last executing test programs:

6.56611253s ago: executing program 1 (id=1608):
unshare$auto(0x40000080)
r0 = ioctl$auto_NS_GET_USERNS(0xffffffffffffffff, 0xb701, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/037/001\x00', 0x4a901, 0x0)
mmap$auto(0x0, 0x20009, 0xe2, 0x13, 0x405, 0x8000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000380)='/sys/devices/virtual/net/bond0/queues/tx-3/xps_cpus\x00', 0x181482, 0x0)
read$auto(r1, 0x0, 0x80000)
read$auto(r0, &(0x7f0000000080)='/dev/mtd0\x00', 0x0)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/mtdblock0\x00', 0x14fe02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
preadv2$auto(r2, &(0x7f0000000040)={0x0, 0x80000003}, 0x6, 0xffffffffffffffff, 0x7, 0x2f)
readv$auto(r0, &(0x7f00000000c0)={&(0x7f0000000180)="c1e4b13450976172711ca8fad278a157d048627385b3445212b9eb607bb13374a570a8e278bed7ab2aea35444b2c2a7777c9834e19edd0d36751f42c0b1e055e175df3330b205a18161446ed2fe528105f6cf9a3fb31ed69f4c2f31018122a84f4c56d9a11b1689e987573cfb00e72f7be9e1fcd531f01cf7e4a25758237cf479cd7ea3773f0d67e1e4eb408ccea9eb80833333a5e7f6f545b0e959f04d3cb644b71cb82ef16308d13ce5651f17219b7b435a124307ab52bf9db34cd25e931f752db6f20522b09b0d1bb2e56b514369e7fa0e95c77b783a8e0806591e491caed7190cc79", 0x4}, 0x0)
prctl$auto(0x3d, 0x1, 0x0, 0x1, 0x7fffffffffffffff)
listen$auto(r2, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0x0, 0x0)
mmap$auto(0x0, 0x20009, 0x2000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
fcntl$auto(r3, 0x7, 0x3)
fcntl$auto(0x8000000000000001, 0x26, 0x8)
close_range$auto(0x0, 0xfffffffffffff000, 0x0)
close_range$auto(0xffffffffffffffff, 0xa, 0x0)
mmap$auto(0x0, 0x6, 0x6, 0xeb1, 0x7, 0x8000)
futex$auto(0x0, 0x85, 0x38, 0x0, 0x0, 0x80800005)
r4 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x68082, 0x0)
ioctl$auto_BLKPG2(r4, 0x1269, 0x0)

5.115121598s ago: executing program 0 (id=1619):
openat$auto_proc_setgroups_operations_base(0xffffffffffffff9c, 0x0, 0x149002, 0x0)
unshare$auto(0x40000080)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x8000003e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) (async)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
listen$auto(0x3, 0x81)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x202000a, 0xffffffff, 0xdc, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x2020006, 0x1000000000000007, 0xeb1, 0x0, 0x1008000) (async)
mmap$auto(0x0, 0x2020006, 0x1000000000000007, 0xeb1, 0x0, 0x1008000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r2=>0x0})
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
bpf$auto(0x0, &(0x7f0000000040)=@bpf_attr_5={@target_ifindex=r2, 0x7f, 0x99, 0x8, 0x1, @relative_id=0x8, 0x5}, 0x92)
r3 = open(0x0, 0x261c2, 0x84)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r6)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000001c0)={'wlan0\x00', <r8=>0x0})
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x1c, r7, 0xd0d58b333228212f, 0x70bd2c, 0x25dfdbfb, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r8}]}, 0x1c}}, 0x4000000)
sendmsg$auto_ILA_CMD_ADD(r5, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f00000000c0)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16, @ANYBLOB="010228bd700003dcdf250100000005000800080000000c0001001c00000000000004050007000900000008000400", @ANYRES32=r8, @ANYBLOB="000000ab743e3a9900000000", @ANYRES32=r8, @ANYBLOB="0c0001000600000000000000"], 0x54}, 0x1, 0x0, 0x0, 0x8080}, 0x38) (async)
sendmsg$auto_ILA_CMD_ADD(r5, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f00000000c0)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16, @ANYBLOB="010228bd700003dcdf250100000005000800080000000c0001001c00000000000004050007000900000008000400", @ANYRES32=r8, @ANYBLOB="000000ab743e3a9900000000", @ANYRES32=r8, @ANYBLOB="0c0001000600000000000000"], 0x54}, 0x1, 0x0, 0x0, 0x8080}, 0x38)
sendmsg$auto_ILA_CMD_ADD(r3, &(0x7f00000002c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB='t\x00\x00\x00', @ANYRES16, @ANYBLOB="00032dbd7000fddbdf25010000000c000300040000000000000005000800060000000c0001000400000000000000050008000700000005000800ec0000000500080004000000050008000200000008000400", @ANYRES32=r2, @ANYBLOB="0c000100010800006d7c02bb2d764b520104000000000000b4c52bd85f598e1b0c3456cd107c7f60125b12d8e2b6741f4e7549d23b05f18d69f41d4264d8189dfd1c3f33ccd3700c84117d7d7dbed1a12ce5b9de1c6e0429c5110dd62cd07c35c716b1dadf6b80e9a7749544fcdd6bc418bc0912a358d51ebfccf0b23588ae7730a77be43db5977f96"], 0x74}, 0x1, 0x0, 0x0, 0x8000}, 0x48014) (async)
sendmsg$auto_ILA_CMD_ADD(r3, &(0x7f00000002c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB='t\x00\x00\x00', @ANYRES16, @ANYBLOB="00032dbd7000fddbdf25010000000c000300040000000000000005000800060000000c0001000400000000000000050008000700000005000800ec0000000500080004000000050008000200000008000400", @ANYRES32=r2, @ANYBLOB="0c000100010800006d7c02bb2d764b520104000000000000b4c52bd85f598e1b0c3456cd107c7f60125b12d8e2b6741f4e7549d23b05f18d69f41d4264d8189dfd1c3f33ccd3700c84117d7d7dbed1a12ce5b9de1c6e0429c5110dd62cd07c35c716b1dadf6b80e9a7749544fcdd6bc418bc0912a358d51ebfccf0b23588ae7730a77be43db5977f96"], 0x74}, 0x1, 0x0, 0x0, 0x8000}, 0x48014)
bpf$auto(0x9, &(0x7f00000001c0)=@raw_tracepoint={0x5, r4, 0x0, 0x3}, 0xc) (async)
bpf$auto(0x9, &(0x7f00000001c0)=@raw_tracepoint={0x5, r4, 0x0, 0x3}, 0xc)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19) (async)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003f2, 0x15) (async)
madvise$auto(0x0, 0x2003f2, 0x15)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000980)=ANY=[], 0x14}}, 0x24048084)
madvise$auto(0x0, 0x200007, 0x19) (async)
madvise$auto(0x0, 0x200007, 0x19)

4.742625757s ago: executing program 1 (id=1621):
unshare$auto(0x10000000000)
r0 = memfd_create$auto(&(0x7f0000000300)='/sys/kernel/debug/x86/boot_params/data\x00\"F\xb6\xcd\x06\xd6\x97\\L\xe1\xb2\xee\xb8\x8e\xd6O\xa1j\x90w\xc7\x94\xb7yi\x01&\x04b/\xaa\xfb#s\xc4\xa3\xa7\xacj\xc6\x8e\xf4L\x9a\xf8\xcc\xdcy\x9f\x93\xbc\xf6\xc8\xdb\x05w,|B\xfc\x04\x97\xd3\x0f\x8b\x81\xe8\xbc\x81\x0e\xd7o\xd2\xcd\x18z\xc2\xb7|\xe1\xa6\x9a~\x96\x10rnLnt\xdb\xdb-\x1b\x99\xd4\xed;\xf8\x13a\r\xf2\a\x85%\xef\xa7\x7f#\x96\xf2S\xb0\xf1Hq\x0f;\x83\xb7\x0fz\x9dN\xc9\x1e\x15r\x97|\xbfE\xce\"', 0x4)
fallocate$auto(r0, 0x0, 0x9, 0x4cbd5d)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x0)
mmap$auto(0x0, 0x4020009, 0x8df, 0xeb1, 0xffffffffffffffff, 0x8000)
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/key-users\x00', 0x18b800, 0x0)
ioprio_set$auto(0x3, 0x0, 0x4b34)
mmap$auto(0xffffffffffffff80, 0x5, 0xdf, 0x9b72, r0, 0x8000)
mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x1000, 0x2)
capget$auto(0x0, 0xfffffffffffffffe)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/net/rpc/nfs4.nametoid/channel\x00', 0x8f3b7a51b80ebd01, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty46\x00', 0x0, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x4802, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mlock$auto(0x112, 0x80006)
keyctl$auto(0x40001f, 0x0, 0x0, 0x0, 0xfffffffffffffffc)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x5d7d82, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x101382, 0x0)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
sendmsg$auto_IPVS_CMD_SET_DEST(0xffffffffffffffff, 0x0, 0x4044000)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008012, r1, 0x8000)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2)
mlock$auto(0x7c88, 0x7fff)
mmap$auto(0x9, 0x9, 0x10000df, 0x9b72, 0xffffffffffffffff, 0x7ffe)
bpf$auto(0x5, 0x0, 0x7)
openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/modules\x00', 0x18000, 0x0)

4.500478661s ago: executing program 0 (id=1623):
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2000000000000021, 0x2, 0x4)
socket(0x2a, 0x2, 0x0)
socket(0x10, 0x3, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4)
access$auto(&(0x7f00000002c0)='./file0\x00', 0x5)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
fstat$auto(0xffffffffffffffff, &(0x7f0000000000)={0x5, 0x80000001, 0x0, 0x100, 0xee01, 0x0, 0x0, 0xffffffffffffff91, 0xfd3, 0x2, 0xec, 0x4, 0x80000000081, 0x8, 0x2, 0xfffffffffffffff8})
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}}, 0x40000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x100)
socket(0x10, 0x2, 0x0)
mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
rt_sigsuspend$auto(0x0, 0x8)
r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_LINKINFO_GET(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000300)={0x14, r1, 0xf25, 0x70bd26, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x4044054)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
socket(0x2a, 0x2, 0x1)
bind$auto(0x3, &(0x7f0000000080)=@qipcrtr={0x2a, 0x1, 0x80f0}, 0x6b)

3.590538463s ago: executing program 1 (id=1636):
r0 = gettid()
kexec_load$auto(0x5, 0x2, &(0x7f0000000040)={@buf=0x0, 0x8ab0, 0x6c0000c000, 0xc000}, 0x4)
kill$auto(r0, 0x11)
io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xe, 0x1fffff, 0x6, 0x5, 0x8, 0xffffffffffffffff, [], {0xd74c, 0x6, 0x2, 0x29f, 0x100, 0x7f, 0x101, 0x6, 0x2}, {0xff, 0x1, 0x10001, 0x7, 0x1, 0x40, 0x76c5, 0x400005, 0x100000005}})
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r1 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x40040}, 0x800)
socket(0xa, 0x3, 0x3b)
setsockopt$auto(0x400000000000003, 0x29, 0x16, 0x0, 0x20056b)
r2 = socket(0x2, 0x1, 0x0)
getsockopt$auto_SO_BSDCOMPAT(r2, 0x0, 0xe, 0x0, &(0x7f0000000140)=0x2)
r3 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000140), 0x48800, 0x0)
ioctl$auto_IOCTL_VMCI_CTX_ADD_NOTIFICATION(r3, 0x7af, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

3.537615949s ago: executing program 0 (id=1629):
mmap$auto(0x0, 0x1, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x0, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/nbd12\x00', 0x6600, 0x0)
openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nfsd(0x0, 0xffffffffffffffff)
socket(0x2, 0x2, 0x0)
socketpair$auto(0x1, 0x2, 0xfffffffd, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x181040, 0x0)
openat$auto_tracing_saved_cmdlines_fops_trace(0xffffffffffffff9c, 0x0, 0x48400, 0x0)
openat$auto_binder_ctl_fops_binderfs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
pipe$auto(0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/platform/dummy_udc.0/udc/dummy_udc.0/maximum_speed\x00', 0x0, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/irq.pressure\x00', 0x101102, 0x0)
openat$auto_ocfs2_control_fops_stack_user(0xffffffffffffff9c, &(0x7f0000000040), 0x669400, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000340)='/proc/self/net/route\x00', 0x8a080, 0x0)
socketpair$auto(0x800001, 0x2, 0x615e, 0x0)
close_range$auto(0x2, 0xffffffffffffffff, 0x0)
open(0x0, 0x22240, 0x55)
openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = socket(0xa, 0x801, 0x84)
getsockopt$auto(r1, 0x84, 0x82, 0x0, 0x0)
ioctl$auto(0x3, 0x80106f53, r0)

3.239577446s ago: executing program 2 (id=1632):
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000280)='/dev/dri/renderD128\x00', 0x149c01, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r0 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sysvipc/shm\x00', 0x0, 0x0)
read$auto_proc_pid_maps_operations_internal(r0, &(0x7f00000020c0)=""/4093, 0xffd)

3.215909423s ago: executing program 0 (id=1633):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nlctrl(0x0, r0)
r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r0)
sendmsg$auto_NL80211_CMD_TDLS_CHANNEL_SWITCH(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="5c140000", @ANYRES16=r1, @ANYBLOB="02072cbd7000fddbdf256f00000073009d008b5c3464440469f8fe6406c1dffa1adb9a001aa7cee881cbee36854413182314ba05a62fc6f21221f36054fdf84806fe0872b81e6bfe976d12486d9e44f6daabe437a7d7e85001970086f8b01ddafc50a2debea523591d564457cc1d38fe57eb4a0d968bee0d1e8c1f0877fe40cec20008007e00cb040000c5135e80258f51edc0aee6c5294a30c4af3def39b1a8944ab07e644072a3920ad9597ef21c5b49dd66d87ed5979126cbef10b9c9d00eb51ac11080b21d89344528f37af6dc25bea83acbd96ee7287aa896669b47f4d2654cefe3036c768703df8d3034641331fe78a7bb452c9a25291c4f4f93e80756c9ca2fd86964922d3a7ff175c6fe0be59c823fb2df36c138876b48713ca3b42595e45fac03d0ac11d5baad0d2da7c258f91e04a3e69c89d98c739c5e9a440516f799396ba84494d9a51986494d225dae949827a082481b3129080000000400000019656c21a32a312258e4ba4f62013590ec31c4c912a2ea889b9e9bc0af23cdb743a92ae47c96b87efca035600c716611dbb231b448de5898eb6625eb77f5ff336ae904a19a81a01726a7f81406597ca89217f54d5f723ccfcaecae5331c04a70c2a20e77e3d6a4eb1bd9d430f24ff38cc14b104757deaa54239d836e2c6c6453bc4f3ebb62d36845ee0b1434505dfa2f075e3617bf1f8cd5948ff5b40d6101e420c534c7a876d9c5fc11ad846b7c8b79e1934fc84c462a6cecd8277bfa308dc8094d85dc137f054910899b7d7d571df7929839c19e57b7b0ebe483cbd924811ca93d3ad122d04fbd5bc30057e18eb08e6381e0e976162c23bbaef71f519a19e6e428c9f0445d2d14343e57af83f312f519c03354a36f1867a79cf7d27376bb3b371cf7b7dc34964add9997e3c6ad2b40706215297ce9a801eb9be52b3ab8559db9b39a82b5e0dedf909b8400e7c897ddf10f0d5ebff0c6f8e443dff66cf2a38a3f1d05036bec924447c92d7d16579749a9b9b9abae502878e1cb3e4e9e7f9dbeb1519cfe0705c4707e6ecd471d6a5b9e0565e4896be037a8b8919e1e0daadbec4c62a8147e979d626d25b5c0a31d1bcbb52f7a4e89b8f78ce38646f2ad5ef782550752f803181f99541552d01161ccd4bddcb2d2cbf78271bf988d7b0bad8c820bc396b1685a9de44a100da01b28b7692300070500fb3ab44f88fe80485754ae99491d632829f562e5f4356267c2d7bd9a09bdad4ff060fec04614115d9120bab771b952584655b4f181286b6fd111ff404d1390f047dcdadeb63fb16a10fb4e9d1ef7ad501c6cf11c1cc510b8c3681922a48e00b2640e5c5845049b78dcc7b1425e31b188f1131edc9f9342f8a28390bb03e618a655742ee3e289dda0e30fdaf3d49e364267ce2519162b4abf05917971e305e5dc609dafd6a45a453d1c9dc5880a077e0a0cf75d4fb0a6a4778a536e0342af0787bb67684f1c79e781ee8edd6dc3a75e242da41266b8b73842a0ebb8cd664ea9d6ad6d4336d7837f3c76b48923fc9814a5333d707cd3ccddd805dd93e042db55d0f530317340c41b011d0dd82f57c8af7bdac037c5fd0d69fdd4d03642e9116aa95395e13b0c6f3093f58be10a20e6d12c543a71885cc391697a89b353f13258a910f64099744d0190f0eebb3d7b1e36614005379edf0d21401a9e5fcf7e076dc37c40279f143c16abd2a94c41ec95d25de079429aaff5888f8bd2e07176b2d420a159babbd47206b9b3ddbbacb3bac34c3ca051c87bc6508acc237f3d09fd1a1fea69bac0fe41650214a24a2d0c65bac5bb402e4a5aa4420ed5fa8fd59668c76fd104dca12fa713971b14928b09451bf319ffae317c998f3e18373797266f56ae4da585dda40656b8e05f9c0a6a6456af9b1eecb1041fa0ea9815baee088504f4dcdbf6021af1d988b4f22af589565aed6e579d56290168391ce8c208aaa651687367a4bd0cefbac8f456263d94e11583c9edeaf78edd81915fc948bebcf2b1c9aec6f90a15d7cf3ff5fc9477e9a39bb246f54050a715682a475a12bb44801f319cf455c09d5f567894c938a8ece13096b9df251bd577a4d9828f4456fe99e5c3bede3a88aec05219b04589512ac80b1b75564a3be440e1d8cab31e09bf44aa0b29177e08082c3060861ac19d34b64e378cdc85d7850efa296b2ec5efbb0c171fd41798744ff61d1ed5863ded0647f1b882efe17b34719fb51babd0957221eb716748e391bb593a724df32b0b355cb1bd7c72be9c08eec55b495ad07f104f40b64d4bf4910c4a5cbd885d9dc4f5869010ec3a2ba6a8bf6963db22f56ca590dd1555d6a6bacf108256c7fa5586af08ca7e0c85cd5c7544325ab3ad248c8c3eb8c3f00c23c17a0e19f846e8ed4456d198e5061f43cdd6f3b0d41d89ddd7533f7490e278688115c216853720896984f4fcf9f2d3ba52cd075c2a49cb0c22ba578a842c9b1b318b050b9964649a643cd0c63afd3067964c4029cda263987a8483721c11b6f0be88e6d0d2c685f09a28f6a6eb1060b65d16296c4bffe6ea3fa5a17acb77b37c9a139bbaccd3b76fb1848e6af79916b14769d786a8f1b5f7b3a0db6792113dabb6ed3b2a5393d657844f356d2811b9105f570be40796cc303409507c9c263732bcde6ef1dafe9387dde5cb15fcf77b964f364e5831b81833342cbdf66114c9db5b4ebb5784786daefeb1c083f715040823535f4e9b8dff917cf605b6182392637162cbfc12ba50b78ef1e2ee54e1ddbe28e01bf9b10d00d7f5ca5ac574c1fc215dbeb07c65c6477f662dad2de2e880cf91827dfc336efa283310d55c6f609790c64187cf50816f09a004cfda53711692aa0f0c976a63ac225657ee997400f73a7c6d1b7f1fc937db821d2036b911520697d3f110182cd841341b472742e0652153bc6ca20114388fd620d63833aa9cce5111b7743d5c170e6e4b6a5128d6d39f6008bcf136ee7a07227cacf6dde95b798ff7ce13f506b2df17c8fa41973f8fc2188b876c6b21576a64ea57870878ac0eb7cbd8975c08c48342e9fdebe9138fefe546536d2db8f5053a7b1e757851f64410cded71722f490320209d31eb40f995c37c8ed19c8fb80ac6d9a7c3338ae22f6b602827466c8bcfc8de32993b9fd66eca723dd9810fabc4cd7c5b6ab2afeda3c91d27145787bcb324f70bc383b98f3a9ea204d4c32dc380d73bdb5469f52df3060b73e283fea5fc95dfbd93ca6095d80db82904dd5350f17827efd39f9443c411701ef09ca9a70e2ec291b019317ad31c5aea774738b542c52918411a159bb7ee5b1997ebcd205a492dab5a64cfc6ce59571d50d8a1f67c4a3e11a44f583d69eba03289939a87f58ca5eec80893d91a0275c8a1d97bf64c070d6ee552f7f6edd842f8d36c510b9610066522febcf447215385a56b14787608d054f58400c5d759bcccfc5ee3afa9a515e3b087b6fcac324bf840044886cd52568ec543a55058eccf60956869bfed14165644ea6abc9f0dda510326d9f368b593f42e90b63526a419ca6e929943dff18a72bc7f7b8a48f18574ac8cc536bb65e57b03d887c1b28efdf0a061c2be4076ddf2f378fc589f56d108869cd3b534ee78cd1174a81fbdb829b1da12dd2b46bbd3ed63949cb5a183c1ec83b7e3280e3cdbf0749999000c559a561de54160e9529b8588a2b1a661f9762b6a185bd6c15e1908ffcb7a6170dd66ef87b485c34cd338d886a44693bad707205253cb750913acdba7da5b9a70eef385e0cdb2bc2b674f35b1c6b7184aa945e5fae7a4e0e2b6e63e99cd9b8b4659d9c7c2018223e6c172227ccc57a025df16ad03ebd9ebd225520cc19ae32f8ca3015eed47b6289e954c972505d26869e3743cccb7bfd324d86c9e5ebc9678746ae572ae0bea5c3652b27ede411fa61a6cf786f826879f7d5b1000eb0e75c09a15def6e7dbd6c856db02176743d11c852e1dcf8d2f1acd84191ea0257d5a2bc4ff7ef94ef228a37e12201109b04a16ea30f50333eabea2f8c2173ea013813f7fbfabd6430b73974d05479f732d28d49fae5a6e1a4aa9c238252defef7dd0a4ac6d6d58ae68be586ba11bacd25f61526f28066bccdb04763c74c20c771ae80ba42af5f7bcfbfad9a4cca55df4d9552eb7cad96acd1983f582547f904fc6616f07a5c3dcd1c808fe2a106240a3689469e59e762aa064f7ff6d25d21671d50ac08cc6119f419d72cf7778141a145473fe31016ba238683e0230ab0432e91dfbbf40acdc47a81dc356e42b3d8f9c1bb1de9ac7f08addc384606507a6a802de06f6ffd738f4e4dcd63145933fc187a10b22f2e50d1ffa3062a31bac6ac75a0d942909558fb337f6ef08e29b6f628a903af9389e51812028e6905911074ea1bfe670ba03fb6495cd2e9e948235d3bd1c9dca300433576309412ffc32804b77fbefda639d9ffad0dc08e93816172167ecd66ffb7e75f3f5821ef246e36e2c217b7f1f0b99dae17daa074a320f6226a114cf8a8e651679aea023091580bd1af68ed961845121f6500f7a6c481eda0732016cc3697dd02df52d9ec95d4418610c1dca04474b8dfede252844d2a6fe59bbb868c49893e663f30c137ce32454bbf56fefe4ec25874c6fea25696a7fe0b6f8a13645698691d72f4cfea60dca69d75c38a6f737738fb28b60e66b22d72923745a7f2cd615853bdfbdc7a957979f005b6ad197c6f344fb67b158003968448fcc2d75fe0d7d915c6af7ca13e04e39ce1f2108ae641e11008d0a851de30b90e590c16600ddb289f38b1d6cabfaa48320e233dc38df0ffa1b3239d2970bfe49e88e49177509816d2c29ebaa8d0257b63d9ec2179a6e7977c4e61e269c0567f577dd6c91694f019c0dcc3c4cff0d494e033923534e493a3c5a842237710e5d1f30481f637910dec03b41f9d1b292750dca8503a61830d6d67f96b3850a6a78f1ebc06d703a2d4db659dae29c64b995b37674a4c30def8e8aa25feee5b748888148954a9ea6afc5905465f2e0a8beea10307c5a113deb2d63639f374b29b76f0b0c40f1a18b96ad9d3017835f5491f5ed9bf87e1b0bf2e8b5c7d9518d3f216bb2b355cf68039832957c63a5b389ab3d9b2eadc7ecb6abeac53a792e4dae3f1eddd6e9d000a37654a9eec3116bea248ab492c497b866d815a76ecf624eb13e39650ac2ed56ce1eed2ff54b94dced4475c5a3f5237321ca9934a42318f38c2871b941cdd9bb5039c0fb97ecccaf7fad0cb59737c3dd4c6c4a6531dafadae182421d0b1fd7ed84537d919f64c55134a38fa8962c37fac716b0d9901849e20ac9a99775b65b72a196a6c9cc01b4a6ccedd9a51266408d7cd3082e3403e12dcf741bbb548a432e52730607394383f7fb3705a378d76eac22f7d0bce063df5f28c698f14332e91d7abbbb5b58903e01a86dd0d0182a0bf5e9d723ab7b563fc731fb8f4ea9536143b39fd84ba9d3eccd70637527a72244b35528207e0567890e1e088cf393d0e30d563c3dc2f48678d45a79a9f53a0e90c837160607354eaa7d8dc14ead28ed43c38e7c5e51862b970ba548dd3ac17594841cc262e896a6a4941556890592d06a21819e5cf59f9ced2cd3db613fd863d6881f6e4ac088a271ea928b3df246589dc4bafef63ef14f47a6d4850563003ffb0fcd934e98c4d8365d5c32ed7736e044ad044883dd037bc2d7e5617fe73537cdf5e11b0e6ab0ea2850ac33e351837ef8a9dc7d6f15fb7050e03a19c21ff577de92778caf618c5b7bf405585636eb983ae7bd01b70bfdda3592f19ed3627646d8024d51923af10c15486c215ebb91869b4523368e7d855ef2a480c6ae05c24d166f3241297bab97b9a316f8e5bebcf2c1ea621bb874e4f84731cd0819bc70eee121f884a0a0622bd2a18cc985b6362bb01b5ee5b4361eb8aeff0e82afe9a6a6084fb67631252ad8b9d62c11fb918f90de971d4f58de4c3b5a2d4053f1b7b259bd20cc6b64966fcde99b6bf1b83729a96479fe741839849a0e5b0f1c3fd0b6dd11039dd0a5640e539df8e40eeb1025ed96ca2ebac244e459b424a2d1f8916d595365779d7c28001b6e4fff571bc1b50ef31e2fa116a6567d99a7feb9e87a89465b441627e3a1f0f54b31637c37ce3ecc6562e6f41e4ec551acaf989501ed62239202fe6ddb482347bd3f5b9b354918d2b87998f41b5e3ca5b3e23645c67122d11318192b65c381668bc2189c82028f067b69e2384962bf2e8eb5db1c9c5e952b9fe3e133d798d8c4576ff765f95cee590b5cdcb3dff830a02d7a0e5c412199f38291308c5d80dffa9dd1583d08e9bbee8fc2daf917a62939a138a3b4d34333bf3dcd5d45d54a7836cc4785889667145d092d581de8a2441514e7f246b9729b90047b4d882f179b1c5dca67bdf9a1a07ffb212c90a55e4341c248ac85b972b38c90a358ea88eec97b2bd78b62d77bd404d3931bc5ed48422a6197f4258b96138d7a629e48c7672c333cab2fd2270b16430c65d4f0379b1fb768df370e39dc32f5348ce326fcaf08e2850d37cda6d0964a824adec3e61ea2a1db826b81e6c79a94a75ecb4964f6601519974aef1b7bf09688416034d147c6dcdbbb777a6d7200218087f6d0135ce5993ed4730d57490dcbc870a2c75b59ad6feed00546e8999b6d182a247c8644d08100178e7f0100a6a8a293a554771cfd170b6d71b3bbbc221f5ff59575bea54f77b2b2558c0717804f89b77308003c00", @ANYRES32=r0, @ANYBLOB="060002005e0000000800ce00ac1414bb04008980000008002f8004002c803956237649720d610ce42ba8e6e97174288e30802ea3790525a4040aedb878703cda2152dadb177a91210c4734c6aa4bfa32361ef9bc9d37797504f73bab4db548e30cf519fe9320904b5f9117792a32567f03aa4314a9f944dfcf7fe713df5f276ae9bb290f1fb5aa89d211c9c0e1621b304db2e44215e1425b41f44dc8cd2b76b9281fde62de3afc38a59f703545817e1a421a9d28ab319a21bd5955467aca9c006896d8be7df5203459a0d926108b76adfbff7d7aac78117ec6941378f6da30b169988aa738ab5e3f90c8531274c7f7851628c2ef248478f88136e6d98c1b64ab72b52c8d809810cdcf42b3c5debdedfb64f26b204c3555516ec087eb8bf39ec81ad5e07a0f25959a03f23c1550f23fd313daca5bad84aba40815011986d27243764fffbf9757909a911163f92ba49c7eb1667a520df6101bc8e270384274608090b1c3c3108992719e4a967daf0f3f32c52d66489c61a39e7d4e1b69f23e01ced94bb7332012c5b474f6065bd673cc413647ed5c7a1f1d94149ea5493ad2ee8e67ae96c80af5d69cac9317906d193d00000004004100"], 0x145c}, 0x1, 0x0, 0x0, 0x40}, 0x40000)
migrate_pages$auto(0x0, 0xa, &(0x7f0000000100)=0x8001, &(0x7f0000000140)=0x2)
r2 = getpgid$auto(0x0)
timer_create$auto(0xfffffffe, &(0x7f0000000000)={@sival_int=0x4, @raw=0x2, 0x4, @_tid=<r3=>r2}, &(0x7f0000000040)=0x9)
move_pages$auto(r3, 0x20000000000007ff, 0x0, 0x0, 0x0, 0x2)
r4 = openat$auto_tracing_thresh_fops_trace(0xffffffffffffff9c, &(0x7f0000001a80)='/sys/kernel/tracing/tracing_thresh\x00', 0x8000, 0x0)
readv$auto(r4, &(0x7f0000001b80)={&(0x7f0000001ac0), 0x6}, 0x10)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x5, 0x84)
setsockopt$auto(0x3, 0x10000000084, 0xa, 0x0, 0x20)

3.088155315s ago: executing program 2 (id=1634):
r0 = socket(0x29, 0x2, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0x2, 0x1, 0x84)
r1 = open(&(0x7f0000000000)='./cgroup\x00', 0x400, 0x64)
fchdir$auto(r1)
setfsuid$auto(0xee00)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x200000000000404, 0x0)
io_uring_setup$auto(0x59, 0x0)
open(0x0, 0x64842, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
r2 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000)
recvmmsg$auto(r2, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x803}, 0xfffffff9, 0x10, 0x0)
ioctl$auto(r0, 0x8914, 0x24)
bpf$auto(0x0, &(0x7f0000000380)=@task_fd_query={0x12, 0x3, 0x4, 0xae30, 0x8, 0xfff, 0xffffffffffffffff, 0x5f, 0x7ff}, 0x6f4)

3.062817856s ago: executing program 3 (id=1635):
mmap$auto(0x0, 0x1, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x0, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/nbd12\x00', 0x6600, 0x0)
openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder0\x00', 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nfsd(0x0, 0xffffffffffffffff)
socket(0x2, 0x2, 0x0)
socketpair$auto(0x1, 0x2, 0xfffffffd, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x181040, 0x0)
openat$auto_tracing_saved_cmdlines_fops_trace(0xffffffffffffff9c, 0x0, 0x48400, 0x0)
openat$auto_binder_ctl_fops_binderfs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/platform/dummy_udc.0/udc/dummy_udc.0/maximum_speed\x00', 0x0, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/irq.pressure\x00', 0x101102, 0x0)
openat$auto_ocfs2_control_fops_stack_user(0xffffffffffffff9c, &(0x7f0000000040), 0x669400, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000340)='/proc/self/net/route\x00', 0x8a080, 0x0)
socketpair$auto(0x800001, 0x2, 0x615e, 0x0)
close_range$auto(0x2, 0xffffffffffffffff, 0x0)
open(0x0, 0x22240, 0x55)
openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = socket(0xa, 0x801, 0x84)
getsockopt$auto(r1, 0x84, 0x82, 0x0, 0x0)
ioctl$auto(0x3, 0x80106f53, r0)

2.719923051s ago: executing program 3 (id=1637):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/graphics/fbcon/cursor_blink\x00', 0xa001, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/net/lapb4/ifalias\x00', 0x1a1842, 0x0)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty51\x00', 0x40001, 0x0)
write$auto(0x3, 0x0, 0xfdef)
ioctl$auto(0x3, 0x540a, r1)
write$auto(r0, 0x0, 0x7fff)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x145002, 0x0)
setresuid$auto(0x0, 0x0, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x747200, 0x0)
getpgid$auto(0x0)
r2 = openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/set_event_notrace_pid\x00', 0x40500, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/bus/pci/resource_alignment\x00', 0x8e81c2, 0x0)
mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000)
write$auto(0x3, 0x0, 0xfdef)
socket$nl_generic(0x10, 0x3, 0x10)
mprotect$auto(0x200000000000, 0x1f, 0x5)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/fail-nth\x00', 0x101041, 0x0)
readv$auto(r2, &(0x7f00000001c0)={&(0x7f0000000140), 0x7fffffff}, 0x1)

2.630290051s ago: executing program 2 (id=1638):
mmap$auto(0x0, 0xb, 0x6, 0xeb1, 0x3ff, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0x2, 0x1, 0x84)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_binder_features_fops_(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/binderfs/features/extended_error\x00', 0x8200, 0x0)
read$auto(r0, &(0x7f0000000b40)='/dev/binderfs/features/extended_error\x00', 0x8)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
memfd_create$auto(0x0, 0xd)
ftruncate$auto(0x0, 0x8800000)

2.418868496s ago: executing program 2 (id=1639):
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2000000000000021, 0x2, 0x4)
socket(0x2a, 0x2, 0x0)
socket(0x10, 0x3, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4)
access$auto(&(0x7f00000002c0)='./file0\x00', 0x5)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
fstat$auto(0xffffffffffffffff, &(0x7f0000000000)={0x5, 0x80000001, 0x0, 0x100, 0xee01, 0x0, 0x0, 0xffffffffffffff91, 0xfd3, 0x2, 0xec, 0x4, 0x80000000081, 0x8, 0x2, 0xfffffffffffffff8})
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}}, 0x40000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x100)
socket(0x10, 0x2, 0x0)
mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
rt_sigsuspend$auto(0x0, 0x8)
r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_LINKINFO_GET(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000300)={0x14, r1, 0xf25, 0x70bd26, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x4044054)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
socket(0x2a, 0x2, 0x1)
bind$auto(0x3, &(0x7f0000000080)=@qipcrtr={0x2a, 0x1, 0x80f0}, 0x6b)

2.130614708s ago: executing program 1 (id=1640):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
sendmsg$auto_NFC_CMD_GET_SE(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x44110}, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x7, 0x0)
socket(0x2, 0x5, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x648d09886c376be0, 0x80002, 0x5)
socket(0x2, 0x1, 0x84)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x0, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/nbd12\x00', 0x6600, 0x0)
openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder1\x00', 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nfsd(0x0, 0xffffffffffffffff)
socket(0x2, 0x2, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x181040, 0x0)
openat$auto_tracing_saved_cmdlines_fops_trace(0xffffffffffffff9c, 0x0, 0x48400, 0x0)
openat$auto_proc_uid_map_operations_base(0xffffffffffffff9c, 0x0, 0x1, 0x0)
openat$auto_binder_ctl_fops_binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
pipe$auto(0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/platform/dummy_udc.0/udc/dummy_udc.0/maximum_speed\x00', 0x0, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/irq.pressure\x00', 0x181182, 0x0)
openat$auto_ocfs2_control_fops_stack_user(0xffffffffffffff9c, &(0x7f0000000040), 0x641001, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000340)='/proc/asound/card0/pcm0p/sub3/xrun_injection\x00', 0x8a180, 0x0)
socketpair$auto(0x800001, 0x2, 0x615e, 0x0)
close_range$auto(0x2, 0xffffffffffffffff, 0x0)
open(0x0, 0x22240, 0x55)
openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)

2.072266129s ago: executing program 3 (id=1641):
r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/039/001\x00', 0x4a901, 0x0)
ioctl$auto_USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f00000001c0)={0x0, 0x80805513, 0x0})

1.944734939s ago: executing program 3 (id=1642):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/clocksource/clocksource0/current_clocksource\x00', 0x8502, 0x0)
write$auto(r0, &(0x7f0000000440)='Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9m\x1a\xab\xd5\xef\xc0\x04z\xd0I:\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1a}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcbP\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x19\xcb\xdd\x81\xbe\xdeL/\x06(\x03\x00\x00\x00\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3C\x1aC\xcaF\x00\x1f\xa2\x1d\xa2\xe2\xb7\xb5\xcc\xc3\xf55_\x95\x03\xc6\x84\xfe)I\xbf\xa1\x92\xe6\x8amP\xac\xa3\"\x05^\xfa\xb3\xc6\x9foy@l+y65\r\xaei\x00\x00\x00\x00\x00', 0x3ff)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000)
io_uring_setup$auto(0x6, 0x0)
socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
pidfd_open$auto(0x1, 0x0)
socket(0x2, 0x1, 0x0)
read$auto(0x3, 0x0, 0x8080)
write$auto(0x3, 0x0, 0xffd8)
unshare$auto(0x40000080)
process_mrelease$auto(0xffffffffffffffff, 0xa)
connect$auto(0xffffffffffffffff, 0x0, 0x54)
madvise$auto(0x0, 0x200007, 0x19)

1.559254907s ago: executing program 3 (id=1643):
mmap$auto(0x0, 0x40101, 0x4000000000df, 0x100000000eb1, 0x200000401, 0x8000)
capset$auto(&(0x7f0000000100)={0x20080522}, 0x0)
waitid$auto(0x9, 0xffffffffffffffff, 0x0, 0xb, &(0x7f0000000180)={{0xfffffffffffffff9, 0x80}, {0x2, 0x6}, 0x4, 0x5, 0x1, 0x3, 0x0, 0x8000, 0x80000000, 0x7, 0xb7, 0x1ff, 0x5, 0x7, 0x2055})
mmap$auto(0x2, 0x400008, 0xdf, 0x9b72, 0x2, 0x10000000008000)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
socket(0xa, 0x5, 0x0)
r0 = accept$auto(0x3, 0xffffffffffffffff, 0xfffffffffffffffd)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x2, 0x0)
sendmmsg$auto(0x3, 0x0, 0x787b, 0x7000000)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
pread64$auto(0xffffffffffffffff, 0x0, 0x200000000003, 0x2f4a3a23)
r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/ip6_vti0/stable_secret\x00', 0x2, 0x0)
writev$auto(r1, &(0x7f0000000300)={0x0, 0x200}, 0x3)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptye9\x00', 0x101e81, 0x0)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x2c402, 0x0)
r3 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000980)='/dev/ttye9\x00', 0x102, 0x0)
ioctl$auto_BTRFS_IOC_SCAN_DEV(r0, 0x50009404, &(0x7f00000009c0)={@inferred=r1, "88ad63206ccd797707c4ca706184287300f7e5774e92ce7773a5f6fad2bc099381030d1db77d3f691f91cb25c2e757f22e7ce29f7496a49b3d4992feae4436741b00b1f124d5c0277a69d2ffa24b1d27d80fcc747525b3ed04a3c22ad072f09e33b706c3bf395dbd7a8b27215279d2f57397fc8bd6bdfdcacc565580fc7c6f9348864157b038449930b0b3f8d36341dfc16d90ff1564d3d8482a632af42e950b51e645da117e2ba05c3e4bb8d77581af0de619321e0afc5be2c7ef1473dbf94bbebfc213c9485e0528007e4cf73e10a7b50dd6273570794c5807ee4f2e184246ae35660d0e312b143bf15175858822afba87f3085a5d4e2e5d1650e293caac2b3acf26210cfbeb778e29ea9d78c1bda26831fcc886e082ab9835af39aaebce70f9c524f11f3c1c757a3d8be320eeca66331855d3a65c3e395097bd4de0413ee39a5befa5af40c91f06255a524bb6ad887ede84906641a45aede2af469f9742cfe717267191b3463448ec46db5a8f8f6d172ce937b6057572467c8e8816140e4e86b14175b61d66470953390b244e6efad985c6b36dbd37ab1eefb05d093dc57c820cd6157ec50f12a0fa49877b24d43f9a4407a8fe835f5cbd68b6aa8c60b55afd7c056f1cb0a4e69cb21aba7512e03fa5c4129ce8fbf2ccda266430b9dc8d2ef425d06820606ceb4a7e04f3c15aacf44683aa4bde77c2d35dba198d57e565c5dca754dc10780017de9342b71400f67fd3e747fd39394eccd00b3c4940b1aaaee47b01a78122745f4924bbc9ebc035627f62ab087199afa41225f017b225a82de7e5585ade997a133866f4e848f82d685226d1dbf37bbd60e10fff8f7d219d3636e2fef15de0b8ac1fb85311cac70b42c7cc8f74035f2abad93ee6189763231170254aa1b4f66f940412a251706d063dca6850b60c5bb9a4909c52e74f5ac289fa8a76eb882ee5b115f1ee52a926659e8c4f814b3a32b214b562241af96cc308f6a108c7e15c40dae7e58909235f5529f2f907dc2c1a7a703cf2331636e4a529c6e61bc2d42c95227c8e1f3893fbbc4f9c8425e5ccf338b415aea9f8215766feda8c5ebbc90a181e12a972f102d89572acf5da73e70cd4e3dfcea8b5930e4cb53e95fa1045983f76cc4f58348850585fbbbba33717fb6ecc663773eae12d07e398e66fba3a9dadea95649a759fd5d463b4dbedb2b72dc8d829884887b3f42367377847ded7def24b89ccac78513bc4066733ab85d1df8b51e1cff1fdfc99380407ebbeafb020d5a4f86522060762ca5629c5f8f1fef230bf2cc25f8292ae50a198ba0e00f6d57abfc9ebef9e9efce341687f1add2c2d89d394c5388ee9ebf64cb6b3c013ff8166fb00fc3e7eaa89d9db34e0d8bfcc56ce8757766da01d31addbdb346ebef9936184c475fd5764a4de7eaf8d9989800cd8b3112ceb287559783e5c7399a3abdc05d9af5f35241df6970043e2355c3f2866d587c853fe51b83392eeb164f7238bf27096fa891dc8734df1795031e30b3764199d317f1211167f4d858c23c39784e6b84a6b2a35448e214d6742314e31fc700ba4aff1f15b059bb00b09b7fd2ab845a76c6c3f5d88a973f64e7e76801726abc357c616ec2afbe9a88169da2da7463fd4759d98ddbe31fcb867b3f330485fc4e7cae87cd42bb08fb13b8120d68a7905682621aba77bbf17a2c76a95027cb3355ccec97a6dc03c321923677078bde4d9a88be7d60356f42dbd194627c4732a3b4039e715d5e2cd9a49007f828db63bebd299f9c7dd0d246e78442ceb7a19b237f221165c4db2272ed909257822b765beeda5007e954edaf8048ddebfd4d55df0bb3cd37a2e90e0ff8ea14ca916b87f034ebb11d1765da6e1268bf68d90119efc2f62c910bf026d9d13d795130610a159e1a8bc69120dcd661cd2ab72f0b7cf39fc67f3644c8caa8cfcd9c5fefb584a1b83b417a1f4caf17747a6e67d9f0aff9b25751422d26bd45fb18b498fbb19579d7712affa9f3d835ba56324a0f2281612a60be987790bc515949ed76d2ecdf64a5a4b645e1baa0014448d2934d70452512ff16fa95e9c9e274e1b0f496de16fffbe297a42cca884429a4ccfec42584935bb777de5d29c8ef935a8d8f5d8e448cf33a55bee1c38ac24c30ff8708180e6fb1895f97c5a8c5ec50732522ce14f947200dd10b4fa4a956896582403a44f413852b2dd8e68804426aeb74ef1be553c59f1b77a5224b769bb346e7a0b766d87075ac428b1efa70b82bd5afab487237323c0a45f207564e1ec4ca1711e9312e8556b0e93e4de6b850bc28f6c4e1dccbda9e85c9c17814223abcfde0e223d24be20a34b0715f2acfd8366f90adda12afd6f311ffe31ea46b8c6d802bd2d9bf37d703aa892c20bb5bdd0e13187e837770fcf5d11361ecc072d127dd7d0259f2b3d01ee0a3d55ba2046b01f4e44275f9049f9bd9b31cc31080f9476cd919061938c33568440676cc7912cc30327fc9488971dab58105aa304984661e89c083d37a930991c213019cdc75e60452fcffbfa864f213940a1f719a3008c72c854a99584f040c9587d74367daf8bfdc99cc18928e9c43a88e0e45cae0240f4df1265e9917c92d8cc4f35f252b3bbb3f108c2b1595aa0538c06be131683c6e94574cd3a5b6544d701acd29c92baf5721993d6f9d0d6fa6b8d2933b9648a99a14e40247bbc78e5bcd6caa86242b14d1b8825dbbc270cdbb41d7d73998e240f5c879bee3f272cd1fb2fbe3357e4cc9e6e15c33d3c4c5e18f612a4cfd81bd9a28ca4779f07b00c36507582ab779429ec42d5cb7de946c0b506ab3220ab988d5605cbe4325e2b6e6fd2bd04370667c120c05c4da9b8300446067fdfa5ef233690e8a41a25ab9b3d2994e08965681a2de53856cad53381047cfe7b3ddb1ae10beb8a7a07d34d4cb64191e39e3d9541f21c9cbc35351894431abb0c2426f87917fc5ae90cf40abfe46142205b7c7356e3aa18e9b7f7adb8c421eec6e987e21716c2b4237288a9ad72ef9ad0e6931cd81db6191627c362ac5b43558bfcf7680428131975bee317322389d7faf5a978e01241e7930d9561d4ae2f5f0ffb82111d7620c827fe9362c481d003650d257f1b4c7e0a100ebf6163e7d1311ba4221444316d0f8ca9d62591b86dacdbf11054e4de680edbc1435cb09968d268f7c5cf236308fb6512ef3c09e90cbd1b9edf1e2ffe8661e26c0e30ce5d8e6e04a84bf0cc3fc3ddedf74026296badd8c88a9562c0046817d0dc91347af84f5fb3ad91927b9705b55ef5f51334700eb953355e21cb005930b1d9971d470a52725d14a64c2ab7bfae2c1dc9c24cebc85a2378ecb7253c1b24577e948c286a3c719cc35f15b9b7cc462027eea1dd52e1431ee0b64f41775bf2831e6d0ff8cfac2f3bc7ff361d65907e6dbfbc4852ed259cd3003374179025ddb636470c01f65e12b8de52577a200720faf8f726dd6787fbaf44edd4c4d92912d0e9b0ecbc65d55d0a24203b03e235c47ede481ac7a7bfd2deee41b4cf3aa387a363a2a7fc8b23fad50eaa74de7d7fb74f003d00d496563f9d10590781717f902140cf1648e49e2a3b8f376d423f5a0dfdd1ac365d9f58bd2c38002fbd6aadd9a12a348d854161bf7c9863b13b63910c8e70e34241b148c5e25e2525bc68dada81dcde3cd4ea76b9ec74e0f6ae21062514e438c38cb7dc1076951a0d0e4a771cfbd5d6fac692f24839c8680feeb624bf3e7c292fc951fe1dfb022c79439ff02310f55a70a55a505c80fafa985b2c01d6f9576cb9c539608fcd785d402939014cb4a3d8518c6da932c0f9f9ac8b14eb0fe9ab4106f063387e6d3551a83b2438f1d8f1a6afebff554de4362705ea878d4c8559925d5facffa5439d40f959b9fb4ceb4240f5760bfd4bced55645dde3531945877bd4cb85631def7f868b87206513c5e56112ae03f5653a2022767da239a68fb4a3939819e80337600f53b9c0496b1cbc320f1d2ed174624f4d44602b7a3a827750c545f2ee3cb08dec488fa4726cced2cc94dca983b1bca72d4989c5633fed7018e826e0a89257cb9210f53583e892231406211a26e0b8c186e64dd22764143cfcff65736abbd3ce2b291456cdf59bcfb1a42819b1b1cb8d95a81149554e1806098fe1b313a391df1bc599b55db3b09175b4c317acbea373c587f8e9e82e697d65243d54c7ccaaadb11fe8a638428e7e3769702dd4d542cd4a0b5f086b5818c7928401cd42742e9b86687d4679116bf2688b2c0bdb3a6d43d45e5ee937690ba88b93e39ca7d04b01496ed603c00a508c937dcb29971bfc41d601ab8f415f0bbc0b3e7935ffa4a928f5e750a7b40a903fa15ff86d76f327589c1235ef84c84964d7fab7dd01af63a4041c7e04b31e9e251f4c5169edc44b5b02cbc50f5cc16c0cd2a12a32e821c215afafba0955847fbd8761cdc40be3228f38d44f504380b93e5971a679d85218b8f14451faacc88f48c98241c732e753367f668da5625c657f12f25570de9310f0b35110eb23d62af742dd7a586dff1872d5cae79fda7297e855016ba0272354bd81d4d27005e30340772bb62f9d019513bd9fd50d6676bfb8ad01bb6f4ad0d86f478eab4f2b7c4e733738de5129c36e2933e1947e1d7369d7ac2dc58d9aa8b3cb83fd986036ec0ce4f917008cce68ca45aed583c113a9b5919383e003a805504ee91225e4801951b16cf73dcf83e3dbd12de06fdef33963229c000bf713ba916851f6cb313b700a8a5a4e05b528cf85bae9e100d21df8a51af9ead1b487dc43d2e689ec2a2221a6cd1e81a520972241e48c2c51f3afe5392250207bb5c8434431e2f29599bb5f3dec4e779f78ee3aa265fc5170cb352e40df0e0e752f04e2743f7e0f0bff11312e3213ee9cd9229a3b3e3a3d16742a114743e069be22ebc4cbaa83cbff6b886c95abef761b9181dfe5dba4cea6f9d51a20003fdd9e21eb70d0c03dd1f5a3030146705cd61a6d21165d6d1858d7009e4382570319ebf2f5bba28aefcd96f232cd04de8b7045714c3d1c79537ce7808ea0697108376cc85979157b64977cbb04a127edfa04b0b5d9ebd29b5a491a913d98e0e3356dc48043b27f6139aa27e8ef5f2ccbaec90be73281fd65c6b0e0039a4718961e3debad8573d1cf28c0e4c0dc6d853897c41469cf831e1ad392182d8a2edeb20c97b6a4c4414b37ccdcd405fd3f24da82498ef2a8ef9be04318e21a6105c314e70654a02851dfa6827a5523e9d3535f2b5f7862f44f3e760b441f67c07e3d00d43e2084fae4b0eaedf4466cf9aacecfa5ad2dc9060d53037ed21b42eb42abef1d96f0f3e49998d61ff6c952c26463e98280a4d1083ea75027ca7758ff68805963b247f800310711bf2843fbd7c93bc5357d7158f20d2d7854d76c7064cab65adff7116d94a0fb9d4d25ecec6492e0e19dbf6709c9ee8dd31b3aa4e232c459d5eeb673fb86b15b19290599460d8c0c181b14bfee43b2dcb342ce29445c5936d9f97357a590e64c81635e1016efa62b12ad1ec9ba1650b97fa5ac82f76a92fe19bb78c8bd6e1fd2072df9779946dbe04aaa4a663a889f1278173bbbc83f6162c1db8e41a2ac3958ecd60f491e8a6c8f1d63edbb7c70ad0bc987824d731c8eee4d4afd13ff3e38212500f76f4289674b5b82795eb7a73cc93c173ee7f55132cd1ff02062f60d4a3f36f6136cd7a2292ffa67bc0ede2e86ff942890c1fe81024371f8f7b0a8b37c7e255f32c9888a2e9b9447ff8b69933c6f414ed69d6e0d1f0d1b2ef3a05d1d"})
sendfile$auto(r3, r2, 0x0, 0x10000)
close_range$auto(0x2, 0x8, 0x0)
semctl$auto_GETNCNT(0x0, 0x4, 0xe, 0x4)
mmap$auto(0x81, 0xe983, 0xdf, 0x8000000000000010, 0xffffffffffffffff, 0x4000008000)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/user/max_time_namespaces\x00', 0x202, 0x0)

1.557195851s ago: executing program 1 (id=1651):
socket(0xa, 0x3, 0x3b)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
mmap$auto(0x0, 0x30009, 0x8000000000000001, 0x4000eb1, 0x401, 0x48000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
r0 = socket(0x2b, 0x1, 0x1)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r0, 0x0, 0x200c0885)
listen$auto(0x3, 0x81)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
getxattr$auto(0x0, 0x0, 0x0, 0x4f)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x1220, 0x0)
mmap$auto(0x100000000000, 0x58000000000, 0xdf, 0xeb1, 0x3fd, 0x8000)
socket(0x11, 0x80003, 0x300)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/system/cpu/cpu1/cache/index3/level\x00', 0x400, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000080)=""/58, 0x3a)
sysfs$auto(0x2, 0x1b, 0x0)
fsopen$auto(0x0, 0x1)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/rpc/auth.rpcsec.context/channel\x00', 0x101002, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/midiC2D1\x00', 0x20980, 0x0)
write$auto(r2, &(0x7f0000000100)='/d-:\xe7J\x00'/23, 0x1eb0800)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000340)={[0x1fc, 0x5, 0x2, 0xa8d, 0x948b, 0x4, 0x6, 0x2, 0x87, 0x11000000, 0x300000000000000, 0x5, 0x200000006d3c, 0x5, 0x10, 0xfffffffffffffffc]}, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000080), 0x40, 0x0)
openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)

1.417463392s ago: executing program 2 (id=1644):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x26, 0x2, 0x14)
socket(0x1a, 0x80003, 0x300)
socket(0x2, 0x3, 0x100)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2a, 0x2, 0x0)
r0 = open(&(0x7f0000000140)='.\x00', 0x0, 0x408)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/nbd13\x00', 0xce140, 0x0)
socket(0x10, 0x2, 0x0)
socket(0xa, 0x2, 0x73)
io_uring_setup$auto(0xa, 0x0)
r1 = pipe$auto(0x0)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0xc7f16bff2a10ba01, 0x0)
ioctl$auto_TIOCCONS2(r2, 0x541d, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x500, 0x0)
openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$auto_EXT4_IOC_CHECKPOINT(r0, 0x4004662b, &(0x7f0000000080)=0xc98e)
socket(0x11, 0x4, 0x8008000)
r3 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0)
ioctl$auto__ctl_fops_dm_ioctl(r3, 0x2, &(0x7f0000000380)="dcbb5fd7054bed139fb7f9fb1dca8fe1d88f65ee057c0e6faac40d106e4f0d52edf6e31c48e8d983ae3431fa707225c2c387e1a200b38759ba8e9187200e6d044ef46a534de751b1436f20ed7071b254509700aa726ea003a1b7b9ce2313756dc84bc4556ddac694c4553d72ed13a885176712c9cff968f74bd1d14ff734ad08e60cf7e7a7dd07d2b6ca9cb21ddaae68d2969afcf6c734f6ee1c63b1c93abf32264f9ec022b64c903276298739ee8ae7ac1fe14534ad54004f39ea1b99964702554c1494e1742baeae527cf3007d50fc92e924f73b6288e5d9fd071d2fba76b2fabd3faf5229f4c3168226346e3087026d3d2c8aed398d4988971e05ff0ab9f5f2328e7f51d5061584b44581a4c83e413718d3a82f87daf87d1d5a2c32fbaa58f095fbf34ccc603b632155c27289cb5598049a7c9160dfe8a01d5a1983408082941eb39db2a09c5a34dc876dfa58a589687aa0cf6be7b5b084a8f753758332896ec3adad7a79b751908ee2b3d25131f44185a0ed8d20e9b6b8a1ed11402b02e544b67caf3177eda039e64aaf295eca7953c165fa73afca96d7750663711101c6e14e44817c6ad4b1474132dd441ca5c9d7776c871ffacbd96910496cad7010b9b526135e84")
ioctl$auto__ctl_fops_dm_ioctl(r1, 0x2, &(0x7f00000000c0))
r4 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20b42, 0x0)
ioctl$auto_SNDCTL_DSP_SPEED(r4, 0xc0045002, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0)
mmap$auto(0x0, 0x8, 0xdf, 0x13, 0x2, 0x8000)
setrlimit$auto(0x1000000007, 0x0)
socket(0x15, 0x5, 0x0)

1.301522337s ago: executing program 1 (id=1645):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
mmap$auto(0x0, 0x3, 0xfff, 0x9b72, 0xffffffffffffffff, 0x0)
mbind$auto(0x1000000, 0x2091d2, 0x4, 0x0, 0x6, 0x2)
syz_genetlink_get_family_id$auto_ipvs(0x0, 0xffffffffffffffff)
unshare$auto(0x40000080)
openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000d00), 0x0, 0x0)
socket(0x2b, 0x1, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
preadv2$auto(r0, &(0x7f0000000280)={0x0, 0x80000000}, 0x6, 0x3, 0x4, 0x2e)
ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0x42, 0x0)
mmap$auto(0x0, 0x4, 0x6, 0x800000000eb1, 0xfffffffffffffffa, 0x8001)
mmap$auto(0x4, 0xa00006, 0x2, 0x100000000040eb1, 0x602, 0x300000000000)
ioctl$auto_USBDEVFS_DISCSIGNAL(0xffffffffffffffff, 0x8010550e, &(0x7f0000000540)={0xfff, &(0x7f0000000180)="f2e37aa851f172bd24308737938225756749a2cd058f981d81224e731c1514b4fd0290f2fb02e666a68c1d72ad5615b16c73b5c0cedf17801dfece4a243f6e3a47ecc1c5db92b3500cefe0e7c269c25cd32701679442d287388dedeedd83d20b9d079d0a971a993bfa4a4499f8631caa1722a7a93bf39c2535ea752a9b05e21efeebdeaa71269153bdd6ba4fac9b230a6653e8cbaf66e11ea7c105"})
rseq$auto(0x0, 0x80000002, 0x8, 0xfd)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x7fff)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/platform/dummy_hcd.2/usb3/ep_00/bEndpointAddress\x00', 0x48500, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f00000010c0)=""/4090, 0xffa)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x112)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$auto_EVIOCGMASK(0xffffffffffffffff, 0x80104592, &(0x7f0000000000)={0x2000, 0x800004, 0x105})
openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, 0x0, 0x50a81, 0x0)

318.911848ms ago: executing program 0 (id=1646):
mmap$auto(0x0, 0x1, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x0, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/nbd12\x00', 0x6600, 0x0)
openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder0\x00', 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nfsd(0x0, 0xffffffffffffffff)
socket(0x2, 0x2, 0x0)
socketpair$auto(0x1, 0x2, 0xfffffffd, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x181040, 0x0)
openat$auto_tracing_saved_cmdlines_fops_trace(0xffffffffffffff9c, 0x0, 0x48400, 0x0)
openat$auto_binder_ctl_fops_binderfs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/platform/dummy_udc.0/udc/dummy_udc.0/maximum_speed\x00', 0x0, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/irq.pressure\x00', 0x101102, 0x0)
openat$auto_ocfs2_control_fops_stack_user(0xffffffffffffff9c, &(0x7f0000000040), 0x669400, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000340)='/proc/self/net/route\x00', 0x8a080, 0x0)
socketpair$auto(0x800001, 0x2, 0x615e, 0x0)
close_range$auto(0x2, 0xffffffffffffffff, 0x0)
open(0x0, 0x22240, 0x55)
openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = socket(0xa, 0x801, 0x84)
getsockopt$auto(r1, 0x84, 0x82, 0x0, 0x0)
ioctl$auto(0x3, 0x80106f53, r0)

318.672405ms ago: executing program 2 (id=1647):
unshare$auto(0x40000080)
keyctl$auto(0x40001b, 0x1, 0x0, 0x3, 0x100010006)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x1c9282, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x101382, 0x0)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
sendmsg$auto_IPVS_CMD_SET_DEST(0xffffffffffffffff, 0x0, 0x4044000)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008012, r0, 0x8000)
mbind$auto(0x5000000, 0x2091d2, 0x4, 0x0, 0x6, 0x2)
mlock$auto(0x7c88, 0x7fff)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x3000000, 0x0, 0x40000000001, 0x0, 0x5}}, 0x100003, 0x9)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
bpf$auto(0x5, 0x0, 0x7)
r1 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/thread-self/maps\x00', 0x0, 0x0)
pread64$auto(r1, 0x0, 0xeda5, 0xc86)
mmap$auto(0x800, 0x1000, 0x7, 0x18, 0xffffffffffffffff, 0x7f)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0)
r3 = setfsuid$auto(0xee00)
getsockopt$auto_SO_WIFI_STATUS(r2, 0x37a8, 0x29, &(0x7f0000000480)='*&-|[\x00', &(0x7f00000004c0)=0x8)
r4 = setfsuid$auto(0xee01)
setresuid$auto(r3, r4, r3)
lgetxattr$auto(&(0x7f0000000740)='.\x00', &(0x7f0000000780)='\xda--\x00', 0x0, 0x100)
r5 = setfsgid$auto(0xee01)
setresgid$auto(r5, 0x0, 0x0)
r6 = clone3$auto(&(0x7f0000000000)={0x3, 0x0, 0x4, 0xfffffffffffffbff, 0x8, 0x9, 0x2a5, 0x0, 0x3, 0x8, 0x8}, 0x2)
capset$auto(&(0x7f0000000080)={0x1, <r7=>0xffffffffffffffff}, &(0x7f00000000c0)={0x0, 0x3, 0x6})
shmctl$auto_SHM_LOCK(0x8, 0xb, &(0x7f0000000240)={{0x2, r3, r5, 0x5, 0x9, 0x0, 0x9}, 0x6, 0xd3, 0x8, 0x9, @inferred=r6, @inferred=r7, 0x101, 0x0, &(0x7f0000000100)="6bb8c4c920b8b1a16d4ee7557eb5dc2b358c59ab4845a0022f4cd8c51471dd3966b85d601b1cfcfbd7e0ed72f1eea0dfbf730ce82bf0925abc7f4243c819f8d220d6192ecf21635fffb1a082aed254d20b420bdd6e64677ed7a26d10802e73bd227c720f0e7fb9db0fdb02aabac203396fa59fe7fa8bc5e3f61873bba0451b8a009b2d5bdd8562cc8347515a582ad69399b5249d1f6c975be96d3b97322e6fc8be1f3b3e5d56c7935dba9d790ff6", &(0x7f00000001c0)="45d875fd2396bb78dca03cd3cf3b503de4bbdf3bc734832f3148d889ddbbe22dd1db7ce9da3ac0295e52db3397f9a10c711208a35d3a27f2f74d66358db662bcf8eb51db6c1750f18366a4b517818f4ee8403d64615c060705fcf2e482d8abfa51509118e31820d6d8195eba81b9590b924ed1a8746cefe90f6cdf8da0cff2b7"})
write$auto(0x3, 0x0, 0xfffffdef)

318.459115ms ago: executing program 3 (id=1648):
r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x48840, 0x0)
mmap$auto(0x0, 0x400008, 0x36, 0x1009b72, 0x2, 0x8000)
socketpair$auto(0x409, 0x5, 0xffffffff, 0x0)
setresuid$auto(0xffffffffffffffff, 0x0, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x123002, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003f2, 0x15)
madvise$auto(0x0, 0x200007, 0x19)
r1 = open(&(0x7f0000000100)='.\x00', 0x591002, 0x408)
r2 = epoll_create$auto(0x5a5d)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000001500), r3)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/workqueue/nvme-reset-wq/cpumask\x00', 0x9c0302, 0x0)
sendfile$auto(0x3, 0x3, 0x0, 0x400000000006)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000001540)={'netdevsim0\x00', <r5=>0x0})
sendmsg$auto_NET_SHAPER_CMD_GROUP(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000000240)={0x34, r4, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@NET_SHAPER_A_HANDLE={0x14, 0x1, 0x0, 0x1, [@NET_SHAPER_A_HANDLE_ID={0x8, 0x2, 0x9a0}, @NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0x2}]}, @NET_SHAPER_A_LEAVES={0x4}, @NET_SHAPER_A_IFINDEX={0x8, 0x8, r5}]}, 0x34}, 0x1, 0x0, 0x0, 0x44000}, 0x14)
move_mount$auto(r1, 0x0, r2, 0x0, 0x176)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x2000000, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000)
openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000011c0), 0xa2741, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0)
openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000000080), 0xb0202, 0x0)
r6 = fsopen$auto(0x0, 0x1)
fsconfig$auto(r6, 0x6, 0x0, 0x0, 0x0)
read$auto_msft_opcode_fops_(r6, &(0x7f0000000140)=""/81, 0x51)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x9}, 0x8)
write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x84)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f00000000c0), 0x505841, 0x0)
r7 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000380)='/dev/snd/midiC2D3\x00', 0x1, 0x0)
ioctl$auto_SNDRV_RAWMIDI_IOCTL_INFO(r7, 0x810c5701, &(0x7f00000003c0)={0x8, 0x7, 0x0, 0x8, 0x3, "643b20f2cd9ca66a9446432dc65b1c3b559de8abce8c88f80e0b47261f8b92863f99d3e64297ddfbc4a6876738b09fb23dff3c7b2b78ec47f280f456bbe75d35", "0dca75fa79eef4e966898575354caa255fc0d2576bd32d5ff9e62c43a490376947961558ce5215d0a3076f89e5e14cec5684723a5e80b0947c116da9ce16f1e043c0802bafd899e4e903b990690a10ee", "8869480c8c4a4a74848f9fb21f8167479d358f1ff61bb53902f195a35c503c5b", 0x1, 0xffffffff, 0x2, "3baaa9f6273476c2182fee840366cecdbb4ea3c1a5f9dbd939698a4eac17f8a1a6dd1c884933614246ef326a762dc75f1e83e9acddce00b658d97a2f"})

0s ago: executing program 0 (id=1649):
mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000)
syz_clone3(&(0x7f00000004c0)={0x2000000, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r0 = socket(0x1d, 0x2, 0x6)
r1 = socket(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r2=>0x0})
bind$auto(r0, &(0x7f0000000040)=@can={0x1d, r2, 0xfd}, 0x6a)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x21}}, 0x40)
sendmsg$auto_NL80211_CMD_SET_WIPHY(r1, &(0x7f0000001540)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="14002300d4ef43a9f95d8b4eeef064db60b177e34ae02e300e2109f9a02e1760bc71cdd5c2f309fc9eb4cba661fce8c4ea4c5fa76fc0ad7c6e29254505b71ce72ec77c59f0be92427a0a94103313f7cadc7f7698e022d14740db58eede6b72ecd64cbbcd845adf8e08eacdcc2bc8e924f8af897ee806e75983907a67eadb1814aae5e1cc65668ade5f4e89ba4cb5f1d979103be671936bb663c94a9c365f123cb53cb410dfc3d0483ddbdf184a615843245c91f90dc848946fe1e86cf04b28677ca48e57e0bfe5e10635069392444cbcd7c93b38d0a7318e625da21fd1395b91e58a19d405911ef9cad9417985d83a4aa894f64d358c2b8bc1d1f8fb0fa013d6ce1417788f9151446bbb1fff30b2cabd2c3cb518b323f96adaaa65d2bea7aa444104fb7bd44bf40b9c55a3d93d8d75430ea5173f5640985ad58e2e4d8cf11fb4cf1ad32e", @ANYRES16=0x0, @ANYBLOB="10002abd7000fbdbdf2502000000"], 0x14}, 0x1, 0x0, 0x0, 0x4048091}, 0x40000)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16, @ANYBLOB="0508"], 0x28}, 0x1, 0x0, 0x0, 0x4004044}, 0x8000)
mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x9, 0xdd, 0x10000010020eb5, 0x40000000000a5, 0x0)
socket(0x10, 0x2, 0x0)
sendmsg$auto_ETHTOOL_MSG_RINGS_GET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000bc0)=ANY=[@ANYRESOCT=r1, @ANYRES16=r2, @ANYBLOB="08002bbd7000fbdbdf250f0000003000018008000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRESOCT=r3, @ANYBLOB="1400020076657468315f746f5f6261746164760008000100", @ANYRES32=0x0, @ANYBLOB="0c0001808800030058feffff0000000008000300fffccf440bef4eba90f15ea36f633aae3db0efd258b25ae74c845933327cef1165f768b627ef9a7caed04bdfd2f372c1194ec72151c502d664c9a207f3c18f6c281ad32c6da3d2949b5358e5d106b96a14a50554c3ff581b49546b49c00116f44bd71db132c1762d274bede0246181b89ce4f0618f4d1e41fcfd53647d507b5cab9677b17d824d4bde2b60424c11d13aa53a4021bd47efe771ee562a4de2de3a367f135675c72a0229418e0f5fb6efd9eeec48522f705d5bf0f5ed58f32ddb6d6727cfa6c367b1e53b9a521badd6233734cb639362", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRESDEC=0x0], 0x74}, 0x1, 0x0, 0x0, 0x8800}, 0x1)
r4 = openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000040)='/proc/kmsg\x00', 0x0, 0x0)
ioctl$auto_TUNSETVNETLE2(r4, 0x400454dc, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r5 = socket(0x2, 0x801, 0x106)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
setsockopt$auto(r5, 0x0, 0x13, 0x0, 0x8009)
read$auto_proc_uid_map_operations_base(r4, &(0x7f00000002c0)=""/39, 0x27)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = openat$auto_udmabuf_fops_udmabuf(0xffffffffffffff9c, &(0x7f00000006c0), 0x0, 0x0)
ioctl$auto_UDMABUF_CREATE(r8, 0x40187542, &(0x7f0000000140)={0xffffffffffffffff, 0xb, 0x2000000, 0x800008000})
sendmsg$auto_BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000440)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x20000081}, 0xc, &(0x7f00000003c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="14000000000c57d164d2ffef833b43ac78000000", @ANYRES16=0x0, @ANYBLOB="000825bd7000fedbdf250d000000"], 0x14}, 0x1, 0x0, 0x0, 0x40080c0}, 0x20000800)
sendmsg$auto_OVS_DP_CMD_NEW(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000004540)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16, @ANYBLOB="01009b64c23ef155546b01040000", @ANYBLOB="080005000600000008000200", @ANYRES32=<r9=>0x0, @ANYBLOB="0c0001"], 0x8d}, 0x1, 0x0, 0x0, 0x10}, 0x2000000)
sendmsg$auto_OVS_DP_CMD_NEW(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000840)=ANY=[@ANYRES16, @ANYRES16, @ANYRESOCT=r9, @ANYRES32=0x4, @ANYBLOB="00000000c3000000000000000000001100000000932c0f69a409a92a5468420f45a307061106b3275c1d13f84d72", @ANYRES32=0x0, @ANYBLOB="83855aad9565303a4145a38a5f9b600680bf790765593dc0a44d0718b8216038c2a57af3e071f78a5859fd45b9078d0ffa9c165ee4dc613b1c7a904bd06aea42667235ece031897ac69e373d7d1b8642c14927775a305529d355c3089cb1a1dc87eb16ff85c200000000"], 0x34}, 0x1, 0x0, 0x0, 0x801}, 0x80)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES8=r4, @ANYRESDEC], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)

kernel console output (not intermixed with test programs):

0x10/0x10
[  331.394818][T10402]  do_splice_direct+0x174/0x240
[  331.394833][T10402]  ? __pfx_do_splice_direct+0x10/0x10
[  331.394847][T10402]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  331.394874][T10402]  ? rw_verify_area+0xce/0x6d0
[  331.394895][T10402]  do_sendfile+0xadc/0xe20
[  331.394919][T10402]  ? __pfx_do_sendfile+0x10/0x10
[  331.394945][T10402]  __x64_sys_sendfile64+0x1d8/0x220
[  331.394961][T10402]  ? ksys_write+0x1ac/0x250
[  331.394973][T10402]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  331.394995][T10402]  do_syscall_64+0x106/0xf80
[  331.395014][T10402]  ? clear_bhb_loop+0x40/0x90
[  331.395030][T10402]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  331.395044][T10402] RIP: 0033:0x7f6795f9c799
[  331.395056][T10402] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  331.395070][T10402] RSP: 002b:00007f67941f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  331.395084][T10402] RAX: ffffffffffffffda RBX: 00007f6796215fa0 RCX: 00007f6795f9c799
[  331.395093][T10402] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  331.395100][T10402] RBP: 00007f67941f6090 R08: 0000000000000000 R09: 0000000000000000
[  331.395108][T10402] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001
[  331.395116][T10402] R13: 00007f6796216038 R14: 00007f6796215fa0 R15: 00007ffe372731a8
[  331.395134][T10402]  </TASK>
[  331.650610][T10424] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1062'.
[  331.949675][T10433] FAULT_INJECTION: forcing a failure.
[  331.949675][T10433] name failslab, interval 1, probability 0, space 0, times 0
[  331.967979][T10433] CPU: 0 UID: 0 PID: 10433 Comm: syz.3.1069 Not tainted syzkaller #0 PREEMPT(full) 
[  331.968001][T10433] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  331.968011][T10433] Call Trace:
[  331.968016][T10433]  <TASK>
[  331.968022][T10433]  dump_stack_lvl+0x100/0x190
[  331.968050][T10433]  should_fail_ex.cold+0x5/0xa
[  331.968069][T10433]  should_failslab+0xc2/0x120
[  331.968087][T10433]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[  331.968110][T10433]  ? __d_alloc+0x34/0xa80
[  331.968125][T10433]  ? stack_depot_save_flags+0x27/0x9d0
[  331.968148][T10433]  __d_alloc+0x34/0xa80
[  331.968166][T10433]  d_alloc_parallel+0x111/0x14e0
[  331.968191][T10433]  ? find_held_lock+0x2b/0x80
[  331.968205][T10433]  ? __d_lookup+0x25c/0x4a0
[  331.968225][T10433]  ? __pfx_d_alloc_parallel+0x10/0x10
[  331.968247][T10433]  ? __d_lookup+0x266/0x4a0
[  331.968272][T10433]  lookup_open.isra.0+0x57c/0x11b0
[  331.968306][T10433]  ? __pfx_lookup_open.isra.0+0x10/0x10
[  331.968339][T10433]  ? mnt_get_write_access+0x1e9/0x2f0
[  331.968364][T10433]  path_openat+0xa98/0x31a0
[  331.968386][T10433]  ? __pfx_path_openat+0x10/0x10
[  331.968412][T10433]  do_file_open+0x20e/0x430
[  331.968428][T10433]  ? __pfx_do_file_open+0x10/0x10
[  331.968450][T10433]  ? __pfx_kfree_link+0x10/0x10
[  331.968476][T10433]  ? alloc_fd+0x476/0x790
[  331.968493][T10433]  ? do_getname+0x191/0x390
[  331.968513][T10433]  do_sys_openat2+0x10d/0x1e0
[  331.968532][T10433]  ? __pfx_do_sys_openat2+0x10/0x10
[  331.968558][T10433]  __x64_sys_openat+0x12d/0x210
[  331.968577][T10433]  ? __pfx___x64_sys_openat+0x10/0x10
[  331.968604][T10433]  do_syscall_64+0x106/0xf80
[  331.968624][T10433]  ? clear_bhb_loop+0x40/0x90
[  331.968642][T10433]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  331.968657][T10433] RIP: 0033:0x7f4690b9c799
[  331.968671][T10433] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  331.968685][T10433] RSP: 002b:00007f4691af1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  331.968699][T10433] RAX: ffffffffffffffda RBX: 00007f4690e15fa0 RCX: 00007f4690b9c799
[  331.968709][T10433] RDX: 00000000000c0a00 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  331.968717][T10433] RBP: 00007f4690c32c99 R08: 0000000000000000 R09: 0000000000000000
[  331.968726][T10433] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  331.968734][T10433] R13: 00007f4690e16038 R14: 00007f4690e15fa0 R15: 00007fffaa700768
[  331.968753][T10433]  </TASK>
[  333.644263][T10465] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1077'.
[  333.715260][T10465] FAULT_INJECTION: forcing a failure.
[  333.715260][T10465] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  333.838651][T10465] CPU: 0 UID: 0 PID: 10465 Comm: syz.2.1077 Not tainted syzkaller #0 PREEMPT(full) 
[  333.838673][T10465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  333.838682][T10465] Call Trace:
[  333.838687][T10465]  <TASK>
[  333.838692][T10465]  dump_stack_lvl+0x100/0x190
[  333.838718][T10465]  should_fail_ex.cold+0x5/0xa
[  333.838735][T10465]  _copy_to_user+0x32/0xd0
[  333.838755][T10465]  snd_ctl_ioctl+0x7ea/0x1330
[  333.838770][T10465]  ? __pfx_snd_ctl_ioctl+0x10/0x10
[  333.838786][T10465]  ? find_held_lock+0x2b/0x80
[  333.838800][T10465]  ? __fget_files+0x215/0x3d0
[  333.838813][T10465]  ? hook_file_ioctl_common+0x146/0x410
[  333.838834][T10465]  ? __fget_files+0x21f/0x3d0
[  333.838849][T10465]  ? __pfx_snd_ctl_ioctl+0x10/0x10
[  333.838864][T10465]  __x64_sys_ioctl+0x18e/0x210
[  333.838885][T10465]  do_syscall_64+0x106/0xf80
[  333.838903][T10465]  ? clear_bhb_loop+0x40/0x90
[  333.838920][T10465]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  333.838935][T10465] RIP: 0033:0x7f8c3959c799
[  333.838951][T10465] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  333.838964][T10465] RSP: 002b:00007f8c3a3ef028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  333.838978][T10465] RAX: ffffffffffffffda RBX: 00007f8c39815fa0 RCX: 00007f8c3959c799
[  333.838987][T10465] RDX: 00002000000006c0 RSI: 00000000c4c85512 RDI: 0000000000000008
[  333.838995][T10465] RBP: 00007f8c3a3ef090 R08: 0000000000000000 R09: 0000000000000000
[  333.839003][T10465] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  333.839011][T10465] R13: 00007f8c39816038 R14: 00007f8c39815fa0 R15: 00007ffdc0a0f738
[  333.839029][T10465]  </TASK>
[  334.402596][T10482] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1079'.
[  336.132062][T10519] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1086'.
[  336.284689][T10524] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1088'.
[  336.303988][T10519] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1086'.
[  336.367545][T10520] ovs_: entered promiscuous mode
[  336.856635][T10536] FAULT_INJECTION: forcing a failure.
[  336.856635][T10536] name failslab, interval 1, probability 0, space 0, times 0
[  336.884593][T10540] FAULT_INJECTION: forcing a failure.
[  336.884593][T10540] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  336.916703][T10536] CPU: 0 UID: 0 PID: 10536 Comm: syz.1.1090 Not tainted syzkaller #0 PREEMPT(full) 
[  336.916727][T10536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  336.916738][T10536] Call Trace:
[  336.916750][T10536]  <TASK>
[  336.916758][T10536]  dump_stack_lvl+0x100/0x190
[  336.916790][T10536]  should_fail_ex.cold+0x5/0xa
[  336.916811][T10536]  should_failslab+0xc2/0x120
[  336.916828][T10536]  __kvmalloc_node_noprof+0xfa/0xa00
[  336.916851][T10536]  ? keyctl_update_key+0xdf/0x160
[  336.916878][T10536]  keyctl_update_key+0xdf/0x160
[  336.916902][T10536]  __do_sys_keyctl+0x302/0x5a0
[  336.916919][T10536]  do_syscall_64+0x106/0xf80
[  336.916940][T10536]  ? clear_bhb_loop+0x40/0x90
[  336.916957][T10536]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  336.916972][T10536] RIP: 0033:0x7f6795f9c799
[  336.916987][T10536] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  336.917002][T10536] RSP: 002b:00007f67941b4028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa
[  336.917017][T10536] RAX: ffffffffffffffda RBX: 00007f6796216180 RCX: 00007f6795f9c799
[  336.917027][T10536] RDX: 0000000000000107 RSI: ffffeffffffffffe RDI: 0000000000000002
[  336.917036][T10536] RBP: 00007f6796032c99 R08: 000800000000000c R09: 0000000000000000
[  336.917044][T10536] R10: 0000000000000803 R11: 0000000000000246 R12: 0000000000000000
[  336.917053][T10536] R13: 00007f6796216218 R14: 00007f6796216180 R15: 00007ffe372731a8
[  336.917071][T10536]  </TASK>
[  337.238518][T10540] CPU: 0 UID: 0 PID: 10540 Comm: syz.2.1091 Not tainted syzkaller #0 PREEMPT(full) 
[  337.238544][T10540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  337.238554][T10540] Call Trace:
[  337.238560][T10540]  <TASK>
[  337.238566][T10540]  dump_stack_lvl+0x100/0x190
[  337.238596][T10540]  should_fail_ex.cold+0x5/0xa
[  337.238615][T10540]  _copy_to_user+0x32/0xd0
[  337.238635][T10540]  simple_read_from_buffer+0xcb/0x170
[  337.238658][T10540]  proc_fail_nth_read+0x1af/0x230
[  337.238677][T10540]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  337.238695][T10540]  ? rw_verify_area+0xce/0x6d0
[  337.238718][T10540]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  337.238735][T10540]  vfs_read+0x1e4/0xb30
[  337.238751][T10540]  ? __pfx_vfs_read+0x10/0x10
[  337.238763][T10540]  ? __fget_files+0x215/0x3d0
[  337.238781][T10540]  ? __fget_files+0x21f/0x3d0
[  337.238805][T10540]  ksys_read+0x12a/0x250
[  337.238818][T10540]  ? __pfx_ksys_read+0x10/0x10
[  337.238836][T10540]  do_syscall_64+0x106/0xf80
[  337.238857][T10540]  ? clear_bhb_loop+0x40/0x90
[  337.238875][T10540]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  337.238889][T10540] RIP: 0033:0x7f8c3955cfce
[  337.238902][T10540] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  337.238915][T10540] RSP: 002b:00007f8c3a3eefe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  337.238930][T10540] RAX: ffffffffffffffda RBX: 00007f8c3a3ef6c0 RCX: 00007f8c3955cfce
[  337.238943][T10540] RDX: 000000000000000f RSI: 00007f8c3a3ef0a0 RDI: 0000000000000003
[  337.238951][T10540] RBP: 00007f8c3a3ef090 R08: 0000000000000000 R09: 0000000000000000
[  337.238960][T10540] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  337.238968][T10540] R13: 00007f8c39816038 R14: 00007f8c39815fa0 R15: 00007ffdc0a0f738
[  337.238986][T10540]  </TASK>
[  337.545215][T10549] vivid-007: =================  START STATUS  =================
[  337.552985][T10549] vivid-007: Generate PTS: true
[  337.557855][T10549] vivid-007: Generate SCR: true
[  337.562922][T10549] tpg source WxH: 320x240 (Y'CbCr)
[  337.568030][T10549] tpg field: 1
[  337.571457][T10549] tpg crop: (0,0)/320x240
[  337.575810][T10549] tpg compose: (0,0)/320x240
[  337.580476][T10549] tpg colorspace: 8
[  337.584270][T10549] tpg transfer function: 0/0
[  337.588924][T10549] tpg Y'CbCr encoding: 0/0
[  337.593413][T10549] tpg quantization: 0/0
[  337.597606][T10549] tpg RGB range: 0/2
[  337.601533][T10549] vivid-007: ==================  END STATUS  ==================
[  338.701653][T10568] bond0: no command found in slaves file - use +ifname or -ifname
[  338.857066][T10572] FAULT_INJECTION: forcing a failure.
[  338.857066][T10572] name failslab, interval 1, probability 0, space 0, times 0
[  338.930583][T10572] CPU: 0 UID: 0 PID: 10572 Comm: syz.3.1099 Not tainted syzkaller #0 PREEMPT(full) 
[  338.930605][T10572] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  338.930615][T10572] Call Trace:
[  338.930620][T10572]  <TASK>
[  338.930626][T10572]  dump_stack_lvl+0x100/0x190
[  338.930656][T10572]  should_fail_ex.cold+0x5/0xa
[  338.930675][T10572]  ? tomoyo_realpath_from_path+0xb6/0x690
[  338.930696][T10572]  should_failslab+0xc2/0x120
[  338.930712][T10572]  __kmalloc_noprof+0xe0/0x850
[  338.930737][T10572]  tomoyo_realpath_from_path+0xb6/0x690
[  338.930760][T10572]  tomoyo_path_number_perm+0x23c/0x580
[  338.930775][T10572]  ? tomoyo_path_number_perm+0x22e/0x580
[  338.930792][T10572]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  338.930825][T10572]  ? find_held_lock+0x2b/0x80
[  338.930838][T10572]  ? __fget_files+0x215/0x3d0
[  338.930851][T10572]  ? hook_file_ioctl_common+0x146/0x410
[  338.930871][T10572]  ? __fget_files+0x21f/0x3d0
[  338.930887][T10572]  security_file_ioctl+0xd3/0x230
[  338.930904][T10572]  __x64_sys_ioctl+0xb7/0x210
[  338.930925][T10572]  do_syscall_64+0x106/0xf80
[  338.930945][T10572]  ? clear_bhb_loop+0x40/0x90
[  338.930963][T10572]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  338.930981][T10572] RIP: 0033:0x7f4690b9c799
[  338.930992][T10572] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  338.931005][T10572] RSP: 002b:00007f4691ad0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  338.931019][T10572] RAX: ffffffffffffffda RBX: 00007f4690e16090 RCX: 00007f4690b9c799
[  338.931028][T10572] RDX: 0000200000000080 RSI: 00000000c0686611 RDI: 0000000000000004
[  338.931036][T10572] RBP: 00007f4691ad0090 R08: 0000000000000000 R09: 0000000000000000
[  338.931050][T10572] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  338.931058][T10572] R13: 00007f4690e16128 R14: 00007f4690e16090 R15: 00007fffaa700768
[  338.931077][T10572]  </TASK>
[  338.931097][T10572] ERROR: Out of memory at tomoyo_realpath_from_path.
[  340.301835][T10604] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(3)
[  340.745206][T10615] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1111'.
[  340.779417][T10615] nbd: must specify a size in bytes for the device
[  340.834913][T10615] FAULT_INJECTION: forcing a failure.
[  340.834913][T10615] name failslab, interval 1, probability 0, space 0, times 0
[  340.895485][T10615] CPU: 0 UID: 0 PID: 10615 Comm: syz.2.1111 Not tainted syzkaller #0 PREEMPT(full) 
[  340.895507][T10615] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  340.895516][T10615] Call Trace:
[  340.895522][T10615]  <TASK>
[  340.895528][T10615]  dump_stack_lvl+0x100/0x190
[  340.895554][T10615]  should_fail_ex.cold+0x5/0xa
[  340.895574][T10615]  should_failslab+0xc2/0x120
[  340.895589][T10615]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  340.895611][T10615]  ? __kernfs_new_node+0xd2/0x960
[  340.895634][T10615]  __kernfs_new_node+0xd2/0x960
[  340.895654][T10615]  ? kernfs_add_one+0x214/0x850
[  340.895668][T10615]  ? __pfx___kernfs_new_node+0x10/0x10
[  340.895703][T10615]  ? find_held_lock+0x2b/0x80
[  340.895718][T10615]  ? kernfs_root+0xee/0x2a0
[  340.895739][T10615]  ? kernfs_root+0xee/0x2a0
[  340.895763][T10615]  kernfs_new_node+0x11b/0x1a0
[  340.895780][T10615]  kernfs_create_link+0xcc/0x240
[  340.895798][T10615]  sysfs_do_create_link_sd+0x90/0x140
[  340.895819][T10615]  sysfs_create_link+0x61/0xc0
[  340.895839][T10615]  device_add+0x553/0x1950
[  340.895859][T10615]  ? __pfx_device_add+0x10/0x10
[  340.895875][T10615]  ? __pfx___might_resched+0x10/0x10
[  340.895894][T10615]  ? lockdep_hardirqs_on+0x78/0x100
[  340.895921][T10615]  __add_disk+0x518/0xe40
[  340.895940][T10615]  add_disk_fwnode+0x118/0x5c0
[  340.895957][T10615]  loop_add+0x90b/0xb60
[  340.895978][T10615]  ? __pfx_loop_add+0x10/0x10
[  340.896008][T10615]  ? find_held_lock+0x2b/0x80
[  340.896022][T10615]  ? __fget_files+0x215/0x3d0
[  340.896037][T10615]  loop_control_ioctl+0xae/0x620
[  340.896059][T10615]  ? __pfx_loop_control_ioctl+0x10/0x10
[  340.896081][T10615]  ? __pfx_loop_control_ioctl+0x10/0x10
[  340.896103][T10615]  __x64_sys_ioctl+0x18e/0x210
[  340.896125][T10615]  do_syscall_64+0x106/0xf80
[  340.896144][T10615]  ? clear_bhb_loop+0x40/0x90
[  340.896161][T10615]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  340.896176][T10615] RIP: 0033:0x7f8c3959c799
[  340.896188][T10615] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  340.896202][T10615] RSP: 002b:00007f8c3a3ef028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  340.896216][T10615] RAX: ffffffffffffffda RBX: 00007f8c39815fa0 RCX: 00007f8c3959c799
[  340.896226][T10615] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000009
[  340.896235][T10615] RBP: 00007f8c39632c99 R08: 0000000000000000 R09: 0000000000000000
[  340.896243][T10615] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  340.896251][T10615] R13: 00007f8c39816038 R14: 00007f8c39815fa0 R15: 00007ffdc0a0f738
[  340.896272][T10615]  </TASK>
[  341.851092][T10637] vivid-007: =================  START STATUS  =================
[  341.890237][T10637] vivid-007: Generate PTS: true
[  341.895140][T10637] vivid-007: Generate SCR: true
[  341.953664][T10637] tpg source WxH: 320x240 (Y'CbCr)
[  341.995958][T10637] tpg field: 1
[  342.033935][T10637] tpg crop: (0,0)/320x240
[  342.078332][T10637] tpg compose: (0,0)/320x240
[  342.115209][T10637] tpg colorspace: 8
[  342.134388][T10637] tpg transfer function: 0/0
[  342.162288][T10637] tpg Y'CbCr encoding: 0/0
[  342.187208][T10637] tpg quantization: 0/0
[  342.192668][T10644] FAULT_INJECTION: forcing a failure.
[  342.192668][T10644] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  342.218512][T10637] tpg RGB range: 0/2
[  342.226794][T10637] vivid-007: ==================  END STATUS  ==================
[  342.269304][T10644] CPU: 0 UID: 0 PID: 10644 Comm: syz.2.1116 Not tainted syzkaller #0 PREEMPT(full) 
[  342.269326][T10644] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  342.269334][T10644] Call Trace:
[  342.269338][T10644]  <TASK>
[  342.269344][T10644]  dump_stack_lvl+0x100/0x190
[  342.269376][T10644]  should_fail_ex.cold+0x5/0xa
[  342.269393][T10644]  _copy_to_user+0x32/0xd0
[  342.269413][T10644]  simple_read_from_buffer+0xcb/0x170
[  342.269436][T10644]  proc_fail_nth_read+0x1af/0x230
[  342.269455][T10644]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  342.269473][T10644]  ? rw_verify_area+0xce/0x6d0
[  342.269499][T10644]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  342.269516][T10644]  vfs_read+0x1e4/0xb30
[  342.269532][T10644]  ? __pfx_vfs_read+0x10/0x10
[  342.269544][T10644]  ? __fget_files+0x215/0x3d0
[  342.269561][T10644]  ? __fget_files+0x21f/0x3d0
[  342.269579][T10644]  ksys_read+0x12a/0x250
[  342.269592][T10644]  ? __pfx_ksys_read+0x10/0x10
[  342.269610][T10644]  do_syscall_64+0x106/0xf80
[  342.269630][T10644]  ? clear_bhb_loop+0x40/0x90
[  342.269647][T10644]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  342.269661][T10644] RIP: 0033:0x7f8c3955cfce
[  342.269673][T10644] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  342.269686][T10644] RSP: 002b:00007f8c3a3eefe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  342.269699][T10644] RAX: ffffffffffffffda RBX: 00007f8c3a3ef6c0 RCX: 00007f8c3955cfce
[  342.269708][T10644] RDX: 000000000000000f RSI: 00007f8c3a3ef0a0 RDI: 0000000000000006
[  342.269716][T10644] RBP: 00007f8c3a3ef090 R08: 0000000000000000 R09: 0000000000000000
[  342.269724][T10644] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  342.269732][T10644] R13: 00007f8c39816038 R14: 00007f8c39815fa0 R15: 00007ffdc0a0f738
[  342.269751][T10644]  </TASK>
[  342.545078][T10631] kexec: Could not allocate control_code_buffer
[  343.614146][T10662] netlink: 'syz.2.1121': attribute type 4 has an invalid length.
[  343.669113][T10662] netlink: 62 bytes leftover after parsing attributes in process `syz.2.1121'.
[  344.100640][T10676] vivid-007: =================  START STATUS  =================
[  344.138527][T10676] vivid-007: Generate PTS: true
[  344.162497][T10676] vivid-007: Generate SCR: true
[  344.189192][T10676] tpg source WxH: 320x240 (Y'CbCr)
[  344.215367][T10676] tpg field: 1
[  344.250138][T10676] tpg crop: (0,0)/320x240
[  344.284488][T10676] tpg compose: (0,0)/320x240
[  344.300944][T10676] tpg colorspace: 8
[  344.322558][T10676] tpg transfer function: 0/0
[  344.337619][T10676] tpg Y'CbCr encoding: 0/0
[  344.349381][T10676] tpg quantization: 0/0
[  344.354079][T10682] FAULT_INJECTION: forcing a failure.
[  344.354079][T10682] name failslab, interval 1, probability 0, space 0, times 0
[  344.371224][T10676] tpg RGB range: 0/2
[  344.392857][T10676] vivid-007: ==================  END STATUS  ==================
[  344.418792][T10682] CPU: 0 UID: 0 PID: 10682 Comm: syz.1.1129 Not tainted syzkaller #0 PREEMPT(full) 
[  344.418815][T10682] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  344.418824][T10682] Call Trace:
[  344.418830][T10682]  <TASK>
[  344.418836][T10682]  dump_stack_lvl+0x100/0x190
[  344.418864][T10682]  should_fail_ex.cold+0x5/0xa
[  344.418883][T10682]  should_failslab+0xc2/0x120
[  344.418900][T10682]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  344.418921][T10682]  ? skb_clone+0x190/0x400
[  344.418950][T10682]  skb_clone+0x190/0x400
[  344.418971][T10682]  netlink_deliver_tap+0xaed/0xcc0
[  344.418998][T10682]  netlink_unicast+0x70c/0x870
[  344.419023][T10682]  ? __pfx_netlink_unicast+0x10/0x10
[  344.419044][T10682]  ? __alloc_skb+0x5b7/0x710
[  344.419065][T10682]  ? __pfx___dev_queue_xmit+0x10/0x10
[  344.419085][T10682]  netlink_ack+0x655/0xb80
[  344.419104][T10682]  netlink_rcv_skb+0x333/0x420
[  344.419117][T10682]  ? __pfx_sock_diag_rcv_msg+0x10/0x10
[  344.419137][T10682]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  344.419157][T10682]  ? netlink_deliver_tap+0x1ae/0xcc0
[  344.419182][T10682]  netlink_unicast+0x5aa/0x870
[  344.419206][T10682]  ? __pfx_netlink_unicast+0x10/0x10
[  344.419227][T10682]  ? __pfx___might_resched+0x10/0x10
[  344.419247][T10682]  ? __lock_acquire+0x4a5/0x2630
[  344.419271][T10682]  netlink_sendmsg+0x8b0/0xda0
[  344.419287][T10682]  ? __pfx_netlink_sendmsg+0x10/0x10
[  344.419300][T10682]  ? __import_iovec+0x1d2/0x640
[  344.419319][T10682]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  344.419345][T10682]  ____sys_sendmsg+0x9e1/0xb70
[  344.419359][T10682]  ? __pfx_netlink_sendmsg+0x10/0x10
[  344.419374][T10682]  ? __pfx_____sys_sendmsg+0x10/0x10
[  344.419392][T10682]  ? rcu_is_watching+0x12/0xc0
[  344.419413][T10682]  ? ___sys_sendmsg+0x19d/0x1e0
[  344.419428][T10682]  ? kfree+0x2ec/0x6b0
[  344.419449][T10682]  ___sys_sendmsg+0x190/0x1e0
[  344.419466][T10682]  ? __pfx____sys_sendmsg+0x10/0x10
[  344.419500][T10682]  ? __pfx___might_resched+0x10/0x10
[  344.419524][T10682]  __sys_sendmmsg+0x205/0x430
[  344.419546][T10682]  ? __pfx___sys_sendmmsg+0x10/0x10
[  344.419572][T10682]  ? __pfx_do_futex+0x10/0x10
[  344.419599][T10682]  ? xfd_validate_state+0x129/0x190
[  344.419625][T10682]  __x64_sys_sendmmsg+0x9c/0x100
[  344.419645][T10682]  ? lockdep_hardirqs_on+0x78/0x100
[  344.419666][T10682]  do_syscall_64+0x106/0xf80
[  344.419686][T10682]  ? clear_bhb_loop+0x40/0x90
[  344.419711][T10682]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  344.419727][T10682] RIP: 0033:0x7f6795f9c799
[  344.419741][T10682] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  344.419755][T10682] RSP: 002b:00007f67941f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  344.419769][T10682] RAX: ffffffffffffffda RBX: 00007f6796215fa0 RCX: 00007f6795f9c799
[  344.419778][T10682] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003
[  344.419787][T10682] RBP: 00007f6796032c99 R08: 0000000000000000 R09: 0000000000000000
[  344.419796][T10682] R10: 0000000007000000 R11: 0000000000000246 R12: 0000000000000000
[  344.419805][T10682] R13: 00007f6796216038 R14: 00007f6796215fa0 R15: 00007ffe372731a8
[  344.419828][T10682]  </TASK>
[  346.550327][T10730] FAULT_INJECTION: forcing a failure.
[  346.550327][T10730] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  346.606396][T10730] CPU: 0 UID: 0 PID: 10730 Comm: syz.3.1138 Not tainted syzkaller #0 PREEMPT(full) 
[  346.606417][T10730] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  346.606426][T10730] Call Trace:
[  346.606431][T10730]  <TASK>
[  346.606436][T10730]  dump_stack_lvl+0x100/0x190
[  346.606462][T10730]  should_fail_ex.cold+0x5/0xa
[  346.606478][T10730]  _copy_from_user+0x2e/0xd0
[  346.606499][T10730]  generic_map_update_batch+0x452/0x800
[  346.606520][T10730]  ? __pfx_generic_map_update_batch+0x10/0x10
[  346.606535][T10730]  ? find_held_lock+0x2b/0x80
[  346.606547][T10730]  ? __might_fault+0xc5/0x140
[  346.606567][T10730]  ? __might_fault+0xc5/0x140
[  346.606586][T10730]  ? __pfx_generic_map_update_batch+0x10/0x10
[  346.606602][T10730]  bpf_map_do_batch+0x66f/0x6d0
[  346.606624][T10730]  __sys_bpf+0x302/0x4b90
[  346.606642][T10730]  ? __pfx___sys_bpf+0x10/0x10
[  346.606655][T10730]  ? proc_fail_nth_write+0x9f/0x220
[  346.606672][T10730]  ? find_held_lock+0x2b/0x80
[  346.606689][T10730]  ? rcu_read_lock_any_held+0x6a/0xa0
[  346.606703][T10730]  ? vfs_write+0x15d/0x1070
[  346.606717][T10730]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  346.606736][T10730]  ? __pfx_vfs_write+0x10/0x10
[  346.606748][T10730]  ? do_sys_openat2+0x157/0x1e0
[  346.606776][T10730]  ? ksys_write+0x1ac/0x250
[  346.606789][T10730]  ? __pfx_ksys_write+0x10/0x10
[  346.606801][T10730]  ? arch_syscall_is_vdso_sigreturn+0xb6/0x200
[  346.606821][T10730]  __x64_sys_bpf+0x7b/0xc0
[  346.606836][T10730]  ? lockdep_hardirqs_on+0x78/0x100
[  346.606856][T10730]  do_syscall_64+0x106/0xf80
[  346.606874][T10730]  ? clear_bhb_loop+0x40/0x90
[  346.606891][T10730]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  346.606905][T10730] RIP: 0033:0x7f4690b9c799
[  346.606917][T10730] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  346.606930][T10730] RSP: 002b:00007f4691af1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  346.606943][T10730] RAX: ffffffffffffffda RBX: 00007f4690e15fa0 RCX: 00007f4690b9c799
[  346.606952][T10730] RDX: 0000000000000092 RSI: 0000200000000380 RDI: 000000000000001a
[  346.606960][T10730] RBP: 00007f4691af1090 R08: 0000000000000000 R09: 0000000000000000
[  346.606968][T10730] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  346.606978][T10730] R13: 00007f4690e16038 R14: 00007f4690e15fa0 R15: 00007fffaa700768
[  346.606996][T10730]  </TASK>
[  346.961608][T10734] vivid-007: =================  START STATUS  =================
[  346.969419][T10734] vivid-007: Generate PTS: true
[  346.974271][T10734] vivid-007: Generate SCR: true
[  346.979183][T10734] tpg source WxH: 320x240 (Y'CbCr)
[  346.984292][T10734] tpg field: 1
[  346.987641][T10734] tpg crop: (0,0)/320x240
[  346.992080][T10734] tpg compose: (0,0)/320x240
[  346.996670][T10734] tpg colorspace: 8
[  347.000579][T10734] tpg transfer function: 0/0
[  347.005179][T10734] tpg Y'CbCr encoding: 0/0
[  347.009611][T10734] tpg quantization: 0/0
[  347.013781][T10734] tpg RGB range: 0/2
[  347.017656][T10734] vivid-007: ==================  END STATUS  ==================
[  347.116592][T10740] vivid-007: =================  START STATUS  =================
[  347.130592][T10740] vivid-007: Generate PTS: true
[  347.135494][T10740] vivid-007: Generate SCR: true
[  347.148341][T10740] tpg source WxH: 320x240 (Y'CbCr)
[  347.154140][T10740] tpg field: 1
[  347.157625][T10740] tpg crop: (0,0)/320x240
[  347.162069][T10740] tpg compose: (0,0)/320x240
[  347.166675][T10740] tpg colorspace: 8
[  347.170519][T10740] tpg transfer function: 0/0
[  347.178026][T10740] tpg Y'CbCr encoding: 0/0
[  347.209480][T10740] tpg quantization: 0/0
[  347.214337][T10740] tpg RGB range: 0/2
[  347.247036][T10740] vivid-007: ==================  END STATUS  ==================
[  347.561846][T10755] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1142'.
[  347.711739][T10756] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1142'.
[  347.878733][T10755] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1142'.
[  348.137022][T10770] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1145'.
[  348.302348][T10771] netlink: 146 bytes leftover after parsing attributes in process `syz.1.1145'.
[  348.764249][T10785] EXT4-fs (sda1): Delayed block allocation failed for inode 2026 at logical offset 2 with max blocks 1 with error 117
[  348.787466][T10787] vivid-007: =================  START STATUS  =================
[  348.813292][T10787] vivid-007: Generate PTS: true
[  348.818181][T10787] vivid-007: Generate SCR: true
[  348.830175][T10785] EXT4-fs (sda1): This should not happen!! Data will be lost
[  348.830175][T10785] 
[  348.859957][T10787] tpg source WxH: 320x240 (Y'CbCr)
[  348.891055][T10787] tpg field: 1
[  348.928880][T10787] tpg crop: (0,0)/320x240
[  348.961955][T10787] tpg compose: (0,0)/320x240
[  348.972244][T10787] tpg colorspace: 8
[  348.986626][T10787] tpg transfer function: 0/0
[  349.008964][T10787] tpg Y'CbCr encoding: 0/0
[  349.028341][T10787] tpg quantization: 0/0
[  349.045854][   T49] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 915 with max blocks 2 with error 117
[  349.066251][T10787] tpg RGB range: 0/2
[  349.083303][T10787] vivid-007: ==================  END STATUS  ==================
[  349.115762][T10784] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input53
[  349.136197][   T49] EXT4-fs (sda1): This should not happen!! Data will be lost
[  349.136197][   T49] 
[  349.500933][T10807] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1156'.
[  349.743208][T10813] FAULT_INJECTION: forcing a failure.
[  349.743208][T10813] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  349.800604][T10813] CPU: 0 UID: 0 PID: 10813 Comm: syz.1.1158 Not tainted syzkaller #0 PREEMPT(full) 
[  349.800625][T10813] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  349.800634][T10813] Call Trace:
[  349.800639][T10813]  <TASK>
[  349.800645][T10813]  dump_stack_lvl+0x100/0x190
[  349.800671][T10813]  should_fail_ex.cold+0x5/0xa
[  349.800689][T10813]  _copy_from_user+0x2e/0xd0
[  349.800707][T10813]  snd_rawmidi_kernel_write1+0x390/0x7c0
[  349.800733][T10813]  snd_rawmidi_write+0x2dc/0xc60
[  349.800756][T10813]  ? __pfx_snd_rawmidi_write+0x10/0x10
[  349.800775][T10813]  ? __pfx_default_wake_function+0x10/0x10
[  349.800793][T10813]  ? bpf_lsm_file_permission+0x9/0x10
[  349.800806][T10813]  ? security_file_permission+0x76/0x210
[  349.800824][T10813]  ? rw_verify_area+0xce/0x6d0
[  349.800845][T10813]  vfs_write+0x2aa/0x1070
[  349.800859][T10813]  ? __pfx_snd_rawmidi_write+0x10/0x10
[  349.800878][T10813]  ? __pfx_vfs_write+0x10/0x10
[  349.800890][T10813]  ? find_held_lock+0x2b/0x80
[  349.800903][T10813]  ? __fget_files+0x215/0x3d0
[  349.800916][T10813]  ? __fget_files+0x215/0x3d0
[  349.800931][T10813]  ? __fget_files+0x21f/0x3d0
[  349.800949][T10813]  ksys_write+0x1f8/0x250
[  349.800962][T10813]  ? __pfx_ksys_write+0x10/0x10
[  349.800987][T10813]  do_syscall_64+0x106/0xf80
[  349.801007][T10813]  ? clear_bhb_loop+0x40/0x90
[  349.801024][T10813]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  349.801038][T10813] RIP: 0033:0x7f6795f9c799
[  349.801050][T10813] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  349.801063][T10813] RSP: 002b:00007f67941f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  349.801077][T10813] RAX: ffffffffffffffda RBX: 00007f6796215fa0 RCX: 00007f6795f9c799
[  349.801086][T10813] RDX: 000000100000a3d9 RSI: 0000200000000400 RDI: 0000000000000003
[  349.801094][T10813] RBP: 00007f67941f6090 R08: 0000000000000000 R09: 0000000000000000
[  349.801102][T10813] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  349.801110][T10813] R13: 00007f6796216038 R14: 00007f6796215fa0 R15: 00007ffe372731a8
[  349.801128][T10813]  </TASK>
[  350.226731][T10823] binder: 10822:10823 ioctl c018620c 0 returned -1
[  351.074820][T10837] vivid-007: =================  START STATUS  =================
[  351.103574][T10837] vivid-007: Generate PTS: true
[  351.127820][T10837] vivid-007: Generate SCR: true
[  351.149757][T10837] tpg source WxH: 320x240 (Y'CbCr)
[  351.175278][T10837] tpg field: 1
[  351.188990][T10837] tpg crop: (0,0)/320x240
[  351.204288][T10837] tpg compose: (0,0)/320x240
[  351.217831][T10837] tpg colorspace: 8
[  351.229266][T10844] FAULT_INJECTION: forcing a failure.
[  351.229266][T10844] name failslab, interval 1, probability 0, space 0, times 0
[  351.249814][T10837] tpg transfer function: 0/0
[  351.260811][T10837] tpg Y'CbCr encoding: 0/0
[  351.271359][T10837] tpg quantization: 0/0
[  351.275647][T10844] CPU: 0 UID: 0 PID: 10844 Comm: syz.1.1166 Not tainted syzkaller #0 PREEMPT(full) 
[  351.275665][T10844] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  351.275674][T10844] Call Trace:
[  351.275680][T10844]  <TASK>
[  351.275685][T10844]  dump_stack_lvl+0x100/0x190
[  351.275709][T10844]  should_fail_ex.cold+0x5/0xa
[  351.275726][T10844]  should_failslab+0xc2/0x120
[  351.275742][T10844]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  351.275762][T10844]  ? skb_clone+0x190/0x400
[  351.275781][T10844]  ? nf_nat_ipv4_local_fn+0xb2/0x5a0
[  351.275801][T10844]  skb_clone+0x190/0x400
[  351.275821][T10844]  ip_mc_output+0x531/0xd70
[  351.275837][T10844]  ? __pfx_ip_mc_output+0x10/0x10
[  351.275849][T10844]  ? __ip_make_skb+0x111e/0x1f90
[  351.275863][T10844]  ? __pfx_dst_output+0x10/0x10
[  351.275885][T10844]  ? __pfx_ip_mc_output+0x10/0x10
[  351.275899][T10844]  ip_push_pending_frames+0x29e/0x300
[  351.275920][T10844]  raw_sendmsg+0x150b/0x35f0
[  351.275942][T10844]  ? __pfx_raw_sendmsg+0x10/0x10
[  351.275958][T10844]  ? __lock_acquire+0x4a5/0x2630
[  351.275979][T10844]  ? __lock_acquire+0x4a5/0x2630
[  351.276013][T10844]  ? __import_iovec+0x1d2/0x640
[  351.276032][T10844]  ? __pfx_raw_sendmsg+0x10/0x10
[  351.276048][T10844]  inet_sendmsg+0x11c/0x140
[  351.276065][T10844]  ____sys_sendmsg+0x98d/0xb70
[  351.276079][T10844]  ? __pfx_inet_sendmsg+0x10/0x10
[  351.276095][T10844]  ? __pfx_____sys_sendmsg+0x10/0x10
[  351.276113][T10844]  ? __pfx__kstrtoull+0x10/0x10
[  351.276136][T10844]  ___sys_sendmsg+0x190/0x1e0
[  351.276153][T10844]  ? __pfx____sys_sendmsg+0x10/0x10
[  351.276177][T10844]  ? find_held_lock+0x2b/0x80
[  351.276202][T10844]  __sys_sendmmsg+0x205/0x430
[  351.276224][T10844]  ? __pfx___sys_sendmmsg+0x10/0x10
[  351.276249][T10844]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  351.276278][T10844]  ? fput+0x79/0x100
[  351.276294][T10844]  ? ksys_write+0x1ac/0x250
[  351.276307][T10844]  ? __pfx_ksys_write+0x10/0x10
[  351.276323][T10844]  __x64_sys_sendmmsg+0x9c/0x100
[  351.276342][T10844]  ? lockdep_hardirqs_on+0x78/0x100
[  351.276361][T10844]  do_syscall_64+0x106/0xf80
[  351.276380][T10844]  ? clear_bhb_loop+0x40/0x90
[  351.276397][T10844]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  351.276411][T10844] RIP: 0033:0x7f6795f9c799
[  351.276424][T10844] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  351.276438][T10844] RSP: 002b:00007f67941f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  351.276451][T10844] RAX: ffffffffffffffda RBX: 00007f6796215fa0 RCX: 00007f6795f9c799
[  351.276460][T10844] RDX: 0000000000000003 RSI: 0000000000000000 RDI: 0000000000000003
[  351.276468][T10844] RBP: 00007f67941f6090 R08: 0000000000000000 R09: 0000000000000000
[  351.276477][T10844] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  351.276485][T10844] R13: 00007f6796216038 R14: 00007f6796215fa0 R15: 00007ffe372731a8
[  351.276503][T10844]  </TASK>
[  351.603627][T10837] tpg RGB range: 0/2
[  351.607584][T10837] vivid-007: ==================  END STATUS  ==================
[  351.637061][T10848] netlink: 226 bytes leftover after parsing attributes in process `syz.2.1167'.
[  351.814679][T10856] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1168'.
[  351.814716][T10856] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1168'.
[  351.814744][T10856] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1168'.
[  352.585693][T10870] FAULT_INJECTION: forcing a failure.
[  352.585693][T10870] name failslab, interval 1, probability 0, space 0, times 0
[  352.620501][T10870] CPU: 0 UID: 0 PID: 10870 Comm: syz.3.1174 Not tainted syzkaller #0 PREEMPT(full) 
[  352.620523][T10870] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  352.620532][T10870] Call Trace:
[  352.620537][T10870]  <TASK>
[  352.620542][T10870]  dump_stack_lvl+0x100/0x190
[  352.620568][T10870]  should_fail_ex.cold+0x5/0xa
[  352.620586][T10870]  should_failslab+0xc2/0x120
[  352.620603][T10870]  __kmalloc_cache_noprof+0x7a/0x6f0
[  352.620621][T10870]  ? nbd_alloc_and_init_config+0x97/0x2a0
[  352.620641][T10870]  nbd_alloc_and_init_config+0x97/0x2a0
[  352.620657][T10870]  nbd_genl_connect+0x47c/0x1a40
[  352.620675][T10870]  ? __pfx_nbd_genl_connect+0x10/0x10
[  352.620695][T10870]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280
[  352.620711][T10870]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280
[  352.620731][T10870]  genl_family_rcv_msg_doit+0x214/0x300
[  352.620748][T10870]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  352.620763][T10870]  ? genl_get_cmd+0x3ef/0x720
[  352.620782][T10870]  ? __dev_queue_xmit+0x5af/0x4800
[  352.620805][T10870]  ? __radix_tree_lookup+0x217/0x2b0
[  352.620827][T10870]  genl_rcv_msg+0x560/0x800
[  352.620844][T10870]  ? __pfx_genl_rcv_msg+0x10/0x10
[  352.620859][T10870]  ? __pfx_nbd_genl_connect+0x10/0x10
[  352.620881][T10870]  netlink_rcv_skb+0x159/0x420
[  352.620894][T10870]  ? __pfx_genl_rcv_msg+0x10/0x10
[  352.620910][T10870]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  352.620931][T10870]  ? netlink_deliver_tap+0x1ae/0xcc0
[  352.620954][T10870]  genl_rcv+0x28/0x40
[  352.620966][T10870]  netlink_unicast+0x5aa/0x870
[  352.620990][T10870]  ? __pfx_netlink_unicast+0x10/0x10
[  352.621017][T10870]  netlink_sendmsg+0x8b0/0xda0
[  352.621034][T10870]  ? __pfx_netlink_sendmsg+0x10/0x10
[  352.621046][T10870]  ? __import_iovec+0x1d2/0x640
[  352.621064][T10870]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  352.621089][T10870]  ____sys_sendmsg+0x9e1/0xb70
[  352.621104][T10870]  ? __pfx_netlink_sendmsg+0x10/0x10
[  352.621118][T10870]  ? __pfx_____sys_sendmsg+0x10/0x10
[  352.621142][T10870]  ___sys_sendmsg+0x190/0x1e0
[  352.621159][T10870]  ? __pfx____sys_sendmsg+0x10/0x10
[  352.621200][T10870]  __sys_sendmsg+0x170/0x220
[  352.621221][T10870]  ? __pfx___sys_sendmsg+0x10/0x10
[  352.621252][T10870]  do_syscall_64+0x106/0xf80
[  352.621271][T10870]  ? clear_bhb_loop+0x40/0x90
[  352.621288][T10870]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  352.621302][T10870] RIP: 0033:0x7f4690b9c799
[  352.621315][T10870] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  352.621328][T10870] RSP: 002b:00007f4691af1028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  352.621342][T10870] RAX: ffffffffffffffda RBX: 00007f4690e15fa0 RCX: 00007f4690b9c799
[  352.621351][T10870] RDX: 0000000020040000 RSI: 0000200000000500 RDI: 0000000000000003
[  352.621359][T10870] RBP: 00007f4691af1090 R08: 0000000000000000 R09: 0000000000000000
[  352.621367][T10870] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  352.621375][T10870] R13: 00007f4690e16038 R14: 00007f4690e15fa0 R15: 00007fffaa700768
[  352.621394][T10870]  </TASK>
[  352.623033][T10870] nbd: couldn't allocate config
[  352.964829][T10871] FAULT_INJECTION: forcing a failure.
[  352.964829][T10871] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  352.983219][T10871] CPU: 0 UID: 0 PID: 10871 Comm: syz.0.1173 Not tainted syzkaller #0 PREEMPT(full) 
[  352.983245][T10871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  352.983253][T10871] Call Trace:
[  352.983259][T10871]  <TASK>
[  352.983265][T10871]  dump_stack_lvl+0x100/0x190
[  352.983295][T10871]  should_fail_ex.cold+0x5/0xa
[  352.983313][T10871]  _copy_to_user+0x32/0xd0
[  352.983333][T10871]  simple_read_from_buffer+0xcb/0x170
[  352.983356][T10871]  proc_fail_nth_read+0x1af/0x230
[  352.983375][T10871]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  352.983393][T10871]  ? rw_verify_area+0xce/0x6d0
[  352.983413][T10871]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  352.983430][T10871]  vfs_read+0x1e4/0xb30
[  352.983447][T10871]  ? __pfx_vfs_read+0x10/0x10
[  352.983459][T10871]  ? __fget_files+0x215/0x3d0
[  352.983477][T10871]  ? __fget_files+0x21f/0x3d0
[  352.983495][T10871]  ksys_read+0x12a/0x250
[  352.983508][T10871]  ? __pfx_ksys_read+0x10/0x10
[  352.983526][T10871]  do_syscall_64+0x106/0xf80
[  352.983547][T10871]  ? clear_bhb_loop+0x40/0x90
[  352.983565][T10871]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  352.983579][T10871] RIP: 0033:0x7f0cfaf5cfce
[  352.983592][T10871] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  352.983606][T10871] RSP: 002b:00007f0cfbdcafe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  352.983621][T10871] RAX: ffffffffffffffda RBX: 00007f0cfbdcb6c0 RCX: 00007f0cfaf5cfce
[  352.983631][T10871] RDX: 000000000000000f RSI: 00007f0cfbdcb0a0 RDI: 0000000000000006
[  352.983647][T10871] RBP: 00007f0cfbdcb090 R08: 0000000000000000 R09: 0000000000000000
[  352.983655][T10871] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  352.983663][T10871] R13: 00007f0cfb216128 R14: 00007f0cfb216090 R15: 00007ffc5f7ace58
[  352.983682][T10871]  </TASK>
[  353.232475][T10871] Process accounting paused
[  353.705057][T10887] vivid-007: =================  START STATUS  =================
[  353.777099][T10887] vivid-007: Generate PTS: true
[  353.800936][T10887] vivid-007: Generate SCR: true
[  353.853900][T10887] tpg source WxH: 320x240 (Y'CbCr)
[  354.021623][T10887] tpg field: 1
[  354.050213][T10887] tpg crop: (0,0)/320x240
[  354.069478][T10887] tpg compose: (0,0)/320x240
[  354.090010][T10887] tpg colorspace: 8
[  354.110408][T10887] tpg transfer function: 0/0
[  354.141154][T10887] tpg Y'CbCr encoding: 0/0
[  354.178737][T10887] tpg quantization: 0/0
[  354.202551][T10887] tpg RGB range: 0/2
[  354.217837][T10887] vivid-007: ==================  END STATUS  ==================
[  354.258144][T10897] ptp ptp0: only physical clock in use now
[  354.899134][   T30] audit: type=1800 audit(4294967478.690:7): pid=10914 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1186" name="dbroot" dev="configfs" ino=33077 res=0 errno=0
[  355.339310][T10925] udc dummy_udc.0: soft-connect without a gadget driver
[  355.734058][T10936] vivid-007: =================  START STATUS  =================
[  355.776633][T10936] vivid-007: Generate PTS: true
[  355.813632][T10936] vivid-007: Generate SCR: true
[  355.841368][T10936] tpg source WxH: 320x240 (Y'CbCr)
[  355.871771][T10936] tpg field: 1
[  355.887224][T10936] tpg crop: (0,0)/320x240
[  355.909478][T10936] tpg compose: (0,0)/320x240
[  355.946576][T10936] tpg colorspace: 8
[  355.970209][T10936] tpg transfer function: 0/0
[  355.988706][T10936] tpg Y'CbCr encoding: 0/0
[  356.015519][T10936] tpg quantization: 0/0
[  356.032216][T10936] tpg RGB range: 0/2
[  356.046308][T10936] vivid-007: ==================  END STATUS  ==================
[  356.302001][T10950] FAULT_INJECTION: forcing a failure.
[  356.302001][T10950] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  356.372272][T10950] CPU: 0 UID: 0 PID: 10950 Comm: syz.1.1193 Not tainted syzkaller #0 PREEMPT(full) 
[  356.372297][T10950] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  356.372306][T10950] Call Trace:
[  356.372312][T10950]  <TASK>
[  356.372317][T10950]  dump_stack_lvl+0x100/0x190
[  356.372349][T10950]  should_fail_ex.cold+0x5/0xa
[  356.372368][T10950]  _copy_from_user+0x2e/0xd0
[  356.372395][T10950]  kstrtouint_from_user+0xd6/0x1d0
[  356.372417][T10950]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  356.372435][T10950]  ? __lock_acquire+0x4a5/0x2630
[  356.372456][T10950]  ? lock_acquire+0x1cf/0x380
[  356.372481][T10950]  proc_fail_nth_write+0x83/0x220
[  356.372500][T10950]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  356.372522][T10950]  vfs_write+0x2aa/0x1070
[  356.372537][T10950]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  356.372556][T10950]  ? __pfx_vfs_write+0x10/0x10
[  356.372569][T10950]  ? __fget_files+0x215/0x3d0
[  356.372587][T10950]  ? __fget_files+0x21f/0x3d0
[  356.372605][T10950]  ksys_write+0x12a/0x250
[  356.372619][T10950]  ? __pfx_ksys_write+0x10/0x10
[  356.372637][T10950]  do_syscall_64+0x106/0xf80
[  356.372658][T10950]  ? clear_bhb_loop+0x40/0x90
[  356.372676][T10950]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  356.372690][T10950] RIP: 0033:0x7f6795f5cfce
[  356.372702][T10950] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  356.372716][T10950] RSP: 002b:00007f67941d4fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  356.372730][T10950] RAX: ffffffffffffffda RBX: 00007f67941d56c0 RCX: 00007f6795f5cfce
[  356.372740][T10950] RDX: 0000000000000001 RSI: 00007f67941d50a0 RDI: 0000000000000006
[  356.372749][T10950] RBP: 00007f67941d5090 R08: 0000000000000000 R09: 0000000000000000
[  356.372757][T10950] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  356.372765][T10950] R13: 00007f6796216128 R14: 00007f6796216090 R15: 00007ffe372731a8
[  356.372784][T10950]  </TASK>
[  357.052706][T10962] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1199'.
[  357.365121][T10972] vivid-007: =================  START STATUS  =================
[  357.388887][T10972] vivid-007: Generate PTS: true
[  357.406275][T10972] vivid-007: Generate SCR: true
[  357.424285][T10972] tpg source WxH: 320x240 (Y'CbCr)
[  357.456587][T10972] tpg field: 1
[  357.464824][T10972] tpg crop: (0,0)/320x240
[  357.486102][T10972] tpg compose: (0,0)/320x240
[  357.504566][T10972] tpg colorspace: 8
[  357.529034][T10972] tpg transfer function: 0/0
[  357.533697][T10972] tpg Y'CbCr encoding: 0/0
[  357.550714][T10972] tpg quantization: 0/0
[  357.585593][T10972] tpg RGB range: 0/2
[  357.605091][T10972] vivid-007: ==================  END STATUS  ==================
[  358.630378][T11009] Invalid ELF header magic: != ELF
[  359.675760][T11027] vivid-007: =================  START STATUS  =================
[  359.696246][T11027] vivid-007: Generate PTS: true
[  359.714247][T11027] vivid-007: Generate SCR: true
[  359.749469][T11027] tpg source WxH: 320x240 (Y'CbCr)
[  359.776389][T11027] tpg field: 1
[  359.804806][T11027] tpg crop: (0,0)/320x240
[  359.818690][T11027] tpg compose: (0,0)/320x240
[  359.849216][T11027] tpg colorspace: 8
[  359.881325][T11027] tpg transfer function: 0/0
[  359.896248][T11027] tpg Y'CbCr encoding: 0/0
[  359.911484][T11027] tpg quantization: 0/0
[  359.948585][T11027] tpg RGB range: 0/2
[  359.960070][T11027] vivid-007: ==================  END STATUS  ==================
[  360.284959][T11035] FAULT_INJECTION: forcing a failure.
[  360.284959][T11035] name failslab, interval 1, probability 0, space 0, times 0
[  360.346096][T11035] CPU: 0 UID: 0 PID: 11035 Comm: syz.0.1216 Not tainted syzkaller #0 PREEMPT(full) 
[  360.346122][T11035] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  360.346133][T11035] Call Trace:
[  360.346139][T11035]  <TASK>
[  360.346146][T11035]  dump_stack_lvl+0x100/0x190
[  360.346187][T11035]  should_fail_ex.cold+0x5/0xa
[  360.346211][T11035]  should_failslab+0xc2/0x120
[  360.346230][T11035]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  360.346253][T11035]  ? security_inode_alloc+0x3b/0x2c0
[  360.346269][T11035]  ? lockdep_init_map_type+0x5c/0x250
[  360.346292][T11035]  security_inode_alloc+0x3b/0x2c0
[  360.346308][T11035]  inode_init_always_gfp+0xced/0x1040
[  360.346328][T11035]  alloc_inode+0x8e/0x250
[  360.346348][T11035]  new_inode+0x22/0x1c0
[  360.346368][T11035]  shmem_get_inode+0x212/0x1040
[  360.346390][T11035]  ? __pfx_shmem_get_inode+0x10/0x10
[  360.346408][T11035]  ? rcu_is_watching+0x12/0xc0
[  360.346428][T11035]  ? percpu_counter_add_batch+0xb9/0x230
[  360.346452][T11035]  __shmem_file_setup+0x3ac/0x490
[  360.346472][T11035]  ? __pfx___shmem_file_setup+0x10/0x10
[  360.346495][T11035]  ? vm_area_alloc+0x1f/0x160
[  360.346516][T11035]  shmem_zero_setup+0x96/0x1b0
[  360.346531][T11035]  __mmap_region+0x2198/0x29e0
[  360.346554][T11035]  ? update_cfs_rq_load_avg+0x51/0x550
[  360.346571][T11035]  ? __pfx___mmap_region+0x10/0x10
[  360.346596][T11035]  ? set_next_entity+0x11e/0x9c0
[  360.346620][T11035]  ? __lock_acquire+0x4a5/0x2630
[  360.346645][T11035]  ? lock_acquire+0x1cf/0x380
[  360.346663][T11035]  ? find_held_lock+0x2b/0x80
[  360.346686][T11035]  ? trace_sched_exit_tp+0x13a/0x180
[  360.346728][T11035]  ? rcu_is_watching+0x12/0xc0
[  360.346749][T11035]  ? cap_capable+0x107/0x460
[  360.346775][T11035]  mmap_region+0x180/0x3e0
[  360.346799][T11035]  do_mmap+0xc63/0x12f0
[  360.346820][T11035]  ? __pfx_do_mmap+0x10/0x10
[  360.346836][T11035]  ? __pfx_down_write_killable+0x10/0x10
[  360.346857][T11035]  vm_mmap_pgoff+0x29e/0x470
[  360.346877][T11035]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  360.346895][T11035]  ? do_futex+0x192/0x350
[  360.346914][T11035]  ? __pfx_do_futex+0x10/0x10
[  360.346935][T11035]  ksys_mmap_pgoff+0xe1/0x650
[  360.346953][T11035]  ? __pfx_ksys_mmap_pgoff+0x10/0x10
[  360.346969][T11035]  ? xfd_validate_state+0x129/0x190
[  360.346993][T11035]  __x64_sys_mmap+0x125/0x190
[  360.347016][T11035]  do_syscall_64+0x106/0xf80
[  360.347036][T11035]  ? clear_bhb_loop+0x40/0x90
[  360.347055][T11035]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  360.347069][T11035] RIP: 0033:0x7f0cfaf9c799
[  360.347082][T11035] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  360.347096][T11035] RSP: 002b:00007f0cfbdaa028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  360.347110][T11035] RAX: ffffffffffffffda RBX: 00007f0cfb216180 RCX: 00007f0cfaf9c799
[  360.347119][T11035] RDX: 0000000000000003 RSI: 0000000002020009 RDI: 0000000000000000
[  360.347129][T11035] RBP: 00007f0cfb032c99 R08: fffffffffffffffa R09: 0000000000008000
[  360.347139][T11035] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000
[  360.347149][T11035] R13: 00007f0cfb216218 R14: 00007f0cfb216180 R15: 00007ffc5f7ace58
[  360.347169][T11035]  </TASK>
[  362.094242][T11050] FAULT_INJECTION: forcing a failure.
[  362.094242][T11050] name failslab, interval 1, probability 0, space 0, times 0
[  362.201198][T11058] netlink: 'syz.3.1220': attribute type 11 has an invalid length.
[  362.242468][T11050] CPU: 0 UID: 0 PID: 11050 Comm: syz.3.1220 Not tainted syzkaller #0 PREEMPT(full) 
[  362.242491][T11050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  362.242500][T11050] Call Trace:
[  362.242506][T11050]  <TASK>
[  362.242512][T11050]  dump_stack_lvl+0x100/0x190
[  362.242539][T11050]  should_fail_ex.cold+0x5/0xa
[  362.242558][T11050]  should_failslab+0xc2/0x120
[  362.242574][T11050]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  362.242596][T11050]  ? sk_prot_alloc+0x60/0x2a0
[  362.242615][T11050]  sk_prot_alloc+0x60/0x2a0
[  362.242631][T11050]  sk_alloc+0x36/0xe80
[  362.242651][T11050]  inet6_create+0x385/0x12b0
[  362.242674][T11050]  ? inet6_create+0x7f/0x12b0
[  362.242696][T11050]  __sock_create+0x339/0x860
[  362.242716][T11050]  __sys_socket+0x14d/0x260
[  362.242733][T11050]  ? __pfx___sys_socket+0x10/0x10
[  362.242754][T11050]  __x64_sys_socket+0x72/0xb0
[  362.242770][T11050]  ? lockdep_hardirqs_on+0x78/0x100
[  362.242791][T11050]  do_syscall_64+0x106/0xf80
[  362.242812][T11050]  ? clear_bhb_loop+0x40/0x90
[  362.242831][T11050]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  362.242846][T11050] RIP: 0033:0x7f4690b9c799
[  362.242859][T11050] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  362.242873][T11050] RSP: 002b:00007f4691af1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  362.242888][T11050] RAX: ffffffffffffffda RBX: 00007f4690e15fa0 RCX: 00007f4690b9c799
[  362.242898][T11050] RDX: 000000000000003a RSI: 0000000000000002 RDI: 000000000000000a
[  362.242907][T11050] RBP: 00007f4690c32c99 R08: 0000000000000000 R09: 0000000000000000
[  362.242915][T11050] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  362.242924][T11050] R13: 00007f4690e16038 R14: 00007f4690e15fa0 R15: 00007fffaa700768
[  362.242943][T11050]  </TASK>
[  362.744746][T11056] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_tx_wq": -EINTR
[  364.407200][T11093] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1229'.
[  364.633652][T11097] ubi3: attaching mtd1
[  364.658513][T11097] ubi3 error: ubi_attach_mtd_dev: bad VID header (32185) or data offsets (32249)
[  365.127133][T11106] block2mtd: error: cannot open device /sys/module/block2mtd/parameters/block2mtd
[  365.919172][T11115] vivid-003: =================  START STATUS  =================
[  365.947652][T11115] vivid-003: Radio HW Seek Mode: Bounded
[  365.973909][T11115] vivid-003: Radio Programmable HW Seek: false
[  365.988553][T11115] vivid-003: RDS Rx I/O Mode: Block I/O
[  365.995837][T11117] FAULT_INJECTION: forcing a failure.
[  365.995837][T11117] name failslab, interval 1, probability 0, space 0, times 0
[  366.030568][T11115] vivid-003: Generate RBDS Instead of RDS: false
[  366.038671][T11117] CPU: 0 UID: 0 PID: 11117 Comm: syz.0.1236 Not tainted syzkaller #0 PREEMPT(full) 
[  366.038690][T11117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  366.038699][T11117] Call Trace:
[  366.038704][T11117]  <TASK>
[  366.038709][T11117]  dump_stack_lvl+0x100/0x190
[  366.038735][T11117]  should_fail_ex.cold+0x5/0xa
[  366.038753][T11117]  should_failslab+0xc2/0x120
[  366.038770][T11117]  __kvmalloc_node_noprof+0xfa/0xa00
[  366.038798][T11117]  ? seq_read_iter+0x819/0x1270
[  366.038823][T11117]  seq_read_iter+0x819/0x1270
[  366.038844][T11117]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  366.038871][T11117]  kernfs_fop_read_iter+0x46c/0x610
[  366.038892][T11117]  copy_splice_read+0x4ba/0xb90
[  366.038910][T11117]  ? __pfx_copy_splice_read+0x10/0x10
[  366.038925][T11117]  ? look_up_lock_class+0x55/0x120
[  366.038949][T11117]  ? lockdep_init_map_type+0x5c/0x250
[  366.038971][T11117]  ? __pfx_pipe_lock_cmp_fn+0x10/0x10
[  366.038994][T11117]  ? __pfx_copy_splice_read+0x10/0x10
[  366.039008][T11117]  do_splice_read+0x285/0x370
[  366.039024][T11117]  splice_direct_to_actor+0x2a1/0xa30
[  366.039039][T11117]  ? __pfx_direct_splice_actor+0x10/0x10
[  366.039056][T11117]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  366.039076][T11117]  do_splice_direct+0x174/0x240
[  366.039091][T11117]  ? __pfx_do_splice_direct+0x10/0x10
[  366.039105][T11117]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  366.039131][T11117]  ? rw_verify_area+0xce/0x6d0
[  366.039152][T11117]  do_sendfile+0xadc/0xe20
[  366.039176][T11117]  ? __pfx_do_sendfile+0x10/0x10
[  366.039196][T11117]  ? __fget_files+0x21f/0x3d0
[  366.039214][T11117]  __x64_sys_sendfile64+0x1d8/0x220
[  366.039230][T11117]  ? ksys_write+0x1ac/0x250
[  366.039243][T11117]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  366.039264][T11117]  do_syscall_64+0x106/0xf80
[  366.039282][T11117]  ? clear_bhb_loop+0x40/0x90
[  366.039299][T11117]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  366.039312][T11117] RIP: 0033:0x7f0cfaf9c799
[  366.039325][T11117] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  366.039338][T11117] RSP: 002b:00007f0cfbdec028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  366.039351][T11117] RAX: ffffffffffffffda RBX: 00007f0cfb215fa0 RCX: 00007f0cfaf9c799
[  366.039361][T11117] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003
[  366.039369][T11117] RBP: 00007f0cfbdec090 R08: 0000000000000000 R09: 0000000000000000
[  366.039377][T11117] R10: 000000007ffffffc R11: 0000000000000246 R12: 0000000000000001
[  366.039385][T11117] R13: 00007f0cfb216038 R14: 00007f0cfb215fa0 R15: 00007ffc5f7ace58
[  366.039404][T11117]  </TASK>
[  366.404795][T11115] vivid-003: RDS Reception: true
[  366.409894][T11115] vivid-003: RDS Program Type: 0 inactive
[  366.415998][T11115] vivid-003: RDS PS Name:  inactive
[  366.421384][T11115] vivid-003: RDS Radio Text:  inactive
[  366.427125][T11115] vivid-003: RDS Traffic Announcement: false inactive
[  366.434100][T11115] vivid-003: RDS Traffic Program: false inactive
[  366.440696][T11115] vivid-003: RDS Music: false inactive
[  366.446272][T11115] vivid-003: ==================  END STATUS  ==================
[  366.726002][T11122] CIFS: VFS: Unsupported security flags: 0x110
[  366.910113][T11122] can: request_module (can-proto-4) failed.
[  367.637119][T11140] FAULT_INJECTION: forcing a failure.
[  367.637119][T11140] name failslab, interval 1, probability 0, space 0, times 0
[  367.667294][T11142] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1245'.
[  367.979684][T11142] netlink: 29 bytes leftover after parsing attributes in process `syz.0.1245'.
[  368.027264][T11140] CPU: 0 UID: 0 PID: 11140 Comm: syz.2.1244 Not tainted syzkaller #0 PREEMPT(full) 
[  368.027287][T11140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  368.027297][T11140] Call Trace:
[  368.027302][T11140]  <TASK>
[  368.027308][T11140]  dump_stack_lvl+0x100/0x190
[  368.027336][T11140]  should_fail_ex.cold+0x5/0xa
[  368.027354][T11140]  should_failslab+0xc2/0x120
[  368.027371][T11140]  __kmalloc_cache_noprof+0x7a/0x6f0
[  368.027390][T11140]  ? __do_sys_fanotify_init+0x690/0xe50
[  368.027417][T11140]  __do_sys_fanotify_init+0x690/0xe50
[  368.027440][T11140]  do_syscall_64+0x106/0xf80
[  368.027461][T11140]  ? clear_bhb_loop+0x40/0x90
[  368.027478][T11140]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  368.027492][T11140] RIP: 0033:0x7f8c3959c799
[  368.027505][T11140] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  368.027520][T11140] RSP: 002b:00007f8c3a3ef028 EFLAGS: 00000246 ORIG_RAX: 000000000000012c
[  368.027534][T11140] RAX: ffffffffffffffda RBX: 00007f8c39815fa0 RCX: 00007f8c3959c799
[  368.027544][T11140] RDX: 0000000000000000 RSI: 0002000000000002 RDI: 0000000000000005
[  368.027552][T11140] RBP: 00007f8c39632c99 R08: 0000000000000000 R09: 0000000000000000
[  368.027561][T11140] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  368.027569][T11140] R13: 00007f8c39816038 R14: 00007f8c39815fa0 R15: 00007ffdc0a0f738
[  368.027587][T11140]  </TASK>
[  368.677282][T11147] zswap: compressor  not available
[  369.417547][T11170] FAULT_INJECTION: forcing a failure.
[  369.417547][T11170] name failslab, interval 1, probability 0, space 0, times 0
[  369.507697][T11170] CPU: 0 UID: 0 PID: 11170 Comm: syz.2.1251 Not tainted syzkaller #0 PREEMPT(full) 
[  369.507722][T11170] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  369.507731][T11170] Call Trace:
[  369.507737][T11170]  <TASK>
[  369.507742][T11170]  dump_stack_lvl+0x100/0x190
[  369.507771][T11170]  should_fail_ex.cold+0x5/0xa
[  369.507790][T11170]  ? tomoyo_encode2+0xfb/0x3c0
[  369.507809][T11170]  should_failslab+0xc2/0x120
[  369.507826][T11170]  __kmalloc_noprof+0xe0/0x850
[  369.507846][T11170]  ? d_absolute_path+0x136/0x1b0
[  369.507869][T11170]  tomoyo_encode2+0xfb/0x3c0
[  369.507890][T11170]  tomoyo_encode+0x29/0x50
[  369.507906][T11170]  tomoyo_realpath_from_path+0x18c/0x690
[  369.507928][T11170]  tomoyo_path_number_perm+0x23c/0x580
[  369.507944][T11170]  ? tomoyo_path_number_perm+0x22e/0x580
[  369.507960][T11170]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  369.507994][T11170]  ? find_held_lock+0x2b/0x80
[  369.508008][T11170]  ? __fget_files+0x215/0x3d0
[  369.508021][T11170]  ? hook_file_ioctl_common+0x146/0x410
[  369.508042][T11170]  ? __fget_files+0x21f/0x3d0
[  369.508058][T11170]  security_file_ioctl+0xd3/0x230
[  369.508076][T11170]  __x64_sys_ioctl+0xb7/0x210
[  369.508098][T11170]  do_syscall_64+0x106/0xf80
[  369.508118][T11170]  ? clear_bhb_loop+0x40/0x90
[  369.508136][T11170]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  369.508151][T11170] RIP: 0033:0x7f8c3959c799
[  369.508163][T11170] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  369.508177][T11170] RSP: 002b:00007f8c3a3ef028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  369.508191][T11170] RAX: ffffffffffffffda RBX: 00007f8c39815fa0 RCX: 00007f8c3959c799
[  369.508200][T11170] RDX: 0000000000000000 RSI: 0000000000005412 RDI: 0000000000000005
[  369.508208][T11170] RBP: 00007f8c3a3ef090 R08: 0000000000000000 R09: 0000000000000000
[  369.508216][T11170] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  369.508224][T11170] R13: 00007f8c39816038 R14: 00007f8c39815fa0 R15: 00007ffdc0a0f738
[  369.508242][T11170]  </TASK>
[  369.508259][T11170] ERROR: Out of memory at tomoyo_realpath_from_path.
[  370.135891][T11179] syz.1.1252 (11179): /proc/11178/oom_adj is deprecated, please use /proc/11178/oom_score_adj instead.
[  370.219705][T11181] vivid-007: =================  START STATUS  =================
[  370.244932][T11181] vivid-007: Generate PTS: true
[  370.261801][T11181] vivid-007: Generate SCR: true
[  370.288805][T11181] tpg source WxH: 320x240 (Y'CbCr)
[  370.303040][T11181] tpg field: 1
[  370.306435][T11181] tpg crop: (0,0)/320x240
[  370.312940][T11185] FAULT_INJECTION: forcing a failure.
[  370.312940][T11185] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  370.344954][T11181] tpg compose: (0,0)/320x240
[  370.366937][T11181] tpg colorspace: 8
[  370.373187][T11185] CPU: 0 UID: 0 PID: 11185 Comm: syz.1.1255 Not tainted syzkaller #0 PREEMPT(full) 
[  370.373207][T11185] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  370.373216][T11185] Call Trace:
[  370.373221][T11185]  <TASK>
[  370.373227][T11185]  dump_stack_lvl+0x100/0x190
[  370.373258][T11185]  should_fail_ex.cold+0x5/0xa
[  370.373277][T11185]  _copy_to_user+0x32/0xd0
[  370.373297][T11185]  simple_read_from_buffer+0xcb/0x170
[  370.373321][T11185]  proc_fail_nth_read+0x1af/0x230
[  370.373339][T11185]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  370.373357][T11185]  ? rw_verify_area+0xce/0x6d0
[  370.373376][T11185]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  370.373393][T11185]  vfs_read+0x1e4/0xb30
[  370.373408][T11185]  ? __pfx_vfs_read+0x10/0x10
[  370.373420][T11185]  ? __fget_files+0x215/0x3d0
[  370.373438][T11185]  ? __fget_files+0x21f/0x3d0
[  370.373456][T11185]  ksys_read+0x12a/0x250
[  370.373469][T11185]  ? __pfx_ksys_read+0x10/0x10
[  370.373487][T11185]  do_syscall_64+0x106/0xf80
[  370.373507][T11185]  ? clear_bhb_loop+0x40/0x90
[  370.373532][T11185]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  370.373547][T11185] RIP: 0033:0x7f6795f5cfce
[  370.373560][T11185] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  370.373573][T11185] RSP: 002b:00007f67941f5fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  370.373587][T11185] RAX: ffffffffffffffda RBX: 00007f67941f66c0 RCX: 00007f6795f5cfce
[  370.373596][T11185] RDX: 000000000000000f RSI: 00007f67941f60a0 RDI: 0000000000000003
[  370.373604][T11185] RBP: 00007f67941f6090 R08: 0000000000000000 R09: 0000000000000000
[  370.373613][T11185] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  370.373621][T11185] R13: 00007f6796216038 R14: 00007f6796215fa0 R15: 00007ffe372731a8
[  370.373639][T11185]  </TASK>
[  370.376184][T11181] tpg transfer function: 0/0
[  370.722114][T11192] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1257'.
[  370.735777][T11181] tpg Y'CbCr encoding: 0/0
[  370.748561][T11181] tpg quantization: 0/0
[  370.752872][T11192] team_slave_0: entered allmulticast mode
[  370.761158][T11181] tpg RGB range: 0/2
[  370.771251][T11181] vivid-007: ==================  END STATUS  ==================
[  371.090144][T11200] FAULT_INJECTION: forcing a failure.
[  371.090144][T11200] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  371.154658][T11200] CPU: 0 UID: 0 PID: 11200 Comm: syz.2.1260 Not tainted syzkaller #0 PREEMPT(full) 
[  371.154684][T11200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  371.154694][T11200] Call Trace:
[  371.154699][T11200]  <TASK>
[  371.154705][T11200]  dump_stack_lvl+0x100/0x190
[  371.154733][T11200]  should_fail_ex.cold+0x5/0xa
[  371.154752][T11200]  _copy_from_user+0x2e/0xd0
[  371.154772][T11200]  kstrtouint_from_user+0xd6/0x1d0
[  371.154794][T11200]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  371.154814][T11200]  ? __lock_acquire+0x4a5/0x2630
[  371.154836][T11200]  ? lock_acquire+0x1cf/0x380
[  371.154858][T11200]  proc_fail_nth_write+0x83/0x220
[  371.154877][T11200]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  371.154901][T11200]  vfs_write+0x2aa/0x1070
[  371.154917][T11200]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  371.154936][T11200]  ? __pfx_vfs_write+0x10/0x10
[  371.154949][T11200]  ? __fget_files+0x215/0x3d0
[  371.154968][T11200]  ? __fget_files+0x21f/0x3d0
[  371.154987][T11200]  ksys_write+0x12a/0x250
[  371.155003][T11200]  ? __pfx_ksys_write+0x10/0x10
[  371.155022][T11200]  do_syscall_64+0x106/0xf80
[  371.155043][T11200]  ? clear_bhb_loop+0x40/0x90
[  371.155060][T11200]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  371.155075][T11200] RIP: 0033:0x7f8c3959c799
[  371.155088][T11200] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  371.155102][T11200] RSP: 002b:00007f8c3a3ef028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  371.155116][T11200] RAX: ffffffffffffffda RBX: 00007f8c39815fa0 RCX: 00007f8c3959c799
[  371.155126][T11200] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000004
[  371.155133][T11200] RBP: 00007f8c39632c99 R08: 0000000000000000 R09: 0000000000000000
[  371.155142][T11200] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  371.155150][T11200] R13: 00007f8c39816038 R14: 00007f8c39815fa0 R15: 00007ffdc0a0f738
[  371.155169][T11200]  </TASK>
[  371.985140][T11202] [U] ^@
[  372.616894][T11251] ubi0: attaching mtd0
[  372.622650][T11247] FAULT_INJECTION: forcing a failure.
[  372.622650][T11247] name failslab, interval 1, probability 0, space 0, times 0
[  372.652673][T11251] ubi0: scanning is finished
[  372.680767][T11247] CPU: 0 UID: 0 PID: 11247 Comm: syz.2.1272 Not tainted syzkaller #0 PREEMPT(full) 
[  372.680788][T11247] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  372.680797][T11247] Call Trace:
[  372.680802][T11247]  <TASK>
[  372.680808][T11247]  dump_stack_lvl+0x100/0x190
[  372.680836][T11247]  should_fail_ex.cold+0x5/0xa
[  372.680854][T11247]  should_failslab+0xc2/0x120
[  372.680871][T11247]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[  372.680893][T11247]  ? shmem_alloc_inode+0x25/0x50
[  372.680912][T11247]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  372.680929][T11247]  shmem_alloc_inode+0x25/0x50
[  372.680945][T11247]  alloc_inode+0x68/0x250
[  372.680964][T11247]  new_inode+0x22/0x1c0
[  372.680984][T11247]  shmem_get_inode+0x212/0x1040
[  372.681006][T11247]  ? __pfx_shmem_get_inode+0x10/0x10
[  372.681031][T11247]  __shmem_file_setup+0x184/0x490
[  372.681050][T11247]  ? __pfx___shmem_file_setup+0x10/0x10
[  372.681070][T11247]  ? do_raw_spin_lock+0x128/0x260
[  372.681090][T11247]  ? find_held_lock+0x2b/0x80
[  372.681103][T11247]  ? alloc_fd+0x476/0x790
[  372.681116][T11247]  ? alloc_fd+0x476/0x790
[  372.681132][T11247]  memfd_alloc_file+0x247/0x620
[  372.681151][T11247]  ? _raw_spin_unlock+0x28/0x50
[  372.681170][T11247]  ? __pfx_memfd_alloc_file+0x10/0x10
[  372.681195][T11247]  __do_sys_memfd_create+0x236/0x3d0
[  372.681216][T11247]  do_syscall_64+0x106/0xf80
[  372.681237][T11247]  ? clear_bhb_loop+0x40/0x90
[  372.681255][T11247]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  372.681270][T11247] RIP: 0033:0x7f8c3959c799
[  372.681283][T11247] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  372.681307][T11247] RSP: 002b:00007f8c3a3ef028 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  372.681322][T11247] RAX: ffffffffffffffda RBX: 00007f8c39815fa0 RCX: 00007f8c3959c799
[  372.681332][T11247] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  372.681341][T11247] RBP: 00007f8c39632c99 R08: 0000000000000000 R09: 0000000000000000
[  372.681351][T11247] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  372.681363][T11247] R13: 00007f8c39816038 R14: 00007f8c39815fa0 R15: 00007ffdc0a0f738
[  372.681387][T11247]  </TASK>
[  373.429681][T11251] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB)
[  373.472097][T11251] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  373.547768][T11251] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1
[  373.605992][T11251] ubi0: VID header offset: 64 (aligned 64), data offset: 128
[  373.655254][T11251] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  373.699439][T11251] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23
[  373.743636][T11251] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 1521956650
[  373.808561][T11251] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  373.848596][T11256] ubi0: detaching mtd0
[  373.852875][T11266] ubi0: background thread "ubi_bgt0d" started, PID 11266
[  373.899423][T11256] ubi0: mtd0 is detached
[  374.398718][   T83] EXT4-fs (sda1): Delayed block allocation failed for inode 2026 at logical offset 2 with max blocks 5 with error 117
[  374.418447][   T83] EXT4-fs (sda1): This should not happen!! Data will be lost
[  374.418447][   T83] 
[  374.505154][   T83] EXT4-fs (sda1): Delayed block allocation failed for inode 2028 at logical offset 4 with max blocks 1 with error 117
[  374.572236][   T83] EXT4-fs (sda1): This should not happen!! Data will be lost
[  374.572236][   T83] 
[  374.937455][T11291] vivid-007: =================  START STATUS  =================
[  374.937473][T11291] vivid-007: Generate PTS: true
[  374.937497][T11291] vivid-007: Generate SCR: true
[  374.937513][T11291] tpg source WxH: 320x240 (Y'CbCr)
[  374.937522][T11291] tpg field: 1
[  374.937528][T11291] tpg crop: (0,0)/320x240
[  374.937537][T11291] tpg compose: (0,0)/320x240
[  374.937546][T11291] tpg colorspace: 8
[  374.937552][T11291] tpg transfer function: 0/0
[  374.937559][T11291] tpg Y'CbCr encoding: 0/0
[  374.937566][T11291] tpg quantization: 0/0
[  374.937572][T11291] tpg RGB range: 0/2
[  374.937582][T11291] vivid-007: ==================  END STATUS  ==================
[  375.476469][T11298] usb usb3: usbfs: process 11298 (syz.2.1285) did not claim interface 0 before use
[  376.670801][T11324] kvm: vcpu 4: requested lapic timer restore with starting count register 0x390=4294967104 (137438947328 ns) > initial count (6624 ns). Using initial count to start timer.
[  379.042468][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  379.049090][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  379.062860][T11395] device-mapper: ioctl: device name cannot contain '/'
[  379.190690][T11395] vhci_hcd vhci_hcd.2: invalid port number 194
[  379.297319][T11395] vhci_hcd vhci_hcd.2: invalid port number 194
[  380.315688][T11432] device-mapper: ioctl: device name cannot contain '/'
[  380.423463][T11432] vhci_hcd vhci_hcd.2: invalid port number 194
[  380.423485][T11432] vhci_hcd vhci_hcd.2: invalid port number 194
[  382.901613][T11467] kvm: vcpu 4: requested lapic timer restore with starting count register 0x390=4294967104 (137438947328 ns) > initial count (6624 ns). Using initial count to start timer.
[  383.986590][T11494] Process accounting resumed
[  390.246899][T11610] futex_wake_op: syz.0.1368 tries to shift op by -2048; fix this program
[  390.432718][T11607] 0x000000000001-0x000000020000 : ""
[  390.490810][T11607] ftl_cs: FTL header corrupt!
[  391.442925][T11615] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input54
[  391.842892][ T5832] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  392.023026][T11617] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input55
[  392.687518][T11640] vivid-007: =================  START STATUS  =================
[  392.768092][T11640] vivid-007: Generate PTS: true
[  392.846490][T11640] vivid-007: Generate SCR: true
[  392.911267][T11640] tpg source WxH: 320x240 (Y'CbCr)
[  392.993140][T11640] tpg field: 1
[  393.006673][T11640] tpg crop: (0,0)/320x240
[  393.052338][T11640] tpg compose: (0,0)/320x240
[  393.094814][T11640] tpg colorspace: 8
[  393.145998][T11640] tpg transfer function: 0/0
[  393.188833][T11640] tpg Y'CbCr encoding: 0/0
[  393.230684][T11640] tpg quantization: 0/0
[  393.269854][T11640] tpg RGB range: 0/2
[  393.314096][T11640] vivid-007: ==================  END STATUS  ==================
[  393.605454][T11656] FAULT_INJECTION: forcing a failure.
[  393.605454][T11656] name failslab, interval 1, probability 0, space 0, times 0
[  393.665578][T11656] CPU: 0 UID: 0 PID: 11656 Comm: syz.1.1372 Not tainted syzkaller #0 PREEMPT(full) 
[  393.665602][T11656] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  393.665612][T11656] Call Trace:
[  393.665617][T11656]  <TASK>
[  393.665624][T11656]  dump_stack_lvl+0x100/0x190
[  393.665652][T11656]  should_fail_ex.cold+0x5/0xa
[  393.665672][T11656]  should_failslab+0xc2/0x120
[  393.665689][T11656]  __kmalloc_cache_noprof+0x7a/0x6f0
[  393.665708][T11656]  ? sctp_add_bind_addr+0xae/0x3e0
[  393.665726][T11656]  ? __pfx_sctp_get_port_local+0x10/0x10
[  393.665750][T11656]  sctp_add_bind_addr+0xae/0x3e0
[  393.665773][T11656]  sctp_do_bind+0x36c/0x760
[  393.665794][T11656]  sctp_bind+0xac/0x130
[  393.665809][T11656]  ? __pfx_sctp_bind+0x10/0x10
[  393.665822][T11656]  inet_bind+0x9a/0x120
[  393.665841][T11656]  __sys_bind+0x1a9/0x260
[  393.665859][T11656]  ? __pfx___sys_bind+0x10/0x10
[  393.665891][T11656]  __x64_sys_bind+0x72/0xb0
[  393.665908][T11656]  ? lockdep_hardirqs_on+0x78/0x100
[  393.665929][T11656]  do_syscall_64+0x106/0xf80
[  393.665948][T11656]  ? clear_bhb_loop+0x40/0x90
[  393.665966][T11656]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  393.665980][T11656] RIP: 0033:0x7f6795f9c799
[  393.665993][T11656] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  393.666006][T11656] RSP: 002b:00007f67941f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  393.666020][T11656] RAX: ffffffffffffffda RBX: 00007f6796215fa0 RCX: 00007f6795f9c799
[  393.666030][T11656] RDX: 000000000000006a RSI: 0000200000000040 RDI: 0000000000000003
[  393.666038][T11656] RBP: 00007f6796032c99 R08: 0000000000000000 R09: 0000000000000000
[  393.666047][T11656] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  393.666055][T11656] R13: 00007f6796216038 R14: 00007f6796215fa0 R15: 00007ffe372731a8
[  393.666074][T11656]  </TASK>
[  396.101850][T11693] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input56
[  396.471444][T11697] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input57
[  397.327066][T11718] FAULT_INJECTION: forcing a failure.
[  397.327066][T11718] name failslab, interval 1, probability 0, space 0, times 0
[  397.400222][T11718] CPU: 0 UID: 0 PID: 11718 Comm: syz.1.1389 Not tainted syzkaller #0 PREEMPT(full) 
[  397.400246][T11718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  397.400255][T11718] Call Trace:
[  397.400261][T11718]  <TASK>
[  397.400268][T11718]  dump_stack_lvl+0x100/0x190
[  397.400298][T11718]  should_fail_ex.cold+0x5/0xa
[  397.400316][T11718]  ? tomoyo_encode2+0xfb/0x3c0
[  397.400341][T11718]  should_failslab+0xc2/0x120
[  397.400358][T11718]  __kmalloc_noprof+0xe0/0x850
[  397.400380][T11718]  ? rcu_is_watching+0x12/0xc0
[  397.400405][T11718]  tomoyo_encode2+0xfb/0x3c0
[  397.400425][T11718]  tomoyo_encode+0x29/0x50
[  397.400442][T11718]  tomoyo_realpath_from_path+0x18c/0x690
[  397.400465][T11718]  tomoyo_check_open_permission+0x2af/0x3c0
[  397.400482][T11718]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  397.400514][T11718]  ? lock_acquire+0x1cf/0x380
[  397.400533][T11718]  ? find_held_lock+0x2b/0x80
[  397.400550][T11718]  tomoyo_file_open+0x6b/0x90
[  397.400571][T11718]  security_file_open+0xb5/0x1e0
[  397.400589][T11718]  do_dentry_open+0x5aa/0x1660
[  397.400610][T11718]  vfs_open+0x82/0x3f0
[  397.400630][T11718]  path_openat+0x208c/0x31a0
[  397.400649][T11718]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  397.400668][T11718]  ? stack_depot_save_flags+0x27/0x9d0
[  397.400687][T11718]  ? __pfx_path_openat+0x10/0x10
[  397.400703][T11718]  ? kasan_save_stack+0x3f/0x50
[  397.400724][T11718]  ? kasan_save_stack+0x30/0x50
[  397.400743][T11718]  ? kasan_save_track+0x14/0x30
[  397.400754][T11718]  ? __kasan_slab_alloc+0x89/0x90
[  397.400766][T11718]  ? kmem_cache_alloc_noprof+0x241/0x6e0
[  397.400785][T11718]  ? do_getname+0x35/0x390
[  397.400804][T11718]  do_file_open+0x20e/0x430
[  397.400820][T11718]  ? __pfx_do_file_open+0x10/0x10
[  397.400850][T11718]  ? find_held_lock+0x2b/0x80
[  397.400862][T11718]  ? __might_fault+0xc5/0x140
[  397.400881][T11718]  ? __might_fault+0xc5/0x140
[  397.400907][T11718]  file_open_name+0x198/0x3b0
[  397.400926][T11718]  ? __pfx_file_open_name+0x10/0x10
[  397.400947][T11718]  ? do_getname+0x191/0x390
[  397.400965][T11718]  __do_sys_swapon+0x7cd/0x3800
[  397.400991][T11718]  ? __fget_files+0x21f/0x3d0
[  397.401009][T11718]  ? fput+0x79/0x100
[  397.401025][T11718]  ? ksys_write+0x1ac/0x250
[  397.401038][T11718]  ? __pfx___do_sys_swapon+0x10/0x10
[  397.401064][T11718]  do_syscall_64+0x106/0xf80
[  397.401085][T11718]  ? clear_bhb_loop+0x40/0x90
[  397.401103][T11718]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  397.401117][T11718] RIP: 0033:0x7f6795f9c799
[  397.401130][T11718] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  397.401144][T11718] RSP: 002b:00007f67941f6028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a7
[  397.401158][T11718] RAX: ffffffffffffffda RBX: 00007f6796215fa0 RCX: 00007f6795f9c799
[  397.401168][T11718] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 00002000000028c0
[  397.401176][T11718] RBP: 00007f67941f6090 R08: 0000000000000000 R09: 0000000000000000
[  397.401184][T11718] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  397.401192][T11718] R13: 00007f6796216038 R14: 00007f6796215fa0 R15: 00007ffe372731a8
[  397.401214][T11718]  </TASK>
[  397.401271][T11718] ERROR: Out of memory at tomoyo_realpath_from_path.
[  397.959579][T11726] FAULT_INJECTION: forcing a failure.
[  397.959579][T11726] name failslab, interval 1, probability 0, space 0, times 0
[  398.027521][T11726] CPU: 0 UID: 0 PID: 11726 Comm: syz.0.1391 Not tainted syzkaller #0 PREEMPT(full) 
[  398.027552][T11726] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  398.027562][T11726] Call Trace:
[  398.027569][T11726]  <TASK>
[  398.027576][T11726]  dump_stack_lvl+0x100/0x190
[  398.027607][T11726]  should_fail_ex.cold+0x5/0xa
[  398.027628][T11726]  ? tomoyo_encode2+0xfb/0x3c0
[  398.027648][T11726]  should_failslab+0xc2/0x120
[  398.027665][T11726]  __kmalloc_noprof+0xe0/0x850
[  398.027687][T11726]  ? rcu_is_watching+0x12/0xc0
[  398.027712][T11726]  tomoyo_encode2+0xfb/0x3c0
[  398.027734][T11726]  tomoyo_encode+0x29/0x50
[  398.027751][T11726]  tomoyo_realpath_from_path+0x18c/0x690
[  398.027775][T11726]  tomoyo_check_open_permission+0x2af/0x3c0
[  398.027793][T11726]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  398.027828][T11726]  ? do_raw_spin_lock+0x128/0x260
[  398.027851][T11726]  ? path_get+0x61/0x80
[  398.027870][T11726]  tomoyo_file_open+0x6b/0x90
[  398.027892][T11726]  security_file_open+0xb5/0x1e0
[  398.027911][T11726]  do_dentry_open+0x5aa/0x1660
[  398.027928][T11726]  ? security_inode_permission+0xbf/0x250
[  398.027947][T11726]  vfs_open+0x82/0x3f0
[  398.027967][T11726]  path_openat+0x208c/0x31a0
[  398.027989][T11726]  ? __pfx_path_openat+0x10/0x10
[  398.028011][T11726]  do_file_open+0x20e/0x430
[  398.028029][T11726]  ? __pfx_do_file_open+0x10/0x10
[  398.028057][T11726]  ? alloc_fd+0x476/0x790
[  398.028075][T11726]  ? do_getname+0x191/0x390
[  398.028094][T11726]  do_sys_openat2+0x10d/0x1e0
[  398.028113][T11726]  ? __pfx_do_sys_openat2+0x10/0x10
[  398.028139][T11726]  __x64_sys_openat+0x12d/0x210
[  398.028158][T11726]  ? __pfx___x64_sys_openat+0x10/0x10
[  398.028184][T11726]  do_syscall_64+0x106/0xf80
[  398.028205][T11726]  ? clear_bhb_loop+0x40/0x90
[  398.028223][T11726]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  398.028238][T11726] RIP: 0033:0x7f0cfaf9c799
[  398.028251][T11726] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  398.028264][T11726] RSP: 002b:00007f0cfbdec028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  398.028279][T11726] RAX: ffffffffffffffda RBX: 00007f0cfb215fa0 RCX: 00007f0cfaf9c799
[  398.028289][T11726] RDX: 0000000000000000 RSI: 0000200000000100 RDI: ffffffffffffff9c
[  398.028298][T11726] RBP: 00007f0cfb032c99 R08: 0000000000000000 R09: 0000000000000000
[  398.028307][T11726] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  398.028316][T11726] R13: 00007f0cfb216038 R14: 00007f0cfb215fa0 R15: 00007ffc5f7ace58
[  398.028335][T11726]  </TASK>
[  399.048113][T11726] ERROR: Out of memory at tomoyo_realpath_from_path.
[  399.813372][T11760] vivid-007: =================  START STATUS  =================
[  399.847498][T11760] vivid-007: Generate PTS: true
[  399.881902][T11760] vivid-007: Generate SCR: true
[  399.911866][T11760] tpg source WxH: 320x240 (Y'CbCr)
[  399.942078][T11760] tpg field: 1
[  399.945473][T11760] tpg crop: (0,0)/320x240
[  399.980049][T11760] tpg compose: (0,0)/320x240
[  400.010609][T11760] tpg colorspace: 8
[  400.031110][T11760] tpg transfer function: 0/0
[  400.058512][T11760] tpg Y'CbCr encoding: 0/0
[  400.074540][T11760] tpg quantization: 0/0
[  400.101156][T11760] tpg RGB range: 0/2
[  400.118612][T11760] vivid-007: ==================  END STATUS  ==================
[  400.838530][T11773] futex_wake_op: syz.1.1403 tries to shift op by -2048; fix this program
[  400.931376][T11777] 0x000000000001-0x000000020000 : ""
[  400.994960][T11777] ftl_cs: FTL header corrupt!
[  401.219939][T11783] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1405'.
[  401.235071][T11779] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input58
[  402.280462][T11806] vivid-007: =================  START STATUS  =================
[  402.288261][T11806] vivid-007: Generate PTS: true
[  402.327375][T11806] vivid-007: Generate SCR: true
[  402.359262][T11788] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input61
[  402.369983][T11806] tpg source WxH: 320x240 (Y'CbCr)
[  402.391613][T11806] tpg field: 1
[  402.395028][T11806] tpg crop: (0,0)/320x240
[  402.420243][T11806] tpg compose: (0,0)/320x240
[  402.424858][T11806] tpg colorspace: 8
[  402.453093][T11806] tpg transfer function: 0/0
[  402.471193][T11806] tpg Y'CbCr encoding: 0/0
[  402.491621][T11806] tpg quantization: 0/0
[  402.504309][T11806] tpg RGB range: 0/2
[  402.520973][T11806] vivid-007: ==================  END STATUS  ==================
[  402.877627][T11812] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1420'.
[  403.333391][T11822] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input62
[  403.800895][T11823] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input63
[  405.323547][T11848] vivid-007: =================  START STATUS  =================
[  405.372926][T11848] vivid-007: Generate PTS: true
[  405.407548][T11848] vivid-007: Generate SCR: true
[  405.424011][T11848] tpg source WxH: 320x240 (Y'CbCr)
[  405.440503][T11848] tpg field: 1
[  405.443899][T11848] tpg crop: (0,0)/320x240
[  405.467879][T11848] tpg compose: (0,0)/320x240
[  405.485639][T11848] tpg colorspace: 8
[  405.503636][T11848] tpg transfer function: 0/0
[  405.533756][T11848] tpg Y'CbCr encoding: 0/0
[  405.558669][T11848] tpg quantization: 0/0
[  405.568790][T11848] tpg RGB range: 0/2
[  405.581977][T11848] vivid-007: ==================  END STATUS  ==================
[  405.893045][T11858] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1424'.
[  405.951660][T11858] team0: Port device team_slave_1 removed
[  406.390223][T11869] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1428'.
[  406.541884][T11876] vivid-007: =================  START STATUS  =================
[  406.570193][T11876] vivid-007: Generate PTS: true
[  406.586969][T11876] vivid-007: Generate SCR: true
[  406.604033][T11876] tpg source WxH: 320x240 (Y'CbCr)
[  406.625884][T11876] tpg field: 1
[  406.638226][T11876] tpg crop: (0,0)/320x240
[  406.660326][T11876] tpg compose: (0,0)/320x240
[  406.686041][T11876] tpg colorspace: 8
[  406.702112][T11876] tpg transfer function: 0/0
[  406.723110][T11876] tpg Y'CbCr encoding: 0/0
[  406.735074][T11876] tpg quantization: 0/0
[  406.753927][T11876] tpg RGB range: 0/2
[  406.766901][T11876] vivid-007: ==================  END STATUS  ==================
[  407.541462][T11914] netlink: 93 bytes leftover after parsing attributes in process `syz.2.1440'.
[  407.573230][T11912] netlink: 93 bytes leftover after parsing attributes in process `syz.2.1440'.
[  408.365355][T11925] vivid-007: =================  START STATUS  =================
[  408.405712][T11925] vivid-007: Generate PTS: true
[  408.416100][T11925] vivid-007: Generate SCR: true
[  408.437921][T11925] tpg source WxH: 320x240 (Y'CbCr)
[  408.455926][T11925] tpg field: 1
[  408.459527][T11925] tpg crop: (0,0)/320x240
[  408.476204][T11925] tpg compose: (0,0)/320x240
[  408.487062][T11925] tpg colorspace: 8
[  408.500420][T11925] tpg transfer function: 0/0
[  408.515216][T11925] tpg Y'CbCr encoding: 0/0
[  408.524996][T11925] tpg quantization: 0/0
[  408.554433][T11925] tpg RGB range: 0/2
[  408.564545][T11925] vivid-007: ==================  END STATUS  ==================
[  408.972667][T11933] FAULT_INJECTION: forcing a failure.
[  408.972667][T11933] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  409.036981][T11933] CPU: 0 UID: 0 PID: 11933 Comm: syz.2.1444 Not tainted syzkaller #0 PREEMPT(full) 
[  409.037003][T11933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  409.037012][T11933] Call Trace:
[  409.037017][T11933]  <TASK>
[  409.037022][T11933]  dump_stack_lvl+0x100/0x190
[  409.037050][T11933]  should_fail_ex.cold+0x5/0xa
[  409.037064][T11933]  ? prepare_alloc_pages+0x16d/0x5f0
[  409.037082][T11933]  should_fail_alloc_page+0xeb/0x140
[  409.037099][T11933]  prepare_alloc_pages+0x1f0/0x5f0
[  409.037118][T11933]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  409.037142][T11933]  ? __pfx___might_resched+0x10/0x10
[  409.037162][T11933]  ? find_held_lock+0x2b/0x80
[  409.037175][T11933]  ? process_measurement+0x4c8/0x2350
[  409.037196][T11933]  ? process_measurement+0x4c8/0x2350
[  409.037219][T11933]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  409.037238][T11933]  ? up_write+0x290/0x4f0
[  409.037259][T11933]  ? __lock_acquire+0x4a5/0x2630
[  409.037280][T11933]  ? __lock_acquire+0x4a5/0x2630
[  409.037299][T11933]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  409.037315][T11933]  ? policy_nodemask+0xed/0x4f0
[  409.037331][T11933]  alloc_pages_mpol+0x1fb/0x550
[  409.037347][T11933]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  409.037367][T11933]  alloc_pages_noprof+0x131/0x390
[  409.037383][T11933]  __pmd_alloc+0x3b/0x950
[  409.037401][T11933]  __handle_mm_fault+0xa99/0x2b60
[  409.037422][T11933]  ? mt_find+0x45e/0x8e0
[  409.037436][T11933]  ? __pfx___handle_mm_fault+0x10/0x10
[  409.037453][T11933]  ? __pfx_mt_find+0x10/0x10
[  409.037479][T11933]  ? find_vma+0xbf/0x140
[  409.037492][T11933]  ? __pfx_find_vma+0x10/0x10
[  409.037508][T11933]  handle_mm_fault+0x36d/0xa20
[  409.037530][T11933]  do_user_addr_fault+0x74c/0x12f0
[  409.037550][T11933]  exc_page_fault+0x6f/0xd0
[  409.037570][T11933]  asm_exc_page_fault+0x26/0x30
[  409.037584][T11933] RIP: 0010:rep_movs_alternative+0x4a/0x90
[  409.037600][T11933] Code: 93 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 e9 cf 93 04 00 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[  409.037613][T11933] RSP: 0018:ffffc90003bd7c88 EFLAGS: 00050202
[  409.037625][T11933] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000072
[  409.037633][T11933] RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffff888078910800
[  409.037641][T11933] RBP: 0000000000000072 R08: 0000000000000001 R09: ffffed100f12210e
[  409.037650][T11933] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000
[  409.037658][T11933] R13: ffff888078910800 R14: 0000000000000000 R15: 0000000000000000
[  409.037676][T11933]  _copy_from_user+0x98/0xd0
[  409.037693][T11933]  memdup_user+0x6b/0xe0
[  409.037707][T11933]  nvram_misc_write+0x92/0xf0
[  409.037736][T11933]  vfs_write+0x2aa/0x1070
[  409.037750][T11933]  ? __pfx_nvram_misc_write+0x10/0x10
[  409.037772][T11933]  ? __pfx_vfs_write+0x10/0x10
[  409.037784][T11933]  ? find_held_lock+0x2b/0x80
[  409.037796][T11933]  ? __fget_files+0x215/0x3d0
[  409.037810][T11933]  ? __fget_files+0x215/0x3d0
[  409.037826][T11933]  ? __fget_files+0x21f/0x3d0
[  409.037844][T11933]  ksys_write+0x12a/0x250
[  409.037857][T11933]  ? __pfx_ksys_write+0x10/0x10
[  409.037875][T11933]  do_syscall_64+0x106/0xf80
[  409.037893][T11933]  ? clear_bhb_loop+0x40/0x90
[  409.037909][T11933]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  409.037923][T11933] RIP: 0033:0x7f8c3959c799
[  409.037935][T11933] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  409.037947][T11933] RSP: 002b:00007f8c3a3ef028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  409.037959][T11933] RAX: ffffffffffffffda RBX: 00007f8c39815fa0 RCX: 00007f8c3959c799
[  409.037967][T11933] RDX: 00000000000005c8 RSI: 0000000000000000 RDI: 0000000000000003
[  409.037975][T11933] RBP: 00007f8c3a3ef090 R08: 0000000000000000 R09: 0000000000000000
[  409.037983][T11933] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  409.037991][T11933] R13: 00007f8c39816038 R14: 00007f8c39815fa0 R15: 00007ffdc0a0f738
[  409.038009][T11933]  </TASK>
[  409.725736][T11937] FAULT_INJECTION: forcing a failure.
[  409.725736][T11937] name failslab, interval 1, probability 0, space 0, times 0
[  409.738466][T11937] CPU: 0 UID: 0 PID: 11937 Comm: syz.2.1445 Not tainted syzkaller #0 PREEMPT(full) 
[  409.738486][T11937] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  409.738495][T11937] Call Trace:
[  409.738501][T11937]  <TASK>
[  409.738507][T11937]  dump_stack_lvl+0x100/0x190
[  409.738533][T11937]  should_fail_ex.cold+0x5/0xa
[  409.738550][T11937]  ? ethnl_perphy_start+0x114/0x470
[  409.738569][T11937]  should_failslab+0xc2/0x120
[  409.738584][T11937]  __kmalloc_noprof+0xe0/0x850
[  409.738608][T11937]  ethnl_perphy_start+0x114/0x470
[  409.738633][T11937]  ? __pfx_ethnl_perphy_start+0x10/0x10
[  409.738652][T11937]  genl_start+0x601/0x970
[  409.738669][T11937]  __netlink_dump_start+0x60e/0x990
[  409.738692][T11937]  genl_family_rcv_msg_dumpit+0x1e2/0x2e0
[  409.738709][T11937]  ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10
[  409.738730][T11937]  ? __pfx_genl_get_cmd+0x10/0x10
[  409.738742][T11937]  ? __pfx_genl_start+0x10/0x10
[  409.738755][T11937]  ? __pfx_genl_dumpit+0x10/0x10
[  409.738768][T11937]  ? __pfx_genl_done+0x10/0x10
[  409.738783][T11937]  ? __dev_queue_xmit+0x5af/0x4800
[  409.738799][T11937]  ? __radix_tree_lookup+0x217/0x2b0
[  409.738821][T11937]  genl_rcv_msg+0x471/0x800
[  409.738838][T11937]  ? __pfx_genl_rcv_msg+0x10/0x10
[  409.738853][T11937]  ? __pfx_ethnl_perphy_start+0x10/0x10
[  409.738870][T11937]  ? __pfx_ethnl_perphy_dumpit+0x10/0x10
[  409.738888][T11937]  ? __pfx_ethnl_perphy_done+0x10/0x10
[  409.738912][T11937]  netlink_rcv_skb+0x159/0x420
[  409.738925][T11937]  ? __pfx_genl_rcv_msg+0x10/0x10
[  409.738941][T11937]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  409.738961][T11937]  ? netlink_deliver_tap+0x1ae/0xcc0
[  409.738987][T11937]  genl_rcv+0x28/0x40
[  409.739000][T11937]  netlink_unicast+0x5aa/0x870
[  409.739024][T11937]  ? __pfx_netlink_unicast+0x10/0x10
[  409.739051][T11937]  netlink_sendmsg+0x8b0/0xda0
[  409.739067][T11937]  ? __pfx_netlink_sendmsg+0x10/0x10
[  409.739079][T11937]  ? __import_iovec+0x1d2/0x640
[  409.739097][T11937]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  409.739122][T11937]  ____sys_sendmsg+0x9e1/0xb70
[  409.739136][T11937]  ? __pfx_netlink_sendmsg+0x10/0x10
[  409.739150][T11937]  ? __pfx_____sys_sendmsg+0x10/0x10
[  409.739174][T11937]  ___sys_sendmsg+0x190/0x1e0
[  409.739191][T11937]  ? __pfx____sys_sendmsg+0x10/0x10
[  409.739229][T11937]  __sys_sendmsg+0x170/0x220
[  409.739249][T11937]  ? __pfx___sys_sendmsg+0x10/0x10
[  409.739280][T11937]  do_syscall_64+0x106/0xf80
[  409.739299][T11937]  ? clear_bhb_loop+0x40/0x90
[  409.739316][T11937]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  409.739330][T11937] RIP: 0033:0x7f8c3959c799
[  409.739343][T11937] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  409.739357][T11937] RSP: 002b:00007f8c3a3ef028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  409.739371][T11937] RAX: ffffffffffffffda RBX: 00007f8c39815fa0 RCX: 00007f8c3959c799
[  409.739380][T11937] RDX: 0000000020000000 RSI: 0000200000003200 RDI: 0000000000000003
[  409.739388][T11937] RBP: 00007f8c3a3ef090 R08: 0000000000000000 R09: 0000000000000000
[  409.739396][T11937] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  409.739404][T11937] R13: 00007f8c39816038 R14: 00007f8c39815fa0 R15: 00007ffdc0a0f738
[  409.739422][T11937]  </TASK>
[  410.085216][  T147] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 1378 with max blocks 3 with error 117
[  410.098420][  T147] EXT4-fs (sda1): This should not happen!! Data will be lost
[  410.098420][  T147] 
[  410.376288][T11939] EXT4-fs (sda1): Delayed block allocation failed for inode 2026 at logical offset 2 with max blocks 4 with error 117
[  410.390073][T11939] EXT4-fs (sda1): This should not happen!! Data will be lost
[  410.390073][T11939] 
[  410.782051][T11952] vivid-007: =================  START STATUS  =================
[  410.813793][T11952] vivid-007: Generate PTS: true
[  410.848616][T11952] vivid-007: Generate SCR: true
[  410.853492][T11952] tpg source WxH: 320x240 (Y'CbCr)
[  410.942971][T11952] tpg field: 1
[  410.946366][T11952] tpg crop: (0,0)/320x240
[  411.007740][T11952] tpg compose: (0,0)/320x240
[  411.061683][T11952] tpg colorspace: 8
[  411.088830][T11952] tpg transfer function: 0/0
[  411.143257][T11952] tpg Y'CbCr encoding: 0/0
[  411.168459][T11952] tpg quantization: 0/0
[  411.192102][T11952] tpg RGB range: 0/2
[  411.220877][T11952] vivid-007: ==================  END STATUS  ==================
[  411.448852][T11962] FAULT_INJECTION: forcing a failure.
[  411.448852][T11962] name failslab, interval 1, probability 0, space 0, times 0
[  411.514140][T11962] CPU: 0 UID: 0 PID: 11962 Comm: syz.1.1453 Not tainted syzkaller #0 PREEMPT(full) 
[  411.514169][T11962] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  411.514180][T11962] Call Trace:
[  411.514186][T11962]  <TASK>
[  411.514193][T11962]  dump_stack_lvl+0x100/0x190
[  411.514226][T11962]  should_fail_ex.cold+0x5/0xa
[  411.514247][T11962]  should_failslab+0xc2/0x120
[  411.514264][T11962]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[  411.514290][T11962]  ? __d_alloc+0x34/0xa80
[  411.514313][T11962]  __d_alloc+0x34/0xa80
[  411.514341][T11962]  d_alloc_parallel+0x111/0x14e0
[  411.514368][T11962]  ? __lock_acquire+0x4a5/0x2630
[  411.514392][T11962]  ? __pfx_d_alloc_parallel+0x10/0x10
[  411.514418][T11962]  ? lockdep_init_map_type+0x5c/0x250
[  411.514438][T11962]  ? lockdep_init_map_type+0x5c/0x250
[  411.514461][T11962]  __lookup_slow+0x193/0x460
[  411.514480][T11962]  ? __pfx___lookup_slow+0x10/0x10
[  411.514508][T11962]  ? __d_lookup+0x266/0x4a0
[  411.514532][T11962]  lookup_slow+0x50/0x70
[  411.514550][T11962]  link_path_walk+0x1377/0x1cc0
[  411.514578][T11962]  path_openat+0x1be/0x31a0
[  411.514592][T11962]  ? kasan_save_stack+0x3f/0x50
[  411.514613][T11962]  ? kasan_save_stack+0x30/0x50
[  411.514634][T11962]  ? kasan_save_track+0x14/0x30
[  411.514646][T11962]  ? kmem_cache_alloc_noprof+0x241/0x6e0
[  411.514672][T11962]  ? __pfx_path_openat+0x10/0x10
[  411.514694][T11962]  do_file_open+0x20e/0x430
[  411.514711][T11962]  ? __pfx_do_file_open+0x10/0x10
[  411.514740][T11962]  ? alloc_fd+0x476/0x790
[  411.514756][T11962]  ? do_getname+0x191/0x390
[  411.514776][T11962]  do_sys_openat2+0x10d/0x1e0
[  411.514795][T11962]  ? __pfx_do_sys_openat2+0x10/0x10
[  411.514821][T11962]  __x64_sys_openat+0x12d/0x210
[  411.514840][T11962]  ? __pfx___x64_sys_openat+0x10/0x10
[  411.514867][T11962]  do_syscall_64+0x106/0xf80
[  411.514888][T11962]  ? clear_bhb_loop+0x40/0x90
[  411.514907][T11962]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  411.514923][T11962] RIP: 0033:0x7f6795f9c799
[  411.514938][T11962] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  411.514952][T11962] RSP: 002b:00007f67941f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  411.514968][T11962] RAX: ffffffffffffffda RBX: 00007f6796215fa0 RCX: 00007f6795f9c799
[  411.514977][T11962] RDX: 0000000000000100 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  411.514986][T11962] RBP: 00007f6796032c99 R08: 0000000000000000 R09: 0000000000000000
[  411.514995][T11962] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  411.515002][T11962] R13: 00007f6796216038 R14: 00007f6796215fa0 R15: 00007ffe372731a8
[  411.515022][T11962]  </TASK>
[  412.242316][T11975] random: crng reseeded on system resumption
[  413.056074][T11984] random: crng reseeded on system resumption
[  413.099419][T11984] FAULT_INJECTION: forcing a failure.
[  413.099419][T11984] name failslab, interval 1, probability 0, space 0, times 0
[  413.161142][T11984] CPU: 0 UID: 0 PID: 11984 Comm: syz.2.1460 Not tainted syzkaller #0 PREEMPT(full) 
[  413.161167][T11984] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  413.161177][T11984] Call Trace:
[  413.161183][T11984]  <TASK>
[  413.161190][T11984]  dump_stack_lvl+0x100/0x190
[  413.161220][T11984]  should_fail_ex.cold+0x5/0xa
[  413.161239][T11984]  ? tomoyo_encode2+0xfb/0x3c0
[  413.161259][T11984]  should_failslab+0xc2/0x120
[  413.161275][T11984]  __kmalloc_noprof+0xe0/0x850
[  413.161296][T11984]  ? d_absolute_path+0x136/0x1b0
[  413.161320][T11984]  tomoyo_encode2+0xfb/0x3c0
[  413.161341][T11984]  tomoyo_encode+0x29/0x50
[  413.161358][T11984]  tomoyo_realpath_from_path+0x18c/0x690
[  413.161381][T11984]  tomoyo_path_number_perm+0x23c/0x580
[  413.161396][T11984]  ? tomoyo_path_number_perm+0x22e/0x580
[  413.161414][T11984]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  413.161447][T11984]  ? find_held_lock+0x2b/0x80
[  413.161462][T11984]  ? __fget_files+0x215/0x3d0
[  413.161475][T11984]  ? hook_file_ioctl_common+0x146/0x410
[  413.161496][T11984]  ? __fget_files+0x21f/0x3d0
[  413.161513][T11984]  security_file_ioctl+0xd3/0x230
[  413.161531][T11984]  __x64_sys_ioctl+0xb7/0x210
[  413.161560][T11984]  do_syscall_64+0x106/0xf80
[  413.161581][T11984]  ? clear_bhb_loop+0x40/0x90
[  413.161599][T11984]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  413.161614][T11984] RIP: 0033:0x7f8c3959c799
[  413.161627][T11984] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  413.161640][T11984] RSP: 002b:00007f8c3a3ef028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  413.161655][T11984] RAX: ffffffffffffffda RBX: 00007f8c39815fa0 RCX: 00007f8c3959c799
[  413.161665][T11984] RDX: 0000000000000000 RSI: 0000000000003304 RDI: 0000000000000003
[  413.161674][T11984] RBP: 00007f8c3a3ef090 R08: 0000000000000000 R09: 0000000000000000
[  413.161683][T11984] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  413.161691][T11984] R13: 00007f8c39816038 R14: 00007f8c39815fa0 R15: 00007ffdc0a0f738
[  413.161710][T11984]  </TASK>
[  413.161729][T11984] ERROR: Out of memory at tomoyo_realpath_from_path.
[  413.777512][T11996] vivid-007: =================  START STATUS  =================
[  413.808068][T11996] vivid-007: Generate PTS: true
[  413.823710][T11996] vivid-007: Generate SCR: true
[  413.838640][T11996] tpg source WxH: 320x240 (Y'CbCr)
[  413.854891][T11996] tpg field: 1
[  413.872504][T11996] tpg crop: (0,0)/320x240
[  413.887784][T11996] tpg compose: (0,0)/320x240
[  413.909804][T11996] tpg colorspace: 8
[  413.937357][T11996] tpg transfer function: 0/0
[  413.962763][T11996] tpg Y'CbCr encoding: 0/0
[  413.980124][T11996] tpg quantization: 0/0
[  413.994964][T11996] tpg RGB range: 0/2
[  414.011344][T11996] vivid-007: ==================  END STATUS  ==================
[  414.035714][T12003] Scaler: =================  START STATUS  =================
[  414.058527][T12003] Scaler: ==================  END STATUS  ==================
[  414.346720][T11988] Process accounting paused
[  414.956980][T12020] FAULT_INJECTION: forcing a failure.
[  414.956980][T12020] name failslab, interval 1, probability 0, space 0, times 0
[  415.176682][T12020] CPU: 0 UID: 0 PID: 12020 Comm: syz.0.1468 Not tainted syzkaller #0 PREEMPT(full) 
[  415.176703][T12020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  415.176712][T12020] Call Trace:
[  415.176718][T12020]  <TASK>
[  415.176724][T12020]  dump_stack_lvl+0x100/0x190
[  415.176755][T12020]  should_fail_ex.cold+0x5/0xa
[  415.176773][T12020]  ? kernfs_fop_write_iter+0x26a/0x5f0
[  415.176789][T12020]  should_failslab+0xc2/0x120
[  415.176806][T12020]  __kmalloc_noprof+0xe0/0x850
[  415.176831][T12020]  kernfs_fop_write_iter+0x26a/0x5f0
[  415.176849][T12020]  vfs_write+0x6ac/0x1070
[  415.176865][T12020]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  415.176882][T12020]  ? __pfx_vfs_write+0x10/0x10
[  415.176907][T12020]  ksys_write+0x12a/0x250
[  415.176921][T12020]  ? __pfx_ksys_write+0x10/0x10
[  415.176940][T12020]  do_syscall_64+0x106/0xf80
[  415.176960][T12020]  ? clear_bhb_loop+0x40/0x90
[  415.176979][T12020]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  415.176993][T12020] RIP: 0033:0x7f0cfaf9c799
[  415.177006][T12020] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  415.177020][T12020] RSP: 002b:00007f0cfbd89028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  415.177033][T12020] RAX: ffffffffffffffda RBX: 00007f0cfb216270 RCX: 00007f0cfaf9c799
[  415.177042][T12020] RDX: 0000000000000081 RSI: 00002000000001c0 RDI: 0000000000000006
[  415.177051][T12020] RBP: 00007f0cfbd89090 R08: 0000000000000000 R09: 0000000000000000
[  415.177059][T12020] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  415.177067][T12020] R13: 00007f0cfb216308 R14: 00007f0cfb216270 R15: 00007ffc5f7ace58
[  415.177086][T12020]  </TASK>
[  417.600230][T12055] vivid-007: =================  START STATUS  =================
[  417.654534][T12055] vivid-007: Generate PTS: true
[  417.693743][T12055] vivid-007: Generate SCR: true
[  417.744630][T12055] tpg source WxH: 320x240 (Y'CbCr)
[  417.770206][T12055] tpg field: 1
[  417.790413][T12055] tpg crop: (0,0)/320x240
[  417.823885][T12055] tpg compose: (0,0)/320x240
[  417.830587][T12055] tpg colorspace: 8
[  417.838695][T12055] tpg transfer function: 0/0
[  417.853811][T12055] tpg Y'CbCr encoding: 0/0
[  417.894900][T12055] tpg quantization: 0/0
[  417.906923][T12055] tpg RGB range: 0/2
[  417.929704][T12055] vivid-007: ==================  END STATUS  ==================
[  418.910958][T12090] vivid-007: =================  START STATUS  =================
[  418.962979][T12090] vivid-007: Generate PTS: true
[  418.967866][T12090] vivid-007: Generate SCR: true
[  419.045121][T12090] tpg source WxH: 320x240 (Y'CbCr)
[  419.078305][T12090] tpg field: 1
[  419.104906][T12097] FAULT_INJECTION: forcing a failure.
[  419.104906][T12097] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  419.154734][T12090] tpg crop: (0,0)/320x240
[  419.164983][T12090] tpg compose: (0,0)/320x240
[  419.186596][T12090] tpg colorspace: 8
[  419.198075][T12097] CPU: 0 UID: 0 PID: 12097 Comm: syz.2.1493 Not tainted syzkaller #0 PREEMPT(full) 
[  419.198098][T12097] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  419.198108][T12097] Call Trace:
[  419.198114][T12097]  <TASK>
[  419.198120][T12097]  dump_stack_lvl+0x100/0x190
[  419.198151][T12097]  should_fail_ex.cold+0x5/0xa
[  419.198167][T12097]  ? prepare_alloc_pages+0x16d/0x5f0
[  419.198188][T12097]  should_fail_alloc_page+0xeb/0x140
[  419.198206][T12097]  prepare_alloc_pages+0x1f0/0x5f0
[  419.198226][T12097]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  419.198250][T12097]  ? bpf_ksym_find+0x124/0x1c0
[  419.198268][T12097]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  419.198285][T12097]  ? is_bpf_text_address+0x94/0x1a0
[  419.198307][T12097]  ? kernel_text_address+0x8d/0x100
[  419.198329][T12097]  ? __kernel_text_address+0xd/0x30
[  419.198348][T12097]  ? unwind_get_return_address+0x59/0xa0
[  419.198371][T12097]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  419.198397][T12097]  ? tomoyo_check_open_permission+0x1a2/0x3c0
[  419.198419][T12097]  ? __lock_acquire+0x4a5/0x2630
[  419.198441][T12097]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  419.198458][T12097]  ? policy_nodemask+0xed/0x4f0
[  419.198475][T12097]  alloc_pages_mpol+0x1fb/0x550
[  419.198492][T12097]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  419.198512][T12097]  alloc_pages_noprof+0x131/0x390
[  419.198528][T12097]  __pmd_alloc+0x3b/0x950
[  419.198548][T12097]  __handle_mm_fault+0xa99/0x2b60
[  419.198570][T12097]  ? mt_find+0x45e/0x8e0
[  419.198585][T12097]  ? __pfx___handle_mm_fault+0x10/0x10
[  419.198603][T12097]  ? __pfx_mt_find+0x10/0x10
[  419.198626][T12097]  ? find_vma+0xbf/0x140
[  419.198640][T12097]  ? __pfx_find_vma+0x10/0x10
[  419.198656][T12097]  handle_mm_fault+0x36d/0xa20
[  419.198678][T12097]  do_user_addr_fault+0x74c/0x12f0
[  419.198698][T12097]  exc_page_fault+0x6f/0xd0
[  419.198719][T12097]  asm_exc_page_fault+0x26/0x30
[  419.198735][T12097] RIP: 0010:rep_movs_alternative+0x11/0x90
[  419.198753][T12097] Code: c3 cc cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f 8a 06 <88> 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 fd 93 04 00 66 66 2e 0f
[  419.198767][T12097] RSP: 0018:ffffc900047279b0 EFLAGS: 00050202
[  419.198779][T12097] RAX: 0000000000000064 RBX: 0000000000000002 RCX: 0000000000000002
[  419.198793][T12097] RDX: 0000000000000001 RSI: ffff88802cd40003 RDI: 0000000000000000
[  419.198802][T12097] RBP: ffffc90004727bc0 R08: 0000000000000000 R09: ffffed10059a8000
[  419.198812][T12097] R10: ffff88802cd40004 R11: 0000000000000000 R12: ffff88802cd40003
[  419.198820][T12097] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000002
[  419.198839][T12097]  _copy_to_iter+0x4c5/0x1720
[  419.198861][T12097]  ? __pfx__copy_to_iter+0x10/0x10
[  419.198879][T12097]  ? single_next+0xd/0x40
[  419.198897][T12097]  ? single_stop+0x9/0x10
[  419.198913][T12097]  ? traverse.part.0.constprop.0+0x2c5/0x650
[  419.198941][T12097]  seq_read_iter+0x691/0x1270
[  419.198963][T12097]  ? aa_file_perm+0x7f3/0x14d0
[  419.198991][T12097]  seq_read+0x33b/0x4c0
[  419.199012][T12097]  ? __pfx_seq_read+0x10/0x10
[  419.199047][T12097]  full_proxy_read+0x135/0x1a0
[  419.199068][T12097]  ? __pfx_full_proxy_read+0x10/0x10
[  419.199088][T12097]  vfs_read+0x1e4/0xb30
[  419.199105][T12097]  ? __pfx_vfs_read+0x10/0x10
[  419.199117][T12097]  ? find_held_lock+0x2b/0x80
[  419.199130][T12097]  ? __fget_files+0x215/0x3d0
[  419.199144][T12097]  ? __fget_files+0x215/0x3d0
[  419.199160][T12097]  ? __fget_files+0x21f/0x3d0
[  419.199179][T12097]  __x64_sys_pread64+0x1eb/0x250
[  419.199195][T12097]  ? __pfx___x64_sys_pread64+0x10/0x10
[  419.199215][T12097]  do_syscall_64+0x106/0xf80
[  419.199235][T12097]  ? clear_bhb_loop+0x40/0x90
[  419.199252][T12097]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  419.199267][T12097] RIP: 0033:0x7f8c3959c799
[  419.199279][T12097] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  419.199292][T12097] RSP: 002b:00007f8c3a3ad028 EFLAGS: 00000246 ORIG_RAX: 0000000000000011
[  419.199305][T12097] RAX: ffffffffffffffda RBX: 00007f8c39816180 RCX: 00007f8c3959c799
[  419.199314][T12097] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000003
[  419.199323][T12097] RBP: 00007f8c3a3ad090 R08: 0000000000000000 R09: 0000000000000000
[  419.199331][T12097] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001
[  419.199339][T12097] R13: 00007f8c39816218 R14: 00007f8c39816180 R15: 00007ffdc0a0f738
[  419.199358][T12097]  </TASK>
[  419.882390][T12099] FAULT_INJECTION: forcing a failure.
[  419.882390][T12099] name failslab, interval 1, probability 0, space 0, times 0
[  419.895087][T12099] CPU: 0 UID: 0 PID: 12099 Comm: syz.1.1492 Not tainted syzkaller #0 PREEMPT(full) 
[  419.895110][T12099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  419.895122][T12099] Call Trace:
[  419.895129][T12099]  <TASK>
[  419.895138][T12099]  dump_stack_lvl+0x100/0x190
[  419.895171][T12099]  should_fail_ex.cold+0x5/0xa
[  419.895195][T12099]  should_failslab+0xc2/0x120
[  419.895212][T12099]  __kmalloc_cache_noprof+0x7a/0x6f0
[  419.895235][T12099]  ? proc_thread_self_get_link+0x1a6/0x210
[  419.895261][T12099]  proc_thread_self_get_link+0x1a6/0x210
[  419.895284][T12099]  pick_link+0xac2/0x13c0
[  419.895310][T12099]  ? __pfx_proc_thread_self_get_link+0x10/0x10
[  419.895340][T12099]  step_into_slowpath+0x9ba/0xf90
[  419.895367][T12099]  ? __pfx_step_into_slowpath+0x10/0x10
[  419.895391][T12099]  ? lookup_fast+0x2da/0x600
[  419.895410][T12099]  ? inode_permission+0x374/0x620
[  419.895432][T12099]  link_path_walk+0xf28/0x1cc0
[  419.895460][T12099]  path_openat+0x1be/0x31a0
[  419.895474][T12099]  ? kasan_save_stack+0x3f/0x50
[  419.895496][T12099]  ? kasan_save_stack+0x30/0x50
[  419.895516][T12099]  ? kasan_save_track+0x14/0x30
[  419.895529][T12099]  ? kmem_cache_alloc_noprof+0x241/0x6e0
[  419.895558][T12099]  ? __pfx_path_openat+0x10/0x10
[  419.895580][T12099]  do_file_open+0x20e/0x430
[  419.895598][T12099]  ? __pfx_do_file_open+0x10/0x10
[  419.895627][T12099]  ? alloc_fd+0x476/0x790
[  419.895644][T12099]  ? do_getname+0x191/0x390
[  419.895665][T12099]  do_sys_openat2+0x10d/0x1e0
[  419.895684][T12099]  ? __pfx_do_sys_openat2+0x10/0x10
[  419.895711][T12099]  __x64_sys_openat+0x12d/0x210
[  419.895731][T12099]  ? __pfx___x64_sys_openat+0x10/0x10
[  419.895758][T12099]  do_syscall_64+0x106/0xf80
[  419.895781][T12099]  ? clear_bhb_loop+0x40/0x90
[  419.895802][T12099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  419.895820][T12099] RIP: 0033:0x7f6795f9c799
[  419.895835][T12099] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  419.895850][T12099] RSP: 002b:00007f67941b4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  419.895865][T12099] RAX: ffffffffffffffda RBX: 00007f6796216180 RCX: 00007f6795f9c799
[  419.895877][T12099] RDX: 0000000000000802 RSI: 0000200000000200 RDI: ffffffffffffff9c
[  419.895888][T12099] RBP: 00007f6796032c99 R08: 0000000000000000 R09: 0000000000000000
[  419.895898][T12099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  419.895908][T12099] R13: 00007f6796216218 R14: 00007f6796216180 R15: 00007ffe372731a8
[  419.895939][T12099]  </TASK>
[  420.408001][T12091] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -EINTR
[  420.410583][T12096] FAULT_INJECTION: forcing a failure.
[  420.410583][T12096] name fail_futex, interval 1, probability 0, space 0, times 0
[  420.442288][T12096] CPU: 0 UID: 0 PID: 12096 Comm: syz.3.1494 Not tainted syzkaller #0 PREEMPT(full) 
[  420.442309][T12096] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  420.442318][T12096] Call Trace:
[  420.442323][T12096]  <TASK>
[  420.442330][T12096]  dump_stack_lvl+0x100/0x190
[  420.442355][T12096]  should_fail_ex.cold+0x5/0xa
[  420.442373][T12096]  get_futex_key+0x295/0x1620
[  420.442394][T12096]  ? __pfx_get_futex_key+0x10/0x10
[  420.442409][T12096]  ? lock_acquire+0x1cf/0x380
[  420.442434][T12096]  futex_wake+0xea/0x530
[  420.442457][T12096]  ? __pfx_futex_wake+0x10/0x10
[  420.442477][T12096]  ? exit_mm_release+0x19/0x30
[  420.442500][T12096]  do_futex+0x32b/0x350
[  420.442517][T12096]  ? __pfx_do_futex+0x10/0x10
[  420.442533][T12096]  ? __might_fault+0xc5/0x140
[  420.442558][T12096]  mm_release+0x24a/0x2f0
[  420.442573][T12096]  do_exit+0x704/0x2b60
[  420.442594][T12096]  ? __pfx_do_exit+0x10/0x10
[  420.442611][T12096]  ? do_raw_spin_lock+0x128/0x260
[  420.442631][T12096]  ? find_held_lock+0x2b/0x80
[  420.442644][T12096]  ? get_signal+0x7e0/0x21e0
[  420.442662][T12096]  do_group_exit+0xd5/0x2a0
[  420.442681][T12096]  get_signal+0x1ec7/0x21e0
[  420.442703][T12096]  ? __pfx_get_signal+0x10/0x10
[  420.442718][T12096]  ? __pfx_vfs_read+0x10/0x10
[  420.442731][T12096]  ? find_held_lock+0x2b/0x80
[  420.442744][T12096]  ? __fget_files+0x215/0x3d0
[  420.442760][T12096]  arch_do_signal_or_restart+0x91/0x770
[  420.442779][T12096]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  420.442809][T12096]  ? ksys_read+0x1ac/0x250
[  420.442825][T12096]  exit_to_user_mode_loop+0x86/0x4a0
[  420.442846][T12096]  do_syscall_64+0x668/0xf80
[  420.442867][T12096]  ? clear_bhb_loop+0x40/0x90
[  420.442885][T12096]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  420.442900][T12096] RIP: 0033:0x7f4690b9c799
[  420.442912][T12096] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  420.442926][T12096] RSP: 002b:00007f4691af1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  420.442940][T12096] RAX: fffffffffffffe00 RBX: 00007f4690e15fa0 RCX: 00007f4690b9c799
[  420.442950][T12096] RDX: 0000000000000028 RSI: 0000200000000280 RDI: 0000000000000003
[  420.442958][T12096] RBP: 00007f4690c32c99 R08: 0000000000000000 R09: 0000000000000000
[  420.442967][T12096] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  420.442976][T12096] R13: 00007f4690e16038 R14: 00007f4690e15fa0 R15: 00007fffaa700768
[  420.442995][T12096]  </TASK>
[  420.819105][T12090] tpg transfer function: 0/0
[  420.823844][T12090] tpg Y'CbCr encoding: 0/0
[  420.828246][T12090] tpg quantization: 0/0
[  420.834987][T12090] tpg RGB range: 0/2
[  420.839151][T12090] vivid-007: ==================  END STATUS  ==================
[  421.960115][T12142] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1505'.
[  425.139195][T12225] FAULT_INJECTION: forcing a failure.
[  425.139195][T12225] name failslab, interval 1, probability 0, space 0, times 0
[  425.279780][T12225] CPU: 0 UID: 0 PID: 12225 Comm: syz.1.1528 Not tainted syzkaller #0 PREEMPT(full) 
[  425.279807][T12225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  425.279818][T12225] Call Trace:
[  425.279825][T12225]  <TASK>
[  425.279831][T12225]  dump_stack_lvl+0x100/0x190
[  425.279862][T12225]  should_fail_ex.cold+0x5/0xa
[  425.279883][T12225]  should_failslab+0xc2/0x120
[  425.279901][T12225]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  425.279923][T12225]  ? __proc_create+0x2cb/0x8c0
[  425.279941][T12225]  __proc_create+0x2cb/0x8c0
[  425.279956][T12225]  ? __pfx___proc_create+0x10/0x10
[  425.279973][T12225]  ? _raw_write_unlock+0x28/0x50
[  425.279999][T12225]  ? proc_register+0x559/0x8a0
[  425.280017][T12225]  proc_create_reg+0x75/0x170
[  425.280035][T12225]  ? __pfx_can_rcvlist_proc_show+0x10/0x10
[  425.280060][T12225]  proc_create_net_single+0x86/0x180
[  425.280079][T12225]  ? __pfx_proc_create_net_single+0x10/0x10
[  425.280096][T12225]  ? round_jiffies+0x10a/0x160
[  425.280119][T12225]  can_init_proc+0x1e1/0x4b0
[  425.280144][T12225]  can_pernet_init+0x1e4/0x370
[  425.280169][T12225]  ? __pfx_can_pernet_init+0x10/0x10
[  425.280189][T12225]  ops_init+0x1e2/0x5f0
[  425.280216][T12225]  setup_net+0x118/0x3a0
[  425.280238][T12225]  ? __pfx_setup_net+0x10/0x10
[  425.280259][T12225]  ? lockdep_init_map_type+0x5c/0x250
[  425.280282][T12225]  ? mutex_init_lockep+0x110/0x150
[  425.280306][T12225]  copy_net_ns+0x46f/0x7c0
[  425.280323][T12225]  create_new_namespaces+0x3ea/0xac0
[  425.280352][T12225]  unshare_nsproxy_namespaces+0xc3/0x1f0
[  425.280373][T12225]  ksys_unshare+0x473/0xad0
[  425.280397][T12225]  ? __pfx_ksys_unshare+0x10/0x10
[  425.280424][T12225]  __x64_sys_unshare+0x31/0x40
[  425.280445][T12225]  do_syscall_64+0x106/0xf80
[  425.280466][T12225]  ? clear_bhb_loop+0x40/0x90
[  425.280485][T12225]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  425.280500][T12225] RIP: 0033:0x7f6795f9c799
[  425.280514][T12225] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  425.280529][T12225] RSP: 002b:00007f67941d5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  425.280545][T12225] RAX: ffffffffffffffda RBX: 00007f6796216090 RCX: 00007f6795f9c799
[  425.280556][T12225] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  425.280566][T12225] RBP: 00007f6796032c99 R08: 0000000000000000 R09: 0000000000000000
[  425.280576][T12225] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  425.280587][T12225] R13: 00007f6796216128 R14: 00007f6796216090 R15: 00007ffe372731a8
[  425.280608][T12225]  </TASK>
[  427.597731][ T5911] rtc_cmos 00:00: Alarms can be up to one day in the future
[  427.623780][ T5911] rtc_cmos 00:00: Alarms can be up to one day in the future
[  427.668040][ T5911] rtc_cmos 00:00: Alarms can be up to one day in the future
[  427.712271][ T5911] rtc_cmos 00:00: Alarms can be up to one day in the future
[  427.757867][ T5911] rtc rtc0: __rtc_set_alarm: err=-22
[  427.819954][ T5838] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260
[  427.819980][ T5838] Bluetooth: hci0: unexpected subevent 0x0e length: 725 > 15
[  427.836045][ T5838] Bluetooth: hci0: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f
[  431.681084][ T5838] Bluetooth: hci2: unexpected event 0x3e length: 508 > 260
[  431.681112][ T5838] Bluetooth: hci2: unexpected subevent 0x02 length: 507 > 260
[  431.696540][ T5838] Bluetooth: hci2: Dropping invalid advertising data
[  431.704643][ T5838] Bluetooth: hci2: unknown advertising packet type: 0xe9
[  431.704669][ T5838] Bluetooth: hci2: Dropping invalid advertising data
[  431.718503][ T5838] Bluetooth: hci2: Malformed LE Event: 0x02
[  433.299380][T12407] Invalid ELF header magic: != ELF
[  435.402754][T12439] FAULT_INJECTION: forcing a failure.
[  435.402754][T12439] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  435.530224][T12439] CPU: 0 UID: 0 PID: 12439 Comm: syz.3.1572 Not tainted syzkaller #0 PREEMPT(full) 
[  435.530248][T12439] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  435.530257][T12439] Call Trace:
[  435.530263][T12439]  <TASK>
[  435.530270][T12439]  dump_stack_lvl+0x100/0x190
[  435.530300][T12439]  should_fail_ex.cold+0x5/0xa
[  435.530319][T12439]  _copy_from_iter+0x1f4/0x1690
[  435.530342][T12439]  ? __pfx__copy_from_iter+0x10/0x10
[  435.530362][T12439]  ? __pfx___might_resched+0x10/0x10
[  435.530388][T12439]  file_tty_write.isra.0+0x45b/0x890
[  435.530415][T12439]  redirected_tty_write+0xd4/0x120
[  435.530443][T12439]  vfs_write+0x6ac/0x1070
[  435.530460][T12439]  ? __pfx_redirected_tty_write+0x10/0x10
[  435.530481][T12439]  ? __pfx_vfs_write+0x10/0x10
[  435.530493][T12439]  ? find_held_lock+0x2b/0x80
[  435.530519][T12439]  ksys_write+0x12a/0x250
[  435.530533][T12439]  ? __pfx_ksys_write+0x10/0x10
[  435.530552][T12439]  do_syscall_64+0x106/0xf80
[  435.530582][T12439]  ? clear_bhb_loop+0x40/0x90
[  435.530600][T12439]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  435.530615][T12439] RIP: 0033:0x7f4690b9c799
[  435.530629][T12439] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  435.530643][T12439] RSP: 002b:00007f4691ad0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  435.530657][T12439] RAX: ffffffffffffffda RBX: 00007f4690e16090 RCX: 00007f4690b9c799
[  435.530667][T12439] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 0000000000000006
[  435.530676][T12439] RBP: 00007f4691ad0090 R08: 0000000000000000 R09: 0000000000000000
[  435.530685][T12439] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  435.530693][T12439] R13: 00007f4690e16128 R14: 00007f4690e16090 R15: 00007fffaa700768
[  435.530712][T12439]  </TASK>
[  440.485536][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  440.496082][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  441.601103][T12580] FAULT_INJECTION: forcing a failure.
[  441.601103][T12580] name failslab, interval 1, probability 0, space 0, times 0
[  441.635009][T12580] CPU: 0 UID: 0 PID: 12580 Comm: syz.3.1607 Not tainted syzkaller #0 PREEMPT(full) 
[  441.635036][T12580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  441.635046][T12580] Call Trace:
[  441.635053][T12580]  <TASK>
[  441.635060][T12580]  dump_stack_lvl+0x100/0x190
[  441.635095][T12580]  should_fail_ex.cold+0x5/0xa
[  441.635118][T12580]  should_failslab+0xc2/0x120
[  441.635136][T12580]  __kmalloc_cache_noprof+0x7a/0x6f0
[  441.635158][T12580]  ? snd_timer_instance_new+0x47/0x2e0
[  441.635181][T12580]  snd_timer_instance_new+0x47/0x2e0
[  441.635199][T12580]  snd_seq_timer_open+0x1d4/0x600
[  441.635227][T12580]  ? __pfx_snd_seq_timer_open+0x10/0x10
[  441.635264][T12580]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  441.635290][T12580]  ? lockdep_hardirqs_on+0x78/0x100
[  441.635315][T12580]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  441.635342][T12580]  queue_use+0xdc/0x1f0
[  441.635364][T12580]  snd_seq_queue_alloc+0x2e5/0x590
[  441.635387][T12580]  snd_seq_ioctl_create_queue+0xa9/0x370
[  441.635412][T12580]  call_seq_client_ctl+0xa3/0x130
[  441.635428][T12580]  snd_seq_kernel_client_ctl+0x77/0xd0
[  441.635444][T12580]  alloc_seq_queue+0xdb/0x180
[  441.635460][T12580]  ? __pfx_alloc_seq_queue+0x10/0x10
[  441.635486][T12580]  ? mark_held_locks+0x40/0x70
[  441.635505][T12580]  ? _raw_spin_unlock_irq+0x23/0x50
[  441.635524][T12580]  ? lockdep_hardirqs_on+0x78/0x100
[  441.635547][T12580]  snd_seq_oss_open+0x2b2/0xa10
[  441.635566][T12580]  odev_open+0x79/0xc0
[  441.635580][T12580]  ? __pfx_odev_open+0x10/0x10
[  441.635594][T12580]  soundcore_open+0x2e3/0x5a0
[  441.635611][T12580]  ? __pfx_soundcore_open+0x10/0x10
[  441.635626][T12580]  chrdev_open+0x234/0x6a0
[  441.635643][T12580]  ? __pfx_apparmor_file_open+0x10/0x10
[  441.635659][T12580]  ? __pfx_chrdev_open+0x10/0x10
[  441.635676][T12580]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  441.635696][T12580]  do_dentry_open+0x6d8/0x1660
[  441.635712][T12580]  ? __pfx_chrdev_open+0x10/0x10
[  441.635736][T12580]  vfs_open+0x82/0x3f0
[  441.635759][T12580]  path_openat+0x208c/0x31a0
[  441.635781][T12580]  ? __pfx_path_openat+0x10/0x10
[  441.635804][T12580]  do_file_open+0x20e/0x430
[  441.635821][T12580]  ? __pfx_do_file_open+0x10/0x10
[  441.635850][T12580]  ? alloc_fd+0x476/0x790
[  441.635868][T12580]  ? do_getname+0x191/0x390
[  441.635888][T12580]  do_sys_openat2+0x10d/0x1e0
[  441.635908][T12580]  ? __pfx_do_sys_openat2+0x10/0x10
[  441.635928][T12580]  ? find_held_lock+0x2b/0x80
[  441.635947][T12580]  __x64_sys_openat+0x12d/0x210
[  441.635968][T12580]  ? __pfx___x64_sys_openat+0x10/0x10
[  441.635997][T12580]  do_syscall_64+0x106/0xf80
[  441.636018][T12580]  ? clear_bhb_loop+0x40/0x90
[  441.636038][T12580]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  441.636054][T12580] RIP: 0033:0x7f4690b9c799
[  441.636068][T12580] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  441.636083][T12580] RSP: 002b:00007f4691af1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  441.636098][T12580] RAX: ffffffffffffffda RBX: 00007f4690e15fa0 RCX: 00007f4690b9c799
[  441.636109][T12580] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  441.636120][T12580] RBP: 00007f4690c32c99 R08: 0000000000000000 R09: 0000000000000000
[  441.636131][T12580] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  441.636141][T12580] R13: 00007f4690e16038 R14: 00007f4690e15fa0 R15: 00007fffaa700768
[  441.636163][T12580]  </TASK>
[  442.305136][T12597] random: crng reseeded on system resumption
[  442.642206][T12606] futex_wake_op: syz.1.1608 tries to shift op by -2048; fix this program
[  442.681273][T12606] futex_wake_op: syz.1.1608 tries to shift op by -2048; fix this program
[  442.735895][T12613] 0x000000000001-0x000000020000 : ""
[  442.769279][T12613] ftl_cs: FTL header corrupt!
[  444.574359][T12633] Process accounting resumed
[  446.016798][T12652] kexec: Could not allocate control_code_buffer
[  448.314907][T12725] Console: switching to colour VGA+ 80x25
[  448.398736][T12718] ==================================================================
[  448.398761][T12718] BUG: KASAN: slab-out-of-bounds in fbcon_prepare_logo+0x94e/0xc60
[  448.398786][T12718] Read of size 26 at addr ffff8880227b28ea by task syz.3.1648/12718
[  448.398799][T12718] 
[  448.398809][T12718] CPU: 0 UID: 0 PID: 12718 Comm: syz.3.1648 Not tainted syzkaller #0 PREEMPT(full) 
[  448.398826][T12718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  448.398836][T12718] Call Trace:
[  448.398841][T12718]  <TASK>
[  448.398854][T12718]  dump_stack_lvl+0x100/0x190
[  448.398878][T12718]  print_report+0x156/0x4c9
[  448.398899][T12718]  ? __virt_addr_valid+0x81/0x620
[  448.398919][T12718]  ? __phys_addr+0xe8/0x180
[  448.398937][T12718]  ? fbcon_prepare_logo+0x94e/0xc60
[  448.398952][T12718]  kasan_report+0xdf/0x1e0
[  448.398968][T12718]  ? fbcon_prepare_logo+0x94e/0xc60
[  448.398986][T12718]  kasan_check_range+0x10f/0x1e0
[  448.399007][T12718]  __asan_memcpy+0x23/0x60
[  448.399026][T12718]  fbcon_prepare_logo+0x94e/0xc60
[  448.399045][T12718]  fbcon_init+0x10a0/0x1820
[  448.399063][T12718]  visual_init+0x320/0x620
[  448.399080][T12718]  do_bind_con_driver.isra.0+0x636/0x9c0
[  448.399102][T12718]  store_bind+0x609/0x730
[  448.399124][T12718]  ? __pfx_store_bind+0x10/0x10
[  448.399143][T12718]  dev_attr_store+0x58/0x80
[  448.399160][T12718]  ? __pfx_dev_attr_store+0x10/0x10
[  448.399177][T12718]  sysfs_kf_write+0xf2/0x150
[  448.399195][T12718]  kernfs_fop_write_iter+0x3e0/0x5f0
[  448.399210][T12718]  ? __pfx_sysfs_kf_write+0x10/0x10
[  448.399228][T12718]  vfs_write+0x6ac/0x1070
[  448.399242][T12718]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  448.399259][T12718]  ? __pfx_vfs_write+0x10/0x10
[  448.399277][T12718]  ksys_write+0x12a/0x250
[  448.399290][T12718]  ? __pfx_ksys_write+0x10/0x10
[  448.399306][T12718]  do_syscall_64+0x106/0xf80
[  448.399327][T12718]  ? clear_bhb_loop+0x40/0x90
[  448.399343][T12718]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  448.399357][T12718] RIP: 0033:0x7f4690b9c799
[  448.399370][T12718] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  448.399386][T12718] RSP: 002b:00007f4691af1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  448.399400][T12718] RAX: ffffffffffffffda RBX: 00007f4690e15fa0 RCX: 00007f4690b9c799
[  448.399410][T12718] RDX: 0000000000000084 RSI: 0000200000000040 RDI: 0000000000000003
[  448.399419][T12718] RBP: 00007f4690c32c99 R08: 0000000000000000 R09: 0000000000000000
[  448.399428][T12718] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  448.399436][T12718] R13: 00007f4690e16038 R14: 00007f4690e15fa0 R15: 00007fffaa700768
[  448.399451][T12718]  </TASK>
[  448.399456][T12718] 
[  448.399460][T12718] Allocated by task 12719:
[  448.399473][T12718]  kasan_save_stack+0x30/0x50
[  448.399500][T12718]  kasan_save_track+0x14/0x30
[  448.399512][T12718]  __kasan_kmalloc+0xaa/0xb0
[  448.399532][T12718]  __kmalloc_noprof+0x301/0x850
[  448.399554][T12718]  __register_sysctl_table+0xbe4/0x1650
[  448.399568][T12718]  rds_tcp_init_net+0x129/0x310
[  448.399586][T12718]  ops_init+0x1e2/0x5f0
[  448.399606][T12718]  setup_net+0x118/0x3a0
[  448.399625][T12718]  copy_net_ns+0x46f/0x7c0
[  448.399638][T12718]  create_new_namespaces+0x3ea/0xac0
[  448.399653][T12718]  unshare_nsproxy_namespaces+0xc3/0x1f0
[  448.399668][T12718]  ksys_unshare+0x473/0xad0
[  448.399685][T12718]  __x64_sys_unshare+0x31/0x40
[  448.399701][T12718]  do_syscall_64+0x106/0xf80
[  448.399720][T12718]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  448.399734][T12718] 
[  448.399738][T12718] The buggy address belongs to the object at ffff8880227b2800
[  448.399738][T12718]  which belongs to the cache kmalloc-192 of size 192
[  448.399749][T12718] The buggy address is located 46 bytes to the right of
[  448.399749][T12718]  allocated 188-byte region [ffff8880227b2800, ffff8880227b28bc)
[  448.399764][T12718] 
[  448.399769][T12718] The buggy address belongs to the physical page:
[  448.399780][T12718] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x227b2
[  448.399794][T12718] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  448.399807][T12718] page_type: f5(slab)
[  448.399821][T12718] raw: 00fff00000000000 ffff88813fe393c0 dead000000000100 dead000000000122
[  448.399837][T12718] raw: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000
[  448.399851][T12718] page dumped because: kasan: bad access detected
[  448.399866][T12718] page_owner tracks the page as allocated
[  448.399871][T12718] page last allocated via order 0, migratetype Unmovable, gfp_mask 0xd2cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5993, tgid 5991 (syz.1.20), ts 86779307327, free_ts 86740077056
[  448.399898][T12718]  post_alloc_hook+0x153/0x170
[  448.399918][T12718]  get_page_from_freelist+0x111d/0x3140
[  448.399939][T12718]  __alloc_frozen_pages_noprof+0x27c/0x2ba0
[  448.399960][T12718]  new_slab+0xa6/0x6b0
[  448.399975][T12718]  refill_objects+0x26b/0x400
[  448.399993][T12718]  __pcs_replace_empty_main+0x1ab/0x660
[  448.400013][T12718]  __kmalloc_node_track_caller_noprof+0x694/0x850
[  448.400035][T12718]  kmemdup_noprof+0x29/0x60
[  448.400047][T12718]  lowpan_frags_init_net+0x113/0x3a0
[  448.400068][T12718]  ops_init+0x1e2/0x5f0
[  448.400086][T12718]  setup_net+0x118/0x3a0
[  448.400105][T12718]  copy_net_ns+0x46f/0x7c0
[  448.400118][T12718]  create_new_namespaces+0x3ea/0xac0
[  448.400132][T12718]  unshare_nsproxy_namespaces+0xc3/0x1f0
[  448.400146][T12718]  ksys_unshare+0x473/0xad0
[  448.400162][T12718]  __x64_sys_unshare+0x31/0x40
[  448.400179][T12718] page last free pid 15 tgid 15 stack trace:
[  448.400187][T12718]  __free_frozen_pages+0x7e1/0x10d0
[  448.400204][T12718]  rcu_core+0x5a2/0x10d0
[  448.400222][T12718]  handle_softirqs+0x1eb/0x9e0
[  448.400236][T12718]  run_ksoftirqd+0x38/0x60
[  448.400249][T12718]  smpboot_thread_fn+0x3d3/0xaa0
[  448.400265][T12718]  kthread+0x370/0x450
[  448.400282][T12718]  ret_from_fork+0x754/0xd80
[  448.400301][T12718]  ret_from_fork_asm+0x1a/0x30
[  448.400316][T12718] 
[  448.400319][T12718] Memory state around the buggy address:
[  448.400326][T12718]  ffff8880227b2780: 00 00 00 04 fc fc fc fc fc fc fc fc fc fc fc fc
[  448.400337][T12718]  ffff8880227b2800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  448.400347][T12718] >ffff8880227b2880: 00 00 00 00 00 00 00 04 fc fc fc fc fc fc fc fc
[  448.400355][T12718]                                                           ^
[  448.400364][T12718]  ffff8880227b2900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  448.400374][T12718]  ffff8880227b2980: 00 00 00 00 00 00 00 07 fc fc fc fc fc fc fc fc
[  448.400382][T12718] ==================================================================
[  448.406834][T12718] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  448.406856][T12718] CPU: 0 UID: 0 PID: 12718 Comm: syz.3.1648 Not tainted syzkaller #0 PREEMPT(full) 
[  448.406877][T12718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  448.406888][T12718] Call Trace:
[  448.406893][T12718]  <TASK>
[  448.406900][T12718]  dump_stack_lvl+0x100/0x190
[  448.406926][T12718]  vpanic+0x552/0x970
[  448.406942][T12718]  ? __pfx_vpanic+0x10/0x10
[  448.406958][T12718]  ? fbcon_prepare_logo+0x94e/0xc60
[  448.406974][T12718]  panic+0xd1/0xe0
[  448.406987][T12718]  ? __pfx_panic+0x10/0x10
[  448.407001][T12718]  ? fbcon_prepare_logo+0x94e/0xc60
[  448.407016][T12718]  ? preempt_schedule_common+0x42/0xc0
[  448.407040][T12718]  check_panic_on_warn.cold+0x19/0x34
[  448.407056][T12718]  end_report.part.0+0x3a/0x90
[  448.407076][T12718]  kasan_report.cold+0xe/0x18
[  448.407097][T12718]  ? fbcon_prepare_logo+0x94e/0xc60
[  448.407115][T12718]  kasan_check_range+0x10f/0x1e0
[  448.407133][T12718]  __asan_memcpy+0x23/0x60
[  448.407152][T12718]  fbcon_prepare_logo+0x94e/0xc60
[  448.407172][T12718]  fbcon_init+0x10a0/0x1820
[  448.407190][T12718]  visual_init+0x320/0x620
[  448.407208][T12718]  do_bind_con_driver.isra.0+0x636/0x9c0
[  448.407231][T12718]  store_bind+0x609/0x730
[  448.407253][T12718]  ? __pfx_store_bind+0x10/0x10
[  448.407272][T12718]  dev_attr_store+0x58/0x80
[  448.407289][T12718]  ? __pfx_dev_attr_store+0x10/0x10
[  448.407306][T12718]  sysfs_kf_write+0xf2/0x150
[  448.407325][T12718]  kernfs_fop_write_iter+0x3e0/0x5f0
[  448.407341][T12718]  ? __pfx_sysfs_kf_write+0x10/0x10
[  448.407359][T12718]  vfs_write+0x6ac/0x1070
[  448.407373][T12718]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  448.407390][T12718]  ? __pfx_vfs_write+0x10/0x10
[  448.407409][T12718]  ksys_write+0x12a/0x250
[  448.407423][T12718]  ? __pfx_ksys_write+0x10/0x10
[  448.407439][T12718]  do_syscall_64+0x106/0xf80
[  448.407460][T12718]  ? clear_bhb_loop+0x40/0x90
[  448.407476][T12718]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  448.407491][T12718] RIP: 0033:0x7f4690b9c799
[  448.407504][T12718] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  448.407520][T12718] RSP: 002b:00007f4691af1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  448.407535][T12718] RAX: ffffffffffffffda RBX: 00007f4690e15fa0 RCX: 00007f4690b9c799
[  448.407545][T12718] RDX: 0000000000000084 RSI: 0000200000000040 RDI: 0000000000000003
[  448.407554][T12718] RBP: 00007f4690c32c99 R08: 0000000000000000 R09: 0000000000000000
[  448.407564][T12718] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  448.407573][T12718] R13: 00007f4690e16038 R14: 00007f4690e15fa0 R15: 00007fffaa700768
[  448.407588][T12718]  </TASK>
[  448.407648][T12718] Kernel Offset: disabled