last executing test programs:

6.692684581s ago: executing program 1 (id=2617):
mmap$auto(0x0, 0x8e, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x8, 0x2, 0x9b72, 0x5, 0xd)
futex_wait$auto(0x0, 0xfffffffffffffffc, 0x7f, 0x2, 0x0, 0x1)
sysfs$auto(0x6e, 0x5, 0x7)
r0 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0)
write$auto(r0, 0x0, 0xa)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2)
write$auto(0x3, 0x0, 0xfffffded)
sendmsg$auto_NFSD_CMD_VERSION_SET(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24000001}, 0x4010)
mmap$auto(0x0, 0x400008, 0x40000000000000df, 0x9b72, 0x2, 0x8000)
socketpair$auto(0x1e, 0x3, 0x8000000000000000, 0x0)
socket(0xa, 0x3, 0x6)
read$auto(0xffffffffffffffff, 0x0, 0x20)
socket(0x11, 0x80003, 0x300)
socket(0x11, 0xa, 0x300)
pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x89\x06s\x1cJ\x99\x8a>c\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x4e, 0x3)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/uevent_seqnum\x00', 0x0, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000240)=""/200, 0xc8)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/fail-nth\x00', 0x202d80, 0x0)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3)
mmap$auto(0x0, 0x2020009, 0x4000000000005, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x0, 0x5, 0x7)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000010c0)='./cgroup.net/blkio.bfq.dequeue\x00', 0x8ad00, 0x0)
r2 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/030/001\x00', 0xa901, 0x0)
ioctl$auto_USBDEVFS_DROP_PRIVILEGES(r2, 0x4004551e, &(0x7f0000000000)=0x3)
r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/net/pppoe\x00', 0x80401, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r3, 0x0, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$auto(0x100000006, 0x0, 0x32, 0xfffffffffffffffe, 0x0)

6.254388155s ago: executing program 0 (id=2620):
ioperm$auto(0x7, 0x6, 0x1)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x500, 0x0)
mmap$auto(0x0, 0xb, 0x72, 0x8b72, 0x2, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$auto(0x6, 0x40000000029, 0x1e, 0xfffffffffffffffe, 0x0)
unshare$auto(0x40000080)
acct$auto(&(0x7f0000000080)='/proc/sys/kernel/sched_deadline\xdcBH\xc7H\xe2\x1d\b\x00ax_us\x00\xae\xb5\x86\xe9\xf6\xfe\x9b6\x91\x8f\x158\xe7qwI\t0\xc3\xd1\xcd\xf5\x04\xe0B\xe0U<\xb1\x1d\xda\xd2')
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/vtconsole/vtcon1/power/control\x00', 0x400000, 0x0)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty12\x00', 0x800, 0x0)
r1 = openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe\x00', 0x40, 0x0)
read$auto_tracing_pipe_fops_trace(r1, &(0x7f0000000100)=""/70, 0x46)
setresuid$auto(0x2, 0x7, 0x8080)
ioctl$auto(r0, 0x4b3a, 0x10)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/clocksource/clocksource0/current_clocksource\x00', 0x8502, 0x0)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)
write$auto(0x3, 0x0, 0x100082)
set_mempolicy$auto(0x4005, &(0x7f0000000000)=0x1, 0x4)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x0, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
ioctl$auto_SNDCTL_DSP_SPEED(r2, 0xc0045002, &(0x7f00000000c0))
ioctl$auto_SNDCTL_DSP_CHANNELS(r2, 0xc0045006, &(0x7f00000001c0))
read$auto_nsim_dev_trap_fa_cookie_fops_dev(r2, &(0x7f0000000000)=""/156, 0x9c)
wait4$auto(0x0, &(0x7f0000000200)=0x400, 0x1c000000, &(0x7f0000000300)={{0xd, 0x80000000000005}, {0x1, 0x400000000000002}, 0x2, 0x3, 0x9, 0x0, 0x8, 0xcfe, 0x0, 0x1, 0x800, 0x1, 0x80000001, 0x3, 0x8, 0x5})

6.194781746s ago: executing program 1 (id=2621):
mmap$auto(0x9, 0x20009, 0x3, 0xeb1, 0x401, 0x8000)
mlockall$auto(0x7)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x800, 0x0)
r0 = openat$auto_ftrace_avail_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/available_events\x00', 0x940, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_OVS_VPORT_CMD_NEW(r1, 0x0, 0x800)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x8, 0x800000dc, 0xfffffffffffffffa, r0, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000100), r2)
r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop5\x00', 0x0, 0x0)
read$auto(0xffffffffffffffff, &(0x7f0000000380)='ovs_vport\x00', 0x8000000000000000)
ioctl$auto_SG_GET_RESERVED_SIZE(r3, 0x4c00, 0x0)
r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000500)='/dev/ttyS0\x00', 0xc0200, 0x0)
ioctl$auto(r4, 0x540a, 0x2)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket(0x29, 0x800, 0xfffffffd)
set_mempolicy$auto(0x2, &(0x7f0000000080)=0x7e, 0x4)
mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000)
set_mempolicy$auto(0x45dd, &(0x7f0000000000)=0x1000, 0x7)
r7 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r5)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000001c0)={'wlan0\x00', <r8=>0x0})
sendmsg$auto_NL80211_CMD_CONNECT(r6, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="1ab42e2a5c1716de4ab0be5c6e8653a2602cc71c38b6644719557c819a928370c5a9952c73bccb9d900709c1ffd90a191ed9853d89181e94a0714e7acc0477609b64aa88e822d242ae1a9826b01dc588bfcad9baf67e788e5bd1f45143eadb009e2c397e91f9c79518cd59895893366914da824e1797c6c1ed10aa88d95aa08ea583a09364683cc171ecde4706aa4eee23bfeeeb57c540987213b953b485000000000000000000", @ANYRES16=r7, @ANYBLOB="00022cbd7000fddbdf252e0000005200f3007e6edf1b3e74c9d1d25bffec535bc11c94d96c740b0d689ef63820e707a13e0732f568df1fb4ab4288bb637ae054c609d06b5c7049b9f91fc1ca3f3ab68731542813250f462b8665cd157d58aad300000500080002000000b000480158634a6dedf58b38964657b21defbb5181df25af02023bd6300f3722a2ce7adc871a93516a5e053e2b5d077cd3ef4e85aafea2276ece31ba380ff18981871afcd3bff13630957fed7b8c0a84620bac148c778f39b489de265e867c045d9f961da464813d8a005dbed253f6568ab83fc501e695cbfd1d8ae5dfd1aba881649d2990c7882d1d51a03552b3e519ae2bcd8a0fc44f8b355e3e2255b9b149cd0eb397043c74db2f459d6366ee5b1b"], 0x120}, 0x1, 0x0, 0x0, 0x48080}, 0x20000080)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r7, @ANYBLOB="2f212cbd7010ca705d845526cc0008000380", @ANYRES32=r8], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x4000000)
sendmsg$auto_NL80211_CMD_SET_QOS_MAP(r5, &(0x7f0000000340)={&(0x7f0000000280), 0xc, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r7, @ANYBLOB="000128bd7000ffdbdf2502000000"], 0x1c}, 0x1, 0x0, 0x0, 0x4002}, 0x200080c5)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x4000000)

5.098052954s ago: executing program 0 (id=2627):
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x9, <r0=>0x21e9, 0x7ff, 0x6, 0x2, 0xb, 0x2e, 0x0, 0x3}, 0x6f4)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
landlock_create_ruleset$auto(&(0x7f0000000000)={0xff, 0x2, 0x9}, 0x9, 0x0)
landlock_restrict_self$auto(r1, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0x10, 0x2, 0xc)
socket(0xa, 0x801, 0x84)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x1, 0x0)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "0000ffffff3b4000"}, 0x55)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
bpf$auto(0x2, &(0x7f00000001c0)=@bpf_attr_11={0x6d13, 0x5, 0x7, 0x5, 0x5, 0xf, 0xd608, r0}, 0xf)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
quotactl$auto(0xc000000, &(0x7f0000000080)='Y\xca\x9b\xea\xa8KAW@\x1b\xc2\x84\x11\x02ac\fbo\xdfs#B\xff\r7xa\x80\xce\xca\xf6\xe8\x8c\xbd$\xcf\xb6w,\\\x06\xa8\xa4r+=\x17\x03\xd2\x15\x11\\m\x1cP~\xc2\x8e\x97~\xb6\x98\x93;\xd9Eg\xee\x9d\xb5\x01! \xd0x\x8d\xdb', 0x8, 0x0)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
mmap$auto(0x3, 0x4, 0x4000000000dc, 0x40eb2, 0xa1c, 0x8)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x53, 0x9)
syz_genetlink_get_family_id$auto_ovs_meter(0x0, 0xffffffffffffffff)
timerfd_create$auto(0x80000001, 0x4)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4)
bpf$auto(0x3, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0xc)

4.343757254s ago: executing program 2 (id=2630):
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000000), 0xffffffffffffffff)
r0 = openat$auto_wakeup_sources_stats_fops_wakeup(0xffffffffffffff9c, &(0x7f0000000040), 0x200200, 0x0)
mmap$auto(0x10000, 0x8, 0x2, 0x9b74, r0, 0x0)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r1 = io_uring_setup$auto(0x6, 0x0)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/tty34\x00', 0x8000, 0x0)
ioctl$auto_TIOCSSERIAL2(r2, 0x541e, 0x0)
r3 = socket(0x2, 0x3, 0x6)
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x5, 0x0)
open(0x0, 0x2040, 0x4)
ioctl$sock_SIOCGIFINDEX(r3, 0x401c5820, 0x0)
setrlimit$auto(0x1000000007, 0x0)
r4 = openat$auto_loop_ctl_fops_loop(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$auto(r4, 0x9, r1)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x7)

4.249223406s ago: executing program 3 (id=2631):
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/midiC2D0\x00', 0x80102, 0x0)
socket(0x1f, 0x800, 0xffffff01) (async)
openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder0\x00', 0x1, 0x0) (async)
r1 = socket(0x28, 0x1, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES16=0x0, @ANYBLOB="2f212abd7800fddbdf2521000000"], 0x14}}, 0x4000000) (async)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) (async)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) (async, rerun: 64)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/fs/pipe-max-size\x00', 0x6d4382, 0x0) (rerun: 64)
write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) (async, rerun: 64)
openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, 0x0, 0x200000, 0x0) (rerun: 64)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000340)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x4460, 0x15f4da0a, 0x1, 0x3, 0x300000000000000, 0x80000001, 0x7, 0x0, 0x5, 0x2]}, 0x0) (async)
madvise$auto(0x108000, 0x800034, 0xa) (async)
unshare$auto(0x40000080) (async)
syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) (async)
io_uring_register$auto(0x7ff, 0x80000000, 0x0, 0x2) (async, rerun: 32)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0) (async, rerun: 32)
close_range$auto(0x2, 0x8, 0x0)
close_range$auto(0xffffffffffffffff, r0, 0x9502)
socket(0xa, 0x801, 0x84)
io_uring_setup$auto(0x4, 0x0) (async, rerun: 64)
mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) (async, rerun: 64)
move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) (async)
io_uring_enter$auto(0x3, 0x0, 0x1, 0x3, 0x0, 0x2) (async)
io_uring_enter$auto(0x3, 0x1, 0x2688, 0x5, 0x0, 0x7)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x48041, 0x0) (async)
madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async)
sendmsg$auto_OVS_CT_LIMIT_CMD_GET(0xffffffffffffffff, &(0x7f0000000a80)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x86000080}, 0xc, &(0x7f0000000600)={&(0x7f0000001400)={0x1bd0, 0x0, 0x1, 0x70bd2b, 0x25dfdbfe, {}, [@OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x12dd, 0x1, 0x0, 0x1, [@generic="73cbdc2bbaa180e7b8e3faad98d77cd8b27361ef84a8db07cd76c8872c519bcc6d5337bf1045d07e00012a7f0b3f3307e98c2113d3c6dddd1e07635d5b35c6953913400e4a18c98061577d53c51c499cc37183c61de9495a3a9afb27b89da97bbb29d60918db608f676cb296044afc471a32513bb900c1158efbf78cc5482ee0a081b7dedbdb63e90855a47a87948e62132210e64c48aae6aaae7bf745edf32b639b16d16989e555c5f12d8fe0ab140efb76a6f38e3f268e90321329bb157efda29bf38b4726de0e2c41764221b60f39546ae4240ff5c81ce07308a77c630b059f536ea31c73723fd8e287013ea84525cabd917121c67733171e40cb82", @nested={0xbc, 0xb3, 0x0, 0x1, [@nested={0x4, 0xe1}, @typed={0x8, 0x3, 0x0, 0x0, @fd=r1}, @typed={0x8, 0xb3, 0x0, 0x0, @uid}, @typed={0x8, 0x81, 0x0, 0x0, @uid=0xffffffffffffffff}, @typed={0x8, 0x104, 0x0, 0x0, @ipv4=@loopback}, @typed={0x81, 0x8a, 0x0, 0x0, @binary="7e0ff4ffa3ed9904ed79f95c4752f8e951ca19540ee7707f5c6bc814ee35122a19aba1f6584a75651228d3fa754b4dce847c102cf5f21f94fd05de2ec062f8ba5260a642e75a0e9789b8cf2dc1a2dc9082f605fb5f1e848a4bbaceab62ff024ff1ed572e58d476ba4298bc4f09c0b94dfc42b49688653c27cd6c770029"}, @nested={0x4, 0x7b}, @typed={0xc, 0xaa, 0x0, 0x0, @u64=0xd27b}]}, @nested={0x4, 0x50}, @nested={0x7d, 0xa2, 0x0, 0x1, [@generic="11e3263a08ec55cbebbb7bf57741647589c9045b5abde2d872b5ee8ac5e66e6599cccc628d5a9c6ac0fb2b7961d9536df2c4f96b68cb4ab71f06540d022b039b69aa73dca953e4621b0ca7e61f3204c424719e3425317ecc1816340eda45f594dddc1140321c13b2f69e8c7e2428897d0e3dbb97be742ae86d"]}, @typed={0x14, 0x113, 0x0, 0x0, @ipv6=@mcast2}, @generic="73e62db54cc4826cb91b712cd7543a32b9e9eb4a14ccb9fe49e1771e74dc1b7255fad2531038e17876b3e5aef023355375b87fee33728a85514f91bec7ac6fda019b504fe059fc11e1316a5a30eb284438ef1cdd70aad7cf97027d094a983a0163e5e2d29937d8894834cedbf283c980029b5d1785b19a3a53b40c2d79a8dbb480fff035df35746f4b90acdf54d3ee5dfe8d3d5b15bafc39ed8a7d987d11512661af515fb80a61d2f205e8853b9f73517a451a7b2bee7ea679fcc870d5c1f996cd5167dcaac852d0cb088c09d9c687a12f636b920f7f0a468803aca7f45aad3bdcbe26e385640782d447389356da7004bf700a672a31fba037c71839f88dc8a5d606cec4aa90ec96a2112347c8560a688fc164abc541c4255a521f5ea6d0b08285b1d33c142d21c7e5ba61d3893cf10aa76725ecffb12e39c2eb18f8d6c31eaa9fc386046b439f7f7871e48fc4a5db303df956a3af879be46befc9f312ff18e9e614809fd476a537ed1b8cc8c319449c006535d4bff166305ebfee1073aed3d240bbe95a5a394723a090dbd99af0a8045f30b45caf579fd5375d1897e8e9fb5546f2315a6688b10d4d9dc2a0ad7de5b3f471acfc605494bf59e2d4f3c2d39a34143f9bdd6906d383aec12bc0bdabff975349ca79bfd0025bbc21d377c455bbfee393d8f45c13db64036adb1f5de2e573224a23bfb052c794dc70b1f98e8154d1de12defd2b249c646c817e38404d9bcbd0d9a2376f1d6d96ea87733f546f3c2a9b9485891d6376ea56d81f3775dbdf8bc87a45b019266d54e4f96d577116bb163230e5332aba48edadedd485b17afa25258a64c32c03c73eb54373008d082b4e166aaea36731f355ffdc1ca0484c32d2d3d15e946c8d74ee19643901a4df8b9997d3b8450ca069dce4436ddf34a802488bc0aa1ccce4be9872314fa3860acba9a0af7f95b5ab688007a2b84983102d334563d0a2043e574910caa60c39e87f4899d743453439dedcf327bec7778c539cd07257208e04402738baefa468985f8096447eaaaf33404eeb6900284bb3b3ba8c20efeeae594dc8ef81035930ae09462273aadbca1125b99ac4f5ec9802d3cf16f88e09eba9ca156134f253f93ae3691c38b64cffc2ed389e77914d06db116c8d0627940827aafeed037f13922316bb49ef5ecb1521a8419b1d8dc332e11a7a863d970f64255a80b5c627cc137a20d12cf34f0e54199a6a4fd98a3b579871bb0f7a1674e42b564ea81f3ac371f9cfb784a60e73c28d555aa87a37c33d96ea3301bcc0b8f73bda2cc8fc3c43a35353a10c11c415606b64370956c11348613a08a3f7522f1d518fd370d096ca499cfa1348c502a418aa7645649d936a267d8480aeceab03369a693d9ce23831754a5f9457b9cdb159d627e0b714948a94119dbfb04ba12d014e0878ac0401e8114709faacbe7a567760669a65b121b1d71661fdb8ce6f0a305ed07e9c6eb8b7c03236e80eb2d6f80fbf2d79d78cf5affef9d137b2e7b1751d021daa5972ef55a3c1daf4ff66fb83a8e38cae69c922dcf6789638066daf0f1edcb685b24c161b4586b3f98d653ac333018ac70233fe6719ae45f0abcf2bbe2cc1b085f2c318deab93c20d50950333d75a15ad26c757b09e51859732ca56289930e2395315d2a9d9f8ac1d64e6f0ea72402988199d82edbe9d79782b70d5f01927aa197a7c574f1c74b05073529aba6011a68fb08d71df177c6fcde5a65a6f328d998faa9e9e384ab2161c546714b7a4a0774e8109c16dda7893ea5402d69995186e9a1207b71b945fbb3d6f30e156d969cf0f1a644e85f93e7b4e5d7d607f94cea976640cbe5a99565ffad4fc14a3430f3bc4a65a35304413cf075a65d264fc50e66533c6305e485e79687c319160a95e5009145a9a3b09567c6614ef54a9ddf5ac7b2f6d23538bffbfb9abb04979204396504aa739af1e1855caf11b6f266dfe17ebfcf486f8a1fd176229611c2b801afa4efc83111fbabc004f13772a0c5b815903b0a6dbe9d3b40dce8690966b4942727d56e0d9048bf472335afcf55410cdc1de4e406a9668de6fa56b7a7f2a0ab492faf205b8aee78d30c0cb8ac67fe5b75f4eaeeb50e3d8e634f373f31a1cfd87e8420ae262dbce34e518d9141f0cf37ecc404bbd4d64c12d1aa0fc18183605f94f78f0d31b007dce685f34c25ffea8693d40e0b12e9821f452c3146021792a0a140e13f877e5d71ed60dc97fff4b3dad4cd8a6de8bab7aa3a727c128172c3a24309e79c750c570e51e2ab31d5f93afb2d6fc0d1643ab82125029248f45cb094390112d501efa69ecfd77881bbb7ad8f1c132be025ff9e15401647cc7137ee59a77ee77f1a485f27235ca49dad7392d9ec554c1ebd9b4e194b0ffb50efbd3f0e72fc3ccd383d16269ed133c359fb448ffc824ca6dfc1e8b3eed009894bf28569a94c3114da78445aecf1a759639acecba3985bd0be46342a99a8056cfbd9ddafb658615059bef345e7e66beca1bb44cdfc13c58dc8b3cd47a5149fec9fe914d1c06e6ddcdab0b023ba54510d109315eb013caf5482237742d1fdbb1cf7cc00f4ef8edce5190451490c2376a6ecf5307c39abeadb230c197ee3a2b74dd37a3ebb5fccee2684c66240e8dfb2997c2ac44a9be42a531e2e5252c238d5a957439fd7ec2f1615c9b3ceafe60ada6850fd99ab3baf51eecabb751c8e7d1739cbeff8a14b6678cf432a30db15c5cca4e2c10cfccffaab5a850ece46cdbb1fbdb3a80987ea7d9af5b27e20a5dfac5ee0ab8d8c99c625e30ef270ed1212398c486afc0f7de5012cb031c1a37e108df1b07bb2c276d8590b7984649815d11f87c91c1b9c6e6093608ce2a9e2042f9aef880dc191f34fe162cf0ef6ea3412d05f7543665f6be5d181d31e1163047adab46f31e0e5f0efb5526476413ea72e111c090fb13e5f1aa05cfadf609c5a4edeb65774e62786e9da7d81e35692c4884352b848bccdbef06a4a00f8dfef57c06133f94ea2b21b8f5478b2fcd0d933eae891441cec7a69422af16c13160b38d8b584fb9931ca23abfa2a38ff4bc313cc1750dc8fe39e4aec1ceed96d183d528d6b05172e8fcadd6ec5c4618a0ad46b5d81d84e17a6735ff6b7972066dc1d202968fce5b6ee9326f7bb4eff207a9f45a871f5534d6c11c59ae90af4fea90fbce98abb47f0087b2b9100f152bfdfe6f394584a62f86a1c69e5cfd825c1e38bcb7275bd353cbef588b3bca22e1830c32d142afbdf453cc004ff7cbeab0c251d89055693b97087e65bfe227851a506c551e474640051c74a9f3d10da3cecba9c2ba8c56a8fa3ce7ce1f766811b31138b3602543bb2315285eddf4b3ad740d69c7aaaf43004739d7ac9c2c5e802c4b627947c605dd3e263748289ed215363bcf493984bf5b1d722c77b95e17f738f9a68dd3693c27cb7aa36a9b288df433d5084df3742ce4dd1c05fd7e6d6f801d57687110534b8e8916d4b1a9a5cec5927ec4bcd4b101b4468ebf11f34211ab55eb92edf590f12442946b68f461dc118a2ff1a755082da4640e7075d64ecd7c5a073b59e2a00c48727f8a9c68209d0347cf0aafcb950fd3d340556dc64912a5d34803a4976823360dd3636dff65ea2649c48d692d9631b975cd1c6963ae28ba11bf9473fb2919efea58005db5d1ae2ba135884d5efd634efc3143e22e8489a5e9174d06d4b208e76ab402ced8557e373c51317aac0f1ec4973d345c5df321a49de2b1abf4b0a69737ac2f9609b4499061437ca927f30cf9fb4c8545437ec51a794a26412a4b44505631581d22bf2dc4ee42be4b7bbecfb4752ef212084301ac299c0151d1299fb16faaf7f404230e7f0e1b4de5782492df78b4388ca6f030fe92a012026b5dc543820e345333a358d2dcb59f20794ddfabb85f37a62797046c0547602e69ca16f6a39ef21f37a53b634ddddc633093f27f306f2c6188c567b6a3f516bf87e819f04e3b7555d840bc1813941b063b26377ea5f706d2e8b455dc2df2b8e8f14dec658f37e97617f35d77a4a2bb630ba7dd99f0720ab96dc4e6da289fa5c192e3a492d49df8e23f2c07e5c422d3042e2f855cb2590c8e09a27760ba488403bc5bcc1218643d845428ddd266eeba42015eeb3da0b511ee79303a63e1ce989af06d33121670f67917502193e5220de0ce80f43f8c3e0077948bd1e1d627f51f70bf79f3c99e8ccf07bbf075ba9364ac001429e6ea4756942062a33aca709595ac7e01d006b0fd602b7905663961e94c862bb8e3b6af86eeb24a9b91cb83437289b674ab255bcad2ceb58b37410e9453a295aff312a89c718da62558bbb64fedb77b217b950420d606578bf93567b2ea71889d607e0d4c6997e9eb1204a68210962c4a7a131160fb33c5c5df0b1f9a0df01ef2507300acc0c4e46fb87ee0fc9e0318ef50197a0e73da0bc82ea9334e7056a2b677d22a0abf2c51d2da2ec7c76b6d5166933015c70bf4f4c9c12547b2b19aed1442df35cda0327ce2ef92fb62b66c1a4dd695a112c7c0275cdb99691bf69753bb30435a5324fea1f60bab3329e193d7675ef38f0cd8cd13c20d3208a1a12e8e831130fdfbe9c3295f8d576c3e585ca7ac60921add5f496af3057d4719bc88b977fd1d8bf540dff0937fb15fa31398cb7b0f150ecda8aedf0f8ad38acebe31586aeada176dd215d061b4d4435f667c41471e9d099da0949b253374089bc811495b9a30ce91c7c736551d9a476a1d4836cb206eb3617f0cefbbc8c7a4c6fc5e76d702d94ab788933731ca276c4d04d8061595ee6520e466ff47bd965b432c31f59820bf46dc973941c16b23bff3d559709204b2487fe300e86ae66f4ace0291a4d00b8b36e8b0c049d1f6b3dd2fa3ff8653a47ac9abe49490f487914d5e6e5d4ab43e49a05a808ba701847b3e2aaed93be690cd3c3c92510587ba2d7f375710193319b8ff1d167b44737d56b70b5efcfba19c756d824f11a1fbc67c12ae40b648e44d16a409569083ced4d315e10a2abccb8d6d13050d90008479a2be3f72948c0a074d158661337fc0e6b1c8a93f7dab4b348966e7758d06451c4738ef607ba6273166f39dbe0338d5f0a3099d4846121a614a2d2fbc40cd9d8e7f8494f048011982d0f4a213caa880874c0b174fb2d322fc5ea31d863d1e6f73d9bbbfef9987fa273d8bd7ad8a8b580273e548fba853712d25e01ce2efc43bf6d3d5aa645ef7d01112feb116ccecfa6f8cf15a652edc1fe41ceb321b758529dd154eeb20c2f1d6c6a5278a70c9044872678dec62864d9acdb85714348c53d5abb8caae815090b3b9bad8fc68e423dfb682f4eaa4a976ac632f7f0b110b440599c50868a54c113d81d1430eb4ccf4908ec2dec81b5a041f7aee296bc97eec5f673def0c795de6ec0fe7c13803ae870b30accb9fd249fbeafd975aee5374f68df3ee536ad7ce01bd7b328550aa9eed949d8886914c072707ba4c4353e728f63e5237bdc62601bd1038ed406e0eadd44c4eee22982cbbc4102f909d9d50f2d93254111ac948a81dbefc14cc7533569fd343b638213c31e1a69731db2b6c48afbecc0b0fad594403eda2fcb6a8e41944e2d63e3ef3f29b2a183ec5737ebe0688b5c21353edb9db06dff82ed474c553a75050496352c426d786c52cc60bf06f11c1deceabb91d581e6d5a1394ef4d764dbff96aaba008f1e395650139bbfc504f0a4e0051f77c497982389a1730cb5bdc3bb976f4ac682ca0b6b84b7d27a245c07c21db204c26650f43681a48aaf7708071daa5689de6b44476", @generic="538a08354239afe422b0eb7c15a2fdb4716998e873e4aafab167d26f9d32e9b4d4614b99", @nested={0x64, 0x64, 0x0, 0x1, [@typed={0x14, 0x121, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @broadcast}}, @nested={0x4, 0x126}, @generic="b8c5cb5e4417ffd1d0b3bfe31dba5a47f4f4514763fb4103399cbb1b7ca6999de259130c8bcf992ea51ea062", @nested={0x4, 0x122}, @typed={0x14, 0x3a, 0x0, 0x0, @ipv6=@loopback}, @nested={0x4, 0x27}]}]}, @OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0xc, 0x1, 0x0, 0x1, [@typed={0x8, 0x133, 0x0, 0x0, @pid}]}, @OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x64, 0x1, 0x0, 0x1, [@nested={0x54, 0x1a, 0x0, 0x1, [@nested={0x4, 0x96}, @typed={0x46, 0xed, 0x0, 0x0, @binary="509904cb97ff4d61f48660302e510fa18068b95610cc5f616c9e5d00d46f8dd2e1f36e5e8aabe477b62f534dd3a3aff60af76e7b3136d9cdaebcca973ac802f8adbb"}, @nested={0x4, 0xa4}]}, @nested={0xc, 0x134, 0x0, 0x1, [@typed={0x8, 0x16, 0x0, 0x0, @pid}]}]}, @OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x17e, 0x1, 0x0, 0x1, [@generic="c35866673e03f01850c50723fbac8bd47b3ccdb4704842ea33cd20385f5a4621de3f8aacdce0ff80daf9d32fa854a5a1f512b0f42a3396e10b8d04a8fbd0b9275b88c35edd8dab70127134413d903bc0521ea439726d37eea024b377c12a97f1682c4f35be947e9db48c6f52e92385905e4b7021538a03f59f13022d0f44418d630e157634d9726d85e57be5654f6b84dff71ddb1c618a6d9af325ffe8c80709100bf593076a3df8ee5593b27dd5b2e5ac7b670e71514edbaba49de30ada0c80f717e2e36187eca6cf17d715adb47f20db8a1caf65dd69d57a098af8326b1ca331e349e4ea633216b037", @typed={0x8, 0xa4, 0x0, 0x0, @u32=0x772}, @typed={0x87, 0x2f, 0x0, 0x0, @binary="10c52e70dfba39d23796fc155e48fb5e9382fce1f0aa69556cb604d0ac1d04476a21c124db26aa00278a97779b7f99d2bb82d199b9f98970dd9a292c847357218cd26dceff34514e5c8cc68c9c3f8d9f214c49763d7fbcdd53758b6b5b1687c9fd042d6cb9fd30fdab2b4cefc62377897c8b7bd6912863bb1021e79db0e8363e9d2ee8"}]}, @OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x134, 0x1, 0x0, 0x1, [@typed={0x8, 0x18, 0x0, 0x0, @uid}, @typed={0x4, 0x10e}, @nested={0x122, 0x3b, 0x0, 0x1, [@typed={0x8, 0xa9, 0x0, 0x0, @ipv4=@rand_addr=0x64010100}, @generic="6f4423c954371a212afbb39e00ba961e3c8dc6ff1f0f3c36d828cfc6a451824fbb232b37c959cdc0", @nested={0x4, 0xe9}, @generic="9e4899bd43db97d766c00a325dabc1bbbc7928c1144b8caea15c1dcfd83b852f532a20349f3d573a718fe04e8e9134de1e94afbccf901177b1c840de50c04ed23d1e6b94ddc7039706267d13f3fe073c949fb5eeb4de661449af7ac50067be387df64a6204d619036da3bff0e92c7cc03187e64d32f502920f24167013cf7752deee0394fba77658a6267f518610c0209519523c2345c45fa0808830e131c447cc32477c9cd5b2dbdc345d", @generic="aba5bf0d0ae5e67bd31783eb43acb89e4ec7bc014b5b191e3657d289192c115056aba3d8524d8bebeb60620a60ee8c1fc0ed1ff2d619b7e66bdc574317b471"]}]}, @OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x2d0, 0x1, 0x0, 0x1, [@generic="53e8741db4a7a7f3f6ed9b85276856143970d5182a16cfdb722be5d94ae3fce421ddfe8aee3bff374627d53f48dd4990dc0e151affd5e7b17b42f144ab28b9e2b5472109b24aa156c5bc4498f20e2e3f60b9d68bd2739b388e6db6d61943f98265a84968818f1546f2e87c12da3ecc4a70eef0c5e2036ab49a1d17ea05b2d856f998acc1c67cdaf01d635381bf97a49dc3a933485bd7f61f8998595d12ad32b8716aaef979cb8785ba2242c308446a74f19c7ae5de0eb9278ac4f926a74aaea31ef76ba4d337092419bbf1243cd5ed132319f292", @nested={0x2d, 0x55, 0x0, 0x1, [@generic="6f900911a7c9c0980292c397e20173b627cfee81f0a20e4b375c961b5bf8146bc00b740482375812d2"]}, @generic="065cc272c0f386cf7dc81635abba0c6f4eab4853373fbe91cf77bb7130284825546501c8de2655206141da7440027467cd6ad415390e121d89a312b8e8fcaa099dd97258d30c17626dd78d8b6134dad01643919ffd211e3981282af9b2b11b60436fdba714434ad2c01aa9905d67ed6da68dbdc8016732bddebb51b6275ced49e6da", @generic="fb5bf984cd202311d10e556504888409a9a9343ef52d3624154538deef7da1f880071b256f10f7a26e58b4236c627a4c9d47371ed427fefcc04d1c46dde755d050f73aac0008241a3f67fd38398a0561a346", @nested={0xf2, 0x24, 0x0, 0x1, [@nested={0x4, 0x60}, @nested={0x4, 0x8e}, @typed={0x8, 0x99, 0x0, 0x0, @uid}, @nested={0x4, 0x5c}, @typed={0x8, 0x9f, 0x0, 0x0, @pid}, @typed={0x14, 0x79, 0x0, 0x0, @ipv6=@dev={0xfe, 0x80, '\x00', 0x2c}}, @nested={0x4, 0x9e}, @generic="81be0dd91d6e9fa1864aee581cff1d7b1bc45e75019da2cac8c742ae060534b5e6fc4d5c8f47d156d2ab38237fbf8ae72f70bf2ef69285520c1fa940396b7cf0a882e3c11f737d4ac06f1bc908d2e5682825eb65c25587ea8a33d7ebabd262dbe928419681c283351a1178b231af6a42979c8635535bdca630d464d4b58649842c144d4e441deaac6089a03ff4a15f719d8b792b2aadb9aa55b57af2bc80e7e8cba831f5941963e7cbf8fa8998fe9b9e4030", @typed={0x4, 0x14}, @typed={0x4, 0x37}]}]}, @OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x1a4, 0x1, 0x0, 0x1, [@nested={0x186, 0x6a, 0x0, 0x1, [@nested={0x4, 0xc7}, @nested={0x4, 0x138}, @nested={0x4, 0x7e}, @typed={0x8, 0xbd, 0x0, 0x0, @u32=0x5}, @generic="b59ae0ad27099484941023a8efe1e92c2165af888a869c54b2a4beb166bdda523dbb469fe40e1963e2d2ebc55b4c06fd0dd420fbe5107de88bfac4fd09d8c06c8909f76e5252d06e9ccf7228e50591189e56890bae3c0f89a931f986dbc30c088fee2354a5551dff2f54a7e2203bf9c8249e4c742b4a63a590e678517421046ee9913fe0586ea0ff877d41e0de13337aad1810866363d53b8b6dada6c6becf15c32973b00f749734d5be280efe3c745364e18a41ea66c461aaae9f3c4cfb3eb12097d7dd78c2e5ff9562e2cbb507eb02721658b81d1ee878dd0f318b22124a4f7a7806bfc8fdf9cb1532", @typed={0x7f, 0x1f, 0x0, 0x0, @binary="a3984ce825c62879bf38c43edc813380cbd8e304c005186cc817657c97fdaf0e128b5068334dbb763fd7445dc3f2034b1763b567dc909331dbc7ee7ffde3839d982c8daa8434e6fb22eda67fa5509d823cb03d0cba4817d984bb597e7a6227650df3d81a5df4ec714660215577135827ae7904d7cb5837ffbb90aa"}, @nested={0x4, 0x112}]}, @nested={0x18, 0x148, 0x0, 0x1, [@typed={0x14, 0xe1, 0x0, 0x0, @ipv6=@mcast2}]}]}, @OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x144, 0x1, 0x0, 0x1, [@nested={0x12d, 0xe8, 0x0, 0x1, [@generic="a8f85659ab3633458fa8ac88efd77840d411d99935e51d909698c67f642685d02752ff6edbf4c825236e9fd456842b27a4767b9e400572c8739df2d0ccb2730bdef281700d1f23b0c8f2c69ecbc1e55f4921118794c59dc56d62a3527098fba68c34a7164708ac5e6cc16963095c3a13928ce1efb393b2664157866ebcbfec9f0d7e8c13b842dadceaaf09c022065b1faf6ba27ef08afdff7433d3660f3a9d7bf3", @nested={0x4, 0xd9}, @typed={0x73, 0x8, 0x0, 0x0, @binary="a1786d2b809ddb532f8c42ba269be2ad4acdb77b89099dbc95e2e7c49d8b61793f5f0a9b24182fb37406783ea74e7aef7766e37c13ce29bc8fd15390481902052e11cbdf8c796a19575fdab0ee1e8aa21dd697390cfdf44315a938e77aae508c5045befd546a10137208f8b0250d60"}, @nested={0x4, 0x57}, @typed={0x8, 0x9f, 0x0, 0x0, @uid}, @nested={0x4, 0x12c}]}, @typed={0x4, 0x103}, @typed={0xc, 0xbb, 0x0, 0x0, @u64=0xffffffff}]}]}, 0x1bd0}, 0x1, 0x0, 0x0, 0x4040080}, 0x11) (async)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_OVS_VPORT_CMD_SET(r4, &(0x7f00000013c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x20000000)

4.017480748s ago: executing program 2 (id=2632):
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080))
exit$auto(0x2)
openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/usb/usbmon/38u\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff)
sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r2, &(0x7f0000001040)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)={0x5c, r3, 0x1, 0x70bd2d, 0x25dfdbf9, {0x1, 0x0, 0x3f00}, [@L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x58}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x8}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x8}, @L2TP_ATTR_IP6_SADDR={0x14}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @ipv4={'\x00', '\xff\xff', @local}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
mmap$auto(0x0, 0xfb1, 0xffffffff, 0x9b72, 0x2, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
fanotify_init$auto(0x5, 0x2000000000002)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x26, 0x80805, 0x0)
clone$auto(0x20003b46, 0x7, 0x0, 0x0, 0x2)
ioctl$auto(0x3, 0xff08, 0x0)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000006240)={0x48, r1, 0x1b, 0x70bd26, 0x25dfdbfd, {}, [@OVS_PACKET_ATTR_ACTIONS={0x2c, 0x3, 0x0, 0x1, [@nested={0x28, 0x1, 0x0, 0x1, [@nested={0x21, 0x12d, 0x0, 0x1, [@typed={0x8, 0x128, 0x0, 0x0, @u32=0x4}, @typed={0x8, 0xb5, 0x0, 0x0, @pid}, @generic="b04e844ea904ebea1961b006b1"]}]}]}, @OVS_PACKET_ATTR_ACTIONS={0x4}, @OVS_PACKET_ATTR_KEY={0x4}]}, 0x48}, 0x1, 0x0, 0x0, 0x4004040}, 0x4844)
mremap$auto(0x8000000003, 0xda1, 0x3fd6, 0xb, 0xfffffffffffffffd)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
timerfd_create$auto(0x9, 0x0)
r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000009c0)='/proc/self/net/icmp6\x00', 0x8000, 0x0)
msync$auto(0x1, 0x87, 0x2)
read$auto_proc_reg_file_ops_compat_inode(r4, &(0x7f0000000e80)=""/215, 0xd7)
socket(0xa, 0x1, 0x0)
setsockopt$auto(0x1, 0x1, 0x12, &(0x7f0000000040)='\x00\x89e\xad\x97\xc5\xe8\x91g\xc1\xceE\xea=\x0f\xf4\xba4\x05>y/21\xfd\'\xc7\x1c\xaeV`\xc7^\x05\"H\xb8\x12\x99\x1fF\xdc\xc4\x02FV\x04D&9?\xa8d\xc97B\x9f)\xc6\xbb\x15_\xfd\xa5\xaf\xf8\xb8\x8a\x186\xa9\x0eY;\x9a\xe32T\xddn\xa6zK\xef\xf7\x04\x81\xb4\xb7;\x12\x1ch$\xbd\xd1x\x15\xa8\x9c\xba\x83\xa7\xbdwf8\xc03z|\xcd\xbc\xa1+8\xcet\x960\a\x80\x88!\x9e\x96\xcd\xb5oB\xc1L\xb2\xb1\xe6\xf9\x92\xd4\xcd\v0|G\xb7\xc3+\xb5\xa9\xb4\x05>ry\xa1\xf1)#\xc0\x8d(', 0xbb)
fchdir$auto(r0)
r5 = prctl$auto_PR_PAC_SET_ENABLED_KEYS(0x3c, 0x1ff, 0xffffffffffffffff, 0x0, 0x9)
read$auto_uprobe_events_ops_trace_uprobe(r5, &(0x7f0000000000)=""/111, 0x6f)
memfd_secret$auto(0x0)
openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000240), 0x141, 0x0)
mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f00000001c0)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x5, 0x0)

3.874406295s ago: executing program 3 (id=2633):
socket(0x10, 0x2, 0x4)
mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x24004850}, 0x800)
bpf$auto(0x9, &(0x7f00000001c0)=@raw_tracepoint={0x1006, 0xffffffffffffffff, 0x0, 0x11}, 0x6f3)
sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d4000000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708003600", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c000180080003"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

3.587666323s ago: executing program 3 (id=2634):
close_range$auto(0x2, 0x8, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0x2, 0x1, 0x0)
r0 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/maps\x00', 0x40000, 0x0)
read$auto_proc_pid_maps_operations_internal(r0, &(0x7f00000010c0)=""/4096, 0x1000)
socket(0xa, 0x3, 0x71)
socket(0xa, 0x2, 0x88)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "abe6de3d6468fe8000"}, 0x55)

3.269704332s ago: executing program 0 (id=2635):
mmap$auto(0x6, 0x10005, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
capset$auto(&(0x7f0000000100)={0x20080522}, 0x0)
openat$auto_proc_setgroups_operations_base(0xffffffffffffff9c, &(0x7f0000003540)='/proc/thread-self/setgroups\x00', 0x2, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0)
read$auto(r0, &(0x7f0000000040)='.\'\x14$}-^\'^\\:(.\x00', 0x1)
read$auto(0x3, 0x0, 0x1f40)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3)
r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000240)='ns/pid\x00')
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.net/notify_on_release\x00', 0x20000, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000040)=""/56, 0x38)
mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000)
r4 = socket$nl_generic(0x11, 0x3, 0x10)
bind$auto(r4, &(0x7f0000000200)=@generic={0x11, "bc340f00"}, 0x80)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop0\x00', 0x1a9282, 0x0)
r5 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/self/net/kcm_stats\x00', 0x8282, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r5, &(0x7f0000000180)=""/8, 0x8)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/lru_gen\x00', 0x12b902, 0x0)
write$auto_console_fops_tty_io(0xffffffffffffffff, 0x0, 0x0)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
setns(r2, 0x4000000)
ioctl$auto_SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, &(0x7f00000000c0))
ioctl$auto_SNDCTL_DSP_CHANNELS(0xffffffffffffffff, 0xc0045006, 0x0)
read$auto_nsim_dev_trap_fa_cookie_fops_dev(0xffffffffffffffff, &(0x7f0000000000)=""/156, 0x9c)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
write$auto(0x3, 0x0, 0x1)
openat$auto_proc_fault_inject_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/make-it-fail\x00', 0x80000, 0x0)

3.241843861s ago: executing program 3 (id=2636):
ioperm$auto(0x7, 0x6, 0x1)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x500, 0x0)
mmap$auto(0x0, 0xb, 0x72, 0x8b72, 0x2, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$auto(0x6, 0x40000000029, 0x1e, 0xfffffffffffffffe, 0x0)
unshare$auto(0x40000080)
acct$auto(&(0x7f0000000080)='/proc/sys/kernel/sched_deadline\xdcBH\xc7H\xe2\x1d\b\x00ax_us\x00\xae\xb5\x86\xe9\xf6\xfe\x9b6\x91\x8f\x158\xe7qwI\t0\xc3\xd1\xcd\xf5\x04\xe0B\xe0U<\xb1\x1d\xda\xd2')
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/vtconsole/vtcon1/power/control\x00', 0x400000, 0x0)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty12\x00', 0x800, 0x0)
r1 = openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe\x00', 0x40, 0x0)
read$auto_tracing_pipe_fops_trace(r1, &(0x7f0000000100)=""/70, 0x46)
setresuid$auto(0x2, 0x7, 0x8080)
ioctl$auto(r0, 0x4b3a, 0x10)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/clocksource/clocksource0/current_clocksource\x00', 0x8502, 0x0)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)
write$auto(0x3, 0x0, 0x100082)
set_mempolicy$auto(0x4005, &(0x7f0000000000)=0x1, 0x4)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x0, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffff7fffff0005, 0x8)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
ioctl$auto_SNDCTL_DSP_SPEED(r2, 0xc0045002, &(0x7f00000000c0))
ioctl$auto_SNDCTL_DSP_CHANNELS(r2, 0xc0045006, &(0x7f00000001c0))
read$auto_nsim_dev_trap_fa_cookie_fops_dev(r2, &(0x7f0000000000)=""/156, 0x9c)
wait4$auto(0x0, &(0x7f0000000200)=0x400, 0x1c000000, &(0x7f0000000300)={{0xd, 0x80000000000005}, {0x1, 0x400000000000002}, 0x2, 0x3, 0x9, 0x0, 0x8, 0xcfe, 0x0, 0x1, 0x800, 0x1, 0x80000001, 0x3, 0x8, 0x5})

2.795506023s ago: executing program 2 (id=2637):
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000540)='/dev/sequencer2\x00', 0x402, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
read$auto(r0, 0x0, 0x20)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3)
r2 = socket(0x15, 0x5, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
r3 = socket(0x15, 0x5, 0x0)
getsockopt$auto(r3, 0x114, 0x2716, 0xfffffffffffffffc, 0x0)
r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000280)='/proc/asound/card1/pcm1c/xrun_debug\x00', 0x20440, 0x0)
pread64$auto(r4, 0x0, 0xa0, 0xf86)
sendmsg$auto(r2, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x200, 0x4}, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D3\x00', 0xc2001, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
unshare$auto(0x40000080)

2.685702132s ago: executing program 1 (id=2638):
close_range$auto(0x2, 0x8, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0x2, 0x1, 0x0)
r0 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/maps\x00', 0x40000, 0x0)
read$auto_proc_pid_maps_operations_internal(r0, &(0x7f00000010c0)=""/4096, 0x1000)
socket(0xa, 0x3, 0x71)
socket(0xa, 0x2, 0x88)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "abe6de3d6468fe8000"}, 0x55) (fail_nth: 2)

1.455118817s ago: executing program 0 (id=2639):
mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$auto(0x3, 0xae60, 0x10000000000402)
ioctl$auto(0x3, 0xae41, 0x38)
ioctl$auto(0x3, 0x4020aea5, 0x38)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/virtual/net/bond0/bonding/mode\x00', 0x181002, 0x0)
r2 = waitid$auto(0x7, 0xffffffffffffffff, &(0x7f0000000000)={@_si_pad}, 0x2, &(0x7f0000000080)={{0x1, 0x1}, {0x3, 0x6fe8}, 0x4, 0x5, 0x7fffffff, 0xd9, 0x3, 0x8000, 0x1, 0x8000, 0x5, 0xb, 0x4, 0xfffffffffffffffe, 0x0, 0xffffffff})
move_pages$auto(r2, 0xffffffffffffffff, &(0x7f0000000180)=&(0x7f0000000140)="89f62d05fb166e0ce798c672263f1e39906b8e5ddec795c0a6be1baafc1ef614e20b8326ac52", &(0x7f00000001c0)=0x9, &(0x7f0000000200)=0x9, 0x6)
read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000001300)=""/4099, 0x1003)

1.342408359s ago: executing program 1 (id=2640):
r0 = openat$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/ieee80211/phy0/aqm\x00', 0x8002, 0x0)
read$auto(r0, &(0x7f0000000080)='/sys/kernel/debug/ieee80211/phy0/aqm\x00', 0x7fff) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x155)
prctl$auto(0x41, 0x0, 0x0, 0x0, 0x0)
socket(0x2, 0x80802, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) (async)
connect$auto(0x3, &(0x7f0000000140), 0x55) (async)
socket(0x10, 0x2, 0x0) (async)
socket(0x10, 0x2, 0x4)
r1 = socket(0x2b, 0x1, 0x1)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) (async)
semctl$auto(0x5, 0x2, 0x13, 0xc) (async)
setsockopt$auto(r1, 0x29, 0x20, 0x0, 0x20) (async)
socket(0x2, 0x5, 0x0) (async)
r2 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0)
write$auto(r2, &(0x7f0000000040)='nbd\x00', 0x4)
openat$auto_binder_ctl_fops_binderfs(0xffffffffffffff9c, 0x0, 0x800, 0x0) (async)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) (async)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) (async)
socket(0x11, 0x80003, 0x10300)
sendmmsg$auto(0x3, 0x0, 0x200, 0x0)

1.235226187s ago: executing program 0 (id=2641):
mmap$auto(0x0, 0x400008, 0x400000000df, 0x9b72, 0x2, 0x8000)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
get_robust_list$auto(0x0, 0x0, 0x0)
bpf$auto(0x18, &(0x7f0000000040)=@bpf_attr_5={@target_fd, 0xffffffffffffffff, 0x5, 0x8, 0xffffffffffffffff, @relative_id=0x3, 0x41b5c1ff}, 0x92)
r0 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB='d\x00'], 0x1ac}, 0x1, 0x0, 0x0, 0x44814}, 0x2004c0c4)
sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x8)
setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14)

1.110350933s ago: executing program 2 (id=2642):
mmap$auto(0x0, 0x4005, 0x2, 0x40eb2, 0x401, 0x300000000000)
r0 = openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000000), 0x80001, 0x0)
close_range$auto(0x0, 0x2000000003, 0x0)
socket(0x2, 0x1, 0x0)
socket(0x1e, 0x1, 0x0)
r1 = socket(0xa, 0x5, 0x0)
setsockopt$auto(0x2, 0x8, 0xa, &(0x7f0000000140)='\x00', 0x3)
futex$auto(&(0x7f0000000000)=0x101, 0x400003, 0xc3f5, &(0x7f0000000040)={0x5, 0x9}, &(0x7f0000000080)=0x8, 0x4)
ioctl$auto(r0, 0x3b84, 0x38)
ioctl$auto(r1, 0xa5, 0xffffffffffffffff)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'batadv_slave_0\x00', <r3=>0x0})
sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0100cda4429629bd7100f9db5f2502000000000000"], 0x24}, 0x1, 0x0, 0x0, 0x404c0c0}, 0x80)
r4 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0x3, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x8, 0x4008)

1.080283107s ago: executing program 3 (id=2643):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
unshare$auto(0x40000080)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty39\x00', 0x40001, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
bind$auto(0xffffffffffffffff, &(0x7f0000000040)=@tipc=@nameseq={0x1e, 0x1, 0x2, {0x40, 0xfffffffc, 0x2}}, 0x66)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000)
close_range$auto(0x2, 0x8, 0x0)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
sendmmsg$auto(r1, &(0x7f0000000100)={{0x0, 0x4, 0x0, 0x2, 0x0, 0x400}, 0x4}, 0xfff, 0xb07e)
write$auto(r0, 0x0, 0xea05)
ioctl$auto(0x3, 0x541b, 0x38)

1.006401903s ago: executing program 1 (id=2644):
openat$auto_bsg_fops_bsg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bsg/0:0:0:0\x00', 0x81141, 0x0)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0)
readv$auto(r0, &(0x7f00000000c0)={0x0, 0x5}, 0x3)
ioctl$auto_TIOCVHANGUP2(r0, 0x5437, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r1 = socket(0x18, 0x5, 0x2)
mmap$auto(0x9, 0x8, 0x7, 0x9b7f, 0x2, 0x8040)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r2 = socketpair$auto(0x1, 0x2, 0x1, 0x0)
r3 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
waitid$auto(0x2, r2, &(0x7f0000000240)={@siginfo_0_0={0x7, 0x7f, 0x5, @_sigchld={r3, 0x0, 0x0, 0x3a5, 0x3}}}, 0x7, 0x0)
move_pages$auto(r3, 0x3, &(0x7f0000001200)=&(0x7f0000000200)="65e0af77c0b7329f2a533d1322ae983b46042ccb2fbfe5bca435694648b8b1e9678934c93a54f813234133c3eeb72227ffb3420060e14384e05271de1a0ce66f6efce32b5ae2e5f7c02bae7d021631b9ae911980f5e06d3f0a580f1875841e310aa1926e08d853a20daa7909b20cccb15b61c0c9089c6c889f435be270aa8ec0539cf7b3c421ffbde26467ebd2b29a811441b6869d97b8496196e812e2937103954de642d6f4b0ea422d6666e68c012eb5a9d81b44e8284bf1081a4b7b622f555ec1d588c8a2f3099e73fa8896fb0f502cbb817eefbc234dc6d539b5000e95b3380c0602d5a9f55e85f8bb9662385147643bd68e4577d4ef0092b683b46d2a1f1128f1ac0763ef003c217fcd517bd4f070cfa94e584140630d37ef92b4003a3a4bfceaf8b20a7699487e6f4565619127c103fdb8be74281b6bac5497dbbe77c6548a391f2fdcb01d17e166cf4e308ac80caac2fe81605502119c6956e19a4d3b89f91030768e5c37c41f274d34db63b0f2bcbc7a1b74a2145b6d427537072c70ea7fbf40bc2d1b1b92df6ae166b045146a675705e925665882e6750acdd16c4a9844a21a69bc498f00263ebda1dd0914621bf40514ec733ab27723ab31e1132e0dcf071b7f65c04e5b2ba42d702c57150f75761a024851321f7f8e466fc24b9142cd7f5881cd894f285ed95abbca53690b64ffc8c492fa3053082dab6a887ef2826acc34f64b11da7ee4a60fc7a6df4bafb567ac5a9042aae9d01c7f8e3946cf713c1e7875e5ea1066d4d97831dadace466f66cdd2047eea9478278a2f439ae5ee8d4acb52d8ea144ffd910f1dfc68a2d2d8ea381aaa5226444f6e772d3017efa8bc2182b6b3ff7f554eaf8b057ad5933fb6c440ef5c4b016d2d656f06e5c5cb3a2685f7cf1487c6568f30302c5a2e2b242c80202100b2fb6e04be85ee4d1fb3114d93b2e8cf1d268331647721fe8b1adcb1c598fad6fc53e70f3fb342c00e13b6f58afddd688f81e42c80d6b8fe936e90cd980fb8ebee5f91b60e15d7ffedabb106293b3c02053496876b61f90a4360d2f9541df03a17eae61071bbee2dcde8b7f2a7d6bd757d3c5eb96e13386cb6349c5b85111d1f9602e3982f2172f7fb3d0c843d2f4f4d99e11de359b27a9d8a728bf3bb0d349833b1e59f89d986c78e13da4c713b77c86203e34f0f8ac3818bfe21c51b904326c8eaa70681467c471b79cac385f29b09aa8f48c41dbff2022188bf510b7ac4f7160db745e1648c40b521902aae774b66f5937fdc73cad1970c86ce37df436cf82ff272aa260ceea42082b65d4caffdd11dcaddd4d40db678152c5ed44c14123ed22fc3ed8846116e391413ede23c27570dc1720e5c738ea57000cf7370a571807ceaef27a1b7dee56f7dee500e553dd307813ffc9874c51c145712090c1360a25a881a0c9138326555dba57513beda39c9171124ce1299f7423004abf8bcc230af2fb382659ff54b9ac404a3770477de6df12e88c5a04eca0c0bb3829f4078a080b961ac2ac874c62ecc400b4c3cdbbde85b0fbefa44a3d9309a78da1535ce71f9b60c10fb791242740e69eef912db540046ce4e1648ed5c92ca2f326fdf82deb3945f6443abf938d193c4ddca805faf077de191bd123f670efb90f7f7817bc950890ba767a30e6b7dfb131903311c560c7ff004ba43095746f35aa09566594ff8621a4b4b013ece67bde9805703c812bd287e73788ec0e70279cad82dd19972597befd77e63595370ab27556b3fbaf946d3792057ce120c1193aa6e702f55f0cf7685fe8286c1e5cf26a5a6bbf5e37ec9deba7f83b337bd80318d6b0e0e94d68db02750d710d2a70af9258ea8d62451b1945c33591e9e88ba2a929cb32ff0653effa83c9d9ca03c75bd11ddbddb427dd51640cc0d23d3b82600c595283c77f3a8ce6c807ae87271c2e78d1fb0d2ab4bae57707a2333e5c9761069eeff17317257e4defe70883fe99a9e4f6c62bf2d1cbfd178b817be4883ab5d867febfe199360ec1d6a6a44d9cd7ae94701336f4adecd33d91b312b24996a9fc02fa94657e440b486714a368b24d111b6df92317004df4026370b3e035f56270ff4fa1bfadf1f756d5fd705ce750893a3794f78388e06d95763a250fa66da3fe20699d738eaecb97e9f2c4672338fc7f0f61d6d0072baac4a590c39ffd6122dfaf1bacd33b5ad8dcb42c5952170d2941f6fa73566a297ffbf84c366b643a8da6c96341a56a13ba0bbfeeb37040d05a87aa0f2f102f8e77efc41b062b8b49487c61ef11e7e9d06ef23d20540892893cc76d9530276400ab9f23a9313e0b4a1c69385db73035a7b61d9d51a197e808d7ab4e0f377f59f64856ca49ebf524bf44e20eeacda60add5207da3818b85764fec68d3bcc7bb01ee6fab18af0e1d0a68f2c45d3701e04394d944d494446d98a7d38eb942859b582a0f039cb938931def004326bf150f24993ea56ae20477d5f21b05d9755acb025c00062b71176cdd70988a9afbca4188181280bf06b0bb7861ee59e538b52d456adcbd38e3359db926ea67855d77bdf9d5d4f8965b4a076694fbae52f582e0f1dd2b0044d1857d23e99d6c4c4141a8bf1d86d73ee71cba27efd030d7d6ee139d74b5c013ccfd4315a0af17ebcf47e1d16e6c7c7ec7724888da392e8213d49c477cc06ea7853cfe095a213784e7e8d903f13109ca4b66bbebadc7543b5bffc4b5efd89533f4b9a139ab1f17680fe4dc339e0dc109403efbc709052cdec9ef5835c415ed8bc65544ab771582911033ba64cf5af026002280e0f1f5117430e24d8f9a045468087a0de4a911c18dd174f8f23c090e7324f9212dbc3e6ca5e6ed31cff512f7bc282a882332799af0d88eed2bef7a6b716f4be5e6c6b89abd0945a80fbcf22db1ea2b492518211d022c8f9a6ef9f04d086f6e5a6ecbdccafab6cd7c9c39fb0c03d55eaa5d8ea4f0a86def61ff664b8ad8499ffb86b68d16bbc47ad0ae9875e9798ee2829467d1d6c9ae0ed9ff56f255ed593f30d3dc90a63558d0ba9c7eb9c688b7c6495ab6d52be84f468a4ad44703343da6add09d7990dfba4e8a7103b1b5cd3002a963c51a5e8856b2a00056abd6806af8c6a6e125c0095912dcc3b29a4e726cf9f38f4fd0231dfc478d5e25e7e7f2cb507dd778eeeed6938673c51dc295833ae1d622a6847bede7343dc9f074da6f8187fa9b5e5df1b505c6135c77a9adac327745157cdc2d197f469b06ef73b57948ada1d8109a4d57b8938fdb9b9a931b808d564dd98a16d1bfea893de901c7c1f657c3f1f8a6da6088c7e8c47efd8c0640028c4a6e0e03890fc6f115dbde65ee084c339d78937d650338f1be006c76fcefb67c6c1f412712860602e8c01934f02a4a5ae382c0b70f7fdc5443db132a3823f6f956bd441604ac15c98f71764f21d3bf2ddd566427206b30386875d58cd4b9baca966d0ac5d220620da8f8dbf09ceaea2a9933f6f13477694f14b517bea37eae0d6656f9118f513be44b302e1916e4b582cec97e5237f2998f091f948e6c2fca59d7f9af72d6be6d8a65f6268ce1e9f5cc84e9fac0d7ecace92da185a7ce2822c0a5bb76c60199e2fab26939b3edeb2e3f4f1ba8bbf709d77b601cddfe7bce8c5919ed922b5d8b72f85f368bc1943d006d4743eaff47b40d7a24413d69cf3c033b6d02ba34acd480b925cd8c70b10061304889dbb4e9774195e727d39b8e1991706617138455f4f064e0396bdee548d49d4224b9ff31582f16bfdbeeca1f1b746f7304a0c3e39f194b4d34281b99a77e65c433873ecdd129b2038b7d7a25807d1cbb81460d9510cd2f9eb400add674b541812384c68a4cf011a61de2557e7f6d7f916a0ac0a0435069a5070b0518e3ae81e9f7fd2e69600cd86204f6b7d1dd2d0f38a3f566a27e7de3635023c8cb13dc9af7518a8f2d2449df8d16acf4bce39359929e478216898dac40d8770612c7efc9a2cb7b801f1376a5ac4db8ab1fe7debe8f1f3fc5b83f9636a14804cfcacb4c64d107dc68bfe4ff371521cb0ffb75132213ccbed7e77bf1d66a991badea57369f9acbf46f3972e8dd31ce7b39a3294576ac25b6f533301248855adc4ce33bbb698001646a3ce984ccff7bcc865e739e2276cd3b8bbe1ce16cffc0a2afc177df656719df014bab87deca4ac02f5b9c33c8d3d237114e93c33e8de2f06b8272b31a944fffac10ce028c2f0b2afd9d8cf12160c34b964d914fd9d2bf52d27fc8d95102512219407d979445b93144280fdc053e2e0e01da7f2a9b49d954188b900b0b669dcb15d2d2b6e55938ddf88286de720801175caf9032f1d7680649dea70d2c8d88907cf980d8a16257971b84c0d4551f9bdc0bd25bf8c1d6db67ce90d569ac870d7276b851ce9f5535d670fe9425245d817ab2272d6e642e3cadacf9f141980c0d8d96c493651e77f041e9d60c18dc5a1191f5081b6d9b466b816824d168949154e0aefe0bab73646259581b6f95d457132cc2f6afe1e3028b3c60c45fe0e66661cc823fcc9605ae3d2a72ebc4b34c68224d8bd5cc64acac57bb7230bdcc7b51af8621888f29aa66607d7e8513e21a31a8d355a00133e2c69be91046722934461ac27dee7ca70fb5c08a72eef3384c56a31406b959c9e5c86ed4cbeba774a139c56cdbd304322d27c653799808adc78dacaa6125a00255995ae6b36c37c760968cc8a1a9a0a1d90fbabd85c84b279f97974830bf4aea7ea96e5caffe3341be4d1dc9466bde335bc5cd9338acbde4a2507c7414f4353532f078fda284da2f1d75e710a7d7710cfc7bdb306a908d4ad3365390a41f5140a5f7eff753b0c5d5baa7d692b0097ec11ae8ff16a1500390f8b4d11a98ed94414dbb6832232467d366dc337ceca6f5e7f705ce9b38d5d881f4b22539b3fd31a2019ec9ea14ca22644e175d9187febea9967b27905f9b763379a008a4ba519bd7ae0543ad60ba407d621b96130f3f25cd335e92224883e494a00181a5819ad0e9a6d058704be9cd59a06636a460b140389330889d30681f6f487370d7ba6f9742c00f1732d6eb4c2342168d59bb2f272d3160c458833f5d582823e2231532f9797398618d3d4ea29d29f0bab188ae56de2f37dab285beda3980ec5b1fa4c6967a7c341ae51ec9b7c94b401b9247e7ab1b8f6bcd717f29634d371e8c44c0380a62e46581250f129eb9d75cc6d08a25f7f3a2fd8e0a7c13851af55684e1640c013f98f64fcea776baaf17052647d2eabc34978292d931b7498b30e856e6a31a155a1533b37a942a17708e0140bbfd4663501af2dfb3c021e2febe5fa8529aa26c59f001fd90b530030ac5ce80b6a2c6fd0e3c115e9cc9cf4f15d476475809be2108d0be9bf3e6a764cbfa01ce03e54d31d598e3faca5b109d19c1c2b4c17a2c16ede5eaebfaceed359ac1f7fa91604a9841a9218d96b8eacd6655eae9e2fabc620af3cd4ad59ef669919e42e5601292da082e3323d37b3086eff3cd05c06be2773ba69d0ba69e2d337b72465936f3a9f8c3a14388937d27767e56f7ea7db8e7e900b5ea5280ddb7f1c3e4c4e72eed60d9e3719e2307ed5b393d516fa5f78fd40f759c105a3e08af5544681320cb4d423f5c056589887a645b5cff947a3b3c0720ef241080345e0ce7660118f9febe142611d5f1631d0b2174eba6e292e4da4f8609470aea336485f79da695f1595c18648642ef189ee1b8c0fcbf96e919a337074acaa44381c030a3b6f108f234fffea6180e9e5ad4c9be29587d1f3b810117f0327461ce0e957e74eb311e533b", &(0x7f0000001240)=0x4585, &(0x7f0000001280)=0xfa55, 0x2)
sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="41004bbd7000fbdbdf250a000000080001"], 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x20008810)
r4 = getsockopt$auto_SO_DONTROUTE(r1, 0x9, 0x5, &(0x7f0000000100)='/dev/virtual_nci\x00', &(0x7f0000000180)=0x4)
ioctl$auto_MEMGETINFO(r4, 0x80204d01, &(0x7f00000001c0)={0xd, 0xffff75d5, 0x2, 0x7ff, 0x802, 0x9})
capset$auto(0x0, &(0x7f0000000140)={0xfffe, 0x7, 0x1ff})
close_range$auto(0x2, 0x8, 0x0)

856.472088ms ago: executing program 0 (id=2645):
ioctl$auto_XFS_IOC_ATTRLIST_BY_HANDLE(0xffffffffffffffff, 0x4058587a, &(0x7f0000001300)={{0xffffffffffffffff, &(0x7f0000000240)="7ade127996051671cdad30d00da7d0408a6baea128ecd810b6692ef49d4519af8d44028f0f7aa3058c13381a07edfb7c1e52d63a208bea406912dce2ebe62e9d8832bd1e416eb7e24159cfe4183536cff92bfe50396a372a132f5a4208047ded616e059310cb17018eebe8728dcc2cb227b5b5be2744ba012472b84f5f90a31ce7a146940b09c906ba344303e13a233c395a220361d5e42f9ed00605a8a7b6ead59ff8648ca373db5ba6b545d26423eb66ec17da874cb19fffbe9436e0c5c9ec91bc8edcd2285475bfe60b0c0d274d51f7ae2519c9fc8e137322fa47715d99f102c74be92911c7eca7f6dac90a4f292136e9d50c3cb18dfdf19bcac295580e7e40caa669767099dd7f2d711cacc1b4dd0561cb387fed9a24615954a2d375bd575bb231a926a241b44708de462190689cbd00a58ef3e10e2d9a2aba6d7ae80c207b349834243951fa08399f1268b94c55fc5300a969b457052e80c6c09b138cfc89d784cc34166f45e52ef5e2784c8b35e48d173bed98c454bbd2b1ab829425d1edff91bfe5bbfa85046da54ad4d363a67c415bf160e6f4cbf0eed1c2303d2ba0075abed8c5036d3dfc4627f5291dc107e216e950d12926c26fda105d9b6f38e65a31244c7c3bd17801e61d6fe9f2ce6698094b29ccc01d417e353890f2ccd1521b7bebc18a86bcdb8a91632111ff2b44d308284f88a22ba74db3426f360c6b479c27bc908079d94fe45790b1480a9d5d8cc330bd51ca570138376849e8b63ac698a21ce46cbf822cb8b86e8709070edd4fa266405abb9c2cef0c37a23bd192047ffefd736ee5244e483546a036e13c303981a64f5d6e5c688de046c2f337f8c7340fcd97af7f2624b25f50", 0xe, 0x0, 0x6, 0x0, 0x0}, {[0x0, 0xfb4391d5, 0x7fffffff, 0x9]}, 0x8, 0x2, 0x0})
modify_ldt$auto(0x1, 0x0, 0x10)
read$auto(0xffffffffffffffff, 0x0, 0x20)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x382, 0x0)
select$auto(0xe, 0x0, 0x0, 0x0, 0x0)
sendmsg$auto_NL80211_CMD_SET_NOACK_MAP(0xffffffffffffffff, 0x0, 0x200080c0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000005cc0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000005d00)={'wlan0\x00', <r2=>0x0})
sendmsg$auto_NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000005e40)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=ANY=[@ANYBLOB=',\x00', @ANYRES16=r1, @ANYBLOB="010025bd7000fddbdf2537000000080026000004000008000300", @ANYRES32=r2, @ANYBLOB='\b\x00W\x00 '], 0x2c}, 0x1, 0x0, 0x0, 0x8894}, 0x0)

443.728308ms ago: executing program 3 (id=2646):
socket(0x2, 0x1, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/tty/ttyc7/dev\x00', 0x4000, 0x0)
syz_genetlink_get_family_id$auto_tipcv2(&(0x7f00000000c0), 0xffffffffffffffff)
r0 = getpid()
process_vm_readv$auto(r0, &(0x7f00000010c0)={0x0, 0x5}, 0x800000001, &(0x7f0000001100)={&(0x7f0000000080), 0x1ffffffff}, 0x4, 0x1000000)
setsockopt$auto(0x3, 0x0, 0x60, 0x0, 0x10001)
mmap$auto(0x4000, 0x80000002020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000)
getrandom$auto(0x0, 0x6000000, 0x3)
mbind$auto(0x43ac, 0xa, 0x40000000004, 0x0, 0x6, 0x2)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0)
mmap$auto(0xb2, 0x12, 0xffb, 0x8000000008015, r1, 0x8000)
write$auto(r1, 0x0, 0xfffffdef)
write$auto(0x3, 0x0, 0xfffffdef)
madvise$auto(0x0, 0x20499d, 0x9)
r2 = openat$auto_btrfs_dir_file_operations_inode(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bluetooth/hci4/hci4:201\x00', 0x200, 0x0)
ioctl$auto_BTRFS_IOC_SUBVOL_CREATE(r2, 0x5000940e, &(0x7f00000000c0)={@inferred=r1, "8c3aabe6e9afbe5768cca4cd7bcb348b656ea864a7e5a81c86fa6a89108f37471d02d69e0d3d7d5ee6af73152ab7560c718e16592dc6d82db11daedf00a59d05c4df000e462b5e6555f5c3f93ed7eeab69086107c0f5b26f1060cef8899c2f6ed7ba5bfd5b1006b8c1aea5db58627ea2b628b6ae64772a4820ffaf483c7f1a72b0162b715403ecae68357fbeffe0ad87a11230227d8153101bde22493eebc57ee405f0da474a664bce2b932bc20e99b7921894a18fff326e7371779a64c17c724fccd8959220aacd733307970aac9db6632cb0286615ef8b6855d91244f05b390f15b00824c827a3023354e019de5b76a1adf43ede1c4630295ec681ad45d8140c9ed9b4a09f6be0777176a25102f2b0466f4b0f9fc8dd86ebc499897679007ed09966471d50e10def35eacae513aa06cf92f6f4a21093fc7728014ef876ab6f7ab6e7dab548179d8e8547990a7e00f13fd015ce4080de0e863883c1869065be452ba98526532074e401c98e94acb227edb6895033cdc34c04082831a3bca46e54d8fcd25d56eb96307b7fe58de0f9f69fa13ce4ca576f38c43a15bc20dbb6c237888fa16ed5ba9fde154521895504c5b688c03344cb61db716b3d664511e8f2e6755754d017f85c45d2686f2774f68bbda8649d7c94909968bf230f5bd34174b048d68499df65742590b92d8de500b16fb3810cd821c60b1925b36dacb0e32a0200c97e3e8de4352dce33eefae8a9025f6ad59cfeba77743f946bd6011abcc5a4ac332e2acaf0eb0bfd6e6be9c781fc7df7ffd154707995e7411fbbbdfbf61abab8a13c793217277cc8bab5a43c6e9c1be01ec1e2677c5c1b05e5060ea6e98d2cebb6fe7dffd846db2b06ff8dba1ccb2cee8f506bcf70a76f4e8bda1eccf3cf2ac354978db12caafb771e53e8f9c815fd6a31299836839cb3df5a7f8a2be6bdd69fb0820f29bdc52d883353940e861fcb988f4f962145caffac0ecfbeb8c3db7f11851b434a83228a174795c9c3b39e1b9d23bbcbfa5f195bf51aa4ef41e7a7a2e91ab9a16943f8cee87d23ef085be386e06a5406ecf0805248daf7185363e5b7608dc8573f6c9536ad50767c4568754296a1587d70fc58a7a56997af765bf9ce38ff68bda887eba7472b75839ed020f254d599431a565840e510b35b440191122e00239a7c137bc83c213999197298c7aff68059c0624086434a67fa7c507b3af494be614d48f3ce91a73708005630fd77fb55c65b86c40a74b57d798d39ec649336ada14ddc5fdc5a1970edc9d2c36221b7f6a821aea3d2fdc516c9936943cbe445e772b0d31221fa7865fe8b1d268dec6df103ed3744fdb14ab9e4f9cccc4b741eb5a3b79529cbc93ba37c70e0b1910962b9e80797882ab248eb526d310877176f8112b6919094dadaa885e8388648decde51010a10832e3a49efea6cb926b1682d929c08cce96986a634c1d181a6e7793d293b81ade017414958765384eea99eb726f76cc422a0f14900ca60219a233d57cfd4d41efaacb568749c5128068c8d96e79a88e7be8f9129d985cf67144933ad84561872da17caacee97c437498902e340d3df5900fba314450a47fafe510919379d8c187883968a951c5c6fbdd30a52620b74691c279df9e44fb8ab7e464658b1d1ae2c4a1fb15d76be4e38d7c035e3128c0492a6c8db26952382f8424eaa5274fee0def170600860be719491144ebebf1dc34136f04b0d77400c5f9bbdac58a85135e057856a3597070400b74e6a0f06a14b193ff490630e51a822e72a84108b79552446fee5965d46ca60f26f961dd0eced5cf90653738ad85c6972bfa6619fa6e8b8b7ba568281b10f8972cf393d61d17daa4f5490add583b0354ec0d55b66dcf90283745b403d2f44da402bcec76e5404610d828ef468fa4a89961d21de05a6929e1c4c3f12bf0fc42add1d25b9118b2f6bedbf1f2261452f1860b3ae8aca50a959d357852e0bbac9d4ee7e5784f3b00c469ceb3afeb4821e5b850b2cae840760f8676d22c3be2468c9ce5e48700073196aa01c335aef0dd7daa3c7383b7f28b01cf6db6f5ade6a2b36a79b9a8067497e2db80bf3d0987621716c00d9ab14677a03f8724812964aded2a8df18766d761723a5f91c691224233a22c2cdd491218b88490c45fcfc44e5e4e12b88fb4b88ba8743fe75357f1f19234fb94ea65cb4612d380da1f1b327a51110c4ab009d090985655b649e499fcc18aa18fad7cdeb49f05573e345c4a89437a6c5b8f676dfe5f240212ed3aeb0b7a9683d0a2fd87864878f47cc6edec5b3713afe4ab46a0e638c07a2e263e480817b02564a4ef4a3391f832ef877a8b4da1dc1ff6ac5822724cc0ac49095e87bdc54081bd62769c7df06e35253bf8b05ba24d8129204391cff2f8808970c598d9b7d0301fbdcd618e5f3727ab911e2b3452163b6ba791f4e81b108a9efb45526652997b0b4c21df361e6a15e9688fce4d5df4466533ba698d0862b967c3c624ef64d18ef37da580b92613367468327605d0b0a68a5e05095b432411432eb208f4d38338b7dfdea2c67ac07b3f6e5f3e0a3aa478e67fdb41005a82d731b2941cf7730debd1d4351c2e9510adf810b954d9073670417f17918f479e4e5d6e1a77cdb8b623ae6346fdc043cf135b77c2a6921ba18fe4aeb1cb5c55d9de2bb47373b2f2620e15fda6b52b72b365e256424e41a043a4b93bc10624d787413cccdfb58fa18dea74ad1928b29a8405614ddc52d461c8fd6d3347b6e28dc897246bcb9d58f404209e097badbab0b6bb72b461c2da8689a28cb1d580584c3a291ad1a6711dba5e5024174d9c8a855189dc7fb6f1f0b4397ef45a8722a3a0ed1ec5d4b0b1b305ada6104e743178147f35e6a3a60db18b4ab616f384d7176427d66b235910f3b00d23294150910a2bb0da06f01554bc5f4d3ce1be547584a2fb7fb948f5c15620fab11398c653e23fe2a6585b1641092201fe7237ac978f68f4a1748933fc887c33624d8a91304913d862ae2d3369d61cca6eb3621cd2a53582b767b368b338c616357a4a79f8dd2fd6b4fe47e7edc4c3ffacbf1fcd364d82c76aafc6f03e10cc41d251351975a52a2fc576991769f80a0ee879dc1b1887d79c96f39b39e8cd6ae4989f6abaceff5b82455e125826d46ca4e8cce5aa62e57b2ae4e2b0fd6ad98bacee467bfb0811507f29b0955df412f9da55fc7d3ac0e94b329b923b0774b73036f7e06af7051312d61259be850c530187d7c754df4323719509a5ab3b7fc581bc6973e45413364e8cd2688a4e8d6309eb78cbbb3638ac1ab64fd64c437ba755db5888039e8b94eeb7e4e84817421f4b6760e5cd01545c45f849691f8005a6dbb0f47b18b865bda29f690aa7ff38cc3822bec05394ed736e241b916035283c5954824d9104e24c66b0c125c6f273eddd3ffdb4558b7a525f0607669263de61d1afd081f53bfccb5d2fc07b681bca46463c835268c7a9bd44798d349010e422ae2dbc4cc0d9dc5b57eaf80eb541cb036efac94750361724d83aaef9d2850b19377bbae6729ad6d599e10d3b24ff3e0a1c2f6529088220e09891bcf5904aec959fe34f0216a5ed5a6d5093e86f8edbd6802da32a2821da93dca9fb7e245bde00582225e142019af4da2c07bd066d16054e24481a4964ac607077a6a40ffb6c48c15a10901857c1bdfda392cf8d3e3330e0d4cfb31026422c810d7db999f9ca48cdf278ae59ff7a68db7adfec0f2c3191f091c6e700efcfc9e5790a8c63b7f3e9d95b4c0011e49e1924492b0ca6b5f1878a953641a207898548e5690a1b884894e88e52967ba96eba34065f637dd46d0062d022082d8cca65c0ffa44aae64a34679a98a0ee49910bc95a727ba67fae600ec1de01e69927f11dd0e51ac76687a921aa37413c0491446fa8d38f5e1c04acf18e33ad9b4a9e8589d0490d42b63100a4cef809a437d274b105d07550cfa43f7a3885c2b1e2e2cc4f703442e21575b46bb18cc0ee5f720351521070dd74a304aa541ee0a8ba5e7151fbe0fb8bb7047a1b23c6bc4165275fcdf9a273b01030d652216578dcad8400cef9836ced701f56366d7b53aaa1639540294663b3ea54ccccfa4b9cd8e9d23ebfde4208a288ef1b34e5a05aa3c13251e56b7e294dbf11afdd4522608364991b9d0741f774f225c4762e31e39df2d9c773d2ccdb1215ea793fc48742097cf05b3b37e707fe3837a48b1574c3ac1934a6d0429094b4ae731db69386adea2d20d7fe1b03888f08f373f556e6a72224cdfe5c19f34179eea5657d21758ca9f3b9b744d02f4ca59c0211c7ee8652f14b07446885d7ff9eff5a95647cf41e961ec3b6cc49d919866f11cf22460d51d05fa8a84aff011f970ed5bca40845f1d44fd1bf96fc31bd993e26467c5602761a5627a80f62dfa33b8f97b64d01766734637320e8e9b90b886ee99ad4871196d32b733ae5d8381a55cb2d776900a02dd5b84a915fefd128a971ca6a5eef586fccf2892fd1805a227f83e9440d797754e0fe8739695fc5bf1904739dc57e5e23e60f8078f5d6244acb582523d1c32962f5f21591e85bae567aaeca6758674f7cd201237e12d926a80ab15156bd9783e4c29915c2fe70fb56c023dd00b36b6387bc341eb31c80cbcdf3ee217c1d58bb00c7aacd127cb2baa4fa0e77e3ee625add3730df5cf7aad66719ec6c184eca1f193bcdf1534452ca72e5d923c23ffd2de258272a9d013ec58f9924cf2080f057e3eaf850c6892009c8862ea80756eb498206659431686a7b9fc99ddb27c4bff39db0a8dba178587012696c804c75350b2aaf16e82436c95f19db2cae53d36a59d379c5f7c2bb1a1b1a3fdb8f9938f5d18e8d57cbabe37050be9d5c7674be6dcff12a1b63eb1bb27be5d9740df467c425b8ca084e55330bd385cf59ead5cf2af72ac17a104f72893311baeabe5b915d16d414598765bb2ebf6240cf7b8761a3f42856b43fe35c54d1c920f9dc863c6de227a604fafb3e7c9a4915e1d3ba55d5dbe6fc455fbbca6e7830b019b2a79a4f4c48f3a17240e5499dcccad487b7a875a4645a278c0a84deb2c4af4190e72db39dbb226064c1a5d4f78f1158f6ea65b69b181f78ff18a814b754988c98c47777a78a18a8f6bce08c7183a72b942528dc67e385b02cd91197b7212bcbbf93165b02f4e8b7ed443740480f01c401f4c97953913972cda47e1fe2e578ecebc0a9d0cc2a23227e32b1bc39b229058823a18ef7b5de6f0752a8253df9ecc3a2e2cab0d3da5741b3735deb65b775713a4b05de3b6a2c3d39373efc075bf4a8e4cf5ce0b1da4644b4f627aa9398dce862176c318afc8c6eeae7459c5768d40b29ca66ca03c11aefd40163b687415d1a3dda0fa3b2d3263d4e644af42bb34d997f9938a409c1f68cce4581eea94398e54d846ac3b2423b19335a9c8390087b854bd01ef7e286657da59ee3ab86bd85f0985e8ea1a8605438336332913bb7b2fe59aa55c94e574c2e3c1ba963d2ab32c9f8b62d22787f34d5cb636f9b217b822f1f729783b99f24551d1473e7fec10d97d40e6d25743eb2da1b31a701c32de8358631f1f76bbbc8640fded3439f7c1a481d6cc101c4a72283f8f762bb84cfe0d10cdf0eeb00fe1b72a06fcd13b4f797b7fb6792ce5e848322f32bdbce0dcf23f5cdbf700108da7114616ff09e15e278930cb829b6b43b904e07601032b4c3645c719b0d3dc01844581ade67a64af4c55a7fe82836bb2dec8ecaffc3ef9c60c55b0ea5ae355c7cdb749281702e8"})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
open_tree$auto(0xffffffffffffffff, 0x0, 0x74ee)
mmap$auto(0x9, 0xff, 0x8770, 0x7f, r3, 0x8)
madvise$auto(0x108000, 0x800034, 0x200000b)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
ioctl$auto_SNDCTL_DSP_RESET(0xffffffffffffffff, 0x5000, 0x0)
r4 = openat$auto_force_wakeup_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/bluetooth/hci0/force_wakeup\x00', 0x88f42, 0x0)
write$auto_force_wakeup_fops_hci_vhci(r4, &(0x7f0000001780)='T', 0x1)
mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0xffffffffffff7fff)
socket(0x10, 0x2, 0x0)
syz_genetlink_get_family_id$auto_mac80211_hwsim(0x0, 0xffffffffffffffff)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptye8\x00', 0x149201, 0x0)

437.804042ms ago: executing program 2 (id=2647):
socket(0x10, 0x2, 0x4)
mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x24004850}, 0x800)
bpf$auto(0x9, &(0x7f00000001c0)=@raw_tracepoint={0x1006, 0xffffffffffffffff, 0x0, 0x11}, 0x6f3)
sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d4000000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708003600", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c000180080003"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

321.178774ms ago: executing program 1 (id=2648):
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x240060, 0x0) (async)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000015c0), r0)
sendmsg$auto_NL80211_CMD_GET_STATION(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000001880)={&(0x7f0000002440)={0x28, r1, 0x4bcedae9142a5f4d, 0x70bd28, 0x25dfdbfd, {}, [@NL80211_ATTR_MLO_LINKS={0x13, 0x138, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NL80211_ATTR_MAC={0xb, 0x6, "519c7b1e0c977a"}]}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x40004001}, 0x800) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp1\x00', 0x20342, 0x0)
ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r2, 0xc004500a, 0x0) (async)
read$auto_snd_pcm_oss_f_reg_pcm_oss(r2, &(0x7f0000000000)=""/108, 0x6c) (async)
read$auto(r2, 0x0, 0x20)

0s ago: executing program 2 (id=2649):
ioctl$auto_VHOST_SET_VRING_KICK(0xffffffffffffffff, 0x4008af20, &(0x7f00000000c0)={0xffff536e, <r0=>0xffffffffffffffff})
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, r0, 0x8000) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, r0, 0x8000)
close_range$auto(0x2, 0x8, 0x0) (async)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0) (async)
io_uring_setup$auto(0x6, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0xa, 0x2, 0x88)
bpf$auto(0x0, &(0x7f0000000000)=@link_update={r1, @new_prog_fd=r1, 0x4, @old_prog_fd=r1}, 0xa3)
exit$auto(0x8)
io_uring_register$auto(0x2, 0x18, &(0x7f0000000000), 0x1)

kernel console output (not intermixed with test programs):

BP: 00007fb69600e2a0 R08: 0000000000000000 R09: 0000000000000000
[  471.208503][T12931] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  471.208518][T12931] R13: 0000000000000000 R14: 00007fb6961a5fa0 R15: 00007ffea8c84508
[  471.208554][T12931]  </TASK>
[  472.128708][T12942] FAULT_INJECTION: forcing a failure.
[  472.128708][T12942] name failslab, interval 1, probability 0, space 0, times 0
[  472.172115][T12942] CPU: 1 UID: 0 PID: 12942 Comm: syz.2.1525 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  472.172151][T12942] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  472.172166][T12942] Call Trace:
[  472.172173][T12942]  <TASK>
[  472.172183][T12942]  dump_stack_lvl+0x16c/0x1f0
[  472.172228][T12942]  should_fail_ex+0x50a/0x650
[  472.172257][T12942]  ? fs_reclaim_acquire+0xae/0x150
[  472.172299][T12942]  should_failslab+0xc2/0x120
[  472.172329][T12942]  __kmalloc_node_track_caller_noprof+0xcf/0x520
[  472.172361][T12942]  ? kstrdup_const+0x63/0x80
[  472.172400][T12942]  kstrdup+0x42/0xb0
[  472.172434][T12942]  kstrdup_const+0x63/0x80
[  472.172468][T12942]  alloc_vfsmnt+0xdf/0x6f0
[  472.172501][T12942]  clone_mnt+0x6d/0xf90
[  472.172542][T12942]  copy_tree+0x39e/0x9c0
[  472.172578][T12942]  copy_mnt_ns+0x1b5/0xa70
[  472.172605][T12942]  ? kmem_cache_alloc_noprof+0x21b/0x3b0
[  472.172646][T12942]  ? create_new_namespaces+0x30/0xad0
[  472.172685][T12942]  create_new_namespaces+0xd3/0xad0
[  472.172718][T12942]  ? bpf_lsm_capable+0x9/0x10
[  472.172750][T12942]  ? security_capable+0x7e/0x260
[  472.172788][T12942]  copy_namespaces+0x468/0x560
[  472.172823][T12942]  copy_process+0x251a/0x6f20
[  472.172871][T12942]  ? __pfx_copy_process+0x10/0x10
[  472.172909][T12942]  ? futex_wait+0x121/0x380
[  472.172945][T12942]  kernel_clone+0xfd/0x960
[  472.172981][T12942]  ? __pfx_kernel_clone+0x10/0x10
[  472.173022][T12942]  ? do_futex+0x123/0x350
[  472.173047][T12942]  ? __pfx_do_futex+0x10/0x10
[  472.173074][T12942]  ? 0xffffffff81000000
[  472.173093][T12942]  __do_sys_clone+0xba/0x100
[  472.173125][T12942]  ? __pfx___do_sys_clone+0x10/0x10
[  472.173159][T12942]  ? 0xffffffff81000000
[  472.173197][T12942]  do_syscall_64+0xcd/0x250
[  472.173222][T12942]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  472.173255][T12942] RIP: 0033:0x7fc461d8cde9
[  472.173273][T12942] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  472.173296][T12942] RSP: 002b:00007fc462bd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  472.173319][T12942] RAX: ffffffffffffffda RBX: 00007fc461fa5fa0 RCX: 00007fc461d8cde9
[  472.173335][T12942] RDX: 9999999999999999 RSI: 0000000000000009 RDI: 0000000000021002
[  472.173351][T12942] RBP: 00007fc461e0e2a0 R08: 0000000000000009 R09: 0000000000000000
[  472.173366][T12942] R10: ffffffff81000000 R11: 0000000000000246 R12: 0000000000000000
[  472.173381][T12942] R13: 0000000000000000 R14: 00007fc461fa5fa0 R15: 00007fffd888d178
[  472.173403][T12942]  ? 0xffffffff81000000
[  472.173431][T12942]  </TASK>
[  472.753921][T12945] aoe: invalid device specification 
[  472.808405][T12953] netlink: 18 bytes leftover after parsing attributes in process `syz.1.1528'.
[  473.442109][T12961] netlink: 346 bytes leftover after parsing attributes in process `syz.3.1530'.
[  473.885200][T12974] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1532'.
[  475.296036][T13002] netlink: 346 bytes leftover after parsing attributes in process `syz.3.1540'.
[  478.200036][T13049] FAULT_INJECTION: forcing a failure.
[  478.200036][T13049] name failslab, interval 1, probability 0, space 0, times 0
[  478.327570][T13049] CPU: 0 UID: 0 PID: 13049 Comm: syz.3.1552 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  478.327604][T13049] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  478.327617][T13049] Call Trace:
[  478.327624][T13049]  <TASK>
[  478.327632][T13049]  dump_stack_lvl+0x16c/0x1f0
[  478.327674][T13049]  should_fail_ex+0x50a/0x650
[  478.327700][T13049]  ? fs_reclaim_acquire+0xae/0x150
[  478.327736][T13049]  should_failslab+0xc2/0x120
[  478.327764][T13049]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  478.327790][T13049]  ? security_file_alloc+0x34/0x2b0
[  478.327822][T13049]  security_file_alloc+0x34/0x2b0
[  478.327848][T13049]  init_file+0x93/0x480
[  478.327876][T13049]  alloc_empty_file+0x91/0x1e0
[  478.327907][T13049]  path_openat+0xe1/0x2d80
[  478.327928][T13049]  ? hlock_class+0x4e/0x130
[  478.327960][T13049]  ? __lock_acquire+0x15a9/0x3c40
[  478.327996][T13049]  ? __pfx_path_openat+0x10/0x10
[  478.328020][T13049]  ? __pfx___lock_acquire+0x10/0x10
[  478.328044][T13049]  ? lock_acquire.part.0+0x11b/0x380
[  478.328070][T13049]  ? find_held_lock+0x2d/0x110
[  478.328105][T13049]  do_filp_open+0x20c/0x470
[  478.328130][T13049]  ? __pfx_do_filp_open+0x10/0x10
[  478.328152][T13049]  ? find_held_lock+0x2d/0x110
[  478.328205][T13049]  ? alloc_fd+0x41f/0x760
[  478.328238][T13049]  do_sys_openat2+0x17a/0x1e0
[  478.328267][T13049]  ? __pfx_do_sys_openat2+0x10/0x10
[  478.328309][T13049]  __x64_sys_openat+0x175/0x210
[  478.328337][T13049]  ? __pfx___x64_sys_openat+0x10/0x10
[  478.328386][T13049]  do_syscall_64+0xcd/0x250
[  478.328410][T13049]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  478.328439][T13049] RIP: 0033:0x7fb695f8cde9
[  478.328457][T13049] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  478.328478][T13049] RSP: 002b:00007fb696d82038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  478.328500][T13049] RAX: ffffffffffffffda RBX: 00007fb6961a6080 RCX: 00007fb695f8cde9
[  478.328515][T13049] RDX: 0000000000000100 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  478.328529][T13049] RBP: 00007fb69600e2a0 R08: 0000000000000000 R09: 0000000000000000
[  478.328543][T13049] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  478.328556][T13049] R13: 0000000000000000 R14: 00007fb6961a6080 R15: 00007ffea8c84508
[  478.328586][T13049]  </TASK>
[  478.566175][    C0] vkms_vblank_simulate: vblank timer overrun
[  479.191903][T13061] netlink: 346 bytes leftover after parsing attributes in process `syz.3.1554'.
[  479.576088][T13071] rnbd_client L213: map_device: Parameters missing
[  482.126933][T13086] queue_state_write: unsupported operation ''
[  482.137120][T13086] queue_state_write: use 'run', 'start' or 'kick'
[  484.048169][T13137] FAULT_INJECTION: forcing a failure.
[  484.048169][T13137] name failslab, interval 1, probability 0, space 0, times 0
[  484.068410][T13137] CPU: 1 UID: 0 PID: 13137 Comm: syz.3.1572 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  484.068449][T13137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  484.068466][T13137] Call Trace:
[  484.068474][T13137]  <TASK>
[  484.068486][T13137]  dump_stack_lvl+0x16c/0x1f0
[  484.068535][T13137]  should_fail_ex+0x50a/0x650
[  484.068568][T13137]  ? fs_reclaim_acquire+0xae/0x150
[  484.068614][T13137]  should_failslab+0xc2/0x120
[  484.068649][T13137]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  484.068683][T13137]  ? vma_merge_new_range+0x40a/0xbb0
[  484.068712][T13137]  ? vm_area_alloc+0x1f/0x1c0
[  484.068753][T13137]  vm_area_alloc+0x1f/0x1c0
[  484.068784][T13137]  __mmap_region+0x108d/0x2760
[  484.068818][T13137]  ? __pfx___mmap_region+0x10/0x10
[  484.068894][T13137]  ? __pfx_mark_lock+0x10/0x10
[  484.068975][T13137]  ? cap_capable+0xb3/0x250
[  484.069021][T13137]  mmap_region+0x1ab/0x3f0
[  484.069061][T13137]  do_mmap+0xd8d/0x11b0
[  484.069093][T13137]  ? __pfx_do_mmap+0x10/0x10
[  484.069120][T13137]  ? __pfx_down_write_killable+0x10/0x10
[  484.069149][T13137]  ? __pfx___sys_sendmmsg+0x10/0x10
[  484.069182][T13137]  vm_mmap_pgoff+0x203/0x3a0
[  484.069216][T13137]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  484.069246][T13137]  ? __x64_sys_futex+0x1e1/0x4c0
[  484.069279][T13137]  ? __x64_sys_futex+0x1ea/0x4c0
[  484.069310][T13137]  ksys_mmap_pgoff+0x7d/0x5c0
[  484.069334][T13137]  ? rcu_is_watching+0x12/0xc0
[  484.069372][T13137]  __x64_sys_mmap+0x125/0x190
[  484.069406][T13137]  do_syscall_64+0xcd/0x250
[  484.069431][T13137]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  484.069463][T13137] RIP: 0033:0x7fb695f8cde9
[  484.069482][T13137] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  484.069506][T13137] RSP: 002b:00007fb696da3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  484.069529][T13137] RAX: ffffffffffffffda RBX: 00007fb6961a5fa0 RCX: 00007fb695f8cde9
[  484.069544][T13137] RDX: 00004000000000df RSI: 0000000000020009 RDI: 0000000000000000
[  484.069557][T13137] RBP: 00007fb69600e2a0 R08: 0000000000000401 R09: 0000000000008000
[  484.069579][T13137] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000
[  484.069593][T13137] R13: 0000000000000000 R14: 00007fb6961a5fa0 R15: 00007ffea8c84508
[  484.069626][T13137]  </TASK>
[  485.008169][T13153] rnbd_client L213: map_device: Parameters missing
[  485.702401][T13157] FAULT_INJECTION: forcing a failure.
[  485.702401][T13157] name fail_futex, interval 1, probability 0, space 0, times 0
[  485.728805][T13157] CPU: 1 UID: 0 PID: 13157 Comm: syz.3.1573 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  485.728841][T13157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  485.728857][T13157] Call Trace:
[  485.728865][T13157]  <TASK>
[  485.728875][T13157]  dump_stack_lvl+0x16c/0x1f0
[  485.728917][T13157]  should_fail_ex+0x50a/0x650
[  485.728944][T13157]  ? trace_lock_acquire+0x14e/0x1f0
[  485.728972][T13157]  get_futex_key+0x4a3/0x1000
[  485.729005][T13157]  ? lock_acquire+0x2f/0xb0
[  485.729032][T13157]  ? bpf_ksym_find+0x124/0x1c0
[  485.729065][T13157]  ? __pfx_get_futex_key+0x10/0x10
[  485.729100][T13157]  ? kernel_text_address+0x8d/0x100
[  485.729127][T13157]  ? __kernel_text_address+0xd/0x40
[  485.729154][T13157]  ? unwind_get_return_address+0x59/0xa0
[  485.729192][T13157]  futex_wait_setup+0x78/0x290
[  485.729228][T13157]  __futex_wait+0x267/0x3c0
[  485.729259][T13157]  ? __pfx___futex_wait+0x10/0x10
[  485.729294][T13157]  ? __pfx_futex_wake_mark+0x10/0x10
[  485.729336][T13157]  futex_wait+0xe9/0x380
[  485.729363][T13157]  ? __pfx_futex_wait+0x10/0x10
[  485.729409][T13157]  do_futex+0x22b/0x350
[  485.729434][T13157]  ? __pfx_do_futex+0x10/0x10
[  485.729455][T13157]  ? kasan_quarantine_put+0x10a/0x240
[  485.729480][T13157]  ? lockdep_hardirqs_on+0x7c/0x110
[  485.729520][T13157]  __x64_sys_futex+0x1e1/0x4c0
[  485.729549][T13157]  ? __pfx___x64_sys_futex+0x10/0x10
[  485.729574][T13157]  ? __pfx___x64_sys_mount+0x10/0x10
[  485.729611][T13157]  do_syscall_64+0xcd/0x250
[  485.729635][T13157]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  485.729665][T13157] RIP: 0033:0x7fb695f8cde9
[  485.729685][T13157] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  485.729708][T13157] RSP: 002b:00007fb696d610e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  485.729729][T13157] RAX: ffffffffffffffda RBX: 00007fb6961a6168 RCX: 00007fb695f8cde9
[  485.729744][T13157] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fb6961a6168
[  485.729757][T13157] RBP: 00007fb6961a6160 R08: 0000000000000000 R09: 0000000000000000
[  485.729778][T13157] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb6961a616c
[  485.729794][T13157] R13: 0000000000000000 R14: 00007ffea8c84420 R15: 00007ffea8c84508
[  485.729829][T13157]  </TASK>
[  487.701730][T13182] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  488.347808][T13188] svc: failed to register nfsdv3 RPC service (errno 111).
[  488.426729][T13188] svc: failed to register nfsaclv3 RPC service (errno 111).
[  490.069682][T13212] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1585'.
[  490.217781][T13211] ERROR: Out of memory at tomoyo_memory_ok.
[  490.293175][T13212] mac80211_hwsim hwsim9 wlan1: left promiscuous mode
[  490.323618][T13212] mac80211_hwsim hwsim9 wlan1: entered allmulticast mode
[  490.697449][T13223] FAULT_INJECTION: forcing a failure.
[  490.697449][T13223] name failslab, interval 1, probability 0, space 0, times 0
[  490.727622][T13223] CPU: 0 UID: 0 PID: 13223 Comm: syz.0.1589 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  490.727662][T13223] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  490.727676][T13223] Call Trace:
[  490.727683][T13223]  <TASK>
[  490.727692][T13223]  dump_stack_lvl+0x16c/0x1f0
[  490.727736][T13223]  should_fail_ex+0x50a/0x650
[  490.727765][T13223]  ? fs_reclaim_acquire+0xae/0x150
[  490.727806][T13223]  should_failslab+0xc2/0x120
[  490.727836][T13223]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  490.727865][T13223]  ? vm_area_dup+0x53/0x300
[  490.727902][T13223]  vm_area_dup+0x53/0x300
[  490.727933][T13223]  __split_vma+0x181/0x1210
[  490.727966][T13223]  ? __pfx___split_vma+0x10/0x10
[  490.728010][T13223]  vms_gather_munmap_vmas+0x38b/0x1730
[  490.728050][T13223]  ? __pfx_vms_gather_munmap_vmas+0x10/0x10
[  490.728082][T13223]  ? mas_walk+0x6a6/0x910
[  490.728128][T13223]  __mmap_region+0x328/0x2760
[  490.728161][T13223]  ? __pfx___mmap_region+0x10/0x10
[  490.728201][T13223]  ? hlock_class+0x4e/0x130
[  490.728233][T13223]  ? mark_lock+0xb5/0xc60
[  490.728263][T13223]  ? __pfx_mark_lock+0x10/0x10
[  490.728288][T13223]  ? __pfx___schedule+0x10/0x10
[  490.728329][T13223]  ? schedule+0x298/0x350
[  490.728403][T13223]  ? cap_capable+0xb3/0x250
[  490.728445][T13223]  mmap_region+0x1ab/0x3f0
[  490.728482][T13223]  do_mmap+0xd8d/0x11b0
[  490.728511][T13223]  ? __pfx_do_mmap+0x10/0x10
[  490.728536][T13223]  ? __pfx_down_write_killable+0x10/0x10
[  490.728566][T13223]  vm_mmap_pgoff+0x203/0x3a0
[  490.728599][T13223]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  490.728630][T13223]  ? __x64_sys_futex+0x1e1/0x4c0
[  490.728653][T13223]  ? __x64_sys_futex+0x1ea/0x4c0
[  490.728683][T13223]  ksys_mmap_pgoff+0x7d/0x5c0
[  490.728705][T13223]  ? rcu_is_watching+0x12/0xc0
[  490.728742][T13223]  __x64_sys_mmap+0x125/0x190
[  490.728778][T13223]  do_syscall_64+0xcd/0x250
[  490.728803][T13223]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  490.728834][T13223] RIP: 0033:0x7f3d7598cde9
[  490.728853][T13223] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  490.728876][T13223] RSP: 002b:00007f3d76822038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  490.728900][T13223] RAX: ffffffffffffffda RBX: 00007f3d75ba5fa0 RCX: 00007f3d7598cde9
[  490.728916][T13223] RDX: 00004000000000df RSI: 0000000000000001 RDI: 0000000000000000
[  490.728930][T13223] RBP: 00007f3d75a0e2a0 R08: 0000000000000401 R09: 0000000000008000
[  490.728945][T13223] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000
[  490.728959][T13223] R13: 0000000000000000 R14: 00007f3d75ba5fa0 R15: 00007ffd9b913df8
[  490.728990][T13223]  </TASK>
[  492.485231][T13268] rnbd_client L202: map_device: Unknown parameter or missing value '4'
[  492.536993][T13267] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1601'.
[  492.782519][T13272] netlink: 346 bytes leftover after parsing attributes in process `syz.1.1602'.
[  493.360715][T13282] ERROR: Out of memory at tomoyo_memory_ok.
[  494.110463][T13304] ERROR: Out of memory at tomoyo_memory_ok.
[  494.157181][T13302] ERROR: Out of memory at tomoyo_memory_ok.
[  494.451524][T13292] Process accounting resumed
[  494.572103][T13318] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1613'.
[  494.620611][T13318] mac80211_hwsim hwsim5 wlan1: entered allmulticast mode
[  494.766646][T13324] rnbd_client L202: map_device: Unknown parameter or missing value '4'
[  494.790476][T13326] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1617'.
[  494.873482][T13330] sctp: [Deprecated]: syz.1.1618 (pid 13330) Use of int in maxseg socket option.
[  494.873482][T13330] Use struct sctp_assoc_value instead
[  496.439023][T13363] block2mtd: illegal erase size
[  496.921951][T11997] Bluetooth: hci2: SCO packet for unknown connection handle 3
[  497.995539][T13393] rnbd_client L202: map_device: Unknown parameter or missing value '4'
[  498.714113][T13406] can0: slcan on pty238.
[  498.898662][T13402] can0 (unregistered): slcan off pty238.
[  499.938863][T13413] misc userio: No port type given on /dev/userio
[  499.963354][T13413] nvme_fcloop: unknown parameter or missing value '-'
[  500.381631][T11997] Bluetooth: hci1: unexpected event 0x0f length: 11 > 4
[  500.383049][T11997] Bluetooth: hci1: unexpected event for opcode 0x0004
[  501.130601][T13449] sctp: [Deprecated]: syz.2.1648 (pid 13449) Use of int in maxseg socket option.
[  501.130601][T13449] Use struct sctp_assoc_value instead
[  501.146352][T13450] rnbd_client L202: map_device: Unknown parameter or missing value '4'
[  501.723498][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  501.730744][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  501.797940][T13455] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1649'.
[  502.149435][T13467] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1653'.
[  503.538359][T13499] netlink: 346 bytes leftover after parsing attributes in process `syz.3.1661'.
[  504.323328][T13516] openvswitch: HfR: Dropping previously announced user features
[  504.353192][T13517] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1664'.
[  504.451596][T11997] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  504.461572][T11997] Bluetooth: hci1: Injecting HCI hardware error event
[  504.472700][ T5842] Bluetooth: hci1: hardware error 0x00
[  506.527685][ T5842] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  507.432238][T13533] misc userio: No port type given on /dev/userio
[  507.454836][T13533] nvme_fcloop: unknown parameter or missing value '-'
[  508.232558][T13556] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input18
[  508.359419][ T5193] ERROR: Out of memory at tomoyo_memory_ok.
[  508.581882][   T27] ERROR: Out of memory at tomoyo_memory_ok.
[  508.591554][ T5193] ERROR: Out of memory at tomoyo_memory_ok.
[  508.611403][   T27] ERROR: Out of memory at tomoyo_memory_ok.
[  509.660276][T13580] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1681'.
[  509.728850][T13580] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1681'.
[  509.928427][T13583] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1681'.
[  510.400477][T13588] Invalid ELF header magic: != ELF
[  510.763294][T13590] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1684'.
[  510.990097][T13590] netdevsim netdevsim1 netdevsim1: entered allmulticast mode
[  511.057024][T13609] Invalid ELF header magic: != ELF
[  511.100548][T13609] Invalid ELF header magic: != ELF
[  511.107948][T13609] Invalid ELF header magic: != ELF
[  511.148281][T13609] Invalid ELF header magic: != ELF
[  511.153839][T13609] Invalid ELF header magic: != ELF
[  511.190328][T13609] Invalid ELF header magic: != ELF
[  511.195906][T13609] Invalid ELF header magic: != ELF
[  511.233592][T13609] Invalid ELF header magic: != ELF
[  511.256839][T13609] Invalid ELF header magic: != ELF
[  511.488558][T13609] Invalid ELF header magic: != ELF
[  511.573907][T13609] Invalid ELF header magic: != ELF
[  511.586864][T13609] Invalid ELF header magic: != ELF
[  511.612840][T13612] misc userio: No port type given on /dev/userio
[  511.646058][T13609] Invalid ELF header magic: != ELF
[  511.720349][T13609] Invalid ELF header magic: != ELF
[  511.731401][T13612] nvme_fcloop: unknown parameter or missing value '-'
[  511.797969][T13609] Invalid ELF header magic: != ELF
[  511.803687][T13609] Invalid ELF header magic: != ELF
[  512.523715][T13626] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1691'.
[  513.496608][T13638] FAULT_INJECTION: forcing a failure.
[  513.496608][T13638] name failslab, interval 1, probability 0, space 0, times 0
[  513.567563][T13638] CPU: 0 UID: 0 PID: 13638 Comm: syz.1.1693 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  513.567595][T13638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  513.567608][T13638] Call Trace:
[  513.567614][T13638]  <TASK>
[  513.567627][T13638]  dump_stack_lvl+0x16c/0x1f0
[  513.567662][T13638]  should_fail_ex+0x50a/0x650
[  513.567687][T13638]  ? fs_reclaim_acquire+0xae/0x150
[  513.567723][T13638]  should_failslab+0xc2/0x120
[  513.567750][T13638]  __kmalloc_noprof+0xce/0x4f0
[  513.567776][T13638]  ? kernfs_fop_write_iter+0x223/0x500
[  513.567811][T13638]  kernfs_fop_write_iter+0x223/0x500
[  513.567843][T13638]  do_iter_readv_writev+0x655/0x950
[  513.567880][T13638]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  513.567914][T13638]  ? rcu_is_watching+0x12/0xc0
[  513.567950][T13638]  ? do_writev+0x133/0x340
[  513.567979][T13638]  vfs_writev+0x363/0xdd0
[  513.568000][T13638]  ? fdget_pos+0x267/0x390
[  513.568027][T13638]  ? rcu_is_watching+0x12/0xc0
[  513.568062][T13638]  ? __pfx_vfs_writev+0x10/0x10
[  513.568080][T13638]  ? __mutex_lock+0x1cc/0xb10
[  513.568108][T13638]  ? find_held_lock+0x2d/0x110
[  513.568147][T13638]  ? __pfx___mutex_lock+0x10/0x10
[  513.568188][T13638]  ? trace_lock_acquire+0x14e/0x1f0
[  513.568223][T13638]  ? __fget_files+0x206/0x3a0
[  513.568256][T13638]  ? do_writev+0x133/0x340
[  513.568274][T13638]  do_writev+0x133/0x340
[  513.568295][T13638]  ? __pfx_do_writev+0x10/0x10
[  513.568327][T13638]  do_syscall_64+0xcd/0x250
[  513.568352][T13638]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  513.568382][T13638] RIP: 0033:0x7f477538cde9
[  513.568400][T13638] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  513.568421][T13638] RSP: 002b:00007f4776133038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  513.568442][T13638] RAX: ffffffffffffffda RBX: 00007f47755a6080 RCX: 00007f477538cde9
[  513.568457][T13638] RDX: 0000000000000008 RSI: 0000200000000100 RDI: 0000000000000003
[  513.568470][T13638] RBP: 00007f4776133090 R08: 0000000000000000 R09: 0000000000000000
[  513.568484][T13638] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  513.568496][T13638] R13: 0000000000000000 R14: 00007f47755a6080 R15: 00007ffdae92d888
[  513.568529][T13638]  </TASK>
[  513.976020][T13640] can: request_module (can-proto-0) failed.
[  514.070995][T13647] netlink: 346 bytes leftover after parsing attributes in process `syz.0.1696'.
[  517.484551][T13709] FAULT_INJECTION: forcing a failure.
[  517.484551][T13709] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  517.484612][T13709] CPU: 0 UID: 0 PID: 13709 Comm: syz.1.1706 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  517.484644][T13709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  517.484657][T13709] Call Trace:
[  517.484664][T13709]  <TASK>
[  517.484673][T13709]  dump_stack_lvl+0x16c/0x1f0
[  517.484711][T13709]  should_fail_ex+0x50a/0x650
[  517.484743][T13709]  _copy_from_iter+0x4a5/0x1400
[  517.484797][T13709]  ? __pfx__copy_from_iter+0x10/0x10
[  517.484825][T13709]  ? __virt_addr_valid+0x1a4/0x590
[  517.484852][T13709]  ? __virt_addr_valid+0x5e/0x590
[  517.484873][T13709]  ? __phys_addr_symbol+0x30/0x80
[  517.484907][T13709]  ? __check_object_size+0x488/0x710
[  517.484940][T13709]  kernfs_fop_write_iter+0x19d/0x500
[  517.484974][T13709]  do_iter_readv_writev+0x655/0x950
[  517.485010][T13709]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  517.485043][T13709]  ? rcu_is_watching+0x12/0xc0
[  517.485079][T13709]  ? do_writev+0x133/0x340
[  517.485108][T13709]  vfs_writev+0x363/0xdd0
[  517.485128][T13709]  ? fdget_pos+0x267/0x390
[  517.485155][T13709]  ? rcu_is_watching+0x12/0xc0
[  517.485190][T13709]  ? __pfx_vfs_writev+0x10/0x10
[  517.485209][T13709]  ? __mutex_lock+0x1cc/0xb10
[  517.485239][T13709]  ? find_held_lock+0x2d/0x110
[  517.485278][T13709]  ? __pfx___mutex_lock+0x10/0x10
[  517.485309][T13709]  ? trace_lock_acquire+0x14e/0x1f0
[  517.485344][T13709]  ? __fget_files+0x206/0x3a0
[  517.485376][T13709]  ? do_writev+0x133/0x340
[  517.485395][T13709]  do_writev+0x133/0x340
[  517.485416][T13709]  ? __pfx_do_writev+0x10/0x10
[  517.485447][T13709]  do_syscall_64+0xcd/0x250
[  517.485471][T13709]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  517.485500][T13709] RIP: 0033:0x7f477538cde9
[  517.485518][T13709] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  517.485539][T13709] RSP: 002b:00007f4776133038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  517.485560][T13709] RAX: ffffffffffffffda RBX: 00007f47755a6080 RCX: 00007f477538cde9
[  517.485575][T13709] RDX: 0000000000000008 RSI: 0000200000000100 RDI: 0000000000000003
[  517.485588][T13709] RBP: 00007f4776133090 R08: 0000000000000000 R09: 0000000000000000
[  517.485601][T13709] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  517.485614][T13709] R13: 0000000000000000 R14: 00007f47755a6080 R15: 00007ffdae92d888
[  517.485644][T13709]  </TASK>
[  517.687798][T13713] [U] 
[  517.687860][T13713] [U] 
[  517.687904][T13713] [U] 
[  517.687943][T13713] [U] 
[  517.688115][T13713] [U] 
[  517.688154][T13713] [U] 
[  517.688192][T13713] [U] 
[  517.688234][T13713] [U] 
[  517.688504][T13713] [U] 
[  517.688542][T13713] [U] 
[  517.688580][T13713] [U] 
[  517.688623][T13713] [U] 
[  517.688825][T13713] [U] 
[  517.688865][T13713] [U] 
[  517.688904][T13713] [U] 
[  517.688940][T13713] [U] 
[  517.689128][T13713] [U] 
[  517.689167][T13713] [U] 
[  517.689205][T13713] [U] 
[  517.689243][T13713] [U] 
[  517.690627][T13713] [U] 
[  517.690675][T13713] [U] 
[  517.690711][T13713] [U] 
[  517.690759][T13713] [U] 
[  517.690992][T13713] [U] 
[  517.691035][T13713] [U] 
[  517.691077][T13713] [U] 
[  517.691119][T13713] [U] 
[  517.691289][T13713] [U] 
[  517.691329][T13713] [U] 
[  517.691370][T13713] [U] 
[  517.691407][T13713] [U] 
[  517.691594][T13713] [U] 
[  517.691635][T13713] [U] 
[  517.691674][T13713] [U] 
[  517.691712][T13713] [U] 
[  517.695332][T13713] [U] 
[  517.695380][T13713] [U] 
[  517.695422][T13713] [U] 
[  517.695463][T13713] [U] 
[  517.695701][T13713] [U] 
[  517.695751][T13713] [U] 
[  517.695794][T13713] [U] 
[  517.695837][T13713] [U] 
[  517.696004][T13713] [U] 
[  517.696046][T13713] [U] 
[  517.696088][T13713] [U] 
[  517.696127][T13713] [U] 
[  517.701965][T13713] [U] 
[  517.702011][T13713] [U] 
[  517.702061][T13713] [U] 
[  517.702103][T13713] [U] 
[  517.703000][T13713] [U] 
[  517.703046][T13713] [U] 
[  517.703087][T13713] [U] 
[  517.703132][T13713] [U] 
[  517.703333][T13713] [U] 
[  517.703376][T13713] [U] 
[  517.703415][T13713] [U] 
[  517.703455][T13713] [U] 
[  517.703633][T13713] [U] 
[  517.703672][T13713] [U] 
[  517.703711][T13713] [U] 
[  517.703759][T13713] [U] 
[  517.703983][T13713] [U] 
[  517.704022][T13713] [U] 
[  517.704063][T13713] [U] 
[  517.704101][T13713] [U] 
[  517.710352][T13713] [U] 
[  517.710396][T13713] [U] 
[  517.710434][T13713] [U] 
[  517.710471][T13713] [U] 
[  517.710683][T13713] [U] 
[  517.710723][T13713] [U] 
[  517.710771][T13713] [U] 
[  517.710807][T13713] [U] 
[  517.713347][T13713] [U] 
[  517.713391][T13713] [U] 
[  517.713429][T13713] [U] 
[  517.713471][T13713] [U] 
[  517.713701][T13713] [U] 
[  517.713749][T13713] [U] 
[  517.713791][T13713] [U] 
[  517.713832][T13713] [U] 
[  517.714015][T13713] [U] 
[  517.714056][T13713] [U] 
[  517.714097][T13713] [U] 
[  517.714138][T13713] [U] 
[  517.716667][T13713] [U] 
[  517.716711][T13713] [U] 
[  517.716761][T13713] [U] 
[  517.716801][T13713] [U] 
[  517.716982][T13713] [U] 
[  517.717019][T13713] [U] 
[  517.717060][T13713] [U] 
[  517.717098][T13713] [U] 
[  517.717304][T13713] [U] 
[  517.717345][T13713] [U] 
[  517.717384][T13713] [U] 
[  517.717428][T13713] [U] 
[  517.723520][T13713] [U] 
[  517.723570][T13713] [U] 
[  517.723616][T13713] [U] 
[  517.723660][T13713] [U] 
[  517.723890][T13713] [U] 
[  517.723933][T13713] [U] 
[  517.723975][T13713] [U] 
[  517.724014][T13713] [U] 
[  517.724186][T13713] [U] 
[  517.724226][T13713] [U] 
[  517.724265][T13713] [U] 
[  517.724304][T13713] [U] 
[  517.736191][T13713] [U] 
[  517.736241][T13713] [U] 
[  517.736281][T13713] [U] 
[  517.736319][T13713] [U] 
[  517.736480][T13713] [U] 
[  517.736517][T13713] [U] 
[  517.736551][T13713] [U] 
[  517.736588][T13713] [U] 
[  517.756997][T13713] [U] 
[  517.953891][T13718] futex_wake_op: syz.3.1709 tries to shift op by 64; fix this program
[  519.775397][T13740] rnbd_client L202: map_device: Unknown parameter or missing value '4'
[  520.102119][T13746] netlink: 346 bytes leftover after parsing attributes in process `syz.1.1716'.
[  520.753800][T13754] nvme_fcloop: unknown parameter or missing value '-'
[  521.351662][T13770] do_dccp_getsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app
[  521.587632][T13753] misc userio: No port type given on /dev/userio
[  521.633455][T13753] nvme_fcloop: unknown parameter or missing value '-'
[  522.791523][T13790] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1727'.
[  523.015016][T13795] i2c i2c-0: delete_device: Can't parse I2C address
[  523.123477][T13782] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  523.141526][T13782] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  523.148724][T13782] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  523.167525][T13782] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  523.876571][T13818] netlink: 346 bytes leftover after parsing attributes in process `syz.3.1735'.
[  524.512693][T13807] Process accounting paused
[  524.597613][T11997] Bluetooth: hci0: command 0x0c1a tx timeout
[  525.158160][T11997] Bluetooth: hci3: command 0x0c1a tx timeout
[  525.237619][T11997] Bluetooth: hci2: command 0x0c1a tx timeout
[  525.456664][T13846] FAULT_INJECTION: forcing a failure.
[  525.456664][T13846] name failslab, interval 1, probability 0, space 0, times 0
[  525.487790][T13846] CPU: 1 UID: 0 PID: 13846 Comm: syz.3.1744 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  525.487823][T13846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  525.487836][T13846] Call Trace:
[  525.487843][T13846]  <TASK>
[  525.487852][T13846]  dump_stack_lvl+0x16c/0x1f0
[  525.487889][T13846]  should_fail_ex+0x50a/0x650
[  525.487916][T13846]  ? fs_reclaim_acquire+0xae/0x150
[  525.487953][T13846]  should_failslab+0xc2/0x120
[  525.487980][T13846]  __kmalloc_node_noprof+0xd1/0x520
[  525.488006][T13846]  ? __pfx_aa_file_perm+0x10/0x10
[  525.488030][T13846]  ? __kvmalloc_node_noprof+0xad/0x1a0
[  525.488055][T13846]  __kvmalloc_node_noprof+0xad/0x1a0
[  525.488079][T13846]  seq_read_iter+0x82a/0x12b0
[  525.488113][T13846]  ? __mutex_trylock_common+0xea/0x250
[  525.488152][T13846]  kernfs_fop_read_iter+0x414/0x580
[  525.488181][T13846]  ? rw_verify_area+0xcf/0x680
[  525.488217][T13846]  vfs_read+0x886/0xbf0
[  525.488246][T13846]  ? __pfx_vfs_read+0x10/0x10
[  525.488293][T13846]  ksys_read+0x12b/0x250
[  525.488315][T13846]  ? __pfx_ksys_read+0x10/0x10
[  525.488356][T13846]  do_syscall_64+0xcd/0x250
[  525.488382][T13846]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  525.488412][T13846] RIP: 0033:0x7fb695f8cde9
[  525.488430][T13846] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  525.488452][T13846] RSP: 002b:00007fb696da3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  525.488474][T13846] RAX: ffffffffffffffda RBX: 00007fb6961a5fa0 RCX: 00007fb695f8cde9
[  525.488488][T13846] RDX: 00000000000000f7 RSI: 00002000000003c0 RDI: 0000000000000003
[  525.488500][T13846] RBP: 00007fb696da3090 R08: 0000000000000000 R09: 0000000000000000
[  525.488513][T13846] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  525.488525][T13846] R13: 0000000000000000 R14: 00007fb6961a5fa0 R15: 00007ffea8c84508
[  525.488555][T13846]  </TASK>
[  525.776391][T13841] netlink: 322 bytes leftover after parsing attributes in process `syz.0.1738'.
[  526.088792][T13850] netlink: 346 bytes leftover after parsing attributes in process `syz.1.1745'.
[  526.487706][T13857] can: request_module (can-proto-0) failed.
[  526.678124][T11997] Bluetooth: hci0: command 0x0c1a tx timeout
[  528.398901][T13911] FAULT_INJECTION: forcing a failure.
[  528.398901][T13911] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  528.437702][T13911] CPU: 0 UID: 0 PID: 13911 Comm: syz.2.1755 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  528.437733][T13911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  528.437745][T13911] Call Trace:
[  528.437751][T13911]  <TASK>
[  528.437758][T13911]  dump_stack_lvl+0x16c/0x1f0
[  528.437795][T13911]  should_fail_ex+0x50a/0x650
[  528.437825][T13911]  _copy_to_iter+0x29b/0x1400
[  528.437854][T13911]  ? trace_lock_acquire+0x14e/0x1f0
[  528.437876][T13911]  ? __pfx_lock_release+0x10/0x10
[  528.437904][T13911]  ? __pfx__copy_to_iter+0x10/0x10
[  528.437930][T13911]  ? __virt_addr_valid+0x1a4/0x590
[  528.437954][T13911]  ? __virt_addr_valid+0x5e/0x590
[  528.437973][T13911]  ? __phys_addr_symbol+0x30/0x80
[  528.438005][T13911]  ? __check_object_size+0x488/0x710
[  528.438037][T13911]  seq_read_iter+0xd00/0x12b0
[  528.438084][T13911]  kernfs_fop_read_iter+0x414/0x580
[  528.438118][T13911]  ? rw_verify_area+0xcf/0x680
[  528.438153][T13911]  vfs_read+0x886/0xbf0
[  528.438180][T13911]  ? __pfx_vfs_read+0x10/0x10
[  528.438224][T13911]  ksys_read+0x12b/0x250
[  528.438244][T13911]  ? __pfx_ksys_read+0x10/0x10
[  528.438275][T13911]  do_syscall_64+0xcd/0x250
[  528.438298][T13911]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  528.438328][T13911] RIP: 0033:0x7fc461d8cde9
[  528.438346][T13911] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  528.438366][T13911] RSP: 002b:00007fc462bd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  528.438387][T13911] RAX: ffffffffffffffda RBX: 00007fc461fa5fa0 RCX: 00007fc461d8cde9
[  528.438401][T13911] RDX: 00000000000000f7 RSI: 00002000000003c0 RDI: 0000000000000003
[  528.438414][T13911] RBP: 00007fc462bd5090 R08: 0000000000000000 R09: 0000000000000000
[  528.438428][T13911] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  528.438441][T13911] R13: 0000000000000000 R14: 00007fc461fa5fa0 R15: 00007fffd888d178
[  528.438471][T13911]  </TASK>
[  529.017163][T13919] futex_wake_op: syz.2.1756 tries to shift op by 64; fix this program
[  529.527882][T13931] netlink: 346 bytes leftover after parsing attributes in process `syz.0.1757'.
[  531.672528][T13978] netlink: 346 bytes leftover after parsing attributes in process `syz.3.1767'.
[  533.032888][T14012] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1774'.
[  533.305047][T14016] Invalid ELF header magic: != ELF
[  533.897305][T14017] netlink: 322 bytes leftover after parsing attributes in process `syz.1.1777'.
[  535.176428][T14052] dlm: non-version read from control device 240
[  535.881441][T14061] netlink: 346 bytes leftover after parsing attributes in process `syz.3.1786'.
[  538.425364][T14127] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1800'.
[  538.581538][T14123] netlink: 346 bytes leftover after parsing attributes in process `syz.3.1803'.
[  539.650593][T14153] rnbd_client L213: map_device: Parameters missing
[  540.865315][T14169] FAULT_INJECTION: forcing a failure.
[  540.865315][T14169] name failslab, interval 1, probability 0, space 0, times 0
[  540.993641][T14169] CPU: 1 UID: 0 PID: 14169 Comm: syz.2.1813 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  540.993676][T14169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  540.993690][T14169] Call Trace:
[  540.993698][T14169]  <TASK>
[  540.993708][T14169]  dump_stack_lvl+0x16c/0x1f0
[  540.993748][T14169]  should_fail_ex+0x50a/0x650
[  540.993775][T14169]  ? fs_reclaim_acquire+0xae/0x150
[  540.993809][T14169]  should_failslab+0xc2/0x120
[  540.993838][T14169]  __kmalloc_noprof+0xce/0x4f0
[  540.993863][T14169]  ? rcu_is_watching+0x12/0xc0
[  540.993896][T14169]  ? kernfs_fop_write_iter+0x223/0x500
[  540.993931][T14169]  kernfs_fop_write_iter+0x223/0x500
[  540.993964][T14169]  vfs_write+0x5ae/0x1150
[  540.993989][T14169]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  540.994019][T14169]  ? __pfx___mutex_lock+0x10/0x10
[  540.994059][T14169]  ? __pfx_vfs_write+0x10/0x10
[  540.994106][T14169]  ksys_write+0x12b/0x250
[  540.994129][T14169]  ? __pfx_ksys_write+0x10/0x10
[  540.994163][T14169]  do_syscall_64+0xcd/0x250
[  540.994188][T14169]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  540.994218][T14169] RIP: 0033:0x7fc461d8cde9
[  540.994237][T14169] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  540.994258][T14169] RSP: 002b:00007fc462bd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  540.994280][T14169] RAX: ffffffffffffffda RBX: 00007fc461fa5fa0 RCX: 00007fc461d8cde9
[  540.994295][T14169] RDX: 0000000000000001 RSI: 00002000000000c0 RDI: 0000000000000003
[  540.994309][T14169] RBP: 00007fc462bd5090 R08: 0000000000000000 R09: 0000000000000000
[  540.994323][T14169] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  540.994336][T14169] R13: 0000000000000000 R14: 00007fc461fa5fa0 R15: 00007fffd888d178
[  540.994369][T14169]  </TASK>
[  543.464143][T14210] ERROR: Out of memory at tomoyo_memory_ok.
[  543.704198][T14211] FAULT_INJECTION: forcing a failure.
[  543.704198][T14211] name failslab, interval 1, probability 0, space 0, times 0
[  543.771980][T14211] CPU: 0 UID: 0 PID: 14211 Comm: syz.0.1822 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  543.772016][T14211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  543.772032][T14211] Call Trace:
[  543.772040][T14211]  <TASK>
[  543.772050][T14211]  dump_stack_lvl+0x16c/0x1f0
[  543.772096][T14211]  should_fail_ex+0x50a/0x650
[  543.772128][T14211]  ? fs_reclaim_acquire+0xae/0x150
[  543.772170][T14211]  should_failslab+0xc2/0x120
[  543.772200][T14211]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  543.772230][T14211]  ? __kernfs_new_node+0xd3/0x890
[  543.772272][T14211]  __kernfs_new_node+0xd3/0x890
[  543.772312][T14211]  ? __pfx___kernfs_new_node+0x10/0x10
[  543.772358][T14211]  ? kernfs_add_one+0x3d1/0x520
[  543.772384][T14211]  ? __pfx_lock_release+0x10/0x10
[  543.772411][T14211]  ? lock_acquire+0x2f/0xb0
[  543.772436][T14211]  ? kernfs_add_one+0x39d/0x520
[  543.772471][T14211]  kernfs_new_node+0x186/0x240
[  543.772497][T14211]  ? up_write+0x1b2/0x520
[  543.772531][T14211]  __kernfs_create_file+0x53/0x350
[  543.772567][T14211]  sysfs_add_file_mode_ns+0x1ff/0x3b0
[  543.772612][T14211]  internal_create_group+0x56c/0xf10
[  543.772658][T14211]  ? __pfx_internal_create_group+0x10/0x10
[  543.772700][T14211]  ? kernfs_create_link+0x1bd/0x240
[  543.772737][T14211]  internal_create_groups+0x9d/0x150
[  543.772777][T14211]  device_add+0x733/0x1a70
[  543.772813][T14211]  ? __pfx_device_add+0x10/0x10
[  543.772868][T14211]  add_disk_fwnode+0x468/0x1320
[  543.772919][T14211]  zram_add+0x486/0x6b0
[  543.772950][T14211]  ? __pfx_zram_add+0x10/0x10
[  543.773004][T14211]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  543.773034][T14211]  ? rcu_is_watching+0x12/0xc0
[  543.773075][T14211]  ? __pfx_hot_add_show+0x10/0x10
[  543.773106][T14211]  hot_add_show+0x21/0x80
[  543.773137][T14211]  class_attr_show+0x6f/0xa0
[  543.773167][T14211]  ? __pfx_class_attr_show+0x10/0x10
[  543.773195][T14211]  sysfs_kf_seq_show+0x223/0x3e0
[  543.773235][T14211]  seq_read_iter+0x4f4/0x12b0
[  543.773287][T14211]  kernfs_fop_read_iter+0x414/0x580
[  543.773318][T14211]  ? rw_verify_area+0xcf/0x680
[  543.773356][T14211]  vfs_read+0x886/0xbf0
[  543.773388][T14211]  ? __pfx_vfs_read+0x10/0x10
[  543.773439][T14211]  ksys_read+0x12b/0x250
[  543.773462][T14211]  ? __pfx_ksys_read+0x10/0x10
[  543.773498][T14211]  do_syscall_64+0xcd/0x250
[  543.773524][T14211]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  543.773555][T14211] RIP: 0033:0x7f3d7598cde9
[  543.773576][T14211] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  543.773600][T14211] RSP: 002b:00007f3d76822038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  543.773623][T14211] RAX: ffffffffffffffda RBX: 00007f3d75ba5fa0 RCX: 00007f3d7598cde9
[  543.773640][T14211] RDX: 0000000000001004 RSI: 0000200000001ec0 RDI: 0000000000000006
[  543.773655][T14211] RBP: 00007f3d75a0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  543.773670][T14211] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  543.773684][T14211] R13: 0000000000000000 R14: 00007f3d75ba5fa0 R15: 00007ffd9b913df8
[  543.773720][T14211]  </TASK>
[  544.634210][T14221] FAULT_INJECTION: forcing a failure.
[  544.634210][T14221] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  544.710199][T14221] CPU: 1 UID: 0 PID: 14221 Comm: syz.3.1825 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  544.710234][T14221] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  544.710248][T14221] Call Trace:
[  544.710255][T14221]  <TASK>
[  544.710265][T14221]  dump_stack_lvl+0x16c/0x1f0
[  544.710304][T14221]  should_fail_ex+0x50a/0x650
[  544.710337][T14221]  _copy_from_iter+0x29b/0x1400
[  544.710369][T14221]  ? trace_lock_acquire+0x14e/0x1f0
[  544.710397][T14221]  ? __pfx__copy_from_iter+0x10/0x10
[  544.710424][T14221]  ? __virt_addr_valid+0x1a4/0x590
[  544.710451][T14221]  ? __virt_addr_valid+0x5e/0x590
[  544.710479][T14221]  ? __phys_addr_symbol+0x30/0x80
[  544.710512][T14221]  ? __check_object_size+0x488/0x710
[  544.710546][T14221]  kernfs_fop_write_iter+0x19d/0x500
[  544.710580][T14221]  vfs_write+0x5ae/0x1150
[  544.710604][T14221]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  544.710634][T14221]  ? __pfx___mutex_lock+0x10/0x10
[  544.710666][T14221]  ? __pfx_vfs_write+0x10/0x10
[  544.710713][T14221]  ksys_write+0x12b/0x250
[  544.710736][T14221]  ? __pfx_ksys_write+0x10/0x10
[  544.710770][T14221]  do_syscall_64+0xcd/0x250
[  544.710794][T14221]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  544.710824][T14221] RIP: 0033:0x7fb695f8cde9
[  544.710843][T14221] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  544.710864][T14221] RSP: 002b:00007fb696da3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  544.710886][T14221] RAX: ffffffffffffffda RBX: 00007fb6961a5fa0 RCX: 00007fb695f8cde9
[  544.710901][T14221] RDX: 0000000000000001 RSI: 00002000000000c0 RDI: 0000000000000003
[  544.710914][T14221] RBP: 00007fb696da3090 R08: 0000000000000000 R09: 0000000000000000
[  544.710928][T14221] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  544.710941][T14221] R13: 0000000000000000 R14: 00007fb6961a5fa0 R15: 00007ffea8c84508
[  544.710974][T14221]  </TASK>
[  545.438418][T14226] blktrace: Concurrent blktraces are not allowed on mtdblock0
[  546.219850][T14237] netlink: 346 bytes leftover after parsing attributes in process `syz.1.1829'.
[  546.708830][T14247] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1830'.
[  548.360238][T14277] netlink: 346 bytes leftover after parsing attributes in process `syz.3.1840'.
[  548.462904][T14284] ERROR: Out of memory at tomoyo_memory_ok.
[  549.484545][T14299] rnbd_client L202: map_device: Unknown parameter or missing value '4'
[  550.990968][T14345] netlink: 346 bytes leftover after parsing attributes in process `syz.0.1850'.
[  551.942446][T14306] bond0: option all_slaves_active: invalid value ()
[  552.431295][T14377] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1857'.
[  552.777545][   T29] audit: type=1806 audit(4294968372.818:14): xattr="." res=0
[  552.949243][T14391] ERROR: Out of memory at tomoyo_memory_ok.
[  553.005653][T14391] nvme_fcloop: unknown parameter or missing value '-'
[  553.079255][T14394] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1862'.
[  553.125910][T14394] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1862'.
[  553.233675][T14386] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  553.725415][T14394] netlink: 98 bytes leftover after parsing attributes in process `syz.2.1862'.
[  553.828800][T14394] veth0_macvtap: left promiscuous mode
[  553.836306][T14395] netlink: 290 bytes leftover after parsing attributes in process `syz.2.1862'.
[  555.220542][T14409] Process accounting resumed
[  555.770378][T14419] Process accounting resumed
[  555.999507][T14423] FAULT_INJECTION: forcing a failure.
[  555.999507][T14423] name failslab, interval 1, probability 0, space 0, times 0
[  556.033725][T14423] CPU: 1 UID: 0 PID: 14423 Comm: syz.0.1870 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  556.033765][T14423] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  556.033787][T14423] Call Trace:
[  556.033795][T14423]  <TASK>
[  556.033805][T14423]  dump_stack_lvl+0x16c/0x1f0
[  556.033848][T14423]  should_fail_ex+0x50a/0x650
[  556.033877][T14423]  ? fs_reclaim_acquire+0xae/0x150
[  556.033915][T14423]  should_failslab+0xc2/0x120
[  556.033946][T14423]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  556.033976][T14423]  ? mas_alloc_nodes+0x18b/0x880
[  556.034014][T14423]  mas_alloc_nodes+0x18b/0x880
[  556.034052][T14423]  mas_node_count_gfp+0x105/0x130
[  556.034086][T14423]  mas_preallocate+0x53f/0xce0
[  556.034117][T14423]  ? __pfx_mas_preallocate+0x10/0x10
[  556.034151][T14423]  ? __raw_spin_lock_init+0x3a/0x110
[  556.034191][T14423]  __mmap_region+0x1738/0x2760
[  556.034224][T14423]  ? __pfx___mmap_region+0x10/0x10
[  556.034277][T14423]  ? __pfx_mark_lock+0x10/0x10
[  556.034346][T14423]  ? cap_capable+0xb3/0x250
[  556.034386][T14423]  mmap_region+0x1ab/0x3f0
[  556.034422][T14423]  do_mmap+0xd8d/0x11b0
[  556.034452][T14423]  ? __pfx_do_mmap+0x10/0x10
[  556.034475][T14423]  ? __pfx_down_write_killable+0x10/0x10
[  556.034499][T14423]  ? __pfx___sys_sendmmsg+0x10/0x10
[  556.034529][T14423]  vm_mmap_pgoff+0x203/0x3a0
[  556.034561][T14423]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  556.034590][T14423]  ? __x64_sys_futex+0x1e1/0x4c0
[  556.034611][T14423]  ? __x64_sys_futex+0x1ea/0x4c0
[  556.034638][T14423]  ksys_mmap_pgoff+0x7d/0x5c0
[  556.034660][T14423]  ? rcu_is_watching+0x12/0xc0
[  556.034693][T14423]  __x64_sys_mmap+0x125/0x190
[  556.034725][T14423]  do_syscall_64+0xcd/0x250
[  556.034748][T14423]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  556.034787][T14423] RIP: 0033:0x7f3d7598cde9
[  556.034806][T14423] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  556.034829][T14423] RSP: 002b:00007f3d76822038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  556.034850][T14423] RAX: ffffffffffffffda RBX: 00007f3d75ba5fa0 RCX: 00007f3d7598cde9
[  556.034864][T14423] RDX: 00004000000000df RSI: 0000000000020009 RDI: 0000000000000000
[  556.034877][T14423] RBP: 00007f3d75a0e2a0 R08: 0000000000000401 R09: 0000000000008000
[  556.034897][T14423] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000
[  556.034913][T14423] R13: 0000000000000000 R14: 00007f3d75ba5fa0 R15: 00007ffd9b913df8
[  556.034945][T14423]  </TASK>
[  556.558803][T14428] netlink: 346 bytes leftover after parsing attributes in process `syz.1.1871'.
[  561.726112][T14532] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1899'.
[  561.811775][T14532] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1899'.
[  562.168990][T14541] FAULT_INJECTION: forcing a failure.
[  562.168990][T14541] name fail_futex, interval 1, probability 0, space 0, times 0
[  562.182033][T14541] CPU: 0 UID: 0 PID: 14541 Comm: syz.3.1902 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  562.182059][T14541] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  562.182073][T14541] Call Trace:
[  562.182081][T14541]  <TASK>
[  562.182089][T14541]  dump_stack_lvl+0x16c/0x1f0
[  562.182126][T14541]  should_fail_ex+0x50a/0x650
[  562.182152][T14541]  get_futex_key+0x4a3/0x1000
[  562.182188][T14541]  ? __pfx_get_futex_key+0x10/0x10
[  562.182231][T14541]  futex_wake+0xe8/0x4e0
[  562.182252][T14541]  ? __pfx___lock_acquire+0x10/0x10
[  562.182277][T14541]  ? __pfx_futex_wake+0x10/0x10
[  562.182303][T14541]  ? find_held_lock+0x2d/0x110
[  562.182335][T14541]  do_futex+0x1e5/0x350
[  562.182354][T14541]  ? __pfx_do_futex+0x10/0x10
[  562.182373][T14541]  ? lock_acquire+0x2f/0xb0
[  562.182392][T14541]  ? __fget_files+0x40/0x3a0
[  562.182417][T14541]  __x64_sys_futex+0x1e1/0x4c0
[  562.182439][T14541]  ? __pfx___x64_sys_futex+0x10/0x10
[  562.182459][T14541]  ? __sys_setsockopt+0x1cd/0x230
[  562.182486][T14541]  do_syscall_64+0xcd/0x250
[  562.182505][T14541]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  562.182530][T14541] RIP: 0033:0x7fb695f8cde9
[  562.182547][T14541] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  562.182565][T14541] RSP: 002b:00007fb696da30e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  562.182584][T14541] RAX: ffffffffffffffda RBX: 00007fb6961a5fa8 RCX: 00007fb695f8cde9
[  562.182601][T14541] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fb6961a5fac
[  562.182614][T14541] RBP: 00007fb6961a5fa0 R08: 00007fb696da4000 R09: 0000000000000000
[  562.182626][T14541] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007fb6961a5fac
[  562.182637][T14541] R13: 0000000000000000 R14: 00007ffea8c84420 R15: 00007ffea8c84508
[  562.182661][T14541]  </TASK>
[  562.234853][T14526] Process accounting resumed
[  562.431968][T14539] netlink: 350 bytes leftover after parsing attributes in process `syz.0.1901'.
[  562.756344][T14552] netlink: 346 bytes leftover after parsing attributes in process `syz.1.1905'.
[  562.822158][T14556] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  562.877776][T14556] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  562.883909][T14556] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  562.900136][T14556] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  563.066407][T14561] rnbd_client L202: map_device: Unknown parameter or missing value 'proc'
[  563.160729][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  563.167197][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  564.251966][T14587] FAULT_INJECTION: forcing a failure.
[  564.251966][T14587] name failslab, interval 1, probability 0, space 0, times 0
[  564.288004][T14587] CPU: 1 UID: 0 PID: 14587 Comm: syz.1.1914 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  564.288041][T14587] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  564.288056][T14587] Call Trace:
[  564.288063][T14587]  <TASK>
[  564.288073][T14587]  dump_stack_lvl+0x16c/0x1f0
[  564.288118][T14587]  should_fail_ex+0x50a/0x650
[  564.288147][T14587]  ? fs_reclaim_acquire+0xae/0x150
[  564.288188][T14587]  should_failslab+0xc2/0x120
[  564.288221][T14587]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  564.288249][T14587]  ? vma_merge_new_range+0x40a/0xbb0
[  564.288276][T14587]  ? vm_area_alloc+0xe0/0x1c0
[  564.288312][T14587]  vm_area_alloc+0xe0/0x1c0
[  564.288342][T14587]  __mmap_region+0x108d/0x2760
[  564.288375][T14587]  ? __pfx___mmap_region+0x10/0x10
[  564.288413][T14587]  ? hlock_class+0x4e/0x130
[  564.288446][T14587]  ? mark_lock+0xb5/0xc60
[  564.288485][T14587]  ? schedule+0x298/0x350
[  564.288559][T14587]  ? cap_capable+0xb3/0x250
[  564.288599][T14587]  mmap_region+0x1ab/0x3f0
[  564.288634][T14587]  do_mmap+0xd8d/0x11b0
[  564.288665][T14587]  ? __pfx_do_mmap+0x10/0x10
[  564.288690][T14587]  ? __pfx_down_write_killable+0x10/0x10
[  564.288714][T14587]  ? __pfx___sys_sendmmsg+0x10/0x10
[  564.288746][T14587]  vm_mmap_pgoff+0x203/0x3a0
[  564.288780][T14587]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  564.288811][T14587]  ? __x64_sys_futex+0x1e1/0x4c0
[  564.288845][T14587]  ? __x64_sys_futex+0x1ea/0x4c0
[  564.288877][T14587]  ksys_mmap_pgoff+0x7d/0x5c0
[  564.288901][T14587]  ? rcu_is_watching+0x12/0xc0
[  564.288940][T14587]  __x64_sys_mmap+0x125/0x190
[  564.288975][T14587]  do_syscall_64+0xcd/0x250
[  564.288999][T14587]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  564.289032][T14587] RIP: 0033:0x7f477538cde9
[  564.289052][T14587] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  564.289076][T14587] RSP: 002b:00007f4776154038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  564.289100][T14587] RAX: ffffffffffffffda RBX: 00007f47755a5fa0 RCX: 00007f477538cde9
[  564.289116][T14587] RDX: 00004000000000df RSI: 0000000000020009 RDI: 0000000000000000
[  564.289130][T14587] RBP: 00007f477540e2a0 R08: 0000000000000401 R09: 0000000000008000
[  564.289144][T14587] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000
[  564.289158][T14587] R13: 0000000000000000 R14: 00007f47755a5fa0 R15: 00007ffdae92d888
[  564.289190][T14587]  </TASK>
[  564.533757][    C1] vkms_vblank_simulate: vblank timer overrun
[  564.847897][ T5842] Bluetooth: hci0: command 0x0c1a tx timeout
[  564.918112][ T5842] Bluetooth: hci2: command 0x0c1a tx timeout
[  564.924226][ T5842] Bluetooth: hci3: command 0x0c1a tx timeout
[  565.540208][T14613] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1920'.
[  566.272601][T14601] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  566.924205][ T5842] Bluetooth: hci0: command 0x0c1a tx timeout
[  569.091722][T14645] capability: warning: `syz.0.1926' uses deprecated v2 capabilities in a way that may be insecure
[  570.708138][   T27] ERROR: Out of memory at tomoyo_memory_ok.
[  570.981874][T14678] netlink: 346 bytes leftover after parsing attributes in process `syz.3.1937'.
[  571.196070][T14683] mkiss: ax0: crc mode is auto.
[  571.759618][T14687] rnbd_client L202: map_device: Unknown parameter or missing value '4'
[  572.246264][T14702] ERROR: Out of memory at tomoyo_memory_ok.
[  573.183289][T14723] FAULT_INJECTION: forcing a failure.
[  573.183289][T14723] name fail_futex, interval 1, probability 0, space 0, times 0
[  573.214730][T14723] CPU: 0 UID: 0 PID: 14723 Comm: syz.2.1948 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  573.214768][T14723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  573.214783][T14723] Call Trace:
[  573.214790][T14723]  <TASK>
[  573.214801][T14723]  dump_stack_lvl+0x16c/0x1f0
[  573.214844][T14723]  should_fail_ex+0x50a/0x650
[  573.214879][T14723]  get_futex_key+0x4a3/0x1000
[  573.214920][T14723]  ? __pfx_get_futex_key+0x10/0x10
[  573.214954][T14723]  ? hlock_class+0x4e/0x130
[  573.214988][T14723]  ? __lock_acquire+0xcc5/0x3c40
[  573.215025][T14723]  futex_wait_setup+0x78/0x290
[  573.215074][T14723]  __futex_wait+0x267/0x3c0
[  573.215106][T14723]  ? __pfx___futex_wait+0x10/0x10
[  573.215142][T14723]  ? __pfx_futex_wake_mark+0x10/0x10
[  573.215174][T14723]  ? lock_acquire+0x2f/0xb0
[  573.215199][T14723]  ? __fget_files+0x40/0x3a0
[  573.215228][T14723]  futex_wait+0xe9/0x380
[  573.215255][T14723]  ? __pfx_futex_wait+0x10/0x10
[  573.215292][T14723]  ? __pfx___sys_sendmmsg+0x10/0x10
[  573.215324][T14723]  do_futex+0x22b/0x350
[  573.215349][T14723]  ? __pfx_do_futex+0x10/0x10
[  573.215383][T14723]  __x64_sys_futex+0x1e1/0x4c0
[  573.215413][T14723]  ? __pfx___x64_sys_futex+0x10/0x10
[  573.215439][T14723]  ? rcu_is_watching+0x12/0xc0
[  573.215481][T14723]  do_syscall_64+0xcd/0x250
[  573.215505][T14723]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  573.215542][T14723] RIP: 0033:0x7fc461d8cde9
[  573.215562][T14723] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  573.215586][T14723] RSP: 002b:00007fc462bd50e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  573.215610][T14723] RAX: ffffffffffffffda RBX: 00007fc461fa5fa8 RCX: 00007fc461d8cde9
[  573.215626][T14723] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fc461fa5fa8
[  573.215641][T14723] RBP: 00007fc461fa5fa0 R08: 0000000000000000 R09: 0000000000000000
[  573.215655][T14723] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc461fa5fac
[  573.215669][T14723] R13: 0000000000000000 R14: 00007fffd888d090 R15: 00007fffd888d178
[  573.215699][T14723]  </TASK>
[  576.888094][T14783] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1961'.
[  577.080578][T14783] netlink: 'syz.2.1961': attribute type 2 has an invalid length.
[  577.492291][T14799] netlink: 346 bytes leftover after parsing attributes in process `syz.0.1967'.
[  581.329753][T14890] nvme_fcloop: unknown parameter or missing value '-'
[  581.534975][T14892] FAULT_INJECTION: forcing a failure.
[  581.534975][T14892] name failslab, interval 1, probability 0, space 0, times 0
[  581.596346][T14892] CPU: 1 UID: 0 PID: 14892 Comm: syz.2.1986 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  581.596377][T14892] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  581.596389][T14892] Call Trace:
[  581.596396][T14892]  <TASK>
[  581.596404][T14892]  dump_stack_lvl+0x16c/0x1f0
[  581.596439][T14892]  should_fail_ex+0x50a/0x650
[  581.596464][T14892]  ? fs_reclaim_acquire+0xae/0x150
[  581.596498][T14892]  should_failslab+0xc2/0x120
[  581.596522][T14892]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  581.596545][T14892]  ? vma_merge_new_range+0x40a/0xbb0
[  581.596568][T14892]  ? vm_area_alloc+0xe0/0x1c0
[  581.596604][T14892]  vm_area_alloc+0xe0/0x1c0
[  581.596630][T14892]  __mmap_region+0x108d/0x2760
[  581.596660][T14892]  ? __pfx___mmap_region+0x10/0x10
[  581.596683][T14892]  ? finish_task_switch.isra.0+0x217/0xcc0
[  581.596705][T14892]  ? __switch_to+0x749/0x1190
[  581.596735][T14892]  ? hlock_class+0x4e/0x130
[  581.596762][T14892]  ? mark_lock+0xb5/0xc60
[  581.596791][T14892]  ? __pfx___schedule+0x10/0x10
[  581.596846][T14892]  ? cap_capable+0xb3/0x250
[  581.596877][T14892]  mmap_region+0x1ab/0x3f0
[  581.596904][T14892]  do_mmap+0xd8d/0x11b0
[  581.596927][T14892]  ? __pfx_do_mmap+0x10/0x10
[  581.596946][T14892]  ? __pfx_down_write_killable+0x10/0x10
[  581.596970][T14892]  vm_mmap_pgoff+0x203/0x3a0
[  581.596995][T14892]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  581.597018][T14892]  ? __x64_sys_futex+0x1e1/0x4c0
[  581.597036][T14892]  ? __x64_sys_futex+0x1ea/0x4c0
[  581.597058][T14892]  ksys_mmap_pgoff+0x7d/0x5c0
[  581.597075][T14892]  ? rcu_is_watching+0x12/0xc0
[  581.597103][T14892]  __x64_sys_mmap+0x125/0x190
[  581.597130][T14892]  do_syscall_64+0xcd/0x250
[  581.597153][T14892]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  581.597180][T14892] RIP: 0033:0x7fc461d8cde9
[  581.597196][T14892] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  581.597213][T14892] RSP: 002b:00007fc462bd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  581.597231][T14892] RAX: ffffffffffffffda RBX: 00007fc461fa5fa0 RCX: 00007fc461d8cde9
[  581.597243][T14892] RDX: 00000000000000df RSI: 0000000000000009 RDI: 0000000000000000
[  581.597253][T14892] RBP: 00007fc461e0e2a0 R08: 0000000000000002 R09: 0000000000008000
[  581.597264][T14892] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000
[  581.597274][T14892] R13: 0000000000000000 R14: 00007fc461fa5fa0 R15: 00007fffd888d178
[  581.597298][T14892]  </TASK>
[  582.501322][T14915] FAULT_INJECTION: forcing a failure.
[  582.501322][T14915] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  582.515519][T14915] CPU: 0 UID: 0 PID: 14915 Comm: syz.2.1990 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  582.515552][T14915] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  582.515567][T14915] Call Trace:
[  582.515574][T14915]  <TASK>
[  582.515584][T14915]  dump_stack_lvl+0x16c/0x1f0
[  582.515626][T14915]  should_fail_ex+0x50a/0x650
[  582.515654][T14915]  ? shmem_get_folio_gfp+0x315/0x1530
[  582.515687][T14915]  ? page_copy_sane+0xcd/0x2d0
[  582.515719][T14915]  copy_page_from_iter_atomic+0x399/0x1810
[  582.515768][T14915]  ? __pfx_copy_page_from_iter_atomic+0x10/0x10
[  582.515802][T14915]  ? shmem_write_begin+0x177/0x300
[  582.515834][T14915]  ? __pfx_fault_in_readable+0x10/0x10
[  582.515857][T14915]  ? __pfx_shmem_write_begin+0x10/0x10
[  582.515900][T14915]  generic_perform_write+0x4a1/0x920
[  582.515945][T14915]  ? __pfx_generic_perform_write+0x10/0x10
[  582.515981][T14915]  ? inode_needs_update_time.part.0+0x191/0x270
[  582.516021][T14915]  shmem_file_write_iter+0x10e/0x140
[  582.516054][T14915]  vfs_write+0x5ae/0x1150
[  582.516079][T14915]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  582.516104][T14915]  ? __pfx___mutex_lock+0x10/0x10
[  582.516160][T14915]  ? __pfx_vfs_write+0x10/0x10
[  582.516211][T14915]  ksys_write+0x12b/0x250
[  582.516236][T14915]  ? __pfx_ksys_write+0x10/0x10
[  582.516282][T14915]  do_syscall_64+0xcd/0x250
[  582.516309][T14915]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  582.516341][T14915] RIP: 0033:0x7fc461d8cde9
[  582.516362][T14915] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  582.516386][T14915] RSP: 002b:00007fc462bd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  582.516409][T14915] RAX: ffffffffffffffda RBX: 00007fc461fa5fa0 RCX: 00007fc461d8cde9
[  582.516426][T14915] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003
[  582.516440][T14915] RBP: 00007fc461e0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  582.516456][T14915] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  582.516471][T14915] R13: 0000000000000000 R14: 00007fc461fa5fa0 R15: 00007fffd888d178
[  582.516506][T14915]  </TASK>
[  583.120815][T14929] nvme_fcloop: unknown parameter or missing value '-'
[  583.763814][T14941] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1999'.
[  586.145547][T14974] Process accounting paused
[  590.591133][T15034] FAULT_INJECTION: forcing a failure.
[  590.591133][T15034] name fail_futex, interval 1, probability 0, space 0, times 0
[  590.653677][T15034] CPU: 1 UID: 0 PID: 15034 Comm: syz.0.2025 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  590.653713][T15034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  590.653725][T15034] Call Trace:
[  590.653732][T15034]  <TASK>
[  590.653742][T15034]  dump_stack_lvl+0x16c/0x1f0
[  590.653782][T15034]  should_fail_ex+0x50a/0x650
[  590.653809][T15034]  ? __pfx_validate_mm+0x10/0x10
[  590.653839][T15034]  get_futex_key+0x4a3/0x1000
[  590.653881][T15034]  ? __pfx_get_futex_key+0x10/0x10
[  590.653929][T15034]  futex_wake+0xe8/0x4e0
[  590.653956][T15034]  ? vm_mmap_pgoff+0x29b/0x3a0
[  590.653984][T15034]  ? __pfx_futex_wake+0x10/0x10
[  590.654025][T15034]  do_futex+0x1e5/0x350
[  590.654048][T15034]  ? __pfx_do_futex+0x10/0x10
[  590.654073][T15034]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  590.654101][T15034]  __x64_sys_futex+0x1e1/0x4c0
[  590.654129][T15034]  ? __pfx___x64_sys_futex+0x10/0x10
[  590.654151][T15034]  ? ksys_mmap_pgoff+0x85/0x5c0
[  590.654172][T15034]  ? rcu_is_watching+0x12/0xc0
[  590.654213][T15034]  do_syscall_64+0xcd/0x250
[  590.654236][T15034]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  590.654267][T15034] RIP: 0033:0x7f3d7598cde9
[  590.654285][T15034] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  590.654308][T15034] RSP: 002b:00007f3d768220e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  590.654328][T15034] RAX: ffffffffffffffda RBX: 00007f3d75ba5fa8 RCX: 00007f3d7598cde9
[  590.654343][T15034] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f3d75ba5fac
[  590.654358][T15034] RBP: 00007f3d75ba5fa0 R08: 00007f3d76823000 R09: 0000000000000000
[  590.654372][T15034] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3d75ba5fac
[  590.654386][T15034] R13: 0000000000000000 R14: 00007ffd9b913d10 R15: 00007ffd9b913df8
[  590.654415][T15034]  </TASK>
[  591.957151][T15066] netlink: 346 bytes leftover after parsing attributes in process `syz.3.2030'.
[  591.974161][T15073] netlink: 146 bytes leftover after parsing attributes in process `syz.0.2032'.
[  592.499262][T15067] Process accounting paused
[  597.233471][T15152] FAULT_INJECTION: forcing a failure.
[  597.233471][T15152] name fail_futex, interval 1, probability 0, space 0, times 0
[  597.307502][T15133] netlink: zone id is out of range
[  597.312783][T15133] netlink: zone id is out of range
[  597.335530][T15133] netlink: zone id is out of range
[  597.340809][T15133] netlink: zone id is out of range
[  597.343607][T15152] CPU: 1 UID: 0 PID: 15152 Comm: syz.0.2050 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  597.343639][T15152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  597.343655][T15152] Call Trace:
[  597.343662][T15152]  <TASK>
[  597.343672][T15152]  dump_stack_lvl+0x16c/0x1f0
[  597.343715][T15152]  should_fail_ex+0x50a/0x650
[  597.343743][T15152]  ? preempt_schedule_thunk+0x1a/0x30
[  597.343778][T15152]  get_futex_key+0x4a3/0x1000
[  597.343817][T15152]  ? __pfx_get_futex_key+0x10/0x10
[  597.343851][T15152]  ? _raw_spin_unlock_irqrestore+0x61/0x80
[  597.343884][T15152]  ? wake_up_new_task+0x87f/0xd40
[  597.343918][T15152]  futex_wake+0xe8/0x4e0
[  597.343947][T15152]  ? __pfx_futex_wake+0x10/0x10
[  597.343975][T15152]  ? kernel_clone+0x25d/0x960
[  597.344008][T15152]  ? __pfx_kernel_clone+0x10/0x10
[  597.344046][T15152]  do_futex+0x1e5/0x350
[  597.344070][T15152]  ? __pfx_do_futex+0x10/0x10
[  597.344102][T15152]  __x64_sys_futex+0x1e1/0x4c0
[  597.344130][T15152]  ? __pfx___x64_sys_futex+0x10/0x10
[  597.344154][T15152]  ? rcu_is_watching+0x12/0xc0
[  597.344195][T15152]  do_syscall_64+0xcd/0x250
[  597.344220][T15152]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  597.344250][T15152] RIP: 0033:0x7f3d7598cde9
[  597.344277][T15152] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  597.344303][T15152] RSP: 002b:00007f3d768220e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  597.344326][T15152] RAX: ffffffffffffffda RBX: 00007f3d75ba5fa8 RCX: 00007f3d7598cde9
[  597.344342][T15152] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f3d75ba5fac
[  597.344357][T15152] RBP: 00007f3d75ba5fa0 R08: 00007f3d76823000 R09: 0000000000000000
[  597.344373][T15152] R10: 00000000000007df R11: 0000000000000246 R12: 00007f3d75ba5fac
[  597.344387][T15152] R13: 0000000000000000 R14: 00007ffd9b913d10 R15: 00007ffd9b913df8
[  597.344418][T15152]  </TASK>
[  597.597783][T15134] netlink: 172 bytes leftover after parsing attributes in process `syz.1.2047'.
[  597.625220][T15133] netlink: zone id is out of range
[  597.631525][T15133] netlink: zone id is out of range
[  597.636843][T15133] netlink: zone id is out of range
[  597.642139][T15133] netlink: zone id is out of range
[  597.647409][T15133] netlink: zone id is out of range
[  597.652718][T15133] netlink: zone id is out of range
[  597.908602][T15159] netlink: 346 bytes leftover after parsing attributes in process `syz.3.2051'.
[  599.079434][T15177] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2056'.
[  599.160129][T15177] IPv6: NLM_F_CREATE should be specified when creating new route

syzkaller
syzkaller login: [  601.408394][T15212] ERROR: Out of memory at tomoyo_memory_ok.
[  601.524120][T15216] netlink: 346 bytes leftover after parsing attributes in process `syz.3.2064'.
[  604.997740][T15274] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  605.014170][T15274] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  605.024580][T15274] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  605.030991][T15274] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  606.244123][T15300] netlink: 346 bytes leftover after parsing attributes in process `syz.0.2082'.

syzkaller
syzkaller login: [  607.028714][ T5842] Bluetooth: hci0: command 0x0c1a tx timeout
[  607.098555][ T5842] Bluetooth: hci2: command 0x0c1a tx timeout
[  607.098566][T11997] Bluetooth: hci3: command 0x0c1a tx timeout
[  607.851161][T15347] netlink: 346 bytes leftover after parsing attributes in process `syz.3.2102'.
[  608.580650][T15358] ERROR: Out of memory at tomoyo_memory_ok.
[  609.099741][ T5842] Bluetooth: hci0: command 0x0c1a tx timeout
[  610.502080][T15400] ptrace attach of "./syz-executor exec"[5831] was attempted by "./syz-executor exec"[15400]
[  613.041203][T15458] netlink: 346 bytes leftover after parsing attributes in process `syz.1.2127'.
[  613.607327][T15482] netlink: 346 bytes leftover after parsing attributes in process `syz.3.2130'.
[  613.964089][T15493] ERROR: Out of memory at tomoyo_memory_ok.
[  614.028101][T15499] ERROR: Out of memory at tomoyo_memory_ok.
[  614.364686][T15494] FAULT_INJECTION: forcing a failure.
[  614.364686][T15494] name failslab, interval 1, probability 0, space 0, times 0
[  614.466187][T15494] CPU: 0 UID: 0 PID: 15494 Comm: syz.3.2134 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  614.466226][T15494] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  614.466241][T15494] Call Trace:
[  614.466249][T15494]  <TASK>
[  614.466260][T15494]  dump_stack_lvl+0x16c/0x1f0
[  614.466303][T15494]  should_fail_ex+0x50a/0x650
[  614.466332][T15494]  ? fs_reclaim_acquire+0xae/0x150
[  614.466373][T15494]  should_failslab+0xc2/0x120
[  614.466403][T15494]  __kmalloc_noprof+0xce/0x4f0
[  614.466431][T15494]  ? ima_write_template_field_data+0x48/0x1c0
[  614.466464][T15494]  ima_write_template_field_data+0x48/0x1c0
[  614.466493][T15494]  ima_eventdigest_init_common+0x131/0x3d0
[  614.466522][T15494]  ? __pfx_ima_eventdigest_init_common+0x10/0x10
[  614.466578][T15494]  ? rcu_watching_snap_stopped_since+0x50/0x110
[  614.466619][T15494]  ? trace_kmalloc+0x2d/0xd0
[  614.466650][T15494]  ? __kmalloc_noprof+0x23b/0x4f0
[  614.466678][T15494]  ? ima_alloc_init_template+0x195/0x720
[  614.466716][T15494]  ima_alloc_init_template+0x399/0x720
[  614.466757][T15494]  ima_store_measurement+0x1ea/0x5c0
[  614.466793][T15494]  ? __pfx_ima_store_measurement+0x10/0x10
[  614.466839][T15494]  ? __pfx_ima_get_hash_algo+0x10/0x10
[  614.466873][T15494]  process_measurement+0x1bcb/0x2370
[  614.466914][T15494]  ? __pfx_process_measurement+0x10/0x10
[  614.466956][T15494]  ? aa_file_perm+0x4c6/0xfe0
[  614.466985][T15494]  ? trace_lock_acquire+0x14e/0x1f0
[  614.467042][T15494]  ? __pfx___lock_acquire+0x10/0x10
[  614.467073][T15494]  ima_file_mmap+0x1b3/0x1e0
[  614.467101][T15494]  ? __pfx_ima_file_mmap+0x10/0x10
[  614.467142][T15494]  security_mmap_file+0x88c/0x990
[  614.467172][T15494]  vm_mmap_pgoff+0xdb/0x3a0
[  614.467203][T15494]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  614.467235][T15494]  ? __fget_files+0x206/0x3a0
[  614.467265][T15494]  ksys_mmap_pgoff+0x32c/0x5c0
[  614.467288][T15494]  ? rcu_is_watching+0x12/0xc0
[  614.467325][T15494]  __x64_sys_mmap+0x125/0x190
[  614.467361][T15494]  do_syscall_64+0xcd/0x250
[  614.467385][T15494]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  614.467413][T15494] RIP: 0033:0x7fb695f8cde9
[  614.467432][T15494] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  614.467452][T15494] RSP: 002b:00007fb696da3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  614.467472][T15494] RAX: ffffffffffffffda RBX: 00007fb6961a5fa0 RCX: 00007fb695f8cde9
[  614.467486][T15494] RDX: 00000000000000de RSI: 0000000000010000 RDI: 0000000000000000
[  614.467497][T15494] RBP: 00007fb69600e2a0 R08: 0000000000000009 R09: 0000000000028000
[  614.467509][T15494] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000000
[  614.467521][T15494] R13: 0000000000000000 R14: 00007fb6961a5fa0 R15: 00007ffea8c84508
[  614.467560][T15494]  </TASK>
[  614.467801][   T29] audit: type=1804 audit(4294969457.494:15): pid=15494 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.3.2134" name="/newroot/dev/sr0" dev="devtmpfs" ino=2736 res=0 errno=0
[  616.879424][T15551] Process accounting resumed
[  617.089823][T15574] netlink: 346 bytes leftover after parsing attributes in process `syz.1.2149'.
[  620.927721][T15649] netlink: 330 bytes leftover after parsing attributes in process `syz.1.2162'.
[  621.205697][T15649] : renamed from bond0 (while UP)
[  622.704616][T15653] Process accounting resumed
[  622.769089][T15685] netlink: 346 bytes leftover after parsing attributes in process `syz.1.2173'.
[  623.443417][T15696] netlink: 346 bytes leftover after parsing attributes in process `syz.1.2176'.
[  624.264306][T15710] ERROR: Out of memory at tomoyo_memory_ok.
[  624.636822][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  624.644692][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  626.718923][T15763] veth0_macvtap: entered promiscuous mode
[  628.548988][T15788] netlink: 346 bytes leftover after parsing attributes in process `syz.3.2199'.
[  630.071738][T15814] HfR: entered promiscuous mode
[  630.082628][T15814] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2203'.
[  630.121325][T15814] HfR: left promiscuous mode

syzkaller
syzkaller login: [  632.514871][T15846] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2215'.
[  632.632838][T15840] KVM: debugfs: duplicate directory 15840-3
[  634.427844][T15873] netlink: 186 bytes leftover after parsing attributes in process `syz.0.2226'.
[  636.432239][T15898] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2223'.
[  638.153052][T15926] FAULT_INJECTION: forcing a failure.
[  638.153052][T15926] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  638.202360][T15926] CPU: 1 UID: 0 PID: 15926 Comm: syz.2.2231 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  638.202395][T15926] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  638.202408][T15926] Call Trace:
[  638.202415][T15926]  <TASK>
[  638.202423][T15926]  dump_stack_lvl+0x16c/0x1f0
[  638.202459][T15926]  should_fail_ex+0x50a/0x650
[  638.202490][T15926]  _copy_from_user+0x2e/0xd0
[  638.202520][T15926]  core_sys_select+0x306/0xa10
[  638.202554][T15926]  ? __pfx_core_sys_select+0x10/0x10
[  638.202580][T15926]  ? __pfx_lock_release+0x10/0x10
[  638.202604][T15926]  ? proc_fail_nth_write+0xa0/0x250
[  638.202654][T15926]  ? do_sys_openat2+0xb1/0x1e0
[  638.202682][T15926]  ? __pfx_do_sys_openat2+0x10/0x10
[  638.202712][T15926]  ? put_files_struct+0x3b/0x370
[  638.202738][T15926]  kern_select+0x15e/0x1e0
[  638.202759][T15926]  ? __pfx_kern_select+0x10/0x10
[  638.202783][T15926]  ? __pfx_ksys_write+0x10/0x10
[  638.202809][T15926]  __x64_sys_select+0xbd/0x160
[  638.202828][T15926]  ? do_syscall_64+0x91/0x250
[  638.202847][T15926]  ? lockdep_hardirqs_on+0x7c/0x110
[  638.202877][T15926]  do_syscall_64+0xcd/0x250
[  638.202898][T15926]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  638.202926][T15926] RIP: 0033:0x7fc461d8cde9
[  638.202943][T15926] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  638.202963][T15926] RSP: 002b:00007fc462bd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017
[  638.202982][T15926] RAX: ffffffffffffffda RBX: 00007fc461fa5fa0 RCX: 00007fc461d8cde9
[  638.202997][T15926] RDX: 0000200000000080 RSI: 0000000000000000 RDI: 0000000000000007
[  638.203010][T15926] RBP: 00007fc462bd5090 R08: 0000000000000000 R09: 0000000000000000
[  638.203023][T15926] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  638.203035][T15926] R13: 0000000000000000 R14: 00007fc461fa5fa0 R15: 00007fffd888d178
[  638.203062][T15926]  </TASK>
[  638.800084][T15939] netlink: 346 bytes leftover after parsing attributes in process `syz.2.2233'.
[  640.641828][T15970] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2241'.
[  641.051829][T15988] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2247'.
[  641.108410][T15981] netlink: 346 bytes leftover after parsing attributes in process `syz.2.2246'.

syzkaller
syzkaller login: [  644.278550][T16054] FAULT_INJECTION: forcing a failure.
[  644.278550][T16054] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  644.308145][T16054] CPU: 0 UID: 0 PID: 16054 Comm: syz.0.2262 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  644.308178][T16054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  644.308192][T16054] Call Trace:
[  644.308198][T16054]  <TASK>
[  644.308208][T16054]  dump_stack_lvl+0x16c/0x1f0
[  644.308245][T16054]  should_fail_ex+0x50a/0x650
[  644.308277][T16054]  _copy_to_user+0x32/0xd0
[  644.308309][T16054]  simple_read_from_buffer+0xd0/0x160
[  644.308343][T16054]  proc_fail_nth_read+0x198/0x270
[  644.308373][T16054]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  644.308404][T16054]  ? rw_verify_area+0xcf/0x680
[  644.308436][T16054]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  644.308464][T16054]  vfs_read+0x1df/0xbf0
[  644.308487][T16054]  ? __pfx_poll_select_finish+0x10/0x10
[  644.308508][T16054]  ? __pfx_vfs_read+0x10/0x10
[  644.308530][T16054]  ? do_sys_openat2+0xb1/0x1e0
[  644.308557][T16054]  ? __pfx_do_sys_openat2+0x10/0x10
[  644.308587][T16054]  ? put_files_struct+0x3b/0x370
[  644.308614][T16054]  ? kern_select+0x176/0x1e0
[  644.308641][T16054]  ksys_read+0x12b/0x250
[  644.308663][T16054]  ? __pfx_ksys_read+0x10/0x10
[  644.308695][T16054]  do_syscall_64+0xcd/0x250
[  644.308718][T16054]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  644.308749][T16054] RIP: 0033:0x7f3d7598b7fc
[  644.308767][T16054] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  644.308788][T16054] RSP: 002b:00007f3d76822030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  644.308809][T16054] RAX: ffffffffffffffda RBX: 00007f3d75ba5fa0 RCX: 00007f3d7598b7fc
[  644.308824][T16054] RDX: 000000000000000f RSI: 00007f3d768220a0 RDI: 0000000000000004
[  644.308837][T16054] RBP: 00007f3d76822090 R08: 0000000000000000 R09: 0000000000000000
[  644.308850][T16054] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  644.308863][T16054] R13: 0000000000000000 R14: 00007f3d75ba5fa0 R15: 00007ffd9b913df8
[  644.308893][T16054]  </TASK>

syzkaller
syzkaller login: [  647.293001][T16103] Process accounting paused
[  648.103254][T16123] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2275'.
[  650.254355][T16131] can: request_module (can-proto-0) failed.
[  650.490957][T16123]  (unregistering): (slave bond_slave_0): Releasing backup interface
[  650.713292][T16123]  (unregistering): (slave bond_slave_1): Releasing backup interface
[  650.843109][T16123]  (unregistering): Released all slaves
[  653.165083][T16125] Process accounting paused

syzkaller
syzkaller login: [  655.169154][T16190] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2290'.
[  655.201317][T16190] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.

syzkaller
syzkaller login: 
syzkaller
syzkaller login: [  666.097997][ T5842] Bluetooth: hci4: Opcode 0x0c03 failed: -110

syzkaller
syzkaller login: [  671.671878][T16434] sg_write: data in/out 16027157/350 bytes for SCSI command 0x97-- guessing data in;
[  671.671878][T16434]    program syz.1.2340 not setting count and/or reply_len properly
[  673.417077][T16456] netlink: 504 bytes leftover after parsing attributes in process `syz.3.2346'.
[  673.498783][T16455] netlink: 504 bytes leftover after parsing attributes in process `syz.3.2346'.
[  673.976187][T11997] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  673.991705][T11997] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  673.999902][T11997] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  674.020097][T11997] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  674.036115][T11997] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  674.052035][T11997] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  674.536119][T16466] chnl_net:caif_netlink_parms(): no params data found
[  675.052666][T16466] bridge0: port 1(bridge_slave_0) entered blocking state
[  675.060009][T16466] bridge0: port 1(bridge_slave_0) entered disabled state
[  675.071913][T16466] bridge_slave_0: entered allmulticast mode
[  675.093902][T16466] bridge_slave_0: entered promiscuous mode
[  675.110184][T16466] bridge0: port 2(bridge_slave_1) entered blocking state
[  675.117617][T16466] bridge0: port 2(bridge_slave_1) entered disabled state
[  675.125640][T16466] bridge_slave_1: entered allmulticast mode
[  675.133690][T16466] bridge_slave_1: entered promiscuous mode
[  675.325442][T16466] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  675.346480][T16466] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  675.504166][T16466] team0: Port device team_slave_0 added
[  675.548413][T16466] team0: Port device team_slave_1 added
[  675.689810][T16466] batman_adv: batadv0: Adding interface: batadv_slave_0
[  675.706823][T16466] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  675.752365][T16466] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  675.814401][T16466] batman_adv: batadv0: Adding interface: batadv_slave_1
[  675.831215][T16466] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  675.882834][T16466] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  676.090424][T16466] hsr_slave_0: entered promiscuous mode
[  676.102963][ T5842] Bluetooth: hci4: command tx timeout
[  676.113813][T16466] hsr_slave_1: entered promiscuous mode
[  676.120101][T16466] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  676.137906][T16466] Cannot create hsr debugfs directory

syzkaller
syzkaller login: [  677.459995][T16466] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  677.855012][T16466] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  677.951795][T16466] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  678.174239][ T5842] Bluetooth: hci4: command tx timeout
[  678.264724][T16466] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  678.300094][T16466] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  678.338139][T16466] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  678.385064][T16466] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  678.557009][T16466] 8021q: adding VLAN 0 to HW filter on device bond0
[  678.585193][T16466] 8021q: adding VLAN 0 to HW filter on device team0
[  678.610706][T11341] bridge0: port 1(bridge_slave_0) entered blocking state
[  678.617870][T11341] bridge0: port 1(bridge_slave_0) entered forwarding state
[  678.672110][T16430] bridge0: port 2(bridge_slave_1) entered blocking state
[  678.680669][T16430] bridge0: port 2(bridge_slave_1) entered forwarding state
[  678.755985][T16466] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  679.031445][T16466] 8021q: adding VLAN 0 to HW filter on device batadv0
[  679.103821][T16466] veth0_vlan: entered promiscuous mode
[  679.119591][T16466] veth1_vlan: entered promiscuous mode
[  679.175630][T16466] veth0_macvtap: entered promiscuous mode
[  679.187611][T16466] veth1_macvtap: entered promiscuous mode
[  679.211969][T16466] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  679.225261][T16466] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  679.236207][T16466] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  679.248281][T16466] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  679.262024][T16466] batman_adv: batadv0: Interface activated: batadv_slave_0
[  679.285851][T16466] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  679.304706][T16466] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  679.324612][T16466] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  679.338512][T16466] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  679.373094][T16466] batman_adv: batadv0: Interface activated: batadv_slave_1
[  679.393119][T16466] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  679.407183][T16466] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  679.418130][T16466] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  679.430596][T16466] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  679.590518][T11341] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  679.640832][T11341] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  679.716699][T16430] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  679.743191][T16430] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  680.254954][ T5842] Bluetooth: hci4: command tx timeout
[  681.701072][T11997] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  681.719204][T11997] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  681.727685][T11997] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  681.749032][T11997] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  681.782695][T11997] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  681.791776][T11997] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  682.002178][T16573] ERROR: Out of memory at tomoyo_memory_ok.
[  682.336303][ T5842] Bluetooth: hci4: command tx timeout
[  682.538432][T16576] chnl_net:caif_netlink_parms(): no params data found
[  682.827822][T16576] bridge0: port 1(bridge_slave_0) entered blocking state
[  682.846355][T16576] bridge0: port 1(bridge_slave_0) entered disabled state
[  682.853628][T16576] bridge_slave_0: entered allmulticast mode
[  682.887445][T16576] bridge_slave_0: entered promiscuous mode
[  682.975851][T16576] bridge0: port 2(bridge_slave_1) entered blocking state
[  682.983478][T16576] bridge0: port 2(bridge_slave_1) entered disabled state
[  683.007566][T16576] bridge_slave_1: entered allmulticast mode
[  683.020156][T16576] bridge_slave_1: entered promiscuous mode
[  683.131838][T16430] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  683.213590][T16576] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  683.331597][T16430] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  683.367251][T16576] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  683.477678][T16430] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  683.522915][T16576] team0: Port device team_slave_0 added
[  683.531646][T16576] team0: Port device team_slave_1 added
[  683.603960][T16430] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  683.710090][T16597] Process accounting resumed
[  683.775097][T16576] batman_adv: batadv0: Adding interface: batadv_slave_0
[  683.785488][T16576] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  683.819603][T16576] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  683.845542][T16576] batman_adv: batadv0: Adding interface: batadv_slave_1
[  683.856995][ T5842] Bluetooth: hci5: command tx timeout
[  683.871906][T16576] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  683.897925][    C0] vkms_vblank_simulate: vblank timer overrun
[  683.905004][T16576] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  684.044858][T16576] hsr_slave_0: entered promiscuous mode
[  684.056313][T16576] hsr_slave_1: entered promiscuous mode
[  684.066233][T16576] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  684.077452][T16576] Cannot create hsr debugfs directory
[  684.387593][T16430] bridge_slave_1: left allmulticast mode
[  684.393911][T16430] bridge_slave_1: left promiscuous mode
[  684.418650][T16430] bridge0: port 2(bridge_slave_1) entered disabled state
[  684.438996][T16430] bridge_slave_0: left allmulticast mode
[  684.444664][T16430] bridge_slave_0: left promiscuous mode
[  684.460272][T16430] bridge0: port 1(bridge_slave_0) entered disabled state

syzkaller
syzkaller login: [  685.314810][T16629] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2381'.
[  685.325179][T16430] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  685.338898][T16430] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  685.349233][T16430] bond0 (unregistering): Released all slaves
[  685.515272][T16430] HfR: left promiscuous mode
[  685.943256][ T5842] Bluetooth: hci5: command tx timeout
[  686.106033][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  686.113976][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  686.640854][T16576] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  686.730004][T16576] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  686.763415][T16576] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  686.776713][T16576] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  687.593014][T16576] 8021q: adding VLAN 0 to HW filter on device bond0
[  687.775309][T16576] 8021q: adding VLAN 0 to HW filter on device team0
[  687.877556][T16430] hsr_slave_0: left promiscuous mode
[  687.918976][T16430] hsr_slave_1: left promiscuous mode
[  687.925520][T16430] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  687.966834][T16430] batman_adv: batadv0: Removing interface: batadv_slave_0
[  687.991373][T16430] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  688.012804][T16430] batman_adv: batadv0: Removing interface: batadv_slave_1
[  688.020491][ T5842] Bluetooth: hci5: command tx timeout
[  688.081837][T16430] veth0_macvtap: left promiscuous mode
[  688.088326][T16430] veth1_vlan: left promiscuous mode
[  688.109324][T16430] veth0_vlan: left promiscuous mode
[  688.331099][   T27] ERROR: Out of memory at tomoyo_memory_ok.
[  689.143439][T16430] team0 (unregistering): Port device team_slave_1 removed
[  689.196187][T16430] team0 (unregistering): Port device team_slave_0 removed

syzkaller
syzkaller login: [  689.980918][T11341] bridge0: port 1(bridge_slave_0) entered blocking state
[  689.988073][T11341] bridge0: port 1(bridge_slave_0) entered forwarding state
[  690.039340][T11337] bridge0: port 2(bridge_slave_1) entered blocking state
[  690.046556][T11337] bridge0: port 2(bridge_slave_1) entered forwarding state
[  690.100025][ T5842] Bluetooth: hci5: command tx timeout
[  690.497721][T16576] 8021q: adding VLAN 0 to HW filter on device batadv0
[  690.623465][T16576] veth0_vlan: entered promiscuous mode
[  690.670646][T16576] veth1_vlan: entered promiscuous mode
[  690.756177][T16576] veth0_macvtap: entered promiscuous mode
[  690.783993][T16576] veth1_macvtap: entered promiscuous mode
[  691.069478][T16576] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  691.104649][T16576] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  691.126869][T16576] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  691.155303][T16576] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  691.186063][T16576] batman_adv: batadv0: Interface activated: batadv_slave_0
[  691.238825][T16576] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  691.289695][T16576] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  691.304517][T16576] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  691.320700][T16576] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  691.348595][T16576] batman_adv: batadv0: Interface activated: batadv_slave_1
[  691.375980][T16576] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  691.400540][T16576] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  691.419875][T16576] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  691.449568][T16576] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  691.806767][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  691.853260][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  692.000164][T11340] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  692.019321][T11340] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  693.101629][T16782] FAULT_INJECTION: forcing a failure.
[  693.101629][T16782] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  693.115440][T16782] CPU: 1 UID: 0 PID: 16782 Comm: syz.0.2411 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  693.115469][T16782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  693.115482][T16782] Call Trace:
[  693.115488][T16782]  <TASK>
[  693.115496][T16782]  dump_stack_lvl+0x16c/0x1f0
[  693.115534][T16782]  should_fail_ex+0x50a/0x650
[  693.115564][T16782]  _copy_from_user+0x2e/0xd0
[  693.115594][T16782]  get_timespec64+0x8c/0x240
[  693.115617][T16782]  ? __pfx_get_timespec64+0x10/0x10
[  693.115648][T16782]  __x64_sys_clock_nanosleep+0x1ce/0x4a0
[  693.115680][T16782]  ? __pfx___x64_sys_clock_nanosleep+0x10/0x10
[  693.115720][T16782]  do_syscall_64+0xcd/0x250
[  693.115742][T16782]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  693.115771][T16782] RIP: 0033:0x7f3424d8cde9
[  693.115787][T16782] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  693.115808][T16782] RSP: 002b:00007f3425cd2038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e6
[  693.115829][T16782] RAX: ffffffffffffffda RBX: 00007f3424fa5fa0 RCX: 00007f3424d8cde9
[  693.115844][T16782] RDX: 0000000000000000 RSI: 000000000000000e RDI: 00000000fffffff9
[  693.115857][T16782] RBP: 00007f3425cd2090 R08: 0000000000000000 R09: 0000000000000000
[  693.115870][T16782] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  693.115882][T16782] R13: 0000000000000000 R14: 00007f3424fa5fa0 R15: 00007ffd20cd7428
[  693.115909][T16782]  </TASK>
[  693.541932][T16785] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2412'.

syzkaller
syzkaller login: [  694.333115][T11997] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  694.347430][T11997] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  694.362413][T11997] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  694.392144][T11997] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  694.417857][T11997] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  694.435278][T16803] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  695.043240][T16813] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2420'.
[  695.154213][T16799] chnl_net:caif_netlink_parms(): no params data found
[  695.389716][T16799] bridge0: port 1(bridge_slave_0) entered blocking state
[  695.416471][T16799] bridge0: port 1(bridge_slave_0) entered disabled state
[  695.434782][T16799] bridge_slave_0: entered allmulticast mode
[  695.441878][T16799] bridge_slave_0: entered promiscuous mode
[  695.475564][T16799] bridge0: port 2(bridge_slave_1) entered blocking state
[  695.531490][T16799] bridge0: port 2(bridge_slave_1) entered disabled state
[  695.551455][T16799] bridge_slave_1: entered allmulticast mode
[  695.572710][T16799] bridge_slave_1: entered promiscuous mode
[  695.653496][T16799] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  695.678247][T16799] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  695.837688][T16799] team0: Port device team_slave_0 added
[  695.883781][T16799] team0: Port device team_slave_1 added
[  695.950786][T16799] batman_adv: batadv0: Adding interface: batadv_slave_0
[  695.958501][T16799] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  696.028299][T16799] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  696.055529][T16799] batman_adv: batadv0: Adding interface: batadv_slave_1
[  696.073449][T16799] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  696.139811][T16799] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  696.458596][T16799] hsr_slave_0: entered promiscuous mode
[  696.473887][T16799] hsr_slave_1: entered promiscuous mode
[  696.503318][ T5842] Bluetooth: hci2: command tx timeout
[  697.357112][T16799] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  697.462411][T16799] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  697.588060][T16799] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  697.780004][T16799] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  698.021414][T16879] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2433'.

syzkaller
syzkaller login: [  698.265036][T16799] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  698.306913][T16799] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  698.416684][T16799] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  698.436871][T16799] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  698.584291][ T5842] Bluetooth: hci2: command tx timeout
[  698.708810][T16799] 8021q: adding VLAN 0 to HW filter on device bond0
[  698.730411][T16799] 8021q: adding VLAN 0 to HW filter on device team0
[  698.747947][T11329] bridge0: port 1(bridge_slave_0) entered blocking state
[  698.755143][T11329] bridge0: port 1(bridge_slave_0) entered forwarding state
[  698.813123][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[  698.820352][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[  699.771844][T16799] 8021q: adding VLAN 0 to HW filter on device batadv0
[  699.864867][T16799] veth0_vlan: entered promiscuous mode
[  699.963796][T16799] veth1_vlan: entered promiscuous mode
[  700.021610][T16799] veth0_macvtap: entered promiscuous mode
[  700.045506][T16799] veth1_macvtap: entered promiscuous mode
[  700.090703][T16799] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  700.109929][T16799] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  700.141107][T16799] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  700.161567][T16799] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  700.185756][T16799] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  700.224919][T16799] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  700.256729][T16799] batman_adv: batadv0: Interface activated: batadv_slave_0
[  700.282468][T16799] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  700.325055][T16799] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  700.339827][T16799] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1

syzkaller[  700.356436][T16799] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!

syzkaller login: [  700.395046][T16799] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  700.415263][T16799] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  700.427925][T16799] batman_adv: batadv0: Interface activated: batadv_slave_1
[  700.479455][T16799] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  700.489590][T16799] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  700.507264][T16799] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  700.525267][T16799] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  700.666626][ T5842] Bluetooth: hci2: command tx timeout
[  700.919900][T11329] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  700.945439][T11329] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  701.207603][   T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  701.226670][   T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  702.123814][T16940] cgroup: fork rejected by pids controller in /syz2
[  702.636227][T17004] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  702.671124][T17004] CIFS mount error: No usable UNC path provided in device string!
[  702.671124][T17004] 
[  702.695700][T17004] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  702.747454][ T5842] Bluetooth: hci2: command tx timeout
[  703.057094][T17013] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2450'.
[  703.811323][T17002] kexec: Could not allocate control_code_buffer
[  705.044864][T17049] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2460'.

syzkaller
syzkaller login: [  706.065441][T17072] netlink: 1 bytes leftover after parsing attributes in process `syz.0.2464'.
[  706.087400][T17072] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2464'.
[  706.132833][T17076] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2464'.
[  706.156899][T17072] netlink: 1 bytes leftover after parsing attributes in process `syz.0.2464'.
[  706.202184][T17060] netlink: 326 bytes leftover after parsing attributes in process `syz.2.2455'.
[  706.976995][T17093] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2469'.
[  707.318607][T17093] zswap: compressor  not available

syzkaller
syzkaller login: [  713.518733][T17240] netlink: 492 bytes leftover after parsing attributes in process `syz.3.2513'.
[  713.546125][T17240] netlink: 492 bytes leftover after parsing attributes in process `syz.3.2513'.
[  713.598291][T17248] netlink: 326 bytes leftover after parsing attributes in process `syz.1.2515'.
[  713.939704][T17254] Process accounting paused
[  714.648232][T17277] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed
[  714.667641][T17277] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff)
[  714.689348][T17277] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed
[  714.707066][T17277] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff)
[  715.900013][T17305] HfR: entered promiscuous mode
[  716.019166][T17305] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2529'.
[  716.069537][T17305] HfR: left promiscuous mode
[  716.132320][T17309] Process accounting resumed

syzkaller
syzkaller login: [  718.172457][T16803] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  718.185794][T16803] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  718.195153][T16803] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  718.203783][T16803] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  718.213327][T16803] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  718.227260][T16803] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  719.159120][T17336] chnl_net:caif_netlink_parms(): no params data found
[  719.458801][T17352] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2539'.
[  719.712827][T17352] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  719.765149][T17352] batman_adv: batadv0: Removing interface: batadv_slave_0
[  719.975510][T17352] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  720.004850][T17352] batman_adv: batadv0: Removing interface: batadv_slave_1
[  720.275703][ T5842] Bluetooth: hci1: command tx timeout
[  720.691557][T17336] bridge0: port 1(bridge_slave_0) entered blocking state
[  720.715216][T17336] bridge0: port 1(bridge_slave_0) entered disabled state
[  720.745447][T17336] bridge_slave_0: entered allmulticast mode
[  720.764742][T17336] bridge_slave_0: entered promiscuous mode
[  720.797450][T17336] bridge0: port 2(bridge_slave_1) entered blocking state
[  720.804630][T17336] bridge0: port 2(bridge_slave_1) entered disabled state
[  720.845493][T17336] bridge_slave_1: entered allmulticast mode
[  720.853399][T17336] bridge_slave_1: entered promiscuous mode
[  721.361838][T17336] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  721.422526][T17336] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  721.889423][T17336] team0: Port device team_slave_0 added
[  721.980680][T17336] team0: Port device team_slave_1 added
[  722.201120][T17336] batman_adv: batadv0: Adding interface: batadv_slave_0
[  722.246115][T17336] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  722.356017][ T5842] Bluetooth: hci1: command tx timeout
[  722.381076][T17336] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  722.461431][T17336] batman_adv: batadv0: Adding interface: batadv_slave_1
[  722.486229][T17336] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  722.529031][T17336] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active

syzkaller
syzkaller login: [  722.775386][T17389] netlink: 68 bytes leftover after parsing attributes in process `syz.3.2547'.
[  722.868308][T17336] hsr_slave_0: entered promiscuous mode
[  723.364288][T17336] hsr_slave_1: entered promiscuous mode
[  723.383405][T17336] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  723.416492][T17336] Cannot create hsr debugfs directory
[  723.515830][T17397] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2548'.
[  723.541467][T17396] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2548'.
[  723.760537][T17402] FAULT_INJECTION: forcing a failure.
[  723.760537][T17402] name failslab, interval 1, probability 0, space 0, times 0
[  723.773280][T17402] CPU: 0 UID: 0 PID: 17402 Comm: syz.3.2550 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  723.773298][T17402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  723.773307][T17402] Call Trace:
[  723.773311][T17402]  <TASK>
[  723.773316][T17402]  dump_stack_lvl+0x16c/0x1f0
[  723.773341][T17402]  should_fail_ex+0x50a/0x650
[  723.773358][T17402]  ? fs_reclaim_acquire+0xae/0x150
[  723.773382][T17402]  should_failslab+0xc2/0x120
[  723.773400][T17402]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[  723.773416][T17402]  ? __alloc_skb+0x2b3/0x380
[  723.773432][T17402]  __alloc_skb+0x2b3/0x380
[  723.773444][T17402]  ? __pfx___alloc_skb+0x10/0x10
[  723.773463][T17402]  netlink_alloc_large_skb+0x69/0x130
[  723.773483][T17402]  netlink_sendmsg+0x689/0xd70
[  723.773504][T17402]  ? __pfx_netlink_sendmsg+0x10/0x10
[  723.773535][T17402]  ____sys_sendmsg+0x9ae/0xb40
[  723.773553][T17402]  ? copy_msghdr_from_user+0x10b/0x160
[  723.773567][T17402]  ? __pfx_____sys_sendmsg+0x10/0x10
[  723.773593][T17402]  ___sys_sendmsg+0x135/0x1e0
[  723.773607][T17402]  ? __pfx____sys_sendmsg+0x10/0x10
[  723.773628][T17402]  ? __pfx_lock_release+0x10/0x10
[  723.773644][T17402]  ? trace_lock_acquire+0x14e/0x1f0
[  723.773662][T17402]  ? __fget_files+0x206/0x3a0
[  723.773680][T17402]  __sys_sendmsg+0x16e/0x220
[  723.773694][T17402]  ? __pfx___sys_sendmsg+0x10/0x10
[  723.773718][T17402]  do_syscall_64+0xcd/0x250
[  723.773732][T17402]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  723.773750][T17402] RIP: 0033:0x7fde2838cde9
[  723.773761][T17402] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  723.773774][T17402] RSP: 002b:00007fde2924c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  723.773787][T17402] RAX: ffffffffffffffda RBX: 00007fde285a6080 RCX: 00007fde2838cde9
[  723.773796][T17402] RDX: 0000000004000000 RSI: 0000200000000240 RDI: 0000000000000003
[  723.773804][T17402] RBP: 00007fde2924c090 R08: 0000000000000000 R09: 0000000000000000
[  723.773812][T17402] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  723.773819][T17402] R13: 0000000000000001 R14: 00007fde285a6080 R15: 00007ffccc364f18
[  723.773835][T17402]  </TASK>
[  724.437174][ T5842] Bluetooth: hci1: command tx timeout
[  725.803148][T17336] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  726.505803][T17336] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  726.518181][ T5842] Bluetooth: hci1: command tx timeout
[  726.735634][T17336] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  726.951280][T17427] ERROR: Out of memory at tomoyo_memory_ok.
[  727.051889][T17336] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  727.590664][T17336] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  727.692469][T17336] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  727.804364][T17336] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  728.082942][T17336] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  728.503839][T17336] 8021q: adding VLAN 0 to HW filter on device bond0
[  728.561328][T17336] 8021q: adding VLAN 0 to HW filter on device team0
[  728.609773][T11333] bridge0: port 1(bridge_slave_0) entered blocking state
[  728.616979][T11333] bridge0: port 1(bridge_slave_0) entered forwarding state
[  728.673846][T11333] bridge0: port 2(bridge_slave_1) entered blocking state
[  728.681079][T11333] bridge0: port 2(bridge_slave_1) entered forwarding state
[  728.820367][T17336] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  729.182557][T17336] 8021q: adding VLAN 0 to HW filter on device batadv0
[  729.271840][T17336] veth0_vlan: entered promiscuous mode
[  729.297709][T17336] veth1_vlan: entered promiscuous mode
[  729.343240][T17336] veth0_macvtap: entered promiscuous mode
[  729.370828][T17336] veth1_macvtap: entered promiscuous mode
[  729.424880][T17336] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  729.451281][T17336] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  729.476096][T17336] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  729.511033][T17336] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  729.543061][T17336] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  729.570769][T17336] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  729.609752][T17336] batman_adv: batadv0: Interface activated: batadv_slave_0
[  729.661442][T17336] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  729.685575][T17336] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  729.729728][T17336] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  729.759719][T17336] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  729.789724][T17336] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  729.829718][T17336] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  729.847868][T17336] batman_adv: batadv0: Interface activated: batadv_slave_1
[  729.895877][T17336] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  729.909907][T17336] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  729.918656][T17336] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  729.951680][T17336] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  730.165304][T11329] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  730.195113][T11329] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  730.253859][ T8097] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  730.273770][ T8097] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50

syzkaller
syzkaller login: [  732.363650][T17515] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2573'.
[  732.858731][T17526] FAULT_INJECTION: forcing a failure.
[  732.858731][T17526] name failslab, interval 1, probability 0, space 0, times 0
[  733.010317][T17526] CPU: 0 UID: 0 PID: 17526 Comm: syz.1.2573 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  733.010355][T17526] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  733.010368][T17526] Call Trace:
[  733.010374][T17526]  <TASK>
[  733.010383][T17526]  dump_stack_lvl+0x16c/0x1f0
[  733.010425][T17526]  should_fail_ex+0x50a/0x650
[  733.010453][T17526]  ? fs_reclaim_acquire+0xae/0x150
[  733.010492][T17526]  should_failslab+0xc2/0x120
[  733.010521][T17526]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  733.010546][T17526]  ? down_write+0x14e/0x200
[  733.010570][T17526]  ? vm_area_dup+0x53/0x300
[  733.010606][T17526]  vm_area_dup+0x53/0x300
[  733.010636][T17526]  copy_mm+0xe5d/0x2730
[  733.010682][T17526]  ? __pfx_copy_mm+0x10/0x10
[  733.010716][T17526]  ? copy_process+0x3ca7/0x6f20
[  733.010766][T17526]  ? __raw_spin_lock_init+0x3a/0x110
[  733.010807][T17526]  copy_process+0x3e6d/0x6f20
[  733.010859][T17526]  ? __pfx_copy_process+0x10/0x10
[  733.010898][T17526]  ? futex_wake+0x18e/0x4e0
[  733.010935][T17526]  kernel_clone+0xfd/0x960
[  733.010970][T17526]  ? __pfx_kernel_clone+0x10/0x10
[  733.011011][T17526]  ? do_futex+0x123/0x350
[  733.011036][T17526]  ? __pfx_do_futex+0x10/0x10
[  733.011057][T17526]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  733.011096][T17526]  ? 0xffffffffff600000
[  733.011115][T17526]  __do_sys_clone+0xba/0x100
[  733.011147][T17526]  ? __pfx___do_sys_clone+0x10/0x10
[  733.011174][T17526]  ? 0xffffffffff600000
[  733.011209][T17526]  do_syscall_64+0xcd/0x250
[  733.011233][T17526]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  733.011265][T17526] RIP: 0033:0x7fda8938cde9
[  733.011283][T17526] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  733.011306][T17526] RSP: 002b:00007fda871d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  733.011328][T17526] RAX: ffffffffffffffda RBX: 00007fda895a6160 RCX: 00007fda8938cde9
[  733.011342][T17526] RDX: ffffffffffffffff RSI: 0000000000000005 RDI: 0000000000008001
[  733.011355][T17526] RBP: 00007fda8940e2a0 R08: 0000000000000006 R09: 0000000000000000
[  733.011368][T17526] R10: ffffffffff600000 R11: 0000000000000246 R12: 0000000000000000
[  733.011381][T17526] R13: 0000000000000000 R14: 00007fda895a6160 R15: 00007ffd65d2b578
[  733.011401][T17526]  ? 0xffffffffff600000
[  733.011425][T17526]  </TASK>
[  733.989012][T17541] =======================================================
[  733.989012][T17541] WARNING: The mand mount option has been deprecated and
[  733.989012][T17541]          and is ignored by this kernel. Remove the mand
[  733.989012][T17541]          option from the mount to silence this warning.
[  733.989012][T17541] =======================================================
[  734.490568][T17552] netlink: 102 bytes leftover after parsing attributes in process `syz.1.2585'.
[  734.527483][T17553] netlink: 102 bytes leftover after parsing attributes in process `syz.1.2585'.
[  735.667470][T17592] ERROR: Out of memory at tomoyo_memory_ok.

syzkaller
syzkaller login: [  737.670014][T17638] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2600'.

syzkaller
syzkaller login: [  738.417061][T17657] svc: failed to register nfsdv3 RPC service (errno 111).
[  738.460974][T17657] svc: failed to register nfsaclv3 RPC service (errno 111).
[  739.157895][T17678] ICMPv6: process `syz.1.2613' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead
[  739.354983][ T5842] Bluetooth: hci5: Malformed Event: 0x13
[  739.424684][T17694] netlink: 186 bytes leftover after parsing attributes in process `syz.3.2616'.
[  740.057582][ T5842] Bluetooth: hci5: unexpected event 0x3e length: 726 > 260
[  740.057620][ T5842] Bluetooth: hci5: unexpected subevent 0x0d length: 725 > 260
[  740.073588][ T5842] Bluetooth: hci5: Unknown advertising packet type: 0x7f
[  740.073682][ T5842] Bluetooth: hci5: Malformed LE Event: 0x0d
[  740.145066][T17709] net_ratelimit: 383 callbacks suppressed
[  740.145087][T17709] openvswitch: netlink: push_nsh: missing base or metadata attributes
[  741.194244][T17730] FAULT_INJECTION: forcing a failure.
[  741.194244][T17730] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  741.254383][T17730] CPU: 1 UID: 0 PID: 17730 Comm: syz.2.2625 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  741.254417][T17730] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  741.254432][T17730] Call Trace:
[  741.254439][T17730]  <TASK>
[  741.254448][T17730]  dump_stack_lvl+0x16c/0x1f0
[  741.254487][T17730]  should_fail_ex+0x50a/0x650
[  741.254518][T17730]  _copy_from_user+0x2e/0xd0
[  741.254549][T17730]  move_addr_to_kernel+0x68/0x160
[  741.254582][T17730]  __sys_connect+0xb0/0x170
[  741.254613][T17730]  ? __pfx___sys_connect+0x10/0x10
[  741.254657][T17730]  ? __pfx_ksys_write+0x10/0x10
[  741.254687][T17730]  __x64_sys_connect+0x72/0xb0
[  741.254717][T17730]  ? lockdep_hardirqs_on+0x7c/0x110
[  741.254748][T17730]  do_syscall_64+0xcd/0x250
[  741.254771][T17730]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  741.254801][T17730] RIP: 0033:0x7f9c0f38cde9
[  741.254826][T17730] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  741.254848][T17730] RSP: 002b:00007f9c1016b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  741.254870][T17730] RAX: ffffffffffffffda RBX: 00007f9c0f5a5fa0 RCX: 00007f9c0f38cde9
[  741.254885][T17730] RDX: 0000000000000055 RSI: 00002000000018c0 RDI: 0000000000000003
[  741.254898][T17730] RBP: 00007f9c1016b090 R08: 0000000000000000 R09: 0000000000000000
[  741.254911][T17730] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  741.254924][T17730] R13: 0000000000000000 R14: 00007f9c0f5a5fa0 R15: 00007ffd3e96ae58
[  741.254953][T17730]  </TASK>
[  743.739917][T17773] FAULT_INJECTION: forcing a failure.
[  743.739917][T17773] name failslab, interval 1, probability 0, space 0, times 0
[  743.846714][T17773] CPU: 0 UID: 0 PID: 17773 Comm: syz.2.2637 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  743.846752][T17773] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  743.846766][T17773] Call Trace:
[  743.846775][T17773]  <TASK>
[  743.846785][T17773]  dump_stack_lvl+0x16c/0x1f0
[  743.846838][T17773]  should_fail_ex+0x50a/0x650
[  743.846867][T17773]  ? fs_reclaim_acquire+0xae/0x150
[  743.846907][T17773]  should_failslab+0xc2/0x120
[  743.846939][T17773]  __kmalloc_noprof+0xce/0x4f0
[  743.846965][T17773]  ? evm_inode_alloc_security+0x49/0xc0
[  743.846995][T17773]  ? sk_prot_alloc+0x1a8/0x2a0
[  743.847029][T17773]  sk_prot_alloc+0x1a8/0x2a0
[  743.847060][T17773]  sk_alloc+0x36/0xb90
[  743.847096][T17773]  __netlink_create+0x5e/0x2c0
[  743.847126][T17773]  __netlink_kernel_create+0xee/0x750
[  743.847159][T17773]  ? __pfx___netlink_kernel_create+0x10/0x10
[  743.847198][T17773]  ? find_held_lock+0x2d/0x110
[  743.847240][T17773]  rtnetlink_net_init+0xba/0x140
[  743.847273][T17773]  ? __pfx_rtnetlink_net_init+0x10/0x10
[  743.847306][T17773]  ? __pfx_rtnetlink_rcv+0x10/0x10
[  743.847335][T17773]  ? __pfx_rtnetlink_bind+0x10/0x10
[  743.847367][T17773]  ? __pfx_netlink_tap_init_net+0x10/0x10
[  743.847396][T17773]  ? debug_mutex_init+0x37/0x70
[  743.847432][T17773]  ? __pfx_rtnetlink_net_init+0x10/0x10
[  743.847461][T17773]  ops_init+0x1df/0x5f0
[  743.847490][T17773]  setup_net+0x21f/0x860
[  743.847518][T17773]  ? __pfx_setup_net+0x10/0x10
[  743.847543][T17773]  ? down_read_killable+0xcc/0x380
[  743.847568][T17773]  ? __pfx_down_read_killable+0x10/0x10
[  743.847596][T17773]  ? debug_mutex_init+0x37/0x70
[  743.847635][T17773]  copy_net_ns+0x2b4/0x6c0
[  743.847668][T17773]  create_new_namespaces+0x3ea/0xad0
[  743.847709][T17773]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  743.847745][T17773]  ksys_unshare+0x45d/0xa40
[  743.847781][T17773]  ? __pfx_ksys_unshare+0x10/0x10
[  743.847822][T17773]  ? xfd_validate_state+0x5d/0x180
[  743.847868][T17773]  __x64_sys_unshare+0x31/0x40
[  743.847904][T17773]  do_syscall_64+0xcd/0x250
[  743.847930][T17773]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  743.847961][T17773] RIP: 0033:0x7f9c0f38cde9
[  743.847982][T17773] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  743.848005][T17773] RSP: 002b:00007f9c1016b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  743.848029][T17773] RAX: ffffffffffffffda RBX: 00007f9c0f5a5fa0 RCX: 00007f9c0f38cde9
[  743.848046][T17773] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  743.848061][T17773] RBP: 00007f9c0f40e2a0 R08: 0000000000000000 R09: 0000000000000000
[  743.848076][T17773] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  743.848090][T17773] R13: 0000000000000000 R14: 00007f9c0f5a5fa0 R15: 00007ffd3e96ae58
[  743.848123][T17773]  </TASK>
[  744.338689][T17776] FAULT_INJECTION: forcing a failure.
[  744.338689][T17776] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  744.425533][T17776] CPU: 1 UID: 0 PID: 17776 Comm: syz.1.2638 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  744.425569][T17776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  744.425583][T17776] Call Trace:
[  744.425590][T17776]  <TASK>
[  744.425600][T17776]  dump_stack_lvl+0x16c/0x1f0
[  744.425639][T17776]  should_fail_ex+0x50a/0x650
[  744.425670][T17776]  _copy_to_user+0x32/0xd0
[  744.425703][T17776]  simple_read_from_buffer+0xd0/0x160
[  744.425739][T17776]  proc_fail_nth_read+0x198/0x270
[  744.425780][T17776]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  744.425815][T17776]  ? rw_verify_area+0xcf/0x680
[  744.425848][T17776]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  744.425879][T17776]  vfs_read+0x1df/0xbf0
[  744.425904][T17776]  ? ip6_datagram_connect+0x38/0x50
[  744.425933][T17776]  ? __pfx_vfs_read+0x10/0x10
[  744.425957][T17776]  ? __pfx_inet_dgram_connect+0x10/0x10
[  744.425986][T17776]  ? __sys_connect_file+0x148/0x1a0
[  744.426022][T17776]  ? __sys_connect+0xf2/0x170
[  744.426053][T17776]  ? __pfx___sys_connect+0x10/0x10
[  744.426094][T17776]  ksys_read+0x12b/0x250
[  744.426117][T17776]  ? __pfx_ksys_read+0x10/0x10
[  744.426148][T17776]  do_syscall_64+0xcd/0x250
[  744.426173][T17776]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  744.426205][T17776] RIP: 0033:0x7fda8938b7fc
[  744.426223][T17776] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  744.426244][T17776] RSP: 002b:00007fda8a10d030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  744.426265][T17776] RAX: ffffffffffffffda RBX: 00007fda895a5fa0 RCX: 00007fda8938b7fc
[  744.426281][T17776] RDX: 000000000000000f RSI: 00007fda8a10d0a0 RDI: 0000000000000004
[  744.426294][T17776] RBP: 00007fda8a10d090 R08: 0000000000000000 R09: 0000000000000000
[  744.426308][T17776] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  744.426321][T17776] R13: 0000000000000000 R14: 00007fda895a5fa0 R15: 00007ffd65d2b578
[  744.426350][T17776]  </TASK>
[  746.230627][T17809] ==================================================================
[  746.238741][T17809] BUG: KASAN: slab-use-after-free in force_wakeup_write+0x14d/0x170
[  746.246752][T17809] Read of size 1 at addr ffff888026ffd231 by task syz.3.2646/17809
[  746.254657][T17809] 
[  746.256980][T17809] CPU: 1 UID: 0 PID: 17809 Comm: syz.3.2646 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  746.257006][T17809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  746.257019][T17809] Call Trace:
[  746.257026][T17809]  <TASK>
[  746.257034][T17809]  dump_stack_lvl+0x116/0x1f0
[  746.257068][T17809]  print_report+0xc3/0x620
[  746.257091][T17809]  ? __virt_addr_valid+0x5e/0x590
[  746.257111][T17809]  ? __phys_addr+0xc6/0x150
[  746.257130][T17809]  kasan_report+0xd9/0x110
[  746.257153][T17809]  ? force_wakeup_write+0x14d/0x170
[  746.257177][T17809]  ? force_wakeup_write+0x14d/0x170
[  746.257200][T17809]  force_wakeup_write+0x14d/0x170
[  746.257222][T17809]  ? __pfx_force_wakeup_write+0x10/0x10
[  746.257243][T17809]  ? rcu_watching_snap_stopped_since+0x51/0x110
[  746.257272][T17809]  ? trace_lock_acquire+0x14e/0x1f0
[  746.257292][T17809]  full_proxy_write+0x13c/0x200
[  746.257311][T17809]  ? __pfx_full_proxy_write+0x10/0x10
[  746.257329][T17809]  vfs_write+0x24c/0x1150
[  746.257348][T17809]  ? __fget_files+0x1fc/0x3a0
[  746.257369][T17809]  ? __pfx___mutex_lock+0x10/0x10
[  746.257397][T17809]  ? __pfx_vfs_write+0x10/0x10
[  746.257418][T17809]  ? __fget_files+0x206/0x3a0
[  746.257440][T17809]  ksys_write+0x12b/0x250
[  746.257458][T17809]  ? __pfx_ksys_write+0x10/0x10
[  746.257479][T17809]  do_syscall_64+0xcd/0x250
[  746.257498][T17809]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  746.257524][T17809] RIP: 0033:0x7fde2838cde9
[  746.257539][T17809] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  746.257557][T17809] RSP: 002b:00007fde2924c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  746.257575][T17809] RAX: ffffffffffffffda RBX: 00007fde285a6080 RCX: 00007fde2838cde9
[  746.257588][T17809] RDX: 0000000000000001 RSI: 0000200000001780 RDI: 0000000000000006
[  746.257600][T17809] RBP: 00007fde2840e2a0 R08: 0000000000000000 R09: 0000000000000000
[  746.257612][T17809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  746.257631][T17809] R13: 0000000000000000 R14: 00007fde285a6080 R15: 00007ffccc364f18
[  746.257650][T17809]  </TASK>
[  746.257657][T17809] 
[  746.470147][T17809] Allocated by task 35:
[  746.474295][T17809]  kasan_save_stack+0x33/0x60
[  746.478972][T17809]  kasan_save_track+0x14/0x30
[  746.483644][T17809]  __kasan_kmalloc+0xaa/0xb0
[  746.488234][T17809]  __kmalloc_noprof+0x21a/0x4f0
[  746.493086][T17809]  ieee802_11_parse_elems_full+0xe6/0x1860
[  746.498897][T17809]  ieee80211_inform_bss+0xf1/0x10f0
[  746.504095][T17809]  cfg80211_inform_single_bss_data+0x8b1/0x1e40
[  746.510334][T17809]  cfg80211_inform_bss_data+0x254/0x3e50
[  746.515962][T17809]  cfg80211_inform_bss_frame_data+0x252/0x8a0
[  746.522022][T17809]  ieee80211_bss_info_update+0x311/0xab0
[  746.527657][T17809]  ieee80211_ibss_rx_queued_mgmt+0x1956/0x3040
[  746.533812][T17809]  ieee80211_iface_work+0xc15/0xf50
[  746.539009][T17809]  cfg80211_wiphy_work+0x3ed/0x570
[  746.544119][T17809]  process_one_work+0x958/0x1b30
[  746.549053][T17809]  worker_thread+0x6c8/0xf00
[  746.553641][T17809]  kthread+0x3af/0x750
[  746.557703][T17809]  ret_from_fork+0x45/0x80
[  746.562119][T17809]  ret_from_fork_asm+0x1a/0x30
[  746.566877][T17809] 
[  746.569201][T17809] Freed by task 35:
[  746.572996][T17809]  kasan_save_stack+0x33/0x60
[  746.577666][T17809]  kasan_save_track+0x14/0x30
[  746.582337][T17809]  kasan_save_free_info+0x3b/0x60
[  746.587369][T17809]  __kasan_slab_free+0x51/0x70
[  746.592129][T17809]  kfree+0x2c4/0x4d0
[  746.596019][T17809]  ieee80211_inform_bss+0xa36/0x10f0
[  746.601305][T17809]  cfg80211_inform_single_bss_data+0x8b1/0x1e40
[  746.607540][T17809]  cfg80211_inform_bss_data+0x254/0x3e50
[  746.613166][T17809]  cfg80211_inform_bss_frame_data+0x252/0x8a0
[  746.619228][T17809]  ieee80211_bss_info_update+0x311/0xab0
[  746.624873][T17809]  ieee80211_ibss_rx_queued_mgmt+0x1956/0x3040
[  746.631028][T17809]  ieee80211_iface_work+0xc15/0xf50
[  746.636233][T17809]  cfg80211_wiphy_work+0x3ed/0x570
[  746.641352][T17809]  process_one_work+0x958/0x1b30
[  746.646295][T17809]  worker_thread+0x6c8/0xf00
[  746.650895][T17809]  kthread+0x3af/0x750
[  746.654962][T17809]  ret_from_fork+0x45/0x80
[  746.659393][T17809]  ret_from_fork_asm+0x1a/0x30
[  746.664164][T17809] 
[  746.666480][T17809] The buggy address belongs to the object at ffff888026ffd000
[  746.666480][T17809]  which belongs to the cache kmalloc-1k of size 1024
[  746.680532][T17809] The buggy address is located 561 bytes inside of
[  746.680532][T17809]  freed 1024-byte region [ffff888026ffd000, ffff888026ffd400)
[  746.694423][T17809] 
[  746.696742][T17809] The buggy address belongs to the physical page:
[  746.703143][T17809] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x26ff8
[  746.711910][T17809] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  746.720407][T17809] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  746.728381][T17809] page_type: f5(slab)
[  746.732359][T17809] raw: 00fff00000000040 ffff88801b041dc0 0000000000000000 dead000000000001
[  746.740938][T17809] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  746.749521][T17809] head: 00fff00000000040 ffff88801b041dc0 0000000000000000 dead000000000001
[  746.758185][T17809] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  746.766849][T17809] head: 00fff00000000003 ffffea00009bfe01 ffffffffffffffff 0000000000000000
[  746.775514][T17809] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[  746.784173][T17809] page dumped because: kasan: bad access detected
[  746.790576][T17809] page_owner tracks the page as allocated
[  746.796279][T17809] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x252800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP|__GFP_THISNODE), pid 61, tgid 61 (kworker/u8:4), ts 9119869523, free_ts 0
[  746.814516][T17809]  post_alloc_hook+0x181/0x1b0
[  746.819282][T17809]  get_page_from_freelist+0xfce/0x2f80
[  746.824745][T17809]  __alloc_frozen_pages_noprof+0x221/0x2470
[  746.830636][T17809]  new_slab+0x94/0x330
[  746.834716][T17809]  ___slab_alloc+0xbfa/0x1600
[  746.839399][T17809]  __slab_alloc.constprop.0+0x56/0xb0
[  746.844783][T17809]  __kmalloc_node_noprof+0x2f0/0x520
[  746.850074][T17809]  blk_alloc_flush_queue+0x108/0x2b0
[  746.855383][T17809]  blk_mq_alloc_and_init_hctx+0xc6c/0x11b0
[  746.861204][T17809]  blk_mq_realloc_hw_ctxs+0x8e0/0xbe0
[  746.866579][T17809]  blk_mq_init_allocated_queue+0x39e/0x11f0
[  746.872471][T17809]  blk_mq_alloc_queue+0x1c3/0x290
[  746.877494][T17809]  scsi_alloc_sdev+0x890/0xd80
[  746.882263][T17809]  scsi_probe_and_add_lun+0x789/0xda0
[  746.887644][T17809]  __scsi_scan_target+0x1ea/0x580
[  746.892676][T17809]  scsi_scan_channel+0x149/0x1e0
[  746.897619][T17809] page_owner free stack trace missing
[  746.902977][T17809] 
[  746.905294][T17809] Memory state around the buggy address:
[  746.910918][T17809]  ffff888026ffd100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  746.918972][T17809]  ffff888026ffd180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  746.927025][T17809] >ffff888026ffd200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  746.935077][T17809]                                      ^
[  746.940730][T17809]  ffff888026ffd280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  746.948785][T17809]  ffff888026ffd300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  746.956836][T17809] ==================================================================
[  747.029152][T17809] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  747.036396][T17809] CPU: 1 UID: 0 PID: 17809 Comm: syz.3.2646 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
[  747.047188][T17809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  747.057267][T17809] Call Trace:
[  747.060566][T17809]  <TASK>
[  747.063515][T17809]  dump_stack_lvl+0x3d/0x1f0
[  747.068146][T17809]  panic+0x71d/0x800
[  747.072068][T17809]  ? __pfx_panic+0x10/0x10
[  747.076509][T17809]  ? preempt_schedule_thunk+0x1a/0x30
[  747.081905][T17809]  ? preempt_schedule_common+0x44/0xc0
[  747.087403][T17809]  check_panic_on_warn+0xab/0xb0
[  747.092369][T17809]  end_report+0x117/0x180
[  747.096728][T17809]  kasan_report+0xe9/0x110
[  747.101172][T17809]  ? force_wakeup_write+0x14d/0x170
[  747.106400][T17809]  ? force_wakeup_write+0x14d/0x170
[  747.111626][T17809]  force_wakeup_write+0x14d/0x170
[  747.116698][T17809]  ? __pfx_force_wakeup_write+0x10/0x10
[  747.122268][T17809]  ? rcu_watching_snap_stopped_since+0x51/0x110
[  747.128545][T17809]  ? trace_lock_acquire+0x14e/0x1f0
[  747.133768][T17809]  full_proxy_write+0x13c/0x200
[  747.138647][T17809]  ? __pfx_full_proxy_write+0x10/0x10
[  747.144030][T17809]  vfs_write+0x24c/0x1150
[  747.148379][T17809]  ? __fget_files+0x1fc/0x3a0
[  747.153083][T17809]  ? __pfx___mutex_lock+0x10/0x10
[  747.158139][T17809]  ? __pfx_vfs_write+0x10/0x10
[  747.162928][T17809]  ? __fget_files+0x206/0x3a0
[  747.167629][T17809]  ksys_write+0x12b/0x250
[  747.171992][T17809]  ? __pfx_ksys_write+0x10/0x10
[  747.176872][T17809]  do_syscall_64+0xcd/0x250
[  747.181392][T17809]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  747.187317][T17809] RIP: 0033:0x7fde2838cde9
[  747.191750][T17809] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  747.211382][T17809] RSP: 002b:00007fde2924c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  747.219820][T17809] RAX: ffffffffffffffda RBX: 00007fde285a6080 RCX: 00007fde2838cde9
[  747.227806][T17809] RDX: 0000000000000001 RSI: 0000200000001780 RDI: 0000000000000006
[  747.235793][T17809] RBP: 00007fde2840e2a0 R08: 0000000000000000 R09: 0000000000000000
[  747.243774][T17809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  747.251745][T17809] R13: 0000000000000000 R14: 00007fde285a6080 R15: 00007ffccc364f18
[  747.259719][T17809]  </TASK>
[  747.262980][T17809] Kernel Offset: disabled
[  747.267294][T17809] Rebooting in 86400 seconds..