last executing test programs:

3m10.778849082s ago: executing program 0 (id=1554):
capset$auto(0x0, &(0x7f0000000000)={0x1, 0x7, 0x4a})
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[], 0x1ac}}, 0x40000)
sendmsg$auto_IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)={0x48, 0x0, 0x200, 0x70bd26, 0x25dfdbff, {}, [@IEEE802154_ATTR_FRAME_RETRIES={0x5, 0x28, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "2343c6cc737eff488e00000000f4ccf0"}, @IEEE802154_ATTR_PAN_ID={0x6, 0x6, 0x8}, @IEEE802154_ATTR_DEST_PAN_ID={0x6, 0x10, 0x6}, @IEEE802154_ATTR_COORD_SHORT_ADDR={0x6, 0x8, 0x5}]}, 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x8001)
r0 = socket(0x11, 0x2, 0x0)
sendmmsg$auto(r0, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5aa, &(0x7f0000000100)={&(0x7f0000000080), 0x49}, 0x5, &(0x7f00000003c0), 0x5, 0x1000}, 0x5}, 0x2, 0x100)

3m10.506173657s ago: executing program 0 (id=1556):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000000000), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', <r3=>0x0})
sendmsg$auto_NET_SHAPER_CMD_GET2(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)={0x1c, r1, 0x305, 0x70bd2d, 0x25dfdbfc, {}, [@NET_SHAPER_A_IFINDEX={0x8, 0x8, r3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4001}, 0x401d0)

3m10.268814647s ago: executing program 0 (id=1558):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x0, 0x8, 0x4)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
mmap$auto(0x0, 0x6, 0x3, 0xeb1, 0x7, 0x8000)
ioprio_set$auto(0x2, 0x0, 0x72e2f0a)

3m9.848126772s ago: executing program 0 (id=1564):
userfaultfd$auto(0x9)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x3, 0x3a)
inotify_rm_watch$auto(r0, 0x84e4)

3m9.65019938s ago: executing program 0 (id=1567):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
io_uring_setup$auto(0x1, 0x0)
futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0xffffffd6)
mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000)
tkill$auto(0x1, 0x7)

3m8.852193963s ago: executing program 0 (id=1574):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000040), 0xffffffffffffffff)
read$auto(r0, &(0x7f0000000000)='SMC_GEN_NETLINK\x00', 0x45a)
openat2$dir(0xffffffffffffff9c, 0x0, &(0x7f0000000080)={0x408c0, 0x40, 0x10}, 0x18)
sendmsg$auto_SMC_NETLINK_DISABLE_SEID(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="013b"], 0x14}, 0x1, 0x0, 0x0, 0x880}, 0x810)

3m8.843369691s ago: executing program 2 (id=1575):
sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000004580)={0x0, 0x0, &(0x7f0000004540)={&(0x7f0000000080)={0x1c, 0x0, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@OVS_DP_ATTR_MASKS_CACHE_SIZE={0x8, 0x7, 0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0xc010}, 0x2000000)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff)
r0 = socket(0x11, 0x3, 0x9)
capset$auto(0x0, &(0x7f0000000000)={0x1, 0x7, 0x4a})
sendmmsg$auto(r0, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5aa, &(0x7f0000000100)={&(0x7f0000000080), 0x49}, 0x5, &(0x7f0000000180), 0x5, 0x1000}, 0x5}, 0x2, 0x100)

3m8.422332055s ago: executing program 32 (id=1574):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000040), 0xffffffffffffffff)
read$auto(r0, &(0x7f0000000000)='SMC_GEN_NETLINK\x00', 0x45a)
openat2$dir(0xffffffffffffff9c, 0x0, &(0x7f0000000080)={0x408c0, 0x40, 0x10}, 0x18)
sendmsg$auto_SMC_NETLINK_DISABLE_SEID(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="013b"], 0x14}, 0x1, 0x0, 0x0, 0x880}, 0x810)

3m8.412213374s ago: executing program 2 (id=1578):
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r0 = socket(0x1e, 0x1, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
fanotify_init$auto(0x200, 0x1)
fanotify_mark$auto(r0, 0x90, 0x3, 0xffffffffffffffff, 0x0)

3m8.098697423s ago: executing program 2 (id=1586):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
pipe$auto(0x0)
r0 = socket(0x2, 0x6, 0x0)
getsockopt$auto(r0, 0x10d, 0xc, 0x0, 0x0)

3m2.1337333s ago: executing program 2 (id=1589):
sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x6c, 0x697c}, 0xed71390}, 0x9a6, 0xff00)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$auto(0x1, 0x1, 0x14, &(0x7f0000000000)='\x00', 0xbb)

3m1.662137244s ago: executing program 2 (id=1583):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
io_uring_setup$auto(0x1, 0x0)
futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0xffffffd6)
mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000)
tkill$auto(0x1, 0x7)

3m0.382962032s ago: executing program 2 (id=1596):
mmap$auto(0x0, 0x8, 0x4, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x3, 0x4)
symlink$auto(0x0, 0x0)
readlink$auto(0x0, 0x0, 0x800)
setsockopt$auto(r0, 0x0, 0x2, 0x0, 0x28)

2m59.755584084s ago: executing program 33 (id=1596):
mmap$auto(0x0, 0x8, 0x4, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x3, 0x4)
symlink$auto(0x0, 0x0)
readlink$auto(0x0, 0x0, 0x800)
setsockopt$auto(r0, 0x0, 0x2, 0x0, 0x28)

5.606821579s ago: executing program 1 (id=3007):
set_mempolicy$auto(0x2, &(0x7f0000000080)=0x7e, 0x4)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
uname$auto(0x0)
clone$auto(0x81000005, 0x6, 0xfffffffffffffffd, 0xffffffffffffffff, 0x80000001)
move_pages$auto(0x0, 0xd0, 0x0, &(0x7f0000001140), 0x0, 0x2)

5.214533127s ago: executing program 3 (id=3010):
mmap$auto(0x0, 0x2000, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x21, 0x2, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket(0x1d, 0x2, 0x2)
connect$auto(0x5, 0x0, 0x9)
sendmsg$auto_HSR_C_GET_NODE_STATUS(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYRES64=r0, @ANYRES16=0x0, @ANYBLOB="000427bd7000fbdbdf25030000000a000500a9085797e76b0000060006000300000008000200", @ANYRES32=0x0, @ANYBLOB='\b'], 0x38}, 0x1, 0x0, 0x0, 0x40090}, 0x0)

4.808046646s ago: executing program 3 (id=3013):
mmap$auto(0x0, 0x202000b, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
write$auto(0x3, 0x0, 0x100082)
get_robust_list$auto(0x0, 0x0, 0x0)
vmsplice$auto(0x1, 0x0, 0xa, 0x6)

3.493737164s ago: executing program 4 (id=3017):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0x2, 0x1, 0x84)
setsockopt$auto(0x3, 0x10000000084, 0x72, 0x0, 0xc)

3.346416312s ago: executing program 1 (id=3018):
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0xa, 0x2, 0x0)
socket(0x2b, 0x1, 0x1)
socket(0x1, 0x2, 0x0)
socket(0xa, 0x2, 0x0)
getsockopt$auto(0x6, 0x40000000029, 0x3a, 0xfffffffffffffffe, 0x0)

3.109693764s ago: executing program 3 (id=3020):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
syz_clone3(&(0x7f00000004c0)={0x2000000, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58)
unshare$auto(0x40000080)
syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e</\xfd\x9b\xe4\x99G\xeaS\x9a\xadu(:\x94:\xaf\x06c=3>1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5)
r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000080))
getdents$auto(r0, 0x0, 0xfff)

3.002787544s ago: executing program 4 (id=3021):
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
r0 = socket(0x1e, 0x4, 0x0)
setsockopt$auto(r0, 0x10f, 0x80, 0x0, 0x14)
io_uring_setup$auto(0x3ff, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)

2.632997298s ago: executing program 5 (id=3022):
mmap$auto(0x0, 0x8020009, 0xe2, 0xcb1, 0x401, 0x8040001008000)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0)
socket(0x2, 0x80002, 0x73)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @local}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x33a00, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x6, 0x0)

2.614737024s ago: executing program 4 (id=3023):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x7f, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
connect$auto(0x4, 0x0, 0x10)

2.173522812s ago: executing program 5 (id=3024):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
socket(0x18, 0xa, 0x1)
socket(0xa, 0x2, 0x0)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "ab06fdffff00fff500"}, 0x55)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0xe000)

1.813862645s ago: executing program 1 (id=3025):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
msgsnd$auto(0x5, 0x0, 0x3, 0x8)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
mlock$auto(0xfbe8, 0x4)
mlockall$auto(0x7)
arch_prctl$auto(0x5005, 0x9)

1.483932667s ago: executing program 4 (id=3026):
mmap$auto(0x0, 0x400008, 0xe3, 0x9b72, 0x2, 0x8000)
socket(0x10, 0x2, 0x0)
sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x24, 0x0, 0x300, 0x70bd36, 0x25dfdbfe, {}, [@BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x2}, @BATADV_ATTR_TT_CRC32={0x8, 0x13, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0xc005}, 0x4)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

1.311824205s ago: executing program 5 (id=3027):
mmap$auto(0x0, 0x7, 0x3, 0xeb2, 0xffffffffffffffff, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x23, 0x80805, 0x0)
memfd_secret$auto(0x0)
fchownat$auto(0x2, 0x0, 0x4, 0x8001, 0x1000)

1.122249845s ago: executing program 3 (id=3028):
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
socket(0x2, 0x1, 0x0)
shutdown$auto(0x200000003, 0x2)
io_uring_setup$auto(0x6, 0x0)
setsockopt$auto(0x3, 0x1, 0x2e, 0x0, 0x9)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)

984.24086ms ago: executing program 5 (id=3029):
openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
clone$auto(0x3fff, 0xad3, 0x0, 0x0, 0x8000002)
r0 = socket(0x11, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r0, 0x8953, 0x0)

702.986457ms ago: executing program 1 (id=3030):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0x20000000000, 0x8000)
sendmsg$auto_TASKSTATS_CMD_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x400c0}, 0x4040000)
shmctl$auto(0x3, 0xffffffff, &(0x7f0000000180)={{0x7, 0xee00, 0x0, 0x4, 0x3, 0x2, 0x3}, 0xe25, 0x3ff, 0x1, 0x10, @inferred, @inferred, 0x9, 0x0, 0x0, 0x0})
r0 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000)
recvmmsg$auto(r0, &(0x7f0000000140)={{0x0, 0x4, 0x0, 0x5, 0x0, 0x2, 0x8}, 0x800}, 0x10a, 0x8, 0x0)

702.136306ms ago: executing program 3 (id=3031):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
capget$auto(0x0, 0xfffffffffffffffe)
capset$auto(0x0, &(0x7f0000000000)={0x3, 0x7, 0x8})
fstat$auto(0x2, 0x0)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x0, 0x0)
ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0)

643.520707ms ago: executing program 5 (id=3032):
mmap$auto(0x0, 0x9, 0x72, 0x8b72, 0x2, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x1, 0x6)
getsockopt$auto(0x6, 0x40000000029, 0x3, 0xfffffffffffffffe, 0x0)

384.465235ms ago: executing program 3 (id=3033):
sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f0026bd7000fcdbdf9907"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4)
socket(0x10, 0x2, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='y'], 0x1ac}}, 0x4004)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

294.059183ms ago: executing program 4 (id=3034):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x2000000000000000)
r0 = socket(0x2, 0x1, 0x106)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
setsockopt$auto(r0, 0x1, 0x12, 0x0, 0xeb66)

281.042741ms ago: executing program 1 (id=3035):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x801, 0x84)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
ioctl$sock_SIOCGIFINDEX(r0, 0x89fc, &(0x7f0000000040)={'bridge0\x00'})

241.82327ms ago: executing program 5 (id=3036):
r0 = socket(0x10, 0x80002, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8000, 0x0)
io_uring_setup$auto(0x6, 0x0)
timerfd_create$auto(0x8, 0x800)
timerfd_settime$auto(r0, 0x3, 0x0, 0x0)

67.768609ms ago: executing program 1 (id=3037):
r0 = setfsuid$auto(0xee00)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x80000008000)
r1 = setfsuid$auto(0xee01)
setresuid$auto(r0, r1, r0)
r2 = geteuid()
keyctl$auto(0x1f, r2, r2, 0x0, 0x8)

0s ago: executing program 4 (id=3038):
mkdir$auto(&(0x7f0000000040)='./file0\x00', 0x2)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x3880, 0x70)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x802, 0x1)
setsockopt$auto_SO_WIFI_STATUS(r0, 0x0, 0x29, &(0x7f0000000080)='\xef', 0x8000)

kernel console output (not intermixed with test programs):

	

	
		

	
		

	


	
	

		
	
		
		
	

			





			








	







	





	
	


	






	












	
	










	
	






	




	







		







	
	
	
		

	



	
	

	

	
		

	
		

	


	
	

		
	
		
		
	

			





			








	








	















	












	
	










	
	






	







	









		










	
		

	


	
	

		
	
		
		
	

			





			








	





	













	


	







		

		

		
		

			

		

	
		
		
		

		
	

	



	

	

		
		
		


		


	

		


















	


	
	








	




	






		







	

	
		

	
		

	


	
	

		
	
		
		
	

			





			








	




	















	


	

	

		

		

		


		

		
		

			

		

	
		
		
		

		
	

	



	

	

		
		
		


		


	

		


















	


	
	








	






	








		









	

	
		
	

	
		
	

	
		

	
		

	


	
	

		
	
		
		
	

			





			








	




	





	

	

	

	
	

	



	

	

	
	







	
	










	
	






	





	








		










	
		

	


	
	

		
	
		
		
	

			





			








	


	



	



	

	


	

	

	




			
			
		


		


	

		


















	


	
	








	






	








		









		
	

	
		

	
		

	


	
	

		
	
		
		
	

			





			








	




	



















	





		

		







	











	
	










	
	






	




	






		








	
		

	


	
	

		
	
		
		
	

			





			








	





	











	




	

	


	


	



	

	



	



	

		

		
	


		

		
			
			
		

	
	
	
	
	

	



		










	
	










	
	






	






	








		









	
	

	
	

	

	
	

	
	
	
			




	

	
		
	
	
	
	

	
	
	

	
		
	
	

	
	
	

	
		
	


		

	


	
		

	


	
	

		
	
		
		
	

			





			








	





	













		
	

	


	

	

		

		

		


		

		
		

			

		

	
		
		
		
		
	

	



	

	

		
		
		


		


	

		


















	


	
	








	




	






		







	
	
	
	

	
	
	

	
		
	
	

	
	

	
		

	


	
	

		
	
		
		
	

			





			








	




	





	

	

	

	




	

	

		
		
		


		


	

		


















	


	
	








	




	






		








	

	
		
	
	
	

	
		

	
		

	


	
	

		
	

		

	

		
		
	

			





			








	




	





	

	

	

	




	

	

		
		
		


		


	

		


















	


	
	








	




	






		








	

	
		
	

	

	
		

	
		

	


	
	

		
	
		
		
	

			





			








	





	













	


	







		

		

		
		

			

		

	
		
		
		

		
	

	



	

	

		
		
		


		


	

		


















	


	
	








	







	








		









	

	
		

	
		

	


	
	

		
	
		
		
	

			





			








	

	
	


	




		

		

			



	











	
	
	
	
	
	
	






	
	










	
	






	






	






	

	










	

	
		
	

	
		

	
		

	


	
	

		
	
		
		
	

			





			








	

	
	


	




		

		

			



	











	
	
	
	
	
	
	






	
	










	
	






	






	






	

	











	
		

	


	
	

		
	
		
		
	

			





			








	




	











		










		










	
	










	
	






	





	








		









			
		
			
		
	

	
		
	

	
		
	
			





	
		

	


	
	

		
	
		
		
	

			





			








	




	














	


	


		
	
	

		











	

		










	
	










	
	






	




	






		








	
		

	


	
	

		
	
		
		
	

			





			








	





	









	




	

	
	


	



	
	


	


	

		

		
	


	


		
		



		
	

		


		
		


		


	

		


















	


	
	








	







	








		









	
			




	
			




	
			




	

	
		
	

	
		



		
		

	
		

	


	
	

		
	
		
		
	

			





			








	





	









	




	

	
	


	



	
	


	


	

		

		
	


	


		
		



		
	

		


		
		


		


	

		


















	


	
	








	






	








		









	

	
		

	
		

	


	
	

		
	
	
	
	
		
		
	

			





			








	



	



















	


	
	








	




	






		







	
	
	
	
			







		
		
	

	
		
	
			




	
			




	
			




	

	
		

	
		

	


	
	

		
	
		
		
	

			





			








	





	









	




	

	
	


	



	
	


	


	

		

		
	


	


		
		



		
	

		


		
		


		


	

		


















	


	
	








	




	






		








	



		
		
	

	
		
	

	
		
	

	
		
	

	
		
	

	
		
			
	

	
		

	
				
	
	



	
	
	

	
		
	

	
		

	


	

	


	






	
			
	
			

	
		

	


	
	

		
	
		
		
	

			





			








	





	





	






	

	


	


	

	
		
	
		
	
		
	
	

	
	

			


		
		


		


	

		


















	


	
	








	





	








		









	

	
		
	

	
		
	
	

	
	
	

	
		
	
	
	

	
		
	

	
		
	
	

	
	
	

	
		
	

	
		
	

	
		
	

	
		
	

	
		
	

	
		
	

	
		

	


















	
	
	

	
		
	

	
		
	

	
		

		
		

	

	
		
	

	
		

	
				
	
	



				
	



	

	
		

	
		

	


		

		
	
		
		
	

			





			








	
	




	
	
	







	

	





	


	
	






	




	






		







	

	
		
	
	

	
	
	
	

	
	

	
		

	


	
	

		
	
		
		
	

			





			








	




	






	

		

		

		

	

		





		










	
	










	
	






	




	






		








	
		

	


	
	

		
	
		
		
	

			





			








	





	





	






	



	

	


	


	
	



	





	







	





	




	

		

		
	


	


		
		
	


	




	
			
			



		

	
		
		


		


	

		


















	


	
	








	






	








		












	

	

	
	
	

	
	
	

	
		
		
		



	

	
		
	
	

	

	
		
	

	
		





	

	









		




	

	
		
	

	
		
	

	
		

syzkaller
syzkaller login: [  436.209631][T13139] netlink: 334 bytes leftover after parsing attributes in process `syz.5.2794'.
[  436.714443][T13151] netlink: 130 bytes leftover after parsing attributes in process `syz.3.2798'.
[  437.883837][T13169] netlink: 326 bytes leftover after parsing attributes in process `syz.5.2805'.
[  438.294013][T13180] netlink: 326 bytes leftover after parsing attributes in process `syz.4.2812'.
[  439.178253][T13199] FAULT_INJECTION: forcing a failure.
[  439.178253][T13199] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  439.215820][T13199] CPU: 0 UID: 0 PID: 13199 Comm: syz.3.2818 Tainted: G          I         6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) 
[  439.215880][T13199] Tainted: [I]=FIRMWARE_WORKAROUND
[  439.215893][T13199] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  439.215913][T13199] Call Trace:
[  439.215924][T13199]  <TASK>
[  439.215937][T13199]  dump_stack_lvl+0x16c/0x1f0
[  439.216004][T13199]  should_fail_ex+0x512/0x640
[  439.216048][T13199]  should_fail_alloc_page+0xe7/0x130
[  439.216084][T13199]  prepare_alloc_pages+0x3c2/0x610
[  439.216136][T13199]  __alloc_frozen_pages_noprof+0x18f/0x23a0
[  439.216205][T13199]  ? __lock_acquire+0xaa4/0x1ba0
[  439.216266][T13199]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  439.216338][T13199]  ? __lock_acquire+0xaa4/0x1ba0
[  439.216404][T13199]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  439.216445][T13199]  ? policy_nodemask+0xea/0x4e0
[  439.216505][T13199]  alloc_pages_mpol+0x1fb/0x550
[  439.216541][T13199]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  439.216577][T13199]  ? __anon_vma_prepare+0x2db/0x5e0
[  439.216635][T13199]  folio_alloc_mpol_noprof+0x36/0x2f0
[  439.216678][T13199]  vma_alloc_folio_noprof+0xed/0x1e0
[  439.216717][T13199]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  439.216755][T13199]  ? __anon_vma_prepare+0x2e2/0x5e0
[  439.216822][T13199]  do_pte_missing+0x223d/0x3fb0
[  439.216877][T13199]  ? __pmd_alloc+0x3c2/0x870
[  439.216923][T13199]  __handle_mm_fault+0x103d/0x2a40
[  439.216993][T13199]  ? __pfx___handle_mm_fault+0x10/0x10
[  439.217039][T13199]  ? lockdep_hardirqs_on+0x7c/0x110
[  439.217129][T13199]  handle_mm_fault+0x3fe/0xad0
[  439.217187][T13199]  __get_user_pages+0x771/0x36f0
[  439.217244][T13199]  ? __pfx_mt_find+0x10/0x10
[  439.217300][T13199]  ? __pfx___get_user_pages+0x10/0x10
[  439.217362][T13199]  populate_vma_page_range+0x278/0x3a0
[  439.217427][T13199]  ? __pfx_populate_vma_page_range+0x10/0x10
[  439.217472][T13199]  ? __pfx_find_vma_intersection+0x10/0x10
[  439.217514][T13199]  ? do_mmap+0x69c/0x11b0
[  439.217558][T13199]  __mm_populate+0x1d8/0x380
[  439.217605][T13199]  ? __pfx___mm_populate+0x10/0x10
[  439.217654][T13199]  ? up_write+0x1b2/0x520
[  439.217693][T13199]  vm_mmap_pgoff+0x362/0x450
[  439.217736][T13199]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  439.217785][T13199]  ? __x64_sys_futex+0x1e0/0x4c0
[  439.217831][T13199]  ? __x64_sys_futex+0x1e9/0x4c0
[  439.217887][T13199]  ksys_mmap_pgoff+0x7d/0x5c0
[  439.217926][T13199]  ? rcu_is_watching+0x12/0xc0
[  439.217981][T13199]  __x64_sys_mmap+0x125/0x190
[  439.218023][T13199]  do_syscall_64+0xcd/0x260
[  439.218073][T13199]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  439.218104][T13199] RIP: 0033:0x7fafb958d169
[  439.218130][T13199] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  439.218160][T13199] RSP: 002b:00007fafba318038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  439.218191][T13199] RAX: ffffffffffffffda RBX: 00007fafb97a5fa0 RCX: 00007fafb958d169
[  439.218214][T13199] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000
[  439.218235][T13199] RBP: 00007fafb960e990 R08: ffffffffffffffff R09: 0000000000008000
[  439.218256][T13199] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000
[  439.218276][T13199] R13: 0000000000000000 R14: 00007fafb97a5fa0 R15: 00007ffe379d2008
[  439.218320][T13199]  </TASK>
[  440.915003][T13220] qrtr: Invalid version 0
[  441.668175][ T5851] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  441.681660][ T5851] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  441.692858][ T5851] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  441.704466][ T5851] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  441.715451][ T5851] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  442.134121][T13239] FAULT_INJECTION: forcing a failure.
[  442.134121][T13239] name failslab, interval 1, probability 0, space 0, times 0
[  442.211554][T13239] CPU: 0 UID: 0 PID: 13239 Comm: syz.3.2835 Tainted: G          I         6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) 
[  442.211615][T13239] Tainted: [I]=FIRMWARE_WORKAROUND
[  442.211628][T13239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  442.211648][T13239] Call Trace:
[  442.211668][T13239]  <TASK>
[  442.211681][T13239]  dump_stack_lvl+0x16c/0x1f0
[  442.211738][T13239]  should_fail_ex+0x512/0x640
[  442.211776][T13239]  ? fs_reclaim_acquire+0xae/0x150
[  442.211820][T13239]  ? ima_alloc_init_template+0xb5/0x720
[  442.211851][T13239]  should_failslab+0xc2/0x120
[  442.211882][T13239]  __kmalloc_noprof+0xd2/0x510
[  442.211932][T13239]  ? find_held_lock+0x2b/0x80
[  442.211983][T13239]  ima_alloc_init_template+0xb5/0x720
[  442.212018][T13239]  ? take_dentry_name_snapshot+0x319/0x7d0
[  442.212063][T13239]  ima_store_measurement+0x1eb/0x5c0
[  442.212100][T13239]  ? __pfx_ima_store_measurement+0x10/0x10
[  442.212146][T13239]  ? vfs_getxattr_alloc+0xec/0x340
[  442.212209][T13239]  ? __pfx_ima_get_hash_algo+0x10/0x10
[  442.212265][T13239]  process_measurement+0x1bd6/0x2360
[  442.212331][T13239]  ? __pfx_process_measurement+0x10/0x10
[  442.212380][T13239]  ? __lock_acquire+0x5ca/0x1ba0
[  442.212436][T13239]  ? init_file+0x93/0x4c0
[  442.212466][T13239]  ? alloc_empty_file+0x73/0x1e0
[  442.212499][T13239]  ? hugetlb_file_setup+0x4cd/0x620
[  442.212539][T13239]  ? ksys_mmap_pgoff+0x189/0x5c0
[  442.212574][T13239]  ? __x64_sys_mmap+0x125/0x190
[  442.212683][T13239]  ima_file_mmap+0x1b1/0x1d0
[  442.212735][T13239]  ? __pfx_ima_file_mmap+0x10/0x10
[  442.212797][T13239]  security_mmap_file+0x88c/0x990
[  442.212844][T13239]  vm_mmap_pgoff+0xec/0x450
[  442.212887][T13239]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  442.212919][T13239]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  442.212953][T13239]  ? hugetlbfs_get_inode+0x31f/0x730
[  442.213005][T13239]  ksys_mmap_pgoff+0x1c8/0x5c0
[  442.213045][T13239]  ? rcu_is_watching+0x12/0xc0
[  442.213090][T13239]  __x64_sys_mmap+0x125/0x190
[  442.213133][T13239]  do_syscall_64+0xcd/0x260
[  442.213185][T13239]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  442.213219][T13239] RIP: 0033:0x7fafb958d169
[  442.213247][T13239] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  442.213281][T13239] RSP: 002b:00007fafba318038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  442.213313][T13239] RAX: ffffffffffffffda RBX: 00007fafb97a5fa0 RCX: 00007fafb958d169
[  442.213335][T13239] RDX: 00004000000000df RSI: 0000000000000004 RDI: 0000000000000000
[  442.213354][T13239] RBP: 00007fafb960e990 R08: 0000000000000401 R09: 0000300000000000
[  442.213374][T13239] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000000
[  442.213393][T13239] R13: 0000000000000000 R14: 00007fafb97a5fa0 R15: 00007ffe379d2008
[  442.213434][T13239]  </TASK>
[  442.215079][   T30] audit: type=1804 audit(1744416421.112:8): pid=13239 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.3.2835" name="anon_hugepage" dev="hugetlbfs" ino=33989 res=0 errno=0
[  442.239534][T13233] chnl_net:caif_netlink_parms(): no params data found
[  442.662310][   T30] audit: type=1800 audit(1744416421.562:9): pid=13246 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2837" name=03 dev="tmpfs" ino=1391 res=0 errno=0
[  443.072458][T13256] netlink: 26 bytes leftover after parsing attributes in process `syz.5.2840'.
[  443.118793][T13256] openvswitch: netlink: IP tunnel dst address not specified
[  443.344439][T13233] bridge0: port 1(bridge_slave_0) entered blocking state
[  443.358939][T13233] bridge0: port 1(bridge_slave_0) entered disabled state
[  443.367953][T13233] bridge_slave_0: entered allmulticast mode
[  443.401775][T13233] bridge_slave_0: entered promiscuous mode
[  443.415041][T13233] bridge0: port 2(bridge_slave_1) entered blocking state
[  443.424231][T13233] bridge0: port 2(bridge_slave_1) entered disabled state
[  443.438975][T13233] bridge_slave_1: entered allmulticast mode
[  443.458167][T13233] bridge_slave_1: entered promiscuous mode
[  443.607591][T13233] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  443.643598][T13233] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  443.769079][   T55] Bluetooth: hci2: command tx timeout
[  443.945562][T13233] team0: Port device team_slave_0 added
[  444.024888][T13233] team0: Port device team_slave_1 added
[  444.292512][T13269] [U] 
[  444.295965][T13269] [U] 
[  444.299274][T13269] [U] 
[  444.302675][T13269] [U] 
[  444.351048][T13269] [U] 
[  444.354932][T13269] [U] 
[  444.358561][T13269] [U] 
[  444.361993][T13269] [U] 
[  444.384873][T13269] [U] 
[  444.388273][T13269] [U] 
[  444.391657][T13269] [U] 
[  444.395462][T13269] [U] 
[  444.410221][T13269] [U] 
[  444.413711][T13269] [U] 
[  444.417130][T13269] [U] 
[  444.420452][T13269] [U] 
[  444.448056][T13233] batman_adv: batadv0: Adding interface: batadv_slave_0
[  444.475116][T13233] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  444.510034][T13269] [U] 
[  444.563680][T13233] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  444.598886][T13233] batman_adv: batadv0: Adding interface: batadv_slave_1
[  444.622023][T13233] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  444.688331][T13233] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  444.999064][T13233] hsr_slave_0: entered promiscuous mode
[  445.007123][T13233] hsr_slave_1: entered promiscuous mode
[  445.070834][T13233] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  445.098495][T13233] Cannot create hsr debugfs directory
[  445.296576][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  445.308599][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  445.850555][   T55] Bluetooth: hci2: command tx timeout
[  446.182986][T13233] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  446.381851][T13233] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  446.543571][T13233] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  446.709789][T13233] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  447.208498][T13233] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  447.263347][T13233] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  447.352821][T13233] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  447.403717][T13233] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  447.719585][T13233] 8021q: adding VLAN 0 to HW filter on device bond0
[  447.807611][T13233] 8021q: adding VLAN 0 to HW filter on device team0
[  447.847335][T10029] bridge0: port 1(bridge_slave_0) entered blocking state
[  447.856058][T10029] bridge0: port 1(bridge_slave_0) entered forwarding state
[  447.903938][T10029] bridge0: port 2(bridge_slave_1) entered blocking state
[  447.912844][T10029] bridge0: port 2(bridge_slave_1) entered forwarding state
[  447.929452][   T55] Bluetooth: hci2: command tx timeout
[  448.866158][T13233] 8021q: adding VLAN 0 to HW filter on device batadv0
[  449.190248][T13329] netlink: 326 bytes leftover after parsing attributes in process `syz.5.2866'.
[  449.775071][T13233] veth0_vlan: entered promiscuous mode
[  449.826728][T13233] veth1_vlan: entered promiscuous mode
[  449.990406][T13233] veth0_macvtap: entered promiscuous mode
[  450.009584][   T55] Bluetooth: hci2: command tx timeout
[  450.021969][T13233] veth1_macvtap: entered promiscuous mode
[  450.110266][T13233] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  450.183829][T13233] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  450.216420][T13233] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  450.269945][T13233] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  450.308722][T13233] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  450.348738][T13233] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  450.398828][T13233] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  450.435954][T13233] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  450.465496][T13233] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  450.498662][T13233] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  450.539212][T13233] batman_adv: batadv0: Interface activated: batadv_slave_0
[  450.582572][T13233] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  450.605405][T13233] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  450.639369][T13233] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  450.656090][T13233] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  450.679036][T13233] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  450.700918][T13233] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  450.737074][T13233] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  450.760427][T13233] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  450.795276][T13233] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  450.830420][T13233] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  450.855660][T13233] batman_adv: batadv0: Interface activated: batadv_slave_1
[  450.907766][T13233] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  450.928623][T13233] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  450.948643][T13233] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  451.008685][T13233] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  451.272028][ T3489] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  451.319230][ T3489] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  451.396986][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  451.433882][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  453.647258][T13377] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2879'.
[  454.205821][T13388] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2884'.
[  455.511919][T13419] FAULT_INJECTION: forcing a failure.
[  455.511919][T13419] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  455.575049][T13419] CPU: 1 UID: 0 PID: 13419 Comm: syz.1.2895 Tainted: G          I         6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) 
[  455.575111][T13419] Tainted: [I]=FIRMWARE_WORKAROUND
[  455.575124][T13419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  455.575145][T13419] Call Trace:
[  455.575158][T13419]  <TASK>
[  455.575173][T13419]  dump_stack_lvl+0x16c/0x1f0
[  455.575230][T13419]  should_fail_ex+0x512/0x640
[  455.575277][T13419]  should_fail_alloc_page+0xe7/0x130
[  455.575315][T13419]  prepare_alloc_pages+0x3c2/0x610
[  455.575359][T13419]  ? rcu_is_watching+0x12/0xc0
[  455.575408][T13419]  __alloc_frozen_pages_noprof+0x18f/0x23a0
[  455.575472][T13419]  ? do_raw_spin_lock+0x12c/0x2b0
[  455.575514][T13419]  ? find_held_lock+0x2b/0x80
[  455.575564][T13419]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  455.575621][T13419]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  455.575686][T13419]  ? lockdep_hardirqs_on+0x7c/0x110
[  455.575745][T13419]  ? __lock_acquire+0xaa4/0x1ba0
[  455.575798][T13419]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  455.575838][T13419]  ? policy_nodemask+0xea/0x4e0
[  455.575915][T13419]  alloc_pages_mpol+0x1fb/0x550
[  455.575950][T13419]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  455.575979][T13419]  ? __page_table_check_ptes_set+0x1ae/0x420
[  455.576035][T13419]  ? find_held_lock+0x2b/0x80
[  455.576084][T13419]  alloc_pages_noprof+0x131/0x390
[  455.576116][T13419]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[  455.576163][T13419]  get_free_pages_noprof+0xc/0x40
[  455.576197][T13419]  kasan_populate_vmalloc_pte+0x2d/0x160
[  455.576247][T13419]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[  455.576295][T13419]  __apply_to_page_range+0x5f9/0xd30
[  455.576342][T13419]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[  455.576396][T13419]  ? __pfx___apply_to_page_range+0x10/0x10
[  455.576437][T13419]  ? alloc_vmap_area+0x872/0x2970
[  455.576480][T13419]  alloc_vmap_area+0x919/0x2970
[  455.576533][T13419]  ? __pfx_alloc_vmap_area+0x10/0x10
[  455.576582][T13419]  __get_vm_area_node+0x1a7/0x300
[  455.576641][T13419]  __vmalloc_node_range_noprof+0x277/0x1540
[  455.576689][T13419]  ? bloom_map_alloc+0x302/0x4c0
[  455.576738][T13419]  ? bloom_map_alloc+0x302/0x4c0
[  455.576779][T13419]  ? aa_get_newest_label+0x375/0x680
[  455.576814][T13419]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  455.576861][T13419]  ? rcu_is_watching+0x12/0xc0
[  455.576902][T13419]  ? trace_cap_capable+0x18d/0x200
[  455.576940][T13419]  ? bloom_map_alloc+0x302/0x4c0
[  455.576980][T13419]  __bpf_map_area_alloc+0xeb/0x190
[  455.577022][T13419]  ? bloom_map_alloc+0x302/0x4c0
[  455.577063][T13419]  bloom_map_alloc+0x302/0x4c0
[  455.577105][T13419]  map_create+0x58f/0x1db0
[  455.577154][T13419]  ? __pfx_map_create+0x10/0x10
[  455.577186][T13419]  ? __might_fault+0xe3/0x190
[  455.577236][T13419]  ? __might_fault+0xe3/0x190
[  455.577283][T13419]  ? __might_fault+0x13b/0x190
[  455.577351][T13419]  __sys_bpf+0x47cc/0x4d80
[  455.577394][T13419]  ? __pfx___sys_bpf+0x10/0x10
[  455.577428][T13419]  ? kmem_cache_free+0x2d4/0x4d0
[  455.577475][T13419]  ? fd_install+0x225/0x750
[  455.577519][T13419]  ? putname+0x154/0x1a0
[  455.577559][T13419]  ? do_futex+0x122/0x350
[  455.577607][T13419]  ? __pfx_do_futex+0x10/0x10
[  455.577685][T13419]  ? xfd_validate_state+0x5d/0x180
[  455.577727][T13419]  ? rcu_is_watching+0x12/0xc0
[  455.577776][T13419]  __x64_sys_bpf+0x78/0xc0
[  455.577814][T13419]  ? lockdep_hardirqs_on+0x7c/0x110
[  455.577862][T13419]  do_syscall_64+0xcd/0x260
[  455.577915][T13419]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  455.577951][T13419] RIP: 0033:0x7fac5418d169
[  455.577978][T13419] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  455.578012][T13419] RSP: 002b:00007fac54efe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  455.578043][T13419] RAX: ffffffffffffffda RBX: 00007fac543a5fa0 RCX: 00007fac5418d169
[  455.578065][T13419] RDX: 00000000000006f4 RSI: 0000200000000100 RDI: 0000000000000000
[  455.578085][T13419] RBP: 00007fac5420e990 R08: 0000000000000000 R09: 0000000000000000
[  455.578104][T13419] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  455.578123][T13419] R13: 0000000000000000 R14: 00007fac543a5fa0 R15: 00007ffd76d57228
[  455.578164][T13419]  </TASK>
[  457.085021][T13449] netlink: 'syz.4.2910': attribute type 3 has an invalid length.
[  457.200669][T13451] netlink: 350 bytes leftover after parsing attributes in process `syz.1.2911'.
[  457.371668][T13457] program syz.3.2914 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  458.033919][T13472] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2919'.
[  458.275116][T13478] FAULT_INJECTION: forcing a failure.
[  458.275116][T13478] name failslab, interval 1, probability 0, space 0, times 0
[  458.318736][T13478] CPU: 1 UID: 0 PID: 13478 Comm: syz.3.2921 Tainted: G          I         6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) 
[  458.318796][T13478] Tainted: [I]=FIRMWARE_WORKAROUND
[  458.318808][T13478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  458.318829][T13478] Call Trace:
[  458.318842][T13478]  <TASK>
[  458.318856][T13478]  dump_stack_lvl+0x16c/0x1f0
[  458.318915][T13478]  should_fail_ex+0x512/0x640
[  458.318955][T13478]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  458.319007][T13478]  should_failslab+0xc2/0x120
[  458.319039][T13478]  __kmalloc_cache_noprof+0x6a/0x3e0
[  458.319087][T13478]  ? pty_common_install+0x10e/0xb30
[  458.319154][T13478]  pty_common_install+0x10e/0xb30
[  458.319210][T13478]  ? __pfx_pty_install+0x10/0x10
[  458.319267][T13478]  tty_init_dev.part.0+0x99/0x500
[  458.319308][T13478]  tty_open+0xa50/0xf90
[  458.319353][T13478]  ? __pfx_tty_open+0x10/0x10
[  458.319389][T13478]  ? chrdev_open+0x58c/0x6a0
[  458.319449][T13478]  ? __pfx_tty_open+0x10/0x10
[  458.319483][T13478]  chrdev_open+0x231/0x6a0
[  458.319540][T13478]  ? __pfx_chrdev_open+0x10/0x10
[  458.319599][T13478]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  458.319658][T13478]  do_dentry_open+0x741/0x1c10
[  458.319708][T13478]  ? __pfx_chrdev_open+0x10/0x10
[  458.319773][T13478]  vfs_open+0x82/0x3f0
[  458.319814][T13478]  path_openat+0x1e5e/0x2d40
[  458.319884][T13478]  ? __pfx_path_openat+0x10/0x10
[  458.319948][T13478]  do_filp_open+0x20b/0x470
[  458.320001][T13478]  ? __pfx_do_filp_open+0x10/0x10
[  458.320089][T13478]  ? alloc_fd+0x471/0x7d0
[  458.320152][T13478]  do_sys_openat2+0x11b/0x1d0
[  458.320189][T13478]  ? __pfx_do_sys_openat2+0x10/0x10
[  458.320246][T13478]  __x64_sys_openat+0x174/0x210
[  458.320292][T13478]  ? __pfx___x64_sys_openat+0x10/0x10
[  458.320332][T13478]  ? rcu_is_watching+0x12/0xc0
[  458.320389][T13478]  do_syscall_64+0xcd/0x260
[  458.320445][T13478]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  458.320480][T13478] RIP: 0033:0x7fafb958d169
[  458.320509][T13478] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  458.320542][T13478] RSP: 002b:00007fafba318038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  458.320576][T13478] RAX: ffffffffffffffda RBX: 00007fafb97a5fa0 RCX: 00007fafb958d169
[  458.320599][T13478] RDX: 0000000000040000 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  458.320622][T13478] RBP: 00007fafb960e990 R08: 0000000000000000 R09: 0000000000000000
[  458.320644][T13478] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  458.320666][T13478] R13: 0000000000000000 R14: 00007fafb97a5fa0 R15: 00007ffe379d2008
[  458.320712][T13478]  </TASK>
[  459.602698][T13496] netlink: 'syz.5.2928': attribute type 1 has an invalid length.
[  459.618708][T13496] netlink: 32 bytes leftover after parsing attributes in process `syz.5.2928'.
[  461.703073][T13535] FAULT_INJECTION: forcing a failure.
[  461.703073][T13535] name failslab, interval 1, probability 0, space 0, times 0
[  461.728507][T13535] CPU: 0 UID: 0 PID: 13535 Comm: syz.5.2942 Tainted: G          I         6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) 
[  461.728564][T13535] Tainted: [I]=FIRMWARE_WORKAROUND
[  461.728576][T13535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  461.728597][T13535] Call Trace:
[  461.728608][T13535]  <TASK>
[  461.728621][T13535]  dump_stack_lvl+0x16c/0x1f0
[  461.728678][T13535]  should_fail_ex+0x512/0x640
[  461.728719][T13535]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  461.728776][T13535]  should_failslab+0xc2/0x120
[  461.728810][T13535]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  461.728863][T13535]  ? __kernfs_new_node+0xd2/0x8a0
[  461.728922][T13535]  __kernfs_new_node+0xd2/0x8a0
[  461.728986][T13535]  ? __pfx_idr_alloc_u32+0x10/0x10
[  461.729033][T13535]  ? __pfx___kernfs_new_node+0x10/0x10
[  461.729099][T13535]  ? find_held_lock+0x2b/0x80
[  461.729145][T13535]  ? kernfs_root+0xee/0x2a0
[  461.729206][T13535]  kernfs_new_node+0x13c/0x1e0
[  461.729249][T13535]  __kernfs_create_file+0x53/0x350
[  461.729299][T13535]  sysfs_add_file_mode_ns+0x207/0x3c0
[  461.729361][T13535]  internal_create_group+0x578/0xf30
[  461.729428][T13535]  ? __pfx_internal_create_group+0x10/0x10
[  461.729491][T13535]  ? kernfs_create_link+0x1bd/0x240
[  461.729543][T13535]  internal_create_groups+0x9d/0x150
[  461.729604][T13535]  device_add+0x6d1/0x1a70
[  461.729645][T13535]  ? __pfx_device_add+0x10/0x10
[  461.729680][T13535]  ? lockdep_init_map_type+0x5c/0x280
[  461.729715][T13535]  ? __init_waitqueue_head+0xca/0x150
[  461.729766][T13535]  netdev_register_kobject+0x182/0x3a0
[  461.729826][T13535]  register_netdevice+0x13dc/0x2270
[  461.729886][T13535]  ? __pfx_register_netdevice+0x10/0x10
[  461.729956][T13535]  __ip_tunnel_create+0x4a8/0x680
[  461.730009][T13535]  ? __pfx___ip_tunnel_create+0x10/0x10
[  461.730073][T13535]  ip_tunnel_init_net+0x22f/0x7d0
[  461.730127][T13535]  ? __pfx_ip_tunnel_init_net+0x10/0x10
[  461.730185][T13535]  ? trace_kmalloc+0x2b/0xd0
[  461.730218][T13535]  ? lockdep_init_map_type+0x5c/0x280
[  461.730255][T13535]  ? __pfx_ipgre_init_net+0x10/0x10
[  461.730296][T13535]  ops_init+0x1df/0x5f0
[  461.730348][T13535]  setup_net+0x21e/0x850
[  461.730398][T13535]  ? __pfx_setup_net+0x10/0x10
[  461.730443][T13535]  ? lockdep_init_map_type+0x5c/0x280
[  461.730475][T13535]  ? __pfx_down_read_killable+0x10/0x10
[  461.730511][T13535]  ? debug_mutex_init+0x37/0x70
[  461.730550][T13535]  copy_net_ns+0x2a6/0x5f0
[  461.730596][T13535]  create_new_namespaces+0x3ea/0xad0
[  461.730644][T13535]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  461.730687][T13535]  ksys_unshare+0x45b/0xa40
[  461.730732][T13535]  ? __pfx_ksys_unshare+0x10/0x10
[  461.730773][T13535]  ? xfd_validate_state+0x5d/0x180
[  461.730805][T13535]  ? rcu_is_watching+0x12/0xc0
[  461.730848][T13535]  __x64_sys_unshare+0x31/0x40
[  461.730890][T13535]  do_syscall_64+0xcd/0x260
[  461.730935][T13535]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  461.730970][T13535] RIP: 0033:0x7f3c7ad8d169
[  461.730994][T13535] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  461.731021][T13535] RSP: 002b:00007f3c7bcb0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  461.731047][T13535] RAX: ffffffffffffffda RBX: 00007f3c7afa5fa0 RCX: 00007f3c7ad8d169
[  461.731066][T13535] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  461.731083][T13535] RBP: 00007f3c7ae0e990 R08: 0000000000000000 R09: 0000000000000000
[  461.731100][T13535] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  461.731116][T13535] R13: 0000000000000000 R14: 00007f3c7afa5fa0 R15: 00007ffc7e81d5c8
[  461.731152][T13535]  </TASK>
[  462.502011][T13526] kexec: Could not allocate control_code_buffer
[  462.699909][T13543] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2945'.
[  464.457647][T13589] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2966'.
[  465.391936][T13607] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2972'.
[  466.295136][T13628] FAULT_INJECTION: forcing a failure.
[  466.295136][T13628] name failslab, interval 1, probability 0, space 0, times 0
[  466.462614][T13628] CPU: 1 UID: 0 PID: 13628 Comm: syz.5.2983 Tainted: G          I         6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) 
[  466.462671][T13628] Tainted: [I]=FIRMWARE_WORKAROUND
[  466.462684][T13628] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  466.462704][T13628] Call Trace:
[  466.462715][T13628]  <TASK>
[  466.462727][T13628]  dump_stack_lvl+0x16c/0x1f0
[  466.462783][T13628]  should_fail_ex+0x512/0x640
[  466.462821][T13628]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  466.462872][T13628]  should_failslab+0xc2/0x120
[  466.462904][T13628]  __kmalloc_cache_noprof+0x6a/0x3e0
[  466.462949][T13628]  ? vgem_open+0x43/0xe0
[  466.462990][T13628]  vgem_open+0x43/0xe0
[  466.463024][T13628]  ? __pfx_vgem_open+0x10/0x10
[  466.463058][T13628]  drm_file_alloc+0x57a/0x9a0
[  466.463124][T13628]  drm_open_helper+0x204/0x550
[  466.463184][T13628]  drm_open+0x1a0/0x3e0
[  466.463247][T13628]  ? __pfx_drm_open+0x10/0x10
[  466.463299][T13628]  drm_stub_open+0x20c/0x380
[  466.463352][T13628]  ? __pfx_drm_stub_open+0x10/0x10
[  466.463405][T13628]  chrdev_open+0x231/0x6a0
[  466.463456][T13628]  ? __pfx_apparmor_file_open+0x10/0x10
[  466.463500][T13628]  ? __pfx_chrdev_open+0x10/0x10
[  466.463555][T13628]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  466.463614][T13628]  do_dentry_open+0x741/0x1c10
[  466.463663][T13628]  ? __pfx_chrdev_open+0x10/0x10
[  466.463725][T13628]  vfs_open+0x82/0x3f0
[  466.463763][T13628]  path_openat+0x1e5e/0x2d40
[  466.463829][T13628]  ? __pfx_path_openat+0x10/0x10
[  466.463888][T13628]  do_filp_open+0x20b/0x470
[  466.463939][T13628]  ? __pfx_do_filp_open+0x10/0x10
[  466.464019][T13628]  ? alloc_fd+0x471/0x7d0
[  466.464080][T13628]  do_sys_openat2+0x11b/0x1d0
[  466.464115][T13628]  ? __pfx_do_sys_openat2+0x10/0x10
[  466.464167][T13628]  __x64_sys_openat+0x174/0x210
[  466.464205][T13628]  ? __pfx___x64_sys_openat+0x10/0x10
[  466.464254][T13628]  ? rcu_is_watching+0x12/0xc0
[  466.464306][T13628]  do_syscall_64+0xcd/0x260
[  466.464359][T13628]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  466.464393][T13628] RIP: 0033:0x7f3c7ad8d169
[  466.464419][T13628] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  466.464453][T13628] RSP: 002b:00007f3c7bcb0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  466.464485][T13628] RAX: ffffffffffffffda RBX: 00007f3c7afa5fa0 RCX: 00007f3c7ad8d169
[  466.464507][T13628] RDX: 0000000000000800 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  466.464528][T13628] RBP: 00007f3c7ae0e990 R08: 0000000000000000 R09: 0000000000000000
[  466.464548][T13628] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  466.464568][T13628] R13: 0000000000000000 R14: 00007f3c7afa5fa0 R15: 00007ffc7e81d5c8
[  466.464610][T13628]  </TASK>
[  467.287036][T13641] FAULT_INJECTION: forcing a failure.
[  467.287036][T13641] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  467.368699][T13641] CPU: 0 UID: 0 PID: 13641 Comm: syz.5.2988 Tainted: G          I         6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) 
[  467.368760][T13641] Tainted: [I]=FIRMWARE_WORKAROUND
[  467.368773][T13641] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  467.368793][T13641] Call Trace:
[  467.368804][T13641]  <TASK>
[  467.368817][T13641]  dump_stack_lvl+0x16c/0x1f0
[  467.368874][T13641]  should_fail_ex+0x512/0x640
[  467.368920][T13641]  should_fail_alloc_page+0xe7/0x130
[  467.368956][T13641]  prepare_alloc_pages+0x3c2/0x610
[  467.369000][T13641]  ? rcu_is_watching+0x12/0xc0
[  467.369047][T13641]  __alloc_frozen_pages_noprof+0x18f/0x23a0
[  467.369110][T13641]  ? stack_trace_save+0x8e/0xc0
[  467.369156][T13641]  ? __pfx_stack_trace_save+0x10/0x10
[  467.369200][T13641]  ? stack_depot_save_flags+0x28/0xa50
[  467.369240][T13641]  ? __lock_acquire+0xaa4/0x1ba0
[  467.369293][T13641]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  467.369348][T13641]  ? kasan_save_stack+0x42/0x60
[  467.369412][T13641]  ? kasan_save_stack+0x33/0x60
[  467.369456][T13641]  ? kasan_save_track+0x14/0x30
[  467.369499][T13641]  ? __kasan_kmalloc+0xaa/0xb0
[  467.369543][T13641]  ? mon_bin_open+0x1a8/0x4a0
[  467.369586][T13641]  ? chrdev_open+0x231/0x6a0
[  467.369638][T13641]  ? __x64_sys_openat+0x174/0x210
[  467.369669][T13641]  ? do_syscall_64+0xcd/0x260
[  467.369724][T13641]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  467.369769][T13641]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  467.369811][T13641]  ? policy_nodemask+0xea/0x4e0
[  467.369874][T13641]  alloc_pages_mpol+0x1fb/0x550
[  467.369911][T13641]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  467.369954][T13641]  alloc_pages_noprof+0x131/0x390
[  467.369987][T13641]  get_zeroed_page_noprof+0x14/0x50
[  467.370027][T13641]  mon_alloc_buff+0xbc/0x180
[  467.370072][T13641]  ? kasan_save_track+0x14/0x30
[  467.370126][T13641]  mon_bin_open+0x207/0x4a0
[  467.370170][T13641]  ? __pfx_mon_bin_open+0x10/0x10
[  467.370214][T13641]  chrdev_open+0x231/0x6a0
[  467.370265][T13641]  ? __pfx_chrdev_open+0x10/0x10
[  467.370320][T13641]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  467.370385][T13641]  do_dentry_open+0x741/0x1c10
[  467.370436][T13641]  ? __pfx_chrdev_open+0x10/0x10
[  467.370498][T13641]  vfs_open+0x82/0x3f0
[  467.370538][T13641]  path_openat+0x1e5e/0x2d40
[  467.370603][T13641]  ? __pfx_path_openat+0x10/0x10
[  467.370664][T13641]  do_filp_open+0x20b/0x470
[  467.370718][T13641]  ? __pfx_do_filp_open+0x10/0x10
[  467.370797][T13641]  ? alloc_fd+0x471/0x7d0
[  467.370858][T13641]  do_sys_openat2+0x11b/0x1d0
[  467.370895][T13641]  ? __pfx_do_sys_openat2+0x10/0x10
[  467.370951][T13641]  __x64_sys_openat+0x174/0x210
[  467.370990][T13641]  ? __pfx___x64_sys_openat+0x10/0x10
[  467.371031][T13641]  ? rcu_is_watching+0x12/0xc0
[  467.371087][T13641]  do_syscall_64+0xcd/0x260
[  467.371143][T13641]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  467.371178][T13641] RIP: 0033:0x7f3c7ad8d169
[  467.371207][T13641] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  467.371241][T13641] RSP: 002b:00007f3c7bcb0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  467.371275][T13641] RAX: ffffffffffffffda RBX: 00007f3c7afa5fa0 RCX: 00007f3c7ad8d169
[  467.371297][T13641] RDX: 0000000000080000 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  467.371318][T13641] RBP: 00007f3c7ae0e990 R08: 0000000000000000 R09: 0000000000000000
[  467.371339][T13641] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  467.371358][T13641] R13: 0000000000000000 R14: 00007f3c7afa5fa0 R15: 00007ffc7e81d5c8
[  467.371411][T13641]  </TASK>
[  468.556325][T13656] program syz.4.2994 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  471.846501][T13697] netlink: 334 bytes leftover after parsing attributes in process `syz.5.3009'.
[  471.869281][T13695] netlink: 342 bytes leftover after parsing attributes in process `syz.4.3016'.
[  472.489021][T13705] FAULT_INJECTION: forcing a failure.
[  472.489021][T13705] name failslab, interval 1, probability 0, space 0, times 0
[  472.604330][T13705] CPU: 1 UID: 0 PID: 13705 Comm: syz.5.3012 Tainted: G          I         6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) 
[  472.604394][T13705] Tainted: [I]=FIRMWARE_WORKAROUND
[  472.604408][T13705] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  472.604431][T13705] Call Trace:
[  472.604442][T13705]  <TASK>
[  472.604456][T13705]  dump_stack_lvl+0x16c/0x1f0
[  472.604512][T13705]  should_fail_ex+0x512/0x640
[  472.604550][T13705]  ? fs_reclaim_acquire+0xae/0x150
[  472.604595][T13705]  ? tomoyo_open_control+0x51f/0xa30
[  472.604655][T13705]  should_failslab+0xc2/0x120
[  472.604688][T13705]  __kmalloc_noprof+0xd2/0x510
[  472.604750][T13705]  tomoyo_open_control+0x51f/0xa30
[  472.604811][T13705]  do_dentry_open+0x741/0x1c10
[  472.604859][T13705]  ? __pfx_tomoyo_open+0x10/0x10
[  472.605056][T13705]  vfs_open+0x82/0x3f0
[  472.605113][T13705]  path_openat+0x1e5e/0x2d40
[  472.605183][T13705]  ? __pfx_path_openat+0x10/0x10
[  472.605279][T13705]  do_filp_open+0x20b/0x470
[  472.605334][T13705]  ? __pfx_do_filp_open+0x10/0x10
[  472.605410][T13705]  ? alloc_fd+0x471/0x7d0
[  472.605467][T13705]  do_sys_openat2+0x11b/0x1d0
[  472.605502][T13705]  ? __pfx_do_sys_openat2+0x10/0x10
[  472.605549][T13705]  __x64_sys_openat+0x174/0x210
[  472.605583][T13705]  ? __pfx___x64_sys_openat+0x10/0x10
[  472.605621][T13705]  ? rcu_is_watching+0x12/0xc0
[  472.605677][T13705]  do_syscall_64+0xcd/0x260
[  472.605733][T13705]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  472.605816][T13705] RIP: 0033:0x7f3c7ad8d169
[  472.605846][T13705] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  472.605883][T13705] RSP: 002b:00007f3c7bcb0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  472.605918][T13705] RAX: ffffffffffffffda RBX: 00007f3c7afa5fa0 RCX: 00007f3c7ad8d169
[  472.605941][T13705] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  472.605963][T13705] RBP: 00007f3c7ae0e990 R08: 0000000000000000 R09: 0000000000000000
[  472.605984][T13705] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  472.606005][T13705] R13: 0000000000000000 R14: 00007f3c7afa5fa0 R15: 00007ffc7e81d5c8
[  472.606048][T13705]  </TASK>
[  476.609210][T13745] netlink: 'syz.4.3026': attribute type 19 has an invalid length.
[  476.642143][T13745] netlink: 334 bytes leftover after parsing attributes in process `syz.4.3026'.
[  477.381068][T13771] 
[  477.383943][T13771] ======================================================
[  477.392530][T13771] WARNING: possible circular locking dependency detected
[  477.402896][T13771] 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 Tainted: G          I        
[  477.414489][T13771] ------------------------------------------------------
[  477.424510][T13771] syz.4.3038/13771 is trying to acquire lock:
[  477.432118][T13771] ffff888033d73198 (sk_lock-AF_INET){+.+.}-{0:0}, at: sockopt_lock_sock+0x54/0x70
[  477.444214][T13771] 
[  477.444214][T13771] but task is already holding lock:
[  477.453816][T13771] ffffffff9012d9e8 (rtnl_mutex){+.+.}-{4:4}, at: do_ip_setsockopt+0xf6/0x3240
[  477.465984][T13771] 
[  477.465984][T13771] which lock already depends on the new lock.
[  477.465984][T13771] 
[  477.478936][T13771] 
[  477.478936][T13771] the existing dependency chain (in reverse order) is:
[  477.489800][T13771] 
[  477.489800][T13771] -> #1 (rtnl_mutex){+.+.}-{4:4}:
[  477.498492][T13771]        __mutex_lock+0x199/0xb90
[  477.504574][T13771]        smc_vlan_by_tcpsk+0x251/0x620
[  477.511161][T13771]        __smc_connect+0x44b/0x4880
[  477.517425][T13771]        smc_connect_work+0x54c/0xae0
[  477.524256][T13771]        process_one_work+0x9cc/0x1b70
[  477.530846][T13771]        worker_thread+0x6c8/0xf10
[  477.537008][T13771]        kthread+0x3c2/0x780
[  477.542855][T13771]        ret_from_fork+0x45/0x80
[  477.548804][T13771]        ret_from_fork_asm+0x1a/0x30
[  477.555341][T13771] 
[  477.555341][T13771] -> #0 (sk_lock-AF_INET){+.+.}-{0:0}:
[  477.564566][T13771]        __lock_acquire+0x1173/0x1ba0
[  477.571053][T13771]        lock_acquire+0x179/0x350
[  477.577109][T13771]        lock_sock_nested+0x41/0xf0
[  477.583373][T13771]        sockopt_lock_sock+0x54/0x70
[  477.589745][T13771]        do_ip_setsockopt+0xfe/0x3240
[  477.596213][T13771]        ip_setsockopt+0x59/0xf0
[  477.602161][T13771]        do_sock_setsockopt+0x221/0x470
[  477.608994][T13771]        __sys_setsockopt+0x1a0/0x230
[  477.615480][T13771]        __x64_sys_setsockopt+0xbd/0x160
[  477.622374][T13771]        do_syscall_64+0xcd/0x260
[  477.628871][T13771]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  477.637002][T13771] 
[  477.637002][T13771] other info that might help us debug this:
[  477.637002][T13771] 
[  477.649813][T13771]  Possible unsafe locking scenario:
[  477.649813][T13771] 
[  477.658890][T13771]        CPU0                    CPU1
[  477.665547][T13771]        ----                    ----
[  477.672201][T13771]   lock(rtnl_mutex);
[  477.677029][T13771]                                lock(sk_lock-AF_INET);
[  477.685685][T13771]                                lock(rtnl_mutex);
[  477.694039][T13771]   lock(sk_lock-AF_INET);
[  477.700044][T13771] 
[  477.700044][T13771]  *** DEADLOCK ***
[  477.700044][T13771] 
[  477.710377][T13771] 1 lock held by syz.4.3038/13771:
[  477.716948][T13771]  #0: ffffffff9012d9e8 (rtnl_mutex){+.+.}-{4:4}, at: do_ip_setsockopt+0xf6/0x3240
[  477.728817][T13771] 
[  477.728817][T13771] stack backtrace:
[  477.736355][T13771] CPU: 0 UID: 0 PID: 13771 Comm: syz.4.3038 Tainted: G          I         6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) 
[  477.736404][T13771] Tainted: [I]=FIRMWARE_WORKAROUND
[  477.736417][T13771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  477.736435][T13771] Call Trace:
[  477.736461][T13771]  <TASK>
[  477.736473][T13771]  dump_stack_lvl+0x116/0x1f0
[  477.736521][T13771]  print_circular_bug+0x275/0x350
[  477.736569][T13771]  check_noncircular+0x14c/0x170
[  477.736619][T13771]  __lock_acquire+0x1173/0x1ba0
[  477.736670][T13771]  ? do_ip_setsockopt+0xf6/0x3240
[  477.736701][T13771]  lock_acquire+0x179/0x350
[  477.736725][T13771]  ? sockopt_lock_sock+0x54/0x70
[  477.736769][T13771]  lock_sock_nested+0x41/0xf0
[  477.736805][T13771]  ? sockopt_lock_sock+0x54/0x70
[  477.736842][T13771]  sockopt_lock_sock+0x54/0x70
[  477.736879][T13771]  do_ip_setsockopt+0xfe/0x3240
[  477.736921][T13771]  ? __pfx_do_ip_setsockopt+0x10/0x10
[  477.736951][T13771]  ? aa_sk_perm+0x2f4/0xb10
[  477.736984][T13771]  ? __lock_acquire+0x5ca/0x1ba0
[  477.737030][T13771]  ? __pfx_aa_sk_perm+0x10/0x10
[  477.737061][T13771]  ? percpu_counter_add_batch+0xb8/0x1f0
[  477.737094][T13771]  ip_setsockopt+0x59/0xf0
[  477.737120][T13771]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  477.737183][T13771]  do_sock_setsockopt+0x221/0x470
[  477.737229][T13771]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  477.737284][T13771]  __sys_setsockopt+0x1a0/0x230
[  477.737323][T13771]  __x64_sys_setsockopt+0xbd/0x160
[  477.737358][T13771]  ? do_syscall_64+0x91/0x260
[  477.737405][T13771]  ? lockdep_hardirqs_on+0x7c/0x110
[  477.737445][T13771]  do_syscall_64+0xcd/0x260
[  477.737490][T13771]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  477.737520][T13771] RIP: 0033:0x7f683e98d169
[  477.737544][T13771] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  477.737573][T13771] RSP: 002b:00007f683f85f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  477.737600][T13771] RAX: ffffffffffffffda RBX: 00007f683eba5fa0 RCX: 00007f683e98d169
[  477.737619][T13771] RDX: 0000000000000029 RSI: 0000000000000000 RDI: 0000000000000003
[  477.737637][T13771] RBP: 00007f683ea0e990 R08: 0000000000008000 R09: 0000000000000000
[  477.737655][T13771] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000000
[  477.737674][T13771] R13: 0000000000000000 R14: 00007f683eba5fa0 R15: 00007ffeb8daeca8
[  477.737701][T13771]  </TASK>
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  478.160267][T13774] netlink: 346 bytes leftover after parsing attributes in process `syz.3.3033'.