last executing test programs:

28.399219319s ago: executing program 0 (id=2312):
write$auto(0xca, &(0x7f00000000c0)='\x04>2\x04!\xe2\x00\x94\xf2\xa2\x00\x00', 0x7e)
getresuid$auto(&(0x7f0000000080)=0x7, 0x0, 0xfffffffffffffffc)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
write$auto(r0, 0x0, 0xfffffdef)
write$auto(0x3, 0x0, 0xfffffdef)
r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_SET_WIPHY(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000440)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYRES32], 0x2c}, 0x1, 0x0, 0x0, 0x24004080}, 0x20040894)
sendmsg$auto_NL80211_CMD_VENDOR(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000280)={&(0x7f0000000100)=ANY=[@ANYBLOB="a0000000", @ANYRES16=r1], 0xa0}, 0x1, 0x0, 0x0, 0x20040090}, 0x0)
mmap$auto(0x0, 0x400008, 0x1, 0x9b72, r0, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x3ff, 0x0, 0x3, 0x5f, 0x0, 0x3}, 0x6f3)
socket(0xa, 0x2, 0x88)
mmap$auto(0x0, 0x400008, 0xdf, 0x100000009b72, 0x2, 0x8000)
mincore$auto(0x1000, 0x8001, 0x0)
setsockopt$auto(0x3, 0x0, 0x20, 0x0, 0x28)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
futex$auto(0x0, 0x6, 0x47, 0x0, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff)
sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x64, r4, 0x1, 0x70bd27, 0x25dfdbf9, {}, [@L2TP_ATTR_ENCAP_TYPE={0x6}, @L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x80}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x1}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x8}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @empty}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @empty}, @L2TP_ATTR_UDP_DPORT={0x6, 0x1b, 0x4e21}]}, 0x64}, 0x1, 0x0, 0x0, 0x40000}, 0x4080)

22.557028947s ago: executing program 0 (id=2320):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
io_uring_setup$auto(0x6, 0x0)
madvise$auto(0x0, 0x200007, 0x19)
shmctl$auto_IPC_STAT(0x1, 0x2, &(0x7f0000000180)={{0x5, 0x0, 0xffffffffffffffff, 0x4, 0x8, 0x80, 0xb}, 0xa, 0x80000000, 0x4, 0x6, @inferred=0xffffffffffffffff, @raw, 0x8, 0x0, &(0x7f0000000040)="b057d39cbca4ac6619c8634604cc5e27a8ae7d637d90b4536e89eaa0efc1084c0ba836b58deade55915176862bbf475882b8ff1c76b4f1009348f6a3ece7aa2944a735f97142986aa4b7a5dd8b6b3146eb2fb37dc3f7a49ebc69c33f4d1ffde17193a514121a251a413a6878df020d7a8040107a9958dc49ab0c70c0eab550049393d2298d38b4c8582f3c7296ac9b1aa208fd684a1ffce1797824bacfd1c55e1588887c1d8bc3373fdf1f4cb41d7d17461441a529bdd22a73e9f42dbb6b7e7fe6c77a586634ad3aa5e93edc7a36d0f6aa2f1527aeb5906ff41b61246c80f6505729954679d1388620cfafbb32cf7998dda85a1503380b4214", &(0x7f0000000140)="d05acb81a38634dea141f57d642daeeaaa1b1cea5a1ef0"})
getegid()
close_range$auto(0x2, 0x8, 0x0)
openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000007480)='/dev/cec12\x00', 0x400, 0x0)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3)
setsockopt$auto(0xffffffffffffffff, 0x10000008, 0x8005, 0x0, 0x2)
unshare$auto(0x40000080)
socket(0xa, 0x2, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x2, 0x4020009, 0x3, 0xeb1, 0x401, 0x4000008000)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
socket(0x10, 0x2, 0xc)
socket(0x28, 0x1, 0x0)
fanotify_mark$auto(0x0, 0x1, 0x9, 0x4, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
clone$auto(0x21, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6)
mmap$auto(0x200000000000000, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x0)

19.102069858s ago: executing program 2 (id=2324):
unshare$auto(0x40000080)
mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x11, 0xffffffffffffffff, 0x62)
openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000400)='/dev/cuse\x00', 0x1c1041, 0x0)
ppoll$auto(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, 0xf81, 0x27f}, 0x3, 0x0, 0x0, 0x8)
r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/sys/net/ipv6/conf/ip6gre0/ignore_routes_with_linkdown\x00', 0x202, 0x0)
sendfile$auto(r1, r0, 0x0, 0x401)
socket(0x2, 0x1, 0x0)
write$auto(0xffffffffffffffff, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
madvise$auto(0x8e, 0x3, 0x7fff)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/loop8/events\x00', 0x100, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000001c00)=""/4111, 0x100f)
r3 = socket(0x11, 0x80003, 0x300)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
setsockopt$auto(r3, 0x107, 0xe, 0x0, 0x4)
futex$auto(0x0, 0x6, 0x9, 0x0, 0x0, 0xffffffff)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x4, 0x15f4da0a, 0x1, 0x3, 0x1000000, 0x80000001, 0x7, 0x6d3c, 0x5, 0x40002]}, 0x0)
futex$auto(&(0x7f0000000080)=0x1000003, 0x3, 0x1, 0x0, 0x0, 0xfbfffffa)
openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, 0x0, 0x800, 0x0)
read$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffffff, 0x0, 0x0)
ioctl$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffffff, 0x1, &(0x7f0000000280))
syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_DEL_INTERFACE(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4010}, 0x20000800)
ioctl$auto(0x3, 0x80000541b, 0x38)
sendmsg$auto_NL80211_CMD_REGISTER_BEACONS(r0, &(0x7f0000000200)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x60000000}, 0x20000000)

18.014054832s ago: executing program 0 (id=2327):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
io_uring_setup$auto(0x6, 0x0)
madvise$auto(0x0, 0x200007, 0x19)
shmctl$auto_IPC_STAT(0x1, 0x2, &(0x7f0000000180)={{0x5, 0x0, 0xffffffffffffffff, 0x4, 0x8, 0x80, 0xb}, 0xa, 0x80000000, 0x4, 0x6, @inferred=0xffffffffffffffff, @raw, 0x8, 0x0, &(0x7f0000000040)="b057d39cbca4ac6619c8634604cc5e27a8ae7d637d90b4536e89eaa0efc1084c0ba836b58deade55915176862bbf475882b8ff1c76b4f1009348f6a3ece7aa2944a735f97142986aa4b7a5dd8b6b3146eb2fb37dc3f7a49ebc69c33f4d1ffde17193a514121a251a413a6878df020d7a8040107a9958dc49ab0c70c0eab550049393d2298d38b4c8582f3c7296ac9b1aa208fd684a1ffce1797824bacfd1c55e1588887c1d8bc3373fdf1f4cb41d7d17461441a529bdd22a73e9f42dbb6b7e7fe6c77a586634ad3aa5e93edc7a36d0f6aa2f1527aeb5906ff41b61246c80f6505729954679d1388620cfafbb32cf7998dda85a1503380b4214", &(0x7f0000000140)})
getegid()
close_range$auto(0x2, 0x8, 0x0)
openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000007480)='/dev/cec12\x00', 0x400, 0x0)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3)
setsockopt$auto(0xffffffffffffffff, 0x10000008, 0x8005, 0x0, 0x2)
unshare$auto(0x40000080)
socket(0xa, 0x2, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x2, 0x4020009, 0x3, 0xeb1, 0x401, 0x4000008000)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
socket(0x10, 0x2, 0xc)
socket(0x28, 0x1, 0x0)
fanotify_mark$auto(0x0, 0x1, 0x9, 0x4, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
clone$auto(0x21, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6)
mmap$auto(0x200000000000000, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x0)

17.704214946s ago: executing program 2 (id=2328):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0xa0302, 0x0)
mmap$auto(0x1, 0xf, 0xb3, 0x9b73, r0, 0x28000)
mknod$auto(0x0, 0xcb, 0xfffffffa)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000)
write$auto(0xffffffffffffffff, 0x0, 0x2fb)
execve$auto(0x0, 0x0, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
mmap$auto(0x0, 0x10000, 0x4000000000db, 0xeb1, 0x2, 0x8000)
read$auto(r1, 0x0, 0x20)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
sysfs$auto(0x2, 0x10000000000048, 0x0)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0)
ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0)
sendmmsg$auto(r3, &(0x7f0000001100)={{&(0x7f0000000000), 0x7fff, &(0x7f00000010c0)={&(0x7f00000000c0)="9e7d9f4600ee50ec2403ce9ac540d31b1306170885d06f279b5bb289fe3fae6d1798eec80d999b97b9aefd6efe8e9130a8827bd84ac1124753a824f5461db5e45a5446435efd84f6f91623c7dc134776d61701ba80c822c392b8931f8f1e8c166a2d536ac941e894f6bc34549897ef8c60be0d304ea384a74616cc3fbdec5f6e4790b6dde7a0bc3a66a6bba72c4c92458169d57f709003f8ff4e0a4abd1a8b7941811da1befec6f55aa419f1cf837a282b3545237856c5fe2d629558ac1b78a61cc820e9c129f242d434db9a94f86c91b17081c62b7728eabe08621d1fc53ffac806336d124a070a8a5b24935b155cc5b67eb38924646a61a398bd5d7a3aa13896f40b9aae224f231c2772b6b430ff36e6a1eabf85a555fae8ca18c653ba7992a823eb411d30ef6c309b461901e7312406431c489f30f4f2cb78c6ae8240724cac485fc472734d77cb03b8b567ae2b3133e47fb8be3a10c9ba6e0618f81af7c46b77c1a651d6b27e5365a9ee4ec0ae308d7d606366dd0b454a32281cf0d62e652184969f1b70fb84043e86cd4ebaf7a18b90848dcbd24e93d1c1f8662dcbbf9f2303805ca330eb7e638ad7904ca4844e7321b5310a7ef6fc4416128a2a7d2093f0de6a14b413a697ef0386b79b5c8d049562e84486497eca733eea28c8b59799bd9bc5a28261ade659db964684fd2d28a8ce2c1d8a206176d03947cec9d28a3a7d116f31485b42bd58a7427670a821af535d29747c2cd4432c2afe4151a72fb7f1a7a079cdd4029a3de7b72c9f1c6cce87fce93fc1e573f125ec12f8a2ec4e9e17ce709c0ddaf243f3965497527aed02ba5e3bff66b191b13baa011765ac6cc9afd32b7fa60f2735cc8908cc58cb350bca837f4677c1fe4dd906efa82dfc2ec5c97c456dfc0275c4f348a127ab8207d7e89d5de1602db74f2c2934cdeb039f51f5d1d3e28b4fc848aaf589d57a744195b724bd0124c6f47d37f7aa67aed9bbef7cc78b7e72f212edb8796bab211a098152fe0fb9b838baedaebb4343a3fbcad5944c40cfe44384e4702fe516745bfb1902931b36328559ad356426546010776fa9c66fea1c5116bb1aea2b165243fab670c335e8880e5a6f20ee00ef92e94e3d787446eb9d6e6fa87708c4923abd39e028736dcbf1f6bec0a3a005d6f2df1634d4ba6afb89c9effe4d49806e0effb1041dcb589400783c95dbb0f4cfd2f3b284f6c5f8ea22b6d4aed9ad61b64764e3536b9993b025fb0a10ffe44f5c86d25edd2fb6c49c77672d2ee8201ff0905f213409e5c4e49ef0f4403db9f723671dceb3204761cf55aea58352e5df9b7b1635d2367489921d9b1883b6b10d81ef7239ac0c78cb0ed8d64448e3e0e5f8275c09486cdc2af25c7d385d1fe1965c82507f2a05e99d2a29b3bcbf2b348991fe9b9c556519d90ba232d756a5699513e133fa1e1c82efbe671d04bd380cf472f9e55eeb915ef77a69124e5ad22d74559372d7eb94dad8eafb2ea64973a6a59c4b1fede4a060b8cd351c38e2e662308d48d156f77bee15ef2d9fdd179c3ae68ad42008bf0200d8f51cea40c03894184a40983a2e168cfda1f04335953d1e266577f3a305e1203a7516f6f901d8d7eeb35e771cd4fa0c136084279647f7b610ef78f2a0e5da19f58682eb59521bfb18c2dddefe38037a81d2bf9033e8d79151499d552088125b47c880e75fe02e54fd4447e8e0e4a561f430a244d0e40dbe7d654d247d032f8cbe42cfd6231e4ed28913f45622d2c4b24927f4d1412ba5c00841de892768c762cbfe58e002e9e85f0274959ded922639fb645a6b7a824b2e3e108823c9b142d98413855b9b3bb4e273a34bb4d4dab21cdd696d7b0007d43ed9966f9df429e9a4949022b61b5404b6ea499716f58230e02f9d10b901a911cc78a4e843eb588a97244775874c127bc28e479a4b8fb28572ebf44632a65baa63ab6b8d3b4eaaf24c7585af4ab355833d0db84fc6301c7a270bd8e3859f71099d6a28709757454768d7045743e83ae8fd8d03cf8f2774a044147f4f71e9a69c9c6926c28ee21b035c0e824bfb260f98cb61233d50d9174e0b456a7f5595388d900a45a92a3b4b7d3912192cac54cfc95d1a0437ab01adb9f42936a9fd040c3e6ec31972158b2cb78996e718e8127fe59ce3705fad3d48b0293120acfd6354cfc7fb7e8bca702306b0cc19ff73ef313358b02d82c1cfd52a0ee85de9c9a47e1c99da9b0054fc41b6dd0e3ae7a5d81fe96a9a5be7efc8f91387cfbd44df7547898d47e8e5346b5a9b0aebd2d0e80fa713a7df5ad8e36207db79568b647a44841f7035872cf93720117ced5406958d79891fb83ede6526e385ca3671b4559426fc29da59d83caad17c32f541f51c6885d3392ab3fac68fd3335c5805a3345a8474ce876123d74e2a747839316a9032213ab4e6aabffcbdf9a801fdfec68090642ebf31d816e156ba3789805c6178566d107c4369bcc6ff365790999741c3f44c86da4c93f7d891dbc6af7aab21034f1f075731a0f7704e8ea6395b56784cd0ea1037e581c580354fa3f7f2b2070cde92a9cc0c42666bae1684fbe16e5dd058fcefb0befd52ffc5ff62e951b8330de8f251a5accff22227c1f30004020c29d17edff1ac78e50f57905bde85279e46c95ea78b02dc86d2c69294976f463d4a6a5ad551b7687ea195a5e15f8ddbe700b5f9679313803c01d4e93deee65ad0079c62b762b628dcd28e1088195a5927d0aa99dde7727170cdbfdbb1accf06faf6c57a514cde13f6e51e196a57a4ce8cf046d647021622adb28ad49c606c806410ecdc84e61f73e50ea7af451d86ad4979d614a23c78809f47fdd0e2436264e200e95f0b7ba5b301130b469e2f95f1da29fddc4a13dd1c221e4c3120db2eca1c0aa9ebbb717ef32fda8c52ebb5bca6529f5b69b5725a23d19e97845ae96171089c456c22b311b66da1b62c4f97150e1bb29f21590ab4f6a954ad7ff38b1ffbb53819266114be1fe57d4fdf4a8ae81ceb1ea8b71ac3620c25225707b98dff3125029b9825a3098da7f6f5cd4360b06eb92c7c9db3867f392a4d77bfb3cabc77a48b7ed292412e13d539428bc74c29cdffa92685cc51be9d17a4cba19757d79e389d18332625cf57a6dc285be59d7e9fee099dd82231a7b6f659edf993c0e30948d17565467c8a421be4d39b5189b47315f18975fc3d24fed90cf22c797b8e3b02dda0d33d7c9551bd49187a03d78457804b85bd99352ea07990e63ea3f734392534ae71abd27500f47148c1a95a0c995a4f2ce4a0a21b3eefedd33453e8b48227e3038929e74b71042859cf0dda46c3ea5e0a55e9651ccd7c6cd70dbde92e57d10fff26fca69dabce3a30732e6d3640fe0558217e92b5b690330cf518a5e06168bc08b9ee0045278c5b71fbffac40063d0394446432e66ff8550c7ac925cf0e3f12286b4e7283d139ef4cd9a80582f0848c7ed0773f102136fdfa358bcb4e35f6d127067779caa3ad6f3427801c7f75e502fcbfbe2902562a6c6ebcf354e3bcea5864732ada9a25588bfece59209bca09fecadcf859fcc744efce118a37e3857ab25341d8b36601d0671c7a46d4d4b60bac767dbaafee051e7c25ca26d2de7f4d46c5d7097749258698a9519647c5c1296b0af574c1f423b37e45e52115da71a9462bb0cac016004d979d1952da95fdfbfdf7a5c5a167eab801f83c126f3e28c3d4be15d18e181de188b3763d52da0880cfec493adac2c0ca1a6b504e5d37534aa7f11492fd86e4911c86f7abd54c3300c425be2b492416c623dfcbe4611d48a38370b6f875e85310af815c11df33ebc1de33817602692c26e76e3f65c70038289eb3e0e4365ef69e85dc44bf74e83a549f8942cad985f0c50477eeb57f4ea477819a2162c8b6a94d1f3ab21da3c39de867f618f9aa14c472d04bb1991697405588d05d1e276dd200877a955db305e32ea038209396517ea59b09b4d21d730d5424e09da28a0794e147d80b67a572cc89eb1fe708b02d407e74913c1179510d929fd15071ff0410088719976ed689f06333bc28eeefbeef0d3fc31794e11598db9bd134225bf22434d17cfb1497c7bf734891574bff2f91adc8c7576d728bff3c2f41981bb0dbb63112dc15aa5bf692a2768c91b6ad3b76d26551d9df5f577316044e4ea576ba283e1ff2eda62b2407a7aed9591b154365c0e8bd3f45403605fbc005302814ae3767565a9dad9b08fe3d81c0327299edef29aa7bf5eaa0d551f65d5877420f01124b3600769bf5858ca80cc5fe544837affe5a9a03d7edb202af11d2448a7d7b4eb3bfa9f3b61b061ccdd458489c2f48a4cffabc0661abe9fcb555a7b09a5d39feeddac38ad15193580f50e39ec6a4e031015004cb5f4b625d25ee5e49c2a2d586cb7c42eb5dad435a0c5c7bc9aa6ec64900d698a4ce525b03a3b77594db54f08e572aba0aeb6997214552198be4106111a1599ba3cef217140539209ace9524b52957195d9f3233b56b4724b55a10d38e3577f7fd2b85cca0d9ce275651ccae890d6f7ea4b4755d52710eaa14f00d60732a375b055de553e7db65c3aae7333324ed735efa912048b7d4e70a3f0aead47852d2a7a8fbe4ef52a62e95532ff87e7f0cb0a127ca36d3d6161c1c83c06626c7352b02e5d7b83e290f18c2be743c9c485e80b6ace20bd874e1e3934947f3aaa23522fe0f"}, 0x8000000000000000, &(0x7f0000001200)="ceb2cc9c342b130908aa3c70d7e7c8439b5b826e3dbab6fb3a6416034739faadcbf13cac082ce08f7f91cf508fa5d15489b4538c0ada0216657971f2d00c3a90dee2f9aede9190a529b732d5a48919a68c3a843cf7bacaf08fab3f9eb0900ae9fdb2ba8952dce749f1494e113b3db28b5d29264eb3651a5ee0513fa2c34b993201a0d3837c74de32d97600ca61fbac5b21718ed50fcf52fb5f268bd2dd4d70dac23240aff78222684e333432175704061dec468d81dc98a88130b6b92cff3fb75e74efc08979465b3d3224da3226a8aa8f18313ee103e4983e0545720b1a8f6451bc0904a58b89f9cea8a6fde277513a1a6aa2307f66e6af0f2a7207c1e7514129b9f2a4f458a96a2d622eba33d3df14aacf1481d5df2c6410944f0a3dc61fcd56065a2242c887c1c7159ada771eb87dd9dec80d3f588cd11991a97f440b663456c8ab370127d2888fc148cce18aa87dbf55715d927adc2b3882c838b13359a8bbdd57b80cdc750917ad51720d2f74aa21b84354a0af9b2d18d56aa3fe323de558c8891776655fd2d55792e6f52b10d21bb3be7f3c382bb790f7792cb2ecc8eaf44458756b184b42dd07ab0ae4378b76e988cf8be6c5bf45e0f3852253fe1304101b04ce0dec060f6697c1691d5b257a1c5344c4871ba9f6cc6867d3fea2083f29430168344403794ea1be78dbe5d2dcadf9a2cfb9d2b46664c704ed405b1370de661c92e9dc5ca501642bb1d58a5b16522d8ae5ae26d1242e1276afce801e32f73c1134d60faf4edd621dc87a3571ecfe406099886a90ec63484ef17902444567daa6160ea53ee4d9e9b37eeb0259adabddd0b15564860dda78ff49bd15ea77308bf1a689a683e5d674f39f207977f5043e4c9573c3d8b06d2eb098ab08dc3f9b5e654b80803e1bbee825f949cf86c79aab5594f1787cc44b474a63f230bceeb414629c10cddd556fc2cc1eb5cb92552578804f303508daee1ca55c9aef208828a4122168ce0eb08f2f05c0600589712e3769b734284be760a53985b5b68e261bf0d7c039654e836ccc32c8ceaafe2ab0b71810388740629fd9749cc54bbf940eeda99a51dc3b039998f91c444462315c25f49d6e8184ddd5b81e57b01441ba8b42ed145ef4810e5753eca8d6762aae4b297af238baa7ee5323d528e30999c3a90744052411635f950a463069cb3c5eb0090a267df4554e0f4cf075663d4482669d82c50afecfb46f0832331c9c299446440dc685b50a937a257f31664046cdfc5e608e5dfa849fc5080828b66486b61e646ca4a30d5158ac68686a05af03dc8f46e356bcc4010c8593142bed9bae7b432672f416edf815d837fb7d510f744e337d318c2ca53e1f883f8eb38c0e9941416bf8b2d003fb2786f9d303f29eebe139b84edf1d93fa213ff38b2fb1c688a9dad96f14f8641dde7ae5f8e4b59795f26e092d832883ca1d6a4be359d351c1a91ddd79905f11211cf61ebb4c1a5849734c60f4018a7591eb7497213bb2d68f5e0dd007743008ea4d77be27eb4adeb554f24c92af373b33f590129bb00eb5e546bc4bd7fed8d977c7269af7868c7c3b1bc5cc9cf302d99a56b23afdc500c15496aff18330ebdc22fec6e5b701b33acf21d15879e3d63504e8f697eef966d82c450d5cf8e8f8eee7e8e814f9822afba9ed91c57a7a4ae2f22a4160e7536d5e5daeba60f738bb43d2db8485ddd140d712de0734ccfb9a99d3cf8acbd71bf6c805788c7f12a44f0455ac4d39d83abc684e34a0a7b679320f1fba0fabf31dd27965858d8f4d40589957466889567e5f6db43dbe3d7580e1d6ba8ca14703adaf47ecba6aef595db9315eb83a10a87d48f4daea4d30ffe25e6ec1b14cfbdf1b52a4c977aab618282ad55cf290ae1dd7f240fdaa4fe59140da7e8b561aa987f6964809660b0a5dcb37789ed3ce04ae60fbcd4af43465e628db13dc115f20b63ccaeeae9841b96a0b7587b66f0ed191aeda427cdfd89d06e2246dea7a51b38e8e77dee91b4a4c4bb19e7d23570bcbc0d103009bd54c52621cf95c4e7cf22e45624e675a59f79cebf86fa030017632d64d90b1e0c34c3c2501368af742e3b7b8f96e696c592314fb52b0a52d4df409fd3e5b3d9601d7ec0e6f9ed4a41bb456618e9e421f6d990c4c5a878467cc237816f8cdd655f4cb70e6090559a6ddda7db544190ee9f86330318b6edaeb92c49dc455bc23961f379b7c8502f750e7f7c8c3358ce1351b5546e2d0e65a9548aa1fffd2b93e85032ff99535bc25f69be51cdece9d7bead784bef98aa4f75d063c128e3c8d2b3a786f398e864e0196081fb25d82b2bd7668d2aef6463afd2fd2301b6dd1951461faf835baf48006722b07300c44846aa089b0df1236ea0fbb6239799ed86d2d32db67ddfb83edd273b46aa67bce87e946582123513af671247516eab4d1df89821f26948feed109f6e33c74f8d60fe54890b5cf6c10dd5988be279bb86c343e8a3db29cf8d287b58d23e5e20364168882a35dcfd5075e85bc8c2fadd88c8a4830b0321486963c79afa92c0acb83562a850f54c3a8a14cd7352b63b74ef51b2becf12d302bcc2541a9765e9cb8bb1ec19c229f4a40cc8a58a49d20d002809dda16d6c20cbf15e00514a5f39d3cd24b1fc313937c39edcf136b5f253c9b3d3c52b8a815f93fda605f83ff4d40c03e847ae5a567c99647b7adbad018c830a5768ca7c398d29054b4fbae7bce0f36c0755f8b0cb0105ee5c9dcf803d92408ff858215f06f4120ecb57665d50cc06f352176933ee6c4a833fb8ba542b81807769cd1de7bbe074c2c4dd2828395cd267fc08d22c3d8909f0575877905b4ce22d2188bc4212dbbb2917dc8d4da72b62a304a1d59d58afd4d9650ab0c99eea6b30664b15dcef6bfeccf63ac02afba740f26f3e4a2274c1e0cf5366c7b25dc02585c3536edd24c7ac4df2b441919e21cb0bd5f88850f052982dc71528f9d805bda14f8b4c2740faebadea02e7358f4825ea1c2bd48b0e20f67479948d1381d0a9509a9a1148f8379863e4775f145dcda80b44b264b1cd94685adb44cf1489c11967c621a991d41e34e983f0795b298dcfdbc87aca7fc097ba276ae4a43599bcee2f0fefb62bb0546461a0ac078de20b7f3a67a6f5a99af68cbc5e3127ca2e79bfcfd605cee0377744bf7349293c5f4169bb933123ab029b44d86297da5b29f039ebc9322881af993841f0ce8b38036c112a73cb91575013ff29ca0382b0d53118e975d7df9c0b386813b68c35f773f69743af0ab097ef247fae240872119996f46efb07504c8bbdc0cdefe2d4fb79ad4d967417dc6a3a2b98aa239b30341b49b88e4fbeac637abfefb0991ff75758083c0f19d7a582044e4b518645dbba305cc0ee9e9f26d7ac469a6a3c048f1fe42e98eec342eb169522c1ad2167ca055fc2bcf9ce03817794c0513abef5dc24fe454cdb43eff3c396781afd9f1e3a5b5829b5c9b979d826a09c990837bc3ef37f6d8a02e0fc20ef6383f34162e751f9d1abbf52ff932186f93ee422b246711cae3a7d98177450156cc0dbc02a5ee62ac8e25bc1146dad6d282ba080182d7f973c2d5c3131b1f2e392b57784efc04eb8da43fc0972951a984b6212ca713060d37cdc246af0df1bbdf855bb97dc60e06188f47e0110cce26c8863e7448b5c30bb7e6c0ef067cd239dc585ae2816678330485bca7f1f2069ef45e544a076b0d8d75f7dfccd30254c05035f9944cb49e98641b338a24a2fa494ee030b419c5660c761815f301ce8c1aba99d15edd103c6ecd019a45c3222200fde3170c45162f958371ade82f2465471da3cee285fd7ffa42abbf69c56801734be7215f5008653b9937e13d1e58df4d657a70112acb4dfc0c428ce249cf2452916fbe7e7c8b1fbafb779b6f4156454ff1b6189cf67815b0aedc79243c9b116342391ba6fb093aa1fb888be243bdeed7e04d2531b74bc6309541a4c6c20f7eda347f7271820e74e30b4598e53a0683eb58ec81e60fba90a9f5d2cabfa60bfcf53354d052ed0f5ad4fa2e2a011424467e507cd4c59dc55a76aaba857c822904ed3270dd7aee6a19f86ac59764e3ab077b9f3450f0eb40961ae18785762950fb1573d6b634fd0f1315d8cd906e7acfac793b96da13f4a1e780a6e65e05a377d254d696a5af5d0a60f308a2da018740e9c5a3b66dba45f919714a1efa91e41aea9df31b9fd8748573f47ac56bb00640c021b7309d39c4aec308416646ca2711c65a12ce2013d273bd4b3ef6d0791678808da4be899194f92c74b7264737507a6dbe9bf7c9c48b533a649402a92e633bd84acac3e9f498deaff02397e42779e14058e1aadea8ac7b3bfe276de2d2d6841d741373b4889ff82e12fdc73ac8df6d1ff27e472ead0a77cb5a8c9cac4b37ec0d52c14110d3f7dc71066220eb3c47effa19010a85d64775bfcd38807e9997a1573e1989e82b76f355a69da9862f8e35548c31c060f703f24dcde8a4cd35841b0cdb9bce8f33fb0b152ba520ada17b48f675007a0a22c8b8ad9e6666d5658176b0afad31782715d53e6478c549ccf48ddede23f701752553878f6829ebcd9439da3bd2edb0eb8c131ed70fae508f5301890f02e8e4b6ff2abb3a2057594799b32c80f4e32dfd240ee18b4cd93b939c38797d70bccbcfa8c48eafe6640f775cb6c28b6169d94fc10b4e7d0f536c6f9664af2432ec233afcfd1a482704d4037f592fa5d351bb0874fa774840b44f2ba2fad6afe3d2f13014bfb3298998377c1e24bc11a897e325251f27793606c1e8e6484f4f8cdde80cdc327e6d8fed022ffa35c6db66273c3c220ea5540fdd4740a8157c8cbe8bfb6b3aebd661eb358fc1361221ad78b3a770b2949b42a0b263744180103f306c217d4255df105ad021c1c5c1c747f1d440a8e8232e5859ece2578e8663e31f8aab67912ecea82a102a2d77fc097e1274e8edb5bc6e6816eea0141d8f4e4d118921adfba028f6a59f1dca5f007bc5a6dcfcd958e6aa61207f5cfcbf6b08021799938a088401ea2d27dbc3d386fd1c34dd7611c9c235d9cee0f6f3914754b5a701424dd435ffc9427a0473af57866654cf26e7e9c0065caf6dcffc1545b441", 0xc6d, 0x80}, 0x7}, 0x7f, 0xb485)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0004, 0x19)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'wg1\x00'})

14.795632895s ago: executing program 2 (id=2332):
mmap$auto(0x9, 0x202000d, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000800)='/sys/devices/virtual/bdi/43:384/max_bytes\x00', 0x181482, 0x0)
read$auto(r0, 0x0, 0x1)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000080), r1)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth1_virt_wifi\x00', <r3=>0x0})
sendmsg$auto_BATADV_CMD_GET_MCAST_FLAGS(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)={0x1c, r2, 0x95bda67d863ba7af, 0x70bd2d, 0x25dfdbff, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x20000000)
r4 = prctl$auto_PR_GET_NO_NEW_PRIVS(0x27, 0x800, 0x0, 0x1684, 0x24)
write$auto(0xffffffffffffffff, 0x0, 0xfdef)
shmctl$auto_IPC_RMID(0x2, 0x0, 0x0)
r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r4)
sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000780)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000740)={&(0x7f0000000480)={0x9c, r5, 0x300, 0x70bd2a, 0x25dfdbfd, {}, [@NL80211_ATTR_DONT_WAIT_FOR_ACK={0x4}, @NL80211_ATTR_CRIT_PROT_ID={0x6, 0xb3, 0x8001}, @NL80211_ATTR_CNTDWN_OFFS_PRESP={0x73, 0xbb, "87dfa70f715a69d1fc54266aec4cc3595bc0ab4914f325f960b4ee060573d66d501b7a57787fba9cb3c9bbb66341f64097b10f468909f87aa0033ff8a22f38b3084e00dfe89baa71b0cf9cd6d08e310e69b0952f96a470db0ad8ee2ed9383e0eb600ee830097a53329d44046cf9972"}, @NL80211_ATTR_LOCAL_MESH_POWER_MODE={0x8, 0xa4, 0xa265247c}]}, 0x9c}, 0x1, 0x0, 0x0, 0x4000800}, 0x800)
mmap$auto(0x0, 0x5, 0x6, 0x13, 0xffffffffffffffff, 0x8000)
openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
r6 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2000, 0x0)
ioctl$auto_EVIOCGMASK(r6, 0x80104592, &(0x7f0000000080)={0x2000, 0x800007, 0x5})
io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r7 = socket(0xa, 0x801, 0x84)
getsockopt$auto(r7, 0x84, 0x10, 0x0, 0x0)
mmap$auto(0x0, 0xfffffffffffffffe, 0xdc, 0xeb1, 0x401, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
ioperm$auto(0x7, 0x6, 0x1)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x500, 0x0)
unshare$auto(0x40000080)

13.667456673s ago: executing program 2 (id=2335):
write$auto(0xca, &(0x7f00000000c0)='\x04>2\x04!\xe2\x00\x94\xf2\xa2\x00\x00', 0x7e)
getresuid$auto(&(0x7f0000000080)=0x7, 0x0, 0xfffffffffffffffc)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
write$auto(r0, 0x0, 0xfffffdef)
write$auto(0x3, 0x0, 0xfffffdef)
r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_SET_WIPHY(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000440)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYRES32], 0x2c}, 0x1, 0x0, 0x0, 0x24004080}, 0x20040894)
sendmsg$auto_NL80211_CMD_VENDOR(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000280)={&(0x7f0000000100)=ANY=[@ANYBLOB="a0000000", @ANYRES16=r1, @ANYBLOB="02022cbd7000fcdbdf256700000074000e80120002d7de5f50a647ce5f4f18227bc031b80467ce3e1653ae43673df98e4ea31e9a9dfcc6aae9e1800dcbeb8c9db083f7f721f4d75a02e5a0fc8cf0bbc1daf87e010000000000005fce8525ac9a85a7d19abf7b70ad9779ab8675b79db900000000"], 0xa0}, 0x1, 0x0, 0x0, 0x20040090}, 0x0)
mmap$auto(0x0, 0x400008, 0x1, 0x9b72, r0, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x3ff, 0x0, 0x3, 0x5f, 0x0, 0x3}, 0x6f3)
socket(0xa, 0x2, 0x88)
mmap$auto(0x0, 0x400008, 0xdf, 0x100000009b72, 0x2, 0x8000)
mincore$auto(0x1000, 0x8001, 0x0)
setsockopt$auto(0x3, 0x0, 0x20, 0x0, 0x28)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
futex$auto(0x0, 0x6, 0x47, 0x0, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff)
sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x64, r4, 0x1, 0x70bd27, 0x25dfdbf9, {}, [@L2TP_ATTR_ENCAP_TYPE={0x6}, @L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x80}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x1}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x8}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @empty}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @empty}, @L2TP_ATTR_UDP_DPORT={0x6, 0x1b, 0x4e21}]}, 0x64}, 0x1, 0x0, 0x0, 0x40000}, 0x4080)

13.583291353s ago: executing program 0 (id=2336):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
io_uring_setup$auto(0x6, 0x0)
madvise$auto(0x0, 0x200007, 0x19)
shmctl$auto_IPC_STAT(0x1, 0x2, &(0x7f0000000180)={{0x5, 0x0, 0xffffffffffffffff, 0x4, 0x8, 0x80, 0xb}, 0xa, 0x80000000, 0x4, 0x6, @inferred=0xffffffffffffffff, @raw, 0x8, 0x0, &(0x7f0000000040)="b057d39cbca4ac6619c8634604cc5e27a8ae7d637d90b4536e89eaa0efc1084c0ba836b58deade55915176862bbf475882b8ff1c76b4f1009348f6a3ece7aa2944a735f97142986aa4b7a5dd8b6b3146eb2fb37dc3f7a49ebc69c33f4d1ffde17193a514121a251a413a6878df020d7a8040107a9958dc49ab0c70c0eab550049393d2298d38b4c8582f3c7296ac9b1aa208fd684a1ffce1797824bacfd1c55e1588887c1d8bc3373fdf1f4cb41d7d17461441a529bdd22a73e9f42dbb6b7e7fe6c77a586634ad3aa5e93edc7a36d0f6aa2f1527aeb5906ff41b61246c80f6505729954679d1388620cfafbb32cf7998dda85a1503380b4214", 0x0})
getegid()
close_range$auto(0x2, 0x8, 0x0)
openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000007480)='/dev/cec12\x00', 0x400, 0x0)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3)
setsockopt$auto(0xffffffffffffffff, 0x10000008, 0x8005, 0x0, 0x2)
unshare$auto(0x40000080)
socket(0xa, 0x2, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x2, 0x4020009, 0x3, 0xeb1, 0x401, 0x4000008000)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
socket(0x10, 0x2, 0xc)
socket(0x28, 0x1, 0x0)
fanotify_mark$auto(0x0, 0x1, 0x9, 0x4, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
clone$auto(0x21, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6)
mmap$auto(0x200000000000000, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x0)

12.058481728s ago: executing program 1 (id=2337):
unshare$auto(0x40000080)
openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000400)='/dev/cuse\x00', 0x1c1041, 0x0)
r0 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/meminfo\x00', 0x0, 0x0)
ppoll$auto(&(0x7f00000000c0)={<r1=>r0, 0xf81, 0x27f}, 0x3, 0x0, 0x0, 0x8)
r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/sys/net/ipv6/conf/ip6gre0/ignore_routes_with_linkdown\x00', 0x202, 0x0)
sendfile$auto(r2, r1, 0x0, 0x401)
socket(0x2, 0x1, 0x0)
write$auto(0xffffffffffffffff, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
madvise$auto(0x8e, 0x3, 0x7fff)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/loop8/events\x00', 0x100, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000001c00)=""/4111, 0x100f)
r4 = socket(0x11, 0x80003, 0x300)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
setsockopt$auto(r4, 0x107, 0xe, 0x0, 0x4)
futex$auto(0x0, 0x6, 0x9, 0x0, 0x0, 0xffffffff)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x4, 0x15f4da0a, 0x1, 0x3, 0x1000000, 0x80000001, 0x7, 0x6d3c, 0x5, 0x40002]}, 0x0)
futex$auto(&(0x7f0000000080)=0x1000003, 0x3, 0x1, 0x0, 0x0, 0xfbfffffa)
openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, 0x0, 0x800, 0x0)
read$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffffff, 0x0, 0x0)
ioctl$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffffff, 0x1, &(0x7f0000000280))
syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_DEL_INTERFACE(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4010}, 0x20000800)
ioctl$auto(0x3, 0x80000541b, 0x38)
sendmsg$auto_NL80211_CMD_REGISTER_BEACONS(r1, &(0x7f0000000200)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x60000000}, 0x20000000)

10.953314568s ago: executing program 3 (id=2338):
write$auto(0xca, &(0x7f00000000c0)='\x04>2\x04!\xe2\x00\x94\xf2\xa2\x00\x00', 0x7e)
getresuid$auto(&(0x7f0000000080)=0x7, 0x0, 0xfffffffffffffffc)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
write$auto(r0, 0x0, 0xfffffdef)
write$auto(0x3, 0x0, 0xfffffdef)
r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_SET_WIPHY(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000440)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYRES32], 0x2c}, 0x1, 0x0, 0x0, 0x24004080}, 0x20040894)
sendmsg$auto_NL80211_CMD_VENDOR(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000280)={&(0x7f0000000100)=ANY=[@ANYBLOB="a0000000", @ANYRES16=r1, @ANYBLOB="02022cbd7000fcdbdf256700000074000e80120002d7de5f50a647ce5f4f18227bc031b80467ce3e1653ae43673df98e4ea31e9a9dfcc6aae9e1800dcbeb8c9db083f7f721f4d75a02e5a0fc8cf0bbc1daf87e010000000000005fce8525ac9a85a7d19abf7b70ad9779ab8675b79db9000000000000000000000000000008000a01a80a000008001f010200a64723ff53"], 0xa0}, 0x1, 0x0, 0x0, 0x20040090}, 0x0)
mmap$auto(0x0, 0x400008, 0x1, 0x9b72, r0, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x3ff, 0x0, 0x3, 0x5f, 0x0, 0x3}, 0x6f3)
socket(0xa, 0x2, 0x88)
mmap$auto(0x0, 0x400008, 0xdf, 0x100000009b72, 0x2, 0x8000)
mincore$auto(0x1000, 0x8001, 0x0)
setsockopt$auto(0x3, 0x0, 0x20, 0x0, 0x28)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
futex$auto(0x0, 0x6, 0x47, 0x0, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff)
sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x64, r4, 0x1, 0x70bd27, 0x25dfdbf9, {}, [@L2TP_ATTR_ENCAP_TYPE={0x6}, @L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x80}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x1}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x8}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @empty}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @empty}, @L2TP_ATTR_UDP_DPORT={0x6, 0x1b, 0x4e21}]}, 0x64}, 0x1, 0x0, 0x0, 0x40000}, 0x4080)

10.499035019s ago: executing program 1 (id=2339):
write$auto(0xca, &(0x7f00000000c0)='\x04>2\x04!\xe2\x00\x94\xf2\xa2\x00\x00', 0x7e)
getresuid$auto(&(0x7f0000000080)=0x7, 0x0, 0xfffffffffffffffc)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
write$auto(r0, 0x0, 0xfffffdef)
write$auto(0x3, 0x0, 0xfffffdef)
r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_SET_WIPHY(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000440)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYRES32], 0x2c}, 0x1, 0x0, 0x0, 0x24004080}, 0x20040894)
sendmsg$auto_NL80211_CMD_VENDOR(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000280)={&(0x7f0000000100)=ANY=[@ANYBLOB="a0000000", @ANYRES16=r1, @ANYBLOB="02022cbd7000fcdbdf256700000074000e80120002d7de5f50a647ce5f4f18227bc031b80467ce3e1653ae43673df98e4ea31e9a9dfcc6aae9e1800dcbeb8c9db083f7f721f4d75a02e5a0fc8cf0bbc1daf87e010000000000005fce8525ac9a85a7d19abf7b70ad9779ab8675b79db9000000000000000000000000000008000a01a80a000008"], 0xa0}, 0x1, 0x0, 0x0, 0x20040090}, 0x0)
mmap$auto(0x0, 0x400008, 0x1, 0x9b72, r0, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x3ff, 0x0, 0x3, 0x5f, 0x0, 0x3}, 0x6f3)
socket(0xa, 0x2, 0x88)
mmap$auto(0x0, 0x400008, 0xdf, 0x100000009b72, 0x2, 0x8000)
mincore$auto(0x1000, 0x8001, 0x0)
setsockopt$auto(0x3, 0x0, 0x20, 0x0, 0x28)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
futex$auto(0x0, 0x6, 0x47, 0x0, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff)
sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x64, r4, 0x1, 0x70bd27, 0x25dfdbf9, {}, [@L2TP_ATTR_ENCAP_TYPE={0x6}, @L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x80}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x1}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x8}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @empty}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @empty}, @L2TP_ATTR_UDP_DPORT={0x6, 0x1b, 0x4e21}]}, 0x64}, 0x1, 0x0, 0x0, 0x40000}, 0x4080)

9.298841603s ago: executing program 2 (id=2340):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
io_uring_setup$auto(0x6, 0x0)
madvise$auto(0x0, 0x200007, 0x19)
shmctl$auto_IPC_STAT(0x1, 0x2, &(0x7f0000000180)={{0x5, 0x0, 0xffffffffffffffff, 0x4, 0x8, 0x80, 0xb}, 0xa, 0x80000000, 0x4, 0x6, @inferred=0xffffffffffffffff, @raw, 0x8, 0x0, &(0x7f0000000040)="b057d39cbca4ac6619c8634604cc5e27a8ae7d637d90b4536e89eaa0efc1084c0ba836b58deade55915176862bbf475882b8ff1c76b4f1009348f6a3ece7aa2944a735f97142986aa4b7a5dd8b6b3146eb2fb37dc3f7a49ebc69c33f4d1ffde17193a514121a251a413a6878df020d7a8040107a9958dc49ab0c70c0eab550049393d2298d38b4c8582f3c7296ac9b1aa208fd684a1ffce1797824bacfd1c55e1588887c1d8bc3373fdf1f4cb41d7d17461441a529bdd22a73e9f42dbb6b7e7fe6c77a586634ad3aa5e93edc7a36d0f6aa2f1527aeb5906ff41b61246c80f6505729954679d1388620cfafbb32cf7998dda85a1503380b4214", &(0x7f0000000140)="d05acb81a38634dea141f57d642daeeaaa1b1cea5a1ef00bf4eafd69fef7cc096f992e"})
getegid()
close_range$auto(0x2, 0x8, 0x0)
openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000007480)='/dev/cec12\x00', 0x400, 0x0)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3)
setsockopt$auto(0xffffffffffffffff, 0x10000008, 0x8005, 0x0, 0x2)
unshare$auto(0x40000080)
socket(0xa, 0x2, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x2, 0x4020009, 0x3, 0xeb1, 0x401, 0x4000008000)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
socket(0x10, 0x2, 0xc)
socket(0x28, 0x1, 0x0)
fanotify_mark$auto(0x0, 0x1, 0x9, 0x4, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
clone$auto(0x21, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6)
mmap$auto(0x200000000000000, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x0)

8.843221633s ago: executing program 0 (id=2341):
unshare$auto(0x40000080)
socket(0x10, 0x2, 0x7fffffff)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/midiC2D0\x00', 0x80102, 0x0)
socket(0x28, 0x1, 0x0)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=ANY=[@ANYBLOB="2f212abd"], 0x14}}, 0x4000000)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000340)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x4460, 0x15f4da0a, 0x1, 0x3, 0x300000000000000, 0x80000001, 0x7, 0x0, 0x5, 0x2]}, 0x0)
unshare$auto(0x40000080)
prctl$auto(0x39, 0x1, 0x0, 0x0, 0x0)
openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x40400, 0x0)
io_uring_setup$auto(0x4bf15e08, &(0x7f0000000000)={0x405, 0x8, 0x20000006, 0x9, 0x8a, 0xfffffff7, 0xffffffffffffffff, [0x104, 0x9, 0x7f], {0x2, 0xb, 0x3034, 0xe, 0x4, 0xff, 0x2, 0xfffffff9, 0xf08a2b5}, {0x4000, 0x8, 0x9, 0x0, 0x0, 0xeca8, 0xd5, 0x836, 0x8}})
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dri/card1\x00', 0x0, 0x0)
bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3)

7.72989682s ago: executing program 3 (id=2342):
unshare$auto(0x40000080)
openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000400)='/dev/cuse\x00', 0x1c1041, 0x0)
r0 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/meminfo\x00', 0x0, 0x0)
ppoll$auto(&(0x7f00000000c0)={<r1=>r0, 0xf81, 0x27f}, 0x3, 0x0, 0x0, 0x8)
r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/sys/net/ipv6/conf/ip6gre0/ignore_routes_with_linkdown\x00', 0x202, 0x0)
sendfile$auto(r2, r1, 0x0, 0x401)
socket(0x2, 0x1, 0x0)
write$auto(0xffffffffffffffff, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
madvise$auto(0x8e, 0x3, 0x7fff)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/loop8/events\x00', 0x100, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000001c00)=""/4111, 0x100f)
r4 = socket(0x11, 0x80003, 0x300)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
setsockopt$auto(r4, 0x107, 0xe, 0x0, 0x4)
futex$auto(0x0, 0x6, 0x9, 0x0, 0x0, 0xffffffff)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x4, 0x15f4da0a, 0x1, 0x3, 0x1000000, 0x80000001, 0x7, 0x6d3c, 0x5, 0x40002]}, 0x0)
futex$auto(&(0x7f0000000080)=0x1000003, 0x3, 0x1, 0x0, 0x0, 0xfbfffffa)
openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, 0x0, 0x800, 0x0)
read$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffffff, 0x0, 0x0)
ioctl$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffffff, 0x1, &(0x7f0000000280))
syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_DEL_INTERFACE(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4010}, 0x20000800)
ioctl$auto(0x3, 0x80000541b, 0x38)
sendmsg$auto_NL80211_CMD_REGISTER_BEACONS(r1, &(0x7f0000000200)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x60000000}, 0x20000000)

4.572011265s ago: executing program 1 (id=2343):
mmap$auto(0x9, 0x202000d, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000800)='/sys/devices/virtual/bdi/43:384/max_bytes\x00', 0x181482, 0x0)
read$auto(r0, 0x0, 0x1)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000080), r1)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth1_virt_wifi\x00', <r3=>0x0})
sendmsg$auto_BATADV_CMD_GET_MCAST_FLAGS(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)={0x1c, r2, 0x95bda67d863ba7af, 0x70bd2d, 0x25dfdbff, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x20000000)
r4 = prctl$auto_PR_GET_NO_NEW_PRIVS(0x27, 0x800, 0x0, 0x1684, 0x24)
write$auto(0xffffffffffffffff, 0x0, 0xfdef)
shmctl$auto_IPC_RMID(0x2, 0x0, 0x0)
r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r4)
sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000780)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000740)={&(0x7f0000000480)={0x9c, r5, 0x300, 0x70bd2a, 0x25dfdbfd, {}, [@NL80211_ATTR_DONT_WAIT_FOR_ACK={0x4}, @NL80211_ATTR_CRIT_PROT_ID={0x6, 0xb3, 0x8001}, @NL80211_ATTR_CNTDWN_OFFS_PRESP={0x73, 0xbb, "87dfa70f715a69d1fc54266aec4cc3595bc0ab4914f325f960b4ee060573d66d501b7a57787fba9cb3c9bbb66341f64097b10f468909f87aa0033ff8a22f38b3084e00dfe89baa71b0cf9cd6d08e310e69b0952f96a470db0ad8ee2ed9383e0eb600ee830097a53329d44046cf9972"}, @NL80211_ATTR_LOCAL_MESH_POWER_MODE={0x8, 0xa4, 0xa265247c}]}, 0x9c}, 0x1, 0x0, 0x0, 0x4000800}, 0x800)
mmap$auto(0x0, 0x5, 0x6, 0x13, 0xffffffffffffffff, 0x8000)
openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
r6 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2000, 0x0)
ioctl$auto_EVIOCGMASK(r6, 0x80104592, &(0x7f0000000080)={0x2000, 0x800007, 0x5})
io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r7 = socket(0xa, 0x801, 0x84)
getsockopt$auto(r7, 0x84, 0x10, 0x0, 0x0)
mmap$auto(0x0, 0xfffffffffffffffe, 0xdc, 0xeb1, 0x401, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
ioperm$auto(0x7, 0x6, 0x1)
unshare$auto(0x40000080)
close_range$auto(0x2, 0x8, 0x0)

4.56905303s ago: executing program 3 (id=2344):
mmap$auto(0x9, 0x202000d, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000800)='/sys/devices/virtual/bdi/43:384/max_bytes\x00', 0x181482, 0x0)
read$auto(r0, 0x0, 0x1)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000080), r1)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth1_virt_wifi\x00', <r3=>0x0})
sendmsg$auto_BATADV_CMD_GET_MCAST_FLAGS(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)={0x1c, r2, 0x95bda67d863ba7af, 0x70bd2d, 0x25dfdbff, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x20000000)
r4 = prctl$auto_PR_GET_NO_NEW_PRIVS(0x27, 0x800, 0x0, 0x1684, 0x24)
write$auto(0xffffffffffffffff, 0x0, 0xfdef)
shmctl$auto_IPC_RMID(0x2, 0x0, 0x0)
r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r4)
sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000780)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000740)={&(0x7f0000000480)={0x9c, r5, 0x300, 0x70bd2a, 0x25dfdbfd, {}, [@NL80211_ATTR_DONT_WAIT_FOR_ACK={0x4}, @NL80211_ATTR_CRIT_PROT_ID={0x6, 0xb3, 0x8001}, @NL80211_ATTR_CNTDWN_OFFS_PRESP={0x73, 0xbb, "87dfa70f715a69d1fc54266aec4cc3595bc0ab4914f325f960b4ee060573d66d501b7a57787fba9cb3c9bbb66341f64097b10f468909f87aa0033ff8a22f38b3084e00dfe89baa71b0cf9cd6d08e310e69b0952f96a470db0ad8ee2ed9383e0eb600ee830097a53329d44046cf9972"}, @NL80211_ATTR_LOCAL_MESH_POWER_MODE={0x8, 0xa4, 0xa265247c}]}, 0x9c}, 0x1, 0x0, 0x0, 0x4000800}, 0x800)
mmap$auto(0x0, 0x5, 0x6, 0x13, 0xffffffffffffffff, 0x8000)
openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
r6 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2000, 0x0)
ioctl$auto_EVIOCGMASK(r6, 0x80104592, &(0x7f0000000080)={0x2000, 0x800007, 0x5})
io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r7 = socket(0xa, 0x801, 0x84)
getsockopt$auto(r7, 0x84, 0x10, 0x0, 0x0)
mmap$auto(0x0, 0xfffffffffffffffe, 0xdc, 0xeb1, 0x401, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x500, 0x0)
unshare$auto(0x40000080)
close_range$auto(0x2, 0x8, 0x0)

4.503923058s ago: executing program 2 (id=2345):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
io_uring_setup$auto(0x6, 0x0)
madvise$auto(0x0, 0x200007, 0x19)
shmctl$auto_IPC_STAT(0x1, 0x2, &(0x7f0000000180)={{0x5, 0x0, 0xffffffffffffffff, 0x4, 0x8, 0x80, 0xb}, 0xa, 0x80000000, 0x4, 0x6, @inferred=0xffffffffffffffff, @raw, 0x8, 0x0, &(0x7f0000000040)="b057d39cbca4ac6619c8634604cc5e27a8ae7d637d90b4536e89eaa0efc1084c0ba836b58deade55915176862bbf475882b8ff1c76b4f1009348f6a3ece7aa2944a735f97142986aa4b7a5dd8b6b3146eb2fb37dc3f7a49ebc69c33f4d1ffde17193a514121a251a413a6878df020d7a8040107a9958dc49ab0c70c0eab550049393d2298d38b4c8582f3c7296ac9b1aa208fd684a1ffce1797824bacfd1c55e1588887c1d8bc3373fdf1f4cb41d7d17461441a529bdd22a73e9f42dbb6b7e7fe6c77a586634ad3aa5e93edc7a36d0f6aa2f1527aeb5906ff41b61246c80f6505729954679d1388620cfafbb32cf7998dda85a1503380b4214", &(0x7f0000000140)})
getegid()
close_range$auto(0x2, 0x8, 0x0)
openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000007480)='/dev/cec12\x00', 0x400, 0x0)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3)
setsockopt$auto(0xffffffffffffffff, 0x10000008, 0x8005, 0x0, 0x2)
unshare$auto(0x40000080)
socket(0xa, 0x2, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x2, 0x4020009, 0x3, 0xeb1, 0x401, 0x4000008000)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
socket(0x10, 0x2, 0xc)
socket(0x28, 0x1, 0x0)
fanotify_mark$auto(0x0, 0x1, 0x9, 0x4, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
clone$auto(0x21, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6)
mmap$auto(0x200000000000000, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x0)

4.315929688s ago: executing program 0 (id=2346):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
io_uring_setup$auto(0x6, 0x0)
madvise$auto(0x0, 0x200007, 0x19)
shmctl$auto_IPC_STAT(0x1, 0x2, &(0x7f0000000180)={{0x5, 0x0, 0xffffffffffffffff, 0x4, 0x8, 0x80, 0xb}, 0xa, 0x80000000, 0x4, 0x6, @inferred=0xffffffffffffffff, @raw, 0x8, 0x0, &(0x7f0000000040)="b057d39cbca4ac6619c8634604cc5e27a8ae7d637d90b4536e89eaa0efc1084c0ba836b58deade55915176862bbf475882b8ff1c76b4f1009348f6a3ece7aa2944a735f97142986aa4b7a5dd8b6b3146eb2fb37dc3f7a49ebc69c33f4d1ffde17193a514121a251a413a6878df020d7a8040107a9958dc49ab0c70c0eab550049393d2298d38b4c8582f3c7296ac9b1aa208fd684a1ffce1797824bacfd1c55e1588887c1d8bc3373fdf1f4cb41d7d17461441a529bdd22a73e9f42dbb6b7e7fe6c77a586634ad3aa5e93edc7a36d0f6aa2f1527aeb5906ff41b61246c80f6505729954679d1388620cfafbb32cf7998dda85a1503380b4214", &(0x7f0000000140)="d05acb81a38634dea141f57d642daeeaaa1b1cea5a1ef00bf4eafd69fef7cc096f992e85df6af889a8"})
getegid()
close_range$auto(0x2, 0x8, 0x0)
openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000007480)='/dev/cec12\x00', 0x400, 0x0)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3)
setsockopt$auto(0xffffffffffffffff, 0x10000008, 0x8005, 0x0, 0x2)
unshare$auto(0x40000080)
socket(0xa, 0x2, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x2, 0x4020009, 0x3, 0xeb1, 0x401, 0x4000008000)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
socket(0x10, 0x2, 0xc)
socket(0x28, 0x1, 0x0)
fanotify_mark$auto(0x0, 0x1, 0x9, 0x4, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
clone$auto(0x21, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6)
mmap$auto(0x200000000000000, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x0)

3.876593045s ago: executing program 3 (id=2347):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socketpair$auto(0x1e, 0x5, 0x80000000, 0x0)
r0 = socket(0xa, 0x5, 0x0)
socket(0xa, 0x801, 0x84)
connect$auto(0x3, 0x0, 0x55)
listen$auto(0x3, 0x81)
setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0x8)
accept$auto(r0, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84)
r1 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fb0\x00', 0x2, 0x0)
ioctl$auto_FBIOPUT_VSCREENINFO(r1, 0x4601, &(0x7f0000000140)="192979f4da33f34374da1547dc67e85eaa0a66829d4c60a7422220c541b9b4becb9cfc6624245b835b9afe2cd9d5a05cdf28657f861e435b4411fc8fc8b6483c1c3d72f4a5d8e99625055d0067a06f4afa469397ca67")
ioctl$auto_FBIOGET_FSCREENINFO(r1, 0x4602, &(0x7f0000000080)="537fad604a0b6a6233f85d7e8ada171812c160c5e5d5eee9a895bf5fd45f2bcddd4aa7ca654133a3376f0611362127618b93c426089b2fa2")
ioperm$auto(0x7, 0x6, 0xffffffffffff4064)
map_shadow_stack$auto(0x2, 0x3, 0x1)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/module/hid_cougar/parameters/g6_is_space\x00', 0x129102, 0x0)
write$auto(r2, &(0x7f0000000000)='y\x8c', 0x2)
socket(0xa, 0x801, 0x84)
syz_genetlink_get_family_id$auto_netdev(&(0x7f00000000c0), 0xffffffffffffffff)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r3 = socket(0xa, 0x1, 0x84)
r4 = openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000c40)='/sys/kernel/debug/bluetooth/hci0/force_devcoredump\x00', 0x2, 0x0)
openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x2000, 0x0)
write$auto(r4, 0x0, 0xe)
getsockopt$auto(r3, 0x84, 0x1, 0x0, &(0x7f0000000000)=0x9d)

3.813894294s ago: executing program 1 (id=2348):
mmap$auto(0x9, 0x202000d, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000800)='/sys/devices/virtual/bdi/43:384/max_bytes\x00', 0x181482, 0x0)
read$auto(r0, 0x0, 0x1)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000080), r1)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth1_virt_wifi\x00', <r3=>0x0})
sendmsg$auto_BATADV_CMD_GET_MCAST_FLAGS(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)={0x1c, r2, 0x95bda67d863ba7af, 0x70bd2d, 0x25dfdbff, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x20000000)
r4 = prctl$auto_PR_GET_NO_NEW_PRIVS(0x27, 0x800, 0x0, 0x1684, 0x24)
write$auto(0xffffffffffffffff, 0x0, 0xfdef)
shmctl$auto_IPC_RMID(0x2, 0x0, 0x0)
r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r4)
sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000780)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000740)={&(0x7f0000000480)={0x9c, r5, 0x300, 0x70bd2a, 0x25dfdbfd, {}, [@NL80211_ATTR_DONT_WAIT_FOR_ACK={0x4}, @NL80211_ATTR_CRIT_PROT_ID={0x6, 0xb3, 0x8001}, @NL80211_ATTR_CNTDWN_OFFS_PRESP={0x73, 0xbb, "87dfa70f715a69d1fc54266aec4cc3595bc0ab4914f325f960b4ee060573d66d501b7a57787fba9cb3c9bbb66341f64097b10f468909f87aa0033ff8a22f38b3084e00dfe89baa71b0cf9cd6d08e310e69b0952f96a470db0ad8ee2ed9383e0eb600ee830097a53329d44046cf9972"}, @NL80211_ATTR_LOCAL_MESH_POWER_MODE={0x8, 0xa4, 0xa265247c}]}, 0x9c}, 0x1, 0x0, 0x0, 0x4000800}, 0x800)
mmap$auto(0x0, 0x5, 0x6, 0x13, 0xffffffffffffffff, 0x8000)
openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
r6 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2000, 0x0)
ioctl$auto_EVIOCGMASK(r6, 0x80104592, &(0x7f0000000080)={0x2000, 0x800007, 0x5})
io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r7 = socket(0xa, 0x801, 0x84)
getsockopt$auto(r7, 0x84, 0x10, 0x0, 0x0)
mmap$auto(0x0, 0xfffffffffffffffe, 0xdc, 0xeb1, 0x401, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
ioperm$auto(0x7, 0x6, 0x1)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x500, 0x0)
unshare$auto(0x40000080)
close_range$auto(0x2, 0x8, 0x0)

3.514907119s ago: executing program 3 (id=2349):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000)
r0 = socket(0x10, 0x2, 0x0)
r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0)
mmap$auto(0x0, 0x1, 0x4000000000df, 0x44eb2, 0x3, 0x300000000000)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x129800, 0x0)
ioctl$auto(r1, 0xc0104d08, 0x7)
sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\a\x00\x00\x00\x00\x00'], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
getrandom$auto(0x0, 0x6000000, 0x3)
r2 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$auto(r2, 0x40025504, 0xea3)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x20000800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
recvmmsg$auto(r0, &(0x7f0000000140)={{0x0, 0x2, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x29e, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}, 0x1, 0x0, 0x0, 0x40008815}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x20008841)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="19"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f0000000000)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x1}, 0x2, 0x0)

3.08759086s ago: executing program 1 (id=2350):
write$auto(0xca, &(0x7f00000000c0)='\x04>2\x04!\xe2\x00\x94\xf2\xa2\x00\x00', 0x7e)
getresuid$auto(&(0x7f0000000080)=0x7, 0x0, 0xfffffffffffffffc)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
write$auto(r0, 0x0, 0xfffffdef)
write$auto(0x3, 0x0, 0xfffffdef)
r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_SET_WIPHY(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000440)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYRES32], 0x2c}, 0x1, 0x0, 0x0, 0x24004080}, 0x20040894)
sendmsg$auto_NL80211_CMD_VENDOR(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000280)={&(0x7f0000000100)=ANY=[@ANYBLOB="a0000000", @ANYRES16=r1, @ANYBLOB="02022cbd7000fcdbdf256700000074000e80120002d7de5f50a647ce5f4f18227bc031b80467ce3e1653ae43673df98e4ea31e9a9dfcc6aae9e1800dcbeb8c9db083f7f721f4d75a02e5a0fc8cf0bbc1daf87e010000000000005fce8525ac9a85a7d19abf7b70ad9779ab8675b79db9000000000000000000000000000008000a01a80a000008001f010200a64723ff53"], 0xa0}, 0x1, 0x0, 0x0, 0x20040090}, 0x0)
mmap$auto(0x0, 0x400008, 0x1, 0x9b72, r0, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x3ff, 0x0, 0x3, 0x5f, 0x0, 0x3}, 0x6f3)
socket(0xa, 0x2, 0x88)
mmap$auto(0x0, 0x400008, 0xdf, 0x100000009b72, 0x2, 0x8000)
mincore$auto(0x1000, 0x8001, 0x0)
setsockopt$auto(0x3, 0x0, 0x20, 0x0, 0x28)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
futex$auto(0x0, 0x6, 0x47, 0x0, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff)
sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x64, r4, 0x1, 0x70bd27, 0x25dfdbf9, {}, [@L2TP_ATTR_ENCAP_TYPE={0x6}, @L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x80}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x1}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x8}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @empty}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @empty}, @L2TP_ATTR_UDP_DPORT={0x6, 0x1b, 0x4e21}]}, 0x64}, 0x1, 0x0, 0x0, 0x40000}, 0x4080)

2.161767934s ago: executing program 3 (id=2351):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
io_uring_setup$auto(0x6, 0x0)
madvise$auto(0x0, 0x200007, 0x19)
shmctl$auto_IPC_STAT(0x1, 0x2, &(0x7f0000000180)={{0x5, 0x0, 0xffffffffffffffff, 0x4, 0x8, 0x80, 0xb}, 0xa, 0x80000000, 0x4, 0x6, @inferred=0xffffffffffffffff, @raw, 0x8, 0x0, &(0x7f0000000040)="b057d39cbca4ac6619c8634604cc5e27a8ae7d637d90b4536e89eaa0efc1084c0ba836b58deade55915176862bbf475882b8ff1c76b4f1009348f6a3ece7aa2944a735f97142986aa4b7a5dd8b6b3146eb2fb37dc3f7a49ebc69c33f4d1ffde17193a514121a251a413a6878df020d7a8040107a9958dc49ab0c70c0eab550049393d2298d38b4c8582f3c7296ac9b1aa208fd684a1ffce1797824bacfd1c55e1588887c1d8bc3373fdf1f4cb41d7d17461441a529bdd22a73e9f42dbb6b7e7fe6c77a586634ad3aa5e93edc7a36d0f6aa2f1527aeb5906ff41b61246c80f6505729954679d1388620cfafbb32cf7998dda85a1503380b4214", &(0x7f0000000140)="d05acb81a38634dea141f57d642daeeaaa1b1cea5a1ef00bf4eafd69fef7cc096f992e85df6af889a88dee83"})
getegid()
close_range$auto(0x2, 0x8, 0x0)
openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000007480)='/dev/cec12\x00', 0x400, 0x0)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3)
setsockopt$auto(0xffffffffffffffff, 0x10000008, 0x8005, 0x0, 0x2)
unshare$auto(0x40000080)
socket(0xa, 0x2, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x2, 0x4020009, 0x3, 0xeb1, 0x401, 0x4000008000)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
socket(0x10, 0x2, 0xc)
socket(0x28, 0x1, 0x0)
fanotify_mark$auto(0x0, 0x1, 0x9, 0x4, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
clone$auto(0x21, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6)
mmap$auto(0x200000000000000, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x0)

0s ago: executing program 1 (id=2353):
write$auto(0xca, &(0x7f00000000c0)='\x04>2\x04!\xe2\x00\x94\xf2\xa2\x00\x00', 0x7e)
getresuid$auto(&(0x7f0000000080)=0x7, 0x0, 0xfffffffffffffffc)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
write$auto(r0, 0x0, 0xfffffdef)
write$auto(0x3, 0x0, 0xfffffdef)
r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_SET_WIPHY(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000440)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYRES32], 0x2c}, 0x1, 0x0, 0x0, 0x24004080}, 0x20040894)
sendmsg$auto_NL80211_CMD_VENDOR(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000280)={&(0x7f0000000100)=ANY=[@ANYBLOB="a0000000", @ANYRES16=r1, @ANYBLOB="02022cbd7000fcdbdf256700000074000e80120002d7de5f50a647ce5f4f18227bc031b80467ce3e1653ae43673df98e4ea31e9a9dfcc6aae9e1800dcbeb8c9db083f7f721f4d75a02e5a0fc8c"], 0xa0}, 0x1, 0x0, 0x0, 0x20040090}, 0x0)
mmap$auto(0x0, 0x400008, 0x1, 0x9b72, r0, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x3ff, 0x0, 0x3, 0x5f, 0x0, 0x3}, 0x6f3)
socket(0xa, 0x2, 0x88)
mmap$auto(0x0, 0x400008, 0xdf, 0x100000009b72, 0x2, 0x8000)
mincore$auto(0x1000, 0x8001, 0x0)
setsockopt$auto(0x3, 0x0, 0x20, 0x0, 0x28)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
futex$auto(0x0, 0x6, 0x47, 0x0, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff)
sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x64, r4, 0x1, 0x70bd27, 0x25dfdbf9, {}, [@L2TP_ATTR_ENCAP_TYPE={0x6}, @L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x80}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x1}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x8}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @empty}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @empty}, @L2TP_ATTR_UDP_DPORT={0x6, 0x1b, 0x4e21}]}, 0x64}, 0x1, 0x0, 0x0, 0x40000}, 0x4080)

kernel console output (not intermixed with test programs):

862.081380][T15115]  __x64_sys_ioctl+0x190/0x200
[  862.081424][T15115]  do_syscall_64+0xcd/0x250
[  862.081471][T15115]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  862.081518][T15115] RIP: 0033:0x7efcfa18d169
[  862.081544][T15115] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  862.081575][T15115] RSP: 002b:00007efcfaf82038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  862.081605][T15115] RAX: ffffffffffffffda RBX: 00007efcfa3a5fa0 RCX: 00007efcfa18d169
[  862.081627][T15115] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000005
[  862.081647][T15115] RBP: 00007efcfa20e2a0 R08: 0000000000000000 R09: 0000000000000000
[  862.081666][T15115] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  862.081686][T15115] R13: 0000000000000000 R14: 00007efcfa3a5fa0 R15: 00007fff51b90f48
[  862.081735][T15115]  </TASK>
[  862.081746][T15115] Mem-Info:
[  862.333225][T15115] active_anon:28428 inactive_anon:2 isolated_anon:0
[  862.333225][T15115]  active_file:18245 inactive_file:38881 isolated_file:0
[  862.333225][T15115]  unevictable:768 dirty:443 writeback:0
[  862.333225][T15115]  slab_reclaimable:17820 slab_unreclaimable:150501
[  862.333225][T15115]  mapped:28059 shmem:8122 pagetables:1011
[  862.333225][T15115]  sec_pagetables:0 bounce:0
[  862.333225][T15115]  kernel_misc_reclaimable:0
[  862.333225][T15115]  free:1252270 free_pcp:1466 free_cma:0
[  862.380528][T15120] FAULT_INJECTION: forcing a failure.
[  862.380528][T15120] name failslab, interval 1, probability 0, space 0, times 0
[  862.393842][T15120] CPU: 0 UID: 0 PID: 15120 Comm: syz.2.1802 Not tainted 6.14.0-rc5-syzkaller-00105-gf315296c92fd #0
[  862.393880][T15120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  862.393900][T15120] Call Trace:
[  862.393911][T15120]  <TASK>
[  862.393924][T15120]  dump_stack_lvl+0x16c/0x1f0
[  862.393973][T15120]  should_fail_ex+0x50a/0x650
[  862.394028][T15120]  ? fs_reclaim_acquire+0xae/0x150
[  862.394075][T15120]  should_failslab+0xc2/0x120
[  862.394107][T15120]  __kmalloc_cache_node_noprof+0x6e/0x420
[  862.394157][T15120]  ? __pfx_number+0x10/0x10
[  862.394185][T15120]  ? format_decode+0x1ae/0xd40
[  862.394217][T15120]  ? __get_vm_area_node+0x101/0x2f0
[  862.394267][T15120]  __get_vm_area_node+0x101/0x2f0
[  862.394315][T15120]  __vmalloc_node_range_noprof+0x26a/0x1530
[  862.394364][T15120]  ? kvm_dev_ioctl+0x151/0x1a90
[  862.394425][T15120]  ? __pfx_vsnprintf+0x10/0x10
[  862.394466][T15120]  ? kvm_dev_ioctl+0x151/0x1a90
[  862.394520][T15120]  ? do_raw_spin_lock+0x12d/0x2c0
[  862.394557][T15120]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  862.394605][T15120]  ? __pfx_snprintf+0x10/0x10
[  862.394647][T15120]  ? _raw_spin_unlock+0x28/0x50
[  862.394685][T15120]  ? alloc_fd+0x41f/0x760
[  862.394747][T15120]  ? kvm_dev_ioctl+0x151/0x1a90
[  862.394801][T15120]  __vmalloc_noprof+0x6d/0x90
[  862.394846][T15120]  ? kvm_dev_ioctl+0x151/0x1a90
[  862.394901][T15120]  kvm_dev_ioctl+0x151/0x1a90
[  862.394956][T15120]  ? __pfx_lock_release+0x10/0x10
[  862.395002][T15120]  ? trace_lock_acquire+0x14e/0x1f0
[  862.395046][T15120]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[  862.395102][T15120]  ? __fget_files+0x206/0x3a0
[  862.395156][T15120]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[  862.395212][T15120]  __x64_sys_ioctl+0x190/0x200
[  862.395255][T15120]  do_syscall_64+0xcd/0x250
[  862.395303][T15120]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  862.395350][T15120] RIP: 0033:0x7f6ac4d8d169
[  862.395376][T15120] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  862.395408][T15120] RSP: 002b:00007f6ac5c09038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  862.395438][T15120] RAX: ffffffffffffffda RBX: 00007f6ac4fa5fa0 RCX: 00007f6ac4d8d169
[  862.395460][T15120] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000005
[  862.395480][T15120] RBP: 00007f6ac4e0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  862.395500][T15120] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  862.395520][T15120] R13: 0000000000000000 R14: 00007f6ac4fa5fa0 R15: 00007ffcc748f548
[  862.395561][T15120]  </TASK>
[  862.731682][T15115] Node 0 active_anon:113092kB inactive_anon:8kB active_file:72980kB inactive_file:155452kB unevictable:1536kB isolated(anon):1800kB isolated(file):0kB mapped:116336kB dirty:1772kB writeback:0kB shmem:30952kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:6144kB writeback_tmp:0kB kernel_stack:10720kB pagetables:4044kB sec_pagetables:0kB all_unreclaimable? no
[  862.765209][T15115] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:80kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  862.796549][T15115] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  862.823819][T15115] lowmem_reserve[]: 0 2487 2487 0 0
[  862.829205][T15115] Node 0 DMA32 free:1083072kB boost:0kB min:34152kB low:42688kB high:51224kB reserved_highatomic:0KB active_anon:116184kB inactive_anon:8kB active_file:72980kB inactive_file:155360kB unevictable:1536kB writepending:1772kB present:3129332kB managed:2547524kB mlocked:0kB bounce:0kB free_pcp:7008kB local_pcp:5568kB free_cma:0kB
[  862.860009][T15115] lowmem_reserve[]: 0 0 0 0 0
[  862.864835][T15115] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB active_anon:8kB inactive_anon:0kB active_file:0kB inactive_file:92kB unevictable:0kB writepending:0kB present:1048580kB managed:108kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB
[  862.892636][T15115] lowmem_reserve[]: 0 0 0 0 0
[  862.897535][T15115] Node 1 Normal free:3902600kB boost:0kB min:55748kB low:69684kB high:83620kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:500kB local_pcp:500kB free_cma:0kB
[  862.926914][T15115] lowmem_reserve[]: 0 0 0 0 0
[  862.931741][T15115] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  862.944864][T15115] Node 0 DMA32: 304*4kB (UME) 482*8kB (UM) 384*16kB (UE) 1120*32kB (UME) 563*64kB (UME) 296*128kB (UME) 129*256kB (ME) 80*512kB (UME) 62*1024kB (UME) 8*2048kB (M) 196*4096kB (M) = 1077648kB
[  863.132960][T15115] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  863.236937][T15115] Node 1 Normal: 166*4kB (UE) 48*8kB (UME) 43*16kB (UME) 226*32kB (UME) 86*64kB (UME) 28*128kB (UME) 14*256kB (UM) 10*512kB (UME) 9*1024kB (UME) 4*2048kB (UE) 942*4096kB (UM) = 3902600kB
[  863.310734][T15115] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  863.325897][T15115] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  863.336043][T15115] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  863.347126][T15115] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  863.357202][T15115] 67835 total pagecache pages
[  863.362041][T15115] 101 pages in swap cache
[  863.367428][T15115] Free swap  = 120192kB
[  863.371780][T15115] Total swap = 124996kB
[  863.376108][T15115] 2097051 pages RAM
[  863.498912][T15115] 0 pages HighMem/MovableOnly
[  863.503780][T15115] 428512 pages reserved
[  863.586897][T15115] 0 pages cma reserved
[  864.730148][   T54] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260
[  864.730203][   T54] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260
[  864.745133][   T54] Bluetooth: hci3: adv larger than maximum supported
[  864.745162][   T54] Bluetooth: hci3: adv larger than maximum supported
[  864.746189][T11750] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260
[  864.752286][   T54] Bluetooth: hci3: adv larger than maximum supported
[  864.759356][T11750] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260
[  864.766547][   T54] Bluetooth: hci3: Unknown advertising packet type: 0x20
[  864.773533][T11750] Bluetooth: hci0: adv larger than maximum supported
[  864.780444][   T54] Bluetooth: hci3: adv larger than maximum supported
[  864.787857][T11750] Bluetooth: hci0: adv larger than maximum supported
[  864.802080][T11750] Bluetooth: hci0: adv larger than maximum supported
[  864.809142][T11750] Bluetooth: hci0: Unknown advertising packet type: 0x20
[  864.817300][T11750] Bluetooth: hci0: adv larger than maximum supported
[  869.038516][T11750] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260
[  869.038559][T11750] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260
[  870.062121][T11750] Bluetooth: hci2: unexpected subevent 0x04 length: 122 > 11
[  870.070425][T11750] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260
[  870.070466][T11750] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260
[  870.096695][T11750] bt_err_ratelimited: 5 callbacks suppressed
[  870.096719][T11750] Bluetooth: hci1: adv larger than maximum supported
[  870.102795][T11750] Bluetooth: hci1: adv larger than maximum supported
[  870.110405][T11750] Bluetooth: hci1: adv larger than maximum supported
[  870.117613][T11750] Bluetooth: hci1: Unknown advertising packet type: 0x20
[  870.124397][T11750] Bluetooth: hci1: adv larger than maximum supported
[  870.283562][T11750] Bluetooth: hci3: unexpected subevent 0x04 length: 122 > 11
[  872.482538][T11750] Bluetooth: hci2: unexpected subevent 0x04 length: 122 > 11
[  875.579155][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  875.585540][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  881.666612][T11750] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260
[  881.666655][T11750] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260
[  881.681912][T11750] Bluetooth: hci3: adv larger than maximum supported
[  881.681946][T11750] Bluetooth: hci3: adv larger than maximum supported
[  881.688994][T11750] Bluetooth: hci3: adv larger than maximum supported
[  881.695753][T11750] Bluetooth: hci3: Unknown advertising packet type: 0x20
[  881.702856][T11750] Bluetooth: hci3: adv larger than maximum supported
[  882.189679][T11750] Bluetooth: hci0: unexpected subevent 0x04 length: 122 > 11
[  886.106128][T15386] FAULT_INJECTION: forcing a failure.
[  886.106128][T15386] name failslab, interval 1, probability 0, space 0, times 0
[  886.149839][T15386] CPU: 0 UID: 0 PID: 15386 Comm: syz.2.1847 Not tainted 6.14.0-rc5-syzkaller-00105-gf315296c92fd #0
[  886.149885][T15386] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  886.149907][T15386] Call Trace:
[  886.149917][T15386]  <TASK>
[  886.149929][T15386]  dump_stack_lvl+0x16c/0x1f0
[  886.149980][T15386]  should_fail_ex+0x50a/0x650
[  886.150034][T15386]  ? fs_reclaim_acquire+0xae/0x150
[  886.150080][T15386]  should_failslab+0xc2/0x120
[  886.150112][T15386]  __kmalloc_cache_node_noprof+0x6e/0x420
[  886.150162][T15386]  ? __pfx_number+0x10/0x10
[  886.150189][T15386]  ? format_decode+0x1ae/0xd40
[  886.150220][T15386]  ? __get_vm_area_node+0x101/0x2f0
[  886.150268][T15386]  __get_vm_area_node+0x101/0x2f0
[  886.150317][T15386]  __vmalloc_node_range_noprof+0x26a/0x1530
[  886.150363][T15386]  ? kvm_dev_ioctl+0x151/0x1a90
[  886.150423][T15386]  ? __pfx_vsnprintf+0x10/0x10
[  886.150462][T15386]  ? kvm_dev_ioctl+0x151/0x1a90
[  886.150515][T15386]  ? do_raw_spin_lock+0x12d/0x2c0
[  886.150551][T15386]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  886.150616][T15386]  ? __pfx_snprintf+0x10/0x10
[  886.150660][T15386]  ? _raw_spin_unlock+0x28/0x50
[  886.150697][T15386]  ? alloc_fd+0x41f/0x760
[  886.150756][T15386]  ? kvm_dev_ioctl+0x151/0x1a90
[  886.150810][T15386]  __vmalloc_noprof+0x6d/0x90
[  886.150856][T15386]  ? kvm_dev_ioctl+0x151/0x1a90
[  886.150913][T15386]  kvm_dev_ioctl+0x151/0x1a90
[  886.150969][T15386]  ? __pfx_lock_release+0x10/0x10
[  886.151016][T15386]  ? trace_lock_acquire+0x14e/0x1f0
[  886.151060][T15386]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[  886.151120][T15386]  ? __fget_files+0x206/0x3a0
[  886.151172][T15386]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[  886.151229][T15386]  __x64_sys_ioctl+0x190/0x200
[  886.151275][T15386]  do_syscall_64+0xcd/0x250
[  886.151324][T15386]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  886.151373][T15386] RIP: 0033:0x7f6ac4d8d169
[  886.151400][T15386] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  886.151432][T15386] RSP: 002b:00007f6ac5c09038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  886.151463][T15386] RAX: ffffffffffffffda RBX: 00007f6ac4fa5fa0 RCX: 00007f6ac4d8d169
[  886.151485][T15386] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000005
[  886.151505][T15386] RBP: 00007f6ac4e0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  886.151525][T15386] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  886.151544][T15386] R13: 0000000000000000 R14: 00007f6ac4fa5fa0 R15: 00007ffcc748f548
[  886.151584][T15386]  </TASK>
[  886.151600][T15386] warn_alloc: 1 callbacks suppressed
[  886.151615][T15386] syz.2.1847: vmalloc error: size 39584, vm_struct allocation failed, mode:0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  886.455533][T15386] CPU: 0 UID: 0 PID: 15386 Comm: syz.2.1847 Not tainted 6.14.0-rc5-syzkaller-00105-gf315296c92fd #0
[  886.455579][T15386] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  886.455598][T15386] Call Trace:
[  886.455607][T15386]  <TASK>
[  886.455620][T15386]  dump_stack_lvl+0x16c/0x1f0
[  886.455687][T15386]  warn_alloc+0x24d/0x3a0
[  886.455743][T15386]  ? __pfx_warn_alloc+0x10/0x10
[  886.455794][T15386]  ? rcu_is_watching+0x12/0xc0
[  886.455832][T15386]  ? __kmalloc_cache_node_noprof+0x2ad/0x420
[  886.455890][T15386]  ? __kasan_kmalloc+0x8a/0xb0
[  886.455942][T15386]  ? __get_vm_area_node+0x1dc/0x2f0
[  886.455995][T15386]  __vmalloc_node_range_noprof+0xd24/0x1530
[  886.456050][T15386]  ? __pfx_vsnprintf+0x10/0x10
[  886.456094][T15386]  ? kvm_dev_ioctl+0x151/0x1a90
[  886.456148][T15386]  ? do_raw_spin_lock+0x12d/0x2c0
[  886.456185][T15386]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  886.456233][T15386]  ? __pfx_snprintf+0x10/0x10
[  886.456277][T15386]  ? _raw_spin_unlock+0x28/0x50
[  886.456314][T15386]  ? alloc_fd+0x41f/0x760
[  886.456363][T15386]  ? kvm_dev_ioctl+0x151/0x1a90
[  886.456418][T15386]  __vmalloc_noprof+0x6d/0x90
[  886.456472][T15386]  ? kvm_dev_ioctl+0x151/0x1a90
[  886.456527][T15386]  kvm_dev_ioctl+0x151/0x1a90
[  886.456579][T15386]  ? __pfx_lock_release+0x10/0x10
[  886.456622][T15386]  ? trace_lock_acquire+0x14e/0x1f0
[  886.456662][T15386]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[  886.456719][T15386]  ? __fget_files+0x206/0x3a0
[  886.456774][T15386]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[  886.456831][T15386]  __x64_sys_ioctl+0x190/0x200
[  886.456887][T15386]  do_syscall_64+0xcd/0x250
[  886.456935][T15386]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  886.456977][T15386] RIP: 0033:0x7f6ac4d8d169
[  886.456999][T15386] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  886.457027][T15386] RSP: 002b:00007f6ac5c09038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  886.457055][T15386] RAX: ffffffffffffffda RBX: 00007f6ac4fa5fa0 RCX: 00007f6ac4d8d169
[  886.457076][T15386] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000005
[  886.457095][T15386] RBP: 00007f6ac4e0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  886.457114][T15386] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  886.457133][T15386] R13: 0000000000000000 R14: 00007f6ac4fa5fa0 R15: 00007ffcc748f548
[  886.457171][T15386]  </TASK>
[  886.870900][T15386] Mem-Info:
[  886.874212][T15386] active_anon:58460 inactive_anon:2 isolated_anon:0
[  886.874212][T15386]  active_file:18231 inactive_file:38891 isolated_file:0
[  886.874212][T15386]  unevictable:768 dirty:859 writeback:0
[  886.874212][T15386]  slab_reclaimable:17613 slab_unreclaimable:154029
[  886.874212][T15386]  mapped:39546 shmem:35045 pagetables:1153
[  886.874212][T15386]  sec_pagetables:0 bounce:0
[  886.874212][T15386]  kernel_misc_reclaimable:0
[  886.874212][T15386]  free:1213525 free_pcp:1823 free_cma:0
[  886.919801][    C1] vkms_vblank_simulate: vblank timer overrun
[  887.038849][T15386] Node 0 active_anon:245340kB inactive_anon:8kB active_file:72924kB inactive_file:155492kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:159584kB dirty:3436kB writeback:0kB shmem:149944kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:12288kB writeback_tmp:0kB kernel_stack:10788kB pagetables:4612kB sec_pagetables:0kB all_unreclaimable? no
[  887.226787][T15386] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:80kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  887.257142][    C1] vkms_vblank_simulate: vblank timer overrun
[  887.338486][T15386] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  887.441570][T15386] lowmem_reserve[]: 0 2487 2487 0 0
[  887.487936][T15386] Node 0 DMA32 free:894436kB boost:0kB min:34152kB low:42688kB high:51224kB reserved_highatomic:0KB active_anon:272392kB inactive_anon:8kB active_file:72980kB inactive_file:155400kB unevictable:1536kB writepending:3444kB present:3129332kB managed:2547524kB mlocked:0kB bounce:0kB free_pcp:23204kB local_pcp:21032kB free_cma:0kB
[  887.706765][T15386] lowmem_reserve[]: 0 0 0 0 0
[  887.719326][T15386] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB active_anon:8kB inactive_anon:0kB active_file:0kB inactive_file:92kB unevictable:0kB writepending:0kB present:1048580kB managed:108kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB
[  887.846690][T15386] lowmem_reserve[]: 0 0 0 0 0
[  887.872991][T15386] Node 1 Normal free:3902600kB boost:0kB min:55748kB low:69684kB high:83620kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:500kB local_pcp:0kB free_cma:0kB
[  887.986748][T15386] lowmem_reserve[]: 0 0 0 0 0
[  887.996773][T15386] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  888.156879][T15386] Node 0 DMA32: 61*4kB (UE) 194*8kB (U) 30*16kB (UM) 14*32kB (UE) 9*64kB (ME) 2*128kB (E) 2*256kB (ME) 1*512kB (E) 25*1024kB (UME) 1*2048kB (U) 199*4096kB (M) = 847332kB
[  888.256623][T15386] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  888.335419][T15386] Node 1 Normal: 166*4kB (UE) 48*8kB (UME) 43*16kB (UME) 226*32kB (UME) 86*64kB (UME) 28*128kB (UME) 14*256kB (UM) 10*512kB (UME) 9*1024kB (UME) 4*2048kB (UE) 942*4096kB (UM) = 3902600kB
[  888.395584][T15386] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  888.436636][T15386] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  888.476657][T15386] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  888.506613][T15386] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  888.536925][T15386] 116458 total pagecache pages
[  888.541950][T15386] 184 pages in swap cache
[  888.546326][T15386] Free swap  = 119932kB
[  888.570942][T15386] Total swap = 124996kB
[  888.576158][T15386] 2097051 pages RAM
[  888.606546][T15386] 0 pages HighMem/MovableOnly
[  888.621888][T15386] 428512 pages reserved
[  888.626124][T15386] 0 pages cma reserved
[  889.531215][T11750] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260
[  889.531272][T11750] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260
[  889.546647][T11750] Bluetooth: hci0: adv larger than maximum supported
[  889.546680][T11750] Bluetooth: hci0: adv larger than maximum supported
[  889.553444][T11750] Bluetooth: hci0: adv larger than maximum supported
[  889.560543][T11750] Bluetooth: hci0: Unknown advertising packet type: 0x20
[  889.567562][T11750] Bluetooth: hci0: adv larger than maximum supported
[  890.591302][T11750] Bluetooth: hci3: unexpected subevent 0x04 length: 122 > 11
[  894.092689][T11750] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260
[  894.092738][T11750] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260
[  894.416403][T11750] Bluetooth: hci0: unexpected subevent 0x04 length: 122 > 11
[  895.398988][T15460] FAULT_INJECTION: forcing a failure.
[  895.398988][T15460] name failslab, interval 1, probability 0, space 0, times 0
[  895.411965][T15460] CPU: 0 UID: 0 PID: 15460 Comm: syz.3.1859 Not tainted 6.14.0-rc5-syzkaller-00105-gf315296c92fd #0
[  895.412004][T15460] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  895.412030][T15460] Call Trace:
[  895.412041][T15460]  <TASK>
[  895.412052][T15460]  dump_stack_lvl+0x16c/0x1f0
[  895.412121][T15460]  should_fail_ex+0x50a/0x650
[  895.412176][T15460]  ? fs_reclaim_acquire+0xae/0x150
[  895.412226][T15460]  should_failslab+0xc2/0x120
[  895.412258][T15460]  __kmalloc_cache_node_noprof+0x6e/0x420
[  895.412310][T15460]  ? __pfx_number+0x10/0x10
[  895.412338][T15460]  ? format_decode+0x1ae/0xd40
[  895.412371][T15460]  ? __get_vm_area_node+0x101/0x2f0
[  895.412421][T15460]  __get_vm_area_node+0x101/0x2f0
[  895.412470][T15460]  __vmalloc_node_range_noprof+0x26a/0x1530
[  895.412519][T15460]  ? kvm_dev_ioctl+0x151/0x1a90
[  895.412582][T15460]  ? __pfx_vsnprintf+0x10/0x10
[  895.412625][T15460]  ? kvm_dev_ioctl+0x151/0x1a90
[  895.412678][T15460]  ? do_raw_spin_lock+0x12d/0x2c0
[  895.412716][T15460]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  895.412764][T15460]  ? __pfx_snprintf+0x10/0x10
[  895.412809][T15460]  ? _raw_spin_unlock+0x28/0x50
[  895.412846][T15460]  ? alloc_fd+0x41f/0x760
[  895.412897][T15460]  ? kvm_dev_ioctl+0x151/0x1a90
[  895.412951][T15460]  __vmalloc_noprof+0x6d/0x90
[  895.412997][T15460]  ? kvm_dev_ioctl+0x151/0x1a90
[  895.413058][T15460]  kvm_dev_ioctl+0x151/0x1a90
[  895.413117][T15460]  ? __pfx_lock_release+0x10/0x10
[  895.413164][T15460]  ? trace_lock_acquire+0x14e/0x1f0
[  895.413209][T15460]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[  895.413270][T15460]  ? __fget_files+0x206/0x3a0
[  895.413324][T15460]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[  895.413381][T15460]  __x64_sys_ioctl+0x190/0x200
[  895.413425][T15460]  do_syscall_64+0xcd/0x250
[  895.413474][T15460]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  895.413521][T15460] RIP: 0033:0x7f0dc598d169
[  895.413546][T15460] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  895.413579][T15460] RSP: 002b:00007f0dc675c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  895.413610][T15460] RAX: ffffffffffffffda RBX: 00007f0dc5ba5fa0 RCX: 00007f0dc598d169
[  895.413632][T15460] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000005
[  895.413653][T15460] RBP: 00007f0dc5a0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  895.413674][T15460] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  895.413694][T15460] R13: 0000000000000000 R14: 00007f0dc5ba5fa0 R15: 00007fffaf666778
[  895.413736][T15460]  </TASK>
[  898.615534][T11750] Bluetooth: hci0: unexpected subevent 0x04 length: 122 > 11
[  899.478826][T11750] Bluetooth: hci3: unexpected subevent 0x04 length: 122 > 11
[  900.872918][T11750] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260
[  900.872967][T11750] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260
[  900.888176][T11750] Bluetooth: hci2: adv larger than maximum supported
[  900.888211][T11750] Bluetooth: hci2: adv larger than maximum supported
[  900.894983][T11750] Bluetooth: hci2: adv larger than maximum supported
[  900.902769][T11750] Bluetooth: hci2: Unknown advertising packet type: 0x20
[  900.909578][T11750] Bluetooth: hci2: adv larger than maximum supported
[  901.694241][T11750] Bluetooth: hci3: unexpected subevent 0x04 length: 122 > 11
[  903.105014][T11750] Bluetooth: hci0: unexpected subevent 0x04 length: 122 > 11
[  903.816145][T15545] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1872'.
[  907.491325][T11750] Bluetooth: hci3: unexpected subevent 0x04 length: 122 > 11
[  910.910922][T11750] Bluetooth: hci3: unexpected subevent 0x04 length: 122 > 11
[  915.463321][T11750] Bluetooth: hci0: unexpected subevent 0x04 length: 122 > 11
[  917.426994][T11750] Bluetooth: hci0: unexpected subevent 0x04 length: 122 > 11
[  919.426255][T11750] Bluetooth: hci3: unexpected subevent 0x04 length: 122 > 11
[  921.304660][T11750] Bluetooth: hci3: unexpected subevent 0x04 length: 122 > 11
[  921.718217][T11750] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260
[  921.718262][T11750] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260
[  921.733276][T11750] Bluetooth: hci1: adv larger than maximum supported
[  921.733308][T11750] Bluetooth: hci1: adv larger than maximum supported
[  921.740417][T11750] Bluetooth: hci1: adv larger than maximum supported
[  921.747388][T11750] Bluetooth: hci1: Unknown advertising packet type: 0x20
[  921.755026][T11750] Bluetooth: hci1: Unknown advertising packet type: 0x32
[  924.655232][T11750] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260
[  924.655282][T11750] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260
[  924.672678][T11750] Bluetooth: hci1: adv larger than maximum supported
[  924.672712][T11750] Bluetooth: hci1: Unknown advertising packet type: 0x20
[  924.679583][T11750] Bluetooth: hci1: Unknown advertising packet type: 0x30
[  924.689995][T11750] Bluetooth: hci1: Unknown advertising packet type: 0x32
[  926.517506][T11750] Bluetooth: hci3: unexpected subevent 0x04 length: 122 > 11
[  930.815889][T11750] Bluetooth: hci3: unexpected subevent 0x04 length: 122 > 11
[  931.177162][T11750] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260
[  931.177210][T11750] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260
[  931.192571][T11750] Bluetooth: hci0: adv larger than maximum supported
[  931.192603][T11750] Bluetooth: hci0: adv larger than maximum supported
[  931.199406][T11750] Bluetooth: hci0: adv larger than maximum supported
[  931.206143][T11750] Bluetooth: hci0: Unknown advertising packet type: 0x20
[  931.212991][T11750] Bluetooth: hci0: Unknown advertising packet type: 0x32
[  933.190921][T11750] Bluetooth: hci3: unexpected subevent 0x04 length: 122 > 11
[  933.293118][T11750] Bluetooth: hci1: unexpected subevent 0x04 length: 122 > 11
[  933.710916][T11750] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260
[  933.710961][T11750] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260
[  933.726220][T11750] Bluetooth: hci2: adv larger than maximum supported
[  933.726255][T11750] Bluetooth: hci2: adv larger than maximum supported
[  933.734233][T11750] Bluetooth: hci2: adv larger than maximum supported
[  933.741057][T11750] Bluetooth: hci2: Unknown advertising packet type: 0x20
[  933.751421][T11750] Bluetooth: hci2: adv larger than maximum supported
[  935.263477][T15872] warn_alloc: 1 callbacks suppressed
[  935.263500][T15872] syz.2.1926: vmalloc error: size 4096, failed to allocate pages, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  935.291774][T15872] CPU: 1 UID: 0 PID: 15872 Comm: syz.2.1926 Not tainted 6.14.0-rc5-syzkaller-00105-gf315296c92fd #0
[  935.291815][T15872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  935.291835][T15872] Call Trace:
[  935.291843][T15872]  <TASK>
[  935.291855][T15872]  dump_stack_lvl+0x16c/0x1f0
[  935.291906][T15872]  warn_alloc+0x24d/0x3a0
[  935.291960][T15872]  ? __pfx_warn_alloc+0x10/0x10
[  935.292014][T15872]  ? __pfx_lock_release+0x10/0x10
[  935.292063][T15872]  ? rcu_is_watching+0x12/0xc0
[  935.292097][T15872]  ? __mod_memcg_state+0x419/0x5d0
[  935.292152][T15872]  __vmalloc_node_range_noprof+0x12bd/0x1530
[  935.292210][T15872]  ? kvm_dev_ioctl+0x151/0x1a90
[  935.292266][T15872]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  935.292316][T15872]  ? __pfx_snprintf+0x10/0x10
[  935.292355][T15872]  ? _raw_spin_unlock+0x28/0x50
[  935.292390][T15872]  ? alloc_fd+0x41f/0x760
[  935.292437][T15872]  ? kvm_dev_ioctl+0x151/0x1a90
[  935.292490][T15872]  __vmalloc_noprof+0x6d/0x90
[  935.292554][T15872]  ? kvm_dev_ioctl+0x151/0x1a90
[  935.292609][T15872]  kvm_dev_ioctl+0x151/0x1a90
[  935.292674][T15872]  ? __pfx_lock_release+0x10/0x10
[  935.292724][T15872]  ? trace_lock_acquire+0x14e/0x1f0
[  935.292770][T15872]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[  935.292830][T15872]  ? __fget_files+0x206/0x3a0
[  935.292884][T15872]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[  935.292942][T15872]  __x64_sys_ioctl+0x190/0x200
[  935.292986][T15872]  do_syscall_64+0xcd/0x250
[  935.293036][T15872]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  935.293084][T15872] RIP: 0033:0x7f6ac4d8d169
[  935.293110][T15872] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  935.293143][T15872] RSP: 002b:00007f6ac5c09038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  935.293175][T15872] RAX: ffffffffffffffda RBX: 00007f6ac4fa5fa0 RCX: 00007f6ac4d8d169
[  935.293197][T15872] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000005
[  935.293217][T15872] RBP: 00007f6ac4e0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  935.293237][T15872] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  935.293257][T15872] R13: 0000000000000000 R14: 00007f6ac4fa5fa0 R15: 00007ffcc748f548
[  935.293296][T15872]  </TASK>
[  935.293402][T15872] Mem-Info:
[  935.553250][T15872] active_anon:26960 inactive_anon:2 isolated_anon:0
[  935.553250][T15872]  active_file:18259 inactive_file:38911 isolated_file:0
[  935.553250][T15872]  unevictable:768 dirty:727 writeback:0
[  935.553250][T15872]  slab_reclaimable:17508 slab_unreclaimable:155275
[  935.553250][T15872]  mapped:29106 shmem:6059 pagetables:1010
[  935.553250][T15872]  sec_pagetables:0 bounce:0
[  935.553250][T15872]  kernel_misc_reclaimable:0
[  935.553250][T15872]  free:1246394 free_pcp:3499 free_cma:0
[  935.615266][T15872] Node 0 active_anon:108940kB inactive_anon:8kB active_file:73036kB inactive_file:155572kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:116424kB dirty:2908kB writeback:0kB shmem:23200kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:2048kB writeback_tmp:0kB kernel_stack:10496kB pagetables:4040kB sec_pagetables:0kB all_unreclaimable? no
[  935.690966][T15872] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:80kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  935.809183][T15872] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  935.852262][T15872] lowmem_reserve[]: 0 2487 2487 0 0
[  935.904124][T15872] Node 0 DMA32 free:1061532kB boost:0kB min:34152kB low:42688kB high:51224kB reserved_highatomic:0KB active_anon:115280kB inactive_anon:8kB active_file:73036kB inactive_file:155480kB unevictable:1536kB writepending:2908kB present:3129332kB managed:2547524kB mlocked:0kB bounce:0kB free_pcp:12236kB local_pcp:10196kB free_cma:0kB
[  935.988985][T15872] lowmem_reserve[]: 0 0 0 0 0
[  935.993926][T15872] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB active_anon:8kB inactive_anon:0kB active_file:0kB inactive_file:92kB unevictable:0kB writepending:0kB present:1048580kB managed:108kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB
[  936.021612][T15872] lowmem_reserve[]: 0 0 0 0 0
[  936.026437][T15872] Node 1 Normal free:3902600kB boost:0kB min:55748kB low:69684kB high:83620kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:496kB local_pcp:0kB free_cma:0kB
[  936.073984][T15872] lowmem_reserve[]: 0 0 0 0 0
[  936.088545][T15872] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  936.135400][T15872] Node 0 DMA32: 446*4kB (UE) 251*8kB (U) 1475*16kB (UME) 1004*32kB (UME) 490*64kB (UME) 200*128kB (UM) 140*256kB (UME) 69*512kB (M) 43*1024kB (M) 2*2048kB (UM) 203*4096kB (M) = 1067264kB
[  936.202769][T15872] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  936.256323][T15872] Node 1 Normal: 166*4kB (UE) 48*8kB (UME) 43*16kB (UME) 226*32kB (UME) 86*64kB (UME) 28*128kB (UME) 14*256kB (UM) 10*512kB (UME) 9*1024kB (UME) 4*2048kB (UE) 942*4096kB (UM) = 3902600kB
[  936.323782][T15872] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  936.355221][T15872] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  936.426596][T15872] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  936.436330][T15872] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  936.500452][T15872] 66397 total pagecache pages
[  936.530214][T15872] 75 pages in swap cache
[  936.534629][T15872] Free swap  = 120376kB
[  936.590645][T15872] Total swap = 124996kB
[  936.594889][T15872] 2097051 pages RAM
[  936.640849][T15872] 0 pages HighMem/MovableOnly
[  936.666656][T15872] 428512 pages reserved
[  936.692481][T15872] 0 pages cma reserved
[  937.018871][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  937.025422][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  937.926406][T11750] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260
[  937.926531][T11750] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260
[  937.946025][T11750] Bluetooth: hci1: adv larger than maximum supported
[  937.946057][T11750] Bluetooth: hci1: adv larger than maximum supported
[  937.953102][T11750] Bluetooth: hci1: adv larger than maximum supported
[  937.962066][T11750] Bluetooth: hci1: Unknown advertising packet type: 0x20
[  937.968911][T11750] Bluetooth: hci1: adv larger than maximum supported
[  939.443397][T11750] Bluetooth: hci3: unexpected subevent 0x04 length: 122 > 11
[  941.303980][T11750] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260
[  941.304030][T11750] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260
[  941.320677][T11750] Bluetooth: hci2: adv larger than maximum supported
[  941.320711][T11750] Bluetooth: hci2: adv larger than maximum supported
[  941.327743][T11750] Bluetooth: hci2: adv larger than maximum supported
[  941.334572][T11750] Bluetooth: hci2: Unknown advertising packet type: 0x20
[  941.345407][T11750] Bluetooth: hci2: adv larger than maximum supported
[  942.725644][T11750] Bluetooth: hci2: unexpected subevent 0x04 length: 122 > 11
[  943.548615][T11750] Bluetooth: hci3: unexpected subevent 0x04 length: 122 > 11
[  950.381235][T16039] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1956'.
[  954.386776][T11750] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260
[  954.386820][T11750] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260
[  954.401691][T11750] Bluetooth: hci1: adv larger than maximum supported
[  954.401722][T11750] Bluetooth: hci1: adv larger than maximum supported
[  954.425765][T11750] Bluetooth: hci1: adv larger than maximum supported
[  954.437456][T11750] Bluetooth: hci1: Unknown advertising packet type: 0x20
[  954.444230][T11750] Bluetooth: hci1: adv larger than maximum supported
[  954.962541][T11750] Bluetooth: hci3: unexpected subevent 0x04 length: 122 > 11
[  959.658120][T11750] Bluetooth: hci0: unexpected subevent 0x04 length: 122 > 11
[  960.804828][T16139] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1973'.
[  961.674649][T11750] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260
[  961.674695][T11750] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260
[  961.691096][T11750] Bluetooth: hci2: adv larger than maximum supported
[  963.936944][T11750] Bluetooth: hci0: unexpected subevent 0x04 length: 122 > 11
[  964.736984][T11750] Bluetooth: hci1: unexpected subevent 0x04 length: 122 > 11
[  965.812479][T16194] syz.2.1983: vmalloc error: size 20480, failed to allocate pages, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  965.856773][T16194] CPU: 0 UID: 0 PID: 16194 Comm: syz.2.1983 Not tainted 6.14.0-rc5-syzkaller-00105-gf315296c92fd #0
[  965.856816][T16194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  965.856832][T16194] Call Trace:
[  965.856840][T16194]  <TASK>
[  965.856850][T16194]  dump_stack_lvl+0x16c/0x1f0
[  965.856897][T16194]  warn_alloc+0x24d/0x3a0
[  965.856949][T16194]  ? __pfx_warn_alloc+0x10/0x10
[  965.857020][T16194]  ? __pfx_lock_release+0x10/0x10
[  965.857069][T16194]  ? rcu_is_watching+0x12/0xc0
[  965.857104][T16194]  ? __mod_memcg_state+0x419/0x5d0
[  965.857164][T16194]  __vmalloc_node_range_noprof+0x12bd/0x1530
[  965.857235][T16194]  ? kvm_dev_ioctl+0x151/0x1a90
[  965.857300][T16194]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  965.857349][T16194]  ? __pfx_snprintf+0x10/0x10
[  965.857393][T16194]  ? _raw_spin_unlock+0x28/0x50
[  965.857428][T16194]  ? alloc_fd+0x41f/0x760
[  965.857477][T16194]  ? kvm_dev_ioctl+0x151/0x1a90
[  965.857531][T16194]  __vmalloc_noprof+0x6d/0x90
[  965.857576][T16194]  ? kvm_dev_ioctl+0x151/0x1a90
[  965.857629][T16194]  kvm_dev_ioctl+0x151/0x1a90
[  965.857687][T16194]  ? __pfx_lock_release+0x10/0x10
[  965.857733][T16194]  ? trace_lock_acquire+0x14e/0x1f0
[  965.857777][T16194]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[  965.857836][T16194]  ? __fget_files+0x206/0x3a0
[  965.857891][T16194]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[  965.857947][T16194]  __x64_sys_ioctl+0x190/0x200
[  965.857992][T16194]  do_syscall_64+0xcd/0x250
[  965.858042][T16194]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  965.858090][T16194] RIP: 0033:0x7f6ac4d8d169
[  965.858116][T16194] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  965.858148][T16194] RSP: 002b:00007f6ac5c09038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  965.858179][T16194] RAX: ffffffffffffffda RBX: 00007f6ac4fa5fa0 RCX: 00007f6ac4d8d169
[  965.858203][T16194] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000005
[  965.858231][T16194] RBP: 00007f6ac4e0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  965.858253][T16194] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  965.858274][T16194] R13: 0000000000000000 R14: 00007f6ac4fa5fa0 R15: 00007ffcc748f548
[  965.858315][T16194]  </TASK>
[  965.858330][T16194] Mem-Info:
[  966.126634][T16194] active_anon:39848 inactive_anon:2 isolated_anon:325
[  966.126634][T16194]  active_file:18239 inactive_file:38922 isolated_file:0
[  966.126634][T16194]  unevictable:768 dirty:740 writeback:0
[  966.126634][T16194]  slab_reclaimable:17501 slab_unreclaimable:157481
[  966.126634][T16194]  mapped:36118 shmem:19803 pagetables:1004
[  966.126634][T16194]  sec_pagetables:0 bounce:0
[  966.126634][T16194]  kernel_misc_reclaimable:0
[  966.126634][T16194]  free:1231042 free_pcp:2926 free_cma:0
[  966.172335][    C0] vkms_vblank_simulate: vblank timer overrun
[  966.248749][T16194] Node 0 active_anon:163372kB inactive_anon:8kB active_file:73036kB inactive_file:155620kB unevictable:1536kB isolated(anon):200kB isolated(file):0kB mapped:145304kB dirty:3044kB writeback:0kB shmem:78468kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:4096kB writeback_tmp:0kB kernel_stack:10640kB pagetables:4108kB sec_pagetables:0kB all_unreclaimable? no
[  966.281771][    C0] vkms_vblank_simulate: vblank timer overrun
[  966.326926][T16194] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:80kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  966.357085][    C0] vkms_vblank_simulate: vblank timer overrun
[  966.496664][T16194] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  966.523855][    C0] vkms_vblank_simulate: vblank timer overrun
[  966.627942][T16194] lowmem_reserve[]: 0 2487 2487 0 0
[  966.633317][T16194] Node 0 DMA32 free:1004384kB boost:0kB min:34152kB low:42688kB high:51224kB reserved_highatomic:0KB active_anon:162148kB inactive_anon:8kB active_file:73036kB inactive_file:155528kB unevictable:1536kB writepending:3044kB present:3129332kB managed:2547524kB mlocked:0kB bounce:0kB free_pcp:8676kB local_pcp:7412kB free_cma:0kB
[  966.663886][    C0] vkms_vblank_simulate: vblank timer overrun
[  966.724351][T16194] lowmem_reserve[]: 0 0 0 0 0
[  966.736546][T16194] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB active_anon:8kB inactive_anon:0kB active_file:0kB inactive_file:92kB unevictable:0kB writepending:0kB present:1048580kB managed:108kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB
[  966.766900][T16194] lowmem_reserve[]: 0 0 0 0 0
[  966.771728][T16194] Node 1 Normal free:3902600kB boost:0kB min:55748kB low:69684kB high:83620kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:496kB local_pcp:0kB free_cma:0kB
[  966.870340][T16194] lowmem_reserve[]: 0 0 0 0 0
[  966.875202][T16194] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  966.888349][T16194] Node 0 DMA32: 1050*4kB (UME) 677*8kB (UM) 762*16kB (UME) 573*32kB (UME) 595*64kB (UME) 242*128kB (UM) 84*256kB (UME) 43*512kB (UM) 28*1024kB (M) 5*2048kB (M) 202*4096kB (UM) = 1019024kB
[  966.966550][T16194] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  966.996528][T16194] Node 1 Normal: 166*4kB (UE) 48*8kB (UME) 43*16kB (UME) 226*32kB (UME) 86*64kB (UME) 28*128kB (UME) 14*256kB (UM) 10*512kB (UME) 9*1024kB (UME) 4*2048kB (UE) 942*4096kB (UM) = 3902600kB
[  967.064677][T16194] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  967.116160][T16194] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  967.125986][T16194] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  967.137062][T16194] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  967.147043][T16194] 76256 total pagecache pages
[  967.151882][T16194] 98 pages in swap cache
[  967.156162][T16194] Free swap  = 118140kB
[  967.160994][T16194] Total swap = 124996kB
[  967.165294][T16194] 2097051 pages RAM
[  967.169686][T16194] 0 pages HighMem/MovableOnly
[  967.174406][T16194] 428512 pages reserved
[  967.186615][T16194] 0 pages cma reserved
[  967.370749][T11750] Bluetooth: hci0: unexpected subevent 0x04 length: 122 > 11
[  967.895750][T16215] FAULT_INJECTION: forcing a failure.
[  967.895750][T16215] name failslab, interval 1, probability 0, space 0, times 0
[  967.916695][T16215] CPU: 1 UID: 0 PID: 16215 Comm: syz.3.1985 Not tainted 6.14.0-rc5-syzkaller-00105-gf315296c92fd #0
[  967.916737][T16215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  967.916755][T16215] Call Trace:
[  967.916765][T16215]  <TASK>
[  967.916778][T16215]  dump_stack_lvl+0x16c/0x1f0
[  967.916829][T16215]  should_fail_ex+0x50a/0x650
[  967.916881][T16215]  ? fs_reclaim_acquire+0xae/0x150
[  967.916927][T16215]  should_failslab+0xc2/0x120
[  967.916958][T16215]  __kmalloc_cache_node_noprof+0x6e/0x420
[  967.917006][T16215]  ? __pfx_number+0x10/0x10
[  967.917032][T16215]  ? format_decode+0x1ae/0xd40
[  967.917063][T16215]  ? __get_vm_area_node+0x101/0x2f0
[  967.917111][T16215]  __get_vm_area_node+0x101/0x2f0
[  967.917158][T16215]  __vmalloc_node_range_noprof+0x26a/0x1530
[  967.917205][T16215]  ? kvm_dev_ioctl+0x151/0x1a90
[  967.917264][T16215]  ? __pfx_vsnprintf+0x10/0x10
[  967.917314][T16215]  ? kvm_dev_ioctl+0x151/0x1a90
[  967.917367][T16215]  ? do_raw_spin_lock+0x12d/0x2c0
[  967.917403][T16215]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  967.917450][T16215]  ? __pfx_snprintf+0x10/0x10
[  967.917491][T16215]  ? _raw_spin_unlock+0x28/0x50
[  967.917526][T16215]  ? alloc_fd+0x41f/0x760
[  967.917571][T16215]  ? kvm_dev_ioctl+0x151/0x1a90
[  967.917622][T16215]  __vmalloc_noprof+0x6d/0x90
[  967.917664][T16215]  ? kvm_dev_ioctl+0x151/0x1a90
[  967.917711][T16215]  kvm_dev_ioctl+0x151/0x1a90
[  967.917761][T16215]  ? __pfx_lock_release+0x10/0x10
[  967.917805][T16215]  ? trace_lock_acquire+0x14e/0x1f0
[  967.917848][T16215]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[  967.917906][T16215]  ? __fget_files+0x206/0x3a0
[  967.917958][T16215]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[  967.918012][T16215]  __x64_sys_ioctl+0x190/0x200
[  967.918055][T16215]  do_syscall_64+0xcd/0x250
[  967.918102][T16215]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  967.918150][T16215] RIP: 0033:0x7f0dc598d169
[  967.918175][T16215] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  967.918206][T16215] RSP: 002b:00007f0dc675c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  967.918237][T16215] RAX: ffffffffffffffda RBX: 00007f0dc5ba5fa0 RCX: 00007f0dc598d169
[  967.918259][T16215] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000005
[  967.918278][T16215] RBP: 00007f0dc5a0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  967.918305][T16215] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  967.918324][T16215] R13: 0000000000000000 R14: 00007f0dc5ba5fa0 R15: 00007fffaf666778
[  967.918363][T16215]  </TASK>
[  970.341786][T16235] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1989'.
[  975.545606][T11750] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260
[  975.545653][T11750] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260
[  975.561042][T11750] Bluetooth: hci2: adv larger than maximum supported
[  975.561084][T11750] Bluetooth: hci2: adv larger than maximum supported
[  977.188985][T11750] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260
[  977.189033][T11750] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260
[  977.204732][T11750] Bluetooth: hci1: adv larger than maximum supported
[  977.204771][T11750] Bluetooth: hci1: adv larger than maximum supported
[  978.067007][T11750] Bluetooth: hci2: unexpected subevent 0x04 length: 122 > 11
[  979.606028][T11750] Bluetooth: hci0: unexpected subevent 0x04 length: 122 > 11
[  985.734571][T11750] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260
[  985.734617][T11750] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260
[  985.752028][T11750] Bluetooth: hci0: adv larger than maximum supported
[  989.442478][T11750] Bluetooth: hci0: unexpected subevent 0x04 length: 122 > 11
[  990.531922][T11750] Bluetooth: hci3: unexpected subevent 0x04 length: 122 > 11
[  992.754964][T11750] Bluetooth: hci1: unexpected subevent 0x04 length: 122 > 11
[  994.283157][T11750] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260
[  994.283202][T11750] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260
[  994.298848][T11750] Bluetooth: hci0: adv larger than maximum supported
[  994.298879][T11750] Bluetooth: hci0: adv larger than maximum supported
[  994.305655][T11750] Bluetooth: hci0: adv larger than maximum supported
[  994.316731][T11750] Bluetooth: hci0: Unknown advertising packet type: 0x20
[  994.323609][T11750] Bluetooth: hci0: adv larger than maximum supported
[  998.129403][T11750] Bluetooth: hci0: unexpected subevent 0x04 length: 122 > 11
[  998.471874][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  998.480800][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[ 1002.437584][T11750] Bluetooth: hci1: unexpected subevent 0x04 length: 122 > 11
[ 1004.966911][T11750] Bluetooth: hci1: unexpected subevent 0x04 length: 122 > 11
[ 1005.649725][T11750] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260
[ 1005.649773][T11750] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260
[ 1005.666612][T11750] Bluetooth: hci3: adv larger than maximum supported
[ 1005.666645][T11750] Bluetooth: hci3: adv larger than maximum supported
[ 1005.673499][T11750] Bluetooth: hci3: adv larger than maximum supported
[ 1005.680498][T11750] Bluetooth: hci3: Unknown advertising packet type: 0x20
[ 1005.687376][T11750] Bluetooth: hci3: adv larger than maximum supported
[ 1006.517868][T16651] warn_alloc: 2 callbacks suppressed
[ 1006.517891][T16651] syz.0.2063: vmalloc error: size 4096, failed to allocate pages, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1006.682341][T16651] CPU: 0 UID: 0 PID: 16651 Comm: syz.0.2063 Not tainted 6.14.0-rc5-syzkaller-00105-gf315296c92fd #0
[ 1006.682383][T16651] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1006.682402][T16651] Call Trace:
[ 1006.682411][T16651]  <TASK>
[ 1006.682423][T16651]  dump_stack_lvl+0x16c/0x1f0
[ 1006.682471][T16651]  warn_alloc+0x24d/0x3a0
[ 1006.682530][T16651]  ? __pfx_warn_alloc+0x10/0x10
[ 1006.682604][T16651]  ? __pfx_lock_release+0x10/0x10
[ 1006.682653][T16651]  ? rcu_is_watching+0x12/0xc0
[ 1006.682688][T16651]  ? __mod_memcg_state+0x419/0x5d0
[ 1006.682746][T16651]  __vmalloc_node_range_noprof+0x12bd/0x1530
[ 1006.682806][T16651]  ? kvm_dev_ioctl+0x151/0x1a90
[ 1006.682869][T16651]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1006.682918][T16651]  ? __pfx_snprintf+0x10/0x10
[ 1006.682961][T16651]  ? _raw_spin_unlock+0x28/0x50
[ 1006.682996][T16651]  ? alloc_fd+0x41f/0x760
[ 1006.683052][T16651]  ? kvm_dev_ioctl+0x151/0x1a90
[ 1006.683104][T16651]  __vmalloc_noprof+0x6d/0x90
[ 1006.683150][T16651]  ? kvm_dev_ioctl+0x151/0x1a90
[ 1006.683205][T16651]  kvm_dev_ioctl+0x151/0x1a90
[ 1006.683260][T16651]  ? __pfx_lock_release+0x10/0x10
[ 1006.683306][T16651]  ? trace_lock_acquire+0x14e/0x1f0
[ 1006.683349][T16651]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[ 1006.683409][T16651]  ? __fget_files+0x206/0x3a0
[ 1006.683462][T16651]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[ 1006.683516][T16651]  __x64_sys_ioctl+0x190/0x200
[ 1006.683559][T16651]  do_syscall_64+0xcd/0x250
[ 1006.683607][T16651]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1006.683652][T16651] RIP: 0033:0x7fbf82d8d169
[ 1006.683677][T16651] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1006.683708][T16651] RSP: 002b:00007fbf83bd7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1006.683739][T16651] RAX: ffffffffffffffda RBX: 00007fbf82fa5fa0 RCX: 00007fbf82d8d169
[ 1006.683760][T16651] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000005
[ 1006.683796][T16651] RBP: 00007fbf82e0e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 1006.683814][T16651] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1006.683832][T16651] R13: 0000000000000000 R14: 00007fbf82fa5fa0 R15: 00007fffa5f973c8
[ 1006.683870][T16651]  </TASK>
[ 1006.683881][T16651] Mem-Info:
[ 1006.898368][T11750] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260
[ 1006.913745][T11750] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260
[ 1006.933713][T11750] Bluetooth: hci3: adv larger than maximum supported
[ 1006.933759][T11750] Bluetooth: hci3: adv larger than maximum supported
[ 1006.940692][T11750] Bluetooth: hci3: adv larger than maximum supported
[ 1006.948403][T11750] Bluetooth: hci3: Unknown advertising packet type: 0x20
[ 1006.955236][T11750] Bluetooth: hci3: adv larger than maximum supported
[ 1006.999749][T16651] active_anon:62960 inactive_anon:2 isolated_anon:0
[ 1006.999749][T16651]  active_file:18259 inactive_file:38939 isolated_file:0
[ 1006.999749][T16651]  unevictable:768 dirty:729 writeback:0
[ 1006.999749][T16651]  slab_reclaimable:17334 slab_unreclaimable:160667
[ 1006.999749][T16651]  mapped:43850 shmem:42948 pagetables:1087
[ 1006.999749][T16651]  sec_pagetables:0 bounce:0
[ 1006.999749][T16651]  kernel_misc_reclaimable:0
[ 1006.999749][T16651]  free:1206516 free_pcp:1403 free_cma:0
[ 1007.283931][T16651] Node 0 active_anon:252492kB inactive_anon:8kB active_file:73036kB inactive_file:155684kB unevictable:1536kB isolated(anon):1548kB isolated(file):0kB mapped:163352kB dirty:3020kB writeback:0kB shmem:175800kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10668kB pagetables:4388kB sec_pagetables:0kB all_unreclaimable? no
[ 1007.412670][T16651] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:80kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[ 1007.512609][T16651] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1007.667008][T16651] lowmem_reserve[]: 0 2487 2487 0 0
[ 1007.690084][T16651] Node 0 DMA32 free:904764kB boost:0kB min:34152kB low:42688kB high:51224kB reserved_highatomic:0KB active_anon:209832kB inactive_anon:8kB active_file:73036kB inactive_file:155592kB unevictable:1536kB writepending:3020kB present:3129332kB managed:2547524kB mlocked:0kB bounce:0kB free_pcp:52416kB local_pcp:51808kB free_cma:0kB
[ 1007.896685][T16651] lowmem_reserve[]: 0 0 0 0 0
[ 1007.901623][T16651] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB active_anon:8kB inactive_anon:0kB active_file:0kB inactive_file:92kB unevictable:0kB writepending:0kB present:1048580kB managed:108kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB
[ 1008.142268][T16651] lowmem_reserve[]: 0 0 0 0 0
[ 1008.177103][T16651] Node 1 Normal free:3899572kB boost:0kB min:55748kB low:69684kB high:83620kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:3504kB local_pcp:492kB free_cma:0kB
[ 1008.241396][T16651] lowmem_reserve[]: 0 0 0 0 0
[ 1008.246231][T16651] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 1008.295303][T16651] Node 0 DMA32: 1145*4kB (UME) 1137*8kB (UME) 1041*16kB (UME) 828*32kB (UME) 461*64kB (UME) 132*128kB (UME) 39*256kB (UME) 3*512kB (UM) 29*1024kB (UM) 11*2048kB (M) 201*4096kB (M) = 990268kB
[ 1008.339300][T16651] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[ 1008.411470][T16651] Node 1 Normal: 1*4kB (E) 4*8kB (ME) 9*16kB (ME) 180*32kB (UME) 86*64kB (UME) 28*128kB (UME) 14*256kB (UM) 10*512kB (UME) 9*1024kB (UME) 4*2048kB (UE) 942*4096kB (UM) = 3899572kB
[ 1008.575314][T16651] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1008.605618][T16651] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1008.701637][T16651] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1008.823089][T16651] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1008.873655][T16651] 69122 total pagecache pages
[ 1008.915480][T16651] 71 pages in swap cache
[ 1008.963802][T16651] Free swap  = 120164kB
[ 1008.973396][T16651] Total swap = 124996kB
[ 1009.027475][T16651] 2097051 pages RAM
[ 1009.042714][T16651] 0 pages HighMem/MovableOnly
[ 1009.058294][T16651] 428512 pages reserved
[ 1009.062539][T16651] 0 pages cma reserved
[ 1009.112356][T11750] Bluetooth: hci0: unexpected subevent 0x04 length: 122 > 11
[ 1009.855984][T16689] netlink: 54 bytes leftover after parsing attributes in process `syz.1.2070'.
[ 1010.780390][T11750] Bluetooth: hci3: unexpected subevent 0x04 length: 122 > 11
[ 1010.902393][T11750] Bluetooth: hci0: unexpected subevent 0x04 length: 122 > 11
[ 1013.607147][T11750] Bluetooth: hci1: unexpected subevent 0x04 length: 122 > 11
[ 1014.025319][T11750] Bluetooth: hci3: unexpected subevent 0x04 length: 122 > 11
[ 1015.826344][T16750] netlink: 22 bytes leftover after parsing attributes in process `syz.2.2080'.
[ 1016.066379][T11750] Bluetooth: hci3: unexpected subevent 0x04 length: 122 > 11
[ 1019.743212][T11750] Bluetooth: hci3: unexpected subevent 0x04 length: 122 > 11
[ 1022.813908][T11750] Bluetooth: hci3: unexpected subevent 0x04 length: 122 > 11
[ 1027.565596][T16882] netlink: 54 bytes leftover after parsing attributes in process `syz.3.2102'.
[ 1027.826540][T11750] Bluetooth: hci2: unexpected subevent 0x04 length: 122 > 11
[ 1033.425074][T16945] syz.3.2114: vmalloc error: size 8192, failed to allocate pages, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1033.466523][T16945] CPU: 1 UID: 0 PID: 16945 Comm: syz.3.2114 Not tainted 6.14.0-rc5-syzkaller-00105-gf315296c92fd #0
[ 1033.466564][T16945] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1033.466582][T16945] Call Trace:
[ 1033.466592][T16945]  <TASK>
[ 1033.466604][T16945]  dump_stack_lvl+0x16c/0x1f0
[ 1033.466654][T16945]  warn_alloc+0x24d/0x3a0
[ 1033.466716][T16945]  ? __pfx_warn_alloc+0x10/0x10
[ 1033.466773][T16945]  ? __pfx_lock_release+0x10/0x10
[ 1033.466821][T16945]  ? rcu_is_watching+0x12/0xc0
[ 1033.466854][T16945]  ? __mod_memcg_state+0x419/0x5d0
[ 1033.466924][T16945]  __vmalloc_node_range_noprof+0x12bd/0x1530
[ 1033.466985][T16945]  ? kvm_dev_ioctl+0x151/0x1a90
[ 1033.467047][T16945]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1033.467095][T16945]  ? __pfx_snprintf+0x10/0x10
[ 1033.467136][T16945]  ? _raw_spin_unlock+0x28/0x50
[ 1033.467172][T16945]  ? alloc_fd+0x41f/0x760
[ 1033.467221][T16945]  ? kvm_dev_ioctl+0x151/0x1a90
[ 1033.467274][T16945]  __vmalloc_noprof+0x6d/0x90
[ 1033.467319][T16945]  ? kvm_dev_ioctl+0x151/0x1a90
[ 1033.467371][T16945]  kvm_dev_ioctl+0x151/0x1a90
[ 1033.467429][T16945]  ? __pfx_lock_release+0x10/0x10
[ 1033.467473][T16945]  ? trace_lock_acquire+0x14e/0x1f0
[ 1033.467516][T16945]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[ 1033.467573][T16945]  ? __fget_files+0x206/0x3a0
[ 1033.467625][T16945]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[ 1033.467679][T16945]  __x64_sys_ioctl+0x190/0x200
[ 1033.467722][T16945]  do_syscall_64+0xcd/0x250
[ 1033.467770][T16945]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1033.467815][T16945] RIP: 0033:0x7f0dc598d169
[ 1033.467840][T16945] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1033.467871][T16945] RSP: 002b:00007f0dc675c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1033.467901][T16945] RAX: ffffffffffffffda RBX: 00007f0dc5ba5fa0 RCX: 00007f0dc598d169
[ 1033.467933][T16945] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000005
[ 1033.467953][T16945] RBP: 00007f0dc5a0e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 1033.467973][T16945] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1033.467992][T16945] R13: 0000000000000000 R14: 00007f0dc5ba5fa0 R15: 00007fffaf666778
[ 1033.468032][T16945]  </TASK>
[ 1033.469859][T16945] Mem-Info:
[ 1033.643128][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1033.760895][T16945] active_anon:47851 inactive_anon:4 isolated_anon:0
[ 1033.760895][T16945]  active_file:18245 inactive_file:38949 isolated_file:0
[ 1033.760895][T16945]  unevictable:768 dirty:966 writeback:0
[ 1033.760895][T16945]  slab_reclaimable:17762 slab_unreclaimable:160612
[ 1033.760895][T16945]  mapped:35545 shmem:26405 pagetables:1112
[ 1033.760895][T16945]  sec_pagetables:0 bounce:0
[ 1033.760895][T16945]  kernel_misc_reclaimable:0
[ 1033.760895][T16945]  free:1215906 free_pcp:7092 free_cma:0
[ 1033.806515][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1033.932196][T16945] Node 0 active_anon:201604kB inactive_anon:16kB active_file:72980kB inactive_file:155724kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:144980kB dirty:3864kB writeback:0kB shmem:110584kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:8192kB writeback_tmp:0kB kernel_stack:10876kB pagetables:4548kB sec_pagetables:0kB all_unreclaimable? no
[ 1033.965344][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1034.026543][T16945] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:80kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[ 1034.067410][T16947] netlink: 6 bytes leftover after parsing attributes in process `syz.1.2113'.
[ 1034.109048][T16945] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1034.192656][T16945] lowmem_reserve[]: 0 2487 2487 0 0
[ 1034.200455][T16945] Node 0 DMA32 free:945468kB boost:0kB min:34152kB low:42688kB high:51224kB reserved_highatomic:0KB active_anon:213696kB inactive_anon:16kB active_file:72980kB inactive_file:155632kB unevictable:1536kB writepending:3864kB present:3129332kB managed:2547524kB mlocked:0kB bounce:0kB free_pcp:4368kB local_pcp:2040kB free_cma:0kB
[ 1034.409477][T16945] lowmem_reserve[]: 0 0 0 0 0
[ 1034.437209][T16945] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB active_anon:8kB inactive_anon:0kB active_file:0kB inactive_file:92kB unevictable:0kB writepending:0kB present:1048580kB managed:108kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB
[ 1034.463837][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1034.526837][T16945] lowmem_reserve[]: 0 0 0 0 0
[ 1034.531680][T16945] Node 1 Normal free:3901840kB boost:0kB min:55748kB low:69684kB high:83620kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:1224kB local_pcp:736kB free_cma:0kB
[ 1034.561091][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1034.646521][T16945] lowmem_reserve[]: 0 0 0 0 0
[ 1034.651356][T16945] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 1034.706712][T16945] Node 0 DMA32: 664*4kB (UME) 174*8kB (UE) 343*16kB (UME) 190*32kB (UE) 64*64kB (UME) 22*128kB (UME) 118*256kB (UME) 51*512kB (UM) 47*1024kB (UM) 2*2048kB (UM) 193*4096kB (UM) = 921600kB
[ 1034.780581][T16945] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[ 1034.836559][T16945] Node 1 Normal: 2*4kB (UE) 35*8kB (UME) 43*16kB (UME) 226*32kB (UME) 86*64kB (UME) 28*128kB (UME) 14*256kB (UM) 10*512kB (UME) 9*1024kB (UME) 4*2048kB (UE) 942*4096kB (UM) = 3901840kB
[ 1034.896815][T16945] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1034.916759][T16945] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=2 hugepages_size=2048kB
[ 1034.947177][T16945] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1034.983308][T16945] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1035.028503][T16945] 96623 total pagecache pages
[ 1035.045321][T16945] 162 pages in swap cache
[ 1035.065525][T16945] Free swap  = 119924kB
[ 1035.089011][T16945] Total swap = 124996kB
[ 1035.093254][T16945] 2097051 pages RAM
[ 1035.154972][T16945] 0 pages HighMem/MovableOnly
[ 1035.180212][T16945] 428512 pages reserved
[ 1035.205510][T16945] 0 pages cma reserved
[ 1035.712412][T11750] Bluetooth: hci1: unexpected subevent 0x04 length: 122 > 11
[ 1038.633259][T11750] Bluetooth: hci1: unexpected subevent 0x04 length: 122 > 11
[ 1041.000654][T17011] netlink: 54 bytes leftover after parsing attributes in process `syz.1.2125'.
[ 1047.846925][T11750] Bluetooth: hci2: unexpected subevent 0x04 length: 122 > 11
[ 1048.166753][T11750] Bluetooth: hci1: unexpected subevent 0x04 length: 122 > 11
[ 1052.264153][T17144] netlink: 26 bytes leftover after parsing attributes in process `syz.3.2150'.
[ 1052.750158][T11750] Bluetooth: hci3: unexpected subevent 0x04 length: 122 > 11
[ 1053.355892][T11750] Bluetooth: hci1: unexpected subevent 0x04 length: 122 > 11
[ 1054.480421][T11750] Bluetooth: hci0: unexpected subevent 0x04 length: 122 > 11
[ 1054.876529][T11750] Bluetooth: hci1: unexpected subevent 0x04 length: 122 > 11
[ 1057.400917][T17215] syz.2.2166: vmalloc error: size 16384, failed to allocate pages, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1057.442861][T17215] CPU: 0 UID: 0 PID: 17215 Comm: syz.2.2166 Not tainted 6.14.0-rc5-syzkaller-00105-gf315296c92fd #0
[ 1057.442905][T17215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1057.442924][T17215] Call Trace:
[ 1057.442933][T17215]  <TASK>
[ 1057.442943][T17215]  dump_stack_lvl+0x16c/0x1f0
[ 1057.442988][T17215]  warn_alloc+0x24d/0x3a0
[ 1057.443033][T17215]  ? __pfx_warn_alloc+0x10/0x10
[ 1057.443090][T17215]  ? __pfx_lock_release+0x10/0x10
[ 1057.443140][T17215]  ? rcu_is_watching+0x12/0xc0
[ 1057.443175][T17215]  ? __mod_memcg_state+0x419/0x5d0
[ 1057.443233][T17215]  __vmalloc_node_range_noprof+0x12bd/0x1530
[ 1057.443292][T17215]  ? kvm_dev_ioctl+0x151/0x1a90
[ 1057.443353][T17215]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1057.443408][T17215]  ? __pfx_snprintf+0x10/0x10
[ 1057.443452][T17215]  ? _raw_spin_unlock+0x28/0x50
[ 1057.443485][T17215]  ? alloc_fd+0x41f/0x760
[ 1057.443525][T17215]  ? kvm_dev_ioctl+0x151/0x1a90
[ 1057.443573][T17215]  __vmalloc_noprof+0x6d/0x90
[ 1057.443619][T17215]  ? kvm_dev_ioctl+0x151/0x1a90
[ 1057.443673][T17215]  kvm_dev_ioctl+0x151/0x1a90
[ 1057.443732][T17215]  ? __pfx_lock_release+0x10/0x10
[ 1057.443778][T17215]  ? trace_lock_acquire+0x14e/0x1f0
[ 1057.443824][T17215]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[ 1057.443885][T17215]  ? __fget_files+0x206/0x3a0
[ 1057.443940][T17215]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[ 1057.443998][T17215]  __x64_sys_ioctl+0x190/0x200
[ 1057.444043][T17215]  do_syscall_64+0xcd/0x250
[ 1057.444091][T17215]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1057.444139][T17215] RIP: 0033:0x7f6ac4d8d169
[ 1057.444164][T17215] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1057.444197][T17215] RSP: 002b:00007f6ac5c09038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1057.444229][T17215] RAX: ffffffffffffffda RBX: 00007f6ac4fa5fa0 RCX: 00007f6ac4d8d169
[ 1057.444251][T17215] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000005
[ 1057.444271][T17215] RBP: 00007f6ac4e0e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 1057.444292][T17215] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1057.444312][T17215] R13: 0000000000000000 R14: 00007f6ac4fa5fa0 R15: 00007ffcc748f548
[ 1057.444353][T17215]  </TASK>
[ 1057.444372][T17215] Mem-Info:
[ 1057.675619][T17215] active_anon:18907 inactive_anon:2 isolated_anon:0
[ 1057.675619][T17215]  active_file:18259 inactive_file:38959 isolated_file:0
[ 1057.675619][T17215]  unevictable:768 dirty:826 writeback:0
[ 1057.675619][T17215]  slab_reclaimable:17990 slab_unreclaimable:161336
[ 1057.675619][T17215]  mapped:25199 shmem:1712 pagetables:937
[ 1057.675619][T17215]  sec_pagetables:0 bounce:0
[ 1057.675619][T17215]  kernel_misc_reclaimable:0
[ 1057.675619][T17215]  free:1250628 free_pcp:752 free_cma:0
[ 1057.720954][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1057.789863][T17215] Node 0 active_anon:80028kB inactive_anon:8kB active_file:73036kB inactive_file:155764kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:101596kB dirty:3304kB writeback:0kB shmem:6012kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10656kB pagetables:3748kB sec_pagetables:0kB all_unreclaimable? no
[ 1057.822315][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1057.876668][T17215] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:80kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[ 1057.906829][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1057.936524][T17215] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1057.963654][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1057.996607][T17215] lowmem_reserve[]: 0 2487 2487 0 0
[ 1058.001984][T17215] Node 0 DMA32 free:1073840kB boost:0kB min:34152kB low:42688kB high:51224kB reserved_highatomic:0KB active_anon:81520kB inactive_anon:8kB active_file:73036kB inactive_file:155672kB unevictable:1536kB writepending:3304kB present:3129332kB managed:2547524kB mlocked:0kB bounce:0kB free_pcp:6584kB local_pcp:1268kB free_cma:0kB
[ 1058.032561][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1058.093636][T17215] lowmem_reserve[]: 0 0 0 0 0
[ 1058.105426][T17215] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB active_anon:8kB inactive_anon:0kB active_file:0kB inactive_file:92kB unevictable:0kB writepending:0kB present:1048580kB managed:108kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB
[ 1058.132101][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1058.188674][T17215] lowmem_reserve[]: 0 0 0 0 0
[ 1058.193602][T17215] Node 1 Normal free:3902576kB boost:0kB min:55748kB low:69684kB high:83620kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:492kB local_pcp:488kB free_cma:0kB
[ 1058.222689][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1058.256744][T17215] lowmem_reserve[]: 0 0 0 0 0
[ 1058.262021][T17215] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 1058.293513][T17215] Node 0 DMA32: 62*4kB (UE) 474*8kB (UM) 1313*16kB (UME) 1103*32kB (UME) 536*64kB (UME) 263*128kB (UME) 120*256kB (UME) 56*512kB (UM) 39*1024kB (M) 17*2048kB (M) 198*4096kB (UM) = 1073464kB
[ 1058.314874][T17215] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[ 1058.356556][T17215] Node 1 Normal: 160*4kB (UE) 48*8kB (UME) 43*16kB (UME) 226*32kB (UME) 86*64kB (UME) 28*128kB (UME) 14*256kB (UM) 10*512kB (UME) 9*1024kB (UME) 4*2048kB (UE) 942*4096kB (UM) = 3902576kB
[ 1058.395873][T17215] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1058.411144][T17215] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1058.420704][T17215] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1058.435793][T17215] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1058.451073][T17215] 58741 total pagecache pages
[ 1058.457217][T17215] 46 pages in swap cache
[ 1058.461995][T17215] Free swap  = 120440kB
[ 1058.466231][T17215] Total swap = 124996kB
[ 1058.486722][T17215] 2097051 pages RAM
[ 1058.505273][T17215] 0 pages HighMem/MovableOnly
[ 1058.524677][T17215] 428512 pages reserved
[ 1058.542230][T17215] 0 pages cma reserved
[ 1059.907064][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[ 1059.913424][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[ 1062.257857][T17279] netlink: 22 bytes leftover after parsing attributes in process `syz.3.2177'.
[ 1064.486849][T11750] Bluetooth: hci0: unexpected subevent 0x04 length: 122 > 11
[ 1064.579986][T11750] Bluetooth: hci2: unexpected subevent 0x04 length: 122 > 11
[ 1067.996070][T17341] warn_alloc: 1 callbacks suppressed
[ 1067.996095][T17341] syz.0.2189: vmalloc error: size 8192, failed to allocate pages, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1068.038832][T17341] CPU: 1 UID: 0 PID: 17341 Comm: syz.0.2189 Not tainted 6.14.0-rc5-syzkaller-00105-gf315296c92fd #0
[ 1068.038880][T17341] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1068.038901][T17341] Call Trace:
[ 1068.038911][T17341]  <TASK>
[ 1068.038923][T17341]  dump_stack_lvl+0x16c/0x1f0
[ 1068.038975][T17341]  warn_alloc+0x24d/0x3a0
[ 1068.039032][T17341]  ? __pfx_warn_alloc+0x10/0x10
[ 1068.039089][T17341]  ? __pfx_lock_release+0x10/0x10
[ 1068.039138][T17341]  ? rcu_is_watching+0x12/0xc0
[ 1068.039172][T17341]  ? __mod_memcg_state+0x419/0x5d0
[ 1068.039231][T17341]  __vmalloc_node_range_noprof+0x12bd/0x1530
[ 1068.039294][T17341]  ? kvm_dev_ioctl+0x151/0x1a90
[ 1068.039356][T17341]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1068.039404][T17341]  ? __pfx_snprintf+0x10/0x10
[ 1068.039447][T17341]  ? _raw_spin_unlock+0x28/0x50
[ 1068.039490][T17341]  ? alloc_fd+0x41f/0x760
[ 1068.039539][T17341]  ? kvm_dev_ioctl+0x151/0x1a90
[ 1068.039593][T17341]  __vmalloc_noprof+0x6d/0x90
[ 1068.039638][T17341]  ? kvm_dev_ioctl+0x151/0x1a90
[ 1068.039692][T17341]  kvm_dev_ioctl+0x151/0x1a90
[ 1068.039748][T17341]  ? __pfx_lock_release+0x10/0x10
[ 1068.039795][T17341]  ? trace_lock_acquire+0x14e/0x1f0
[ 1068.039844][T17341]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[ 1068.039901][T17341]  ? __fget_files+0x206/0x3a0
[ 1068.039952][T17341]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[ 1068.040005][T17341]  __x64_sys_ioctl+0x190/0x200
[ 1068.040047][T17341]  do_syscall_64+0xcd/0x250
[ 1068.040094][T17341]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1068.040138][T17341] RIP: 0033:0x7fbf82d8d169
[ 1068.040163][T17341] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1068.040193][T17341] RSP: 002b:00007fbf83bd7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1068.040222][T17341] RAX: ffffffffffffffda RBX: 00007fbf82fa5fa0 RCX: 00007fbf82d8d169
[ 1068.040242][T17341] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000005
[ 1068.040261][T17341] RBP: 00007fbf82e0e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 1068.040281][T17341] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1068.040302][T17341] R13: 0000000000000000 R14: 00007fbf82fa5fa0 R15: 00007fffa5f973c8
[ 1068.040341][T17341]  </TASK>
[ 1068.041548][T17341] Mem-Info:
[ 1068.296517][T17341] active_anon:30029 inactive_anon:2 isolated_anon:0
[ 1068.296517][T17341]  active_file:18259 inactive_file:38963 isolated_file:0
[ 1068.296517][T17341]  unevictable:768 dirty:960 writeback:0
[ 1068.296517][T17341]  slab_reclaimable:17655 slab_unreclaimable:162487
[ 1068.296517][T17341]  mapped:28170 shmem:10779 pagetables:983
[ 1068.296517][T17341]  sec_pagetables:0 bounce:0
[ 1068.296517][T17341]  kernel_misc_reclaimable:0
[ 1068.296517][T17341]  free:1235955 free_pcp:2814 free_cma:0
[ 1068.342472][T17341] Node 0 active_anon:120116kB inactive_anon:8kB active_file:73036kB inactive_file:155780kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:112680kB dirty:3840kB writeback:0kB shmem:41580kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:4096kB writeback_tmp:0kB kernel_stack:10736kB pagetables:3932kB sec_pagetables:0kB all_unreclaimable? no
[ 1068.375558][T17341] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:80kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[ 1068.407159][T17341] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1068.576563][T17341] lowmem_reserve[]: 0 2487 2487 0 0
[ 1068.581930][T17341] Node 0 DMA32 free:1019876kB boost:0kB min:34152kB low:42688kB high:51224kB reserved_highatomic:0KB active_anon:117404kB inactive_anon:8kB active_file:73036kB inactive_file:155688kB unevictable:1536kB writepending:3840kB present:3129332kB managed:2547524kB mlocked:0kB bounce:0kB free_pcp:14344kB local_pcp:8192kB free_cma:0kB
[ 1068.826616][T17341] lowmem_reserve[]: 0 0 0 0 0
[ 1068.878586][T17341] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB active_anon:8kB inactive_anon:0kB active_file:0kB inactive_file:92kB unevictable:0kB writepending:0kB present:1048580kB managed:108kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB
[ 1068.986709][T17341] lowmem_reserve[]: 0 0 0 0 0
[ 1069.032797][T17341] Node 1 Normal free:3902580kB boost:0kB min:55748kB low:69684kB high:83620kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:488kB local_pcp:0kB free_cma:0kB
[ 1069.112748][T17341] lowmem_reserve[]: 0 0 0 0 0
[ 1069.151715][T17341] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 1069.213708][T17341] Node 0 DMA32: 1219*4kB (UME) 940*8kB (UME) 1342*16kB (UME) 813*32kB (UME) 508*64kB (UME) 144*128kB (UME) 64*256kB (UME) 59*512kB (UM) 41*1024kB (M) 9*2048kB (UM) 197*4096kB (M) = 1024748kB
[ 1069.255665][T17341] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[ 1069.303085][T17341] Node 1 Normal: 161*4kB (UE) 48*8kB (UME) 43*16kB (UME) 226*32kB (UME) 86*64kB (UME) 28*128kB (UME) 14*256kB (UM) 10*512kB (UME) 9*1024kB (UME) 4*2048kB (UE) 942*4096kB (UM) = 3902580kB
[ 1069.365815][T17341] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1069.397045][T17341] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1069.416672][T17341] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1069.459163][T17341] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1069.504383][T17341] 68618 total pagecache pages
[ 1069.529153][T17341] 81 pages in swap cache
[ 1069.533475][T17341] Free swap  = 120256kB
[ 1069.617724][T17341] Total swap = 124996kB
[ 1069.621978][T17341] 2097051 pages RAM
[ 1069.625835][T17341] 0 pages HighMem/MovableOnly
[ 1069.704565][T17341] 428512 pages reserved
[ 1069.755386][T17341] 0 pages cma reserved
[ 1070.009170][T11750] Bluetooth: hci2: unexpected subevent 0x04 length: 122 > 11
[ 1072.672220][T17402] netlink: 54 bytes leftover after parsing attributes in process `syz.0.2199'.
[ 1072.722288][T11750] Bluetooth: hci3: unexpected subevent 0x04 length: 122 > 11
[ 1074.886641][T11750] Bluetooth: hci0: unexpected subevent 0x04 length: 122 > 11
[ 1081.199845][T11750] Bluetooth: hci1: unexpected subevent 0x04 length: 122 > 11
[ 1084.285163][T11750] Bluetooth: hci3: unexpected subevent 0x04 length: 122 > 11
[ 1088.721879][T17606] FAULT_INJECTION: forcing a failure.
[ 1088.721879][T17606] name failslab, interval 1, probability 0, space 0, times 0
[ 1088.734729][T17606] CPU: 1 UID: 0 PID: 17606 Comm: syz.1.2240 Not tainted 6.14.0-rc5-syzkaller-00105-gf315296c92fd #0
[ 1088.734769][T17606] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1088.734789][T17606] Call Trace:
[ 1088.734798][T17606]  <TASK>
[ 1088.734810][T17606]  dump_stack_lvl+0x16c/0x1f0
[ 1088.734861][T17606]  should_fail_ex+0x50a/0x650
[ 1088.734915][T17606]  ? fs_reclaim_acquire+0xae/0x150
[ 1088.734959][T17606]  should_failslab+0xc2/0x120
[ 1088.734988][T17606]  __kmalloc_cache_node_noprof+0x6e/0x420
[ 1088.735046][T17606]  ? __pfx_number+0x10/0x10
[ 1088.735072][T17606]  ? format_decode+0x1ae/0xd40
[ 1088.735101][T17606]  ? __get_vm_area_node+0x101/0x2f0
[ 1088.735148][T17606]  __get_vm_area_node+0x101/0x2f0
[ 1088.735193][T17606]  __vmalloc_node_range_noprof+0x26a/0x1530
[ 1088.735239][T17606]  ? kvm_dev_ioctl+0x151/0x1a90
[ 1088.735298][T17606]  ? __pfx_vsnprintf+0x10/0x10
[ 1088.735337][T17606]  ? kvm_dev_ioctl+0x151/0x1a90
[ 1088.735386][T17606]  ? do_raw_spin_lock+0x12d/0x2c0
[ 1088.735422][T17606]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1088.735468][T17606]  ? __pfx_snprintf+0x10/0x10
[ 1088.735506][T17606]  ? _raw_spin_unlock+0x28/0x50
[ 1088.735553][T17606]  ? alloc_fd+0x41f/0x760
[ 1088.735602][T17606]  ? kvm_dev_ioctl+0x151/0x1a90
[ 1088.735650][T17606]  __vmalloc_noprof+0x6d/0x90
[ 1088.735690][T17606]  ? kvm_dev_ioctl+0x151/0x1a90
[ 1088.735737][T17606]  kvm_dev_ioctl+0x151/0x1a90
[ 1088.735788][T17606]  ? __pfx_lock_release+0x10/0x10
[ 1088.735831][T17606]  ? trace_lock_acquire+0x14e/0x1f0
[ 1088.735872][T17606]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[ 1088.735928][T17606]  ? __fget_files+0x206/0x3a0
[ 1088.735980][T17606]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[ 1088.736033][T17606]  __x64_sys_ioctl+0x190/0x200
[ 1088.736076][T17606]  do_syscall_64+0xcd/0x250
[ 1088.736140][T17606]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1088.736187][T17606] RIP: 0033:0x7efcfa18d169
[ 1088.736212][T17606] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1088.736242][T17606] RSP: 002b:00007efcfaf82038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1088.736272][T17606] RAX: ffffffffffffffda RBX: 00007efcfa3a5fa0 RCX: 00007efcfa18d169
[ 1088.736292][T17606] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000005
[ 1088.736310][T17606] RBP: 00007efcfa20e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 1088.736328][T17606] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1088.736359][T17606] R13: 0000000000000000 R14: 00007efcfa3a5fa0 R15: 00007fff51b90f48
[ 1088.736397][T17606]  </TASK>
[ 1088.736412][T17606] syz.1.2240: vmalloc error: size 39584, vm_struct allocation failed, mode:0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null)
[ 1088.988405][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1089.021261][T17606] ,cpuset=/,mems_allowed=0-1
[ 1089.025996][T17606] CPU: 0 UID: 0 PID: 17606 Comm: syz.1.2240 Not tainted 6.14.0-rc5-syzkaller-00105-gf315296c92fd #0
[ 1089.026037][T17606] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1089.026055][T17606] Call Trace:
[ 1089.026064][T17606]  <TASK>
[ 1089.026074][T17606]  dump_stack_lvl+0x16c/0x1f0
[ 1089.026117][T17606]  warn_alloc+0x24d/0x3a0
[ 1089.026163][T17606]  ? __pfx_warn_alloc+0x10/0x10
[ 1089.026213][T17606]  ? rcu_is_watching+0x12/0xc0
[ 1089.026250][T17606]  ? __kmalloc_cache_node_noprof+0x2ad/0x420
[ 1089.026305][T17606]  ? __kasan_kmalloc+0x8a/0xb0
[ 1089.026355][T17606]  ? __get_vm_area_node+0x1dc/0x2f0
[ 1089.026409][T17606]  __vmalloc_node_range_noprof+0xd24/0x1530
[ 1089.026462][T17606]  ? __pfx_vsnprintf+0x10/0x10
[ 1089.026502][T17606]  ? kvm_dev_ioctl+0x151/0x1a90
[ 1089.026557][T17606]  ? do_raw_spin_lock+0x12d/0x2c0
[ 1089.026591][T17606]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1089.026635][T17606]  ? __pfx_snprintf+0x10/0x10
[ 1089.026676][T17606]  ? _raw_spin_unlock+0x28/0x50
[ 1089.026709][T17606]  ? alloc_fd+0x41f/0x760
[ 1089.026755][T17606]  ? kvm_dev_ioctl+0x151/0x1a90
[ 1089.026823][T17606]  __vmalloc_noprof+0x6d/0x90
[ 1089.026865][T17606]  ? kvm_dev_ioctl+0x151/0x1a90
[ 1089.026915][T17606]  kvm_dev_ioctl+0x151/0x1a90
[ 1089.026966][T17606]  ? __pfx_lock_release+0x10/0x10
[ 1089.027009][T17606]  ? trace_lock_acquire+0x14e/0x1f0
[ 1089.027051][T17606]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[ 1089.027106][T17606]  ? __fget_files+0x206/0x3a0
[ 1089.027159][T17606]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[ 1089.027212][T17606]  __x64_sys_ioctl+0x190/0x200
[ 1089.027252][T17606]  do_syscall_64+0xcd/0x250
[ 1089.027296][T17606]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1089.027339][T17606] RIP: 0033:0x7efcfa18d169
[ 1089.027362][T17606] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1089.027392][T17606] RSP: 002b:00007efcfaf82038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1089.027419][T17606] RAX: ffffffffffffffda RBX: 00007efcfa3a5fa0 RCX: 00007efcfa18d169
[ 1089.027439][T17606] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000005
[ 1089.027457][T17606] RBP: 00007efcfa20e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 1089.027474][T17606] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1089.027493][T17606] R13: 0000000000000000 R14: 00007efcfa3a5fa0 R15: 00007fff51b90f48
[ 1089.027530][T17606]  </TASK>
[ 1089.281780][T17606] Mem-Info:
[ 1089.284987][T17606] active_anon:20114 inactive_anon:2 isolated_anon:0
[ 1089.284987][T17606]  active_file:18245 inactive_file:38971 isolated_file:0
[ 1089.284987][T17606]  unevictable:768 dirty:763 writeback:0
[ 1089.284987][T17606]  slab_reclaimable:17758 slab_unreclaimable:164800
[ 1089.284987][T17606]  mapped:25882 shmem:1418 pagetables:982
[ 1089.284987][T17606]  sec_pagetables:0 bounce:0
[ 1089.284987][T17606]  kernel_misc_reclaimable:0
[ 1089.284987][T17606]  free:1245087 free_pcp:1729 free_cma:0
[ 1089.330359][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1089.373547][T17606] Node 0 active_anon:79164kB inactive_anon:8kB active_file:72924kB inactive_file:155812kB unevictable:1536kB isolated(anon):900kB isolated(file):0kB mapped:103536kB dirty:3064kB writeback:0kB shmem:4132kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:4096kB writeback_tmp:0kB kernel_stack:10564kB pagetables:3868kB sec_pagetables:0kB all_unreclaimable? no
[ 1089.407874][T17606] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:80kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[ 1089.439377][T17606] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1089.466677][T17606] lowmem_reserve[]: 0 2487 2487 0 0
[ 1089.472027][T17606] Node 0 DMA32 free:1058040kB boost:0kB min:34152kB low:42688kB high:51224kB reserved_highatomic:0KB active_anon:79356kB inactive_anon:8kB active_file:72924kB inactive_file:155720kB unevictable:1536kB writepending:3064kB present:3129332kB managed:2547524kB mlocked:0kB bounce:0kB free_pcp:8296kB local_pcp:5312kB free_cma:0kB
[ 1089.608765][T17606] lowmem_reserve[]: 0 0 0 0 0
[ 1089.651950][T17606] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB active_anon:8kB inactive_anon:0kB active_file:0kB inactive_file:92kB unevictable:0kB writepending:0kB present:1048580kB managed:108kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB
[ 1089.980281][T17606] lowmem_reserve[]: 0 0 0 0 0
[ 1089.985145][T17606] Node 1 Normal free:3902580kB boost:0kB min:55748kB low:69684kB high:83620kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:480kB local_pcp:0kB free_cma:0kB
[ 1090.014166][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1090.022053][T17606] lowmem_reserve[]: 0 0 0 0 0
[ 1090.027298][T17606] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 1090.040734][T17606] Node 0 DMA32: 964*4kB (UE) 936*8kB (UME) 1271*16kB (UME) 1010*32kB (UME) 520*64kB (UME) 255*128kB (UME) 120*256kB (UME) 57*512kB (UM) 41*1024kB (M) 12*2048kB (UM) 195*4096kB (M) = 1055104kB
[ 1090.060707][T17606] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[ 1090.072832][T17606] Node 1 Normal: 161*4kB (UE) 48*8kB (UME) 43*16kB (UME) 226*32kB (UME) 86*64kB (UME) 28*128kB (UME) 14*256kB (UM) 10*512kB (UME) 9*1024kB (UME) 4*2048kB (UE) 942*4096kB (UM) = 3902580kB
[ 1090.092154][T17606] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1090.103254][T17606] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1090.113052][T17606] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1090.123085][T17606] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1090.176498][T17606] 59271 total pagecache pages
[ 1090.181380][T17606] 102 pages in swap cache
[ 1090.185756][T17606] Free swap  = 120316kB
[ 1090.256523][T17606] Total swap = 124996kB
[ 1090.260792][T17606] 2097051 pages RAM
[ 1090.264635][T17606] 0 pages HighMem/MovableOnly
[ 1090.304203][T17606] 428512 pages reserved
[ 1090.316475][T17606] 0 pages cma reserved
[ 1090.595450][T11750] Bluetooth: hci3: unexpected subevent 0x04 length: 122 > 11
[ 1091.030521][T11750] Bluetooth: hci0: unexpected subevent 0x04 length: 122 > 11
[ 1094.832697][T11750] Bluetooth: hci1: unexpected subevent 0x04 length: 122 > 11
[ 1094.991236][T17669] FAULT_INJECTION: forcing a failure.
[ 1094.991236][T17669] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1095.036755][T17669] CPU: 1 UID: 0 PID: 17669 Comm: syz.0.2252 Not tainted 6.14.0-rc5-syzkaller-00105-gf315296c92fd #0
[ 1095.036799][T17669] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1095.036819][T17669] Call Trace:
[ 1095.036829][T17669]  <TASK>
[ 1095.036841][T17669]  dump_stack_lvl+0x16c/0x1f0
[ 1095.036892][T17669]  should_fail_ex+0x50a/0x650
[ 1095.036944][T17669]  ? __pfx___might_resched+0x10/0x10
[ 1095.037012][T17669]  should_fail_alloc_page+0xe7/0x130
[ 1095.037054][T17669]  prepare_alloc_pages.constprop.0+0x16f/0x560
[ 1095.037124][T17669]  __alloc_frozen_pages_noprof+0x18e/0x2470
[ 1095.037180][T17669]  ? intel_fbdev_fb_fill_info+0x183/0x900
[ 1095.037241][T17669]  ? hlock_class+0x4e/0x130
[ 1095.037274][T17669]  ? mark_lock+0xb5/0xc60
[ 1095.037317][T17669]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1095.037373][T17669]  ? __pfx_mark_lock+0x10/0x10
[ 1095.037416][T17669]  ? __pfx_lock_release+0x10/0x10
[ 1095.037473][T17669]  ? trace_lock_acquire+0x14e/0x1f0
[ 1095.037513][T17669]  ? is_bpf_text_address+0x30/0x1a0
[ 1095.037555][T17669]  ? bpf_ksym_find+0x124/0x1c0
[ 1095.037588][T17669]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1095.037628][T17669]  ? is_bpf_text_address+0x94/0x1a0
[ 1095.037689][T17669]  ? kernel_text_address+0x8d/0x100
[ 1095.037735][T17669]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1095.037791][T17669]  ? policy_nodemask+0xea/0x4e0
[ 1095.037826][T17669]  alloc_pages_mpol+0x1fc/0x540
[ 1095.037860][T17669]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1095.037895][T17669]  ? __pfx___lock_acquire+0x10/0x10
[ 1095.037945][T17669]  alloc_pages_noprof+0x131/0x390
[ 1095.037977][T17669]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[ 1095.038025][T17669]  get_free_pages_noprof+0xc/0x40
[ 1095.038070][T17669]  kasan_populate_vmalloc_pte+0x2d/0x160
[ 1095.038118][T17669]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[ 1095.038165][T17669]  __apply_to_page_range+0x5fd/0xd30
[ 1095.038213][T17669]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[ 1095.038265][T17669]  ? __pfx___apply_to_page_range+0x10/0x10
[ 1095.038324][T17669]  ? insert_vmap_area+0x2ef/0x4d0
[ 1095.038364][T17669]  alloc_vmap_area+0x93e/0x2a60
[ 1095.038417][T17669]  ? __pfx_alloc_vmap_area+0x10/0x10
[ 1095.038462][T17669]  __get_vm_area_node+0x19e/0x2f0
[ 1095.038510][T17669]  __vmalloc_node_range_noprof+0x26a/0x1530
[ 1095.038555][T17669]  ? kvm_dev_ioctl+0x151/0x1a90
[ 1095.038611][T17669]  ? __pfx_vsnprintf+0x10/0x10
[ 1095.038651][T17669]  ? kvm_dev_ioctl+0x151/0x1a90
[ 1095.038700][T17669]  ? do_raw_spin_lock+0x12d/0x2c0
[ 1095.038733][T17669]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1095.038778][T17669]  ? __pfx_snprintf+0x10/0x10
[ 1095.038818][T17669]  ? _raw_spin_unlock+0x28/0x50
[ 1095.038850][T17669]  ? alloc_fd+0x41f/0x760
[ 1095.038896][T17669]  ? kvm_dev_ioctl+0x151/0x1a90
[ 1095.038944][T17669]  __vmalloc_noprof+0x6d/0x90
[ 1095.038984][T17669]  ? kvm_dev_ioctl+0x151/0x1a90
[ 1095.039033][T17669]  kvm_dev_ioctl+0x151/0x1a90
[ 1095.039095][T17669]  ? __pfx_lock_release+0x10/0x10
[ 1095.039139][T17669]  ? trace_lock_acquire+0x14e/0x1f0
[ 1095.039199][T17669]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[ 1095.039257][T17669]  ? __fget_files+0x206/0x3a0
[ 1095.039309][T17669]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[ 1095.039363][T17669]  __x64_sys_ioctl+0x190/0x200
[ 1095.039404][T17669]  do_syscall_64+0xcd/0x250
[ 1095.039450][T17669]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1095.039499][T17669] RIP: 0033:0x7fbf82d8d169
[ 1095.039523][T17669] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1095.039555][T17669] RSP: 002b:00007fbf83bd7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1095.039586][T17669] RAX: ffffffffffffffda RBX: 00007fbf82fa5fa0 RCX: 00007fbf82d8d169
[ 1095.039607][T17669] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000005
[ 1095.039626][T17669] RBP: 00007fbf82e0e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 1095.039645][T17669] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1095.039663][T17669] R13: 0000000000000000 R14: 00007fbf82fa5fa0 R15: 00007fffa5f973c8
[ 1095.039703][T17669]  </TASK>
[ 1095.439957][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1096.370169][T11750] Bluetooth: hci2: unexpected subevent 0x04 length: 122 > 11
[ 1096.937642][T17697] netlink: 217 bytes leftover after parsing attributes in process `syz.1.2254'.
[ 1097.321036][T11750] Bluetooth: hci1: unexpected subevent 0x04 length: 122 > 11
[ 1102.857198][T17743] netlink: 217 bytes leftover after parsing attributes in process `syz.0.2262'.
[ 1104.080508][T11750] Bluetooth: hci0: unexpected subevent 0x04 length: 122 > 11
[ 1106.866537][T11750] Bluetooth: hci1: unexpected subevent 0x04 length: 122 > 11
[ 1107.048450][T17792] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2271'.
[ 1107.594230][T17802] FAULT_INJECTION: forcing a failure.
[ 1107.594230][T17802] name failslab, interval 1, probability 0, space 0, times 0
[ 1107.643258][T17802] CPU: 1 UID: 0 PID: 17802 Comm: syz.2.2274 Not tainted 6.14.0-rc5-syzkaller-00105-gf315296c92fd #0
[ 1107.643308][T17802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1107.643329][T17802] Call Trace:
[ 1107.643339][T17802]  <TASK>
[ 1107.643353][T17802]  dump_stack_lvl+0x16c/0x1f0
[ 1107.643415][T17802]  should_fail_ex+0x50a/0x650
[ 1107.643470][T17802]  ? fs_reclaim_acquire+0xae/0x150
[ 1107.643516][T17802]  should_failslab+0xc2/0x120
[ 1107.643549][T17802]  __kmalloc_cache_node_noprof+0x6e/0x420
[ 1107.643599][T17802]  ? __pfx_number+0x10/0x10
[ 1107.643626][T17802]  ? format_decode+0x1ae/0xd40
[ 1107.643657][T17802]  ? __get_vm_area_node+0x101/0x2f0
[ 1107.643706][T17802]  __get_vm_area_node+0x101/0x2f0
[ 1107.643755][T17802]  __vmalloc_node_range_noprof+0x26a/0x1530
[ 1107.643803][T17802]  ? kvm_dev_ioctl+0x151/0x1a90
[ 1107.643865][T17802]  ? __pfx_vsnprintf+0x10/0x10
[ 1107.643905][T17802]  ? kvm_dev_ioctl+0x151/0x1a90
[ 1107.643959][T17802]  ? do_raw_spin_lock+0x12d/0x2c0
[ 1107.643996][T17802]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1107.644043][T17802]  ? __pfx_snprintf+0x10/0x10
[ 1107.644087][T17802]  ? _raw_spin_unlock+0x28/0x50
[ 1107.644122][T17802]  ? alloc_fd+0x41f/0x760
[ 1107.644171][T17802]  ? kvm_dev_ioctl+0x151/0x1a90
[ 1107.644223][T17802]  __vmalloc_noprof+0x6d/0x90
[ 1107.644268][T17802]  ? kvm_dev_ioctl+0x151/0x1a90
[ 1107.644320][T17802]  kvm_dev_ioctl+0x151/0x1a90
[ 1107.644376][T17802]  ? __pfx_lock_release+0x10/0x10
[ 1107.644436][T17802]  ? trace_lock_acquire+0x14e/0x1f0
[ 1107.644480][T17802]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[ 1107.644539][T17802]  ? __fget_files+0x206/0x3a0
[ 1107.644591][T17802]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[ 1107.644646][T17802]  __x64_sys_ioctl+0x190/0x200
[ 1107.644688][T17802]  do_syscall_64+0xcd/0x250
[ 1107.644737][T17802]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1107.644784][T17802] RIP: 0033:0x7f6ac4d8d169
[ 1107.644810][T17802] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1107.644843][T17802] RSP: 002b:00007f6ac5c09038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1107.644875][T17802] RAX: ffffffffffffffda RBX: 00007f6ac4fa5fa0 RCX: 00007f6ac4d8d169
[ 1107.644896][T17802] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000005
[ 1107.644916][T17802] RBP: 00007f6ac4e0e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 1107.644936][T17802] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1107.644954][T17802] R13: 0000000000000000 R14: 00007f6ac4fa5fa0 R15: 00007ffcc748f548
[ 1107.644992][T17802]  </TASK>
[ 1107.645007][T17802] warn_alloc: 1 callbacks suppressed
[ 1107.645023][T17802] syz.2.2274: vmalloc error: size 39584, vm_struct allocation failed, mode:0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1108.066516][T17802] CPU: 1 UID: 0 PID: 17802 Comm: syz.2.2274 Not tainted 6.14.0-rc5-syzkaller-00105-gf315296c92fd #0
[ 1108.066560][T17802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1108.066579][T17802] Call Trace:
[ 1108.066589][T17802]  <TASK>
[ 1108.066601][T17802]  dump_stack_lvl+0x16c/0x1f0
[ 1108.066651][T17802]  warn_alloc+0x24d/0x3a0
[ 1108.066706][T17802]  ? __pfx_warn_alloc+0x10/0x10
[ 1108.066756][T17802]  ? rcu_is_watching+0x12/0xc0
[ 1108.066793][T17802]  ? __kmalloc_cache_node_noprof+0x2ad/0x420
[ 1108.066849][T17802]  ? __kasan_kmalloc+0x8a/0xb0
[ 1108.066899][T17802]  ? __get_vm_area_node+0x1dc/0x2f0
[ 1108.066952][T17802]  __vmalloc_node_range_noprof+0xd24/0x1530
[ 1108.067010][T17802]  ? __pfx_vsnprintf+0x10/0x10
[ 1108.067050][T17802]  ? kvm_dev_ioctl+0x151/0x1a90
[ 1108.067105][T17802]  ? do_raw_spin_lock+0x12d/0x2c0
[ 1108.067142][T17802]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1108.067190][T17802]  ? __pfx_snprintf+0x10/0x10
[ 1108.067234][T17802]  ? _raw_spin_unlock+0x28/0x50
[ 1108.067269][T17802]  ? alloc_fd+0x41f/0x760
[ 1108.067325][T17802]  ? kvm_dev_ioctl+0x151/0x1a90
[ 1108.067379][T17802]  __vmalloc_noprof+0x6d/0x90
[ 1108.067424][T17802]  ? kvm_dev_ioctl+0x151/0x1a90
[ 1108.067477][T17802]  kvm_dev_ioctl+0x151/0x1a90
[ 1108.067532][T17802]  ? __pfx_lock_release+0x10/0x10
[ 1108.067578][T17802]  ? trace_lock_acquire+0x14e/0x1f0
[ 1108.067621][T17802]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[ 1108.067681][T17802]  ? __fget_files+0x206/0x3a0
[ 1108.067735][T17802]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[ 1108.067791][T17802]  __x64_sys_ioctl+0x190/0x200
[ 1108.067835][T17802]  do_syscall_64+0xcd/0x250
[ 1108.067882][T17802]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1108.067929][T17802] RIP: 0033:0x7f6ac4d8d169
[ 1108.067955][T17802] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1108.067987][T17802] RSP: 002b:00007f6ac5c09038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1108.068019][T17802] RAX: ffffffffffffffda RBX: 00007f6ac4fa5fa0 RCX: 00007f6ac4d8d169
[ 1108.068041][T17802] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000005
[ 1108.068061][T17802] RBP: 00007f6ac4e0e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 1108.068081][T17802] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1108.068101][T17802] R13: 0000000000000000 R14: 00007f6ac4fa5fa0 R15: 00007ffcc748f548
[ 1108.068141][T17802]  </TASK>
[ 1108.068152][T17802] Mem-Info:
[ 1108.328875][T11750] Bluetooth: hci3: unexpected subevent 0x04 length: 122 > 11
[ 1108.336528][T17802] active_anon:38779 inactive_anon:2 isolated_anon:0
[ 1108.336528][T17802]  active_file:18259 inactive_file:38979 isolated_file:0
[ 1108.336528][T17802]  unevictable:768 dirty:479 writeback:0
[ 1108.336528][T17802]  slab_reclaimable:17884 slab_unreclaimable:165011
[ 1108.336528][T17802]  mapped:25915 shmem:19597 pagetables:970
[ 1108.336528][T17802]  sec_pagetables:0 bounce:0
[ 1108.336528][T17802]  kernel_misc_reclaimable:0
[ 1108.336528][T17802]  free:1221783 free_pcp:5514 free_cma:0
[ 1108.381946][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1108.462912][T17802] Node 0 active_anon:153224kB inactive_anon:8kB active_file:73036kB inactive_file:155844kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:103660kB dirty:1916kB writeback:0kB shmem:74852kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:4096kB writeback_tmp:0kB kernel_stack:10728kB pagetables:3880kB sec_pagetables:0kB all_unreclaimable? no
[ 1108.496040][T17802] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:80kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[ 1108.530237][T17802] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1108.621956][T17802] lowmem_reserve[]: 0 2487 2487 0 0
[ 1108.627941][T17802] Node 0 DMA32 free:976504kB boost:0kB min:34152kB low:42688kB high:51224kB reserved_highatomic:0KB active_anon:143416kB inactive_anon:8kB active_file:73836kB inactive_file:155752kB unevictable:1536kB writepending:1916kB present:3129332kB managed:2547524kB mlocked:0kB bounce:0kB free_pcp:24504kB local_pcp:21232kB free_cma:0kB
[ 1108.660057][T17802] lowmem_reserve[]: 0 0 0 0 0
[ 1108.664892][T17802] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB active_anon:8kB inactive_anon:0kB active_file:0kB inactive_file:92kB unevictable:0kB writepending:0kB present:1048580kB managed:108kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB
[ 1108.691836][T17802] lowmem_reserve[]: 0 0 0 0 0
[ 1108.696773][T17802] Node 1 Normal free:3902580kB boost:0kB min:55748kB low:69684kB high:83620kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:480kB local_pcp:0kB free_cma:0kB
[ 1108.725839][T17802] lowmem_reserve[]: 0 0 0 0 0
[ 1108.730778][T17802] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 1108.745849][T17802] Node 0 DMA32: 1048*4kB (UME) 677*8kB (UME) 633*16kB (UME) 263*32kB (UME) 470*64kB (UME) 268*128kB (UME) 41*256kB (UME) 32*512kB (UM) 43*1024kB (M) 7*2048kB (UM) 195*4096kB (M) = 976504kB
[ 1108.791846][T17802] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[ 1108.882585][T17802] Node 1 Normal: 161*4kB (UE) 48*8kB (UME) 43*16kB (UME) 226*32kB (UME) 86*64kB (UME) 28*128kB (UME) 14*256kB (UM) 10*512kB (UME) 9*1024kB (UME) 4*2048kB (UE) 942*4096kB (UM) = 3902580kB
[ 1108.940132][T17802] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1108.950028][T17802] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1108.976052][T17802] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1109.019211][T17802] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1109.028935][T17802] 70956 total pagecache pages
[ 1109.033739][T17802] 46 pages in swap cache
[ 1109.038923][T17802] Free swap  = 120360kB
[ 1109.044171][T17802] Total swap = 124996kB
[ 1109.048536][T17802] 2097051 pages RAM
[ 1109.052506][T17802] 0 pages HighMem/MovableOnly
[ 1109.057318][T17802] 428512 pages reserved
[ 1109.061528][T17802] 0 pages cma reserved
[ 1109.303629][T11750] Bluetooth: hci1: unexpected subevent 0x04 length: 122 > 11
[ 1110.512946][T11750] Bluetooth: hci2: unexpected subevent 0x04 length: 122 > 11
[ 1111.986816][T17836] netlink: 217 bytes leftover after parsing attributes in process `syz.1.2281'.
[ 1114.520622][T11750] Bluetooth: hci0: unexpected subevent 0x04 length: 122 > 11
[ 1117.269493][T11750] Bluetooth: hci0: unexpected subevent 0x04 length: 122 > 11
[ 1121.361862][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[ 1121.369857][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[ 1122.498001][T11750] Bluetooth: hci3: unexpected subevent 0x04 length: 122 > 11
[ 1124.734101][T11750] Bluetooth: hci3: unexpected subevent 0x04 length: 122 > 11
[ 1128.612626][T11750] Bluetooth: hci1: unexpected subevent 0x04 length: 122 > 11
[ 1131.230258][T11750] Bluetooth: hci0: unexpected subevent 0x04 length: 122 > 11
[ 1133.397118][T11750] Bluetooth: hci2: unexpected subevent 0x04 length: 122 > 11
[ 1133.430360][T18028] FAULT_INJECTION: forcing a failure.
[ 1133.430360][T18028] name failslab, interval 1, probability 0, space 0, times 0
[ 1133.475583][T18028] CPU: 0 UID: 0 PID: 18028 Comm: syz.2.2313 Not tainted 6.14.0-rc5-syzkaller-00105-gf315296c92fd #0
[ 1133.475629][T18028] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1133.475651][T18028] Call Trace:
[ 1133.475661][T18028]  <TASK>
[ 1133.475674][T18028]  dump_stack_lvl+0x16c/0x1f0
[ 1133.475727][T18028]  should_fail_ex+0x50a/0x650
[ 1133.475781][T18028]  ? fs_reclaim_acquire+0xae/0x150
[ 1133.475830][T18028]  should_failslab+0xc2/0x120
[ 1133.475862][T18028]  __kmalloc_node_noprof+0xd1/0x510
[ 1133.475917][T18028]  ? __vmalloc_node_range_noprof+0x3d8/0x1530
[ 1133.475972][T18028]  __vmalloc_node_range_noprof+0x3d8/0x1530
[ 1133.476031][T18028]  ? kvm_dev_ioctl+0x151/0x1a90
[ 1133.476086][T18028]  ? do_raw_spin_lock+0x12d/0x2c0
[ 1133.476122][T18028]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1133.476172][T18028]  ? __pfx_snprintf+0x10/0x10
[ 1133.476217][T18028]  ? _raw_spin_unlock+0x28/0x50
[ 1133.476253][T18028]  ? alloc_fd+0x41f/0x760
[ 1133.476313][T18028]  ? kvm_dev_ioctl+0x151/0x1a90
[ 1133.476374][T18028]  __vmalloc_noprof+0x6d/0x90
[ 1133.476415][T18028]  ? kvm_dev_ioctl+0x151/0x1a90
[ 1133.476468][T18028]  kvm_dev_ioctl+0x151/0x1a90
[ 1133.476524][T18028]  ? __pfx_lock_release+0x10/0x10
[ 1133.476571][T18028]  ? trace_lock_acquire+0x14e/0x1f0
[ 1133.476615][T18028]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[ 1133.476674][T18028]  ? __fget_files+0x206/0x3a0
[ 1133.476728][T18028]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[ 1133.476785][T18028]  __x64_sys_ioctl+0x190/0x200
[ 1133.476830][T18028]  do_syscall_64+0xcd/0x250
[ 1133.476879][T18028]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1133.476927][T18028] RIP: 0033:0x7f6ac4d8d169
[ 1133.476954][T18028] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1133.476986][T18028] RSP: 002b:00007f6ac5c09038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1133.477019][T18028] RAX: ffffffffffffffda RBX: 00007f6ac4fa5fa0 RCX: 00007f6ac4d8d169
[ 1133.477041][T18028] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000005
[ 1133.477060][T18028] RBP: 00007f6ac4e0e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 1133.477081][T18028] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1133.477100][T18028] R13: 0000000000000000 R14: 00007f6ac4fa5fa0 R15: 00007ffcc748f548
[ 1133.477141][T18028]  </TASK>
[ 1133.707407][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1133.837463][T18028] syz.2.2313: vmalloc error: size 40960, failed to allocated page array size 80, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1133.975538][T18028] CPU: 1 UID: 0 PID: 18028 Comm: syz.2.2313 Not tainted 6.14.0-rc5-syzkaller-00105-gf315296c92fd #0
[ 1133.975590][T18028] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1133.975611][T18028] Call Trace:
[ 1133.975622][T18028]  <TASK>
[ 1133.975635][T18028]  dump_stack_lvl+0x16c/0x1f0
[ 1133.975689][T18028]  warn_alloc+0x24d/0x3a0
[ 1133.975746][T18028]  ? __pfx_warn_alloc+0x10/0x10
[ 1133.975810][T18028]  ? rcu_is_watching+0x12/0xc0
[ 1133.975847][T18028]  ? trace_kmalloc+0x2d/0xd0
[ 1133.975883][T18028]  ? __kmalloc_node_noprof+0x23d/0x510
[ 1133.975946][T18028]  __vmalloc_node_range_noprof+0x1102/0x1530
[ 1133.976007][T18028]  ? kvm_dev_ioctl+0x151/0x1a90
[ 1133.976062][T18028]  ? do_raw_spin_lock+0x12d/0x2c0
[ 1133.976099][T18028]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1133.976148][T18028]  ? __pfx_snprintf+0x10/0x10
[ 1133.976192][T18028]  ? _raw_spin_unlock+0x28/0x50
[ 1133.976229][T18028]  ? alloc_fd+0x41f/0x760
[ 1133.976279][T18028]  ? kvm_dev_ioctl+0x151/0x1a90
[ 1133.976349][T18028]  __vmalloc_noprof+0x6d/0x90
[ 1133.976395][T18028]  ? kvm_dev_ioctl+0x151/0x1a90
[ 1133.976445][T18028]  kvm_dev_ioctl+0x151/0x1a90
[ 1133.976496][T18028]  ? __pfx_lock_release+0x10/0x10
[ 1133.976539][T18028]  ? trace_lock_acquire+0x14e/0x1f0
[ 1133.976580][T18028]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[ 1133.976635][T18028]  ? __fget_files+0x206/0x3a0
[ 1133.976683][T18028]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[ 1133.976735][T18028]  __x64_sys_ioctl+0x190/0x200
[ 1133.976775][T18028]  do_syscall_64+0xcd/0x250
[ 1133.976821][T18028]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1133.976867][T18028] RIP: 0033:0x7f6ac4d8d169
[ 1133.976891][T18028] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1133.976922][T18028] RSP: 002b:00007f6ac5c09038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1133.976954][T18028] RAX: ffffffffffffffda RBX: 00007f6ac4fa5fa0 RCX: 00007f6ac4d8d169
[ 1133.976975][T18028] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000005
[ 1133.976993][T18028] RBP: 00007f6ac4e0e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 1133.977013][T18028] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1133.977032][T18028] R13: 0000000000000000 R14: 00007f6ac4fa5fa0 R15: 00007ffcc748f548
[ 1133.977068][T18028]  </TASK>
[ 1134.351887][T18028] Mem-Info:
[ 1134.362002][T18028] active_anon:57758 inactive_anon:2 isolated_anon:0
[ 1134.362002][T18028]  active_file:18325 inactive_file:38989 isolated_file:0
[ 1134.362002][T18028]  unevictable:768 dirty:764 writeback:0
[ 1134.362002][T18028]  slab_reclaimable:18878 slab_unreclaimable:164694
[ 1134.362002][T18028]  mapped:34906 shmem:36450 pagetables:1115
[ 1134.362002][T18028]  sec_pagetables:0 bounce:0
[ 1134.362002][T18028]  kernel_misc_reclaimable:0
[ 1134.362002][T18028]  free:1205699 free_pcp:1453 free_cma:0
[ 1134.407895][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1134.500227][T18028] Node 0 active_anon:237952kB inactive_anon:8kB active_file:74108kB inactive_file:155884kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:138956kB dirty:3140kB writeback:0kB shmem:151216kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:6144kB writeback_tmp:0kB kernel_stack:10788kB pagetables:4460kB sec_pagetables:0kB all_unreclaimable? no
[ 1134.534465][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1134.556752][T18028] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:80kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[ 1134.677675][T18028] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1134.731052][T11750] Bluetooth: hci1: unexpected subevent 0x04 length: 122 > 11
[ 1134.759563][T18028] lowmem_reserve[]: 0 2487 2487 0 0
[ 1134.764969][T18028] Node 0 DMA32 free:884016kB boost:0kB min:34152kB low:42688kB high:51224kB reserved_highatomic:0KB active_anon:240544kB inactive_anon:8kB active_file:76008kB inactive_file:155792kB unevictable:1536kB writepending:3140kB present:3129332kB managed:2547524kB mlocked:0kB bounce:0kB free_pcp:9792kB local_pcp:5764kB free_cma:0kB
[ 1134.816843][T18028] lowmem_reserve[]: 0 0 0 0 0
[ 1134.821812][T18028] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB active_anon:8kB inactive_anon:0kB active_file:0kB inactive_file:92kB unevictable:0kB writepending:0kB present:1048580kB managed:108kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB
[ 1134.962474][T18028] lowmem_reserve[]: 0 0 0 0 0
[ 1135.006825][T18028] Node 1 Normal free:3902576kB boost:0kB min:55748kB low:69684kB high:83620kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:480kB local_pcp:0kB free_cma:0kB
[ 1135.220555][T18028] lowmem_reserve[]: 0 0 0 0 0
[ 1135.241932][T18028] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 1135.295515][T18028] Node 0 DMA32: 60*4kB (ME) 3*8kB (ME) 104*16kB (UME) 141*32kB (UE) 77*64kB (UME) 9*128kB (UE) 77*256kB (UM) 45*512kB (ME) 41*1024kB (UM) 1*2048kB (M) 189*4096kB (M) = 873448kB
[ 1135.390084][T18028] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[ 1135.470042][T18028] Node 1 Normal: 160*4kB (UE) 48*8kB (UME) 43*16kB (UME) 226*32kB (UME) 86*64kB (UME) 28*128kB (UME) 14*256kB (UM) 10*512kB (UME) 9*1024kB (UME) 4*2048kB (UE) 942*4096kB (UM) = 3902576kB
[ 1135.534215][T18028] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1135.568205][T18028] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1135.593357][T18028] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1135.628632][T18028] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1135.656562][T18028] 101248 total pagecache pages
[ 1135.672712][T18028] 128 pages in swap cache
[ 1135.686477][T18028] Free swap  = 120148kB
[ 1135.696860][T18028] Total swap = 124996kB
[ 1135.706820][T18028] 2097051 pages RAM
[ 1135.710912][T18028] 0 pages HighMem/MovableOnly
[ 1135.749654][T18028] 428512 pages reserved
[ 1135.761582][T18028] 0 pages cma reserved
[ 1139.909353][T11750] Bluetooth: hci1: unexpected subevent 0x04 length: 122 > 11
[ 1144.248439][T18113] FAULT_INJECTION: forcing a failure.
[ 1144.248439][T18113] name failslab, interval 1, probability 0, space 0, times 0
[ 1144.332062][T18113] CPU: 0 UID: 0 PID: 18113 Comm: syz.2.2328 Not tainted 6.14.0-rc5-syzkaller-00105-gf315296c92fd #0
[ 1144.332109][T18113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1144.332128][T18113] Call Trace:
[ 1144.332138][T18113]  <TASK>
[ 1144.332151][T18113]  dump_stack_lvl+0x16c/0x1f0
[ 1144.332220][T18113]  should_fail_ex+0x50a/0x650
[ 1144.332280][T18113]  should_failslab+0xc2/0x120
[ 1144.332315][T18113]  __kmalloc_cache_node_noprof+0x6e/0x420
[ 1144.332370][T18113]  ? __pfx_number+0x10/0x10
[ 1144.332397][T18113]  ? format_decode+0x1ae/0xd40
[ 1144.332429][T18113]  ? __get_vm_area_node+0x101/0x2f0
[ 1144.332480][T18113]  __get_vm_area_node+0x101/0x2f0
[ 1144.332530][T18113]  __vmalloc_node_range_noprof+0x26a/0x1530
[ 1144.332584][T18113]  ? kvm_dev_ioctl+0x151/0x1a90
[ 1144.332646][T18113]  ? __pfx_vsnprintf+0x10/0x10
[ 1144.332689][T18113]  ? kvm_dev_ioctl+0x151/0x1a90
[ 1144.332743][T18113]  ? do_raw_spin_lock+0x12d/0x2c0
[ 1144.332780][T18113]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1144.332826][T18113]  ? __pfx_snprintf+0x10/0x10
[ 1144.332869][T18113]  ? _raw_spin_unlock+0x28/0x50
[ 1144.332905][T18113]  ? alloc_fd+0x41f/0x760
[ 1144.332954][T18113]  ? kvm_dev_ioctl+0x151/0x1a90
[ 1144.333008][T18113]  __vmalloc_noprof+0x6d/0x90
[ 1144.333055][T18113]  ? kvm_dev_ioctl+0x151/0x1a90
[ 1144.333108][T18113]  kvm_dev_ioctl+0x151/0x1a90
[ 1144.333163][T18113]  ? __pfx_lock_release+0x10/0x10
[ 1144.333218][T18113]  ? trace_lock_acquire+0x14e/0x1f0
[ 1144.333263][T18113]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[ 1144.333323][T18113]  ? __fget_files+0x206/0x3a0
[ 1144.333378][T18113]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[ 1144.333435][T18113]  __x64_sys_ioctl+0x190/0x200
[ 1144.333479][T18113]  do_syscall_64+0xcd/0x250
[ 1144.333528][T18113]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1144.333577][T18113] RIP: 0033:0x7f6ac4d8d169
[ 1144.333603][T18113] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1144.333636][T18113] RSP: 002b:00007f6ac5c09038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1144.333670][T18113] RAX: ffffffffffffffda RBX: 00007f6ac4fa5fa0 RCX: 00007f6ac4d8d169
[ 1144.333691][T18113] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000005
[ 1144.333712][T18113] RBP: 00007f6ac4e0e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 1144.333732][T18113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1144.333752][T18113] R13: 0000000000000000 R14: 00007f6ac4fa5fa0 R15: 00007ffcc748f548
[ 1144.333792][T18113]  </TASK>
[ 1144.333807][T18113] syz.2.2328: vmalloc error: size 39584, vm_struct allocation failed, mode:0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1144.633660][T18113] CPU: 0 UID: 0 PID: 18113 Comm: syz.2.2328 Not tainted 6.14.0-rc5-syzkaller-00105-gf315296c92fd #0
[ 1144.633707][T18113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1144.633727][T18113] Call Trace:
[ 1144.633739][T18113]  <TASK>
[ 1144.633752][T18113]  dump_stack_lvl+0x16c/0x1f0
[ 1144.633798][T18113]  warn_alloc+0x24d/0x3a0
[ 1144.633846][T18113]  ? __pfx_warn_alloc+0x10/0x10
[ 1144.633890][T18113]  ? rcu_is_watching+0x12/0xc0
[ 1144.633922][T18113]  ? __kmalloc_cache_node_noprof+0x2ad/0x420
[ 1144.633972][T18113]  ? __kasan_kmalloc+0x8a/0xb0
[ 1144.634015][T18113]  ? __get_vm_area_node+0x1dc/0x2f0
[ 1144.634059][T18113]  __vmalloc_node_range_noprof+0xd24/0x1530
[ 1144.634187][T18113]  ? __pfx_vsnprintf+0x10/0x10
[ 1144.634230][T18113]  ? kvm_dev_ioctl+0x151/0x1a90
[ 1144.634281][T18113]  ? do_raw_spin_lock+0x12d/0x2c0
[ 1144.634316][T18113]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1144.634359][T18113]  ? __pfx_snprintf+0x10/0x10
[ 1144.634398][T18113]  ? _raw_spin_unlock+0x28/0x50
[ 1144.634441][T18113]  ? alloc_fd+0x41f/0x760
[ 1144.634485][T18113]  ? kvm_dev_ioctl+0x151/0x1a90
[ 1144.634531][T18113]  __vmalloc_noprof+0x6d/0x90
[ 1144.634573][T18113]  ? kvm_dev_ioctl+0x151/0x1a90
[ 1144.634622][T18113]  kvm_dev_ioctl+0x151/0x1a90
[ 1144.634675][T18113]  ? __pfx_lock_release+0x10/0x10
[ 1144.634717][T18113]  ? trace_lock_acquire+0x14e/0x1f0
[ 1144.634756][T18113]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[ 1144.634808][T18113]  ? __fget_files+0x206/0x3a0
[ 1144.634854][T18113]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[ 1144.634905][T18113]  __x64_sys_ioctl+0x190/0x200
[ 1144.634953][T18113]  do_syscall_64+0xcd/0x250
[ 1144.634997][T18113]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1144.635039][T18113] RIP: 0033:0x7f6ac4d8d169
[ 1144.635063][T18113] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1144.635093][T18113] RSP: 002b:00007f6ac5c09038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1144.635123][T18113] RAX: ffffffffffffffda RBX: 00007f6ac4fa5fa0 RCX: 00007f6ac4d8d169
[ 1144.635144][T18113] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000005
[ 1144.635165][T18113] RBP: 00007f6ac4e0e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 1144.635183][T18113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1144.635201][T18113] R13: 0000000000000000 R14: 00007f6ac4fa5fa0 R15: 00007ffcc748f548
[ 1144.635238][T18113]  </TASK>
[ 1144.635249][T18113] Mem-Info:
[ 1145.147992][T18113] active_anon:32623 inactive_anon:2 isolated_anon:0
[ 1145.147992][T18113]  active_file:18245 inactive_file:38993 isolated_file:0
[ 1145.147992][T18113]  unevictable:768 dirty:595 writeback:0
[ 1145.147992][T18113]  slab_reclaimable:18796 slab_unreclaimable:165352
[ 1145.147992][T18113]  mapped:29394 shmem:12388 pagetables:981
[ 1145.147992][T18113]  sec_pagetables:0 bounce:0
[ 1145.147992][T18113]  kernel_misc_reclaimable:0
[ 1145.147992][T18113]  free:1228034 free_pcp:2873 free_cma:0
[ 1145.607463][T18113] Node 0 active_anon:134436kB inactive_anon:8kB active_file:72980kB inactive_file:155900kB unevictable:1536kB isolated(anon):780kB isolated(file):0kB mapped:118412kB dirty:2492kB writeback:0kB shmem:49668kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:10240kB writeback_tmp:0kB kernel_stack:10764kB pagetables:4220kB sec_pagetables:0kB all_unreclaimable? no
[ 1145.842875][T18113] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:80kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[ 1146.018207][T18113] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1146.095081][T18113] lowmem_reserve[]: 0 2487 2487 0 0
[ 1146.107018][T18113] Node 0 DMA32 free:989772kB boost:0kB min:34152kB low:42688kB high:51224kB reserved_highatomic:0KB active_anon:144500kB inactive_anon:8kB active_file:72980kB inactive_file:155808kB unevictable:1536kB writepending:2492kB present:3129332kB managed:2547524kB mlocked:0kB bounce:0kB free_pcp:6032kB local_pcp:5852kB free_cma:0kB
[ 1146.186689][T18113] lowmem_reserve[]: 0 0 0 0 0
[ 1146.205257][T18113] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB active_anon:8kB inactive_anon:0kB active_file:0kB inactive_file:92kB unevictable:0kB writepending:0kB present:1048580kB managed:108kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB
[ 1146.340889][T18113] lowmem_reserve[]: 0 0 0 0 0
[ 1146.346311][T18113] Node 1 Normal free:3902576kB boost:0kB min:55748kB low:69684kB high:83620kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:480kB local_pcp:0kB free_cma:0kB
[ 1146.377295][T18113] lowmem_reserve[]: 0 0 0 0 0
[ 1146.383187][T18113] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 1146.400552][T18113] Node 0 DMA32: 427*4kB (UME) 256*8kB (UE) 745*16kB (UME) 641*32kB (UME) 414*64kB (UME) 313*128kB (UME) 155*256kB (UME) 61*512kB (ME) 42*1024kB (M) 1*2048kB (M) 188*4096kB (M) = 988764kB
[ 1146.422280][T18113] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[ 1146.435769][T18113] Node 1 Normal: 160*4kB (UE) 48*8kB (UME) 43*16kB (UME) 226*32kB (UME) 86*64kB (UME) 28*128kB (UME) 14*256kB (UM) 10*512kB (UME) 9*1024kB (UME) 4*2048kB (UE) 942*4096kB (UM) = 3902576kB
[ 1146.463285][T18113] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1146.536517][T18113] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1146.573721][T18113] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1146.573754][T18113] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1146.573779][T18113] 74952 total pagecache pages
[ 1146.573791][T18113] 127 pages in swap cache
[ 1146.573803][T18113] Free swap  = 120340kB
[ 1146.573817][T18113] Total swap = 124996kB
[ 1146.573833][T18113] 2097051 pages RAM
[ 1146.573845][T18113] 0 pages HighMem/MovableOnly
[ 1146.573856][T18113] 428512 pages reserved
[ 1146.573866][T18113] 0 pages cma reserved
[ 1146.643040][T18142] cougar: G6 mapped to space
[ 1147.363664][T11750] Bluetooth: hci1: unexpected subevent 0x04 length: 122 > 11
[ 1148.105435][T11750] Bluetooth: hci0: unexpected subevent 0x04 length: 122 > 11
[ 1150.821366][T11750] Bluetooth: hci1: unexpected subevent 0x04 length: 122 > 11
[ 1151.255267][T11750] Bluetooth: hci3: unexpected subevent 0x04 length: 122 > 11
[ 1157.937537][T18230] cougar: G6 mapped to space
[ 1158.697702][T11750] Bluetooth: hci3: unexpected subevent 0x04 length: 122 > 11
[ 1161.290276][   T54] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1161.302284][   T54] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1161.313460][   T54] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1161.322845][   T54] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1161.331206][   T54] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 1161.340214][   T54] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1161.434531][T18251] ------------[ cut here ]------------
[ 1161.441330][T18251] ODEBUG: free active (active state 0) object: ffff88807a52d248 object type: timer_list hint: hci_devcd_timeout+0x0/0x2f0
[ 1161.497602][T18251] WARNING: CPU: 1 PID: 18251 at lib/debugobjects.c:612 debug_print_object+0x1a2/0x2b0
[ 1161.507443][T18251] Modules linked in:
[ 1161.511408][T18251] CPU: 1 UID: 0 PID: 18251 Comm: syz.2.2345 Not tainted 6.14.0-rc5-syzkaller-00105-gf315296c92fd #0
[ 1161.522879][T18251] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1161.533948][T18251] RIP: 0010:debug_print_object+0x1a2/0x2b0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1161.539918][T18251] Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 54 48 8b 14 dd 80 68 d3 8b 41 56 4c 89 e6 48 c7 c7 00 5d d3 8b e8 ff 63 b2 fc 90 <0f> 0b 90 90 58 83 05 86 f8 9a 0b 01 48 83 c4 18 5b 5d 41 5c 41 5d
[ 1161.559908][T18251] RSP: 0018:ffffc9000b777798 EFLAGS: 00010286
[ 1161.566487][T18251] RAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffffff817a2229
[ 1161.575262][T18251] RDX: ffff88801eba0000 RSI: ffffffff817a2236 RDI: 0000000000000001
[ 1161.584159][T18251] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000
[ 1161.592288][T18251] R10: 0000000000000001 R11: 0000000000000001 R12: ffffffff8bd363a0
[ 1161.600426][T18251] R13: ffffffff8b6fb900 R14: ffffffff8a5f7bf0 R15: ffffc9000b7778a8
[ 1161.608583][T18251] FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[ 1161.617786][T18251] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1161.624435][T18251] CR2: 00007f796a010218 CR3: 000000000df80000 CR4: 00000000003526f0
[ 1161.632626][T18251] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1161.640726][T18251] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1161.649011][T18251] Call Trace:
[ 1161.652378][T18251]  <TASK>
[ 1161.655363][T18251]  ? __warn+0xea/0x3c0
[ 1161.659627][T18251]  ? preempt_schedule_notrace+0x62/0xe0
[ 1161.665279][T18251]  ? debug_print_object+0x1a2/0x2b0
[ 1161.670631][T18251]  ? report_bug+0x3c0/0x580
[ 1161.675787][T18251]  ? handle_bug+0x54/0xa0
[ 1161.680883][T18251]  ? exc_invalid_op+0x17/0x50
[ 1161.685668][T18251]  ? asm_exc_invalid_op+0x1a/0x20
[ 1161.691018][T18251]  ? __pfx_hci_devcd_timeout+0x10/0x10
[ 1161.697194][T18251]  ? __warn_printk+0x199/0x350
[ 1161.702034][T18251]  ? __warn_printk+0x1a6/0x350
[ 1161.707034][T18251]  ? debug_print_object+0x1a2/0x2b0
[ 1161.712340][T18251]  ? debug_print_object+0x1a1/0x2b0
[ 1161.717659][T18251]  ? __pfx_hci_devcd_timeout+0x10/0x10
[ 1161.723200][T18251]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 1161.729159][T18251]  debug_check_no_obj_freed+0x4b7/0x600
[ 1161.734797][T18251]  ? __pfx_debug_check_no_obj_freed+0x10/0x10
[ 1161.741185][T18251]  ? kmem_cache_free+0x2e2/0x4d0
[ 1161.746251][T18251]  ? kfree_skbmem+0x1a4/0x1f0
[ 1161.751338][T18251]  kfree+0x29f/0x4d0
[ 1161.755307][T18251]  ? hci_release_dev+0x4d9/0x600
[ 1161.760759][T18251]  hci_release_dev+0x4d9/0x600
[ 1161.766040][T18251]  ? __pfx_hci_release_dev+0x10/0x10
[ 1161.771908][T18251]  ? rcu_is_watching+0x12/0xc0
[ 1161.777785][T18251]  ? kfree+0x260/0x4d0
[ 1161.782752][T18251]  bt_host_release+0x6a/0xb0
[ 1161.787678][T18251]  ? __pfx_bt_host_release+0x10/0x10
[ 1161.793252][T18251]  device_release+0xa1/0x240
[ 1161.798301][T18251]  kobject_put+0x1e4/0x5a0
[ 1161.802882][T18251]  ? __pfx_vhci_release+0x10/0x10
[ 1161.808342][T18251]  put_device+0x1f/0x30
[ 1161.813291][T18251]  vhci_release+0x81/0xf0
[ 1161.817835][T18251]  __fput+0x3ff/0xb70
[ 1161.821998][T18251]  task_work_run+0x14e/0x250
[ 1161.826750][T18251]  ? __pfx_task_work_run+0x10/0x10
[ 1161.831990][T18251]  ? __put_net+0x61/0x70
[ 1161.836329][T18251]  do_exit+0xad8/0x2d70
[ 1161.840634][T18251]  ? proc_coredump_connector+0x2d2/0x4f0
[ 1161.846543][T18251]  ? __pfx_do_exit+0x10/0x10
[ 1161.851300][T18251]  do_group_exit+0xd3/0x2a0
[ 1161.855879][T18251]  get_signal+0x24ed/0x26c0
[ 1161.860709][T18251]  ? __pfx_get_signal+0x10/0x10
[ 1161.865777][T18251]  arch_do_signal_or_restart+0x90/0x7e0
[ 1161.871454][T18251]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1161.877768][T18251]  ? trace_irq_disable.constprop.0+0xea/0x140
[ 1161.884648][T18251]  irqentry_exit_to_user_mode+0x13f/0x280
[ 1161.891100][T18251]  asm_exc_invalid_op+0x1a/0x20
[ 1161.896090][T18251] RIP: 0033:0x14
[ 1161.899807][T18251] Code: Unable to access opcode bytes at 0xffffffffffffffea.
[ 1161.907309][T18251] RSP: 002b:0000000000000011 EFLAGS: 00010202
[ 1161.913644][T18251] RAX: 0000000000000000 RBX: 00007f6ac4fa5fa0 RCX: 00007f6ac4d8d169
[ 1161.921772][T18251] RDX: 9999999999999999 RSI: 0000000000000009 RDI: 0000000000000021
[ 1161.930039][T18251] RBP: 00007f6ac4e0e2a0 R08: 0000000000000006 R09: 0000000000000000
[ 1161.938184][T18251] R10: ffffffff81000000 R11: 0000000000000246 R12: 0000000000000000
[ 1161.946276][T18251] R13: 0000000000000000 R14: 00007f6ac4fa5fa0 R15: 00007ffcc748f548
[ 1161.954547][T18251]  ? 0xffffffff81000000
[ 1161.958865][T18251]  </TASK>
[ 1161.962071][T18251] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 1161.969526][T18251] CPU: 1 UID: 0 PID: 18251 Comm: syz.2.2345 Not tainted 6.14.0-rc5-syzkaller-00105-gf315296c92fd #0
[ 1161.980703][T18251] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1161.990827][T18251] Call Trace:
[ 1161.994246][T18251]  <TASK>
[ 1161.997279][T18251]  dump_stack_lvl+0x3d/0x1f0
[ 1162.002394][T18251]  panic+0x71d/0x800
[ 1162.006456][T18251]  ? __pfx_panic+0x10/0x10
[ 1162.010989][T18251]  ? show_trace_log_lvl+0x29d/0x3d0
[ 1162.016272][T18251]  ? check_panic_on_warn+0x1f/0xb0
[ 1162.021474][T18251]  ? debug_print_object+0x1a2/0x2b0
[ 1162.026738][T18251]  check_panic_on_warn+0xab/0xb0
[ 1162.031838][T18251]  __warn+0xf6/0x3c0
[ 1162.035907][T18251]  ? preempt_schedule_notrace+0x62/0xe0
[ 1162.041536][T18251]  ? debug_print_object+0x1a2/0x2b0
[ 1162.046815][T18251]  report_bug+0x3c0/0x580
[ 1162.051251][T18251]  handle_bug+0x54/0xa0
[ 1162.055481][T18251]  exc_invalid_op+0x17/0x50
[ 1162.060071][T18251]  asm_exc_invalid_op+0x1a/0x20
[ 1162.065084][T18251] RIP: 0010:debug_print_object+0x1a2/0x2b0
[ 1162.071198][T18251] Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 54 48 8b 14 dd 80 68 d3 8b 41 56 4c 89 e6 48 c7 c7 00 5d d3 8b e8 ff 63 b2 fc 90 <0f> 0b 90 90 58 83 05 86 f8 9a 0b 01 48 83 c4 18 5b 5d 41 5c 41 5d
[ 1162.090850][T18251] RSP: 0018:ffffc9000b777798 EFLAGS: 00010286
[ 1162.097239][T18251] RAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffffff817a2229
[ 1162.105349][T18251] RDX: ffff88801eba0000 RSI: ffffffff817a2236 RDI: 0000000000000001
[ 1162.113533][T18251] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000
[ 1162.121621][T18251] R10: 0000000000000001 R11: 0000000000000001 R12: ffffffff8bd363a0
[ 1162.129709][T18251] R13: ffffffff8b6fb900 R14: ffffffff8a5f7bf0 R15: ffffc9000b7778a8
[ 1162.137888][T18251]  ? __pfx_hci_devcd_timeout+0x10/0x10
[ 1162.143482][T18251]  ? __warn_printk+0x199/0x350
[ 1162.148393][T18251]  ? __warn_printk+0x1a6/0x350
[ 1162.153329][T18251]  ? debug_print_object+0x1a1/0x2b0
[ 1162.158797][T18251]  ? __pfx_hci_devcd_timeout+0x10/0x10
[ 1162.164303][T18251]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 1162.170147][T18251]  debug_check_no_obj_freed+0x4b7/0x600
[ 1162.175747][T18251]  ? __pfx_debug_check_no_obj_freed+0x10/0x10
[ 1162.181868][T18251]  ? kmem_cache_free+0x2e2/0x4d0
[ 1162.186859][T18251]  ? kfree_skbmem+0x1a4/0x1f0
[ 1162.191589][T18251]  kfree+0x29f/0x4d0
[ 1162.195609][T18251]  ? hci_release_dev+0x4d9/0x600
[ 1162.200601][T18251]  hci_release_dev+0x4d9/0x600
[ 1162.205412][T18251]  ? __pfx_hci_release_dev+0x10/0x10
[ 1162.210830][T18251]  ? rcu_is_watching+0x12/0xc0
[ 1162.215725][T18251]  ? kfree+0x260/0x4d0
[ 1162.219902][T18251]  bt_host_release+0x6a/0xb0
[ 1162.224527][T18251]  ? __pfx_bt_host_release+0x10/0x10
[ 1162.230022][T18251]  device_release+0xa1/0x240
[ 1162.234660][T18251]  kobject_put+0x1e4/0x5a0
[ 1162.239123][T18251]  ? __pfx_vhci_release+0x10/0x10
[ 1162.244191][T18251]  put_device+0x1f/0x30
[ 1162.248389][T18251]  vhci_release+0x81/0xf0
[ 1162.252843][T18251]  __fput+0x3ff/0xb70
[ 1162.256865][T18251]  task_work_run+0x14e/0x250
[ 1162.261790][T18251]  ? __pfx_task_work_run+0x10/0x10
[ 1162.267120][T18251]  ? __put_net+0x61/0x70
[ 1162.271421][T18251]  do_exit+0xad8/0x2d70
[ 1162.275704][T18251]  ? proc_coredump_connector+0x2d2/0x4f0
[ 1162.281584][T18251]  ? __pfx_do_exit+0x10/0x10
[ 1162.286216][T18251]  do_group_exit+0xd3/0x2a0
[ 1162.291191][T18251]  get_signal+0x24ed/0x26c0
[ 1162.295832][T18251]  ? __pfx_get_signal+0x10/0x10
[ 1162.300861][T18251]  arch_do_signal_or_restart+0x90/0x7e0
[ 1162.306490][T18251]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1162.312743][T18251]  ? trace_irq_disable.constprop.0+0xea/0x140
[ 1162.319126][T18251]  irqentry_exit_to_user_mode+0x13f/0x280
[ 1162.324982][T18251]  asm_exc_invalid_op+0x1a/0x20
[ 1162.329874][T18251] RIP: 0033:0x14
[ 1162.333450][T18251] Code: Unable to access opcode bytes at 0xffffffffffffffea.
[ 1162.340836][T18251] RSP: 002b:0000000000000011 EFLAGS: 00010202
[ 1162.346935][T18251] RAX: 0000000000000000 RBX: 00007f6ac4fa5fa0 RCX: 00007f6ac4d8d169
[ 1162.355200][T18251] RDX: 9999999999999999 RSI: 0000000000000009 RDI: 0000000000000021
[ 1162.363200][T18251] RBP: 00007f6ac4e0e2a0 R08: 0000000000000006 R09: 0000000000000000
[ 1162.371199][T18251] R10: ffffffff81000000 R11: 0000000000000246 R12: 0000000000000000
[ 1162.379378][T18251] R13: 0000000000000000 R14: 00007f6ac4fa5fa0 R15: 00007ffcc748f548
[ 1162.387382][T18251]  ? 0xffffffff81000000
[ 1162.391570][T18251]  </TASK>
[ 1162.395112][T18251] Kernel Offset: disabled
[ 1162.399592][T18251] Rebooting in 86400 seconds..