last executing test programs: 6.508746025s ago: executing program 3 (id=1281): r0 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000080), 0x48180, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000280)={{0x3, 0x1000, 0x1, 0x1, 0x8}, "654c6dbc7a4d30983899a7e1325b6a29ba1e184410ba9f74e82a3fa6c3ccf1bf"}) ioctl$auto_SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, &(0x7f00000002c0)={0x7fe3, 0x6, "b908674cfda2f7f351c66f681b0cf4a6f675fcee96065fdca6f219ea386de55097e14dbb38e0462dd9d44d7c6c55e2a5937efe361800", "3b6e33d493a9c79b3387938d612ceab5a4a20e605cd0842aa149397ff8063b45d44f8ce95fa39df1e5e1fc5e51f00fa2dfcc38c9b1ef6596b9e746f5e48ac07048156ea6be1e1ca5d281c7bb11333d0f", 0x397, 0x3, "d3bc655e384df871894a5771758ff164f2cd8098ac193333046911421bc3f1a0cf5d0300000000000000a9001fa7efb0600cc93b5b84a000"}) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x8000000000000001, 0x2020009, 0x3, 0xf8, 0xffffffffffffffff, 0x8000) madvise$auto(0x0, 0x2000040080000004, 0xe) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48090}, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0xa) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyu1\x00', 0x12b2c3, 0x0) ioctl$auto_TCSBRKP2(r1, 0x5425, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x92000, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x4040, 0x0) preadv2$auto(0x3, &(0x7f0000001000)={0x0, 0x10}, 0x5, 0xffffffffffffffff, 0x7, 0x2e) ustat$auto(0x801, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0xff1, 0x8000) bpf$auto(0x5, 0x0, 0x102) getpid() set_mempolicy_home_node$auto(0x3, 0x5, 0x7, 0x4) r3 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) read$auto(r3, 0x0, 0xb4d3) write$auto(0x3, 0x0, 0xffd8) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000180)='/dev/bus/usb/015/001\x00', 0xa3c1, 0x0) socket(0xa, 0x3, 0x100) openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/self/mem\x00', 0x0, 0x0) 5.909727819s ago: executing program 3 (id=1282): mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000500)='/sys/devices/virtual/block/ram12/queue/read_ahead_kb\x00', 0x80000, 0x0) read$auto(r0, 0x0, 0x20) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x8) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/midiC2D0\x00', 0x80102, 0x0) readv$auto(0x3, &(0x7f0000000040)={&(0x7f0000000000), 0x36a}, 0x6) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$auto(0x72d, 0xa91c, 0x80) r1 = socket(0x2, 0x80002, 0x73) r2 = socket(0xa, 0x3, 0x3a) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa}, 0x55) setitimer$auto(0x2, &(0x7f0000000080)={{0x2, 0x5}, {0x0, 0x8}}, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xffff}, 0x1, 0x0, 0x0, 0x9}, 0x100007}, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'veth1\x00', 0x0}) sendmsg$auto_HSR_C_GET_NODE_STATUS(r1, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, 0x0, 0x8, 0x70bd2a, 0x25dfdbfc, {}, [@HSR_A_IF2_SEQ={0x6, 0x7, 0xfd}, @HSR_A_IF1_AGE={0x8, 0x3, 0x6}, @HSR_A_IF1_SEQ={0x6, 0x6, 0x7ff}, @HSR_A_IFINDEX={0x8, 0x2, r3}, @HSR_A_NODE_ADDR={0xa, 0x1, @multicast}, @HSR_A_NODE_ADDR_B={0xa, 0x5, @multicast}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40000}, 0x4004004) r4 = open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x64) mmap$auto(0x0, 0xf, 0xdf, 0x9b72, 0x2, 0x7ffd) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/rose3/carrier\x00', 0x10101, 0x0) write$auto(r5, 0x0, 0x4) socket(0x2d, 0x2, 0x0) recvfrom$auto(0x3, 0x0, 0x800000000e, 0xf90000, 0x0, 0xfffffffffffffffd) fchdir$auto(r4) mkdir$auto(0x0, 0x9) 5.59237361s ago: executing program 3 (id=1286): mmap$auto(0x0, 0x20009, 0x4000000000cf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0xffffffffffffffff, 0x8) msgctl$auto_MSG_STAT_ANY(0x2, 0xd, &(0x7f0000000240)={{0x762, 0x0, 0xee00, 0x3, 0x7, 0x8, 0xdeb7}, 0x0, 0x0, 0x4, 0x7ff, 0x4, 0x7, 0x400, 0x4, 0x100, 0x7, @raw=0x4}) io_uring_setup$auto(0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptye9\x00', 0x109000, 0x0) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x8000, 0x0) r1 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000980)='/dev/ttye9\x00', 0x102, 0x0) sendfile$auto(r1, r0, 0x0, 0x10000) r2 = prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x6) syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff) r3 = socket(0x10, 0x3, 0x69597dbf) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r5 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, r5, 0x8000) madvise$auto(0x0, 0x2, 0x9) prctl$auto(0x1003e, 0x3, 0x0, 0xfffffffffffffffb, 0x100000000000004) select$auto(0x1000000e, 0x0, 0x0, &(0x7f0000000040)={[0x400000202, 0x7, 0xd, 0x8fd6, 0x948b, 0x7, 0x8000, 0x7, 0x3, 0x62, 0x80000005, 0x7, 0x1, 0x9, 0x4, 0xfffffffffffffffe]}, 0x0) write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/platform/vhci_hcd.0/usb9/power/connected_duration\x00', 0x4b60e2, 0x0) r7 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x68140, 0x0) ioctl$auto(r7, 0x5457, r6) write$auto(r3, &(0x7f00000005c0)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\fu;\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xdb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x134\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xe4\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb\xac\xdc\xd6KBor\xa7y\xd3\xe2V\x8b\xfe\xcd\xb1\b\xfc\xc9w\x9dba\xa21\x16x\x15\x8f\xc3n\xb4\bu\xe4P\x0eW}\x9co\x1c/`\x94\xc6\x03ja\xdb\xf1\xc1P);\rv\xba%\xf2\xbf\xf0\xaf\x92f3A>\x8bg\t\xaf\xb3\xeb\xd0i(\xd0p\xf1\xea0g\xcd\xd3\xdc\xa3[\x12\xe7\xa6\xa3\x7f\xf0\xf3c\xbe\xba\a\xad\x00\x8c\xe7d\x95\xc4{\xdd&\xe4\xe9\xf9CP\x11\xc4&YH\xa0\xd2P\xf8\xb7\x04\xd7\xb1_\xc0\xad%!\x18-\xb7\xc5\aR\x8dqafg\x85\xc6\xec\xdd\x8d6)\xcc\\O\xdc\xef\xab\xfe\xc7\xce\xe7\xff\xd2\xf6\x00\x00\x00\x00\x00\x00', 0x1) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/pagemap\x00', 0x800042, 0x0) prctl$auto(0x100003e, 0xfffffffffffffffe, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) syz_genetlink_get_family_id$auto_batadv(0x0, r2) socket$nl_generic(0x10, 0x3, 0x10) 5.543022701s ago: executing program 2 (id=1287): unshare$auto(0x40000080) clock_settime$auto(0x26c, &(0x7f0000000000)={0x100000004, 0x8}) adjtimex$auto(&(0x7f0000000280)={0xf, 0x0, 0x8, 0x100000001, 0x7f, 0x0, 0x2, 0x0, 0xe, 0x0, 0x10001, {0xf, 0x6}, 0x7ffffffffffffffe, 0x3a9d, 0x5, 0xf, 0x0, 0x6, 0x1, 0x7, 0x8, 0x5, 0x1015c8}) r0 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0) ioctl$auto_PAGEMAP_SCAN(r0, 0xc0606610, 0x0) adjtimex$auto(0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyua\x00', 0x20a04, 0x0) r2 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f00000031c0)='/dev/ttyua\x00', 0x109000, 0x0) read$auto(r0, 0x0, 0x9) read$auto(r2, 0x0, 0x800) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000002500), 0xffffffffffffffff) sendmsg$auto_OVS_FLOW_CMD_SET(r3, &(0x7f00000025c0)={0x0, 0x0, &(0x7f0000002580)={&(0x7f00000000c0)=ANY=[@ANYBLOB="340000003d929950e224ed71771a7704973a906eeb078c0fb83fd36c53e1e738f7c18eddcb049faefaff8cb4de47d2f8c588acee549be0d333fc2ef6b67563d96ba682d409177d9f6bd2e7767fa4d7171650f51d9c6352d91756fa30494b0cb045c8bfa1ab54fdaeb3ae91c37701f9deb6937255b2cfe5c0c49021dd1492c4abbacd192376294e26be176abd2e13510935", @ANYRES16=r4, @ANYBLOB="010628bd7000fedbcf25040000001c00018015000900ee670872f7ce40bda82b9039f0e60f757f00000004000800"], 0x34}, 0x1, 0x0, 0x0, 0x4}, 0x0) close_range$auto(0x2, 0x8, 0x0) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) madvise$auto(0x0, 0x200007, 0x19) madvise$auto(0x0, 0x2003f0, 0x15) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/vlan/vlan0\x00', 0x4800, 0x0) close_range$auto(r2, r1, 0x7) set_mempolicy_home_node$auto(0x0, 0x10001, 0x0, 0x0) close_range$auto(0x2, 0xa, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptyr4\x00', 0x1, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/tty45\x00', 0x201, 0x0) ioctl$auto_TIOCSTI2(r5, 0x5412, &(0x7f0000000840)="13") ioctl$auto_TIOCSTI2(r5, 0x5412, 0x0) 3.943348023s ago: executing program 1 (id=1289): r0 = openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x2, 0x0) write$auto_proc_clear_refs_operations_internal(r0, 0x0, 0x0) mmap$auto(0x4, 0x4, 0x4000000000df, 0x78, 0x4, 0x300000000000) mmap$auto(0x0, 0x4000b, 0xdf, 0x9b72, 0x7, 0x28000) r1 = socket(0xa, 0x3, 0x3a) getsockopt$auto(r1, 0x29, 0x40, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x242a82, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/machinecheck/machinecheck1/cmci_disabled\x00', 0x20102, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x1) r3 = socket(0x11, 0x6, 0x4000000) r4 = getsockopt$auto(r3, 0x84, 0x12, 0x0, 0x0) ioctl$auto_MON_IOCX_GETX(r4, 0x4018920a, &(0x7f0000000080)={&(0x7f0000000040)={0x170, 0x3, 0x80, 0x4, 0x9, 0x2, 0x75, 0xe, 0x7, 0x3, 0x339, 0x2, 0xffffffff, @iso={0x2, 0x1004}, 0x5, 0x0, 0x1, 0xffffffdb}, 0x0, 0x40000000000}) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000840), r5) sendmsg$auto_OVS_CT_LIMIT_CMD_SET(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="9c010000", @ANYRES16=r6, @ANYBLOB="01002ebd5100fbcbdf2501000000040001808401018004000680398f32525e629163bfcc5d377bd8aed3ff1d26fc3c79ca435794c67d39b21ed0e95d1b3756e1789925d5c8a1a918c121a2b84869b15bb40ae4f671a8dd8ed01bb44efef2f4c768a2484f03635658fe8bfff71b8bf933532a61abcb7516ccfa73d70af3acc26f2c526959f19efd99202bc7ec5a2259a82d8e191691f5b23172f4f19ca9b0080dff732a7df559ae2279f426f2baa018832cd8e9b58fee32b1bcd4c087f83b0f3c0aed0c943a50ba5a327530d10800d20064010101f3c1881feb99fe432d5fa89114591690f2efcbe9a7f87a8774637face20e7a821c481a653778aaf92185e8bfb092c2900920cca139540fd90efab653551552721f2b2889999ce801e47cfad8f735f702c852bd40e1ef6f259c36d7d8bc31748c903b1ceadd56ead8730d0e727f333855c6b3b286c779abbfff5f47e390b1336271492db0b266e2b8910bf339d4037a7dcf9c8a0669629580c65489f41db5adb59f53f3acd871444d9f34952c00ec9365f3dd08003800", @ANYRES32, @ANYBLOB="080420800a002d00dd29b3e13e6445b7d06a4c030a6a7521dbcbda0fc67a0f3b71c95fed1001d163e9d1c0f166c19bbf7befba963c6d81661bb227f3d7d8e201d488db036e52a33ad369e4d0197719c7501c8e729d5a58c426bfcdf92cc5c6c4f7b13929390da2d3f951ff9ee805551ed9f53a13f3871892bb5359798b3ac4feab1819de0aa0a2918cc8356622fb6178aa5dc2c38e75956c747727790cfd3e"], 0x19c}, 0x1, 0x0, 0x0, 0x40}, 0x4) r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/pcrypt/pencrypt/serial_cpumask\x00', 0xa001, 0x0) write$auto(r7, &(0x7f0000000040)=',\x00^\xa2\x02\x00\x00\x00\x00\x00\xd8l\x00\x00\x00\x00\x00\x00\xb2s\x83\xbd\xc5_%\xc1\xa3\xd0\x95Hq\xf4zG\x01[{\x17\x05I\xe0\xb1d)\x06z8L\xe6&[\xa9X6\x7f\xec\x94\xdal\xa1\xbb\x86\x9c\xc2\xef\x02\r9%\x06\xc5\'b%m_\x96A\"\xdd\xe40\xa7\xc3\x9ah\xf3B\xc2\xec\xf8\r\f[\xe5\x9dK\xe1\x99\x86\xfc\xac\x9f\x8a', 0x1000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000580)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x44814}, 0x2004c0c4) unshare$auto(0x40000080) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) r8 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x8040, 0x0) io_uring_setup$auto(0xc, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r8, 0x403c6f2b, 0x0) readv$auto(0x3, &(0x7f00000002c0)={0x0, 0x8}, 0x8) readv$auto(0x3, 0x0, 0x1) clock_getres$auto(0xfffffffffffffff5, 0xffffffffffffffff) read$auto(r2, 0x0, 0xafbb) 3.79855498s ago: executing program 0 (id=1290): r0 = open(&(0x7f0000000040)='./file0\x00', 0x22240, 0x154) fcntl$auto(r0, 0x80000000, 0x1) read$auto_ctl_device_fops_user(r0, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) ioctl$auto_UBI_IOCDET(0xffffffffffffffff, 0x40046f41, 0x0) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio1\x00', 0x400, 0x0) r2 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000500)='/dev/cpu/0/cpuid\x00', 0xad00, 0x0) readv$auto(r1, &(0x7f0000000680)={0x0, 0x5}, 0x206) mmap$auto(0x2, 0x7, 0x3, 0x17, r1, 0xe) prctl$auto(0xffffff1f, 0x6, 0x0, 0x4, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f0, 0x15) madvise$auto(0x0, 0x200007, 0x19) arch_prctl$auto(0x1021, 0x3) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000014c0)='/proc/self/net/ip_vs_conn\x00', 0x20440, 0x0) pread64$auto(r0, 0x0, 0x5, 0x0) ppoll$auto(0x0, 0x2, 0x0, 0x0, 0x8) ioctl$auto_SNDCTL_DSP_SYNC(r1, 0x5001, 0xfffffffffffffffc) r3 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/lru_gen\x00', 0x0, 0x0) pread64$auto(r3, &(0x7f0000000040)='\x00\x00\x00\x88\xde\x90\a\'\x9bM\xa0\x848\xbbz(\xe9\x05<\x82\xfe\xe2\xf6 \x0f8\xfb\xa7\xb4\xa0\x9e\xcb\xec\x9e{W\xed>\xe7l\xcb\x90\\/\x84\x99!*\xe3\x99}x\xd4\xa5D\xfa\xe5\xf9od^\xa6', 0x7ff, 0x400) inotify_rm_watch$auto(r2, 0x8001) getpid() openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x40001, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000280)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9a\x84\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95\x00\x00\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0xc, 0x20009, 0x5, 0x14, 0x405, 0x8000) write$auto(0x3, 0x0, 0xffd8) write$auto(0xffffffffffffffff, &(0x7f0000000200)='y\xd2\xaf\xfa\xc9W.\xaa:\xe3\x98\xcc\xe5`\x90\x19\xd0\xcb\xde\xb9\xcb\xf5\xc6\xea\xcc\xe9\"\x96xx\xe1\x99\xfb\xc6n\x86\xfa\xfbb\xe2\'\xa1\\\xfdg\x94wW\x05\xc0\x94\xd8\xa1\xe1\x05\xef\x89\x05\xbeU{\xb7\x117\a\x13\xed\xd2\x02\xae\xbf\xe1\x1e\xf2 \xbeN\x19\x05\xed9\x87D\x1d\xa2\xca4\xafn\x9a\r[\x9f\xb7\xf42\x9bi\x03\x98r\xf2f\xf20\x8f\x17W\xf5\x8c\x874\x15', 0x2160) r4 = socket$nl_generic(0x10, 0x3, 0x10) getsockopt$auto_SO_PASSSEC(r4, 0x1, 0x22, &(0x7f0000007180)='%-&', &(0x7f00000071c0)=0x200) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/bdi/1:5/min_bytes\x00', 0x88282, 0x0) 3.789825198s ago: executing program 2 (id=1291): mmap$auto(0x0, 0x2000009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) setrlimit$auto(0x2, 0x0) getrlimit$auto(0xf, &(0x7f0000000000)={0x401, 0xb9b}) mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) r0 = io_uring_setup$auto(0x6, 0x0) mmap$auto(0x1, 0x7, 0x4, 0x800000000801e, r0, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) io_uring_enter$auto(0x3, 0xa84, 0x80000001, 0xa, 0x0, 0x80046) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) read$auto(0x3, 0x0, 0x400000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x2, 0x0) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="03000002", @ANYBLOB="499c0e4c484f491bb6983ec071a76c1981d17ff7c5b66c723dbae07591cf7fa6866a0ec2deff88a886af4c5911c1a3f96607e0bc56251b9cf65de2fa27a62af1799bc16ba661dfae2111f9a80949256cdbdf85a2ebcd1c5998e49ab8a517a562a00695c8fe7d7e9f477ed42ab1ddb243f59ac1a90fbca0e50682fd65be382988df9d5e425ee944e71f9afc546679b0abd4166d1fd226d6fcec2cd541b6c363867818331a2204df1ff02ee5c428c2185805fb5503fd84817a51cf0539612a7bbe6a4b2f7763809162ccde7aa655306a3baa4d4f460711c91301716d8aa4d958e2fb22c698f0d912d48da4a569187563b0"], 0x1ac}, 0x1, 0x0, 0x0, 0x800}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x2, 0x9}, 0x7}, 0x3, 0x0) socket(0x2b, 0x1, 0x2) open(&(0x7f0000000100)='.\x00', 0x801, 0x80) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) open(&(0x7f0000000100)='.\x00', 0x591002, 0x408) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000280)='/proc/asound/card1/pcm1c/xrun_debug\x00', 0x20440, 0x0) socket(0x10, 0x2, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/v4l-subdev4\x00', 0x782, 0x0) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x228040, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty40\x00', 0x101840, 0x0) 3.49680686s ago: executing program 0 (id=1292): timer_gettime$auto(0x2, &(0x7f0000000000)={{0x2, 0x8}, {0x3ff, 0x8}}) r0 = openat$auto_stats_fops_2(0xffffffffffffff9c, &(0x7f0000000040), 0x103080, 0x0) timerfd_gettime$auto(r0, &(0x7f0000000080)={{0x2}, {0x8000, 0x20}}) mmap$auto(0x0, 0x2020009, 0x3, 0xeb4, 0xfffffffffffffffa, 0x8000) sysfs$auto(0x2, 0x4d, 0x0) r1 = socket(0xa, 0x2, 0x88) setsockopt$auto(r1, 0x11, 0xa, 0x0, 0x8) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x3, 0x5e61) 3.301879165s ago: executing program 0 (id=1293): r0 = bpf$auto(0x0, &(0x7f0000000100)=@bpf_attr_4={0x16, 0x4, 0x80000001, 0x8}, 0x6f4) openat$auto_proc_pid_smaps_operations_internal(0xffffffffffffff9c, &(0x7f0000000b00)='/proc/self/smaps\x00', 0x42000, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) socket(0x10, 0x5, 0x4) mmap$auto(0x0, 0x2020009, 0x126, 0xf8, 0xffffffffffffffff, 0x8000) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0) unshare$auto(0x40000080) r1 = socket(0x1e, 0x1, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80102, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r3 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x200000, 0x7, 0xeb0, 0xfffffffffffffffa, 0x200) getsid$auto(0x0) r4 = getpgrp(0xffffffffffffffff) kcmp$auto_KCMP_FILE(r4, r4, 0x0, r0, r2) r5 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f0, 0x15) madvise$auto(0x0, 0x200007, 0x19) fsconfig$auto_FSCONFIG_SET_PATH_EMPTY(r5, 0x4, 0x0, 0x0, 0x38b) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000005800), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_TX_INFO_FRAME(r3, 0x0, 0x800) mmap$auto(0xfffffffffffffffd, 0x2020009, 0x8000000003, 0xeb4, r1, 0x8000) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/pagemap\x00', 0x18001, 0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000080)) 3.298610953s ago: executing program 2 (id=1294): r0 = socket(0x29, 0x2, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x68140, 0x0) write$auto(0x3, 0x0, 0xfffffdf1) openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, 0x0, 0x80000, 0x0) io_uring_setup$auto(0x6, 0x0) sendmsg$auto_NL80211_CMD_TDLS_CANCEL_CHANNEL_SWITCH(r0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0xffffff7f, 0x800}, 0x4) close_range$auto(0x2, 0x8000, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) 3.210773446s ago: executing program 3 (id=1295): unshare$auto(0x40000080) mmap$auto(0x40000000007, 0x20009, 0x4400000000df, 0xc157, 0x101000000000000, 0x7) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0xe, 0xb1, 0xb, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) r0 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000180)='/dev/usbmon26\x00', 0x600, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x401, 0xfffffffffffffffd, 0xd4, 0x4, 0x28c, 0x0, 0x3, 0x368e, 0x9, {0xfffffffe, 0x10000}, 0x5, 0x6, 0xfffffbfffff7fffd, 0x1007ffd, 0x0, 0xfe, 0x81, 0xffffffffffff628e, 0x4000a747, 0xdeb1, 0x804}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) openat$auto_proc_pid_attr_operations_base(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/net/phonet\x00', 0x48041, 0x0) write$auto(r2, 0x0, 0x2) openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/psaux\x00', 0x2, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x4, 0x1ba, 0x9, 0x6, 0x80000000]}, 0x0) ioctl$auto_MON_IOCG_STATS(r0, 0x80089203, 0x0) bpf$auto(0x0, 0x0, 0x60) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0xa901, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC2\x00', 0x181800, 0x0) bind$auto(r3, &(0x7f0000000040)=@nl=@unspec, 0x10) fcntl$auto(0x3, 0x8, 0x9ebfffffffffffff) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match\x00', 0x20080, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r4, 0x0, 0x0) mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000) adjtimex$auto(0x0) 2.398280681s ago: executing program 2 (id=1296): sendmsg$auto_NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x31df4f184fd6d27d}, 0x0) landlock_create_ruleset$auto(&(0x7f0000000000)={0x10, 0x2, 0x9}, 0x9, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/clockevents/clockevent0/unbind_device\x00', 0x20001, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000180)='{', 0x1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = socket(0x2, 0x3, 0x1) sendto$auto(r1, 0x0, 0x8, 0xe, &(0x7f0000000000), 0x1c) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r2, 0x0, 0x7) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x8, 0x8000000000000000, 0x0) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r4, 0x5423, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008) socket$auto(0x401, 0x2, 0x7) r5 = socket(0x29, 0x2, 0x0) r6 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}, 0x1, 0x0, 0x0, 0x2000}, 0x40000) recvmmsg$auto(r6, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x803}, 0xfffffff9, 0x10, 0x0) ioctl$auto(r5, 0x89f3, 0x24) 2.218853989s ago: executing program 1 (id=1297): mmap$auto(0x0, 0x9, 0xc00000072, 0x8b72, 0x1000000002, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) (async) openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) (async) close_range$auto(0x2, 0x8000, 0x0) socket(0x2, 0x1, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) (async) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) (async) ioctl$auto(0x3, 0xae41, r1) fsconfig$auto_HIDEPID_NO_ACCESS(0xffffffffffffffff, 0xffff0000, 0x0, &(0x7f0000000080)="f4d02e620c2b2d9732eae09f0cf3bec2b54090f3192944b18e3aaffe1d254e65806fbaf7bdbbd211bebecc728cb04d1c982b6170235296121b4f0d781794e49e5f0dd0abae8d4775176e4917a429f319ca51cc34aa31d23ffa063c78a2604bc2d4c7206f1ee8e60ba41ae62f5c325e14a7d4657e633ff2f6e4ee20c410583edec38a9dbb5b6075763c267c742fe4fe3b3d988edb8a68ed573d67e05ec371993de8d4e6fd42668fb19993b4a5ff602bb2da3467bce57365aef31523fdc0d5d64634ec86a7f7e14a2a73f1130d587af27880679a60b52051d03b8f5f37d50eb8150e597af56787787a22b7c9488f9d7f30406fa69b96ace01eed97fd990a11b1fefad8a5a2c9613ebc9f79c14e71f7354aab789d31c7b877a8a5bd863035699a29f96272c86b2d12ffa8883011807fed67b03a6c5545d9375f9ea16501187449b0dde6b575777b17bfae688c57fd2072e39d0ec327b948ebe76aae5ce3919b6245a07043214027f03152a47654a321619f91ca7169a15d05e5894dfe34f2dfd58225c5ca721faf3ff4f29465232db705af94a32232a7039943288ccff1f7bf7bb7e0940f2c3dd6fe26e4d7359aaa80c17bffab9d4f3f", 0x1) r2 = open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0x1, 0x538, 0x80, 0x10000, 0x0, r2, 0x1000, "72fea04183dce563f03f2a25077b3383", 0x0, r2, 0x4, 0x6, 0x101, 0x1, r2}, 0x6f3) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) (async) recvmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x8, 0x0, 0x7, 0x0, 0xfffffffffffffffd, 0x200}, 0x5}, 0x3, 0x4, 0x0) mount$auto(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='nfs4\x00', 0x200, &(0x7f00000001c0)) fsopen$auto(&(0x7f0000000040)='/dev/qrtr-tun\x00', 0x4ea9) ioctl$auto_KVM_CREATE_VM(r0, 0x4004ae99, 0x0) fanotify_init$auto(0x9, 0x7fff) 1.973763569s ago: executing program 2 (id=1298): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/pcm0p/oss\x00', 0xaa102, 0x0) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82040, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) socket(0x2, 0x1, 0x0) socket(0xa, 0x2, 0x88) connect$auto(0x3, 0x0, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x12, 0x0, 0x0, &(0x7f0000000240)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x400000000000948f, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x3, 0x1, 0x9, 0x1]}, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/kernel/kexec_load_disabled\x00', 0x202, 0x0) mmap$auto(0xc, 0x20009, 0x5, 0xeb1, 0x405, 0x8000) write$auto_nsim_dev_take_snapshot_fops_dev(r1, &(0x7f00000002c0)="399dc6ee4e94f301521973294ba70374a92ff2fe6df782950fec7c802fe486af2716636fc897b67033196434bbae5919e0880e9dc380361c127a60aa37187610348fa9763326cee7f39b69b72b908fa2133270970e936aac93fe012bdfe8d84f5e1c1fd21fbd4561db934312ef821c09ae4988fb5427bd3f0d1e70ae038f805b28", 0x81) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0xa, 0xb5, 0x10, 0x4, 0x4, 0xffffffffffffffff, 0xa, "2af051a940806ec05be276cfc83ce63f", 0x0, 0xffffffffffffffff, 0x5, 0x7, 0xe5, 0x3, 0xffffffffffffffff}, 0x10) getsockopt$auto_SO_TIMESTAMPNS_NEW(r3, 0x7f, 0x40, &(0x7f0000000040)='/sys/kernel/debug/lru_gen\x00', &(0x7f0000000080)=0x1) bpf$auto(0x1a, &(0x7f0000000380)=@link_create={@map_fd, @target_ifindex=r2, 0x3, 0x81, @uprobe_multi={0x81, 0x1ff, 0x3d7e, 0x0, 0x1f, 0x4}}, 0x92) 1.658535111s ago: executing program 1 (id=1299): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = socket(0x34, 0x2, 0x3) r1 = openat$auto_xfs_dir_file_operations_xfs_file(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/mac80211_hwsim/hwsim15\x00', 0x50001, 0x0) ioctl$auto_XFS_IOC_OPEN_BY_HANDLE(r1, 0xc038586b, &(0x7f0000000640)={r0, &(0x7f0000000500)="489efd8fe3bced85ca6773d7a07762af5071f3fc71aeffe61fb1ee47241ad19c74b25b384a308661b5eff58a18000d9a569f7365d833458621bd8afabbc694aefd1493c865bbb67a97d606b097ff0068422f36ca2bf335577620e2f6e94d3869f8e7a46a2dd36ce7200d66caa59aca1510be3fb2b5890ec9a2d9ecfb5b18977b628e9359b3e9389baab7b04c014e722807ac45c7e82265fcf5043c98d157dc5b691f57fa4d9d07de57c9c3263e63e9021ded9231b37cd1900ae989c141d458ca3afb29990b88ae89478b59e11b840712558875c574de02bd", 0x1ff, &(0x7f0000000380)="9c8261cecff6ec8022d8b22c0885d1413e5416e338d0500d4eee9f8be621123c54adb1d0fea325d8d18670e26afcbb654ba9fed6f504d5dc563e7ea85e3de4a88bef87df598c3eff60cffee8a01c1d4961474c236eee9b54f50c391b0b7c50ba383b74f95c8cb7d1c26f3df585839ecad92ae46f86adc028d05f7f84c7db76171246082f67682c7e61b867efd7a41a80287835110d641a884f17", 0x4, &(0x7f0000000280)="a58bd749ac55fff8aab192916014bf3170750543d1b5d1866235d69b0d9e24cd0a5d4e5fa40c126840b8a842ca", &(0x7f0000000600)=0xc}) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000740)={0x0}, 0x1, 0x0, 0x0, 0x4801}, 0x20040000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000680)=ANY=[@ANYRESDEC=r0, @ANYBLOB="00044c", @ANYBLOB="5de1523353782950330a"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x16, &(0x7f00000006c0)={&(0x7f0000000700)=ANY=[@ANYRES8=r0, @ANYRESOCT=r1], 0x1ac}, 0x1, 0x0, 0x0, 0x51}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x5, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) recvmmsg$auto(r0, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x200, 0x0) pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xb5l\x91p\xe6\x1eRN8\x99\x00\r\xaa\x1c\xc3q\x00:c\x14\r>\x94\x1a\x18\x81\xff\x80\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x4e, 0x3) openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs1\x00', 0x108002, 0x0) r3 = socket(0x2, 0x3, 0x100) socket$nl_generic(0x10, 0x3, 0x10) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000340)='/proc/thread-self/net/dev_mcast\x00', 0x404080, 0x0) write$auto(r4, &(0x7f0000000100)='\x00\x00\x00\x00\x00\x00\x00x \xec(\x1d\x98\xe9\xc4\xe8\xfc@6=\xab\xf4\x89\x01\x93\xdc\x19\xffv\'\xa1\xd5\x14\x06S\xae\xadB}\xdf]\x99\xc9\x9f4\xbb\xc5\x81\x9d\x8ak\xdeB\xcbd\xd3\x05\xe4P\x84\xcb\xb8#\x13\nYU\'\x95R\xc8\x9d\xb7*\xe0.\xd2\xdf\x1b\x88D\x8c{k\xcec\xe1\xa2j\xec\xc9\xd2\x98\x94I\x102h\x06\x8c\xa2\xc8\x8a7\xb7t', 0x7ef) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/mac80211_hwsim/hwsim1/net/wlan1/type\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r5, &(0x7f0000000040)=""/116, 0x74) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x482040, 0x0) socket(0x9, 0x1, 0x100) ioperm$auto(0x7, 0x5ad2, 0xc) modify_ldt$auto(0x1, 0x0, 0x10) pread64$auto(0xffffffffffffffff, 0x0, 0x7ff, 0x400) socket(0x2, 0x1, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f0000000440)='/Eev/audio1\x00VI\xa3\xaa\xb1\x05\x00\x00\x00\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\x89C:\xc3\xcbx*=\x12\xb4q\xeeC\x81\n\\_\x04D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xabY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\x9e\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xaaD\xcc\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00', 0x8) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) unshare$auto(0x40000080) mmap$auto(0x1000000000000, 0x80400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0xffffffffffffbfff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) 1.592459244s ago: executing program 0 (id=1300): r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/ipc\x00') sendmsg$auto_ETHTOOL_MSG_FEC_GET(0xffffffffffffffff, 0x0, 0x800) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x101c82, 0x0) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$auto(r1, &(0x7f0000000080)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) bpf$auto(0xa, &(0x7f0000000500)=@bpf_attr_3={0x3, 0x4, 0x4, 0x63, 0x400, 0x3, 0x1, 0xcf, 0x1, "38c1d5068f6500", 0x0, 0x113e33f2, 0xffffffffffffffff, 0x8, 0x6, 0x5, 0x6, 0x8, 0x0, 0x3, @attach_prog_fd, 0x6, 0x2000ffff, 0x8, 0x0, 0xfffffffe}, 0x47) msync$auto(0x1ffff000, 0x180000000000000, 0x2) ioctl$NS_GET_PARENT(r0, 0xb701, 0x0) 1.575390977s ago: executing program 3 (id=1301): r0 = socket(0x1, 0x3, 0x4) r1 = socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x1, 0x84) listen$auto(0x3, 0x81) accept$auto(0x3, 0xffffffffffffffff, 0xffffffffffffffff) mmap$auto(0x0, 0x9, 0x2, 0x40eb2, 0x401, 0x300000000000) getsockopt$auto(0xffffffffffffffff, 0x11c, 0x1, 0x0, 0x0) close_range$auto(0x2, r1, 0x0) fanotify_init$auto(0x65, 0x2) socket(0x1d, 0x2, 0x2) connect$auto(0x3, 0x0, 0x55) socket(0x10, 0x3, 0x6) socketpair$auto(0x400003, 0x4, 0x8000000000000000, 0x0) write$auto(0x3, 0x0, 0x5c8) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'xfrm0\x00'}) ioperm$auto(0x7, 0x6, 0x80) stat$auto(0x0, 0x0) sendmsg$auto_ETHTOOL_MSG_RINGS_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x2000000, 0x28000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20004000}, 0x2000c031) sendmsg$auto_NFSD_CMD_THREADS_SET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="0c0000001400c7"], 0x2c}, 0x1, 0x0, 0x0, 0x20000004}, 0x40801) write$auto(r0, &(0x7f0000000200)='\xf0\xc8d\xcf\xe8\xa2\b\xf4a\x8e\xc3\xa5-\x00X\xa8\x88C\xad>\x0f\x00\a\xed\xf4\xb4\xfa\xbb||WJ\xb5\xd8A\xfdW3\x88\x9egj\\\x03\x04\xc1r\xcb\x9a\x14\x18\xcf\xad\xd9\xff\r\xba\x91#\xc9\xc9\xa5NEKC\xb2\xf7G\xa5\x88_\xcc\xd2\bh\x1aaG\xc0qCF/\xfe1\xff\xada\x1bF\xe0}\x84D\xd0\xc1\x17\x92/\xcec\t\xbf\xd99M\xd6', 0x1) mmap$auto(0x0, 0x400008, 0xdc, 0x9b72, 0xffffffffffffffff, 0x8000) socket(0x2, 0x3, 0x1) r2 = socketpair$auto(0x1, 0x405, 0x6, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000400), r2) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyt3\x00', 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r3) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000001c0)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="2f212dbd7000fcdbdf252100000008000300", @ANYRES32=r5, @ANYBLOB="08009e"], 0x24}, 0x1, 0x0, 0x0, 0x80}, 0x4040040) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) 936.876705ms ago: executing program 0 (id=1302): mmap$auto(0x0, 0x2020009, 0x6, 0xeb1, 0xfffffffffffffffa, 0x7ffc) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/net/udp\x00', 0x20000, 0x0) readahead$auto(r0, 0x3, 0x8) read$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000100)=""/140, 0x8c) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/kvm_amd/parameters/pause_filter_thresh\x00', 0x200, 0x0) write$auto_ocfs2_control_fops_stack_user(0xffffffffffffffff, 0x0, 0x0) r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001b80)='/dev/input/event2\x00', 0x40800, 0x0) ioctl$auto_EVIOCSKEYCODE(r1, 0x40084504, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0) write$auto(r2, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) write$auto(r2, 0x0, 0x98c7) socket(0x10, 0x2, 0x0) r3 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC2\x00', 0x0, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r3, 0xc0045516, &(0x7f0000000040)=0x5) r4 = socket(0xa, 0x5, 0x84) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00'}) read$auto(0x3, 0x0, 0x80) r5 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r5, 0xc1105517, &(0x7f00000002c0)={{@inferred, 0x5, 0x9, 0x1, "4941aa833e2fc65b6b3cf7cec76d6778ad8eac3cda35ba9c2b2d43eeb0dc59c8dd3500f11581916caa0d3053"}, 0x4, 0xfffffff9, 0x1, @inferred, @enumerated={0xffff, 0xffe, "4bd04167d52dbe3758dcb7641f58661870525adcaedaa5deaa336a58b7382f979a0ff0b3d9583c08610104000049d9f994ef5578e78507d4f25cd03a4c4b5700", 0x9, 0x3fd}, "6cc1888a6393f1b4285854c5368de438f8cc142ef6df1259b05ba1183bedbd31b642b4051bc7955610c61c329794e5311121c760cb8211c78e6947a99807bcc1"}) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x20000, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xd, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) setsockopt$auto(0x3, 0x6d, 0x7, 0xffffffffffffffff, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) unshare$auto(0x40000080) socket(0x10, 0x2, 0xc) close_range$auto(0x2, 0x8, 0x0) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0xf7}, 0x7) 759.269328ms ago: executing program 1 (id=1303): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/pci/00/01.3\x00', 0x149041, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ttyS0\x00', 0x1, 0x0) socket(0x11, 0x80003, 0x300) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x801, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0xc, 0x1, 0x2, 0x4, 0x15f4da0e, 0x3, 0x80000001, 0xc, 0x8, 0x4, 0x6d3f, 0x9, 0x2, 0x4000000000000d]}, 0x0) syz_genetlink_get_family_id$auto_l2tp(0x0, 0xffffffffffffffff) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x42, 0x0) close_range$auto(0x2, 0x8, 0x0) write$auto(r0, &(0x7f0000000200)='/de\xef\xe7audio1\x00', 0xa3d9) 581.998957ms ago: executing program 1 (id=1304): socket$nl_generic(0x10, 0x3, 0x10) socket(0x15, 0x5, 0x0) setsockopt$auto(0x3, 0x114, 0x7, 0x0, 0xa0) open(&(0x7f0000000100)='.\x00', 0x0, 0x408) socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x10, 0x2, 0xf) r1 = bpf$auto(0x0, &(0x7f0000000080)=@bpf_attr_4={0x1e, r0, 0xffffffff, 0xffffffffffffffff}, 0xd) r3 = ioctl$auto_TIOCGPTPEER(r2, 0x5441, 0x0) getsockopt$auto_SO_TIMESTAMPING_OLD(r3, 0x4, 0x25, &(0x7f0000000000)='/\x00', &(0x7f0000000040)=0xfffff801) bpf$auto(0x2, &(0x7f0000000080)=@iter_create={r1, 0x98}, 0x5) 562.965843ms ago: executing program 2 (id=1305): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/loop6\x00', 0x32fe41, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r0, 0x5606, 0x7) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20b42, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r2 = socket(0x29, 0x2, 0x0) r3 = socket(0x10, 0x2, 0x0) sendmsg$auto_ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x2000000}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) recvmmsg$auto(r3, &(0x7f0000000140)={{0x0, 0xfffffffe, 0x0, 0x5, 0x0, 0x200002, 0x8}, 0x801}, 0xfffffff9, 0x10, 0x0) ioctl$auto(r2, 0x8971, 0x24) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r1, 0xc004500a, &(0x7f0000000000)) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x90}, 0x20000081) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) r4 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) r6 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000300)='/proc/asound/card1/pcm1p/sub3/hw_params\x00', 0x1900, 0x0) pread64$auto(r6, 0x0, 0xe, 0x100000000007) read$auto(r5, 0x0, 0xe8) r7 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000001240)='/proc/thread-self/fail-nth\x00', 0xa0302, 0x0) writev$auto(r7, &(0x7f0000000200)={0x0, 0x7}, 0x3) r8 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000001c0), r3) sendmsg$auto_NL80211_CMD_STOP_NAN(r4, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400c000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x1c, r8, 0x400, 0x70bd25, 0x25dfdbfb, {}, [@NL80211_ATTR_KEY_IDX={0x5, 0x8, 0x7f}]}, 0x1c}, 0x1, 0x0, 0x0, 0x14000}, 0x8000) r9 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f682, 0x0) ioctl$auto_BLKTRACESETUP(r9, 0xc0481273, &(0x7f00000000c0)={"2252f65ca1b92f72a92538725b0694521629e8c3e6ba91c62e2e9d42cf4aef15", 0x4, 0x3, 0x8000, 0x6, 0xff}) 343.895088ms ago: executing program 1 (id=1306): r0 = socket(0x29, 0x2, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x68140, 0x0) write$auto(0x3, 0x0, 0xfffffdf1) openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, 0x0, 0x80000, 0x0) io_uring_setup$auto(0x6, 0x0) sendmsg$auto_NL80211_CMD_TDLS_CANCEL_CHANNEL_SWITCH(r0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff5, 0x800}, 0x4) close_range$auto(0x2, 0x8000, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) 184.479221ms ago: executing program 3 (id=1307): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) move_pages$auto(0x1, 0xf56, 0x0, 0x0, 0x0, 0x8000000000000000) mmap$auto(0x8, 0x3a02, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) r0 = socket(0xf, 0x5, 0xf) setsockopt$auto(r0, 0x1, 0xc, 0x0, 0x7fffffff) mmap$auto(0x0, 0x20009, 0xdf, 0xebf, 0x401, 0x5) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) syz_genetlink_get_family_id$auto_nlbl_unlbl(&(0x7f0000000080), r2) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) ioctl$auto(r2, 0x57, r1) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x60) execve$auto(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) r3 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) execve$auto(&(0x7f0000000240)='./file0\x00', 0x0, 0x0) sendmsg$auto_NL802154_CMD_DEL_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, 0x0}, 0x80) semget$auto(0x0, 0x13c, 0x1ff) semtimedop$auto(0x0, &(0x7f0000000300)={0x7, 0xffff, 0x70}, 0x1f4, 0x0) setsockopt$auto(r0, 0x5a, 0x5884a34, &(0x7f00000000c0)='%=\x00', 0x100) execve$auto(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000100)=&(0x7f0000000300)='#\xdc\xfe\xd8E\xc8\x8bu4\xd9n\xcb\xca\xc7zw \x96\x9ejh\xad\x9eEc\xae\x1e\x89\x92\x9a\xbbP[B\xae\x9cf)\x15\xac\x90)l\x06\xf0\t\x12\x05zz\xa6\xb3\xce=\x00\x00\x00\xf20/\xc4T\x1f\xe5P\xff\xb4\xb7s0\x02\xc5\x81\x93\xc6\xc8\xb6Sp\x1a{8\xfc\xe0,X\xc7BU\xd0\x97\x7f1\x16\x99\x04\xabu/a0\x02\x7f\xbb\xbd\x906\xa8\xce\xee\xcd\xd7\t\x00\xfb\x83\xc8\x8aO\xe9\xbe=\xf7\xf4\x84,\x06\xd3j\x99b\xe6\xf6Y3A\xbb\xa4\xb2\f\x1b\xc3\x8a,g\xc6\xe8[\xdf\x88\x01\x9f7\xb5\x19m\xd8\xc0\f-6\xfe\xa8\xed/u\x81_G\xfeR\xbb\x12|\x97\xabB4J\xed+-\xf8u0/n\xcf\x8b\x95\x9d\xab\xa8\xc47\xa6\x0e\xdeOq\\\xc3\'{\b\xd3m\x94\xc2\xdd{\xeaO\x0e\xe4\xe0\xb9N:\xd60\x17,\x06\xc7B#Y0\x99\xeb\x02\xfe\xd3k\xd5\xdcZ\xdcP\x8e+\xd8\xc7C\xcb\x15\x13c\xbf\xe8\xbd\"\x8f3\"\x14\xf8(\xda\x19\xcd\xec\x03.\xd9^\xc3A\xda\r[\x1a\xda\\#/\xd4\xaf\xd0\xe8\xa2\xdd\xc5{\xfa\xe0\x90\x8f\x99lQ\xec\x84h^\x11+\x93\b\xe0c\xe6\xd22\xf9\xa5\x94\xd0\xf5\xe7\xca\x00\x00\x00\x00\x00\x00\x00\x00\x00') r4 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189082, 0x0) mmap$auto(0x1000000400000000, 0xa, 0xdb, 0x18, 0x5, 0x7ff9) sendmsg$auto_NL802154_CMD_GET_INTERFACE(r3, &(0x7f0000000480)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)=ANY=[], 0x38}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000080) sysfs$auto(0x2, 0x4, 0x0) ioctl$auto_PPPIOCNEWUNIT(r4, 0xc004743e, 0x0) ioctl$auto_PPPIOCSPASS(r4, 0x40107447, 0x0) r5 = ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$auto_UDMABUF_CREATE_LIST(r2, 0x40087543, &(0x7f00000004c0)={0x40, 0x80, [{0xffffffffffffffff, 0x0, 0x5, 0xef0}, {r5, 0x0, 0xffffffffffffffff, 0x9}, {0xffffffffffffffff, 0x0, 0x10000333d, 0x7}, {0xffffffffffffffff, 0x0, 0x7, 0x2}, {0xffffffffffffffff, 0x0, 0x8, 0xd589}, {r0, 0x0, 0xa7, 0x2}]}) 0s ago: executing program 0 (id=1308): r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/can/stats\x00', 0x1c1282, 0x0) read$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000280)=""/59, 0x3b) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video20\x00', 0x80000, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r1) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000164c0), 0xffffffffffffffff) r2 = mq_open$auto(&(0x7f0000000280)='\\*)A\x00', 0x7e, 0x9, 0x0) mq_notify$auto(r2, &(0x7f0000000180)={@sival_ptr=0x0, @raw=0x1, 0x1, @_sigev_thread={0x0, 0x0}}) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_event_inject_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/events/vmalloc/free_vmap_area_noflush/inject\x00', 0x2, 0x0) write$auto_event_inject_fops_trace(r3, &(0x7f00000002c0)='\f', 0x1) r4 = prctl$auto_PR_SET_MM_END_DATA(0x0, 0x4, 0x0, 0x9, 0x7f) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_UPDATE_FT_IES(r4, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000002c0)={&(0x7f00000000c0)={0x16c, r5, 0x20, 0x70bd2b, 0x25dfdbfc, {}, [@NL80211_ATTR_REG_ALPHA2={0xf6, 0x21, "0f3182b062a3e599ff2adb7c60a54f98227cf54b089219b150e2f83bd404e3d19004465a02f2466f314892521a393d920744beb68881173fc5e68ec587b11547c2590581a95d9e2988e40eaf4509ae34d25ec19ce3db160025651a049d2226a8981e477f24475c476b4b812f5a07994394a13bcd50758f20b0d23ad71005e0d0bb43e712a08f29cae6203f4c1cbcfafaf4ec3dbad130b695363f45d409419b21d4b01004c7e96bbc264e8b000e3f16153ffe9938e58332ec04911d180d5ca8e2dc86b6bfbb3203be351b08fb249a60d1c11e308b46ad4b8a44ea8510d4538b9d51c69e779b441a4bbf0bcab214c4db5ece5a"}, @NL80211_ATTR_TWT_RESPONDER={0x4}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x1f, 0x13, "6222cd8c8bee2358d8cc4398a8d0d9a12408013414ad0e647f38fb"}, @NL80211_ATTR_BSS_SHORT_PREAMBLE={0x5, 0x1d, 0x4}, @NL80211_ATTR_AIRTIME_WEIGHT={0x6, 0x112, 0x4}, @NL80211_ATTR_VIF_RADIO_MASK={0x8, 0x14d, 0x4}, @NL80211_ATTR_SAE_PWE={0x5, 0x12a, 0x9}, @NL80211_ATTR_FILS_KEK={0xc, 0xf2, "4ec4e03080d61760"}, @NL80211_ATTR_PMK_LIFETIME={0x8, 0x11f, 0x7}, @NL80211_ATTR_DTIM_PERIOD={0x8, 0xd, 0x10001}]}, 0x16c}, 0x1, 0x0, 0x0, 0x4005}, 0x800) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) ioctl$auto(0x3, 0xc0405668, 0x38) kernel console output (not intermixed with test programs): audit(4294967346.500:28): pid=8260 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.479" name="file0" dev="tmpfs" ino=700 res=0 errno=0 [ 262.450720][ T30] audit: type=1800 audit(4294967347.930:29): pid=8272 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.482" name="file0" dev="tmpfs" ino=619 res=0 errno=0 [ 263.387489][ T8300] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 263.571436][ T8304] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 264.055295][ T8310] netlink: 4 bytes leftover after parsing attributes in process `syz.3.489'. [ 268.226217][ T8361] FAULT_INJECTION: forcing a failure. [ 268.226217][ T8361] name failslab, interval 1, probability 0, space 0, times 0 [ 268.270638][ T8361] CPU: 1 UID: 0 PID: 8361 Comm: syz.0.501 Tainted: G U 6.16.0-rc2-syzkaller #0 PREEMPT(full) [ 268.270678][ T8361] Tainted: [U]=USER [ 268.270685][ T8361] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 268.270698][ T8361] Call Trace: [ 268.270704][ T8361] [ 268.270712][ T8361] dump_stack_lvl+0x16c/0x1f0 [ 268.270749][ T8361] should_fail_ex+0x512/0x640 [ 268.270778][ T8361] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 268.270808][ T8361] should_failslab+0xc2/0x120 [ 268.270827][ T8361] __kmalloc_cache_noprof+0x6a/0x3e0 [ 268.270854][ T8361] ? device_add+0xccc/0x1a70 [ 268.270878][ T8361] device_add+0xccc/0x1a70 [ 268.270899][ T8361] ? dev_set_name+0xc7/0x100 [ 268.270922][ T8361] ? __pfx_dev_set_name+0x10/0x10 [ 268.270946][ T8361] ? __pfx_device_add+0x10/0x10 [ 268.270967][ T8361] ? lockdep_init_map_type+0x5c/0x280 [ 268.271006][ T8361] ? __init_waitqueue_head+0xca/0x150 [ 268.271061][ T8361] netdev_register_kobject+0x182/0x3a0 [ 268.271100][ T8361] register_netdevice+0x13dc/0x2270 [ 268.271152][ T8361] ? __pfx_register_netdevice+0x10/0x10 [ 268.271182][ T8361] slip_open+0xb86/0x1150 [ 268.271213][ T8361] ? __pfx_slip_open+0x10/0x10 [ 268.271237][ T8361] ? down_write+0x14d/0x200 [ 268.271260][ T8361] ? __pfx_slip_open+0x10/0x10 [ 268.271284][ T8361] tty_ldisc_open+0x9f/0x120 [ 268.271313][ T8361] tty_set_ldisc+0x32b/0x780 [ 268.271345][ T8361] tty_ioctl+0xc2e/0x1640 [ 268.271378][ T8361] ? __pfx_tty_ioctl+0x10/0x10 [ 268.271417][ T8361] ? find_held_lock+0x2b/0x80 [ 268.271436][ T8361] ? hook_file_ioctl_common+0x145/0x410 [ 268.271463][ T8361] ? __fget_files+0x20e/0x3c0 [ 268.271494][ T8361] ? __pfx_tty_ioctl+0x10/0x10 [ 268.271526][ T8361] __x64_sys_ioctl+0x18e/0x210 [ 268.271552][ T8361] do_syscall_64+0xcd/0x490 [ 268.271572][ T8361] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 268.271592][ T8361] RIP: 0033:0x7fc8b638e929 [ 268.271609][ T8361] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 268.271628][ T8361] RSP: 002b:00007fc8b718b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 268.271646][ T8361] RAX: ffffffffffffffda RBX: 00007fc8b65b5fa0 RCX: 00007fc8b638e929 [ 268.271660][ T8361] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 000000000000000b [ 268.271671][ T8361] RBP: 00007fc8b6410b39 R08: 0000000000000000 R09: 0000000000000000 [ 268.271684][ T8361] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 268.271695][ T8361] R13: 0000000000000000 R14: 00007fc8b65b5fa0 R15: 00007ffe09475a48 [ 268.271721][ T8361] [ 269.049550][ T8365] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 270.807658][ T8393] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 271.108908][ T8398] lo: entered allmulticast mode [ 271.570829][ T8395] lo: left allmulticast mode [ 272.256633][ T8417] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 272.915403][ T8427] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 273.549379][ T8438] FAULT_INJECTION: forcing a failure. [ 273.549379][ T8438] name failslab, interval 1, probability 0, space 0, times 0 [ 273.580268][ T8438] CPU: 0 UID: 0 PID: 8438 Comm: syz.3.519 Tainted: G U 6.16.0-rc2-syzkaller #0 PREEMPT(full) [ 273.580315][ T8438] Tainted: [U]=USER [ 273.580325][ T8438] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 273.580342][ T8438] Call Trace: [ 273.580352][ T8438] [ 273.580363][ T8438] dump_stack_lvl+0x16c/0x1f0 [ 273.580418][ T8438] should_fail_ex+0x512/0x640 [ 273.580463][ T8438] ? __kmalloc_noprof+0xbf/0x510 [ 273.580511][ T8438] ? __vb2_queue_alloc+0x23e/0x1280 [ 273.580540][ T8438] should_failslab+0xc2/0x120 [ 273.580569][ T8438] __kmalloc_noprof+0xd2/0x510 [ 273.580614][ T8438] ? bitmap_find_next_zero_area_off+0xb4/0xd0 [ 273.580657][ T8438] __vb2_queue_alloc+0x23e/0x1280 [ 273.580718][ T8438] vb2_core_reqbufs+0xa90/0xfe0 [ 273.580761][ T8438] ? __pfx_vb2_core_reqbufs+0x10/0x10 [ 273.580820][ T8438] __vb2_init_fileio+0x3f1/0x1100 [ 273.580853][ T8438] ? __mutex_lock+0x1ca/0xb90 [ 273.580882][ T8438] ? __pfx___futex_wait+0x10/0x10 [ 273.580925][ T8438] ? vb2_fop_write+0xe6/0x3f0 [ 273.580958][ T8438] __vb2_perform_fileio+0x9c2/0x1660 [ 273.581006][ T8438] ? __pfx___vb2_perform_fileio+0x10/0x10 [ 273.581054][ T8438] vb2_fop_write+0x207/0x3f0 [ 273.581089][ T8438] v4l2_write+0x226/0x360 [ 273.581133][ T8438] ? __pfx_v4l2_write+0x10/0x10 [ 273.581173][ T8438] vfs_write+0x2a0/0x1150 [ 273.581234][ T8438] ? __pfx_vfs_write+0x10/0x10 [ 273.581271][ T8438] ? find_held_lock+0x2b/0x80 [ 273.581300][ T8438] ? __fget_files+0x204/0x3c0 [ 273.581343][ T8438] ? __fget_files+0x20e/0x3c0 [ 273.581391][ T8438] ksys_write+0x12a/0x250 [ 273.581430][ T8438] ? __pfx_ksys_write+0x10/0x10 [ 273.581480][ T8438] do_syscall_64+0xcd/0x490 [ 273.581508][ T8438] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 273.581535][ T8438] RIP: 0033:0x7f378018e929 [ 273.581557][ T8438] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 273.581583][ T8438] RSP: 002b:00007f377dff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 273.581608][ T8438] RAX: ffffffffffffffda RBX: 00007f37803b5fa0 RCX: 00007f378018e929 [ 273.581627][ T8438] RDX: 0000000100000001 RSI: 0000200000000100 RDI: 0000000000000005 [ 273.581645][ T8438] RBP: 00007f3780210b39 R08: 0000000000000000 R09: 0000000000000000 [ 273.581661][ T8438] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 273.581683][ T8438] R13: 0000000000000000 R14: 00007f37803b5fa0 R15: 00007ffe40a276e8 [ 273.581715][ T8438] [ 274.906578][ T8451] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 275.198429][ T8451] random: crng reseeded on system resumption                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     [ 418.512606][T10818] FAULT_INJECTION: forcing a failure. [ 418.512606][T10818] name failslab, interval 1, probability 0, space 0, times 0 [ 418.689037][T10818] CPU: 0 UID: 0 PID: 10818 Comm: syz.1.1008 Tainted: G U 6.16.0-rc2-syzkaller #0 PREEMPT(full) [ 418.689074][T10818] Tainted: [U]=USER [ 418.689080][T10818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 418.689093][T10818] Call Trace: [ 418.689101][T10818] [ 418.689108][T10818] dump_stack_lvl+0x16c/0x1f0 [ 418.689148][T10818] should_fail_ex+0x512/0x640 [ 418.689179][T10818] ? __kmalloc_noprof+0xbf/0x510 [ 418.689213][T10818] ? sk_prot_alloc+0x1a8/0x2a0 [ 418.689237][T10818] should_failslab+0xc2/0x120 [ 418.689265][T10818] __kmalloc_noprof+0xd2/0x510 [ 418.689306][T10818] sk_prot_alloc+0x1a8/0x2a0 [ 418.689333][T10818] sk_alloc+0x36/0xc20 [ 418.689366][T10818] __netlink_create+0x5e/0x2c0 [ 418.689398][T10818] ? __wake_up+0x3f/0x60 [ 418.689423][T10818] netlink_create+0x39e/0x620 [ 418.689442][T10818] ? __pfx_genl_bind+0x10/0x10 [ 418.689466][T10818] ? __pfx_genl_unbind+0x10/0x10 [ 418.689490][T10818] ? __pfx_genl_release+0x10/0x10 [ 418.689519][T10818] __sock_create+0x338/0x8d0 [ 418.689551][T10818] __sys_socket+0x14d/0x260 [ 418.689578][T10818] ? __pfx___sys_socket+0x10/0x10 [ 418.689607][T10818] ? do_user_addr_fault+0x843/0x1370 [ 418.689641][T10818] __x64_sys_socket+0x72/0xb0 [ 418.689667][T10818] ? lockdep_hardirqs_on+0x7c/0x110 [ 418.689699][T10818] do_syscall_64+0xcd/0x490 [ 418.689720][T10818] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 418.689742][T10818] RIP: 0033:0x7f1efdb90847 [ 418.689760][T10818] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 418.689781][T10818] RSP: 002b:00007f1efea00fa8 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 418.689801][T10818] RAX: ffffffffffffffda RBX: 00007f1efddb6080 RCX: 00007f1efdb90847 [ 418.689815][T10818] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 418.689828][T10818] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 418.689841][T10818] R10: 0000200000000400 R11: 0000000000000286 R12: 0000000000000000 [ 418.689854][T10818] R13: 0000000000000000 R14: 00007f1efddb6080 R15: 00007ffcc06de8f8 [ 418.689882][T10818] [ 419.876855][T10838] netlink: 222 bytes leftover after parsing attributes in process `syz.3.1013'. [ 421.603055][T10858] netlink: 226 bytes leftover after parsing attributes in process `syz.1.1017'. [ 421.688169][T10858] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1017'. [ 421.808757][T10858] net_ratelimit: 95 callbacks suppressed [ 421.808772][T10858] A link change request failed with some changes committed already. Interface wg1 may have been left with an inconsistent configuration, please check. [ 422.849222][ T30] audit: type=1800 audit(4294987681.772:46): pid=10875 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1021" name="file0" dev="tmpfs" ino=1419 res=0 errno=0 [ 423.398782][T10881] FAULT_INJECTION: forcing a failure. [ 423.398782][T10881] name failslab, interval 1, probability 0, space 0, times 0 [ 423.459631][T10881] CPU: 0 UID: 0 PID: 10881 Comm: syz.3.1023 Tainted: G U 6.16.0-rc2-syzkaller #0 PREEMPT(full) [ 423.459673][T10881] Tainted: [U]=USER [ 423.459681][T10881] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 423.459695][T10881] Call Trace: [ 423.459702][T10881] [ 423.459711][T10881] dump_stack_lvl+0x16c/0x1f0 [ 423.459752][T10881] should_fail_ex+0x512/0x640 [ 423.459785][T10881] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 423.459824][T10881] should_failslab+0xc2/0x120 [ 423.459846][T10881] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 423.459908][T10881] ? __d_alloc+0x31/0xaa0 [ 423.459949][T10881] __d_alloc+0x31/0xaa0 [ 423.459995][T10881] d_alloc_pseudo+0x1c/0xc0 [ 423.460022][T10881] alloc_file_pseudo+0xcf/0x230 [ 423.460050][T10881] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 423.460085][T10881] __shmem_file_setup+0x1a3/0x330 [ 423.460119][T10881] shmem_zero_setup+0x93/0x1a0 [ 423.460157][T10881] __mmap_region+0x1ece/0x25e0 [ 423.460202][T10881] ? __pfx___mmap_region+0x10/0x10 [ 423.460237][T10881] ? rcu_is_watching+0x12/0xc0 [ 423.460267][T10881] ? rcu_is_watching+0x12/0xc0 [ 423.460290][T10881] ? trace_sched_exit_tp+0xde/0x130 [ 423.460318][T10881] ? __schedule+0x1181/0x5de0 [ 423.460368][T10881] ? __pfx___schedule+0x10/0x10 [ 423.460449][T10881] ? trace_cap_capable+0x18d/0x200 [ 423.460481][T10881] mmap_region+0x1ab/0x3f0 [ 423.460515][T10881] ? __get_unmapped_area+0x267/0x440 [ 423.460544][T10881] do_mmap+0xa3e/0x1210 [ 423.460574][T10881] ? __pfx_do_mmap+0x10/0x10 [ 423.460600][T10881] ? __pfx_down_write_killable+0x10/0x10 [ 423.460631][T10881] vm_mmap_pgoff+0x281/0x450 [ 423.460658][T10881] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 423.460688][T10881] ? __x64_sys_futex+0x1e0/0x4c0 [ 423.460714][T10881] ? __x64_sys_futex+0x1e9/0x4c0 [ 423.460746][T10881] ksys_mmap_pgoff+0x7d/0x5c0 [ 423.460769][T10881] ? xfd_validate_state+0x61/0x180 [ 423.460798][T10881] ? __pfx_ksys_write+0x10/0x10 [ 423.460833][T10881] __x64_sys_mmap+0x125/0x190 [ 423.460874][T10881] do_syscall_64+0xcd/0x490 [ 423.460897][T10881] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 423.460921][T10881] RIP: 0033:0x7f378018e929 [ 423.460939][T10881] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 423.460962][T10881] RSP: 002b:00007f377dff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 423.460984][T10881] RAX: ffffffffffffffda RBX: 00007f37803b5fa0 RCX: 00007f378018e929 [ 423.460999][T10881] RDX: 0000000000000007 RSI: 0000000004020009 RDI: 0000000000000000 [ 423.461013][T10881] RBP: 00007f3780210b39 R08: 0000000000000401 R09: 0000000000008000 [ 423.461027][T10881] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 423.461041][T10881] R13: 0000000000000000 R14: 00007f37803b5fa0 R15: 00007ffe40a276e8 [ 423.461071][T10881] [ 424.691186][T10895] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1027'. [ 424.802916][T10893] HfR: entered promiscuous mode [ 424.821123][T10895] HfR: left promiscuous mode [ 424.971009][T10896] HfR: entered promiscuous mode [ 426.250619][T10916] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 427.455809][ T30] audit: type=1800 audit(4294987686.388:47): pid=10938 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1036" name="file0" dev="tmpfs" ino=1345 res=0 errno=0 [ 431.100784][T11007] : Can't lookup blockdev [ 431.282656][T11013] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1053'. [ 431.309159][T11018] random: crng reseeded on system resumption [ 433.375979][T11068] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1067'. [ 433.561785][T11070] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1067'. [ 435.136595][ T30] audit: type=1800 audit(4294987694.122:48): pid=11091 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1073" name="file0" dev="tmpfs" ino=1503 res=0 errno=0 [ 436.242398][T11103] ecryptfs_parse_packet_length: Error parsing packet length [ 436.292249][T11103] ecryptfs_miscdev_write: Error parsing packet length; rc = [-22] [ 436.914971][ T30] audit: type=1800 audit(4294987695.912:49): pid=11111 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1079" name="file0" dev="tmpfs" ino=1408 res=0 errno=0 [ 437.511540][T11119] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1081'. [ 438.796424][T11153] i2c i2c-0: new_device: Instantiated device card: at 0x01 [ 440.190060][T11181] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 444.345045][T11229] device-mapper: ioctl: Invalid ioctl structure: name þÿÿÿÿÿÿÿ, dev ffffffff [ 444.407229][ T30] audit: type=1800 audit(4294987703.455:50): pid=11229 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1103" name="dmabuf" dev="dmabuf" ino=13 res=0 errno=0 [ 444.574727][T11233] openvswitch: netlink: nsh attr 68 is out of range max 3 [ 444.860026][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 444.874646][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 446.947532][T11249] Process accounting paused [ 448.956564][T11269] FAULT_INJECTION: forcing a failure. [ 448.956564][T11269] name failslab, interval 1, probability 0, space 0, times 0 [ 448.980041][ T30] audit: type=1800 audit(4294987708.051:51): pid=11272 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1111" name="file0" dev="tmpfs" ino=1334 res=0 errno=0 [ 449.006142][T11269] CPU: 0 UID: 0 PID: 11269 Comm: syz.2.1109 Tainted: G U 6.16.0-rc2-syzkaller #0 PREEMPT(full) [ 449.006182][T11269] Tainted: [U]=USER [ 449.006189][T11269] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 449.006203][T11269] Call Trace: [ 449.006210][T11269] [ 449.006219][T11269] dump_stack_lvl+0x16c/0x1f0 [ 449.006260][T11269] should_fail_ex+0x512/0x640 [ 449.006294][T11269] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 449.006328][T11269] should_failslab+0xc2/0x120 [ 449.006349][T11269] __kmalloc_cache_noprof+0x6a/0x3e0 [ 449.006381][T11269] ? alloc_tty_struct+0x96/0x8c0 [ 449.006415][T11269] alloc_tty_struct+0x96/0x8c0 [ 449.006438][T11269] ? __pfx_alloc_tty_struct+0x10/0x10 [ 449.006470][T11269] pty_common_install+0x1c7/0xb30 [ 449.006506][T11269] ? __pfx_pty_install+0x10/0x10 [ 449.006538][T11269] tty_init_dev.part.0+0x99/0x500 [ 449.006563][T11269] tty_open+0xa50/0xf90 [ 449.006590][T11269] ? __pfx_tty_open+0x10/0x10 [ 449.006613][T11269] ? chrdev_open+0x58c/0x6a0 [ 449.006652][T11269] ? __pfx_tty_open+0x10/0x10 [ 449.006673][T11269] chrdev_open+0x234/0x6a0 [ 449.006709][T11269] ? __pfx_chrdev_open+0x10/0x10 [ 449.006753][T11269] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 449.006790][T11269] do_dentry_open+0x741/0x1c10 [ 449.006824][T11269] ? __pfx_chrdev_open+0x10/0x10 [ 449.006866][T11269] vfs_open+0x82/0x3f0 [ 449.006894][T11269] path_openat+0x1de4/0x2cb0 [ 449.006937][T11269] ? __pfx_path_openat+0x10/0x10 [ 449.006983][T11269] ? __lock_acquire+0xb8a/0x1c90 [ 449.007014][T11269] do_filp_open+0x20b/0x470 [ 449.007045][T11269] ? __pfx_do_filp_open+0x10/0x10 [ 449.007096][T11269] ? alloc_fd+0x471/0x7d0 [ 449.007132][T11269] do_sys_openat2+0x11b/0x1d0 [ 449.007156][T11269] ? __pfx_do_sys_openat2+0x10/0x10 [ 449.007191][T11269] __x64_sys_openat+0x174/0x210 [ 449.007215][T11269] ? __pfx___x64_sys_openat+0x10/0x10 [ 449.007261][T11269] do_syscall_64+0xcd/0x490 [ 449.007282][T11269] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 449.007320][T11269] RIP: 0033:0x7f917818e929 [ 449.007337][T11269] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 449.007358][T11269] RSP: 002b:00007f917906f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 449.007378][T11269] RAX: ffffffffffffffda RBX: 00007f91783b5fa0 RCX: 00007f917818e929 [ 449.007392][T11269] RDX: 0000000000000002 RSI: 0000200000000400 RDI: ffffffffffffff9c [ 449.007405][T11269] RBP: 00007f9178210b39 R08: 0000000000000000 R09: 0000000000000000 [ 449.007418][T11269] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 449.007431][T11269] R13: 0000000000000000 R14: 00007f91783b5fa0 R15: 00007ffd477f0f78 [ 449.007459][T11269] [ 449.275645][ C0] vkms_vblank_simulate: vblank timer overrun [ 449.578809][T11276] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1112'. [ 449.600159][T11276] bridge0: port 2(bridge_slave_1) entered disabled state [ 449.973847][T11276] bridge_slave_1 (unregistering): left allmulticast mode [ 450.024777][T11276] bridge_slave_1 (unregistering): left promiscuous mode [ 450.041735][T11276] bridge0: port 2(bridge_slave_1) entered disabled state [ 450.645630][T11290] zswap: compressor 000 not available [ 450.951246][T11306] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 451.820934][T11313] Invalid ELF header magic: != ELF [ 454.697345][T11348] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 454.759151][T11348] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 455.762669][ T51] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 456.743933][T11364] nfsd: Unknown parameter '^BÔ-' [ 456.792210][T11364] netlink: 252 bytes leftover after parsing attributes in process `syz.1.1127'. [ 456.817851][T11375] RDS: rds_bind could not find a transport for ::ffff:10.1.1.2, load rds_tcp or rds_rdma? [ 456.885008][T11364] netlink: 252 bytes leftover after parsing attributes in process `syz.1.1127'. [ 457.329593][ T30] audit: type=1800 audit(4294987716.439:52): pid=11387 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1132" name="file0" dev="tmpfs" ino=1599 res=0 errno=0 [ 457.865014][ T30] audit: type=1800 audit(4294987716.972:53): pid=11393 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1134" name="file0" dev="tmpfs" ino=1605 res=0 errno=0 [ 458.186619][T11394] zswap: compressor 000 not available [ 458.255370][T11399] futex_wake_op: syz.3.1135 tries to shift op by 64; fix this program [ 458.827816][T11414] bridge0: port 2(team0) entered blocking state [ 458.867923][T11414] bridge0: port 2(team0) entered disabled state [ 458.885675][T11414] team0: entered allmulticast mode [ 458.926615][T11414] team_slave_0: entered allmulticast mode [ 458.956613][T11414] team_slave_1: entered allmulticast mode [ 458.991928][T11414] team0: entered promiscuous mode [ 459.020801][T11414] team_slave_0: entered promiscuous mode [ 459.053862][T11414] team_slave_1: entered promiscuous mode [ 459.084916][T11414] bridge0: port 2(team0) entered blocking state [ 459.091273][T11414] bridge0: port 2(team0) entered forwarding state [ 459.241410][T11418] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 459.619444][T11418] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 463.477286][T11502] block nbd0: not configured, cannot reconfigure [ 464.245864][T11511] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 466.133873][T11537] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 467.314637][T11567] ima: policy update failed [ 467.319711][ T30] audit: type=1802 audit(4294987726.496:54): pid=11567 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.1168" res=0 errno=0 [ 468.175911][ T30] audit: type=1800 audit(4294987727.350:55): pid=11587 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1172" name="file0" dev="tmpfs" ino=1664 res=0 errno=0 [ 468.409636][T11595] RDS: rds_bind could not find a transport for ::ffff:10.1.1.2, load rds_tcp or rds_rdma? [ 468.611860][T11598] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 469.490302][T11615] netlink: 'syz.0.1178': attribute type 11 has an invalid length. [ 470.322725][ T30] audit: type=1800 audit(4294987729.513:56): pid=11631 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1182" name="file0" dev="tmpfs" ino=1553 res=0 errno=0 [ 470.442270][ T30] audit: type=1800 audit(4294987729.623:57): pid=11633 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1183" name="file0" dev="tmpfs" ino=1429 res=0 errno=0 [ 470.651907][T11641] program syz.1.1180 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 470.768420][T11640] nbd: must specify an index to disconnect [ 470.788836][T11641] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 470.954105][T11653] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 471.850207][T11663] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 472.871239][T11680] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1192'. [ 472.909638][T11680] netlink: 'syz.2.1192': attribute type 11 has an invalid length. [ 473.050162][T11680] netlink: 'syz.2.1192': attribute type 11 has an invalid length. [ 473.131980][T11680] netlink: 'syz.2.1192': attribute type 11 has an invalid length. [ 473.213333][T11683] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 473.681061][T11693] FAULT_INJECTION: forcing a failure. [ 473.681061][T11693] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 473.791356][T11693] CPU: 0 UID: 0 PID: 11693 Comm: syz.3.1195 Tainted: G U 6.16.0-rc2-syzkaller #0 PREEMPT(full) [ 473.791394][T11693] Tainted: [U]=USER [ 473.791401][T11693] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 473.791413][T11693] Call Trace: [ 473.791419][T11693] [ 473.791427][T11693] dump_stack_lvl+0x16c/0x1f0 [ 473.791470][T11693] should_fail_ex+0x512/0x640 [ 473.791504][T11693] should_fail_alloc_page+0xe7/0x130 [ 473.791529][T11693] prepare_alloc_pages+0x3c2/0x610 [ 473.791557][T11693] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 473.791592][T11693] ? rcu_is_watching+0x12/0xc0 [ 473.791613][T11693] ? trace_mm_page_alloc+0x11f/0x1a0 [ 473.791638][T11693] ? __alloc_frozen_pages_noprof+0x294/0x23f0 [ 473.791679][T11693] ? __pfx_stack_trace_save+0x10/0x10 [ 473.791703][T11693] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 473.791742][T11693] ? alloc_vmap_area+0x645/0x29c0 [ 473.791763][T11693] ? __vmalloc_node_range_noprof+0x271/0x14b0 [ 473.791788][T11693] ? stack_map_alloc+0x290/0x650 [ 473.791807][T11693] ? map_create+0x592/0x1db0 [ 473.791835][T11693] ? __sys_bpf+0x47cc/0x4d80 [ 473.791864][T11693] ? __x64_sys_bpf+0x78/0xc0 [ 473.791887][T11693] ? do_syscall_64+0xcd/0x490 [ 473.791903][T11693] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 473.791933][T11693] alloc_pages_bulk_noprof+0x71c/0x1410 [ 473.791963][T11693] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 473.791996][T11693] ? policy_nodemask+0xea/0x4e0 [ 473.792054][T11693] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 473.792089][T11693] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 473.792121][T11693] kasan_populate_vmalloc+0xf1/0x1f0 [ 473.792156][T11693] alloc_vmap_area+0x959/0x29c0 [ 473.792190][T11693] ? __pfx_alloc_vmap_area+0x10/0x10 [ 473.792220][T11693] __get_vm_area_node+0x1ca/0x330 [ 473.792250][T11693] __vmalloc_node_range_noprof+0x271/0x14b0 [ 473.792278][T11693] ? stack_map_alloc+0x290/0x650 [ 473.792316][T11693] ? stack_map_alloc+0x290/0x650 [ 473.792340][T11693] ? aa_get_newest_label+0x375/0x680 [ 473.792360][T11693] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 473.792387][T11693] ? __pfx_aa_get_newest_label+0x10/0x10 [ 473.792408][T11693] ? rcu_is_watching+0x12/0xc0 [ 473.792428][T11693] ? trace_cap_capable+0x18d/0x200 [ 473.792450][T11693] ? stack_map_alloc+0x290/0x650 [ 473.792468][T11693] __bpf_map_area_alloc+0x12e/0x200 [ 473.792488][T11693] ? stack_map_alloc+0x290/0x650 [ 473.792511][T11693] stack_map_alloc+0x290/0x650 [ 473.792534][T11693] map_create+0x592/0x1db0 [ 473.792574][T11693] ? __pfx_map_create+0x10/0x10 [ 473.792620][T11693] ? __might_fault+0xe3/0x190 [ 473.792665][T11693] ? __might_fault+0xe3/0x190 [ 473.792698][T11693] ? __might_fault+0x13b/0x190 [ 473.792743][T11693] __sys_bpf+0x47cc/0x4d80 [ 473.792785][T11693] ? __pfx___sys_bpf+0x10/0x10 [ 473.792823][T11693] ? ksys_write+0x190/0x250 [ 473.792862][T11693] ? do_futex+0x122/0x350 [ 473.792890][T11693] ? __pfx_do_futex+0x10/0x10 [ 473.792931][T11693] ? fput+0x70/0xf0 [ 473.792954][T11693] ? xfd_validate_state+0x61/0x180 [ 473.792983][T11693] ? __pfx_ksys_write+0x10/0x10 [ 473.793022][T11693] __x64_sys_bpf+0x78/0xc0 [ 473.793043][T11693] ? lockdep_hardirqs_on+0x7c/0x110 [ 473.793079][T11693] do_syscall_64+0xcd/0x490 [ 473.793102][T11693] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 473.793126][T11693] RIP: 0033:0x7f378018e929 [ 473.793145][T11693] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 473.793169][T11693] RSP: 002b:00007f377dff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 473.793191][T11693] RAX: ffffffffffffffda RBX: 00007f37803b5fa0 RCX: 00007f378018e929 [ 473.793207][T11693] RDX: 00000000000006f4 RSI: 0000200000000100 RDI: 0000000000000000 [ 473.793222][T11693] RBP: 00007f3780210b39 R08: 0000000000000000 R09: 0000000000000000 [ 473.793236][T11693] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 473.793250][T11693] R13: 0000000000000000 R14: 00007f37803b5fa0 R15: 00007ffe40a276e8 [ 473.793280][T11693] [ 475.312670][ T30] audit: type=1800 audit(4294987734.531:58): pid=11706 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1198" name="file0" dev="tmpfs" ino=1659 res=0 errno=0 [ 476.263389][ T30] audit: type=1800 audit(4294987735.487:59): pid=11716 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1201" name="lu_gp_id" dev="configfs" ino=33505 res=0 errno=0 [ 476.334144][T11716] ALUA LU Group already has a valid ID, ignoring request [ 476.946303][T11723] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 477.019263][T11723] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 477.166974][T11723] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 477.174555][T11723] page_type: f5(slab) [ 477.271174][T11717] Process accounting resumed [ 477.345246][T11729] could not allocate digest TFM handle binfmt_misc [ 477.437149][T11723] raw: 00fff00000000040 ffff88801ce948c0 dead000000000122 0000000000000000 [ 477.569248][T11723] raw: 0000000000000000 00000000000c000c 00000000f5000000 0000000000000000 [ 477.674384][T11723] head: 00fff00000000040 ffff88801ce948c0 dead000000000122 0000000000000000 [ 477.683142][T11723] head: 0000000000000000 00000000000c000c 00000000f5000000 0000000000000000 [ 477.780287][ T30] audit: type=1800 audit(4294987737.015:60): pid=11742 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1206" name="file0" dev="tmpfs" ino=1670 res=0 errno=0 [ 477.902770][T11723] head: 00fff00000000002 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 478.033961][T11723] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 478.126796][T11723] page dumped because: unmovable page [ 478.223575][T11723] page_owner tracks the page as allocated [ 478.229326][T11723] page last allocated via order 2, migratetype Reclaimable, gfp_mask 0xd20d0(__GFP_RECLAIMABLE|__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5220, tgid 5220 (udevadm), ts 43066245951, free_ts 34820172053 [ 478.543937][T11723] post_alloc_hook+0x1c0/0x230 [ 478.579009][T11723] get_page_from_freelist+0x1321/0x3890 [ 478.618098][T11723] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 478.657577][T11723] alloc_pages_mpol+0x1fb/0x550 [ 478.693053][T11723] new_slab+0x23b/0x330 [ 478.779144][T11723] ___slab_alloc+0xd9c/0x1940 [ 478.860217][T11723] __slab_alloc.constprop.0+0x56/0xb0 [ 478.927021][T11723] kmem_cache_alloc_lru_noprof+0xf4/0x3b0 [ 478.983227][T11723] alloc_inode+0xc3/0x240 [ 479.020354][T11723] iget_locked+0x2e4/0x830 [ 479.024892][T11723] kernfs_get_inode+0x48/0x460 [ 479.135401][T11723] kernfs_iop_lookup+0x1a7/0x2d0 [ 479.179432][T11723] __lookup_slow+0x251/0x460 [ 479.184070][T11723] walk_component+0x353/0x5b0 [ 479.225409][T11723] path_lookupat+0x142/0x6d0 [ 479.260348][T11723] filename_lookup+0x224/0x5f0 [ 479.286811][T11723] page last free pid 1 tgid 1 stack trace: [ 479.343309][T11723] __free_frozen_pages+0x7fe/0x1180 [ 479.373987][T11723] free_contig_range+0x183/0x4b0 [ 479.403798][T11723] destroy_args+0x7f6/0xa60 [ 479.440581][T11723] debug_vm_pgtable+0x13b8/0x2d00 [ 479.475521][T11723] do_one_initcall+0x120/0x6e0 [ 479.506564][T11723] kernel_init_freeable+0x5c2/0x900 [ 479.552879][T11723] kernel_init+0x1c/0x2b0 [ 479.577345][T11723] ret_from_fork+0x5d4/0x6f0 [ 479.604119][T11723] ret_from_fork_asm+0x1a/0x30 [ 480.206167][ T30] audit: type=1800 audit(4294987739.449:61): pid=11756 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1210" name="file0" dev="tmpfs" ino=1696 res=0 errno=0 [ 481.041719][ T30] audit: type=1800 audit(4294987740.294:62): pid=11765 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1212" name="dmabuf" dev="dmabuf" ino=16 res=0 errno=0 [ 481.685342][T11772] FAULT_INJECTION: forcing a failure. [ 481.685342][T11772] name failslab, interval 1, probability 0, space 0, times 0 [ 481.744624][T11772] CPU: 0 UID: 0 PID: 11772 Comm: syz.1.1214 Tainted: G U 6.16.0-rc2-syzkaller #0 PREEMPT(full) [ 481.744655][T11772] Tainted: [U]=USER [ 481.744661][T11772] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 481.744672][T11772] Call Trace: [ 481.744678][T11772] [ 481.744686][T11772] dump_stack_lvl+0x16c/0x1f0 [ 481.744722][T11772] should_fail_ex+0x512/0x640 [ 481.744751][T11772] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 481.744784][T11772] should_failslab+0xc2/0x120 [ 481.744803][T11772] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 481.744833][T11772] ? vm_area_dup+0x27/0x8d0 [ 481.744863][T11772] vm_area_dup+0x27/0x8d0 [ 481.744891][T11772] __split_vma+0x18e/0x1070 [ 481.744922][T11772] ? __pfx___split_vma+0x10/0x10 [ 481.744948][T11772] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 481.744977][T11772] ? unwind_get_return_address+0x59/0xa0 [ 481.745021][T11772] vma_modify+0xee1/0x2030 [ 481.745051][T11772] ? _parse_integer_limit+0x17f/0x1d0 [ 481.745077][T11772] ? __pfx_vma_modify+0x10/0x10 [ 481.745112][T11772] vma_modify_flags+0x212/0x2d0 [ 481.745141][T11772] ? __pfx_vma_modify_flags+0x10/0x10 [ 481.745182][T11772] ? may_expand_vm+0xe8/0x430 [ 481.745209][T11772] mprotect_fixup+0x2b3/0xb10 [ 481.745258][T11772] ? __pfx_mprotect_fixup+0x10/0x10 [ 481.745295][T11772] do_mprotect_pkey+0x9ca/0xd50 [ 481.745332][T11772] ? __pfx_do_mprotect_pkey+0x10/0x10 [ 481.745362][T11772] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 481.745406][T11772] ? __fget_files+0x20e/0x3c0 [ 481.745444][T11772] ? __pfx_ksys_write+0x10/0x10 [ 481.745480][T11772] __x64_sys_mprotect+0x78/0xc0 [ 481.745507][T11772] ? lockdep_hardirqs_on+0x7c/0x110 [ 481.745540][T11772] do_syscall_64+0xcd/0x490 [ 481.745561][T11772] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 481.745582][T11772] RIP: 0033:0x7f1efdb8e929 [ 481.745598][T11772] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 481.745619][T11772] RSP: 002b:00007f1efea23038 EFLAGS: 00000246 ORIG_RAX: 000000000000000a [ 481.745638][T11772] RAX: ffffffffffffffda RBX: 00007f1efddb5fa0 RCX: 00007f1efdb8e929 [ 481.745652][T11772] RDX: 0000000000000006 RSI: 0000000000806121 RDI: 0000200000000000 [ 481.745665][T11772] RBP: 00007f1efea23090 R08: 0000000000000000 R09: 0000000000000000 [ 481.745678][T11772] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 481.745691][T11772] R13: 0000000000000000 R14: 00007f1efddb5fa0 R15: 00007ffcc06de8f8 [ 481.745717][T11772] [ 481.997947][ C0] vkms_vblank_simulate: vblank timer overrun [ 482.486669][ T30] audit: type=1800 audit(4294987741.712:63): pid=11779 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1216" name="file0" dev="tmpfs" ino=1466 res=0 errno=0 [ 483.573067][T11773] netlink: 244 bytes leftover after parsing attributes in process `syz.3.1213'. [ 484.092961][T11806] netlink: 'syz.2.1221': attribute type 10 has an invalid length. [ 484.137355][T11806] netlink: 230 bytes leftover after parsing attributes in process `syz.2.1221'. [ 484.328465][T11806] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 485.095094][T11831] FAULT_INJECTION: forcing a failure. [ 485.095094][T11831] name failslab, interval 1, probability 0, space 0, times 0 [ 485.143698][T11831] CPU: 0 UID: 0 PID: 11831 Comm: syz.1.1226 Tainted: G U 6.16.0-rc2-syzkaller #0 PREEMPT(full) [ 485.143736][T11831] Tainted: [U]=USER [ 485.143743][T11831] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 485.143757][T11831] Call Trace: [ 485.143782][T11831] [ 485.143791][T11831] dump_stack_lvl+0x16c/0x1f0 [ 485.143830][T11831] should_fail_ex+0x512/0x640 [ 485.143863][T11831] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 485.143913][T11831] should_failslab+0xc2/0x120 [ 485.143933][T11831] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 485.143963][T11831] ? mas_alloc_nodes+0x18b/0x8b0 [ 485.143996][T11831] mas_alloc_nodes+0x18b/0x8b0 [ 485.144030][T11831] mas_node_count_gfp+0x105/0x130 [ 485.144061][T11831] mas_preallocate+0x77b/0xda0 [ 485.144088][T11831] ? __pfx_mas_preallocate+0x10/0x10 [ 485.144120][T11831] ? anon_vma_name+0x75/0x100 [ 485.144147][T11831] __split_vma+0x34a/0x1070 [ 485.144180][T11831] ? __pfx___split_vma+0x10/0x10 [ 485.144209][T11831] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 485.144239][T11831] ? unwind_get_return_address+0x59/0xa0 [ 485.144279][T11831] vma_modify+0xee1/0x2030 [ 485.144311][T11831] ? _parse_integer_limit+0x17f/0x1d0 [ 485.144339][T11831] ? __pfx_vma_modify+0x10/0x10 [ 485.144376][T11831] vma_modify_flags+0x212/0x2d0 [ 485.144407][T11831] ? __pfx_vma_modify_flags+0x10/0x10 [ 485.144451][T11831] ? may_expand_vm+0xe8/0x430 [ 485.144479][T11831] mprotect_fixup+0x2b3/0xb10 [ 485.144513][T11831] ? __pfx_mprotect_fixup+0x10/0x10 [ 485.144549][T11831] do_mprotect_pkey+0x9ca/0xd50 [ 485.144586][T11831] ? __pfx_do_mprotect_pkey+0x10/0x10 [ 485.144616][T11831] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 485.144660][T11831] ? __fget_files+0x20e/0x3c0 [ 485.144699][T11831] ? __pfx_ksys_write+0x10/0x10 [ 485.144734][T11831] __x64_sys_mprotect+0x78/0xc0 [ 485.144762][T11831] ? lockdep_hardirqs_on+0x7c/0x110 [ 485.144816][T11831] do_syscall_64+0xcd/0x490 [ 485.144837][T11831] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 485.144860][T11831] RIP: 0033:0x7f1efdb8e929 [ 485.144877][T11831] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 485.144898][T11831] RSP: 002b:00007f1efea23038 EFLAGS: 00000246 ORIG_RAX: 000000000000000a [ 485.144918][T11831] RAX: ffffffffffffffda RBX: 00007f1efddb5fa0 RCX: 00007f1efdb8e929 [ 485.144933][T11831] RDX: 0000000000000006 RSI: 0000000000806121 RDI: 0000200000000000 [ 485.144946][T11831] RBP: 00007f1efea23090 R08: 0000000000000000 R09: 0000000000000000 [ 485.144959][T11831] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 485.144972][T11831] R13: 0000000000000000 R14: 00007f1efddb5fa0 R15: 00007ffcc06de8f8 [ 485.145000][T11831] [ 488.287664][T11853] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 488.423233][ T30] audit: type=1800 audit(4294987747.726:64): pid=11864 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1233" name="file0" dev="tmpfs" ino=1492 res=0 errno=0 [ 488.443843][ C0] vkms_vblank_simulate: vblank timer overrun [ 489.341204][T11880] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 491.835524][ T30] audit: type=1800 audit(4294987751.155:65): pid=11931 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1243" name="SYSV00000400" dev="tmpfs" ino=0 res=0 errno=0 [ 492.610304][T11943] program syz.2.1248 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 492.730194][T11943] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 493.552694][T11956] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 496.722180][T12007] vhci_hcd: invalid port number 21 [ 496.824305][ T30] audit: type=1800 audit(4294987756.164:66): pid=12024 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1264" name="file0" dev="tmpfs" ino=1672 res=0 errno=0 [ 498.166803][T12061] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 498.607627][T12076] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1275'. [ 498.765673][T12076] macsec0: entered promiscuous mode [ 498.786573][T12076] macsec0: entered allmulticast mode [ 498.828158][T12076] veth1_macvtap: entered allmulticast mode [ 498.948513][T12073] could not allocate digest TFM handle [ 499.473986][T12087] FAULT_INJECTION: forcing a failure. [ 499.473986][T12087] name failslab, interval 1, probability 0, space 0, times 0 [ 499.545806][T12087] CPU: 0 UID: 0 PID: 12087 Comm: syz.1.1277 Tainted: G U 6.16.0-rc2-syzkaller #0 PREEMPT(full) [ 499.545840][T12087] Tainted: [U]=USER [ 499.545846][T12087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 499.545865][T12087] Call Trace: [ 499.545871][T12087] [ 499.545879][T12087] dump_stack_lvl+0x16c/0x1f0 [ 499.545915][T12087] should_fail_ex+0x512/0x640 [ 499.545964][T12087] ? __kmalloc_noprof+0xbf/0x510 [ 499.545997][T12087] ? __register_sysctl_table+0xb3/0x1900 [ 499.546031][T12087] should_failslab+0xc2/0x120 [ 499.546051][T12087] __kmalloc_noprof+0xd2/0x510 [ 499.546089][T12087] __register_sysctl_table+0xb3/0x1900 [ 499.546130][T12087] ? is_module_address+0x5f/0xf0 [ 499.546165][T12087] ? __pfx___register_sysctl_table+0x10/0x10 [ 499.546199][T12087] ? is_module_address+0x69/0xf0 [ 499.546227][T12087] ? register_net_sysctl_sz+0x228/0x3e0 [ 499.546252][T12087] ? __asan_memcpy+0x3c/0x60 [ 499.546287][T12087] smc_sysctl_net_init+0xbb/0x3d0 [ 499.546312][T12087] ? __pfx_smc_net_init+0x10/0x10 [ 499.546337][T12087] smc_net_init+0x16/0x50 [ 499.546379][T12087] ops_init+0x1e2/0x5f0 [ 499.546406][T12087] setup_net+0x1ff/0x510 [ 499.546426][T12087] ? lockdep_init_map_type+0x5c/0x280 [ 499.546458][T12087] ? __pfx_setup_net+0x10/0x10 [ 499.546501][T12087] ? debug_mutex_init+0x37/0x70 [ 499.546527][T12087] copy_net_ns+0x2a6/0x5f0 [ 499.546555][T12087] create_new_namespaces+0x3ea/0xa90 [ 499.546588][T12087] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 499.546615][T12087] ksys_unshare+0x45b/0xa40 [ 499.546646][T12087] ? __pfx_ksys_unshare+0x10/0x10 [ 499.546696][T12087] ? xfd_validate_state+0x61/0x180 [ 499.546738][T12087] __x64_sys_unshare+0x31/0x40 [ 499.546769][T12087] do_syscall_64+0xcd/0x490 [ 499.546798][T12087] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 499.546822][T12087] RIP: 0033:0x7f1efdb8e929 [ 499.546841][T12087] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 499.546864][T12087] RSP: 002b:00007f1efea02038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 499.546886][T12087] RAX: ffffffffffffffda RBX: 00007f1efddb6080 RCX: 00007f1efdb8e929 [ 499.546902][T12087] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 499.546917][T12087] RBP: 00007f1efdc10b39 R08: 0000000000000000 R09: 0000000000000000 [ 499.546931][T12087] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 499.546945][T12087] R13: 0000000000000000 R14: 00007f1efddb6080 R15: 00007ffcc06de8f8 [ 499.546975][T12087] [ 499.800012][ C0] vkms_vblank_simulate: vblank timer overrun [ 502.766615][T12144] netlink: zone id is out of range [ 502.805188][T12144] netlink: zone id is out of range [ 502.825015][T12147] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 502.845409][T12144] netlink: zone id is out of range [ 502.879488][T12144] netlink: zone id is out of range [ 502.924451][T12144] netlink: zone id is out of range [ 503.002004][T12144] netlink: zone id is out of range [ 503.045772][T12144] netlink: zone id is out of range [ 503.139709][T12144] netlink: zone id is out of range [ 503.219770][T12144] netlink: zone id is out of range [ 503.323595][T12144] netlink: zone id is out of range [ 505.054652][T12189] FAULT_INJECTION: forcing a failure. [ 505.054652][T12189] name fail_futex, interval 1, probability 0, space 0, times 1 [ 505.123911][T12189] CPU: 0 UID: 0 PID: 12189 Comm: syz.0.1300 Tainted: G U 6.16.0-rc2-syzkaller #0 PREEMPT(full) [ 505.123946][T12189] Tainted: [U]=USER [ 505.123953][T12189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 505.123966][T12189] Call Trace: [ 505.123972][T12189] [ 505.123980][T12189] dump_stack_lvl+0x16c/0x1f0 [ 505.124019][T12189] should_fail_ex+0x512/0x640 [ 505.124062][T12189] get_futex_key+0x1d0/0x1540 [ 505.124090][T12189] ? __pfx_get_futex_key+0x10/0x10 [ 505.124125][T12189] futex_wait_setup+0x9d/0x550 [ 505.124164][T12189] __futex_wait+0x194/0x2f0 [ 505.124196][T12189] ? __pfx___futex_wait+0x10/0x10 [ 505.124232][T12189] ? __pfx_futex_wake_mark+0x10/0x10 [ 505.124277][T12189] futex_wait+0xe8/0x380 [ 505.124308][T12189] ? __pfx_futex_wait+0x10/0x10 [ 505.124348][T12189] ? __pfx_mt_find+0x10/0x10 [ 505.124372][T12189] do_futex+0x229/0x350 [ 505.124398][T12189] ? __pfx_do_futex+0x10/0x10 [ 505.124431][T12189] __x64_sys_futex+0x1e0/0x4c0 [ 505.124459][T12189] ? fput+0x70/0xf0 [ 505.124478][T12189] ? __pfx___x64_sys_futex+0x10/0x10 [ 505.124515][T12189] do_syscall_64+0xcd/0x490 [ 505.124536][T12189] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 505.124558][T12189] RIP: 0033:0x7fc8b638e929 [ 505.124575][T12189] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 505.124597][T12189] RSP: 002b:00007fc8b718b0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 505.124617][T12189] RAX: ffffffffffffffda RBX: 00007fc8b65b5fa8 RCX: 00007fc8b638e929 [ 505.124631][T12189] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fc8b65b5fa8 [ 505.124644][T12189] RBP: 00007fc8b65b5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 505.124657][T12189] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc8b65b5fac [ 505.124670][T12189] R13: 0000000000000000 R14: 00007ffe09475960 R15: 00007ffe09475a48 [ 505.124696][T12189] [ 505.630376][T12195] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input23 [ 505.961567][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 505.972834][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 506.592105][T12207] FAULT_INJECTION: forcing a failure. [ 506.592105][T12207] name failslab, interval 1, probability 0, space 0, times 0 [ 506.663401][T12207] CPU: 0 UID: 0 PID: 12207 Comm: syz.2.1305 Tainted: G U 6.16.0-rc2-syzkaller #0 PREEMPT(full) [ 506.663439][T12207] Tainted: [U]=USER [ 506.663447][T12207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 506.663461][T12207] Call Trace: [ 506.663469][T12207] [ 506.663478][T12207] dump_stack_lvl+0x16c/0x1f0 [ 506.663519][T12207] should_fail_ex+0x512/0x640 [ 506.663555][T12207] ? __kmalloc_noprof+0xbf/0x510 [ 506.663593][T12207] ? tracepoint_add_func+0x2a6/0xea0 [ 506.663628][T12207] should_failslab+0xc2/0x120 [ 506.663650][T12207] __kmalloc_noprof+0xd2/0x510 [ 506.663689][T12207] ? __pfx_blk_add_trace_rq_remap+0x10/0x10 [ 506.663720][T12207] tracepoint_add_func+0x2a6/0xea0 [ 506.663766][T12207] ? __pfx_blk_add_trace_rq_remap+0x10/0x10 [ 506.663814][T12207] ? __pfx_blk_add_trace_rq_remap+0x10/0x10 [ 506.663841][T12207] tracepoint_probe_register+0xbf/0x100 [ 506.663886][T12207] ? __pfx_tracepoint_probe_register+0x10/0x10 [ 506.663924][T12207] ? __pfx_blk_add_trace_rq_remap+0x10/0x10 [ 506.663950][T12207] ? relay_open+0x62e/0xad0 [ 506.663979][T12207] blk_register_tracepoints+0x291/0x380 [ 506.664013][T12207] do_blk_trace_setup+0x933/0xb50 [ 506.664038][T12207] blk_trace_setup+0xed/0x1b0 [ 506.664060][T12207] ? __pfx_blk_trace_setup+0x10/0x10 [ 506.664082][T12207] ? __pfx_snprintf+0x10/0x10 [ 506.664126][T12207] blk_trace_ioctl+0x146/0x280 [ 506.664149][T12207] ? __pfx_blk_trace_ioctl+0x10/0x10 [ 506.664176][T12207] ? find_held_lock+0x2b/0x80 [ 506.664195][T12207] ? hook_file_ioctl_common+0x145/0x410 [ 506.664221][T12207] blkdev_ioctl+0x108/0x6d0 [ 506.664245][T12207] ? __pfx_blkdev_ioctl+0x10/0x10 [ 506.664272][T12207] ? __pfx_blkdev_ioctl+0x10/0x10 [ 506.664296][T12207] __x64_sys_ioctl+0x18e/0x210 [ 506.664322][T12207] do_syscall_64+0xcd/0x490 [ 506.664342][T12207] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 506.664362][T12207] RIP: 0033:0x7f917818e929 [ 506.664378][T12207] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 506.664398][T12207] RSP: 002b:00007f917904e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 506.664416][T12207] RAX: ffffffffffffffda RBX: 00007f91783b6080 RCX: 00007f917818e929 [ 506.664435][T12207] RDX: 00002000000000c0 RSI: 00000000c0481273 RDI: 000000000000000c [ 506.664447][T12207] RBP: 00007f9178210b39 R08: 0000000000000000 R09: 0000000000000000 [ 506.664459][T12207] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 506.664471][T12207] R13: 0000000000000000 R14: 00007f91783b6080 R15: 00007ffd477f0f78 [ 506.664497][T12207] [ 506.668240][T12207] ------------[ cut here ]------------ [ 506.934332][T12207] WARNING: CPU: 0 PID: 12207 at kernel/trace/blktrace.c:1106 blk_register_tracepoints+0x374/0x380 [ 506.944994][T12207] Modules linked in: [ 506.949128][T12207] CPU: 0 UID: 0 PID: 12207 Comm: syz.2.1305 Tainted: G U 6.16.0-rc2-syzkaller #0 PREEMPT(full) [ 506.961109][T12207] Tainted: [U]=USER [ 506.965057][T12207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 506.975688][T12207] RIP: 0010:blk_register_tracepoints+0x374/0x380 [ 506.982549][T12207] Code: 0f 0b 90 e9 cb fe ff ff e8 c9 16 f8 ff 90 0f 0b 90 e9 ea fe ff ff e8 bb 16 f8 ff 90 0f 0b 90 e9 09 ff ff ff e8 ad 16 f8 ff 90 <0f> 0b 90 5b e9 a3 16 f8 ff 0f 1f 00 90 90 90 90 90 90 90 90 90 90 [ 507.002162][ C0] vkms_vblank_simulate: vblank timer overrun [ 507.008431][T12207] RSP: 0018:ffffc9000af3fc28 EFLAGS: 00010283 [ 507.014502][T12207] RAX: 000000000002d77c RBX: 00000000fffffff4 RCX: ffffc9000d6e8000 [ 507.022515][T12207] RDX: 0000000000080000 RSI: ffffffff81c371c3 RDI: 0000000000000005 [ 507.030694][T12207] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000 [ 507.038715][T12207] R10: 00000000fffffff4 R11: 0000000000000001 R12: 00000000000000ff [ 507.046708][T12207] R13: 0000000000002000 R14: ffff8880264fc478 R15: ffffc9000af3fcf4 [ 507.054694][T12207] FS: 00007f917904e6c0(0000) GS:ffff888124761000(0000) knlGS:0000000000000000 [ 507.063699][T12207] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 507.070850][T12207] CR2: 0000200000149000 CR3: 000000007eab0000 CR4: 00000000003526f0 [ 507.079226][T12207] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 507.087229][T12207] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 507.095340][T12207] Call Trace: [ 507.098752][T12207] [ 507.101696][T12207] do_blk_trace_setup+0x933/0xb50 [ 507.106751][T12207] blk_trace_setup+0xed/0x1b0 [ 507.111438][T12207] ? __pfx_blk_trace_setup+0x10/0x10 [ 507.116811][T12207] ? __pfx_snprintf+0x10/0x10 [ 507.121555][T12207] blk_trace_ioctl+0x146/0x280 [ 507.126366][T12207] ? __pfx_blk_trace_ioctl+0x10/0x10 [ 507.131661][T12207] ? find_held_lock+0x2b/0x80 [ 507.136383][T12207] ? hook_file_ioctl_common+0x145/0x410 [ 507.141945][T12207] blkdev_ioctl+0x108/0x6d0 [ 507.146489][T12207] ? __pfx_blkdev_ioctl+0x10/0x10 [ 507.151555][T12207] ? __pfx_blkdev_ioctl+0x10/0x10 [ 507.156640][T12207] __x64_sys_ioctl+0x18e/0x210 [ 507.161445][T12207] do_syscall_64+0xcd/0x490 [ 507.166010][T12207] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 507.172441][T12207] RIP: 0033:0x7f917818e929 [ 507.177296][T12207] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 507.197097][T12207] RSP: 002b:00007f917904e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 507.205742][T12207] RAX: ffffffffffffffda RBX: 00007f91783b6080 RCX: 00007f917818e929 [ 507.213738][T12207] RDX: 00002000000000c0 RSI: 00000000c0481273 RDI: 000000000000000c [ 507.221849][T12207] RBP: 00007f9178210b39 R08: 0000000000000000 R09: 0000000000000000 [ 507.229844][T12207] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 507.237852][T12207] R13: 0000000000000000 R14: 00007f91783b6080 R15: 00007ffd477f0f78 [ 507.245863][T12207] [ 507.248897][T12207] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 507.256187][T12207] CPU: 0 UID: 0 PID: 12207 Comm: syz.2.1305 Tainted: G U 6.16.0-rc2-syzkaller #0 PREEMPT(full) [ 507.268090][T12207] Tainted: [U]=USER [ 507.271894][T12207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 507.281952][T12207] Call Trace: [ 507.285236][T12207] [ 507.288170][T12207] dump_stack_lvl+0x3d/0x1f0 [ 507.292802][T12207] panic+0x71c/0x800 [ 507.296725][T12207] ? __pfx_panic+0x10/0x10 [ 507.301163][T12207] ? show_trace_log_lvl+0x29b/0x3e0 [ 507.306384][T12207] ? blk_register_tracepoints+0x374/0x380 [ 507.312124][T12207] check_panic_on_warn+0xab/0xb0 [ 507.317077][T12207] __warn+0xf6/0x3c0 [ 507.320987][T12207] ? blk_register_tracepoints+0x374/0x380 [ 507.326739][T12207] report_bug+0x3c3/0x580 [ 507.331082][T12207] ? blk_register_tracepoints+0x374/0x380 [ 507.336823][T12207] handle_bug+0x184/0x210 [ 507.341163][T12207] exc_invalid_op+0x17/0x50 [ 507.345691][T12207] asm_exc_invalid_op+0x1a/0x20 [ 507.350560][T12207] RIP: 0010:blk_register_tracepoints+0x374/0x380 [ 507.356913][T12207] Code: 0f 0b 90 e9 cb fe ff ff e8 c9 16 f8 ff 90 0f 0b 90 e9 ea fe ff ff e8 bb 16 f8 ff 90 0f 0b 90 e9 09 ff ff ff e8 ad 16 f8 ff 90 <0f> 0b 90 5b e9 a3 16 f8 ff 0f 1f 00 90 90 90 90 90 90 90 90 90 90 [ 507.376646][T12207] RSP: 0018:ffffc9000af3fc28 EFLAGS: 00010283 [ 507.382732][T12207] RAX: 000000000002d77c RBX: 00000000fffffff4 RCX: ffffc9000d6e8000 [ 507.390710][T12207] RDX: 0000000000080000 RSI: ffffffff81c371c3 RDI: 0000000000000005 [ 507.398682][T12207] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000 [ 507.406656][T12207] R10: 00000000fffffff4 R11: 0000000000000001 R12: 00000000000000ff [ 507.414633][T12207] R13: 0000000000002000 R14: ffff8880264fc478 R15: ffffc9000af3fcf4 [ 507.422611][T12207] ? blk_register_tracepoints+0x373/0x380 [ 507.428385][T12207] ? blk_register_tracepoints+0x373/0x380 [ 507.434122][T12207] do_blk_trace_setup+0x933/0xb50 [ 507.439170][T12207] blk_trace_setup+0xed/0x1b0 [ 507.443867][T12207] ? __pfx_blk_trace_setup+0x10/0x10 [ 507.449162][T12207] ? __pfx_snprintf+0x10/0x10 [ 507.453865][T12207] blk_trace_ioctl+0x146/0x280 [ 507.458640][T12207] ? __pfx_blk_trace_ioctl+0x10/0x10 [ 507.463934][T12207] ? find_held_lock+0x2b/0x80 [ 507.468614][T12207] ? hook_file_ioctl_common+0x145/0x410 [ 507.474173][T12207] blkdev_ioctl+0x108/0x6d0 [ 507.478687][T12207] ? __pfx_blkdev_ioctl+0x10/0x10 [ 507.483729][T12207] ? __pfx_blkdev_ioctl+0x10/0x10 [ 507.488771][T12207] __x64_sys_ioctl+0x18e/0x210 [ 507.493550][T12207] do_syscall_64+0xcd/0x490 [ 507.498070][T12207] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 507.503972][T12207] RIP: 0033:0x7f917818e929 [ 507.508390][T12207] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 507.528001][T12207] RSP: 002b:00007f917904e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 507.536419][T12207] RAX: ffffffffffffffda RBX: 00007f91783b6080 RCX: 00007f917818e929 [ 507.544399][T12207] RDX: 00002000000000c0 RSI: 00000000c0481273 RDI: 000000000000000c [ 507.552372][T12207] RBP: 00007f9178210b39 R08: 0000000000000000 R09: 0000000000000000 [ 507.560343][T12207] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 507.568311][T12207] R13: 0000000000000000 R14: 00007f91783b6080 R15: 00007ffd477f0f78 [ 507.576299][T12207] [ 507.579376][T12207] Kernel Offset: disabled [ 507.583703][T12207] Rebooting in 86400 seconds..