last executing test programs:

2m59.953376932s ago: executing program 0 (id=74):
r0 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0)
mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffc000/0x4000)=nil, 0x401f, 0x1, 0x8e051, r0, 0x0)
bpf$auto(0xd, 0x0, 0x6f5)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
init_module$auto(0x0, 0xffff9, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x8000000000000000, 0x15)
madvise$auto(0x0, 0x2000000080000001, 0x3)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
capget$auto(0x0, 0xfffffffffffffffe)
capset$auto(0x0, 0x0)
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x80, 0x0)
move_mount$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x91e4)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
r1 = socket(0x10, 0x2, 0x0)
statmount$auto(0x0, 0x0, 0x1fe, 0xd)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000)
sendmmsg$auto(r1, 0x0, 0x7, 0x4008)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
move_mount$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x91e4)
mmap$auto(0x0, 0x200003, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000)

2m56.216431915s ago: executing program 0 (id=81):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
syz_clone(0x40100100, 0x0, 0x0, 0x0, 0x0, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/platform/vkms/graphics/fb0/state\x00', 0xc2481, 0x0)
write$auto(r0, 0x0, 0x81)
acct$auto(&(0x7f0000000000)='/dev/fb0\x00')
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
r1 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x102, 0x0)
write$auto_console_fops_tty_io(r1, 0x0, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_xfs_dir_file_operations_xfs_file(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/bluetooth/hci7/hci7:201\x00', 0x4000, 0x0)
openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/smaps_rollup\x00', 0x40000, 0x0)
ioprio_set$auto(0x3, 0x0, 0x4b34)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x8081, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0)
open(0x0, 0xc0000, 0x1)
writev$auto(0x1, &(0x7f0000000100)={0x0, 0x400000000000fdef}, 0x1)
fcntl$auto(0x0, 0x407, 0x100000)
madvise$auto(0x4, 0xffffffffffff0005, 0x19)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2)
mbind$auto(0x9, 0x3ff, 0x6, 0x0, 0xd, 0x3)

2m54.776268132s ago: executing program 0 (id=85):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x10, 0x2, 0x4)
r0 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000740), 0x101000, 0x0)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000)
r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/rpc/auth.rpcsec.context/channel\x00', 0x101002, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
capget$auto(0x0, 0xfffffffffffffffe)
capset$auto(0x0, &(0x7f0000000180)={0x1, 0x7, 0x6})
setdomainname$auto(0x0, 0x551)
r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/dev\x00', 0x40100, 0x0)
pread64$auto(r2, 0x0, 0x10001, 0x830)
write$auto(r1, 0x0, 0x100)
r3 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/block/nbd11/sched/queued\x00', 0xa000, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/amidi2\x00', 0x400800, 0x0)
read$auto_blk_mq_debugfs_fops_blk_mq_debugfs(r3, &(0x7f0000000040)=""/124, 0x7c)
mmap$auto(0x0, 0x2020009, 0xaa, 0xeb1, 0xffffffffffffffff, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x4)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
lsm_list_modules$auto(0x0, 0x0, 0x0)
ioctl$auto_USB_RAW_IOCTL_RUN(r0, 0x5501, 0x0)
socket(0xa, 0x3, 0x3a)
syz_clone(0x2360411, 0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt$auto(0x400000000000003, 0x29, 0xca, 0x0, 0x566)

2m50.934420167s ago: executing program 0 (id=91):
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80102, 0x0)
r1 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000080), 0x48180, 0x0)
ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f0000000280)={{0x3, 0x1000, 0x1, 0x1, 0x8}, "654c6dbc7a4d30983899a7e1325b6a29ba1e184410ba9f74e82a3fa6c3ccf1bf"})
ioctl$auto_SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, &(0x7f00000002c0)={0x7fe3, 0x6, "b908674cfda2f7f351c66f681b0cf4a6f675fcee96065fdca6f219ea386de55097e14dbb38e0462dd9d44d7c6c55e2a5937efe361800", "3b6e33d493a9c79b3387938d612ceab5a4a20e605cd0842aa149397ff8063b45d44f8ce95fa39df1e5e1fc5e51f00fa2dfcc38c9b1ef6596b9e746f5e48ac07048156ea6be1e1ca5d281c7bb11333d0f", 0x397, 0x3, "d3bc655e384df871894a5771758ff164f2cd8098ac193333046911421bc3f1a0cf5d0300000000000000a9001fa7efb0600cc93b5b84a000"})
open(&(0x7f0000000000)='./file0\x00', 0x10ba00, 0x114)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)
write$auto(0x3, 0x0, 0x100082)
mmap$auto(0x9, 0x4020009, 0xdf, 0xeb1, r0, 0xb)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
ioperm$auto(0x2, 0x31c, 0x4)
add_key$auto(0x0, 0x0, 0x0, 0x1, 0x8010)
msgget$auto(0x0, 0x77d9)
msgrcv$auto(0x0, 0x0, 0xff9, 0x0, 0xb1)
openat$auto_l2cap_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x402000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0xffffffffffffffff, 0x2020409, 0x100, 0xeb1, 0xffffffffffffffff, 0x8000)
pread64$auto(0xffffffffffffffff, 0x0, 0x83, 0x68)
mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/kernel/perf_event_max_contexts_per_stack\x00', 0x202, 0x0)
msgrcv$auto(0x0, 0x0, 0xffc, 0x1, 0xb1)
msgctl$auto(0x0, 0x0, 0x0)
r2 = epoll_create$auto(0xc)
msgsnd$auto(0xbfc, &(0x7f0000000080)={0x2, 0x40}, 0x8, 0x200)
epoll_pwait2$auto(r2, 0x0, 0x8, &(0x7f0000002780)={0x0, 0x6}, 0x0, 0x8)

2m48.260919434s ago: executing program 0 (id=96):
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2b, 0x1, 0x0)
ioctl$auto(0xffffffffffffffff, 0x64c8, 0x1e2)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000)
socket(0xa, 0x2, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
unshare$auto(0x40000080)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004)
get_mempolicy$auto(0x0, 0x0, 0x3, 0x1ff, 0x3)
r1 = openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/tracing/per_cpu/cpu1/trace\x00', 0x1a6b75d63882a712, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, r1, 0x28000)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$auto_TIOCVHANGUP2(0xffffffffffffffff, 0x5437, 0x0)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), r0)
openat$auto_bm_status_operations_binfmt_misc(0xffffffffffffff9c, &(0x7f0000000100), 0x80000, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
mmap$auto(0x0, 0xe9, 0xdf, 0x9b72, 0x2, 0x8000)
write$auto(0x3, 0x0, 0xfffffdef)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0xf90000, 0x0, 0xfffffffffffffffd)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000)
clone$auto(0x21, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)

2m44.220341806s ago: executing program 0 (id=105):
prctl$auto(0x8, 0x1, 0xffffffffffffffff, 0x0, 0x0)
mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000)
socketpair$auto(0x200001e, 0x8, 0xfffffffe, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
process_vm_readv$auto(0x0, 0x0, 0x1, 0x0, 0x6, 0x0)
prctl$auto_PR_SET_SHADOW_STACK_STATUS(0x4b, 0x100000001, 0x0, 0xc, 0xd)
mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000)
mlockall$auto(0x7)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
write$auto(0x3, 0x0, 0x7fffffff)
write$auto(0x1, 0x0, 0x80000000)
preadv$auto(0x40000000000003, 0x0, 0x6, 0x8, 0x5)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2)
socket(0x848000000015, 0x805, 0x0)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "abe6de3d6468fe8000"}, 0x55)
sendmsg$auto_ETHTOOL_MSG_PAUSE_GET(r0, &(0x7f0000001a00)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40080}, 0x0)
madvise$auto(0x2000, 0xffffffffffff0001, 0x9)
sendmsg$auto_HANDSHAKE_CMD_DONE(0xffffffffffffffff, 0x0, 0x20040000)

2m29.056822818s ago: executing program 32 (id=105):
prctl$auto(0x8, 0x1, 0xffffffffffffffff, 0x0, 0x0)
mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000)
socketpair$auto(0x200001e, 0x8, 0xfffffffe, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
process_vm_readv$auto(0x0, 0x0, 0x1, 0x0, 0x6, 0x0)
prctl$auto_PR_SET_SHADOW_STACK_STATUS(0x4b, 0x100000001, 0x0, 0xc, 0xd)
mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000)
mlockall$auto(0x7)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
write$auto(0x3, 0x0, 0x7fffffff)
write$auto(0x1, 0x0, 0x80000000)
preadv$auto(0x40000000000003, 0x0, 0x6, 0x8, 0x5)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2)
socket(0x848000000015, 0x805, 0x0)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "abe6de3d6468fe8000"}, 0x55)
sendmsg$auto_ETHTOOL_MSG_PAUSE_GET(r0, &(0x7f0000001a00)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40080}, 0x0)
madvise$auto(0x2000, 0xffffffffffff0001, 0x9)
sendmsg$auto_HANDSHAKE_CMD_DONE(0xffffffffffffffff, 0x0, 0x20040000)

12.05230867s ago: executing program 2 (id=440):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(0x3, 0x0, 0x7fffffff)
write$auto(0x1, 0x0, 0x80000000)
bpf$auto(0x0, &(0x7f00000003c0)=@task_fd_query={0x0, r0, 0xd, 0x89, 0x2, 0x4, r0, 0x81, 0x9}, 0x6f4)
read$auto(0x3, 0x0, 0x80)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
readv$auto(r0, 0x0, 0x401)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
getrandom$auto(0x0, 0x6000000, 0x3)
ioctl$auto_SNDCTL_DSP_GETOSPACE(0xffffffffffffffff, 0x8010500c, &(0x7f0000004040))
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0)
mmap$auto(0x100000000002, 0x783, 0x3, 0x8000000008011, r1, 0x40)
write$auto(0x3, 0x0, 0xfffffdef)
write$auto(0x3, 0x0, 0xfffffdef)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0x2b, 0x1, 0x1)
r2 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r2, &(0x7f0000000080)={{0x0, 0xc, 0x0, 0xf3, 0x0, 0x20, 0x3}, 0x5b3}, 0x200, 0x100)
sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40)
recvmmsg$auto(r2, &(0x7f0000000140)={{0x0, 0x4, &(0x7f0000000080)={0x0, 0x803}, 0x5, 0x0, 0x2, 0x8}, 0x800}, 0x10a, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

8.587669738s ago: executing program 3 (id=450):
openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcsa\x00', 0x2a801, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
unshare$auto(0x40000080)
getrandom$auto(0x0, 0x6000000, 0x3)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x8c00, 0x0)
listmount$auto(0x0, 0x0, 0xf4240, 0x1)
mmap$auto(0x0, 0xf6, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000240)='/dev/usbmon32\x00', 0x640, 0x0)
ioctl$auto_MON_IOCX_GET(r0, 0x40189206, 0x0)
read$auto_mon_fops_binary_mon_bin(r0, 0x0, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/032/001\x00', 0x80202, 0x0)
timer_settime$auto(0x10000009, 0xfffbf38f, 0x0, 0x0)
mmap$auto(0x0, 0x9, 0xdf, 0x9b72, 0x7, 0x28000)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/input/event1\x00', 0x101, 0x0)
ioctl$auto_EVIOCGRAB(r1, 0x40044590, &(0x7f0000000140)=0x3)
writev$auto(r1, &(0x7f0000001100)={&(0x7f0000001080), 0xff}, 0x7f)
setgroups$auto(0xe32, 0x0)
ioctl$auto_UI_SET_SWBIT(0xffffffffffffffff, 0x4004556d, 0x0)
madvise$auto(0x0, 0x200007, 0x19)
mbind$auto(0x8000, 0xfa9d, 0x2, &(0x7f0000000280)=0x20000000000000fb, 0x3, 0x1)

7.977576378s ago: executing program 4 (id=451):
syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff)
socket(0x1e, 0x1, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, 0x0, 0x28082, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x1cb842, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x7f, 0x1, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/radio6\x00', 0x8a240, 0x0)
ioctl$auto(r1, 0x5646, r1)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
ioctl$auto(0x3, 0xae41, 0xffffffffffffffff)
mmap$auto(0x0, 0x20005, 0xdf, 0xeb1, r0, 0x3)
setsockopt$auto(0x3, 0x0, 0x13, 0x0, 0x9)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0xe0742, 0x0)
ioperm$auto(0x7, 0x6, 0x2)
close_range$auto(0x2, 0xa, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0)
read$auto(0xffffffffffffffff, 0x0, 0xb4d3)

7.873076122s ago: executing program 2 (id=452):
socket(0x28, 0x1, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
io_uring_setup$auto(0x7ff, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x155)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x60280, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
socket(0x2, 0x2, 0x0)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x40e983, 0xdf, 0xeb1, r0, 0x8000)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x801, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x201, 0x0)
openat$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ieee80211/phy10/netdev:wlan0/stations/08:02:11:00:00:01/aid\x00', 0x20000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
socket(0xa, 0x6, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/fs/cifs/traceSMB\x00', 0x2000, 0x0)
select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0x8, 0x1, 0x9, 0x4, 0x15f4da0b, 0x200000003, 0x5, 0xb, 0x80400000, 0x4, 0x6d3f, 0x100009, 0x2, 0x4000000000001e]}, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)

6.957588568s ago: executing program 3 (id=454):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
sysfs$auto(0x2, 0x4a, 0x0)
close_range$auto(0x2, 0x8, 0x0)
fsopen$auto(0x0, 0x1)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/rpc/nfsd.export/channel\x00', 0x8f3b7a51b8162d21, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0)
ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0xa, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f3)
r1 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(r1, r1, 0x0)
r2 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video35\x00', 0xa200, 0x0)
ioctl$auto(r2, 0xc0585611, r2)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/platform/vhci_hcd.14/usb37/37-0:1.0/ep_81/type\x00', 0x200000, 0x0)
read$auto(r3, 0x0, 0x20)
mmap$auto(0x0, 0x40009, 0xa, 0x9b72, 0x2, 0x28000)
capset$auto(&(0x7f0000000100)={0x20080522}, 0x0)
r4 = openat$auto_evm_key_ops_evm_secfs(0xffffffffffffff9c, &(0x7f00000000c0), 0x40802, 0x0)
write$auto(r4, 0x0, 0x881)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0xffffffffffffffff)
openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x224e81, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x180342, 0x0)
msgsnd$auto(0x0, &(0x7f0000000040)={0x5}, 0x1000, 0x4)

6.742638435s ago: executing program 2 (id=455):
mmap$auto(0x0, 0x10005, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
sendmsg$auto_TIPC_NL_MON_PEER_GET(0xffffffffffffffff, &(0x7f0000006140)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x20}, 0x1, 0x0, 0x0, 0x4405}, 0x4c848)
sendmsg$auto_NET_SHAPER_CMD_GROUP(0xffffffffffffffff, 0x0, 0x14)
openat$auto_tracing_iter_fops_trace(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/tracing/trace_options\x00', 0x2, 0x0)
r0 = pipe$auto(0x0)
read$auto_clear_warn_once_fops_(r0, &(0x7f0000000200)=""/61, 0x3d)
futimesat$auto(0xffffffffffffffff, 0x0, 0x0)
syz_clone(0xb4001280, &(0x7f0000000000)="2e3ccd792f28ddcfef514264934a84f22f0867eecc2e3d92463413a49cfbb1fd8e04d8f4d061b84003b8e716d885ee327ac4143835ee74b21a73ddebaee13c", 0x3f, &(0x7f0000000100), &(0x7f0000000180), &(0x7f0000000400)="e8010bd194a7cb68b96e2859e06f68fe1753069bc0f3977484c020c1d3e47fbd28c6af5e60a8d8c8f0ee37604e1b32f4840000000015b41cf12e15d6c06342bb3cd726000000efbf0186a690441098ee5413b06a95cb6ce49985ae00000000000000")
write$auto_def_blk_fops_fs(r0, 0x0, 0x0)
write$auto(r0, &(0x7f0000000480)='0[.[\x00\xf8?~\xbc\x06\x0f\x81Iq=B\vr6\x19\xd3\xd4\xd6\xab\xd0\nl\x8cb\xe7@\xbb\x0f\xe43\xe2R\x91V\xc1N\xae\xd3B\xb8,\xd0\"W\x1c\x14\xda\xf3>\xe5]\x98\xd6KLyY\x02\xbdD\a\x06<bO\xbd\xff\xbejf\xd5\t\x1f\xd0ib \xeeR7\xd0\xd6p\xd8\xf7\t\x00[v\x1c\x97\xeca\xb4\xa4\'\xa0P(\xbfZ\x8d\x06\xaeS\xe4E\x1a\xc5\x8a\xfe\xd0\x0f\x17\xb3#(:w\x03\x06\f\xcd\xafqA\xe8g\x8fT\n\x1d\x19\xfe\xa0\"\xbf\xf7\xbb\xb3\xfa\x9c^\x05\xc3\xf7Q\xfa\xe2\x94\x94\xaf9\x87\xd4\xda\xb4O\x12\x1d\x9dO\xd8\xf2iR\xe3\xc7G\xfe\xe0\x8e\xa1\\\x13\xb1rN\xac\x19\xe297`+\x16\xa9\xeb\xcc]\xb9K>\x93\x9d\x0f\xb9\x0f\x8e\xb4*\x8a\xb9\xebo+\xa6\x15\x9b\x8f\xbd\xaf\xc4\x9aW+\xc5\x82\xe1\x95\xa1A\xe4\xca\xb1~H\x91\x1d\x95\xe5\xf7ZN\xb1\xaa:a\xf6\x1ed:\v}\xdd\xc4\xb0\xb2\x11\x81<|J\xce\xf7pU03#w\xcaZbj\xa1*4\xac\x8e\xcc\xb8=\xe3\x88\xffj\xde\xca\x1fk\x97\xefU\x92\x911\xd6v!Y@\xa3\x89\xc4s\x8a\x1aRz6[\x903\x8ck\a\xc6\xe4\xb7\xa7i\\\xa9i\x002*M\xb4$|\xe1,\xa7\x93y\x12\x15\xe9F9\xeaL\x98\xe9b\xbc\xd6^\x03\xda\x8e\xbbP12\xc1\xa8\xeeh\"\xc6D\xc2\xdcoP\xbe\xe7F\xaem\xb6\x12\xd9\t\xf4L4\x03u\xb7\xde\xc2F\xf0\xca\xb8[\xa1\xdcO\xa6\xc5\n\xb3\xd5|\x89\xb4g,L\x12\x1aK\xcc\xa6\xa9\x0e\xb3\xe4#:\xf6\xdf#\x11\f\xd93\xe3\xe0\xf3\x86\x06\xbd(\xbdb\x91e\xdb\x17#\xf0\x0f}\x99\xfd\xa0\x84w\xc0\xfbX\xb9c\xf6x\xc3Q\xdd\x83a\xacy\x1e\xab\x84X\xc1\xf7R\xa2\xee%\x0eLI\x93\x9a9ht\xa3\xd3(\x97\xd9\xdc:\xacR\xb0mp\xc1\xe9\xa8\x91A\x95\xba\\8\n>x\x8dx\x1d\xe8\xc2\xdc\x13\xf1\xd3C\\\x01\xf4\x90\xc4}Z4\x04\x04}\xbc\xdb\xf7\xa3\v\xc6\xfb\x87\xf2\xd2\xa7?r&\xf9C\x7f\xa2\xfd\xf6\xf5\x1f\xc0\x00-\xadl\xd4lK#\x1b\xba3\a\xd0\xee\x87\'\x8a\a\xd0\xfe\x11}.\xef\xc0\xacG\xd2\xb7\x8at\xe7\xf4_\x00\x00\x00\x00\x00\x00\x00', 0x1)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
unshare$auto(0x40000080)
io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0x7, 0x2, 0x6, 0x7, 0xfffffffe, 0xffffffffffffffff, [0x20000, 0x0, 0x4a00], {0x6, 0x6, 0xf, 0x4d, 0x100, 0x7ff, 0x101, 0x6, 0x9}, {0x100, 0x3, 0x400052, 0x7, 0x1, 0x3d, 0x0, 0xc, 0x100000000}})
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x3, 0x3b)
socketcall$auto_SYS_SOCKET(0x1, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
getpid()
r1 = socket(0xa, 0x2, 0x0)
setsockopt$auto(r1, 0x29, 0x1b, 0x0, 0x56b)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
r2 = socket(0x2b, 0x1, 0x1)
setsockopt$auto(r2, 0x2, 0x4d, 0x0, 0x3)
getsockopt$auto(r2, 0x0, 0x80, 0x0, &(0x7f0000000040)=0x5)
close_range$auto(0x2, 0x8, 0x0)

6.161495027s ago: executing program 3 (id=457):
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bdi/1:2/max_ratio_fine\x00', 0xa001, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x3, 0x0)
openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x2002, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x400, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0x11, 0x3, 0x6)
capset$auto(0x0, &(0x7f0000000000)={0x1, 0x47, 0x8})
mmap$auto(0x0, 0x4, 0xffffffffffffffff, 0x400eb1, 0xfffffffffffffffa, 0x8000)
io_uring_setup$auto(0x6, 0x0)
close_range$auto(r0, r1, 0x400)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
r2 = socket(0xa, 0x2, 0x0)
r3 = socket(0xa, 0x3, 0xff)
connect$auto(r3, &(0x7f00000018c0)=@generic={0xa}, 0x55)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe)
mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x20000000000006, 0x2)
madvise$auto(0x0, 0xffffffffffff0004, 0x19)
syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000040), r2)
getpgid$auto(0x0)
shmctl$auto(0x0, 0x0, 0xfffffffffffffffd)
lsm_set_self_attr$auto(0x1, 0x0, 0x80, 0x0)
openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, 0x0, 0x20401, 0x0)

6.081376413s ago: executing program 4 (id=458):
r0 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000003140), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_COALESCE_GET(0xffffffffffffffff, &(0x7f0000003200)={0x0, 0x0, &(0x7f00000031c0)={&(0x7f0000003180)=ANY=[@ANYBLOB, @ANYRES16=r0, @ANYBLOB='\x00'/14], 0x14}, 0x1, 0x0, 0x0, 0x6000091}, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
unshare$auto(0x40000080)
r1 = open(&(0x7f0000000800)='./file0\x00', 0xe4201, 0x17c)
fcntl$auto(r1, 0x400, 0x1)
socket(0x1, 0x2, 0x40000008)
unshare$auto(0x40000080)
r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/ip6_mr_vif\x00', 0x0, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r2, &(0x7f00000000c0)=""/4087, 0xff7)
mmap$auto(0x0, 0x20009, 0x7, 0xeb1, 0x0, 0x8000)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/ieee80211/phy2/power/control\x00', 0x600, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000140)=""/1, 0x1)
setsockopt$auto(0x400000000000003, 0x2000002b, 0x8, 0x0, 0xd902)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd3/queue/iosched/write_expire\x00', 0x20681, 0x0)
open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x30)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nl80211(0x0, r4)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
move_pages$auto(0x0, 0xd0, 0x0, 0x0, 0x0, 0x2)
bpf$auto(0x8, &(0x7f00000001c0)=@bpf_attr_0={0x7, 0xb5, 0x10, 0x4, 0x53400000, 0xffffffffffffffff, 0x9, "2af051b26b658a20d8dc6b36c83ce63f", 0x0, 0xffffffffffffffff, 0x2, 0x7, 0x7, 0x6}, 0x10)
r5 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/038/001\x00', 0xa821, 0x0)
ioctl$auto_USBDEVFS_SUBMITURB32(r5, 0x802c550a, &(0x7f00000001c0)=ANY=[@ANYBLOB="028006000000000005"])

6.027893321s ago: executing program 1 (id=459):
mmap$auto(0xfffffffffffffffb, 0x2, 0x100000021, 0x400009b75, 0xea8a, 0x8000)
r0 = socket(0x2, 0x3, 0x2)
setsockopt$auto(0x3, 0x0, 0xc8, 0xfffffffffffffffc, 0x4)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x80000008000)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/irq/12/hwirq\x00', 0x2000, 0x0)
read$auto(r1, 0x0, 0x20)
syz_genetlink_get_family_id$auto_mac802154_hwsim(&(0x7f0000000640), 0xffffffffffffffff)
sendmsg$auto_MAC802154_HWSIM_CMD_SET_EDGE(r0, &(0x7f0000000700)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x8000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x40010)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty26\x00', 0x40002, 0x300)
fsconfig$auto_SHMEM_HUGE_FORCE(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000840)="50a54f6ba2eabf1c36410848849a4bf578fba2127b9325d59d8c3aad22be1e33e4de5da256870639611ce45c07d330882c4e22eb382bc3f634218c4e5f95ff64be95e62a53cba3835dd55f3a95a25989676b15868798fe37dafbc8ed38ddd759ebade969b17849b48c37e4b9727376283c1e26676832a95de29b384fbe53b36b29809e619b2b572524e5d41869bb11380a96c23e69c469e8ca8b98ac31158f6f5cdbd952fff7ba26557f74602433ca4136f2f5b65d1d805be9ff081d981e023b2120d0c159178d368aebecd11b865cb3bf7c063637ca6be8ab142c870c02646a68da9e4ab9ccb4f4eb5481a459b891009db00a52ad47e55d0585c679bb8d1f64cdfa41e378578e7e83581aaff5ef58b5bf92db02b94200d2a97d9f32b227fdd7d73a2c89596a7cd8e5303ea8e4db14007a2139af541af35e30933978c11bcda5d616ee80dc7758a441d3c2a32c952f69026ec57bf9d67b68a9484a2d8f65063cd110be4822bc7688bfab5eaba8ee12b3bdf05677f076df8c3ba3f1d65ce7bd47619513ef9ed583152a551dd22efbcc3c630a5832186b177b485a1664a52360b575bf556f1a5f2b359b7e9639c35194776e3cf1230a56c62796552af68ff42e8e5a898cf5f040bef55d34d1a774d38593648bebb8ae8037be494e87fe7eebccce92453b348365aafc4c16759898769fd9e264434a417fdec90422e71f5dce5b30b7a58f92cb03ead5c10d6eea4689ad1c1341140d80aa456c6625fc350b7a02e9a037b4b79eedddb0dfa870989afb52968560e94960ed25f48c0526279b09572ada44698a3b7d77ac4101b26305e2908645f3cdd7a59ef0d46adea03491dda71aefb33ff74f212720b814ea34edac9c4844199559941834712bd126f1d17e8c9fed6a121495235abeea67f114c19512803d96b69f3dfe6b827ae9ea03fc82c76fbfc0e0b76dad0d7005afc62beb2cbc5fed4fbb1d5c533d038f872c7fa374cade2cfa73d6dc7dc93d50d273505df726d7eb3c25c545af94716087b4700910ffdcb88970c0d0183c48f654e54a3ce7b036b65dd1d3e1b47a3a6ba9f24feb976e5aff37e4b8aa65b3a80b3b15ddd5bbebdb8ca0a598af6322ec10e32e3faba0a13a539d2c01de9c31a21f25a1026b43456dd14c4ce03eaaf0411b48830fe254c8078b71b56aedb9a5b6f52ab6317a48503d88dfca2f03f70b96100ffcf3467e3a1e05c94ce8879a8e49892a707b364b1fa8ed9830df29024924f88f4f16bd471619202a49d40178f34972a5f2c8556fd55877261a672f89828b5123e0b2308f3be9972b16931796a2ac563c8d16992cecc9dd853cda8de915b7b94fdd5591f2698d6fab98de", 0xfffffffffffffffe)
kexec_load$auto(0x9, 0x0, 0x0, 0x1003e0000)
socket(0xf, 0x3, 0x2)
mq_timedsend$auto(0xffffffffffffffff, 0x0, 0xe, 0xb, &(0x7f0000000180)={0xffffffffffffffff, 0x10})
ioctl$auto_SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, &(0x7f00000007c0)="dec8c1943b506aeb066db1944b039854d328881581f4f797d7e37732a7831453a165e15192a8a08f2797bf9a9c5b0ca9d9655174c3d8cce51a6fc31d8000afa8ba4f48494da9")
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
write$auto(0xffffffffffffffff, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
r3 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r4, &(0x7f0000004240)={0x0, 0x0, &(0x7f0000004200)={&(0x7f00000041c0)={0x1c, r3, 0x1, 0x70bd25, 0x25dfdbfe, {}, [@HWSIM_ATTR_IFTYPE_SUPPORT={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40c8}, 0x4048000)

5.737716313s ago: executing program 1 (id=460):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/memory/memory15/online\x00', 0xa001, 0x0)
write$auto(r0, &(0x7f0000000140)='0[.[\x00', 0xcd04)
sysfs$auto(0x2, 0x101000000000007, 0x0)
keyctl$auto(0x2000000000000017, 0x8000, 0x2d, 0xc4, 0x20803)
r1 = bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3)
mmap$auto(0x0, 0x20009, 0x20004000010000df, 0xeb2, r1, 0x8000)
fallocate$auto(0x8000000000000003, 0x0, 0xd, 0xcbd5d)
sendfile$auto(0x6, 0x3, 0x0, 0xfdef)
io_setup$auto(0x80002, 0x0)
ioctl$auto_SNDRV_PCM_IOCTL_FORWARD2(0xffffffffffffffff, 0x40084149, &(0x7f0000001080)=0x7)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0x500, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x400008, 0x5f, 0x1b5e, 0x2, 0x8000)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x0, 0x0)
mmap$auto(0x0, 0x40009, 0x36, 0x9b72, 0x7, 0x28000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x4, 0x7)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000)
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000001040), 0x40, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
fcntl$auto(0x2, 0x401, 0x80000001)
ioctl$auto_TIOCVHANGUP2(r2, 0x5437, 0x0)
r3 = openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
read$auto_rng_chrdev_ops_core(r3, &(0x7f0000000040)=""/4096, 0xfffffe82)
openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/mixer2\x00', 0x100, 0x0)

4.977205322s ago: executing program 2 (id=461):
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/fs/cifs/LinuxExtensionsEnabled\x00', 0x842, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xa0440, 0x0)
r1 = socket(0x1d, 0x5, 0x88)
getsockopt$auto(r1, 0x1, 0x40, &(0x7f00000000c0)='\x05/\xc3:\x00', &(0x7f0000000100)=0x7)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000080)=""/64, 0x40)
adjtimex$auto(&(0x7f00000006c0)={0xf332b6c, 0x0, 0x0, 0xfffffffffffffffd, 0x4e8, 0xfffffffffffffffd, 0x6, 0x0, 0x1, 0x0, 0x8, {0x100000001, 0x10000}, 0x1, 0x2, 0xfffffffffffffffd, 0x6, 0x0, 0x10000080000004, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804})
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000500)='/dev/video0\x00', 0x0, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
r3 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
socket(0xa, 0x1, 0x84)
mmap$auto(0x0, 0x6, 0xdf, 0x400009b72, 0x2, 0x80000000)
unshare$auto(0x40000080)
socket(0x15, 0x5, 0x0)
r4 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/psaux\x00', 0x2, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
write$auto_mousedev_fops_mousedev(r4, &(0x7f00000000c0), 0x0)
read$auto_mon_fops_text_t_mon_text(r3, &(0x7f0000000040)=""/64, 0x40)
clock_adjtime$auto(0x6bc8, &(0x7f00000005c0)={0x7, 0x0, 0x8, 0x8000000000000001, 0x7, 0xfffffffffffffff7, 0x6, 0x0, 0x2, 0x2, 0x1, {0xf, 0x7}, 0x82ba, 0x7ff, 0x59d, 0x5, 0x0, 0x8000000000000000, 0x100000000, 0x6, 0x9, 0x7, 0x1000})
select$auto(0x6, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x200000000007, 0xd, 0x1, 0x948b, 0x3, 0x7f, 0x3, 0x3, 0x9, 0x80000001, 0x7, 0x6d3f, 0x9, 0x9, 0xfffffffffffffffd]}, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
socket(0xf, 0x3, 0x2)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/fs/cifs/LookupCacheEnabled\x00', 0x7, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)

4.854748075s ago: executing program 4 (id=462):
r0 = gettid()
rt_sigtimedwait$auto(&(0x7f0000000000)={0x86e}, 0x0, 0x0, 0x8)
rseq$auto(0x0, 0x8000, 0x0, 0x6)
socket(0xa, 0x1, 0x84)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x4040, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000)
r1 = socket(0x2, 0x6, 0x0)
close_range$auto(0x2, 0x8, 0x0)
memfd_create$auto(0x0, 0xe)
socket(0x2, 0x1, 0x106)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x31}}, 0x6a)
sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd)
shutdown$auto(0x200000003, 0x2)
unshare$auto(0x40000080)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0)
tkill$auto(r0, 0x4)

3.579228225s ago: executing program 2 (id=463):
openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcsa\x00', 0x2a801, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
unshare$auto(0x40000080)
getrandom$auto(0x0, 0x6000000, 0x3)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x8c00, 0x0)
listmount$auto(0x0, 0x0, 0xf4240, 0x1)
mmap$auto(0x0, 0xf6, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000240)='/dev/usbmon32\x00', 0x640, 0x0)
ioctl$auto_MON_IOCX_GET(r0, 0x40189206, 0x0)
read$auto_mon_fops_binary_mon_bin(r0, 0x0, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/032/001\x00', 0x80202, 0x0)
timer_settime$auto(0x10000009, 0xfffbf38f, 0x0, 0x0)
mmap$auto(0x0, 0x9, 0xdf, 0x9b72, 0x7, 0x28000)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/input/event1\x00', 0x101, 0x0)
ioctl$auto_EVIOCGRAB(r1, 0x40044590, &(0x7f0000000140)=0x3)
writev$auto(r1, &(0x7f0000001100)={&(0x7f0000001080), 0xff}, 0x7f)
setgroups$auto(0xe32, 0x0)
ioctl$auto_UI_SET_SWBIT(0xffffffffffffffff, 0x4004556d, 0x0)
madvise$auto(0x0, 0x200007, 0x19)
mbind$auto(0x8000, 0xfa9d, 0x2, &(0x7f0000000280)=0x20000000000000fb, 0x3, 0x1)

3.578651895s ago: executing program 3 (id=464):
r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socket(0xa, 0x1, 0x84)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
socket(0x2, 0x1, 0x0)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000340)='/dev/input/event0\x00', 0x40000, 0x0)
sendmsg$auto_NL80211_CMD_SET_INTERFACE(r0, 0x0, 0x4000)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
unshare$auto(0x40000080)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
munmap$auto(0x20001000, 0x7)
poll$auto(&(0x7f0000000040)={0x3, 0x1, 0xa}, 0x5, 0x108)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010)
syz_genetlink_get_family_id$auto_802_15_4_mac(&(0x7f0000000000), r0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB], 0x1ac}}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x24044011}, 0x800)
sendmmsg$auto(0x3, &(0x7f00000000c0)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

3.577968563s ago: executing program 1 (id=471):
socket(0x28, 0x1, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
io_uring_setup$auto(0x7ff, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x155)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x60280, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
socket(0x2, 0x2, 0x0)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x40e983, 0xdf, 0xeb1, r0, 0x8000)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x801, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x201, 0x0)
openat$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ieee80211/phy10/netdev:wlan0/stations/08:02:11:00:00:01/aid\x00', 0x20000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
socket(0xa, 0x6, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/fs/cifs/traceSMB\x00', 0x2000, 0x0)
select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0x8, 0x1, 0x9, 0x4, 0x15f4da0b, 0x200000003, 0x5, 0xb, 0x80400000, 0x4, 0x6d3f, 0x100009, 0x2, 0x4000000000001e]}, 0x0)
socket(0x2, 0xa, 0xa)

3.548223017s ago: executing program 4 (id=465):
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/fs/cifs/LinuxExtensionsEnabled\x00', 0x842, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xa0440, 0x0)
r0 = socket(0x1d, 0x5, 0x88)
getsockopt$auto(r0, 0x1, 0x40, &(0x7f0000000140)='\x05/\xc3:\x00', &(0x7f0000000100)=0x7)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6c, 0x0, 0x0, 0xfffffffffffffffd, 0x4ea, 0x1, 0x6, 0x0, 0x1, 0x0, 0x8, {0x100000000, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x6, 0x0, 0x80000004, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804})
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000500)='/dev/video0\x00', 0x0, 0x0)
write$auto(0xffffffffffffffff, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
r1 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
read$auto_mon_fops_text_t_mon_text(r1, &(0x7f0000000040)=""/64, 0x40)
clock_adjtime$auto(0x6bc8, &(0x7f00000005c0)={0x7, 0x0, 0x8, 0x8000000000000001, 0x7, 0xfffffffffffffff7, 0x6, 0x0, 0x2, 0x2, 0x1, {0xf, 0x7}, 0x82ba, 0x7ff, 0x59d, 0x5, 0x0, 0x8000000000000000, 0x100000000, 0x6, 0x9, 0x7, 0x1000})
select$auto(0x6, 0x0, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/fs/cifs/LookupCacheEnabled\x00', 0x7, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x155)
socket(0xa, 0x3, 0x3b)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55)
setsockopt$auto(0x3, 0x1, 0x41, 0x0, 0x88)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)

2.595368137s ago: executing program 1 (id=466):
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/security/tomoyo/manager\x00', 0x40040, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x401bf, 0x7352, 0x34, 0x65f, 0x7fffffff, 0x2, 0x3, 0x20000002, 0x9, 0x3, 0x4, 0x4, 0xb4, 0x9, 0xa, 0x10003, 0x80, 0x4, 0x1, 0x7, 0x1002000, 0x203, 0x8, 0x84}, 0x3, 0xd)
setreuid$auto(0x0, 0x0)
pwrite64$auto(0xc8, &(0x7f0000000040)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00\x00\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e#\xae\xa9i8W\xe5Iq\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd0\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00'/231, 0xfdf2, 0x3a)
mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000)
r1 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000)
capget$auto(0x0, 0xfffffffffffffffe)
capset$auto(0x0, &(0x7f0000000180)={0x1, 0x7, 0x6})
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
open(&(0x7f0000000000)='.\x00', 0xc00, 0x409)
r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/ip_vs_conn_sync\x00', 0x0, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r2, &(0x7f0000000380)=""/23, 0x17)
r3 = socket(0x10, 0x2, 0xc)
r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/numa_zonelist_order\x00', 0x202, 0x0)
sendfile$auto(r3, r4, &(0x7f0000000000)=0x4, 0x3)
openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000000440), 0x20201, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/mnt\x00')
sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f00000000c0)="80d9575b9bede6dd68b6f7e92eb4f7f23d2508f9a8913d13fdeb19fd0e20118d6047af06e74862c495d774ec6a5d9b26ebecdb925f7c3374c9a402be", 0xb49, &(0x7f0000000100)={&(0x7f00000001c0)="1c789b6d2f0ce76cff9bc6a301fe820ec78d54d45b3811d0fc351d08475477c01eabe2ae47926f75ec9ee35b195ffb773ceb80be93f95e12be25e3ca21404752444aec5cb803329a535719964f33cc6976c7b46e07e98c1c6f955559206c167e2ae184662ea83f7481139a1d757dd87aa34b04f7a7ae2c2aba39c068d1c331885d4722079ef396dbc2ad63e1ab32dfd2f7a16afede30f4e63b3416ef923ace1876150ba21939b90837e7dd7245b85d40c32c89838c3223647332ad71c68595529e5274c732f5a6d9b40922eb6845d4dfd49e505e61f572c2eb214bea1d34ba2717e39a53352eb63beea19d95", 0x2}, 0x6, &(0x7f00000002c0)="61895e6a60c04485147a154456e29fc29cfe66ca882ffe85c20673c734eb952138720564656d7350432b39f5bc8be1a5730f417b69d703fd7bb14a10fa59ebf8b7ee871f", 0xfffffffffffffff0, 0x2}, 0x12bd}, 0x1, 0xd)
ioctl$auto(0x3, 0x4020940c, 0xffffffffffffffff)
mbind$auto(0x2000, 0x10001, 0x100000000, 0x0, 0x6, 0x2)
semget$auto(0x0, 0x13c, 0x1ff)

2.469496642s ago: executing program 4 (id=467):
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/softnet_stat\x00', 0x40102, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/modules\x00', 0x40000, 0x0)
sendmsg$auto_NL80211_CMD_STOP_AP(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0}, 0x1, 0x0, 0x0, 0xc}, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/all/disable_ipv6\x00', 0x1401, 0x0)
pread64$auto(r0, 0x0, 0x100000001, 0x3)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
readahead$auto(r2, 0xcc7f, 0x6)
syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000180), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/adsp1\x00', 0x1, 0x0)
ioctl$auto_SNDCTL_DSP_GETODELAY(r3, 0x80045017, &(0x7f0000000080))
socket$nl_generic(0x10, 0x3, 0x10)
io_uring_setup$auto(0x6, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
ioctl$auto_USBDEVFS_CONTROL32(0xffffffffffffffff, 0xc0105500, &(0x7f00000000c0)={0x3, 0x0, 0x3d34, 0xe37, 0x4, 0x3, 0x4})
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x40000008000)
sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc000}, 0x2404c800)
kexec_load$auto(0x5, 0x2, &(0x7f0000000040)={@kbuf=0x0, 0x800c000, 0x4800c000, 0x800c000}, 0x4)
read$auto(0x3, 0x0, 0x7)

2.398215013s ago: executing program 3 (id=468):
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
shmat$auto(0x59, &(0x7f0000000580)='(\x04', 0xfffffffd)
r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
socket(0x2, 0x1, 0x0)
epoll_create$auto(0x4)
mq_open$auto(&(0x7f0000000000)='/dev/sequencer2\x00', 0x5, 0x3, &(0x7f0000000040)={0xe7a2, 0x0, 0x1, 0xa})
sendmsg$auto_NL80211_CMD_SET_INTERFACE(r0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, 0x0, 0x20, 0x70bd28, 0x25dfdbff, {}, [@NL80211_ATTR_STA_PLINK_ACTION={0x5, 0x19, 0x77}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000840)='/proc/sys/vm/dirty_background_ratio\x00', 0x80000, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0)
sched_get_priority_min$auto(0x40)
openat$auto_proc_projid_map_operations_base(0xffffffffffffff9c, 0x0, 0x101002, 0x0)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
gettimeofday$auto(&(0x7f0000000040)={0xb1c3, 0x401}, 0x0)
openat$auto_proc_mounts_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/mounts\x00', 0x40800, 0x0)
mkdir$auto(0x0, 0xe34e)
chroot$auto(&(0x7f0000000200)='./file0\x00')
ioperm$auto(0x3, 0x38c, 0x9)
openat2$dir(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x40, 0x10, 0xc}, 0x18)
openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000000c0), 0x40, 0x0)

1.36677505s ago: executing program 1 (id=469):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendfile$auto(0x1, 0x3, 0x0, 0xc01)
r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0x1, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
set_mempolicy$auto(0x6, &(0x7f0000000000)=0x7fffffffffffffff, 0x4)
setsockopt$auto_SO_MARK(r1, 0xd, 0x24, &(0x7f0000000100)=']}&##/\'.\x00', 0x6)
mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000)
unshare$auto(0x40000080)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/psaux\x00', 0x2, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/udp_early_demux\x00', 0x28802, 0x0)
read$auto(0x3, 0x0, 0x80)
r2 = openat$auto_nsim_pp_hold_fops_netdev(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/netdevsim/netdevsim0/ports/3/pp_hold\x00', 0xc0b02, 0x0)
write$auto(r2, 0x0, 0xc70)
bpf$auto(0x0, &(0x7f00000001c0)=@test={0xffffffffffffffff, 0xffff, 0xfffff0b6, 0xffff, 0x84, 0xac1, 0x2, 0x36242398, 0xfffff5b2, 0x3bb, 0x7, 0xffff, 0x6, 0x81, 0x68198}, 0x2)
semtimedop$auto(0x0, &(0x7f0000000140)={0x7, 0x81, 0x70}, 0x1f4, 0x0)
socket(0x1, 0x2, 0x4)
bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=r1, 0x4007, @old_prog_fd=0x13b}, 0xa3)
quotactl_fd$auto(r0, 0x4, 0xffffffffffffffff, 0x0)
setpgid$auto(0x0, 0x0)
getdents64$auto(0xffffffffffffffff, 0x0, 0x400)
ioctl$auto_VHOST_VSOCK_SET_RUNNING(0xffffffffffffffff, 0x4004af61, 0x0)
madvise$auto(0x0, 0x8000000000000000, 0x15)
capget$auto(0x0, 0xfffffffffffffffe)

1.303214522s ago: executing program 2 (id=470):
adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0xd4, 0x1, 0x6, 0x0, 0x1, 0x368e, 0x2, {0x100000002, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x9, 0x81, 0xdfffffffffff628e, 0x6, 0xdeb1, 0x808})
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x1, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0xa3db)
mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000)
madvise$auto(0x0, 0x20499d, 0x9)
kill$auto(0x0, 0x12)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40008d0}, 0xc800)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff)
r1 = socket(0xa, 0x5, 0x84)
sendto$auto(r1, 0x0, 0x401, 0x7f, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe80fffefec03f00"}, 0x1c)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
r2 = socket(0x10, 0x2, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x8, 0x1ff, 0x7, 0x25, 0x4909b6f5, 0x1ffde, 0x7, 0x3, 0x9, 0x9, 0x3, 0x4, 0x1, 0xb4, 0x9, 0x8, 0x10003, 0x80, 0x3, 0x0, 0xa, 0x22000, 0x200, 0x0, 0x84}, 0x1fe, 0xd)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0xf7374674b920089e)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x40000)
sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0xc76, 0x8000)
fcntl$auto_F_SETSIG(0xffffffffffffffff, 0xa, 0x3)
mmap$auto(0x0, 0x1004, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000)
socket(0x2, 0x1, 0x106)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)

488.900073ms ago: executing program 3 (id=472):
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x14, 0x944, 0x1ffe0, 0x3, 0x6, 0x7, 0x9, 0x400005, 0x4000fff, 0x8000007, 0x8001, 0x2, 0x5, 0x3, 0x40, 0x7, 0x20, 0x309, 0x6, 0x0, 0x0, 0x200000, 0x0, 0x0, 0xffffffff, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x7]}, 0x1fe, 0x81)
mmap$auto(0x0, 0x2, 0xdf, 0xeb1, 0x401, 0x8000)
socket(0x2, 0x2, 0x0)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_tracing_iter_fops_trace(0xffffffffffffff9c, 0x0, 0x4c2801, 0x0)
lsm_set_self_attr$auto(0x3, 0xfffffffffffffffc, 0x1f, 0x8000000000000000)
syz_genetlink_get_family_id$auto_batadv(&(0x7f00000002c0), 0xffffffffffffffff)
pipe$auto(&(0x7f00000000c0)=<r1=>r0)
read$auto_mon_fops_text_t_mon_text(r1, 0x0, 0x0)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
r2 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socket(0x23, 0x80805, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
read$auto(0x3, 0x0, 0x80)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @loopback}, 0x6a)
sendmsg$auto(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0)
close_range$auto(0x2, 0x8000, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)

264.762477ms ago: executing program 4 (id=473):
socket$nl_generic(0x10, 0x3, 0x10)
open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f00000003c0)=""/192, 0xc0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/card1/pcm0p/sub0/hw_params\x00', 0x1c1282, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r0, 0x0, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0)
io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x2, 0x0)
mmap$auto(0x0, 0x10000, 0x8000, 0xeb1, 0xfffffffffffffffa, 0x8000)
ppoll$auto(0x0, 0x9, 0x0, 0x0, 0x8)
madvise$auto(0x0, 0x200007, 0x19)
syz_clone3(0x0, 0x0)
mmap$auto(0x0, 0x8, 0x2, 0x9b72, 0x5, 0x0)
futex_wait$auto(0x0, 0x0, 0x7f, 0x2, 0x0, 0x1)
futex_wake$auto(0x0, 0x7, 0xfffffffb, 0x2)
sysfs$auto(0x2, 0x23, 0x0)
r1 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0)
write$auto(r1, 0x0, 0x4)
syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_VERSION_SET(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24000001}, 0x4010)

0s ago: executing program 1 (id=474):
openat$auto_proc_pid_attr_operations_base(0xffffffffffffff9c, &(0x7f0000000340)='/proc/thread-self/attr/current\x00', 0x48000, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/usbip-vudc.0/usbip_sockfd\x00', 0x103841, 0x0)
write$auto(r0, &(0x7f0000000080)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94&\x81\xe2\x13\x8f\xea#\xf8F\xbbOO]e[\xabxo\xd9\x90\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\b\xc1\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xa5\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5Y\a\xc1\xe9(\x85R\x96\xe4\x86\\\x13\xa9\x1a&\x19\x8a9\x82\xf0\x83\f\xf7\xeb\x00\x00\x00\x00\x00\x00\x00\x00v\x92<e\x8b?#a\xa3 \xaa\x19\xde}\x10\xa4\x95\x02\x12\xbb\x13\xeb<\xc8x\x86\xc6\x12w2u\xe5\xb0\x8f\xda\x88R\xf4 @\xdc\x8e\xaa\xf0{\xa8,\xa3\xc7\x01\\\x03(\xc0\xb3\xf3\xf80eqo\x1a\xe0\xc6\xd9\xcf\xab\xf4_\xf2', 0x100000000)
prctl$auto_PR_GET_MDWE(0x42, 0x3, 0xffffffffffffffff, 0x2a, 0xff)
unshare$auto(0x40000080)
read$auto(0xffffffffffffffff, 0x0, 0x10001)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x4, 0x5, 0xd4, 0x1, 0x6, 0x0, 0x1, 0x368e, 0x2, {0x100000000, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x1007ffd, 0x0, 0xfe, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804})
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
r1 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000001cc0), 0x121c40, 0x0)
ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f00000000c0)={{0x0, 0x2, 0x200800, 0x9, 0xfffffffb}, "0dd7fd004929347eeeccdf0732f77b1f6de0d6d51768a257a97ca5e9ca6310ea"})
bpf$auto(0x5, &(0x7f0000001540)=@bpf_attr_3={0x9, 0x4, 0x10000, 0x1, 0x9, 0x80000000, 0x3, 0x1000, 0x10000, "06dbde4e070000001b0000000800", 0x0, 0x6, <r2=>0x2, 0x100, 0x0, 0x81, 0x200, 0x1, 0x4, 0x5, @attach_prog_fd=<r3=>0xffffffffffffffff, 0x5, 0x1ff, 0x100000002, 0x101, 0xe4, r0}, 0x1000)
fanotify_init$auto(0x7, 0x0)
setitimer$auto(0x2, &(0x7f0000000040)={{0x0, 0x5}, {0x0, 0x8}}, 0x0)
bind$auto(r2, &(0x7f00000003c0)=@vsock={0x28, 0x0, 0xffffffff, @hyper}, 0xff)
setitimer$auto_ITIMER_VIRTUAL(0x1, &(0x7f0000000000)={{0x4}, {0xcd, 0x800}}, 0x0)
unshare$auto(0x40000080)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000200), r3)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000)
statmount$auto(0x0, &(0x7f0000000400)={0x8, 0x0, 0x100, 0x3, 0x2c, 0x940, 0x1ffde, 0x3, 0x6, 0x2, 0x9, 0x5, 0x2, 0x4, 0xb0, 0x7, 0x2, 0x3, 0x5, 0x7, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x1fe, 0x40081)
r4 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/usb/usbmon/9t\x00', 0x0, 0x0)
pread64$auto(r4, 0x0, 0x59, 0x7)
read$auto_mon_fops_text_t_mon_text(r4, 0x0, 0x0)
sendfile$auto(0x6, 0x3, 0x0, 0x8000)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
unshare$auto(0x40000080)

kernel console output (not intermixed with test programs):


[  152.215989][ T6475] RBP: 00007f909da10ab1 R08: 0000000000000005 R09: 0000000000000000
[  152.216009][ T6475] R10: 0000000000000009 R11: 0000000000000246 R12: 0000000000000000
[  152.216028][ T6475] R13: 0000000000000000 R14: 00007f909dbb5fa0 R15: 00007ffc986188d8
[  152.216069][ T6475]  </TASK>
[  158.415353][ T6535] QAT: Device 0 not found
[  167.541580][ T5852] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  167.555740][ T5852] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  167.565966][ T5852] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  167.575602][ T5852] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  167.592339][ T5852] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  167.918989][ T6637] chnl_net:caif_netlink_parms(): no params data found
[  168.793087][ T6637] bridge0: port 1(bridge_slave_0) entered blocking state
[  168.805013][ T6637] bridge0: port 1(bridge_slave_0) entered disabled state
[  168.819407][ T6637] bridge_slave_0: entered allmulticast mode
[  168.835447][ T6637] bridge_slave_0: entered promiscuous mode
[  168.874121][ T6637] bridge0: port 2(bridge_slave_1) entered blocking state
[  168.894424][ T6637] bridge0: port 2(bridge_slave_1) entered disabled state
[  168.915940][ T6637] bridge_slave_1: entered allmulticast mode
[  168.936949][ T6637] bridge_slave_1: entered promiscuous mode
[  169.114141][ T6637] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  169.157328][ T6637] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  169.346703][ T6637] team0: Port device team_slave_0 added
[  169.386354][ T6637] team0: Port device team_slave_1 added
[  169.459409][ T6637] batman_adv: batadv0: Adding interface: batadv_slave_0
[  169.466518][ T6637] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  169.536142][ T6637] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  169.580510][ T6637] batman_adv: batadv0: Adding interface: batadv_slave_1
[  169.587526][ T6637] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  169.614111][ T6637] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  169.654924][ T5852] Bluetooth: hci4: command tx timeout
[  169.705221][ T6637] hsr_slave_0: entered promiscuous mode
[  169.712351][ T6637] hsr_slave_1: entered promiscuous mode
[  169.718784][ T6637] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  169.783488][ T6637] Cannot create hsr debugfs directory
[  170.403392][ T6637] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  170.452084][ T6637] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  170.481723][ T6637] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  170.526817][ T6637] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  171.099303][ T6637] 8021q: adding VLAN 0 to HW filter on device bond0
[  171.131594][ T6637] 8021q: adding VLAN 0 to HW filter on device team0
[  171.253353][ T6637] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  171.263855][ T6637] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  171.286509][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  171.293743][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  171.314414][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  171.321654][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  171.729540][ T5852] Bluetooth: hci4: command tx timeout
[  171.897905][ T6637] 8021q: adding VLAN 0 to HW filter on device batadv0
[  172.503050][ T6637] veth0_vlan: entered promiscuous mode
[  172.524598][ T6637] veth1_vlan: entered promiscuous mode
[  172.573227][ T6637] veth0_macvtap: entered promiscuous mode
[  172.594671][ T6637] veth1_macvtap: entered promiscuous mode
[  172.641460][ T6637] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  172.658022][ T6637] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.671530][ T6637] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  172.682080][ T6637] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.692377][ T6637] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  172.703257][ T6637] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.713477][ T6637] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  172.725763][ T6637] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.737049][ T6637] batman_adv: batadv0: Interface activated: batadv_slave_0
[  172.748581][ T6637] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  172.759288][ T6637] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.777003][ T6637] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  172.787735][ T6637] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.797680][ T6637] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  172.808194][ T6637] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.818147][ T6637] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  172.830348][ T6637] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.842054][ T6637] batman_adv: batadv0: Interface activated: batadv_slave_1
[  172.864841][ T6637] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  172.873818][ T6637] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  172.883140][ T6637] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  172.893331][ T6637] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  172.974626][ T6506] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  172.983879][ T6506] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  173.024755][ T3066] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  173.036344][ T3066] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  173.809766][ T5852] Bluetooth: hci4: command tx timeout
[  175.889387][ T5852] Bluetooth: hci4: command tx timeout
[  179.299375][ T6753] netlink: 12 bytes leftover after parsing attributes in process `syz.3.156'.
[  179.737155][ T6744] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  179.764777][ T6744] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  179.773908][ T6744] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  179.793475][ T6744] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  179.803296][ T6744] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  179.809715][ T6744] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  179.827979][ T6744] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  180.769266][ T5852] Bluetooth: hci1: command 0x0c1a tx timeout
[  181.809589][ T5852] Bluetooth: hci4: command 0x0c1a tx timeout
[  181.815699][ T5852] Bluetooth: hci0: command 0x0c1a tx timeout
[  181.821835][ T5852] Bluetooth: hci2: command 0x0c1a tx timeout
[  181.827884][ T5852] Bluetooth: hci3: command 0x0c1a tx timeout
[  183.892402][ T5852] Bluetooth: hci4: command 0x0c1a tx timeout
[  184.353456][ T6811] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  184.362315][ T6811] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  184.413501][ T6811] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  184.470987][ T6811] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  184.516227][ T6811] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  185.817861][ T5852] Bluetooth: hci1: command 0x0c1a tx timeout
[  186.370526][ T5852] Bluetooth: hci3: command 0x0c1a tx timeout
[  186.459337][ T5852] Bluetooth: hci2: command 0x0c1a tx timeout
[  186.520113][ T6840] netlink: 342 bytes leftover after parsing attributes in process `syz.2.176'.
[  186.529332][ T5852] Bluetooth: hci4: command 0x0c1a tx timeout
[  186.535404][ T5852] Bluetooth: hci0: command 0x0c1a tx timeout
[  186.645206][ T6842] FAULT_INJECTION: forcing a failure.
[  186.645206][ T6842] name failslab, interval 1, probability 0, space 0, times 0
[  186.679437][ T6842] CPU: 0 UID: 0 PID: 6842 Comm: syz.1.177 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) 
[  186.679484][ T6842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  186.679507][ T6842] Call Trace:
[  186.679517][ T6842]  <TASK>
[  186.679533][ T6842]  dump_stack_lvl+0x16c/0x1f0
[  186.679585][ T6842]  should_fail_ex+0x512/0x640
[  186.679628][ T6842]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  186.679674][ T6842]  should_failslab+0xc2/0x120
[  186.679716][ T6842]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  186.679757][ T6842]  ? alloc_inode+0xc3/0x240
[  186.679815][ T6842]  alloc_inode+0xc3/0x240
[  186.679858][ T6842]  iget_locked+0x2e4/0x830
[  186.679906][ T6842]  ? __pfx_iget_locked+0x10/0x10
[  186.679953][ T6842]  ? find_held_lock+0x2b/0x80
[  186.679988][ T6842]  ? kernfs_root+0xee/0x2a0
[  186.680046][ T6842]  kernfs_get_inode+0x48/0x460
[  186.680080][ T6842]  kernfs_iop_lookup+0x1a7/0x2d0
[  186.680118][ T6842]  __lookup_slow+0x24e/0x460
[  186.680167][ T6842]  ? __pfx___lookup_slow+0x10/0x10
[  186.680242][ T6842]  ? lookup_fast+0x156/0x610
[  186.680290][ T6842]  ? __pfx_kernfs_iop_permission+0x10/0x10
[  186.680351][ T6842]  walk_component+0x353/0x5b0
[  186.680406][ T6842]  link_path_walk.part.0.constprop.0+0x685/0xd60
[  186.680478][ T6842]  path_openat+0x227/0x2d40
[  186.680509][ T6842]  ? __x64_sys_openat+0x174/0x210
[  186.680571][ T6842]  ? __pfx_path_openat+0x10/0x10
[  186.680617][ T6842]  do_filp_open+0x20b/0x470
[  186.680651][ T6842]  ? __pfx_do_filp_open+0x10/0x10
[  186.680717][ T6842]  ? alloc_fd+0x471/0x7d0
[  186.680760][ T6842]  do_sys_openat2+0x11b/0x1d0
[  186.680816][ T6842]  ? __pfx_do_sys_openat2+0x10/0x10
[  186.680882][ T6842]  __x64_sys_openat+0x174/0x210
[  186.680930][ T6842]  ? __pfx___x64_sys_openat+0x10/0x10
[  186.680983][ T6842]  ? rcu_is_watching+0x12/0xc0
[  186.681029][ T6842]  do_syscall_64+0xcd/0x230
[  186.681083][ T6842]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.681116][ T6842] RIP: 0033:0x7f909d98e969
[  186.681143][ T6842] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  186.681174][ T6842] RSP: 002b:00007f909e869038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  186.681206][ T6842] RAX: ffffffffffffffda RBX: 00007f909dbb5fa0 RCX: 00007f909d98e969
[  186.681228][ T6842] RDX: 0000000000183841 RSI: 0000200000000280 RDI: ffffffffffffff9c
[  186.681250][ T6842] RBP: 00007f909da10ab1 R08: 0000000000000000 R09: 0000000000000000
[  186.681270][ T6842] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  186.681290][ T6842] R13: 0000000000000000 R14: 00007f909dbb5fa0 R15: 00007ffc986188d8
[  186.681333][ T6842]  </TASK>
[  187.631479][ T6843] FAULT_INJECTION: forcing a failure.
[  187.631479][ T6843] name failslab, interval 1, probability 0, space 0, times 0
[  187.669532][ T6843] CPU: 1 UID: 0 PID: 6843 Comm: syz.2.176 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) 
[  187.669576][ T6843] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  187.669595][ T6843] Call Trace:
[  187.669604][ T6843]  <TASK>
[  187.669616][ T6843]  dump_stack_lvl+0x16c/0x1f0
[  187.669665][ T6843]  should_fail_ex+0x512/0x640
[  187.669703][ T6843]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  187.669739][ T6843]  should_failslab+0xc2/0x120
[  187.669785][ T6843]  __kmalloc_cache_noprof+0x6a/0x3e0
[  187.669814][ T6843]  ? snd_seq_create_port+0xf7/0xad0
[  187.669859][ T6843]  snd_seq_create_port+0xf7/0xad0
[  187.669908][ T6843]  snd_seq_ioctl_create_port+0x253/0x950
[  187.669954][ T6843]  ? __pfx_snd_seq_ioctl_create_port+0x10/0x10
[  187.669995][ T6843]  ? kasan_save_stack+0x42/0x60
[  187.670024][ T6843]  ? kasan_save_stack+0x33/0x60
[  187.670052][ T6843]  ? kasan_save_track+0x14/0x30
[  187.670086][ T6843]  snd_seq_kernel_client_ctl+0x107/0x1c0
[  187.670132][ T6843]  create_port+0x197/0x260
[  187.670172][ T6843]  ? __pfx_create_port+0x10/0x10
[  187.670217][ T6843]  ? __pfx_snd_seq_oss_event_input+0x10/0x10
[  187.670244][ T6843]  ? __pfx_free_devinfo+0x10/0x10
[  187.670308][ T6843]  ? mark_held_locks+0x49/0x80
[  187.670343][ T6843]  ? _raw_spin_unlock_irq+0x23/0x50
[  187.670380][ T6843]  snd_seq_oss_open+0x36c/0xa20
[  187.670427][ T6843]  odev_open+0x6f/0x90
[  187.670463][ T6843]  ? __pfx_odev_open+0x10/0x10
[  187.670501][ T6843]  soundcore_open+0x409/0x580
[  187.670541][ T6843]  ? __pfx_soundcore_open+0x10/0x10
[  187.670578][ T6843]  chrdev_open+0x231/0x6a0
[  187.670609][ T6843]  ? __pfx_apparmor_file_open+0x10/0x10
[  187.670651][ T6843]  ? __pfx_chrdev_open+0x10/0x10
[  187.670690][ T6843]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  187.670750][ T6843]  do_dentry_open+0x741/0x1c10
[  187.670786][ T6843]  ? __pfx_chrdev_open+0x10/0x10
[  187.670830][ T6843]  vfs_open+0x82/0x3f0
[  187.670880][ T6843]  path_openat+0x1e5e/0x2d40
[  187.670929][ T6843]  ? __pfx_path_openat+0x10/0x10
[  187.670981][ T6843]  do_filp_open+0x20b/0x470
[  187.671017][ T6843]  ? __pfx_do_filp_open+0x10/0x10
[  187.671081][ T6843]  ? alloc_fd+0x471/0x7d0
[  187.671141][ T6843]  do_sys_openat2+0x11b/0x1d0
[  187.671200][ T6843]  ? __pfx_do_sys_openat2+0x10/0x10
[  187.671260][ T6843]  __x64_sys_openat+0x174/0x210
[  187.671307][ T6843]  ? __pfx___x64_sys_openat+0x10/0x10
[  187.671354][ T6843]  ? rcu_is_watching+0x12/0xc0
[  187.671396][ T6843]  do_syscall_64+0xcd/0x230
[  187.671447][ T6843]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  187.671479][ T6843] RIP: 0033:0x7f2ffad8e969
[  187.671504][ T6843] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  187.671534][ T6843] RSP: 002b:00007f2ff8bd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  187.671563][ T6843] RAX: ffffffffffffffda RBX: 00007f2ffafb6080 RCX: 00007f2ffad8e969
[  187.671584][ T6843] RDX: 0000000000000002 RSI: 0000200000000400 RDI: ffffffffffffff9c
[  187.671605][ T6843] RBP: 00007f2ffae10ab1 R08: 0000000000000000 R09: 0000000000000000
[  187.671625][ T6843] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  187.671644][ T6843] R13: 0000000000000000 R14: 00007f2ffafb6080 R15: 00007fff46886888
[  187.671684][ T6843]  </TASK>
[  187.673081][ T6843] ALSA: seq_oss: can't create port
[  189.308959][ T6866] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  189.349153][ T6866] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  189.360572][ T6866] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  189.379396][ T6866] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  189.389296][ T6866] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  189.715081][ T6878] FAULT_INJECTION: forcing a failure.
[  189.715081][ T6878] name failslab, interval 1, probability 0, space 0, times 0
[  189.715144][ T6878] CPU: 0 UID: 0 PID: 6878 Comm: syz.2.185 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) 
[  189.715184][ T6878] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  189.715203][ T6878] Call Trace:
[  189.715213][ T6878]  <TASK>
[  189.715225][ T6878]  dump_stack_lvl+0x16c/0x1f0
[  189.715277][ T6878]  should_fail_ex+0x512/0x640
[  189.715315][ T6878]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  189.715355][ T6878]  should_failslab+0xc2/0x120
[  189.715399][ T6878]  __kmalloc_cache_noprof+0x6a/0x3e0
[  189.715435][ T6878]  ? device_create_groups_vargs+0x8a/0x270
[  189.715483][ T6878]  device_create_groups_vargs+0x8a/0x270
[  189.715529][ T6878]  device_create+0xed/0x130
[  189.715576][ T6878]  ? __pfx_device_create+0x10/0x10
[  189.715611][ T6878]  ? do_raw_spin_lock+0x12c/0x2b0
[  189.715645][ T6878]  ? is_console_locked+0x9/0x20
[  189.715685][ T6878]  ? con_is_visible+0x65/0x150
[  189.715728][ T6878]  ? csi_J+0x54a/0xad0
[  189.715788][ T6878]  vcs_make_sysfs+0x32/0x80
[  189.715835][ T6878]  vc_allocate+0x501/0x880
[  189.715865][ T6878]  ? __pfx_vc_allocate+0x10/0x10
[  189.715908][ T6878]  con_install+0xa1/0x600
[  189.715941][ T6878]  ? __pfx_con_install+0x10/0x10
[  189.715978][ T6878]  ? __pfx_con_install+0x10/0x10
[  189.716010][ T6878]  tty_init_dev.part.0+0x99/0x500
[  189.716048][ T6878]  tty_open+0xa50/0xf90
[  189.716090][ T6878]  ? __pfx_tty_open+0x10/0x10
[  189.716123][ T6878]  ? chrdev_open+0x58c/0x6a0
[  189.716167][ T6878]  ? __pfx_tty_open+0x10/0x10
[  189.716200][ T6878]  chrdev_open+0x231/0x6a0
[  189.716239][ T6878]  ? __pfx_chrdev_open+0x10/0x10
[  189.716281][ T6878]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  189.716342][ T6878]  do_dentry_open+0x741/0x1c10
[  189.716379][ T6878]  ? __pfx_chrdev_open+0x10/0x10
[  189.716426][ T6878]  vfs_open+0x82/0x3f0
[  189.716477][ T6878]  path_openat+0x1e5e/0x2d40
[  189.716528][ T6878]  ? __pfx_path_openat+0x10/0x10
[  189.716581][ T6878]  do_filp_open+0x20b/0x470
[  189.716616][ T6878]  ? __pfx_do_filp_open+0x10/0x10
[  189.716684][ T6878]  ? alloc_fd+0x471/0x7d0
[  189.716727][ T6878]  do_sys_openat2+0x11b/0x1d0
[  189.716775][ T6878]  ? __pfx_do_sys_openat2+0x10/0x10
[  189.716838][ T6878]  __x64_sys_openat+0x174/0x210
[  189.716888][ T6878]  ? __pfx___x64_sys_openat+0x10/0x10
[  189.716939][ T6878]  ? rcu_is_watching+0x12/0xc0
[  189.716986][ T6878]  do_syscall_64+0xcd/0x230
[  189.717038][ T6878]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  189.717071][ T6878] RIP: 0033:0x7f2ffad8e969
[  189.717096][ T6878] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  189.717127][ T6878] RSP: 002b:00007f2ff8bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  189.717158][ T6878] RAX: ffffffffffffffda RBX: 00007f2ffafb5fa0 RCX: 00007f2ffad8e969
[  189.717179][ T6878] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  189.717201][ T6878] RBP: 00007f2ffae10ab1 R08: 0000000000000000 R09: 0000000000000000
[  189.717221][ T6878] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000
[  189.717241][ T6878] R13: 0000000000000000 R14: 00007f2ffafb5fa0 R15: 00007fff46886888
[  189.717283][ T6878]  </TASK>
[  190.849323][ T5852] Bluetooth: hci1: command 0x0c1a tx timeout
[  190.959987][ T6878] tty tty26: ldisc open failed (-12), clearing slot 25
[  191.329231][ T5852] Bluetooth: hci3: command 0x0c1a tx timeout
[  191.409720][ T5852] Bluetooth: hci4: command 0x0c1a tx timeout
[  191.409740][ T5151] Bluetooth: hci0: command 0x0c1a tx timeout
[  191.409787][ T5151] Bluetooth: hci2: command 0x0c1a tx timeout
[  191.958980][ T6904] FAULT_INJECTION: forcing a failure.
[  191.958980][ T6904] name failslab, interval 1, probability 0, space 0, times 0
[  191.994187][ T6904] CPU: 0 UID: 0 PID: 6904 Comm: syz.1.199 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) 
[  191.994234][ T6904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  191.994253][ T6904] Call Trace:
[  191.994265][ T6904]  <TASK>
[  191.994277][ T6904]  dump_stack_lvl+0x16c/0x1f0
[  191.994332][ T6904]  should_fail_ex+0x512/0x640
[  191.994371][ T6904]  ? __kmalloc_node_noprof+0xc5/0x500
[  191.994419][ T6904]  should_failslab+0xc2/0x120
[  191.994466][ T6904]  __kmalloc_node_noprof+0xd8/0x500
[  191.994509][ T6904]  ? __vmalloc_node_range_noprof+0x3eb/0x1540
[  191.994551][ T6904]  __vmalloc_node_range_noprof+0x3eb/0x1540
[  191.994601][ T6904]  ? n_tty_open+0x1a/0x170
[  191.994649][ T6904]  ? __ldsem_down_write_nested+0x10e/0x850
[  191.994691][ T6904]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  191.994739][ T6904]  ? n_tty_open+0x1a/0x170
[  191.994776][ T6904]  vzalloc_noprof+0x6b/0x90
[  191.994806][ T6904]  ? n_tty_open+0x1a/0x170
[  191.994841][ T6904]  ? __pfx_n_tty_open+0x10/0x10
[  191.994877][ T6904]  n_tty_open+0x1a/0x170
[  191.994913][ T6904]  ? __pfx_n_tty_open+0x10/0x10
[  191.994949][ T6904]  tty_ldisc_open+0x9c/0x120
[  191.995000][ T6904]  tty_ldisc_setup+0x40/0x100
[  191.995052][ T6904]  tty_init_dev.part.0+0x1ec/0x500
[  191.995091][ T6904]  tty_open+0xa50/0xf90
[  191.995134][ T6904]  ? __pfx_tty_open+0x10/0x10
[  191.995168][ T6904]  ? chrdev_open+0x10b/0x6a0
[  191.995212][ T6904]  ? __pfx_tty_open+0x10/0x10
[  191.995246][ T6904]  chrdev_open+0x231/0x6a0
[  191.995283][ T6904]  ? __pfx_apparmor_file_open+0x10/0x10
[  191.995328][ T6904]  ? __pfx_chrdev_open+0x10/0x10
[  191.995369][ T6904]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  191.995432][ T6904]  do_dentry_open+0x741/0x1c10
[  191.995471][ T6904]  ? __pfx_chrdev_open+0x10/0x10
[  191.995519][ T6904]  vfs_open+0x82/0x3f0
[  191.995571][ T6904]  path_openat+0x1e5e/0x2d40
[  191.995621][ T6904]  ? __pfx_path_openat+0x10/0x10
[  191.995674][ T6904]  do_filp_open+0x20b/0x470
[  191.995709][ T6904]  ? __pfx_do_filp_open+0x10/0x10
[  191.995772][ T6904]  ? alloc_fd+0x471/0x7d0
[  191.995813][ T6904]  do_sys_openat2+0x11b/0x1d0
[  191.995857][ T6904]  ? __pfx_do_sys_openat2+0x10/0x10
[  191.995919][ T6904]  __x64_sys_openat+0x174/0x210
[  191.995974][ T6904]  ? __pfx___x64_sys_openat+0x10/0x10
[  191.996025][ T6904]  ? rcu_is_watching+0x12/0xc0
[  191.996071][ T6904]  do_syscall_64+0xcd/0x230
[  191.996120][ T6904]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  191.996150][ T6904] RIP: 0033:0x7f909d98e969
[  191.996174][ T6904] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  191.996203][ T6904] RSP: 002b:00007f909e848038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  191.996231][ T6904] RAX: ffffffffffffffda RBX: 00007f909dbb6080 RCX: 00007f909d98e969
[  191.996251][ T6904] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  191.996270][ T6904] RBP: 00007f909da10ab1 R08: 0000000000000000 R09: 0000000000000000
[  191.996288][ T6904] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000
[  191.996306][ T6904] R13: 0000000000000000 R14: 00007f909dbb6080 R15: 00007ffc986188d8
[  191.996345][ T6904]  </TASK>
[  192.350385][ T6904] syz.1.199: vmalloc error: size 12288, failed to allocated page array size 24, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  192.396821][ T6904] CPU: 0 UID: 0 PID: 6904 Comm: syz.1.199 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) 
[  192.396864][ T6904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  192.396882][ T6904] Call Trace:
[  192.396892][ T6904]  <TASK>
[  192.396922][ T6904]  dump_stack_lvl+0x16c/0x1f0
[  192.396976][ T6904]  warn_alloc+0x248/0x3a0
[  192.397018][ T6904]  ? __pfx_warn_alloc+0x10/0x10
[  192.397054][ T6904]  ? dump_stack_lvl+0x1a1/0x1f0
[  192.397112][ T6904]  ? rcu_is_watching+0x12/0xc0
[  192.397146][ T6904]  ? __kmalloc_node_noprof+0x23b/0x500
[  192.397198][ T6904]  __vmalloc_node_range_noprof+0x1110/0x1540
[  192.397247][ T6904]  ? n_tty_open+0x1a/0x170
[  192.397290][ T6904]  ? __ldsem_down_write_nested+0x10e/0x850
[  192.397331][ T6904]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  192.397377][ T6904]  ? n_tty_open+0x1a/0x170
[  192.397414][ T6904]  vzalloc_noprof+0x6b/0x90
[  192.397446][ T6904]  ? n_tty_open+0x1a/0x170
[  192.397479][ T6904]  ? __pfx_n_tty_open+0x10/0x10
[  192.397511][ T6904]  n_tty_open+0x1a/0x170
[  192.397548][ T6904]  ? __pfx_n_tty_open+0x10/0x10
[  192.397584][ T6904]  tty_ldisc_open+0x9c/0x120
[  192.397645][ T6904]  tty_ldisc_setup+0x40/0x100
[  192.397697][ T6904]  tty_init_dev.part.0+0x1ec/0x500
[  192.397734][ T6904]  tty_open+0xa50/0xf90
[  192.397776][ T6904]  ? __pfx_tty_open+0x10/0x10
[  192.397812][ T6904]  ? chrdev_open+0x10b/0x6a0
[  192.397855][ T6904]  ? __pfx_tty_open+0x10/0x10
[  192.397887][ T6904]  chrdev_open+0x231/0x6a0
[  192.397935][ T6904]  ? __pfx_apparmor_file_open+0x10/0x10
[  192.397977][ T6904]  ? __pfx_chrdev_open+0x10/0x10
[  192.398017][ T6904]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  192.398074][ T6904]  do_dentry_open+0x741/0x1c10
[  192.398111][ T6904]  ? __pfx_chrdev_open+0x10/0x10
[  192.398155][ T6904]  vfs_open+0x82/0x3f0
[  192.398204][ T6904]  path_openat+0x1e5e/0x2d40
[  192.398254][ T6904]  ? __pfx_path_openat+0x10/0x10
[  192.398300][ T6904]  do_filp_open+0x20b/0x470
[  192.398335][ T6904]  ? __pfx_do_filp_open+0x10/0x10
[  192.398401][ T6904]  ? alloc_fd+0x471/0x7d0
[  192.398444][ T6904]  do_sys_openat2+0x11b/0x1d0
[  192.398488][ T6904]  ? __pfx_do_sys_openat2+0x10/0x10
[  192.398549][ T6904]  __x64_sys_openat+0x174/0x210
[  192.398595][ T6904]  ? __pfx___x64_sys_openat+0x10/0x10
[  192.398651][ T6904]  ? rcu_is_watching+0x12/0xc0
[  192.398696][ T6904]  do_syscall_64+0xcd/0x230
[  192.398748][ T6904]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.398780][ T6904] RIP: 0033:0x7f909d98e969
[  192.398805][ T6904] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  192.398835][ T6904] RSP: 002b:00007f909e848038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  192.398863][ T6904] RAX: ffffffffffffffda RBX: 00007f909dbb6080 RCX: 00007f909d98e969
[  192.398884][ T6904] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  192.398904][ T6904] RBP: 00007f909da10ab1 R08: 0000000000000000 R09: 0000000000000000
[  192.398923][ T6904] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000
[  192.398942][ T6904] R13: 0000000000000000 R14: 00007f909dbb6080 R15: 00007ffc986188d8
[  192.398984][ T6904]  </TASK>
[  192.399024][ T6904] Mem-Info:
[  192.869305][ T6904] active_anon:14745 inactive_anon:1 isolated_anon:0
[  192.869305][ T6904]  active_file:11609 inactive_file:44018 isolated_file:0
[  192.869305][ T6904]  unevictable:1684 dirty:1967 writeback:512
[  192.869305][ T6904]  slab_reclaimable:10457 slab_unreclaimable:97975
[  192.869305][ T6904]  mapped:35955 shmem:4509 pagetables:882
[  192.869305][ T6904]  sec_pagetables:0 bounce:0
[  192.869305][ T6904]  kernel_misc_reclaimable:0
[  192.869305][ T6904]  free:1309672 free_pcp:1656 free_cma:0
[  193.050161][ T6904] Node 0 active_anon:59136kB inactive_anon:4kB active_file:46436kB inactive_file:175996kB unevictable:5200kB isolated(anon):0kB isolated(file):0kB mapped:143892kB dirty:7944kB writeback:2048kB shmem:16584kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10988kB pagetables:3544kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  193.102250][ T6904] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  193.198320][ T6904] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  193.248889][ T6904] lowmem_reserve[]: 0 2482 2483 2483 2483
[  193.338680][ T6904] Node 0 DMA32 free:1325196kB boost:0kB min:34092kB low:42612kB high:51132kB reserved_highatomic:0KB active_anon:59088kB inactive_anon:4kB active_file:46436kB inactive_file:174408kB unevictable:5200kB writepending:6920kB present:3129332kB managed:2541748kB mlocked:3664kB bounce:0kB free_pcp:1632kB local_pcp:888kB free_cma:0kB
[  193.420059][ T6904] lowmem_reserve[]: 0 0 1 1 1
[  193.424895][ T6904] Node 0 Normal free:8kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1588kB unevictable:0kB writepending:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  193.575098][ T6904] lowmem_reserve[]: 0 0 0 0 0
[  193.598346][ T6904] Node 1 Normal free:3897752kB boost:0kB min:55784kB low:69728kB high:83672kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:4700kB local_pcp:4700kB free_cma:0kB
[  193.639264][ T6904] lowmem_reserve[]: 0 0 0 0 0
[  193.644217][ T6904] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  193.699257][ T6904] Node 0 DMA32: 241*4kB (UM) 111*8kB (ME) 150*16kB (UME) 592*32kB (UME) 474*64kB (UME) 146*128kB (UME) 120*256kB (UME) 58*512kB (ME) 15*1024kB (M) 1*2048kB (E) 287*4096kB (M) = 1325596kB
[  193.757616][ T6904] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB
[  193.775531][ T6904] Node 1 Normal: 230*4kB (UME) 12*8kB (UME) 42*16kB (UME) 200*32kB (UME) 100*64kB (UME) 38*128kB (UME) 20*256kB (UME) 7*512kB (UME) 1*1024kB (U) 1*2048kB (E) 944*4096kB (M) = 3897752kB
[  193.827166][ T6904] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  193.838246][ T6904] Node 0 hugepages_total=5 hugepages_free=0 hugepages_surp=2 hugepages_size=2048kB
[  193.852034][ T6904] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  193.863525][ T6904] Node 1 hugepages_total=2 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  193.876532][ T6904] 60800 total pagecache pages
[  193.884708][ T6904] 1 pages in swap cache
[  193.888976][ T6904] Free swap  = 124992kB
[  193.896880][ T6904] Total swap = 124996kB
[  193.901436][ T6904] 2097051 pages RAM
[  193.905390][ T6904] 0 pages HighMem/MovableOnly
[  193.910776][ T6904] 429572 pages reserved
[  193.916045][ T6904] 0 pages cma reserved
[  193.927339][ T6904] tty tty26: ldisc open failed (-12), clearing slot 25
[  194.418390][ T6918] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  194.424787][ T6918] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  194.435827][ T6918] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  194.500003][ T6918] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  194.506198][ T6918] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  194.737591][ T6935] netlink: 28 bytes leftover after parsing attributes in process `syz.3.198'.
[  194.767963][ T6935] ipvlan1: entered allmulticast mode
[  194.780710][ T6935] veth0_vlan: entered allmulticast mode
[  194.815308][ T6935] netlink: 330 bytes leftover after parsing attributes in process `syz.3.198'.
[  194.874710][ T6935] netlink: 20 bytes leftover after parsing attributes in process `syz.3.198'.
[  195.890792][ T5852] Bluetooth: hci1: command 0x0c1a tx timeout
[  196.449431][ T5852] Bluetooth: hci2: command 0x0c1a tx timeout
[  196.449461][ T5151] Bluetooth: hci3: command 0x0c1a tx timeout
[  196.529220][ T5151] Bluetooth: hci4: command 0x0c1a tx timeout
[  196.530378][ T5852] Bluetooth: hci0: command 0x0c1a tx timeout
[  197.776850][ T6970] FAULT_INJECTION: forcing a failure.
[  197.776850][ T6970] name failslab, interval 1, probability 0, space 0, times 0
[  197.814241][ T6970] CPU: 1 UID: 0 PID: 6970 Comm: syz.4.206 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) 
[  197.814289][ T6970] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  197.814315][ T6970] Call Trace:
[  197.814326][ T6970]  <TASK>
[  197.814338][ T6970]  dump_stack_lvl+0x16c/0x1f0
[  197.814393][ T6970]  should_fail_ex+0x512/0x640
[  197.814432][ T6970]  ? __kmalloc_node_noprof+0xc5/0x500
[  197.814479][ T6970]  should_failslab+0xc2/0x120
[  197.814525][ T6970]  __kmalloc_node_noprof+0xd8/0x500
[  197.814569][ T6970]  ? __vmalloc_node_range_noprof+0x3eb/0x1540
[  197.814611][ T6970]  __vmalloc_node_range_noprof+0x3eb/0x1540
[  197.814662][ T6970]  ? n_tty_open+0x1a/0x170
[  197.814704][ T6970]  ? __ldsem_down_write_nested+0x10e/0x850
[  197.814747][ T6970]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  197.814796][ T6970]  ? n_tty_open+0x1a/0x170
[  197.814834][ T6970]  vzalloc_noprof+0x6b/0x90
[  197.814866][ T6970]  ? n_tty_open+0x1a/0x170
[  197.814901][ T6970]  ? __pfx_n_tty_open+0x10/0x10
[  197.814937][ T6970]  n_tty_open+0x1a/0x170
[  197.814974][ T6970]  ? __pfx_n_tty_open+0x10/0x10
[  197.815010][ T6970]  tty_ldisc_open+0x9c/0x120
[  197.815059][ T6970]  tty_ldisc_setup+0x40/0x100
[  197.815111][ T6970]  tty_init_dev.part.0+0x1ec/0x500
[  197.815150][ T6970]  tty_open+0xa50/0xf90
[  197.815193][ T6970]  ? __pfx_tty_open+0x10/0x10
[  197.815228][ T6970]  ? chrdev_open+0x10b/0x6a0
[  197.815272][ T6970]  ? __pfx_tty_open+0x10/0x10
[  197.815312][ T6970]  chrdev_open+0x231/0x6a0
[  197.815350][ T6970]  ? __pfx_apparmor_file_open+0x10/0x10
[  197.815395][ T6970]  ? __pfx_chrdev_open+0x10/0x10
[  197.815438][ T6970]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  197.815511][ T6970]  do_dentry_open+0x741/0x1c10
[  197.815548][ T6970]  ? __pfx_chrdev_open+0x10/0x10
[  197.815595][ T6970]  vfs_open+0x82/0x3f0
[  197.815645][ T6970]  path_openat+0x1e5e/0x2d40
[  197.815695][ T6970]  ? __pfx_path_openat+0x10/0x10
[  197.815741][ T6970]  do_filp_open+0x20b/0x470
[  197.815775][ T6970]  ? __pfx_do_filp_open+0x10/0x10
[  197.815840][ T6970]  ? alloc_fd+0x471/0x7d0
[  197.815883][ T6970]  do_sys_openat2+0x11b/0x1d0
[  197.815928][ T6970]  ? __pfx_do_sys_openat2+0x10/0x10
[  197.815992][ T6970]  __x64_sys_openat+0x174/0x210
[  197.816039][ T6970]  ? __pfx___x64_sys_openat+0x10/0x10
[  197.816109][ T6970]  ? rcu_is_watching+0x12/0xc0
[  197.816156][ T6970]  do_syscall_64+0xcd/0x230
[  197.816209][ T6970]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  197.816242][ T6970] RIP: 0033:0x7fdd5258e969
[  197.816269][ T6970] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  197.816307][ T6970] RSP: 002b:00007fdd534d6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  197.816339][ T6970] RAX: ffffffffffffffda RBX: 00007fdd527b5fa0 RCX: 00007fdd5258e969
[  197.816360][ T6970] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  197.816381][ T6970] RBP: 00007fdd52610ab1 R08: 0000000000000000 R09: 0000000000000000
[  197.816401][ T6970] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000
[  197.816419][ T6970] R13: 0000000000000000 R14: 00007fdd527b5fa0 R15: 00007ffdf9c6b078
[  197.816462][ T6970]  </TASK>
[  198.137370][ T6970] tty tty26: ldisc open failed (-12), clearing slot 25
[  198.621748][ T6984] FAULT_INJECTION: forcing a failure.
[  198.621748][ T6984] name failslab, interval 1, probability 0, space 0, times 0
[  198.639437][ T6984] CPU: 1 UID: 0 PID: 6984 Comm: syz.4.210 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) 
[  198.639483][ T6984] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  198.639497][ T6984] Call Trace:
[  198.639505][ T6984]  <TASK>
[  198.639514][ T6984]  dump_stack_lvl+0x16c/0x1f0
[  198.639552][ T6984]  should_fail_ex+0x512/0x640
[  198.639581][ T6984]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  198.639614][ T6984]  should_failslab+0xc2/0x120
[  198.639645][ T6984]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  198.639673][ T6984]  ? __pfx___might_resched+0x10/0x10
[  198.639700][ T6984]  ? alloc_vmap_area+0xd9a/0x2970
[  198.639740][ T6984]  alloc_vmap_area+0xd9a/0x2970
[  198.639788][ T6984]  ? __pfx_alloc_vmap_area+0x10/0x10
[  198.639832][ T6984]  __get_vm_area_node+0x1a7/0x300
[  198.639875][ T6984]  __vmalloc_node_range_noprof+0x277/0x1540
[  198.639899][ T6984]  ? n_tty_open+0x1a/0x170
[  198.639935][ T6984]  ? n_tty_open+0x1a/0x170
[  198.639964][ T6984]  ? __ldsem_down_write_nested+0x10e/0x850
[  198.639994][ T6984]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  198.640027][ T6984]  ? n_tty_open+0x1a/0x170
[  198.640054][ T6984]  vzalloc_noprof+0x6b/0x90
[  198.640076][ T6984]  ? n_tty_open+0x1a/0x170
[  198.640100][ T6984]  ? __pfx_n_tty_open+0x10/0x10
[  198.640125][ T6984]  n_tty_open+0x1a/0x170
[  198.640150][ T6984]  ? __pfx_n_tty_open+0x10/0x10
[  198.640175][ T6984]  tty_ldisc_open+0x9c/0x120
[  198.640229][ T6984]  tty_ldisc_setup+0x40/0x100
[  198.640284][ T6984]  tty_init_dev.part.0+0x1ec/0x500
[  198.640311][ T6984]  tty_open+0xa50/0xf90
[  198.640340][ T6984]  ? __pfx_tty_open+0x10/0x10
[  198.640364][ T6984]  ? chrdev_open+0x10b/0x6a0
[  198.640395][ T6984]  ? __pfx_tty_open+0x10/0x10
[  198.640418][ T6984]  chrdev_open+0x231/0x6a0
[  198.640444][ T6984]  ? __pfx_apparmor_file_open+0x10/0x10
[  198.640475][ T6984]  ? __pfx_chrdev_open+0x10/0x10
[  198.640504][ T6984]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  198.640548][ T6984]  do_dentry_open+0x741/0x1c10
[  198.640574][ T6984]  ? __pfx_chrdev_open+0x10/0x10
[  198.640607][ T6984]  vfs_open+0x82/0x3f0
[  198.640643][ T6984]  path_openat+0x1e5e/0x2d40
[  198.640679][ T6984]  ? __pfx_path_openat+0x10/0x10
[  198.640712][ T6984]  do_filp_open+0x20b/0x470
[  198.640736][ T6984]  ? __pfx_do_filp_open+0x10/0x10
[  198.640783][ T6984]  ? alloc_fd+0x471/0x7d0
[  198.640813][ T6984]  do_sys_openat2+0x11b/0x1d0
[  198.640846][ T6984]  ? __pfx_do_sys_openat2+0x10/0x10
[  198.640891][ T6984]  __x64_sys_openat+0x174/0x210
[  198.640925][ T6984]  ? __pfx___x64_sys_openat+0x10/0x10
[  198.640961][ T6984]  ? rcu_is_watching+0x12/0xc0
[  198.640994][ T6984]  do_syscall_64+0xcd/0x230
[  198.641031][ T6984]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  198.641055][ T6984] RIP: 0033:0x7fdd5258e969
[  198.641073][ T6984] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  198.641095][ T6984] RSP: 002b:00007fdd534d6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  198.641116][ T6984] RAX: ffffffffffffffda RBX: 00007fdd527b5fa0 RCX: 00007fdd5258e969
[  198.641131][ T6984] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  198.641146][ T6984] RBP: 00007fdd52610ab1 R08: 0000000000000000 R09: 0000000000000000
[  198.641159][ T6984] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000
[  198.641173][ T6984] R13: 0000000000000000 R14: 00007fdd527b5fa0 R15: 00007ffdf9c6b078
[  198.641210][ T6984]  </TASK>
[  199.367098][ T6972] random: crng reseeded on system resumption
[  199.494513][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  199.506876][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  204.212794][ T7050] random: crng reseeded on system resumption
[  204.893349][ T5852] Bluetooth: hci0: unexpected event 0x3d length: 726 > 14
[  205.146711][ T7067] netlink: 50 bytes leftover after parsing attributes in process `syz.4.224'.
[  206.501127][ T7078] vhci_hcd: invalid port number 242
[  206.567286][ T7078] vhci_hcd: default hub control req: f2ff vffff i00f2 l65535
[  209.049413][ T5852] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18
[  212.835939][ T5151] Bluetooth: hci1: unexpected event 0x3d length: 726 > 14
[  214.117417][ T7194] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88807fe0aee0 pfn:0x7fe0a
[  214.259325][ T7194] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  214.266542][ T7194] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000
[  214.359282][ T7194] raw: ffff88807fe0aee0 ffff888023af9400 00000001ffffffff 0000000000000000
[  214.384600][ T7194] page dumped because: unmovable page
[  214.420041][ T7194] page_owner tracks the page as allocated
[  214.426109][ T7194] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2cc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_NOWARN), pid 5963, tgid 5961 (syz.0.13), ts 108030794588, free_ts 107860991049
[  214.574023][ T5151] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18
[  214.685053][ T7195] could not allocate digest TFM handle binfmt_misc
[  214.692021][ T7194]  post_alloc_hook+0x181/0x1b0
[  214.697143][ T7194]  get_page_from_freelist+0x135c/0x3920
[  214.703586][ T7194]  __alloc_frozen_pages_noprof+0x263/0x23a0
[  214.769235][ T7194]  __alloc_pages_noprof+0xb/0x1b0
[  214.783223][ T7194]  pcpu_populate_chunk+0x110/0xb00
[  214.871724][ T7194]  pcpu_alloc_noprof+0x86a/0x1470
[  214.876855][ T7194]  bpf_map_alloc_percpu+0x9a/0x4b0
[  215.119121][ T7194]  htab_map_alloc+0x10be/0x1540
[  215.124089][ T7194]  map_create+0x58f/0x1db0
[  215.213158][ T7194]  __sys_bpf+0x47cc/0x4d80
[  215.252479][ T7194]  __x64_sys_bpf+0x78/0xc0
[  215.315400][ T7194]  do_syscall_64+0xcd/0x230
[  215.462060][ T7194]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  215.471347][ T7194] page last free pid 5936 tgid 5936 stack trace:
[  215.574847][ T7194]  __free_frozen_pages+0x69d/0xff0
[  215.617858][ T7194]  rcu_core+0x799/0x14e0
[  215.639392][ T7194]  handle_softirqs+0x216/0x8e0
[  215.739210][ T7194]  __irq_exit_rcu+0x109/0x170
[  215.744055][ T7194]  irq_exit_rcu+0x9/0x30
[  215.748358][ T7194]  sysvec_call_function_single+0x57/0xc0
[  215.809442][ T7194]  asm_sysvec_call_function_single+0x1a/0x20
[  217.965783][ T7230] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8
[  222.776907][ T7289] random: crng reseeded on system resumption
[  224.697211][ T5852] Bluetooth: hci4: unexpected event 0x3d length: 726 > 14
[  226.738973][ T7341] random: crng reseeded on system resumption
[  228.277856][ T7361] netlink: 4 bytes leftover after parsing attributes in process `syz.3.291'.
[  228.288272][ T7361] netlink: 25 bytes leftover after parsing attributes in process `syz.3.291'.
[  233.213703][ T5852] Bluetooth: hci4: unexpected subevent 0x01 length: 123 > 18
[  235.492928][ T7435] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  235.985718][ T7435] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  236.238496][ T7444] netlink: 28 bytes leftover after parsing attributes in process `syz.4.299'.
[  236.517224][ T7444] team_slave_0: entered allmulticast mode
[  237.550390][ T7460] random: crng reseeded on system resumption
[  239.174318][ T7492] random: crng reseeded on system resumption
[  240.721801][ T7509] FAULT_INJECTION: forcing a failure.
[  240.721801][ T7509] name failslab, interval 1, probability 0, space 0, times 0
[  240.755298][ T7509] CPU: 0 UID: 0 PID: 7509 Comm: syz.1.315 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) 
[  240.755332][ T7509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  240.755346][ T7509] Call Trace:
[  240.755353][ T7509]  <TASK>
[  240.755363][ T7509]  dump_stack_lvl+0x16c/0x1f0
[  240.755402][ T7509]  should_fail_ex+0x512/0x640
[  240.755431][ T7509]  ? __kmalloc_node_noprof+0xc5/0x500
[  240.755463][ T7509]  should_failslab+0xc2/0x120
[  240.755494][ T7509]  __kmalloc_node_noprof+0xd8/0x500
[  240.755524][ T7509]  ? __vmalloc_node_range_noprof+0x3eb/0x1540
[  240.755553][ T7509]  __vmalloc_node_range_noprof+0x3eb/0x1540
[  240.755587][ T7509]  ? n_tty_open+0x1a/0x170
[  240.755617][ T7509]  ? __ldsem_down_write_nested+0x10e/0x850
[  240.755646][ T7509]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  240.755679][ T7509]  ? n_tty_open+0x1a/0x170
[  240.755706][ T7509]  vzalloc_noprof+0x6b/0x90
[  240.755728][ T7509]  ? n_tty_open+0x1a/0x170
[  240.755753][ T7509]  ? __pfx_n_tty_open+0x10/0x10
[  240.755777][ T7509]  n_tty_open+0x1a/0x170
[  240.755802][ T7509]  ? __pfx_n_tty_open+0x10/0x10
[  240.755827][ T7509]  tty_ldisc_open+0x9c/0x120
[  240.755861][ T7509]  tty_ldisc_setup+0x40/0x100
[  240.755905][ T7509]  tty_init_dev.part.0+0x1ec/0x500
[  240.755932][ T7509]  tty_open+0xa50/0xf90
[  240.755961][ T7509]  ? __pfx_tty_open+0x10/0x10
[  240.755984][ T7509]  ? chrdev_open+0x10b/0x6a0
[  240.756015][ T7509]  ? __pfx_tty_open+0x10/0x10
[  240.756038][ T7509]  chrdev_open+0x231/0x6a0
[  240.756063][ T7509]  ? __pfx_apparmor_file_open+0x10/0x10
[  240.756105][ T7509]  ? __pfx_chrdev_open+0x10/0x10
[  240.756134][ T7509]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  240.756177][ T7509]  do_dentry_open+0x741/0x1c10
[  240.756204][ T7509]  ? __pfx_chrdev_open+0x10/0x10
[  240.756238][ T7509]  vfs_open+0x82/0x3f0
[  240.756273][ T7509]  path_openat+0x1e5e/0x2d40
[  240.756310][ T7509]  ? __pfx_path_openat+0x10/0x10
[  240.756342][ T7509]  do_filp_open+0x20b/0x470
[  240.756367][ T7509]  ? __pfx_do_filp_open+0x10/0x10
[  240.756414][ T7509]  ? alloc_fd+0x471/0x7d0
[  240.756444][ T7509]  do_sys_openat2+0x11b/0x1d0
[  240.756476][ T7509]  ? __pfx_do_sys_openat2+0x10/0x10
[  240.756521][ T7509]  __x64_sys_openat+0x174/0x210
[  240.756555][ T7509]  ? __pfx___x64_sys_openat+0x10/0x10
[  240.756591][ T7509]  ? rcu_is_watching+0x12/0xc0
[  240.756623][ T7509]  do_syscall_64+0xcd/0x230
[  240.756660][ T7509]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  240.756683][ T7509] RIP: 0033:0x7f909d98e969
[  240.756701][ T7509] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  240.756723][ T7509] RSP: 002b:00007f909e869038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  240.756745][ T7509] RAX: ffffffffffffffda RBX: 00007f909dbb5fa0 RCX: 00007f909d98e969
[  240.756760][ T7509] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  240.756775][ T7509] RBP: 00007f909da10ab1 R08: 0000000000000000 R09: 0000000000000000
[  240.756789][ T7509] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000
[  240.756803][ T7509] R13: 0000000000000000 R14: 00007f909dbb5fa0 R15: 00007ffc986188d8
[  240.756832][ T7509]  </TASK>
[  241.071510][ T7509] warn_alloc: 1 callbacks suppressed
[  241.071529][ T7509] syz.1.315: vmalloc error: size 12288, failed to allocated page array size 24, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  241.094014][ T7509] CPU: 0 UID: 0 PID: 7509 Comm: syz.1.315 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) 
[  241.094045][ T7509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  241.094059][ T7509] Call Trace:
[  241.094067][ T7509]  <TASK>
[  241.094075][ T7509]  dump_stack_lvl+0x16c/0x1f0
[  241.094114][ T7509]  warn_alloc+0x248/0x3a0
[  241.094144][ T7509]  ? __pfx_warn_alloc+0x10/0x10
[  241.094169][ T7509]  ? dump_stack_lvl+0x1a1/0x1f0
[  241.094211][ T7509]  ? rcu_is_watching+0x12/0xc0
[  241.094236][ T7509]  ? __kmalloc_node_noprof+0x23b/0x500
[  241.094273][ T7509]  __vmalloc_node_range_noprof+0x1110/0x1540
[  241.094308][ T7509]  ? n_tty_open+0x1a/0x170
[  241.094338][ T7509]  ? __ldsem_down_write_nested+0x10e/0x850
[  241.094367][ T7509]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  241.094400][ T7509]  ? n_tty_open+0x1a/0x170
[  241.094427][ T7509]  vzalloc_noprof+0x6b/0x90
[  241.094449][ T7509]  ? n_tty_open+0x1a/0x170
[  241.094473][ T7509]  ? __pfx_n_tty_open+0x10/0x10
[  241.094498][ T7509]  n_tty_open+0x1a/0x170
[  241.094522][ T7509]  ? __pfx_n_tty_open+0x10/0x10
[  241.094548][ T7509]  tty_ldisc_open+0x9c/0x120
[  241.094581][ T7509]  tty_ldisc_setup+0x40/0x100
[  241.094617][ T7509]  tty_init_dev.part.0+0x1ec/0x500
[  241.094644][ T7509]  tty_open+0xa50/0xf90
[  241.094673][ T7509]  ? __pfx_tty_open+0x10/0x10
[  241.094697][ T7509]  ? chrdev_open+0x10b/0x6a0
[  241.094728][ T7509]  ? __pfx_tty_open+0x10/0x10
[  241.094751][ T7509]  chrdev_open+0x231/0x6a0
[  241.094776][ T7509]  ? __pfx_apparmor_file_open+0x10/0x10
[  241.094807][ T7509]  ? __pfx_chrdev_open+0x10/0x10
[  241.094837][ T7509]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  241.094880][ T7509]  do_dentry_open+0x741/0x1c10
[  241.094906][ T7509]  ? __pfx_chrdev_open+0x10/0x10
[  241.094939][ T7509]  vfs_open+0x82/0x3f0
[  241.094976][ T7509]  path_openat+0x1e5e/0x2d40
[  241.095018][ T7509]  ? __pfx_path_openat+0x10/0x10
[  241.095051][ T7509]  do_filp_open+0x20b/0x470
[  241.095077][ T7509]  ? __pfx_do_filp_open+0x10/0x10
[  241.095124][ T7509]  ? alloc_fd+0x471/0x7d0
[  241.095155][ T7509]  do_sys_openat2+0x11b/0x1d0
[  241.095188][ T7509]  ? __pfx_do_sys_openat2+0x10/0x10
[  241.095245][ T7509]  __x64_sys_openat+0x174/0x210
[  241.095278][ T7509]  ? __pfx___x64_sys_openat+0x10/0x10
[  241.095312][ T7509]  ? rcu_is_watching+0x12/0xc0
[  241.095343][ T7509]  do_syscall_64+0xcd/0x230
[  241.095378][ T7509]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  241.095401][ T7509] RIP: 0033:0x7f909d98e969
[  241.095419][ T7509] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  241.095441][ T7509] RSP: 002b:00007f909e869038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  241.095462][ T7509] RAX: ffffffffffffffda RBX: 00007f909dbb5fa0 RCX: 00007f909d98e969
[  241.095476][ T7509] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  241.095490][ T7509] RBP: 00007f909da10ab1 R08: 0000000000000000 R09: 0000000000000000
[  241.095504][ T7509] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000
[  241.095517][ T7509] R13: 0000000000000000 R14: 00007f909dbb5fa0 R15: 00007ffc986188d8
[  241.095546][ T7509]  </TASK>
[  241.095554][ T7509] Mem-Info:
[  241.418956][ T7509] active_anon:19120 inactive_anon:1 isolated_anon:0
[  241.418956][ T7509]  active_file:11372 inactive_file:39452 isolated_file:0
[  241.418956][ T7509]  unevictable:1684 dirty:767 writeback:0
[  241.418956][ T7509]  slab_reclaimable:10005 slab_unreclaimable:98420
[  241.418956][ T7509]  mapped:37091 shmem:6456 pagetables:885
[  241.418956][ T7509]  sec_pagetables:0 bounce:0
[  241.418956][ T7509]  kernel_misc_reclaimable:0
[  241.418956][ T7509]  free:1311550 free_pcp:1062 free_cma:0
[  241.529312][ T7509] Node 0 active_anon:77480kB inactive_anon:4kB active_file:45488kB inactive_file:157732kB unevictable:5200kB isolated(anon):0kB isolated(file):0kB mapped:148364kB dirty:3064kB writeback:0kB shmem:24288kB shmem_thp:2048kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11148kB pagetables:3540kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  241.647231][ T7509] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  241.771518][ T7509] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  241.822303][ T7508] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  241.857451][ T7509] lowmem_reserve[]: 0 2482 2483 2483 2483
[  241.865292][ T7509] Node 0 DMA32 free:1330428kB boost:0kB min:34092kB low:42612kB high:51132kB reserved_highatomic:0KB active_anon:70908kB inactive_anon:4kB active_file:45488kB inactive_file:156144kB unevictable:5200kB writepending:3064kB present:3129332kB managed:2541748kB mlocked:3664kB bounce:0kB free_pcp:8380kB local_pcp:8316kB free_cma:0kB
[  241.900615][ T7508] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  241.924833][ T7509] lowmem_reserve[]: 0 0 1 1 1
[  241.934411][ T7509] Node 0 Normal free:8kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1588kB unevictable:0kB writepending:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  241.974809][ T7509] lowmem_reserve[]: 0 0 0 0 0
[  242.106738][ T7509] Node 1 Normal free:3900676kB boost:0kB min:55784kB low:69728kB high:83672kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:1788kB local_pcp:864kB free_cma:0kB
[  242.276695][ T7509] lowmem_reserve[]: 0 0 0 0 0
[  242.298371][ T7509] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  242.368029][ T7509] Node 0 DMA32: 1242*4kB (UME) 865*8kB (UME) 176*16kB (UME) 401*32kB (UME) 551*64kB (UME) 164*128kB (UME) 128*256kB (UME) 62*512kB (UME) 16*1024kB (UM) 2*2048kB (ME) 288*4096kB (UM) = 1348432kB
[  242.418229][ T7509] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB
[  242.509117][ T7509] Node 1 Normal: 235*4kB (UME) 17*8kB (UME) 47*16kB (UME) 203*32kB (UME) 100*64kB (UME) 39*128kB (UME) 22*256kB (UME) 9*512kB (UME) 2*1024kB (UM) 1*2048kB (E) 944*4096kB (M) = 3900676kB
[  242.548787][ T7519] random: crng reseeded on system resumption
[  242.609156][ T7509] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  242.676843][ T7509] Node 0 hugepages_total=5 hugepages_free=0 hugepages_surp=2 hugepages_size=2048kB
[  242.719483][ T7509] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  242.747711][ T7509] Node 1 hugepages_total=2 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  242.769154][ T7509] 52866 total pagecache pages
[  242.783557][ T7509] 1 pages in swap cache
[  242.792737][ T7509] Free swap  = 124992kB
[  242.796947][ T7509] Total swap = 124996kB
[  242.813926][ T7509] 2097051 pages RAM
[  242.817842][ T7509] 0 pages HighMem/MovableOnly
[  242.835338][ T7509] 429572 pages reserved
[  242.847954][ T7509] 0 pages cma reserved
[  242.912756][ T7509] tty tty26: ldisc open failed (-12), clearing slot 25
[  244.691482][ T7545] random: crng reseeded on system resumption
[  246.021197][ T7564] FAULT_INJECTION: forcing a failure.
[  246.021197][ T7564] name failslab, interval 1, probability 0, space 0, times 0
[  246.034037][ T7564] CPU: 0 UID: 0 PID: 7564 Comm: syz.3.326 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) 
[  246.034070][ T7564] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  246.034083][ T7564] Call Trace:
[  246.034091][ T7564]  <TASK>
[  246.034099][ T7564]  dump_stack_lvl+0x16c/0x1f0
[  246.034137][ T7564]  should_fail_ex+0x512/0x640
[  246.034165][ T7564]  ? __kmalloc_node_noprof+0xc5/0x500
[  246.034198][ T7564]  should_failslab+0xc2/0x120
[  246.034229][ T7564]  __kmalloc_node_noprof+0xd8/0x500
[  246.034259][ T7564]  ? __vmalloc_node_range_noprof+0x3eb/0x1540
[  246.034287][ T7564]  __vmalloc_node_range_noprof+0x3eb/0x1540
[  246.034321][ T7564]  ? n_tty_open+0x1a/0x170
[  246.034351][ T7564]  ? __ldsem_down_write_nested+0x10e/0x850
[  246.034381][ T7564]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  246.034414][ T7564]  ? n_tty_open+0x1a/0x170
[  246.034441][ T7564]  vzalloc_noprof+0x6b/0x90
[  246.034463][ T7564]  ? n_tty_open+0x1a/0x170
[  246.034488][ T7564]  ? __pfx_n_tty_open+0x10/0x10
[  246.034512][ T7564]  n_tty_open+0x1a/0x170
[  246.034537][ T7564]  ? __pfx_n_tty_open+0x10/0x10
[  246.034563][ T7564]  tty_ldisc_open+0x9c/0x120
[  246.034597][ T7564]  tty_ldisc_setup+0x40/0x100
[  246.034633][ T7564]  tty_init_dev.part.0+0x1ec/0x500
[  246.034659][ T7564]  tty_open+0xa50/0xf90
[  246.034688][ T7564]  ? __pfx_tty_open+0x10/0x10
[  246.034719][ T7564]  ? chrdev_open+0x10b/0x6a0
[  246.034750][ T7564]  ? __pfx_tty_open+0x10/0x10
[  246.034773][ T7564]  chrdev_open+0x231/0x6a0
[  246.034799][ T7564]  ? __pfx_apparmor_file_open+0x10/0x10
[  246.034831][ T7564]  ? __pfx_chrdev_open+0x10/0x10
[  246.034861][ T7564]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  246.034903][ T7564]  do_dentry_open+0x741/0x1c10
[  246.034930][ T7564]  ? __pfx_chrdev_open+0x10/0x10
[  246.034963][ T7564]  vfs_open+0x82/0x3f0
[  246.034999][ T7564]  path_openat+0x1e5e/0x2d40
[  246.035035][ T7564]  ? __pfx_path_openat+0x10/0x10
[  246.035067][ T7564]  do_filp_open+0x20b/0x470
[  246.035092][ T7564]  ? __pfx_do_filp_open+0x10/0x10
[  246.035139][ T7564]  ? alloc_fd+0x471/0x7d0
[  246.035169][ T7564]  do_sys_openat2+0x11b/0x1d0
[  246.035215][ T7564]  ? __pfx_do_sys_openat2+0x10/0x10
[  246.035259][ T7564]  __x64_sys_openat+0x174/0x210
[  246.035291][ T7564]  ? __pfx___x64_sys_openat+0x10/0x10
[  246.035326][ T7564]  ? rcu_is_watching+0x12/0xc0
[  246.035357][ T7564]  do_syscall_64+0xcd/0x230
[  246.035392][ T7564]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  246.035415][ T7564] RIP: 0033:0x7f8fcb18e969
[  246.035432][ T7564] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  246.035454][ T7564] RSP: 002b:00007f8fcc055038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  246.035474][ T7564] RAX: ffffffffffffffda RBX: 00007f8fcb3b6080 RCX: 00007f8fcb18e969
[  246.035489][ T7564] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  246.035503][ T7564] RBP: 00007f8fcb210ab1 R08: 0000000000000000 R09: 0000000000000000
[  246.035516][ T7564] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000
[  246.035530][ T7564] R13: 0000000000000000 R14: 00007f8fcb3b6080 R15: 00007ffcf86790a8
[  246.035558][ T7564]  </TASK>
[  246.035598][ T7564] tty tty26: ldisc open failed (-12), clearing slot 25
[  247.716395][ T7575] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  247.742636][ T7575] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  249.705828][ T7607] FAULT_INJECTION: forcing a failure.
[  249.705828][ T7607] name failslab, interval 1, probability 0, space 0, times 0
[  249.769216][ T7607] CPU: 1 UID: 0 PID: 7607 Comm: syz.3.335 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) 
[  249.769264][ T7607] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  249.769283][ T7607] Call Trace:
[  249.769294][ T7607]  <TASK>
[  249.769306][ T7607]  dump_stack_lvl+0x16c/0x1f0
[  249.769362][ T7607]  should_fail_ex+0x512/0x640
[  249.769410][ T7607]  ? __kmalloc_cache_node_noprof+0x5a/0x420
[  249.769456][ T7607]  should_failslab+0xc2/0x120
[  249.769501][ T7607]  __kmalloc_cache_node_noprof+0x6d/0x420
[  249.769542][ T7607]  ? __get_vm_area_node+0x101/0x300
[  249.769602][ T7607]  __get_vm_area_node+0x101/0x300
[  249.769663][ T7607]  __vmalloc_node_range_noprof+0x277/0x1540
[  249.769698][ T7607]  ? n_tty_open+0x1a/0x170
[  249.769755][ T7607]  ? n_tty_open+0x1a/0x170
[  249.769797][ T7607]  ? __ldsem_down_write_nested+0x10e/0x850
[  249.769839][ T7607]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  249.769887][ T7607]  ? n_tty_open+0x1a/0x170
[  249.769937][ T7607]  vzalloc_noprof+0x6b/0x90
[  249.769969][ T7607]  ? n_tty_open+0x1a/0x170
[  249.770002][ T7607]  ? __pfx_n_tty_open+0x10/0x10
[  249.770037][ T7607]  n_tty_open+0x1a/0x170
[  249.770071][ T7607]  ? __pfx_n_tty_open+0x10/0x10
[  249.770105][ T7607]  tty_ldisc_open+0x9c/0x120
[  249.770152][ T7607]  tty_ldisc_setup+0x40/0x100
[  249.770200][ T7607]  tty_init_dev.part.0+0x1ec/0x500
[  249.770237][ T7607]  tty_open+0xa50/0xf90
[  249.770277][ T7607]  ? __pfx_tty_open+0x10/0x10
[  249.770309][ T7607]  ? chrdev_open+0x10b/0x6a0
[  249.770352][ T7607]  ? __pfx_tty_open+0x10/0x10
[  249.770384][ T7607]  chrdev_open+0x231/0x6a0
[  249.770427][ T7607]  ? __pfx_apparmor_file_open+0x10/0x10
[  249.770472][ T7607]  ? __pfx_chrdev_open+0x10/0x10
[  249.770532][ T7607]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  249.770593][ T7607]  do_dentry_open+0x741/0x1c10
[  249.770631][ T7607]  ? __pfx_chrdev_open+0x10/0x10
[  249.770679][ T7607]  vfs_open+0x82/0x3f0
[  249.770730][ T7607]  path_openat+0x1e5e/0x2d40
[  249.770782][ T7607]  ? __pfx_path_openat+0x10/0x10
[  249.770828][ T7607]  do_filp_open+0x20b/0x470
[  249.770864][ T7607]  ? __pfx_do_filp_open+0x10/0x10
[  249.770933][ T7607]  ? alloc_fd+0x471/0x7d0
[  249.770976][ T7607]  do_sys_openat2+0x11b/0x1d0
[  249.771023][ T7607]  ? __pfx_do_sys_openat2+0x10/0x10
[  249.771089][ T7607]  __x64_sys_openat+0x174/0x210
[  249.771138][ T7607]  ? __pfx___x64_sys_openat+0x10/0x10
[  249.771190][ T7607]  ? rcu_is_watching+0x12/0xc0
[  249.771237][ T7607]  do_syscall_64+0xcd/0x230
[  249.771290][ T7607]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  249.771323][ T7607] RIP: 0033:0x7f8fcb18e969
[  249.771349][ T7607] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  249.771381][ T7607] RSP: 002b:00007f8fcc076038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  249.771420][ T7607] RAX: ffffffffffffffda RBX: 00007f8fcb3b5fa0 RCX: 00007f8fcb18e969
[  249.771441][ T7607] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  249.771463][ T7607] RBP: 00007f8fcb210ab1 R08: 0000000000000000 R09: 0000000000000000
[  249.771483][ T7607] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000
[  249.771503][ T7607] R13: 0000000000000000 R14: 00007f8fcb3b5fa0 R15: 00007ffcf86790a8
[  249.771547][ T7607]  </TASK>
[  249.779183][ T7607] tty tty26: ldisc open failed (-12), clearing slot 25
[  249.853438][ T7596] zswap: compressor  not available
[  251.374840][ T7622] netlink: 50 bytes leftover after parsing attributes in process `syz.3.338'.
[  254.607854][ T7650] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  254.619502][ T7650] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  256.223121][ T7671] FAULT_INJECTION: forcing a failure.
[  256.223121][ T7671] name failslab, interval 1, probability 0, space 0, times 0
[  256.299148][ T7671] CPU: 1 UID: 0 PID: 7671 Comm: syz.1.346 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) 
[  256.299193][ T7671] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  256.299212][ T7671] Call Trace:
[  256.299222][ T7671]  <TASK>
[  256.299235][ T7671]  dump_stack_lvl+0x16c/0x1f0
[  256.299288][ T7671]  should_fail_ex+0x512/0x640
[  256.299334][ T7671]  should_failslab+0xc2/0x120
[  256.299378][ T7671]  __kmalloc_cache_noprof+0x6a/0x3e0
[  256.299414][ T7671]  ? minstrel_ht_alloc+0x4f/0x980
[  256.299472][ T7671]  minstrel_ht_alloc+0x4f/0x980
[  256.299532][ T7671]  ieee80211_init_rate_ctrl_alg+0x209/0x6b0
[  256.299593][ T7671]  ieee80211_register_hw+0x20aa/0x4020
[  256.299632][ T7671]  ? __pfx__raw_spin_unlock_bh+0x1/0x10
[  256.299676][ T7671]  ? __debug_object_init+0x231/0x3d0
[  256.299732][ T7671]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  256.299772][ T7671]  ? find_held_lock+0x2b/0x80
[  256.299808][ T7671]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  256.299858][ T7671]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  256.299911][ T7671]  ? __hrtimer_setup+0x176/0x280
[  256.299968][ T7671]  mac80211_hwsim_new_radio+0x3034/0x54d0
[  256.300049][ T7671]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  256.300106][ T7671]  hwsim_new_radio_nl+0xb51/0x12c0
[  256.300153][ T7671]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  256.300210][ T7671]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  256.300268][ T7671]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  256.300335][ T7671]  genl_family_rcv_msg_doit+0x206/0x2f0
[  256.300372][ T7671]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  256.300427][ T7671]  ? trace_cap_capable+0x18d/0x200
[  256.300473][ T7671]  ? bpf_lsm_capable+0x9/0x10
[  256.300509][ T7671]  ? security_capable+0x7e/0x260
[  256.300544][ T7671]  ? ns_capable+0xd7/0x110
[  256.300591][ T7671]  genl_rcv_msg+0x55c/0x800
[  256.300629][ T7671]  ? __pfx_genl_rcv_msg+0x10/0x10
[  256.300658][ T7671]  ? __pfx___dev_queue_xmit+0x10/0x10
[  256.300696][ T7671]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  256.300742][ T7671]  ? __lock_acquire+0xaa4/0x1ba0
[  256.300797][ T7671]  netlink_rcv_skb+0x16a/0x440
[  256.300845][ T7671]  ? __pfx_genl_rcv_msg+0x10/0x10
[  256.300879][ T7671]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  256.300949][ T7671]  ? __pfx_down_read+0x10/0x10
[  256.300987][ T7671]  ? netlink_deliver_tap+0x1ae/0xd30
[  256.301041][ T7671]  genl_rcv+0x28/0x40
[  256.301089][ T7671]  netlink_unicast+0x53a/0x7f0
[  256.301144][ T7671]  ? __pfx_netlink_unicast+0x10/0x10
[  256.301190][ T7671]  ? __lock_acquire+0xaa4/0x1ba0
[  256.301248][ T7671]  netlink_sendmsg+0x8d1/0xdd0
[  256.301306][ T7671]  ? __pfx_netlink_sendmsg+0x10/0x10
[  256.301373][ T7671]  ____sys_sendmsg+0xa95/0xc70
[  256.301406][ T7671]  ? copy_msghdr_from_user+0x10a/0x160
[  256.301450][ T7671]  ? __pfx_____sys_sendmsg+0x10/0x10
[  256.301504][ T7671]  ___sys_sendmsg+0x134/0x1d0
[  256.301552][ T7671]  ? __pfx____sys_sendmsg+0x10/0x10
[  256.301652][ T7671]  __sys_sendmsg+0x16d/0x220
[  256.301697][ T7671]  ? __pfx___sys_sendmsg+0x10/0x10
[  256.301741][ T7671]  ? __x64_sys_futex+0x1e0/0x4c0
[  256.301793][ T7671]  ? rcu_is_watching+0x12/0xc0
[  256.301840][ T7671]  do_syscall_64+0xcd/0x230
[  256.301892][ T7671]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  256.301925][ T7671] RIP: 0033:0x7f909d98e969
[  256.301951][ T7671] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  256.301989][ T7671] RSP: 002b:00007f909e869038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  256.302021][ T7671] RAX: ffffffffffffffda RBX: 00007f909dbb5fa0 RCX: 00007f909d98e969
[  256.302042][ T7671] RDX: 00000000040000c0 RSI: 0000200000000300 RDI: 0000000000000006
[  256.302062][ T7671] RBP: 00007f909da10ab1 R08: 0000000000000000 R09: 0000000000000000
[  256.302082][ T7671] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  256.302101][ T7671] R13: 0000000000000000 R14: 00007f909dbb5fa0 R15: 00007ffc986188d8
[  256.302145][ T7671]  </TASK>
[  256.302306][ T7671] ieee80211 phy27: Failed to select rate control algorithm
[  256.813806][ T7670] Invalid ELF header magic: != ELF
[  258.720455][ T7690] netlink: 28 bytes leftover after parsing attributes in process `syz.2.348'.
[  258.815552][ T7690] team_slave_0: entered allmulticast mode
[  258.860487][ T7698] FAULT_INJECTION: forcing a failure.
[  258.860487][ T7698] name failslab, interval 1, probability 0, space 0, times 0
[  258.897557][ T7698] CPU: 0 UID: 0 PID: 7698 Comm: syz.1.350 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) 
[  258.897605][ T7698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  258.897625][ T7698] Call Trace:
[  258.897636][ T7698]  <TASK>
[  258.897648][ T7698]  dump_stack_lvl+0x16c/0x1f0
[  258.897699][ T7698]  should_fail_ex+0x512/0x640
[  258.897737][ T7698]  ? __kmalloc_node_noprof+0xc5/0x500
[  258.897785][ T7698]  should_failslab+0xc2/0x120
[  258.897840][ T7698]  __kmalloc_node_noprof+0xd8/0x500
[  258.897884][ T7698]  ? __vmalloc_node_range_noprof+0x3eb/0x1540
[  258.897927][ T7698]  __vmalloc_node_range_noprof+0x3eb/0x1540
[  258.897977][ T7698]  ? n_tty_open+0x1a/0x170
[  258.898020][ T7698]  ? __ldsem_down_write_nested+0x10e/0x850
[  258.898063][ T7698]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  258.898109][ T7698]  ? n_tty_open+0x1a/0x170
[  258.898149][ T7698]  vzalloc_noprof+0x6b/0x90
[  258.898182][ T7698]  ? n_tty_open+0x1a/0x170
[  258.898218][ T7698]  ? __pfx_n_tty_open+0x10/0x10
[  258.898253][ T7698]  n_tty_open+0x1a/0x170
[  258.898289][ T7698]  ? __pfx_n_tty_open+0x10/0x10
[  258.898325][ T7698]  tty_ldisc_open+0x9c/0x120
[  258.898375][ T7698]  tty_ldisc_setup+0x40/0x100
[  258.898427][ T7698]  tty_init_dev.part.0+0x1ec/0x500
[  258.898466][ T7698]  tty_open+0xa50/0xf90
[  258.898513][ T7698]  ? __pfx_tty_open+0x10/0x10
[  258.898547][ T7698]  ? chrdev_open+0x10b/0x6a0
[  258.898593][ T7698]  ? __pfx_tty_open+0x10/0x10
[  258.898627][ T7698]  chrdev_open+0x231/0x6a0
[  258.898664][ T7698]  ? __pfx_apparmor_file_open+0x10/0x10
[  258.898732][ T7698]  ? __pfx_chrdev_open+0x10/0x10
[  258.898775][ T7698]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  258.898846][ T7698]  do_dentry_open+0x741/0x1c10
[  258.898886][ T7698]  ? __pfx_chrdev_open+0x10/0x10
[  258.898934][ T7698]  vfs_open+0x82/0x3f0
[  258.898988][ T7698]  path_openat+0x1e5e/0x2d40
[  258.899037][ T7698]  ? __pfx_path_openat+0x10/0x10
[  258.899081][ T7698]  do_filp_open+0x20b/0x470
[  258.899114][ T7698]  ? __pfx_do_filp_open+0x10/0x10
[  258.899177][ T7698]  ? alloc_fd+0x471/0x7d0
[  258.899220][ T7698]  do_sys_openat2+0x11b/0x1d0
[  258.899267][ T7698]  ? __pfx_do_sys_openat2+0x10/0x10
[  258.899333][ T7698]  __x64_sys_openat+0x174/0x210
[  258.899382][ T7698]  ? __pfx___x64_sys_openat+0x10/0x10
[  258.899434][ T7698]  ? rcu_is_watching+0x12/0xc0
[  258.899481][ T7698]  do_syscall_64+0xcd/0x230
[  258.899533][ T7698]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  258.899566][ T7698] RIP: 0033:0x7f909d98e969
[  258.899590][ T7698] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  258.899622][ T7698] RSP: 002b:00007f909e869038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  258.899655][ T7698] RAX: ffffffffffffffda RBX: 00007f909dbb5fa0 RCX: 00007f909d98e969
[  258.899676][ T7698] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  258.899697][ T7698] RBP: 00007f909da10ab1 R08: 0000000000000000 R09: 0000000000000000
[  258.899717][ T7698] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000
[  258.899737][ T7698] R13: 0000000000000000 R14: 00007f909dbb5fa0 R15: 00007ffc986188d8
[  258.899781][ T7698]  </TASK>
[  259.369568][ T7698] warn_alloc: 2 callbacks suppressed
[  259.369590][ T7698] syz.1.350: vmalloc error: size 12288, failed to allocated page array size 24, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  259.539716][ T7698] CPU: 0 UID: 0 PID: 7698 Comm: syz.1.350 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) 
[  259.539765][ T7698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  259.539785][ T7698] Call Trace:
[  259.539795][ T7698]  <TASK>
[  259.539807][ T7698]  dump_stack_lvl+0x16c/0x1f0
[  259.539861][ T7698]  warn_alloc+0x248/0x3a0
[  259.539904][ T7698]  ? __pfx_warn_alloc+0x10/0x10
[  259.539939][ T7698]  ? dump_stack_lvl+0x1a1/0x1f0
[  259.539999][ T7698]  ? rcu_is_watching+0x12/0xc0
[  259.540035][ T7698]  ? __kmalloc_node_noprof+0x23b/0x500
[  259.540088][ T7698]  __vmalloc_node_range_noprof+0x1110/0x1540
[  259.540139][ T7698]  ? n_tty_open+0x1a/0x170
[  259.540182][ T7698]  ? __ldsem_down_write_nested+0x10e/0x850
[  259.540225][ T7698]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  259.540273][ T7698]  ? n_tty_open+0x1a/0x170
[  259.540312][ T7698]  vzalloc_noprof+0x6b/0x90
[  259.540344][ T7698]  ? n_tty_open+0x1a/0x170
[  259.540379][ T7698]  ? __pfx_n_tty_open+0x10/0x10
[  259.540415][ T7698]  n_tty_open+0x1a/0x170
[  259.540451][ T7698]  ? __pfx_n_tty_open+0x10/0x10
[  259.540487][ T7698]  tty_ldisc_open+0x9c/0x120
[  259.540536][ T7698]  tty_ldisc_setup+0x40/0x100
[  259.540588][ T7698]  tty_init_dev.part.0+0x1ec/0x500
[  259.540626][ T7698]  tty_open+0xa50/0xf90
[  259.540668][ T7698]  ? __pfx_tty_open+0x10/0x10
[  259.540710][ T7698]  ? chrdev_open+0x10b/0x6a0
[  259.540760][ T7698]  ? __pfx_tty_open+0x10/0x10
[  259.540793][ T7698]  chrdev_open+0x231/0x6a0
[  259.540830][ T7698]  ? __pfx_apparmor_file_open+0x10/0x10
[  259.540874][ T7698]  ? __pfx_chrdev_open+0x10/0x10
[  259.540918][ T7698]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  259.540987][ T7698]  do_dentry_open+0x741/0x1c10
[  259.541033][ T7698]  ? __pfx_chrdev_open+0x10/0x10
[  259.541098][ T7698]  vfs_open+0x82/0x3f0
[  259.541151][ T7698]  path_openat+0x1e5e/0x2d40
[  259.541204][ T7698]  ? __pfx_path_openat+0x10/0x10
[  259.541252][ T7698]  do_filp_open+0x20b/0x470
[  259.541287][ T7698]  ? __pfx_do_filp_open+0x10/0x10
[  259.541355][ T7698]  ? alloc_fd+0x471/0x7d0
[  259.541399][ T7698]  do_sys_openat2+0x11b/0x1d0
[  259.541446][ T7698]  ? __pfx_do_sys_openat2+0x10/0x10
[  259.541511][ T7698]  __x64_sys_openat+0x174/0x210
[  259.541560][ T7698]  ? __pfx___x64_sys_openat+0x10/0x10
[  259.541611][ T7698]  ? rcu_is_watching+0x12/0xc0
[  259.541658][ T7698]  do_syscall_64+0xcd/0x230
[  259.541719][ T7698]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.541752][ T7698] RIP: 0033:0x7f909d98e969
[  259.541778][ T7698] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  259.541810][ T7698] RSP: 002b:00007f909e869038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  259.541842][ T7698] RAX: ffffffffffffffda RBX: 00007f909dbb5fa0 RCX: 00007f909d98e969
[  259.541864][ T7698] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  259.541885][ T7698] RBP: 00007f909da10ab1 R08: 0000000000000000 R09: 0000000000000000
[  259.541905][ T7698] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000
[  259.541925][ T7698] R13: 0000000000000000 R14: 00007f909dbb5fa0 R15: 00007ffc986188d8
[  259.541970][ T7698]  </TASK>
[  259.638262][ T7698] Mem-Info:
[  259.920148][ T7698] active_anon:13363 inactive_anon:1 isolated_anon:0
[  259.920148][ T7698]  active_file:11366 inactive_file:39466 isolated_file:0
[  259.920148][ T7698]  unevictable:1684 dirty:724 writeback:0
[  259.920148][ T7698]  slab_reclaimable:10247 slab_unreclaimable:98832
[  259.920148][ T7698]  mapped:31029 shmem:1411 pagetables:842
[  259.920148][ T7698]  sec_pagetables:0 bounce:0
[  259.920148][ T7698]  kernel_misc_reclaimable:0
[  259.920148][ T7698]  free:1317636 free_pcp:915 free_cma:0
[  260.066256][ T7698] Node 0 active_anon:53452kB inactive_anon:4kB active_file:45464kB inactive_file:157788kB unevictable:5200kB isolated(anon):0kB isolated(file):0kB mapped:124116kB dirty:2892kB writeback:0kB shmem:4108kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10828kB pagetables:3368kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  260.210361][ T7698] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  260.339349][ T7698] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  260.442852][ T7698] lowmem_reserve[]: 0 2482 2483 2483 2483
[  260.448735][ T7698] Node 0 DMA32 free:1352956kB boost:0kB min:34092kB low:42612kB high:51132kB reserved_highatomic:0KB active_anon:55504kB inactive_anon:4kB active_file:45464kB inactive_file:156200kB unevictable:5200kB writepending:2892kB present:3129332kB managed:2541748kB mlocked:3664kB bounce:0kB free_pcp:1548kB local_pcp:388kB free_cma:0kB
[  260.480679][ T7698] lowmem_reserve[]: 0 0 1 1 1
[  260.485492][ T7698] Node 0 Normal free:8kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1588kB unevictable:0kB writepending:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  260.512893][ T7698] lowmem_reserve[]: 0 0 0 0 0
[  260.517700][ T7698] Node 1 Normal free:3902468kB boost:0kB min:55784kB low:69728kB high:83672kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  260.547283][ T7698] lowmem_reserve[]: 0 0 0 0 0
[  260.552174][ T7698] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  260.565086][ T7698] Node 0 DMA32: 366*4kB (U) 377*8kB (UME) 624*16kB (UM) 535*32kB (UME) 512*64kB (UME) 163*128kB (UME) 127*256kB (UME) 61*512kB (UME) 17*1024kB (UM) 2*2048kB (ME) 288*4096kB (UM) = 1350112kB
[  260.585138][ T7698] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB
[  260.597478][ T7698] Node 1 Normal: 235*4kB (UME) 47*8kB (UME) 48*16kB (UME) 207*32kB (UME) 100*64kB (UME) 38*128kB (UME) 22*256kB (UME) 10*512kB (UME) 3*1024kB (UM) 1*2048kB (E) 944*4096kB (M) = 3902468kB
[  260.649142][ T7698] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  260.658777][ T7698] Node 0 hugepages_total=5 hugepages_free=0 hugepages_surp=2 hugepages_size=2048kB
[  260.699297][ T7698] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  260.708928][ T7698] Node 1 hugepages_total=2 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  260.759161][ T7698] 52876 total pagecache pages
[  260.763917][ T7698] 4 pages in swap cache
[  260.768107][ T7698] Free swap  = 124992kB
[  260.789170][ T7698] Total swap = 124996kB
[  260.793404][ T7698] 2097051 pages RAM
[  260.797250][ T7698] 0 pages HighMem/MovableOnly
[  260.822203][ T7698] 429572 pages reserved
[  260.829157][ T7698] 0 pages cma reserved
[  260.837745][ T7698] tty tty26: ldisc open failed (-12), clearing slot 25
[  260.935369][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  260.941946][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  267.811030][ T7799] FAULT_INJECTION: forcing a failure.
[  267.811030][ T7799] name failslab, interval 1, probability 0, space 0, times 0
[  267.839279][ T7799] CPU: 0 UID: 0 PID: 7799 Comm: syz.1.373 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) 
[  267.839329][ T7799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  267.839348][ T7799] Call Trace:
[  267.839359][ T7799]  <TASK>
[  267.839372][ T7799]  dump_stack_lvl+0x16c/0x1f0
[  267.839436][ T7799]  should_fail_ex+0x512/0x640
[  267.839475][ T7799]  ? __kmalloc_node_noprof+0xc5/0x500
[  267.839522][ T7799]  should_failslab+0xc2/0x120
[  267.839566][ T7799]  __kmalloc_node_noprof+0xd8/0x500
[  267.839609][ T7799]  ? __vmalloc_node_range_noprof+0x3eb/0x1540
[  267.839649][ T7799]  __vmalloc_node_range_noprof+0x3eb/0x1540
[  267.839699][ T7799]  ? n_tty_open+0x1a/0x170
[  267.839741][ T7799]  ? __ldsem_down_write_nested+0x10e/0x850
[  267.839785][ T7799]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  267.839830][ T7799]  ? n_tty_open+0x1a/0x170
[  267.839870][ T7799]  vzalloc_noprof+0x6b/0x90
[  267.839902][ T7799]  ? n_tty_open+0x1a/0x170
[  267.839937][ T7799]  ? __pfx_n_tty_open+0x10/0x10
[  267.839973][ T7799]  n_tty_open+0x1a/0x170
[  267.840009][ T7799]  ? __pfx_n_tty_open+0x10/0x10
[  267.840045][ T7799]  tty_ldisc_open+0x9c/0x120
[  267.840094][ T7799]  tty_ldisc_setup+0x40/0x100
[  267.840146][ T7799]  tty_init_dev.part.0+0x1ec/0x500
[  267.840185][ T7799]  tty_open+0xa50/0xf90
[  267.840227][ T7799]  ? __pfx_tty_open+0x10/0x10
[  267.840261][ T7799]  ? chrdev_open+0x10b/0x6a0
[  267.840306][ T7799]  ? __pfx_tty_open+0x10/0x10
[  267.840338][ T7799]  chrdev_open+0x231/0x6a0
[  267.840375][ T7799]  ? __pfx_apparmor_file_open+0x10/0x10
[  267.840425][ T7799]  ? __pfx_chrdev_open+0x10/0x10
[  267.840468][ T7799]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  267.840531][ T7799]  do_dentry_open+0x741/0x1c10
[  267.840569][ T7799]  ? __pfx_chrdev_open+0x10/0x10
[  267.840617][ T7799]  vfs_open+0x82/0x3f0
[  267.840669][ T7799]  path_openat+0x1e5e/0x2d40
[  267.840721][ T7799]  ? __pfx_path_openat+0x10/0x10
[  267.840768][ T7799]  do_filp_open+0x20b/0x470
[  267.840804][ T7799]  ? __pfx_do_filp_open+0x10/0x10
[  267.840872][ T7799]  ? alloc_fd+0x471/0x7d0
[  267.840915][ T7799]  do_sys_openat2+0x11b/0x1d0
[  267.840962][ T7799]  ? __pfx_do_sys_openat2+0x10/0x10
[  267.841028][ T7799]  __x64_sys_openat+0x174/0x210
[  267.841078][ T7799]  ? __pfx___x64_sys_openat+0x10/0x10
[  267.841129][ T7799]  ? rcu_is_watching+0x12/0xc0
[  267.841176][ T7799]  do_syscall_64+0xcd/0x230
[  267.841229][ T7799]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  267.841263][ T7799] RIP: 0033:0x7f909d98e969
[  267.841289][ T7799] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  267.841321][ T7799] RSP: 002b:00007f909e869038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  267.841354][ T7799] RAX: ffffffffffffffda RBX: 00007f909dbb5fa0 RCX: 00007f909d98e969
[  267.841382][ T7799] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  267.841403][ T7799] RBP: 00007f909da10ab1 R08: 0000000000000000 R09: 0000000000000000
[  267.841423][ T7799] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000
[  267.841442][ T7799] R13: 0000000000000000 R14: 00007f909dbb5fa0 R15: 00007ffc986188d8
[  267.841485][ T7799]  </TASK>
[  267.841547][ T7799] tty tty26: ldisc open failed (-12), clearing slot 25
[  268.876449][ T7810] FAULT_INJECTION: forcing a failure.
[  268.876449][ T7810] name failslab, interval 1, probability 0, space 0, times 0
[  268.912671][ T7810] CPU: 1 UID: 0 PID: 7810 Comm: syz.4.375 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) 
[  268.912720][ T7810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  268.912741][ T7810] Call Trace:
[  268.912751][ T7810]  <TASK>
[  268.912763][ T7810]  dump_stack_lvl+0x16c/0x1f0
[  268.912818][ T7810]  should_fail_ex+0x512/0x640
[  268.912858][ T7810]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  268.912898][ T7810]  should_failslab+0xc2/0x120
[  268.912942][ T7810]  __kmalloc_cache_noprof+0x6a/0x3e0
[  268.912980][ T7810]  ? ieee80211_init_rate_ctrl_alg+0x175/0x6b0
[  268.913056][ T7810]  ieee80211_init_rate_ctrl_alg+0x175/0x6b0
[  268.913118][ T7810]  ieee80211_register_hw+0x20aa/0x4020
[  268.913159][ T7810]  ? __pfx__raw_spin_unlock_bh+0x1/0x10
[  268.913203][ T7810]  ? __debug_object_init+0x231/0x3d0
[  268.913260][ T7810]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  268.913301][ T7810]  ? find_held_lock+0x2b/0x80
[  268.913338][ T7810]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  268.913389][ T7810]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  268.913444][ T7810]  ? __hrtimer_setup+0x176/0x280
[  268.913502][ T7810]  mac80211_hwsim_new_radio+0x3034/0x54d0
[  268.913572][ T7810]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  268.913630][ T7810]  hwsim_new_radio_nl+0xb51/0x12c0
[  268.913679][ T7810]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  268.913732][ T7810]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  268.913792][ T7810]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  268.913861][ T7810]  genl_family_rcv_msg_doit+0x206/0x2f0
[  268.913897][ T7810]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  268.913953][ T7810]  ? trace_cap_capable+0x18d/0x200
[  268.913998][ T7810]  ? bpf_lsm_capable+0x9/0x10
[  268.914052][ T7810]  ? security_capable+0x7e/0x260
[  268.914088][ T7810]  ? ns_capable+0xd7/0x110
[  268.914130][ T7810]  genl_rcv_msg+0x55c/0x800
[  268.914168][ T7810]  ? __pfx_genl_rcv_msg+0x10/0x10
[  268.914199][ T7810]  ? __pfx___dev_queue_xmit+0x10/0x10
[  268.914237][ T7810]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  268.914284][ T7810]  ? __lock_acquire+0xaa4/0x1ba0
[  268.914340][ T7810]  netlink_rcv_skb+0x16a/0x440
[  268.914388][ T7810]  ? __pfx_genl_rcv_msg+0x10/0x10
[  268.914434][ T7810]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  268.914508][ T7810]  ? __pfx_down_read+0x10/0x10
[  268.914541][ T7810]  ? netlink_deliver_tap+0x1ae/0xd30
[  268.914596][ T7810]  genl_rcv+0x28/0x40
[  268.914646][ T7810]  netlink_unicast+0x53a/0x7f0
[  268.914701][ T7810]  ? __pfx_netlink_unicast+0x10/0x10
[  268.914745][ T7810]  ? __lock_acquire+0xaa4/0x1ba0
[  268.914803][ T7810]  netlink_sendmsg+0x8d1/0xdd0
[  268.914861][ T7810]  ? __pfx_netlink_sendmsg+0x10/0x10
[  268.914928][ T7810]  ____sys_sendmsg+0xa95/0xc70
[  268.914962][ T7810]  ? copy_msghdr_from_user+0x10a/0x160
[  268.915006][ T7810]  ? __pfx_____sys_sendmsg+0x10/0x10
[  268.915067][ T7810]  ___sys_sendmsg+0x134/0x1d0
[  268.915116][ T7810]  ? __pfx____sys_sendmsg+0x10/0x10
[  268.915225][ T7810]  __sys_sendmsg+0x16d/0x220
[  268.915273][ T7810]  ? __pfx___sys_sendmsg+0x10/0x10
[  268.915318][ T7810]  ? __x64_sys_futex+0x1e0/0x4c0
[  268.915370][ T7810]  ? rcu_is_watching+0x12/0xc0
[  268.915417][ T7810]  do_syscall_64+0xcd/0x230
[  268.915471][ T7810]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  268.915505][ T7810] RIP: 0033:0x7fdd5258e969
[  268.915531][ T7810] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  268.915563][ T7810] RSP: 002b:00007fdd534d6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  268.915596][ T7810] RAX: ffffffffffffffda RBX: 00007fdd527b5fa0 RCX: 00007fdd5258e969
[  268.915618][ T7810] RDX: 00000000040000c0 RSI: 0000200000000300 RDI: 0000000000000006
[  268.915638][ T7810] RBP: 00007fdd52610ab1 R08: 0000000000000000 R09: 0000000000000000
[  268.915658][ T7810] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  268.915678][ T7810] R13: 0000000000000000 R14: 00007fdd527b5fa0 R15: 00007ffdf9c6b078
[  268.915734][ T7810]  </TASK>
[  268.916612][ T7810] ieee80211 phy29: Failed to select rate control algorithm
[  270.570599][ T7831] Invalid ELF header magic: != ELF
[  270.825868][ T7814] FAULT_INJECTION: forcing a failure.
[  270.825868][ T7814] name failslab, interval 1, probability 0, space 0, times 0
[  271.109592][ T7814] CPU: 1 UID: 0 PID: 7814 Comm: syz.2.377 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) 
[  271.109640][ T7814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  271.109659][ T7814] Call Trace:
[  271.109670][ T7814]  <TASK>
[  271.109682][ T7814]  dump_stack_lvl+0x16c/0x1f0
[  271.109736][ T7814]  should_fail_ex+0x512/0x640
[  271.109775][ T7814]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  271.109821][ T7814]  should_failslab+0xc2/0x120
[  271.109876][ T7814]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  271.109915][ T7814]  ? __proc_create+0xc3/0x8c0
[  271.109955][ T7814]  ? __proc_create+0x2ce/0x8c0
[  271.110002][ T7814]  __proc_create+0x2ce/0x8c0
[  271.110043][ T7814]  ? __pfx___proc_create+0x10/0x10
[  271.110081][ T7814]  ? __register_sysctl_table+0x736/0x1900
[  271.110131][ T7814]  ? _raw_spin_unlock+0x28/0x50
[  271.110180][ T7814]  proc_create_reg+0x7d/0x180
[  271.110227][ T7814]  proc_create_net_data+0x8e/0x1b0
[  271.110271][ T7814]  ? __pfx_proc_create_net_data+0x10/0x10
[  271.110324][ T7814]  ? __pfx_arp_net_init+0x10/0x10
[  271.110357][ T7814]  arp_net_init+0x53/0x70
[  271.110385][ T7814]  ops_init+0x1df/0x5f0
[  271.110437][ T7814]  setup_net+0x21e/0x850
[  271.110490][ T7814]  ? __pfx_setup_net+0x10/0x10
[  271.110535][ T7814]  ? lockdep_init_map_type+0x5c/0x280
[  271.110585][ T7814]  ? __pfx_down_read_killable+0x10/0x10
[  271.110623][ T7814]  ? debug_mutex_init+0x37/0x70
[  271.110661][ T7814]  copy_net_ns+0x2a6/0x5f0
[  271.110718][ T7814]  create_new_namespaces+0x3ea/0xad0
[  271.110768][ T7814]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  271.110813][ T7814]  ksys_unshare+0x45b/0xa40
[  271.110872][ T7814]  ? __pfx_ksys_unshare+0x10/0x10
[  271.110920][ T7814]  ? xfd_validate_state+0x5d/0x180
[  271.110958][ T7814]  ? rcu_is_watching+0x12/0xc0
[  271.111003][ T7814]  __x64_sys_unshare+0x31/0x40
[  271.111052][ T7814]  do_syscall_64+0xcd/0x230
[  271.111105][ T7814]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  271.111139][ T7814] RIP: 0033:0x7f2ffad8e969
[  271.111164][ T7814] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  271.111198][ T7814] RSP: 002b:00007f2ff8bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  271.111229][ T7814] RAX: ffffffffffffffda RBX: 00007f2ffafb5fa0 RCX: 00007f2ffad8e969
[  271.111253][ T7814] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  271.111283][ T7814] RBP: 00007f2ffae10ab1 R08: 0000000000000000 R09: 0000000000000000
[  271.111303][ T7814] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  271.111323][ T7814] R13: 0000000000000000 R14: 00007f2ffafb5fa0 R15: 00007fff46886888
[  271.111366][ T7814]  </TASK>
[  274.482035][ T7875] FAULT_INJECTION: forcing a failure.
[  274.482035][ T7875] name failslab, interval 1, probability 0, space 0, times 0
[  274.525712][ T7875] CPU: 0 UID: 0 PID: 7875 Comm: syz.3.387 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) 
[  274.525762][ T7875] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  274.525782][ T7875] Call Trace:
[  274.525791][ T7875]  <TASK>
[  274.525802][ T7875]  dump_stack_lvl+0x16c/0x1f0
[  274.525850][ T7875]  should_fail_ex+0x512/0x640
[  274.525891][ T7875]  ? __kmalloc_node_noprof+0xc5/0x500
[  274.525932][ T7875]  should_failslab+0xc2/0x120
[  274.525970][ T7875]  __kmalloc_node_noprof+0xd8/0x500
[  274.526006][ T7875]  ? __vmalloc_node_range_noprof+0x3eb/0x1540
[  274.526040][ T7875]  __vmalloc_node_range_noprof+0x3eb/0x1540
[  274.526080][ T7875]  ? n_tty_open+0x1a/0x170
[  274.526115][ T7875]  ? __ldsem_down_write_nested+0x10e/0x850
[  274.526150][ T7875]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  274.526188][ T7875]  ? n_tty_open+0x1a/0x170
[  274.526219][ T7875]  vzalloc_noprof+0x6b/0x90
[  274.526246][ T7875]  ? n_tty_open+0x1a/0x170
[  274.526274][ T7875]  ? __pfx_n_tty_open+0x10/0x10
[  274.526303][ T7875]  n_tty_open+0x1a/0x170
[  274.526332][ T7875]  ? __pfx_n_tty_open+0x10/0x10
[  274.526362][ T7875]  tty_ldisc_open+0x9c/0x120
[  274.526402][ T7875]  tty_ldisc_setup+0x40/0x100
[  274.526445][ T7875]  tty_init_dev.part.0+0x1ec/0x500
[  274.526477][ T7875]  tty_open+0xa50/0xf90
[  274.526510][ T7875]  ? __pfx_tty_open+0x10/0x10
[  274.526538][ T7875]  ? chrdev_open+0x10b/0x6a0
[  274.526574][ T7875]  ? __pfx_tty_open+0x10/0x10
[  274.526601][ T7875]  chrdev_open+0x231/0x6a0
[  274.526633][ T7875]  ? __pfx_apparmor_file_open+0x10/0x10
[  274.526669][ T7875]  ? __pfx_chrdev_open+0x10/0x10
[  274.526703][ T7875]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  274.526754][ T7875]  do_dentry_open+0x741/0x1c10
[  274.526785][ T7875]  ? __pfx_chrdev_open+0x10/0x10
[  274.526823][ T7875]  vfs_open+0x82/0x3f0
[  274.526865][ T7875]  path_openat+0x1e5e/0x2d40
[  274.526914][ T7875]  ? __pfx_path_openat+0x10/0x10
[  274.526953][ T7875]  do_filp_open+0x20b/0x470
[  274.526983][ T7875]  ? __pfx_do_filp_open+0x10/0x10
[  274.527038][ T7875]  ? alloc_fd+0x471/0x7d0
[  274.527074][ T7875]  do_sys_openat2+0x11b/0x1d0
[  274.527113][ T7875]  ? __pfx_do_sys_openat2+0x10/0x10
[  274.527168][ T7875]  __x64_sys_openat+0x174/0x210
[  274.527208][ T7875]  ? __pfx___x64_sys_openat+0x10/0x10
[  274.527251][ T7875]  ? rcu_is_watching+0x12/0xc0
[  274.527288][ T7875]  do_syscall_64+0xcd/0x230
[  274.527331][ T7875]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  274.527359][ T7875] RIP: 0033:0x7f8fcb18e969
[  274.527381][ T7875] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  274.527408][ T7875] RSP: 002b:00007f8fcc076038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  274.527436][ T7875] RAX: ffffffffffffffda RBX: 00007f8fcb3b5fa0 RCX: 00007f8fcb18e969
[  274.527455][ T7875] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  274.527473][ T7875] RBP: 00007f8fcb210ab1 R08: 0000000000000000 R09: 0000000000000000
[  274.527490][ T7875] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000
[  274.527507][ T7875] R13: 0000000000000000 R14: 00007f8fcb3b5fa0 R15: 00007ffcf86790a8
[  274.527542][ T7875]  </TASK>
[  274.527560][ T7875] warn_alloc: 1 callbacks suppressed
[  274.527576][ T7875] syz.3.387: vmalloc error: size 12288, failed to allocated page array size 24, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  274.989195][ T7875] CPU: 0 UID: 0 PID: 7875 Comm: syz.3.387 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) 
[  274.989242][ T7875] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  274.989262][ T7875] Call Trace:
[  274.989272][ T7875]  <TASK>
[  274.989284][ T7875]  dump_stack_lvl+0x16c/0x1f0
[  274.989338][ T7875]  warn_alloc+0x248/0x3a0
[  274.989382][ T7875]  ? __pfx_warn_alloc+0x10/0x10
[  274.989417][ T7875]  ? dump_stack_lvl+0x1a1/0x1f0
[  274.989479][ T7875]  ? rcu_is_watching+0x12/0xc0
[  274.989515][ T7875]  ? __kmalloc_node_noprof+0x23b/0x500
[  274.989569][ T7875]  __vmalloc_node_range_noprof+0x1110/0x1540
[  274.989621][ T7875]  ? n_tty_open+0x1a/0x170
[  274.989664][ T7875]  ? __ldsem_down_write_nested+0x10e/0x850
[  274.989708][ T7875]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  274.989758][ T7875]  ? n_tty_open+0x1a/0x170
[  274.989798][ T7875]  vzalloc_noprof+0x6b/0x90
[  274.989831][ T7875]  ? n_tty_open+0x1a/0x170
[  274.989866][ T7875]  ? __pfx_n_tty_open+0x10/0x10
[  274.989908][ T7875]  n_tty_open+0x1a/0x170
[  274.989946][ T7875]  ? __pfx_n_tty_open+0x10/0x10
[  274.989983][ T7875]  tty_ldisc_open+0x9c/0x120
[  274.990033][ T7875]  tty_ldisc_setup+0x40/0x100
[  274.990087][ T7875]  tty_init_dev.part.0+0x1ec/0x500
[  274.990126][ T7875]  tty_open+0xa50/0xf90
[  274.990169][ T7875]  ? __pfx_tty_open+0x10/0x10
[  274.990205][ T7875]  ? chrdev_open+0x10b/0x6a0
[  274.990249][ T7875]  ? __pfx_tty_open+0x10/0x10
[  274.990284][ T7875]  chrdev_open+0x231/0x6a0
[  274.990321][ T7875]  ? __pfx_apparmor_file_open+0x10/0x10
[  274.990366][ T7875]  ? __pfx_chrdev_open+0x10/0x10
[  274.990409][ T7875]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  274.990472][ T7875]  do_dentry_open+0x741/0x1c10
[  274.990511][ T7875]  ? __pfx_chrdev_open+0x10/0x10
[  274.990559][ T7875]  vfs_open+0x82/0x3f0
[  274.990611][ T7875]  path_openat+0x1e5e/0x2d40
[  274.990665][ T7875]  ? __pfx_path_openat+0x10/0x10
[  274.990714][ T7875]  do_filp_open+0x20b/0x470
[  274.990751][ T7875]  ? __pfx_do_filp_open+0x10/0x10
[  274.990819][ T7875]  ? alloc_fd+0x471/0x7d0
[  274.990864][ T7875]  do_sys_openat2+0x11b/0x1d0
[  274.990919][ T7875]  ? __pfx_do_sys_openat2+0x10/0x10
[  274.990985][ T7875]  __x64_sys_openat+0x174/0x210
[  274.991036][ T7875]  ? __pfx___x64_sys_openat+0x10/0x10
[  274.991088][ T7875]  ? rcu_is_watching+0x12/0xc0
[  274.991134][ T7875]  do_syscall_64+0xcd/0x230
[  274.991187][ T7875]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  274.991221][ T7875] RIP: 0033:0x7f8fcb18e969
[  274.991248][ T7875] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  274.991281][ T7875] RSP: 002b:00007f8fcc076038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  274.991311][ T7875] RAX: ffffffffffffffda RBX: 00007f8fcb3b5fa0 RCX: 00007f8fcb18e969
[  274.991334][ T7875] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  274.991355][ T7875] RBP: 00007f8fcb210ab1 R08: 0000000000000000 R09: 0000000000000000
[  274.991375][ T7875] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000
[  274.991395][ T7875] R13: 0000000000000000 R14: 00007f8fcb3b5fa0 R15: 00007ffcf86790a8
[  274.991439][ T7875]  </TASK>
[  275.309088][ T7875] Mem-Info:
[  275.312251][ T7875] active_anon:31050 inactive_anon:1 isolated_anon:15
[  275.312251][ T7875]  active_file:12248 inactive_file:39657 isolated_file:0
[  275.312251][ T7875]  unevictable:1701 dirty:791 writeback:0
[  275.312251][ T7875]  slab_reclaimable:10119 slab_unreclaimable:97996
[  275.312251][ T7875]  mapped:32549 shmem:19291 pagetables:898
[  275.312251][ T7875]  sec_pagetables:0 bounce:0
[  275.312251][ T7875]  kernel_misc_reclaimable:0
[  275.312251][ T7875]  free:1294675 free_pcp:5168 free_cma:0
[  275.358412][ T7875] Node 0 active_anon:124148kB inactive_anon:4kB active_file:48992kB inactive_file:158552kB unevictable:5268kB isolated(anon):60kB isolated(file):0kB mapped:130196kB dirty:3160kB writeback:0kB shmem:75628kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:2048kB writeback_tmp:0kB kernel_stack:11148kB pagetables:3576kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  275.444003][ T7875] Node 1 active_anon:52kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:16kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  275.580776][ T7875] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  275.616795][ T7875] lowmem_reserve[]: 0 2482 2483 2483 2483
[  275.622681][ T7875] Node 0 DMA32 free:1281868kB boost:0kB min:34092kB low:42612kB high:51132kB reserved_highatomic:0KB active_anon:122488kB inactive_anon:4kB active_file:48968kB inactive_file:157000kB unevictable:5200kB writepending:3212kB present:3129332kB managed:2541748kB mlocked:3664kB bounce:0kB free_pcp:2984kB local_pcp:312kB free_cma:0kB
[  275.654507][ T7875] lowmem_reserve[]: 0 0 1 1 1
[  275.681286][ T7875] Node 0 Normal free:8kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1588kB unevictable:0kB writepending:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  275.799578][ T7875] lowmem_reserve[]: 0 0 0 0 0
[  275.804420][ T7875] Node 1 Normal free:3884952kB boost:0kB min:55784kB low:69728kB high:83672kB reserved_highatomic:0KB active_anon:68kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:17420kB local_pcp:10344kB free_cma:0kB
[  275.904923][ T7875] lowmem_reserve[]: 0 0 0 0 0
[  275.913909][ T7875] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  275.980697][ T7875] Node 0 DMA32: 387*4kB (UME) 383*8kB (UME) 558*16kB (UME) 158*32kB (UME) 53*64kB (UME) 32*128kB (UME) 103*256kB (UME) 63*512kB (UME) 17*1024kB (UM) 2*2048kB (ME) 287*4096kB (UM) = 1281764kB
[  276.025366][ T7875] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB
[  276.078708][ T7875] Node 1 Normal: 168*4kB (UE) 41*8kB (UE) 43*16kB (UE) 202*32kB (UE) 95*64kB (UE) 34*128kB (UME) 17*256kB (UME) 7*512kB (UME) 2*1024kB (UM) 1*2048kB (E) 941*4096kB (M) = 3884952kB
[  276.131209][ T7875] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  276.161449][ T7875] Node 0 hugepages_total=5 hugepages_free=0 hugepages_surp=2 hugepages_size=2048kB
[  276.208068][ T7875] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  276.227979][ T7875] Node 1 hugepages_total=2 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  276.252764][ T7875] 69008 total pagecache pages
[  276.257625][ T7875] 67 pages in swap cache
[  276.264384][ T7875] Free swap  = 123204kB
[  276.268686][ T7875] Total swap = 124996kB
[  276.275402][ T7875] 2097051 pages RAM
[  276.331775][ T7875] 0 pages HighMem/MovableOnly
[  276.336524][ T7875] 429572 pages reserved
[  276.375664][ T7875] 0 pages cma reserved
[  276.391268][ T7875] tty tty26: ldisc open failed (-12), clearing slot 25
[  277.199597][ T7884] ptrace attach of "./syz-executor exec"[6637] was attempted by "./syz-executor exec"[7884]
[  279.980388][ T7905] FAULT_INJECTION: forcing a failure.
[  279.980388][ T7905] name failslab, interval 1, probability 0, space 0, times 0
[  280.019148][ T7905] CPU: 1 UID: 0 PID: 7905 Comm: syz.4.392 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) 
[  280.019198][ T7905] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  280.019218][ T7905] Call Trace:
[  280.019229][ T7905]  <TASK>
[  280.019250][ T7905]  dump_stack_lvl+0x16c/0x1f0
[  280.019303][ T7905]  should_fail_ex+0x512/0x640
[  280.019342][ T7905]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[  280.019391][ T7905]  should_failslab+0xc2/0x120
[  280.019435][ T7905]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  280.019480][ T7905]  ? devinet_init_net+0x9c/0x910
[  280.019532][ T7905]  ? __pfx_devinet_init_net+0x10/0x10
[  280.019581][ T7905]  kmemdup_noprof+0x29/0x60
[  280.019625][ T7905]  devinet_init_net+0x9c/0x910
[  280.019676][ T7905]  ? __pfx_devinet_init_net+0x10/0x10
[  280.019724][ T7905]  ops_init+0x1df/0x5f0
[  280.019774][ T7905]  setup_net+0x21e/0x850
[  280.019824][ T7905]  ? __pfx_setup_net+0x10/0x10
[  280.019867][ T7905]  ? lockdep_init_map_type+0x5c/0x280
[  280.019916][ T7905]  ? __pfx_down_read_killable+0x10/0x10
[  280.019951][ T7905]  ? debug_mutex_init+0x37/0x70
[  280.019990][ T7905]  copy_net_ns+0x2a6/0x5f0
[  280.020044][ T7905]  create_new_namespaces+0x3ea/0xad0
[  280.020093][ T7905]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  280.020136][ T7905]  ksys_unshare+0x45b/0xa40
[  280.020183][ T7905]  ? __pfx_ksys_unshare+0x10/0x10
[  280.020231][ T7905]  ? ksys_mmap_pgoff+0x85/0x5c0
[  280.020290][ T7905]  ? v4l2_ioctl+0x1c5/0x250
[  280.020350][ T7905]  __x64_sys_unshare+0x31/0x40
[  280.020397][ T7905]  do_syscall_64+0xcd/0x230
[  280.020448][ T7905]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  280.020481][ T7905] RIP: 0033:0x7fdd5258e969
[  280.020507][ T7905] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  280.020540][ T7905] RSP: 002b:00007fdd534d6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  280.020571][ T7905] RAX: ffffffffffffffda RBX: 00007fdd527b5fa0 RCX: 00007fdd5258e969
[  280.020592][ T7905] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  280.020612][ T7905] RBP: 00007fdd52610ab1 R08: 0000000000000000 R09: 0000000000000000
[  280.020631][ T7905] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  280.020651][ T7905] R13: 0000000000000000 R14: 00007fdd527b5fa0 R15: 00007ffdf9c6b078
[  280.020691][ T7905]  </TASK>
[  280.744698][ T7925] Invalid ELF header magic: != ELF
[  285.671314][ T7983] FAULT_INJECTION: forcing a failure.
[  285.671314][ T7983] name failslab, interval 1, probability 0, space 0, times 0
[  285.709307][ T7983] CPU: 0 UID: 0 PID: 7983 Comm: syz.3.406 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) 
[  285.709354][ T7983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  285.709373][ T7983] Call Trace:
[  285.709382][ T7983]  <TASK>
[  285.709394][ T7983]  dump_stack_lvl+0x16c/0x1f0
[  285.709444][ T7983]  should_fail_ex+0x512/0x640
[  285.709479][ T7983]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  285.709520][ T7983]  should_failslab+0xc2/0x120
[  285.709561][ T7983]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  285.709598][ T7983]  ? prepare_creds+0x2c/0x7d0
[  285.709654][ T7983]  prepare_creds+0x2c/0x7d0
[  285.709702][ T7983]  cap_task_prctl+0x648/0xa80
[  285.709737][ T7983]  security_task_prctl+0xbf/0x160
[  285.709792][ T7983]  __do_sys_prctl+0xaa/0x24a0
[  285.709825][ T7983]  ? __pfx___do_sys_prctl+0x10/0x10
[  285.709853][ T7983]  ? __pfx___x64_sys_clock_gettime+0x10/0x10
[  285.709920][ T7983]  do_syscall_64+0xcd/0x230
[  285.709968][ T7983]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  285.709999][ T7983] RIP: 0033:0x7f8fcb18e969
[  285.710023][ T7983] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  285.710053][ T7983] RSP: 002b:00007f8fcc076038 EFLAGS: 00000246 ORIG_RAX: 000000000000009d
[  285.710082][ T7983] RAX: ffffffffffffffda RBX: 00007f8fcb3b5fa0 RCX: 00007f8fcb18e969
[  285.710103][ T7983] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000000000000008
[  285.710122][ T7983] RBP: 00007f8fcb210ab1 R08: 0000000000000005 R09: 0000000000000000
[  285.710141][ T7983] R10: 0000000000000009 R11: 0000000000000246 R12: 0000000000000000
[  285.710160][ T7983] R13: 0000000000000000 R14: 00007f8fcb3b5fa0 R15: 00007ffcf86790a8
[  285.710198][ T7983]  </TASK>
[  287.044918][ T7995] Invalid ELF header magic: != ELF
[  288.927314][ T8013] FAULT_INJECTION: forcing a failure.
[  288.927314][ T8013] name failslab, interval 1, probability 0, space 0, times 0
[  288.954792][ T8013] CPU: 1 UID: 0 PID: 8013 Comm: syz.3.410 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) 
[  288.954841][ T8013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  288.954861][ T8013] Call Trace:
[  288.954872][ T8013]  <TASK>
[  288.954884][ T8013]  dump_stack_lvl+0x16c/0x1f0
[  288.954937][ T8013]  should_fail_ex+0x512/0x640
[  288.954972][ T8013]  ? __kmalloc_node_noprof+0xc5/0x500
[  288.955015][ T8013]  should_failslab+0xc2/0x120
[  288.955055][ T8013]  __kmalloc_node_noprof+0xd8/0x500
[  288.955096][ T8013]  ? __vmalloc_node_range_noprof+0x3eb/0x1540
[  288.955134][ T8013]  __vmalloc_node_range_noprof+0x3eb/0x1540
[  288.955179][ T8013]  ? n_tty_open+0x1a/0x170
[  288.955216][ T8013]  ? __ldsem_down_write_nested+0x10e/0x850
[  288.955253][ T8013]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  288.955297][ T8013]  ? n_tty_open+0x1a/0x170
[  288.955332][ T8013]  vzalloc_noprof+0x6b/0x90
[  288.955361][ T8013]  ? n_tty_open+0x1a/0x170
[  288.955392][ T8013]  ? __pfx_n_tty_open+0x10/0x10
[  288.955424][ T8013]  n_tty_open+0x1a/0x170
[  288.955457][ T8013]  ? __pfx_n_tty_open+0x10/0x10
[  288.955491][ T8013]  tty_ldisc_open+0x9c/0x120
[  288.955535][ T8013]  tty_ldisc_setup+0x40/0x100
[  288.955581][ T8013]  tty_init_dev.part.0+0x1ec/0x500
[  288.955618][ T8013]  tty_open+0xa50/0xf90
[  288.955667][ T8013]  ? __pfx_tty_open+0x10/0x10
[  288.955698][ T8013]  ? chrdev_open+0x10b/0x6a0
[  288.955738][ T8013]  ? __pfx_tty_open+0x10/0x10
[  288.955770][ T8013]  chrdev_open+0x231/0x6a0
[  288.955805][ T8013]  ? __pfx_apparmor_file_open+0x10/0x10
[  288.955846][ T8013]  ? __pfx_chrdev_open+0x10/0x10
[  288.955886][ T8013]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  288.955943][ T8013]  do_dentry_open+0x741/0x1c10
[  288.955979][ T8013]  ? __pfx_chrdev_open+0x10/0x10
[  288.956023][ T8013]  vfs_open+0x82/0x3f0
[  288.956071][ T8013]  path_openat+0x1e5e/0x2d40
[  288.956117][ T8013]  ? __pfx_path_openat+0x10/0x10
[  288.956159][ T8013]  do_filp_open+0x20b/0x470
[  288.956193][ T8013]  ? __pfx_do_filp_open+0x10/0x10
[  288.956255][ T8013]  ? alloc_fd+0x471/0x7d0
[  288.956295][ T8013]  do_sys_openat2+0x11b/0x1d0
[  288.956339][ T8013]  ? __pfx_do_sys_openat2+0x10/0x10
[  288.956400][ T8013]  __x64_sys_openat+0x174/0x210
[  288.956444][ T8013]  ? __pfx___x64_sys_openat+0x10/0x10
[  288.956490][ T8013]  ? rcu_is_watching+0x12/0xc0
[  288.956532][ T8013]  do_syscall_64+0xcd/0x230
[  288.956582][ T8013]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  288.956635][ T8013] RIP: 0033:0x7f8fcb18e969
[  288.956660][ T8013] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  288.956691][ T8013] RSP: 002b:00007f8fcc076038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  288.956720][ T8013] RAX: ffffffffffffffda RBX: 00007f8fcb3b5fa0 RCX: 00007f8fcb18e969
[  288.956740][ T8013] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  288.956760][ T8013] RBP: 00007f8fcb210ab1 R08: 0000000000000000 R09: 0000000000000000
[  288.956778][ T8013] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000
[  288.956796][ T8013] R13: 0000000000000000 R14: 00007f8fcb3b5fa0 R15: 00007ffcf86790a8
[  288.956835][ T8013]  </TASK>
[  288.957830][ T8013] syz.3.410: vmalloc error: size 12288, failed to allocated page array size 24, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  289.377437][ T8013] CPU: 1 UID: 0 PID: 8013 Comm: syz.3.410 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) 
[  289.377485][ T8013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  289.377505][ T8013] Call Trace:
[  289.377516][ T8013]  <TASK>
[  289.377528][ T8013]  dump_stack_lvl+0x16c/0x1f0
[  289.377581][ T8013]  warn_alloc+0x248/0x3a0
[  289.377632][ T8013]  ? __pfx_warn_alloc+0x10/0x10
[  289.377668][ T8013]  ? kasan_quarantine_reduce+0x1b9/0x1e0
[  289.377721][ T8013]  ? rcu_is_watching+0x12/0xc0
[  289.377756][ T8013]  ? __kmalloc_node_noprof+0x23b/0x500
[  289.377809][ T8013]  __vmalloc_node_range_noprof+0x1110/0x1540
[  289.377859][ T8013]  ? n_tty_open+0x1a/0x170
[  289.377902][ T8013]  ? __ldsem_down_write_nested+0x10e/0x850
[  289.377945][ T8013]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  289.377992][ T8013]  ? n_tty_open+0x1a/0x170
[  289.378031][ T8013]  vzalloc_noprof+0x6b/0x90
[  289.378063][ T8013]  ? n_tty_open+0x1a/0x170
[  289.378098][ T8013]  ? __pfx_n_tty_open+0x10/0x10
[  289.378132][ T8013]  n_tty_open+0x1a/0x170
[  289.378169][ T8013]  ? __pfx_n_tty_open+0x10/0x10
[  289.378205][ T8013]  tty_ldisc_open+0x9c/0x120
[  289.378253][ T8013]  tty_ldisc_setup+0x40/0x100
[  289.378305][ T8013]  tty_init_dev.part.0+0x1ec/0x500
[  289.378343][ T8013]  tty_open+0xa50/0xf90
[  289.378385][ T8013]  ? __pfx_tty_open+0x10/0x10
[  289.378418][ T8013]  ? chrdev_open+0x10b/0x6a0
[  289.378462][ T8013]  ? __pfx_tty_open+0x10/0x10
[  289.378495][ T8013]  chrdev_open+0x231/0x6a0
[  289.378531][ T8013]  ? __pfx_apparmor_file_open+0x10/0x10
[  289.378575][ T8013]  ? __pfx_chrdev_open+0x10/0x10
[  289.378623][ T8013]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  289.378684][ T8013]  do_dentry_open+0x741/0x1c10
[  289.378721][ T8013]  ? __pfx_chrdev_open+0x10/0x10
[  289.378768][ T8013]  vfs_open+0x82/0x3f0
[  289.378819][ T8013]  path_openat+0x1e5e/0x2d40
[  289.378871][ T8013]  ? __pfx_path_openat+0x10/0x10
[  289.378918][ T8013]  do_filp_open+0x20b/0x470
[  289.378953][ T8013]  ? __pfx_do_filp_open+0x10/0x10
[  289.379023][ T8013]  ? alloc_fd+0x471/0x7d0
[  289.379065][ T8013]  do_sys_openat2+0x11b/0x1d0
[  289.379109][ T8013]  ? __pfx_do_sys_openat2+0x10/0x10
[  289.379175][ T8013]  __x64_sys_openat+0x174/0x210
[  289.379223][ T8013]  ? __pfx___x64_sys_openat+0x10/0x10
[  289.379274][ T8013]  ? rcu_is_watching+0x12/0xc0
[  289.379319][ T8013]  do_syscall_64+0xcd/0x230
[  289.379371][ T8013]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  289.379405][ T8013] RIP: 0033:0x7f8fcb18e969
[  289.379430][ T8013] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  289.379462][ T8013] RSP: 002b:00007f8fcc076038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  289.379493][ T8013] RAX: ffffffffffffffda RBX: 00007f8fcb3b5fa0 RCX: 00007f8fcb18e969
[  289.379514][ T8013] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  289.379536][ T8013] RBP: 00007f8fcb210ab1 R08: 0000000000000000 R09: 0000000000000000
[  289.379556][ T8013] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000
[  289.379576][ T8013] R13: 0000000000000000 R14: 00007f8fcb3b5fa0 R15: 00007ffcf86790a8
[  289.379626][ T8013]  </TASK>
[  289.701762][ T8013] Mem-Info:
[  289.705064][ T8013] active_anon:25102 inactive_anon:2 isolated_anon:600
[  289.705064][ T8013]  active_file:14496 inactive_file:43275 isolated_file:0
[  289.705064][ T8013]  unevictable:1684 dirty:4189 writeback:0
[  289.705064][ T8013]  slab_reclaimable:10306 slab_unreclaimable:98248
[  289.705064][ T8013]  mapped:38265 shmem:9217 pagetables:899
[  289.705064][ T8013]  sec_pagetables:0 bounce:0
[  289.705064][ T8013]  kernel_misc_reclaimable:0
[  289.705064][ T8013]  free:1293866 free_pcp:6609 free_cma:0
[  289.966587][ T8013] Node 0 active_anon:98608kB inactive_anon:8kB active_file:57984kB inactive_file:173024kB unevictable:5200kB isolated(anon):1900kB isolated(file):0kB mapped:153060kB dirty:14800kB writeback:2048kB shmem:33232kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11072kB pagetables:3596kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  290.031346][ T8013] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  290.062835][ T8013] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  290.091468][ T8013] lowmem_reserve[]: 0 2482 2483 2483 2483
[  290.097335][ T8013] Node 0 DMA32 free:1281768kB boost:0kB min:34092kB low:42612kB high:51132kB reserved_highatomic:0KB active_anon:98784kB inactive_anon:8kB active_file:57984kB inactive_file:171444kB unevictable:5200kB writepending:16920kB present:3129332kB managed:2541748kB mlocked:3664kB bounce:0kB free_pcp:5856kB local_pcp:3124kB free_cma:0kB
[  290.148406][ T8013] lowmem_reserve[]: 0 0 1 1 1
[  290.153425][ T8013] Node 0 Normal free:8kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1588kB unevictable:0kB writepending:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  290.269130][ T8013] lowmem_reserve[]: 0 0 0 0 0
[  290.294295][ T8013] Node 1 Normal free:3882884kB boost:0kB min:55784kB low:69728kB high:83672kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:19540kB local_pcp:6004kB free_cma:0kB
[  290.399091][ T8013] lowmem_reserve[]: 0 0 0 0 0
[  290.403948][ T8013] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  290.485989][ T8013] Node 0 DMA32: 1189*4kB (UME) 796*8kB (UM) 873*16kB (UME) 614*32kB (UME) 235*64kB (UME) 25*128kB (UME) 56*256kB (UME) 62*512kB (UME) 17*1024kB (M) 3*2048kB (UME) 284*4096kB (UM) = 1295876kB
[  290.603339][ T8013] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB
[  290.639099][ T8013] Node 1 Normal: 234*4kB (UME) 42*8kB (UME) 48*16kB (UME) 204*32kB (UME) 97*64kB (UME) 34*128kB (UME) 17*256kB (UME) 6*512kB (UE) 2*1024kB (UM) 2*2048kB (ME) 940*4096kB (M) = 3882936kB
[  290.722108][ T8013] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  290.759111][ T8013] Node 0 hugepages_total=5 hugepages_free=0 hugepages_surp=2 hugepages_size=2048kB
[  290.769265][ T8013] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  290.778873][ T8013] Node 1 hugepages_total=2 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  290.826264][ T8013] 63165 total pagecache pages
[  290.848568][ T8013] 5 pages in swap cache
[  290.858634][ T8013] Free swap  = 124988kB
[  290.883856][ T8013] Total swap = 124996kB
[  290.888092][ T8013] 2097051 pages RAM
[  290.894020][ T8013] 0 pages HighMem/MovableOnly
[  290.904176][ T8013] 429572 pages reserved
[  290.908398][ T8013] 0 pages cma reserved
[  290.930244][ T8013] tty tty26: ldisc open failed (-12), clearing slot 25
[  291.755115][ T8032] ptrace attach of "./syz-executor exec"[6637] was attempted by "./syz-executor exec"[8032]
[  292.675236][ T8039] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7fe00
[  292.684976][ T8039] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  292.714510][ T8039] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  292.753516][ T8039] page_type: f5(slab)
[  292.760814][ T8039] raw: 00fff00000000040 ffff88801b442140 dead000000000122 0000000000000000
[  292.799198][ T8039] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[  292.828343][ T8039] head: 00fff00000000040 ffff88801b442140 dead000000000122 0000000000000000
[  292.856810][ T8039] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[  292.916592][ T8039] head: 00fff00000000003 ffffea0001ff8001 00000000ffffffff 00000000ffffffff
[  292.978486][ T8041] could not allocate digest TFM handle binfmt_misc
[  293.042919][ T8039] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  293.106905][ T8039] page dumped because: unmovable page
[  293.131293][ T8039] page_owner tracks the page as allocated
[  293.158359][ T8039] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 3066, tgid 3066 (kworker/u8:6), ts 289812789026, free_ts 289780072124
[  293.230345][ T8039]  post_alloc_hook+0x181/0x1b0
[  293.266139][ T8039]  get_page_from_freelist+0x135c/0x3920
[  293.316228][ T8039]  __alloc_frozen_pages_noprof+0x263/0x23a0
[  293.352018][ T8039]  alloc_pages_mpol+0x1fb/0x550
[  293.367204][ T8039]  new_slab+0x244/0x340
[  293.404798][ T8039]  ___slab_alloc+0xd9c/0x1940
[  293.425975][ T8039]  __slab_alloc.constprop.0+0x56/0xb0
[  293.509347][ T8039]  __kmalloc_node_track_caller_noprof+0x2ee/0x510
[  293.526229][ T8039]  kmalloc_reserve+0xef/0x2c0
[  293.566025][ T8039]  __alloc_skb+0x166/0x380
[  293.576166][ T8039]  nsim_dev_trap_report_work+0x2b1/0xcf0
[  293.613101][ T8039]  process_one_work+0x9cc/0x1b70
[  293.649260][ T8039]  worker_thread+0x6c8/0xf10
[  293.664168][ T8039]  kthread+0x3c2/0x780
[  293.668366][ T8039]  ret_from_fork+0x45/0x80
[  293.689184][ T8039]  ret_from_fork_asm+0x1a/0x30
[  293.702464][ T8039] page last free pid 5211 tgid 5211 stack trace:
[  293.729887][ T8039]  __free_frozen_pages+0x69d/0xff0
[  293.735105][ T8039]  __put_partials+0x16d/0x1c0
[  293.774615][ T8039]  qlist_free_all+0x4e/0x120
[  293.794898][ T8039]  kasan_quarantine_reduce+0x195/0x1e0
[  293.810730][ T8039]  __kasan_slab_alloc+0x69/0x90
[  293.851779][ T8039]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[  293.876460][ T8039]  getname_flags.part.0+0x4c/0x550
[  293.891233][ T8039]  __x64_sys_unlink+0xb0/0x110
[  293.911244][ T8039]  do_syscall_64+0xcd/0x230
[  293.929202][ T8039]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  294.758441][ T8063] Invalid ELF header magic: != ELF
[  298.216750][ T8106] FAULT_INJECTION: forcing a failure.
[  298.216750][ T8106] name failslab, interval 1, probability 0, space 0, times 0
[  298.524128][ T8106] CPU: 1 UID: 0 PID: 8106 Comm: syz.2.425 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) 
[  298.524182][ T8106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  298.524204][ T8106] Call Trace:
[  298.524214][ T8106]  <TASK>
[  298.524228][ T8106]  dump_stack_lvl+0x16c/0x1f0
[  298.524286][ T8106]  should_fail_ex+0x512/0x640
[  298.524334][ T8106]  should_failslab+0xc2/0x120
[  298.524380][ T8106]  __kmalloc_cache_noprof+0x6a/0x3e0
[  298.524418][ T8106]  ? minstrel_ht_alloc+0x4f/0x980
[  298.524476][ T8106]  minstrel_ht_alloc+0x4f/0x980
[  298.524537][ T8106]  ieee80211_init_rate_ctrl_alg+0x209/0x6b0
[  298.524598][ T8106]  ieee80211_register_hw+0x20aa/0x4020
[  298.524638][ T8106]  ? __pfx__raw_spin_unlock_bh+0x1/0x10
[  298.524683][ T8106]  ? __debug_object_init+0x231/0x3d0
[  298.524738][ T8106]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  298.524779][ T8106]  ? find_held_lock+0x2b/0x80
[  298.524817][ T8106]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  298.524868][ T8106]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  298.524922][ T8106]  ? __hrtimer_setup+0x176/0x280
[  298.524979][ T8106]  mac80211_hwsim_new_radio+0x3034/0x54d0
[  298.525059][ T8106]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  298.525122][ T8106]  hwsim_new_radio_nl+0xb51/0x12c0
[  298.525170][ T8106]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  298.525228][ T8106]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  298.525288][ T8106]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  298.525357][ T8106]  genl_family_rcv_msg_doit+0x206/0x2f0
[  298.525394][ T8106]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  298.525451][ T8106]  ? trace_cap_capable+0x18d/0x200
[  298.525497][ T8106]  ? bpf_lsm_capable+0x9/0x10
[  298.525534][ T8106]  ? security_capable+0x7e/0x260
[  298.525569][ T8106]  ? ns_capable+0xd7/0x110
[  298.525612][ T8106]  genl_rcv_msg+0x55c/0x800
[  298.525649][ T8106]  ? __pfx_genl_rcv_msg+0x10/0x10
[  298.525680][ T8106]  ? __pfx___dev_queue_xmit+0x10/0x10
[  298.525719][ T8106]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  298.525765][ T8106]  ? __lock_acquire+0xaa4/0x1ba0
[  298.525820][ T8106]  netlink_rcv_skb+0x16a/0x440
[  298.525869][ T8106]  ? __pfx_genl_rcv_msg+0x10/0x10
[  298.525903][ T8106]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  298.525975][ T8106]  ? __pfx_down_read+0x10/0x10
[  298.526013][ T8106]  ? netlink_deliver_tap+0x1ae/0xd30
[  298.526067][ T8106]  genl_rcv+0x28/0x40
[  298.526117][ T8106]  netlink_unicast+0x53a/0x7f0
[  298.526172][ T8106]  ? __pfx_netlink_unicast+0x10/0x10
[  298.526219][ T8106]  ? __lock_acquire+0xaa4/0x1ba0
[  298.526277][ T8106]  netlink_sendmsg+0x8d1/0xdd0
[  298.526335][ T8106]  ? __pfx_netlink_sendmsg+0x10/0x10
[  298.526402][ T8106]  ____sys_sendmsg+0xa95/0xc70
[  298.526436][ T8106]  ? copy_msghdr_from_user+0x10a/0x160
[  298.526482][ T8106]  ? __pfx_____sys_sendmsg+0x10/0x10
[  298.526536][ T8106]  ___sys_sendmsg+0x134/0x1d0
[  298.526585][ T8106]  ? __pfx____sys_sendmsg+0x10/0x10
[  298.526686][ T8106]  __sys_sendmsg+0x16d/0x220
[  298.526732][ T8106]  ? __pfx___sys_sendmsg+0x10/0x10
[  298.526777][ T8106]  ? __x64_sys_futex+0x1e0/0x4c0
[  298.526829][ T8106]  ? rcu_is_watching+0x12/0xc0
[  298.526876][ T8106]  do_syscall_64+0xcd/0x230
[  298.526929][ T8106]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  298.526962][ T8106] RIP: 0033:0x7f2ffad8e969
[  298.526995][ T8106] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  298.527029][ T8106] RSP: 002b:00007f2ff8bf6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  298.527062][ T8106] RAX: ffffffffffffffda RBX: 00007f2ffafb5fa0 RCX: 00007f2ffad8e969
[  298.527085][ T8106] RDX: 00000000040000c0 RSI: 0000200000000300 RDI: 0000000000000006
[  298.527106][ T8106] RBP: 00007f2ffae10ab1 R08: 0000000000000000 R09: 0000000000000000
[  298.527127][ T8106] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  298.527147][ T8106] R13: 0000000000000000 R14: 00007f2ffafb5fa0 R15: 00007fff46886888
[  298.527191][ T8106]  </TASK>
[  298.528224][ T8106] ieee80211 phy33: Failed to select rate control algorithm
[  306.434245][ T8218] usb usb38: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  306.513472][ T8218] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[  308.397424][ T8239] vivid-003: =================  START STATUS  =================
[  308.408678][ T8239] vivid-003: Radio HW Seek Mode: Bounded
[  308.415422][ T8239] vivid-003: Radio Programmable HW Seek: false
[  308.422133][ T8239] vivid-003: RDS Rx I/O Mode: Block I/O
[  308.440976][ T8239] vivid-003: Generate RBDS Instead of RDS: false
[  308.525089][ T8239] vivid-003: RDS Reception: true
[  308.602397][ T8239] vivid-003: RDS Program Type: 0 inactive
[  308.645760][ T8239] vivid-003: RDS PS Name:  inactive
[  308.654638][ T8239] vivid-003: RDS Radio Text:  inactive
[  308.660625][ T8239] vivid-003: RDS Traffic Announcement: false inactive
[  308.668423][ T8239] vivid-003: RDS Traffic Program: false inactive
[  308.693397][ T8239] vivid-003: RDS Music: false inactive
[  308.731536][ T8239] vivid-003: ==================  END STATUS  ==================
[  310.209412][ T8277] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7fe00
[  310.264102][ T8277] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  310.273466][ T8277] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  310.285025][ T8277] page_type: f5(slab)
[  310.297935][ T8273] usb usb38: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  310.304185][ T8277] raw: 00fff00000000040 ffff88801b442140 0000000000000000 dead000000000001
[  310.341554][ T8277] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[  310.351624][ T8277] head: 00fff00000000040 ffff88801b442140 0000000000000000 dead000000000001
[  310.360841][ T8277] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[  310.370241][ T8277] head: 00fff00000000003 ffffea0001ff8001 00000000ffffffff 00000000ffffffff
[  310.378994][ T8277] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  310.380466][ T8273] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[  310.483117][ T8277] page dumped because: unmovable page
[  310.523721][ T8277] page_owner tracks the page as allocated
[  310.666087][ T8277] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 3066, tgid 3066 (kworker/u8:6), ts 289812789026, free_ts 289780072124
[  310.788748][ T8279] could not allocate digest TFM handle binfmt_misc
[  310.791121][ T8277]  post_alloc_hook+0x181/0x1b0
[  310.899157][ T8277]  get_page_from_freelist+0x135c/0x3920
[  310.936320][ T8277]  __alloc_frozen_pages_noprof+0x263/0x23a0
[  310.975328][ T8277]  alloc_pages_mpol+0x1fb/0x550
[  311.052963][ T8277]  new_slab+0x244/0x340
[  311.057225][ T8277]  ___slab_alloc+0xd9c/0x1940
[  311.064095][ T8277]  __slab_alloc.constprop.0+0x56/0xb0
[  311.072271][ T8277]  __kmalloc_node_track_caller_noprof+0x2ee/0x510
[  311.078883][ T8277]  kmalloc_reserve+0xef/0x2c0
[  311.083723][ T8277]  __alloc_skb+0x166/0x380
[  311.088199][ T8277]  nsim_dev_trap_report_work+0x2b1/0xcf0
[  311.094262][ T8277]  process_one_work+0x9cc/0x1b70
[  311.114891][ T8277]  worker_thread+0x6c8/0xf10
[  311.199231][ T8277]  kthread+0x3c2/0x780
[  311.203412][ T8277]  ret_from_fork+0x45/0x80
[  311.207877][ T8277]  ret_from_fork_asm+0x1a/0x30
[  311.222128][ T8277] page last free pid 5211 tgid 5211 stack trace:
[  311.228538][ T8277]  __free_frozen_pages+0x69d/0xff0
[  311.384825][ T8277]  __put_partials+0x16d/0x1c0
[  311.445317][ T8277]  qlist_free_all+0x4e/0x120
[  311.563849][ T8277]  kasan_quarantine_reduce+0x195/0x1e0
[  311.661759][ T8277]  __kasan_slab_alloc+0x69/0x90
[  311.666777][ T8277]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[  311.674880][ T8277]  getname_flags.part.0+0x4c/0x550
[  311.690852][ T8277]  __x64_sys_unlink+0xb0/0x110
[  311.695819][ T8277]  do_syscall_64+0xcd/0x230
[  311.700534][ T8277]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  315.453221][ T8344] netlink: 28 bytes leftover after parsing attributes in process `syz.3.472'.
[  315.493640][ T8344] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  315.530344][ T8344] batman_adv: batadv0: Removing interface: batadv_slave_0
[  315.562903][ T8344] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  315.589423][ T8344] batman_adv: batadv0: Removing interface: batadv_slave_1
[  315.971816][   T31] INFO: task syz.0.105:6471 blocked for more than 143 seconds.
[  315.980218][   T31]       Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0
[  315.992929][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  316.005712][ T8356] usbip-vudc usbip-vudc.0: gadget not bound
[  316.033131][   T31] task:syz.0.105       state:D stack:28344 pid:6471  tgid:6465  ppid:5839   task_flags:0x400140 flags:0x00024004
[  316.081354][   T31] Call Trace:
[  316.091571][   T31]  <TASK>
[  316.099478][   T31]  __schedule+0x116f/0x5de0
[  316.112438][   T31]  ? __lock_acquire+0x5ca/0x1ba0
[  316.125651][   T31]  ? __pfx___schedule+0x10/0x10
[  316.142931][   T31]  ? find_held_lock+0x2b/0x80
[  316.157254][   T31]  ? schedule+0x2d7/0x3a0
[  316.168935][   T31]  schedule+0xe7/0x3a0
[  316.179909][   T31]  schedule_preempt_disabled+0x13/0x30
[  316.195573][   T31]  rwsem_down_read_slowpath+0x62f/0xb60
[  316.216096][   T31]  ? __pfx_rwsem_down_read_slowpath+0x10/0x10
[  316.231245][   T31]  ? __pfx___might_resched+0x10/0x10
[  316.249188][   T31]  down_read+0xef/0x480
[  316.253432][   T31]  ? down_read_trylock+0x348/0x3f0
[  316.258623][   T31]  ? __pfx_down_read+0x10/0x10
[  316.279077][   T31]  __rmap_walk_file+0x50c/0x620
[  316.333346][   T31]  rmap_walk_file+0x174/0x1f0
[  316.338114][   T31]  ? _raw_spin_unlock_irq+0x2e/0x50
[  316.366608][   T31]  rmap_walk+0x7a/0xd0
[  316.392718][   T31]  remove_migration_ptes+0x11d/0x1b0
[  316.398126][   T31]  ? __pfx_remove_migration_ptes+0x10/0x10
[  316.409383][   T31]  ? find_held_lock+0x2b/0x80
[  316.414235][   T31]  ? __pfx_remove_migration_pte+0x10/0x10
[  316.420767][   T31]  ? hugetlbfs_migrate_folio+0xb0/0xd0
[  316.426305][   T31]  ? __pfx_hugetlbfs_migrate_folio+0x10/0x10
[  316.439847][   T31]  ? move_to_new_folio+0x271/0x700
[  316.445064][   T31]  migrate_pages+0x9f3/0x2350
[  316.458440][   T31]  ? __pfx_alloc_migration_target_by_mpol+0x10/0x10
[  316.471735][   T31]  ? __pfx_migrate_pages+0x10/0x10
[  316.478325][   T31]  ? find_held_lock+0x2b/0x80
[  316.485117][   T31]  ? up_write+0x1b2/0x520
[  316.493746][   T31]  do_mbind+0x6f0/0xf30
[  316.498126][   T31]  ? __pfx_do_mbind+0x10/0x10
[  316.504873][   T31]  ? up_write+0x1b2/0x520
[  316.511877][   T31]  ? __pfx_get_nodes+0x10/0x10
[  316.517520][   T31]  kernel_mbind+0x1e3/0x1f0
[  316.525071][   T31]  ? __pfx_kernel_mbind+0x10/0x10
[  316.537638][   T31]  ? rcu_is_watching+0x12/0xc0
[  316.545419][   T31]  do_syscall_64+0xcd/0x230
[  316.552894][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  316.562112][   T31] RIP: 0033:0x7fb36318e969
[  316.566666][   T31] RSP: 002b:00007fb364001038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed
[  316.578274][   T31] RAX: ffffffffffffffda RBX: 00007fb3633b6080 RCX: 00007fb36318e969
[  316.588240][   T31] RDX: 0000000100000000 RSI: 0000000100000004 RDI: 0000000000002000
[  316.602527][   T31] RBP: 00007fb363210ab1 R08: 0000000000000005 R09: 0000000000000002
[  316.612817][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  316.621594][   T31] R13: 0000000000000000 R14: 00007fb3633b6080 R15: 00007fff68fd8d68
[  316.630596][   T31]  </TASK>
[  316.634195][   T31] INFO: task syz.0.105:6480 blocked for more than 144 seconds.
[  316.642325][   T31]       Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0
[  316.650180][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  316.660523][   T31] task:syz.0.105       state:D stack:28552 pid:6480  tgid:6465  ppid:5839   task_flags:0x400040 flags:0x00000004
[  316.672872][   T31] Call Trace:
[  316.676282][   T31]  <TASK>
[  316.679436][   T31]  __schedule+0x116f/0x5de0
[  316.684156][   T31]  ? check_path.constprop.0+0x24/0x50
[  316.694496][   T31]  ? blk_mq_flush_plug_list+0x75a/0x1c70
[  316.711720][   T31]  ? __lock_acquire+0x5ca/0x1ba0
[  316.717236][   T31]  ? __pfx___schedule+0x10/0x10
[  316.722324][   T31]  ? __blk_flush_plug+0x2f3/0x4b0
[  316.727574][   T31]  ? find_held_lock+0x2b/0x80
[  316.732587][   T31]  ? schedule+0x2d7/0x3a0
[  316.737107][   T31]  schedule+0xe7/0x3a0
[  316.741430][   T31]  io_schedule+0xbf/0x130
[  316.746309][   T31]  folio_wait_bit_common+0x3d6/0x9e0
[  316.753159][   T31]  ? folio_wait_bit_common+0x13a/0x9e0
[  316.758803][   T31]  ? __pfx_folio_wait_bit_common+0x10/0x10
[  316.765449][   T31]  ? __pfx_wake_page_function+0x10/0x10
[  316.771479][   T31]  ? __pfx___might_resched+0x10/0x10
[  316.777004][   T31]  __filemap_get_folio+0x77c/0xc10
[  316.784120][   T31]  hugetlbfs_zero_partial_page+0xaf/0x520
[  316.790392][   T31]  hugetlbfs_fallocate+0xf81/0x12e0
[  316.795777][   T31]  ? __pfx_hugetlbfs_fallocate+0x10/0x10
[  316.805091][   T31]  ? __pfx_hugetlbfs_fallocate+0x10/0x10
[  316.811229][   T31]  ? vfs_fallocate+0x608/0x10b0
[  316.816286][   T31]  vfs_fallocate+0x608/0x10b0
[  316.821601][   T31]  ? __pfx_vfs_fallocate+0x10/0x10
[  316.826948][   T31]  ? madvise_vma_behavior+0x1ad7/0x1d50
[  316.833268][   T31]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  316.839407][   T31]  madvise_vma_behavior+0x1a75/0x1d50
[  316.845459][   T31]  ? __pfx_madvise_vma_behavior+0x10/0x10
[  316.851725][   T31]  ? find_vma_prev+0xda/0x160
[  316.856470][   T31]  ? __pfx_find_vma_prev+0x10/0x10
[  316.861741][   T31]  ? futex_wake+0x18d/0x4e0
[  316.866556][   T31]  ? __pfx_madvise_vma_behavior+0x10/0x10
[  316.872416][   T31]  madvise_walk_vmas+0x1ce/0x2c0
[  316.877622][   T31]  ? __pfx_madvise_walk_vmas+0x10/0x10
[  316.883282][   T31]  madvise_do_behavior+0x12b/0x3b0
[  316.888469][   T31]  ? __pfx___might_resched+0x10/0x10
[  316.893979][   T31]  ? __pfx_madvise_do_behavior+0x10/0x10
[  316.900483][   T31]  do_madvise+0x10b/0x170
[  316.904939][   T31]  __x64_sys_madvise+0xa9/0x110
[  316.909995][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[  316.916481][   T31]  do_syscall_64+0xcd/0x230
[  316.924149][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  316.930941][   T31] RIP: 0033:0x7fb36318e969
[  316.935516][   T31] RSP: 002b:00007fb363fe0038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[  316.944334][   T31] RAX: ffffffffffffffda RBX: 00007fb3633b6160 RCX: 00007fb36318e969
[  316.952681][   T31] RDX: 0000000000000009 RSI: ffffffffffff0001 RDI: 0000000000002000
[  316.961002][   T31] RBP: 00007fb363210ab1 R08: 0000000000000000 R09: 0000000000000000
[  316.969067][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  316.977082][   T31] R13: 0000000000000000 R14: 00007fb3633b6160 R15: 00007fff68fd8d68
[  316.985230][   T31]  </TASK>
[  316.988421][   T31] 
[  316.988421][   T31] Showing all locks held in the system:
[  317.004768][   T31] 2 locks held by pool_workqueue_/3:
[  317.011535][   T31] 1 lock held by khungtaskd/31:
[  317.016604][   T31]  #0: ffffffff8e3bf440 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0
[  317.027349][   T31] 5 locks held by kworker/u8:2/36:
[  317.032909][   T31]  #0: ffff88801c2f6148 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70
[  317.043878][   T31]  #1: ffffc90000ad7d18 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70
[  317.055210][   T31]  #2: ffffffff90116c50 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xc9/0xb30
[  317.065243][   T31]  #3: ffffffff9012cae8 (rtnl_mutex){+.+.}-{4:4}, at: default_device_exit_batch+0x8b/0xaf0
[  317.076149][   T31]  #4: ffffffff8e3ca978 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x280/0x3c0
[  317.086917][   T31] 2 locks held by kworker/u8:3/53:
[  317.092510][   T31]  #0: ffff888140f2c148 ((wq_completion)iou_exit){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70
[  317.105378][   T31]  #1: ffffc90000be7d18 ((work_completion)(&ctx->exit_work)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70
[  317.121078][   T31] 2 locks held by kworker/u8:7/3469:
[  317.126436][   T31]  #0: ffff8880b8539f18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x29/0x130
[  317.137293][   T31]  #1: ffff8880b8523c48 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x2c1/0x8e0
[  317.148953][   T31] 2 locks held by getty/5595:
[  317.154189][   T31]  #0: ffff888036bf20a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[  317.164247][   T31]  #1: ffffc900033462f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0
[  317.174600][   T31] 1 lock held by syz.0.105/6471:
[  317.179708][   T31]  #0: ffff888021e83bc8 (&hugetlbfs_i_mmap_rwsem_key){++++}-{4:4}, at: __rmap_walk_file+0x50c/0x620
[  317.191319][   T31] 3 locks held by syz.0.105/6480:
[  317.196491][   T31]  #0: ffff888022ebc420 (sb_writers#12){.+.+}-{0:0}, at: madvise_vma_behavior+0x1a75/0x1d50
[  317.208047][   T31]  #1: ffff888021e838f8 (&sb->s_type->i_mutex_key#19){+.+.}-{4:4}, at: hugetlbfs_fallocate+0xce6/0x12e0
[  317.219919][   T31]  #2: ffff888021e83bc8 (&hugetlbfs_i_mmap_rwsem_key){++++}-{4:4}, at: hugetlbfs_fallocate+0xd5d/0x12e0
[  317.232716][   T31] 3 locks held by kworker/u8:8/6506:
[  317.238168][   T31]  #0: ffff8880b8539f18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x29/0x130
[  317.248908][   T31]  #1: ffff8880b8523c48 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: process_one_work+0x929/0x1b70
[  317.266623][   T31]  #2: ffffffff9012cae8 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_verify_work+0x12/0x30
[  317.280680][   T31] 7 locks held by syz.4.473/8350:
[  317.285857][   T31] 2 locks held by syz.1.474/8359:
[  317.293854][   T31]  #0: ffffffff8f779628 (mon_lock){+.+.}-{4:4}, at: mon_text_release+0x4e/0x3d0
[  317.303696][   T31]  #1: ffffffff8e3ca840 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x48/0x6e0
[  317.321855][   T31] 
[  317.324411][   T31] =============================================
[  317.324411][   T31] 
[  317.334539][   T31] NMI backtrace for cpu 0
[  317.334563][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) 
[  317.334604][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  317.334622][   T31] Call Trace:
[  317.334656][   T31]  <TASK>
[  317.334668][   T31]  dump_stack_lvl+0x116/0x1f0
[  317.334719][   T31]  nmi_cpu_backtrace+0x27b/0x390
[  317.334753][   T31]  ? _raw_spin_unlock_irqrestore+0x61/0x80
[  317.334799][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  317.334833][   T31]  nmi_trigger_cpumask_backtrace+0x29c/0x300
[  317.334875][   T31]  watchdog+0xf70/0x12c0
[  317.334934][   T31]  ? __pfx_watchdog+0x10/0x10
[  317.334976][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[  317.335022][   T31]  ? __kthread_parkme+0x19e/0x250
[  317.335066][   T31]  ? __pfx_watchdog+0x10/0x10
[  317.335110][   T31]  kthread+0x3c2/0x780
[  317.335160][   T31]  ? __pfx_kthread+0x10/0x10
[  317.335205][   T31]  ? __pfx_kthread+0x10/0x10
[  317.335252][   T31]  ? __pfx_kthread+0x10/0x10
[  317.335299][   T31]  ? __pfx_kthread+0x10/0x10
[  317.335346][   T31]  ? rcu_is_watching+0x12/0xc0
[  317.335380][   T31]  ? __pfx_kthread+0x10/0x10
[  317.335431][   T31]  ret_from_fork+0x45/0x80
[  317.335468][   T31]  ? __pfx_kthread+0x10/0x10
[  317.335517][   T31]  ret_from_fork_asm+0x1a/0x30
[  317.335585][   T31]  </TASK>
[  317.335618][   T31] Sending NMI from CPU 0 to CPUs 1:
[  317.478242][    C1] NMI backtrace for cpu 1
[  317.478263][    C1] CPU: 1 UID: 0 PID: 8359 Comm: syz.1.474 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) 
[  317.478295][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  317.478310][    C1] RIP: 0010:page_table_check_clear+0x130/0xb30
[  317.478348][    C1] Code: 00 31 f6 48 c7 c7 80 f3 3b 8e e8 8b 0b 6d ff e8 b6 68 44 09 31 ff 41 89 c4 89 c6 e8 7a 07 90 ff 5a 45 85 e4 0f 85 95 07 00 00 <e8> 2b 0c 90 ff 48 85 ed 0f 84 0f 04 00 00 e8 1d 0c 90 ff 48 89 ea
[  317.478373][    C1] RSP: 0018:ffffc9000c3ff548 EFLAGS: 00000202
[  317.478393][    C1] RAX: 0000000000000000 RBX: 000000000007562c RCX: ffffffff822aa56b
[  317.478409][    C1] RDX: ffff88802b3dbc00 RSI: 0000000000000000 RDI: 0000000000000001
[  317.478424][    C1] RBP: ffff88813fffa5c0 R08: 0000000000000001 R09: 0000000000000000
[  317.478440][    C1] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000001
[  317.478454][    C1] R13: 0000000000000001 R14: ffff88823ffef400 R15: 00000000000001ec
[  317.478470][    C1] FS:  0000000000000000(0000) GS:ffff888124abf000(0000) knlGS:0000000000000000
[  317.478493][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  317.478509][    C1] CR2: 0000001b30b6fff8 CR3: 0000000034310000 CR4: 00000000003526f0
[  317.478525][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  317.478540][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  317.478555][    C1] Call Trace:
[  317.478563][    C1]  <TASK>
[  317.478571][    C1]  ? folio_mark_accessed+0xc1/0xc00
[  317.478612][    C1]  __page_table_check_pte_clear+0xf1/0x100
[  317.478652][    C1]  ? __pfx___page_table_check_pte_clear+0x10/0x10
[  317.478683][    C1]  ? __pfx___might_resched+0x10/0x10
[  317.478714][    C1]  ? __tlb_remove_folio_pages_size.constprop.0+0x162/0x560
[  317.478747][    C1]  unmap_page_range+0x2383/0x4390
[  317.478800][    C1]  ? __pfx_unmap_page_range+0x10/0x10
[  317.478839][    C1]  ? mas_next_slot+0x12d3/0x21b0
[  317.478880][    C1]  ? uprobe_munmap+0x20/0x5c0
[  317.478921][    C1]  unmap_single_vma+0x194/0x2a0
[  317.478961][    C1]  unmap_vmas+0x22c/0x490
[  317.479003][    C1]  ? __pfx_unmap_vmas+0x10/0x10
[  317.479058][    C1]  exit_mmap+0x1b9/0xb90
[  317.479084][    C1]  ? __pfx_exit_mmap+0x10/0x10
[  317.479111][    C1]  ? __lock_acquire+0xaa4/0x1ba0
[  317.479159][    C1]  __mmput+0x12a/0x410
[  317.479191][    C1]  mmput+0x62/0x70
[  317.479220][    C1]  do_exit+0x9d1/0x2c30
[  317.479255][    C1]  ? __pfx___might_resched+0x10/0x10
[  317.479288][    C1]  ? __pfx_do_exit+0x10/0x10
[  317.479323][    C1]  ? do_raw_spin_lock+0x12c/0x2b0
[  317.479345][    C1]  ? find_held_lock+0x2b/0x80
[  317.479373][    C1]  do_group_exit+0xd3/0x2a0
[  317.479412][    C1]  get_signal+0x2673/0x26d0
[  317.479449][    C1]  ? __pfx_get_signal+0x10/0x10
[  317.479479][    C1]  ? task_work_add+0x1d5/0x360
[  317.479502][    C1]  ? __pfx_task_work_add+0x10/0x10
[  317.479526][    C1]  arch_do_signal_or_restart+0x8f/0x7a0
[  317.479566][    C1]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  317.479609][    C1]  ? __pfx___x64_sys_pread64+0x10/0x10
[  317.479644][    C1]  ? rcu_is_watching+0x12/0xc0
[  317.479673][    C1]  syscall_exit_to_user_mode+0x150/0x2a0
[  317.479710][    C1]  do_syscall_64+0xda/0x230
[  317.479748][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  317.479773][    C1] RIP: 0033:0x7f909d98e969
[  317.479792][    C1] Code: Unable to access opcode bytes at 0x7f909d98e93f.
[  317.479803][    C1] RSP: 002b:00007f909e827038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011
[  317.479825][    C1] RAX: fffffffffffffffc RBX: 00007f909dbb6160 RCX: 00007f909d98e969
[  317.479842][    C1] RDX: 0000000000000059 RSI: 0000000000000000 RDI: 0000000000000008
[  317.479857][    C1] RBP: 00007f909da10ab1 R08: 0000000000000000 R09: 0000000000000000
[  317.479872][    C1] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000000
[  317.479888][    C1] R13: 0000000000000000 R14: 00007f909dbb6160 R15: 00007ffc986188d8
[  317.479913][    C1]  </TASK>
[  317.857730][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[  317.864785][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) 
[  317.876642][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  317.886725][   T31] Call Trace:
[  317.890026][   T31]  <TASK>
[  317.892973][   T31]  dump_stack_lvl+0x3d/0x1f0
[  317.897605][   T31]  panic+0x71c/0x800
[  317.901544][   T31]  ? __pfx_panic+0x10/0x10
[  317.905997][   T31]  ? preempt_schedule_thunk+0x16/0x30
[  317.911399][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  317.917405][   T31]  ? preempt_schedule_thunk+0x16/0x30
[  317.922837][   T31]  ? watchdog+0xdda/0x12c0
[  317.927311][   T31]  ? watchdog+0xdcd/0x12c0
[  317.931794][   T31]  watchdog+0xdeb/0x12c0
[  317.936091][   T31]  ? __pfx_watchdog+0x10/0x10
[  317.940825][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[  317.946080][   T31]  ? __kthread_parkme+0x19e/0x250
[  317.951152][   T31]  ? __pfx_watchdog+0x10/0x10
[  317.955876][   T31]  kthread+0x3c2/0x780
[  317.959995][   T31]  ? __pfx_kthread+0x10/0x10
[  317.964625][   T31]  ? __pfx_kthread+0x10/0x10
[  317.969272][   T31]  ? __pfx_kthread+0x10/0x10
[  317.973954][   T31]  ? __pfx_kthread+0x10/0x10
[  317.978586][   T31]  ? rcu_is_watching+0x12/0xc0
[  317.983380][   T31]  ? __pfx_kthread+0x10/0x10
[  317.988011][   T31]  ret_from_fork+0x45/0x80
[  317.992451][   T31]  ? __pfx_kthread+0x10/0x10
[  317.997085][   T31]  ret_from_fork_asm+0x1a/0x30
[  318.001910][   T31]  </TASK>
[  318.005216][   T31] Kernel Offset: disabled
[  318.009555][   T31] Rebooting in 86400 seconds..