last executing test programs:

6.848571941s ago: executing program 0 (id=5750):
sched_setaffinity$auto(0x1, 0x1, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2b, 0x1, 0x0)
unshare$auto(0x40000080)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7fff)
ioctl$auto_SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x42, 0x0)
sendmmsg$auto(r0, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x200009, 0x0, 0x1f, 0xb}, 0x80000a}, 0x57adfbc2, 0x20000000)
listen$auto(0x3, 0x81)
poll$auto(&(0x7f0000000d40)={0x3, 0x1, 0xa}, 0x5, 0x400)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
landlock_create_ruleset$auto(0x0, 0x9, 0x0)
socket(0x1, 0x1, 0x1)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000100), 0x103000, 0x0)
socket(0x2, 0x80002, 0x73)
bind$auto(0x3, &(0x7f0000000080), 0x6b)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$auto(r1, 0x1, 0xd, &(0x7f0000000300)='\x00', &(0x7f0000000340)=0x6)
socket(0x26, 0x3, 0x100)
r2 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4040c08}, 0x8894)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x88000, 0x0)
iopl$auto(0x2)
iopl$auto(0x1)

5.857824599s ago: executing program 3 (id=5753):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
read$auto_fake_panic_fops_(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC1D0c\x00', 0x9003, 0x0)
ioctl$auto_SNDRV_PCM_IOCTL_HW_REFINE2(r0, 0xc2604110, &(0x7f0000000040)={0x6, [{[0x2, 0xf5e, 0x1ff, 0xd, 0x7f, 0x8, 0x4, 0x663d349e]}, {[0x2, 0xa6, 0x5c915993, 0xfffffffd, 0x6, 0xe, 0x80000001, 0x3]}, {[0x6, 0xe, 0x2, 0x579c8feb, 0x9, 0x6, 0x7, 0xa53]}], [{[0x75d, 0x9, 0x6, 0x17f29ee4, 0x400, 0x7, 0xc, 0x44]}, {[0x1, 0xeade, 0x1, 0x1000003, 0xf0, 0x5, 0x101, 0x1]}, {[0x7e61, 0x6, 0x7, 0x0, 0x0, 0x5, 0x100, 0x9]}, {[0x4, 0x5, 0x1, 0xfffffff7, 0x5, 0x0, 0xfffffffb, 0x1]}, {[0x3, 0x1000, 0x8, 0x8, 0x2, 0xe8c, 0xf, 0xd403]}], [{0xfffffffa, 0x4, 0x0, 0x0, 0x1, 0x1}, {0x7f, 0x6, 0x1, 0x0, 0x0, 0x1}, {0x3, 0x1, 0x1, 0x0, 0x0, 0x1}, {0x5f, 0x1, 0x0, 0x0, 0x0, 0x1}, {0x5, 0x49c5fc8b, 0x0, 0x0, 0x0, 0x1}, {0x7ff, 0x7, 0x0, 0x1, 0x1, 0x1}, {0x6, 0x9, 0x0, 0x1, 0x1}, {0x9, 0x6, 0x0, 0x1}, {0x7fd, 0x7, 0x0, 0x1, 0x0, 0x1}, {0x7, 0xfffffffd, 0x1, 0x1, 0x1}, {0x8, 0x4, 0x0, 0x0, 0x1, 0x1}, {0x3, 0x5, 0x1, 0x1, 0x0, 0x1}], [{0xbe, 0xd5, 0x0, 0x1, 0x0, 0x1}, {0x81, 0x7fffffff, 0x1, 0x1, 0x1}, {0xbc, 0xbb5e, 0x1, 0x0, 0x0, 0x1}, {0x8, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x100, 0x12e800, 0x1, 0x1, 0x1, 0x1}, {0x2, 0xf, 0x0, 0x1, 0x1}, {0xffff, 0x8, 0x0, 0x0, 0x0, 0x1}, {0x9, 0x3, 0x1, 0x1, 0x0, 0x1}, {0x80000000, 0x6, 0x0, 0x1}], 0x100, 0x2, 0x4, 0x9, 0x5, 0x1, 0x8, "938f570ba48ab1df6ea169301a0f4b75", "16fef137d6f6aa1d93e7fd319170d04be4063eb16bddc7a41e5782dfff02104539c9b5e571a002e14933724526d0c013"})
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x200100, 0x0)
r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_TSINFO_GET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=ANY=[@ANYBLOB="2c00000003e0d49b6a609c91da589037e16e77b2af4773f08d5c1f0246e92c717584476ef1c2bb43785f9ecd3b62c3998908572d04948c0dd7922082b1affdbb7b6f7bc51a2301c598c0648d2afe9ee9d2dcf3b46e511abebb403257d55ee2b679edc5ffca1b66818490cad698d95b79e0d379ef370b68155b6f73356b1e7c1f393d569113170a5bf50826b624a194eb1ee27b067163b7064a2d7f0fd156f1ee1d", @ANYRES16=r1, @ANYBLOB="010027bd7000fddbdf25190000001800018014000200776c616e3000"/38], 0x2c}, 0x1, 0x0, 0x0, 0x20040840}, 0x40840)
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x5, 0x0)
socket(0xa, 0x801, 0x84)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) (fail_nth: 7)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
msgctl$auto_IPC_INFO(0x100, 0x3, &(0x7f00000012c0)={{0x62d, 0xffffffffffffffff, 0xee00, 0x1, 0x5, 0x1, 0x9}, 0x0, 0x0, 0x1b, 0x7, 0x5, 0x7, 0x1, 0xdd34, 0x7, 0x8, @raw=0xffff})
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/bus/usb/drivers/cdc_phonet/bind\x00', 0x40000, 0x0)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
get_robust_list$auto(0x0, 0x0, 0x0)
getpid()
lsm_list_modules$auto(0x0, 0x0, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x6c, 0x697c}, 0xed71390}, 0x9a6, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x1102, 0x0)
read$auto(0x3, 0x0, 0xfdef)
r3 = socket(0x2, 0x1, 0x0)
getsockopt$auto(r3, 0x0, 0x43, 0x0, &(0x7f0000000100)=0x1d)
madvise$auto(0x0, 0xffffffffffff0004, 0x19)
ioperm$auto(0x7, 0x1, 0x7)

5.757751246s ago: executing program 0 (id=5754):
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event0\x00', 0x14002, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000340), 0x189400, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/cgroup.threads\x00', 0x80302, 0x0)
preadv$auto(0x3, &(0x7f0000000040)={0x0, 0x5}, 0x3, 0xf8, 0x3ff)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto_KVM_CREATE_VM(r0, 0xae80, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto(0x3, 0xae41, r2)
r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x1, 0x0)
ioctl$auto_TIOCSETD2(r3, 0x5423, &(0x7f0000000080))
mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
unshare$auto(0x40000080)
mmap$auto(0xfffffffffffffffe, 0x580f, 0x112f4a03, 0x8000000008011, 0x3, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0xe0002, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x3, 0x73)
write$auto(0x3, 0x0, 0x100082)
ioctl$auto_SNDCTL_DSP_SETTRIGGER(0xffffffffffffffff, 0x40045010, 0x0)
r4 = socket(0x10, 0x3, 0xa)
sendmsg$auto_NL80211_CMD_EXTERNAL_AUTH(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x24, 0x0, 0x100, 0x70bd2c, 0x25dfdbfe, {}, [@NL80211_ATTR_SCHED_SCAN_RSSI_ADJUST={0x6, 0xf7, {0x5, 0xb}}, @NL80211_ATTR_MDID={0x6, 0xb1, 0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x10)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)

5.698901746s ago: executing program 1 (id=5756):
openat$nci(0xffffffffffffff9c, 0x0, 0x2, 0x900)

5.576386228s ago: executing program 1 (id=5757):
mmap$auto(0x0, 0x7, 0xdf, 0xeb2, 0x2, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bdi/43:288/max_ratio_fine\x00', 0x10b142, 0x0)
sendfile$auto(r0, r0, 0x0, 0x1000200)
setfsuid$auto(0xee00)
r1 = pidfd_open$auto(0x1, 0x0)
process_madvise$auto(r1, 0x0, 0x3, 0x3, 0x8000000000000000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x8000000000008000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2)
syz_clone(0x100000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x40100100, 0x0, 0x0, 0x0, 0x0, 0x0)

4.64200686s ago: executing program 3 (id=5759):
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
nanosleep$auto(&(0x7f0000000180)={0x0, 0x44d4}, 0x0)
clock_nanosleep$auto(0x9, 0x0, 0x0, 0x0)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x10001, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0)
select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x4000008000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
io_uring_setup$auto(0x6, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
socket(0xa, 0x2, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004)
dup2$auto(0x0, 0x4)

4.226540418s ago: executing program 1 (id=5761):
mmap$auto(0x0, 0x20009, 0x7fffffff, 0xeb1, 0x401, 0x8000) (async)
socket(0x10, 0x2, 0x14)
socket(0x11, 0x80003, 0x300)
socket(0xa, 0x801, 0x100) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000003000)={0x0, 0x0, &(0x7f0000002fc0)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000000a14af"], 0x14}, 0x1, 0x0, 0x0, 0x80c3}, 0x0) (async)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYRES8=r0], 0x1ac}, 0x1, 0x0, 0x0, 0x4008804}, 0x40050) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mremap$auto(0x4000, 0xb8, 0x13fd4, 0x3, 0xfffff000) (async)
io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x4002, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0xa, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x6, 0xfffffffffffff000}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}})
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4c084}, 0x51) (async)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x2}, 0x3, 0x0)

3.970140593s ago: executing program 0 (id=5763):
mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/pci0000:00/0000:00:04.0/resource0\x00', 0x1cad81, 0x0)

3.699182647s ago: executing program 3 (id=5764):
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x802, 0x0)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
r0 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x408c0, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x5, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, 0x0, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x8800)
syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000040), 0xffffffffffffffff)
mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000006f80)='/dev/sequencer2\x00', 0x0, 0x0)
socket(0x10, 0x2, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/platform/vkms/graphics/fb0/state\x00', 0x1c3481, 0x0)
socket(0x10, 0x2, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_nvmf_dev_fops_fabrics(0xffffffffffffff9c, &(0x7f00000004c0), 0x101202, 0x0)
socket(0xa, 0x801, 0x84)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
socket(0xa, 0x2, 0x0)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
socket(0xa, 0x801, 0x84)
socket(0xa, 0x2, 0x3a)
r3 = socket(0xa, 0x2, 0x88)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
bpf$auto(0x0, &(0x7f0000000000)=@link_update={r3, @new_prog_fd=0x4, 0x4, @old_prog_fd=r2}, 0xa3)
bpf$auto(0x3, &(0x7f0000000040)=@query={@target_ifindex, 0x4, 0x7, 0x9, 0x7f, @prog_cnt=0x4, 0x0, 0x0, 0xc, 0xb, 0x5}, 0x7)
msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004)
writev$auto(r0, &(0x7f0000000240)={&(0x7f00000001c0)="dc7e3c2c5479b2088a140f06b5733cd17e92a6106ebd33bc675c2dbba5ce35c8c5a4cedfc89df5a26fb745026791", 0x2}, 0x4)

3.667260376s ago: executing program 1 (id=5765):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
connect$auto(0x3, 0x0, 0x54)
openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0xc7f16bff2a10ba01, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_lockdown_ops_lockdown(0xffffffffffffff9c, &(0x7f0000000000), 0xa0042, 0x0)
write$auto(0x3, 0x0, 0xfffffdef)
prctl$auto(0x400, 0x7fff, 0x0, 0x10000, 0x100000000000007)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
setsockopt$auto_SO_RESERVE_MEM(r0, 0x200, 0x49, 0x0, 0x5)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x40000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000e3, 0x10000040eb2, 0x402, 0x300000000000)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0)
ioctl$auto_TCSBRKP2(r1, 0x5425, 0x0)
io_uring_setup$auto(0x7, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
ioctl$auto_TCFLSH2(r2, 0x5407, 0x0)

3.659828716s ago: executing program 2 (id=5766):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
read$auto_fake_panic_fops_(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC1D0c\x00', 0x9003, 0x0)
ioctl$auto_SNDRV_PCM_IOCTL_HW_REFINE2(r0, 0xc2604110, &(0x7f0000000040)={0x6, [{[0x2, 0xf5e, 0x1ff, 0xd, 0x7f, 0x8, 0x400, 0x663d349e]}, {[0x20000002, 0x2, 0x5c915993, 0xfffffffd, 0x6, 0xe, 0xff, 0x3]}, {[0x6, 0xe, 0x5, 0x579c8feb, 0x2, 0x6, 0x7, 0xa53]}], [{[0x75d, 0x9, 0x20006, 0x17f29ee4, 0xfffffff7, 0x7, 0xc, 0x44]}, {[0x1, 0xeade, 0x1, 0x1000003, 0xf0, 0x5, 0x101, 0x1]}, {[0x7e61, 0x6, 0x7, 0x0, 0x0, 0x5, 0x100, 0x9]}, {[0x4, 0x5, 0x1, 0xfffffff7, 0x5, 0x0, 0xfffffffb, 0x7]}, {[0x3, 0x1000, 0x8, 0x8, 0x2, 0xe8c, 0xb, 0xd403]}], [{0xfffffffa, 0x4, 0x0, 0x0, 0x1, 0x1}, {0x7f, 0x6, 0x1, 0x0, 0x0, 0x1}, {0x3, 0x1, 0x1, 0x0, 0x0, 0x1}, {0x60, 0x1, 0x0, 0x0, 0x0, 0x1}, {0x5, 0x49c5fc8b, 0x0, 0x0, 0x0, 0x1}, {0x7ff, 0x7, 0x0, 0x1, 0x1, 0x1}, {0x6, 0x9, 0x0, 0x1, 0x1}, {0x9, 0x2, 0x0, 0x1}, {0x7fd, 0x7, 0x0, 0x1, 0x0, 0x1}, {0x7, 0xfff, 0x1, 0x1, 0x1}, {0x8, 0x4, 0x0, 0x0, 0x1, 0x1}, {0x3, 0x5, 0x1, 0x1, 0x0, 0x1}], [{0xbe, 0xd5, 0x0, 0x1, 0x0, 0x1}, {0x81, 0x7fffffff, 0x1, 0x1, 0x1}, {0xbc, 0xbf5e, 0x1, 0x0, 0x0, 0x1}, {0x8, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x100, 0x12e800, 0x1, 0x1, 0x1, 0x1}, {0x10, 0xf, 0x0, 0x1, 0x1}, {0xffff, 0x8, 0x0, 0x0, 0x0, 0x1}, {0x9, 0x3, 0x1, 0x1, 0x0, 0x1}, {0x80000000, 0x6, 0x0, 0x1}], 0x100, 0x2, 0x24, 0x9, 0x5, 0x1, 0x8, "938f570ba48ab1df6ea169301a0f4b75", "16fef137d6f6aa1d93e7fd319170d04be4063eb16bddc7a41e5782dfff02104539c9b5e571a002e14933724526d0c013"})
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x200100, 0x0)
r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_TSINFO_GET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=ANY=[@ANYBLOB="2c00000003e0d49b6a609c91da589037e16e77b2af4773f08d5c1f0246e92c717584476ef1c2bb43785f9ecd3b62c3998908572d04948c0dd7922082b1affdbb7b6f7bc51a2301c598c0648d2afe9ee9d2dcf3b46e511abebb403257d55ee2b679edc5ffca1b66818490cad698d95b79e0d379ef370b68155b6f73356b1e7c1f393d569113170a5bf50826b624a194eb1ee27b067163b7064a2d7f0fd156f1ee1d", @ANYRES16=r1, @ANYBLOB="010027bd7000fddbdf25190000001800018014000200776c616e3000"/38], 0x2c}, 0x1, 0x0, 0x0, 0x20040840}, 0x40840)
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x5, 0x0)
socket(0xa, 0x801, 0x84)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
msgctl$auto_IPC_INFO(0x100, 0x3, &(0x7f00000012c0)={{0x62d, 0xffffffffffffffff, 0xee00, 0x1, 0x5, 0x1, 0x9}, 0x0, 0x0, 0x1b, 0x7, 0x5, 0x7, 0x1, 0xdd34, 0x7, 0x8, @raw=0xffff})
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
settimeofday$auto(&(0x7f00000002c0)={0x4, 0x3}, &(0x7f0000000340)={0x5, 0xf})
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/bus/usb/drivers/cdc_phonet/bind\x00', 0x40000, 0x0)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x4e25, @loopback}, 0x54)
get_robust_list$auto(0x0, 0x0, 0x0)
getpid()
lsm_list_modules$auto(0x0, 0x0, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x6c, 0x697c}, 0xed71390}, 0x9a6, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x1102, 0x0)
read$auto(0x3, 0x0, 0xfdef)
r3 = socket(0x2, 0x1, 0x0)
getsockopt$auto(r3, 0x0, 0x43, 0x0, &(0x7f0000000100)=0x1d)
madvise$auto(0x0, 0xffffffffffff0004, 0x19)
ioperm$auto(0x7, 0x1, 0x7)

3.474532253s ago: executing program 0 (id=5767):
socket(0x2, 0x801, 0x100)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a)
mmap$auto(0x2, 0x400008, 0xc, 0x9b72, 0x2, 0x2)
r0 = clone3$auto(0x0, 0x10001)
socket(0x11, 0x6, 0x5)
r1 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x800, 0x0)
fcntl$auto(0x3, 0x4, 0xa553)
sendmmsg$auto(r1, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x107, 0x0, 0x1, 0x13}, 0xed71385}, 0x4, 0x3)
r2 = socket(0xa, 0x801, 0x106)
setsockopt$auto(r2, 0x6, 0x26, 0x0, 0x7)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @empty}, 0x51)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x9d, r0, 0x1000000000000001, 0x2)
openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000140), 0x240040, 0x0)
openat$auto_ftrace_event_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/tracing/events/vmalloc/free_vmap_area_noflush/filter\x00', 0x0, 0x0)
write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x8, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x3, 0x8000001f, 0x2, 0x6d3e, 0x9, 0x0, 0x4]}, 0x0)
fsopen$auto(0x0, 0x1)
r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x20000, 0x0)
ioctl$auto_TCSBRKP2(r4, 0x5425, 0x0)
ioctl$auto_TCSBRKP2(r4, 0x5425, 0x0)
mmap$auto(0x0, 0x400004, 0x7, 0x8000000009b72, 0x2, 0x8000)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$auto_CEC_DQEVENT(0xffffffffffffffff, 0xc0506107, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x3, 0x8, 0x1, 0x948e, 0x8003, 0x15f4da0d, 0x4000000003, 0x3, 0x800000262, 0x8000001e, 0x7, 0x6d3c, 0x3, 0x2, 0x5]}, 0x0)
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
socket(0xa, 0x5, 0x98)

2.550708074s ago: executing program 1 (id=5768):
sched_setaffinity$auto(0x1, 0x1, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0x2b, 0x1, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dmmidi2\x00', 0x1, 0x0)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
close_range$auto(0x2, 0x8, 0x2)
mmap$auto(0x0, 0x400004, 0xdf, 0x9b7f, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
r2 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0)
ioctl$auto_PAGEMAP_SCAN(r2, 0xc0606610, &(0x7f000000c380)={0x3, 0x0, 0x100000, 0xc, 0xfffffffffffffffe, 0x1, 0xffff, 0xbff, 0x200000000029, 0x2c, 0x2003, 0x2})
sysfs$auto(0xdf, 0x0, 0x0)
syz_genetlink_get_family_id$auto_psample(&(0x7f0000000040), r1)
r3 = openat$auto_aoe_fops_aoechr(0xffffffffffffff9c, &(0x7f0000000040)='/dev/etherd/flush\x00', 0x1, 0x0)
recvmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0x100, 0x0, 0x5, 0x0, 0x0, 0x4}, 0x800}, 0x10a, 0xe, 0x0)
writev$auto(r3, &(0x7f0000000140)={&(0x7f0000002ac0), 0x1ff}, 0x4)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/virtual/misc/userfaultfd/power/control\x00', 0x668000, 0x0)
socket(0x2, 0x1, 0x106)
ioctl$auto_SCSI_IOCTL_GET_IDLUN2(r1, 0x5382, &(0x7f0000000380)="2023aa3b8a11942cf9fae0bf2ca907cd1910a3dacf56f742ff53aae49aabd00700c8acac61bd00000000000000005d4f5a698773f30997a24e757a962868e6845e8c6362d445342a3718f7f42c8749a07401154ea06fce09442942b5879c94a2b592c85f960ba97312aac7d8e5aa639304e308199eabefe8d5172cfe03f64f63a8929189a4ec71dfb31cc4322c49d662bdd54cc5e5b33561b0190e996d11af8662")
socket(0x2, 0x1, 0x0)
shutdown$auto(0x200000003, 0x2)
read$auto_proc_iter_file_ops_compat_inode(r1, &(0x7f0000000180)=""/286, 0x11e)
read$auto_rng_chrdev_ops_core(r1, &(0x7f0000000480)=""/74, 0x4a)
mmap$auto(0xfffffffffffffffc, 0x8, 0x8, 0x7fffffffffffffff, 0xffffffffffffffff, 0xfffffffffffffffd)
ioctl$auto_SOUND_MIXER_READ_DEVMASK2(0xffffffffffffffff, 0x80044dfe, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x3ff, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
setfsgid$auto(0xee00)

2.463555352s ago: executing program 2 (id=5769):
r0 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder0\x00', 0x101000, 0x0)
ioctl$auto_BINDER_THREAD_EXIT(r0, 0x400448c9, 0x0)

2.267759729s ago: executing program 3 (id=5770):
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video1\x00', 0xc0400, 0x0)
ioctl$auto(0x3, 0x4020565a, 0x38)
openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000100)='/dev/binderfs/binder0\x00', 0x800, 0x0)
socket(0xa, 0x1, 0x100)
socket(0x1e, 0x1, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x101, 0x0)
socket(0x21, 0x3, 0x9)
mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00022abd7000dddbdf25020001000800030000000000080015"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0)
sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="0700000000000000df250a"], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x20000800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="18"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x100007}, 0x3, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948d, 0x3, 0x9, 0x3, 0x3, 0x3739aae3, 0x80000001, 0x7, 0x1, 0x38, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x3, 0xd, 0x1, 0x948b, 0x1, 0x15f4da0a, 0x1, 0xffffffffd09d8d67, 0x62, 0x80000023, 0x7, 0x6d3e, 0x9, 0x2, 0x2]}, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0)
write$auto(r1, &(0x7f0000000040)='S\x00\x00\x00\xfe\xff\xff\xff', 0x8587)
socket(0x10, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x1, 0x0)
openat$auto_cachefiles_daemon_fops_internal(0xffffffffffffff9c, &(0x7f0000000240), 0x8000, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x20000000001fd, 0x3, 0x200d, 0x10001, 0x8000000000000000, 0x6, 0x15f4da0a, 0x1000000001, 0x9, 0x62, 0x80080000020, 0x7, 0x6d3e, 0x9, 0x1, 0x200]}, 0x0)
close_range$auto(0x2, 0x8, 0x0)
ioctl$auto_BLKBSZSET(0xffffffffffffffff, 0x40081271, 0x0)

2.061084152s ago: executing program 2 (id=5771):
openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config/target/version\x00', 0xb0202, 0x0)
sched_setaffinity$auto(0x1, 0x1, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2b, 0x1, 0x0)
unshare$auto(0x40000080)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7fff)
ioctl$auto_SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x42, 0x0)
r1 = socket(0xa, 0x5, 0x84)
sendto$auto(r1, 0x0, 0x401, 0x101, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x1c)
sendmmsg$auto(r0, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000)
listen$auto(0x3, 0x81)
poll$auto(&(0x7f0000000d40)={0x3, 0x1, 0xa}, 0x5, 0x400)
shutdown$auto(0x200000003, 0x2)

1.901918767s ago: executing program 0 (id=5772):
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
nanosleep$auto(&(0x7f0000000180)={0x0, 0x44d4}, 0x0)
clock_nanosleep$auto(0x9, 0x0, 0x0, 0x0)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x4000008000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
io_uring_setup$auto(0x6, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
socket(0xa, 0x2, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004)
dup2$auto(0x0, 0x4)

1.046773336s ago: executing program 3 (id=5773):
openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, 0x0, 0x80080, 0x0)
openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/fuse\x00', 0x1c1041, 0x0)
openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/dynamic_events\x00', 0x542, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/suspend_stats/failed_suspend_noirq\x00', 0x8a100, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000040)=""/38, 0x26)
socket$nl_generic(0x10, 0x3, 0x10)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x3, 0xfffffffffffffffe]}, 0x0)
write$auto_fuse_dev_operations_fuse_i(r0, &(0x7f0000000440)="1100000007000000000000000000000001", 0x11)
openat$nci(0xffffffffffffff9c, 0x0, 0x2, 0x0)

784.731091ms ago: executing program 1 (id=5774):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
madvise$auto(0xfff, 0x8, 0xab8)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
setsockopt$auto(0x3, 0x6, 0x100000000, 0xfffffffffffffffc, 0xa)
socket(0x2, 0x801, 0x100)
mmap$auto(0x1, 0x3, 0x3, 0x55, r0, 0x8001)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_check_wx_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x400, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/system/node/has_memory\x00', 0x22100, 0x0)
read$auto_check_wx_fops_(r1, &(0x7f0000000080)=""/228, 0xe4)
mlockall$auto(0x5)
mmap$auto(0x2, 0x40000a, 0x2bb, 0x14, 0x2, 0x3)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv6/conf/sit0/ioam6_id\x00', 0x88800, 0x0)
openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000280), 0x40000, 0x0)
syz_genetlink_get_family_id$auto_nlbl_mgmt(0x0, 0xffffffffffffffff)
io_uring_setup$auto(0x8, 0x0)
unshare$auto(0x40000080)
socket(0x28, 0x80000, 0x300)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r2 = io_uring_setup$auto(0x6, 0x0)
openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000000), 0xc0643, 0x0)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000400)=ANY=[@ANYBLOB="14000000", @ANYRES8=r2, @ANYBLOB='\x00'/14], 0x14}, 0x1, 0x68, 0x0, 0x4000000}, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
socket(0x2, 0x1, 0x106)
getcwd$auto(0x0, 0xffffffffffffffff)
inotify_init1$auto(0x3000000000000)

781.546869ms ago: executing program 2 (id=5775):
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/user/max_time_namespaces\x00', 0x202, 0x0)
r0 = openat$auto_urandom_fops_random(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0)
ioctl$auto_RNDADDENTROPY2(r0, 0x40085203, &(0x7f0000000040)=[0x9, 0x1000])

525.680498ms ago: executing program 2 (id=5776):
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/user/max_time_namespaces\x00', 0x202, 0x0) (fail_nth: 7)

62.578682ms ago: executing program 0 (id=5777):
r0 = socket$nl_generic(0x11, 0x3, 0x10)
bind$auto(r0, &(0x7f0000000200)=@generic={0x11, "00030f00"}, 0x80)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
unshare$auto(0x40000080)
futex$auto(0x0, 0x85, 0x104, 0x0, 0x0, 0x7fffffff)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio1\x00', 0xc4502, 0x0)
mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
pipe2$auto(0x0, 0x80)
keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x5, 0x8)
keyctl$auto(0x15, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x8)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), r1)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f00000000c0)={0x0, 0x2, &(0x7f0000000dc0)={&(0x7f0000000380)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES64=r0, @ANYBLOB="01002abd7000fbdbdf250400000014001a80100704800c0001800500070004000000c9c92167eb3c492cb5a789089fe873e1298dea76bd22bfba34fb5b60e5546ec5019be74bd0034c283c102a967885411b2e1d6e51dd35e38fe19d3c4ceb7c97c059e7a7e10d627ba711d19f2c4ee2a5f1966d9177addf7cc35ffe80698235e8c28e2d9ded723d7f94ca8adb88ea7957cc4e6f033f3704c7ef02fcb87b6e3e25e03e4f919d175aa81f0dc7dcfbd3fe89b16269cdb8c5d3c685f9711e66ea02dade24deed8df50fceabc307b7ea9769375143a8552e99386e9d5762d4866c63c31f4113bc6afa235271"], 0x28}, 0x1, 0x0, 0x0, 0x4008040}, 0x4000804)
msync$auto(0x8, 0x5, 0x6000000a)
mmap$auto(0x2, 0x2020009, 0x5, 0x18, 0xfffffffffffffffa, 0x7ffc)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x2, 0x0)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000340)='/dev/v4l-subdev2\x00', 0x80000, 0x0)
mmap$auto(0x0, 0x800000002020009, 0x4ba, 0xeb1, 0xfffffffffffffffa, 0x8000)
r2 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x0, 0x0)
ioctl$auto_MON_IOCX_MFETCH(r2, 0xc0109207, &(0x7f0000000100)={0x0, 0x2000004, 0x7})
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/010/001\x00', 0x20000, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D0\x00', 0x2d0043, 0x0)

1.074595ms ago: executing program 2 (id=5778):
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/block/parameters/events_dfl_poll_msecs\x00', 0x80002, 0x0)
mmap$auto(0x0, 0x4000b, 0x7, 0x9b72, 0x7, 0x28000)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
inotify_init1$auto(0x3000000000000)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x25, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x15, 0x5, 0x0)
openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/cgroup\x00', 0x100382, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x2, 0x0)
inotify_init1$auto(0x3000000000000)
socket(0xa, 0x2, 0x3a)
r0 = io_uring_setup$auto(0x4, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, r0, 0x0)
open(0x0, 0x22240, 0x55)
openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$auto(0x3, 0x40246f4c, r1)

0s ago: executing program 3 (id=5779):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
read$auto_fake_panic_fops_(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC1D0c\x00', 0x9003, 0x0)
ioctl$auto_SNDRV_PCM_IOCTL_HW_REFINE2(r0, 0xc2604110, &(0x7f0000000040)={0x6, [{[0x2, 0xf5e, 0x1ff, 0xd, 0x7f, 0x8, 0x4, 0x663d349e]}, {[0x2, 0xa6, 0x5c915993, 0xfffffffd, 0x6, 0xe, 0x80000001, 0x3]}, {[0x6, 0xe, 0x2, 0x579c8feb, 0x9, 0x6, 0x7, 0xa53]}], [{[0x75d, 0x9, 0x6, 0x17f29ee4, 0x400, 0x7, 0xc, 0x44]}, {[0x1, 0xeade, 0x1, 0x1000003, 0xf0, 0x5, 0x101, 0x1]}, {[0x7e61, 0x6, 0x7, 0x0, 0x0, 0x5, 0x100, 0x9]}, {[0x4, 0x5, 0x1, 0xfffffff7, 0x5, 0x0, 0xfffffffb, 0x1]}, {[0x3, 0x1000, 0x8, 0x8, 0x2, 0xe8c, 0xf, 0xd403]}], [{0xfffffffa, 0x4, 0x0, 0x0, 0x1, 0x1}, {0x7f, 0x6, 0x1, 0x0, 0x0, 0x1}, {0x3, 0x1, 0x1, 0x0, 0x0, 0x1}, {0x5f, 0x1, 0x0, 0x0, 0x0, 0x1}, {0x5, 0x49c5fc8b, 0x0, 0x0, 0x0, 0x1}, {0x7ff, 0x7, 0x0, 0x1, 0x1, 0x1}, {0x6, 0x9, 0x0, 0x1, 0x1}, {0x9, 0x6, 0x0, 0x1}, {0x7fd, 0x7, 0x0, 0x1, 0x0, 0x1}, {0x7, 0xfffffffd, 0x1, 0x1, 0x1}, {0x8, 0x4, 0x0, 0x0, 0x1, 0x1}, {0x3, 0x5, 0x1, 0x1, 0x0, 0x1}], [{0xbe, 0xd5, 0x0, 0x1, 0x0, 0x1}, {0x81, 0x7fffffff, 0x1, 0x1, 0x1}, {0xbc, 0xbb5e, 0x1, 0x0, 0x0, 0x1}, {0x8, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x100, 0x12e800, 0x1, 0x1, 0x1, 0x1}, {0x2, 0xf, 0x0, 0x1, 0x1}, {0xffff, 0x8, 0x0, 0x0, 0x0, 0x1}, {0x9, 0x3, 0x1, 0x1, 0x0, 0x1}, {0x80000000, 0x6, 0x0, 0x1}], 0x100, 0x2, 0x4, 0x9, 0x5, 0x1, 0x8, "938f570ba48ab1df6ea169301a0f4b75", "16fef137d6f6aa1d93e7fd319170d04be4063eb16bddc7a41e5782dfff02104539c9b5e571a002e14933724526d0c013"})
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x200100, 0x0)
r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_TSINFO_GET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=ANY=[@ANYBLOB="2c00000003e0d49b6a609c91da589037e16e77b2af4773f08d5c1f0246e92c717584476ef1c2bb43785f9ecd3b62c3998908572d04948c0dd7922082b1affdbb7b6f7bc51a2301c598c0648d2afe9ee9d2dcf3b46e511abebb403257d55ee2b679edc5ffca1b66818490cad698d95b79e0d379ef370b68155b6f73356b1e7c1f393d569113170a5bf50826b624a194eb1ee27b067163b7064a2d7f0fd156f1ee1d", @ANYRES16=r1, @ANYBLOB="010027bd7000fddbdf25190000001800018014000200776c616e3000"/38], 0x2c}, 0x1, 0x0, 0x0, 0x20040840}, 0x40840)
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x5, 0x0)
socket(0xa, 0x801, 0x84)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x64)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
msgctl$auto_IPC_INFO(0x100, 0x3, &(0x7f00000012c0)={{0x62d, 0xffffffffffffffff, 0xee00, 0x1, 0x5, 0x1, 0x9}, 0x0, 0x0, 0x1b, 0x7, 0x5, 0x7, 0x1, 0xdd34, 0x7, 0x8, @raw=0xffff})
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/bus/usb/drivers/cdc_phonet/bind\x00', 0x40000, 0x0)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
get_robust_list$auto(0x0, 0x0, 0x0)
getpid()
lsm_list_modules$auto(0x0, 0x0, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x6c, 0x697c}, 0xed71390}, 0x9a6, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x1102, 0x0)
read$auto(0x3, 0x0, 0xfdef)
r3 = socket(0x2, 0x1, 0x0)
getsockopt$auto(r3, 0x0, 0x43, 0x0, &(0x7f0000000100)=0x1d)
madvise$auto(0x0, 0xffffffffffff0004, 0x19)
ioperm$auto(0x7, 0x1, 0x7)

kernel console output (not intermixed with test programs):

erm+0x10/0x10
[ 2621.705186][ T3748]  ? __lock_acquire+0xb8a/0x1c90
[ 2621.705238][ T3748]  ? d_add+0x47a/0x780
[ 2621.705258][ T3748]  ? do_raw_spin_unlock+0x172/0x230
[ 2621.705289][ T3748]  ? current_check_access_path+0x33c/0x460
[ 2621.705317][ T3748]  ? __pfx_current_check_access_path+0x10/0x10
[ 2621.705344][ T3748]  ? lookup_one_qstr_excl_raw.part.0+0xf9/0x160
[ 2621.705367][ T3748]  ? lookup_dcache+0x66/0x170
[ 2621.705396][ T3748]  tomoyo_path_mkdir+0x9b/0xe0
[ 2621.705428][ T3748]  ? __pfx_tomoyo_path_mkdir+0x10/0x10
[ 2621.705469][ T3748]  security_path_mkdir+0x154/0x2f0
[ 2621.705494][ T3748]  do_mkdirat+0x175/0x3e0
[ 2621.705527][ T3748]  ? __pfx_do_mkdirat+0x10/0x10
[ 2621.705559][ T3748]  ? getname_flags.part.0+0x1c5/0x550
[ 2621.705586][ T3748]  __x64_sys_mkdir+0xef/0x140
[ 2621.705617][ T3748]  do_syscall_64+0xcd/0x490
[ 2621.705651][ T3748]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2621.705672][ T3748] RIP: 0033:0x7f0dea18e929
[ 2621.705689][ T3748] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2621.705711][ T3748] RSP: 002b:00007f0de7ff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[ 2621.705730][ T3748] RAX: ffffffffffffffda RBX: 00007f0dea3b5fa0 RCX: 00007f0dea18e929
[ 2621.705744][ T3748] RDX: 0000000000000000 RSI: 0000000000004e4d RDI: 0000200000000000
[ 2621.705757][ T3748] RBP: 00007f0de7ff6090 R08: 0000000000000000 R09: 0000000000000000
[ 2621.705770][ T3748] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2621.705783][ T3748] R13: 0000000000000001 R14: 00007f0dea3b5fa0 R15: 00007ffcc6c432a8
[ 2621.705809][ T3748]  </TASK>
[ 2621.705828][ T3748] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 2622.867904][ T3771] device-mapper: ioctl: device name cannot contain '/'
[ 2623.986479][ T3793] FAULT_INJECTION: forcing a failure.
[ 2623.986479][ T3793] name failslab, interval 1, probability 0, space 0, times 0
[ 2623.999599][ T3793] CPU: 1 UID: 0 PID: 3793 Comm: syz.1.5487 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[ 2623.999641][ T3793] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2623.999660][ T3793] Call Trace:
[ 2623.999671][ T3793]  <TASK>
[ 2623.999684][ T3793]  dump_stack_lvl+0x16c/0x1f0
[ 2623.999735][ T3793]  should_fail_ex+0x512/0x640
[ 2623.999780][ T3793]  ? fs_reclaim_acquire+0xae/0x150
[ 2623.999819][ T3793]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 2623.999862][ T3793]  should_failslab+0xc2/0x120
[ 2623.999914][ T3793]  __kmalloc_noprof+0xd2/0x510
[ 2623.999972][ T3793]  tomoyo_realpath_from_path+0xc2/0x6e0
[ 2624.000029][ T3793]  tomoyo_check_open_permission+0x2ab/0x3c0
[ 2624.000070][ T3793]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[ 2624.000152][ T3793]  ? do_raw_spin_lock+0x12c/0x2b0
[ 2624.000219][ T3793]  tomoyo_file_open+0x6b/0x90
[ 2624.000277][ T3793]  security_file_open+0x84/0x1e0
[ 2624.000325][ T3793]  do_dentry_open+0x596/0x1c10
[ 2624.000386][ T3793]  vfs_open+0x82/0x3f0
[ 2624.000426][ T3793]  path_openat+0x1de4/0x2cb0
[ 2624.000488][ T3793]  ? __pfx_path_openat+0x10/0x10
[ 2624.000537][ T3793]  ? __lock_acquire+0xb8a/0x1c90
[ 2624.000584][ T3793]  do_filp_open+0x20b/0x470
[ 2624.000630][ T3793]  ? __pfx_do_filp_open+0x10/0x10
[ 2624.000709][ T3793]  ? alloc_fd+0x471/0x7d0
[ 2624.000764][ T3793]  do_sys_openat2+0x11b/0x1d0
[ 2624.000800][ T3793]  ? __pfx_do_sys_openat2+0x10/0x10
[ 2624.000842][ T3793]  ? __fget_files+0x20e/0x3c0
[ 2624.000893][ T3793]  __x64_sys_openat+0x174/0x210
[ 2624.000929][ T3793]  ? __pfx___x64_sys_openat+0x10/0x10
[ 2624.000966][ T3793]  ? ksys_write+0x1ac/0x250
[ 2624.001028][ T3793]  do_syscall_64+0xcd/0x490
[ 2624.001083][ T3793]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2624.001116][ T3793] RIP: 0033:0x7f317178e929
[ 2624.001142][ T3793] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2624.001173][ T3793] RSP: 002b:00007f317264e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 2624.001213][ T3793] RAX: ffffffffffffffda RBX: 00007f31719b5fa0 RCX: 00007f317178e929
[ 2624.001235][ T3793] RDX: 0000000000040080 RSI: 0000200000000100 RDI: ffffffffffffff9c
[ 2624.001255][ T3793] RBP: 00007f317264e090 R08: 0000000000000000 R09: 0000000000000000
[ 2624.001275][ T3793] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2624.001294][ T3793] R13: 0000000000000001 R14: 00007f31719b5fa0 R15: 00007ffd03636e98
[ 2624.001336][ T3793]  </TASK>
[ 2624.001985][ T3793] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 2624.373593][ T3797] FAULT_INJECTION: forcing a failure.
[ 2624.373593][ T3797] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2624.392841][ T3797] CPU: 1 UID: 0 PID: 3797 Comm: syz.2.5489 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[ 2624.392885][ T3797] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2624.392903][ T3797] Call Trace:
[ 2624.392914][ T3797]  <TASK>
[ 2624.392926][ T3797]  dump_stack_lvl+0x16c/0x1f0
[ 2624.392978][ T3797]  should_fail_ex+0x512/0x640
[ 2624.393031][ T3797]  _copy_from_iter+0x463/0x16f0
[ 2624.393088][ T3797]  ? rcu_is_watching+0x12/0xc0
[ 2624.393121][ T3797]  ? __pfx__copy_from_iter+0x10/0x10
[ 2624.393169][ T3797]  ? kmem_cache_alloc_noprof+0x21e/0x3b0
[ 2624.393230][ T3797]  ? __asan_memset+0x23/0x50
[ 2624.393274][ T3797]  ? __build_skb_around+0x278/0x3b0
[ 2624.393318][ T3797]  ? is_vmalloc_addr+0x86/0xa0
[ 2624.393372][ T3797]  netlink_sendmsg+0x829/0xdd0
[ 2624.393415][ T3797]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2624.393466][ T3797]  ____sys_sendmsg+0xa98/0xc70
[ 2624.393508][ T3797]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2624.393553][ T3797]  ? __pfx__kstrtoull+0x10/0x10
[ 2624.393599][ T3797]  ___sys_sendmsg+0x134/0x1d0
[ 2624.393652][ T3797]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2624.393722][ T3797]  ? find_held_lock+0x2b/0x80
[ 2624.393779][ T3797]  __sys_sendmmsg+0x200/0x420
[ 2624.393836][ T3797]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 2624.393900][ T3797]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 2624.393970][ T3797]  ? fput+0x70/0xf0
[ 2624.394003][ T3797]  ? ksys_write+0x1ac/0x250
[ 2624.394048][ T3797]  ? __pfx_ksys_write+0x10/0x10
[ 2624.394114][ T3797]  __x64_sys_sendmmsg+0x9c/0x100
[ 2624.394164][ T3797]  ? lockdep_hardirqs_on+0x7c/0x110
[ 2624.394216][ T3797]  do_syscall_64+0xcd/0x490
[ 2624.394269][ T3797]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2624.394301][ T3797] RIP: 0033:0x7f0dea18e929
[ 2624.394327][ T3797] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2624.394358][ T3797] RSP: 002b:00007f0de7ff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 2624.394388][ T3797] RAX: ffffffffffffffda RBX: 00007f0dea3b5fa0 RCX: 00007f0dea18e929
[ 2624.394409][ T3797] RDX: 0000000000000007 RSI: 0000200000000200 RDI: 0000000000000003
[ 2624.394429][ T3797] RBP: 00007f0de7ff6090 R08: 0000000000000000 R09: 0000000000000000
[ 2624.394447][ T3797] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000001
[ 2624.394466][ T3797] R13: 0000000000000000 R14: 00007f0dea3b5fa0 R15: 00007ffcc6c432a8
[ 2624.394506][ T3797]  </TASK>
[ 2624.636215][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2625.672364][ T3820] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5496'.
[ 2626.134565][ T3826] FAULT_INJECTION: forcing a failure.
[ 2626.134565][ T3826] name fail_page_alloc, interval 1, probability 0, space 0, times 0

[ 2626.184673][ T3826] CPU: 1 UID: 0 PID: 3826 Comm: syz.2.5498 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[ 2626.184730][ T3826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2626.184749][ T3826] Call Trace:
[ 2626.184759][ T3826]  <TASK>
[ 2626.184772][ T3826]  dump_stack_lvl+0x16c/0x1f0
[ 2626.184824][ T3826]  should_fail_ex+0x512/0x640
[ 2626.184876][ T3826]  should_fail_alloc_page+0xe7/0x130
[ 2626.184908][ T3826]  prepare_alloc_pages+0x3c2/0x610
[ 2626.184952][ T3826]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[ 2626.185006][ T3826]  ? kasan_save_stack+0x42/0x60
[ 2626.185050][ T3826]  ? kasan_save_stack+0x33/0x60
[ 2626.185099][ T3826]  ? kasan_save_track+0x14/0x30
[ 2626.185142][ T3826]  ? __kasan_slab_alloc+0x89/0x90
[ 2626.185187][ T3826]  ? kmem_cache_alloc_noprof+0x1cb/0x3b0
[ 2626.185232][ T3826]  ? __pmd_alloc+0xbf/0x930
[ 2626.185263][ T3826]  ? __handle_mm_fault+0xaac/0x5490
[ 2626.185301][ T3826]  ? handle_mm_fault+0x589/0xd10
[ 2626.185339][ T3826]  ? do_user_addr_fault+0x7a6/0x1370
[ 2626.185381][ T3826]  ? exc_page_fault+0x5c/0xb0
[ 2626.185423][ T3826]  ? asm_exc_page_fault+0x26/0x30
[ 2626.185452][ T3826]  ? rep_movs_alternative+0x30/0x90
[ 2626.185487][ T3826]  ? _copy_from_user+0x98/0xd0
[ 2626.185532][ T3826]  ? mem_rw+0x1e2/0x680
[ 2626.185559][ T3826]  ? vfs_writev+0x5dc/0xde0
[ 2626.185598][ T3826]  ? do_writev+0x132/0x340
[ 2626.185636][ T3826]  ? do_syscall_64+0xcd/0x490
[ 2626.185681][ T3826]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2626.185716][ T3826]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 2626.185784][ T3826]  ? __lock_acquire+0xb8a/0x1c90
[ 2626.185829][ T3826]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 2626.185877][ T3826]  ? policy_nodemask+0xea/0x4e0
[ 2626.185910][ T3826]  alloc_pages_mpol+0x1fb/0x550
[ 2626.185943][ T3826]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 2626.185977][ T3826]  ? __thp_vma_allowable_orders+0x1c5/0xb10
[ 2626.186020][ T3826]  alloc_pages_noprof+0x131/0x390
[ 2626.186051][ T3826]  pte_alloc_one+0x1c/0x3a0
[ 2626.186105][ T3826]  __handle_mm_fault+0x3a68/0x5490
[ 2626.186173][ T3826]  ? __pfx___handle_mm_fault+0x10/0x10
[ 2626.186212][ T3826]  ? __pfx_mt_find+0x10/0x10
[ 2626.186270][ T3826]  ? find_vma+0xbf/0x140
[ 2626.186306][ T3826]  ? __pfx_find_vma+0x10/0x10
[ 2626.186343][ T3826]  handle_mm_fault+0x589/0xd10
[ 2626.186389][ T3826]  ? __pkru_allows_pkey+0x41/0xb0
[ 2626.186443][ T3826]  do_user_addr_fault+0x7a6/0x1370
[ 2626.186495][ T3826]  ? rcu_is_watching+0x12/0xc0
[ 2626.186533][ T3826]  exc_page_fault+0x5c/0xb0
[ 2626.186579][ T3826]  asm_exc_page_fault+0x26/0x30
[ 2626.186611][ T3826] RIP: 0010:rep_movs_alternative+0x30/0x90
[ 2626.186650][ T3826] Code: 83 f9 08 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 bd 10 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08
[ 2626.186682][ T3826] RSP: 0018:ffffc9000b48fbe8 EFLAGS: 00050246
[ 2626.186708][ T3826] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000008
[ 2626.186728][ T3826] RDX: ffffed100f355601 RSI: 0000000000000000 RDI: ffff888079aab000
[ 2626.186749][ T3826] RBP: 0000000000000008 R08: 0000000000000001 R09: ffffed100f355600
[ 2626.186768][ T3826] R10: ffff888079aab007 R11: 0000000000000001 R12: 0000000000000000
[ 2626.186787][ T3826] R13: ffff888079aab000 R14: 0000000000000000 R15: 0000000000000000
[ 2626.186829][ T3826]  _copy_from_user+0x98/0xd0
[ 2626.186881][ T3826]  mem_rw+0x1e2/0x680
[ 2626.186920][ T3826]  ? __pfx_mem_write+0x10/0x10
[ 2626.186950][ T3826]  vfs_writev+0x5dc/0xde0
[ 2626.186989][ T3826]  ? __pfx___mutex_trylock_common+0x10/0x10
[ 2626.187046][ T3826]  ? __pfx_vfs_writev+0x10/0x10
[ 2626.187094][ T3826]  ? __mutex_lock+0x1ca/0xb90
[ 2626.187154][ T3826]  ? __pfx___mutex_lock+0x10/0x10
[ 2626.187216][ T3826]  ? __fget_files+0x20e/0x3c0
[ 2626.187257][ T3826]  ? __fget_files+0x200/0x3c0
[ 2626.187309][ T3826]  ? do_writev+0x132/0x340
[ 2626.187349][ T3826]  do_writev+0x132/0x340
[ 2626.187403][ T3826]  ? __pfx_do_writev+0x10/0x10
[ 2626.187457][ T3826]  do_syscall_64+0xcd/0x490
[ 2626.187508][ T3826]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2626.187539][ T3826] RIP: 0033:0x7f0dea18e929
[ 2626.187563][ T3826] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2626.187593][ T3826] RSP: 002b:00007f0de7ff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 2626.187620][ T3826] RAX: ffffffffffffffda RBX: 00007f0dea3b5fa0 RCX: 00007f0dea18e929
[ 2626.187641][ T3826] RDX: 0010000000000007 RSI: 0000200000000040 RDI: 0000000000000003
[ 2626.187660][ T3826] RBP: 00007f0de7ff6090 R08: 0000000000000000 R09: 0000000000000000
[ 2626.187680][ T3826] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2626.187698][ T3826] R13: 0000000000000000 R14: 00007f0dea3b5fa0 R15: 00007ffcc6c432a8
[ 2626.187739][ T3826]  </TASK>
[ 2626.650898][    C1] vkms_vblank_simulate: vblank timer overrun
syzkaller
syzkaller login: [ 2626.915777][ T3836] FAULT_INJECTION: forcing a failure.
[ 2626.915777][ T3836] name failslab, interval 1, probability 0, space 0, times 0
[ 2626.934414][ T3836] CPU: 1 UID: 0 PID: 3836 Comm: syz.2.5503 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[ 2626.934457][ T3836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2626.934477][ T3836] Call Trace:
[ 2626.934487][ T3836]  <TASK>
[ 2626.934500][ T3836]  dump_stack_lvl+0x16c/0x1f0
[ 2626.934548][ T3836]  should_fail_ex+0x512/0x640
[ 2626.934589][ T3836]  ? __kmalloc_cache_noprof+0x57/0x3e0
[ 2626.934634][ T3836]  should_failslab+0xc2/0x120
[ 2626.934664][ T3836]  __kmalloc_cache_noprof+0x6a/0x3e0
[ 2626.934703][ T3836]  ? affs_init_fs_context+0x197/0x450
[ 2626.934749][ T3836]  ? fscontext_alloc_log+0x4a/0x1b0
[ 2626.934784][ T3836]  fscontext_alloc_log+0x4a/0x1b0
[ 2626.934815][ T3836]  __x64_sys_fsopen+0x157/0x240
[ 2626.934844][ T3836]  do_syscall_64+0xcd/0x490
[ 2626.934893][ T3836]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2626.934925][ T3836] RIP: 0033:0x7f0dea18e929
[ 2626.934949][ T3836] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2626.934980][ T3836] RSP: 002b:00007f0de7ff6038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae
[ 2626.935014][ T3836] RAX: ffffffffffffffda RBX: 00007f0dea3b5fa0 RCX: 00007f0dea18e929
[ 2626.935032][ T3836] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[ 2626.935049][ T3836] RBP: 00007f0de7ff6090 R08: 0000000000000000 R09: 0000000000000000
[ 2626.935066][ T3836] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2626.935082][ T3836] R13: 0000000000000000 R14: 00007f0dea3b5fa0 R15: 00007ffcc6c432a8
[ 2626.935116][ T3836]  </TASK>
[ 2627.098518][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2627.180953][ T3840] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5504'.
[ 2627.242916][ T3834] program syz.1.5502 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 2627.638280][ T3856] netlink: 342 bytes leftover after parsing attributes in process `syz.1.5509'.
[ 2627.836457][ T3862] netlink: 326 bytes leftover after parsing attributes in process `syz.1.5510'.
[ 2628.071834][ T3870] FAULT_INJECTION: forcing a failure.
[ 2628.071834][ T3870] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2628.097261][ T3870] CPU: 1 UID: 0 PID: 3870 Comm: syz.1.5511 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[ 2628.097294][ T3870] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2628.097308][ T3870] Call Trace:
[ 2628.097316][ T3870]  <TASK>
[ 2628.097338][ T3870]  dump_stack_lvl+0x16c/0x1f0
[ 2628.097376][ T3870]  should_fail_ex+0x512/0x640
[ 2628.097414][ T3870]  should_fail_alloc_page+0xe7/0x130
[ 2628.097438][ T3870]  prepare_alloc_pages+0x3c2/0x610
[ 2628.097470][ T3870]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[ 2628.097507][ T3870]  ? __alloc_frozen_pages_noprof+0x294/0x23f0
[ 2628.097544][ T3870]  ? kasan_save_stack+0x42/0x60
[ 2628.097575][ T3870]  ? kasan_save_stack+0x33/0x60
[ 2628.097606][ T3870]  ? kasan_save_track+0x14/0x30
[ 2628.097637][ T3870]  ? __kasan_slab_alloc+0x89/0x90
[ 2628.097676][ T3870]  ? kmem_cache_alloc_noprof+0x1cb/0x3b0
[ 2628.097710][ T3870]  ? __pmd_alloc+0xbf/0x930
[ 2628.097733][ T3870]  ? __handle_mm_fault+0xaac/0x5490
[ 2628.097762][ T3870]  ? handle_mm_fault+0x589/0xd10
[ 2628.097794][ T3870]  ? do_user_addr_fault+0x7a6/0x1370
[ 2628.097825][ T3870]  ? exc_page_fault+0x5c/0xb0
[ 2628.097855][ T3870]  ? asm_exc_page_fault+0x26/0x30
[ 2628.097878][ T3870]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 2628.097914][ T3870]  ? __x64_sys_ioctl+0x114/0x210
[ 2628.097940][ T3870]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2628.097984][ T3870]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 2628.098022][ T3870]  ? policy_nodemask+0xea/0x4e0
[ 2628.098046][ T3870]  alloc_pages_mpol+0x1fb/0x550
[ 2628.098069][ T3870]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 2628.098092][ T3870]  ? do_raw_spin_lock+0x12c/0x2b0
[ 2628.098131][ T3870]  ? find_held_lock+0x2b/0x80
[ 2628.098156][ T3870]  alloc_pages_noprof+0x131/0x390
[ 2628.098178][ T3870]  pte_alloc_one+0x1c/0x3a0
[ 2628.098213][ T3870]  __do_fault+0x320/0x490
[ 2628.098253][ T3870]  ? __pfx_filemap_map_pages+0x10/0x10
[ 2628.098289][ T3870]  __handle_mm_fault+0x374c/0x5490
[ 2628.098326][ T3870]  ? __pfx___handle_mm_fault+0x10/0x10
[ 2628.098354][ T3870]  ? __pfx_mt_find+0x10/0x10
[ 2628.098391][ T3870]  ? find_vma+0xbf/0x140
[ 2628.098413][ T3870]  ? __pfx_find_vma+0x10/0x10
[ 2628.098438][ T3870]  handle_mm_fault+0x589/0xd10
[ 2628.098469][ T3870]  ? __pkru_allows_pkey+0x41/0xb0
[ 2628.098500][ T3870]  do_user_addr_fault+0x7a6/0x1370
[ 2628.098533][ T3870]  ? rcu_is_watching+0x12/0xc0
[ 2628.098559][ T3870]  exc_page_fault+0x5c/0xb0
[ 2628.098592][ T3870]  asm_exc_page_fault+0x26/0x30
[ 2628.098613][ T3870] RIP: 0010:__put_user_4+0xd/0x20
[ 2628.098647][ T3870] Code: 66 89 01 31 c9 0f 01 ca e9 d0 5a 03 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca c3 cc cc cc cc 0f 1f 80 00 00 00 00 90 90 90
[ 2628.098674][ T3870] RSP: 0018:ffffc9000cd47c78 EFLAGS: 00050202
[ 2628.098693][ T3870] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000004
[ 2628.098707][ T3870] RDX: ffff88807ee28000 RSI: ffffffff82497a87 RDI: ffffffff8c1565a0
[ 2628.098723][ T3870] RBP: ffff888078e46850 R08: 3b8f596bbd88045d R09: 0000000000000000
[ 2628.098738][ T3870] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000000
[ 2628.098751][ T3870] R13: 0000000000000004 R14: 0000000000080000 R15: ffff888078e46850
[ 2628.098775][ T3870]  ? inotify_ioctl+0x1d7/0x290
[ 2628.098815][ T3870]  inotify_ioctl+0x1e3/0x290
[ 2628.098851][ T3870]  ? __pfx_inotify_ioctl+0x10/0x10
[ 2628.098887][ T3870]  do_vfs_ioctl+0x153f/0x1a60
[ 2628.098915][ T3870]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 2628.098966][ T3870]  ? find_held_lock+0x2b/0x80
[ 2628.098994][ T3870]  ? hook_file_ioctl_common+0x145/0x410
[ 2628.099038][ T3870]  ? __fget_files+0x20e/0x3c0
[ 2628.099098][ T3870]  __x64_sys_ioctl+0x114/0x210
[ 2628.099138][ T3870]  do_syscall_64+0xcd/0x490
[ 2628.099189][ T3870]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2628.099221][ T3870] RIP: 0033:0x7f317178e929
[ 2628.099246][ T3870] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2628.099278][ T3870] RSP: 002b:00007f317264e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2628.099306][ T3870] RAX: ffffffffffffffda RBX: 00007f31719b5fa0 RCX: 00007f317178e929
[ 2628.099327][ T3870] RDX: 0000000000000004 RSI: 000000000000541b RDI: 0000000000000003
[ 2628.099346][ T3870] RBP: 00007f317264e090 R08: 0000000000000000 R09: 0000000000000000
[ 2628.099365][ T3870] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2628.099384][ T3870] R13: 0000000000000000 R14: 00007f31719b5fa0 R15: 00007ffd03636e98
[ 2628.099424][ T3870]  </TASK>
[ 2628.854793][ T3875] hub 8-0:1.0: USB hub found
[ 2628.888723][ T3875] hub 8-0:1.0: 1 port detected
[ 2628.917608][ T3877] FAULT_INJECTION: forcing a failure.
[ 2628.917608][ T3877] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2628.955541][ T3877] CPU: 1 UID: 0 PID: 3877 Comm: syz.2.5515 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[ 2628.955585][ T3877] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2628.955604][ T3877] Call Trace:
[ 2628.955615][ T3877]  <TASK>
[ 2628.955627][ T3877]  dump_stack_lvl+0x16c/0x1f0
[ 2628.955678][ T3877]  should_fail_ex+0x512/0x640
[ 2628.955729][ T3877]  should_fail_alloc_page+0xe7/0x130
[ 2628.955763][ T3877]  prepare_alloc_pages+0x3c2/0x610
[ 2628.955806][ T3877]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[ 2628.955861][ T3877]  ? __lock_acquire+0x622/0x1c90
[ 2628.955923][ T3877]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 2628.955997][ T3877]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 2628.956049][ T3877]  ? policy_nodemask+0xea/0x4e0
[ 2628.956080][ T3877]  alloc_pages_mpol+0x1fb/0x550
[ 2628.956105][ T3877]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 2628.956134][ T3877]  alloc_pages_noprof+0x131/0x390
[ 2628.956176][ T3877]  __pmd_alloc+0x3b/0x930
[ 2628.956201][ T3877]  ? find_held_lock+0x2b/0x80
[ 2628.956226][ T3877]  __handle_mm_fault+0xaac/0x5490
[ 2628.956281][ T3877]  ? __pfx___handle_mm_fault+0x10/0x10
[ 2628.956321][ T3877]  ? __pfx_mt_find+0x10/0x10
[ 2628.956376][ T3877]  ? find_vma+0xbf/0x140
[ 2628.956401][ T3877]  ? __pfx_find_vma+0x10/0x10
[ 2628.956427][ T3877]  handle_mm_fault+0x589/0xd10
[ 2628.956459][ T3877]  ? __pkru_allows_pkey+0x41/0xb0
[ 2628.956492][ T3877]  do_user_addr_fault+0x7a6/0x1370
[ 2628.956526][ T3877]  ? rcu_is_watching+0x12/0xc0
[ 2628.956552][ T3877]  exc_page_fault+0x5c/0xb0
[ 2628.956586][ T3877]  asm_exc_page_fault+0x26/0x30
[ 2628.956608][ T3877] RIP: 0010:rep_movs_alternative+0x4a/0x90
[ 2628.956638][ T3877] Code: 10 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 e9 8f 10 04 00 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[ 2628.956661][ T3877] RSP: 0018:ffffc90003a3f7d0 EFLAGS: 00050206
[ 2628.956681][ T3877] RAX: 0000000000000001 RBX: 00000000000000c4 RCX: 00000000000000c4
[ 2628.956696][ T3877] RDX: ffffed1006473151 RSI: 0000000000000000 RDI: ffff8880323989c0
[ 2628.956711][ T3877] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffed1006473150
[ 2628.956726][ T3877] R10: ffff888032398a83 R11: 0000000000000000 R12: ffffc90003a3fd60
[ 2628.956741][ T3877] R13: 00000000000000c4 R14: ffff8880323989c0 R15: 00007ffffffff000
[ 2628.956771][ T3877]  _copy_from_iter+0x383/0x16f0
[ 2628.956813][ T3877]  ? __alloc_skb+0x200/0x380
[ 2628.956848][ T3877]  ? __pfx__copy_from_iter+0x10/0x10
[ 2628.956887][ T3877]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[ 2628.956927][ T3877]  netlink_sendmsg+0x829/0xdd0
[ 2628.956957][ T3877]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2628.956994][ T3877]  ____sys_sendmsg+0xa98/0xc70
[ 2628.957022][ T3877]  ? copy_msghdr_from_user+0x10a/0x160
[ 2628.957058][ T3877]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2628.957090][ T3877]  ? __pfx__kstrtoull+0x10/0x10
[ 2628.957124][ T3877]  ___sys_sendmsg+0x134/0x1d0
[ 2628.957161][ T3877]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2628.957211][ T3877]  ? find_held_lock+0x2b/0x80
[ 2628.957252][ T3877]  __sys_sendmmsg+0x200/0x420
[ 2628.957291][ T3877]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 2628.957349][ T3877]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 2628.957408][ T3877]  ? fput+0x70/0xf0
[ 2628.957428][ T3877]  ? ksys_write+0x1ac/0x250
[ 2628.957458][ T3877]  ? __pfx_ksys_write+0x10/0x10
[ 2628.957493][ T3877]  __x64_sys_sendmmsg+0x9c/0x100
[ 2628.957525][ T3877]  ? lockdep_hardirqs_on+0x7c/0x110
[ 2628.957556][ T3877]  do_syscall_64+0xcd/0x490
[ 2628.957590][ T3877]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2628.957612][ T3877] RIP: 0033:0x7f0dea18e929
[ 2628.957647][ T3877] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2628.957669][ T3877] RSP: 002b:00007f0de7ff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 2628.957689][ T3877] RAX: ffffffffffffffda RBX: 00007f0dea3b5fa0 RCX: 00007f0dea18e929
[ 2628.957704][ T3877] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003
[ 2628.957718][ T3877] RBP: 00007f0de7ff6090 R08: 0000000000000000 R09: 0000000000000000
[ 2628.957732][ T3877] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2628.957746][ T3877] R13: 0000000000000000 R14: 00007f0dea3b5fa0 R15: 00007ffcc6c432a8
[ 2628.957774][ T3877]  </TASK>
[ 2629.522492][ T3882] Scaler: =================  START STATUS  =================
[ 2629.550644][ T3882] Scaler: ==================  END STATUS  ==================
[ 2629.790760][ T3890] FAULT_INJECTION: forcing a failure.
[ 2629.790760][ T3890] name failslab, interval 1, probability 0, space 0, times 0
[ 2629.803572][ T3890] CPU: 1 UID: 0 PID: 3890 Comm: syz.0.5519 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[ 2629.803606][ T3890] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2629.803621][ T3890] Call Trace:
[ 2629.803629][ T3890]  <TASK>
[ 2629.803638][ T3890]  dump_stack_lvl+0x16c/0x1f0
[ 2629.803678][ T3890]  should_fail_ex+0x512/0x640
[ 2629.803712][ T3890]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 2629.803750][ T3890]  should_failslab+0xc2/0x120
[ 2629.803780][ T3890]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 2629.803816][ T3890]  ? proc_net_ns_init+0x42/0x410
[ 2629.803845][ T3890]  ? __pfx_proc_net_ns_init+0x10/0x10
[ 2629.803869][ T3890]  proc_net_ns_init+0x42/0x410
[ 2629.803892][ T3890]  ? __pfx_proc_net_ns_init+0x10/0x10
[ 2629.803913][ T3890]  ops_init+0x1df/0x5f0
[ 2629.803976][ T3890]  setup_net+0x1ff/0x510
[ 2629.803999][ T3890]  ? lockdep_init_map_type+0x5c/0x280
[ 2629.804035][ T3890]  ? __pfx_setup_net+0x10/0x10
[ 2629.804060][ T3890]  ? debug_mutex_init+0x37/0x70
[ 2629.804087][ T3890]  copy_net_ns+0x2a6/0x5f0
[ 2629.804116][ T3890]  create_new_namespaces+0x3ea/0xa90
[ 2629.804151][ T3890]  unshare_nsproxy_namespaces+0xc0/0x1f0
[ 2629.804183][ T3890]  ksys_unshare+0x45b/0xa40
[ 2629.804220][ T3890]  ? __pfx_ksys_unshare+0x10/0x10
[ 2629.804255][ T3890]  ? ksys_write+0x1ac/0x250
[ 2629.804319][ T3890]  __x64_sys_unshare+0x31/0x40
[ 2629.804353][ T3890]  do_syscall_64+0xcd/0x490
[ 2629.804397][ T3890]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2629.804424][ T3890] RIP: 0033:0x7fa5d698e929
[ 2629.804446][ T3890] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2629.804472][ T3890] RSP: 002b:00007fa5d77af038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[ 2629.804496][ T3890] RAX: ffffffffffffffda RBX: 00007fa5d6bb5fa0 RCX: 00007fa5d698e929
[ 2629.804515][ T3890] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[ 2629.804533][ T3890] RBP: 00007fa5d77af090 R08: 0000000000000000 R09: 0000000000000000
[ 2629.804550][ T3890] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2629.804566][ T3890] R13: 0000000000000000 R14: 00007fa5d6bb5fa0 R15: 00007ffe9ab497e8
[ 2629.804604][ T3890]  </TASK>
[ 2632.023013][ T3932] FAULT_INJECTION: forcing a failure.
[ 2632.023013][ T3932] name failslab, interval 1, probability 0, space 0, times 0
[ 2632.072728][ T3932] CPU: 1 UID: 0 PID: 3932 Comm: syz.3.5527 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[ 2632.072776][ T3932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2632.072796][ T3932] Call Trace:
[ 2632.072806][ T3932]  <TASK>
[ 2632.072818][ T3932]  dump_stack_lvl+0x16c/0x1f0
[ 2632.072870][ T3932]  should_fail_ex+0x512/0x640
[ 2632.072914][ T3932]  ? fs_reclaim_acquire+0xae/0x150
[ 2632.072954][ T3932]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 2632.072999][ T3932]  should_failslab+0xc2/0x120
[ 2632.073029][ T3932]  __kmalloc_noprof+0xd2/0x510
[ 2632.073105][ T3932]  tomoyo_realpath_from_path+0xc2/0x6e0
[ 2632.073164][ T3932]  tomoyo_check_open_permission+0x2ab/0x3c0
[ 2632.073204][ T3932]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[ 2632.073288][ T3932]  ? do_raw_spin_lock+0x12c/0x2b0
[ 2632.073350][ T3932]  tomoyo_file_open+0x6b/0x90
[ 2632.073402][ T3932]  security_file_open+0x84/0x1e0
[ 2632.073446][ T3932]  do_dentry_open+0x596/0x1c10
[ 2632.073520][ T3932]  vfs_open+0x82/0x3f0
[ 2632.073558][ T3932]  path_openat+0x1de4/0x2cb0
[ 2632.073624][ T3932]  ? __pfx_path_openat+0x10/0x10
[ 2632.073671][ T3932]  ? __lock_acquire+0xb8a/0x1c90
[ 2632.073716][ T3932]  do_filp_open+0x20b/0x470
[ 2632.073762][ T3932]  ? __pfx_do_filp_open+0x10/0x10
[ 2632.073837][ T3932]  ? alloc_fd+0x471/0x7d0
[ 2632.073890][ T3932]  do_sys_openat2+0x11b/0x1d0
[ 2632.073924][ T3932]  ? __pfx_do_sys_openat2+0x10/0x10
[ 2632.073964][ T3932]  ? __fget_files+0x20e/0x3c0
[ 2632.074015][ T3932]  __x64_sys_openat+0x174/0x210
[ 2632.074051][ T3932]  ? __pfx___x64_sys_openat+0x10/0x10
[ 2632.074084][ T3932]  ? ksys_write+0x1ac/0x250
[ 2632.074141][ T3932]  do_syscall_64+0xcd/0x490
[ 2632.074192][ T3932]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2632.074223][ T3932] RIP: 0033:0x7fb1c438e929
[ 2632.074248][ T3932] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2632.074279][ T3932] RSP: 002b:00007fb1c21f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 2632.074309][ T3932] RAX: ffffffffffffffda RBX: 00007fb1c45b5fa0 RCX: 00007fb1c438e929
[ 2632.074329][ T3932] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c
[ 2632.074348][ T3932] RBP: 00007fb1c21f6090 R08: 0000000000000000 R09: 0000000000000000
[ 2632.074366][ T3932] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2632.074385][ T3932] R13: 0000000000000000 R14: 00007fb1c45b5fa0 R15: 00007ffc33164038
[ 2632.074425][ T3932]  </TASK>
[ 2632.342396][ T3932] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 2632.890388][ T3865] Bluetooth: hci0: unexpected subevent 0x01 length: 122 > 18
[ 2633.383709][ T3955] FAULT_INJECTION: forcing a failure.
[ 2633.383709][ T3955] name failslab, interval 1, probability 0, space 0, times 0
[ 2633.408895][ T3955] CPU: 1 UID: 0 PID: 3955 Comm: syz.3.5532 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[ 2633.408942][ T3955] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2633.408961][ T3955] Call Trace:
[ 2633.408973][ T3955]  <TASK>
[ 2633.408985][ T3955]  dump_stack_lvl+0x16c/0x1f0
[ 2633.409040][ T3955]  should_fail_ex+0x512/0x640
[ 2633.409086][ T3955]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 2633.409141][ T3955]  should_failslab+0xc2/0x120
[ 2633.409173][ T3955]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 2633.409223][ T3955]  ? security_file_alloc+0x34/0x2b0
[ 2633.409273][ T3955]  security_file_alloc+0x34/0x2b0
[ 2633.409318][ T3955]  init_file+0x93/0x4c0
[ 2633.409351][ T3955]  alloc_empty_file+0x73/0x1e0
[ 2633.409388][ T3955]  alloc_file_pseudo+0x13a/0x230
[ 2633.409426][ T3955]  ? __pfx_alloc_file_pseudo+0x10/0x10
[ 2633.409474][ T3955]  sock_alloc_file+0x50/0x210
[ 2633.409518][ T3955]  do_accept+0x240/0x530
[ 2633.409566][ T3955]  ? do_raw_spin_lock+0x12c/0x2b0
[ 2633.409617][ T3955]  ? __pfx_do_accept+0x10/0x10
[ 2633.409703][ T3955]  __sys_accept4+0x100/0x1c0
[ 2633.409746][ T3955]  ? __pfx___sys_accept4+0x10/0x10
[ 2633.409786][ T3955]  ? ksys_write+0x1ac/0x250
[ 2633.409830][ T3955]  ? __pfx_ksys_write+0x10/0x10
[ 2633.409885][ T3955]  __x64_sys_accept+0x74/0xb0
[ 2633.409924][ T3955]  ? lockdep_hardirqs_on+0x7c/0x110
[ 2633.409970][ T3955]  do_syscall_64+0xcd/0x490
[ 2633.410021][ T3955]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2633.410054][ T3955] RIP: 0033:0x7fb1c438e929
[ 2633.410079][ T3955] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2633.410112][ T3955] RSP: 002b:00007fb1c21f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002b
[ 2633.410142][ T3955] RAX: ffffffffffffffda RBX: 00007fb1c45b5fa0 RCX: 00007fb1c438e929
[ 2633.410164][ T3955] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[ 2633.410183][ T3955] RBP: 00007fb1c21f6090 R08: 0000000000000000 R09: 0000000000000000
[ 2633.410203][ T3955] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2633.410221][ T3955] R13: 0000000000000000 R14: 00007fb1c45b5fa0 R15: 00007ffc33164038
[ 2633.410262][ T3955]  </TASK>
[ 2635.390820][ T3981] random: crng reseeded on system resumption
[ 2636.940797][ T4012] netlink: 350 bytes leftover after parsing attributes in process `syz.2.5543'.
[ 2638.292913][ T4032] binder: 4031:4032 ioctl 8914 0 returned -22
[ 2639.024276][ T4048] FAULT_INJECTION: forcing a failure.
[ 2639.024276][ T4048] name failslab, interval 1, probability 0, space 0, times 0
[ 2639.024362][ T4048] CPU: 0 UID: 0 PID: 4048 Comm: syz.1.5553 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[ 2639.024400][ T4048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2639.024419][ T4048] Call Trace:
[ 2639.024430][ T4048]  <TASK>
[ 2639.024443][ T4048]  dump_stack_lvl+0x16c/0x1f0
[ 2639.024495][ T4048]  should_fail_ex+0x512/0x640
[ 2639.024539][ T4048]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[ 2639.024592][ T4048]  should_failslab+0xc2/0x120
[ 2639.024621][ T4048]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[ 2639.024665][ T4048]  ? unwind_get_return_address+0x59/0xa0
[ 2639.024711][ T4048]  ? __d_alloc+0x31/0xaa0
[ 2639.024761][ T4048]  __d_alloc+0x31/0xaa0
[ 2639.024811][ T4048]  d_alloc+0x4a/0x1e0
[ 2639.024859][ T4048]  d_alloc_parallel+0xe3/0x12e0
[ 2639.024899][ T4048]  ? __lock_acquire+0xb8a/0x1c90
[ 2639.024949][ T4048]  ? __pfx_d_alloc_parallel+0x10/0x10
[ 2639.024990][ T4048]  ? lockdep_init_map_type+0x5c/0x280
[ 2639.025034][ T4048]  ? lockdep_init_map_type+0x5c/0x280
[ 2639.025085][ T4048]  __lookup_slow+0x193/0x460
[ 2639.025121][ T4048]  ? __pfx___lookup_slow+0x10/0x10
[ 2639.025180][ T4048]  ? lookup_fast+0x156/0x610
[ 2639.025212][ T4048]  ? _raw_spin_unlock+0x28/0x50
[ 2639.025253][ T4048]  walk_component+0x353/0x5b0
[ 2639.025291][ T4048]  link_path_walk+0x627/0xe20
[ 2639.025338][ T4048]  path_openat+0x1b0/0x2cb0
[ 2639.025375][ T4048]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2639.025415][ T4048]  ? __pfx_path_openat+0x10/0x10
[ 2639.025457][ T4048]  ? __lock_acquire+0xb8a/0x1c90
[ 2639.025497][ T4048]  do_filp_open+0x20b/0x470
[ 2639.025537][ T4048]  ? __pfx_do_filp_open+0x10/0x10
[ 2639.025601][ T4048]  ? alloc_fd+0x471/0x7d0
[ 2639.025647][ T4048]  do_sys_openat2+0x11b/0x1d0
[ 2639.025678][ T4048]  ? __pfx_do_sys_openat2+0x10/0x10
[ 2639.025712][ T4048]  ? __fget_files+0x20e/0x3c0
[ 2639.025760][ T4048]  __x64_sys_openat+0x174/0x210
[ 2639.025795][ T4048]  ? __pfx___x64_sys_openat+0x10/0x10
[ 2639.025829][ T4048]  ? ksys_write+0x1ac/0x250
[ 2639.025885][ T4048]  do_syscall_64+0xcd/0x490
[ 2639.025940][ T4048]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2639.025972][ T4048] RIP: 0033:0x7f317178e929
[ 2639.025998][ T4048] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2639.026028][ T4048] RSP: 002b:00007f317264e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 2639.026056][ T4048] RAX: ffffffffffffffda RBX: 00007f31719b5fa0 RCX: 00007f317178e929
[ 2639.026077][ T4048] RDX: 0000000000000202 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[ 2639.026096][ T4048] RBP: 00007f317264e090 R08: 0000000000000000 R09: 0000000000000000
[ 2639.026115][ T4048] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2639.026140][ T4048] R13: 0000000000000001 R14: 00007f31719b5fa0 R15: 00007ffd03636e98
[ 2639.026200][ T4048]  </TASK>
[ 2640.002111][ T4066] netlink: 'syz.0.5558': attribute type 4 has an invalid length.
[ 2640.418510][ T4077] FAULT_INJECTION: forcing a failure.
[ 2640.418510][ T4077] name failslab, interval 1, probability 0, space 0, times 0
[ 2640.432177][ T4077] CPU: 1 UID: 0 PID: 4077 Comm: syz.2.5560 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[ 2640.432223][ T4077] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2640.432243][ T4077] Call Trace:
[ 2640.432255][ T4077]  <TASK>
[ 2640.432269][ T4077]  dump_stack_lvl+0x16c/0x1f0
[ 2640.432325][ T4077]  should_fail_ex+0x512/0x640
[ 2640.432372][ T4077]  ? fs_reclaim_acquire+0xae/0x150
[ 2640.432417][ T4077]  should_failslab+0xc2/0x120
[ 2640.432449][ T4077]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 2640.432500][ T4077]  ? __kernfs_new_node+0xd2/0x8e0
[ 2640.432550][ T4077]  __kernfs_new_node+0xd2/0x8e0
[ 2640.432601][ T4077]  ? __pfx___kernfs_new_node+0x10/0x10
[ 2640.432659][ T4077]  ? find_held_lock+0x2b/0x80
[ 2640.432692][ T4077]  ? kernfs_root+0xee/0x2a0
[ 2640.432747][ T4077]  kernfs_new_node+0x13c/0x1e0
[ 2640.432806][ T4077]  kernfs_create_link+0xcc/0x240
[ 2640.432847][ T4077]  sysfs_do_create_link_sd+0x90/0x140
[ 2640.432896][ T4077]  sysfs_create_link+0x61/0xc0
[ 2640.432940][ T4077]  __add_disk+0x61e/0xf00
[ 2640.432994][ T4077]  add_disk_fwnode+0x13f/0x5d0
[ 2640.433054][ T4077]  loop_add+0x911/0xb70
[ 2640.433091][ T4077]  ? do_vfs_ioctl+0x523/0x1a60
[ 2640.433130][ T4077]  ? __pfx_loop_add+0x10/0x10
[ 2640.433164][ T4077]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 2640.433232][ T4077]  ? find_held_lock+0x2b/0x80
[ 2640.433272][ T4077]  loop_control_ioctl+0x13e/0x630
[ 2640.433312][ T4077]  ? __pfx_loop_control_ioctl+0x10/0x10
[ 2640.433357][ T4077]  ? __pfx_loop_control_ioctl+0x10/0x10
[ 2640.433397][ T4077]  __x64_sys_ioctl+0x18b/0x210
[ 2640.433439][ T4077]  do_syscall_64+0xcd/0x490
[ 2640.433494][ T4077]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2640.433527][ T4077] RIP: 0033:0x7f0dea18e929
[ 2640.433555][ T4077] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2640.433589][ T4077] RSP: 002b:00007f0de7ff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2640.433622][ T4077] RAX: ffffffffffffffda RBX: 00007f0dea3b5fa0 RCX: 00007f0dea18e929
[ 2640.433643][ T4077] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000005
[ 2640.433663][ T4077] RBP: 00007f0dea210b39 R08: 0000000000000000 R09: 0000000000000000
[ 2640.433684][ T4077] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2640.433703][ T4077] R13: 0000000000000000 R14: 00007f0dea3b5fa0 R15: 00007ffcc6c432a8
[ 2640.433746][ T4077]  </TASK>
[ 2640.672308][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2640.716130][ T4078] sd 0:0:1:0: PR command failed: 1026
[ 2640.721758][ T4078] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[ 2640.728585][ T4078] sd 0:0:1:0: Add. Sense: Invalid command operation code
[ 2642.319496][ T4113] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[ 2642.590001][ T4127] FAULT_INJECTION: forcing a failure.
[ 2642.590001][ T4127] name failslab, interval 1, probability 0, space 0, times 0
[ 2642.683464][ T4127] CPU: 0 UID: 0 PID: 4127 Comm: syz.1.5574 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[ 2642.683510][ T4127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2642.683530][ T4127] Call Trace:
[ 2642.683540][ T4127]  <TASK>
[ 2642.683554][ T4127]  dump_stack_lvl+0x16c/0x1f0
[ 2642.683615][ T4127]  should_fail_ex+0x512/0x640
[ 2642.683660][ T4127]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[ 2642.683713][ T4127]  should_failslab+0xc2/0x120
[ 2642.683744][ T4127]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[ 2642.683794][ T4127]  ? shmem_alloc_inode+0x25/0x50
[ 2642.683832][ T4127]  ? __pfx_shmem_alloc_inode+0x10/0x10
[ 2642.683863][ T4127]  shmem_alloc_inode+0x25/0x50
[ 2642.683894][ T4127]  alloc_inode+0x64/0x240
[ 2642.683927][ T4127]  new_inode+0x22/0x1c0
[ 2642.683963][ T4127]  shmem_get_inode+0x19a/0xfb0
[ 2642.684008][ T4127]  shmem_mknod+0x1a8/0x450
[ 2642.684051][ T4127]  shmem_mkdir+0x31/0x80
[ 2642.684101][ T4127]  vfs_mkdir+0x590/0x8c0
[ 2642.684164][ T4127]  do_mkdirat+0x304/0x3e0
[ 2642.684214][ T4127]  ? __pfx_do_mkdirat+0x10/0x10
[ 2642.684266][ T4127]  ? getname_flags.part.0+0x1c5/0x550
[ 2642.684308][ T4127]  __x64_sys_mkdir+0xef/0x140
[ 2642.684358][ T4127]  do_syscall_64+0xcd/0x490
[ 2642.684411][ T4127]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2642.684445][ T4127] RIP: 0033:0x7f317178e929
[ 2642.684471][ T4127] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2642.684504][ T4127] RSP: 002b:00007f317264e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[ 2642.684536][ T4127] RAX: ffffffffffffffda RBX: 00007f31719b5fa0 RCX: 00007f317178e929
[ 2642.684558][ T4127] RDX: 0000000000000000 RSI: 0000000000004e4d RDI: 0000200000000000
[ 2642.684578][ T4127] RBP: 00007f317264e090 R08: 0000000000000000 R09: 0000000000000000
[ 2642.684598][ T4127] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2642.684624][ T4127] R13: 0000000000000001 R14: 00007f31719b5fa0 R15: 00007ffd03636e98
[ 2642.684668][ T4127]  </TASK>
[ 2642.910173][ T4126] FAULT_INJECTION: forcing a failure.
[ 2642.910173][ T4126] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2642.923326][ T4126] CPU: 0 UID: 0 PID: 4126 Comm: syz.0.5572 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[ 2642.923358][ T4126] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2642.923372][ T4126] Call Trace:
[ 2642.923381][ T4126]  <TASK>
[ 2642.923389][ T4126]  dump_stack_lvl+0x16c/0x1f0
[ 2642.923428][ T4126]  should_fail_ex+0x512/0x640
[ 2642.923465][ T4126]  _copy_from_user+0x2e/0xd0
[ 2642.923501][ T4126]  copy_msghdr_from_user+0x98/0x160
[ 2642.923543][ T4126]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 2642.923665][ T4126]  ? kfree+0x24f/0x4d0
[ 2642.923699][ T4126]  ? __pfx__kstrtoull+0x10/0x10
[ 2642.923732][ T4126]  ___sys_sendmsg+0xfe/0x1d0
[ 2642.923769][ T4126]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2642.923829][ T4126]  ? __pfx___might_resched+0x10/0x10
[ 2642.923862][ T4126]  __sys_sendmmsg+0x200/0x420
[ 2642.923901][ T4126]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 2642.923944][ T4126]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 2642.924030][ T4126]  ? fput+0x70/0xf0
[ 2642.924062][ T4126]  ? ksys_write+0x1ac/0x250
[ 2642.924102][ T4126]  ? __pfx_ksys_write+0x10/0x10
[ 2642.924140][ T4126]  __x64_sys_sendmmsg+0x9c/0x100
[ 2642.924176][ T4126]  ? lockdep_hardirqs_on+0x7c/0x110
[ 2642.924211][ T4126]  do_syscall_64+0xcd/0x490
[ 2642.924249][ T4126]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2642.924273][ T4126] RIP: 0033:0x7fa5d698e929
[ 2642.924292][ T4126] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2642.924314][ T4126] RSP: 002b:00007fa5d778e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 2642.924336][ T4126] RAX: ffffffffffffffda RBX: 00007fa5d6bb6080 RCX: 00007fa5d698e929
[ 2642.924352][ T4126] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003
[ 2642.924367][ T4126] RBP: 00007fa5d778e090 R08: 0000000000000000 R09: 0000000000000000
[ 2642.924381][ T4126] R10: 0000000007fffffe R11: 0000000000000246 R12: 0000000000000001
[ 2642.924396][ T4126] R13: 0000000000000000 R14: 00007fa5d6bb6080 R15: 00007ffe9ab497e8
[ 2642.924425][ T4126]  </TASK>
[ 2643.655029][   T30] audit: type=1807 audit(4294967316.375:7): UNKNOWN=0"û]$|Ë1jë0B|d™¹ýÓ‰OŸ¬+ö×/ÉéxÔóÈõWÓ¦–Ó^¸´gq%ḦrêOŽ res=0
[ 2643.692682][   T30] audit: type=1802 audit(4294967316.375:8): pid=4140 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.1.5579" res=0 errno=0
[ 2644.431996][ T4168] random: crng reseeded on system resumption
[ 2644.471256][ T4138] ima: policy update failed
[ 2644.492912][   T30] audit: type=1802 audit(4294967317.205:9): pid=4138 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.5579" res=0 errno=0

syzkaller
syzkaller login: [ 2645.746944][ T4194] FAULT_INJECTION: forcing a failure.
[ 2645.746944][ T4194] name failslab, interval 1, probability 0, space 0, times 0
[ 2645.759867][ T4194] CPU: 1 UID: 0 PID: 4194 Comm: syz.2.5589 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[ 2645.759898][ T4194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2645.759912][ T4194] Call Trace:
[ 2645.759922][ T4194]  <TASK>
[ 2645.759931][ T4194]  dump_stack_lvl+0x16c/0x1f0
[ 2645.759970][ T4194]  should_fail_ex+0x512/0x640
[ 2645.760003][ T4194]  ? fs_reclaim_acquire+0xae/0x150
[ 2645.760032][ T4194]  ? tomoyo_encode2+0x100/0x3e0
[ 2645.760062][ T4194]  should_failslab+0xc2/0x120
[ 2645.760084][ T4194]  __kmalloc_noprof+0xd2/0x510
[ 2645.760124][ T4194]  tomoyo_encode2+0x100/0x3e0
[ 2645.760178][ T4194]  tomoyo_encode+0x29/0x50
[ 2645.760208][ T4194]  tomoyo_realpath_from_path+0x18f/0x6e0
[ 2645.760249][ T4194]  tomoyo_check_open_permission+0x2ab/0x3c0
[ 2645.760279][ T4194]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[ 2645.760337][ T4194]  ? do_raw_spin_lock+0x12c/0x2b0
[ 2645.760381][ T4194]  tomoyo_file_open+0x6b/0x90
[ 2645.760419][ T4194]  security_file_open+0x84/0x1e0
[ 2645.760450][ T4194]  do_dentry_open+0x596/0x1c10
[ 2645.760500][ T4194]  vfs_open+0x82/0x3f0
[ 2645.760529][ T4194]  path_openat+0x1de4/0x2cb0
[ 2645.760584][ T4194]  ? __pfx_path_openat+0x10/0x10
[ 2645.760619][ T4194]  ? __lock_acquire+0xb8a/0x1c90
[ 2645.760652][ T4194]  do_filp_open+0x20b/0x470
[ 2645.760685][ T4194]  ? __pfx_do_filp_open+0x10/0x10
[ 2645.760738][ T4194]  ? alloc_fd+0x471/0x7d0
[ 2645.760776][ T4194]  do_sys_openat2+0x11b/0x1d0
[ 2645.760806][ T4194]  ? __pfx_do_sys_openat2+0x10/0x10
[ 2645.760834][ T4194]  ? __fget_files+0x20e/0x3c0
[ 2645.760869][ T4194]  __x64_sys_openat+0x174/0x210
[ 2645.760895][ T4194]  ? __pfx___x64_sys_openat+0x10/0x10
[ 2645.760920][ T4194]  ? ksys_write+0x1ac/0x250
[ 2645.760962][ T4194]  do_syscall_64+0xcd/0x490
[ 2645.760999][ T4194]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2645.761022][ T4194] RIP: 0033:0x7f0dea18e929
[ 2645.761039][ T4194] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2645.761062][ T4194] RSP: 002b:00007f0de7ff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 2645.761083][ T4194] RAX: ffffffffffffffda RBX: 00007f0dea3b5fa0 RCX: 00007f0dea18e929
[ 2645.761099][ T4194] RDX: 0000000000040080 RSI: 0000200000000100 RDI: ffffffffffffff9c
[ 2645.761113][ T4194] RBP: 00007f0de7ff6090 R08: 0000000000000000 R09: 0000000000000000
[ 2645.761127][ T4194] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2645.761140][ T4194] R13: 0000000000000001 R14: 00007f0dea3b5fa0 R15: 00007ffcc6c432a8
[ 2645.761169][ T4194]  </TASK>
[ 2645.761281][ T4194] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 2646.295715][ T4198] FAULT_INJECTION: forcing a failure.
[ 2646.295715][ T4198] name failslab, interval 1, probability 0, space 0, times 0
[ 2646.319331][ T4198] CPU: 0 UID: 0 PID: 4198 Comm: syz.2.5591 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[ 2646.319375][ T4198] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2646.319394][ T4198] Call Trace:
[ 2646.319405][ T4198]  <TASK>
[ 2646.319418][ T4198]  dump_stack_lvl+0x16c/0x1f0
[ 2646.319477][ T4198]  should_fail_ex+0x512/0x640
[ 2646.319528][ T4198]  should_failslab+0xc2/0x120
[ 2646.319560][ T4198]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 2646.319608][ T4198]  ? skb_clone+0x190/0x3f0
[ 2646.319662][ T4198]  skb_clone+0x190/0x3f0
[ 2646.319720][ T4198]  netlink_deliver_tap+0xabd/0xd30
[ 2646.319762][ T4198]  netlink_unicast+0x5df/0x7f0
[ 2646.319800][ T4198]  ? __pfx_netlink_unicast+0x10/0x10
[ 2646.319832][ T4198]  ? __build_skb_around+0x278/0x3b0
[ 2646.319873][ T4198]  ? is_vmalloc_addr+0x86/0xa0
[ 2646.319925][ T4198]  netlink_sendmsg+0x8d1/0xdd0
[ 2646.319966][ T4198]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2646.320016][ T4198]  ____sys_sendmsg+0xa98/0xc70
[ 2646.320056][ T4198]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2646.320099][ T4198]  ? __pfx__kstrtoull+0x10/0x10
[ 2646.320145][ T4198]  ___sys_sendmsg+0x134/0x1d0
[ 2646.320197][ T4198]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2646.320278][ T4198]  ? find_held_lock+0x2b/0x80
[ 2646.320330][ T4198]  __sys_sendmmsg+0x200/0x420
[ 2646.320381][ T4198]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 2646.320437][ T4198]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 2646.320519][ T4198]  ? fput+0x70/0xf0
[ 2646.320566][ T4198]  ? ksys_write+0x1ac/0x250
[ 2646.320609][ T4198]  ? __pfx_ksys_write+0x10/0x10
[ 2646.320661][ T4198]  __x64_sys_sendmmsg+0x9c/0x100
[ 2646.320717][ T4198]  ? lockdep_hardirqs_on+0x7c/0x110
[ 2646.320763][ T4198]  do_syscall_64+0xcd/0x490
[ 2646.320814][ T4198]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2646.320846][ T4198] RIP: 0033:0x7f0dea18e929
[ 2646.320871][ T4198] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2646.320903][ T4198] RSP: 002b:00007f0de7ff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 2646.320933][ T4198] RAX: ffffffffffffffda RBX: 00007f0dea3b5fa0 RCX: 00007f0dea18e929
[ 2646.320954][ T4198] RDX: 0000000000000007 RSI: 0000200000000200 RDI: 0000000000000003
[ 2646.320973][ T4198] RBP: 00007f0de7ff6090 R08: 0000000000000000 R09: 0000000000000000
[ 2646.320992][ T4198] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000001
[ 2646.321010][ T4198] R13: 0000000000000000 R14: 00007f0dea3b5fa0 R15: 00007ffcc6c432a8
[ 2646.321062][ T4198]  </TASK>
[ 2646.595498][ T4199] random: crng reseeded on system resumption
	

	
		
	

	
		


	
	
	


	
		

	


	
	

		
	
		
	

	



			








	





	






















	
	

	










	
	







	

	







		





	
	

	



	
	
	
	
	






	





	







		









	

	
	

	
		

	
		

	


	
	

		
	
		
	

	



			








	




	















	

	

	

		


	







	





	








		









	

	
	
				
	
		

	
		

	


	
	

		
	
		
	

	

	



			








	





	





	









	









	
	

	










	
	







	








	
	




			
			
			
	

	
	
		
	
	






	





	







		









	

	

	
		

	


	

	

		
	
		
	

	

	



			








	

	










	



	

		
	
	








	


	



	



	



	
	
	







	


	
	
	













	
	

	










	
	







	

	







		














	





	







		









	

	

	
		

	


	
	

		
	
		
	

	

	



			








	





	








	








	
	

	










	
	







	

	







		






	


	
	
		

	
	








	





	

	


	






	




	





		







	
		

	


	
	

		
	
		
	

	

	



			








	





	












	
	



		
		
		

		


		

















	









	




	





		







	
		

	


		

		
	
		
	

	

	



			








	



			

	

	

	

	

		

	




	

	


	

	








	




	






		









	
		

	


	
	

		
	
		
	

	

	



			








	

	
	



	













		

		

	
	
		









	

	
	






	










	





	







		














	
		

	


	
	

		
	
		
	

	

	



			








	




	










	
	






	


	

		
			
			
		

	
	
	
	
	
	




	

		











	

	
	
















	







	







		










	
	

	

	
	
	
	
	
	
		
	
	

		








	
		

	


	
	

		
	
		
	

	

	



			








	

	
	



	









		

		
	
	
		









	

	
	






	




	







	







	







		















		
	
	
	

	
				
	
		
	
	
		

	
				
	
	



				
		
			
		

	
		

	


	
	

		
	
		
	

	

	



			








	

	
	


	




		

		

			



	
	
	



	
	
	

	





	






	





	







		








		



	
	
	


	
		

	
	
				

	
		

	


	
	

		
	
		
	

	

	



			








	





	






	












	

	
	






	




	







	







	







		











syzkaller
syzkaller login: [ 2670.277793][ T4638] FAULT_INJECTION: forcing a failure.
[ 2670.277793][ T4638] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2670.300467][ T4638] CPU: 0 UID: 0 PID: 4638 Comm: syz.1.5702 Tainted: G     U              6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[ 2670.300518][ T4638] Tainted: [U]=USER
[ 2670.300529][ T4638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2670.300547][ T4638] Call Trace:
[ 2670.300558][ T4638]  <TASK>
[ 2670.300571][ T4638]  dump_stack_lvl+0x16c/0x1f0
[ 2670.300621][ T4638]  should_fail_ex+0x512/0x640
[ 2670.300671][ T4638]  _copy_from_user+0x2e/0xd0
[ 2670.300721][ T4638]  copy_msghdr_from_user+0x98/0x160
[ 2670.300770][ T4638]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 2670.300826][ T4638]  ? kfree+0x24f/0x4d0
[ 2670.300863][ T4638]  ? __pfx__kstrtoull+0x10/0x10
[ 2670.300915][ T4638]  ___sys_sendmsg+0xfe/0x1d0
[ 2670.300964][ T4638]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2670.301051][ T4638]  ? __pfx___might_resched+0x10/0x10
[ 2670.301093][ T4638]  __sys_sendmmsg+0x200/0x420
[ 2670.301147][ T4638]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 2670.301209][ T4638]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 2670.301276][ T4638]  ? fput+0x70/0xf0
[ 2670.301306][ T4638]  ? ksys_write+0x1ac/0x250
[ 2670.301351][ T4638]  ? __pfx_ksys_write+0x10/0x10
[ 2670.301404][ T4638]  __x64_sys_sendmmsg+0x9c/0x100
[ 2670.301452][ T4638]  ? lockdep_hardirqs_on+0x7c/0x110
[ 2670.301497][ T4638]  do_syscall_64+0xcd/0x490
[ 2670.301549][ T4638]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2670.301581][ T4638] RIP: 0033:0x7f317178e929
[ 2670.301606][ T4638] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2670.301639][ T4638] RSP: 002b:00007f317264e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 2670.301669][ T4638] RAX: ffffffffffffffda RBX: 00007f31719b5fa0 RCX: 00007f317178e929
[ 2670.301690][ T4638] RDX: 0000000000000007 RSI: 0000200000000200 RDI: 0000000000000003
[ 2670.301710][ T4638] RBP: 00007f317264e090 R08: 0000000000000000 R09: 0000000000000000
[ 2670.301729][ T4638] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000001
[ 2670.301748][ T4638] R13: 0000000000000000 R14: 00007f31719b5fa0 R15: 00007ffd03636e98
[ 2670.301788][ T4638]  </TASK>
[ 2671.144686][ T4647] netlink: 19 bytes leftover after parsing attributes in process `syz.2.5704'.
[ 2672.690530][ T4683] netlink: set zone limit has 8 unknown bytes
[ 2673.020308][ T4670] kexec: Could not allocate control_code_buffer
[ 2673.331002][ T4693] FAULT_INJECTION: forcing a failure.
[ 2673.331002][ T4693] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2673.395275][ T4693] CPU: 1 UID: 0 PID: 4693 Comm: syz.0.5718 Tainted: G     U              6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[ 2673.395324][ T4693] Tainted: [U]=USER
[ 2673.395335][ T4693] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2673.395351][ T4693] Call Trace:
[ 2673.395362][ T4693]  <TASK>
[ 2673.395373][ T4693]  dump_stack_lvl+0x16c/0x1f0
[ 2673.395424][ T4693]  should_fail_ex+0x512/0x640
[ 2673.395473][ T4693]  should_fail_alloc_page+0xe7/0x130
[ 2673.395503][ T4693]  prepare_alloc_pages+0x3c2/0x610
[ 2673.395545][ T4693]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[ 2673.395599][ T4693]  ? __lock_acquire+0x622/0x1c90
[ 2673.395657][ T4693]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 2673.395724][ T4693]  ? find_held_lock+0x2b/0x80
[ 2673.395751][ T4693]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 2673.395795][ T4693]  ? policy_nodemask+0xea/0x4e0
[ 2673.395825][ T4693]  alloc_pages_mpol+0x1fb/0x550
[ 2673.395852][ T4693]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 2673.395876][ T4693]  ? pipapo_lt_bits_adjust+0x78a/0xb20
[ 2673.395924][ T4693]  folio_alloc_mpol_noprof+0x36/0x2f0
[ 2673.395959][ T4693]  shmem_alloc_folio+0x135/0x160
[ 2673.396013][ T4693]  shmem_alloc_and_add_folio+0x499/0xc20
[ 2673.396064][ T4693]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[ 2673.396109][ T4693]  ? shmem_allowable_huge_orders+0xcb/0x2f0
[ 2673.396159][ T4693]  shmem_get_folio_gfp+0x67f/0x1600
[ 2673.396242][ T4693]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[ 2673.396297][ T4693]  ? filemap_map_pages+0xf6f/0x1680
[ 2673.396350][ T4693]  shmem_fault+0x1fe/0xa30
[ 2673.396395][ T4693]  ? __lock_acquire+0x622/0x1c90
[ 2673.396438][ T4693]  ? __pfx_shmem_fault+0x10/0x10
[ 2673.396487][ T4693]  ? rcu_is_watching+0x12/0xc0
[ 2673.396520][ T4693]  ? __pfx_filemap_map_pages+0x10/0x10
[ 2673.396581][ T4693]  __do_fault+0x10a/0x490
[ 2673.396634][ T4693]  __handle_mm_fault+0x3c2a/0x5490
[ 2673.396695][ T4693]  ? __pfx___handle_mm_fault+0x10/0x10
[ 2673.396735][ T4693]  ? __pfx_mt_find+0x10/0x10
[ 2673.396790][ T4693]  ? find_vma+0xbf/0x140
[ 2673.396821][ T4693]  ? __pfx_find_vma+0x10/0x10
[ 2673.396858][ T4693]  handle_mm_fault+0x589/0xd10
[ 2673.396902][ T4693]  ? __pkru_allows_pkey+0x41/0xb0
[ 2673.396946][ T4693]  do_user_addr_fault+0x7a6/0x1370
[ 2673.396994][ T4693]  ? rcu_is_watching+0x12/0xc0
[ 2673.397032][ T4693]  exc_page_fault+0x5c/0xb0
[ 2673.397078][ T4693]  asm_exc_page_fault+0x26/0x30
[ 2673.397109][ T4693] RIP: 0010:rep_movs_alternative+0x30/0x90
[ 2673.397148][ T4693] Code: 83 f9 08 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 bd 10 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08
[ 2673.397179][ T4693] RSP: 0018:ffffc90004847be8 EFLAGS: 00050246
[ 2673.397206][ T4693] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000008
[ 2673.397224][ T4693] RDX: ffffed1005e13801 RSI: 0000000000000000 RDI: ffff88802f09c000
[ 2673.397245][ T4693] RBP: 0000000000000008 R08: 0000000000000001 R09: ffffed1005e13800
[ 2673.397264][ T4693] R10: ffff88802f09c007 R11: 0000000000000001 R12: 0000000000000000
[ 2673.397284][ T4693] R13: ffff88802f09c000 R14: 0000000000000000 R15: 0000000000000000
[ 2673.397328][ T4693]  _copy_from_user+0x98/0xd0
[ 2673.397391][ T4693]  mem_rw+0x1e2/0x680
[ 2673.397430][ T4693]  ? __pfx_mem_write+0x10/0x10
[ 2673.397458][ T4693]  vfs_writev+0x5dc/0xde0
[ 2673.397497][ T4693]  ? __pfx___mutex_trylock_common+0x10/0x10
[ 2673.397554][ T4693]  ? __pfx_vfs_writev+0x10/0x10
[ 2673.397594][ T4693]  ? __mutex_lock+0x1ca/0xb90
[ 2673.397662][ T4693]  ? __pfx___mutex_lock+0x10/0x10
[ 2673.397724][ T4693]  ? __fget_files+0x20e/0x3c0
[ 2673.397762][ T4693]  ? __fget_files+0x200/0x3c0
[ 2673.397831][ T4693]  ? do_writev+0x132/0x340
[ 2673.397868][ T4693]  do_writev+0x132/0x340
[ 2673.397910][ T4693]  ? __pfx_do_writev+0x10/0x10
[ 2673.397964][ T4693]  do_syscall_64+0xcd/0x490
[ 2673.398014][ T4693]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2673.398045][ T4693] RIP: 0033:0x7fa5d698e929
[ 2673.398069][ T4693] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2673.398099][ T4693] RSP: 002b:00007fa5d77af038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 2673.398137][ T4693] RAX: ffffffffffffffda RBX: 00007fa5d6bb5fa0 RCX: 00007fa5d698e929
[ 2673.398156][ T4693] RDX: 0010000000000007 RSI: 0000200000000040 RDI: 0000000000000003
[ 2673.398174][ T4693] RBP: 00007fa5d77af090 R08: 0000000000000000 R09: 0000000000000000
[ 2673.398191][ T4693] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2673.398208][ T4693] R13: 0000000000000000 R14: 00007fa5d6bb5fa0 R15: 00007ffe9ab497e8
[ 2673.398247][ T4693]  </TASK>
[ 2674.051596][ T3854] Bluetooth: hci1: unexpected event 0x20 length: 123 > 7
[ 2674.395539][ T4709] FAULT_INJECTION: forcing a failure.
[ 2674.395539][ T4709] name failslab, interval 1, probability 0, space 0, times 0
[ 2674.434563][ T4709] CPU: 0 UID: 0 PID: 4709 Comm: syz.0.5721 Tainted: G     U              6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[ 2674.434613][ T4709] Tainted: [U]=USER
[ 2674.434623][ T4709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2674.434642][ T4709] Call Trace:
[ 2674.434652][ T4709]  <TASK>
[ 2674.434663][ T4709]  dump_stack_lvl+0x16c/0x1f0
[ 2674.434708][ T4709]  should_fail_ex+0x512/0x640
[ 2674.434740][ T4709]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 2674.434777][ T4709]  should_failslab+0xc2/0x120
[ 2674.434798][ T4709]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 2674.434832][ T4709]  ? d_instantiate+0x77/0x90
[ 2674.434850][ T4709]  ? alloc_empty_file+0x55/0x1e0
[ 2674.434878][ T4709]  alloc_empty_file+0x55/0x1e0
[ 2674.434902][ T4709]  alloc_file_pseudo+0x13a/0x230
[ 2674.434928][ T4709]  ? __pfx_alloc_file_pseudo+0x10/0x10
[ 2674.434953][ T4709]  ? do_raw_spin_unlock+0x172/0x230
[ 2674.434993][ T4709]  __anon_inode_getfile+0xf7/0x3a0
[ 2674.435029][ T4709]  anon_inode_getfd+0x52/0xb0
[ 2674.435062][ T4709]  __x64_sys_fsopen+0x18b/0x240
[ 2674.435084][ T4709]  do_syscall_64+0xcd/0x490
[ 2674.435121][ T4709]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2674.435143][ T4709] RIP: 0033:0x7fa5d698e929
[ 2674.435162][ T4709] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2674.435183][ T4709] RSP: 002b:00007fa5d77af038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae
[ 2674.435205][ T4709] RAX: ffffffffffffffda RBX: 00007fa5d6bb5fa0 RCX: 00007fa5d698e929
[ 2674.435220][ T4709] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[ 2674.435233][ T4709] RBP: 00007fa5d77af090 R08: 0000000000000000 R09: 0000000000000000
[ 2674.435247][ T4709] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2674.435261][ T4709] R13: 0000000000000000 R14: 00007fa5d6bb5fa0 R15: 00007ffe9ab497e8
[ 2674.435288][ T4709]  </TASK>
[ 2675.893842][ T4737] FAULT_INJECTION: forcing a failure.
[ 2675.893842][ T4737] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2675.965137][ T4723] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 2676.006493][ T4723] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 2676.057555][ T4737] CPU: 0 UID: 0 PID: 4737 Comm: syz.1.5731 Tainted: G     U              6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[ 2676.057613][ T4737] Tainted: [U]=USER
[ 2676.057624][ T4737] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2676.057644][ T4737] Call Trace:
[ 2676.057655][ T4737]  <TASK>
[ 2676.057672][ T4737]  dump_stack_lvl+0x16c/0x1f0
[ 2676.057722][ T4737]  should_fail_ex+0x512/0x640
[ 2676.057776][ T4737]  should_fail_alloc_page+0xe7/0x130
[ 2676.057814][ T4737]  prepare_alloc_pages+0x3c2/0x610
[ 2676.057854][ T4737]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[ 2676.057902][ T4737]  ? __lock_acquire+0x622/0x1c90
[ 2676.057954][ T4737]  ? __lock_acquire+0x622/0x1c90
[ 2676.057996][ T4737]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 2676.058097][ T4737]  ? find_held_lock+0x2b/0x80
[ 2676.058130][ T4737]  ? is_bpf_text_address+0x8a/0x1a0
[ 2676.058170][ T4737]  ? bpf_ksym_find+0x124/0x1c0
[ 2676.058201][ T4737]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 2676.058245][ T4737]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 2676.058294][ T4737]  ? policy_nodemask+0xea/0x4e0
[ 2676.058329][ T4737]  alloc_pages_mpol+0x1fb/0x550
[ 2676.058366][ T4737]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 2676.058410][ T4737]  folio_alloc_mpol_noprof+0x36/0x2f0
[ 2676.058455][ T4737]  shmem_alloc_folio+0x135/0x160
[ 2676.058498][ T4737]  shmem_alloc_and_add_folio+0x499/0xc20
[ 2676.058560][ T4737]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[ 2676.058610][ T4737]  ? shmem_allowable_huge_orders+0xcb/0x2f0
[ 2676.058671][ T4737]  shmem_get_folio_gfp+0x67f/0x1600
[ 2676.058733][ T4737]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[ 2676.058795][ T4737]  shmem_fault+0x1fe/0xa30
[ 2676.058848][ T4737]  ? __pfx_shmem_fault+0x10/0x10
[ 2676.058893][ T4737]  ? mod_memcg_lruvec_state+0x394/0x610
[ 2676.058942][ T4737]  ? find_held_lock+0x2b/0x80
[ 2676.058981][ T4737]  ? pte_alloc_one+0x2b6/0x3a0
[ 2676.059042][ T4737]  __do_fault+0x10a/0x490
[ 2676.059092][ T4737]  ? __pfx_filemap_map_pages+0x10/0x10
[ 2676.059148][ T4737]  __handle_mm_fault+0x374c/0x5490
[ 2676.059210][ T4737]  ? __pfx___handle_mm_fault+0x10/0x10
[ 2676.059275][ T4737]  ? __pfx_mt_find+0x10/0x10
[ 2676.059335][ T4737]  ? find_vma+0xbf/0x140
[ 2676.059368][ T4737]  ? __pfx_find_vma+0x10/0x10
[ 2676.059410][ T4737]  handle_mm_fault+0x589/0xd10
[ 2676.059456][ T4737]  ? __pkru_allows_pkey+0x41/0xb0
[ 2676.059508][ T4737]  do_user_addr_fault+0x7a6/0x1370
[ 2676.059567][ T4737]  ? rcu_is_watching+0x12/0xc0
[ 2676.059605][ T4737]  exc_page_fault+0x5c/0xb0
[ 2676.059658][ T4737]  asm_exc_page_fault+0x26/0x30
[ 2676.059691][ T4737] RIP: 0010:__put_user_4+0xd/0x20
[ 2676.059739][ T4737] Code: 66 89 01 31 c9 0f 01 ca e9 d0 5a 03 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca c3 cc cc cc cc 0f 1f 80 00 00 00 00 90 90 90
[ 2676.059776][ T4737] RSP: 0018:ffffc90004647c78 EFLAGS: 00050202
[ 2676.059803][ T4737] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000004
[ 2676.059823][ T4737] RDX: ffff888026d29e00 RSI: ffffffff82497a87 RDI: ffffffff8c1565a0
[ 2676.059850][ T4737] RBP: ffff88807da40050 R08: 3b8f596bbd88045d R09: 0000000000000000
[ 2676.059871][ T4737] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000000
[ 2676.059890][ T4737] R13: 0000000000000004 R14: 0000000000080000 R15: ffff88807da40050
[ 2676.059929][ T4737]  ? inotify_ioctl+0x1d7/0x290
[ 2676.059986][ T4737]  inotify_ioctl+0x1e3/0x290
[ 2676.060043][ T4737]  ? __pfx_inotify_ioctl+0x10/0x10
[ 2676.060102][ T4737]  do_vfs_ioctl+0x153f/0x1a60
[ 2676.060141][ T4737]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 2676.060217][ T4737]  ? find_held_lock+0x2b/0x80
[ 2676.060249][ T4737]  ? hook_file_ioctl_common+0x145/0x410
[ 2676.060299][ T4737]  ? __fget_files+0x20e/0x3c0
[ 2676.060357][ T4737]  __x64_sys_ioctl+0x114/0x210
[ 2676.060404][ T4737]  do_syscall_64+0xcd/0x490
[ 2676.060462][ T4737]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2676.060495][ T4737] RIP: 0033:0x7f317178e929
[ 2676.060521][ T4737] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2676.060553][ T4737] RSP: 002b:00007f317264e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2676.060588][ T4737] RAX: ffffffffffffffda RBX: 00007f31719b5fa0 RCX: 00007f317178e929
[ 2676.060609][ T4737] RDX: 0000000000000004 RSI: 000000000000541b RDI: 0000000000000003
[ 2676.060629][ T4737] RBP: 00007f317264e090 R08: 0000000000000000 R09: 0000000000000000
[ 2676.060648][ T4737] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2676.060674][ T4737] R13: 0000000000000000 R14: 00007f31719b5fa0 R15: 00007ffd03636e98
[ 2676.060716][ T4737]  </TASK>
[ 2676.060946][ T4723] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 2676.588847][ T4747] FAULT_INJECTION: forcing a failure.
[ 2676.588847][ T4747] name failslab, interval 1, probability 0, space 0, times 0
[ 2676.651903][ T4747] CPU: 1 UID: 0 PID: 4747 Comm: syz.0.5733 Tainted: G     U              6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[ 2676.651954][ T4747] Tainted: [U]=USER
[ 2676.651966][ T4747] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2676.651985][ T4747] Call Trace:
[ 2676.651995][ T4747]  <TASK>
[ 2676.652007][ T4747]  dump_stack_lvl+0x16c/0x1f0
[ 2676.652059][ T4747]  should_fail_ex+0x512/0x640
[ 2676.652105][ T4747]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 2676.652155][ T4747]  should_failslab+0xc2/0x120
[ 2676.652186][ T4747]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 2676.652232][ T4747]  ? do_user_addr_fault+0x829/0x1370
[ 2676.652275][ T4747]  ? do_epoll_ctl+0x1170/0x35b0
[ 2676.652322][ T4747]  do_epoll_ctl+0x1170/0x35b0
[ 2676.652381][ T4747]  ? __pfx_do_epoll_ctl+0x10/0x10
[ 2676.652432][ T4747]  ? rep_movs_alternative+0x30/0x90
[ 2676.652482][ T4747]  ? __x64_sys_epoll_ctl+0x15c/0x1e0
[ 2676.652521][ T4747]  __x64_sys_epoll_ctl+0x15c/0x1e0
[ 2676.652563][ T4747]  ? __pfx___x64_sys_epoll_ctl+0x10/0x10
[ 2676.652617][ T4747]  do_syscall_64+0xcd/0x490
[ 2676.652666][ T4747]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2676.652699][ T4747] RIP: 0033:0x7fa5d698e929
[ 2676.652724][ T4747] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2676.652755][ T4747] RSP: 002b:00007fa5d77af038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[ 2676.652786][ T4747] RAX: ffffffffffffffda RBX: 00007fa5d6bb5fa0 RCX: 00007fa5d698e929
[ 2676.652807][ T4747] RDX: 8000000000000000 RSI: 0000000000000001 RDI: 0000000000000001
[ 2676.652827][ T4747] RBP: 00007fa5d77af090 R08: 0000000000000000 R09: 0000000000000000
[ 2676.652845][ T4747] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2676.652864][ T4747] R13: 0000000000000000 R14: 00007fa5d6bb5fa0 R15: 00007ffe9ab497e8
[ 2676.652904][ T4747]  </TASK>
[ 2676.991399][ T4723] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 2677.098100][ T4723] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 2677.400262][ T4762] Unable to find swap-space signature
[ 2677.406930][ T3854] Bluetooth: hci4: command 0x0406 tx timeout
[ 2677.482956][ T4763] FAULT_INJECTION: forcing a failure.
[ 2677.482956][ T4763] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2677.505426][ T4765] netlink: 'syz.3.5742': attribute type 13 has an invalid length.
[ 2677.624528][ T4763] CPU: 1 UID: 0 PID: 4763 Comm: syz.2.5739 Tainted: G     U              6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[ 2677.624577][ T4763] Tainted: [U]=USER
[ 2677.624588][ T4763] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2677.624606][ T4763] Call Trace:
[ 2677.624617][ T4763]  <TASK>
[ 2677.624629][ T4763]  dump_stack_lvl+0x16c/0x1f0
[ 2677.624681][ T4763]  should_fail_ex+0x512/0x640
[ 2677.624733][ T4763]  should_fail_alloc_page+0xe7/0x130
[ 2677.624766][ T4763]  prepare_alloc_pages+0x3c2/0x610
[ 2677.624810][ T4763]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[ 2677.624860][ T4763]  ? kasan_save_stack+0x42/0x60
[ 2677.624904][ T4763]  ? kasan_save_stack+0x33/0x60
[ 2677.624947][ T4763]  ? kasan_save_track+0x14/0x30
[ 2677.624990][ T4763]  ? __kasan_slab_alloc+0x89/0x90
[ 2677.625035][ T4763]  ? kmem_cache_alloc_noprof+0x1cb/0x3b0
[ 2677.625080][ T4763]  ? __pmd_alloc+0xbf/0x930
[ 2677.625136][ T4763]  ? __handle_mm_fault+0xaac/0x5490
[ 2677.625194][ T4763]  ? handle_mm_fault+0x589/0xd10
[ 2677.625234][ T4763]  ? do_user_addr_fault+0x7a6/0x1370
[ 2677.625277][ T4763]  ? exc_page_fault+0x5c/0xb0
[ 2677.625319][ T4763]  ? asm_exc_page_fault+0x26/0x30
[ 2677.625350][ T4763]  ? rep_movs_alternative+0x4a/0x90
[ 2677.625387][ T4763]  ? _copy_from_iter+0x383/0x16f0
[ 2677.625433][ T4763]  ? netlink_sendmsg+0x829/0xdd0
[ 2677.625465][ T4763]  ? ____sys_sendmsg+0xa98/0xc70
[ 2677.625500][ T4763]  ? ___sys_sendmsg+0x134/0x1d0
[ 2677.625544][ T4763]  ? __sys_sendmmsg+0x200/0x420
[ 2677.625589][ T4763]  ? __x64_sys_sendmmsg+0x9c/0x100
[ 2677.625635][ T4763]  ? do_syscall_64+0xcd/0x490
[ 2677.625684][ T4763]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 2677.625753][ T4763]  ? __lock_acquire+0xb8a/0x1c90
[ 2677.625796][ T4763]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 2677.625848][ T4763]  ? policy_nodemask+0xea/0x4e0
[ 2677.625884][ T4763]  alloc_pages_mpol+0x1fb/0x550
[ 2677.625918][ T4763]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 2677.625952][ T4763]  ? __thp_vma_allowable_orders+0x1c5/0xb10
[ 2677.626001][ T4763]  alloc_pages_noprof+0x131/0x390
[ 2677.626033][ T4763]  pte_alloc_one+0x1c/0x3a0
[ 2677.626090][ T4763]  __handle_mm_fault+0x3a68/0x5490
[ 2677.626153][ T4763]  ? __pfx___handle_mm_fault+0x10/0x10
[ 2677.626199][ T4763]  ? __pfx_mt_find+0x10/0x10
[ 2677.626262][ T4763]  ? find_vma+0xbf/0x140
[ 2677.626301][ T4763]  ? __pfx_find_vma+0x10/0x10
[ 2677.626338][ T4763]  handle_mm_fault+0x589/0xd10
[ 2677.626384][ T4763]  ? __pkru_allows_pkey+0x41/0xb0
[ 2677.626434][ T4763]  do_user_addr_fault+0x7a6/0x1370
[ 2677.626484][ T4763]  ? rcu_is_watching+0x12/0xc0
[ 2677.626531][ T4763]  exc_page_fault+0x5c/0xb0
[ 2677.626583][ T4763]  asm_exc_page_fault+0x26/0x30
[ 2677.626619][ T4763] RIP: 0010:rep_movs_alternative+0x4a/0x90
[ 2677.626658][ T4763] Code: 10 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 e9 8f 10 04 00 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[ 2677.626689][ T4763] RSP: 0018:ffffc9000ab877d0 EFLAGS: 00050206
[ 2677.626715][ T4763] RAX: 0000000000000001 RBX: 00000000000000c4 RCX: 00000000000000c4
[ 2677.626735][ T4763] RDX: ffffed1004b1a4f9 RSI: 0000000000000000 RDI: ffff8880258d2700
[ 2677.626757][ T4763] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffed1004b1a4f8
[ 2677.626777][ T4763] R10: ffff8880258d27c3 R11: 0000000000000000 R12: ffffc9000ab87d60
[ 2677.626805][ T4763] R13: 00000000000000c4 R14: ffff8880258d2700 R15: 00007ffffffff000
[ 2677.626847][ T4763]  _copy_from_iter+0x383/0x16f0
[ 2677.626903][ T4763]  ? __alloc_skb+0x200/0x380
[ 2677.626949][ T4763]  ? __pfx__copy_from_iter+0x10/0x10
[ 2677.627004][ T4763]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[ 2677.627052][ T4763]  netlink_sendmsg+0x829/0xdd0
[ 2677.627095][ T4763]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2677.627154][ T4763]  ____sys_sendmsg+0xa98/0xc70
[ 2677.627194][ T4763]  ? copy_msghdr_from_user+0x10a/0x160
[ 2677.627242][ T4763]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2677.627286][ T4763]  ? __pfx__kstrtoull+0x10/0x10
[ 2677.627344][ T4763]  ___sys_sendmsg+0x134/0x1d0
[ 2677.627395][ T4763]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2677.627471][ T4763]  ? find_held_lock+0x2b/0x80
[ 2677.627528][ T4763]  __sys_sendmmsg+0x200/0x420
[ 2677.627582][ T4763]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 2677.627645][ T4763]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 2677.627713][ T4763]  ? fput+0x70/0xf0
[ 2677.627741][ T4763]  ? ksys_write+0x1ac/0x250
[ 2677.627790][ T4763]  ? __pfx_ksys_write+0x10/0x10
[ 2677.627841][ T4763]  __x64_sys_sendmmsg+0x9c/0x100
[ 2677.627890][ T4763]  ? lockdep_hardirqs_on+0x7c/0x110
[ 2677.627933][ T4763]  do_syscall_64+0xcd/0x490
[ 2677.627982][ T4763]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2677.628012][ T4763] RIP: 0033:0x7f0dea18e929
[ 2677.628038][ T4763] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2677.628068][ T4763] RSP: 002b:00007f0de7ff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 2677.628097][ T4763] RAX: ffffffffffffffda RBX: 00007f0dea3b5fa0 RCX: 00007f0dea18e929
[ 2677.628124][ T4763] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003
[ 2677.628144][ T4763] RBP: 00007f0de7ff6090 R08: 0000000000000000 R09: 0000000000000000
[ 2677.628162][ T4763] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2677.628181][ T4763] R13: 0000000000000000 R14: 00007f0dea3b5fa0 R15: 00007ffcc6c432a8
[ 2677.628221][ T4763]  </TASK>
[ 2678.263366][ T3854] Bluetooth: hci0: command 0x0406 tx timeout
[ 2678.307562][ T4774] FAULT_INJECTION: forcing a failure.
[ 2678.307562][ T4774] name failslab, interval 1, probability 0, space 0, times 0
[ 2678.321555][ T4774] CPU: 1 UID: 0 PID: 4774 Comm: syz.3.5745 Tainted: G     U              6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[ 2678.321607][ T4774] Tainted: [U]=USER
[ 2678.321618][ T4774] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2678.321638][ T4774] Call Trace:
[ 2678.321650][ T4774]  <TASK>
[ 2678.321662][ T4774]  dump_stack_lvl+0x16c/0x1f0
[ 2678.321718][ T4774]  should_fail_ex+0x512/0x640
[ 2678.321765][ T4774]  ? fs_reclaim_acquire+0xae/0x150
[ 2678.321809][ T4774]  should_failslab+0xc2/0x120
[ 2678.321843][ T4774]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 2678.321896][ T4774]  ? security_inode_alloc+0x3b/0x2b0
[ 2678.321940][ T4774]  security_inode_alloc+0x3b/0x2b0
[ 2678.321978][ T4774]  inode_init_always_gfp+0xce4/0x1030
[ 2678.322032][ T4774]  alloc_inode+0x86/0x240
[ 2678.322066][ T4774]  path_from_stashed+0x2be/0xb00
[ 2678.322116][ T4774]  ? do_raw_spin_lock+0x12c/0x2b0
[ 2678.322171][ T4774]  ? __pfx_path_from_stashed+0x10/0x10
[ 2678.322222][ T4774]  ? do_raw_spin_unlock+0x172/0x230
[ 2678.322282][ T4774]  ns_get_path+0x5f/0x80
[ 2678.322346][ T4774]  proc_ns_get_link+0x121/0x260
[ 2678.322390][ T4774]  ? __pfx_proc_ns_get_link+0x10/0x10
[ 2678.322434][ T4774]  ? atime_needs_update+0x8b/0x710
[ 2678.322470][ T4774]  ? __pfx_proc_ns_get_link+0x10/0x10
[ 2678.322512][ T4774]  step_into+0x1a2c/0x2270
[ 2678.322559][ T4774]  ? __pfx_step_into+0x10/0x10
[ 2678.322596][ T4774]  ? find_held_lock+0x2b/0x80
[ 2678.322657][ T4774]  path_openat+0x6db/0x2cb0
[ 2678.322715][ T4774]  ? __pfx_path_openat+0x10/0x10
[ 2678.322765][ T4774]  ? __lock_acquire+0xb8a/0x1c90
[ 2678.322810][ T4774]  do_filp_open+0x20b/0x470
[ 2678.322858][ T4774]  ? __pfx_do_filp_open+0x10/0x10
[ 2678.322936][ T4774]  ? alloc_fd+0x471/0x7d0
[ 2678.322992][ T4774]  do_sys_openat2+0x11b/0x1d0
[ 2678.323029][ T4774]  ? __pfx_do_sys_openat2+0x10/0x10
[ 2678.323087][ T4774]  __x64_sys_openat+0x174/0x210
[ 2678.323126][ T4774]  ? __pfx___x64_sys_openat+0x10/0x10
[ 2678.323181][ T4774]  do_syscall_64+0xcd/0x490
[ 2678.323236][ T4774]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2678.323269][ T4774] RIP: 0033:0x7fb1c438d290
[ 2678.323295][ T4774] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[ 2678.323335][ T4774] RSP: 002b:00007fb1c21f5f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 2678.323366][ T4774] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fb1c438d290
[ 2678.323388][ T4774] RDX: 0000000000000002 RSI: 00007fb1c21f5fa0 RDI: 00000000ffffff9c
[ 2678.323408][ T4774] RBP: 00007fb1c21f5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 2678.323429][ T4774] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 2678.323449][ T4774] R13: 0000000000000000 R14: 00007fb1c45b5fa0 R15: 00007ffc33164038
[ 2678.323491][ T4774]  </TASK>
[ 2678.695065][ T4774] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 2679.006185][ T3854] Bluetooth: hci3: command 0x0406 tx timeout
[ 2679.166017][ T3854] Bluetooth: hci1: command 0x0406 tx timeout
[ 2679.280178][ T3854] Bluetooth: hci1: Unable to find connection for big 0xd2
[ 2679.380790][ T4787] FAULT_INJECTION: forcing a failure.
[ 2679.380790][ T4787] name failslab, interval 1, probability 0, space 0, times 0
[ 2679.443159][ T4787] CPU: 1 UID: 0 PID: 4787 Comm: syz.2.5747 Tainted: G     U              6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[ 2679.443211][ T4787] Tainted: [U]=USER
[ 2679.443221][ T4787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2679.443240][ T4787] Call Trace:
[ 2679.443251][ T4787]  <TASK>
[ 2679.443264][ T4787]  dump_stack_lvl+0x16c/0x1f0
[ 2679.443318][ T4787]  should_fail_ex+0x512/0x640
[ 2679.443363][ T4787]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 2679.443415][ T4787]  should_failslab+0xc2/0x120
[ 2679.443445][ T4787]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 2679.443494][ T4787]  ? __proc_create+0xc3/0x8c0
[ 2679.443543][ T4787]  ? __proc_create+0x2ce/0x8c0
[ 2679.443599][ T4787]  __proc_create+0x2ce/0x8c0
[ 2679.443651][ T4787]  ? __pfx___proc_create+0x10/0x10
[ 2679.443698][ T4787]  ? _raw_write_unlock+0x28/0x50
[ 2679.443743][ T4787]  ? proc_register+0x314/0x5f0
[ 2679.443808][ T4787]  _proc_mkdir+0xb9/0x200
[ 2679.443837][ T4787]  ? __pfx__proc_mkdir+0x10/0x10
[ 2679.443864][ T4787]  ? kmem_cache_alloc_noprof+0x21e/0x3b0
[ 2679.443922][ T4787]  ? __pfx_netfilter_net_init+0x10/0x10
[ 2679.443972][ T4787]  netfilter_net_init+0x37b/0x4b0
[ 2679.444032][ T4787]  ? sysctl_net_init+0x27/0x30
[ 2679.444061][ T4787]  ops_init+0x1df/0x5f0
[ 2679.444116][ T4787]  setup_net+0x1ff/0x510
[ 2679.444143][ T4787]  ? lockdep_init_map_type+0x5c/0x280
[ 2679.444187][ T4787]  ? __pfx_setup_net+0x10/0x10
[ 2679.444220][ T4787]  ? debug_mutex_init+0x37/0x70
[ 2679.444256][ T4787]  copy_net_ns+0x2a6/0x5f0
[ 2679.444293][ T4787]  create_new_namespaces+0x3ea/0xa90
[ 2679.444338][ T4787]  unshare_nsproxy_namespaces+0xc0/0x1f0
[ 2679.444378][ T4787]  ksys_unshare+0x45b/0xa40
[ 2679.444423][ T4787]  ? __pfx_ksys_unshare+0x10/0x10
[ 2679.444465][ T4787]  ? ksys_write+0x1ac/0x250
[ 2679.444525][ T4787]  __x64_sys_unshare+0x31/0x40
[ 2679.444566][ T4787]  do_syscall_64+0xcd/0x490
[ 2679.444620][ T4787]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2679.444653][ T4787] RIP: 0033:0x7f0dea18e929
[ 2679.444679][ T4787] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2679.444712][ T4787] RSP: 002b:00007f0de7ff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[ 2679.444744][ T4787] RAX: ffffffffffffffda RBX: 00007f0dea3b5fa0 RCX: 00007f0dea18e929
[ 2679.444766][ T4787] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[ 2679.444785][ T4787] RBP: 00007f0de7ff6090 R08: 0000000000000000 R09: 0000000000000000
[ 2679.444805][ T4787] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2679.444825][ T4787] R13: 0000000000000000 R14: 00007f0dea3b5fa0 R15: 00007ffcc6c432a8
[ 2679.444868][ T4787]  </TASK>
[ 2679.444880][ T4787] cannot create netfilter proc entry
[ 2679.761702][ T4798] FAULT_INJECTION: forcing a failure.
[ 2679.761702][ T4798] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2679.840393][ T4798] CPU: 1 UID: 0 PID: 4798 Comm: syz.3.5752 Tainted: G     U              6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[ 2679.840459][ T4798] Tainted: [U]=USER
[ 2679.840469][ T4798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2679.840488][ T4798] Call Trace:
[ 2679.840498][ T4798]  <TASK>
[ 2679.840510][ T4798]  dump_stack_lvl+0x16c/0x1f0
[ 2679.840562][ T4798]  should_fail_ex+0x512/0x640
[ 2679.840612][ T4798]  _copy_to_user+0x32/0xd0
[ 2679.840664][ T4798]  simple_read_from_buffer+0xcb/0x170
[ 2679.840708][ T4798]  proc_fail_nth_read+0x197/0x270
[ 2679.840747][ T4798]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2679.840786][ T4798]  ? rw_verify_area+0xcf/0x680
[ 2679.840824][ T4798]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2679.840859][ T4798]  vfs_read+0x1e4/0xc60
[ 2679.840913][ T4798]  ? __pfx___mutex_lock+0x10/0x10
[ 2679.840960][ T4798]  ? __pfx_vfs_read+0x10/0x10
[ 2679.841014][ T4798]  ? __fget_files+0x20e/0x3c0
[ 2679.841068][ T4798]  ksys_read+0x12a/0x250
[ 2679.841111][ T4798]  ? __pfx_ksys_read+0x10/0x10
[ 2679.841167][ T4798]  do_syscall_64+0xcd/0x490
[ 2679.841226][ T4798]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2679.841259][ T4798] RIP: 0033:0x7fb1c438d33c
[ 2679.841284][ T4798] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 2679.841315][ T4798] RSP: 002b:00007fb1c21f6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2679.841345][ T4798] RAX: ffffffffffffffda RBX: 00007fb1c45b5fa0 RCX: 00007fb1c438d33c
[ 2679.841365][ T4798] RDX: 000000000000000f RSI: 00007fb1c21f60a0 RDI: 0000000000000004
[ 2679.841385][ T4798] RBP: 00007fb1c21f6090 R08: 0000000000000000 R09: 0000000000000000
[ 2679.841403][ T4798] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2679.841422][ T4798] R13: 0000000000000000 R14: 00007fb1c45b5fa0 R15: 00007ffc33164038
[ 2679.841462][ T4798]  </TASK>
[ 2680.285923][ T3854] Bluetooth: hci0: command 0x0406 tx timeout
[ 2680.487567][ T4802] FAULT_INJECTION: forcing a failure.
[ 2680.487567][ T4802] name failslab, interval 1, probability 0, space 0, times 0
[ 2680.526415][ T4802] CPU: 0 UID: 0 PID: 4802 Comm: syz.3.5753 Tainted: G     U              6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[ 2680.526465][ T4802] Tainted: [U]=USER
[ 2680.526476][ T4802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2680.526493][ T4802] Call Trace:
[ 2680.526505][ T4802]  <TASK>
[ 2680.526518][ T4802]  dump_stack_lvl+0x16c/0x1f0
[ 2680.526571][ T4802]  should_fail_ex+0x512/0x640
[ 2680.526616][ T4802]  ? __kmalloc_cache_noprof+0x57/0x3e0
[ 2680.526663][ T4802]  should_failslab+0xc2/0x120
[ 2680.526693][ T4802]  __kmalloc_cache_noprof+0x6a/0x3e0
[ 2680.526736][ T4802]  ? snd_seq_oss_open+0x55/0xa20
[ 2680.526774][ T4802]  snd_seq_oss_open+0x55/0xa20
[ 2680.526814][ T4802]  odev_open+0x6f/0x90
[ 2680.526860][ T4802]  ? __pfx_odev_open+0x10/0x10
[ 2680.526908][ T4802]  soundcore_open+0x40c/0x580
[ 2680.526969][ T4802]  ? __pfx_soundcore_open+0x10/0x10
[ 2680.527014][ T4802]  chrdev_open+0x231/0x6a0
[ 2680.527058][ T4802]  ? __pfx_apparmor_file_open+0x10/0x10
[ 2680.527095][ T4802]  ? __pfx_chrdev_open+0x10/0x10
[ 2680.527143][ T4802]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[ 2680.527188][ T4802]  do_dentry_open+0x744/0x1c10
[ 2680.527234][ T4802]  ? __pfx_chrdev_open+0x10/0x10
[ 2680.527286][ T4802]  vfs_open+0x82/0x3f0
[ 2680.527334][ T4802]  path_openat+0x1de4/0x2cb0
[ 2680.527386][ T4802]  ? __pfx_path_openat+0x10/0x10
[ 2680.527438][ T4802]  ? __lock_acquire+0xb8a/0x1c90
[ 2680.527477][ T4802]  do_filp_open+0x20b/0x470
[ 2680.527515][ T4802]  ? __pfx_do_filp_open+0x10/0x10
[ 2680.527577][ T4802]  ? alloc_fd+0x471/0x7d0
[ 2680.527621][ T4802]  do_sys_openat2+0x11b/0x1d0
[ 2680.527649][ T4802]  ? __pfx_do_sys_openat2+0x10/0x10
[ 2680.527682][ T4802]  ? __fget_files+0x20e/0x3c0
[ 2680.527723][ T4802]  __x64_sys_openat+0x174/0x210
[ 2680.527753][ T4802]  ? __pfx___x64_sys_openat+0x10/0x10
[ 2680.527781][ T4802]  ? ksys_write+0x1ac/0x250
[ 2680.527830][ T4802]  do_syscall_64+0xcd/0x490
[ 2680.527873][ T4802]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2680.527900][ T4802] RIP: 0033:0x7fb1c438e929
[ 2680.527921][ T4802] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2680.527963][ T4802] RSP: 002b:00007fb1c21f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 2680.527989][ T4802] RAX: ffffffffffffffda RBX: 00007fb1c45b5fa0 RCX: 00007fb1c438e929
[ 2680.528005][ T4802] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c
[ 2680.528022][ T4802] RBP: 00007fb1c21f6090 R08: 0000000000000000 R09: 0000000000000000
[ 2680.528038][ T4802] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2680.528053][ T4802] R13: 0000000000000000 R14: 00007fb1c45b5fa0 R15: 00007ffc33164038
[ 2680.528087][ T4802]  </TASK>
[ 2682.069404][ T4831] netlink: 354 bytes leftover after parsing attributes in process `syz.1.5761'.
[ 2683.811206][ T4862] binder: 4861:4862 ioctl 400448c9 0 returned -22
[ 2685.601941][ T4889] FAULT_INJECTION: forcing a failure.
[ 2685.601941][ T4889] name failslab, interval 1, probability 0, space 0, times 0
[ 2685.647386][ T4889] CPU: 1 UID: 0 PID: 4889 Comm: syz.2.5776 Tainted: G     U              6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[ 2685.647435][ T4889] Tainted: [U]=USER
[ 2685.647446][ T4889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2685.647464][ T4889] Call Trace:
[ 2685.647475][ T4889]  <TASK>
[ 2685.647487][ T4889]  dump_stack_lvl+0x16c/0x1f0
[ 2685.647540][ T4889]  should_fail_ex+0x512/0x640
[ 2685.647590][ T4889]  ? fs_reclaim_acquire+0xae/0x150
[ 2685.647629][ T4889]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 2685.647671][ T4889]  should_failslab+0xc2/0x120
[ 2685.647700][ T4889]  __kmalloc_noprof+0xd2/0x510
[ 2685.647755][ T4889]  tomoyo_realpath_from_path+0xc2/0x6e0
[ 2685.647808][ T4889]  ? tomoyo_profile+0x47/0x60
[ 2685.647859][ T4889]  tomoyo_path_perm+0x274/0x460
[ 2685.647892][ T4889]  ? tomoyo_path_perm+0x260/0x460
[ 2685.647929][ T4889]  ? __pfx_tomoyo_path_perm+0x10/0x10
[ 2685.648009][ T4889]  ? __pfx_ima_file_check+0x10/0x10
[ 2685.648054][ T4889]  ? hook_file_truncate+0xc7/0x250
[ 2685.648097][ T4889]  security_file_truncate+0x84/0x1e0
[ 2685.648140][ T4889]  path_openat+0xc10/0x2cb0
[ 2685.648199][ T4889]  ? __pfx_path_openat+0x10/0x10
[ 2685.648246][ T4889]  ? __lock_acquire+0xb8a/0x1c90
[ 2685.648291][ T4889]  do_filp_open+0x20b/0x470
[ 2685.648341][ T4889]  ? __pfx_do_filp_open+0x10/0x10
[ 2685.648415][ T4889]  ? alloc_fd+0x471/0x7d0
[ 2685.648467][ T4889]  do_sys_openat2+0x11b/0x1d0
[ 2685.648502][ T4889]  ? __pfx_do_sys_openat2+0x10/0x10
[ 2685.648541][ T4889]  ? __fget_files+0x20e/0x3c0
[ 2685.648591][ T4889]  __x64_sys_openat+0x174/0x210
[ 2685.648626][ T4889]  ? __pfx___x64_sys_openat+0x10/0x10
[ 2685.648660][ T4889]  ? ksys_write+0x1ac/0x250
[ 2685.648718][ T4889]  do_syscall_64+0xcd/0x490
[ 2685.648770][ T4889]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2685.648808][ T4889] RIP: 0033:0x7f0dea18e929
[ 2685.648833][ T4889] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2685.648864][ T4889] RSP: 002b:00007f0de7ff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 2685.648894][ T4889] RAX: ffffffffffffffda RBX: 00007f0dea3b5fa0 RCX: 00007f0dea18e929
[ 2685.648915][ T4889] RDX: 0000000000000202 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[ 2685.648934][ T4889] RBP: 00007f0de7ff6090 R08: 0000000000000000 R09: 0000000000000000
[ 2685.648953][ T4889] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2685.648972][ T4889] R13: 0000000000000001 R14: 00007f0dea3b5fa0 R15: 00007ffcc6c432a8
[ 2685.649013][ T4889]  </TASK>
[ 2685.649098][ T4889] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 2686.260769][ T4894] ==================================================================
[ 2686.269700][ T4894] BUG: KASAN: slab-use-after-free in dvb_device_open+0x36a/0x3b0
[ 2686.278246][ T4894] Read of size 8 at addr ffff88802ad95018 by task syz.2.5778/4894
[ 2686.286863][ T4894] 
[ 2686.289460][ T4894] CPU: 0 UID: 0 PID: 4894 Comm: syz.2.5778 Tainted: G     U              6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[ 2686.289523][ T4894] Tainted: [U]=USER
[ 2686.289536][ T4894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2686.289557][ T4894] Call Trace:
[ 2686.289569][ T4894]  <TASK>
[ 2686.289583][ T4894]  dump_stack_lvl+0x116/0x1f0
[ 2686.289640][ T4894]  print_report+0xcd/0x680
[ 2686.289671][ T4894]  ? __virt_addr_valid+0x81/0x610
[ 2686.289706][ T4894]  ? __phys_addr+0xe8/0x180
[ 2686.289742][ T4894]  ? dvb_device_open+0x36a/0x3b0
[ 2686.289792][ T4894]  kasan_report+0xe0/0x110
[ 2686.289823][ T4894]  ? dvb_device_open+0x36a/0x3b0
[ 2686.289877][ T4894]  ? __pfx_dvb_device_open+0x10/0x10
[ 2686.289929][ T4894]  dvb_device_open+0x36a/0x3b0
[ 2686.289979][ T4894]  ? __pfx_dvb_device_open+0x10/0x10
[ 2686.290031][ T4894]  chrdev_open+0x231/0x6a0
[ 2686.290081][ T4894]  ? __pfx_apparmor_file_open+0x10/0x10
[ 2686.290123][ T4894]  ? __pfx_chrdev_open+0x10/0x10
[ 2686.290188][ T4894]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[ 2686.290237][ T4894]  do_dentry_open+0x744/0x1c10
[ 2686.290286][ T4894]  ? __pfx_chrdev_open+0x10/0x10
[ 2686.290341][ T4894]  vfs_open+0x82/0x3f0
[ 2686.290377][ T4894]  path_openat+0x1de4/0x2cb0
[ 2686.290430][ T4894]  ? __pfx_path_openat+0x10/0x10
[ 2686.290480][ T4894]  ? __lock_acquire+0xb8a/0x1c90
[ 2686.290534][ T4894]  do_filp_open+0x20b/0x470
[ 2686.290580][ T4894]  ? __pfx_do_filp_open+0x10/0x10
[ 2686.290642][ T4894]  ? alloc_fd+0x471/0x7d0
[ 2686.290691][ T4894]  do_sys_openat2+0x11b/0x1d0
[ 2686.290727][ T4894]  ? __pfx_do_sys_openat2+0x10/0x10
[ 2686.290773][ T4894]  ? __pfx_do_sys_openat2+0x10/0x10
[ 2686.290807][ T4894]  ? __pfx___might_resched+0x10/0x10
[ 2686.290844][ T4894]  __x64_sys_openat+0x174/0x210
[ 2686.290879][ T4894]  ? __pfx___x64_sys_openat+0x10/0x10
[ 2686.290921][ T4894]  do_syscall_64+0xcd/0x490
[ 2686.290969][ T4894]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2686.291001][ T4894] RIP: 0033:0x7f0dea18e929
[ 2686.291026][ T4894] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2686.291058][ T4894] RSP: 002b:00007f0de7ff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 2686.291088][ T4894] RAX: ffffffffffffffda RBX: 00007f0dea3b5fa0 RCX: 00007f0dea18e929
[ 2686.291109][ T4894] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c
[ 2686.291129][ T4894] RBP: 00007f0dea210b39 R08: 0000000000000000 R09: 0000000000000000
[ 2686.291148][ T4894] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2686.291166][ T4894] R13: 0000000000000000 R14: 00007f0dea3b5fa0 R15: 00007ffcc6c432a8
[ 2686.291196][ T4894]  </TASK>
[ 2686.291208][ T4894] 
[ 2686.581774][ T4894] Allocated by task 1:
[ 2686.586264][ T4894]  kasan_save_stack+0x33/0x60
[ 2686.591448][ T4894]  kasan_save_track+0x14/0x30
[ 2686.596636][ T4894]  __kasan_kmalloc+0xaa/0xb0
[ 2686.601720][ T4894]  dvb_register_device+0x1e4/0x2370
[ 2686.607474][ T4894]  dvb_register_frontend+0x5a6/0x880
[ 2686.613325][ T4894]  vidtv_bridge_probe+0x459/0xa90
[ 2686.618880][ T4894]  platform_probe+0x102/0x1f0
[ 2686.624046][ T4894]  really_probe+0x23e/0xa90
[ 2686.629029][ T4894]  __driver_probe_device+0x1de/0x440
[ 2686.634872][ T4894]  driver_probe_device+0x4c/0x1b0
[ 2686.640426][ T4894]  __driver_attach+0x283/0x580
[ 2686.645704][ T4894]  bus_for_each_dev+0x13e/0x1d0
[ 2686.651070][ T4894]  bus_add_driver+0x2e9/0x690
[ 2686.656253][ T4894]  driver_register+0x15c/0x4b0
[ 2686.661511][ T4894]  vidtv_bridge_init+0x45/0x80
[ 2686.666789][ T4894]  do_one_initcall+0x120/0x6e0
[ 2686.672048][ T4894]  kernel_init_freeable+0x5c2/0x900
[ 2686.677799][ T4894]  kernel_init+0x1c/0x2b0
[ 2686.682578][ T4894]  ret_from_fork+0x5d4/0x6f0
[ 2686.687651][ T4894]  ret_from_fork_asm+0x1a/0x30
[ 2686.692908][ T4894] 
[ 2686.695475][ T4894] Freed by task 4566:
[ 2686.699864][ T4894]  kasan_save_stack+0x33/0x60
[ 2686.705045][ T4894]  kasan_save_track+0x14/0x30
[ 2686.710220][ T4894]  kasan_save_free_info+0x3b/0x60
[ 2686.715768][ T4894]  __kasan_slab_free+0x51/0x70
[ 2686.721044][ T4894]  kfree+0x2b4/0x4d0
[ 2686.725354][ T4894]  dvb_device_put.part.0+0x60/0x90
[ 2686.731010][ T4894]  dvb_device_open+0x2a4/0x3b0
[ 2686.736278][ T4894]  chrdev_open+0x231/0x6a0
[ 2686.741170][ T4894]  do_dentry_open+0x744/0x1c10
[ 2686.746442][ T4894]  vfs_open+0x82/0x3f0
[ 2686.750943][ T4894]  path_openat+0x1de4/0x2cb0
[ 2686.756034][ T4894]  do_filp_open+0x20b/0x470
[ 2686.761020][ T4894]  do_sys_openat2+0x11b/0x1d0
[ 2686.766183][ T4894]  __x64_sys_openat+0x174/0x210
[ 2686.771553][ T4894]  do_syscall_64+0xcd/0x490
[ 2686.776550][ T4894]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2686.783155][ T4894] 
[ 2686.785719][ T4894] The buggy address belongs to the object at ffff88802ad95000
[ 2686.785719][ T4894]  which belongs to the cache kmalloc-256 of size 256
[ 2686.801199][ T4894] The buggy address is located 24 bytes inside of
[ 2686.801199][ T4894]  freed 256-byte region [ffff88802ad95000, ffff88802ad95100)
[ 2686.816302][ T4894] 
[ 2686.818881][ T4894] The buggy address belongs to the physical page:
[ 2686.825947][ T4894] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2ad94
[ 2686.835600][ T4894] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 2686.844967][ T4894] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 2686.853284][ T4894] page_type: f5(slab)
[ 2686.857697][ T4894] raw: 00fff00000000040 ffff88801b841b40 dead000000000122 0000000000000000
[ 2686.867164][ T4894] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[ 2686.876631][ T4894] head: 00fff00000000040 ffff88801b841b40 dead000000000122 0000000000000000
[ 2686.886190][ T4894] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[ 2686.895750][ T4894] head: 00fff00000000001 ffffea0000ab6501 00000000ffffffff 00000000ffffffff
[ 2686.905308][ T4894] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[ 2686.914852][ T4894] page dumped because: kasan: bad access detected
[ 2686.921910][ T4894] page_owner tracks the page as allocated
[ 2686.928203][ T4894] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 25514805795, free_ts 0
[ 2686.949921][ T4894]  post_alloc_hook+0x1c0/0x230
[ 2686.955204][ T4894]  get_page_from_freelist+0x1321/0x3890
[ 2686.961338][ T4894]  __alloc_frozen_pages_noprof+0x261/0x23f0
[ 2686.967855][ T4894]  alloc_pages_mpol+0x1fb/0x550
[ 2686.973208][ T4894]  new_slab+0x23b/0x330
[ 2686.977805][ T4894]  ___slab_alloc+0xd9c/0x1940
[ 2686.982976][ T4894]  __slab_alloc.constprop.0+0x56/0xb0
[ 2686.988919][ T4894]  __kmalloc_cache_noprof+0xfb/0x3e0
[ 2686.994761][ T4894]  bus_add_driver+0x92/0x690
[ 2686.999837][ T4894]  driver_register+0x15c/0x4b0
[ 2687.005102][ T4894]  usb_register_driver+0x216/0x4d0
[ 2687.010754][ T4894]  do_one_initcall+0x120/0x6e0
[ 2687.016010][ T4894]  kernel_init_freeable+0x5c2/0x900
[ 2687.021752][ T4894]  kernel_init+0x1c/0x2b0
[ 2687.026556][ T4894]  ret_from_fork+0x5d4/0x6f0
[ 2687.031633][ T4894]  ret_from_fork_asm+0x1a/0x30
[ 2687.036897][ T4894] page_owner free stack trace missing
[ 2687.042812][ T4894] 
[ 2687.045376][ T4894] Memory state around the buggy address:
[ 2687.051583][ T4894]  ffff88802ad94f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2687.060469][ T4894]  ffff88802ad94f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2687.069360][ T4894] >ffff88802ad95000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2687.078240][ T4894]                             ^
[ 2687.083585][ T4894]  ffff88802ad95080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2687.092474][ T4894]  ffff88802ad95100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2687.101357][ T4894] ==================================================================
[ 2687.158029][ T4894] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 2687.166014][ T4894] CPU: 1 UID: 0 PID: 4894 Comm: syz.2.5778 Tainted: G     U              6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[ 2687.180955][ T4894] Tainted: [U]=USER
[ 2687.185160][ T4894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2687.196249][ T4894] Call Trace:
[ 2687.199882][ T4894]  <TASK>
[ 2687.203127][ T4894]  dump_stack_lvl+0x3d/0x1f0
[ 2687.208218][ T4894]  panic+0x71c/0x800
[ 2687.212539][ T4894]  ? __pfx_panic+0x10/0x10
[ 2687.217428][ T4894]  ? mark_held_locks+0x49/0x80
[ 2687.222711][ T4894]  ? preempt_schedule_thunk+0x16/0x30
[ 2687.228679][ T4894]  ? dvb_device_open+0x36a/0x3b0
[ 2687.234168][ T4894]  ? preempt_schedule_common+0x44/0xc0
[ 2687.240224][ T4894]  ? dvb_device_open+0x36a/0x3b0
[ 2687.245701][ T4894]  check_panic_on_warn+0xab/0xb0
[ 2687.251184][ T4894]  end_report+0x107/0x170
[ 2687.256001][ T4894]  kasan_report+0xee/0x110
[ 2687.260914][ T4894]  ? dvb_device_open+0x36a/0x3b0
[ 2687.266410][ T4894]  ? __pfx_dvb_device_open+0x10/0x10
[ 2687.272281][ T4894]  dvb_device_open+0x36a/0x3b0
[ 2687.277572][ T4894]  ? __pfx_dvb_device_open+0x10/0x10
[ 2687.283435][ T4894]  chrdev_open+0x231/0x6a0
[ 2687.288355][ T4894]  ? __pfx_apparmor_file_open+0x10/0x10
[ 2687.294498][ T4894]  ? __pfx_chrdev_open+0x10/0x10
[ 2687.299976][ T4894]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[ 2687.307461][ T4894]  do_dentry_open+0x744/0x1c10
[ 2687.312758][ T4894]  ? __pfx_chrdev_open+0x10/0x10
[ 2687.318243][ T4894]  vfs_open+0x82/0x3f0
[ 2687.322757][ T4894]  path_openat+0x1de4/0x2cb0
[ 2687.327863][ T4894]  ? __pfx_path_openat+0x10/0x10
[ 2687.333356][ T4894]  ? __lock_acquire+0xb8a/0x1c90
[ 2687.338839][ T4894]  do_filp_open+0x20b/0x470
[ 2687.343838][ T4894]  ? __pfx_do_filp_open+0x10/0x10
[ 2687.349422][ T4894]  ? alloc_fd+0x471/0x7d0
[ 2687.354278][ T4894]  do_sys_openat2+0x11b/0x1d0
[ 2687.359459][ T4894]  ? __pfx_do_sys_openat2+0x10/0x10
[ 2687.365216][ T4894]  ? __pfx_do_sys_openat2+0x10/0x10
[ 2687.370980][ T4894]  ? __pfx___might_resched+0x10/0x10
[ 2687.376853][ T4894]  __x64_sys_openat+0x174/0x210
[ 2687.382234][ T4894]  ? __pfx___x64_sys_openat+0x10/0x10
[ 2687.388192][ T4894]  do_syscall_64+0xcd/0x490
[ 2687.393202][ T4894]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2687.399727][ T4894] RIP: 0033:0x7f0dea18e929
[ 2687.404594][ T4894] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2687.426177][ T4894] RSP: 002b:00007f0de7ff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 2687.435440][ T4894] RAX: ffffffffffffffda RBX: 00007f0dea3b5fa0 RCX: 00007f0dea18e929
[ 2687.444214][ T4894] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c
[ 2687.452986][ T4894] RBP: 00007f0dea210b39 R08: 0000000000000000 R09: 0000000000000000
[ 2687.461762][ T4894] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2687.470914][ T4894] R13: 0000000000000000 R14: 00007f0dea3b5fa0 R15: 00007ffcc6c432a8
[ 2687.479710][ T4894]  </TASK>
[ 2687.483360][ T4894] Kernel Offset: disabled
[ 2687.488121][ T4894] Rebooting in 86400 seconds..