last executing test programs:

1m58.019294688s ago: executing program 1 (id=1024):
socket(0x11, 0x80003, 0x300)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/bond0/queues/tx-9/xps_rxqs\x00', 0x1a1842, 0x0)
unshare$auto(0x40000080)
socket$nl_generic(0x10, 0x3, 0x10)
open(&(0x7f0000000040)='./file0\x00', 0x44, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f00000003c0)=""/192, 0xc0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/card1/pcm0p/sub0/info\x00', 0x1c1282, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0)
io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
syz_clone3(&(0x7f0000000400)={0x9840100, 0x0, 0x0, 0x0, {0x31}, 0x0, 0x0, 0x0, 0x0}, 0x58)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0)
mmap$auto(0x0, 0x10000, 0x8000, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0x200007, 0x19)
syz_clone3(0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x8, 0x2, 0x9b72, 0x5, 0x0)
sysfs$auto(0x2, 0x23, 0x0)
r0 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0)
write$auto(r0, 0x0, 0x4)

1m55.385254434s ago: executing program 1 (id=1030):
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/tty/drivers\x00', 0x14b402, 0x0)
mmap$auto(0x0, 0x40000a, 0xdf, 0x9b72, 0x2, 0x8000)
io_uring_setup$auto(0x2, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x101002, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syslog$auto(0x0, &(0x7f0000000280)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e</\xfd\x9b\xe4\x99G\xeaS\x9a\xadu(:\x94:\xaf\x06c=3>1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\x84q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa24X@\xadD\xf8\x9d\xf3 \xd2]\xc4\x13G\x1d\x04!\xc1\xeb.e$\xfb\xa3KU\xcf\xc1\x7fFD\x99\xf5v\v\x9dS\xc11P\xa3\xe9\xb0SqL\x85\xea\xb2\x9cY\x83.I\xca\x92\x1c\xc4\x13CV=\x92\x17c\x87iOt\x14On\x15=\v\xf0 \xc5\x8b~\xd6\xd4\xc7\xa3a\x1c\x06\x17\xb3\x88\x8c\xf1L\xba\x89a\xfd\xa5\xc6\x7fU\x00\xe5\x9b', 0x5)
openat$auto_cachefiles_daemon_fops_internal(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2)

1m54.216618097s ago: executing program 1 (id=1034):
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/netfilter/nf_log/3\x00', 0xa2202, 0x0)
mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x8000000000000003, 0x8000)
mkdir$auto(&(0x7f00000000c0)='./file1\x00', 0x8)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file1/file0\x00', 0x840, 0xc)
socket(0x1d, 0x2, 0x6)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x900, 0x0)
io_uring_setup$auto(0x6, 0x0)
io_uring_setup$auto(0x7, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/009/001\x00', 0xa101, 0x0)
socket(0x10, 0x2, 0x0)
io_uring_setup$auto(0x4, 0x0)
openat$auto_ftrace_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/events/vmalloc/free_vmap_area_noflush/enable\x00', 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_lowpan_enable_fops_(0xffffffffffffff9c, &(0x7f0000000100), 0x10b502, 0x0)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x60c40, 0x0)
openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101e81, 0x0)
socketpair$auto(0x4004, 0x7, 0x4, 0x0)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0)
close_range$auto(0x2, 0x8000, 0x0)

1m53.450382542s ago: executing program 1 (id=1036):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
r0 = socket(0x2c, 0x3, 0x0)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x1c}}, 0x50)
socket(0xa, 0x1, 0x100)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
socket(0x1a, 0x1, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000340), r1)
sendmsg$auto_TIPC_NL_NET_SET(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000007980)={&(0x7f0000000040)={0x1c, r2, 0x1, 0x70fd2c, 0x25dfdbff, {}, [@TIPC_NLA_NET={0x8, 0x7, 0x0, 0x1, [@typed={0x4, 0x2}]}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000001}, 0x0)
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x121900, 0x0)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x3, 0xfffffffffffffffe]}, 0x0)
write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0xc, 0x2, 0x6]}, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x8800)
openat$auto_proc_mem_operations_base(0xffffffffffffff9c, 0x0, 0x401, 0x0)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/net/lapb4/ifalias\x00', 0x1a1842, 0x0)
write$auto(r4, &(0x7f0000000000)='9\x00d1L\xff\x15\xba\xa17=(\xc1\xf8\xff\xff\v\xb5^\xa1/[', 0x4)
read$auto(0x3, 0x0, 0x7c)
close_range$auto(0x2, 0x8, 0x0)

1m51.310090926s ago: executing program 1 (id=1050):
syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000180), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/ram8/dev\x00', 0x6a8800, 0x0)
prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x800000000001, 0x0)
write$auto(r0, &(0x7f00000005c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D_#\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc^:\xd1\xe3\xf1@\xc0\x93^:Mn#Oi\xaa[X\x93)\x8f\x03K\xe6\xa4\x11?\xf1\x02+\\\xf9\x8b\xe5l5\x11\x006c\x907E\xeb\x81\fB\xe3\xf8n\x8f\x94V\xbcB\x9cm\x9f\x15\x00Q\xf8\x8fFW#?\xd5Z~\xa51\x832\xbd|\x19\xda\x8e\xff\x17\r\x96\xa3\xcc+\xf4a\xffN\xd2_\xe5\\\xf8Lzc\xd4\xa0\x1f\x04_\xf1\xc6\fO\xbe?)Q\xc7\\B\xdb\xeaI\xde\xe9m\xf5\xf9\x19\xd3@IK\xe3c\x0ek\x8drZ\xad\xdc\xbb\xfc\xd4\x1f\xdaOW\x87\xb6Fm\x12\xadw(z\\j\xcc0P\xaeC\x9f\xbf\xd5\xf9\xe3\x85~cG\f\x85\xd6\x84ma\xfd\xdayNj\x80\xdd3^\x87,\x14\x8e\xbe$\x05\x8a\xb0 M\xf6$B TCs\xa9\x91dil[\xfc\a\xbfD\xd9\x8d(F\x1e\f\xec\xe9K|h\xf5\xcaUI\x18#\xbed\xa8C\x8a\xbb\fE\xe6\xa3|\xf7\xa8\xbb\xd3\x97l.V/uc\xb5Q\x1eY\xe0\x03\xa1\xc1\xc8\xe2=RK\x7fWV;\xe4\xccTsf\xa7[\xdd\x9cR\xab\xf81s\xbc\x9c\xaaSGH\x9al\xb9%u\v\xb4\x9d\x95\x16\x01\xbbT\x99S\xf8A\xcd\bRC\xf4\xb0\x1a%\xdd+1\x81\x9d6\x90\xe8\xc6\xc1\x1e\xf0~\xaf\x10g&\xd6\x01l::V\xdbJiVW\xab4G\x97\x9cl', 0x100000a3d9)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0)
write$auto(r1, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
write$auto(r1, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7)
r2 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000900)='/sys/kernel/debug/block/nbd0/hctx0/sched_tags\x00', 0x60100, 0x0)
read$auto(r2, &(0x7f0000000040)='\x00', 0x3)
mmap$auto(0x0, 0x400008, 0x7d3, 0x9b72, 0xffffffffffffffff, 0x5cd)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
sendmmsg$auto(0xffffffffffffffff, 0x0, 0x7, 0x4008)
r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/rxrpc/peers\x00', 0x101000, 0x0)
pread64$auto(r3, 0x0, 0x8, 0xffff)
r4 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dri/card1\x00', 0x129e01, 0x0)
ioctl$auto(r4, 0x92106409, 0xffffffffffffffff)
madvise$auto(0x0, 0x200007, 0x8)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x630001, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
fsconfig$auto(0xffffffffffffffff, 0x8, 0x0, 0x0, 0x0)

1m49.721880047s ago: executing program 1 (id=1043):
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0)
r0 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = clone3$auto(&(0x7f00000002c0)={0x4, 0x9, 0x1, 0x2, 0x8000, 0xffffffffffffffff, 0x7, 0x3, 0xffffffffffffffea, 0x8, 0x200}, 0x7)
ptrace$auto_PTRACE_GETSIGMASK(0x420a, r1, 0x6e3, 0x1)
ioctl$auto_IOCTL_VMCI_DATAGRAM_SEND(r0, 0x7ab, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000440)='/dev/ptyzf\x00', 0x2200, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
io_setup$auto(0x7ffe, 0x0)
io_setup$auto(0x7ffe, &(0x7f0000000000))
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/bus/pci/rescan\x00', 0x20681, 0x0)
syz_genetlink_get_family_id$auto_smc_gen_netlink(0x0, r3)
write$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000000200)='5', 0x1)
capset$auto(&(0x7f0000000340)={0x19980330}, 0x0)
select$auto(0x9, &(0x7f00000000c0)={[0xeeda, 0x7, 0x100000001, 0x9, 0x6, 0x1ff, 0x6, 0x3, 0x4, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8c, 0x9, 0x10001]}, &(0x7f0000000200)={[0x8, 0x4, 0x2, 0xb, 0x1, 0x9, 0x0, 0x7fff, 0xa, 0x193, 0xfffffffffffffff9, 0x3, 0x5e4, 0x1000, 0x1, 0x1]}, &(0x7f0000000380)={[0x8000000000000001, 0x5, 0x1, 0x10001, 0xe, 0xf, 0x5, 0x3, 0x59fc8000, 0x200006, 0x8000000000000000, 0x3, 0x800, 0x7, 0x1ff, 0x5]}, &(0x7f0000000280)={0x6, 0xc8})
open(&(0x7f0000000040)='./file0\x00', 0x40841, 0x8)
io_uring_register$auto_IORING_UNREGISTER_PERSONALITY(r0, 0xa, &(0x7f0000000180)="221aa2a2e1a47c16e9b935b36eb66fa98ca6d90b78e1fc1799ad1e15807c54f58fa1ee6c6927048cbda12b4e1ad0336a4b88db6e5c7e4fedd6852f33d0b576", 0x2f)
socket(0xa, 0x5, 0x94)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dri/card0\x00', 0x6c800, 0x0)
close_range$auto(0x2, 0x8, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)

1m34.433023809s ago: executing program 32 (id=1043):
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0)
r0 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = clone3$auto(&(0x7f00000002c0)={0x4, 0x9, 0x1, 0x2, 0x8000, 0xffffffffffffffff, 0x7, 0x3, 0xffffffffffffffea, 0x8, 0x200}, 0x7)
ptrace$auto_PTRACE_GETSIGMASK(0x420a, r1, 0x6e3, 0x1)
ioctl$auto_IOCTL_VMCI_DATAGRAM_SEND(r0, 0x7ab, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000440)='/dev/ptyzf\x00', 0x2200, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
io_setup$auto(0x7ffe, 0x0)
io_setup$auto(0x7ffe, &(0x7f0000000000))
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/bus/pci/rescan\x00', 0x20681, 0x0)
syz_genetlink_get_family_id$auto_smc_gen_netlink(0x0, r3)
write$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000000200)='5', 0x1)
capset$auto(&(0x7f0000000340)={0x19980330}, 0x0)
select$auto(0x9, &(0x7f00000000c0)={[0xeeda, 0x7, 0x100000001, 0x9, 0x6, 0x1ff, 0x6, 0x3, 0x4, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8c, 0x9, 0x10001]}, &(0x7f0000000200)={[0x8, 0x4, 0x2, 0xb, 0x1, 0x9, 0x0, 0x7fff, 0xa, 0x193, 0xfffffffffffffff9, 0x3, 0x5e4, 0x1000, 0x1, 0x1]}, &(0x7f0000000380)={[0x8000000000000001, 0x5, 0x1, 0x10001, 0xe, 0xf, 0x5, 0x3, 0x59fc8000, 0x200006, 0x8000000000000000, 0x3, 0x800, 0x7, 0x1ff, 0x5]}, &(0x7f0000000280)={0x6, 0xc8})
open(&(0x7f0000000040)='./file0\x00', 0x40841, 0x8)
io_uring_register$auto_IORING_UNREGISTER_PERSONALITY(r0, 0xa, &(0x7f0000000180)="221aa2a2e1a47c16e9b935b36eb66fa98ca6d90b78e1fc1799ad1e15807c54f58fa1ee6c6927048cbda12b4e1ad0336a4b88db6e5c7e4fedd6852f33d0b576", 0x2f)
socket(0xa, 0x5, 0x94)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dri/card0\x00', 0x6c800, 0x0)
close_range$auto(0x2, 0x8, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)

1m33.316154333s ago: executing program 2 (id=1058):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
madvise$auto(0xfff, 0x7, 0xab8)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
socket(0x1e, 0x1, 0x0)
setsockopt$auto(0x3, 0x6, 0x100000000, 0xfffffffffffffffc, 0xa)
socket(0x29, 0x801, 0x100)
mmap$auto(0x1, 0x3, 0x3, 0x55, r0, 0x8001)
mmap$auto(0x0, 0x400008, 0x200, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0x2000040080000004, 0xe)
r1 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x28401, 0x0)
write$auto_proc_mem_operations_base(r1, &(0x7f0000001680)="a7", 0x80000)
mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
r2 = openat$auto_btrfs_ctl_fops_super(0xffffffffffffff9c, 0x0, 0x20000, 0x0)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
timerfd_create$auto(0x9, 0x0)
pselect6$auto(0x9, &(0x7f0000000000)={[0x8, 0x4, 0x0, 0x6, 0x8001, 0x4000000000002bc8, 0xfff, 0x9, 0x3, 0xffffffff, 0x8000000000000001, 0x0, 0x2f, 0x2, 0x8, 0xfffffffffffffffe]}, 0x0, 0x0, 0x0, 0x0)
semctl$auto(0x1ff, 0x2, 0x13, 0x4)
ioctl$auto(0x3, 0x40085400, 0x5)
ioctl$auto_BTRFS_IOC_FORGET_DEV(r2, 0x50009405, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
madvise$auto(0x0, 0x2003f0, 0x15)

1m31.453922523s ago: executing program 2 (id=1063):
r0 = openat$auto_stat_fops_per_vm_kvm_main(0xffffffffffffff9c, &(0x7f0000004080)='/sys/kernel/debug/zswap/pool_total_size\x00', 0x2, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/fs/jbd2/sda1-8/info\x00', 0x2, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
init_module$auto(0x0, 0xffff9, 0x0)
mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
mmap$auto(0xf000, 0x8, 0x1000000003, 0x9b72, 0x2, 0x8000)
move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2)
socketpair$auto(0x1d, 0x2, 0x2, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x118)
socket(0x2, 0x1, 0x0)
setsockopt$auto(0x3, 0x6, 0x17, 0x0, 0xfb3)
r2 = getpid()
process_vm_readv$auto(r2, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0)
bpf$auto(0x5, 0x0, 0x7)
close_range$auto(0x0, 0xfffffffffffff001, 0x2)
socket(0x11, 0x80003, 0x300)
socket(0x29, 0x5, 0x0)
open(0x0, 0x80600, 0xb5d1af1605322d96)
write$auto(0x3, 0x0, 0xfdef)
read$auto(r0, &(0x7f0000000000)='#.&\x00', 0xc1)

1m28.512543637s ago: executing program 2 (id=1074):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0x2, 0x1, 0x0)
r0 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read$auto(r0, 0x0, 0x3ff)
io_uring_setup$auto(0x1, 0x0)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
r1 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x10800, 0x0)
ioctl$auto_SNDRV_PCM_IOCTL_STATUS322(r1, 0x806c4120, &(0x7f0000000100)={0x0, 0x6, 0x95d7, 0x7f, 0x3, 0x1, 0x9, 0x2, 0x2, 0x7, 0xb, 0x8, 0x100, 0x2, 0x40000003, 0x3ff, 0x400, 0x80000000, "0c1056e3480805f935e214e44f620fa9eba8238cacc3d9e6fc45cf541e509fc2457ae4ae"})
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/pagemap\x00', 0x4c8202, 0x0)
write$auto(0x3, 0x0, 0xfffffdef)
unshare$auto(0x40000080)
openat$dir(0xffffffffffffff9c, 0x0, 0x381000, 0x100)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/system/node/node1/compact\x00', 0xc2481, 0x0)
writev$auto(r2, &(0x7f0000000080)={&(0x7f0000000040), 0x1000}, 0x3)
close_range$auto(0x2, 0x8, 0x40000000)
r3 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev3\x00', 0x169000, 0x0)
ioctl$auto(r3, 0xc0285629, r3)
socket(0x2, 0x2, 0x0)
bind$auto(0x3, &(0x7f0000000180)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
syz_clone(0x40100100, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)

1m25.596818686s ago: executing program 2 (id=1067):
mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000)
madvise$auto(0x0, 0xffffffffffff0006, 0x17)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
bind$auto(0x3, 0x0, 0x6a)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000140), 0x20000, 0x0)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0x226902, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
msync$auto(0x2, 0x9, 0x40)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r2)
ioctl$auto_KVM_GET_MSRS(r1, 0xc008ae88, &(0x7f0000000080)={0x2, 0x0, [{0x40000022, 0x400, 0x9}]})
ioctl$auto(0xffffffffffffffff, 0x900064b5, 0xc14)

1m24.369993742s ago: executing program 2 (id=1070):
r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/kernel/hung_task_check_interval_secs\x00', 0x88542, 0x0)
r1 = pipe$auto(0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, r1, 0x8000)
r3 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0)
ioctl$auto_IOCTL_VMCI_GET_CONTEXT_ID(r3, 0x7b3, 0x0)
r4 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0)
ioctl$auto_IOCTL_VMCI_VERSION2(r4, 0x7a7, 0x0)
ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r4, 0x7a0, 0x6)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
adjtimex$auto(0x0)
ioctl$auto_IOCTL_VMCI_QUEUEPAIR_ALLOC(r4, 0x7a8, 0x0)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_NFSD_CMD_VERSION_GET(r2, 0x0, 0x20060840)
openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x10, 0x2, 0x0)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e</\xfd\x9b\xe4\x99G\xeaS\x9a\xadu(:\x94:\xaf\x06c=3>1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5)
shmget$auto(0x80, 0x1, 0x9)
syz_open_procfs$namespace(0x0, &(0x7f0000000080))
write$auto(r0, 0x0, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)

1m22.677447675s ago: executing program 2 (id=1079):
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/pcm0p/oss\x00', 0xaa102, 0x0)
write$auto(r0, 0x0, 0x7ef)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82040, 0x0)
socket(0xa, 0x1, 0x100)
ioperm$auto(0x7, 0x5ad2, 0xc)
r1 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
pread64$auto(r1, 0x0, 0x7ff, 0x400)
socket(0x2, 0x1, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0x12, 0x0, 0x0, &(0x7f0000000240)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x400000000000948f, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x3, 0x1, 0x9, 0x1]}, 0x0)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/kernel/kexec_load_disabled\x00', 0x202, 0x0)
mmap$auto(0xc, 0x20009, 0x5, 0xeb1, 0x405, 0x8000)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0004, 0x19)
madvise$auto(0x0, 0x200007, 0x19)
openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x50b41, 0x0)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)
close_range$auto(0x2, 0x8, 0x0)

1m7.156562555s ago: executing program 33 (id=1079):
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/pcm0p/oss\x00', 0xaa102, 0x0)
write$auto(r0, 0x0, 0x7ef)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82040, 0x0)
socket(0xa, 0x1, 0x100)
ioperm$auto(0x7, 0x5ad2, 0xc)
r1 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
pread64$auto(r1, 0x0, 0x7ff, 0x400)
socket(0x2, 0x1, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0x12, 0x0, 0x0, &(0x7f0000000240)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x400000000000948f, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x3, 0x1, 0x9, 0x1]}, 0x0)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/kernel/kexec_load_disabled\x00', 0x202, 0x0)
mmap$auto(0xc, 0x20009, 0x5, 0xeb1, 0x405, 0x8000)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0004, 0x19)
madvise$auto(0x0, 0x200007, 0x19)
openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x50b41, 0x0)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)
close_range$auto(0x2, 0x8, 0x0)

52.023567682s ago: executing program 5 (id=1143):
socket(0x11, 0x80003, 0x300)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/bond0/queues/tx-9/xps_rxqs\x00', 0x1a1842, 0x0)
unshare$auto(0x40000080)
socket$nl_generic(0x10, 0x3, 0x10)
open(&(0x7f0000000040)='./file0\x00', 0x44, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f00000003c0)=""/192, 0xc0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/card1/pcm0p/sub0/info\x00', 0x1c1282, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0)
io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
syz_clone3(&(0x7f0000000400)={0x9840100, 0x0, 0x0, 0x0, {0x31}, 0x0, 0x0, 0x0, 0x0}, 0x58)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0)
mmap$auto(0x0, 0x10000, 0x8000, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0x200007, 0x19)
syz_clone3(0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x8, 0x2, 0x9b72, 0x5, 0x0)
sysfs$auto(0x2, 0x23, 0x0)
r0 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0)
write$auto(r0, 0x0, 0x4)

49.562385481s ago: executing program 5 (id=1149):
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x400, 0x0)
mmap$auto(0x0, 0x4000005, 0xfffffffffffffe01, 0x8051, 0x3, 0x0)
r0 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x1000, 0x0)
clock_settime$auto(0xffffff80, &(0x7f0000000040)={0x7, 0x3615})
close_range$auto(0x2, 0x8, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/graphics/fbcon/rotate\x00', 0x10b842, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0xe, 0x0, 0x0, 0x0, 0x0)
write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
write$auto(r0, &(0x7f0000000040)='!\x00', 0xffff)
read$auto(0xffffffffffffffff, 0x0, 0x1ff)
write$auto(0x3, 0x0, 0x7)
r1 = socket(0x2, 0x1, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
listen$auto(0x3, 0x3)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x62c00, 0x0)
syz_genetlink_get_family_id$auto_taskstats(0x0, 0xffffffffffffffff)
getpid()
sendmsg$auto_TASKSTATS_CMD_GET(r1, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x44001}, 0x20004000)
mmap$auto(0x0, 0x20564234, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)

48.517862958s ago: executing program 5 (id=1150):
mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000)
madvise$auto(0x0, 0xffffffffffff0006, 0x17)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
bind$auto(0x3, 0x0, 0x6a)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000140), 0x20000, 0x0)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0x226902, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
msync$auto(0x2, 0x9, 0x40)
write$auto(0x3, 0x0, 0xfffffdef)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r2)
ioctl$auto_KVM_GET_MSRS(r1, 0xc008ae88, &(0x7f0000000080)={0x2, 0x0, [{0x40000022, 0x400, 0x9}]})
ioctl$auto(0xffffffffffffffff, 0x900064b5, 0xc14)

47.048488507s ago: executing program 5 (id=1155):
mmap$auto(0x0, 0x2000009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x1, 0x106)
r1 = open(0x0, 0x111280, 0x18)
socket(0x2, 0x1, 0x0)
shutdown$auto(0x200000003, 0x2)
r2 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x40, 0x0)
read$auto_proc_iter_file_ops_compat_inode(r2, &(0x7f0000000180)=""/286, 0x11e)
mmap$auto(0x0, 0x8, 0x80000000000000df, 0x10004000eb1, 0x8, 0x8000008000)
r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/adsp1\x00', 0x20342, 0x0)
openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/block/mtdblock0/sched/read0_fifo_list\x00', 0x0, 0x0)
lseek$auto(r1, 0x7fffffffffffffff, 0x1)
ioctl$auto_SOUND_MIXER_READ_DEVMASK2(r3, 0x80044dfe, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
listen$auto(0x3, 0x3)
ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
getrandom$auto(0x0, 0x6000000, 0x3)
r4 = socket(0x15, 0x1, 0x0)
setsockopt$auto(r4, 0x114, 0x1d, 0x0, 0x4)

44.321974827s ago: executing program 5 (id=1159):
openat$auto_ptdump_fops_(0xffffffffffffff9c, &(0x7f0000000240), 0x2000, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x1, 0x106)
bind$auto(0x3, &(0x7f0000000040)=@sco={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@nl=@kern={0x10, 0x0, 0x0, 0x800000}, 0x54)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0)
socket(0xa, 0x5, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nbd8\x00', 0x0, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
semctl$auto(0x8, 0x806, 0x13, 0x46)
getsockopt$auto(r0, 0xff, 0x90, &(0x7f0000000100)='\xaa\xaa\xaa\xaa\xaa', &(0x7f0000000140)=0x3)
select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da07, 0x3, 0x3, 0x62, 0x8000001f, 0x40007, 0x6d3e, 0x9, 0x2, 0x8]}, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
getsockopt$auto_SO_BROADCAST(0xffffffffffffffff, 0xf7f, 0x6, 0x0, &(0x7f0000000180))
socket(0x18, 0xa, 0x1)
socket(0xa, 0x2, 0x0)
connect$auto(0x3, &(0x7f00000000c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
close_range$auto(0x2, 0x8, 0x0)

42.550761925s ago: executing program 5 (id=1161):
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
sendmsg$auto_OVS_DP_CMD_DEL(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="3ae90f7c", @ANYRES16=0x0, @ANYBLOB="01002bbd"], 0x14}, 0x1, 0x0, 0x0, 0x8044}, 0x4001090)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
madvise$auto(0xfff, 0x7, 0xab8)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
socket(0x1e, 0x1, 0x0)
setsockopt$auto(0x3, 0x6, 0x100000000, 0xfffffffffffffffc, 0xa)
socket(0x1a, 0xa, 0xfe)
mmap$auto(0x1, 0x3, 0x3, 0x55, r0, 0x8001)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_check_wx_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x400, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/system/node/has_memory\x00', 0x22100, 0x0)
read$auto_check_wx_fops_(r1, &(0x7f0000000080)=""/228, 0xe4)
mlockall$auto(0x5)
r2 = io_uring_setup$auto(0x400, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
io_uring_setup$auto(0x6, 0x0)
r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000400)=ANY=[@ANYBLOB="14000000", @ANYRES16=r3, @ANYBLOB="01002dbd7400fcdb6937ca840000"], 0x14}, 0x1, 0x68, 0x0, 0x4004080}, 0x0)

27.309554166s ago: executing program 34 (id=1161):
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
sendmsg$auto_OVS_DP_CMD_DEL(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="3ae90f7c", @ANYRES16=0x0, @ANYBLOB="01002bbd"], 0x14}, 0x1, 0x0, 0x0, 0x8044}, 0x4001090)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
madvise$auto(0xfff, 0x7, 0xab8)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
socket(0x1e, 0x1, 0x0)
setsockopt$auto(0x3, 0x6, 0x100000000, 0xfffffffffffffffc, 0xa)
socket(0x1a, 0xa, 0xfe)
mmap$auto(0x1, 0x3, 0x3, 0x55, r0, 0x8001)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_check_wx_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x400, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/system/node/has_memory\x00', 0x22100, 0x0)
read$auto_check_wx_fops_(r1, &(0x7f0000000080)=""/228, 0xe4)
mlockall$auto(0x5)
r2 = io_uring_setup$auto(0x400, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
io_uring_setup$auto(0x6, 0x0)
r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000400)=ANY=[@ANYBLOB="14000000", @ANYRES16=r3, @ANYBLOB="01002dbd7400fcdb6937ca840000"], 0x14}, 0x1, 0x68, 0x0, 0x4004080}, 0x0)

17.349858995s ago: executing program 4 (id=1213):
openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x2002, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
r1 = socket(0x1e, 0x1, 0x0)
setsockopt$auto(0x3, 0x6, 0x100000000, 0xfffffffffffffffc, 0xa)
getpid()
mlockall$auto(0x5)
mmap$auto(0x2, 0x40000a, 0x2bb, 0x14, 0x2, 0x1)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
r2 = syz_genetlink_get_family_id$auto_net_dm(&(0x7f0000000080), r1)
sendmsg$auto_NET_DM_CMD_STOP(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000240)={&(0x7f00000000c0)={0x158, r2, 0x10, 0x70bd26, 0x25dfdbfb, {}, [@NET_DM_ATTR_QUEUE_LEN={0x8, 0xb, 0xb}, @NET_DM_ATTR_TRUNC_LEN={0x8, 0x9, 0x7ff}, @NET_DM_ATTR_QUEUE_LEN={0x8, 0xb, 0x3}, @NET_DM_ATTR_HW_DROPS={0x4}, @NET_DM_ATTR_UNSPEC={0xb1, 0x0, "3686d0ed497017d6669b3183b4f236a59f8027a3e5e01dd6f6a965bab8ec8b88b5b3a04f0205cbd8d61bed3097dd76affaaecd40f8ecf27578d318e1cc20ab085c270dd766b1e26ddb2d9b1a7f3fc7f696cb6762fc7eb64fd253d3f8ed96ca4b760dcd6bc403a2da9714d54a51ab6c3b24b5e8ac467fa99d948abacffb99fa2d22fdf5fcd1e9f38360410910b8368258410ede29786df464f080b39988fff62239a835109d73b2e15efbc75e2d"}, @NET_DM_ATTR_SW_DROPS={0x4}, @NET_DM_ATTR_UNSPEC={0x6d, 0x0, "da65c1f7b06b1907ef67447c564b052266e5af3ad1d5fd7de90abb75256daa255cc2e1c30f8d6ef9682f5ac3fef8ddf86015f1ee1c3b79eebdf0e9463dc14b390aa3017792782e0a9344f531eb3f8c8a2647e4a1a6dd6c85c51039bb9e9b32d6bf040fabba6976378c"}]}, 0x158}, 0x1, 0x0, 0x0, 0x1}, 0x20000001)
unshare$auto(0x40000080)
socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
r3 = socket(0x11, 0xa, 0x300)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd8/queue/iosched/async_depth\x00', 0x40800, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r4, 0x0, 0x0)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0xa)
sendmmsg$auto(0x3, 0x0, 0xfffe, 0x4009ff)
read$auto(r3, &(0x7f00000002c0)=')M:\\\x00', 0x60)
close_range$auto(0x2, 0x8, 0x0)

15.35884828s ago: executing program 4 (id=1206):
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/tty/drivers\x00', 0x14b402, 0x0)
mmap$auto(0x0, 0x40000a, 0xdf, 0x9b72, 0x2, 0x8000)
io_uring_setup$auto(0x2, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x101002, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syslog$auto(0x0, &(0x7f0000000280)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e</\xfd\x9b\xe4\x99G\xeaS\x9a\xadu(:\x94:\xaf\x06c=3>1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\x84q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa24X@\xadD\xf8\x9d\xf3 \xd2]\xc4\x13G\x1d\x04!\xc1\xeb.e$\xfb\xa3KU\xcf\xc1\x7fFD\x99\xf5v\v\x9dS\xc11P\xa3\xe9\xb0SqL\x85\xea\xb2\x9cY\x83.I\xca\x92\x1c\xc4\x13CV=\x92\x17c\x87iOt\x14On\x15=\v\xf0 \xc5\x8b~\xd6\xd4\xc7\xa3a\x1c\x06\x17\xb3\x88\x8c\xf1L\xba\x89a\xfd\xa5\xc6\x7fU\x00\xe5\x9b', 0x5)
openat$auto_cachefiles_daemon_fops_internal(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2)
prctl$auto(0x443, 0x17, 0x0, 0x0, 0x0)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x60800, 0x0)
newfstatat$auto(0xffffffffffffffff, 0x0, &(0x7f0000000380)={0x5, 0x6, 0x80000000, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x1ff, 0x6, 0xbc, 0x80000001, 0x4, 0x0, 0x53}, 0x1)
msync$auto(0x1fffeffc, 0x180000000000000, 0x400000004)
write$auto(0x3, 0x0, 0x100082)
mmap$auto(0x40, 0x8, 0xdf, 0x9b72, 0xffffffffffffffff, 0x200008000)
ioperm$auto(0x2, 0x8000000000031c, 0x4)
close_range$auto(0x2, 0x8, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ram15\x00', 0x4082, 0x0)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x18dd01, 0x0)
ioctl$auto_SG_GET_RESERVED_SIZE(r0, 0x4c0a, 0x0)
io_uring_setup$auto(0x6, 0x0)

13.861177156s ago: executing program 4 (id=1207):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
write$auto(0x3, 0x0, 0x7fffffff)
write$auto(0x1, 0x0, 0x80000000)
preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5)
r0 = socket(0x2b, 0x1, 0x1)
openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0)
madvise$auto(0x0, 0xffffffffffff0004, 0x19)
madvise$auto(0x0, 0x200007, 0x8)
madvise$auto(0x0, 0x2003f0, 0x15)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_GET_MPP(r0, 0x0, 0x880)
munmap$auto(0x8000, 0xffffffff)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4)
mmap$auto(0x0, 0x2020009, 0x3, 0x400000eb1, 0xfffffffffffffffa, 0x8000)
sysfs$auto(0x2, 0x10000000000048, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r1 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0)
io_uring_enter$auto(r1, 0x8001, 0x80, 0xf, &(0x7f0000000040)="6f6fdfc624482b6feebecf0c6f9b95dfda4c61249e97790decc0a3b8885108e61e06e4de584eb953737116e751be9b06447d68ceb2fbe4cab38f1f351737e8a1acfa09e4ad456d9b26a7f85a39540a7cb4f7adedabc87237db4dc316f7f529c11804c2db4dbf598c1ea68248f57e", 0x5)
read$auto(r1, 0x0, 0xb4d3)

8.789171782s ago: executing program 6 (id=1214):
mmap$auto(0x0, 0x400008, 0x3, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
read$auto_usbdev_file_operations_usb(0xffffffffffffffff, &(0x7f0000000040)=""/229, 0xe5)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/pcm0p/oss\x00', 0xaa102, 0x0)
write$auto(r0, 0x0, 0x7ef)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x82040, 0x0)
ioperm$auto(0x7, 0x800, 0x0)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
r1 = socket(0x1e, 0x1, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0x7, 0x0, 0x0, 0x0, 0x0)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0x0, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0xa, 0x100, 0x1, 0x948d, 0x6, 0x15f4da0a, 0x4000000003, 0x3, 0x33c, 0x6, 0x20000007, 0x6d3e, 0x9, 0x2, 0x3]}, 0x0)
ioctl$auto(r1, 0x400454cb, 0x5)
mmap$auto(0xc, 0x20009, 0x5, 0x14, 0xffffffffffffffff, 0x0)
unshare$auto(0x40000080)
madvise$auto(0x0, 0x200007, 0x19)
openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x50b41, 0x0)
msync$auto(0xe4, 0x180000000000000, 0x400000004)
close_range$auto(0x0, 0xfffffffffffff000, 0x0)
bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0xa, 0xb9, 0x10, 0x4, 0x4, 0xffffffffffffffff, 0xffff34e6, "2af051b26b658a20d8dc6b36c83ce63f", <r3=>0x0, 0xffffffffffffffff, 0x5, 0x40000007, 0xffffffff, 0x6}, 0xf)
bpf$auto(0x1a, &(0x7f0000000380)=@link_create={@map_fd, @target_ifindex=r3, 0x3, 0x81, @uprobe_multi={0x81, 0x1ff, 0x3d7e, 0x0, 0x1, 0x4}}, 0x92)

8.788563437s ago: executing program 3 (id=1216):
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
r0 = fanotify_init$auto(0x5, 0x2000000000002)
socket(0x26, 0x80805, 0x0)
socket(0x10, 0x2, 0xc)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r1 = socket(0xa, 0x3, 0x3a)
statx$auto(0x2, 0x0, 0x1000, 0xbdfa, 0x0)
mmap$auto(0x0, 0x402000b, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
fanotify_init$auto(0x5, 0x2000000000002)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$auto_MEMGETBADBLOCK(r0, 0x40084d0b, &(0x7f0000000000)=0x2)
socket(0x26, 0x80805, 0x0)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
ioctl$auto(0x3, 0xff05, 0x0)
setsockopt$auto(r1, 0x29, 0x15, 0x0, 0x56b)
socket(0x1d, 0x1, 0x0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080))
fanotify_mark$auto(r0, 0x5, 0x100000009, 0x4, 0x0)
r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000040))
fcntl$auto(r2, 0x402, 0x8000007fffffdf)
syz_open_procfs$namespace(0x0, &(0x7f0000000080))
close_range$auto(0x2, 0x8, 0x0)

8.778422195s ago: executing program 4 (id=1218):
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram6\x00', 0x4040, 0x0)
preadv2$auto(0x3, 0x0, 0x5, 0xffffffffffffffff, 0x7, 0x2e)
write$auto_tty_fops_tty_io(r0, &(0x7f0000000280)="352c8efa618c0bcf83a4ebdb278754e15f", 0x11)
mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000)
ioctl$auto(0xffffffffffffffff, 0x8912, 0x38)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xfffffffffffffffe, 0x8000)
ustat$auto(0x801, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
writev$auto(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x40}, 0x8)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
madvise$auto(0x0, 0x2003f0, 0x15)
mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0xff1, 0x8000)
io_uring_setup$auto(0x1, 0x0)
bpf$auto(0x5, 0x0, 0x102)
getpid()
r2 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000164c0), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_GET_SCAN(r3, &(0x7f00000165c0)={0x0, 0x0, &(0x7f0000016580)={&(0x7f0000000140)={0x14, r4, 0xd3ac6c422733a379, 0x70bd27, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4004000}, 0x0)
read$auto(r2, 0x0, 0xb4d3)
write$auto(0x3, 0x0, 0xffd8)
ioprio_get$auto_IOPRIO_WHO_PGRP(0x2, 0x0)

8.093392563s ago: executing program 3 (id=1219):
move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2)

7.935049819s ago: executing program 0 (id=1220):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400)
mmap$auto(0x0, 0x400408, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
ppoll$auto(0x0, 0x2f9638f3, &(0x7f0000000080)={0x66e2, 0x512d}, &(0x7f0000000100)={0x3ff}, 0x8)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2)
socket(0xa, 0x1, 0x100)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
socket(0x1a, 0x2, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x3, 0xfffffffffffffffe]}, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
ioctl$auto_SNDRV_RAWMIDI_IOCTL_INFO(r1, 0x810c5701, &(0x7f0000000340)={0x3, 0x1, 0x200, 0x10000, 0x2, "748987108c83c529e6e0e17d26156a70e2ae0200fe62d001c338115fef2fbd8b976aa4fbce454ad4063328e150b0abc105c79352189449ed57bb590643e87a9b", "c35d68b707f12e350124ce3c56384271520fe78cbd7cb2f5587ebbe76f0069619790130fd5b9b9cc3d10fce15d823e8e57d245b1bf025ba127790e258cecdc081b38425936a306e206bf69ccdc6b9978", "dee0c06ea301f4ecca5d8d48eca013e7a853234160c3d8d65d185c1bd6f8fbce", 0x1, 0x75a3, 0x200000, "096e8465a8a3029f90cbf3e37d2bafa231150560322e6642c9d0dd7f29c51d775c494d9b7d6dc7efc90faaed56664139afbbeb0bc6e486d0ae2b0b41"})
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xa, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0xc, 0x2, 0x6]}, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x8800)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
msync$auto(0xff, 0x800, 0x10)
ioctl$auto(0x3, 0x2287, 0xffffffffffffffff)
openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x401, 0x0)
madvise$auto(0x0, 0x20200, 0x15)
prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0)
prctl$auto(0x43, 0x0, 0x0, 0x0, 0x0)

7.607923025s ago: executing program 3 (id=1221):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
mmap$auto(0x0, 0x400408, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
socket(0x2c, 0x3, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
socket(0x1a, 0x1, 0x0)
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x121900, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x40001, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x3, 0xfffffffffffffffe]}, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0xc, 0x2, 0x6]}, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x8800)
msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004)
pselect6$auto(0xfebc00, &(0x7f0000000180)={[0xf56a, 0x6, 0x7, 0x4, 0x0, 0x6, 0x8000000000000001, 0x8, 0x6, 0xffffffffffffffff, 0x7, 0x9, 0x3, 0x81, 0xff800000000000, 0x8000]}, &(0x7f0000000340)={[0x8e2, 0x3, 0x2, 0x1, 0xb00, 0x6, 0x8, 0x1ff, 0x8, 0x4, 0x9, 0x4, 0x2, 0x2, 0x7, 0x9]}, &(0x7f0000000440)={[0x6, 0x9, 0x9, 0x2, 0x7, 0x3, 0x20000000000, 0x5, 0x8, 0x7, 0xe0000000000, 0x0, 0x9, 0x7, 0x3340, 0x5e]}, &(0x7f0000000280)={0x4, 0x4}, 0x0)
ioctl$auto(0x3, 0x2287, 0xffffffffffffffff)
ioctl$auto_SNDRV_RAWMIDI_IOCTL_STATUS64(0xffffffffffffffff, 0xc0385720, 0x0)
prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0)
prctl$auto(0x43, 0x0, 0x0, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)

7.09401104s ago: executing program 4 (id=1224):
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
socket(0x1e, 0x6, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f0000000340)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccW\x1c\x94t\x98\xc6\xd7\x9dh\xdf\x91\xd9\x1ew\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5,\xcc\xfa`\xfa\x90\xf0C\xdc\xbebBW\x8a\x95\xf4\x14\xc7\x90V\xe7a\xfb*\xcc6\xba\x9ef\x19R\xff\xd2\xd8\x98\xa8\x17\xcb\x84\xe8\xfb\x00`\xc2\xce~U\xca\\\xc1\xb7\xf1\n\xb9\xbfk\x1e\xdb\xed\x81{\x1f\x18j\x16\rk\x0eO\xe3\xa78&Z\x9e\xbf\x84\xd6\x1f\xe8\x88\x1f\xbc\x1eT\xa6{9hb\xbc\x1a\\\xb3\x846&\x1a\xbb\x9c:e\x9c\x18\x11\xf0\x8eQ\xd8\x8a3^?\x13\x00\xcbx\xb2\x18e\x95$\x9d\x804', 0x100000a3d9)
setsockopt$auto(0xffffffffffffffff, 0x9, 0x69ce, &(0x7f0000000040)='(%}[\x00', 0x3)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x400108, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/virtual/tty/ptyqe/power/control\x00', 0xa0b02, 0x0)
r2 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/security/tomoyo/profile\x00', 0x48802, 0x0)
read$auto(r2, 0x0, 0xb4d3)
write$auto(0x3, 0x0, 0x70)
write$auto(0x3, 0x0, 0xfdef)
mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000)
mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2)
mremap$auto(0x4000, 0xb8, 0x13fd4, 0x3, 0xfffff000)
adjtimex$auto(0x0)

6.068879054s ago: executing program 6 (id=1225):
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
socket(0x15, 0x5, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
syz_genetlink_get_family_id$auto_netdev(0x0, 0xffffffffffffffff)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
unshare$auto(0x20000080)
syz_clone3(&(0x7f0000000300)={0x28020000, 0x0, 0x0, 0x0, {0x1f}, 0x0, 0x0, 0x0, 0x0}, 0x58)
openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0)
mmap$auto(0x7, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
write$auto_force_wakeup_fops_hci_vhci(0xffffffffffffffff, &(0x7f0000000080)="305b0a8f34915766fca3fb72133618de834c1d0cbb0bcd7ff19baad4ec1b020bc78d852189f51aafd33a851c1e6de42e41b662cd9d878702c7", 0x39)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x60800, 0x0)
write$auto(0xc8, 0x0, 0x4040f6)
r0 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, &(0x7f0000001400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r0, @ANYBLOB="01002bbd7000fcdbdf25040000000400100008000cf1edfba1d1e45aea61b8f7020700000002681af944a5465101930e1f4b991ef2f10f485ddf80e07251de"], 0x20}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
rseq$auto(&(0x7f0000000000)={0xe, 0x400, 0x0, 0x20006, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
brk$auto(0xffffffffffffff66)
fsopen$auto(0x0, 0x1)
kcmp$auto(0x1, 0x1, 0x0, 0x100000004, 0x100000001)
fspick$auto(0xffffffffffffffff, 0x0, 0x3)
sendmsg$auto_WG_CMD_SET_DEVICE(r1, 0x0, 0x4000010)

5.6357917s ago: executing program 0 (id=1226):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003f0, 0x15)

5.32312088s ago: executing program 3 (id=1227):
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
socket(0xa, 0x3, 0x3b)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
nanosleep$auto(&(0x7f0000000180)={0x0, 0x44d4}, 0x0)
getpid()
clock_nanosleep$auto(0x9, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x10001, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x4000008000001f, 0x7, 0x6d3e, 0x5, 0x2, 0x2]}, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
io_uring_setup$auto(0x6, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
socket(0xa, 0x2, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x155)

4.800200559s ago: executing program 0 (id=1228):
mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000)
madvise$auto(0x0, 0xffffffffffff0006, 0x17)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
bind$auto(0x3, 0x0, 0x6a)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000140), 0x20000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
msync$auto(0x2, 0x9, 0x40)
write$auto(0x3, 0x0, 0xfffffdef)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r2)
ioctl$auto_KVM_GET_MSRS(r1, 0xc008ae88, &(0x7f0000000080)={0x2, 0x0, [{0x40000022, 0x400, 0x9}]})
ioctl$auto(0xffffffffffffffff, 0x900064b5, 0xc14)

3.178399199s ago: executing program 0 (id=1229):
keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff)
read$auto(0xffffffffffffffff, 0x0, 0xb4d3)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400)
openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x40002, 0x0)
r0 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$auto_dma_heap_fops_dma_heap(r0, 0xffffffffffdffe00, &(0x7f0000000140))
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0xfffffffffffffffe, 0x4000002020009, 0x2, 0x7fff, 0xfffffffffffffffa, 0x8001)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3fd, 0x8000)
r2 = prctl$auto(0x16, 0x800000000000012, 0x0, 0x9, 0x10000)
r3 = ioctl$auto_TUNGETVNETBE2(r2, 0x800454df, &(0x7f0000000040)=0x2)
ioctl$auto_PPPIOCGFLAGS(r3, 0x8004745a, &(0x7f00000000c0)=0x2070bb26)
r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
write$auto(r4, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
mmap$auto(0xffffffffffffffff, 0x40005, 0x337, 0x9b72, 0x7, 0x28000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)
mmap$auto(0x0, 0x2020009, 0x80000000000003, 0x10, r1, 0x5)
prctl$auto(0x2000001a, 0x1, 0x0, 0xd, 0x32)
msgget$auto(0x0, 0x5)
r5 = openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x2a801, 0x0)
pwrite64$auto(r5, &(0x7f0000000040)='/dev/vcsa\x00', 0x7b05, 0x5)

2.789037558s ago: executing program 6 (id=1230):
mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000)
madvise$auto(0x0, 0xffffffffffff0006, 0x17)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
bind$auto(0x3, 0x0, 0x6a)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000140), 0x20000, 0x0)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0x226902, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
write$auto(0xffffffffffffffff, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
msync$auto(0x2, 0x9, 0x40)
write$auto(0x3, 0x0, 0xfffffdef)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r1)
ioctl$auto_KVM_GET_MSRS(r0, 0xc008ae88, &(0x7f0000000080)={0x2, 0x0, [{0x40000022, 0x400, 0x9}]})
ioctl$auto(0xffffffffffffffff, 0x900064b5, 0xc14)

2.494570803s ago: executing program 3 (id=1231):
move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2)

2.291486577s ago: executing program 6 (id=1232):
r0 = socket(0x2, 0x3, 0xa)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
recvmmsg$auto(r0, 0x0, 0x400fffd, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
ioperm$auto(0x400, 0x7f, 0xd)
semctl$auto(0x0, 0xe3, 0x0, 0x5)
socket$nl_generic(0x10, 0x3, 0x10)
lsm_set_self_attr$auto(0x1, 0x0, 0x7, 0x6)
sendmmsg$auto(0x3, 0x0, 0x9a5, 0x47ffff7a)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, r1, 0x8000)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x80040, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000040)=""/215, 0xd7)
read$auto(0xffffffffffffffff, 0x0, 0x20)
bind$auto(0xffffffffffffffff, &(0x7f0000000040)=@generic={0xa, "2c551d000000ff00"}, 0x66)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x60742, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000002f40), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_FEATURES_GET(r3, &(0x7f0000003080)={0x0, 0x0, &(0x7f0000003040)={&(0x7f0000001b00)=ANY=[], 0x2c}, 0x1, 0x0, 0x0, 0x20004800}, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
mmap$auto(0x0, 0x7f, 0x1, 0xeb1, 0x401, 0x8000)

1.214338333s ago: executing program 6 (id=1233):
r0 = open(0x0, 0xd02, 0xc3)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000)
mbind$auto(0x0, 0x800605, 0x8003, &(0x7f0000000100)=0xffff, 0x3, 0x3)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
socket(0x2, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_START_AP(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)={0x668, 0x0, 0x20, 0x70bd27, 0x25dfdbff, {}, [@NL80211_ATTR_FRAME={0x639, 0x33, "afa6e0335f4a2c0c9b03ed037529ed1f8c19df0534c0c618363857d371dfe3575f074ed09281c32a0f2392027bee6d0506bdc9f52f16c9cddce2ee2bf411b5c37071c69297cbc252870e10ae089076ebd6ce5e42336573f7457224fb6e4d5cbc4b2847351ae8b9723b261b5876aa693b1f99786a8aff10d220aadda3c7f68a53903dbf2891b524fb9d9f1935f6873af22229e32a71276fac61cfbb99a0e9896735a111f46a73d9141b874444d253c3bcc98c2eddc451cb222af5ff8bdf0222e89524e44e1550d57f65061818b2e64ed23cbadd4cd35c4e675a6c76c93487649d5e120e876eef7d33bda62ec8ff4194ac957e81ef9aea0f96d44b4d7d28d0a90f3f3f1ab2302188a33eba4baeb8a36328ff04c2f77de5f5c1a202b358ced0d7ea41158c3745dc867e377ecadeccfcd5b8b519bef4dabe08dc5d923fb1a0bcfb63eb4c8e2143c4d2132e5e9c82712afab78723dc43d092eeb8a1bf619dd7d7c27b9785b953d4506d0d5207f3e8b76284b7749045ca2b5f062013c53f35be3e4489a1b8e3232314c86fbe18a58751f0b58219c53c1907daa47745badd8947431a66134913519262c65969aae0a78e040810ad130354b65c729754e9af226114904d39c5b24eaf02702067fdae7ae01c7fb58aa834b3d815caabb1761ba0d83cf8d53502a268b63fc3501fb67ded5c1b1482367ee4f5214303dc652abe046ce1abf20a3f49e1036026d77c132d332e98878ea17bd994e882becd6fc52d9fd91260ef25c204390f2c88c9e8cccd2d3f51bb9a93f0765f02dd8422bd3715b1205811f72ef91397fd5ab58f60cd10542ef3fa257e6cb0c311287b1af50dac0fb5614eaa5e67563c8efd9e89bb8fc2d7c6c4f64e95768bed149a69a345aadb64c89bb9e4bec361d74bef891543a5c8ba242c434b476bad123aece2a552ad43999907b425f4df57d3e4ca2c2b865568e619be2ef134718b47b6055a0bcc8ea64ff4ebc05339f5481e3c6fceadbd6f4126ccca4fb0e6b2303c4ec0d591cb45a076706a700ff34ad1c569fd11674bcbab1228132f1bfe192d138f25ec2520da501ed6e583492447734f69fa581e64a96f90582f9d757e391c0d33ce8250cc7c9e0d3651801cb285c9eee5bd0224d388dddf8527e49ca9030fd7955e93e3365f9602b4a4ef1aaca177e44e7f1142c8ec0015f2b505a775afe9ae820df18adaad4b3924d8033965991fe1e59acbbad440bc64b3198a4eae215fd32283be418b6ee791a89eaf386422aed1ca9a18a0220f88a7609d536ffd7db73c9654cbe7a7835668771f8f2f98d58cf1d60cff1004ee2fb4c394bf3b48d0232866d382ceeae8f340bddb3ac677edc560982312ac13bf765db179a235e47ec0747d428fe273fda500641154f168cad55351172f93a970ccf26626ec89d52f64d89f0d7456212854f35542794264126abf75567f56cf0081de22def6305d279b2aabdb91ac0813ccd0a4e87dd63b3188cc10a3eee94e7af67e2ab5070bc5e639a204af69b49aef29b61c7efd1a9f4b6bc51659aeb399b34cf21dc827259991979828515c776d86f06cf69ea710e6be91ec0ea9e46e9d08e07ad2ab67a4b43e2d0763a4673a8002df95761309b011b25a6effab4da60e599c27e263394328da81b0af4ebcd6d838c1a9ff729482681115b4964be42bb4b8d8855c71450e9c48999e195227f41eb0fde516123e1da39f0db125045c3e5dadbfba05b329cf3d02dbd9fa01c75856ee233ef96b5e61f845560c640758d3883bb7ca2da85c9c5c15dc0f4033bc8140ec0965f91a4be0692c0348a3cc38fbac8a0e6db18433aeb3f05921c5cf614be4754f76c9e3323026a646d89a7a894e1b493a999af49864886b6ed68ce635ba2eeff167e99ac5fa5696aca29f1517b47f460151ca4b9afb34cc5ffbeb037ece8de9d223d8a1124b6c0ce000928070c021dc17499c9313264903ccc5ba90f9b0eb3c1617cb53c8192a7e2d12c566c83ac35ee265bd5bafb2b3208af0cc938e8306a45b50ccd17ee5e59fbfcf30c09185c2d84db35e05190a3251c097c288d5bfd800f2fc5e60aaaaa7bb297e39e40dfc35da14b1ffa060ed3f02722f35e345e7ad453e6758b5ec8ef2ebd3a57413a1ea68df9684dc4dda5bdeaf81ec602fee0057dfa42fe9bcd7f571e906b31c4044c07070a0cdfab85594b18c54691b269a23e39fcbcb48eb4aab9b7950f145d87c750a5bd301ef6c1816aee61ac31b"}, @NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x8}, @NL80211_ATTR_SCHED_SCAN_RSSI_ADJUST={0x6, 0xf7, {0xe, 0x9}}, @NL80211_ATTR_WIPHY_TX_POWER_LEVEL={0x8, 0x62, 0x7}]}, 0x668}, 0x1, 0x0, 0x0, 0x48010}, 0x20000800)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socket(0xa, 0x5, 0x0)
getsockopt$auto(r0, 0x400002, 0x4, 0x0, &(0x7f00000001c0)=0x2)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
socket(0x1e, 0x1, 0x0)
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2000, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
select$auto(0x11, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd5, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x20000, 0x0)
r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/ip6_vti0/stable_secret\x00', 0x2, 0x0)
pwrite64$auto(r1, &(0x7f0000000040)='.\'*&\x04!\x00', 0x1, 0x8)

1.21420593s ago: executing program 3 (id=1234):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003f0, 0x15)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio1\x00', 0x20b42, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/graphics/fbcon/cursor_blink\x00', 0x0, 0x0)
fcntl$auto(0xffffffffffffffff, 0x409, 0x40003f)
ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000001100)=""/192, 0xc0)
write$auto(0x3, 0x0, 0x100082)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
setsockopt$auto(0xffffffffffffffff, 0x8, 0xc, 0x0, 0x567)
sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, 0x0, 0x8080)
sendmmsg$auto(0xffffffffffffffff, 0x0, 0x7, 0x4008)
acct$auto(0x0)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
migrate_pages$auto(0x0, 0x8, 0x0, &(0x7f00000001c0)=0x7b)
r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80502, 0x0)
ioctl$auto_SNDCTL_DSP_CHANNELS(r1, 0xc0045006, &(0x7f00000001c0))
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)

1.213246645s ago: executing program 0 (id=1241):
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)

9.756629ms ago: executing program 6 (id=1235):
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
socket(0xa, 0x3, 0x3b)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
nanosleep$auto(&(0x7f0000000180)={0x0, 0x44d4}, 0x0)
getpid()
clock_nanosleep$auto(0x9, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x10001, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x4000008000001f, 0x7, 0x6d3e, 0x5, 0x2, 0x2]}, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
io_uring_setup$auto(0x6, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
socket(0xa, 0x2, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)

677.213µs ago: executing program 0 (id=1236):
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
r0 = fanotify_init$auto(0x5, 0x2000000000002)
socket(0x26, 0x80805, 0x0)
socket(0x10, 0x2, 0xc)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r1 = socket(0xa, 0x3, 0x3a)
statx$auto(0x2, 0x0, 0x1000, 0xbdfa, 0x0)
mmap$auto(0x0, 0x402000b, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
fanotify_init$auto(0x5, 0x2000000000002)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$auto_MEMGETBADBLOCK(r0, 0x40084d0b, &(0x7f0000000000)=0x2)
socket(0x26, 0x80805, 0x0)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
ioctl$auto(0x3, 0xff05, 0x0)
setsockopt$auto(r1, 0x29, 0x15, 0x0, 0x56b)
socket(0x1d, 0x1, 0x0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080))
fanotify_mark$auto(r0, 0x5, 0x100000009, 0x4, 0x0)
syslog$auto(0x4, &(0x7f0000000040)='..\x00', 0x523b21c2)
syz_open_procfs$namespace(0x0, &(0x7f0000000040))
syz_open_procfs$namespace(0x0, &(0x7f0000000080))
close_range$auto(0x2, 0x8, 0x0)

0s ago: executing program 4 (id=1237):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400)
mmap$auto(0x0, 0x400408, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
ppoll$auto(0x0, 0x2f9638f3, &(0x7f0000000080)={0x66e2, 0x512d}, &(0x7f0000000100)={0x3ff}, 0x8)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2)
socket(0xa, 0x1, 0x100)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
socket(0x1a, 0x2, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x3, 0xfffffffffffffffe]}, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
ioctl$auto_SNDRV_RAWMIDI_IOCTL_INFO(r1, 0x810c5701, &(0x7f0000000340)={0x3, 0x1, 0x200, 0x10000, 0x2, "748987108c83c529e6e0e17d26156a70e2ae0200fe62d001c338115fef2fbd8b976aa4fbce454ad4063328e150b0abc105c79352189449ed57bb590643e87a9b", "c35d68b707f12e350124ce3c56384271520fe78cbd7cb2f5587ebbe76f0069619790130fd5b9b9cc3d10fce15d823e8e57d245b1bf025ba127790e258cecdc081b38425936a306e206bf69ccdc6b9978", "dee0c06ea301f4ecca5d8d48eca013e7a853234160c3d8d65d185c1bd6f8fbce", 0x1, 0x75a3, 0x200000, "096e8465a8a3029f90cbf3e37d2bafa231150560322e6642c9d0dd7f29c51d775c494d9b7d6dc7efc90faaed56664139afbbeb0bc6e486d0ae2b0b41"})
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xa, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0xc, 0x2, 0x6]}, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x8800)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
msync$auto(0xff, 0x800, 0x10)
ioctl$auto(0x3, 0x2287, 0xffffffffffffffff)
r2 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x401, 0x0)
write$auto_proc_mem_operations_base(r2, &(0x7f0000001680)="a7", 0x80000)
madvise$auto(0x0, 0x20200, 0x15)
prctl$auto(0x43, 0x0, 0x0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

	
	

			


	
	

	



	
	
	

	
		
	
	
	

	
		
	
	
	
	
	
	

	
		

	


	
	

		
	
		
	
	



			








	





	





		

		
		




	
		
	
	
	
	
	
	
	
	
	

	

	






	




	





		






	

	
		
	
	

	
		
	

	
		
	
	
	
	
	
	
	

	
		

	

	

	
				
	
	



	
		
	

	
		
	
	

	

	
	

	

	
	

	


	
				
	
		
	
	
		

	
				
	
	



				
		



	

	

	
	
				
		



	



				
					
		
			
	
		

		


	

		


	


	

	

	



	
	

	
	



			


		


		



		



	





	
		

	


	
	

		
	
		
	
	



			








	


	



	



	


	

	



	


	




	


	
	




	
	
	
	
	
	

	





	



		

		








	







	
	

	
	

	
		


	




		


		

	
	











	









	




	




		







[  636.930656][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  636.937616][ T1302] ieee802154 phy1 wpan1: encryption failed: -22

syzkaller
syzkaller login: [  639.062336][ T7981] FAULT_INJECTION: forcing a failure.
[  639.062336][ T7981] name failslab, interval 1, probability 0, space 0, times 0
[  639.122500][ T7981] CPU: 1 UID: 0 PID: 7981 Comm: syz.0.409 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) 
[  639.122724][ T7981] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  639.122911][ T7981] Call Trace:
[  639.122951][ T7981]  <TASK>
[  639.123068][ T7981]  dump_stack_lvl+0x16c/0x1f0
[  639.123482][ T7981]  should_fail_ex+0x512/0x640
[  639.123615][ T7981]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  639.123727][ T7981]  should_failslab+0xc2/0x120
[  639.123807][ T7981]  __kmalloc_cache_noprof+0x6a/0x3e0
[  639.123918][ T7981]  ? apply_subsystem_event_filter+0x323/0x17a0
[  639.124315][ T7981]  apply_subsystem_event_filter+0x323/0x17a0
[  639.124448][ T7981]  ? __pfx_apply_subsystem_event_filter+0x10/0x10
[  639.124643][ T7981]  ? _copy_from_user+0x59/0xd0
[  639.124774][ T7981]  subsystem_filter_write+0x95/0x120
[  639.124860][ T7981]  ? __pfx_subsystem_filter_write+0x10/0x10
[  639.124970][ T7981]  vfs_write+0x2a0/0x1150
[  639.125124][ T7981]  ? __pfx___mutex_lock+0x10/0x10
[  639.125275][ T7981]  ? __pfx_vfs_write+0x10/0x10
[  639.125440][ T7981]  ? __fget_files+0x20e/0x3c0
[  639.125588][ T7981]  ksys_write+0x12a/0x250
[  639.125757][ T7981]  ? __pfx_ksys_write+0x10/0x10
[  639.125922][ T7981]  do_syscall_64+0xcd/0x490
[  639.126154][ T7981]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  639.126233][ T7981] RIP: 0033:0x7f418618e929
[  639.126497][ T7981] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  639.126713][ T7981] RSP: 002b:00007f418702c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  639.126919][ T7981] RAX: ffffffffffffffda RBX: 00007f41863b6080 RCX: 00007f418618e929
[  639.126981][ T7981] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000006
[  639.127040][ T7981] RBP: 00007f4186210b39 R08: 0000000000000000 R09: 0000000000000000
[  639.127090][ T7981] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  639.127136][ T7981] R13: 0000000000000000 R14: 00007f41863b6080 R15: 00007fff2cbe8758
[  639.127210][ T7981]  </TASK>
[  642.699395][   T30] audit: type=1804 audit(4294967424.407:6): pid=8009 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.413" name="/newroot/107/file0" dev="tmpfs" ino=584 res=1 errno=0
[  647.414988][ T8023] netlink: 28 bytes leftover after parsing attributes in process `syz.2.416'.
[  655.368145][ T8081] Invalid ELF header magic: != ELF
[  655.410253][ T8081] net_ratelimit: 77 callbacks suppressed
[  655.410348][ T8081] netlink: zone id is out of range
[  655.509810][ T8081] netlink: zone id is out of range
[  655.522439][ T8081] netlink: zone id is out of range
[  655.554147][ T8081] netlink: zone id is out of range
[  655.559535][ T8081] netlink: zone id is out of range
[  657.437848][ T8089] netlink: 28 bytes leftover after parsing attributes in process `syz.2.426'.
[  657.639318][ T8089] hsr_slave_0: left promiscuous mode
[  657.680877][ T8089] hsr_slave_1: left promiscuous mode
[  660.991924][ T8092] FAULT_INJECTION: forcing a failure.
[  660.991924][ T8092] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  661.032936][ T8092] CPU: 0 UID: 0 PID: 8092 Comm: syz.2.427 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) 
[  661.033119][ T8092] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  661.033245][ T8092] Call Trace:
[  661.033272][ T8092]  <TASK>
[  661.033300][ T8092]  dump_stack_lvl+0x16c/0x1f0
[  661.033662][ T8092]  should_fail_ex+0x512/0x640
[  661.034061][ T8092]  should_fail_alloc_page+0xe7/0x130
[  661.034219][ T8092]  prepare_alloc_pages+0x3c2/0x610
[  661.034314][ T8092]  ? rcu_is_watching+0x12/0xc0
[  661.034389][ T8092]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  661.034496][ T8092]  ? lockdep_hardirqs_on+0x7c/0x110
[  661.034601][ T8092]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  661.034712][ T8092]  ? __lock_acquire+0x622/0x1c90
[  661.034899][ T8092]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  661.035009][ T8092]  ? relay_open+0x653/0xad0
[  661.035168][ T8092]  ? rcu_read_unlock+0x17/0x60
[  661.035292][ T8092]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  661.035558][ T8092]  ? policy_nodemask+0xea/0x4e0
[  661.035606][ T8092]  alloc_pages_mpol+0x1fb/0x550
[  661.035666][ T8092]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  661.035743][ T8092]  ? __kvmalloc_node_noprof.cold+0x60/0x65
[  661.036046][ T8092]  ? trace_kmalloc+0x2b/0xd0
[  661.036159][ T8092]  ? __kmalloc_noprof.cold+0x5c/0x61
[  661.036351][ T8092]  ? relay_open_buf.part.0+0x194/0xc80
[  661.036614][ T8092]  alloc_pages_noprof+0x131/0x390
[  661.036677][ T8092]  relay_open_buf.part.0+0x262/0xc80
[  661.036855][ T8092]  relay_open+0x653/0xad0
[  661.036966][ T8092]  ? debugfs_create_file_full+0x41/0x60
[  661.037097][ T8092]  do_blk_trace_setup+0x503/0xb50
[  661.037194][ T8092]  blk_trace_setup+0xed/0x1b0
[  661.037305][ T8092]  ? __pfx_blk_trace_setup+0x10/0x10
[  661.037419][ T8092]  ? __pfx_snprintf+0x10/0x10
[  661.037706][ T8092]  blk_trace_ioctl+0x146/0x280
[  661.037873][ T8092]  ? __pfx_blk_trace_ioctl+0x10/0x10
[  661.038017][ T8092]  ? find_held_lock+0x2b/0x80
[  661.038208][ T8092]  ? hook_file_ioctl_common+0x145/0x410
[  661.038328][ T8092]  blkdev_ioctl+0x108/0x6d0
[  661.038467][ T8092]  ? __pfx_blkdev_ioctl+0x10/0x10
[  661.038648][ T8092]  ? __pfx_blkdev_ioctl+0x10/0x10
[  661.038777][ T8092]  __x64_sys_ioctl+0x18e/0x210
[  661.038928][ T8092]  do_syscall_64+0xcd/0x490
[  661.039195][ T8092]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  661.039304][ T8092] RIP: 0033:0x7f50f4f8e929
[  661.039553][ T8092] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  661.039865][ T8092] RSP: 002b:00007f50f5e44038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  661.040127][ T8092] RAX: ffffffffffffffda RBX: 00007f50f51b5fa0 RCX: 00007f50f4f8e929
[  661.040237][ T8092] RDX: 00002000000000c0 RSI: 00000000c0481273 RDI: 0000000000000009
[  661.040345][ T8092] RBP: 00007f50f5010b39 R08: 0000000000000000 R09: 0000000000000000
[  661.040484][ T8092] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  661.040525][ T8092] R13: 0000000000000000 R14: 00007f50f51b5fa0 R15: 00007fff0e56a108
[  661.040592][ T8092]  </TASK>
[  661.457888][ T8094] bond0: option all_slaves_active: invalid value ()
[  668.077528][ T8143] netlink: 4 bytes leftover after parsing attributes in process `syz.2.438'.
[  669.857177][ T8154] netlink: 8 bytes leftover after parsing attributes in process `syz.2.440'.
[  670.711669][ T8155] netlink: 8 bytes leftover after parsing attributes in process `syz.2.440'.
[  677.436264][ T8194] netlink: 28 bytes leftover after parsing attributes in process `syz.3.447'.
[  677.446171][ T8194] geneve1: entered promiscuous mode
[  677.451568][ T8194] geneve1: entered allmulticast mode
[  677.570857][ T8183] Invalid ELF header magic: != ELF
[  678.097036][ T8193] netlink: 28 bytes leftover after parsing attributes in process `syz.3.447'.
[  680.553963][ T8204] netlink: 28 bytes leftover after parsing attributes in process `syz.3.449'.
[  682.354083][ T8224] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input10
[  684.081938][   T30] audit: type=1804 audit(4294967465.767:7): pid=8225 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.452" name="/newroot/116/file0" dev="tmpfs" ino=634 res=1 errno=0
[  684.479598][ T8213] tipc: can't start tipc receive workqueue
[  687.480277][ T8246] FAULT_INJECTION: forcing a failure.
[  687.480277][ T8246] name fail_futex, interval 1, probability 0, space 0, times 1
[  687.531511][ T8246] CPU: 0 UID: 0 PID: 8246 Comm: syz.2.457 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) 
[  687.531577][ T8246] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  687.531682][ T8246] Call Trace:
[  687.531708][ T8246]  <TASK>
[  687.531745][ T8246]  dump_stack_lvl+0x16c/0x1f0
[  687.532003][ T8246]  should_fail_ex+0x512/0x640
[  687.532125][ T8246]  get_futex_key+0x1d0/0x1540
[  687.532184][ T8246]  ? __pfx_get_futex_key+0x10/0x10
[  687.532235][ T8246]  futex_wake+0xea/0x530
[  687.532285][ T8246]  ? rcu_is_watching+0x12/0xc0
[  687.532321][ T8246]  ? __pfx_futex_wake+0x10/0x10
[  687.532415][ T8246]  ? kmem_cache_free+0x2d1/0x4d0
[  687.532523][ T8246]  ? fd_install+0x225/0x750
[  687.532566][ T8246]  ? putname+0x154/0x1a0
[  687.532602][ T8246]  do_futex+0x1e3/0x350
[  687.532645][ T8246]  ? __pfx_do_futex+0x10/0x10
[  687.532696][ T8246]  __x64_sys_futex+0x1e0/0x4c0
[  687.532738][ T8246]  ? __x64_sys_openat+0x174/0x210
[  687.532773][ T8246]  ? __pfx___x64_sys_futex+0x10/0x10
[  687.532828][ T8246]  do_syscall_64+0xcd/0x490
[  687.532882][ T8246]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  687.532932][ T8246] RIP: 0033:0x7f50f4f8e929
[  687.533034][ T8246] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  687.533088][ T8246] RSP: 002b:00007f50f5e440e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  687.533164][ T8246] RAX: ffffffffffffffda RBX: 00007f50f51b5fa8 RCX: 00007f50f4f8e929
[  687.533189][ T8246] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f50f51b5fac
[  687.533210][ T8246] RBP: 00007f50f51b5fa0 R08: 00007f50f5e45000 R09: 0000000000000000
[  687.533229][ T8246] R10: 0000000000000007 R11: 0000000000000246 R12: 00007f50f51b5fac
[  687.533252][ T8246] R13: 0000000000000000 R14: 00007fff0e56a020 R15: 00007fff0e56a108
[  687.533294][ T8246]  </TASK>
[  689.995273][ T8256] netlink: 8 bytes leftover after parsing attributes in process `syz.1.460'.
[  691.947169][ T8265] random: crng reseeded on system resumption
[  697.124360][ T8295] random: crng reseeded on system resumption
[  698.369964][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  698.379513][ T1302] ieee802154 phy1 wpan1: encryption failed: -22

syzkaller
syzkaller login: [  706.701946][ T8355] netlink: set zone limit has 8 unknown bytes
[  709.092592][ T8375] netlink: 4 bytes leftover after parsing attributes in process `syz.2.482'.
[  709.126151][ T8375] netlink: 354 bytes leftover after parsing attributes in process `syz.2.482'.
[  709.429715][   T30] audit: type=1800 audit(4294967491.137:8): pid=8379 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.483" name="members" dev="configfs" ino=29669 res=0 errno=0
[  709.735377][ T8384] netlink: 4 bytes leftover after parsing attributes in process `syz.2.484'.
[  712.294968][ T8400] kexec: Could not allocate control_code_buffer
[  713.844971][ T8418] FAULT_INJECTION: forcing a failure.
[  713.844971][ T8418] name failslab, interval 1, probability 0, space 0, times 0
[  713.881374][ T8418] CPU: 1 UID: 0 PID: 8418 Comm: syz.3.490 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) 
[  713.881443][ T8418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  713.881485][ T8418] Call Trace:
[  713.881497][ T8418]  <TASK>
[  713.881512][ T8418]  dump_stack_lvl+0x16c/0x1f0
[  713.881768][ T8418]  should_fail_ex+0x512/0x640
[  713.881887][ T8418]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  713.881946][ T8418]  should_failslab+0xc2/0x120
[  713.881973][ T8418]  __kmalloc_cache_noprof+0x6a/0x3e0
[  713.882013][ T8418]  ? io_uring_alloc_task_context+0x96/0x650
[  713.882065][ T8418]  io_uring_alloc_task_context+0x96/0x650
[  713.882103][ T8418]  ? __pfx_io_uring_alloc_task_context+0x10/0x10
[  713.882180][ T8418]  ? alloc_file_pseudo+0x1b3/0x230
[  713.882223][ T8418]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  713.882340][ T8418]  __io_uring_add_tctx_node+0x2dd/0x500
[  713.882487][ T8418]  ? __pfx___io_uring_add_tctx_node+0x10/0x10
[  713.882538][ T8418]  ? __anon_inode_getfile+0x18b/0x3a0
[  713.882622][ T8418]  io_uring_setup+0x1579/0x2080
[  713.882685][ T8418]  ? __pfx_io_uring_setup+0x10/0x10
[  713.882875][ T8418]  ? xfd_validate_state+0x61/0x180
[  713.882932][ T8418]  __x64_sys_io_uring_setup+0xc2/0x170
[  713.882976][ T8418]  do_syscall_64+0xcd/0x490
[  713.883034][ T8418]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  713.883065][ T8418] RIP: 0033:0x7f949038e929
[  713.883298][ T8418] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  713.883376][ T8418] RSP: 002b:00007f94911ff038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9
[  713.883460][ T8418] RAX: ffffffffffffffda RBX: 00007f94905b6080 RCX: 00007f949038e929
[  713.883504][ T8418] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006
[  713.883538][ T8418] RBP: 00007f9490410b39 R08: 0000000000000000 R09: 0000000000000000
[  713.883568][ T8418] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  713.883596][ T8418] R13: 0000000000000000 R14: 00007f94905b6080 R15: 00007ffc5b3f7c98
[  713.883705][ T8418]  </TASK>
[  717.745625][ T8444] FAULT_INJECTION: forcing a failure.
[  717.745625][ T8444] name failslab, interval 1, probability 0, space 0, times 0
[  717.813625][ T8444] CPU: 0 UID: 0 PID: 8444 Comm: syz.1.494 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) 
[  717.813692][ T8444] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  717.813719][ T8444] Call Trace:
[  717.813728][ T8444]  <TASK>
[  717.813737][ T8444]  dump_stack_lvl+0x16c/0x1f0
[  717.813899][ T8444]  should_fail_ex+0x512/0x640
[  717.813983][ T8444]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  717.814050][ T8444]  should_failslab+0xc2/0x120
[  717.814116][ T8444]  __kmalloc_cache_noprof+0x6a/0x3e0
[  717.814185][ T8444]  ? lockdep_init_map_type+0x5c/0x280
[  717.814227][ T8444]  ? zs_create_pool+0x4d2/0xb80
[  717.814273][ T8444]  zs_create_pool+0x4d2/0xb80
[  717.814371][ T8444]  ? __pfx_zs_create_pool+0x10/0x10
[  717.814449][ T8444]  ? disksize_store+0x117/0x670
[  717.814569][ T8444]  ? __vmalloc_node_noprof+0xad/0xf0
[  717.814637][ T8444]  ? disksize_store+0x117/0x670
[  717.814686][ T8444]  disksize_store+0x174/0x670
[  717.814831][ T8444]  ? __pfx_disksize_store+0x10/0x10
[  717.814959][ T8444]  dev_attr_store+0x55/0x80
[  717.815021][ T8444]  ? __pfx_dev_attr_store+0x10/0x10
[  717.815096][ T8444]  sysfs_kf_write+0xf2/0x150
[  717.815223][ T8444]  kernfs_fop_write_iter+0x354/0x510
[  717.815276][ T8444]  ? __pfx_sysfs_kf_write+0x10/0x10
[  717.815352][ T8444]  vfs_write+0x6c7/0x1150
[  717.815430][ T8444]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  717.815493][ T8444]  ? __pfx___mutex_lock+0x10/0x10
[  717.815609][ T8444]  ? __pfx_vfs_write+0x10/0x10
[  717.815862][ T8444]  ksys_write+0x12a/0x250
[  717.815962][ T8444]  ? __pfx_ksys_write+0x10/0x10
[  717.816052][ T8444]  do_syscall_64+0xcd/0x490
[  717.816495][ T8444]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  717.816553][ T8444] RIP: 0033:0x7fb815f8e929
[  717.816644][ T8444] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  717.816753][ T8444] RSP: 002b:00007fb816d72038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  717.816852][ T8444] RAX: ffffffffffffffda RBX: 00007fb8161b5fa0 RCX: 00007fb815f8e929
[  717.816964][ T8444] RDX: 0000000000000001 RSI: 0000200000000ec0 RDI: 0000000000000003
[  717.817002][ T8444] RBP: 00007fb816010b39 R08: 0000000000000000 R09: 0000000000000000
[  717.817022][ T8444] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  717.817058][ T8444] R13: 0000000000000000 R14: 00007fb8161b5fa0 R15: 00007ffd334825a8
[  717.817105][ T8444]  </TASK>
[  726.357617][ T8486] random: crng reseeded on system resumption
[  727.617390][ T8488] FAULT_INJECTION: forcing a failure.
[  727.617390][ T8488] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  727.707815][ T8488] CPU: 0 UID: 0 PID: 8488 Comm: syz.0.501 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) 
[  727.708255][ T8488] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  727.708388][ T8488] Call Trace:
[  727.708418][ T8488]  <TASK>
[  727.708430][ T8488]  dump_stack_lvl+0x16c/0x1f0
[  727.708699][ T8488]  should_fail_ex+0x512/0x640
[  727.708811][ T8488]  should_fail_alloc_page+0xe7/0x130
[  727.708895][ T8488]  prepare_alloc_pages+0x3c2/0x610
[  727.709004][ T8488]  ? rcu_is_watching+0x12/0xc0
[  727.709094][ T8488]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  727.709278][ T8488]  ? rcu_is_watching+0x12/0xc0
[  727.709334][ T8488]  ? trace_mm_page_alloc+0x11f/0x1a0
[  727.709371][ T8488]  ? __alloc_frozen_pages_noprof+0x294/0x23f0
[  727.709418][ T8488]  ? stack_trace_save+0x8e/0xc0
[  727.709466][ T8488]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  727.709534][ T8488]  ? kmem_cache_alloc_node_noprof+0x1d5/0x3b0
[  727.709583][ T8488]  ? __get_vm_area_node+0x1ca/0x330
[  727.709620][ T8488]  ? __vmalloc_node_noprof+0xad/0xf0
[  727.709656][ T8488]  ? pcpu_mem_zalloc+0x54/0xb0
[  727.709710][ T8488]  ? pcpu_create_chunk+0x432/0x730
[  727.709823][ T8488]  ? pcpu_alloc_noprof+0x11e3/0x1470
[  727.709984][ T8488]  ? bpf_map_alloc_percpu+0x9a/0x4b0
[  727.710229][ T8488]  ? htab_map_alloc+0x10ca/0x1570
[  727.710407][ T8488]  ? map_create+0x592/0x1db0
[  727.710601][ T8488]  alloc_pages_bulk_noprof+0x71c/0x1410
[  727.710657][ T8488]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  727.710710][ T8488]  ? policy_nodemask+0xea/0x4e0
[  727.710746][ T8488]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  727.710811][ T8488]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  727.710907][ T8488]  kasan_populate_vmalloc+0xf1/0x1f0
[  727.711004][ T8488]  alloc_vmap_area+0x959/0x29c0
[  727.711267][ T8488]  ? __pfx_alloc_vmap_area+0x10/0x10
[  727.711315][ T8488]  __get_vm_area_node+0x1ca/0x330
[  727.711369][ T8488]  __vmalloc_node_range_noprof+0x271/0x14b0
[  727.711412][ T8488]  ? pcpu_mem_zalloc+0x54/0xb0
[  727.711465][ T8488]  ? pcpu_mem_zalloc+0x54/0xb0
[  727.711516][ T8488]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  727.711573][ T8488]  ? pcpu_mem_zalloc+0x54/0xb0
[  727.711611][ T8488]  __vmalloc_node_noprof+0xad/0xf0
[  727.711653][ T8488]  ? pcpu_mem_zalloc+0x54/0xb0
[  727.711697][ T8488]  pcpu_mem_zalloc+0x54/0xb0
[  727.711738][ T8488]  pcpu_create_chunk+0x432/0x730
[  727.711786][ T8488]  pcpu_alloc_noprof+0x11e3/0x1470
[  727.711851][ T8488]  bpf_map_alloc_percpu+0x9a/0x4b0
[  727.711925][ T8488]  htab_map_alloc+0x10ca/0x1570
[  727.712019][ T8488]  ? ns_capable+0xd7/0x110
[  727.712090][ T8488]  map_create+0x592/0x1db0
[  727.712354][ T8488]  ? __pfx_map_create+0x10/0x10
[  727.712436][ T8488]  ? __might_fault+0xe3/0x190
[  727.712504][ T8488]  ? __might_fault+0xe3/0x190
[  727.712651][ T8488]  ? __might_fault+0x13b/0x190
[  727.712767][ T8488]  __sys_bpf+0x47cc/0x4d80
[  727.712853][ T8488]  ? __pfx___sys_bpf+0x10/0x10
[  727.712967][ T8488]  ? do_writev+0x218/0x340
[  727.713019][ T8488]  ? do_futex+0x122/0x350
[  727.713057][ T8488]  ? __pfx_do_futex+0x10/0x10
[  727.713110][ T8488]  ? fput+0x70/0xf0
[  727.713140][ T8488]  ? xfd_validate_state+0x61/0x180
[  727.713180][ T8488]  ? __pfx_do_writev+0x10/0x10
[  727.713234][ T8488]  __x64_sys_bpf+0x78/0xc0
[  727.713262][ T8488]  ? lockdep_hardirqs_on+0x7c/0x110
[  727.713311][ T8488]  do_syscall_64+0xcd/0x490
[  727.713362][ T8488]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  727.713394][ T8488] RIP: 0033:0x7f418618e929
[  727.713511][ T8488] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  727.713561][ T8488] RSP: 002b:00007f418704d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  727.713609][ T8488] RAX: ffffffffffffffda RBX: 00007f41863b5fa0 RCX: 00007f418618e929
[  727.713631][ T8488] RDX: 00000000000000a3 RSI: 0000200000000780 RDI: 0000000000000000
[  727.713649][ T8488] RBP: 00007f4186210b39 R08: 0000000000000000 R09: 0000000000000000
[  727.713667][ T8488] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  727.713683][ T8488] R13: 0000000000000000 R14: 00007f41863b5fa0 R15: 00007fff2cbe8758
[  727.713721][ T8488]  </TASK>
[  728.668408][ T8474] tipc: can't start tipc receive workqueue
[  731.796155][ T8505] FAULT_INJECTION: forcing a failure.
[  731.796155][ T8505] name failslab, interval 1, probability 0, space 0, times 0
[  731.898676][ T8505] CPU: 0 UID: 0 PID: 8505 Comm: syz.2.504 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) 
[  731.898800][ T8505] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  731.898856][ T8505] Call Trace:
[  731.898876][ T8505]  <TASK>
[  731.898900][ T8505]  dump_stack_lvl+0x16c/0x1f0
[  731.899127][ T8505]  should_fail_ex+0x512/0x640
[  731.899223][ T8505]  ? fs_reclaim_acquire+0xae/0x150
[  731.899294][ T8505]  should_failslab+0xc2/0x120
[  731.899367][ T8505]  __kmalloc_cache_noprof+0x6a/0x3e0
[  731.899463][ T8505]  ? tomoyo_find_next_domain+0x145/0x20b0
[  731.899554][ T8505]  ? kasan_save_track+0x14/0x30
[  731.899660][ T8505]  tomoyo_find_next_domain+0x145/0x20b0
[  731.899831][ T8505]  ? __pfx_tomoyo_find_next_domain+0x10/0x10
[  731.900025][ T8505]  tomoyo_bprm_check_security+0x12e/0x1d0
[  731.900135][ T8505]  ? tomoyo_bprm_check_security+0x120/0x1d0
[  731.900247][ T8505]  security_bprm_check+0x1b9/0x1e0
[  731.900452][ T8505]  bprm_execve+0x810/0x1650
[  731.900569][ T8505]  ? __pfx_bprm_execve+0x10/0x10
[  731.900651][ T8505]  ? copy_string_kernel+0x444/0x510
[  731.900782][ T8505]  do_execveat_common.isra.0+0x4a5/0x610
[  731.901177][ T8505]  __x64_sys_execve+0x8e/0xb0
[  731.901387][ T8505]  do_syscall_64+0xcd/0x490
[  731.901525][ T8505]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  731.901600][ T8505] RIP: 0033:0x7f50f4f8e929
[  731.901745][ T8505] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  731.901830][ T8505] RSP: 002b:00007f50f5e23038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
[  731.901914][ T8505] RAX: ffffffffffffffda RBX: 00007f50f51b6080 RCX: 00007f50f4f8e929
[  731.901959][ T8505] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000
[  731.902002][ T8505] RBP: 00007f50f5010b39 R08: 0000000000000000 R09: 0000000000000000
[  731.902066][ T8505] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  731.902122][ T8505] R13: 0000000000000000 R14: 00007f50f51b6080 R15: 00007fff0e56a108
[  731.902220][ T8505]  </TASK>
[  732.139990][ T8510] netlink: 4 bytes leftover after parsing attributes in process `syz.1.505'.
[  739.561121][ T8547] FAULT_INJECTION: forcing a failure.
[  739.561121][ T8547] name failslab, interval 1, probability 0, space 0, times 0
[  739.656490][ T8547] CPU: 1 UID: 0 PID: 8547 Comm: syz.0.511 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) 
[  739.656581][ T8547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  739.656626][ T8547] Call Trace:
[  739.656638][ T8547]  <TASK>
[  739.656650][ T8547]  dump_stack_lvl+0x16c/0x1f0
[  739.656941][ T8547]  should_fail_ex+0x512/0x640
[  739.657086][ T8547]  ? __kmalloc_noprof+0xbf/0x510
[  739.657229][ T8547]  ? constrain_params_by_rules+0x175/0xca0
[  739.657332][ T8547]  should_failslab+0xc2/0x120
[  739.657423][ T8547]  __kmalloc_noprof+0xd2/0x510
[  739.657527][ T8547]  ? unwind_get_return_address+0x59/0xa0
[  739.657685][ T8547]  constrain_params_by_rules+0x175/0xca0
[  739.657798][ T8547]  ? stack_trace_save+0x8e/0xc0
[  739.657886][ T8547]  ? stack_depot_save_flags+0x28/0xa40
[  739.658030][ T8547]  ? __pfx_constrain_params_by_rules+0x10/0x10
[  739.658120][ T8547]  ? snd_pcm_hw_param_near.constprop.0+0x72f/0x8e0
[  739.658254][ T8547]  ? snd_pcm_oss_change_params_locked+0x1398/0x3a30
[  739.658368][ T8547]  ? __kasan_kmalloc+0xaa/0xb0
[  739.658542][ T8547]  ? snd_pcm_hw_param_near.constprop.0+0xbc/0x8e0
[  739.658633][ T8547]  ? snd_pcm_oss_change_params_locked+0x13f9/0x3a30
[  739.658718][ T8547]  ? snd_pcm_oss_get_active_substream+0x168/0x1d0
[  739.658982][ T8547]  ? snd_interval_refine+0x2fa/0x580
[  739.659164][ T8547]  snd_pcm_hw_refine+0x7de/0xad0
[  739.659224][ T8547]  ? __pfx_snd_pcm_hw_refine+0x10/0x10
[  739.659333][ T8547]  ? _snd_pcm_hw_param_min+0x259/0x630
[  739.659432][ T8547]  snd_pcm_hw_param_near.constprop.0+0x58a/0x8e0
[  739.659717][ T8547]  ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10
[  739.660020][ T8547]  ? __asan_memset+0x23/0x50
[  739.660186][ T8547]  ? calc_src_frames.isra.0+0x187/0x1d0
[  739.660297][ T8547]  snd_pcm_oss_change_params_locked+0x13f9/0x3a30
[  739.660411][ T8547]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  739.660556][ T8547]  snd_pcm_oss_get_active_substream+0x168/0x1d0
[  739.660827][ T8547]  snd_pcm_oss_ioctl+0x21e9/0x37a0
[  739.661085][ T8547]  ? hook_file_ioctl_common+0x145/0x410
[  739.661377][ T8547]  ? __pfx_snd_pcm_oss_ioctl+0x10/0x10
[  739.661533][ T8547]  ? __fget_files+0x20e/0x3c0
[  739.661829][ T8547]  ? __pfx_snd_pcm_oss_ioctl+0x10/0x10
[  739.661994][ T8547]  __x64_sys_ioctl+0x18e/0x210
[  739.662090][ T8547]  do_syscall_64+0xcd/0x490
[  739.662233][ T8547]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  739.662314][ T8547] RIP: 0033:0x7f418618e929
[  739.662436][ T8547] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  739.662594][ T8547] RSP: 002b:00007f418702c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  739.662687][ T8547] RAX: ffffffffffffffda RBX: 00007f41863b6080 RCX: 00007f418618e929
[  739.662825][ T8547] RDX: 0000000000000000 RSI: 00000000c0045002 RDI: 0000000000000009
[  739.662959][ T8547] RBP: 00007f4186210b39 R08: 0000000000000000 R09: 0000000000000000
[  739.663089][ T8547] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  739.663142][ T8547] R13: 0000000000000000 R14: 00007f41863b6080 R15: 00007fff2cbe8758
[  739.663208][ T8547]  </TASK>
[  740.540273][ T8550] netlink: 338 bytes leftover after parsing attributes in process `syz.3.512'.
[  746.425377][ T8604] input: 00
[  746.425377][ T8604]  as /devices/virtual/input/input11
[  746.559647][ T8604] FAULT_INJECTION: forcing a failure.
[  746.559647][ T8604] name failslab, interval 1, probability 0, space 0, times 0
[  746.693878][ T8604] CPU: 0 UID: 0 PID: 8604 Comm: syz.2.521 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) 
[  746.694059][ T8604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  746.694140][ T8604] Call Trace:
[  746.694222][ T8604]  <TASK>
[  746.694246][ T8604]  dump_stack_lvl+0x16c/0x1f0
[  746.694706][ T8604]  should_fail_ex+0x512/0x640
[  746.694907][ T8604]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  746.695138][ T8604]  should_failslab+0xc2/0x120
[  746.695190][ T8604]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  746.695238][ T8604]  ? __asan_memcpy+0x3c/0x60
[  746.695280][ T8604]  ? __kernfs_new_node+0xd2/0x8e0
[  746.695331][ T8604]  __kernfs_new_node+0xd2/0x8e0
[  746.695382][ T8604]  ? __pfx___kernfs_new_node+0x10/0x10
[  746.695440][ T8604]  ? find_held_lock+0x2b/0x80
[  746.695487][ T8604]  ? kernfs_root+0xee/0x2a0
[  746.695544][ T8604]  kernfs_new_node+0x13c/0x1e0
[  746.695605][ T8604]  kernfs_create_link+0xcc/0x240
[  746.695649][ T8604]  sysfs_do_create_link_sd+0x90/0x140
[  746.695699][ T8604]  sysfs_create_link+0x61/0xc0
[  746.695742][ T8604]  device_add+0xb14/0x1a70
[  746.695784][ T8604]  ? __pfx_device_add+0x10/0x10
[  746.695816][ T8604]  ? __pfx_exact_lock+0x10/0x10
[  746.695933][ T8604]  ? kobject_get+0xbb/0x150
[  746.696011][ T8604]  cdev_device_add+0xc2/0x1e0
[  746.696083][ T8604]  evdev_connect+0x3a4/0x4c0
[  746.696139][ T8604]  input_attach_handler.isra.0+0x181/0x260
[  746.696208][ T8604]  input_register_device+0xa84/0x1130
[  746.696262][ T8604]  uinput_ioctl_handler.isra.0+0x1357/0x1df0
[  746.696301][ T8604]  ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10
[  746.696356][ T8604]  ? find_held_lock+0x2b/0x80
[  746.696441][ T8604]  ? __pfx_uinput_ioctl+0x10/0x10
[  746.696501][ T8604]  __x64_sys_ioctl+0x18e/0x210
[  746.696550][ T8604]  do_syscall_64+0xcd/0x490
[  746.696640][ T8604]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  746.696697][ T8604] RIP: 0033:0x7f50f4f8e929
[  746.696811][ T8604] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  746.696865][ T8604] RSP: 002b:00007f50f5e44038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  746.696951][ T8604] RAX: ffffffffffffffda RBX: 00007f50f51b5fa0 RCX: 00007f50f4f8e929
[  746.697022][ T8604] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000006
[  746.697042][ T8604] RBP: 00007f50f5010b39 R08: 0000000000000000 R09: 0000000000000000
[  746.697060][ T8604] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  746.697077][ T8604] R13: 0000000000000000 R14: 00007f50f51b5fa0 R15: 00007fff0e56a108
[  746.697114][ T8604]  </TASK>
[  747.361149][ T8612] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_tx_wq": -EINTR
[  747.468983][ T8604] input: failed to attach handler evdev to device input11, error: -12
[  759.816151][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  759.833579][ T1302] ieee802154 phy1 wpan1: encryption failed: -22

	
		

	


	
	

		
	
		
	
	



			








	



	

















	

		











	

	
	
















	




	




		







				


	
		

	


	
	

		
	
		
	
	



			








	


		

	






		
			



	
			





	

	














	

	

		
	
	
	
	






	




	




		






	
		





	

		





				
		
	
	

	
	

	
	

	
	

	
	
	
							
		


			
	
	
	

	

	
		

	


	
	

		
	
		
	
	



			








	




	






	
	




	

		











	

	
	
















	




	




		








		
	
	

	
	

	
	

	
	

	


	
	

	
		

	


	
	

		
	
		
	
	



			








	





	




	

	


	


	


	



	
	
	
	
	
	






	




	





		







	
		

	


	
	

		
	
		
	
	



			








	

	
	


	




		

		

			



	
	

	



	
	




	

		











	

	
	
















	




	




		






	

	



		
	
	

	
	

	
	

	
	

	
	

	
	

	
	

	
	

	

				



		
	



	
	
	
	
	
	


		
	
	
	
					
	
			

	
				
	
	



	
		
	

	

		
		

	
		

	


	
	

		
	
			
		
	
	



			








	





	







	




	

	
	


	



	
	


	


	

		

		
	


	


		
		
	

	

			
			





		

	
		
		

		


		


















	










	




	





		








	
		

	


	
	

		
	
		
	
	



			








	



	



		







	
	

	
	
	
	
	
	
	
	
	
		
	
	
	






	




	





		









		

		
		
	
	
	
		
	
		
	
	

	
		
	
	
					
	
	

	

		
		
	

	

		
		
	

	
		

	
		

	


	
	

		
	
		
	
	



			








	





	









	


	



	

	


	


	
	



	





	







	





	




	

		

		
	


	


		
		
	

	

			
			





		

	
		
		

		


		


















	










	




	





		









	

	

	
	

	
		

syzkaller
syzkaller login: [  861.872590][ T9655] FAULT_INJECTION: forcing a failure.
[  861.872590][ T9655] name failslab, interval 1, probability 0, space 0, times 0
[  861.947320][ T9655] CPU: 0 UID: 0 PID: 9655 Comm: syz.0.701 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) 
[  861.947371][ T9655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  861.947392][ T9655] Call Trace:
[  861.947403][ T9655]  <TASK>
[  861.947416][ T9655]  dump_stack_lvl+0x16c/0x1f0
[  861.947482][ T9655]  should_fail_ex+0x512/0x640
[  861.947532][ T9655]  ? __kvmalloc_node_noprof+0x124/0x620
[  861.947588][ T9655]  should_failslab+0xc2/0x120
[  861.947619][ T9655]  __kvmalloc_node_noprof+0x137/0x620
[  861.947669][ T9655]  ? alloc_netdev_mqs+0xfbe/0x1570
[  861.947732][ T9655]  ? alloc_netdev_mqs+0xfbe/0x1570
[  861.947783][ T9655]  alloc_netdev_mqs+0xfbe/0x1570
[  861.947846][ T9655]  slip_open+0x35c/0x1150
[  861.947888][ T9655]  ? __pfx___might_resched+0x10/0x10
[  861.947924][ T9655]  ? __pfx_n_tty_close+0x10/0x10
[  861.947960][ T9655]  ? find_held_lock+0x2b/0x80
[  861.947993][ T9655]  ? __pfx_slip_open+0x10/0x10
[  861.948033][ T9655]  ? down_write+0x14d/0x200
[  861.948068][ T9655]  ? __pfx_slip_open+0x10/0x10
[  861.948107][ T9655]  tty_ldisc_open+0x9f/0x120
[  861.948153][ T9655]  tty_set_ldisc+0x32b/0x780
[  861.948205][ T9655]  tty_ioctl+0xc2e/0x1640
[  861.948281][ T9655]  ? __pfx_tty_ioctl+0x10/0x10
[  861.948358][ T9655]  ? find_held_lock+0x2b/0x80
[  861.948401][ T9655]  ? hook_file_ioctl_common+0x145/0x410
[  861.948444][ T9655]  ? __fget_files+0x20e/0x3c0
[  861.948504][ T9655]  ? __pfx_tty_ioctl+0x10/0x10
[  861.948547][ T9655]  __x64_sys_ioctl+0x18e/0x210
[  861.948583][ T9655]  do_syscall_64+0xcd/0x490
[  861.948629][ T9655]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  861.948660][ T9655] RIP: 0033:0x7f418618e929
[  861.948684][ T9655] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  861.948712][ T9655] RSP: 002b:00007f418704d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  861.948739][ T9655] RAX: ffffffffffffffda RBX: 00007f41863b5fa0 RCX: 00007f418618e929
[  861.948817][ T9655] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 000000000000000a
[  861.948834][ T9655] RBP: 00007f4186210b39 R08: 0000000000000000 R09: 0000000000000000
[  861.948851][ T9655] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  861.948867][ T9655] R13: 0000000000000000 R14: 00007f41863b5fa0 R15: 00007fff2cbe8758
[  861.948903][ T9655]  </TASK>
[  868.720010][ T9726] vcan0: tx drop: invalid sa for name 0x00000000000000fd
[  869.366505][ T9731] Invalid ELF header magic: != ELF
[  871.122993][ T9715] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  872.417263][ T9749] loop6: detected capacity change from 0 to 8192
[  872.699615][ T9766] FAULT_INJECTION: forcing a failure.
[  872.699615][ T9766] name failslab, interval 1, probability 0, space 0, times 0
[  872.760360][ T9766] CPU: 0 UID: 0 PID: 9766 Comm: syz.0.723 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) 
[  872.760422][ T9766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  872.760443][ T9766] Call Trace:
[  872.760454][ T9766]  <TASK>
[  872.760468][ T9766]  dump_stack_lvl+0x16c/0x1f0
[  872.760532][ T9766]  should_fail_ex+0x512/0x640
[  872.760582][ T9766]  ? __kmalloc_noprof+0xbf/0x510
[  872.760636][ T9766]  ? snd_pcm_plugin_build+0x64/0x650
[  872.760680][ T9766]  should_failslab+0xc2/0x120
[  872.760712][ T9766]  __kmalloc_noprof+0xd2/0x510
[  872.760757][ T9766]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  872.760812][ T9766]  snd_pcm_plugin_build+0x64/0x650
[  872.760855][ T9766]  snd_pcm_plugin_build_linear+0x29d/0x850
[  872.760900][ T9766]  ? wake_up_all_idle_cpus+0x165/0x1e0
[  872.760954][ T9766]  ? __pfx_snd_pcm_plugin_build_linear+0x10/0x10
[  872.761005][ T9766]  ? snd_pcm_hw_params+0xcd/0x1b40
[  872.761052][ T9766]  snd_pcm_plug_format_plugins+0x7f8/0x1430
[  872.761096][ T9766]  ? __pfx_snd_pcm_plug_format_plugins+0x10/0x10
[  872.761142][ T9766]  ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10
[  872.761190][ T9766]  snd_pcm_oss_change_params_locked+0x2dec/0x3a30
[  872.761247][ T9766]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  872.761317][ T9766]  snd_pcm_oss_get_active_substream+0x168/0x1d0
[  872.761370][ T9766]  snd_pcm_oss_ioctl+0x21e9/0x37a0
[  872.761414][ T9766]  ? hook_file_ioctl_common+0x145/0x410
[  872.761451][ T9766]  ? __pfx_snd_pcm_oss_ioctl+0x10/0x10
[  872.761492][ T9766]  ? __fget_files+0x20e/0x3c0
[  872.761545][ T9766]  ? __pfx_snd_pcm_oss_ioctl+0x10/0x10
[  872.761587][ T9766]  __x64_sys_ioctl+0x18e/0x210
[  872.761627][ T9766]  do_syscall_64+0xcd/0x490
[  872.761681][ T9766]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  872.761723][ T9766] RIP: 0033:0x7f418618e929
[  872.761749][ T9766] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  872.761783][ T9766] RSP: 002b:00007f418702c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  872.761815][ T9766] RAX: ffffffffffffffda RBX: 00007f41863b6080 RCX: 00007f418618e929
[  872.761836][ T9766] RDX: 0000000000000000 RSI: 00000000c0045002 RDI: 0000000000000008
[  872.761856][ T9766] RBP: 00007f4186210b39 R08: 0000000000000000 R09: 0000000000000000
[  872.761875][ T9766] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  872.761893][ T9766] R13: 0000000000000000 R14: 00007f41863b6080 R15: 00007fff2cbe8758
[  872.761933][ T9766]  </TASK>
[  873.468622][ T9776] input: jJǸ���;9�%v����l��Q�	J86�� as /devices/virtual/input/input16
[  874.434816][ T9784] netlink: 28 bytes leftover after parsing attributes in process `syz.2.726'.

syzkaller
syzkaller login: [  881.967307][ T9839] tipc: Started in network mode
[  881.972309][ T9839] tipc: Node identity ee00, cluster identity 4711
[  882.045872][ T9839] tipc: Node number set to 60928
[  882.761751][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  882.768320][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  884.397283][ T9859] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input17
[  884.657130][ T9860] FAULT_INJECTION: forcing a failure.
[  884.657130][ T9860] name failslab, interval 1, probability 0, space 0, times 0
[  884.678084][ T9860] CPU: 0 UID: 0 PID: 9860 Comm: syz.0.739 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) 
[  884.678134][ T9860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  884.678153][ T9860] Call Trace:
[  884.678163][ T9860]  <TASK>
[  884.678172][ T9860]  dump_stack_lvl+0x16c/0x1f0
[  884.678220][ T9860]  should_fail_ex+0x512/0x640
[  884.678256][ T9860]  ? __kmalloc_noprof+0xbf/0x510
[  884.678296][ T9860]  ? ops_init+0x77/0x5f0
[  884.678320][ T9860]  should_failslab+0xc2/0x120
[  884.678343][ T9860]  __kmalloc_noprof+0xd2/0x510
[  884.678380][ T9860]  ? lockdep_init_map_type+0x5c/0x280
[  884.678424][ T9860]  ops_init+0x77/0x5f0
[  884.678449][ T9860]  setup_net+0x1ff/0x510
[  884.678470][ T9860]  ? lockdep_init_map_type+0x5c/0x280
[  884.678502][ T9860]  ? __pfx_setup_net+0x10/0x10
[  884.678526][ T9860]  ? debug_mutex_init+0x37/0x70
[  884.678553][ T9860]  copy_net_ns+0x2a6/0x5f0
[  884.678581][ T9860]  create_new_namespaces+0x3ea/0xa90
[  884.678614][ T9860]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  884.678642][ T9860]  ksys_unshare+0x45b/0xa40
[  884.678675][ T9860]  ? __pfx_ksys_unshare+0x10/0x10
[  884.678706][ T9860]  ? xfd_validate_state+0x61/0x180
[  884.678746][ T9860]  __x64_sys_unshare+0x31/0x40
[  884.678776][ T9860]  do_syscall_64+0xcd/0x490
[  884.678816][ T9860]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  884.678842][ T9860] RIP: 0033:0x7f418618e929
[  884.678861][ T9860] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  884.678884][ T9860] RSP: 002b:00007f418702c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  884.678906][ T9860] RAX: ffffffffffffffda RBX: 00007f41863b6080 RCX: 00007f418618e929
[  884.678921][ T9860] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  884.678935][ T9860] RBP: 00007f4186210b39 R08: 0000000000000000 R09: 0000000000000000
[  884.678950][ T9860] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  884.678964][ T9860] R13: 0000000000000000 R14: 00007f41863b6080 R15: 00007fff2cbe8758
[  884.678993][ T9860]  </TASK>
[  887.791798][ T9889] snd_aloop snd_aloop.0: control 16781581:65533:6:�'x?F���/��zF˷fC���:0 is already present
[  889.271481][ T9901] netlink: 4 bytes leftover after parsing attributes in process `syz.3.747'.
[  889.296960][ T9901] netlink: 354 bytes leftover after parsing attributes in process `syz.3.747'.
[  890.290697][ T9918] can: request_module (can-proto-3) failed.
[  893.027456][ T9923] FAULT_INJECTION: forcing a failure.
[  893.027456][ T9923] name failslab, interval 1, probability 0, space 0, times 0
[  893.062326][ T9923] CPU: 0 UID: 0 PID: 9923 Comm: syz.1.752 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) 
[  893.062371][ T9923] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  893.062389][ T9923] Call Trace:
[  893.062401][ T9923]  <TASK>
[  893.062413][ T9923]  dump_stack_lvl+0x16c/0x1f0
[  893.062472][ T9923]  should_fail_ex+0x512/0x640
[  893.062544][ T9923]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  893.062619][ T9923]  should_failslab+0xc2/0x120
[  893.062650][ T9923]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  893.062700][ T9923]  ? __kernfs_new_node+0xd2/0x8e0
[  893.062757][ T9923]  __kernfs_new_node+0xd2/0x8e0
[  893.062808][ T9923]  ? __pfx___kernfs_new_node+0x10/0x10
[  893.062865][ T9923]  ? find_held_lock+0x2b/0x80
[  893.062900][ T9923]  ? kernfs_root+0xee/0x2a0
[  893.062963][ T9923]  kernfs_new_node+0x13c/0x1e0
[  893.063026][ T9923]  __kernfs_create_file+0x53/0x350
[  893.063071][ T9923]  sysfs_add_file_mode_ns+0x207/0x3c0
[  893.063128][ T9923]  internal_create_group+0x578/0xf30
[  893.063187][ T9923]  ? __pfx_internal_create_group+0x10/0x10
[  893.063238][ T9923]  ? kernfs_create_link+0x1bd/0x240
[  893.063288][ T9923]  internal_create_groups+0x9d/0x150
[  893.063340][ T9923]  device_add+0x6d1/0x1a70
[  893.063380][ T9923]  ? __pfx_device_add+0x10/0x10
[  893.063417][ T9923]  ? lockdep_init_map_type+0x5c/0x280
[  893.063485][ T9923]  ? __init_waitqueue_head+0xca/0x150
[  893.063549][ T9923]  netdev_register_kobject+0x182/0x3a0
[  893.063589][ T9923]  register_netdevice+0x13dc/0x2270
[  893.063626][ T9923]  ? __pfx_register_netdevice+0x10/0x10
[  893.063664][ T9923]  __ip_tunnel_create+0x540/0x6e0
[  893.063703][ T9923]  ? __pfx___ip_tunnel_create+0x10/0x10
[  893.063746][ T9923]  ip_tunnel_init_net+0x22f/0x7d0
[  893.063787][ T9923]  ? __pfx_ip_tunnel_init_net+0x10/0x10
[  893.063829][ T9923]  ? trace_kmalloc+0x2b/0xd0
[  893.063856][ T9923]  ? __kmalloc_noprof+0x242/0x510
[  893.063903][ T9923]  ? __pfx_ipgre_tap_init_net+0x10/0x10
[  893.063930][ T9923]  ops_init+0x1e2/0x5f0
[  893.063961][ T9923]  setup_net+0x1ff/0x510
[  893.063986][ T9923]  ? lockdep_init_map_type+0x5c/0x280
[  893.064028][ T9923]  ? __pfx_setup_net+0x10/0x10
[  893.064059][ T9923]  ? debug_mutex_init+0x37/0x70
[  893.064091][ T9923]  copy_net_ns+0x2a6/0x5f0
[  893.064124][ T9923]  create_new_namespaces+0x3ea/0xa90
[  893.064163][ T9923]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  893.064249][ T9923]  ksys_unshare+0x45b/0xa40
[  893.064300][ T9923]  ? __pfx_ksys_unshare+0x10/0x10
[  893.064342][ T9923]  ? xfd_validate_state+0x61/0x180
[  893.064390][ T9923]  __x64_sys_unshare+0x31/0x40
[  893.064437][ T9923]  do_syscall_64+0xcd/0x490
[  893.064491][ T9923]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  893.064523][ T9923] RIP: 0033:0x7fb815f8e929
[  893.064549][ T9923] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  893.064579][ T9923] RSP: 002b:00007fb816d72038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  893.064613][ T9923] RAX: ffffffffffffffda RBX: 00007fb8161b5fa0 RCX: 00007fb815f8e929
[  893.064633][ T9923] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  893.064650][ T9923] RBP: 00007fb816010b39 R08: 0000000000000000 R09: 0000000000000000
[  893.064668][ T9923] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  893.064688][ T9923] R13: 0000000000000000 R14: 00007fb8161b5fa0 R15: 00007ffd334825a8
[  893.064724][ T9923]  </TASK>
[  899.051618][ T9980] snd_aloop snd_aloop.0: control 16781581:65533:6:�'x?F���/��zF˷fC���:0 is already present
[  903.168859][T10015] bridge0: port 3(batadv0) entered blocking state
[  903.180038][T10015] bridge0: port 3(batadv0) entered disabled state
[  903.209404][T10015] batadv0: entered allmulticast mode
[  903.301791][ T9056] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  903.311890][ T9056] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  903.336319][T10015] batadv0: entered promiscuous mode
[  903.389967][T10015] bridge0: port 3(batadv0) entered blocking state
[  903.396997][T10015] bridge0: port 3(batadv0) entered forwarding state
[  903.405943][T10007] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  907.405698][T10057] tipc: Started in network mode
[  907.421892][T10057] tipc: Node identity ee00, cluster identity 4711
[  907.430836][T10057] tipc: Node number set to 60928
[  907.761911][T10069] netlink: 4 bytes leftover after parsing attributes in process `syz.0.784'.
[  911.022988][T10097] netlink: 296 bytes leftover after parsing attributes in process `syz.0.782'.
[  911.242166][T10095] scsi_strcpy_devinfo: vendor string '��/&c��~n]	�|
[  911.242166][T10095] M�' is too long
[  911.302864][T10095] scsi_strcpy_devinfo: model string '�Dd5��K�2b�
[  911.302864][T10095] ���W����� ��' is too long
[  913.303497][T10117] netlink: 'syz.2.787': attribute type 2 has an invalid length.
[  920.968913][T10185] netlink: 4 bytes leftover after parsing attributes in process `syz.2.796'.
[  921.077956][T10183] netlink: 296 bytes leftover after parsing attributes in process `syz.1.807'.
[  923.541565][T10214] netlink: 4 bytes leftover after parsing attributes in process `syz.2.801'.
[  923.626838][T10212] ima: policy update failed
[  923.662895][   T30] audit: type=1802 audit(4294967705.282:10): pid=10212 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.801" res=0 errno=0
[  926.918727][T10248] netlink: 4 bytes leftover after parsing attributes in process `syz.0.812'.
[  927.146046][T10247] netlink: 25 bytes leftover after parsing attributes in process `syz.0.812'.
[  932.688107][T10308] netlink: 342 bytes leftover after parsing attributes in process `syz.1.822'.
[  932.844787][T10308] netlink: 102 bytes leftover after parsing attributes in process `syz.1.822'.
[  937.148247][T10342] Invalid ELF header magic: != ELF
[  941.662067][T10384] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  944.225169][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  944.245876][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  945.053548][T10425] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input18
[  945.255444][T10426] netlink: 'syz.1.844': attribute type 1 has an invalid length.
[  945.285590][T10426] netlink: 33 bytes leftover after parsing attributes in process `syz.1.844'.
[  949.662786][T10475] netlink: 504 bytes leftover after parsing attributes in process `syz.3.855'.
[  949.683554][T10475] netlink: 350 bytes leftover after parsing attributes in process `syz.3.855'.
[  956.249519][T10543] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[  961.982378][T10580] kafs: addr_prefs: Invalid Command
[  963.950513][ T7620] Bluetooth: hci1: unexpected event 0x3d length: 726 > 14
[  963.970205][T10607] can: request_module (can-proto-0) failed.
[  965.149977][T10631] FAULT_INJECTION: forcing a failure.
[  965.149977][T10631] name failslab, interval 1, probability 0, space 0, times 0
[  965.268809][T10631] CPU: 0 UID: 0 PID: 10631 Comm: syz.3.885 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) 
[  965.268857][T10631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  965.268876][T10631] Call Trace:
[  965.268886][T10631]  <TASK>
[  965.268907][T10631]  dump_stack_lvl+0x16c/0x1f0
[  965.268967][T10631]  should_fail_ex+0x512/0x640
[  965.269019][T10631]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  965.269069][T10631]  should_failslab+0xc2/0x120
[  965.269118][T10631]  __kmalloc_cache_noprof+0x6a/0x3e0
[  965.269172][T10631]  ? kernfs_fop_open+0xa3a/0xda0
[  965.269214][T10631]  kernfs_fop_open+0xa3a/0xda0
[  965.269251][T10631]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  965.269304][T10631]  do_dentry_open+0x741/0x1c10
[  965.269353][T10631]  ? __pfx_kernfs_fop_open+0x10/0x10
[  965.269395][T10631]  vfs_open+0x82/0x3f0
[  965.269430][T10631]  path_openat+0x1de4/0x2cb0
[  965.269488][T10631]  ? __pfx_path_openat+0x10/0x10
[  965.269536][T10631]  ? __lock_acquire+0xb8a/0x1c90
[  965.269586][T10631]  do_filp_open+0x20b/0x470
[  965.269636][T10631]  ? __pfx_do_filp_open+0x10/0x10
[  965.269715][T10631]  ? alloc_fd+0x471/0x7d0
[  965.269771][T10631]  do_sys_openat2+0x11b/0x1d0
[  965.269806][T10631]  ? __pfx_do_sys_openat2+0x10/0x10
[  965.269859][T10631]  __x64_sys_openat+0x174/0x210
[  965.269896][T10631]  ? __pfx___x64_sys_openat+0x10/0x10
[  965.269969][T10631]  do_syscall_64+0xcd/0x490
[  965.270025][T10631]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  965.270061][T10631] RIP: 0033:0x7f949038e929
[  965.270092][T10631] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  965.270126][T10631] RSP: 002b:00007f9491220038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  965.270170][T10631] RAX: ffffffffffffffda RBX: 00007f94905b5fa0 RCX: 00007f949038e929
[  965.270192][T10631] RDX: 0000000000001182 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  965.270214][T10631] RBP: 00007f9490410b39 R08: 0000000000000000 R09: 0000000000000000
[  965.270235][T10631] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  965.270255][T10631] R13: 0000000000000000 R14: 00007f94905b5fa0 R15: 00007ffc5b3f7c98
[  965.270298][T10631]  </TASK>
[  966.430156][T10636] netlink: 28 bytes leftover after parsing attributes in process `syz.1.886'.
[  966.451611][T10636] team_slave_0: entered allmulticast mode
[  968.982608][T10655] syz.3.891 (10655): attempted to duplicate a private mapping with mremap.  This is not supported.
[  971.977701][T10691] Console: switching to colour frame buffer device 128x48
[  971.991149][T10699] FAULT_INJECTION: forcing a failure.
[  971.991149][T10699] name failslab, interval 1, probability 0, space 0, times 0
[  971.991277][T10699] CPU: 1 UID: 0 PID: 10699 Comm: syz.2.899 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) 
[  971.991318][T10699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  971.991340][T10699] Call Trace:
[  971.991350][T10699]  <TASK>
[  971.991363][T10699]  dump_stack_lvl+0x16c/0x1f0
[  971.991426][T10699]  should_fail_ex+0x512/0x640
[  971.991473][T10699]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  971.991523][T10699]  should_failslab+0xc2/0x120
[  971.991563][T10699]  __kmalloc_cache_noprof+0x6a/0x3e0
[  971.991609][T10699]  ? cuse_channel_open+0x1de/0x7f0
[  971.991667][T10699]  cuse_channel_open+0x1de/0x7f0
[  971.991710][T10699]  ? __pfx_cuse_channel_open+0x10/0x10
[  971.991754][T10699]  misc_open+0x35d/0x420
[  971.991798][T10699]  ? __pfx_misc_open+0x10/0x10
[  971.991836][T10699]  chrdev_open+0x234/0x6a0
[  971.991885][T10699]  ? __pfx_apparmor_file_open+0x10/0x10
[  971.991926][T10699]  ? __pfx_chrdev_open+0x10/0x10
[  971.991977][T10699]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  971.992029][T10699]  do_dentry_open+0x741/0x1c10
[  971.992076][T10699]  ? __pfx_chrdev_open+0x10/0x10
[  971.992134][T10699]  vfs_open+0x82/0x3f0
[  971.992173][T10699]  path_openat+0x1de4/0x2cb0
[  971.992231][T10699]  ? __pfx_path_openat+0x10/0x10
[  971.992279][T10699]  ? __lock_acquire+0xb8a/0x1c90
[  971.992329][T10699]  do_filp_open+0x20b/0x470
[  971.992374][T10699]  ? __pfx_do_filp_open+0x10/0x10
[  971.992450][T10699]  ? alloc_fd+0x471/0x7d0
[  971.992504][T10699]  do_sys_openat2+0x11b/0x1d0
[  971.992544][T10699]  ? __pfx_do_sys_openat2+0x10/0x10
[  971.992597][T10699]  __x64_sys_openat+0x174/0x210
[  971.992633][T10699]  ? __pfx___x64_sys_openat+0x10/0x10
[  971.992688][T10699]  do_syscall_64+0xcd/0x490
[  971.992743][T10699]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  971.992777][T10699] RIP: 0033:0x7f50f4f8e929
[  971.992804][T10699] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  971.992837][T10699] RSP: 002b:00007f50f5e23038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  971.992867][T10699] RAX: ffffffffffffffda RBX: 00007f50f51b6080 RCX: 00007f50f4f8e929
[  971.992889][T10699] RDX: 00000000001c1041 RSI: 0000200000000140 RDI: ffffffffffffff9c
[  971.992910][T10699] RBP: 00007f50f5010b39 R08: 0000000000000000 R09: 0000000000000000
[  971.992931][T10699] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  971.992950][T10699] R13: 0000000000000000 R14: 00007f50f51b6080 R15: 00007fff0e56a108
[  971.992993][T10699]  </TASK>
[  972.132729][T10695] zswap: compressor  not available
[  973.974335][T10708] tty tty1: ldisc open failed (-12), clearing slot 0
[  975.052889][T10736] GUP no longer grows the stack in syz.1.902 (10736): 14000-401000 (4000)
[  975.170560][T10736] CPU: 0 UID: 0 PID: 10736 Comm: syz.1.902 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) 
[  975.170620][T10736] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  975.170639][T10736] Call Trace:
[  975.170649][T10736]  <TASK>
[  975.170660][T10736]  dump_stack_lvl+0x16c/0x1f0
[  975.170716][T10736]  gup_vma_lookup+0x1d2/0x220
[  975.170757][T10736]  __get_user_pages+0x271/0x3b80
[  975.170804][T10736]  ? process_vm_rw_core.constprop.0+0x1d8/0x9a0
[  975.170858][T10736]  ? kasan_save_stack+0x42/0x60
[  975.170907][T10736]  ? __pfx___get_user_pages+0x10/0x10
[  975.170942][T10736]  ? register_lock_class+0x41/0x4c0
[  975.170986][T10736]  ? __x64_sys_process_vm_readv+0xe2/0x1c0
[  975.171039][T10736]  ? do_syscall_64+0xcd/0x490
[  975.171098][T10736]  __gup_longterm_locked+0x20d/0x1850
[  975.171139][T10736]  ? __lock_acquire+0xb8a/0x1c90
[  975.171185][T10736]  ? __pfx___gup_longterm_locked+0x10/0x10
[  975.171244][T10736]  pin_user_pages_remote+0xed/0x140
[  975.171297][T10736]  ? __pfx_pin_user_pages_remote+0x10/0x10
[  975.171337][T10736]  ? mm_access+0x22d/0x2e0
[  975.171392][T10736]  process_vm_rw_core.constprop.0+0x41b/0x9a0
[  975.171465][T10736]  ? __pfx_process_vm_rw_core.constprop.0+0x10/0x10
[  975.171524][T10736]  ? iovec_from_user+0xbb/0x140
[  975.171598][T10736]  ? iovec_from_user+0xbb/0x140
[  975.171672][T10736]  process_vm_rw+0x216/0x2c0
[  975.171731][T10736]  ? __pfx_process_vm_rw+0x10/0x10
[  975.171781][T10736]  ? __pfx_futex_wake+0x10/0x10
[  975.171839][T10736]  ? task_mm_cid_work+0x6b9/0x910
[  975.171907][T10736]  ? xfd_validate_state+0x61/0x180
[  975.171947][T10736]  ? __task_pid_nr_ns+0x17c/0x500
[  975.171994][T10736]  __x64_sys_process_vm_readv+0xe2/0x1c0
[  975.172046][T10736]  ? do_syscall_64+0x91/0x490
[  975.172093][T10736]  ? lockdep_hardirqs_on+0x7c/0x110
[  975.172139][T10736]  do_syscall_64+0xcd/0x490
[  975.172190][T10736]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  975.172223][T10736] RIP: 0033:0x7fb815f8e929
[  975.172257][T10736] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  975.172292][T10736] RSP: 002b:00007fb816d30038 EFLAGS: 00000246 ORIG_RAX: 0000000000000136
[  975.172321][T10736] RAX: ffffffffffffffda RBX: 00007fb8161b6160 RCX: 00007fb815f8e929
[  975.172341][T10736] RDX: 0000000000000004 RSI: 0000200000000040 RDI: 000000000000044e
[  975.172359][T10736] RBP: 00007fb816010b39 R08: 0000000000000003 R09: 0000000000000000
[  975.172385][T10736] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000000
[  975.172404][T10736] R13: 0000000000000000 R14: 00007fb8161b6160 R15: 00007ffd334825a8
[  975.172439][T10736]  </TASK>
[  975.438728][    C0] vkms_vblank_simulate: vblank timer overrun
[  978.702273][T10778] Bluetooth: hci2: unexpected event 0x3d length: 726 > 14
[  979.380566][T10762] random: crng reseeded on system resumption
[  980.116440][T10797] FAULT_INJECTION: forcing a failure.
[  980.116440][T10797] name failslab, interval 1, probability 0, space 0, times 0
[  980.156831][T10797] CPU: 0 UID: 0 PID: 10797 Comm: syz.2.914 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) 
[  980.156883][T10797] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  980.156903][T10797] Call Trace:
[  980.156916][T10797]  <TASK>
[  980.156928][T10797]  dump_stack_lvl+0x16c/0x1f0
[  980.156993][T10797]  should_fail_ex+0x512/0x640
[  980.157041][T10797]  ? __kmalloc_noprof+0xbf/0x510
[  980.157092][T10797]  ? mpi_alloc_limb_space+0x31/0x60
[  980.157136][T10797]  should_failslab+0xc2/0x120
[  980.157185][T10797]  __kmalloc_noprof+0xd2/0x510
[  980.157248][T10797]  mpi_alloc_limb_space+0x31/0x60
[  980.157285][T10797]  mpi_powm+0xff7/0x1bf0
[  980.157343][T10797]  ? __pfx_mpi_powm+0x10/0x10
[  980.157381][T10797]  ? kfree+0x2b4/0x4d0
[  980.157419][T10797]  ? __phys_addr+0xe8/0x180
[  980.157462][T10797]  ? mpi_free+0xe1/0x160
[  980.157504][T10797]  rsa_enc+0x1fe/0x3b0
[  980.157557][T10797]  ? __pfx_rsa_enc+0x10/0x10
[  980.157605][T10797]  ? __virt_addr_valid+0x81/0x610
[  980.157636][T10797]  ? __phys_addr+0xe8/0x180
[  980.157676][T10797]  ? sg_init_one+0xf5/0x1b0
[  980.157721][T10797]  rsassa_pkcs1_verify+0x4ff/0xb60
[  980.157772][T10797]  ? __pfx_rsassa_pkcs1_verify+0x10/0x10
[  980.157830][T10797]  ? rsa_max_size+0xd/0x70
[  980.157876][T10797]  ? rsassa_pkcs1_set_pub_key+0x17d/0x1f0
[  980.157917][T10797]  public_key_verify_signature+0x66f/0x970
[  980.157967][T10797]  ? __pfx_public_key_verify_signature+0x10/0x10
[  980.158039][T10797]  ? __pfx_public_key_verify_signature_2+0x10/0x10
[  980.158083][T10797]  verify_signature+0xe2/0x130
[  980.158120][T10797]  pkcs7_validate_trust+0x220/0x7e0
[  980.158176][T10797]  verify_pkcs7_message_sig+0x12c/0x250
[  980.158216][T10797]  ? __pfx_verify_pkcs7_message_sig+0x10/0x10
[  980.158251][T10797]  ? kfree+0x2b4/0x4d0
[  980.158287][T10797]  ? public_key_signature_free+0xda/0x110
[  980.158325][T10797]  ? pkcs7_parse_message+0x531/0x720
[  980.158390][T10797]  ? pkcs7_parse_message+0x536/0x720
[  980.158438][T10797]  verify_pkcs7_signature+0x6d/0xa0
[  980.158476][T10797]  valid_regdb+0x215/0x590
[  980.158515][T10797]  ? __pfx___mutex_lock+0x10/0x10
[  980.158568][T10797]  ? __pfx_valid_regdb+0x10/0x10
[  980.158613][T10797]  reg_reload_regdb+0x11e/0x460
[  980.158676][T10797]  ? __pfx_reg_reload_regdb+0x10/0x10
[  980.158719][T10797]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  980.158772][T10797]  ? nl80211_pre_doit+0x1b0/0xb10
[  980.158829][T10797]  genl_family_rcv_msg_doit+0x206/0x2f0
[  980.158879][T10797]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  980.158919][T10797]  ? rcu_is_watching+0x12/0xc0
[  980.158965][T10797]  ? bpf_lsm_capable+0x9/0x10
[  980.159005][T10797]  ? security_capable+0x7e/0x260
[  980.159067][T10797]  genl_rcv_msg+0x55c/0x800
[  980.159113][T10797]  ? __pfx_genl_rcv_msg+0x10/0x10
[  980.159154][T10797]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  980.159234][T10797]  ? __pfx_nl80211_reload_regdb+0x10/0x10
[  980.159289][T10797]  ? __pfx_nl80211_post_doit+0x10/0x10
[  980.159355][T10797]  netlink_rcv_skb+0x155/0x420
[  980.159391][T10797]  ? __pfx_genl_rcv_msg+0x10/0x10
[  980.159435][T10797]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  980.159489][T10797]  ? netlink_deliver_tap+0x1ae/0xd30
[  980.159528][T10797]  genl_rcv+0x28/0x40
[  980.159563][T10797]  netlink_unicast+0x53a/0x7f0
[  980.159604][T10797]  ? __pfx_netlink_unicast+0x10/0x10
[  980.159652][T10797]  netlink_sendmsg+0x8d1/0xdd0
[  980.159703][T10797]  ? __pfx_netlink_sendmsg+0x10/0x10
[  980.159757][T10797]  ____sys_sendmsg+0xa95/0xc70
[  980.159800][T10797]  ? copy_msghdr_from_user+0x10a/0x160
[  980.159854][T10797]  ? __pfx_____sys_sendmsg+0x10/0x10
[  980.159902][T10797]  ? __pfx_futex_wake_mark+0x10/0x10
[  980.159958][T10797]  ___sys_sendmsg+0x134/0x1d0
[  980.160010][T10797]  ? __pfx____sys_sendmsg+0x10/0x10
[  980.160056][T10797]  ? __lock_acquire+0x622/0x1c90
[  980.160154][T10797]  __sys_sendmsg+0x16d/0x220
[  980.160202][T10797]  ? __pfx___sys_sendmsg+0x10/0x10
[  980.160250][T10797]  ? __x64_sys_futex+0x1e0/0x4c0
[  980.160313][T10797]  do_syscall_64+0xcd/0x490
[  980.160380][T10797]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  980.160412][T10797] RIP: 0033:0x7f50f4f8e929
[  980.160465][T10797] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  980.160498][T10797] RSP: 002b:00007f50f5e44038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  980.160530][T10797] RAX: ffffffffffffffda RBX: 00007f50f51b5fa0 RCX: 00007f50f4f8e929
[  980.160550][T10797] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000008
[  980.160569][T10797] RBP: 00007f50f5010b39 R08: 0000000000000000 R09: 0000000000000000
[  980.160588][T10797] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  980.160606][T10797] R13: 0000000000000000 R14: 00007f50f51b5fa0 R15: 00007fff0e56a108
[  980.160644][T10797]  </TASK>
[  981.192991][T10811] sd 0:0:1:0: PR command failed: 1026
[  981.211027][T10811] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  981.237917][T10811] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  982.148113][T10812] hub 8-0:1.0: USB hub found
[  982.156178][T10812] hub 8-0:1.0: 1 port detected
[  982.270053][T10814] WARNING! power/level is deprecated; use power/control instead
[  984.221643][T10824] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  984.259186][T10824] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  984.288973][T10824] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  984.303450][T10824] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  984.512527][T10829] random: crng reseeded on system resumption
[  985.421543][T10851] FAULT_INJECTION: forcing a failure.
[  985.421543][T10851] name fail_futex, interval 1, probability 0, space 0, times 0
[  985.555499][T10851] CPU: 0 UID: 0 PID: 10851 Comm: syz.1.926 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) 
[  985.555536][T10851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  985.555551][T10851] Call Trace:
[  985.555559][T10851]  <TASK>
[  985.555568][T10851]  dump_stack_lvl+0x16c/0x1f0
[  985.555616][T10851]  should_fail_ex+0x512/0x640
[  985.555657][T10851]  get_futex_key+0x1d0/0x1540
[  985.555690][T10851]  ? __pfx_get_futex_key+0x10/0x10
[  985.555719][T10851]  ? import_iovec+0x86/0xb0
[  985.555762][T10851]  futex_wake+0xea/0x530
[  985.555798][T10851]  ? __pfx_futex_wake+0x10/0x10
[  985.555830][T10851]  ? __pfx_vfs_writev+0x10/0x10
[  985.555866][T10851]  ? do_writev+0x218/0x340
[  985.555901][T10851]  do_futex+0x1e3/0x350
[  985.555930][T10851]  ? __pfx_do_futex+0x10/0x10
[  985.555956][T10851]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  985.556003][T10851]  __x64_sys_futex+0x1e0/0x4c0
[  985.556033][T10851]  ? fput+0x70/0xf0
[  985.556054][T10851]  ? __pfx___x64_sys_futex+0x10/0x10
[  985.556083][T10851]  ? __pfx_do_writev+0x10/0x10
[  985.556124][T10851]  do_syscall_64+0xcd/0x490
[  985.556162][T10851]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  985.556186][T10851] RIP: 0033:0x7fb815f8e929
[  985.556204][T10851] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  985.556226][T10851] RSP: 002b:00007fb816d720e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  985.556248][T10851] RAX: ffffffffffffffda RBX: 00007fb8161b5fa8 RCX: 00007fb815f8e929
[  985.556263][T10851] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fb8161b5fac
[  985.556277][T10851] RBP: 00007fb8161b5fa0 R08: 00007fb816d73000 R09: 0000000000000000
[  985.556290][T10851] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007fb8161b5fac
[  985.556305][T10851] R13: 0000000000000000 R14: 00007ffd334824c0 R15: 00007ffd334825a8
[  985.556332][T10851]  </TASK>
[  985.990836][T10778] Bluetooth: hci1: command 0x0c1a tx timeout
[  986.322881][T10778] Bluetooth: hci3: command 0x0c1a tx timeout
[  986.329091][T10778] Bluetooth: hci0: command 0x0c1a tx timeout
[  986.335418][T10778] Bluetooth: hci2: command 0x0c1a tx timeout
[  993.198698][T10934] vcan0: tx drop: invalid sa for name 0x00000000000000fd
[  993.450548][T10943] FAULT_INJECTION: forcing a failure.
[  993.450548][T10943] name failslab, interval 1, probability 0, space 0, times 0
[  993.490423][T10943] CPU: 0 UID: 0 PID: 10943 Comm: syz.3.943 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) 
[  993.490465][T10943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  993.490480][T10943] Call Trace:
[  993.490488][T10943]  <TASK>
[  993.490498][T10943]  dump_stack_lvl+0x16c/0x1f0
[  993.490546][T10943]  should_fail_ex+0x512/0x640
[  993.490583][T10943]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  993.490624][T10943]  should_failslab+0xc2/0x120
[  993.490655][T10943]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  993.490693][T10943]  ? getname_flags.part.0+0x4c/0x550
[  993.490726][T10943]  getname_flags.part.0+0x4c/0x550
[  993.490757][T10943]  getname_flags+0x93/0xf0
[  993.490789][T10943]  do_sys_openat2+0xb8/0x1d0
[  993.490816][T10943]  ? __pfx_do_sys_openat2+0x10/0x10
[  993.490855][T10943]  ? __sys_sendmsg+0x18c/0x220
[  993.490900][T10943]  __x64_sys_openat+0x174/0x210
[  993.490926][T10943]  ? __pfx___x64_sys_openat+0x10/0x10
[  993.490963][T10943]  do_syscall_64+0xcd/0x490
[  993.491005][T10943]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  993.491030][T10943] RIP: 0033:0x7f949038e929
[  993.491059][T10943] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  993.491082][T10943] RSP: 002b:00007f9491220038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  993.491105][T10943] RAX: ffffffffffffffda RBX: 00007f94905b5fa0 RCX: 00007f949038e929
[  993.491121][T10943] RDX: 0000000000000002 RSI: 0000200000000280 RDI: ffffffffffffff9c
[  993.491137][T10943] RBP: 00007f9490410b39 R08: 0000000000000000 R09: 0000000000000000
[  993.491151][T10943] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  993.491165][T10943] R13: 0000000000000000 R14: 00007f94905b5fa0 R15: 00007ffc5b3f7c98
[  993.491196][T10943]  </TASK>
[  998.714487][T10986] netlink: 28 bytes leftover after parsing attributes in process `syz.1.949'.
[ 1000.814467][   T30] audit: type=1804 audit(4294967782.399:11): pid=11033 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.958" name="/newroot/238/file0" dev="tmpfs" ino=1279 res=1 errno=0
[ 1000.846500][   T30] audit: type=1800 audit(4294967782.399:12): pid=11033 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.958" name="file0" dev="tmpfs" ino=1279 res=0 errno=0
[ 1002.434640][T11049] FAULT_INJECTION: forcing a failure.
[ 1002.434640][T11049] name failslab, interval 1, probability 0, space 0, times 0
[ 1002.484019][T11049] CPU: 0 UID: 0 PID: 11049 Comm: syz.2.962 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) 
[ 1002.484075][T11049] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1002.484097][T11049] Call Trace:
[ 1002.484109][T11049]  <TASK>
[ 1002.484122][T11049]  dump_stack_lvl+0x16c/0x1f0
[ 1002.484184][T11049]  should_fail_ex+0x512/0x640
[ 1002.484234][T11049]  ? __kmalloc_noprof+0xbf/0x510
[ 1002.484289][T11049]  ? constrain_params_by_rules+0x175/0xca0
[ 1002.484330][T11049]  should_failslab+0xc2/0x120
[ 1002.484361][T11049]  __kmalloc_noprof+0xd2/0x510
[ 1002.484421][T11049]  ? kasan_quarantine_put+0x10a/0x240
[ 1002.484469][T11049]  ? constrain_params_by_rules+0xa09/0xca0
[ 1002.484510][T11049]  constrain_params_by_rules+0x175/0xca0
[ 1002.484562][T11049]  ? __pfx_constrain_params_by_rules+0x10/0x10
[ 1002.484614][T11049]  ? __pfx_constrain_params_by_rules+0x10/0x10
[ 1002.484660][T11049]  ? __mutex_trylock_common+0xe9/0x250
[ 1002.484708][T11049]  ? snd_interval_refine+0x2fa/0x580
[ 1002.484754][T11049]  snd_pcm_hw_refine+0x7de/0xad0
[ 1002.484793][T11049]  ? __pfx_snd_pcm_hw_refine+0x10/0x10
[ 1002.484832][T11049]  ? __pfx_snd_pcm_hw_refine+0x10/0x10
[ 1002.484872][T11049]  ? snd_pcm_hw_param_value+0x266/0x5b0
[ 1002.484906][T11049]  snd_pcm_hw_param_first+0x334/0x6f0
[ 1002.484944][T11049]  snd_pcm_hw_params+0x5ad/0x1b40
[ 1002.484987][T11049]  ? __pfx_snd_pcm_hw_params+0x10/0x10
[ 1002.485024][T11049]  ? snd_pcm_hw_param_near.constprop.0+0x734/0x8e0
[ 1002.485062][T11049]  ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10
[ 1002.485095][T11049]  ? __asan_memset+0x23/0x50
[ 1002.485135][T11049]  snd_pcm_kernel_ioctl+0x147/0x2e0
[ 1002.485177][T11049]  snd_pcm_oss_change_params_locked+0x1432/0x3a30
[ 1002.485234][T11049]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[ 1002.485307][T11049]  snd_pcm_oss_get_active_substream+0x168/0x1d0
[ 1002.485364][T11049]  snd_pcm_oss_ioctl+0x21e9/0x37a0
[ 1002.485420][T11049]  ? hook_file_ioctl_common+0x145/0x410
[ 1002.485458][T11049]  ? __pfx_snd_pcm_oss_ioctl+0x10/0x10
[ 1002.485498][T11049]  ? __fget_files+0x20e/0x3c0
[ 1002.485546][T11049]  ? __pfx_snd_pcm_oss_ioctl+0x10/0x10
[ 1002.485584][T11049]  __x64_sys_ioctl+0x18e/0x210
[ 1002.485643][T11049]  do_syscall_64+0xcd/0x490
[ 1002.485703][T11049]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1002.485737][T11049] RIP: 0033:0x7f50f4f8e929
[ 1002.485765][T11049] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1002.485797][T11049] RSP: 002b:00007f50f5e23038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1002.485827][T11049] RAX: ffffffffffffffda RBX: 00007f50f51b6080 RCX: 00007f50f4f8e929
[ 1002.485847][T11049] RDX: 0000000000000000 RSI: 00000000c0045002 RDI: 0000000000000008
[ 1002.485864][T11049] RBP: 00007f50f5010b39 R08: 0000000000000000 R09: 0000000000000000
[ 1002.485883][T11049] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1002.485902][T11049] R13: 0000000000000000 R14: 00007f50f51b6080 R15: 00007fff0e56a108
[ 1002.485939][T11049]  </TASK>
[ 1005.741036][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[ 1005.750460][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[ 1012.157586][T11156] netlink: 4 bytes leftover after parsing attributes in process `syz.0.980'.
[ 1012.240008][T11156] netlink: 354 bytes leftover after parsing attributes in process `syz.0.980'.

syzkaller
syzkaller login: [ 1017.604000][T11199] random: crng reseeded on system resumption
[ 1019.839491][T11239] [U]  
[ 1019.842770][T11239] [U] 
[ 1019.845483][T11239] [U] 
[ 1019.848208][T11239] [U] 
[ 1019.886882][T11239] [U] 
[ 1019.889672][T11239] [U] 
[ 1019.892479][T11239] [U] 
[ 1019.895241][T11239] [U] 
[ 1019.945335][T11239] [U] 
[ 1019.948115][T11239] [U] 
[ 1019.950846][T11239] [U] 
[ 1019.953565][T11239] [U] 
[ 1020.014514][T11239] [U] 
[ 1020.017336][T11239] [U] 
[ 1020.020125][T11239] [U] 
[ 1020.022987][T11239] [U] 
[ 1020.083926][T11239] [U] 
[ 1020.086853][T11239] [U] 
[ 1020.089596][T11239] [U] 
[ 1020.092315][T11239] [U] 
[ 1020.150465][T11239] [U] 
[ 1020.153269][T11239] [U] 
[ 1020.156005][T11239] [U] 
[ 1020.158721][T11239] [U] 
[ 1020.203676][T11239] [U] 
[ 1020.206499][T11239] [U] 
[ 1020.209268][T11239] [U] 
[ 1020.212040][T11239] [U] 
[ 1020.220828][T11239] [U] 
[ 1020.223629][T11239] [U] 
[ 1020.226418][T11239] [U] 
[ 1020.229189][T11239] [U] 
[ 1020.235431][T11239] [U] 
[ 1020.238220][T11239] [U] 
[ 1020.240992][T11239] [U] 
[ 1020.243842][T11239] [U] 
[ 1020.249104][T11239] [U] 
[ 1020.251895][T11239] [U] 
[ 1020.254638][T11239] [U] 
[ 1020.257377][T11239] [U] 
[ 1020.409040][T11239] [U] 
[ 1020.411840][T11239] [U] 
[ 1020.414671][T11239] [U] 
[ 1020.417399][T11239] [U] 
[ 1020.544727][T11239] [U] 
[ 1030.187027][T11365] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1030.211029][T11365] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1030.288655][T11365] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1030.300582][T11365] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1031.512492][T10747] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1032.230653][T10747] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1032.310536][T10747] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1032.316741][T10747] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1034.872225][T11431] Invalid ELF header magic: != ELF
[ 1034.941131][T11433] netlink: 'syz.1.1036': attribute type 2 has an invalid length.
[ 1036.127695][T11451] FAULT_INJECTION: forcing a failure.
[ 1036.127695][T11451] name failslab, interval 1, probability 0, space 0, times 0
[ 1036.141169][T11451] CPU: 1 UID: 0 PID: 11451 Comm: syz.3.1040 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) 
[ 1036.141213][T11451] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1036.141233][T11451] Call Trace:
[ 1036.141245][T11451]  <TASK>
[ 1036.141257][T11451]  dump_stack_lvl+0x16c/0x1f0
[ 1036.141323][T11451]  should_fail_ex+0x512/0x640
[ 1036.141372][T11451]  ? __kmalloc_cache_noprof+0x57/0x3e0
[ 1036.141421][T11451]  should_failslab+0xc2/0x120
[ 1036.141452][T11451]  __kmalloc_cache_noprof+0x6a/0x3e0
[ 1036.141496][T11451]  ? netdev_create_hash+0x3c/0xc0
[ 1036.141537][T11451]  ? __pfx_netdev_init+0x10/0x10
[ 1036.141571][T11451]  netdev_create_hash+0x3c/0xc0
[ 1036.141605][T11451]  ? __pfx_netdev_init+0x10/0x10
[ 1036.141637][T11451]  netdev_init+0x70/0x230
[ 1036.141673][T11451]  ops_init+0x1e2/0x5f0
[ 1036.141705][T11451]  setup_net+0x1ff/0x510
[ 1036.141732][T11451]  ? lockdep_init_map_type+0x5c/0x280
[ 1036.141777][T11451]  ? __pfx_setup_net+0x10/0x10
[ 1036.141808][T11451]  ? debug_mutex_init+0x37/0x70
[ 1036.141843][T11451]  copy_net_ns+0x2a6/0x5f0
[ 1036.141879][T11451]  create_new_namespaces+0x3ea/0xa90
[ 1036.141937][T11451]  unshare_nsproxy_namespaces+0xc0/0x1f0
[ 1036.141978][T11451]  ksys_unshare+0x45b/0xa40
[ 1036.142023][T11451]  ? __pfx_ksys_unshare+0x10/0x10
[ 1036.142068][T11451]  ? xfd_validate_state+0x61/0x180
[ 1036.142120][T11451]  __x64_sys_unshare+0x31/0x40
[ 1036.142159][T11451]  do_syscall_64+0xcd/0x490
[ 1036.142211][T11451]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1036.142244][T11451] RIP: 0033:0x7f949038e929
[ 1036.142269][T11451] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1036.142300][T11451] RSP: 002b:00007f94911ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[ 1036.142343][T11451] RAX: ffffffffffffffda RBX: 00007f94905b6080 RCX: 00007f949038e929
[ 1036.142364][T11451] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[ 1036.142384][T11451] RBP: 00007f9490410b39 R08: 0000000000000000 R09: 0000000000000000
[ 1036.142402][T11451] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1036.142422][T11451] R13: 0000000000000000 R14: 00007f94905b6080 R15: 00007ffc5b3f7c98
[ 1036.142462][T11451]  </TASK>
[ 1037.072081][T11458] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input19
[ 1040.645331][T11496] ima: policy update failed
[ 1040.661546][T11496] netlink: 25 bytes leftover after parsing attributes in process `syz.2.1047'.
[ 1040.680266][   T30] audit: type=1802 audit(4294967822.249:13): pid=11496 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.1047" res=0 errno=0
[ 1042.634038][T11515] Invalid ELF header magic: != ELF
[ 1054.820265][T11395] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1054.832448][T11395] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1054.843626][T11395] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1054.860074][T11395] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1054.870188][T11395] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1056.003912][T11543] chnl_net:caif_netlink_parms(): no params data found
[ 1056.326113][T11543] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1056.348678][T11543] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1056.361921][T11543] bridge_slave_0: entered allmulticast mode
[ 1056.386642][T11543] bridge_slave_0: entered promiscuous mode
[ 1056.401601][T11543] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1056.409232][T11543] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1056.421286][T11543] bridge_slave_1: entered allmulticast mode
[ 1056.433621][T11543] bridge_slave_1: entered promiscuous mode
[ 1056.538164][T11543] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1056.587193][T11543] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1056.706113][T11543] team0: Port device team_slave_0 added
[ 1056.729877][T11543] team0: Port device team_slave_1 added
[ 1056.734153][T11565] Invalid ELF header magic: != ELF
[ 1056.857376][T11543] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1056.877039][T11543] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1056.907546][T11543] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1056.942416][T11543] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1056.971556][T11543] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1056.997887][T11543] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1057.038955][T10747] Bluetooth: hci4: command tx timeout
[ 1057.432157][T11543] hsr_slave_0: entered promiscuous mode
[ 1057.439433][T11543] hsr_slave_1: entered promiscuous mode
[ 1058.164590][T11543] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1058.203820][T11543] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1058.229470][T11543] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1058.260400][T11543] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1058.389763][T11543] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1058.419002][T11543] 8021q: adding VLAN 0 to HW filter on device team0
[ 1058.434551][T10924] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1058.442006][T10924] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1058.460804][T10789] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1058.467974][T10789] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1058.751739][T11543] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1059.090075][T11543] veth0_vlan: entered promiscuous mode
[ 1059.104640][T11543] veth1_vlan: entered promiscuous mode
[ 1059.110802][T10747] Bluetooth: hci4: command tx timeout
[ 1059.146839][T11543] veth0_macvtap: entered promiscuous mode
[ 1059.158025][T11543] veth1_macvtap: entered promiscuous mode
[ 1059.182645][T11543] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1059.204567][T11543] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1059.220028][T11543] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1059.229421][T11543] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1059.238669][T11543] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1059.247923][T11543] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1059.343053][T10748] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1059.356568][T10748] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1059.397728][T10757] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1059.408389][T10757] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1061.207686][T10747] Bluetooth: hci4: command tx timeout
[ 1063.274284][T10747] Bluetooth: hci4: command tx timeout
[ 1067.124972][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[ 1067.131568][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[ 1068.912581][T11704] Invalid ELF header magic: != ELF
[ 1071.048506][T11708] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[ 1077.108530][T11774] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[ 1082.063258][T11395] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1082.094684][T11395] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1082.110625][T11395] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1082.130551][T11395] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1082.139894][T11395] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1083.429431][T11824] chnl_net:caif_netlink_parms(): no params data found
[ 1083.633852][T11824] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1083.665663][T11824] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1083.720118][T11824] bridge_slave_0: entered allmulticast mode
[ 1083.764627][T11824] bridge_slave_0: entered promiscuous mode
[ 1083.867582][T11824] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1083.879909][T11824] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1083.910893][T11824] bridge_slave_1: entered allmulticast mode
[ 1083.923047][T11824] bridge_slave_1: entered promiscuous mode
[ 1084.005111][T11824] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1084.036875][T11824] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1084.177396][T11824] team0: Port device team_slave_0 added
[ 1084.191735][T11824] team0: Port device team_slave_1 added
[ 1084.231027][T11395] Bluetooth: hci5: command tx timeout
[ 1084.256739][T11824] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1084.264419][T11824] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1084.307749][T11824] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1084.343129][T11824] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1084.350681][T11824] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1084.380594][T11824] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1084.472931][T11824] hsr_slave_0: entered promiscuous mode
[ 1084.491170][T11824] hsr_slave_1: entered promiscuous mode
[ 1084.534922][T11824] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1084.543114][T11824] Cannot create hsr debugfs directory
[ 1085.395354][T11824] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1085.481122][T11824] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1085.558622][T11824] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1085.587745][T11824] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1086.320478][T11395] Bluetooth: hci5: command tx timeout
[ 1087.092435][T11824] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1087.135741][T11824] 8021q: adding VLAN 0 to HW filter on device team0
[ 1087.162519][T10772] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1087.169707][T10772] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1087.213082][T10772] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1087.220446][T10772] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1088.391217][T11395] Bluetooth: hci5: command tx timeout
[ 1088.468011][T11824] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1089.377723][T11824] veth0_vlan: entered promiscuous mode
[ 1089.415164][T11824] veth1_vlan: entered promiscuous mode
[ 1089.453247][T11824] veth0_macvtap: entered promiscuous mode
[ 1089.466221][T11824] veth1_macvtap: entered promiscuous mode
[ 1089.524070][T11824] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1089.552036][T11824] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1089.569155][T11824] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1089.578237][T11824] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1089.587548][T11824] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1089.597379][T11824] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1089.700032][T10748] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1089.715072][T10748] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1089.753703][T10924] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1089.770351][T10924] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1090.470649][T11395] Bluetooth: hci5: command tx timeout
[ 1092.171629][T11939] bond0: option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0)
[ 1099.569078][T12000] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[ 1100.805625][T12041] can: request_module (can-proto-0) failed.
[ 1107.220388][T12110] can: request_module (can-proto-0) failed.
[ 1107.421569][T12102] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[ 1112.063928][T12165] bond0: option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0)
[ 1121.826971][T10747] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1121.850534][T10747] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1121.860946][T10747] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1121.869534][T10747] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1121.877914][T10747] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1123.148502][T12248] chnl_net:caif_netlink_parms(): no params data found
[ 1123.238915][T12253] can: request_module (can-proto-0) failed.
[ 1123.746389][T12248] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1123.805844][T12248] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1123.824468][T12248] bridge_slave_0: entered allmulticast mode
[ 1123.863295][T12248] bridge_slave_0: entered promiscuous mode
[ 1123.991111][T11395] Bluetooth: hci6: command tx timeout
[ 1124.047937][T12248] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1124.078339][T12248] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1124.103788][T12248] bridge_slave_1: entered allmulticast mode
[ 1124.181411][T12248] bridge_slave_1: entered promiscuous mode
[ 1124.838156][T12248] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1125.220101][T12248] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1125.672001][T12248] team0: Port device team_slave_0 added
[ 1125.715865][T12248] team0: Port device team_slave_1 added
[ 1126.070572][T11395] Bluetooth: hci6: command tx timeout
[ 1126.217564][T12248] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1126.233288][T12248] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1126.329997][T12248] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1126.462548][T12248] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1126.470119][T12248] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1126.640373][T12248] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1127.078087][T12248] hsr_slave_0: entered promiscuous mode
[ 1127.092276][T12248] hsr_slave_1: entered promiscuous mode
[ 1127.119874][T12248] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1127.140093][T12248] Cannot create hsr debugfs directory
[ 1128.053617][T12248] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 1128.069334][T12248] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 1128.087121][T12248] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 1128.116317][T12248] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 1128.160345][T11395] Bluetooth: hci6: command tx timeout
[ 1128.346534][T12248] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1128.389935][T12248] 8021q: adding VLAN 0 to HW filter on device team0
[ 1128.418290][T10772] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1128.425649][T10772] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1128.461232][T10772] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1128.468454][T10772] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1128.566022][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[ 1128.572580][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[ 1129.059524][T12248] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1129.419749][T12248] veth0_vlan: entered promiscuous mode
[ 1129.434758][T12248] veth1_vlan: entered promiscuous mode
[ 1129.476266][T12248] veth0_macvtap: entered promiscuous mode
[ 1129.486077][T12248] veth1_macvtap: entered promiscuous mode
[ 1129.508207][T12248] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1129.522304][T12248] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1129.543344][T12248] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1129.552607][T12248] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1129.562026][T12248] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1129.571649][T12248] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1129.669486][T11007] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1129.689802][T11007] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1129.733803][T10757] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1129.747189][T10757] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1130.230839][T11395] Bluetooth: hci6: command tx timeout
[ 1133.255292][T12345] loop6: detected capacity change from 0 to 8192
[ 1137.438697][T12385] loop6: detected capacity change from 0 to 8192
[ 1139.876227][T12408] can: request_module (can-proto-0) failed.
[ 1139.882629][T12405] can: request_module (can-proto-0) failed.
[ 1148.391469][   T31] INFO: task kworker/u10:0:10746 blocked for more than 143 seconds.
[ 1148.399689][   T31]       Not tainted 6.16.0-rc3-syzkaller #0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1148.433862][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1148.442832][   T31] task:kworker/u10:0   state:D stack:26952 pid:10746 tgid:10746 ppid:2      task_flags:0x4208060 flags:0x00004000
[ 1148.455346][   T31] Workqueue: netns cleanup_net
[ 1148.460279][   T31] Call Trace:
[ 1148.471383][   T31]  <TASK>
[ 1148.474414][   T31]  __schedule+0x116a/0x5de0
[ 1148.479061][   T31]  ? __lock_acquire+0x622/0x1c90
[ 1148.550229][   T31]  ? __pfx___schedule+0x10/0x10
[ 1148.560655][   T31]  ? find_held_lock+0x2b/0x80
[ 1148.571634][   T31]  ? schedule+0x2d7/0x3a0
[ 1148.647606][   T31]  schedule+0xe7/0x3a0
[ 1148.660905][   T31]  schedule_timeout+0x257/0x290
[ 1148.694987][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[ 1148.710520][   T31]  ? mark_held_locks+0x49/0x80
[ 1148.736937][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1148.770140][   T31]  __wait_for_common+0x2ff/0x4e0
[ 1148.775564][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[ 1149.059721][   T31]  ? __pfx___wait_for_common+0x10/0x10
[ 1149.097429][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1149.123285][   T31]  ? flush_workqueue_prep_pwqs+0x2e9/0x510
[ 1149.143642][   T31]  __flush_workqueue+0x3e2/0x1230
[ 1149.148818][   T31]  ? tipc_group_delete+0x36b/0x490
[ 1149.194413][   T31]  ? __pfx___flush_workqueue+0x10/0x10
[ 1149.199950][   T31]  ? reacquire_held_locks+0xcd/0x1f0
[ 1149.272524][   T31]  ? __pfx_sock_def_readable+0x10/0x10
[ 1149.278163][   T31]  ? __pfx_sock_def_readable+0x10/0x10
[ 1149.360644][   T31]  rds_tcp_listen_stop+0x104/0x150
[ 1149.399079][   T31]  ? __pfx_rds_tcp_exit_net+0x10/0x10
[ 1149.447650][   T31]  rds_tcp_exit_net+0xcb/0x810
[ 1149.490485][   T31]  ? __pfx_rds_tcp_exit_net+0x10/0x10
[ 1149.498287][   T31]  ? __pfx___might_resched+0x10/0x10
[ 1149.587484][   T31]  ? __pfx_rds_tcp_exit_net+0x10/0x10
[ 1149.606704][   T31]  ops_undo_list+0x2ee/0xab0
[ 1149.680310][   T31]  ? __pfx_ops_undo_list+0x10/0x10
[ 1149.701304][   T31]  ? __local_bh_enable_ip+0xa4/0x120
[ 1149.730460][   T31]  cleanup_net+0x408/0x890
[ 1149.808242][   T31]  ? __pfx_cleanup_net+0x10/0x10
[ 1149.822433][   T31]  ? rcu_is_watching+0x12/0xc0
[ 1149.881027][   T31]  process_one_work+0x9cc/0x1b70
[ 1149.886212][   T31]  ? __pfx_batadv_nc_worker+0x10/0x10
[ 1149.930574][   T31]  ? __pfx_process_one_work+0x10/0x10
[ 1149.936105][   T31]  ? assign_work+0x1a0/0x250
[ 1149.942112][T12497] can: request_module (can-proto-0) failed.
[ 1149.972912][   T31]  worker_thread+0x6c8/0xf10
[ 1149.978290][   T31]  ? __pfx_worker_thread+0x10/0x10
[ 1149.995214][   T31]  kthread+0x3c5/0x780
[ 1149.999429][   T31]  ? __pfx_kthread+0x10/0x10
[ 1150.020681][   T31]  ? rcu_is_watching+0x12/0xc0
[ 1150.025562][   T31]  ? __pfx_kthread+0x10/0x10
[ 1150.046902][   T31]  ret_from_fork+0x5d4/0x6f0
[ 1150.074730][   T31]  ? __pfx_kthread+0x10/0x10
[ 1150.090519][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1150.135625][   T31]  </TASK>
[ 1150.138922][   T31] 
[ 1150.138922][   T31] Showing all locks held in the system:
[ 1150.182200][   T31] 1 lock held by khungtaskd/31:
[ 1150.187130][   T31]  #0: ffffffff8e5c47c0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0
[ 1150.226581][   T31] 3 locks held by kworker/1:1/44:
[ 1150.231922][   T31]  #0: ffff88801b880d48 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70
[ 1150.246557][   T31]  #1: ffff8880b8524088 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x2c1/0x8e0
[ 1150.289900][   T31]  #2: ffffffff8e75c168 (vmap_purge_lock){+.+.}-{4:4}, at: drain_vmap_area_work+0x17/0x40
[ 1150.323393][   T31] 1 lock held by syz-executor/5840:
[ 1150.328695][   T31] 3 locks held by kworker/u10:0/10746:
[ 1150.358627][   T31]  #0: ffff88801c6fe148 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70
[ 1150.380346][   T31]  #1: ffffc9000b227d10 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70
[ 1150.412879][   T31]  #2: ffffffff90338190 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xad/0x890
[ 1150.446402][   T31] 2 locks held by kworker/u10:4/10772:
[ 1150.452428][   T31]  #0: ffff88801f7b6948 ((wq_completion)iou_exit){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70
[ 1150.488091][   T31]  #1: ffffc90003777d10 ((work_completion)(&ctx->exit_work)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70
[ 1150.499985][   T31] 1 lock held by syz.3.942/10936:
[ 1150.519015][   T31] 2 locks held by getty/11210:
[ 1150.537000][   T31]  #0: ffff888031df70a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[ 1150.571117][   T31]  #1: ffffc900032c22f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0
[ 1150.587834][   T31] 1 lock held by syz.1.1043/11475:
[ 1150.593412][   T31]  #0: ffffffff90338190 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x286/0x5f0
[ 1150.613137][   T31] 1 lock held by syz.2.1079/11675:
[ 1150.618327][   T31]  #0: ffffffff90338190 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x286/0x5f0
[ 1150.651719][   T31] 1 lock held by syz.5.1161/12103:
[ 1150.656928][   T31]  #0: ffffffff90338190 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x286/0x5f0
[ 1150.675514][   T31] 2 locks held by syz.0.1217/12414:
[ 1150.695394][   T31] 1 lock held by syz.3.1216/12415:
[ 1150.701658][   T31] 1 lock held by syz.6.1235/12500:
[ 1150.706837][   T31]  #0: ffffffff8e5cfdb8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x1a3/0x3c0
[ 1150.727644][   T31] 1 lock held by syz.0.1236/12508:
[ 1150.746299][   T31] 
[ 1150.749548][   T31] =============================================
[ 1150.749548][   T31] 
[ 1150.803409][   T31] NMI backtrace for cpu 0
[ 1150.803441][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) 
[ 1150.803474][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1150.803488][   T31] Call Trace:
[ 1150.803504][   T31]  <TASK>
[ 1150.803513][   T31]  dump_stack_lvl+0x116/0x1f0
[ 1150.803582][   T31]  nmi_cpu_backtrace+0x27b/0x390
[ 1150.803616][   T31]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 1150.803660][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1150.803701][   T31]  nmi_trigger_cpumask_backtrace+0x29c/0x300
[ 1150.803741][   T31]  watchdog+0xf70/0x12c0
[ 1150.803795][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1150.803835][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1150.803882][   T31]  ? __kthread_parkme+0x19e/0x250
[ 1150.803918][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1150.803958][   T31]  kthread+0x3c5/0x780
[ 1150.803998][   T31]  ? __pfx_kthread+0x10/0x10
[ 1150.804038][   T31]  ? rcu_is_watching+0x12/0xc0
[ 1150.804067][   T31]  ? __pfx_kthread+0x10/0x10
[ 1150.804109][   T31]  ret_from_fork+0x5d4/0x6f0
[ 1150.804148][   T31]  ? __pfx_kthread+0x10/0x10
[ 1150.804188][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1150.804237][   T31]  </TASK>
[ 1150.804264][   T31] Sending NMI from CPU 0 to CPUs 1:
[ 1150.935571][    C1] NMI backtrace for cpu 1
[ 1150.935594][    C1] CPU: 1 UID: 0 PID: 12500 Comm: syz.6.1235 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) 
[ 1150.935626][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1150.935642][    C1] RIP: 0010:debug_lockdep_rcu_enabled+0x0/0x40
[ 1150.935693][    C1] Code: 00 00 00 eb b6 e8 30 fa ff ff eb b6 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <f3> 0f 1e fa 8b 05 16 ec 2b 05 85 c0 74 20 8b 05 f0 1c 2c 05 85 c0
[ 1150.935718][    C1] RSP: 0000:ffffc9000bd87698 EFLAGS: 00000282
[ 1150.935740][    C1] RAX: 0000000000000000 RBX: 0000000000000001 RCX: 00000000ef9d33e4
[ 1150.935770][    C1] RDX: 0000000000000000 RSI: ffffffff8ddee5d0 RDI: ffffffff8c156420
[ 1150.935786][    C1] RBP: ffffc9000bd87760 R08: 0ac0d5affe09d4ff R09: 0000000000000000
[ 1150.935807][    C1] R10: 0000000000000000 R11: 0000000000000001 R12: ffffffff81a708c0
[ 1150.935823][    C1] R13: ffffc9000bd87718 R14: 0000000000000000 R15: ffff888035668000
[ 1150.935840][    C1] FS:  0000000000000000(0000) GS:ffff88812485f000(0000) knlGS:0000000000000000
[ 1150.935864][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1150.935881][    C1] CR2: 000000000060b000 CR3: 0000000012f3a000 CR4: 00000000003526f0
[ 1150.935898][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1150.935913][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1150.935929][    C1] Call Trace:
[ 1150.935937][    C1]  <TASK>
[ 1150.935944][    C1]  unwind_next_frame+0xd6/0x20a0
[ 1150.935986][    C1]  ? unwind_next_frame+0xbd/0x20a0
[ 1150.936024][    C1]  ? do_exit+0x86c/0x2bd0
[ 1150.936061][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1150.936092][    C1]  arch_stack_walk+0x94/0x100
[ 1150.936137][    C1]  ? do_exit+0x86c/0x2bd0
[ 1150.936172][    C1]  stack_trace_save+0x8e/0xc0
[ 1150.936199][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[ 1150.936227][    C1]  ? __lock_acquire+0x622/0x1c90
[ 1150.936264][    C1]  save_stack+0x160/0x1f0
[ 1150.936303][    C1]  ? __pfx_save_stack+0x10/0x10
[ 1150.936338][    C1]  ? __free_frozen_pages+0x7fe/0x1180
[ 1150.936371][    C1]  ? vfree+0x1fd/0xb50
[ 1150.936398][    C1]  ? kcov_close+0x34/0x60
[ 1150.936433][    C1]  ? __fput+0x3ff/0xb70
[ 1150.936462][    C1]  ? task_work_run+0x14d/0x240
[ 1150.936500][    C1]  ? do_exit+0x86c/0x2bd0
[ 1150.936537][    C1]  ? page_ext_put+0x3e/0xd0
[ 1150.936579][    C1]  __reset_page_owner+0x84/0x1a0
[ 1150.936619][    C1]  __free_frozen_pages+0x7fe/0x1180
[ 1150.936657][    C1]  vfree+0x1fd/0xb50
[ 1150.936684][    C1]  ? find_held_lock+0x2b/0x80
[ 1150.936710][    C1]  ? rcu_is_watching+0x12/0xc0
[ 1150.936736][    C1]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 1150.936781][    C1]  ? __pfx_kcov_close+0x10/0x10
[ 1150.936816][    C1]  kcov_close+0x34/0x60
[ 1150.936851][    C1]  __fput+0x3ff/0xb70
[ 1150.936875][    C1]  ? cleanup_mnt+0x262/0x450
[ 1150.936908][    C1]  task_work_run+0x14d/0x240
[ 1150.936946][    C1]  ? __pfx_task_work_run+0x10/0x10
[ 1150.936990][    C1]  do_exit+0x86c/0x2bd0
[ 1150.937021][    C1]  ? __pfx___might_resched+0x10/0x10
[ 1150.937052][    C1]  ? __pfx_do_exit+0x10/0x10
[ 1150.937084][    C1]  ? do_raw_spin_lock+0x12c/0x2b0
[ 1150.937121][    C1]  ? find_held_lock+0x2b/0x80
[ 1150.937148][    C1]  do_group_exit+0xd3/0x2a0
[ 1150.937183][    C1]  get_signal+0x2673/0x26d0
[ 1150.937212][    C1]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1150.937256][    C1]  ? task_work_add+0x1d5/0x360
[ 1150.937292][    C1]  ? __pfx_task_work_add+0x10/0x10
[ 1150.937331][    C1]  ? __pfx_get_signal+0x10/0x10
[ 1150.937364][    C1]  arch_do_signal_or_restart+0x8f/0x790
[ 1150.937394][    C1]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1150.937428][    C1]  ? ksys_write+0x1ac/0x250
[ 1150.937463][    C1]  ? __pfx_ksys_write+0x10/0x10
[ 1150.937504][    C1]  exit_to_user_mode_loop+0x84/0x110
[ 1150.937546][    C1]  do_syscall_64+0x3f6/0x490
[ 1150.937588][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1150.937615][    C1] RIP: 0033:0x7efd6538e929
[ 1150.937642][    C1] Code: Unable to access opcode bytes at 0x7efd6538e8ff.
[ 1150.937654][    C1] RSP: 002b:00007efd66247038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1150.937676][    C1] RAX: 0000000000444000 RBX: 00007efd655b6160 RCX: 00007efd6538e929
[ 1150.937693][    C1] RDX: 000000100000a3d9 RSI: 0000200000000400 RDI: 0000000000000006
[ 1150.937709][    C1] RBP: 00007efd65410b39 R08: 0000000000000000 R09: 0000000000000000
[ 1150.937724][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1150.937740][    C1] R13: 0000000000000001 R14: 00007efd655b6160 R15: 00007fff02ccb5e8
[ 1150.937771][    C1]  </TASK>
[ 1151.435360][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[ 1151.442418][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(full) 
[ 1151.452541][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1151.462627][   T31] Call Trace:
[ 1151.465944][   T31]  <TASK>
[ 1151.468920][   T31]  dump_stack_lvl+0x3d/0x1f0
[ 1151.473574][   T31]  panic+0x71c/0x800
[ 1151.477530][   T31]  ? __pfx___irq_work_queue_local+0x10/0x10
[ 1151.483537][   T31]  ? __pfx_panic+0x10/0x10
[ 1151.488014][   T31]  ? preempt_schedule_thunk+0x16/0x30
[ 1151.493458][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1151.499489][   T31]  ? preempt_schedule_thunk+0x16/0x30
[ 1151.504910][   T31]  ? watchdog+0xdda/0x12c0
[ 1151.509387][   T31]  ? watchdog+0xdcd/0x12c0
[ 1151.513868][   T31]  watchdog+0xdeb/0x12c0
[ 1151.518181][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1151.522917][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1151.528189][   T31]  ? __kthread_parkme+0x19e/0x250
[ 1151.533267][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1151.538022][   T31]  kthread+0x3c5/0x780
[ 1151.542160][   T31]  ? __pfx_kthread+0x10/0x10
[ 1151.546816][   T31]  ? rcu_is_watching+0x12/0xc0
[ 1151.551626][   T31]  ? __pfx_kthread+0x10/0x10
[ 1151.556279][   T31]  ret_from_fork+0x5d4/0x6f0
[ 1151.560931][   T31]  ? __pfx_kthread+0x10/0x10
[ 1151.565602][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1151.570450][   T31]  </TASK>
[ 1151.574014][   T31] Kernel Offset: disabled
[ 1151.578506][   T31] Rebooting in 86400 seconds..