last executing test programs:

51.469051179s ago: executing program 2 (id=1007):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
utimes$auto(0x0, &(0x7f0000000e40)={0x80, 0xfffffffffffffff9})
madvise$auto(0x0, 0xfffffffffffefffd, 0x17)
madvise$auto(0x0, 0x20499d, 0x9)
r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
recvmmsg$auto(0x4, &(0x7f0000000200)={{0x0, 0x4, &(0x7f0000000140)={0x0, 0x4da}, 0x4, 0x0, 0x8, 0x800}, 0x3}, 0x7, 0xe, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
read$auto(0xffffffffffffffff, 0x0, 0x20)
writev$auto(r0, 0x0, 0x3)
set_mempolicy$auto(0x2, &(0x7f0000000080)=0x7e, 0x4)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000)
r1 = io_uring_setup$auto(0x6, 0x0)
socket(0x2, 0x5, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
capget$auto(0x0, 0xfffffffffffffffe)
setsockopt$auto(0x3, 0x10000000084, 0x79, 0x0, 0x8)
io_uring_register$auto(r1, 0xc, 0x0, 0x5)

50.107257756s ago: executing program 2 (id=1016):
sysfs$auto(0x2, 0x10000000000048, 0x0)
r0 = socket(0x2b, 0x1, 0x1)
ioctl$auto(r0, 0x8941, 0x4)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0x10, 0x2, 0x14)
socket(0x11, 0x80003, 0x300)
socket(0x10, 0x2, 0x0)
socket(0xa, 0x801, 0x100)
socket(0x2, 0x80002, 0x73)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x5, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x2, 0x0)
socket(0xa, 0x2, 0x0)
r2 = socket(0x10, 0x2, 0x14)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r2, &(0x7f0000003000)={0x0, 0x0, &(0x7f0000002fc0)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000000a14af"], 0x14}, 0x1, 0x0, 0x0, 0x80c3}, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYRES8=r2], 0x1ac}}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4c084}, 0x51)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x2}, 0x3, 0x0)
ioctl$auto(0x3, 0xc008aeba, 0xffffffffffffffff)

49.859854813s ago: executing program 2 (id=1019):
r0 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000001cc0), 0x101440, 0x0)
ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000000c0)={{0x0, 0x2, 0x200800, 0xffffffff, 0xfffffffb}, "0dd7fd004929347eeeccdf0732f77b1f6de0d6d51768a257a97ca5e9ca6310ea"})
ioctl$auto_SNDRV_TIMER_IOCTL_PAUSE(r0, 0x54a3, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_dfs_global_fops_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/ubifs/chk_index\x00', 0x595c00, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/vhci_hcd.10/usb30/ep_00/bmAttributes\x00', 0x12b5c0, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/machinecheck/machinecheck1/cmci_disabled\x00', 0x20102, 0x0)
open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84)
fallocate$auto(0x8000000000000003, 0x0, 0xd, 0xcbd5d)
memfd_secret$auto(0x0)
mmap$auto(0x0, 0x8, 0xfffffffffffffffa, 0x13, 0x3, 0x0)
r1 = pipe2$auto(0x0, 0x80)
sendfile$auto(0x6, 0x3, 0x0, 0xc01)
mmap$auto(0x7ff8000000000, 0x7, 0x3, 0xf8, 0xfffffffffffffffa, 0x5)
r2 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x80842, 0x91)
read$auto(r2, 0x0, 0x1)
write$auto(0x3, 0x0, 0xfffffdef)
unshare$auto(0x40000080)
unshare$auto(0x40000080)
openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/ieee80211/phy5/netdev:wlan0/stations/08:02:11:00:00:01/vht_capa\x00', 0x44080, 0x0)
mmap$auto(0x0, 0xfffffffffffffffe, 0xdf, 0x16, r1, 0xc3)
r3 = socket(0x25, 0x1, 0x2)
sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000004c0)=ANY=[@ANYBLOB="743e748bd2917d327f70992c0a3359d12dc411587ef4d2ce0ec105883ae7e3a7b96b03ccb9479401f5626248b960a1ede912c69e9c1cad300a6270cf239847a93e33fd6f61b3faa2311b940e8d4d9eae2fcbaaceecba85f59ab9a42e3b600f237d3b53513b48545492a40f82815e344c205d025173943ec7343552ad286aa063766711a01a09cf2119e11dbc75a0ea1b76b99e358e9eb1e4953d324e720e88e44c3b4e2a01925cbeac94fee579477684fd3676797bf9f00a2939e37b0e59a76da8ca4dbdd2ebc44abcc25147952a7e7647e3de66b7cbadcc0015838861556b0a175926bd4a354155ccd61e60de1a1cbf84f34b27310533dc55dcba0282158ce5418ab01da831bf7200a6de8462d5ada545303cecac1f22f4518f7d739acce35fe771b0d925f038b0751b08df7883a4f849", @ANYRESHEX], 0x1ac}, 0x1, 0x0, 0x0, 0x8841}, 0x40000)
read$auto(0x3, 0x0, 0xf34)
read$auto(r3, &(0x7f0000000040)='\x00', 0x10001)
read$auto(0x3, 0x0, 0x80)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/asound/card1/cable#0\x00', 0x101440, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)

48.611195342s ago: executing program 2 (id=1021):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_gtp(&(0x7f0000002f80), 0xffffffffffffffff)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r2 = socket(0x2, 0x3, 0x6)
lsm_list_modules$auto(0x0, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x401c5820, 0x0)
mkdir$auto(0x0, 0x353)
sendmsg$auto_GTP_CMD_NEWPDP(r0, &(0x7f0000003080)={0x0, 0x0, &(0x7f0000003040)={&(0x7f0000000040)={0x34, r1, 0x5, 0x70bd2b, 0x25dfdbfd, {}, [@GTPA_LINK={0x8, 0x1, 0x5}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_FLOW={0x6, 0x6, 0xb31}, @GTPA_O_TEI={0x8, 0x9, 0x401}]}, 0x34}, 0x1, 0x0, 0x0, 0x4c000}, 0x80)

47.65880581s ago: executing program 2 (id=1026):
r0 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
recvmmsg$auto(r0, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0)
mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x40000}, 0x20000800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

45.569350468s ago: executing program 2 (id=1037):
mmap$auto(0x0, 0x3, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
r0 = socket(0x2, 0x5, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2000, 0x0)
ioctl$auto(r1, 0x8000451a, r1)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x5, 0x0)
io_uring_setup$auto(0x2, 0x0)
socket(0x10, 0x2, 0x0)
socket(0x2, 0x3, 0x2)
socket(0x2, 0x3, 0x104)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, 0x0, 0x40, 0x0)
socketpair$auto(0x3, 0x5, 0x7, 0x0)
setsockopt$auto(0x3, 0x0, 0xf, 0x0, 0xb)
bind$auto(0x3, 0x0, 0x6b)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0x6, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311)

45.007222991s ago: executing program 32 (id=1037):
mmap$auto(0x0, 0x3, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
r0 = socket(0x2, 0x5, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2000, 0x0)
ioctl$auto(r1, 0x8000451a, r1)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x5, 0x0)
io_uring_setup$auto(0x2, 0x0)
socket(0x10, 0x2, 0x0)
socket(0x2, 0x3, 0x2)
socket(0x2, 0x3, 0x104)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, 0x0, 0x40, 0x0)
socketpair$auto(0x3, 0x5, 0x7, 0x0)
setsockopt$auto(0x3, 0x0, 0xf, 0x0, 0xb)
bind$auto(0x3, 0x0, 0x6b)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0x6, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311)

33.811715896s ago: executing program 0 (id=1085):
r0 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
recvmmsg$auto(r0, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0)
mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x40000}, 0x20000800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB, @ANYBLOB="1c"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

33.665521197s ago: executing program 0 (id=1086):
socket(0xa, 0x3, 0x3a)
setsockopt$auto(0x400000000000003, 0x29, 0xc8, 0x0, 0x1)
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x181881, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mprotect$auto(0x1000, 0x400000, 0x4)
r0 = io_uring_setup$auto(0x40000002c55, 0x0)
write$auto(0x3, 0x0, 0x3f00)
syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e</\xfd\x9b\xe4\x99G\xeaS\x9a\xadu(:\x94:\xaf\x06c=3>1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ipvlan1\x00'})
r1 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080))
getdents64$auto(r1, 0x0, 0x3)

33.237786277s ago: executing program 0 (id=1087):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f0000000b40), 0xffffffffffffffff)
sendmsg$auto_OVS_METER_CMD_FEATURES(r0, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000b80)={0x1c, r1, 0x1, 0x70bd2c, 0x25dfdbfb, {}, [@OVS_METER_ATTR_MAX_METERS={0x8, 0x7, 0x2}]}, 0x1c}}, 0x80) (fail_nth: 2)

32.564871031s ago: executing program 0 (id=1088):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_gtp(&(0x7f0000002f80), 0xffffffffffffffff)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r2 = socket(0x2, 0x3, 0x6)
lsm_list_modules$auto(0x0, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x401c5820, 0x0)
mkdir$auto(0x0, 0x353)
sendmsg$auto_GTP_CMD_NEWPDP(r0, &(0x7f0000003080)={0x0, 0x0, &(0x7f0000003040)={&(0x7f0000000040)={0x34, r1, 0x5, 0x70bd2b, 0x25dfdbfd, {}, [@GTPA_LINK={0x8, 0x1, 0x5}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_FLOW={0x6, 0x6, 0xb31}, @GTPA_O_TEI={0x8, 0x9, 0x401}]}, 0x34}, 0x1, 0x0, 0x0, 0x4c000}, 0x80)

32.113138756s ago: executing program 0 (id=1090):
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r0 = socket(0xa, 0x801, 0x84)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
getrandom$auto(0x0, 0xe06, 0x3)
setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0x8)
setsockopt$auto(0x3, 0x84, 0x17, 0x0, 0x70ed581b)
close_range$auto(0x2, 0x8000, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r1 = socket(0x80000000000000a, 0x2, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
r2 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0)
ioctl$auto_posix_clock_file_operations_posix_clock(r2, 0xc0603d06, 0x0)
setsockopt$auto(r1, 0x11, 0x64, 0x0, 0x7)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f00000000c0), r1)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x18, r4, 0x20, 0x70bd2c, 0x25dfdbfb, {}, [@HWSIM_ATTR_NO_VIF={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0x24000000)
r5 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), r3)
socket(0x23, 0x800, 0x7)
sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYRES16=r5, @ANYRES16=r5, @ANYRES16=r0], 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x40080)

31.382499401s ago: executing program 0 (id=1092):
socket(0x23, 0x80805, 0x0)
inotify_init1$auto(0x3000000000000)
mmap$auto(0x0, 0x2020009, 0x126, 0xf8, 0xffffffffffffffff, 0x8000)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@ethernet={0x1, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1cc5087217524dd0}}, 0x6a)
ioctl$auto(0x3, 0x89e0, 0x38)
r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x80081, 0x0)
write$auto_seq_oss_f_ops_seq_oss(r0, &(0x7f00000002c0)="f618deadf7e888b1ff8bff71c49054428f819e30236ce79200d01532f2ed0d000000008d5d8e9dea0337f5095b82a54456f845800adbfbd11b66630e687bbca2612c912a6f57eb9f9944281954e2c5da22daf73acc711a3d9b6758b7a6e74bae890345225264da35ac3be11d2f555b8d08cef68f4a3aa938391dfbc0841813c93c41ee53b7e310c21563c1d8cbcde6549675fbe14b917c5b0a23069452100c3110990884271e91b8f6497e89091dc41c4cdd1769725f5f6d78aaac6367115bb64416e289", 0xc4)
unshare$auto(0x40000080)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0)
ioctl$auto_TCFLSH2(r2, 0x80045439, 0x0)
ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0)
close_range$auto(r2, 0x8, 0x0)
r3 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$auto_dma_heap_fops_dma_heap(r3, 0xffffffffffdffe00, &(0x7f0000000140)=';')
ioctl$auto(0x3, 0x541b, 0xfffffffffffff4e0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100)
mmap$auto(0x0, 0x4020009, 0x7ffd, 0xeb1, 0x401, 0x8000)
read$auto(r4, 0x0, 0xbcd5)
close_range$auto(0x2, 0x8, 0x0)
r5 = socket(0xa, 0x2, 0x0)
setsockopt$auto(r5, 0x29, 0x3b, &(0x7f0000000080)='\x15!\xa8^J/\xddCx4!\x00\xd3\x8f\x1e\x1b\xc3 \xe2\xa8\xd6\xd9\xc0\xa2\x0f\x88\xb1e\x8a\xd8?\xfe\xda\xc4\xef\xff(i\xc6@\x91[\vBj\x0eQ\xce\x16\'C\x8cYA\x92u\xd5\xb8\\\x82,\xe2=y\x8bR\xbcc\x16~\x86\"\xa0\x94hS\xa5\xfe\xb5\x00\x00', 0x110)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "00000000000000e4ceb81b00"}, 0x80000001)

30.715305944s ago: executing program 33 (id=1092):
socket(0x23, 0x80805, 0x0)
inotify_init1$auto(0x3000000000000)
mmap$auto(0x0, 0x2020009, 0x126, 0xf8, 0xffffffffffffffff, 0x8000)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@ethernet={0x1, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1cc5087217524dd0}}, 0x6a)
ioctl$auto(0x3, 0x89e0, 0x38)
r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x80081, 0x0)
write$auto_seq_oss_f_ops_seq_oss(r0, &(0x7f00000002c0)="f618deadf7e888b1ff8bff71c49054428f819e30236ce79200d01532f2ed0d000000008d5d8e9dea0337f5095b82a54456f845800adbfbd11b66630e687bbca2612c912a6f57eb9f9944281954e2c5da22daf73acc711a3d9b6758b7a6e74bae890345225264da35ac3be11d2f555b8d08cef68f4a3aa938391dfbc0841813c93c41ee53b7e310c21563c1d8cbcde6549675fbe14b917c5b0a23069452100c3110990884271e91b8f6497e89091dc41c4cdd1769725f5f6d78aaac6367115bb64416e289", 0xc4)
unshare$auto(0x40000080)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0)
ioctl$auto_TCFLSH2(r2, 0x80045439, 0x0)
ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0)
close_range$auto(r2, 0x8, 0x0)
r3 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$auto_dma_heap_fops_dma_heap(r3, 0xffffffffffdffe00, &(0x7f0000000140)=';')
ioctl$auto(0x3, 0x541b, 0xfffffffffffff4e0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100)
mmap$auto(0x0, 0x4020009, 0x7ffd, 0xeb1, 0x401, 0x8000)
read$auto(r4, 0x0, 0xbcd5)
close_range$auto(0x2, 0x8, 0x0)
r5 = socket(0xa, 0x2, 0x0)
setsockopt$auto(r5, 0x29, 0x3b, &(0x7f0000000080)='\x15!\xa8^J/\xddCx4!\x00\xd3\x8f\x1e\x1b\xc3 \xe2\xa8\xd6\xd9\xc0\xa2\x0f\x88\xb1e\x8a\xd8?\xfe\xda\xc4\xef\xff(i\xc6@\x91[\vBj\x0eQ\xce\x16\'C\x8cYA\x92u\xd5\xb8\\\x82,\xe2=y\x8bR\xbcc\x16~\x86\"\xa0\x94hS\xa5\xfe\xb5\x00\x00', 0x110)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "00000000000000e4ceb81b00"}, 0x80000001)

7.940904594s ago: executing program 3 (id=1187):
mmap$auto(0x0, 0x20009, 0xdf, 0x20000000eb1, 0x401, 0x8000)
syz_clone(0x40100100, 0x0, 0x0, 0x0, 0x0, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/mm/transparent_hugepage/hugepages-512kB/enabled\x00', 0x129302, 0x0)
write$auto(r0, 0x0, 0x800f)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000bc0), 0xffffffffffffffff)
signalfd$auto(0xffffffff, 0x0, 0x8)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/platform/dummy_hcd.1/usb2/bConfigurationValue\x00', 0x101142, 0x0)
write$auto(r1, &(0x7f0000000100)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3C', 0x4)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
mincore$auto(0x9, 0xcc, &(0x7f0000000080)='\\&-\'\x00')
socket(0xa, 0x2, 0x0)
unshare$auto(0x40000080)
setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b)
openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/buffer_size_kb\x00', 0x0, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x20681, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000200), 0xa000, 0x0)
open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154)
execve$auto(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)

6.864531886s ago: executing program 4 (id=1194):
close_range$auto(0x2, 0x8, 0x0)
r0 = memfd_secret$auto(0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000200)='/dev/snd/midiC2D1\x00', 0x40f00, 0x0)
ioperm$auto(0x3, 0xe, 0x2000000000000149)
madvise$auto(0x0, 0xffffffffffff0008, 0x19)
r2 = openat$auto_ima_ascii_measurements_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000000), 0x228280, 0x0)
mmap$auto(0x4, 0x6, 0xdc, 0xeb1, r2, 0x8000)
io_getevents$auto(0x80000000, 0x9, 0x0, 0x0, 0x0)
setfsgid$auto(0xee01)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x101200, 0x0)
msgctl$auto_IPC_STAT(0x5, 0x2, &(0x7f00000000c0)={{0x0, 0x0, 0x0, 0x2, 0x20002, 0xe, 0x8}, &(0x7f0000000040)=0x2, &(0x7f0000000080)=0x9, 0x5, 0x6, 0xffffffff00800002, 0x7439e83b, 0x1, 0x1ff, 0x2, 0x9, @inferred, @inferred=0xffffffffffffffff})
r3 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x1ac}}, 0x810)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x120240, 0x0)
r4 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
recvmmsg$auto(r4, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x803}, 0xfffffff9, 0x10, 0x0)
r5 = socket(0xa, 0x5, 0x84)
setsockopt$auto(r5, 0x10000000084, 0x22, 0x0, 0x10)
ioctl$auto_SNDRV_RAWMIDI_IOCTL_STATUS32(r1, 0xc0245720, &(0x7f0000000240)={0x1, 0x0, 0x3, 0x6, 0xb04d, "68e6fe89d79059ae94debcc36b2972d2"})
write$auto(0x3, 0x0, 0xfffffdef)
mmap$auto(0x0, 0x8, 0xfffffffffffffffa, 0x13, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'veth1_virt_wifi\x00', <r6=>0x0})
sendmsg$auto_ETHTOOL_MSG_WOL_SET(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="3980dc85fa0000fd5fcc9ad11a61c8656039c9b53b4e7e1608af1395bf5716968428d260d0da73fb3d2ef8564d95549004a53f1d161a00f1051a8288c38a7718082e5f0696834cf4281fcd0464f7d7c73761b8b912516a95651982e8c7a989ae690a3b29951cdc922ac8d39fd482ef088be3f1dab06e49f9c97a802e546155782a3144615393ad7aab360b14ae58aa1998839260bfe308943ba00f092fae1bdee4ed27e6ec843e468214347fc9b469bfe283792297912f95a6d828fb468f8155f905052dbb77704ba945ddb2b8127ed6ca7232cc0ef7353c8216bb7c8a0673639837bff1cec929cfaca64fb2b6a4e9c9122052d137f39764072c070f2e0041e0688a19984311355bbbdd3279d4fcd35c79347fc84506e7ce6795d6d3", @ANYRES16=0x0, @ANYBLOB="10002dbd7000ffdbdf250a000000090003007368de95490000005400018008000100", @ANYRES32=r6, @ANYBLOB="1400020069703665727370616e300000000000000800030007000000080003000100008008000300b70d00001400020069703665727370616e3000000000000008000100", @ANYRES32=0x0, @ANYBLOB], 0x74}, 0x1, 0x0, 0x0, 0xd0}, 0x8000)
openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
io_uring_setup$auto(0x6, 0x0)

6.222904532s ago: executing program 3 (id=1200):
r0 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000000), 0x40540, 0x0)
ioctl$auto_USB_RAW_IOCTL_EP_ENABLE(r0, 0x40095505, &(0x7f0000000080)={0x8, 0x1, 0x0, 0x3, 0x2, 0xd, 0x4, 0x7}) (fail_nth: 5)

5.956700538s ago: executing program 3 (id=1203):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
close_range$auto(0x2, 0xa, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r0 = socket(0x11, 0x80003, 0x300)
ustat$auto(0x801, 0x0) (async, rerun: 64)
setsockopt$auto(r0, 0x107, 0x8, 0x0, 0x6) (rerun: 64)
recvmmsg$auto(0x3, 0x0, 0xb94, 0x0, 0x0)
mknod$auto(&(0x7f0000000040)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00'/263, 0x1, 0x4)
lstat$auto(&(0x7f0000000500)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00', 0x0)
mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) (async)
shutdown$auto(0x200000003, 0x2) (async, rerun: 64)
recvmmsg$auto(0x3, 0x0, 0x86873cbd, 0xa, 0x0) (rerun: 64)
getrandom$auto(0x0, 0x6000000, 0x3) (async, rerun: 32)
r1 = socket(0x1d, 0x3, 0x1) (rerun: 32)
ioctl$auto_XFS_IOC_FSCOUNTS(r1, 0x80205871, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2) (async)
socket(0x2, 0x801, 0x106) (async)
socket$nl_generic(0x10, 0x3, 0x10)
io_uring_setup$auto(0x6, 0x0)
r2 = socket(0x10, 0x80002, 0x0) (async)
close_range$auto(0x2, 0x8000, 0x0) (async)
io_uring_setup$auto(0x6, 0x0) (async)
timerfd_create$auto(0x0, 0x0)
timerfd_settime$auto(r2, 0x3, 0x0, 0x0)
adjtimex$auto(&(0x7f0000000000)={0x1ff, 0x0, 0xff, 0x6, 0x8, 0x0, 0x10, 0x0, 0x2, 0xbf, 0x1f6a, {0x0, 0x3}, 0x9, 0x1, 0x2, 0x6, 0x0, 0x8, 0x545, 0x1, 0x0, 0x8}) (async)
read$auto(0x3, 0x0, 0x80) (async)
close_range$auto(0x2, 0x8, 0x0)

5.89449428s ago: executing program 4 (id=1204):
poll$auto(&(0x7f0000000040)={0x3, 0x1, 0x5}, 0x5, 0x80000000)

5.676944152s ago: executing program 4 (id=1206):
socket(0xa, 0x6, 0x0)
connect$auto(0x3, &(0x7f0000000040)=@ethernet={0x1, @multicast}, 0x51)

5.639642763s ago: executing program 4 (id=1207):
socket(0x2, 0x1, 0x106)
capget$auto(0x0, 0xfffffffffffffffe)
socket(0x2, 0x2, 0x0)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
mmap$auto(0x0, 0xb, 0x10000, 0x16, 0x401, 0x8)
syz_clone(0x40000000, 0x0, 0x25, 0x0, 0x0, 0x0)
statx$auto(0x564, 0xfffffffffffffffc, 0x1000, 0x3, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
ioperm$auto(0x8000000000000001, 0x80000000, 0x2000000000000149)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$auto_dma_heap_fops_dma_heap(0xffffffffffffffff, 0xffffffffffdffe00, &(0x7f0000000140)=';')
select$auto(0x40000008, 0x0, &(0x7f0000000340)={[0x9, 0x8000, 0xfffffffffffffffd, 0xd7d, 0x1000000004bd, 0x9, 0x1000000000100, 0xc, 0x9, 0x7, 0x8, 0x20000004, 0x847, 0xffffffff7fffffff, 0x401, 0x80000001]}, 0x0, 0x0)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/tty45\x00', 0x201, 0x0)
pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x89\x06s\x1cJ\x99\x00:\x00!\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x10, 0x6)
ioctl$auto_TIOCSTI2(r1, 0x5412, &(0x7f00000003c0)="12915fb9d5bbef71b00090579f0bdaa9deca4529876102f51cd762cb2f7749c01dffb4bc1a09a47dded987482743dd3f88bf137e146f8c47b8fba8bc82c2e684d48f506e20940bd00b003c5575221b49b8ca59698fb75db2eaf3d576edecbc0b65dafa3f9baf6f760c17c2af082cbf1a492f7d4bb5e036b428a838855c0d2beac97d152125a2499d9ea65ea79fdcbd4b917274fd383a35e9b8902923227e133eed29415cc350d77b4beadd3059f29c88842e8cae7b5e")
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
setfsuid$auto(0xee00)
sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x3222b14561ab0a8b}, 0xc, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0x4000}, 0x4080)
syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f00000001c0), r0)
unshare$auto(0x40000080)
open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x64)
mkdir$auto(&(0x7f00000002c0)='./cgroup\x00', 0x6)
socket(0x2, 0x1, 0x0)
rmdir$auto(&(0x7f0000000300)='./cgroup\x00')

4.608697737s ago: executing program 3 (id=1210):
r0 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000003140), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_COALESCE_GET(0xffffffffffffffff, &(0x7f0000003200)={0x0, 0x0, &(0x7f00000031c0)={&(0x7f0000003180)=ANY=[@ANYBLOB="14000000", @ANYRES16=r0, @ANYBLOB='\x00'/14], 0x14}, 0x1, 0x0, 0x0, 0x6000091}, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
unshare$auto(0x40000080)
r1 = open(&(0x7f0000000800)='./file0\x00', 0xe4201, 0x17c)
fcntl$auto(r1, 0x400, 0x1)
socket(0x1, 0x2, 0x40000008)
unshare$auto(0x40000080)
r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/ip6_mr_vif\x00', 0x0, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r2, &(0x7f00000000c0)=""/4087, 0xff7)
mmap$auto(0x0, 0x20009, 0x7, 0xeb1, 0x0, 0x8000)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='/sys/kernel/mm/transparent_hugepage/shrink_underused\x00', 0x0, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000140)=""/1, 0x1)
setsockopt$auto(0x400000000000003, 0x20000029, 0x21b, 0x0, 0x3)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd3/queue/iosched/write_expire\x00', 0x20681, 0x0)
open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x30)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r4)
sendmsg$auto_NL80211_CMD_GET_WIPHY(r4, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000140)=ANY=[@ANYBLOB="18000000", @ANYRES16=r5, @ANYBLOB="810b25bd7080fbdbdf25010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0xc004)
recvmmsg$auto(r4, &(0x7f0000000180)={{0x0, 0x5, 0x0, 0x0, 0x0, 0x7, 0x6}, 0x20000804}, 0x210a, 0x6, 0x0)
r6 = openat$auto_buffer_percent_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/tracing/buffer_percent\x00', 0x1, 0x0)
writev$auto(r6, &(0x7f00000035c0)={0x0, 0x4}, 0x9)
r7 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC0\x00', 0x101a02, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r7, 0xc1105517, &(0x7f00000001c0)={{@raw=0xfff, 0x100110d, 0xfffd, 0x6, "e927783f468fa2e92fe8ec7a46cbb766439daa1ee1aa0000000000040000660e0701000000000000008000"}, 0x6, 0x0, 0x4, @raw=0x404, @enumerated={0x55d3, 0x7, "bf154d70dcfcea02faacb07c4222db1f207fdb681dc9b0bf2c6c9ce16d51ebc73df6a7aa16659cd5e4dc8374caf945548e604179f1f87c3bd8701d3d5c3d998c", 0xffffffffffffffff, 0x91e0}, "a4699d30a05edbe0d28473c399a7dc920b153e9b1675451d7de94b4123f970bedd3460c667373fcc59b584d81592f6ab606c276852295e00af49e6de6e768034"})
r8 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/ip6_mr_vif\x00', 0x0, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r8, &(0x7f00000000c0)=""/4087, 0xff7)

3.948502513s ago: executing program 1 (id=1214):
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/fs/cifs/LinuxExtensionsEnabled\x00', 0x842, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/block/nbd2/mq/0/cpu_list\x00', 0xa0440, 0x0)
r1 = socket(0x1d, 0x5, 0x88)
getsockopt$auto(r1, 0x1, 0x40, &(0x7f00000000c0)='\x05/\xc3:\x00', &(0x7f0000000100)=0x7)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000080)=""/64, 0x40)
r2 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100)
fallocate$auto(r2, 0x0, 0x400000a, 0x4b)
lseek$auto(0x3, 0x2, 0x4)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6c, 0x0, 0x0, 0xfffffffffffffffd, 0x4ea, 0x1, 0x6, 0x0, 0x1, 0x0, 0x8, {0x100000000, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x6, 0x0, 0x80000004, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804})
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x2, 0x0)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000500)='/dev/video0\x00', 0x0, 0x0)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
r4 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0x18, 0x5, 0x2)
getpeername$auto(0x3, 0x0, 0x0)
read$auto_mon_fops_text_t_mon_text(r4, &(0x7f0000000040)=""/64, 0x40)
clock_adjtime$auto(0x6bc8, &(0x7f00000005c0)={0x7, 0x0, 0x8, 0x8000000000000001, 0x7, 0xfffffffffffffff7, 0x6, 0x0, 0x2, 0x2, 0x1, {0xf, 0x7}, 0x82ba, 0x7ff, 0x59d, 0x5, 0x0, 0x8000000000000000, 0x100000000, 0x6, 0x9, 0x7, 0x1000})
select$auto(0x6, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x200000000007, 0xd, 0x1, 0x948b, 0x3, 0x7f, 0x3, 0x3, 0x9, 0x80040001, 0x7, 0x6dbf, 0x9, 0x9, 0xfffffffffffffffd]}, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan1\x00'})
sendmmsg$auto(0xffffffffffffffff, 0x0, 0x2, 0x100)
socket(0xf, 0x3, 0x2)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x155)
socket(0xa, 0x3, 0x3b)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55)

3.897914124s ago: executing program 4 (id=1215):
mmap$auto(0x0, 0x4, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
close_range$auto(0xffffffffffffffff, 0xfffffffffffff000, 0x2)
io_uring_enter$auto(0xffffffffffffffff, 0x1, 0x401, 0x0, 0x0, 0x18)
mmap$auto(0x0, 0x9, 0xe0, 0x1000000ebe, 0x401, 0x8000)
mknod$auto(0x0, 0x1081, 0x3)
close_range$auto(0x2, 0x8, 0x0)
r0 = creat$auto(0x0, 0x4)
r1 = creat$auto(0x0, 0x9)
socket(0x2, 0x80002, 0x73)
r2 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
write$auto(0x3, 0x0, 0xfffffdef)
ioctl$auto(0x3, 0x5412, 0x38)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
personality$auto(0x40004010410ffc)
io_setup$auto(0x10000, 0x0)
rseq$auto(&(0x7f00000002c0)={0xfffff400, 0x400, 0x0, 0x20006, 0xfffffdfb, 0x2}, 0xe0, 0x0, 0x7)
ioperm$auto(0x3, 0xe, 0x2000000000000149)
r3 = openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000380), 0x101100, 0x0)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/block/zram0/algorithm_params\x00', 0xa001, 0x0)
write$auto(r4, &(0x7f0000000140)='\xc7\x83=\"\xad\xff\x8d\xf9;\x18\xa4\xb0\xb4\xd9]\xce\xd8Q~\x17\xfb&L\xf9=b\a\xf1y\xb3\"\x80 B\xb1\x18[\x8f\xdf\x84\'\x8e\x0e+\xbcwx\xe6-!\xfe\xf7\x83\x7f\xc5&\xb6\xb7j\x0f\xa1\xbe!t\x17\x9b?\xbb\xf7\xec\xcc\xd4b\xb1\xc7\xf0\xa1D\x12,I\a\x00\x00\x00\x00\x00\x00\x00%\xcd@Ky\x05\xa6\xe8\xf9^\t\xff\x06\x0eD\xe5\xcd\xcb\xd2\x81\xbf%\x1e\xb4\x94\xf8\xfcj\xd3;\xf4\xcc\xa2\x18\xb6\xc4', 0x81)
socket(0x15, 0x5, 0x2)
sendmsg$auto_SEG6_CMD_GET_TUNSRC(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYRES8=r2, @ANYRESDEC=r0, @ANYBLOB="e70091555e819178d78af009ca7dfa77b2ffc5e244e6cdff796fb35aa2d611d0c7ebbbaddb0f72f98f32e01b8bc318c31a"], 0xfffffffffffffe81}, 0x1, 0x0, 0x0, 0x40041}, 0x4044000)
openat$auto_proc_tid_children_operations_internal(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
kcmp$auto(0x0, 0x0, 0xbbe5, r3, 0xffffffffffffffff)
unshare$auto(0x40000080)
unshare$auto(0x40000080)
sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYRES64=r2, @ANYRESDEC=r1, @ANYBLOB="0f0026bd7000df9907"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4)
prctl$auto_PR_PPC_SET_DEXCR(0x49, 0x8, 0x0, 0x3, 0x4)

3.655093312s ago: executing program 5 (id=1216):
socket(0xa, 0x3, 0x3a)
setsockopt$auto(0x400000000000003, 0x29, 0xc8, 0x0, 0x567)
mmap$auto(0xfffffffffffffffe, 0x20040000a, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, 0x0, 0xc4780, 0x0)
close_range$auto(0x2, 0xa, 0x1)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000002e00), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_PRIVFLAGS_SET(r0, &(0x7f0000003680)={0x0, 0x0, &(0x7f0000003640)={&(0x7f0000002f80)={0x30, r1, 0x1, 0x70bd29, 0x25dfdbfb, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x4}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vxcan1\x00'}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x10}, 0x20000810)
socket(0x18, 0xa, 0x1)
mmap$auto(0x0, 0x2020009, 0x4000000000000003, 0xeb1, 0xfffffffffffffffa, 0x8000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'netdevsim0\x00', <r3=>0x0})
bpf$auto(0x5, &(0x7f0000000300)=@bpf_attr_3={0x6, 0x24, 0xf, 0x63, 0x400, 0x0, 0xffffffffffffffff, 0x80f0c8, 0x60, "38c1d5cbcb9f6b5e511f0cd8ed068f65", r3, 0x113e33f2, 0xffffffffffffffff, 0xe4, 0x6, 0x5, 0x6, 0x8, 0x0, 0x3, @attach_prog_fd, 0x6, 0xffff, 0x8, 0x0, 0xfffffffe}, 0x47)
socket(0xa, 0x2, 0x0)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
r4 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000100), 0x80000, 0x0)
ioctl$auto_UBI_IOCDET(r4, 0x40046f41, &(0x7f0000000140)=0xfffffffa)
ioperm$auto(0x3, 0x5, 0x149)
fgetxattr$auto(0xffffffffffffffff, 0x0, 0x0, 0x3)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_uprobe_events_ops_trace_uprobe(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/uprobe_events\x00', 0x202, 0x0)

2.669012676s ago: executing program 5 (id=1217):
r0 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
recvmmsg$auto(r0, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0)
mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x40000}, 0x20000800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, 0x0, 0x3, 0x0)

2.473771777s ago: executing program 1 (id=1218):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_PRIVFLAGS_GET(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)={0x14, r1, 0x301, 0x70bd2a, 0x25dfdbfc}, 0x14}, 0x1, 0xffffffa6}, 0x8000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001d00), r2)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/fs/btrfs/features/free_space_tree\x00', 0x40c00, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000000140)=""/181, 0xb5)
sendmsg$auto_ETHTOOL_MSG_RINGS_SET(r2, &(0x7f0000001dc0)={0x0, 0x0, &(0x7f0000001d80)={&(0x7f0000001d40)={0x14, r3, 0x1, 0x70bd27, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x90}, 0x80000)

2.366523134s ago: executing program 5 (id=1219):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
io_uring_setup$auto(0x58, 0x0)
sysfs$auto(0x2, 0x10000000000048, 0x0)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x211883, 0x0)
r0 = fsopen$auto(0x0, 0x1)
r1 = openat$auto_bch_chardev_fops_chardev(0xffffffffffffff9c, &(0x7f0000000040), 0x4801, 0x0)
ioctl$auto_BCH_IOCTL_QUERY_COUNTERS(r1, 0x4008bc15, &(0x7f0000000080)={0x3, 0x1, 0x0, [0xe98d, 0x6, 0xb, 0x4]})
close_range$auto(0x2, 0x8, 0x0)
openat$auto_media_devnode_fops_mc_devnode(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/media3\x00', 0x80, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$auto(0x3, 0x4040ae79, r0)

2.065138912s ago: executing program 1 (id=1220):
openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, 0xfffffffffffffffe, 0x4d2142, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = socket(0x11, 0x80003, 0x300)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_macsec(&(0x7f00000000c0), 0xffffffffffffffff)
mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000)
r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0)
ioctl$auto(0x3, 0x400c4d05, 0x5)
r4 = geteuid()
ioctl$auto(r3, 0x2, r1)
sendmsg$auto_MACSEC_CMD_UPD_RXSC(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB="200050bf84325746764a4e799bd27f02810000", @ANYRES16=r2, @ANYBLOB="01022bbd7000fedbdf25030000000400028008000100", @ANYRES32=0x0, @ANYBLOB], 0x20}, 0x1, 0x0, 0x0, 0x54}, 0x48010)
setuid$auto(r4)
setsockopt$auto(r0, 0x107, 0xe, 0x0, 0x4)
r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/tty45\x00', 0x201, 0x0)
r6 = syz_genetlink_get_family_id$auto_nfc(&(0x7f00000000c0), r0)
sendmsg$auto_NFC_CMD_STOP_POLL(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000100)={&(0x7f0000000180)={0x58, r6, 0x200, 0x70bd2a, 0x25dfdbfc, {}, [@NFC_ATTR_TARGET_INDEX={0x8, 0x4, 0xa}, @NFC_ATTR_DEVICE_NAME={0x7, 0x2, '(:-'}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x3}, @NFC_ATTR_FIRMWARE_NAME={0x6, 0x14, '})'}, @NFC_ATTR_LLC_PARAM_RW={0x5, 0x10, 0x3}, @NFC_ATTR_DEVICE_NAME={0x14, 0x2, 'veth0_virt_wifi\x00'}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x6}]}, 0x58}, 0x1, 0x0, 0x0, 0x40000}, 0x44084)
sendmsg$auto_NFC_CMD_LLC_SET_PARAMS(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x2c, r6, 0x800, 0x70bd28, 0x25dfdbfe, {}, [@NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x400}, @NFC_ATTR_TM_PROTOCOLS={0x8, 0xe, 0x5}, @NFC_ATTR_TARGET_INDEX={0x8, 0x4, 0x85af}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20040000}, 0x40040)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bpq1/carrier_down_count\x00', 0x100, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r8 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), r1)
sendmsg$auto_NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000140)={&(0x7f0000000580)={0x2d8, r8, 0x200, 0x70bd2c, 0x25dfdbfc, {}, [@NL80211_ATTR_HE_BSS_COLOR={0x14, 0x11b, 0x0, 0x1, [@NL80211_HE_BSS_COLOR_ATTR_COLOR={0x5, 0x1, 0xb5}, @NL80211_HE_BSS_COLOR_ATTR_DISABLED={0x4}, @NL80211_HE_BSS_COLOR_ATTR_PARTIAL={0x4}]}, @NL80211_ATTR_AUTH_TYPE={0x8, 0x35, 0x8}, @NL80211_ATTR_CIPHER_SUITE_GROUP={0x8, 0x4a, 0x7}, @NL80211_ATTR_IE_ASSOC_RESP={0x29d, 0x80, "54e5a6c47091c385afc50a38a625c0845e1134add31387744c7d3810802e3699b6689c895e4f04dacede00367c6f9135ed982246bacf7033dd26287d0285be6c6b19af5dee79c14de8bb04fb1b3d23f462dcce2bf0b663073612fb49b06d52c2a5e93d36c6907561f85fe9dd116240d1821c5252e34beddc78847deb6679de8333a794c458a48e1e6fdba7703813b2120fef849978e2ed5b43dd00a30e071c1d4c5a4ff7eaabbec70ddcc55eb4eec77df5a2a0ca37cf905eb5d6c76ea98bf4a895a3b2195e3a57ad4064868827389b4ffb00f9a5f947333e12a5a882a16c53b43bb48af2162c6115132e6b3c9b87af302f5379b0863d977af9f5308aa4689531b074a64425cf441d02a6e34e54d10297adc4b0164aeba7179bfd55d2607b158fb0f3494d789dc2a9b106cd781cad3a60993288a7839d266a671732ff74214d25c6c21dce01329955c80c83c025c37a126779a94cd9e55739caf176ba937a52a4b14aed7ad49c85b4cac73a21741092d53b5546b2c4ccad819b7611b2638fe1e1e1c94e92c3239a4b2807e05ff99fddfe686361d9375f5ad599f880076f60b5fb3366ba2fe1a9156cd87ebbc543b7354ab2a1b278736cf7dabe509bde14941e9d4d0d2a0ec6c8590bfd6b25d5cdb99f434aba064402d1464b22131e5a580dbfd8a6aed8ac7a922a6d6780243ad901fffe365bff9981c8250676dc25c927940c16b7441549dea9b100cdfb75bda909cd30c049246c86091925a89cdeeb04d476e3e01d7a8f7a7c0d57200fe4048112849b221c7b1f09ff9cd710a13bb50ff46bc0e928ae786be2c509c871c1cc808fbead0bac2104ed99403c020cbaf656f325cff80e3e19dd9d6b07fed4291ce053ffb0b6e6f8c08d5c10d23103d8ba50abaa493dd7dea502c8a67b609bad8d22f5c4cf79040f096233567872"}]}, 0x2d8}, 0x1, 0x0, 0x0, 0x14}, 0x880)
r9 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xae00, 0x0)
ioctl$auto_KVM_CREATE_VM(r9, 0xae01, 0x0)
socket(0x10, 0x2, 0x0)
syz_open_procfs$namespace(0x0, 0x0)
socketpair$auto(0x1f, 0x4, 0x8000000000000000, 0x0)
ioctl$auto(0x3, 0xc048aec8, r7)
ioctl$auto_TIOCSTI2(r5, 0x5412, 0x0)
syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000000), r0)

1.969937068s ago: executing program 5 (id=1221):
r0 = socket(0x10, 0x2, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$auto(0x10, r2, 0x4, 0x7ff)
timer_create$auto(0x7355, &(0x7f00000002c0)={@sival_int=0xfffffff9, @inferred=r0}, &(0x7f0000000380)=0x6)
r3 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="1b0026bd7000fedbdf250300000004000800100003800c00148008000600", @ANYRES32=r1, @ANYBLOB="12000100898771f1c19f1779048590822ad90000040002"], 0x40}, 0x1, 0x0, 0x0, 0x4004040}, 0x4800) (async)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/dummy0/addr_gen_mode\x00', 0x1, 0x0)
fstat$auto(r4, &(0x7f0000000a40)={0x4, 0x7, 0x8, 0xfffffff9, 0xee01, 0xee01, 0x0, 0x35, 0x3, 0x2, 0x800, 0x8000000000000001, 0x9, 0xb5, 0x10, 0x9fb, 0x3})
timer_create$auto(0xa, &(0x7f0000000080)={@sival_ptr=&(0x7f0000000000)="24b48dbf3b60759cc2ed016eafe041b4d3e568ef2196f02c4fc5f1069a2baa7f2d0d401d8c08ae6b43a1a053a11d8ad9b6c6d774c441535ea049fb52100ca3b13f169926b17837019008a2f8db61411ff9c3b2578782e1658fedf8cefcffb2a07ad04a80dffebb2d3c82a472034723517815dfa4d18ddc", @raw=0x9000, 0xfc}, &(0x7f00000000c0)=0x5) (async)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0xa, 0x2, 0x73)
connect$auto(0x3, 0x0, 0x55) (async, rerun: 64)
futex_waitv$auto(&(0x7f0000000300)={0x0, 0x4, 0x2}, 0x1, 0x0, &(0x7f0000000340)={0x225c17d03, 0x800006}, 0x0) (rerun: 64)

1.600266631s ago: executing program 3 (id=1222):
r0 = open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0xb2)
mmap$auto(0x0, 0x9, 0x3, 0x8012, 0x3, 0x8000)
ioctl$auto_TIOCSETD2(r0, 0x5423, &(0x7f0000000040)="8fefb8e5024463cb3d7365d07901050b022ed34c00")
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
lsm_list_modules$auto(0x0, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x1, 0x80000, 0x868d)
socket(0xa, 0x5, 0x0)
setsockopt$auto(0x3, 0x10000000084, 0x75, 0x0, 0x8)
openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)={0x10080, 0x0, 0x22}, 0x18)
clock_gettime$auto(0x5, &(0x7f0000000180)={0x10001, 0x1cc})
fallocate$auto(0x8000000000000003, 0x803, 0xffffffff, 0x2)
mlock$auto(0x81, 0xffff)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
io_uring_setup$auto(0x6, 0x0)
mmap$auto(0x0, 0x400008, 0x10df, 0x9b72, 0xffffffffffffffff, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
socket(0xa, 0x2, 0x0)
r1 = socket(0xa, 0x3, 0xff)
connect$auto(r1, &(0x7f00000018c0)=@generic={0xa}, 0x55)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe)
openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000200), 0x400, 0x3f)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
mmap$auto(0x0, 0x400008, 0x200, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0x2000040080000004, 0xe)
r2 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x401, 0x0)
write$auto_proc_mem_operations_base(r2, &(0x7f0000000240)="168b00000000c2a73108f933ba5f44a4deef430fc01a3e7f42ca805cd11ea884301f38143be9b383a824c3d3ee6d8337ac716e9a97f0d869dfd306141e75bd1deaba318b7f93c0205bcb02cac0a6357eb1cf023503a9710b40ab1b885ea1d9dc15706ab2b660fd3d906e0e3f7417f002cab98090be9d19089c1cd3841298e66fd016d36bb20ffc2bb70dbc1707d5a48c09affa4a", 0x94)
mmap$auto(0x0, 0x6, 0x4001000000df, 0x35, 0x401, 0x1000000000000109)
syz_clone3(&(0x7f0000000080)={0x123060000, 0x0, 0x0, 0x0, {0x14}, 0x0, 0x0, 0x0, &(0x7f00000011c0)=[0x0], 0x1}, 0x58)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)

1.242228057s ago: executing program 1 (id=1223):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
bpf$auto(0x5, &(0x7f0000000000)=@bpf_attr_3={0x1c, 0xa8b, 0x18c, 0x6a, 0x0, 0x3405, 0x3, 0x9, 0xfffffff5, "63ace816ef77cf000000000000000018", 0x0, 0x549, 0x4, 0x7, 0x0, 0x1009, 0x4, 0xffffffffffffffff, 0xe, 0x2000005, @attach_btf_obj_fd=0x3, 0x166, 0x1, 0x4000000000006, 0x8, 0x48200003, 0xa7be}, 0x7)

876.858308ms ago: executing program 5 (id=1224):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/fs/orangefs/acache/hard_limit\x00', 0x142, 0x0)
r1 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/032/001\x00', 0x80202, 0x0)
ioctl$auto_USBDEVFS_ALLOW_SUSPEND(r1, 0x5522, 0x0)
ioctl$auto_USBDEVFS_CONTROL(r1, 0xc0185500, &(0x7f0000000040)={0x20, 0x3, 0x4, 0x0, 0x2, 0x8000004, &(0x7f00000000c0)})
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000140)=""/156, 0x9c)

783.508596ms ago: executing program 1 (id=1225):
mmap$auto(0x0, 0x88b, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
socket(0x2, 0x80002, 0x73)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
socket(0x28, 0x5, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket(0x2, 0x3, 0x100)
socket(0x1d, 0x2, 0x7)
socket(0x2, 0x1, 0x0)
socketpair$auto(0x3, 0x8, 0x7, 0x0)
write$auto(r0, &(0x7f00000001c0)=']\x00', 0x2)
ioctl$auto(0x1, 0x8983, 0x4)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000500)='/sys/devices/virtual/net/nr7/iflink\x00', 0x80300, 0x0)
read$auto(r1, 0x0, 0x20)
writev$auto(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x2}, 0x3)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), r2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000680), r3)
keyctl$auto(0x5, 0xffffffffffffffff, 0x0, 0x0, 0x3)
keyctl$auto(0x3, 0xffffffffffffffff, 0x2, 0x0, 0x9)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000006c0)={'batadv0\x00', <r5=>0x0})
sendmsg$auto_BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="110b27f27200fbdbdf250c00000008000300", @ANYRES32=r5], 0x24}, 0x1, 0x0, 0x0, 0x4001}, 0x9800)
sendmsg$auto_BATADV_CMD_GET_MCAST_FLAGS(r2, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, r4, 0x4, 0x70bd26, 0x25dfdbfc, {}, [@BATADV_ATTR_GW_MODE={0x5, 0x33, 0xe2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x10)
signalfd4$auto(0xffffffffffffffff, 0x0, 0x7, 0x0)
r6 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000000), 0x40540, 0x0)
ioctl$auto_USB_RAW_IOCTL_EP_ENABLE(r6, 0x40095505, &(0x7f0000000080)={0x8, 0x1, 0x0, 0x3, 0x2, 0xd, 0x4, 0x7})

606.647731ms ago: executing program 5 (id=1226):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x1ff, 0x7, 0x1f, 0x7181, 0x1ffdf, 0x7, 0x4, 0x9, 0x9, 0x3, 0x4, 0x1, 0xb4, 0x9, 0x8, 0x10003, 0x80, 0x4, 0x0, 0xa, 0x22000, 0x200, 0x0, 0x84}, 0x1fe, 0xd)
r0 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_PHY_GET(0xffffffffffffffff, &(0x7f0000003200)={0x0, 0x0, &(0x7f00000031c0)={&(0x7f0000000180)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010326bd7000ffdbdf252d"], 0x20}, 0x1, 0x0, 0x0, 0x2404c012}, 0x80)
r1 = openat$auto_udmabuf_fops_udmabuf(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0)
r2 = openat$auto_dma_buf_debug_fops_(0xffffffffffffff9c, &(0x7f0000000080), 0x440000, 0x0)
ioctl$auto_UDMABUF_CREATE(r1, 0x40187542, &(0x7f00000000c0)={r2, 0x9, 0x3, 0x8000000000000001})
openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x42201, 0x0)
openat$auto_userio_fops_userio(0xffffffffffffff9c, &(0x7f0000000140), 0xa4182, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/fib_triestat\x00', 0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8000, 0x0)
socket(0x2, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000040), 0x101000, 0x0)
ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r4)
ioctl$auto_KVM_CREATE_VM(r3, 0x4048aecb, 0x0)
r5 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
write$auto(0x1, 0x0, 0x80000000)
r6 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80502, 0x0)
ioctl$auto_SNDCTL_DSP_SPEED(r6, 0xc0045002, 0x0)

289.646895ms ago: executing program 1 (id=1227):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = socket(0x1d, 0x2, 0x6)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000380)='/sys/devices/system/cpu/cpu1/hotplug/target\x00', 0x800, 0x0)
read$auto(r1, 0x0, 0x6)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3)
r3 = socket(0x2b, 0x1, 0x1)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
syz_genetlink_get_family_id$auto_nl802154(0x0, r0)
sendmsg$auto_NL802154_CMD_GET_SEC_KEY(r3, 0x0, 0x4040000)
getsockopt$auto(r3, 0x6, 0x12, 0xfffffffffffffffc, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
unshare$auto(0x40000080)

219.188461ms ago: executing program 4 (id=1228):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = socket(0x1d, 0x2, 0x6)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000380)='/sys/devices/system/cpu/cpu1/hotplug/target\x00', 0x800, 0x0)
read$auto(r1, 0x0, 0x6)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3)
r3 = socket(0x2b, 0x1, 0x1)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
syz_genetlink_get_family_id$auto_nl802154(0x0, r0)
sendmsg$auto_NL802154_CMD_GET_SEC_KEY(r3, 0x0, 0x4040000)
getsockopt$auto(r3, 0x6, 0x12, 0xfffffffffffffffc, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
unshare$auto(0x40000080)

0s ago: executing program 3 (id=1229):
r0 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x180b01, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0x1e, 0x4, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff)
sendmsg$auto_NBD_CMD_CONNECT(r1, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f00000001c0)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100253d7000fddbdf2501000000180007800c00018008000180000000e508002300", @ANYRES32=0x0, @ANYBLOB="0c0002000600000000000000"], 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x8880)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/block/zram0/algorithm_params\x00', 0xa001, 0x0)
write$auto(r3, &(0x7f0000000040)='\"\x81=\"\xad\b\x00\xf9;\x18\xa4\xb0\xb4\xd9\x82=\xe1P~\x17\xfb&L\xeb-j\a\xf1y\xb3\"\xaf~4:\x7f\x98\xcaeP\xe9N\x9f\xe1[YM\xf2\x1b\x975\xc5Q1\r\xd1\xa2\x88&T\xf0\xd4L\xcfO[\x89n\xady\xael\xc8\xa1\xc8\xa4<G\xa6\xbbY\x1bk\xeb\x9bQ\x8c', 0x81)
read$auto_proc_single_file_operations_base(0xffffffffffffffff, &(0x7f00000000c0)=""/41, 0x11)
bind$auto(0xffffffffffffffff, &(0x7f0000000100)=@nl=@unspec, 0x0)
mbind$auto(0x0, 0x2091d1, 0x4, 0x0, 0x6, 0x2)
write$auto(r0, 0x0, 0xfffffdee)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socket(0xa, 0x3, 0xff)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "00800000ffefffffff0200000001"}, 0x55)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
stat$auto(0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'batadv_slave_1\x00'})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r4)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000001c0)={'wlan0\x00', <r6=>0x0})
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r5, @ANYBLOB="2f212cbd7000fcdbdf252100000008000300", @ANYRES32=r6, @ANYBLOB='\x00\x00\x00\x00'], 0x20}}, 0x4000000)
r7 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r9=>0x0})
sendmsg$auto_NL80211_CMD_SET_WIPHY(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="01002dbd7000fddbdf250800030008000300", @ANYRES32=r9, @ANYRESOCT], 0x24}, 0x1, 0x0, 0x0, 0x5c5fd097f751b33e}, 0x80)
mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000)

kernel console output (not intermixed with test programs):

ollect_data cause=failed comm="syz.1.247" name="members" dev="configfs" ino=11147 res=0 errno=0
[  144.768921][ T6752] FAULT_INJECTION: forcing a failure.
[  144.768921][ T6752] name failslab, interval 1, probability 0, space 0, times 0
[  144.834371][ T6752] CPU: 0 UID: 0 PID: 6752 Comm: syz.3.249 Not tainted 6.15.0-rc2-syzkaller-00042-g1a1d569a75f3 #0 PREEMPT(full) 
[  144.834411][ T6752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  144.834427][ T6752] Call Trace:
[  144.834436][ T6752]  <TASK>
[  144.834446][ T6752]  dump_stack_lvl+0x16c/0x1f0
[  144.834491][ T6752]  should_fail_ex+0x512/0x640
[  144.834523][ T6752]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  144.834574][ T6752]  should_failslab+0xc2/0x120
[  144.834600][ T6752]  __kmalloc_cache_noprof+0x6a/0x3e0
[  144.834658][ T6752]  ? afs_init_fs_context+0x49/0x480
[  144.834696][ T6752]  afs_init_fs_context+0x49/0x480
[  144.834727][ T6752]  ? __pfx_afs_init_fs_context+0x10/0x10
[  144.834761][ T6752]  alloc_fs_context+0x54a/0x9c0
[  144.834819][ T6752]  path_mount+0xb06/0x1f30
[  144.834851][ T6752]  ? kmem_cache_free+0x2d4/0x4d0
[  144.834897][ T6752]  ? __pfx_path_mount+0x10/0x10
[  144.834932][ T6752]  ? putname+0x154/0x1a0
[  144.834968][ T6752]  __x64_sys_mount+0x28d/0x310
[  144.834999][ T6752]  ? __pfx___x64_sys_mount+0x10/0x10
[  144.835028][ T6752]  ? rcu_is_watching+0x12/0xc0
[  144.835079][ T6752]  do_syscall_64+0xcd/0x260
[  144.835127][ T6752]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  144.835158][ T6752] RIP: 0033:0x7fb27af8e169
[  144.835182][ T6752] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  144.835211][ T6752] RSP: 002b:00007fb27beb0038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  144.835240][ T6752] RAX: ffffffffffffffda RBX: 00007fb27b1b5fa0 RCX: 00007fb27af8e169
[  144.835260][ T6752] RDX: 00002000000001c0 RSI: 0000200000000180 RDI: 0000000000000000
[  144.835278][ T6752] RBP: 00007fb27beb0090 R08: 0000000000000000 R09: 0000000000000000
[  144.835296][ T6752] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000002
[  144.835312][ T6752] R13: 0000000000000000 R14: 00007fb27b1b5fa0 R15: 00007ffdc62047d8
[  144.835351][ T6752]  </TASK>
[  145.475924][ T6763] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[  145.597455][ T6767] netlink: 342 bytes leftover after parsing attributes in process `syz.3.256'.
[  146.140970][ T6784] mkiss: ax0: crc mode is auto.
[  146.301232][   T30] audit: type=1800 audit(4294967330.480:21): pid=6784 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.263" name="members" dev="configfs" ino=11679 res=0 errno=0
[  146.475966][ T6789] kAFS: No cell specified
[  146.572473][ T6791] kAFS: No cell specified
[  146.595604][ T6791] FAULT_INJECTION: forcing a failure.
[  146.595604][ T6791] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  146.616397][ T6791] CPU: 1 UID: 0 PID: 6791 Comm: syz.1.265 Not tainted 6.15.0-rc2-syzkaller-00042-g1a1d569a75f3 #0 PREEMPT(full) 
[  146.616439][ T6791] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  146.616457][ T6791] Call Trace:
[  146.616467][ T6791]  <TASK>
[  146.616478][ T6791]  dump_stack_lvl+0x16c/0x1f0
[  146.616530][ T6791]  should_fail_ex+0x512/0x640
[  146.616573][ T6791]  _copy_to_user+0x32/0xd0
[  146.616616][ T6791]  simple_read_from_buffer+0xcb/0x170
[  146.616663][ T6791]  proc_fail_nth_read+0x197/0x270
[  146.616708][ T6791]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  146.616755][ T6791]  ? rw_verify_area+0xcf/0x680
[  146.616792][ T6791]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  146.616837][ T6791]  vfs_read+0x1de/0xc70
[  146.616893][ T6791]  ? __pfx_vfs_read+0x10/0x10
[  146.616934][ T6791]  ? irqentry_exit+0x3b/0x90
[  146.616978][ T6791]  ? lockdep_hardirqs_on+0x7c/0x110
[  146.617046][ T6791]  ksys_read+0x12a/0x240
[  146.617089][ T6791]  ? __pfx_ksys_read+0x10/0x10
[  146.617129][ T6791]  ? rcu_is_watching+0x12/0xc0
[  146.617178][ T6791]  do_syscall_64+0xcd/0x260
[  146.617229][ T6791]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.617260][ T6791] RIP: 0033:0x7fba96b8cb7c
[  146.617285][ T6791] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  146.617330][ T6791] RSP: 002b:00007fba97a0b030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  146.617359][ T6791] RAX: ffffffffffffffda RBX: 00007fba96db5fa0 RCX: 00007fba96b8cb7c
[  146.617378][ T6791] RDX: 000000000000000f RSI: 00007fba97a0b0a0 RDI: 0000000000000004
[  146.617396][ T6791] RBP: 00007fba97a0b090 R08: 0000000000000000 R09: 0000000000000000
[  146.617415][ T6791] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000002
[  146.617433][ T6791] R13: 0000000000000000 R14: 00007fba96db5fa0 R15: 00007ffe6f3dc308
[  146.617474][ T6791]  </TASK>
[  147.392153][ T6809] mkiss: ax0: crc mode is auto.
[  147.527260][   T30] audit: type=1800 audit(4294967331.710:22): pid=6809 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.273" name="members" dev="configfs" ino=11255 res=0 errno=0
[  147.964365][ T6827] kAFS: No cell specified
[  148.171767][ T6832] kAFS: No cell specified
[  148.388649][ T6838] mkiss: ax0: crc mode is auto.
[  148.506891][   T30] audit: type=1800 audit(4294967332.690:23): pid=6838 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.283" name="members" dev="configfs" ino=12345 res=0 errno=0
[  149.086467][ T6858] kAFS: No cell specified
[  149.281081][ T6863] mkiss: ax0: crc mode is auto.
[  149.444533][   T30] audit: type=1800 audit(4294967333.620:24): pid=6863 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.293" name="members" dev="configfs" ino=11834 res=0 errno=0
[  149.557264][ T6872] syz.0.294 uses obsolete (PF_INET,SOCK_PACKET)
[  149.568453][ T6864] program syz.1.292 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  149.626751][ T6872] netlink: 20 bytes leftover after parsing attributes in process `syz.0.294'.
[  150.086940][ T6877] FAULT_INJECTION: forcing a failure.
[  150.086940][ T6877] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  150.148666][ T6877] CPU: 0 UID: 0 PID: 6877 Comm: syz.3.297 Not tainted 6.15.0-rc2-syzkaller-00042-g1a1d569a75f3 #0 PREEMPT(full) 
[  150.148709][ T6877] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  150.148726][ T6877] Call Trace:
[  150.148755][ T6877]  <TASK>
[  150.148767][ T6877]  dump_stack_lvl+0x16c/0x1f0
[  150.148815][ T6877]  should_fail_ex+0x512/0x640
[  150.148854][ T6877]  _copy_to_user+0x32/0xd0
[  150.148895][ T6877]  simple_read_from_buffer+0xcb/0x170
[  150.148938][ T6877]  proc_fail_nth_read+0x197/0x270
[  150.148981][ T6877]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  150.149024][ T6877]  ? rw_verify_area+0xcf/0x680
[  150.149058][ T6877]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  150.149099][ T6877]  vfs_read+0x1de/0xc70
[  150.149144][ T6877]  ? __pfx___mutex_lock+0x10/0x10
[  150.149191][ T6877]  ? __pfx_vfs_read+0x10/0x10
[  150.149249][ T6877]  ? __fget_files+0x20e/0x3c0
[  150.149299][ T6877]  ksys_read+0x12a/0x240
[  150.149339][ T6877]  ? __pfx_ksys_read+0x10/0x10
[  150.149375][ T6877]  ? rcu_is_watching+0x12/0xc0
[  150.149431][ T6877]  do_syscall_64+0xcd/0x260
[  150.149493][ T6877]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.149524][ T6877] RIP: 0033:0x7fb27af8cb7c
[  150.149547][ T6877] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  150.149574][ T6877] RSP: 002b:00007fb27beb0030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  150.149600][ T6877] RAX: ffffffffffffffda RBX: 00007fb27b1b5fa0 RCX: 00007fb27af8cb7c
[  150.149619][ T6877] RDX: 000000000000000f RSI: 00007fb27beb00a0 RDI: 0000000000000006
[  150.149636][ T6877] RBP: 00007fb27beb0090 R08: 0000000000000000 R09: 0000000000000000
[  150.149653][ T6877] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  150.149671][ T6877] R13: 0000000000000000 R14: 00007fb27b1b5fa0 R15: 00007ffdc62047d8
[  150.149709][ T6877]  </TASK>
[  150.813081][ T5847] Bluetooth: hci0: unexpected subevent 0x03 length: 253 > 9
[  150.966734][ T6892] mkiss: ax0: crc mode is auto.
[  151.099444][   T30] audit: type=1800 audit(4294967335.280:25): pid=6892 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.303" name="members" dev="configfs" ino=12450 res=0 errno=0
[  151.481710][ T6906] netlink: 342 bytes leftover after parsing attributes in process `syz.3.306'.
[  152.382156][ T6930] mkiss: ax0: crc mode is auto.
[  152.540446][   T30] audit: type=1800 audit(4294967336.720:26): pid=6937 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.313" name="members" dev="configfs" ino=11972 res=0 errno=0
[  152.637550][ T6936] netlink: 'syz.1.314': attribute type 3 has an invalid length.
[  153.170756][ T6941] netlink: 342 bytes leftover after parsing attributes in process `syz.1.315'.
[  153.601028][ T6951] random: crng reseeded on system resumption
[  154.627886][ T6972] mkiss: ax0: crc mode is auto.
[  154.710867][ T6977] netlink: 342 bytes leftover after parsing attributes in process `syz.1.326'.
[  154.746532][   T30] audit: type=1800 audit(4294967343.929:27): pid=6973 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.324" name="members" dev="configfs" ino=12566 res=0 errno=0
[  154.877522][ T6987] kAFS: No cell specified
[  155.000095][ T6990] netlink: 28 bytes leftover after parsing attributes in process `syz.1.329'.
[  155.246750][ T6999] kAFS: No cell specified
[  155.345378][   T30] audit: type=1800 audit(4294967344.529:28): pid=7001 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.334" name="features" dev="configfs" ino=12084 res=0 errno=0
[  156.007291][   T30] audit: type=1800 audit(4294967345.189:29): pid=7025 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.341" name="members" dev="configfs" ino=12121 res=0 errno=0
[  156.125516][ T7029] kAFS: No cell specified
[  157.554205][   T30] audit: type=1800 audit(4294967346.739:30): pid=7070 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.354" name="members" dev="configfs" ino=12216 res=0 errno=0
[  157.838448][ T7078] kAFS: No cell specified
[  157.976887][ T7075] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[  159.043261][   T30] audit: type=1800 audit(4294967348.219:31): pid=7107 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.368" name="members" dev="configfs" ino=12935 res=0 errno=0
[  159.229562][ T7115] kAFS: No cell specified
[  159.761688][ T7129] kAFS: No cell specified
[  160.988243][   T30] audit: type=1800 audit(4294967350.169:32): pid=7154 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.381" name="members" dev="configfs" ino=13382 res=0 errno=0
[  161.181611][ T7160] kAFS: No cell specified
[  161.880985][   T30] audit: type=1800 audit(4294967351.069:33): pid=7192 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.394" name="members" dev="configfs" ino=13084 res=0 errno=0
[  162.156997][ T7201] kAFS: No cell specified
[  163.969388][   T30] audit: type=1800 audit(4294967353.139:34): pid=7244 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.407" name="members" dev="configfs" ino=13506 res=0 errno=0
[  164.165775][ T7247] kAFS: No cell specified
[  165.163682][ T7275] kAFS: No cell specified
[  165.356585][ T7279] netlink: 4 bytes leftover after parsing attributes in process `syz.3.416'.
[  165.623242][ T7290] kAFS: No cell specified
[  165.672143][   T30] audit: type=1800 audit(4294967350.861:35): pid=7291 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.418" name="members" dev="configfs" ino=13296 res=0 errno=0
[  166.641821][ T7322] netlink: 4 bytes leftover after parsing attributes in process `syz.0.431'.
[  166.655280][   T30] audit: type=1800 audit(4294967351.841:36): pid=7322 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.431" name="members" dev="configfs" ino=14365 res=0 errno=0
[  166.960895][ T7329] kAFS: No cell specified
[  166.999981][ T7332] netlink: 'syz.0.435': attribute type 2 has an invalid length.
[  167.280293][ T7343] netlink: 16 bytes leftover after parsing attributes in process `syz.0.438'.
[  167.321823][ T7345] netlink: 4 bytes leftover after parsing attributes in process `syz.3.436'.
[  167.335830][ T7346] kAFS: No cell specified
[  167.583677][ T7353] netlink: 4 bytes leftover after parsing attributes in process `syz.1.441'.
[  167.624774][   T30] audit: type=1800 audit(4294967352.811:37): pid=7353 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.441" name="members" dev="configfs" ino=14412 res=0 errno=0
[  169.021214][   T30] audit: type=1800 audit(4294967354.211:38): pid=7385 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.451" name="members" dev="configfs" ino=13891 res=0 errno=0
[  169.228658][ T7406] kAFS: No cell specified
[  169.498656][ T5847] Bluetooth: hci1: Malformed LE Event: 0x1d
[  170.467626][ T7441] kAFS: No cell specified
[  170.881775][   T30] audit: type=1800 audit(4294967356.071:39): pid=7452 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.470" name="members" dev="configfs" ino=14588 res=0 errno=0
[  172.406578][ T7494] kAFS: No cell specified
[  173.315601][ T7511] FAULT_INJECTION: forcing a failure.
[  173.315601][ T7511] name failslab, interval 1, probability 0, space 0, times 0
[  173.361439][ T7511] CPU: 1 UID: 0 PID: 7511 Comm: syz.3.484 Not tainted 6.15.0-rc2-syzkaller-00042-g1a1d569a75f3 #0 PREEMPT(full) 
[  173.361483][ T7511] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  173.361502][ T7511] Call Trace:
[  173.361512][ T7511]  <TASK>
[  173.361523][ T7511]  dump_stack_lvl+0x16c/0x1f0
[  173.361577][ T7511]  should_fail_ex+0x512/0x640
[  173.361613][ T7511]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  173.361669][ T7511]  should_failslab+0xc2/0x120
[  173.361699][ T7511]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  173.361749][ T7511]  ? alloc_inode+0xc3/0x240
[  173.361789][ T7511]  alloc_inode+0xc3/0x240
[  173.361825][ T7511]  iget_locked+0x2e4/0x830
[  173.361865][ T7511]  ? __pfx_iget_locked+0x10/0x10
[  173.361904][ T7511]  ? find_held_lock+0x2b/0x80
[  173.361945][ T7511]  ? kernfs_root+0xee/0x2a0
[  173.362002][ T7511]  kernfs_get_inode+0x48/0x460
[  173.362051][ T7511]  kernfs_iop_lookup+0x1a7/0x2d0
[  173.362083][ T7511]  ? __pfx_kernfs_iop_lookup+0x10/0x10
[  173.362112][ T7511]  lookup_open.isra.0+0x4d7/0x1580
[  173.362170][ T7511]  ? __pfx_lookup_open.isra.0+0x10/0x10
[  173.362235][ T7511]  ? mnt_get_write_access+0x20c/0x300
[  173.362278][ T7511]  path_openat+0x905/0x2d40
[  173.362339][ T7511]  ? __pfx_path_openat+0x10/0x10
[  173.362403][ T7511]  do_filp_open+0x20b/0x470
[  173.362451][ T7511]  ? __pfx_do_filp_open+0x10/0x10
[  173.362528][ T7511]  ? alloc_fd+0x471/0x7d0
[  173.362585][ T7511]  do_sys_openat2+0x11b/0x1d0
[  173.362618][ T7511]  ? __pfx_do_sys_openat2+0x10/0x10
[  173.362668][ T7511]  __x64_sys_openat+0x174/0x210
[  173.362703][ T7511]  ? __pfx___x64_sys_openat+0x10/0x10
[  173.362755][ T7511]  do_syscall_64+0xcd/0x260
[  173.362806][ T7511]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  173.362838][ T7511] RIP: 0033:0x7fb27af8e169
[  173.362863][ T7511] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  173.362911][ T7511] RSP: 002b:00007fb27be8f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  173.362959][ T7511] RAX: ffffffffffffffda RBX: 00007fb27b1b6080 RCX: 00007fb27af8e169
[  173.362981][ T7511] RDX: 0000000000124001 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  173.363001][ T7511] RBP: 00007fb27b010a68 R08: 0000000000000000 R09: 0000000000000000
[  173.363020][ T7511] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  173.363039][ T7511] R13: 0000000000000000 R14: 00007fb27b1b6080 R15: 00007ffdc62047d8
[  173.363080][ T7511]  </TASK>
[  173.425362][   T30] audit: type=1800 audit(4294967358.561:40): pid=7504 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.482" name="members" dev="configfs" ino=14806 res=0 errno=0
[  173.889863][ T7511] Console: switching to colour VGA+ 80x25
[  173.911232][ T7511] FAULT_INJECTION: forcing a failure.
[  173.911232][ T7511] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  173.946692][ T7511] CPU: 1 UID: 0 PID: 7511 Comm: syz.3.484 Not tainted 6.15.0-rc2-syzkaller-00042-g1a1d569a75f3 #0 PREEMPT(full) 
[  173.946737][ T7511] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  173.946756][ T7511] Call Trace:
[  173.946766][ T7511]  <TASK>
[  173.946777][ T7511]  dump_stack_lvl+0x16c/0x1f0
[  173.946830][ T7511]  should_fail_ex+0x512/0x640
[  173.946873][ T7511]  should_fail_alloc_page+0xe7/0x130
[  173.946906][ T7511]  prepare_alloc_pages+0x3c2/0x610
[  173.946945][ T7511]  ? rcu_is_watching+0x12/0xc0
[  173.946989][ T7511]  __alloc_frozen_pages_noprof+0x18f/0x23a0
[  173.947049][ T7511]  ? __lock_acquire+0x5ca/0x1ba0
[  173.947103][ T7511]  ? xas_create+0x1d7/0x1460
[  173.947133][ T7511]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  173.947216][ T7511]  ? __lock_acquire+0x5ca/0x1ba0
[  173.947267][ T7511]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  173.947303][ T7511]  ? policy_nodemask+0xea/0x4e0
[  173.947356][ T7511]  alloc_pages_mpol+0x1fb/0x550
[  173.947386][ T7511]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  173.947417][ T7511]  ? filemap_get_entry+0x1a7/0x3b0
[  173.947456][ T7511]  folio_alloc_noprof+0x20/0x2d0
[  173.947492][ T7511]  filemap_alloc_folio_noprof+0x3a1/0x470
[  173.947540][ T7511]  ? __pfx_filemap_alloc_folio_noprof+0x10/0x10
[  173.947587][ T7511]  ? rcu_is_watching+0x12/0xc0
[  173.947633][ T7511]  __filemap_get_folio+0x5e9/0xc10
[  173.947678][ T7511]  ioctx_alloc+0x761/0x2060
[  173.947739][ T7511]  ? __pfx_ioctx_alloc+0x10/0x10
[  173.947779][ T7511]  ? __might_fault+0x13b/0x190
[  173.947835][ T7511]  __x64_sys_io_setup+0xc9/0x210
[  173.947875][ T7511]  do_syscall_64+0xcd/0x260
[  173.947916][ T7511]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  173.947941][ T7511] RIP: 0033:0x7fb27af8e169
[  173.947963][ T7511] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  173.947988][ T7511] RSP: 002b:00007fb27be8f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce
[  173.948012][ T7511] RAX: ffffffffffffffda RBX: 00007fb27b1b6080 RCX: 00007fb27af8e169
[  173.948029][ T7511] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 000000000000ffff
[  173.948044][ T7511] RBP: 00007fb27b010a68 R08: 0000000000000000 R09: 0000000000000000
[  173.948059][ T7511] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  173.948074][ T7511] R13: 0000000000000000 R14: 00007fb27b1b6080 R15: 00007ffdc62047d8
[  173.948106][ T7511]  </TASK>
[  174.323276][ T7509] Console: switching to colour frame buffer device 128x48
[  174.998328][ T7532] kAFS: No cell specified
[  175.683338][ T7549] sp0: Synchronizing with TNC
[  175.847853][   T30] audit: type=1800 audit(4294967361.031:41): pid=7559 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.494" name="members" dev="configfs" ino=14874 res=0 errno=0
[  176.449725][ T7575] kAFS: No cell specified
[  177.878947][ T7598] FAULT_INJECTION: forcing a failure.
[  177.878947][ T7598] name failslab, interval 1, probability 0, space 0, times 0
[  177.947718][ T7601] sp0: Synchronizing with TNC
[  177.964225][ T7598] CPU: 0 UID: 0 PID: 7598 Comm: syz.3.507 Not tainted 6.15.0-rc2-syzkaller-00042-g1a1d569a75f3 #0 PREEMPT(full) 
[  177.964270][ T7598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  177.964289][ T7598] Call Trace:
[  177.964300][ T7598]  <TASK>
[  177.964311][ T7598]  dump_stack_lvl+0x16c/0x1f0
[  177.964365][ T7598]  should_fail_ex+0x512/0x640
[  177.964401][ T7598]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  177.964454][ T7598]  should_failslab+0xc2/0x120
[  177.964483][ T7598]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  177.964530][ T7598]  ? __proc_create+0xc3/0x8c0
[  177.964573][ T7598]  ? __proc_create+0x2ce/0x8c0
[  177.964616][ T7598]  __proc_create+0x2ce/0x8c0
[  177.964669][ T7598]  ? __pfx___proc_create+0x10/0x10
[  177.964711][ T7598]  ? _raw_write_unlock+0x28/0x50
[  177.964754][ T7598]  ? proc_register+0x314/0x5f0
[  177.964795][ T7598]  proc_create_reg+0x7d/0x180
[  177.964835][ T7598]  proc_create_data+0x86/0x110
[  177.964871][ T7598]  ? __pfx_proc_create_data+0x10/0x10
[  177.964909][ T7598]  ? cache_register_net+0x137/0x5e0
[  177.964958][ T7598]  cache_register_net+0x25a/0x5e0
[  177.965004][ T7598]  gss_svc_init_net+0x151/0x660
[  177.965036][ T7598]  ? __pfx_canbcm_pernet_init+0x10/0x10
[  177.965084][ T7598]  ? __pfx_rpcsec_gss_init_net+0x10/0x10
[  177.965120][ T7598]  ops_init+0x1df/0x5f0
[  177.965171][ T7598]  setup_net+0x21e/0x850
[  177.965222][ T7598]  ? __pfx_setup_net+0x10/0x10
[  177.965266][ T7598]  ? lockdep_init_map_type+0x5c/0x280
[  177.965298][ T7598]  ? __pfx_down_read_killable+0x10/0x10
[  177.965335][ T7598]  ? debug_mutex_init+0x37/0x70
[  177.965381][ T7598]  copy_net_ns+0x2a6/0x5f0
[  177.965437][ T7598]  create_new_namespaces+0x3ea/0xad0
[  177.965494][ T7598]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  177.965545][ T7598]  ksys_unshare+0x45b/0xa40
[  177.965611][ T7598]  ? __pfx_ksys_unshare+0x10/0x10
[  177.965659][ T7598]  ? xfd_validate_state+0x5d/0x180
[  177.965698][ T7598]  ? rcu_is_watching+0x12/0xc0
[  177.965749][ T7598]  __x64_sys_unshare+0x31/0x40
[  177.965798][ T7598]  do_syscall_64+0xcd/0x260
[  177.965861][ T7598]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  177.965892][ T7598] RIP: 0033:0x7fb27af8e169
[  177.965917][ T7598] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  177.965946][ T7598] RSP: 002b:00007fb27beb0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  177.965975][ T7598] RAX: ffffffffffffffda RBX: 00007fb27b1b5fa0 RCX: 00007fb27af8e169
[  177.965995][ T7598] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  177.966014][ T7598] RBP: 00007fb27b010a68 R08: 0000000000000000 R09: 0000000000000000
[  177.966032][ T7598] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  177.966051][ T7598] R13: 0000000000000000 R14: 00007fb27b1b5fa0 R15: 00007ffdc62047d8
[  177.966108][ T7598]  </TASK>
[  178.246451][    C0] vkms_vblank_simulate: vblank timer overrun
[  178.387320][   T30] audit: type=1800 audit(4294967363.571:42): pid=7608 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.509" name="members" dev="configfs" ino=14306 res=0 errno=0
[  178.854596][ T7617] kAFS: No cell specified
[  179.266425][ T7627] netlink: 25 bytes leftover after parsing attributes in process `syz.1.516'.
[  179.344597][ T7628] ima: policy update failed
[  179.417044][   T30] audit: type=1802 audit(4294967364.541:43): pid=7628 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.516" res=0 errno=0
[  180.748495][ T7653] FAULT_INJECTION: forcing a failure.
[  180.748495][ T7653] name failslab, interval 1, probability 0, space 0, times 0
[  180.774151][ T7654] sp0: Synchronizing with TNC
[  180.809149][ T7653] CPU: 0 UID: 0 PID: 7653 Comm: syz.0.524 Not tainted 6.15.0-rc2-syzkaller-00042-g1a1d569a75f3 #0 PREEMPT(full) 
[  180.809190][ T7653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  180.809212][ T7653] Call Trace:
[  180.809222][ T7653]  <TASK>
[  180.809238][ T7653]  dump_stack_lvl+0x16c/0x1f0
[  180.809290][ T7653]  should_fail_ex+0x512/0x640
[  180.809325][ T7653]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[  180.809384][ T7653]  should_failslab+0xc2/0x120
[  180.809413][ T7653]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  180.809465][ T7653]  ? __pfx__proc_mkdir+0x10/0x10
[  180.809505][ T7653]  ? nf_lwtunnel_net_init+0x38/0xf0
[  180.809553][ T7653]  ? __pfx_nf_lwtunnel_net_init+0x10/0x10
[  180.809601][ T7653]  kmemdup_noprof+0x29/0x60
[  180.809630][ T7653]  nf_lwtunnel_net_init+0x38/0xf0
[  180.809674][ T7653]  ops_init+0x1df/0x5f0
[  180.809721][ T7653]  setup_net+0x21e/0x850
[  180.809769][ T7653]  ? __pfx_setup_net+0x10/0x10
[  180.809810][ T7653]  ? lockdep_init_map_type+0x5c/0x280
[  180.809840][ T7653]  ? __pfx_down_read_killable+0x10/0x10
[  180.809874][ T7653]  ? debug_mutex_init+0x37/0x70
[  180.809915][ T7653]  copy_net_ns+0x2a6/0x5f0
[  180.809964][ T7653]  create_new_namespaces+0x3ea/0xad0
[  180.810014][ T7653]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  180.810059][ T7653]  ksys_unshare+0x45b/0xa40
[  180.810117][ T7653]  ? __pfx_ksys_unshare+0x10/0x10
[  180.810158][ T7653]  ? xfd_validate_state+0x5d/0x180
[  180.810190][ T7653]  ? rcu_is_watching+0x12/0xc0
[  180.810233][ T7653]  __x64_sys_unshare+0x31/0x40
[  180.810275][ T7653]  do_syscall_64+0xcd/0x260
[  180.810318][ T7653]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  180.810346][ T7653] RIP: 0033:0x7f5ba2b8e169
[  180.810373][ T7653] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  180.810401][ T7653] RSP: 002b:00007f5ba3ad9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  180.810427][ T7653] RAX: ffffffffffffffda RBX: 00007f5ba2db5fa0 RCX: 00007f5ba2b8e169
[  180.810444][ T7653] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  180.810461][ T7653] RBP: 00007f5ba2c10a68 R08: 0000000000000000 R09: 0000000000000000
[  180.810483][ T7653] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  180.810497][ T7653] R13: 0000000000000000 R14: 00007f5ba2db5fa0 R15: 00007ffd02194c28
[  180.810528][ T7653]  </TASK>
[  181.167502][   T30] audit: type=1800 audit(4294967366.341:44): pid=7654 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.523" name="members" dev="configfs" ino=15062 res=0 errno=0
[  181.613341][ T7675] kAFS: No cell specified
[  182.674246][ T7699] mkiss: ax0: crc mode is auto.
[  182.766817][   T30] audit: type=1800 audit(4294967367.951:45): pid=7699 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.535" name="members" dev="configfs" ino=15149 res=0 errno=0
[  183.072702][ T7707] HSR: entered promiscuous mode
[  183.448154][ T7722] FAULT_INJECTION: forcing a failure.
[  183.448154][ T7722] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  183.479449][ T7722] CPU: 1 UID: 0 PID: 7722 Comm: syz.2.543 Not tainted 6.15.0-rc2-syzkaller-00042-g1a1d569a75f3 #0 PREEMPT(full) 
[  183.479491][ T7722] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  183.479508][ T7722] Call Trace:
[  183.479518][ T7722]  <TASK>
[  183.479529][ T7722]  dump_stack_lvl+0x16c/0x1f0
[  183.479579][ T7722]  should_fail_ex+0x512/0x640
[  183.479618][ T7722]  _copy_from_user+0x2e/0xd0
[  183.479659][ T7722]  core_sys_select+0x35a/0xbe0
[  183.479712][ T7722]  ? __pfx_core_sys_select+0x10/0x10
[  183.479793][ T7722]  ? proc_fail_nth_write+0x9f/0x250
[  183.479873][ T7722]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  183.479933][ T7722]  kern_select+0x15d/0x1e0
[  183.479977][ T7722]  ? __pfx_kern_select+0x10/0x10
[  183.480036][ T7722]  ? __pfx_ksys_write+0x10/0x10
[  183.480079][ T7722]  ? rcu_is_watching+0x12/0xc0
[  183.480127][ T7722]  __x64_sys_select+0xbd/0x160
[  183.480170][ T7722]  ? do_syscall_64+0x91/0x260
[  183.480216][ T7722]  ? lockdep_hardirqs_on+0x7c/0x110
[  183.480260][ T7722]  do_syscall_64+0xcd/0x260
[  183.480310][ T7722]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  183.480342][ T7722] RIP: 0033:0x7f19b1d8e169
[  183.480366][ T7722] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  183.480395][ T7722] RSP: 002b:00007f19b2c89038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017
[  183.480424][ T7722] RAX: ffffffffffffffda RBX: 00007f19b1fb5fa0 RCX: 00007f19b1d8e169
[  183.480444][ T7722] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000e
[  183.480461][ T7722] RBP: 00007f19b2c89090 R08: 0000000000000000 R09: 0000000000000000
[  183.480479][ T7722] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001
[  183.480496][ T7722] R13: 0000000000000000 R14: 00007f19b1fb5fa0 R15: 00007ffce97b9bc8
[  183.480535][ T7722]  </TASK>
[  183.924868][ T7728] mkiss: ax0: crc mode is auto.
[  184.979236][ T7754] mkiss: ax0: crc mode is auto.
[  185.747912][ T7780] FAULT_INJECTION: forcing a failure.
[  185.747912][ T7780] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  185.799307][ T7780] CPU: 1 UID: 0 PID: 7780 Comm: syz.2.558 Not tainted 6.15.0-rc2-syzkaller-00042-g1a1d569a75f3 #0 PREEMPT(full) 
[  185.799347][ T7780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  185.799363][ T7780] Call Trace:
[  185.799372][ T7780]  <TASK>
[  185.799383][ T7780]  dump_stack_lvl+0x16c/0x1f0
[  185.799430][ T7780]  should_fail_ex+0x512/0x640
[  185.799468][ T7780]  should_fail_alloc_page+0xe7/0x130
[  185.799515][ T7780]  prepare_alloc_pages+0x3c2/0x610
[  185.799559][ T7780]  __alloc_frozen_pages_noprof+0x18f/0x23a0
[  185.799609][ T7780]  ? is_bpf_text_address+0x94/0x1a0
[  185.799649][ T7780]  ? kernel_text_address+0x8d/0x100
[  185.799683][ T7780]  ? __kernel_text_address+0xd/0x40
[  185.799716][ T7780]  ? unwind_get_return_address+0x59/0xa0
[  185.799754][ T7780]  ? arch_stack_walk+0xa6/0x100
[  185.799798][ T7780]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  185.799840][ T7780]  ? look_up_lock_class+0x59/0x150
[  185.799885][ T7780]  ? register_lock_class+0x41/0x4c0
[  185.799911][ T7780]  ? register_lock_class+0x41/0x4c0
[  185.799936][ T7780]  ? look_up_lock_class+0x59/0x150
[  185.799982][ T7780]  ? __lock_acquire+0xaa4/0x1ba0
[  185.800030][ T7780]  ? __lock_acquire+0xaa4/0x1ba0
[  185.800075][ T7780]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  185.800115][ T7780]  ? policy_nodemask+0xea/0x4e0
[  185.800164][ T7780]  alloc_pages_mpol+0x1fb/0x550
[  185.800193][ T7780]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  185.800220][ T7780]  ? find_held_lock+0x2b/0x80
[  185.800261][ T7780]  ? __pfx___pollwait+0x10/0x10
[  185.800298][ T7780]  alloc_pages_noprof+0x131/0x390
[  185.800325][ T7780]  get_free_pages_noprof+0xc/0x40
[  185.800354][ T7780]  __pollwait+0x295/0x490
[  185.800415][ T7780]  ? __pfx___pollwait+0x10/0x10
[  185.800453][ T7780]  tipc_poll+0x7d/0x690
[  185.800486][ T7780]  ? __pfx_tipc_poll+0x10/0x10
[  185.800514][ T7780]  sock_poll+0x15d/0x510
[  185.800566][ T7780]  ? __pfx_sock_poll+0x10/0x10
[  185.800612][ T7780]  do_select+0xd67/0x17d0
[  185.800683][ T7780]  ? __pfx_do_select+0x10/0x10
[  185.800728][ T7780]  ? __pfx___pollwait+0x10/0x10
[  185.800773][ T7780]  ? __pfx_pollwake+0x10/0x10
[  185.800817][ T7780]  ? __pfx_pollwake+0x10/0x10
[  185.800861][ T7780]  ? __pfx_pollwake+0x10/0x10
[  185.800905][ T7780]  ? __pfx_pollwake+0x10/0x10
[  185.800948][ T7780]  ? __pfx_pollwake+0x10/0x10
[  185.800992][ T7780]  ? __pfx_pollwake+0x10/0x10
[  185.801036][ T7780]  ? __pfx_pollwake+0x10/0x10
[  185.801079][ T7780]  ? __pfx_pollwake+0x10/0x10
[  185.801133][ T7780]  ? __pfx_pollwake+0x10/0x10
[  185.801177][ T7780]  ? find_held_lock+0x2b/0x80
[  185.801213][ T7780]  ? __might_fault+0xe3/0x190
[  185.801258][ T7780]  ? __might_fault+0xe3/0x190
[  185.801303][ T7780]  ? __might_fault+0x13b/0x190
[  185.801362][ T7780]  ? core_sys_select+0x440/0xbe0
[  185.801404][ T7780]  core_sys_select+0x440/0xbe0
[  185.801455][ T7780]  ? __pfx_core_sys_select+0x10/0x10
[  185.801507][ T7780]  ? proc_fail_nth_write+0x9f/0x250
[  185.801582][ T7780]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  185.801640][ T7780]  kern_select+0x15d/0x1e0
[  185.801683][ T7780]  ? __pfx_kern_select+0x10/0x10
[  185.801732][ T7780]  ? __pfx_ksys_write+0x10/0x10
[  185.801792][ T7780]  ? rcu_is_watching+0x12/0xc0
[  185.801854][ T7780]  __x64_sys_select+0xbd/0x160
[  185.801898][ T7780]  ? do_syscall_64+0x91/0x260
[  185.801944][ T7780]  ? lockdep_hardirqs_on+0x7c/0x110
[  185.801989][ T7780]  do_syscall_64+0xcd/0x260
[  185.802038][ T7780]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  185.802070][ T7780] RIP: 0033:0x7f19b1d8e169
[  185.802100][ T7780] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  185.802130][ T7780] RSP: 002b:00007f19b2c89038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017
[  185.802159][ T7780] RAX: ffffffffffffffda RBX: 00007f19b1fb5fa0 RCX: 00007f19b1d8e169
[  185.802179][ T7780] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000e
[  185.802196][ T7780] RBP: 00007f19b2c89090 R08: 0000000000000000 R09: 0000000000000000
[  185.802214][ T7780] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001
[  185.802232][ T7780] R13: 0000000000000000 R14: 00007f19b1fb5fa0 R15: 00007ffce97b9bc8
[  185.802270][ T7780]  </TASK>
[  187.099474][   T30] audit: type=1800 audit(4294967372.281:46): pid=7809 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.564" name="members" dev="configfs" ino=15824 res=0 errno=0
[  188.868173][ T7826] FAULT_INJECTION: forcing a failure.
[  188.868173][ T7826] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  188.924186][ T7826] CPU: 0 UID: 0 PID: 7826 Comm: syz.1.571 Not tainted 6.15.0-rc2-syzkaller-00042-g1a1d569a75f3 #0 PREEMPT(full) 
[  188.924227][ T7826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  188.924244][ T7826] Call Trace:
[  188.924253][ T7826]  <TASK>
[  188.924264][ T7826]  dump_stack_lvl+0x16c/0x1f0
[  188.924314][ T7826]  should_fail_ex+0x512/0x640
[  188.924355][ T7826]  core_sys_select+0x4b2/0xbe0
[  188.924407][ T7826]  ? __pfx_core_sys_select+0x10/0x10
[  188.924459][ T7826]  ? proc_fail_nth_write+0x9f/0x250
[  188.924541][ T7826]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  188.924599][ T7826]  kern_select+0x15d/0x1e0
[  188.924646][ T7826]  ? __pfx_kern_select+0x10/0x10
[  188.924715][ T7826]  ? __pfx_ksys_write+0x10/0x10
[  188.924757][ T7826]  ? rcu_is_watching+0x12/0xc0
[  188.924802][ T7826]  __x64_sys_select+0xbd/0x160
[  188.924846][ T7826]  ? do_syscall_64+0x91/0x260
[  188.924892][ T7826]  ? lockdep_hardirqs_on+0x7c/0x110
[  188.924940][ T7826]  do_syscall_64+0xcd/0x260
[  188.924990][ T7826]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  188.925021][ T7826] RIP: 0033:0x7fba96b8e169
[  188.925045][ T7826] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  188.925074][ T7826] RSP: 002b:00007fba97a0b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017
[  188.925102][ T7826] RAX: ffffffffffffffda RBX: 00007fba96db5fa0 RCX: 00007fba96b8e169
[  188.925122][ T7826] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000e
[  188.925139][ T7826] RBP: 00007fba97a0b090 R08: 0000000000000000 R09: 0000000000000000
[  188.925157][ T7826] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001
[  188.925174][ T7826] R13: 0000000000000000 R14: 00007fba96db5fa0 R15: 00007ffe6f3dc308
[  188.925213][ T7826]  </TASK>
[  188.961768][ T7838] Invalid ELF header magic: != ELF
[  189.553115][   T30] audit: type=1800 audit(4294967374.741:47): pid=7843 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.576" name="members" dev="configfs" ino=15883 res=0 errno=0
[  190.667056][ T7864] netlink: 21 bytes leftover after parsing attributes in process `syz.3.582'.
[  190.945058][ T7872] netlink: 330 bytes leftover after parsing attributes in process `syz.1.585'.
[  191.188856][ T7876] netlink: 4 bytes leftover after parsing attributes in process `syz.0.586'.
[  191.368059][   T30] audit: type=1800 audit(4294967376.551:48): pid=7892 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.588" name="members" dev="configfs" ino=15949 res=0 errno=0
[  191.714112][ T7895] mkiss: ax0: crc mode is auto.
[  191.921669][   T30] audit: type=1800 audit(4294967377.081:49): pid=7903 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.599" name="members" dev="configfs" ino=16036 res=0 errno=0
[  194.113126][ T7931] usb usb36: usbfs: process 7931 (syz.3.598) did not claim interface 0 before use
[  194.811788][ T7954] mkiss: ax0: crc mode is auto.
[  195.019637][   T30] audit: type=1800 audit(4294967380.201:50): pid=7958 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.606" name="members" dev="configfs" ino=16725 res=0 errno=0
[  195.236221][ T7961] netlink: 'syz.1.607': attribute type 11 has an invalid length.
[  197.166356][ T7988] netlink: 'syz.0.615': attribute type 4 has an invalid length.
[  197.573763][ T7999] mkiss: ax0: crc mode is auto.
[  197.734392][   T30] audit: type=1800 audit(4294967382.921:51): pid=7999 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.617" name="members" dev="configfs" ino=16781 res=0 errno=0
[  197.771994][ T7995] process 'syz.1.616' launched './file0' with NULL argv: empty string added
[  199.446109][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  199.453770][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  199.738673][ T8041] Invalid ELF header magic: != ELF
[  199.950652][ T8045] openvswitch: netlink: Message has 4 unknown bytes.
[  200.758032][ T8048] mkiss: ax0: crc mode is auto.
[  201.034316][   T30] audit: type=1800 audit(4294967386.221:52): pid=8048 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.630" name="members" dev="configfs" ino=16351 res=0 errno=0
[  201.246360][ T8057] program syz.1.632 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  203.485024][ T8077] netlink: 342 bytes leftover after parsing attributes in process `syz.3.638'.
[  203.722166][ T8081] Unable to find swap-space signature
[  204.439089][ T8090] mkiss: ax0: crc mode is auto.
[  204.839206][   T30] audit: type=1800 audit(4294967390.021:53): pid=8090 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.641" name="members" dev="configfs" ino=16945 res=0 errno=0
[  205.989912][ T8112] netlink: 8 bytes leftover after parsing attributes in process `syz.0.643'.
[  206.014552][ T8114] mkiss: ax0: crc mode is auto.
[  206.494260][ T8120] netlink: 342 bytes leftover after parsing attributes in process `syz.3.648'.
[  207.186927][ T8139] netlink: 8 bytes leftover after parsing attributes in process `syz.1.653'.
[  207.276250][ T8142] mkiss: ax0: crc mode is auto.
[  207.448349][   T30] audit: type=1800 audit(4294967392.631:54): pid=8142 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.654" name="members" dev="configfs" ino=17119 res=0 errno=0
[  207.777150][ T8156] netlink: 342 bytes leftover after parsing attributes in process `syz.1.659'.
[  208.624359][ T8184] netlink: 'syz.3.667': attribute type 1 has an invalid length.
[  208.904405][ T8189] Invalid ELF header magic: != ELF
[  209.213729][   T30] audit: type=1800 audit(4294967394.391:55): pid=8187 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.666" name="members" dev="configfs" ino=17734 res=0 errno=0
[  209.448952][ T8202] netlink: 342 bytes leftover after parsing attributes in process `syz.2.670'.
[  211.065608][ T8223] Invalid ELF header magic: != ELF
[  211.359779][ T8243] netlink: 342 bytes leftover after parsing attributes in process `syz.3.679'.
[  211.865821][   T30] audit: type=1800 audit(4294967397.051:56): pid=8250 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.680" name="members" dev="configfs" ino=17802 res=0 errno=0
[  213.625005][ T8274] netlink: 342 bytes leftover after parsing attributes in process `syz.2.688'.
[  213.940889][ T5847] Bluetooth: hci2: Unable to find connection for big 0xd2
[  214.284466][   T30] audit: type=1800 audit(4294967399.471:57): pid=8298 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.691" name="members" dev="configfs" ino=18565 res=0 errno=0
[  215.009660][ T8306] warning: `syz.3.695' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  215.367631][ T8322] netlink: 342 bytes leftover after parsing attributes in process `syz.3.698'.
[  215.558909][ T8317] can: request_module (can-proto-4) failed.
[  215.964890][ T8327] scsi_strcpy_devinfo: vendor string '��/&c��~n]	�|
[  215.964890][ T8327] M�' is too long
[  216.029066][ T8327] scsi_strcpy_devinfo: model string '�Dd5��K�2b�
[  216.029066][ T8327] ���W����� ��' is too long
[  216.135956][   T30] audit: type=1800 audit(4294967401.321:58): pid=8329 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.700" name="features" dev="configfs" ino=18043 res=0 errno=0
[  218.604550][ T8360] netlink: 342 bytes leftover after parsing attributes in process `syz.3.708'.
[  220.839500][ T5844] Bluetooth: hci2: Unable to find connection for big 0xd2
[  222.730841][ T8404] syz.2.715 (8404) used greatest stack depth: 20648 bytes left
[  223.011415][ T8417] netlink: 342 bytes leftover after parsing attributes in process `syz.2.717'.
[  223.427727][ T8421] FAULT_INJECTION: forcing a failure.
[  223.427727][ T8421] name failslab, interval 1, probability 0, space 0, times 0
[  223.446824][ T8421] CPU: 1 UID: 0 PID: 8421 Comm: syz.0.721 Not tainted 6.15.0-rc2-syzkaller-00042-g1a1d569a75f3 #0 PREEMPT(full) 
[  223.446869][ T8421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  223.446888][ T8421] Call Trace:
[  223.446898][ T8421]  <TASK>
[  223.446910][ T8421]  dump_stack_lvl+0x16c/0x1f0
[  223.446964][ T8421]  should_fail_ex+0x512/0x640
[  223.446999][ T8421]  ? __kmalloc_noprof+0xbf/0x510
[  223.447050][ T8421]  ? cache_create_net+0x9d/0x220
[  223.447082][ T8421]  should_failslab+0xc2/0x120
[  223.447112][ T8421]  __kmalloc_noprof+0xd2/0x510
[  223.447167][ T8421]  cache_create_net+0x9d/0x220
[  223.447205][ T8421]  unix_gid_cache_create+0x60/0x130
[  223.447243][ T8421]  ? __pfx_sunrpc_init_net+0x10/0x10
[  223.447272][ T8421]  sunrpc_init_net+0x71/0x190
[  223.447303][ T8421]  ops_init+0x1df/0x5f0
[  223.447351][ T8421]  setup_net+0x21e/0x850
[  223.447399][ T8421]  ? __pfx_setup_net+0x10/0x10
[  223.447440][ T8421]  ? lockdep_init_map_type+0x5c/0x280
[  223.447478][ T8421]  ? __pfx_down_read_killable+0x10/0x10
[  223.447514][ T8421]  ? debug_mutex_init+0x37/0x70
[  223.447558][ T8421]  copy_net_ns+0x2a6/0x5f0
[  223.447611][ T8421]  create_new_namespaces+0x3ea/0xad0
[  223.447683][ T8421]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  223.447735][ T8421]  ksys_unshare+0x45b/0xa40
[  223.447785][ T8421]  ? __pfx_ksys_unshare+0x10/0x10
[  223.447833][ T8421]  ? xfd_validate_state+0x5d/0x180
[  223.447888][ T8421]  ? rcu_is_watching+0x12/0xc0
[  223.447937][ T8421]  __x64_sys_unshare+0x31/0x40
[  223.447984][ T8421]  do_syscall_64+0xcd/0x260
[  223.448034][ T8421]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.448065][ T8421] RIP: 0033:0x7f5ba2b8e169
[  223.448090][ T8421] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  223.448119][ T8421] RSP: 002b:00007f5ba3ad9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  223.448147][ T8421] RAX: ffffffffffffffda RBX: 00007f5ba2db5fa0 RCX: 00007f5ba2b8e169
[  223.448167][ T8421] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  223.448185][ T8421] RBP: 00007f5ba2c10a68 R08: 0000000000000000 R09: 0000000000000000
[  223.448222][ T8421] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  223.448240][ T8421] R13: 0000000000000000 R14: 00007f5ba2db5fa0 R15: 00007ffd02194c28
[  223.448281][ T8421]  </TASK>
[  224.354942][ T8426] serio: Serial port ptm0
[  226.065320][ T8466] Process accounting resumed
[  227.870587][   T30] audit: type=1800 audit(4294967413.061:59): pid=8516 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.744" name="discovery_nqn" dev="configfs" ino=19117 res=0 errno=0
[  229.737372][ T8537] sctp: [Deprecated]: syz.0.749 (pid 8537) Use of struct sctp_assoc_value in delayed_ack socket option.
[  229.737372][ T8537] Use struct sctp_sack_info instead
[  230.793158][ T8552] WARNING! power/level is deprecated; use power/control instead
[  231.269246][   T30] audit: type=1326 audit(4294967416.451:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8559 comm="syz.2.752" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f19b1d8e169 code=0x0
[  231.639554][ T8541] kexec: Could not allocate control_code_buffer
[  232.306835][   T30] audit: type=1800 audit(4294967417.491:61): pid=8576 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.760" name="members" dev="configfs" ino=19263 res=0 errno=0
[  232.737343][ T8596] netlink: 346 bytes leftover after parsing attributes in process `syz.2.764'.
[  232.799020][ T8596] netlink: 346 bytes leftover after parsing attributes in process `syz.2.764'.
[  233.617400][ T8598] GUP no longer grows the stack in syz.0.762 (8598): 14000-401000 (4000)
[  233.636792][ T8598] CPU: 1 UID: 0 PID: 8598 Comm: syz.0.762 Not tainted 6.15.0-rc2-syzkaller-00042-g1a1d569a75f3 #0 PREEMPT(full) 
[  233.636835][ T8598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  233.636854][ T8598] Call Trace:
[  233.636864][ T8598]  <TASK>
[  233.636876][ T8598]  dump_stack_lvl+0x16c/0x1f0
[  233.636930][ T8598]  gup_vma_lookup+0x1d2/0x220
[  233.636970][ T8598]  __get_user_pages+0x234/0x36f0
[  233.637024][ T8598]  ? process_vm_rw_core.constprop.0+0x1d8/0x9a0
[  233.637062][ T8598]  ? look_up_lock_class+0x59/0x150
[  233.637109][ T8598]  ? __pfx___get_user_pages+0x10/0x10
[  233.637150][ T8598]  ? process_vm_rw+0x2ff/0x360
[  233.637177][ T8598]  ? __x64_sys_process_vm_readv+0xe2/0x1c0
[  233.637208][ T8598]  ? do_syscall_64+0xcd/0x260
[  233.637268][ T8598]  __gup_longterm_locked+0x20d/0x1850
[  233.637328][ T8598]  ? __pfx___gup_longterm_locked+0x10/0x10
[  233.637392][ T8598]  pin_user_pages_remote+0xed/0x140
[  233.637438][ T8598]  ? __pfx_pin_user_pages_remote+0x10/0x10
[  233.637513][ T8598]  ? mm_access+0x22d/0x2e0
[  233.637576][ T8598]  process_vm_rw_core.constprop.0+0x41b/0x9a0
[  233.637617][ T8598]  ? futex_wait_queue+0x14c/0x220
[  233.637646][ T8598]  ? futex_unqueue+0xba/0x140
[  233.637699][ T8598]  ? __pfx_process_vm_rw_core.constprop.0+0x10/0x10
[  233.637736][ T8598]  ? iovec_from_user+0xbb/0x140
[  233.637797][ T8598]  ? iovec_from_user+0xbb/0x140
[  233.637843][ T8598]  process_vm_rw+0x2ff/0x360
[  233.637877][ T8598]  ? __pfx_process_vm_rw+0x10/0x10
[  233.637920][ T8598]  ? __might_fault+0x13b/0x190
[  233.638006][ T8598]  ? xfd_validate_state+0x5d/0x180
[  233.638052][ T8598]  __x64_sys_process_vm_readv+0xe2/0x1c0
[  233.638084][ T8598]  ? do_syscall_64+0x91/0x260
[  233.638132][ T8598]  ? lockdep_hardirqs_on+0x7c/0x110
[  233.638178][ T8598]  do_syscall_64+0xcd/0x260
[  233.638229][ T8598]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.638262][ T8598] RIP: 0033:0x7f5ba2b8e169
[  233.638287][ T8598] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  233.638318][ T8598] RSP: 002b:00007f5ba3ab8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000136
[  233.638348][ T8598] RAX: ffffffffffffffda RBX: 00007f5ba2db6080 RCX: 00007f5ba2b8e169
[  233.638368][ T8598] RDX: 0000000000000004 RSI: 0000200000000040 RDI: 0000000000000240
[  233.638387][ T8598] RBP: 00007f5ba2c10a68 R08: 0000000000000003 R09: 0000000000000000
[  233.638405][ T8598] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000000
[  233.638424][ T8598] R13: 0000000000000000 R14: 00007f5ba2db6080 R15: 00007ffd02194c28
[  233.638465][ T8598]  </TASK>
[  235.003782][ T8638] Process accounting resumed
[  235.119850][ T8639] bridge0: port 3(hsr0) entered blocking state
[  235.133805][ T8639] bridge0: port 3(hsr0) entered disabled state
[  235.159761][ T8639] hsr0: entered allmulticast mode
[  235.199358][ T8639] hsr_slave_0: entered allmulticast mode
[  235.244804][ T8639] hsr_slave_1: entered allmulticast mode
[  235.289852][ T8639] hsr0: entered promiscuous mode
[  235.299172][ T8639] bridge0: port 3(hsr0) entered blocking state
[  235.305901][ T8639] bridge0: port 3(hsr0) entered forwarding state
[  235.628297][ T8654] netlink: 'syz.3.779': attribute type 1 has an invalid length.
[  235.722271][ T8656] netlink: 4 bytes leftover after parsing attributes in process `syz.1.780'.
[  237.005249][ T8698] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(3.262148.0), cmd(49)
[  238.962372][ T8750] Invalid ELF header magic: != ELF
[  239.730426][ T8773] netlink: 330 bytes leftover after parsing attributes in process `syz.2.810'.
[  239.975227][ T8780] delete_channel: no stack
[  240.253532][ T8789] cifs: Unknown parameter 'no+ 1����`��r�sFn)��a�H��ā��h`����9k�A}���1\D@��.��Z�Cg^�'
[  241.211467][ T8790] kexec: Could not allocate control_code_buffer
[  241.704668][ T8798] netlink: 334 bytes leftover after parsing attributes in process `syz.3.816'.
[  241.884252][ T8804] netlink: 4 bytes leftover after parsing attributes in process `syz.0.817'.
[  242.203235][ T8806] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  242.210114][ T8806] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  242.676267][ T8824] can: request_module (can-proto-0) failed.
[  243.130821][ T8839] netlink: 4 bytes leftover after parsing attributes in process `syz.3.827'.
[  243.368291][ T8846] cifs: Unknown parameter 'no+ 1����`��r�sFn)��a�H��ā��h`����9k�A}���1\D@��.��Z�Cg^�'
[  243.381541][ T8848] nfs4: Unknown parameter 'nfsd'
[  243.749300][ T8854] Invalid ELF header magic: != ELF
[  244.218423][ T8869] netlink: 28 bytes leftover after parsing attributes in process `syz.0.834'.
[  244.249629][ T8870] netlink: 330 bytes leftover after parsing attributes in process `syz.0.834'.
[  244.662304][ T8876] can: request_module (can-proto-0) failed.
[  246.621587][ T8918] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[  246.671510][ T8918] netlink: 28 bytes leftover after parsing attributes in process `syz.3.845'.
[  246.739619][ T8918] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  246.969500][ T8918] batman_adv: batadv0: Removing interface: batadv_slave_1
[  247.172091][ T8929] Setting dangerous option i915.mitigations - tainting kernel
[  247.303792][ T8934] netlink: 8 bytes leftover after parsing attributes in process `syz.1.850'.
[  247.421816][ T8935] netlink: 8 bytes leftover after parsing attributes in process `syz.1.850'.
[  248.538315][ T8962] openvswitch: netlink: IP tunnel TTL not specified.
[  249.875809][ T8988] device-mapper: ioctl: Invalid data size in the ioctl structure: 0
[  250.062703][ T9000] netlink: 4 bytes leftover after parsing attributes in process `syz.1.867'.
[  250.352780][ T8996] could not allocate digest TFM handle 
[  250.481710][ T9009] cifs: Unknown parameter 'no+ 1����`��r�sFn)��a�H��ā��h`����9k�A}���1\D@��.��Z�Cg^�'
[  250.845464][ T8996] could not allocate digest TFM handle 
[  251.047484][ T8996] could not allocate digest TFM handle 
[  251.269856][ T8996] could not allocate digest TFM handle 
[  251.753369][ T8996] could not allocate digest TFM handle 
[  252.053840][ T8996] could not allocate digest TFM handle 
[  252.514212][ T9053] netlink: 8 bytes leftover after parsing attributes in process `syz.1.875'.
[  252.693138][ T9005] netlink: 28 bytes leftover after parsing attributes in process `syz.3.866'.
[  253.157109][ T8996] could not allocate digest TFM handle 
[  253.225791][ T9064] netlink: 4 bytes leftover after parsing attributes in process `syz.1.877'.
[  253.984603][ T9081] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[  254.056018][ T9081] netlink: 28 bytes leftover after parsing attributes in process `syz.2.881'.
[  254.196240][ T9081] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  254.383281][ T9074] netlink: 504 bytes leftover after parsing attributes in process `syz.1.880'.
[  254.424768][ T9074] netlink: 504 bytes leftover after parsing attributes in process `syz.1.880'.
[  254.442567][ T9081] batman_adv: batadv0: Removing interface: batadv_slave_1
[  255.535021][   T30] audit: type=1800 audit(4294967440.731:62): pid=9105 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.885" name="members" dev="configfs" ino=22779 res=0 errno=0
[  256.088893][ T9116] netlink: 504 bytes leftover after parsing attributes in process `syz.3.893'.
[  256.114416][ T9120] mkiss: ax0: crc mode is auto.
[  256.127506][ T9116] netlink: 350 bytes leftover after parsing attributes in process `syz.3.893'.
[  256.352177][ T9124] Process accounting paused
[  256.714879][ T9126] netlink: 504 bytes leftover after parsing attributes in process `syz.3.894'.
[  256.737368][ T9126] netlink: 504 bytes leftover after parsing attributes in process `syz.3.894'.
[  256.814076][ T9134] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[  257.070329][ T9134] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  257.244306][ T9134] batman_adv: batadv0: Removing interface: batadv_slave_1
[  258.165607][ T9145] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8
[  258.209729][ T9143] bond0: option miimon: invalid value ()
[  258.216516][ T9143] bond0: option miimon: allowed values 0 - 2147483647
[  258.641506][ T9156] mkiss: ax0: crc mode is auto.
[  259.149177][ T9172] __nla_validate_parse: 1 callbacks suppressed
[  259.149199][ T9172] netlink: 8 bytes leftover after parsing attributes in process `syz.2.910'.
[  260.873309][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  260.896641][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  261.993151][ T9214] Falling back ldisc for pty192.
[  263.873005][ T9250] Invalid ELF header magic: != ELF
[  264.182546][ T9275] random: crng reseeded on system resumption
[  264.364962][   T30] audit: type=1800 audit(4294967449.555:63): pid=9286 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.931" name="members" dev="configfs" ino=22315 res=0 errno=0
[  265.037996][ T9287] Process accounting paused
[  265.309246][ T9311] openvswitch: netlink: Key type 313 is out of range max 32
[  267.201659][   T30] audit: type=1800 audit(4294967452.396:64): pid=9347 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.942" name="members" dev="configfs" ino=23554 res=0 errno=0
[  267.562708][ T9355] netlink: 'syz.0.945': attribute type 39 has an invalid length.
[  267.572647][ T9355] netlink: 330 bytes leftover after parsing attributes in process `syz.0.945'.
[  270.444374][ T9400] Invalid ELF header magic: != ELF
[  271.160896][ T9413] netlink: 342 bytes leftover after parsing attributes in process `syz.1.959'.
[  271.188317][ T9413] netlink: 342 bytes leftover after parsing attributes in process `syz.1.959'.
[  272.398540][ T9447] netlink: 342 bytes leftover after parsing attributes in process `syz.1.972'.
[  272.469847][ T9447] netlink: 342 bytes leftover after parsing attributes in process `syz.1.972'.
[  272.527496][   T30] audit: type=1800 audit(4294967457.729:65): pid=9438 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.970" name="members" dev="configfs" ino=23717 res=0 errno=0
[  272.939481][ T9463] kafs: addr_prefs: Invalid Command
[  272.953000][ T9465] kafs: addr_prefs: Invalid Command
[  274.262957][ T9493] netlink: 4 bytes leftover after parsing attributes in process `syz.2.979'.
[  274.497356][ T9496] netlink: 342 bytes leftover after parsing attributes in process `syz.2.982'.
[  274.509705][ T9496] netlink: 342 bytes leftover after parsing attributes in process `syz.2.982'.
[  274.958604][   T30] audit: type=1800 audit(4294967460.150:66): pid=9501 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.983" name="members" dev="configfs" ino=23901 res=0 errno=0
[  276.165668][ T9536] netlink: 342 bytes leftover after parsing attributes in process `syz.3.992'.
[  276.207902][ T9536] netlink: 342 bytes leftover after parsing attributes in process `syz.3.992'.
[  276.249590][ T9536] netlink: 342 bytes leftover after parsing attributes in process `syz.3.992'.
[  276.289553][ T9538] FAULT_INJECTION: forcing a failure.
[  276.289553][ T9538] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  276.455475][ T9538] CPU: 1 UID: 0 PID: 9538 Comm: syz.0.991 Tainted: G     U              6.15.0-rc2-syzkaller-00042-g1a1d569a75f3 #0 PREEMPT(full) 
[  276.455527][ T9538] Tainted: [U]=USER
[  276.455537][ T9538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  276.455555][ T9538] Call Trace:
[  276.455565][ T9538]  <TASK>
[  276.455576][ T9538]  dump_stack_lvl+0x16c/0x1f0
[  276.455628][ T9538]  should_fail_ex+0x512/0x640
[  276.455671][ T9538]  should_fail_alloc_page+0xe7/0x130
[  276.455705][ T9538]  prepare_alloc_pages+0x3c2/0x610
[  276.455745][ T9538]  ? rcu_is_watching+0x12/0xc0
[  276.455790][ T9538]  __alloc_frozen_pages_noprof+0x18f/0x23a0
[  276.455846][ T9538]  ? do_raw_spin_lock+0x12c/0x2b0
[  276.455885][ T9538]  ? find_held_lock+0x2b/0x80
[  276.455941][ T9538]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  276.455995][ T9538]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  276.456039][ T9538]  ? stack_depot_save_flags+0x3e6/0xa50
[  276.456087][ T9538]  ? kasan_save_stack+0x42/0x60
[  276.456138][ T9538]  ? __lock_acquire+0xaa4/0x1ba0
[  276.456185][ T9538]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  276.456223][ T9538]  ? policy_nodemask+0xea/0x4e0
[  276.456277][ T9538]  alloc_pages_mpol+0x1fb/0x550
[  276.456309][ T9538]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  276.456337][ T9538]  ? __page_table_check_ptes_set+0x1ae/0x420
[  276.456388][ T9538]  ? find_held_lock+0x2b/0x80
[  276.456434][ T9538]  alloc_pages_noprof+0x131/0x390
[  276.456464][ T9538]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[  276.456508][ T9538]  get_free_pages_noprof+0xc/0x40
[  276.456540][ T9538]  kasan_populate_vmalloc_pte+0x2d/0x160
[  276.456586][ T9538]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[  276.456632][ T9538]  __apply_to_page_range+0x5f9/0xd30
[  276.456676][ T9538]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[  276.456729][ T9538]  ? __pfx___apply_to_page_range+0x10/0x10
[  276.456770][ T9538]  ? alloc_vmap_area+0x872/0x2970
[  276.456813][ T9538]  alloc_vmap_area+0x919/0x2970
[  276.456868][ T9538]  ? __pfx_alloc_vmap_area+0x10/0x10
[  276.456923][ T9538]  __get_vm_area_node+0x1a7/0x300
[  276.456971][ T9538]  __vmalloc_node_range_noprof+0x277/0x1540
[  276.457016][ T9538]  ? __do_sys_listmount+0x1c2/0xed0
[  276.457074][ T9538]  ? __do_sys_listmount+0x1c2/0xed0
[  276.457126][ T9538]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  276.457186][ T9538]  __kvmalloc_node_noprof+0x2ff/0x600
[  276.457233][ T9538]  ? __do_sys_listmount+0x1c2/0xed0
[  276.457279][ T9538]  ? __do_sys_listmount+0x1c2/0xed0
[  276.457330][ T9538]  ? __do_sys_listmount+0x1c2/0xed0
[  276.457371][ T9538]  __do_sys_listmount+0x1c2/0xed0
[  276.457422][ T9538]  ? __x64_sys_futex+0x1e0/0x4c0
[  276.457467][ T9538]  ? __x64_sys_futex+0x1e9/0x4c0
[  276.457514][ T9538]  ? __pfx___do_sys_listmount+0x10/0x10
[  276.457558][ T9538]  ? xfd_validate_state+0x5d/0x180
[  276.457608][ T9538]  do_syscall_64+0xcd/0x260
[  276.457660][ T9538]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.457692][ T9538] RIP: 0033:0x7f5ba2b8e169
[  276.457718][ T9538] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  276.457750][ T9538] RSP: 002b:00007f5ba3a97038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca
[  276.457780][ T9538] RAX: ffffffffffffffda RBX: 00007f5ba2db6160 RCX: 00007f5ba2b8e169
[  276.457801][ T9538] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100
[  276.457821][ T9538] RBP: 00007f5ba2c10a68 R08: 0000000000000000 R09: 0000000000000000
[  276.457840][ T9538] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  276.457858][ T9538] R13: 0000000000000000 R14: 00007f5ba2db6160 R15: 00007ffd02194c28
[  276.457898][ T9538]  </TASK>
[  276.458760][ T9538] syz.0.991: vmalloc error: size 8000000, vm_struct allocation failed, mode:0x400cc0(GFP_KERNEL_ACCOUNT), nodemask=(null)
[  276.812033][    C1] vkms_vblank_simulate: vblank timer overrun
[  277.268551][ T9538] ,cpuset=/,mems_allowed=0-1
[  277.273538][ T9538] CPU: 0 UID: 0 PID: 9538 Comm: syz.0.991 Tainted: G     U              6.15.0-rc2-syzkaller-00042-g1a1d569a75f3 #0 PREEMPT(full) 
[  277.273607][ T9538] Tainted: [U]=USER
[  277.273636][ T9538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  277.273655][ T9538] Call Trace:
[  277.273666][ T9538]  <TASK>
[  277.273678][ T9538]  dump_stack_lvl+0x16c/0x1f0
[  277.273733][ T9538]  warn_alloc+0x248/0x3a0
[  277.273786][ T9538]  ? __pfx_warn_alloc+0x10/0x10
[  277.273839][ T9538]  ? kfree+0x2b6/0x4d0
[  277.273898][ T9538]  ? __get_vm_area_node+0x1e5/0x300
[  277.273947][ T9538]  __vmalloc_node_range_noprof+0xd31/0x1540
[  277.274007][ T9538]  ? __do_sys_listmount+0x1c2/0xed0
[  277.274062][ T9538]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  277.274123][ T9538]  __kvmalloc_node_noprof+0x2ff/0x600
[  277.274170][ T9538]  ? __do_sys_listmount+0x1c2/0xed0
[  277.274215][ T9538]  ? __do_sys_listmount+0x1c2/0xed0
[  277.274266][ T9538]  ? __do_sys_listmount+0x1c2/0xed0
[  277.274308][ T9538]  __do_sys_listmount+0x1c2/0xed0
[  277.274361][ T9538]  ? __x64_sys_futex+0x1e0/0x4c0
[  277.274406][ T9538]  ? __x64_sys_futex+0x1e9/0x4c0
[  277.274455][ T9538]  ? __pfx___do_sys_listmount+0x10/0x10
[  277.274499][ T9538]  ? xfd_validate_state+0x5d/0x180
[  277.274552][ T9538]  do_syscall_64+0xcd/0x260
[  277.274607][ T9538]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  277.274640][ T9538] RIP: 0033:0x7f5ba2b8e169
[  277.274667][ T9538] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  277.274699][ T9538] RSP: 002b:00007f5ba3a97038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca
[  277.274730][ T9538] RAX: ffffffffffffffda RBX: 00007f5ba2db6160 RCX: 00007f5ba2b8e169
[  277.274752][ T9538] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100
[  277.274773][ T9538] RBP: 00007f5ba2c10a68 R08: 0000000000000000 R09: 0000000000000000
[  277.274793][ T9538] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  277.274813][ T9538] R13: 0000000000000000 R14: 00007f5ba2db6160 R15: 00007ffd02194c28
[  277.274863][ T9538]  </TASK>
[  277.274875][ T9538] Mem-Info:
[  277.928607][ T9538] active_anon:28366 inactive_anon:0 isolated_anon:39
[  277.928607][ T9538]  active_file:9344 inactive_file:50875 isolated_file:0
[  277.928607][ T9538]  unevictable:768 dirty:2392 writeback:0
[  277.928607][ T9538]  slab_reclaimable:10639 slab_unreclaimable:96881
[  277.928607][ T9538]  mapped:37699 shmem:16540 pagetables:1047
[  277.928607][ T9538]  sec_pagetables:0 bounce:0
[  277.928607][ T9538]  kernel_misc_reclaimable:0
[  277.928607][ T9538]  free:1306547 free_pcp:1072 free_cma:0
[  278.078138][ T9538] Node 0 active_anon:114380kB inactive_anon:0kB active_file:37376kB inactive_file:196992kB unevictable:1536kB isolated(anon):80kB isolated(file):0kB mapped:151108kB dirty:9564kB writeback:0kB shmem:64696kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:2048kB writeback_tmp:0kB kernel_stack:11240kB pagetables:4284kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  278.154865][ T9538] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:8kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:2504kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  278.185990][    C1] vkms_vblank_simulate: vblank timer overrun
[  278.192416][ T9538] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  278.219553][    C1] vkms_vblank_simulate: vblank timer overrun
[  278.233447][ T9538] lowmem_reserve[]: 0 2482 2483 2483 2483
[  278.308076][ T9538] Node 0 DMA32 free:1299276kB boost:0kB min:34092kB low:42612kB high:51132kB reserved_highatomic:0KB active_anon:113508kB inactive_anon:0kB active_file:37376kB inactive_file:194032kB unevictable:1536kB writepending:9564kB present:3129332kB managed:2541672kB mlocked:0kB bounce:0kB free_pcp:14268kB local_pcp:3268kB free_cma:0kB
[  278.342540][ T9538] lowmem_reserve[]: 0 0 1 1 1
[  278.342615][ T9538] Node 0 Normal free:24kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1560kB unevictable:0kB writepending:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:4kB free_cma:0kB
[  278.342703][ T9538] lowmem_reserve[]: 0 0 0 0 0
[  278.342832][ T9538] Node 1 Normal free:3908428kB boost:0kB min:55784kB low:69728kB high:83672kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:8kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  278.342922][ T9538] lowmem_reserve[]: 0 0 0 0 0
[  278.342994][ T9538] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  278.343191][ T9538] Node 0 DMA32: 0*4kB 228*8kB (UE) 175*16kB (U) 367*32kB (UM) 611*64kB (UM) 353*128kB (UM) 181*256kB (UM) 82*512kB (UME) 16*1024kB (UM) 0*2048kB 267*4096kB (UM) = 1298992kB
[  278.343451][ T9538] Node 0 Normal: 2*4kB (M) 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 24kB
[  278.343660][ T9538] Node 1 Normal: 245*4kB (UME) 53*8kB (UME) 35*16kB (UME) 207*32kB (UME) 97*64kB (UME) 31*128kB (UME) 16*256kB (UME) 7*512kB (UM) 1*1024kB (M) 1*2048kB (U) 947*4096kB (M) = 3908428kB
[  278.343938][ T9538] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  278.343966][ T9538] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  278.343994][ T9538] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  278.344020][ T9538] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  278.344047][ T9538] 75519 total pagecache pages
[  278.344060][ T9538] 0 pages in swap cache
[  278.344071][ T9538] Free swap  = 124992kB
[  278.344084][ T9538] Total swap = 124996kB
[  278.344097][ T9538] 2097051 pages RAM
[  278.344107][ T9538] 0 pages HighMem/MovableOnly
[  278.344119][ T9538] 429591 pages reserved
[  278.344131][ T9538] 0 pages cma reserved
[  278.875961][    C1] vkms_vblank_simulate: vblank timer overrun
[  279.321776][   T30] audit: type=1800 audit(4294967464.512:67): pid=9556 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.995" name="SYSV00000400" dev="tmpfs" ino=0 res=0 errno=0
[  279.668559][    C1] vkms_vblank_simulate: vblank timer overrun
[  283.420367][ T9650] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1016'.
[  283.844852][ T9618] kexec: Could not allocate control_code_buffer
[  286.026410][ T9694] FAULT_INJECTION: forcing a failure.
[  286.026410][ T9694] name failslab, interval 1, probability 0, space 0, times 0
[  286.054184][ T9694] CPU: 1 UID: 0 PID: 9694 Comm: syz.0.1028 Tainted: G     U              6.15.0-rc2-syzkaller-00042-g1a1d569a75f3 #0 PREEMPT(full) 
[  286.054238][ T9694] Tainted: [U]=USER
[  286.054249][ T9694] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  286.054268][ T9694] Call Trace:
[  286.054278][ T9694]  <TASK>
[  286.054291][ T9694]  dump_stack_lvl+0x16c/0x1f0
[  286.054345][ T9694]  should_fail_ex+0x512/0x640
[  286.054382][ T9694]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  286.054431][ T9694]  should_failslab+0xc2/0x120
[  286.054462][ T9694]  __kmalloc_cache_noprof+0x6a/0x3e0
[  286.054508][ T9694]  ? sctp_auth_shkey_create+0x9e/0x210
[  286.054566][ T9694]  sctp_auth_shkey_create+0x9e/0x210
[  286.054622][ T9694]  sctp_endpoint_new+0x562/0xcd0
[  286.054681][ T9694]  sctp_init_sock+0xe2d/0x1330
[  286.054729][ T9694]  ? __pfx_sctp_v6_init_sock+0x10/0x10
[  286.054781][ T9694]  sctp_v6_init_sock+0x16/0x70
[  286.054828][ T9694]  ? __pfx_sctp_v6_init_sock+0x10/0x10
[  286.054878][ T9694]  inet6_create+0xb2d/0x1300
[  286.054922][ T9694]  ? inet6_create+0x7f/0x1300
[  286.054968][ T9694]  __sock_create+0x335/0x8d0
[  286.055008][ T9694]  __sys_socket+0x14d/0x260
[  286.055041][ T9694]  ? __pfx___sys_socket+0x10/0x10
[  286.055075][ T9694]  ? rcu_is_watching+0x12/0xc0
[  286.055132][ T9694]  __x64_sys_socket+0x72/0xb0
[  286.055163][ T9694]  ? lockdep_hardirqs_on+0x7c/0x110
[  286.055210][ T9694]  do_syscall_64+0xcd/0x260
[  286.055261][ T9694]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  286.055294][ T9694] RIP: 0033:0x7f5ba2b8e169
[  286.055320][ T9694] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  286.055350][ T9694] RSP: 002b:00007f5ba3ad9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  286.055379][ T9694] RAX: ffffffffffffffda RBX: 00007f5ba2db5fa0 RCX: 00007f5ba2b8e169
[  286.055400][ T9694] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 000000000000000a
[  286.055418][ T9694] RBP: 00007f5ba2c10a68 R08: 0000000000000000 R09: 0000000000000000
[  286.055436][ T9694] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  286.055454][ T9694] R13: 0000000000000000 R14: 00007f5ba2db5fa0 R15: 00007ffd02194c28
[  286.055493][ T9694]  </TASK>
[  286.282242][    C1] vkms_vblank_simulate: vblank timer overrun
[  286.307069][ T9693] FAULT_INJECTION: forcing a failure.
[  286.307069][ T9693] name failslab, interval 1, probability 0, space 0, times 0
[  286.333444][ T9693] CPU: 0 UID: 0 PID: 9693 Comm: syz.3.1027 Tainted: G     U              6.15.0-rc2-syzkaller-00042-g1a1d569a75f3 #0 PREEMPT(full) 
[  286.333500][ T9693] Tainted: [U]=USER
[  286.333513][ T9693] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  286.333532][ T9693] Call Trace:
[  286.333543][ T9693]  <TASK>
[  286.333556][ T9693]  dump_stack_lvl+0x16c/0x1f0
[  286.333610][ T9693]  should_fail_ex+0x512/0x640
[  286.333647][ T9693]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[  286.333706][ T9693]  should_failslab+0xc2/0x120
[  286.333736][ T9693]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  286.333789][ T9693]  ? __pfx_proc_create_net_data+0x10/0x10
[  286.333837][ T9693]  ? nf_log_net_init+0x9f/0x450
[  286.333879][ T9693]  ? __pfx___register_sysctl_table+0x10/0x10
[  286.333917][ T9693]  ? __pfx_nf_log_net_init+0x10/0x10
[  286.333972][ T9693]  kmemdup_noprof+0x29/0x60
[  286.334015][ T9693]  nf_log_net_init+0x9f/0x450
[  286.334056][ T9693]  ? __pfx_nf_log_net_init+0x10/0x10
[  286.334095][ T9693]  ops_init+0x1df/0x5f0
[  286.334140][ T9693]  setup_net+0x21e/0x850
[  286.334185][ T9693]  ? __pfx_setup_net+0x10/0x10
[  286.334223][ T9693]  ? lockdep_init_map_type+0x5c/0x280
[  286.334252][ T9693]  ? __pfx_down_read_killable+0x10/0x10
[  286.334286][ T9693]  ? debug_mutex_init+0x37/0x70
[  286.334325][ T9693]  copy_net_ns+0x2a6/0x5f0
[  286.334374][ T9693]  create_new_namespaces+0x3ea/0xad0
[  286.334445][ T9693]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  286.334494][ T9693]  ksys_unshare+0x45b/0xa40
[  286.334543][ T9693]  ? __pfx_ksys_unshare+0x10/0x10
[  286.334588][ T9693]  ? xfd_validate_state+0x5d/0x180
[  286.334625][ T9693]  ? rcu_is_watching+0x12/0xc0
[  286.334678][ T9693]  __x64_sys_unshare+0x31/0x40
[  286.334746][ T9693]  do_syscall_64+0xcd/0x260
[  286.334797][ T9693]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  286.334837][ T9693] RIP: 0033:0x7fb27af8e169
[  286.334864][ T9693] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  286.334896][ T9693] RSP: 002b:00007fb27beb0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  286.334927][ T9693] RAX: ffffffffffffffda RBX: 00007fb27b1b5fa0 RCX: 00007fb27af8e169
[  286.334949][ T9693] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  286.334969][ T9693] RBP: 00007fb27b010a68 R08: 0000000000000000 R09: 0000000000000000
[  286.334990][ T9693] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  286.335009][ T9693] R13: 0000000000000000 R14: 00007fb27b1b5fa0 R15: 00007ffdc62047d8
[  286.335051][ T9693]  </TASK>
[  287.507275][ T9699] Process accounting resumed
[  287.585942][ T9714] delete_channel: no stack
[  287.630729][   T53] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  287.792875][   T53] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  288.116585][   T53] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  288.259158][   T53] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  288.505149][ T9735] delete_channel: no stack
[  288.866134][   T53] bridge_slave_1: left allmulticast mode
[  288.893822][   T53] bridge_slave_1: left promiscuous mode
[  288.895696][ T9746] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1045'.
[  288.901997][   T53] bridge0: port 2(bridge_slave_1) entered disabled state
[  288.963875][ T9746] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1045'.
[  288.992925][ T9746] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1045'.
[  289.007307][   T53] bridge_slave_0: left allmulticast mode
[  289.024308][   T53] bridge_slave_0: left promiscuous mode
[  289.044693][   T53] bridge0: port 1(bridge_slave_0) entered disabled state
[  289.233228][ T5844] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  289.244100][ T5844] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  289.252793][ T5844] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  289.261464][ T5844] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  289.269873][ T5844] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  289.974824][   T53] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  289.990800][   T53] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  290.003886][   T53] bond0 (unregistering): Released all slaves
[  290.026629][ T9749] netlink: 35 bytes leftover after parsing attributes in process `syz.1.1044'.
[  290.192289][ T9782] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1050'.
[  290.529046][ T9794] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1053'.
[  290.569557][ T9794] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1053'.
[  291.336463][ T5847] Bluetooth: hci1: command tx timeout
[  291.560278][ T9755] chnl_net:caif_netlink_parms(): no params data found
[  291.659281][   T53] hsr_slave_0: left promiscuous mode
[  291.676858][   T53] hsr_slave_1: left promiscuous mode
[  291.687854][   T53] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  291.708360][   T53] batman_adv: batadv0: Removing interface: batadv_slave_0
[  291.769404][   T53] veth1_macvtap: left promiscuous mode
[  291.801673][   T53] veth0_macvtap: left promiscuous mode
[  291.810737][   T53] veth1_vlan: left promiscuous mode
[  291.838106][   T53] veth0_vlan: left promiscuous mode
[  292.673728][   T53] team0 (unregistering): Port device team_slave_1 removed
[  292.740234][   T53] team0 (unregistering): Port device team_slave_0 removed
[  292.746207][   T30] audit: type=1326 audit(4294967477.949:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9835 comm="syz.1.1062" exe="/root/syz-executor" sig=9 arch=c000003e syscall=157 compat=0 ip=0x7fba96b8e169 code=0x0
[  293.333692][ T9833] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  293.344858][ T9833] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  293.352382][ T9833] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  293.364042][ T9833] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  293.370131][ T9833] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  293.396003][ T9833] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  293.524757][ T9755] bridge0: port 1(bridge_slave_0) entered blocking state
[  293.567570][ T9755] bridge0: port 1(bridge_slave_0) entered disabled state
[  293.604818][ T9755] bridge_slave_0: entered allmulticast mode
[  293.622240][ T9755] bridge_slave_0: entered promiscuous mode
[  293.640706][ T9755] bridge0: port 2(bridge_slave_1) entered blocking state
[  293.647996][ T9755] bridge0: port 2(bridge_slave_1) entered disabled state
[  293.670265][ T9755] bridge_slave_1: entered allmulticast mode
[  293.679888][ T9755] bridge_slave_1: entered promiscuous mode
[  293.808757][ T9859] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1064'.
[  293.883533][ T9755] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  293.926850][ T9755] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  294.160245][ T9867] mkiss: ax0: crc mode is auto.
[  294.169190][ T9755] team0: Port device team_slave_0 added
[  294.210454][ T9755] team0: Port device team_slave_1 added
[  294.378048][   T30] audit: type=1800 audit(4294967479.590:69): pid=9883 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1065" name="members" dev="configfs" ino=26847 res=0 errno=0
[  294.516970][ T5847] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18
[  294.567542][ T9755] batman_adv: batadv0: Adding interface: batadv_slave_0
[  294.579830][ T9755] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  294.614613][ T9755] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  294.670516][ T9755] batman_adv: batadv0: Adding interface: batadv_slave_1
[  294.677528][ T9755] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  294.739980][ T9755] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  294.988112][ T9755] hsr_slave_0: entered promiscuous mode
[  295.000266][ T9755] hsr_slave_1: entered promiscuous mode
[  295.012547][ T9755] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  295.029845][ T9755] Cannot create hsr debugfs directory
[  295.089036][ T9898] mkiss: ax0: crc mode is auto.
[  295.210648][   T30] audit: type=1800 audit(4294967488.421:70): pid=9906 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1077" name="members" dev="configfs" ino=26280 res=0 errno=0
[  295.244953][ T9900] bridge0: port 3(hsr0) entered blocking state
[  295.255576][ T9900] bridge0: port 3(hsr0) entered disabled state
[  295.262180][ T9900] hsr0: entered allmulticast mode
[  295.268376][ T9900] hsr_slave_0: entered allmulticast mode
[  295.274847][ T9900] hsr_slave_1: entered allmulticast mode
[  295.283337][ T9900] hsr0: entered promiscuous mode
[  295.289192][ T9900] bridge0: port 3(hsr0) entered blocking state
[  295.295655][ T9900] bridge0: port 3(hsr0) entered forwarding state
[  295.410502][ T5847] Bluetooth: hci0: command 0x0c1a tx timeout
[  295.420148][ T5847] Bluetooth: hci1: command 0x040f tx timeout
[  295.426882][ T5847] Bluetooth: hci3: command 0x0c1a tx timeout
[  295.434156][ T5844] Bluetooth: hci2: command 0x0c1a tx timeout
[  295.720265][ T9912] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1072'.
[  296.180069][ T9921] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1081'.
[  296.196059][ T9755] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  296.265017][ T9755] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  296.341024][ T9755] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  296.369050][ T9930] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1074'.
[  296.464996][ T9755] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  296.523618][ T9934] FAULT_INJECTION: forcing a failure.
[  296.523618][ T9934] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  296.576396][ T9934] CPU: 1 UID: 0 PID: 9934 Comm: syz.1.1075 Tainted: G     U              6.15.0-rc2-syzkaller-00042-g1a1d569a75f3 #0 PREEMPT(full) 
[  296.576449][ T9934] Tainted: [U]=USER
[  296.576458][ T9934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  296.576476][ T9934] Call Trace:
[  296.576486][ T9934]  <TASK>
[  296.576498][ T9934]  dump_stack_lvl+0x16c/0x1f0
[  296.576549][ T9934]  should_fail_ex+0x512/0x640
[  296.576599][ T9934]  _copy_from_user+0x2e/0xd0
[  296.576641][ T9934]  copy_msghdr_from_user+0x98/0x160
[  296.576686][ T9934]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  296.576749][ T9934]  ___sys_sendmsg+0xfe/0x1d0
[  296.576805][ T9934]  ? __pfx____sys_sendmsg+0x10/0x10
[  296.576894][ T9934]  __sys_sendmsg+0x16d/0x220
[  296.576936][ T9934]  ? __pfx___sys_sendmsg+0x10/0x10
[  296.576989][ T9934]  ? rcu_is_watching+0x12/0xc0
[  296.577039][ T9934]  do_syscall_64+0xcd/0x260
[  296.577089][ T9934]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  296.577125][ T9934] RIP: 0033:0x7fba96b8e169
[  296.577149][ T9934] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  296.577179][ T9934] RSP: 002b:00007fba97a0b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  296.577207][ T9934] RAX: ffffffffffffffda RBX: 00007fba96db5fa0 RCX: 00007fba96b8e169
[  296.577227][ T9934] RDX: 0000000000000080 RSI: 0000200000000c00 RDI: 0000000000000003
[  296.577245][ T9934] RBP: 00007fba97a0b090 R08: 0000000000000000 R09: 0000000000000000
[  296.577263][ T9934] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  296.577280][ T9934] R13: 0000000000000000 R14: 00007fba96db5fa0 R15: 00007ffe6f3dc308
[  296.577318][ T9934]  </TASK>
[  297.436061][ T9755] 8021q: adding VLAN 0 to HW filter on device bond0
[  297.479990][ T9755] 8021q: adding VLAN 0 to HW filter on device team0
[  297.489864][ T5847] Bluetooth: hci1: command 0x040f tx timeout
[  297.508294][ T9853] bridge0: port 1(bridge_slave_0) entered blocking state
[  297.516490][ T9853] bridge0: port 1(bridge_slave_0) entered forwarding state
[  297.601372][ T8410] bridge0: port 2(bridge_slave_1) entered blocking state
[  297.608561][ T8410] bridge0: port 2(bridge_slave_1) entered forwarding state
[  297.670374][   T30] audit: type=1326 audit(4294967490.881:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9950 comm="syz.0.1079" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f5ba2b8e169 code=0x0
[  298.359198][ T9970] mkiss: ax0: crc mode is auto.
[  298.559839][   T30] audit: type=1800 audit(4294967491.751:72): pid=9973 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1082" name="members" dev="configfs" ino=27245 res=0 errno=0
[  298.786117][ T9755] 8021q: adding VLAN 0 to HW filter on device batadv0
[  299.563331][T10002] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1085'.
[  299.569842][ T5847] Bluetooth: hci1: command 0x040f tx timeout
[  300.036367][ T9999] snd_dummy snd_dummy.0: control 16781581:65533:6:�'x?F���/��zF˷fC���:0 is already present
[  300.226169][T10016] FAULT_INJECTION: forcing a failure.
[  300.226169][T10016] name failslab, interval 1, probability 0, space 0, times 0
[  300.280488][T10016] CPU: 0 UID: 0 PID: 10016 Comm: syz.0.1087 Tainted: G     U              6.15.0-rc2-syzkaller-00042-g1a1d569a75f3 #0 PREEMPT(full) 
[  300.280535][T10016] Tainted: [U]=USER
[  300.280544][T10016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  300.280561][T10016] Call Trace:
[  300.280570][T10016]  <TASK>
[  300.280587][T10016]  dump_stack_lvl+0x16c/0x1f0
[  300.280653][T10016]  should_fail_ex+0x512/0x640
[  300.280688][T10016]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  300.280739][T10016]  should_failslab+0xc2/0x120
[  300.280768][T10016]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  300.280816][T10016]  ? __alloc_skb+0x2b2/0x380
[  300.280861][T10016]  __alloc_skb+0x2b2/0x380
[  300.280898][T10016]  ? __pfx___alloc_skb+0x10/0x10
[  300.280941][T10016]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  300.280985][T10016]  ? __lock_acquire+0xaa4/0x1ba0
[  300.281041][T10016]  netlink_alloc_large_skb+0x69/0x130
[  300.281089][T10016]  netlink_sendmsg+0x6a1/0xdd0
[  300.281142][T10016]  ? __pfx_netlink_sendmsg+0x10/0x10
[  300.281204][T10016]  ____sys_sendmsg+0xa95/0xc70
[  300.281234][T10016]  ? copy_msghdr_from_user+0x10a/0x160
[  300.281274][T10016]  ? __pfx_____sys_sendmsg+0x10/0x10
[  300.281321][T10016]  ___sys_sendmsg+0x134/0x1d0
[  300.281364][T10016]  ? __pfx____sys_sendmsg+0x10/0x10
[  300.281453][T10016]  __sys_sendmsg+0x16d/0x220
[  300.281494][T10016]  ? __pfx___sys_sendmsg+0x10/0x10
[  300.281561][T10016]  do_syscall_64+0xcd/0x260
[  300.281618][T10016]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  300.281648][T10016] RIP: 0033:0x7f5ba2b8e169
[  300.281672][T10016] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  300.281702][T10016] RSP: 002b:00007f5ba3ad9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  300.281731][T10016] RAX: ffffffffffffffda RBX: 00007f5ba2db5fa0 RCX: 00007f5ba2b8e169
[  300.281750][T10016] RDX: 0000000000000080 RSI: 0000200000000c00 RDI: 0000000000000003
[  300.281768][T10016] RBP: 00007f5ba3ad9090 R08: 0000000000000000 R09: 0000000000000000
[  300.281786][T10016] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  300.281803][T10016] R13: 0000000000000000 R14: 00007f5ba2db5fa0 R15: 00007ffd02194c28
[  300.281840][T10016]  </TASK>
[  300.577766][ T9755] veth0_vlan: entered promiscuous mode
[  300.601681][ T9755] veth1_vlan: entered promiscuous mode
[  300.890784][ T9755] veth0_macvtap: entered promiscuous mode
[  300.940316][ T9755] veth1_macvtap: entered promiscuous mode
[  301.022554][ T9755] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  301.035916][ T9755] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  301.048017][ T9755] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  301.063900][ T9755] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  301.077504][ T9755] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  301.096748][ T9755] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  301.134188][ T9755] batman_adv: batadv0: Interface activated: batadv_slave_0
[  301.211582][ T9755] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  301.247587][ T9755] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  301.280354][ T9755] batman_adv: batadv0: Interface activated: batadv_slave_1
[  301.355715][ T9755] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  301.413621][ T9755] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  301.448514][ T9755] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  301.469815][ T9755] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  301.648670][ T5847] Bluetooth: hci1: command 0x040f tx timeout
[  301.918800][ T9853] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  301.948339][ T9853] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  302.071158][ T9850] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  302.098225][ T9850] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  303.712522][ T5844] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  303.724267][ T5844] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  303.731412][   T55] Bluetooth: hci1: command 0x040f tx timeout
[  303.742361][ T5844] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  303.750840][ T5844] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  303.767143][ T5844] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  304.776548][T10069] chnl_net:caif_netlink_parms(): no params data found
[  305.532821][T10069] bridge0: port 1(bridge_slave_0) entered blocking state
[  305.569618][T10069] bridge0: port 1(bridge_slave_0) entered disabled state
[  305.607064][T10069] bridge_slave_0: entered allmulticast mode
[  305.615124][T10069] bridge_slave_0: entered promiscuous mode
[  305.648646][T10069] bridge0: port 2(bridge_slave_1) entered blocking state
[  305.666122][T10069] bridge0: port 2(bridge_slave_1) entered disabled state
[  305.689024][T10069] bridge_slave_1: entered allmulticast mode
[  305.709923][T10069] bridge_slave_1: entered promiscuous mode
[  305.821417][ T5847] Bluetooth: hci2: command tx timeout
[  305.867432][T10104] HSR: entered promiscuous mode
[  305.962597][T10069] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  306.020315][T10069] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  306.251987][T10069] team0: Port device team_slave_0 added
[  306.333280][T10069] team0: Port device team_slave_1 added
[  306.638637][T10069] batman_adv: batadv0: Adding interface: batadv_slave_0
[  306.645654][T10069] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  306.673352][T10069] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  306.689080][T10069] batman_adv: batadv0: Adding interface: batadv_slave_1
[  306.696217][T10069] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  306.722745][T10069] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  306.808806][T10121] mkiss: ax0: crc mode is auto.
[  306.823188][T10069] hsr_slave_0: entered promiscuous mode
[  306.839886][T10069] hsr_slave_1: entered promiscuous mode
[  306.850759][T10069] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  306.859489][T10069] Cannot create hsr debugfs directory
[  307.885404][ T5847] Bluetooth: hci2: command tx timeout
[  308.224223][T10069] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  308.277235][T10069] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  308.335585][T10069] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  308.399025][T10069] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  308.714299][T10069] 8021q: adding VLAN 0 to HW filter on device bond0
[  308.814556][T10069] 8021q: adding VLAN 0 to HW filter on device team0
[  308.851718][ T8409] bridge0: port 1(bridge_slave_0) entered blocking state
[  308.858979][ T8409] bridge0: port 1(bridge_slave_0) entered forwarding state
[  308.898963][ T8409] bridge0: port 2(bridge_slave_1) entered blocking state
[  308.906333][ T8409] bridge0: port 2(bridge_slave_1) entered forwarding state
[  309.967731][T10069] 8021q: adding VLAN 0 to HW filter on device batadv0
[  309.975653][ T5847] Bluetooth: hci2: command tx timeout
[  310.117032][T10178] mkiss: ax0: crc mode is auto.
[  310.202031][T10183] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1114'.
[  311.501775][T10069] veth0_vlan: entered promiscuous mode
[  311.537730][T10069] veth1_vlan: entered promiscuous mode
[  311.635285][T10069] veth0_macvtap: entered promiscuous mode
[  311.667068][T10069] veth1_macvtap: entered promiscuous mode
[  311.731083][T10069] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  311.750668][T10069] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  311.762174][T10069] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  311.787539][T10069] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  311.793474][T10201] program syz.1.1117 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  311.817947][T10069] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  311.830428][T10069] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  311.846020][T10069] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  311.867105][T10069] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  311.881677][T10069] batman_adv: batadv0: Interface activated: batadv_slave_0
[  311.945357][T10209] mkiss: ax0: crc mode is auto.
[  311.988185][T10069] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  312.044640][ T5847] Bluetooth: hci2: command tx timeout
[  312.058972][T10069] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  312.078558][T10069] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  312.099691][T10069] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  312.113316][   T30] audit: type=1800 audit(4294967505.328:73): pid=10209 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1119" name="members" dev="configfs" ino=28967 res=0 errno=0
[  312.136140][T10069] batman_adv: batadv0: Interface activated: batadv_slave_1
[  312.147385][T10069] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  312.156734][T10069] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  312.165721][T10069] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  312.174635][T10069] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  312.416083][ T8409] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  312.456125][ T8409] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  312.551733][ T8409] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  312.594053][ T8409] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  312.672372][T10220] mkiss: ax0: crc mode is auto.
[  312.854384][   T30] audit: type=1800 audit(4294967506.078:74): pid=10228 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1122" name="members" dev="configfs" ino=28985 res=0 errno=0
[  312.962264][T10230] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1093'.
[  312.973748][T10230] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1093'.
[  312.985792][T10230] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1093'.
[  313.043492][T10230] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1093'.
[  313.100190][T10230] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1093'.
[  313.531830][T10249] mkiss: ax0: crc mode is auto.
[  313.558379][   T30] audit: type=1800 audit(4294967506.779:75): pid=10237 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1124" name="members" dev="configfs" ino=29013 res=0 errno=0
[  313.638409][T10232] snd_dummy snd_dummy.0: control 16781581:65533:6:�'x?F���/��zF˷fC���:0 is already present
[  314.311307][T10263] FAULT_INJECTION: forcing a failure.
[  314.311307][T10263] name failslab, interval 1, probability 0, space 0, times 0
[  314.359981][T10265] mkiss: ax0: crc mode is auto.
[  314.399056][T10263] CPU: 1 UID: 0 PID: 10263 Comm: syz.1.1128 Tainted: G     U              6.15.0-rc2-syzkaller-00042-g1a1d569a75f3 #0 PREEMPT(full) 
[  314.399114][T10263] Tainted: [U]=USER
[  314.399124][T10263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  314.399143][T10263] Call Trace:
[  314.399153][T10263]  <TASK>
[  314.399165][T10263]  dump_stack_lvl+0x16c/0x1f0
[  314.399220][T10263]  should_fail_ex+0x512/0x640
[  314.399256][T10263]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  314.399320][T10263]  should_failslab+0xc2/0x120
[  314.399352][T10263]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  314.399398][T10263]  ? __proc_create+0xc3/0x8c0
[  314.399429][T10263]  ? __proc_create+0x2ce/0x8c0
[  314.399466][T10263]  __proc_create+0x2ce/0x8c0
[  314.399501][T10263]  ? __pfx___proc_create+0x10/0x10
[  314.399542][T10263]  ? _raw_write_unlock+0x28/0x50
[  314.399581][T10263]  ? proc_register+0x314/0x5f0
[  314.399620][T10263]  proc_create_reg+0x7d/0x180
[  314.399659][T10263]  proc_create_data+0x86/0x110
[  314.399694][T10263]  ? __pfx_proc_create_data+0x10/0x10
[  314.399733][T10263]  ? cache_register_net+0x137/0x5e0
[  314.399779][T10263]  cache_register_net+0x2d6/0x5e0
[  314.399821][T10263]  unix_gid_cache_create+0x8b/0x130
[  314.399859][T10263]  ? __pfx_sunrpc_init_net+0x10/0x10
[  314.399887][T10263]  sunrpc_init_net+0x71/0x190
[  314.399918][T10263]  ops_init+0x1df/0x5f0
[  314.399966][T10263]  setup_net+0x21e/0x850
[  314.400014][T10263]  ? __pfx_setup_net+0x10/0x10
[  314.400057][T10263]  ? lockdep_init_map_type+0x5c/0x280
[  314.400106][T10263]  ? __pfx_down_read_killable+0x10/0x10
[  314.400143][T10263]  ? debug_mutex_init+0x37/0x70
[  314.400190][T10263]  copy_net_ns+0x2a6/0x5f0
[  314.400244][T10263]  create_new_namespaces+0x3ea/0xad0
[  314.400313][T10263]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  314.400366][T10263]  ksys_unshare+0x45b/0xa40
[  314.400419][T10263]  ? __pfx_ksys_unshare+0x10/0x10
[  314.400480][T10263]  ? xfd_validate_state+0x5d/0x180
[  314.400517][T10263]  ? rcu_is_watching+0x12/0xc0
[  314.400566][T10263]  __x64_sys_unshare+0x31/0x40
[  314.400632][T10263]  do_syscall_64+0xcd/0x260
[  314.400684][T10263]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  314.400718][T10263] RIP: 0033:0x7fba96b8e169
[  314.400742][T10263] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  314.400774][T10263] RSP: 002b:00007fba97a0b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  314.400805][T10263] RAX: ffffffffffffffda RBX: 00007fba96db5fa0 RCX: 00007fba96b8e169
[  314.400826][T10263] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  314.400845][T10263] RBP: 00007fba96c10a68 R08: 0000000000000000 R09: 0000000000000000
[  314.400864][T10263] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  314.400882][T10263] R13: 0000000000000000 R14: 00007fba96db5fa0 R15: 00007ffe6f3dc308
[  314.400922][T10263]  </TASK>
[  314.821725][   T30] audit: type=1800 audit(4294967297.630:76): pid=10270 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1129" name="members" dev="configfs" ino=28630 res=0 errno=0
[  314.911198][   T30] audit: type=1800 audit(4294967297.720:77): pid=10269 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.1130" name="members" dev="configfs" ino=29043 res=0 errno=0
[  315.271938][T10283] netlink: 330 bytes leftover after parsing attributes in process `syz.4.1133'.
[  315.285022][T10283] mac80211_hwsim hwsim15 : renamed from wlan0 (while UP)
[  315.306453][T10287] FAULT_INJECTION: forcing a failure.
[  315.306453][T10287] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  315.321743][T10287] CPU: 0 UID: 0 PID: 10287 Comm: syz.5.1134 Tainted: G     U              6.15.0-rc2-syzkaller-00042-g1a1d569a75f3 #0 PREEMPT(full) 
[  315.321794][T10287] Tainted: [U]=USER
[  315.321804][T10287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  315.321822][T10287] Call Trace:
[  315.321832][T10287]  <TASK>
[  315.321843][T10287]  dump_stack_lvl+0x16c/0x1f0
[  315.321893][T10287]  should_fail_ex+0x512/0x640
[  315.321935][T10287]  _copy_from_iter+0x2a4/0x15b0
[  315.321980][T10287]  ? __alloc_skb+0x200/0x380
[  315.322020][T10287]  ? __pfx__copy_from_iter+0x10/0x10
[  315.322066][T10287]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  315.322111][T10287]  ? __lock_acquire+0xaa4/0x1ba0
[  315.322169][T10287]  netlink_sendmsg+0x829/0xdd0
[  315.322224][T10287]  ? __pfx_netlink_sendmsg+0x10/0x10
[  315.322288][T10287]  ____sys_sendmsg+0xa95/0xc70
[  315.322320][T10287]  ? copy_msghdr_from_user+0x10a/0x160
[  315.322362][T10287]  ? __pfx_____sys_sendmsg+0x10/0x10
[  315.322413][T10287]  ___sys_sendmsg+0x134/0x1d0
[  315.322457][T10287]  ? __pfx____sys_sendmsg+0x10/0x10
[  315.322556][T10287]  __sys_sendmsg+0x16d/0x220
[  315.322598][T10287]  ? __pfx___sys_sendmsg+0x10/0x10
[  315.322654][T10287]  ? rcu_is_watching+0x12/0xc0
[  315.322706][T10287]  do_syscall_64+0xcd/0x260
[  315.322756][T10287]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  315.322789][T10287] RIP: 0033:0x7f72e3f8e169
[  315.322813][T10287] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  315.322844][T10287] RSP: 002b:00007f72e4da3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  315.322872][T10287] RAX: ffffffffffffffda RBX: 00007f72e41b5fa0 RCX: 00007f72e3f8e169
[  315.322892][T10287] RDX: 0000000000000080 RSI: 0000200000000c00 RDI: 0000000000000003
[  315.322911][T10287] RBP: 00007f72e4da3090 R08: 0000000000000000 R09: 0000000000000000
[  315.322929][T10287] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  315.322946][T10287] R13: 0000000000000000 R14: 00007f72e41b5fa0 R15: 00007fffd4d8d908
[  315.322985][T10287]  </TASK>
[  315.431230][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805fc1c000: rx timeout, send abort
[  315.542260][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88805fc1c000: 0x40000: (3) A timeout occurred and this is the connection abort to close the session.
[  315.845558][T10298] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1136'.
[  315.873874][T10298] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1136'.
[  315.922431][T10298] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1136'.
[  315.993601][T10298] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1136'.
[  316.152537][T10298] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1136'.
[  317.393077][T10300] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  317.399392][T10300] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  317.408604][T10300] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  317.416400][T10300] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  317.423022][T10300] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  317.513474][T10300] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  317.779158][T10331] kexec: Could not allocate control_code_buffer
[  317.966504][ T5847] Bluetooth: hci0: command 0x0c1a tx timeout
[  317.976361][T10322] Process accounting paused
[  318.097507][T10346] FAULT_INJECTION: forcing a failure.
[  318.097507][T10346] name failslab, interval 1, probability 0, space 0, times 0
[  318.111545][T10346] CPU: 0 UID: 0 PID: 10346 Comm: syz.3.1147 Tainted: G     U              6.15.0-rc2-syzkaller-00042-g1a1d569a75f3 #0 PREEMPT(full) 
[  318.111596][T10346] Tainted: [U]=USER
[  318.111606][T10346] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  318.111624][T10346] Call Trace:
[  318.111634][T10346]  <TASK>
[  318.111646][T10346]  dump_stack_lvl+0x16c/0x1f0
[  318.111698][T10346]  should_fail_ex+0x512/0x640
[  318.111742][T10346]  should_failslab+0xc2/0x120
[  318.111773][T10346]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  318.111824][T10346]  ? skb_clone+0x190/0x3f0
[  318.111873][T10346]  skb_clone+0x190/0x3f0
[  318.111918][T10346]  netlink_deliver_tap+0xabd/0xd30
[  318.111975][T10346]  netlink_unicast+0x5df/0x7f0
[  318.112028][T10346]  ? __pfx_netlink_unicast+0x10/0x10
[  318.112078][T10346]  ? __lock_acquire+0xaa4/0x1ba0
[  318.112140][T10346]  netlink_sendmsg+0x8d1/0xdd0
[  318.112195][T10346]  ? __pfx_netlink_sendmsg+0x10/0x10
[  318.112267][T10346]  ____sys_sendmsg+0xa95/0xc70
[  318.112297][T10346]  ? copy_msghdr_from_user+0x10a/0x160
[  318.112341][T10346]  ? __pfx_____sys_sendmsg+0x10/0x10
[  318.112390][T10346]  ___sys_sendmsg+0x134/0x1d0
[  318.112434][T10346]  ? __pfx____sys_sendmsg+0x10/0x10
[  318.112527][T10346]  __sys_sendmsg+0x16d/0x220
[  318.112569][T10346]  ? __pfx___sys_sendmsg+0x10/0x10
[  318.112625][T10346]  ? rcu_is_watching+0x12/0xc0
[  318.112676][T10346]  do_syscall_64+0xcd/0x260
[  318.112726][T10346]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  318.112756][T10346] RIP: 0033:0x7fb27af8e169
[  318.112778][T10346] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  318.112809][T10346] RSP: 002b:00007fb27beb0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  318.112838][T10346] RAX: ffffffffffffffda RBX: 00007fb27b1b5fa0 RCX: 00007fb27af8e169
[  318.112870][T10346] RDX: 0000000000000080 RSI: 0000200000000c00 RDI: 0000000000000003
[  318.112888][T10346] RBP: 00007fb27beb0090 R08: 0000000000000000 R09: 0000000000000000
[  318.112905][T10346] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  318.112922][T10346] R13: 0000000000000000 R14: 00007fb27b1b5fa0 R15: 00007ffdc62047d8
[  318.112959][T10346]  </TASK>
[  318.330759][    C0] vkms_vblank_simulate: vblank timer overrun
[  318.356229][T10346] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1147'.
[  319.482249][ T5847] Bluetooth: hci2: command 0x0c1a tx timeout
[  319.488454][ T5847] Bluetooth: hci1: command 0x040f tx timeout
[  319.497417][ T5844] Bluetooth: hci3: command 0x0c1a tx timeout
[  319.600000][T10370] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1155'.
[  320.029841][T10386] netlink: 'syz.1.1158': attribute type 5 has an invalid length.
[  320.037961][T10386] netlink: 314 bytes leftover after parsing attributes in process `syz.1.1158'.
[  320.217471][T10387] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1159'.
[  320.487394][T10394] FAULT_INJECTION: forcing a failure.
[  320.487394][T10394] name failslab, interval 1, probability 0, space 0, times 0
[  320.542235][T10394] CPU: 0 UID: 0 PID: 10394 Comm: syz.1.1160 Tainted: G     U              6.15.0-rc2-syzkaller-00042-g1a1d569a75f3 #0 PREEMPT(full) 
[  320.542286][T10394] Tainted: [U]=USER
[  320.542296][T10394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  320.542313][T10394] Call Trace:
[  320.542324][T10394]  <TASK>
[  320.542335][T10394]  dump_stack_lvl+0x16c/0x1f0
[  320.542405][T10394]  should_fail_ex+0x512/0x640
[  320.542452][T10394]  ? __kmalloc_noprof+0xbf/0x510
[  320.542501][T10394]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  320.542536][T10394]  should_failslab+0xc2/0x120
[  320.542565][T10394]  __kmalloc_noprof+0xd2/0x510
[  320.542611][T10394]  ? kasan_quarantine_put+0x10a/0x240
[  320.542682][T10394]  genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  320.542720][T10394]  ? kfree_skbmem+0x1a4/0x1f0
[  320.542756][T10394]  genl_family_rcv_msg_doit+0xbf/0x2f0
[  320.542799][T10394]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  320.542832][T10394]  ? genl_get_cmd+0x194/0x580
[  320.542895][T10394]  ? __local_bh_enable_ip+0xa4/0x120
[  320.542937][T10394]  ? __dev_queue_xmit+0x896/0x43e0
[  320.542971][T10394]  ? __radix_tree_lookup+0x21f/0x2c0
[  320.543021][T10394]  genl_rcv_msg+0x55c/0x800
[  320.543058][T10394]  ? __pfx_genl_rcv_msg+0x10/0x10
[  320.543087][T10394]  ? __pfx___dev_queue_xmit+0x10/0x10
[  320.543122][T10394]  ? __pfx_ovs_meter_cmd_features+0x10/0x10
[  320.543175][T10394]  ? __lock_acquire+0xaa4/0x1ba0
[  320.543235][T10394]  netlink_rcv_skb+0x16a/0x440
[  320.543283][T10394]  ? __pfx_genl_rcv_msg+0x10/0x10
[  320.543317][T10394]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  320.543387][T10394]  ? __pfx_down_read+0x10/0x10
[  320.543418][T10394]  ? netlink_deliver_tap+0x1ae/0xd30
[  320.543471][T10394]  genl_rcv+0x28/0x40
[  320.543497][T10394]  netlink_unicast+0x53a/0x7f0
[  320.543550][T10394]  ? __pfx_netlink_unicast+0x10/0x10
[  320.543594][T10394]  ? __lock_acquire+0xaa4/0x1ba0
[  320.543655][T10394]  netlink_sendmsg+0x8d1/0xdd0
[  320.543710][T10394]  ? __pfx_netlink_sendmsg+0x10/0x10
[  320.543782][T10394]  ____sys_sendmsg+0xa95/0xc70
[  320.543815][T10394]  ? copy_msghdr_from_user+0x10a/0x160
[  320.543859][T10394]  ? __pfx_____sys_sendmsg+0x10/0x10
[  320.543910][T10394]  ___sys_sendmsg+0x134/0x1d0
[  320.543956][T10394]  ? __pfx____sys_sendmsg+0x10/0x10
[  320.544052][T10394]  __sys_sendmsg+0x16d/0x220
[  320.544096][T10394]  ? __pfx___sys_sendmsg+0x10/0x10
[  320.544152][T10394]  ? rcu_is_watching+0x12/0xc0
[  320.544205][T10394]  do_syscall_64+0xcd/0x260
[  320.544258][T10394]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  320.544291][T10394] RIP: 0033:0x7fba96b8e169
[  320.544315][T10394] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  320.544347][T10394] RSP: 002b:00007fba97a0b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  320.544376][T10394] RAX: ffffffffffffffda RBX: 00007fba96db5fa0 RCX: 00007fba96b8e169
[  320.544398][T10394] RDX: 0000000000000080 RSI: 0000200000000c00 RDI: 0000000000000003
[  320.544417][T10394] RBP: 00007fba97a0b090 R08: 0000000000000000 R09: 0000000000000000
[  320.544435][T10394] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  320.544454][T10394] R13: 0000000000000000 R14: 00007fba96db5fa0 R15: 00007ffe6f3dc308
[  320.544495][T10394]  </TASK>
[  320.871304][    C0] vkms_vblank_simulate: vblank timer overrun
[  321.057810][T10401] FAULT_INJECTION: forcing a failure.
[  321.057810][T10401] name failslab, interval 1, probability 0, space 0, times 0
[  321.070736][T10401] CPU: 0 UID: 0 PID: 10401 Comm: syz.3.1161 Tainted: G     U              6.15.0-rc2-syzkaller-00042-g1a1d569a75f3 #0 PREEMPT(full) 
[  321.070791][T10401] Tainted: [U]=USER
[  321.070802][T10401] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  321.070821][T10401] Call Trace:
[  321.070831][T10401]  <TASK>
[  321.070843][T10401]  dump_stack_lvl+0x16c/0x1f0
[  321.070910][T10401]  should_fail_ex+0x512/0x640
[  321.070947][T10401]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[  321.071006][T10401]  should_failslab+0xc2/0x120
[  321.071036][T10401]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  321.071090][T10401]  ? cache_create_net+0x2b/0x220
[  321.071130][T10401]  kmemdup_noprof+0x29/0x60
[  321.071163][T10401]  cache_create_net+0x2b/0x220
[  321.071202][T10401]  unix_gid_cache_create+0x60/0x130
[  321.071242][T10401]  ? __pfx_sunrpc_init_net+0x10/0x10
[  321.071272][T10401]  sunrpc_init_net+0x71/0x190
[  321.071304][T10401]  ops_init+0x1df/0x5f0
[  321.071355][T10401]  setup_net+0x21e/0x850
[  321.071404][T10401]  ? __pfx_setup_net+0x10/0x10
[  321.071448][T10401]  ? lockdep_init_map_type+0x5c/0x280
[  321.071481][T10401]  ? __pfx_down_read_killable+0x10/0x10
[  321.071518][T10401]  ? debug_mutex_init+0x37/0x70
[  321.071563][T10401]  copy_net_ns+0x2a6/0x5f0
[  321.071616][T10401]  create_new_namespaces+0x3ea/0xad0
[  321.071672][T10401]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  321.071731][T10401]  ksys_unshare+0x45b/0xa40
[  321.071783][T10401]  ? __pfx_ksys_unshare+0x10/0x10
[  321.071830][T10401]  ? xfd_validate_state+0x5d/0x180
[  321.071869][T10401]  ? rcu_is_watching+0x12/0xc0
[  321.071919][T10401]  __x64_sys_unshare+0x31/0x40
[  321.071969][T10401]  do_syscall_64+0xcd/0x260
[  321.072021][T10401]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  321.072055][T10401] RIP: 0033:0x7fb27af8e169
[  321.072080][T10401] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  321.072110][T10401] RSP: 002b:00007fb27beb0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  321.072138][T10401] RAX: ffffffffffffffda RBX: 00007fb27b1b5fa0 RCX: 00007fb27af8e169
[  321.072158][T10401] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  321.072176][T10401] RBP: 00007fb27b010a68 R08: 0000000000000000 R09: 0000000000000000
[  321.072194][T10401] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  321.072212][T10401] R13: 0000000000000000 R14: 00007fb27b1b5fa0 R15: 00007ffdc62047d8
[  321.072251][T10401]  </TASK>
[  321.316280][    C0] vkms_vblank_simulate: vblank timer overrun
[  321.563051][ T5844] Bluetooth: hci2: command 0x0c1a tx timeout
[  322.288312][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  322.299079][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  322.308867][T10436] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1170'.
[  322.318468][T10436] FAULT_INJECTION: forcing a failure.
[  322.318468][T10436] name failslab, interval 1, probability 0, space 0, times 0
[  322.337919][T10436] CPU: 0 UID: 0 PID: 10436 Comm: syz.3.1170 Tainted: G     U              6.15.0-rc2-syzkaller-00042-g1a1d569a75f3 #0 PREEMPT(full) 
[  322.337972][T10436] Tainted: [U]=USER
[  322.337983][T10436] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  322.338001][T10436] Call Trace:
[  322.338010][T10436]  <TASK>
[  322.338021][T10436]  dump_stack_lvl+0x16c/0x1f0
[  322.338071][T10436]  should_fail_ex+0x512/0x640
[  322.338131][T10436]  should_failslab+0xc2/0x120
[  322.338161][T10436]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  322.338211][T10436]  ? __alloc_skb+0x2b2/0x380
[  322.338258][T10436]  __alloc_skb+0x2b2/0x380
[  322.338300][T10436]  ? __pfx___alloc_skb+0x10/0x10
[  322.338356][T10436]  ovs_meter_cmd_reply_start+0x55/0x1f0
[  322.338409][T10436]  ovs_meter_cmd_features+0xaf/0x6a0
[  322.338458][T10436]  ? __pfx_ovs_meter_cmd_features+0x10/0x10
[  322.338510][T10436]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  322.338545][T10436]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  322.338588][T10436]  genl_family_rcv_msg_doit+0x206/0x2f0
[  322.338624][T10436]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  322.338657][T10436]  ? genl_get_cmd+0x194/0x580
[  322.338718][T10436]  ? __local_bh_enable_ip+0xa4/0x120
[  322.338760][T10436]  ? __dev_queue_xmit+0x896/0x43e0
[  322.338794][T10436]  ? __radix_tree_lookup+0x21f/0x2c0
[  322.338852][T10436]  genl_rcv_msg+0x55c/0x800
[  322.338888][T10436]  ? __pfx_genl_rcv_msg+0x10/0x10
[  322.338917][T10436]  ? __pfx___dev_queue_xmit+0x10/0x10
[  322.338952][T10436]  ? __pfx_ovs_meter_cmd_features+0x10/0x10
[  322.339004][T10436]  ? __lock_acquire+0xaa4/0x1ba0
[  322.339064][T10436]  netlink_rcv_skb+0x16a/0x440
[  322.339114][T10436]  ? __pfx_genl_rcv_msg+0x10/0x10
[  322.339147][T10436]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  322.339218][T10436]  ? __pfx_down_read+0x10/0x10
[  322.339249][T10436]  ? netlink_deliver_tap+0x1ae/0xd30
[  322.339300][T10436]  genl_rcv+0x28/0x40
[  322.339326][T10436]  netlink_unicast+0x53a/0x7f0
[  322.339379][T10436]  ? __pfx_netlink_unicast+0x10/0x10
[  322.339423][T10436]  ? __lock_acquire+0xaa4/0x1ba0
[  322.339484][T10436]  netlink_sendmsg+0x8d1/0xdd0
[  322.339540][T10436]  ? __pfx_netlink_sendmsg+0x10/0x10
[  322.339603][T10436]  ____sys_sendmsg+0xa95/0xc70
[  322.339635][T10436]  ? copy_msghdr_from_user+0x10a/0x160
[  322.339678][T10436]  ? __pfx_____sys_sendmsg+0x10/0x10
[  322.339729][T10436]  ___sys_sendmsg+0x134/0x1d0
[  322.339773][T10436]  ? __pfx____sys_sendmsg+0x10/0x10
[  322.339876][T10436]  __sys_sendmsg+0x16d/0x220
[  322.339919][T10436]  ? __pfx___sys_sendmsg+0x10/0x10
[  322.339975][T10436]  ? rcu_is_watching+0x12/0xc0
[  322.340027][T10436]  do_syscall_64+0xcd/0x260
[  322.340078][T10436]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  322.340110][T10436] RIP: 0033:0x7fb27af8e169
[  322.340134][T10436] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  322.340163][T10436] RSP: 002b:00007fb27beb0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  322.340191][T10436] RAX: ffffffffffffffda RBX: 00007fb27b1b5fa0 RCX: 00007fb27af8e169
[  322.340212][T10436] RDX: 0000000000000080 RSI: 0000200000000c00 RDI: 0000000000000003
[  322.340232][T10436] RBP: 00007fb27beb0090 R08: 0000000000000000 R09: 0000000000000000
[  322.340251][T10436] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  322.340270][T10436] R13: 0000000000000000 R14: 00007fb27b1b5fa0 R15: 00007ffdc62047d8
[  322.340311][T10436]  </TASK>
[  323.220988][T10443] Invalid ELF header magic: != ELF
[  323.655813][ T5844] Bluetooth: hci2: command 0x0c1a tx timeout
[  324.196810][T10480] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1177'.
[  324.284888][T10485] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1177'.
[  324.464832][T10485] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1177'.
[  324.475082][T10485] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1177'.
[  324.484922][T10485] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1177'.
[  324.684159][T10490] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1179'.
[  325.507456][T10523] sysfs_service_op_show: Client not running :-5:
[  325.636820][T10527] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1188'.
[  325.686395][T10527] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1188'.
[  325.709373][T10527] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1188'.
[  326.090647][T10539] FAULT_INJECTION: forcing a failure.
[  326.090647][T10539] name failslab, interval 1, probability 0, space 0, times 0
[  326.125010][T10539] CPU: 0 UID: 0 PID: 10539 Comm: syz.5.1190 Tainted: G     U              6.15.0-rc2-syzkaller-00042-g1a1d569a75f3 #0 PREEMPT(full) 
[  326.125062][T10539] Tainted: [U]=USER
[  326.125071][T10539] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  326.125090][T10539] Call Trace:
[  326.125099][T10539]  <TASK>
[  326.125111][T10539]  dump_stack_lvl+0x16c/0x1f0
[  326.125163][T10539]  should_fail_ex+0x512/0x640
[  326.125198][T10539]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  326.125253][T10539]  should_failslab+0xc2/0x120
[  326.125282][T10539]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  326.125331][T10539]  ? __alloc_skb+0x2b2/0x380
[  326.125379][T10539]  __alloc_skb+0x2b2/0x380
[  326.125419][T10539]  ? __pfx___alloc_skb+0x10/0x10
[  326.125459][T10539]  ? genl_rcv_msg+0x4c0/0x800
[  326.125487][T10539]  ? genl_rcv_msg+0x4bb/0x800
[  326.125539][T10539]  netlink_ack+0x15d/0xb80
[  326.125589][T10539]  ? __lock_acquire+0xaa4/0x1ba0
[  326.125648][T10539]  netlink_rcv_skb+0x347/0x440
[  326.125694][T10539]  ? __pfx_genl_rcv_msg+0x10/0x10
[  326.125725][T10539]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  326.125790][T10539]  ? __pfx_down_read+0x10/0x10
[  326.125819][T10539]  ? netlink_deliver_tap+0x1ae/0xd30
[  326.125869][T10539]  genl_rcv+0x28/0x40
[  326.125894][T10539]  netlink_unicast+0x53a/0x7f0
[  326.125956][T10539]  ? __pfx_netlink_unicast+0x10/0x10
[  326.126000][T10539]  ? __lock_acquire+0xaa4/0x1ba0
[  326.126056][T10539]  netlink_sendmsg+0x8d1/0xdd0
[  326.126107][T10539]  ? __pfx_netlink_sendmsg+0x10/0x10
[  326.126168][T10539]  ____sys_sendmsg+0xa95/0xc70
[  326.126198][T10539]  ? copy_msghdr_from_user+0x10a/0x160
[  326.126240][T10539]  ? __pfx_____sys_sendmsg+0x10/0x10
[  326.126287][T10539]  ___sys_sendmsg+0x134/0x1d0
[  326.126330][T10539]  ? __pfx____sys_sendmsg+0x10/0x10
[  326.126421][T10539]  __sys_sendmsg+0x16d/0x220
[  326.126463][T10539]  ? __pfx___sys_sendmsg+0x10/0x10
[  326.126515][T10539]  ? rcu_is_watching+0x12/0xc0
[  326.126573][T10539]  do_syscall_64+0xcd/0x260
[  326.126623][T10539]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  326.126653][T10539] RIP: 0033:0x7f72e3f8e169
[  326.126677][T10539] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  326.126707][T10539] RSP: 002b:00007f72e4da3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  326.126736][T10539] RAX: ffffffffffffffda RBX: 00007f72e41b5fa0 RCX: 00007f72e3f8e169
[  326.126756][T10539] RDX: 0000000000000080 RSI: 0000200000000c00 RDI: 0000000000000003
[  326.126775][T10539] RBP: 00007f72e4da3090 R08: 0000000000000000 R09: 0000000000000000
[  326.126792][T10539] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  326.126809][T10539] R13: 0000000000000000 R14: 00007f72e41b5fa0 R15: 00007fffd4d8d908
[  326.126848][T10539]  </TASK>
[  326.938940][T10563] snd_dummy snd_dummy.0: control 16781581:65533:6:�'x?F���/��zF˷fC���:0 is already present
[  327.382518][T10579] __nla_validate_parse: 8 callbacks suppressed
[  327.382540][T10579] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1201'.
[  327.435108][T10579] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1201'.
[  327.480536][T10579] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1201'.
[  327.515930][T10579] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1201'.
[  327.595423][T10579] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1201'.
[  330.867743][T10666] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1217'.
[  330.868528][T10666] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1217'.
[  330.868841][T10666] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1217'.
[  330.869143][T10666] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1217'.
[  330.869428][T10666] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1217'.
[  332.594832][T10704] sysfs_service_op_show: Client not running :-5:
[  333.295144][T10711] FAULT_INJECTION: forcing a failure.
[  333.295144][T10711] name failslab, interval 1, probability 0, space 0, times 0
[  333.316017][T10713] FAULT_INJECTION: forcing a failure.
[  333.316017][T10713] name failslab, interval 1, probability 0, space 0, times 0
[  333.373432][T10711] CPU: 0 UID: 0 PID: 10711 Comm: syz.1.1227 Tainted: G     U              6.15.0-rc2-syzkaller-00042-g1a1d569a75f3 #0 PREEMPT(full) 
[  333.373481][T10711] Tainted: [U]=USER
[  333.373490][T10711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  333.373508][T10711] Call Trace:
[  333.373518][T10711]  <TASK>
[  333.373529][T10711]  dump_stack_lvl+0x16c/0x1f0
[  333.373578][T10711]  should_fail_ex+0x512/0x640
[  333.373613][T10711]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  333.373662][T10711]  should_failslab+0xc2/0x120
[  333.373690][T10711]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  333.373734][T10711]  ? __proc_create+0xc3/0x8c0
[  333.373764][T10711]  ? __proc_create+0x2ce/0x8c0
[  333.373800][T10711]  __proc_create+0x2ce/0x8c0
[  333.373839][T10711]  ? __pfx___proc_create+0x10/0x10
[  333.373876][T10711]  ? _raw_write_unlock+0x28/0x50
[  333.373917][T10711]  ? proc_register+0x314/0x5f0
[  333.373955][T10711]  proc_create_reg+0x7d/0x180
[  333.373993][T10711]  proc_create_net_data+0x8e/0x1b0
[  333.374027][T10711]  ? __pfx_proc_create_net_data+0x10/0x10
[  333.374073][T10711]  nfs_fs_proc_net_init+0xf3/0x1e0
[  333.374120][T10711]  nfs_net_init+0x130/0x300
[  333.374163][T10711]  ? __pfx_nfs_net_init+0x10/0x10
[  333.374201][T10711]  ops_init+0x1df/0x5f0
[  333.374248][T10711]  setup_net+0x21e/0x850
[  333.374293][T10711]  ? __pfx_setup_net+0x10/0x10
[  333.374333][T10711]  ? lockdep_init_map_type+0x5c/0x280
[  333.374362][T10711]  ? __pfx_down_read_killable+0x10/0x10
[  333.374396][T10711]  ? debug_mutex_init+0x37/0x70
[  333.374436][T10711]  copy_net_ns+0x2a6/0x5f0
[  333.374491][T10711]  create_new_namespaces+0x3ea/0xad0
[  333.374543][T10711]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  333.374589][T10711]  ksys_unshare+0x45b/0xa40
[  333.374635][T10711]  ? __pfx_ksys_unshare+0x10/0x10
[  333.374677][T10711]  ? xfd_validate_state+0x5d/0x180
[  333.374712][T10711]  ? rcu_is_watching+0x12/0xc0
[  333.374798][T10711]  __x64_sys_unshare+0x31/0x40
[  333.374861][T10711]  do_syscall_64+0xcd/0x260
[  333.374915][T10711]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  333.374948][T10711] RIP: 0033:0x7fba96b8e169
[  333.374974][T10711] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  333.375007][T10711] RSP: 002b:00007fba97a0b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  333.375038][T10711] RAX: ffffffffffffffda RBX: 00007fba96db5fa0 RCX: 00007fba96b8e169
[  333.375059][T10711] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  333.375077][T10711] RBP: 00007fba96c10a68 R08: 0000000000000000 R09: 0000000000000000
[  333.375096][T10711] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  333.375114][T10711] R13: 0000000000000000 R14: 00007fba96db5fa0 R15: 00007ffe6f3dc308
[  333.375156][T10711]  </TASK>
[  333.880807][T10711] ------------[ cut here ]------------
[  333.886762][T10711] remove_proc_entry: removing non-empty directory 'net/rpc', leaking at least 'nfs'
[  333.897327][T10711] WARNING: CPU: 0 PID: 10711 at fs/proc/generic.c:727 remove_proc_entry+0x45e/0x530
[  333.906930][T10711] Modules linked in:
[  333.907014][T10713] CPU: 1 UID: 0 PID: 10713 Comm: syz.4.1228 Tainted: G     U              6.15.0-rc2-syzkaller-00042-g1a1d569a75f3 #0 PREEMPT(full) 
[  333.907060][T10713] Tainted: [U]=USER
[  333.907069][T10713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  333.907085][T10713] Call Trace:
[  333.907095][T10713]  <TASK>
[  333.907106][T10713]  dump_stack_lvl+0x16c/0x1f0
[  333.907153][T10713]  should_fail_ex+0x512/0x640
[  333.907187][T10713]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  333.907243][T10713]  should_failslab+0xc2/0x120
[  333.907278][T10713]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  333.907330][T10713]  ? find_held_lock+0x2b/0x80
[  333.907374][T10713]  ? skb_clone+0x190/0x3f0
[  333.907425][T10713]  skb_clone+0x190/0x3f0
[  333.907475][T10713]  netlink_broadcast_filtered+0xb19/0xf10
[  333.907550][T10713]  ? sprintf+0xcc/0x100
[  333.907596][T10713]  ? __pfx_netlink_broadcast_filtered+0x10/0x10
[  333.907662][T10713]  ? netlink_has_listeners+0x20f/0x430
[  333.907718][T10713]  netlink_broadcast+0x39/0x50
[  333.907771][T10713]  kobject_uevent_env+0xc6a/0x1870
[  333.907828][T10713]  nfs_netns_sysfs_setup+0x16f/0x1f0
[  333.907875][T10713]  nfs_net_init+0x10a/0x300
[  333.907927][T10713]  ? __pfx_nfs_net_init+0x10/0x10
[  333.907973][T10713]  ops_init+0x1df/0x5f0
[  333.908027][T10713]  setup_net+0x21e/0x850
[  333.908080][T10713]  ? __pfx_setup_net+0x10/0x10
[  333.908126][T10713]  ? lockdep_init_map_type+0x5c/0x280
[  333.908160][T10713]  ? __pfx_down_read_killable+0x10/0x10
[  333.908199][T10713]  ? debug_mutex_init+0x37/0x70
[  333.908247][T10713]  copy_net_ns+0x2a6/0x5f0
[  333.908305][T10713]  create_new_namespaces+0x3ea/0xad0
[  333.908366][T10713]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  333.908420][T10713]  ksys_unshare+0x45b/0xa40
[  333.908475][T10713]  ? __pfx_ksys_unshare+0x10/0x10
[  333.908552][T10713]  ? xfd_validate_state+0x5d/0x180
[  333.908596][T10713]  ? rcu_is_watching+0x12/0xc0
[  333.908650][T10713]  __x64_sys_unshare+0x31/0x40
[  333.908706][T10713]  do_syscall_64+0xcd/0x260
[  333.908762][T10713]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  333.908796][T10713] RIP: 0033:0x7ff63418e169
[  333.908824][T10713] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  333.908858][T10713] RSP: 002b:00007ff634fa2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  333.908891][T10713] RAX: ffffffffffffffda RBX: 00007ff6343b5fa0 RCX: 00007ff63418e169
[  333.908915][T10713] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  333.908935][T10713] RBP: 00007ff634210a68 R08: 0000000000000000 R09: 0000000000000000
[  333.908956][T10713] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  333.908977][T10713] R13: 0000000000000000 R14: 00007ff6343b5fa0 R15: 00007fffdffcdf08
[  333.909021][T10713]  </TASK>
[  334.188657][T10711] CPU: 0 UID: 0 PID: 10711 Comm: syz.1.1227 Tainted: G     U              6.15.0-rc2-syzkaller-00042-g1a1d569a75f3 #0 PREEMPT(full) 
[  334.202989][T10711] Tainted: [U]=USER
[  334.206833][T10711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  334.217166][T10711] RIP: 0010:remove_proc_entry+0x45e/0x530
[  334.222995][T10711] Code: 3c 02 00 0f 85 85 00 00 00 48 8b 93 d8 00 00 00 4d 89 f0 4c 89 e9 48 c7 c6 80 6e a2 8b 48 c7 c7 a0 6d a2 8b e8 93 72 1f ff 90 <0f> 0b 90 90 e9 5f fe ff ff e8 e4 e0 5f ff 90 48 b8 00 00 00 00 00
[  334.243246][T10711] RSP: 0018:ffffc9000b43fb70 EFLAGS: 00010282
[  334.249379][T10711] RAX: 0000000000000000 RBX: ffff88806eee3dc0 RCX: ffffc9000c0c1000
[  334.257808][T10711] RDX: 0000000000080000 RSI: ffffffff817ad005 RDI: 0000000000000001
[  334.265914][T10711] RBP: ffff8880340d3200 R08: 0000000000000001 R09: 0000000000000000
[  334.273979][T10711] R10: 0000000000000001 R11: 0000000000000001 R12: ffff8880340d3140
[  334.281982][T10711] R13: ffff8880340d3224 R14: ffff8880340d3d64 R15: dffffc0000000000
[  334.290176][T10711] FS:  00007fba97a0b6c0(0000) GS:ffff8881249b7000(0000) knlGS:0000000000000000
[  334.299532][T10711] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  334.306495][T10711] CR2: 00007fb27bce56c0 CR3: 0000000078d96000 CR4: 00000000003526f0
[  334.314595][T10711] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  334.322646][T10711] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  334.331110][T10711] Call Trace:
[  334.334934][T10711]  <TASK>
[  334.337949][T10711]  ? __pfx_remove_proc_entry+0x10/0x10
[  334.343530][T10711]  ? kfree+0x2b6/0x4d0
[  334.347663][T10711]  ? cache_destroy_net+0x31/0x50
[  334.352685][T10711]  ? sunrpc_exit_net+0x37/0x90
[  334.357539][T10711]  sunrpc_exit_net+0x46/0x90
[  334.362222][T10711]  ? __pfx_sunrpc_exit_net+0x10/0x10
[  334.367551][T10711]  ops_exit_list+0xb0/0x180
[  334.372174][T10711]  setup_net+0x4e8/0x850
[  334.376471][T10711]  ? __pfx_setup_net+0x10/0x10
[  334.381395][T10711]  ? lockdep_init_map_type+0x5c/0x280
[  334.386854][T10711]  ? __pfx_down_read_killable+0x10/0x10
[  334.392498][T10711]  ? debug_mutex_init+0x37/0x70
[  334.397374][T10711]  copy_net_ns+0x2a6/0x5f0
[  334.402135][T10711]  create_new_namespaces+0x3ea/0xad0
[  334.407473][T10711]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  334.413330][T10711]  ksys_unshare+0x45b/0xa40
[  334.417871][T10711]  ? __pfx_ksys_unshare+0x10/0x10
[  334.422982][T10711]  ? xfd_validate_state+0x5d/0x180
[  334.428125][T10711]  ? rcu_is_watching+0x12/0xc0
[  334.433280][T10711]  __x64_sys_unshare+0x31/0x40
[  334.438098][T10711]  do_syscall_64+0xcd/0x260
[  334.442963][T10711]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  334.448885][T10711] RIP: 0033:0x7fba96b8e169
[  334.453369][T10711] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  334.473041][T10711] RSP: 002b:00007fba97a0b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  334.481478][T10711] RAX: ffffffffffffffda RBX: 00007fba96db5fa0 RCX: 00007fba96b8e169
[  334.489510][T10711] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  334.497528][T10711] RBP: 00007fba96c10a68 R08: 0000000000000000 R09: 0000000000000000
[  334.505847][T10711] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  334.514024][T10711] R13: 0000000000000000 R14: 00007fba96db5fa0 R15: 00007ffe6f3dc308
[  334.522018][T10711]  </TASK>
[  334.525092][T10711] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  334.532396][T10711] CPU: 0 UID: 0 PID: 10711 Comm: syz.1.1227 Tainted: G     U              6.15.0-rc2-syzkaller-00042-g1a1d569a75f3 #0 PREEMPT(full) 
[  334.546060][T10711] Tainted: [U]=USER
[  334.549863][T10711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  334.559921][T10711] Call Trace:
[  334.563204][T10711]  <TASK>
[  334.566137][T10711]  dump_stack_lvl+0x3d/0x1f0
[  334.570767][T10711]  panic+0x71c/0x800
[  334.574690][T10711]  ? __pfx_panic+0x10/0x10
[  334.579119][T10711]  ? show_trace_log_lvl+0x29b/0x3e0
[  334.584365][T10711]  ? remove_proc_entry+0x45e/0x530
[  334.589520][T10711]  check_panic_on_warn+0xab/0xb0
[  334.594471][T10711]  __warn+0xf6/0x3c0
[  334.598378][T10711]  ? preempt_schedule_notrace+0x62/0xe0
[  334.603946][T10711]  ? remove_proc_entry+0x45e/0x530
[  334.609080][T10711]  report_bug+0x3c3/0x580
[  334.613434][T10711]  ? remove_proc_entry+0x45e/0x530
[  334.618564][T10711]  handle_bug+0x184/0x210
[  334.622918][T10711]  exc_invalid_op+0x17/0x50
[  334.627434][T10711]  asm_exc_invalid_op+0x1a/0x20
[  334.632297][T10711] RIP: 0010:remove_proc_entry+0x45e/0x530
[  334.638037][T10711] Code: 3c 02 00 0f 85 85 00 00 00 48 8b 93 d8 00 00 00 4d 89 f0 4c 89 e9 48 c7 c6 80 6e a2 8b 48 c7 c7 a0 6d a2 8b e8 93 72 1f ff 90 <0f> 0b 90 90 e9 5f fe ff ff e8 e4 e0 5f ff 90 48 b8 00 00 00 00 00
[  334.657666][T10711] RSP: 0018:ffffc9000b43fb70 EFLAGS: 00010282
[  334.663750][T10711] RAX: 0000000000000000 RBX: ffff88806eee3dc0 RCX: ffffc9000c0c1000
[  334.671727][T10711] RDX: 0000000000080000 RSI: ffffffff817ad005 RDI: 0000000000000001
[  334.679708][T10711] RBP: ffff8880340d3200 R08: 0000000000000001 R09: 0000000000000000
[  334.687689][T10711] R10: 0000000000000001 R11: 0000000000000001 R12: ffff8880340d3140
[  334.695682][T10711] R13: ffff8880340d3224 R14: ffff8880340d3d64 R15: dffffc0000000000
[  334.703672][T10711]  ? __warn_printk+0x1a5/0x350
[  334.708476][T10711]  ? __pfx_remove_proc_entry+0x10/0x10
[  334.713953][T10711]  ? kfree+0x2b6/0x4d0
[  334.718030][T10711]  ? cache_destroy_net+0x31/0x50
[  334.722986][T10711]  ? sunrpc_exit_net+0x37/0x90
[  334.727778][T10711]  sunrpc_exit_net+0x46/0x90
[  334.732384][T10711]  ? __pfx_sunrpc_exit_net+0x10/0x10
[  334.737679][T10711]  ops_exit_list+0xb0/0x180
[  334.742231][T10711]  setup_net+0x4e8/0x850
[  334.746516][T10711]  ? __pfx_setup_net+0x10/0x10
[  334.751315][T10711]  ? lockdep_init_map_type+0x5c/0x280
[  334.756702][T10711]  ? __pfx_down_read_killable+0x10/0x10
[  334.762273][T10711]  ? debug_mutex_init+0x37/0x70
[  334.767183][T10711]  copy_net_ns+0x2a6/0x5f0
[  334.771630][T10711]  create_new_namespaces+0x3ea/0xad0
[  334.776945][T10711]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  334.782604][T10711]  ksys_unshare+0x45b/0xa40
[  334.787134][T10711]  ? __pfx_ksys_unshare+0x10/0x10
[  334.792183][T10711]  ? xfd_validate_state+0x5d/0x180
[  334.797320][T10711]  ? rcu_is_watching+0x12/0xc0
[  334.802138][T10711]  __x64_sys_unshare+0x31/0x40
[  334.806939][T10711]  do_syscall_64+0xcd/0x260
[  334.811478][T10711]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  334.817397][T10711] RIP: 0033:0x7fba96b8e169
[  334.821817][T10711] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  334.841441][T10711] RSP: 002b:00007fba97a0b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  334.849903][T10711] RAX: ffffffffffffffda RBX: 00007fba96db5fa0 RCX: 00007fba96b8e169
[  334.857888][T10711] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  334.865867][T10711] RBP: 00007fba96c10a68 R08: 0000000000000000 R09: 0000000000000000
[  334.873855][T10711] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  334.881825][T10711] R13: 0000000000000000 R14: 00007fba96db5fa0 R15: 00007ffe6f3dc308
[  334.889817][T10711]  </TASK>
[  334.893159][T10711] Kernel Offset: disabled
[  334.897498][T10711] Rebooting in 86400 seconds..