119] name failslab, interval 1, probability 0, space 0, times 0
[  742.725986][T17119] CPU: 1 UID: 0 PID: 17119 Comm: syz.1.3904 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  742.726038][T17119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  742.726062][T17119] Call Trace:
[  742.726074][T17119]  <TASK>
[  742.726089][T17119]  dump_stack_lvl+0x16c/0x1f0
[  742.726143][T17119]  should_fail_ex+0x512/0x640
[  742.726199][T17119]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  742.726256][T17119]  should_failslab+0xc2/0x120
[  742.726306][T17119]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  742.726352][T17119]  ? __proc_create+0xc3/0x8c0
[  742.726399][T17119]  ? __proc_create+0x2ce/0x8c0
[  742.726454][T17119]  __proc_create+0x2ce/0x8c0
[  742.726505][T17119]  ? __pfx___proc_create+0x10/0x10
[  742.726552][T17119]  ? _raw_write_unlock+0x28/0x50
[  742.726596][T17119]  ? proc_register+0x314/0x5f0
[  742.726661][T17119]  _proc_mkdir+0xb9/0x200
[  742.726711][T17119]  ? __pfx__proc_mkdir+0x10/0x10
[  742.726756][T17119]  ? kmem_cache_alloc_noprof+0x21e/0x3b0
[  742.726811][T17119]  ? __pfx_netfilter_net_init+0x10/0x10
[  742.726860][T17119]  netfilter_net_init+0x37b/0x4b0
[  742.726906][T17119]  ? sysctl_net_init+0x27/0x30
[  742.726956][T17119]  ops_init+0x1e2/0x5f0
[  742.727013][T17119]  setup_net+0x1ff/0x510
[  742.727062][T17119]  ? lockdep_init_map_type+0x5c/0x280
[  742.727101][T17119]  ? __pfx_setup_net+0x10/0x10
[  742.727156][T17119]  ? debug_mutex_init+0x37/0x70
[  742.727209][T17119]  copy_net_ns+0x2a6/0x5f0
[  742.727252][T17119]  create_new_namespaces+0x3ea/0xa90
[  742.727316][T17119]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  742.727375][T17119]  ksys_unshare+0x45b/0xa40
[  742.727413][T17119]  ? __pfx_ksys_unshare+0x10/0x10
[  742.727451][T17119]  ? xfd_validate_state+0x61/0x180
[  742.727499][T17119]  __x64_sys_unshare+0x31/0x40
[  742.727535][T17119]  do_syscall_64+0xcd/0x490
[  742.727587][T17119]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  742.727621][T17119] RIP: 0033:0x7f1d4d18e969
[  742.727649][T17119] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  742.727685][T17119] RSP: 002b:00007f1d4e027038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  742.727719][T17119] RAX: ffffffffffffffda RBX: 00007f1d4d3b5fa0 RCX: 00007f1d4d18e969
[  742.727743][T17119] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  742.727765][T17119] RBP: 00007f1d4d210ab1 R08: 0000000000000000 R09: 0000000000000000
[  742.727787][T17119] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  742.727809][T17119] R13: 0000000000000000 R14: 00007f1d4d3b5fa0 R15: 00007ffed0ef9168
[  742.727855][T17119]  </TASK>
[  743.043680][T17119] cannot create netfilter proc entry
[  745.241186][T15129] Bluetooth: hci2: unexpected event 0x03 length: 17 > 11
[  747.136747][T17184] FAULT_INJECTION: forcing a failure.
[  747.136747][T17184] name fail_futex, interval 1, probability 0, space 0, times 0
[  747.220536][T17184] CPU: 0 UID: 0 PID: 17184 Comm: syz.1.3922 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  747.220587][T17184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  747.220609][T17184] Call Trace:
[  747.220621][T17184]  <TASK>
[  747.220634][T17184]  dump_stack_lvl+0x16c/0x1f0
[  747.220686][T17184]  should_fail_ex+0x512/0x640
[  747.220748][T17184]  get_futex_key+0x1d0/0x1540
[  747.220816][T17184]  ? __pfx_get_futex_key+0x10/0x10
[  747.220869][T17184]  ? copy_vma_and_data+0x316/0x750
[  747.220919][T17184]  ? __pfx_copy_vma_and_data+0x10/0x10
[  747.220970][T17184]  futex_wait_setup+0x9d/0x550
[  747.221024][T17184]  __futex_wait+0x194/0x2f0
[  747.221068][T17184]  ? __pfx___futex_wait+0x10/0x10
[  747.221116][T17184]  ? __pfx_futex_wake_mark+0x10/0x10
[  747.221182][T17184]  futex_wait+0xe8/0x380
[  747.221223][T17184]  ? __pfx_futex_wait+0x10/0x10
[  747.221274][T17184]  ? __do_sys_mremap+0x5d4/0x1590
[  747.221319][T17184]  ? kasan_quarantine_put+0x10a/0x240
[  747.221370][T17184]  do_futex+0x229/0x350
[  747.221403][T17184]  ? __pfx_do_futex+0x10/0x10
[  747.221448][T17184]  __x64_sys_futex+0x1e0/0x4c0
[  747.221488][T17184]  ? __pfx___x64_sys_futex+0x10/0x10
[  747.221539][T17184]  do_syscall_64+0xcd/0x490
[  747.221591][T17184]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  747.221626][T17184] RIP: 0033:0x7f1d4d18e969
[  747.221653][T17184] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  747.221686][T17184] RSP: 002b:00007f1d4e0270e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  747.221719][T17184] RAX: ffffffffffffffda RBX: 00007f1d4d3b5fa8 RCX: 00007f1d4d18e969
[  747.221742][T17184] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f1d4d3b5fa8
[  747.221764][T17184] RBP: 00007f1d4d3b5fa0 R08: 0000000000000000 R09: 0000000000000000
[  747.221786][T17184] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f1d4d3b5fac
[  747.221818][T17184] R13: 0000000000000000 R14: 00007ffed0ef9080 R15: 00007ffed0ef9168
[  747.221862][T17184]  </TASK>
[  751.188262][T17256] FAULT_INJECTION: forcing a failure.
[  751.188262][T17256] name failslab, interval 1, probability 0, space 0, times 0
[  751.189678][T17258] netlink: 342 bytes leftover after parsing attributes in process `syz.5.3945'.
[  751.225820][T17256] CPU: 0 UID: 0 PID: 17256 Comm: syz.3.3944 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  751.225874][T17256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  751.225896][T17256] Call Trace:
[  751.225907][T17256]  <TASK>
[  751.225921][T17256]  dump_stack_lvl+0x16c/0x1f0
[  751.225974][T17256]  should_fail_ex+0x512/0x640
[  751.226027][T17256]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  751.226078][T17256]  should_failslab+0xc2/0x120
[  751.226126][T17256]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  751.226172][T17256]  ? __alloc_skb+0x2b2/0x380
[  751.226231][T17256]  __alloc_skb+0x2b2/0x380
[  751.226274][T17256]  ? __pfx___alloc_skb+0x10/0x10
[  751.226324][T17256]  ? netlink_has_listeners+0x20f/0x430
[  751.226383][T17256]  alloc_uevent_skb+0x7d/0x210
[  751.226442][T17256]  kobject_uevent_env+0xca4/0x1870
[  751.226484][T17256]  ? bus_to_subsys+0x131/0x160
[  751.226535][T17256]  device_add+0x10dd/0x1a70
[  751.226574][T17256]  ? __pfx_device_add+0x10/0x10
[  751.226610][T17256]  ? kfree+0x24f/0x4d0
[  751.226660][T17256]  device_create_groups_vargs+0x1f8/0x270
[  751.226707][T17256]  device_create+0xed/0x130
[  751.226747][T17256]  ? __pfx_device_create+0x10/0x10
[  751.226788][T17256]  ? do_init_timer+0xc9/0x110
[  751.226843][T17256]  ? ieee80211_roc_setup+0x136/0x270
[  751.226887][T17256]  ? ieee80211_alloc_hw_nm+0x231/0x2260
[  751.226949][T17256]  mac80211_hwsim_new_radio+0x369/0x54d0
[  751.227023][T17256]  ? __asan_memset+0x23/0x50
[  751.227063][T17256]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  751.227130][T17256]  hwsim_new_radio_nl+0xb51/0x12c0
[  751.227195][T17256]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  751.227262][T17256]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  751.227304][T17256]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  751.227354][T17256]  genl_family_rcv_msg_doit+0x206/0x2f0
[  751.227396][T17256]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  751.227435][T17256]  ? trace_cap_capable+0x18d/0x200
[  751.227482][T17256]  ? bpf_lsm_capable+0x9/0x10
[  751.227516][T17256]  ? security_capable+0x7e/0x260
[  751.227554][T17256]  ? ns_capable+0xd7/0x110
[  751.227605][T17256]  genl_rcv_msg+0x55c/0x800
[  751.227649][T17256]  ? __pfx_genl_rcv_msg+0x10/0x10
[  751.227687][T17256]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  751.227755][T17256]  netlink_rcv_skb+0x155/0x420
[  751.227786][T17256]  ? __pfx_genl_rcv_msg+0x10/0x10
[  751.227827][T17256]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  751.227877][T17256]  ? netlink_deliver_tap+0x1ae/0xd30
[  751.227936][T17256]  genl_rcv+0x28/0x40
[  751.227968][T17256]  netlink_unicast+0x53a/0x7f0
[  751.228027][T17256]  ? __pfx_netlink_unicast+0x10/0x10
[  751.228093][T17256]  netlink_sendmsg+0x8d1/0xdd0
[  751.228129][T17256]  ? __pfx_netlink_sendmsg+0x10/0x10
[  751.228202][T17256]  ____sys_sendmsg+0xa95/0xc70
[  751.228235][T17256]  ? copy_msghdr_from_user+0x10a/0x160
[  751.228277][T17256]  ? __pfx_____sys_sendmsg+0x10/0x10
[  751.228305][T17256]  ? preempt_schedule_thunk+0x16/0x30
[  751.228348][T17256]  ? try_to_wake_up+0xa2f/0x1680
[  751.228398][T17256]  ___sys_sendmsg+0x134/0x1d0
[  751.228444][T17256]  ? __pfx____sys_sendmsg+0x10/0x10
[  751.228486][T17256]  ? __lock_acquire+0x622/0x1c90
[  751.228570][T17256]  __sys_sendmsg+0x16d/0x220
[  751.228614][T17256]  ? __pfx___sys_sendmsg+0x10/0x10
[  751.228656][T17256]  ? __x64_sys_futex+0x1e0/0x4c0
[  751.228712][T17256]  do_syscall_64+0xcd/0x490
[  751.228761][T17256]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  751.228794][T17256] RIP: 0033:0x7fd78b18e969
[  751.228821][T17256] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  751.228856][T17256] RSP: 002b:00007fd78bfd5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  751.228886][T17256] RAX: ffffffffffffffda RBX: 00007fd78b3b5fa0 RCX: 00007fd78b18e969
[  751.228909][T17256] RDX: 0000000000018800 RSI: 0000200000000040 RDI: 0000000000000005
[  751.228930][T17256] RBP: 00007fd78b210ab1 R08: 0000000000000000 R09: 0000000000000000
[  751.228949][T17256] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  751.228969][T17256] R13: 0000000000000000 R14: 00007fd78b3b5fa0 R15: 00007ffcab600f28
[  751.229010][T17256]  </TASK>
[  751.310603][T17258] netlink: 274 bytes leftover after parsing attributes in process `syz.5.3945'.
[  752.597285][T17274] serio: Serial port pty233
[  753.681109][T17291] FAULT_INJECTION: forcing a failure.
[  753.681109][T17291] name failslab, interval 1, probability 0, space 0, times 0
[  753.740633][T17291] CPU: 1 UID: 0 PID: 17291 Comm: syz.3.3956 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  753.740681][T17291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  753.740704][T17291] Call Trace:
[  753.740715][T17291]  <TASK>
[  753.740729][T17291]  dump_stack_lvl+0x16c/0x1f0
[  753.740782][T17291]  should_fail_ex+0x512/0x640
[  753.740838][T17291]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  753.740890][T17291]  should_failslab+0xc2/0x120
[  753.740949][T17291]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  753.740997][T17291]  ? __d_alloc+0x31/0xaa0
[  753.741050][T17291]  __d_alloc+0x31/0xaa0
[  753.741101][T17291]  path_from_stashed+0x500/0xb00
[  753.741152][T17291]  ? __pfx_path_from_stashed+0x10/0x10
[  753.741198][T17291]  ? __pfx___might_resched+0x10/0x10
[  753.741257][T17291]  pidfs_register_pid+0x10b/0x1a0
[  753.741294][T17291]  ? __pfx_pidfs_register_pid+0x10/0x10
[  753.741332][T17291]  ? do_raw_spin_unlock+0x172/0x230
[  753.741381][T17291]  unix_socketpair+0x126/0x860
[  753.741424][T17291]  ? bpf_lsm_socket_post_create+0x9/0x10
[  753.741472][T17291]  ? security_socket_post_create+0x21d/0x260
[  753.741512][T17291]  ? __pfx_unix_socketpair+0x10/0x10
[  753.741555][T17291]  ? __sock_create+0xa2/0x8d0
[  753.741604][T17291]  __sys_socketpair+0x2ef/0x5a0
[  753.741645][T17291]  ? __pfx___sys_socketpair+0x10/0x10
[  753.741688][T17291]  ? xfd_validate_state+0x61/0x180
[  753.741723][T17291]  ? do_execveat_common.isra.0+0x4c6/0x610
[  753.741771][T17291]  __x64_sys_socketpair+0x96/0x100
[  753.741808][T17291]  ? lockdep_hardirqs_on+0x7c/0x110
[  753.741853][T17291]  do_syscall_64+0xcd/0x490
[  753.741904][T17291]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  753.741947][T17291] RIP: 0033:0x7fd78b18e969
[  753.741975][T17291] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  753.742011][T17291] RSP: 002b:00007fd78bfd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
[  753.742044][T17291] RAX: ffffffffffffffda RBX: 00007fd78b3b5fa0 RCX: 00007fd78b18e969
[  753.742068][T17291] RDX: 8000000000000000 RSI: 0000000000000001 RDI: 0000000000000001
[  753.742090][T17291] RBP: 00007fd78b210ab1 R08: 0000000000000000 R09: 0000000000000000
[  753.742112][T17291] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  753.742133][T17291] R13: 0000000000000000 R14: 00007fd78b3b5fa0 R15: 00007ffcab600f28
[  753.742177][T17291]  </TASK>
[  754.119320][T17295] FAULT_INJECTION: forcing a failure.
[  754.119320][T17295] name failslab, interval 1, probability 0, space 0, times 0
[  754.135516][T17295] CPU: 1 UID: 0 PID: 17295 Comm: syz.1.3957 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  754.135565][T17295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  754.135587][T17295] Call Trace:
[  754.135599][T17295]  <TASK>
[  754.135613][T17295]  dump_stack_lvl+0x16c/0x1f0
[  754.135665][T17295]  should_fail_ex+0x512/0x640
[  754.135720][T17295]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[  754.135783][T17295]  should_failslab+0xc2/0x120
[  754.135835][T17295]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  754.135897][T17295]  ? kstrdup_const+0x63/0x80
[  754.135950][T17295]  kstrdup+0x53/0x100
[  754.135997][T17295]  kstrdup_const+0x63/0x80
[  754.136042][T17295]  __kmem_cache_create_args+0x18f/0x390
[  754.136089][T17295]  mon_text_open+0x313/0x4f0
[  754.136145][T17295]  ? __pfx_mon_text_open+0x10/0x10
[  754.136198][T17295]  ? __debugfs_file_get+0x1fe/0x840
[  754.136251][T17295]  ? __pfx_mon_text_ctor+0x10/0x10
[  754.136304][T17295]  ? __pfx_apparmor_file_open+0x10/0x10
[  754.136350][T17295]  ? lockdown_is_locked_down+0x3f/0x130
[  754.136402][T17295]  ? bpf_lsm_locked_down+0x9/0x10
[  754.136443][T17295]  ? __pfx_mon_text_open+0x10/0x10
[  754.136500][T17295]  full_proxy_open_regular+0x1b6/0x360
[  754.136559][T17295]  do_dentry_open+0x741/0x1c10
[  754.136605][T17295]  ? __pfx_full_proxy_open_regular+0x10/0x10
[  754.136672][T17295]  vfs_open+0x82/0x3f0
[  754.136730][T17295]  path_openat+0x1de4/0x2cb0
[  754.136786][T17295]  ? __pfx_path_openat+0x10/0x10
[  754.136832][T17295]  ? __lock_acquire+0xb8a/0x1c90
[  754.136885][T17295]  do_filp_open+0x20b/0x470
[  754.136934][T17295]  ? __pfx_do_filp_open+0x10/0x10
[  754.137009][T17295]  ? alloc_fd+0x471/0x7d0
[  754.137062][T17295]  do_sys_openat2+0x11b/0x1d0
[  754.137093][T17295]  ? __pfx_do_sys_openat2+0x10/0x10
[  754.137168][T17295]  __x64_sys_openat+0x174/0x210
[  754.137201][T17295]  ? __pfx___x64_sys_openat+0x10/0x10
[  754.137251][T17295]  do_syscall_64+0xcd/0x490
[  754.137303][T17295]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  754.137338][T17295] RIP: 0033:0x7f1d4d18e969
[  754.137366][T17295] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  754.137401][T17295] RSP: 002b:00007f1d4e027038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  754.137433][T17295] RAX: ffffffffffffffda RBX: 00007f1d4d3b5fa0 RCX: 00007f1d4d18e969
[  754.137457][T17295] RDX: 0000000000000000 RSI: 0000200000000100 RDI: ffffffffffffff9c
[  754.137479][T17295] RBP: 00007f1d4d210ab1 R08: 0000000000000000 R09: 0000000000000000
[  754.137500][T17295] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  754.137522][T17295] R13: 0000000000000000 R14: 00007f1d4d3b5fa0 R15: 00007ffed0ef9168
[  754.137566][T17295]  </TASK>
[  754.137581][T17295] __kmem_cache_create_args(mon_text_ffff888098f86800) failed with error -12
[  754.179451][   T31] INFO: task kworker/u10:3:15141 blocked for more than 143 seconds.
[  754.183018][T17295] CPU: 1 UID: 0 PID: 17295 Comm: syz.1.3957 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  754.183068][T17295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  754.183092][T17295] Call Trace:
[  754.183103][T17295]  <TASK>
[  754.183117][T17295]  dump_stack_lvl+0x16c/0x1f0
[  754.183176][T17295]  __kmem_cache_create_args+0x125/0x390
[  754.183228][T17295]  mon_text_open+0x313/0x4f0
[  754.183286][T17295]  ? __pfx_mon_text_open+0x10/0x10
[  754.183341][T17295]  ? __debugfs_file_get+0x1fe/0x840
[  754.183398][T17295]  ? __pfx_mon_text_ctor+0x10/0x10
[  754.183459][T17295]  ? __pfx_apparmor_file_open+0x10/0x10
[  754.183508][T17295]  ? lockdown_is_locked_down+0x3f/0x130
[  754.183565][T17295]  ? bpf_lsm_locked_down+0x9/0x10
[  754.183610][T17295]  ? __pfx_mon_text_open+0x10/0x10
[  754.183665][T17295]  full_proxy_open_regular+0x1b6/0x360
[  754.183729][T17295]  do_dentry_open+0x741/0x1c10
[  754.183778][T17295]  ? __pfx_full_proxy_open_regular+0x10/0x10
[  754.183866][T17295]  vfs_open+0x82/0x3f0
[  754.183931][T17295]  path_openat+0x1de4/0x2cb0
[  754.183993][T17295]  ? __pfx_path_openat+0x10/0x10
[  754.184042][T17295]  ? __lock_acquire+0xb8a/0x1c90
[  754.184087][T17295]  do_filp_open+0x20b/0x470
[  754.184133][T17295]  ? __pfx_do_filp_open+0x10/0x10
[  754.184214][T17295]  ? alloc_fd+0x471/0x7d0
[  754.184263][T17295]  do_sys_openat2+0x11b/0x1d0
[  754.184297][T17295]  ? __pfx_do_sys_openat2+0x10/0x10
[  754.184374][T17295]  __x64_sys_openat+0x174/0x210
[  754.184410][T17295]  ? __pfx___x64_sys_openat+0x10/0x10
[  754.184464][T17295]  do_syscall_64+0xcd/0x490
[  754.184521][T17295]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  754.184559][T17295] RIP: 0033:0x7f1d4d18e969
[  754.184591][T17295] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  754.184628][T17295] RSP: 002b:00007f1d4e027038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  754.184664][T17295] RAX: ffffffffffffffda RBX: 00007f1d4d3b5fa0 RCX: 00007f1d4d18e969
[  754.184689][T17295] RDX: 0000000000000000 RSI: 0000200000000100 RDI: ffffffffffffff9c
[  754.184712][T17295] RBP: 00007f1d4d210ab1 R08: 0000000000000000 R09: 0000000000000000
[  754.184736][T17295] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  754.184759][T17295] R13: 0000000000000000 R14: 00007f1d4d3b5fa0 R15: 00007ffed0ef9168
[  754.184808][T17295]  </TASK>
[  754.806544][   T31]       Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0
[  754.816003][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  754.826964][   T31] task:kworker/u10:3   state:D stack:26968 pid:15141 tgid:15141 ppid:2      task_flags:0x4208060 flags:0x00004000
[  754.844584][   T31] Workqueue: netns cleanup_net
[  754.850756][   T31] Call Trace:
[  754.854722][   T31]  <TASK>
[  754.858273][   T31]  __schedule+0x116a/0x5de0
[  754.863932][   T31]  ? __lock_acquire+0x622/0x1c90
[  754.869989][   T31]  ? __pfx___schedule+0x10/0x10
[  754.875919][   T31]  ? find_held_lock+0x2b/0x80
[  754.881753][   T31]  ? schedule+0x2d7/0x3a0
[  754.887565][   T31]  schedule+0xe7/0x3a0
[  754.893164][   T31]  schedule_timeout+0x257/0x290
[  754.903302][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[  754.914283][   T31]  ? mark_held_locks+0x49/0x80
[  754.920258][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  754.926808][   T31]  __wait_for_common+0x2ff/0x4e0
[  754.932874][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[  754.939556][   T31]  ? __pfx___wait_for_common+0x10/0x10
[  754.949210][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  754.955539][   T31]  ? flush_workqueue_prep_pwqs+0x2e9/0x510
[  754.962910][   T31]  __flush_workqueue+0x3e2/0x1230
[  754.969232][   T31]  ? css_release_work_fn+0x7c6/0xa40
[  754.975669][   T31]  ? __pfx___flush_workqueue+0x10/0x10
[  754.982675][   T31]  ? reacquire_held_locks+0xcd/0x1f0
[  754.989212][   T31]  ? __pfx_sock_def_readable+0x10/0x10
[  754.995851][   T31]  ? __pfx_sock_def_readable+0x10/0x10
[  755.003044][   T31]  rds_tcp_listen_stop+0x104/0x150
[  755.013639][   T31]  ? __pfx_rds_tcp_exit_net+0x10/0x10
[  755.024731][   T31]  rds_tcp_exit_net+0xcb/0x810
[  755.030723][   T31]  ? __pfx_rds_tcp_exit_net+0x10/0x10
[  755.037241][   T31]  ? __pfx___might_resched+0x10/0x10
[  755.059478][   T31]  ? __pfx_rds_tcp_exit_net+0x10/0x10
[  755.066093][   T31]  ops_undo_list+0x2ee/0xab0
[  755.079640][   T31]  ? __pfx_ops_undo_list+0x10/0x10
[  755.085948][   T31]  ? __local_bh_enable_ip+0xa4/0x120
[  755.092970][   T31]  cleanup_net+0x408/0x890
[  755.098454][   T31]  ? __pfx_cleanup_net+0x10/0x10
[  755.110812][   T31]  ? rcu_is_watching+0x12/0xc0
[  755.116799][   T31]  process_one_work+0x9cf/0x1b70
[  755.128888][   T31]  ? __pfx_process_one_work+0x10/0x10
[  755.145102][   T31]  ? assign_work+0x1a0/0x250
[  755.154592][   T31]  worker_thread+0x6c8/0xf10
[  755.160667][   T31]  ? __kthread_parkme+0x19e/0x250
[  755.166772][   T31]  ? __pfx_worker_thread+0x10/0x10
[  755.173565][   T31]  kthread+0x3c2/0x780
[  755.178535][   T31]  ? __pfx_kthread+0x10/0x10
[  755.184810][   T31]  ? rcu_is_watching+0x12/0xc0
[  755.190955][   T31]  ? __pfx_kthread+0x10/0x10
[  755.196524][   T31]  ret_from_fork+0x5d4/0x6f0
[  755.202935][   T31]  ? __pfx_kthread+0x10/0x10
[  755.208502][   T31]  ret_from_fork_asm+0x1a/0x30
[  755.215378][   T31]  </TASK>
[  755.220233][   T31] 
[  755.220233][   T31] Showing all locks held in the system:
[  755.235438][   T31] 2 locks held by ksoftirqd/1/23:
[  755.241951][   T31]  #0: ffff8880b853bd98 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x29/0x130
[  755.261097][   T31]  #1: ffff88802aa22018 (&pid_list->lock){-.-.}-{2:2}, at: trace_pid_list_is_set+0x4c/0x150
[  755.273853][   T31] 1 lock held by khungtaskd/31:
[  755.280172][   T31]  #0: ffffffff8e3c2c00 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0
[  755.292549][   T31] 1 lock held by syz-executor/5817:
[  755.299617][   T31] 3 locks held by syz-executor/5833:
[  755.305996][   T31] 2 locks held by getty/13793:
[  755.322465][   T31]  #0: ffff88814c9bf0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[  755.409147][   T31]  #1: ffffc900032602f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0
[  755.457740][   T31] 3 locks held by kworker/u10:3/15141:
[  755.487446][   T31]  #0: ffff88801c2fe148 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70
[  755.519170][   T31]  #1: ffffc9000416fd10 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70
[  755.532058][   T31]  #2: ffffffff90130610 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xad/0x890
[  755.559808][   T31] 1 lock held by syz.0.3549/15881:
[  755.566079][   T31]  #0: ffffffff90130610 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x286/0x5f0
[  755.609698][   T31] 1 lock held by syz.1.3643/16231:
[  755.615910][   T31] 1 lock held by syz.4.3690/16363:
[  755.649072][   T31]  #0: ffffffff90130610 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x286/0x5f0
[  755.673987][   T31] no locks held by syz-executor/16401.
[  755.706592][   T31] 1 lock held by syz-executor/16414:
[  755.714820][   T31]  #0: ffffffff8e3ce1b8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x1a3/0x3c0
[  755.743221][   T31] 1 lock held by syz.2.3802/16745:
[  755.759156][   T31]  #0: ffffffff90130610 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x286/0x5f0
[  755.775822][   T31] 3 locks held by syz.6.3868/17017:
[  755.789426][   T31] 2 locks held by syz.6.3952/17276:
[  755.834556][   T31] 
[  755.837414][   T31] =============================================
[  755.837414][   T31] 
[  755.898213][   T31] NMI backtrace for cpu 0
[  755.898237][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  755.898274][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  755.898291][   T31] Call Trace:
[  755.898302][   T31]  <TASK>
[  755.898314][   T31]  dump_stack_lvl+0x116/0x1f0
[  755.898361][   T31]  nmi_cpu_backtrace+0x27b/0x390
[  755.898390][   T31]  ? _raw_spin_unlock_irqrestore+0x61/0x80
[  755.898429][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  755.898458][   T31]  nmi_trigger_cpumask_backtrace+0x29c/0x300
[  755.898493][   T31]  watchdog+0xf70/0x12c0
[  755.898536][   T31]  ? __pfx_watchdog+0x10/0x10
[  755.898569][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[  755.898611][   T31]  ? __kthread_parkme+0x19e/0x250
[  755.898661][   T31]  ? __pfx_watchdog+0x10/0x10
[  755.898696][   T31]  kthread+0x3c2/0x780
[  755.898731][   T31]  ? __pfx_kthread+0x10/0x10
[  755.898764][   T31]  ? rcu_is_watching+0x12/0xc0
[  755.898806][   T31]  ? __pfx_kthread+0x10/0x10
[  755.898841][   T31]  ret_from_fork+0x5d4/0x6f0
[  755.898869][   T31]  ? __pfx_kthread+0x10/0x10
[  755.898912][   T31]  ret_from_fork_asm+0x1a/0x30
[  755.898961][   T31]  </TASK>
[  755.898973][   T31] Sending NMI from CPU 0 to CPUs 1:
[  756.050214][    C1] NMI backtrace for cpu 1
[  756.050237][    C1] CPU: 1 UID: 0 PID: 13648 Comm: syz.1.2840 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  756.050271][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  756.050289][    C1] RIP: 0010:__kasan_check_read+0x0/0x20
[  756.050325][    C1] Code: e9 55 21 5b 09 48 83 c4 60 48 c7 c7 e8 34 a5 8d 5b 5d 41 5c e9 01 03 79 ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <f3> 0f 1e fa 48 8b 0c 24 89 f6 31 d2 e9 5f f0 ff ff 66 66 2e 0f 1f
[  756.050352][    C1] RSP: 0018:ffffc9000afcf850 EFLAGS: 00000046
[  756.050372][    C1] RAX: 0000000000000000 RBX: 0000000000000001 RCX: ffffffff81983fd3
[  756.050390][    C1] RDX: dffffc0000000000 RSI: 0000000000000008 RDI: ffffffff9087ad50
[  756.050408][    C1] RBP: 0000000000000286 R08: 0000000000000000 R09: fffffbfff35c21c6
[  756.050425][    C1] R10: ffffffff9ae10e33 R11: 0000000000000001 R12: dffffc0000000000
[  756.050443][    C1] R13: 0000000000000150 R14: 0000000000000009 R15: ffffc90012f70000
[  756.050460][    C1] FS:  0000000000000000(0000) GS:ffff888124a75000(0000) knlGS:0000000000000000
[  756.050485][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  756.050503][    C1] CR2: 00007f847dc3b990 CR3: 000000007d866000 CR4: 00000000003526f0
[  756.050520][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  756.050536][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  756.050552][    C1] Call Trace:
[  756.050561][    C1]  <TASK>
[  756.050570][    C1]  trace_irq_enable.constprop.0+0x2f/0x120
[  756.050607][    C1]  trace_hardirqs_on+0x26/0x40
[  756.050637][    C1]  _raw_spin_unlock_irqrestore+0x52/0x80
[  756.050672][    C1]  debug_check_no_obj_freed+0x31f/0x600
[  756.050717][    C1]  ? __pfx_debug_check_no_obj_freed+0x10/0x10
[  756.050750][    C1]  ? find_unlink_vmap_area+0x301/0x3f0
[  756.050792][    C1]  ? _raw_spin_unlock+0x28/0x50
[  756.050821][    C1]  ? find_unlink_vmap_area+0x306/0x3f0
[  756.050863][    C1]  remove_vm_area+0x1ae/0x3f0
[  756.050888][    C1]  ? do_raw_spin_lock+0x12c/0x2b0
[  756.050922][    C1]  ? __pfx_kcov_close+0x10/0x10
[  756.050953][    C1]  vfree+0x90/0xb50
[  756.050977][    C1]  ? find_held_lock+0x2b/0x80
[  756.051015][    C1]  ? rcu_is_watching+0x12/0xc0
[  756.051052][    C1]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  756.051086][    C1]  ? __pfx_kcov_close+0x10/0x10
[  756.051115][    C1]  kcov_close+0x34/0x60
[  756.051144][    C1]  __fput+0x3ff/0xb70
[  756.051183][    C1]  ? cleanup_mnt+0x262/0x450
[  756.051211][    C1]  task_work_run+0x150/0x240
[  756.051245][    C1]  ? __pfx_task_work_run+0x10/0x10
[  756.051283][    C1]  do_exit+0x864/0x2bd0
[  756.051315][    C1]  ? __pfx_do_exit+0x10/0x10
[  756.051341][    C1]  ? do_raw_spin_lock+0x12c/0x2b0
[  756.051374][    C1]  ? find_held_lock+0x2b/0x80
[  756.051413][    C1]  do_group_exit+0xd3/0x2a0
[  756.051443][    C1]  get_signal+0x2673/0x26d0
[  756.051485][    C1]  ? hash_netportnet_create+0xd88/0x1250
[  756.051518][    C1]  ? __pfx_get_signal+0x10/0x10
[  756.051557][    C1]  ? do_futex+0x122/0x350
[  756.051581][    C1]  ? __pfx_do_futex+0x10/0x10
[  756.051607][    C1]  arch_do_signal_or_restart+0x8f/0x790
[  756.051648][    C1]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  756.051700][    C1]  exit_to_user_mode_loop+0x84/0x110
[  756.051741][    C1]  do_syscall_64+0x3f6/0x490
[  756.051780][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  756.051807][    C1] RIP: 0033:0x7f1d4d18e969
[  756.051827][    C1] Code: Unable to access opcode bytes at 0x7f1d4d18e93f.
[  756.051840][    C1] RSP: 002b:00007f1d4e0270e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  756.051863][    C1] RAX: fffffffffffffe00 RBX: 00007f1d4d3b5fa8 RCX: 00007f1d4d18e969
[  756.051881][    C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f1d4d3b5fa8
[  756.051897][    C1] RBP: 00007f1d4d3b5fa0 R08: 0000000000000000 R09: 0000000000000000
[  756.051913][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f1d4d3b5fac
[  756.051931][    C1] R13: 0000000000000000 R14: 00007ffed0ef9080 R15: 00007ffed0ef9168
[  756.051959][    C1]  </TASK>
[  756.574288][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[  756.582584][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  756.596377][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  756.608488][   T31] Call Trace:
[  756.612449][   T31]  <TASK>
[  756.615997][   T31]  dump_stack_lvl+0x3d/0x1f0
[  756.621567][   T31]  panic+0x71c/0x800
[  756.626376][   T31]  ? __pfx___irq_work_queue_local+0x10/0x10
[  756.633510][   T31]  ? __pfx_panic+0x10/0x10
[  756.638859][   T31]  ? preempt_schedule_thunk+0x16/0x30
[  756.645360][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  756.652580][   T31]  ? preempt_schedule_thunk+0x16/0x30
[  756.659080][   T31]  ? watchdog+0xdda/0x12c0
[  756.664426][   T31]  ? watchdog+0xdcd/0x12c0
[  756.669767][   T31]  watchdog+0xdeb/0x12c0
[  756.674903][   T31]  ? __pfx_watchdog+0x10/0x10
[  756.680554][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[  756.686847][   T31]  ? __kthread_parkme+0x19e/0x250
[  756.692941][   T31]  ? __pfx_watchdog+0x10/0x10
[  756.698600][   T31]  kthread+0x3c2/0x780
[  756.703536][   T31]  ? __pfx_kthread+0x10/0x10
[  756.709103][   T31]  ? rcu_is_watching+0x12/0xc0
[  756.714862][   T31]  ? __pfx_kthread+0x10/0x10
[  756.720409][   T31]  ret_from_fork+0x5d4/0x6f0
[  756.726056][   T31]  ? __pfx_kthread+0x10/0x10
[  756.731610][   T31]  ret_from_fork_asm+0x1a/0x30
[  756.737383][   T31]  </TASK>
[  756.741361][   T31] Kernel Offset: disabled
[  756.746550][   T31] Rebooting in 86400 seconds..