last executing test programs: 2m7.323987239s ago: executing program 3 (id=3083): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) write$UHID_CREATE2(0xffffffffffffffff, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, 0xffffffffffffffff, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_open_dev$usbmon(&(0x7f00000005c0), 0x2, 0x0) 2m7.297754862s ago: executing program 3 (id=3086): rt_sigaction(0xd, &(0x7f0000000080)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0xb74]}}, 0x0, 0x8, &(0x7f00000000c0)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, 0x0, 0x0, 0x4) r2 = syz_open_dev$MSR(&(0x7f0000000080), 0x0, 0x0) pread64(r2, &(0x7f0000001a00)=""/4096, 0x1000, 0x4) 2m6.946681687s ago: executing program 3 (id=3089): rt_sigaction(0xd, &(0x7f0000000180)={0x0, 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_clone(0x30a0ab00, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)="8a8b25d347161cf81921cb9bca9febdaf5cd3d6ef00633f71c080471e5769596ef313ff3c4b51475d2c24932c0a1b42d071eb26db67ebb3c6747f8343a518ed5bb09044f0dbcc7cae7e330eb289141669f4967955b6cc8f7e9e57bc1cd42bb21625ffc770d765c42e2b0022d50257dced02e1565bf76db7a3af3acd5d6f697") 2m6.892170242s ago: executing program 3 (id=3091): rt_sigaction(0xd, &(0x7f0000000180)={0x0, 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x80500) read(r2, 0x0, 0x0) 2m6.81740586s ago: executing program 3 (id=3095): rt_sigaction(0xd, &(0x7f0000000080)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0xb74]}}, 0x0, 0x8, &(0x7f00000000c0)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00), 0x0, 0x4) getresuid(&(0x7f0000000ec0), &(0x7f0000000f00), &(0x7f0000000f40)) 2m6.787183583s ago: executing program 3 (id=3098): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) rt_sigprocmask(0x1, &(0x7f0000000040)={[0x3ff]}, &(0x7f0000000080), 0x8) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) r2 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1) close(r2) socket(0x28, 0x5, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) r5 = socket(0x10, 0x2, 0x0) write(r5, &(0x7f0000000200)="1c0000001a009b8a070000003b9b701f400004000000eb3f7a7f1de2", 0x1c) write$UHID_CREATE2(r4, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r4, @ANYRES64=r3], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r4, 0x0) ioctl$KVM_X86_SETUP_MCE(r4, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) r6 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r6, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, &(0x7f0000000100)=0x3f12, 0x4) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r6, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4) connect$inet(r6, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) sendto$inet(r6, &(0x7f0000000280)="a6", 0x1, 0x24000041, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) sendmmsg$inet(r7, &(0x7f0000000280), 0x0, 0x20000054) mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000480), 0x84, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r7]) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r8 = socket$inet_tcp(0x2, 0x1, 0x0) socket$inet(0x2, 0x2, 0x8) setsockopt$inet_int(r8, 0x0, 0x21, 0x0, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1e, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) 1m52.020961842s ago: executing program 2 (id=3431): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket(0x2, 0x2, 0x1) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'bridge0\x00'}) 1m51.929377381s ago: executing program 2 (id=3432): rt_sigaction(0xd, &(0x7f0000000080)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0xb74]}}, 0x0, 0x8, &(0x7f00000000c0)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x141a82, 0x0) copy_file_range(r2, 0x0, r2, 0x0, 0x3, 0x0) 1m51.761803818s ago: executing program 32 (id=3098): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) rt_sigprocmask(0x1, &(0x7f0000000040)={[0x3ff]}, &(0x7f0000000080), 0x8) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) r2 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1) close(r2) socket(0x28, 0x5, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) r5 = socket(0x10, 0x2, 0x0) write(r5, &(0x7f0000000200)="1c0000001a009b8a070000003b9b701f400004000000eb3f7a7f1de2", 0x1c) write$UHID_CREATE2(r4, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r4, @ANYRES64=r3], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r4, 0x0) ioctl$KVM_X86_SETUP_MCE(r4, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) r6 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r6, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, &(0x7f0000000100)=0x3f12, 0x4) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r6, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4) connect$inet(r6, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) sendto$inet(r6, &(0x7f0000000280)="a6", 0x1, 0x24000041, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) sendmmsg$inet(r7, &(0x7f0000000280), 0x0, 0x20000054) mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000480), 0x84, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r7]) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r8 = socket$inet_tcp(0x2, 0x1, 0x0) socket$inet(0x2, 0x2, 0x8) setsockopt$inet_int(r8, 0x0, 0x21, 0x0, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1e, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) 1m51.281287356s ago: executing program 2 (id=3441): prctl$PR_MCE_KILL(0x26, 0x0, 0x0) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) socketpair$tipc(0x1e, 0x2, 0x0, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_genetlink_get_family_id$tipc2(&(0x7f0000000500), r1) keyctl$clear(0x3, 0xfffffffffffffffd) 1m51.122609382s ago: executing program 2 (id=3442): r0 = openat$userfaultfd(0xffffffffffffff9c, &(0x7f00000008c0), 0x0, 0x0) ioctl$AUTOFS_IOC_CATATONIC(r0, 0x9362, 0x0) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x8]}}, 0x0, 0x8, &(0x7f0000000300)) socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[], 0x118) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r3 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101b01) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r5, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r5, @ANYRES64=r4], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r5, 0x0) ioctl$KVM_X86_SETUP_MCE(r5, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20000004) r6 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r6, 0x6, 0x24, &(0x7f00000000c0)=0x100000001, 0x4) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$incfs(&(0x7f0000000200)='./file0\x00', &(0x7f0000000340)='./file0\x00', &(0x7f0000000380), 0x0, 0x0) r7 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x8c) r8 = openat$incfs(r7, &(0x7f00000003c0)='.pending_reads\x00', 0x0, 0x130) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r9 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000080), 0x2275c0, 0x0) read$ptp(r9, 0x0, 0x0) ioctl$TIOCL_GETKMSGREDIRECT(r8, 0x40046721, &(0x7f00000000c0)) ioctl$USBDEVFS_RELEASEINTERFACE(r3, 0x80045510, &(0x7f00000000c0)=0x8) sendmsg$NFT_BATCH(r2, &(0x7f0000000140)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYRESOCT], 0x168}, 0x1, 0x0, 0x0, 0x80}, 0x54) bind$bt_hci(r2, &(0x7f0000000340)={0x1f, 0xffff, 0x3}, 0x6) write(r2, &(0x7f0000000040)="05000000010000", 0x7) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) 1m51.035112381s ago: executing program 2 (id=3443): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_open_dev$usbmon(0x0, 0x2, 0x0) 1m50.890787545s ago: executing program 2 (id=3445): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) write$UHID_CREATE2(0xffffffffffffffff, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, 0xffffffffffffffff, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYBLOB="1400000042000501"], 0x14}, 0x1, 0x0, 0x0, 0x68840}, 0x4) recvmmsg(r1, &(0x7f0000003ac0)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f00000004c0)=""/4091, 0xffb}, {&(0x7f0000000200)=""/11, 0xb}], 0x2}, 0xfffffffd}], 0x1, 0x2, 0x0) 1m50.811215063s ago: executing program 33 (id=3445): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) write$UHID_CREATE2(0xffffffffffffffff, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, 0xffffffffffffffff, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYBLOB="1400000042000501"], 0x14}, 0x1, 0x0, 0x0, 0x68840}, 0x4) recvmmsg(r1, &(0x7f0000003ac0)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f00000004c0)=""/4091, 0xffb}, {&(0x7f0000000200)=""/11, 0xb}], 0x2}, 0xfffffffd}], 0x1, 0x2, 0x0) 2.692571621s ago: executing program 4 (id=6694): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) sigaltstack(&(0x7f0000000480)={&(0x7f0000004000)=""/4126, 0x80000001, 0x101e}, 0x0) r2 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)) futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0) timer_settime(0x0, 0x0, &(0x7f0000000240)={{}, {0x0, 0x9}}, 0x0) 1.825724648s ago: executing program 4 (id=6705): rt_sigaction(0xd, &(0x7f0000000180)={0x0, 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32=r0, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) signalfd4(0xffffffffffffffff, &(0x7f0000000000), 0x8, 0x0) 1.725152418s ago: executing program 4 (id=6707): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x4000) madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19) r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000000), 0x165342, 0x0) syz_usb_connect(0x5, 0x24, &(0x7f0000001040)=ANY=[@ANYBLOB="12011001070102109806826bebd30102030109021200010600b06a091f"], 0x0) r1 = getpid() r2 = syz_pidfd_open(r1, 0x0) setns(r2, 0x8000000) umount2(&(0x7f0000000040)='.\x00', 0x2) mount_setattr(0xffffffffffffff9c, &(0x7f0000000180)='.\x00', 0x8000, &(0x7f0000001dc0)={0xf, 0x0, 0x100000}, 0x20) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) mremap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000001000/0x1000)=nil) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r3, 0x6, 0x14, &(0x7f0000000080), 0x4) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8) write(r0, &(0x7f0000000400)="547bbee68789313efe846d6698abfeac0d12b144933fa6f684f1ba13b34680bf4b9ea70f71faa2a82a45ab47458c1f827355ad34033fbb8b9699eb0b279252dfcf29e377e14dcfbde42857cbf2aa88d3dad8ec2deea7afe4e747fa392fe01d425970fb2dd7a000ea3889f0d9021f347818106963e18c256e3df26b41c61d30284a8ad61c6269756119d62e3a7a24c1dcd09d3eb35dfee6ec945ac190c4797988e0d7f6f38bf9b124431dd8208a9208195a70c8e558c216e78d5f5b3f6df6f155e16bf7dd8f4e9eaf61d5142a82da7a87aeca19c25b631cd8a14ce9f2fc8dbcd05f51dc9260abc82d780c9358bd6411ebf48520694d413024432d0bfc3759a620289c9c8705009fd829da6eb5b72b454436b0af8e9dc4941ca2cff92561cad984e15849dcd73f04c7f70a30304da2fbc17f421767ad5ce47ed79d6698428eada9a39faa02f978699bc8c482224a2d5f85cc1135ea92ac1c610e32f1e7c82da6d91e0c8634da679760c32c3e891db352b76b61a65bbdd023e093a8e0d37fd8cd00679cb1bceaac84b05861740c221b2cb4afa1ce8b091c815fc4bd83995b5bf5dcdf2912572cf6180ec27445404917ff9e8e6604e2afc19a1bb3745914f0a101e03e44ea5f64d40402f12a81310c97086fb01d04e82799c40f29348eb283ad58a40d608a47fbf9a25dbb308aa03b2425ffa896e1a70a37cf49e6dbdeda39ee88aadb26811eba78a0dfe5400a51428c31582edcc5f75b5dd963707a54b9b1e35f9966995d6474acbf7094124cecf38369aba3f6a5e3ad071f5e3df902843a3947623fe01571d97625c3e27721b08a6f85fd7b879acd400de5beabdd2603d566fdb4018bf8bd74c3ea1ae67c988992c7dab4ebcf501a73815e1b527d3ff1cf9e729d55127118565f794d253fef25609e5a415615d1b5fca5381b49446d9b9e75fbfcdd9218b0d8d8d965871b897544e32fd0b4cb5600ffdcdb0056bcad75216759590f8a94db82b0acd2a5a34e5c34241a19f1a7a7cceb894341f55c6b474f3cc052f9863a67519dfadee6576f08d7448929424c13e845e2e636b87dc14e1ab4ad05d69f896ca1bc5c1267befb686c4207e21aa30bdae1d1602d3e4080784834e213c426ba5446f90d3b3885a5d6942c6b0e637f5bb9c7908460bd7d04497ab054c8fc7f89068f7535976ad051bfe94c243ce7604a63b2099b69f1ed73590a318fad9a170fa0cddfe60e981a92de2e1aab3465b11a968108e08deadfa1fa546c4cbc0c34ac28597848562583ae8d93cb60f2e06c7a1f743add51eb8cd732b40d48fde00117cb2d654100dfcc66b7c9fefac80e137caa5cf43ae897780251a3ebbc4ddd3b003168963c9e2c9446cb29731fc4bbb5e551aca6913f7b8576ce34012581b5a363917970399ca369688e637cf06ff3c8114383d2fcbf9c69f1ca63cd21695254a440df5ef0a8abfdbd0a651a533b6cdb82382e3bd70f87c1d3eb0a6e22452605026fafe6d35158c0728c1050a39330c80ee2ee0b09366fc6382883ecd0796feec657b36aee4091471e406e9faffd5ede27943e5fbf1b7249ab8bad71f60063697f04db52e980a9fb3eb5e53b89be8a5f0e6afea7435789ecd444c28eb411cdc2158e434178749f36cc957dbd17efb2b218592f78d6864f2708e8c6db2da0d3f6de53959afec0c90d3d62a13a0bc3857bce58d81223eddd05cf3c1ec6b3fc5307d0f16d470f2065300295197e9fa81d2e5574b2c7b18f1c6c85156a9b1174d62dcd3cb026f4b67e6babd66c8f427b9687585f37b18c82e0100507035e78ce010b78ea1b5d3884db25df36ae929dd535a854a31cba5e47655873df72be7463c600b704e9da0e7cb2d61d0710248814ecced2eef8f227c8aec308c2c9d0a39d1a6b306080e8eaef8edece0f6d0d1612c582d70c3999a1a6bd529538f51ba4869ce74bc8509a7126d96db118cdb55411a36f4361d53c8027c12a7486e9c84e4de445b454630be27bdc2ec268702d9c1890297bdd1fc7a235f1a47f4645d286146f3cb9a7ce650f4157a1e7f134eb1815001d59905d3103efad3c66479330e8a5da941c9c38bf21bc0770e3fd56cafa19ad6e9d51f94ed4f900062b5602653aacdcc956aeecfb1dd613caf918e1ca8ef2e1504c42768e77df43569d5fe4b48c237cad5285c578b26b4e47c8ce06fd2686e17eb6d5df5645d0fdde7782216be07a1135dabc3a59598bdbab249c5391832f18ac5163aa7a1a890128a4520835a53eb750604c5e328ecb3216516b3eba3f97652caeb4327da8865880a932dc8e7668666ac3b76a2a424ca37b5dfb52495710611e20790427a9f9e7ac59bb86f0fb7a17a5def347a98dd8e733b784d78d5c7f16f327a2606d4252411457465540a60b0757802f470d08337c0fe4eee5f5cfe4f296d0f7068e80828a022c95632beb7b7f802135e246b1adebebf24c821dee7205e9fe1a437b16aaa8dcb4a58b0bdbc8dbc2fce09271c27430cc9ca8141955ec5ff4228627c3816cfe1bb2c0f40f6a61e8bfa4e2dd744e41ed80b83e9aef77119f4b062b98e86690711e83e795bafa7a8db16f241cee76aa01ff749100c113fda966aa8c83ebe975f760c18e3864065a5de6e8028a9e3199f4acff11e14bb13bc50faf97fdeab46edc371e55cab78841a2de17ca116b0183ac38b658c57a64ab11bb0de071c971a7a5175ad0bac6ac1d1118230a5412a35bd005b369df0e04e749ea93d7e56f713b9ceff580547a2a76ea4753a78b4a5cd0311024c5536b536c8ede63bac8e8b4c5851248d9098a7c6bcc3d5f209178b45aef3c1afa4ab73d8feac3e1f771626d73d85f72dc15d16bd3b7b93e622626f6f3d96b4425d328236cf1579f1ca834a7b318b012e27b9a2dc528189cf1eb3705d90de50ce7ac0c256b7e41500113e164fb7d53c74c6f829552a5bce73eeab9a46d01551bdab18fd3a7e82b036872f1e876b12c5676f63a6ef0c6ff159788a0c2fc40f179a259c656e8aba9295e90027e74ef910ce3c56d6e2de917947410b05603b6a5052453f13e6ac058b3f621573bfe6224bad8c3a5f575e1eb774839cb554c53c9b3ad623df6c5c9627cce856f9ba5847557bc9f854cbb37a936f20a733ba352ee5b343b941290a399fb862434d1b551da420053cad3bad65195cde40b345740e30e9a22619add8aedb763473b729c0649f7a1ea45325534c9b629a1fe3a54a78fe44969715182c6df5c9ecf6878380831b2996579332ac37286e72ab16824c3fc9ef8d74a7f1f5cf80fa37f6bb990db3a7a70139887a4eba0763247c58f4fe770a0496a5ef49a3ba4d62bb900644d49b5fba7e58d58af6ae50c96da346618434ed46b8f4c27cde5e8863d5b090dc117f3b16db2c4273fa84f8b06d3df436bf4a8cfa6d33d7f0e78ef422d5d7640c821398c9adf4d6ccb1b2f7cd0e497023cfdd6b5bb9ad6a29edb8b78fb3322414cad1458eb12699853acb165076db7088f518386380850c111cbe74034ddbfe217db714325ebc4d6b46eba640cf125b87eed0832077ab775e475e431079756b3da6f9bb3c861ce7eabf6adf70b76eb9642a1bab3d7afef2d7b40c8a19b98123ad7449c1039c494e73bc91a86e8e92c39a9482cf60605b9e5c209262c4fcfde76ee370bd6a78253b64c5cbb19a11b34c5a9ccf634c52751277268cd97e795b43867af5a4db51bd631ac547906fd52aff43eb98edacecf08f94a060902b5cb82e87ec856305005bd1150e581d9717460e31ba724da5e7ad72fa580f8509fe838dbc1bfbbf53e29688f25ca602d2de702e4411d3d133e2ab2f454f71f98efc2cd0eb468544cacf608c6689ef122009cf61e813e26b7b2b1695143fcd510f509ec2bf7205e674ba6767eaa29605c51e434c298bde0969617292e960d22b085632d241aa2a8e0f6ac6f2d56d0ed2c6bd3eca306a3224915065894480e737c7d7a11901bb7f977525cfcab652476baab0fd3b68dc59fd14ccdd6248bd5c5a0ab1dbae28a848b2d4ad0d973bb149ff4115b0436b7d145a6f8081d314039131f60dc8ed0ccf2c4971f0a59a65b3b1ef638e6d009dff793a4b7266c58f88bb117d665cae8fc6f6c2840470333bdbc8df12c6633a6ac7b664e089a85dc6d49f52459dd2df1be552194eef6027c1b45f62b97647788c3325f05609c1e02cbc9a18be72e4b502df719e4f9cb82615e3a03b5732328e552023dbfdcf91ed5ab51242e7d09a9b73674f0946976d8a8fa9288dce4d54d5820a0f0053b892685f79a6c8dbac724fce4d24a7b75e383f54ac58af3951d666a22f158637acc4f0e09e248e85f8e1439501afc0d5b7e9eab40fa737ae93482a1e29f3e327fa31d0d764c65ab976af1eb91fe08c5bc10a48b93453ad192d1d538cf93b792a70246bde99f46a78b670edea552840e08c787c928ee311f954b73d07287a59b470e38d4e624ddba8e4b21a74d7c07cc684b0ea82212129901029e74312866722dfa2dc53de3e8ddc00adc21deb7510ed15c50d139296297408da3d6beb589e7bb3f1d74e4e8dddec14b9cdf371d7f142136cdca5644d09edd97228a0abcd2e7b402c5cc68683cb980f50ca7aea8338dc5990a6ebb2d2b95a3deecc45f5a4f4e0e40a57e29f3e227c41db00e17dc962e2ea3184b5057c89974bcab651a22e588a527d7d8ec695e7ab5622c1ad3763d045a8393b7acfa04488556ac957777d1aebfc5d0e2a8150a6984d5607ac2400789d8f622c837d6a9b78fcc2d8aa872949edde53e3a99b5f5bf35bff5f0db7874ad3f172f9d8dd6cbb17a770b1482c79b9a15605cd0d89c6bae9aa6db8e886cfff8f843b99df95dde88c96202ae6ced4d539a3f70997ee7b2bdb7bbe529f9bc55b143066de8d9dcd7fa38c54094f2235e4a17ef8e910b4d48c373ce5e6fc9824ca8f115e579b002df16c591557cd6cac1363b8d8fc656075ca703a87f1efa76e4122eb7358389f659681fb49cb82215f73b284a7678b8b1528472d0cfab1980ee3d4410bdc1c31f1f798c3ca5744077e2f6cb4ca6e415f1e3afc8c00dd95d3307de5428883513f01ed19dde487e1c103619fd78583f09d02982512e0ee20a670b3b24986dcb7431f1ef3fd12e801bb2454213ff7b1962a464647eb4c8125cf2ed098160da880024a98add9b2917e133dcee7a8e25387fd5bf2b3f8fb05b2f7ed5f719b30b9cca4b1754e31d48bd2ec79e7e9c155130ea5f0876f3bb4d94ac74b209633ecb03deb8b9448e8cf4b4bcb04ffdb38ac457881f84636246a4e5e7773166129fb8b7803c6dde0ee69fd1f76f1d93b729eacc9d8dbd6e61e638a3f8de972a824936b1d869a15daaa21db04760e9110c5b7c736671d31a72fcd57a6f7424c898791cafa21a48921215a78d60a367aa7c6284a1aaa1fee0c5291bdc91bf8c032c9917fd28e68fc046ea4b17952f1abbe01af5f19e4fa99fc6a985f6264f9efbb208e6146d3465cc603ef36d3d59b5197bca1696bf5658b60cf0e0455cb1e174e52c4acb712a3ed9202a1ae334427b93305939c7f15e9e5eed09b5fc8d1e3836720d46d133841d4482ec2427d3002d95bce996b4b2d5b59b2a43970afe35517674bfdd8807931697422045f60641138fefa27865b9d477ef04847dd02d305e8f15e228522e54d1ffda6d5b26ad831146c66e6f9153ebeb0785ea75283df66816d771c7e4297c1686d06494a59046313169f2e2b4988a2758198fcb166d9d112d187a4456503e6c0bdfb390c89dcebf3cb8260a27fdebddbc6071857010ad4c59c062db35a4", 0x1f000) 912.156439ms ago: executing program 1 (id=6733): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) sigaltstack(&(0x7f0000000480)={0x0, 0x80000001}, 0x0) 890.516612ms ago: executing program 1 (id=6734): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, 0x0, 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = open(&(0x7f00000000c0)='.\x00', 0x40100, 0x44) signalfd4(r2, &(0x7f0000000000), 0x8, 0x0) 853.504025ms ago: executing program 1 (id=6735): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cgroup.controllers\x00', 0x275a, 0x0) sendfile(0xffffffffffffffff, r2, 0x0, 0x10000a007) 852.632706ms ago: executing program 1 (id=6736): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) futex_waitv(&(0x7f00000047c0)=[{0x5, 0x0, 0x82}], 0x1, 0x0, 0x0, 0x1) 808.91264ms ago: executing program 1 (id=6737): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x4]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000004380), 0x1814800, &(0x7f0000000140)=ANY=[@ANYBLOB='tran', @ANYRESHEX]) 808.26643ms ago: executing program 1 (id=6738): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2) ioctl$KVM_X86_SET_MCE(r4, 0x4040ae9e, &(0x7f0000000000)={0xe080000000000000, 0xeeef0000, 0x3, 0x0, 0xd}) sendto(0xffffffffffffffff, 0x0, 0x0, 0x800, 0x0, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2000, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mount$overlay(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x8000, &(0x7f0000000100)={[{@redirect_dir_off}]}) r5 = socket$packet(0x11, 0x3, 0x300) r6 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x800000001fe, 0x82) r7 = dup(r6) r8 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000000), 0x167342, 0x0) r9 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x2001) ioctl$LOOP_CONFIGURE(r9, 0x4c0a, &(0x7f00000002c0)={r8, 0x1007ff, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe908598948224ad54afac11d875397bdb27d3d458dd4992861ac0000b180a7b700", "f4bd000000801900", [0x0, 0x3]}}) rt_sigsuspend(&(0x7f00000001c0)={[0x53f52add]}, 0x8) ioctl$LOOP_SET_DIRECT_IO(r8, 0x4c08, 0xc) ioctl$USBDEVFS_CONTROL(r7, 0xc0185500, &(0x7f0000000080)={0x23, 0x1, 0x8, 0x81, 0x0, 0x7, 0x0}) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000080)={'team_slave_0\x00', &(0x7f0000000140)=@ethtool_gstrings={0x1b, 0x5}}) timer_create(0x9, 0x0, &(0x7f0000002c40)) mkdirat(r1, &(0x7f0000000200)='./file0\x00', 0xa4) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) ioctl$AUTOFS_IOC_ASKUMOUNT(r5, 0x80049370, &(0x7f0000000040)) sendto$packet(r5, 0x0, 0x0, 0x0, &(0x7f0000000140), 0x14) 766.226014ms ago: executing program 0 (id=6740): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000400)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8, @ANYRES64=r0, @ANYRESOCT=r1], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_DELETE(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000180)=ANY=[@ANYBLOB="e40000000201010800000000000000000a000000d00001800c000280050001000000000014000180080001000000000008000200000000002c000180140003"], 0xe4}}, 0x0) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r3 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_NO_ENOBUFS(r3, 0x10e, 0xc, &(0x7f0000000040)=0x7f, 0x4) sendmsg$netlink(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000180)=ANY=[@ANYBLOB="1c0000005a00010d000009000000000004000080080004"], 0x1c}], 0x1}, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) chroot(&(0x7f0000000000)='./file0\x00') getcwd(0x0, 0x0) write$UHID_CREATE2(r5, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r5, @ANYRES64=r4], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r5, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1f, 0x526d630517582f24, 0x23}) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r6 = syz_open_dev$evdev(&(0x7f0000001f80), 0x34, 0x181002) write$evdev(r6, &(0x7f0000002000)=[{{0x0, 0xea60}, 0x11, 0x6, 0x8}], 0x18) openat$cgroup_ro(r5, 0x0, 0x0, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_usb_connect$cdc_ncm(0x4, 0x7d, &(0x7f00000000c0)={{0x12, 0x1, 0x310, 0x2, 0x0, 0x0, 0x10, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x6b, 0x2, 0x1, 0x4, 0xd0, 0xf3, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5, 0x24, 0x0, 0x7}, {0xd, 0x24, 0xf, 0x1, 0x1, 0x8, 0x400, 0x10}, {0x6, 0x24, 0x1a, 0xc1, 0x11}, [@acm={0x4, 0x24, 0x2, 0xc}, @acm={0x4, 0x24, 0x2, 0x1}, @dmm={0x7, 0x24, 0x14, 0x8ed, 0x35}]}, {{0x9, 0x5, 0x81, 0x3, 0x40, 0xc8, 0x37, 0x3}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x8, 0xf9, 0x7, 0x3}}, {{0x9, 0x5, 0x3, 0x2, 0x10, 0x5f, 0x2, 0x5}}}}}}}]}}, &(0x7f0000000240)={0xa, &(0x7f00000001c0)={0xa, 0x6, 0x201, 0xa4, 0x5, 0x4, 0x10, 0x3}, 0x2c, &(0x7f0000000200)={0x5, 0xf, 0x2c, 0x3, [@generic={0x10, 0x10, 0xb, "c1249b73dec864cd60cddd9315"}, @ptm_cap={0x3}, @ss_container_id={0x14, 0x10, 0x4, 0x81, "8cf6a0c40a2d02abf1a014f98aad2f75"}]}, 0x1, [{0x6e, &(0x7f0000000380)=ANY=[@ANYBLOB="6e031c16e75b9ede8faa9381d1c1021badc479f8b1ea0dc85008f0b5059043b80b931a37c245b10e17cff688444496e288d83d533c2a76b717e707f5de7e4d81fbdcdc9643ba73f52d52596a0fc0d86de62353ca4e0cf73f96a6454043af00"/110]}]}) sendmsg$NFC_CMD_GET_TARGET(r7, 0x0, 0xd4) syz_genetlink_get_family_id$nfc(&(0x7f0000000140), r7) 521.654529ms ago: executing program 5 (id=6750): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='pids.events\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x47f2, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r2, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) timer_settime(0x0, 0x1, &(0x7f0000000200), &(0x7f0000000240)) 521.237698ms ago: executing program 5 (id=6751): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, 0x0, 0x0, 0x4) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[], 0x2c}}, 0x8044040) r2 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x40300, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x0, 0x2, 0x0, 0x4002004c8, 0x1004, 0x45c5, 0xc595, 0x7, 0x2, 0xffffffffffffffff, 0x0, 0x80000004000000, 0x200000000c], 0x80a0000, 0x2010d3}) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000000f478ef8ed"]) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) 455.579405ms ago: executing program 5 (id=6752): rt_sigaction(0xd, &(0x7f0000000180)={0x0, 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='pids.events\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)) 408.5519ms ago: executing program 5 (id=6753): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='pids.events\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000) r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) ioctl$SIOCSIFHWADDR(r2, 0x40305839, &(0x7f0000000540)={'veth0_virt_wifi\x00', @link_local={0x1, 0x80, 0xc2, 0x5}}) 408.41509ms ago: executing program 5 (id=6754): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32=r0, @ANYRES8, @ANYRES8=r1], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = add_key$fscrypt_v1(&(0x7f0000000400), &(0x7f0000000440)={'fscrypt:', @desc2}, &(0x7f00000002c0)={0x0, "6035ae1e0fe721441705322225930e6c1e3e2a51a92fd780bc34d7cf6e0236805b4377f7ab1a9b01c103a4c6a7ef54e6763fd7264c39ea00c508ba6062696138", 0x18}, 0x48, 0xfffffffffffffffe) keyctl$KEYCTL_MOVE(0x4, r2, 0x0, 0x0, 0x0) 408.25463ms ago: executing program 5 (id=6755): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r2, 0x107, 0x12, 0x0, 0x0) 277.441093ms ago: executing program 0 (id=6756): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) sigaltstack(&(0x7f0000000480)={0x0, 0x80000001}, 0x0) 176.160493ms ago: executing program 4 (id=6757): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x0, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32=r0, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) signalfd4(0xffffffffffffffff, &(0x7f0000000000), 0x8, 0x0) 150.245845ms ago: executing program 0 (id=6758): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2, 0x10406) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) syz_io_uring_setup(0x2421, &(0x7f0000000380)={0x0, 0x0, 0x13090}, 0x0, 0x0) ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0) write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15) r4 = dup(r3) write$FUSE_BMAP(r4, &(0x7f0000000000)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r4, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0) write$FUSE_GETXATTR(r4, &(0x7f00000004c0)={0x18}, 0x18) write$FUSE_DIRENT(r4, &(0x7f0000000200)=ANY=[@ANYBLOB, @ANYRES64], 0x30) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080), 0x10000, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_fscache}]}}) openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) socket$inet6_tcp(0xa, 0x1, 0x0) mmap(&(0x7f0000002000/0x1000)=nil, 0x1000, 0x2000000, 0x10, r4, 0x8a48b000) 106.8952ms ago: executing program 4 (id=6759): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='pids.events\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000) timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)) 106.57447ms ago: executing program 4 (id=6760): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, 0x0, 0x0, 0x4) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[], 0x2c}}, 0x8044040) r2 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x40300, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x0, 0x2, 0x0, 0x4002004c8, 0x1004, 0x45c5, 0xc595, 0x7, 0x2, 0xffffffffffffffff, 0x0, 0x80000004000000, 0x200000000c], 0x80a0000, 0x2010d3}) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000000f478ef8ed"]) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) 106.26475ms ago: executing program 0 (id=6761): rt_sigaction(0xd, &(0x7f0000000180)={0x0, 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='pids.events\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)) 362.971µs ago: executing program 0 (id=6762): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x7}, 0x4) setsockopt$packet_int(r2, 0x107, 0x16, 0x0, 0x0) 0s ago: executing program 0 (id=6763): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='pids.events\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000) r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) ioctl$SIOCSIFHWADDR(r2, 0x40305839, &(0x7f0000000540)={'veth0_virt_wifi\x00', @link_local={0x1, 0x80, 0xc2, 0x5}}) kernel console output (not intermixed with test programs): 368][ T323] usb 5-1: SerialNumber: syz [ 211.802599][ T9] rndis_host 6-1:0.109: More than one union descriptor, skipping ... [ 211.831066][ T9] usb 6-1: bad CDC descriptors [ 211.838539][ T9] cdc_acm 6-1:0.109: More than one union descriptor, skipping ... [ 211.853688][ T9] usb 6-1: USB disconnect, device number 8 [ 211.874099][ T323] usb 5-1: USB disconnect, device number 12 [ 211.905693][T11207] 9pnet_fd: Insufficient options for proto=fd [ 211.968941][T11217] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=56 sclass=netlink_route_socket pid=11217 comm=syz.0.4982 [ 211.996492][T11217] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=11217 comm=syz.0.4982 [ 212.024312][T11217] wireguard: wg2: Could not create IPv4 socket [ 212.129770][T11233] 9pnet_fd: Insufficient options for proto=fd [ 212.221230][T11244] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=56 sclass=netlink_route_socket pid=11244 comm=syz.0.4995 [ 212.234702][T11244] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=11244 comm=syz.0.4995 [ 212.248524][T11244] wireguard: wg2: Could not create IPv4 socket [ 212.407063][T11261] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=56 sclass=netlink_route_socket pid=11261 comm=syz.0.5004 [ 212.420428][T11261] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=11261 comm=syz.0.5004 [ 212.434432][T11261] wireguard: wg2: Could not create IPv4 socket [ 212.854920][ T332] usb 2-1: new high-speed USB device number 18 using dummy_hcd [ 212.888898][T11279] 9pnet_fd: Insufficient options for proto=fd [ 212.965142][T11281] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=56 sclass=netlink_route_socket pid=11281 comm=syz.5.5014 [ 213.006776][T11281] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=11281 comm=syz.5.5014 [ 213.025699][T11281] wireguard: wg2: Could not create IPv4 socket [ 213.029835][ T332] usb 2-1: Using ep0 maxpacket: 32 [ 213.045866][ T332] usb 2-1: config 8 has an invalid interface number: 203 but max is 0 [ 213.064253][ T332] usb 2-1: config 8 has no interface number 0 [ 213.072529][ T332] usb 2-1: config 8 interface 203 has no altsetting 0 [ 213.086363][ T332] usb 2-1: New USB device found, idVendor=054c, idProduct=06c3, bcdDevice=eb.7a [ 213.108759][ T332] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 213.119396][ T332] usb 2-1: Product: syz [ 213.123846][ T332] usb 2-1: Manufacturer: syz [ 213.129084][ T332] usb 2-1: SerialNumber: syz [ 213.192890][T11291] 9pnet_fd: Insufficient options for proto=fd [ 213.231995][T11295] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=56 sclass=netlink_route_socket pid=11295 comm=syz.4.5021 [ 213.245521][T11295] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=11295 comm=syz.4.5021 [ 213.259092][T11295] wireguard: wg2: Could not create IPv4 socket [ 213.345138][ T332] usb 2-1: USB disconnect, device number 18 [ 213.397134][T11311] overlayfs: cannot append lower layer [ 213.760740][T11318] netlink: 'syz.5.5030': attribute type 12 has an invalid length. [ 213.769293][T11318] netlink: 92 bytes leftover after parsing attributes in process `syz.5.5030'. [ 213.779545][T11318] overlayfs: cannot append lower layer [ 213.957549][T11336] FAULT_INJECTION: forcing a failure. [ 213.957549][T11336] name failslab, interval 1, probability 0, space 0, times 0 [ 213.970265][T11336] CPU: 1 UID: 0 PID: 11336 Comm: syz.1.5039 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 213.970303][T11336] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 213.970318][T11336] Call Trace: [ 213.970326][T11336] [ 213.970335][T11336] __dump_stack+0x21/0x30 [ 213.970372][T11336] dump_stack_lvl+0x10c/0x190 [ 213.970404][T11336] ? __cfi_dump_stack_lvl+0x10/0x10 [ 213.970437][T11336] dump_stack+0x19/0x20 [ 213.970465][T11336] should_fail_ex+0x3d9/0x530 [ 213.970489][T11336] should_failslab+0xac/0x100 [ 213.970516][T11336] __kmalloc_cache_noprof+0x41/0x490 [ 213.970539][T11336] ? tls_init+0x135/0x7e0 [ 213.970561][T11336] ? __cfi_lock_sock_nested+0x10/0x10 [ 213.970586][T11336] tls_init+0x135/0x7e0 [ 213.970608][T11336] tcp_set_ulp+0x298/0x320 [ 213.970630][T11336] do_tcp_setsockopt+0x404/0x1f60 [ 213.970665][T11336] ? __cfi_do_tcp_setsockopt+0x10/0x10 [ 213.970700][T11336] ? selinux_socket_setsockopt+0x2ea/0x390 [ 213.970745][T11336] ? __cfi_selinux_socket_setsockopt+0x10/0x10 [ 213.970784][T11336] tcp_setsockopt+0x58/0x110 [ 213.970805][T11336] sock_common_setsockopt+0xb5/0xd0 [ 213.970847][T11336] ? __cfi_sock_common_setsockopt+0x10/0x10 [ 213.970875][T11336] do_sock_setsockopt+0x26d/0x400 [ 213.970909][T11336] ? __cfi_do_sock_setsockopt+0x10/0x10 [ 213.970945][T11336] __x64_sys_setsockopt+0x1b8/0x250 [ 213.970980][T11336] x64_sys_call+0x2adc/0x2ee0 [ 213.971015][T11336] do_syscall_64+0x58/0xf0 [ 213.971045][T11336] ? clear_bhb_loop+0x50/0xa0 [ 213.971071][T11336] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 213.971096][T11336] RIP: 0033:0x7f4c2838f6c9 [ 213.971116][T11336] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 213.971136][T11336] RSP: 002b:00007f4c2926f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 213.971163][T11336] RAX: ffffffffffffffda RBX: 00007f4c285e5fa0 RCX: 00007f4c2838f6c9 [ 213.971181][T11336] RDX: 000000000000001f RSI: 0000000000000006 RDI: 0000000000000005 [ 213.971197][T11336] RBP: 00007f4c2926f090 R08: 0000000000000004 R09: 0000000000000000 [ 213.971212][T11336] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000001 [ 213.971229][T11336] R13: 00007f4c285e6038 R14: 00007f4c285e5fa0 R15: 00007ffc0592a8f8 [ 213.971250][T11336] [ 214.206605][T11344] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem [ 214.284265][T11352] binder: Unknown parameter '`' [ 214.344933][ T10] usb 2-1: new high-speed USB device number 19 using dummy_hcd [ 214.362242][T11360] 9pnet_fd: Insufficient options for proto=fd [ 214.369111][T11358] wireguard: wg2: Could not create IPv4 socket [ 214.494910][ T10] usb 2-1: Using ep0 maxpacket: 32 [ 214.505415][ T10] usb 2-1: config 8 has an invalid interface number: 203 but max is 0 [ 214.513630][ T10] usb 2-1: config 8 has no interface number 0 [ 214.526308][ T10] usb 2-1: config 8 interface 203 has no altsetting 0 [ 214.535187][ T10] usb 2-1: New USB device found, idVendor=054c, idProduct=06c3, bcdDevice=eb.7a [ 214.544328][ T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 214.552522][ T10] usb 2-1: Product: syz [ 214.556961][ T10] usb 2-1: Manufacturer: syz [ 214.561592][ T10] usb 2-1: SerialNumber: syz [ 214.568647][ T36] audit: type=1400 audit(1762984358.910:429): avc: denied { sqpoll } for pid=11373 comm="syz.5.5057" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 214.641565][T11379] 9pnet_fd: Insufficient options for proto=fd [ 214.813973][ T10] usb 2-1: USB disconnect, device number 19 [ 215.292227][T11398] 9pnet_fd: Insufficient options for proto=fd [ 215.441726][T11419] FAULT_INJECTION: forcing a failure. [ 215.441726][T11419] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 215.457659][T11419] CPU: 0 UID: 0 PID: 11419 Comm: syz.4.5080 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 215.457693][T11419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 215.457708][T11419] Call Trace: [ 215.457715][T11419] [ 215.457724][T11419] __dump_stack+0x21/0x30 [ 215.457758][T11419] dump_stack_lvl+0x10c/0x190 [ 215.457788][T11419] ? __cfi_dump_stack_lvl+0x10/0x10 [ 215.457820][T11419] dump_stack+0x19/0x20 [ 215.457849][T11419] should_fail_ex+0x3d9/0x530 [ 215.457873][T11419] should_fail+0xf/0x20 [ 215.457894][T11419] should_fail_usercopy+0x1e/0x30 [ 215.457919][T11419] strncpy_from_user+0x28/0x270 [ 215.457944][T11419] getname_flags+0x102/0x710 [ 215.457967][T11419] ? build_open_flags+0x487/0x600 [ 215.457999][T11419] getname+0x1b/0x30 [ 215.458021][T11419] do_sys_openat2+0xcb/0x1c0 [ 215.458050][T11419] ? fput+0x1a5/0x240 [ 215.458078][T11419] ? do_sys_open+0x100/0x100 [ 215.458108][T11419] ? ksys_write+0x1ef/0x250 [ 215.458129][T11419] ? __cfi_ksys_write+0x10/0x10 [ 215.458152][T11419] __x64_sys_open+0x120/0x150 [ 215.458183][T11419] x64_sys_call+0x131a/0x2ee0 [ 215.458217][T11419] do_syscall_64+0x58/0xf0 [ 215.458247][T11419] ? clear_bhb_loop+0x50/0xa0 [ 215.458272][T11419] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 215.458296][T11419] RIP: 0033:0x7f3741d8f6c9 [ 215.458316][T11419] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 215.458337][T11419] RSP: 002b:00007f3742c8a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 215.458385][T11419] RAX: ffffffffffffffda RBX: 00007f3741fe5fa0 RCX: 00007f3741d8f6c9 [ 215.458404][T11419] RDX: 0000000000000000 RSI: 0000000000060840 RDI: 00002000009e1000 [ 215.458420][T11419] RBP: 00007f3742c8a090 R08: 0000000000000000 R09: 0000000000000000 [ 215.458436][T11419] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 215.458451][T11419] R13: 00007f3741fe6038 R14: 00007f3741fe5fa0 R15: 00007ffe1b2177f8 [ 215.458472][T11419] [ 215.731885][T11446] FAULT_INJECTION: forcing a failure. [ 215.731885][T11446] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 215.748456][T11446] CPU: 1 UID: 0 PID: 11446 Comm: syz.0.5091 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 215.748508][T11446] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 215.748523][T11446] Call Trace: [ 215.748532][T11446] [ 215.748542][T11446] __dump_stack+0x21/0x30 [ 215.748579][T11446] dump_stack_lvl+0x10c/0x190 [ 215.748611][T11446] ? __cfi_dump_stack_lvl+0x10/0x10 [ 215.748643][T11446] ? check_stack_object+0x12c/0x140 [ 215.748666][T11446] dump_stack+0x19/0x20 [ 215.748695][T11446] should_fail_ex+0x3d9/0x530 [ 215.748721][T11446] should_fail+0xf/0x20 [ 215.748742][T11446] should_fail_usercopy+0x1e/0x30 [ 215.748767][T11446] _copy_to_user+0x24/0xa0 [ 215.748796][T11446] simple_read_from_buffer+0xed/0x160 [ 215.748827][T11446] proc_fail_nth_read+0x19e/0x210 [ 215.748857][T11446] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 215.748892][T11446] ? bpf_lsm_file_permission+0xd/0x20 [ 215.748924][T11446] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 215.748955][T11446] vfs_read+0x27d/0xc70 [ 215.748975][T11446] ? ep_destroy_wakeup_source+0x70/0x70 [ 215.749007][T11446] ? __cfi_vfs_read+0x10/0x10 [ 215.749027][T11446] ? __kasan_check_write+0x18/0x20 [ 215.749061][T11446] ? mutex_lock+0x92/0x1c0 [ 215.749083][T11446] ? __cfi_mutex_lock+0x10/0x10 [ 215.749104][T11446] ? __fget_files+0x2c5/0x340 [ 215.749131][T11446] ksys_read+0x141/0x250 [ 215.749152][T11446] ? __cfi_ksys_read+0x10/0x10 [ 215.749174][T11446] ? __kasan_check_read+0x15/0x20 [ 215.749208][T11446] __x64_sys_read+0x7f/0x90 [ 215.749229][T11446] x64_sys_call+0x2638/0x2ee0 [ 215.749259][T11446] do_syscall_64+0x58/0xf0 [ 215.749284][T11446] ? clear_bhb_loop+0x50/0xa0 [ 215.749309][T11446] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 215.749333][T11446] RIP: 0033:0x7fb4f6b8e0dc [ 215.749353][T11446] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 215.749373][T11446] RSP: 002b:00007fb4f794d030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 215.749399][T11446] RAX: ffffffffffffffda RBX: 00007fb4f6de5fa0 RCX: 00007fb4f6b8e0dc [ 215.749418][T11446] RDX: 000000000000000f RSI: 00007fb4f794d0a0 RDI: 0000000000000005 [ 215.749434][T11446] RBP: 00007fb4f794d090 R08: 0000000000000000 R09: 0000000000000000 [ 215.749450][T11446] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000001 [ 215.749464][T11446] R13: 00007fb4f6de6038 R14: 00007fb4f6de5fa0 R15: 00007ffc963df818 [ 215.749494][T11446] [ 216.016446][T11451] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5093'. [ 216.204353][T11464] wireguard: wg2: Could not create IPv4 socket [ 216.354730][T11476] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5105'. [ 216.411603][ T36] audit: type=1400 audit(1762984360.706:430): avc: denied { setopt } for pid=11483 comm="syz.4.5108" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 216.534039][T11505] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5116'. [ 216.673775][T11527] 9pnet_fd: Insufficient options for proto=fd [ 216.779102][ T332] usb 2-1: new high-speed USB device number 20 using dummy_hcd [ 216.839847][T11548] 9pnet_fd: Insufficient options for proto=fd [ 216.943608][ T332] usb 2-1: Using ep0 maxpacket: 32 [ 216.952037][ T332] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 216.963877][ T332] usb 2-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 216.972983][ T332] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 216.981011][ T332] usb 2-1: Product: syz [ 216.985303][ T332] usb 2-1: Manufacturer: syz [ 216.989953][ T332] usb 2-1: SerialNumber: syz [ 216.995631][ T332] usb 2-1: config 0 descriptor?? [ 217.001407][ T332] smsc75xx v1.0.0 [ 217.005075][ T332] smsc75xx 2-1:0.0 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22 [ 217.015690][ T332] smsc75xx 2-1:0.0: probe with driver smsc75xx failed with error -22 [ 217.190431][ T45] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 217.342903][T11575] selinux_netlink_send: 4 callbacks suppressed [ 217.342917][T11575] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=56 sclass=netlink_route_socket pid=11575 comm=syz.4.5149 [ 217.344631][ T45] usb 1-1: Using ep0 maxpacket: 8 [ 217.354458][T11575] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=11575 comm=syz.4.5149 [ 217.362964][ T45] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 217.368779][T11575] wireguard: wg2: Could not create IPv4 socket [ 217.379653][ T45] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 217.404778][ T45] usb 1-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0x76, changing to 0x6 [ 217.416377][ T45] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x6 has an invalid bInterval 100, changing to 10 [ 217.427776][ T45] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 24936, setting to 1024 [ 217.438884][ T45] usb 1-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 217.448028][ T45] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 217.458745][ T45] hub 1-1:1.0: bad descriptor, ignoring hub [ 217.464686][ T45] hub 1-1:1.0: probe with driver hub failed with error -5 [ 217.472100][ T45] cdc_wdm 1-1:1.0: skipping garbage [ 217.477377][ T45] cdc_wdm 1-1:1.0: skipping garbage [ 217.482681][ T45] cdc_wdm 1-1:1.0: probe with driver cdc_wdm failed with error -22 [ 217.482983][T11577] FAULT_INJECTION: forcing a failure. [ 217.482983][T11577] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 217.503709][T11577] CPU: 0 UID: 0 PID: 11577 Comm: syz.4.5150 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 217.503740][T11577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 217.503755][T11577] Call Trace: [ 217.503763][T11577] [ 217.503771][T11577] __dump_stack+0x21/0x30 [ 217.503808][T11577] dump_stack_lvl+0x10c/0x190 [ 217.503836][T11577] ? __cfi_dump_stack_lvl+0x10/0x10 [ 217.503869][T11577] ? check_stack_object+0x82/0x140 [ 217.503892][T11577] dump_stack+0x19/0x20 [ 217.503922][T11577] should_fail_ex+0x3d9/0x530 [ 217.503943][T11577] should_fail+0xf/0x20 [ 217.503958][T11577] should_fail_usercopy+0x1e/0x30 [ 217.503976][T11577] _copy_from_user+0x22/0xb0 [ 217.503997][T11577] memdup_user+0x81/0x180 [ 217.504020][T11577] ? strndup_user+0x40/0xd0 [ 217.504044][T11577] strndup_user+0x6c/0xd0 [ 217.504068][T11577] __se_sys_mount+0x9f/0x480 [ 217.504083][T11577] ? ksys_write+0x1ef/0x250 [ 217.504099][T11577] ? __x64_sys_mount+0xf0/0xf0 [ 217.504116][T11577] __x64_sys_mount+0xc3/0xf0 [ 217.504132][T11577] x64_sys_call+0x2021/0x2ee0 [ 217.504155][T11577] do_syscall_64+0x58/0xf0 [ 217.504175][T11577] ? clear_bhb_loop+0x50/0xa0 [ 217.504194][T11577] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 217.504211][T11577] RIP: 0033:0x7f3741d8f6c9 [ 217.504225][T11577] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 217.504239][T11577] RSP: 002b:00007f3742c8a038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 217.504257][T11577] RAX: ffffffffffffffda RBX: 00007f3741fe5fa0 RCX: 00007f3741d8f6c9 [ 217.504270][T11577] RDX: 00002000000000c0 RSI: 0000200000000180 RDI: 0000000000000000 [ 217.504282][T11577] RBP: 00007f3742c8a090 R08: 0000200000000300 R09: 0000000000000000 [ 217.504293][T11577] R10: 0000000000000c00 R11: 0000000000000246 R12: 0000000000000001 [ 217.504303][T11577] R13: 00007f3741fe6038 R14: 00007f3741fe5fa0 R15: 00007ffe1b2177f8 [ 217.504317][T11577] [ 217.705683][ T36] audit: type=1400 audit(1762984361.921:431): avc: denied { setopt } for pid=11569 comm="syz.0.5147" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 217.725696][ T36] audit: type=1400 audit(1762984361.921:432): avc: denied { write } for pid=11569 comm="syz.0.5147" path="socket:[57228]" dev="sockfs" ino=57228 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 217.858716][ T45] usb 1-1: USB disconnect, device number 7 [ 217.955101][T11602] rust_binder: BINDER_SET_CONTEXT_MGR already set [ 218.196425][T11623] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=56 sclass=netlink_route_socket pid=11623 comm=syz.5.5170 [ 218.216557][T11623] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=11623 comm=syz.5.5170 [ 218.230342][T11623] wireguard: wg2: Could not create IPv4 socket [ 218.618124][ T9] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 218.700247][ T45] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 218.772091][ T9] usb 1-1: Using ep0 maxpacket: 16 [ 218.778745][ T9] usb 1-1: config 0 has an invalid interface number: 109 but max is 0 [ 218.787000][ T36] audit: type=1400 audit(1762984363.012:433): avc: denied { create } for pid=11645 comm="syz.4.5181" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_dnrt_socket permissive=1 [ 218.807499][ T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 218.817885][ T9] usb 1-1: config 0 has no interface number 0 [ 218.826624][ T9] usb 1-1: New USB device found, idVendor=0421, idProduct=0094, bcdDevice=28.8e [ 218.835727][ T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 218.843739][ T9] usb 1-1: Product: syz [ 218.847961][ T9] usb 1-1: Manufacturer: syz [ 218.852576][ T9] usb 1-1: SerialNumber: syz [ 218.854054][ T45] usb 6-1: Using ep0 maxpacket: 32 [ 218.862718][ T9] usb 1-1: config 0 descriptor?? [ 218.868881][ T45] usb 6-1: config 8 has an invalid interface number: 203 but max is 0 [ 218.877575][T11653] FAULT_INJECTION: forcing a failure. [ 218.877575][T11653] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 218.877642][ T45] usb 6-1: config 8 has no interface number 0 [ 218.891736][ T45] usb 6-1: config 8 interface 203 has no altsetting 0 [ 218.897308][T11653] CPU: 0 UID: 0 PID: 11653 Comm: syz.4.5184 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 218.897348][T11653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 218.897366][T11653] Call Trace: [ 218.897381][T11653] [ 218.897391][T11653] __dump_stack+0x21/0x30 [ 218.897434][T11653] dump_stack_lvl+0x10c/0x190 [ 218.897468][T11653] ? __cfi_dump_stack_lvl+0x10/0x10 [ 218.897507][T11653] dump_stack+0x19/0x20 [ 218.897538][T11653] should_fail_ex+0x3d9/0x530 [ 218.897566][T11653] should_fail_alloc_page+0xeb/0x110 [ 218.897599][T11653] __alloc_pages_noprof+0x19b/0x7b0 [ 218.897635][T11653] ? is_bpf_text_address+0x17b/0x1a0 [ 218.897663][T11653] ? __cfi___alloc_pages_noprof+0x10/0x10 [ 218.897700][T11653] ? kernel_text_address+0xa9/0xe0 [ 218.897734][T11653] ? arch_stack_walk+0x10b/0x170 [ 218.897760][T11653] pte_alloc_one+0x97/0x520 [ 218.897784][T11653] ? __cfi_pte_alloc_one+0x10/0x10 [ 218.897808][T11653] ? stack_depot_save_flags+0x38/0x800 [ 218.897839][T11653] __pte_alloc+0x79/0x420 [ 218.897862][T11653] ? __reset_page_owner+0x450/0x450 [ 218.897891][T11653] ? zone_page_state_add+0x43/0x90 [ 218.897922][T11653] ? __cfi___pte_alloc+0x10/0x10 [ 218.897943][T11653] ? __alloc_pages_noprof+0x31f/0x7b0 [ 218.897978][T11653] ? ___kmalloc_large_node+0x81/0x220 [ 218.898003][T11653] ? __kmalloc_large_node_noprof+0x1e/0xe0 [ 218.898027][T11653] ? __kasan_check_write+0x18/0x20 [ 218.898075][T11653] do_pte_missing+0x1f98/0x4240 [ 218.898107][T11653] ? __kasan_check_write+0x18/0x20 [ 218.898146][T11653] ? _raw_spin_lock+0x8c/0x120 [ 218.898179][T11653] ? __cfi__raw_spin_lock+0x10/0x10 [ 218.898211][T11653] ? __cfi___set_page_owner+0x10/0x10 [ 218.898241][T11653] ? pte_marker_clear+0x1b0/0x1b0 [ 218.898275][T11653] ? __pte_offset_map_lock+0x2bc/0x340 [ 218.898317][T11653] handle_mm_fault+0x1166/0x1b90 [ 218.898351][T11653] ? __cfi_handle_mm_fault+0x10/0x10 [ 218.898380][T11653] ? kernel_text_address+0xa9/0xe0 [ 218.898415][T11653] ? __cfi_find_vma+0x10/0x10 [ 218.898439][T11653] ? vma_is_secretmem+0x11/0x50 [ 218.898475][T11653] __get_user_pages+0x1169/0x22d0 [ 218.898513][T11653] ? populate_vma_page_range+0x230/0x230 [ 218.898548][T11653] __gup_longterm_locked+0xcb1/0x1580 [ 218.898583][T11653] ? __kasan_check_write+0x18/0x20 [ 218.898623][T11653] ? rwsem_read_trylock+0x2b1/0x660 [ 218.898662][T11653] pin_user_pages_remote+0x171/0x220 [ 218.898698][T11653] ? __cfi_pin_user_pages_remote+0x10/0x10 [ 218.898735][T11653] ? up_read+0x26/0x1d0 [ 218.898764][T11653] ? mm_access+0x18d/0x210 [ 218.898793][T11653] process_vm_rw+0x5d4/0xbb0 [ 218.898825][T11653] ? __ia32_sys_process_vm_writev+0x110/0x110 [ 218.898855][T11653] ? proc_fail_nth_write+0x17e/0x210 [ 218.898894][T11653] ? vfs_write+0x93e/0xf30 [ 218.898919][T11653] ? __kasan_check_write+0x18/0x20 [ 218.898960][T11653] ? __kasan_check_write+0x18/0x20 [ 218.898997][T11653] ? fput+0x1a5/0x240 [ 218.899030][T11653] ? __cfi_ksys_write+0x10/0x10 [ 218.899055][T11653] __x64_sys_process_vm_writev+0xeb/0x100 [ 218.899093][T11653] x64_sys_call+0x1ab/0x2ee0 [ 218.899130][T11653] do_syscall_64+0x58/0xf0 [ 218.899163][T11653] ? clear_bhb_loop+0x50/0xa0 [ 218.899192][T11653] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 218.899219][T11653] RIP: 0033:0x7f3741d8f6c9 [ 218.899240][T11653] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 218.899263][T11653] RSP: 002b:00007f3742c8a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 218.899292][T11653] RAX: ffffffffffffffda RBX: 00007f3741fe5fa0 RCX: 00007f3741d8f6c9 [ 218.899313][T11653] RDX: 0000000000000001 RSI: 0000200000000000 RDI: 00000000000003dc [ 218.899331][T11653] RBP: 00007f3742c8a090 R08: 000000000000023a R09: 0000000000000000 [ 218.899349][T11653] R10: 0000200000121000 R11: 0000000000000246 R12: 0000000000000001 [ 218.899367][T11653] R13: 00007f3741fe6038 R14: 00007f3741fe5fa0 R15: 00007ffe1b2177f8 [ 218.899391][T11653] [ 219.138947][T11662] Invalid ELF header len 1 [ 219.142819][ T45] usb 6-1: New USB device found, idVendor=054c, idProduct=06c3, bcdDevice=eb.7a [ 219.304084][ T45] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 219.312141][ T45] usb 6-1: Product: syz [ 219.316860][ T45] usb 6-1: Manufacturer: syz [ 219.321473][ T45] usb 6-1: SerialNumber: syz [ 219.536730][ T45] usb 6-1: USB disconnect, device number 9 [ 219.626973][ T323] usb 2-1: USB disconnect, device number 20 [ 219.820241][T11678] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:358 [ 219.912477][T11692] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5203'. [ 219.944221][ T36] audit: type=1326 audit(1762984364.144:434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11693 comm="syz.4.5204" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3741d8f6c9 code=0x0 [ 219.996116][ T36] audit: type=1400 audit(1762984364.193:435): avc: denied { getopt } for pid=11697 comm="syz.1.5206" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 220.265946][T11714] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=56 sclass=netlink_route_socket pid=11714 comm=syz.1.5212 [ 220.279466][T11714] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=11714 comm=syz.1.5212 [ 220.293273][T11714] wireguard: wg2: Could not create IPv4 socket [ 220.384114][ T36] audit: type=1400 audit(1762984364.574:436): avc: denied { load_policy } for pid=11717 comm="syz.1.5214" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1 [ 220.384164][T11718] SELinux: policydb table sizes (0,0) do not match mine (5,6) [ 220.412029][T11718] SELinux: failed to load policy [ 220.422981][ T36] audit: type=1400 audit(1762984364.614:437): avc: denied { append } for pid=11717 comm="syz.1.5214" name="rtc0" dev="devtmpfs" ino=195 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 220.433249][T11718] cgroup2: Unknown parameter 'freezer' [ 220.446202][ T36] audit: type=1400 audit(1762984364.623:438): avc: denied { ioctl } for pid=11717 comm="syz.1.5214" path="/dev/rtc0" dev="devtmpfs" ino=195 ioctlcmd=0x7009 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 221.011289][T11733] rust_binder: Write failure EFAULT in pid:911 [ 221.012101][T11734] rust_binder: Write failure EFAULT in pid:911 [ 221.380651][T11749] rust_binder: Write failure EFAULT in pid:397 [ 221.423818][ T9] rndis_host 1-1:0.109: More than one union descriptor, skipping ... [ 221.443541][ T9] usb 1-1: bad CDC descriptors [ 221.448603][ T9] cdc_acm 1-1:0.109: More than one union descriptor, skipping ... [ 221.473487][ T9] usb 1-1: USB disconnect, device number 8 [ 222.041902][T11778] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=56 sclass=netlink_route_socket pid=11778 comm=syz.4.5236 [ 222.091148][T11778] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=11778 comm=syz.4.5236 [ 222.094396][T11783] rust_binder: BC_REQUEST_DEATH_NOTIFICATION invalid ref 2 [ 222.129845][T11783] rust_binder: 920: no such ref 2 [ 222.145277][T11783] rust_binder: 920: no such ref 1 [ 222.260550][T11791] Bluetooth: hci0: Frame reassembly failed (-90) [ 222.274091][ T330] Bluetooth: hci0: Frame reassembly failed (-84) [ 222.558633][T11808] netlink: 'syz.1.5252': attribute type 4 has an invalid length. [ 222.589265][T11813] FAULT_INJECTION: forcing a failure. [ 222.589265][T11813] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 222.602462][T11813] CPU: 1 UID: 0 PID: 11813 Comm: syz.4.5253 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 222.602497][T11813] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 222.602512][T11813] Call Trace: [ 222.602520][T11813] [ 222.602530][T11813] __dump_stack+0x21/0x30 [ 222.602565][T11813] dump_stack_lvl+0x10c/0x190 [ 222.602596][T11813] ? __cfi_dump_stack_lvl+0x10/0x10 [ 222.602626][T11813] ? unwind_get_return_address+0x51/0x90 [ 222.602653][T11813] ? __cfi_stack_trace_consume_entry+0x10/0x10 [ 222.602688][T11813] dump_stack+0x19/0x20 [ 222.602715][T11813] should_fail_ex+0x3d9/0x530 [ 222.602738][T11813] should_fail+0xf/0x20 [ 222.602758][T11813] should_fail_usercopy+0x1e/0x30 [ 222.602782][T11813] _copy_from_user+0x22/0xb0 [ 222.602809][T11813] ___sys_recvmsg+0x12f/0x510 [ 222.602831][T11813] ? __sys_recvmsg+0x280/0x280 [ 222.602851][T11813] ? __cfi_kstrtouint_from_user+0x10/0x10 [ 222.602872][T11813] ? selinux_file_permission+0x309/0xb30 [ 222.602900][T11813] ? __fget_files+0x2c5/0x340 [ 222.602926][T11813] do_recvmmsg+0x326/0x770 [ 222.602953][T11813] ? __sys_recvmmsg+0x290/0x290 [ 222.602973][T11813] ? __cfi_vfs_write+0x10/0x10 [ 222.602996][T11813] ? fput+0x1a5/0x240 [ 222.603023][T11813] __x64_sys_recvmmsg+0x191/0x240 [ 222.603044][T11813] ? __cfi___x64_sys_recvmmsg+0x10/0x10 [ 222.603065][T11813] ? __kasan_check_read+0x15/0x20 [ 222.603099][T11813] x64_sys_call+0x292c/0x2ee0 [ 222.603132][T11813] do_syscall_64+0x58/0xf0 [ 222.603160][T11813] ? clear_bhb_loop+0x50/0xa0 [ 222.603185][T11813] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 222.603209][T11813] RIP: 0033:0x7f3741d8f6c9 [ 222.603227][T11813] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 222.603246][T11813] RSP: 002b:00007f3742c8a038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 222.603270][T11813] RAX: ffffffffffffffda RBX: 00007f3741fe5fa0 RCX: 00007f3741d8f6c9 [ 222.603287][T11813] RDX: 0000000000000002 RSI: 0000200000009580 RDI: 0000000000000004 [ 222.603302][T11813] RBP: 00007f3742c8a090 R08: 0000000000000000 R09: 0000000000000000 [ 222.603317][T11813] R10: 0000002000000022 R11: 0000000000000246 R12: 0000000000000001 [ 222.603332][T11813] R13: 00007f3741fe6038 R14: 00007f3741fe5fa0 R15: 00007ffe1b2177f8 [ 222.603351][T11813] [ 222.851031][T11817] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=56 sclass=netlink_route_socket pid=11817 comm=syz.1.5255 [ 222.865818][T11817] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=11817 comm=syz.1.5255 [ 223.067267][ T36] audit: type=1400 audit(1762984367.199:439): avc: denied { listen } for pid=11829 comm="syz.1.5261" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 223.109449][ T9] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 223.269575][ T9] usb 5-1: Using ep0 maxpacket: 32 [ 223.275966][ T9] usb 5-1: config 8 has an invalid interface number: 203 but max is 0 [ 223.284394][ T9] usb 5-1: config 8 has no interface number 0 [ 223.290743][ T9] usb 5-1: config 8 interface 203 has no altsetting 0 [ 223.299111][ T9] usb 5-1: New USB device found, idVendor=054c, idProduct=06c3, bcdDevice=eb.7a [ 223.308520][ T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 223.318495][ T9] usb 5-1: Product: syz [ 223.323047][ T9] usb 5-1: Manufacturer: syz [ 223.329158][ T9] usb 5-1: SerialNumber: syz [ 223.552706][ T9] usb 5-1: USB disconnect, device number 13 [ 223.717915][ T45] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 223.871037][ T45] usb 1-1: Using ep0 maxpacket: 8 [ 223.873731][T11871] FAULT_INJECTION: forcing a failure. [ 223.873731][T11871] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 223.877321][ T45] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 223.889373][T11871] CPU: 0 UID: 0 PID: 11871 Comm: syz.1.5281 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 223.889415][T11871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 223.889433][T11871] Call Trace: [ 223.889443][T11871] [ 223.889453][T11871] __dump_stack+0x21/0x30 [ 223.889493][T11871] dump_stack_lvl+0x10c/0x190 [ 223.889528][T11871] ? __cfi_dump_stack_lvl+0x10/0x10 [ 223.889574][T11871] ? kstrtoull+0x13b/0x1e0 [ 223.889600][T11871] dump_stack+0x19/0x20 [ 223.889631][T11871] should_fail_ex+0x3d9/0x530 [ 223.889658][T11871] should_fail+0xf/0x20 [ 223.889682][T11871] should_fail_usercopy+0x1e/0x30 [ 223.889710][T11871] _copy_from_user+0x22/0xb0 [ 223.889741][T11871] ___sys_sendmsg+0x159/0x2a0 [ 223.889782][T11871] ? __sys_sendmsg+0x280/0x280 [ 223.889818][T11871] ? proc_fail_nth_write+0x17e/0x210 [ 223.889853][T11871] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 223.889897][T11871] __x64_sys_sendmsg+0x1eb/0x2c0 [ 223.889935][T11871] ? fput+0x1a5/0x240 [ 223.889967][T11871] ? __cfi___x64_sys_sendmsg+0x10/0x10 [ 223.890005][T11871] ? ksys_write+0x1ef/0x250 [ 223.890033][T11871] ? __kasan_check_read+0x15/0x20 [ 223.890074][T11871] x64_sys_call+0x2a4c/0x2ee0 [ 223.890111][T11871] do_syscall_64+0x58/0xf0 [ 223.890145][T11871] ? clear_bhb_loop+0x50/0xa0 [ 223.890174][T11871] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 223.890201][T11871] RIP: 0033:0x7f4c2838f6c9 [ 223.890222][T11871] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 223.890245][T11871] RSP: 002b:00007f4c2926f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 223.890274][T11871] RAX: ffffffffffffffda RBX: 00007f4c285e5fa0 RCX: 00007f4c2838f6c9 [ 223.890294][T11871] RDX: 0000000004000806 RSI: 0000200000000300 RDI: 0000000000000006 [ 223.890331][T11871] RBP: 00007f4c2926f090 R08: 0000000000000000 R09: 0000000000000000 [ 223.890349][T11871] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 223.890366][T11871] R13: 00007f4c285e6038 R14: 00007f4c285e5fa0 R15: 00007ffc0592a8f8 [ 223.890390][T11871] [ 224.109254][ T45] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 224.118387][ T45] usb 1-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0x76, changing to 0x6 [ 224.120085][T11886] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5288'. [ 224.129975][ T45] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x6 has an invalid bInterval 100, changing to 10 [ 224.150001][ T45] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 24936, setting to 1024 [ 224.161167][ T45] usb 1-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 224.170273][ T45] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 224.183883][ T45] hub 1-1:1.0: bad descriptor, ignoring hub [ 224.190142][ T45] hub 1-1:1.0: probe with driver hub failed with error -5 [ 224.193079][T11888] 9pnet_fd: Insufficient options for proto=fd [ 224.198243][ T45] cdc_wdm 1-1:1.0: skipping garbage [ 224.217879][ T45] cdc_wdm 1-1:1.0: skipping garbage [ 224.229912][ T45] cdc_wdm 1-1:1.0: probe with driver cdc_wdm failed with error -22 [ 224.305551][T11906] 9pnet_fd: Insufficient options for proto=fd [ 224.359375][T11792] Bluetooth: hci0: command 0x1003 tx timeout [ 224.365689][ T54] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 224.382443][T11916] FAULT_INJECTION: forcing a failure. [ 224.382443][T11916] name failslab, interval 1, probability 0, space 0, times 0 [ 224.395457][T11916] CPU: 0 UID: 0 PID: 11916 Comm: syz.5.5303 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 224.395491][T11916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 224.395507][T11916] Call Trace: [ 224.395515][T11916] [ 224.395524][T11916] __dump_stack+0x21/0x30 [ 224.395560][T11916] dump_stack_lvl+0x10c/0x190 [ 224.395591][T11916] ? __cfi_dump_stack_lvl+0x10/0x10 [ 224.395625][T11916] dump_stack+0x19/0x20 [ 224.395654][T11916] should_fail_ex+0x3d9/0x530 [ 224.395679][T11916] should_failslab+0xac/0x100 [ 224.395706][T11916] kmem_cache_alloc_lru_noprof+0x44/0x430 [ 224.395730][T11916] ? sock_alloc_inode+0x48/0x150 [ 224.395757][T11916] sock_alloc_inode+0x48/0x150 [ 224.395782][T11916] ? __cfi_sock_alloc_inode+0x10/0x10 [ 224.395815][T11916] alloc_inode+0x7a/0x270 [ 224.395843][T11916] new_inode_pseudo+0x19/0x40 [ 224.395870][T11916] do_accept+0x15a/0x6b0 [ 224.395899][T11916] ? _raw_spin_lock+0x8c/0x120 [ 224.395930][T11916] ? __cfi_do_accept+0x10/0x10 [ 224.395962][T11916] __sys_accept4+0x11e/0x1c0 [ 224.395992][T11916] ? __cfi___sys_accept4+0x10/0x10 [ 224.396022][T11916] ? __kasan_check_read+0x15/0x20 [ 224.396057][T11916] __x64_sys_accept+0x81/0xa0 [ 224.396087][T11916] x64_sys_call+0x2bcc/0x2ee0 [ 224.396122][T11916] do_syscall_64+0x58/0xf0 [ 224.396152][T11916] ? clear_bhb_loop+0x50/0xa0 [ 224.396178][T11916] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 224.396203][T11916] RIP: 0033:0x7fa48758f6c9 [ 224.396222][T11916] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 224.396243][T11916] RSP: 002b:00007fa48844e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002b [ 224.396268][T11916] RAX: ffffffffffffffda RBX: 00007fa4877e5fa0 RCX: 00007fa48758f6c9 [ 224.396287][T11916] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000005 [ 224.396302][T11916] RBP: 00007fa48844e090 R08: 0000000000000000 R09: 0000000000000000 [ 224.396318][T11916] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 224.396332][T11916] R13: 00007fa4877e6038 R14: 00007fa4877e5fa0 R15: 00007ffc687003d8 [ 224.396352][T11916] [ 224.400072][ T36] audit: type=1400 audit(1762984368.495:440): avc: denied { ioctl } for pid=11866 comm="syz.0.5279" path="socket:[59103]" dev="sockfs" ino=59103 ioctlcmd=0x8983 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 224.522183][ T9] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 224.644428][ T45] usb 1-1: USB disconnect, device number 9 [ 224.694349][T11928] 9pnet_fd: Insufficient options for proto=fd [ 224.716198][ T36] audit: type=1400 audit(1762984368.809:441): avc: denied { accept } for pid=11929 comm="syz.5.5309" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 224.796988][ T9] usb 5-1: Using ep0 maxpacket: 32 [ 224.803422][ T9] usb 5-1: config 8 has an invalid interface number: 203 but max is 0 [ 224.811675][ T9] usb 5-1: config 8 has no interface number 0 [ 224.817858][ T9] usb 5-1: config 8 interface 203 has no altsetting 0 [ 224.836223][ T9] usb 5-1: New USB device found, idVendor=054c, idProduct=06c3, bcdDevice=eb.7a [ 224.845417][ T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 224.865921][ T9] usb 5-1: Product: syz [ 224.871171][ T9] usb 5-1: Manufacturer: syz [ 224.875830][ T9] usb 5-1: SerialNumber: syz [ 224.879500][T11948] 9pnet_fd: Insufficient options for proto=fd [ 225.012506][T11965] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5325'. [ 225.023675][T11965] rust_binder: Error while translating object. [ 225.023724][T11965] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL } [ 225.029926][T11965] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:947 [ 225.096181][ T9] usb 5-1: USB disconnect, device number 14 [ 225.347528][T12005] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:370 [ 225.393911][T12009] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5345'. [ 225.540255][T12019] FAULT_INJECTION: forcing a failure. [ 225.540255][T12019] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 225.553409][T12019] CPU: 1 UID: 0 PID: 12019 Comm: syz.0.5350 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 225.553467][T12019] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 225.553482][T12019] Call Trace: [ 225.553490][T12019] [ 225.553500][T12019] __dump_stack+0x21/0x30 [ 225.553536][T12019] dump_stack_lvl+0x10c/0x190 [ 225.553570][T12019] ? __cfi_dump_stack_lvl+0x10/0x10 [ 225.553601][T12019] ? check_stack_object+0x107/0x140 [ 225.553624][T12019] dump_stack+0x19/0x20 [ 225.553652][T12019] should_fail_ex+0x3d9/0x530 [ 225.553676][T12019] should_fail+0xf/0x20 [ 225.553696][T12019] should_fail_usercopy+0x1e/0x30 [ 225.553722][T12019] _copy_from_user+0x22/0xb0 [ 225.553750][T12019] __sys_connect+0x136/0x440 [ 225.553781][T12019] ? __cfi___sys_connect+0x10/0x10 [ 225.553813][T12019] ? __kasan_check_read+0x15/0x20 [ 225.553848][T12019] __x64_sys_connect+0x7e/0x90 [ 225.553877][T12019] x64_sys_call+0x1c2f/0x2ee0 [ 225.553910][T12019] do_syscall_64+0x58/0xf0 [ 225.553938][T12019] ? clear_bhb_loop+0x50/0xa0 [ 225.553964][T12019] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 225.553987][T12019] RIP: 0033:0x7fb4f6b8f6c9 [ 225.554006][T12019] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 225.554025][T12019] RSP: 002b:00007fb4f794d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 225.554051][T12019] RAX: ffffffffffffffda RBX: 00007fb4f6de5fa0 RCX: 00007fb4f6b8f6c9 [ 225.554069][T12019] RDX: 000000000000001c RSI: 0000200000000100 RDI: 0000000000000005 [ 225.554085][T12019] RBP: 00007fb4f794d090 R08: 0000000000000000 R09: 0000000000000000 [ 225.554100][T12019] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 225.554115][T12019] R13: 00007fb4f6de6038 R14: 00007fb4f6de5fa0 R15: 00007ffc963df818 [ 225.554136][T12019] [ 225.744419][ T323] usb 2-1: new high-speed USB device number 21 using dummy_hcd [ 225.895079][ T323] usb 2-1: Using ep0 maxpacket: 16 [ 225.914617][ T323] usb 2-1: config 0 has an invalid interface number: 109 but max is 0 [ 225.933475][ T323] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 225.945416][ T323] usb 2-1: config 0 has no interface number 0 [ 225.966014][ T323] usb 2-1: New USB device found, idVendor=0421, idProduct=0094, bcdDevice=28.8e [ 225.988823][ T323] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 226.014611][ T323] usb 2-1: Product: syz [ 226.018927][ T323] usb 2-1: Manufacturer: syz [ 226.023567][ T323] usb 2-1: SerialNumber: syz [ 226.038179][ T323] usb 2-1: config 0 descriptor?? [ 226.311017][T12043] Invalid ELF header len 1 [ 226.699190][T12049] FAULT_INJECTION: forcing a failure. [ 226.699190][T12049] name failslab, interval 1, probability 0, space 0, times 0 [ 226.711969][T12049] CPU: 1 UID: 0 PID: 12049 Comm: syz.4.5364 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 226.711997][T12049] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 226.712008][T12049] Call Trace: [ 226.712014][T12049] [ 226.712021][T12049] __dump_stack+0x21/0x30 [ 226.712046][T12049] dump_stack_lvl+0x10c/0x190 [ 226.712070][T12049] ? __cfi_dump_stack_lvl+0x10/0x10 [ 226.712091][T12049] ? vfs_write+0x93e/0xf30 [ 226.712106][T12049] dump_stack+0x19/0x20 [ 226.712126][T12049] should_fail_ex+0x3d9/0x530 [ 226.712142][T12049] should_failslab+0xac/0x100 [ 226.712159][T12049] __kmalloc_cache_noprof+0x41/0x490 [ 226.712175][T12049] ? __se_sys_mount+0x15f/0x480 [ 226.712190][T12049] __se_sys_mount+0x15f/0x480 [ 226.712204][T12049] ? ksys_write+0x1ef/0x250 [ 226.712218][T12049] ? __x64_sys_mount+0xf0/0xf0 [ 226.712232][T12049] ? handle_softirqs+0x556/0x630 [ 226.712247][T12049] __x64_sys_mount+0xc3/0xf0 [ 226.712261][T12049] x64_sys_call+0x2021/0x2ee0 [ 226.712283][T12049] do_syscall_64+0x58/0xf0 [ 226.712304][T12049] ? clear_bhb_loop+0x50/0xa0 [ 226.712322][T12049] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 226.712339][T12049] RIP: 0033:0x7f3741d8f6c9 [ 226.712351][T12049] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 226.712364][T12049] RSP: 002b:00007f3742c8a038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 226.712382][T12049] RAX: ffffffffffffffda RBX: 00007f3741fe5fa0 RCX: 00007f3741d8f6c9 [ 226.712394][T12049] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000000 [ 226.712404][T12049] RBP: 00007f3742c8a090 R08: 0000200000000200 R09: 0000000000000000 [ 226.712414][T12049] R10: 0000000002010860 R11: 0000000000000246 R12: 0000000000000001 [ 226.712425][T12049] R13: 00007f3741fe6038 R14: 00007f3741fe5fa0 R15: 00007ffe1b2177f8 [ 226.712438][T12049] [ 226.938042][T12057] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5368'. [ 226.971685][ T45] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 227.123810][ T45] usb 6-1: Using ep0 maxpacket: 32 [ 227.130110][ T45] usb 6-1: config 8 has an invalid interface number: 203 but max is 0 [ 227.138350][ T45] usb 6-1: config 8 has no interface number 0 [ 227.144540][ T45] usb 6-1: config 8 interface 203 has no altsetting 0 [ 227.152905][ T45] usb 6-1: New USB device found, idVendor=054c, idProduct=06c3, bcdDevice=eb.7a [ 227.162033][ T45] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 227.170371][ T45] usb 6-1: Product: syz [ 227.174708][ T45] usb 6-1: Manufacturer: syz [ 227.179375][ T45] usb 6-1: SerialNumber: syz [ 227.342323][T12084] FAULT_INJECTION: forcing a failure. [ 227.342323][T12084] name failslab, interval 1, probability 0, space 0, times 0 [ 227.355181][T12084] CPU: 0 UID: 0 PID: 12084 Comm: syz.0.5379 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 227.355216][T12084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 227.355230][T12084] Call Trace: [ 227.355239][T12084] [ 227.355260][T12084] __dump_stack+0x21/0x30 [ 227.355295][T12084] dump_stack_lvl+0x10c/0x190 [ 227.355325][T12084] ? __cfi_dump_stack_lvl+0x10/0x10 [ 227.355358][T12084] dump_stack+0x19/0x20 [ 227.355386][T12084] should_fail_ex+0x3d9/0x530 [ 227.355410][T12084] ? pneigh_lookup+0x228/0x590 [ 227.355434][T12084] should_failslab+0xac/0x100 [ 227.355459][T12084] __kmalloc_noprof+0x69/0x530 [ 227.355480][T12084] ? pneigh_lookup+0x228/0x590 [ 227.355505][T12084] pneigh_lookup+0x228/0x590 [ 227.355543][T12084] arp_req_set+0x2ac/0x700 [ 227.355568][T12084] ? arp_req_delete+0x350/0x350 [ 227.355594][T12084] arp_ioctl+0x2dc/0x3a0 [ 227.355617][T12084] ? __cfi_arp_ioctl+0x10/0x10 [ 227.355643][T12084] inet_ioctl+0x378/0x4d0 [ 227.355672][T12084] ? __cfi_inet_ioctl+0x10/0x10 [ 227.355696][T12084] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 227.355729][T12084] sock_do_ioctl+0x105/0x330 [ 227.355753][T12084] ? sock_show_fdinfo+0xd0/0xd0 [ 227.355777][T12084] ? __cfi_vfs_write+0x10/0x10 [ 227.355798][T12084] ? __kasan_check_write+0x18/0x20 [ 227.355831][T12084] ? mutex_unlock+0x8b/0x240 [ 227.355853][T12084] sock_ioctl+0x634/0x7b0 [ 227.355876][T12084] ? __cfi_sock_ioctl+0x10/0x10 [ 227.355898][T12084] ? __fget_files+0x2c5/0x340 [ 227.355924][T12084] ? bpf_lsm_file_ioctl+0xd/0x20 [ 227.355954][T12084] ? security_file_ioctl+0x34/0xd0 [ 227.355981][T12084] ? __cfi_sock_ioctl+0x10/0x10 [ 227.356002][T12084] __se_sys_ioctl+0x135/0x1b0 [ 227.356028][T12084] __x64_sys_ioctl+0x7f/0xa0 [ 227.356053][T12084] x64_sys_call+0x1878/0x2ee0 [ 227.356085][T12084] do_syscall_64+0x58/0xf0 [ 227.356114][T12084] ? clear_bhb_loop+0x50/0xa0 [ 227.356140][T12084] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 227.356163][T12084] RIP: 0033:0x7fb4f6b8f6c9 [ 227.356182][T12084] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 227.356202][T12084] RSP: 002b:00007fb4f794d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 227.356226][T12084] RAX: ffffffffffffffda RBX: 00007fb4f6de5fa0 RCX: 00007fb4f6b8f6c9 [ 227.356254][T12084] RDX: 0000200000000a80 RSI: 0000000000008955 RDI: 0000000000000005 [ 227.356271][T12084] RBP: 00007fb4f794d090 R08: 0000000000000000 R09: 0000000000000000 [ 227.356286][T12084] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 227.356301][T12084] R13: 00007fb4f6de6038 R14: 00007fb4f6de5fa0 R15: 00007ffc963df818 [ 227.356327][T12084] [ 227.630596][ T45] usb 6-1: USB disconnect, device number 10 [ 227.891681][T12103] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL } [ 227.891710][T12103] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1086 [ 227.917727][T12110] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=56 sclass=netlink_route_socket pid=12110 comm=syz.4.5391 [ 227.940232][T12110] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=12110 comm=syz.4.5391 [ 227.950214][T12114] FAULT_INJECTION: forcing a failure. [ 227.950214][T12114] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 227.966398][T12114] CPU: 1 UID: 0 PID: 12114 Comm: syz.0.5393 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 227.966432][T12114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 227.966446][T12114] Call Trace: [ 227.966453][T12114] [ 227.966462][T12114] __dump_stack+0x21/0x30 [ 227.966506][T12114] dump_stack_lvl+0x10c/0x190 [ 227.966539][T12114] ? __cfi_dump_stack_lvl+0x10/0x10 [ 227.966569][T12114] ? unwind_get_return_address+0x51/0x90 [ 227.966597][T12114] ? __cfi_stack_trace_consume_entry+0x10/0x10 [ 227.966631][T12114] dump_stack+0x19/0x20 [ 227.966675][T12114] should_fail_ex+0x3d9/0x530 [ 227.966699][T12114] should_fail+0xf/0x20 [ 227.966719][T12114] should_fail_usercopy+0x1e/0x30 [ 227.966743][T12114] _copy_from_user+0x22/0xb0 [ 227.966771][T12114] ___sys_recvmsg+0x12f/0x510 [ 227.966793][T12114] ? __sys_recvmsg+0x280/0x280 [ 227.966815][T12114] ? __cfi_kstrtouint_from_user+0x10/0x10 [ 227.966837][T12114] ? selinux_file_permission+0x309/0xb30 [ 227.966865][T12114] ? __fget_files+0x2c5/0x340 [ 227.966892][T12114] do_recvmmsg+0x326/0x770 [ 227.966914][T12114] ? __sys_recvmmsg+0x290/0x290 [ 227.966935][T12114] ? __cfi_vfs_write+0x10/0x10 [ 227.966959][T12114] ? fput+0x1a5/0x240 [ 227.966987][T12114] __x64_sys_recvmmsg+0x191/0x240 [ 227.967010][T12114] ? __cfi___x64_sys_recvmmsg+0x10/0x10 [ 227.967033][T12114] ? __kasan_check_read+0x15/0x20 [ 227.967067][T12114] x64_sys_call+0x292c/0x2ee0 [ 227.967101][T12114] do_syscall_64+0x58/0xf0 [ 227.967129][T12114] ? clear_bhb_loop+0x50/0xa0 [ 227.967155][T12114] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 227.967179][T12114] RIP: 0033:0x7fb4f6b8f6c9 [ 227.967198][T12114] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 227.967217][T12114] RSP: 002b:00007fb4f794d038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 227.967242][T12114] RAX: ffffffffffffffda RBX: 00007fb4f6de5fa0 RCX: 00007fb4f6b8f6c9 [ 227.967261][T12114] RDX: 0000000000000002 RSI: 0000200000009580 RDI: 0000000000000005 [ 227.967277][T12114] RBP: 00007fb4f794d090 R08: 0000000000000000 R09: 0000000000000000 [ 227.967292][T12114] R10: 0000002000000022 R11: 0000000000000246 R12: 0000000000000001 [ 227.967307][T12114] R13: 00007fb4f6de6038 R14: 00007fb4f6de5fa0 R15: 00007ffc963df818 [ 227.967327][T12114] [ 228.255648][ T36] audit: type=1400 audit(1762984372.295:442): avc: denied { read } for pid=12123 comm="syz.4.5399" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 228.262575][T12128] netlink: 'syz.0.5400': attribute type 4 has an invalid length. [ 228.275583][ T36] audit: type=1400 audit(1762984372.305:443): avc: denied { create } for pid=12127 comm="syz.0.5400" name="file2" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 228.283712][T12128] netlink: 17 bytes leftover after parsing attributes in process `syz.0.5400'. [ 228.304090][ T36] audit: type=1400 audit(1762984372.305:444): avc: denied { write } for pid=12127 comm="syz.0.5400" name="file2" dev="tmpfs" ino=1240 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 228.304151][ T36] audit: type=1400 audit(1762984372.305:445): avc: denied { open } for pid=12127 comm="syz.0.5400" path="/197/file2" dev="tmpfs" ino=1240 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 228.304182][ T36] audit: type=1400 audit(1762984372.305:446): avc: denied { ioctl } for pid=12127 comm="syz.0.5400" path="/197/file2" dev="tmpfs" ino=1240 ioctlcmd=0x1267 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 228.343154][ T323] rndis_host 2-1:0.109: More than one union descriptor, skipping ... [ 228.364854][T12132] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=56 sclass=netlink_route_socket pid=12132 comm=syz.5.5402 [ 228.383179][ T323] usb 2-1: bad CDC descriptors [ 228.408925][ T323] cdc_acm 2-1:0.109: More than one union descriptor, skipping ... [ 228.420820][ T323] usb 2-1: USB disconnect, device number 21 [ 228.442042][T12132] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=12132 comm=syz.5.5402 [ 228.532262][T12144] FAULT_INJECTION: forcing a failure. [ 228.532262][T12144] name failslab, interval 1, probability 0, space 0, times 0 [ 228.545288][T12144] CPU: 0 UID: 0 PID: 12144 Comm: syz.5.5408 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 228.545325][T12144] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 228.545341][T12144] Call Trace: [ 228.545349][T12144] [ 228.545358][T12144] __dump_stack+0x21/0x30 [ 228.545395][T12144] dump_stack_lvl+0x10c/0x190 [ 228.545426][T12144] ? __cfi_dump_stack_lvl+0x10/0x10 [ 228.545459][T12144] dump_stack+0x19/0x20 [ 228.545489][T12144] should_fail_ex+0x3d9/0x530 [ 228.545514][T12144] should_failslab+0xac/0x100 [ 228.545540][T12144] __kmalloc_node_track_caller_noprof+0x68/0x520 [ 228.545566][T12144] ? rust_helper_krealloc+0x33/0xd0 [ 228.545600][T12144] ? krealloc_noprof+0xfa/0x130 [ 228.545624][T12144] krealloc_noprof+0x8d/0x130 [ 228.545647][T12144] rust_helper_krealloc+0x33/0xd0 [ 228.545681][T12144] ? _RNvMNtNtCs43vyB533jt3_6kernel5alloc9allocatorNtB2_11ReallocFunc4call+0x70/0xc0 [ 228.545713][T12144] _RNvMNtNtCs43vyB533jt3_6kernel5alloc9allocatorNtB2_11ReallocFunc4call+0x8e/0xc0 [ 228.545745][T12144] _RNvMs4_NtCs5gLWsBERDPK_16rust_binder_main7processNtB5_7Process18get_current_thread+0x6f0/0x1400 [ 228.545778][T12144] ? inode_init_always_gfp+0x756/0x9e0 [ 228.545804][T12144] ? alloc_inode+0xc5/0x270 [ 228.545830][T12144] ? proc_pident_instantiate+0x6d/0x2c0 [ 228.545856][T12144] ? path_openat+0x1301/0x34b0 [ 228.545887][T12144] ? __cfi__RNvMs4_NtCs5gLWsBERDPK_16rust_binder_main7processNtB5_7Process18get_current_thread+0x10/0x10 [ 228.545920][T12144] ? avc_has_perm_noaudit+0x268/0x360 [ 228.545953][T12144] ? __asan_memcpy+0x5a/0x80 [ 228.545974][T12144] ? avc_has_perm_noaudit+0x286/0x360 [ 228.546007][T12144] ? avc_has_perm+0x144/0x220 [ 228.546039][T12144] ? __cfi_avc_has_perm+0x10/0x10 [ 228.546070][T12144] ? kasan_save_alloc_info+0x40/0x50 [ 228.546105][T12144] ? selinux_file_open+0x457/0x610 [ 228.546133][T12144] _RNvMs6_NtCs5gLWsBERDPK_16rust_binder_main7processNtB5_7Process5ioctl+0x1a7/0x2cf0 [ 228.546177][T12144] ? avc_has_extended_perms+0x7c7/0xdd0 [ 228.546209][T12144] ? __asan_memcpy+0x5a/0x80 [ 228.546230][T12144] ? avc_has_extended_perms+0x921/0xdd0 [ 228.546263][T12144] ? __cfi__RNvMs6_NtCs5gLWsBERDPK_16rust_binder_main7processNtB5_7Process5ioctl+0x10/0x10 [ 228.546296][T12144] ? do_vfs_ioctl+0xeda/0x1e30 [ 228.546321][T12144] ? arch_stack_walk+0x10b/0x170 [ 228.546343][T12144] ? __ia32_compat_sys_ioctl+0x850/0x850 [ 228.546372][T12144] ? _parse_integer+0x2e/0x40 [ 228.546410][T12144] ? ioctl_has_perm+0x384/0x4d0 [ 228.546438][T12144] ? has_cap_mac_admin+0xd0/0xd0 [ 228.546467][T12144] ? proc_fail_nth_write+0x17e/0x210 [ 228.546498][T12144] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 228.546530][T12144] ? selinux_file_ioctl+0x6e0/0x1360 [ 228.546557][T12144] ? vfs_write+0x93e/0xf30 [ 228.546577][T12144] ? __cfi_selinux_file_ioctl+0x10/0x10 [ 228.546606][T12144] ? __cfi_vfs_write+0x10/0x10 [ 228.546626][T12144] ? __kasan_check_write+0x18/0x20 [ 228.546659][T12144] ? mutex_unlock+0x8b/0x240 [ 228.546680][T12144] ? __cfi_mutex_unlock+0x10/0x10 [ 228.546701][T12144] ? __fget_files+0x2c5/0x340 [ 228.546727][T12144] ? __fget_files+0x2c5/0x340 [ 228.546752][T12144] _RNvCs5gLWsBERDPK_16rust_binder_main26rust_binder_unlocked_ioctl+0xa0/0x100 [ 228.546787][T12144] ? __se_sys_ioctl+0x114/0x1b0 [ 228.546812][T12144] ? __cfi__RNvCs5gLWsBERDPK_16rust_binder_main26rust_binder_unlocked_ioctl+0x10/0x10 [ 228.546847][T12144] __se_sys_ioctl+0x135/0x1b0 [ 228.546872][T12144] __x64_sys_ioctl+0x7f/0xa0 [ 228.546897][T12144] x64_sys_call+0x1878/0x2ee0 [ 228.546930][T12144] do_syscall_64+0x58/0xf0 [ 228.546959][T12144] ? clear_bhb_loop+0x50/0xa0 [ 228.546985][T12144] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 228.547010][T12144] RIP: 0033:0x7fa48758f6c9 [ 228.547029][T12144] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 228.547050][T12144] RSP: 002b:00007fa48844e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 228.547076][T12144] RAX: ffffffffffffffda RBX: 00007fa4877e5fa0 RCX: 00007fa48758f6c9 [ 228.547095][T12144] RDX: 00002000000001c0 RSI: 00000000c0306201 RDI: 0000000000000005 [ 228.547111][T12144] RBP: 00007fa48844e090 R08: 0000000000000000 R09: 0000000000000000 [ 228.547126][T12144] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 228.547140][T12144] R13: 00007fa4877e6038 R14: 00007fa4877e5fa0 R15: 00007ffc687003d8 [ 228.547168][T12144] [ 229.063469][T12153] FAULT_INJECTION: forcing a failure. [ 229.063469][T12153] name failslab, interval 1, probability 0, space 0, times 0 [ 229.091036][T12153] CPU: 1 UID: 0 PID: 12153 Comm: syz.4.5412 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 229.091079][T12153] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 229.091094][T12153] Call Trace: [ 229.091103][T12153] [ 229.091113][T12153] __dump_stack+0x21/0x30 [ 229.091148][T12153] dump_stack_lvl+0x10c/0x190 [ 229.091179][T12153] ? __cfi_dump_stack_lvl+0x10/0x10 [ 229.091213][T12153] dump_stack+0x19/0x20 [ 229.091242][T12153] should_fail_ex+0x3d9/0x530 [ 229.091266][T12153] should_failslab+0xac/0x100 [ 229.091294][T12153] kmem_cache_alloc_noprof+0x42/0x430 [ 229.091317][T12153] ? security_file_alloc+0x49/0x200 [ 229.091344][T12153] ? kasan_save_alloc_info+0x40/0x50 [ 229.091385][T12153] security_file_alloc+0x49/0x200 [ 229.091412][T12153] init_file+0x9e/0x210 [ 229.091439][T12153] alloc_empty_file+0xd9/0x280 [ 229.091467][T12153] path_openat+0xf8/0x34b0 [ 229.091495][T12153] ? stack_depot_save_flags+0x38/0x800 [ 229.091522][T12153] ? kasan_save_track+0x4f/0x80 [ 229.091546][T12153] ? kasan_save_track+0x3e/0x80 [ 229.091569][T12153] ? kasan_save_alloc_info+0x40/0x50 [ 229.091601][T12153] ? __kasan_slab_alloc+0x73/0x90 [ 229.091627][T12153] ? kmem_cache_alloc_noprof+0x1cb/0x430 [ 229.091649][T12153] ? getname+0x1b/0x30 [ 229.091670][T12153] ? do_sys_openat2+0xcb/0x1c0 [ 229.091698][T12153] ? __x64_sys_openat+0x13a/0x170 [ 229.091728][T12153] ? x64_sys_call+0xe69/0x2ee0 [ 229.091762][T12153] ? entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 229.091790][T12153] ? do_filp_open+0x3e0/0x3e0 [ 229.091820][T12153] do_filp_open+0x1c6/0x3e0 [ 229.091848][T12153] ? __cfi_do_filp_open+0x10/0x10 [ 229.091880][T12153] ? alloc_fd+0x4e7/0x5a0 [ 229.091906][T12153] do_sys_openat2+0x12c/0x1c0 [ 229.091935][T12153] ? fput+0x1a5/0x240 [ 229.091962][T12153] ? do_sys_open+0x100/0x100 [ 229.091990][T12153] ? ksys_write+0x1ef/0x250 [ 229.092011][T12153] ? __cfi_ksys_write+0x10/0x10 [ 229.092034][T12153] __x64_sys_openat+0x13a/0x170 [ 229.092065][T12153] x64_sys_call+0xe69/0x2ee0 [ 229.092098][T12153] do_syscall_64+0x58/0xf0 [ 229.092129][T12153] ? clear_bhb_loop+0x50/0xa0 [ 229.092155][T12153] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 229.092180][T12153] RIP: 0033:0x7f3741d8df10 [ 229.092199][T12153] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 69 95 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 bc 95 02 00 8b 44 [ 229.092219][T12153] RSP: 002b:00007f3742c89f60 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 229.092245][T12153] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3741d8df10 [ 229.092262][T12153] RDX: 0000000000000000 RSI: 00007f3741e1207e RDI: 00000000ffffff9c [ 229.092279][T12153] RBP: 00007f3741e1207e R08: 0000000000000000 R09: 0000000000000000 [ 229.092294][T12153] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 229.092309][T12153] R13: 00007f3741fe6038 R14: 00007f3741fe5fa0 R15: 00007ffe1b2177f8 [ 229.092329][T12153] [ 229.214282][T12156] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1110 [ 229.678485][ T323] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 229.756835][ T36] audit: type=1400 audit(1762984373.785:447): avc: denied { unlink } for pid=10520 comm="syz-executor" name="file2" dev="tmpfs" ino=1240 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 229.849038][ T36] audit: type=1400 audit(1762984373.874:448): avc: denied { execute } for pid=12188 comm="syz.0.5429" path="/sys/kernel/mm/transparent_hugepage/khugepaged/scan_sleep_millisecs" dev="sysfs" ino=1882 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=file permissive=1 [ 229.881064][ T323] usb 5-1: Using ep0 maxpacket: 32 [ 229.907599][ T323] usb 5-1: config 8 has an invalid interface number: 203 but max is 0 [ 229.918445][ T323] usb 5-1: config 8 has no interface number 0 [ 229.924803][ T323] usb 5-1: config 8 interface 203 has no altsetting 0 [ 229.941938][ T36] audit: type=1400 audit(1762984373.963:449): avc: denied { create } for pid=12199 comm="syz.0.5434" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 229.972677][ T323] usb 5-1: New USB device found, idVendor=054c, idProduct=06c3, bcdDevice=eb.7a [ 229.981757][ T323] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 229.990021][ T323] usb 5-1: Product: syz [ 229.994368][ T323] usb 5-1: Manufacturer: syz [ 229.998988][ T323] usb 5-1: SerialNumber: syz [ 230.131944][T12207] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=56 sclass=netlink_route_socket pid=12207 comm=syz.5.5437 [ 230.145517][T12207] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=12207 comm=syz.5.5437 [ 230.220039][ T323] usb 5-1: USB disconnect, device number 15 [ 230.361502][T12227] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=56 sclass=netlink_route_socket pid=12227 comm=syz.5.5447 [ 230.374940][T12227] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=12227 comm=syz.5.5447 [ 230.473458][T12234] netlink: 'syz.0.5450': attribute type 6 has an invalid length. [ 230.545932][T12246] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=56 sclass=netlink_route_socket pid=12246 comm=syz.1.5456 [ 230.559491][T12246] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=12246 comm=syz.1.5456 [ 230.767423][T12260] FAULT_INJECTION: forcing a failure. [ 230.767423][T12260] name failslab, interval 1, probability 0, space 0, times 0 [ 230.781047][T12260] CPU: 1 UID: 0 PID: 12260 Comm: syz.4.5463 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 230.781084][T12260] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 230.781100][T12260] Call Trace: [ 230.781108][T12260] [ 230.781118][T12260] __dump_stack+0x21/0x30 [ 230.781155][T12260] dump_stack_lvl+0x10c/0x190 [ 230.781186][T12260] ? __cfi_dump_stack_lvl+0x10/0x10 [ 230.781219][T12260] ? release_sock+0x171/0x1f0 [ 230.781247][T12260] dump_stack+0x19/0x20 [ 230.781277][T12260] should_fail_ex+0x3d9/0x530 [ 230.781303][T12260] should_failslab+0xac/0x100 [ 230.781330][T12260] kmem_cache_alloc_node_noprof+0x45/0x440 [ 230.781353][T12260] ? netlink_data_ready+0x20/0x20 [ 230.781384][T12260] ? __alloc_skb+0x10c/0x370 [ 230.781412][T12260] __alloc_skb+0x10c/0x370 [ 230.781441][T12260] netlink_alloc_large_skb+0xf7/0x1b0 [ 230.781472][T12260] netlink_sendmsg+0x586/0xaf0 [ 230.781506][T12260] ? __cfi_netlink_sendmsg+0x10/0x10 [ 230.781541][T12260] ? __asan_memcpy+0x5a/0x80 [ 230.781561][T12260] ? bpf_lsm_socket_sendmsg+0xd/0x20 [ 230.781590][T12260] ? security_socket_sendmsg+0x33/0xd0 [ 230.781612][T12260] sock_write_iter+0x49c/0x4f0 [ 230.781635][T12260] ? __cfi_sock_write_iter+0x10/0x10 [ 230.781663][T12260] do_iter_readv_writev+0x628/0x810 [ 230.781688][T12260] ? vfs_iter_read+0x5f0/0x5f0 [ 230.781712][T12260] ? bpf_lsm_file_permission+0xd/0x20 [ 230.781748][T12260] vfs_writev+0x485/0xcf0 [ 230.781777][T12260] ? do_writev+0x2d0/0x2d0 [ 230.781802][T12260] ? vfs_write+0x93e/0xf30 [ 230.781829][T12260] do_writev+0x14d/0x2d0 [ 230.781856][T12260] ? vfs_readv+0xa50/0xa50 [ 230.781884][T12260] ? __kasan_check_read+0x15/0x20 [ 230.781918][T12260] __x64_sys_writev+0x81/0x90 [ 230.781941][T12260] x64_sys_call+0x1fbb/0x2ee0 [ 230.781975][T12260] do_syscall_64+0x58/0xf0 [ 230.782004][T12260] ? clear_bhb_loop+0x50/0xa0 [ 230.782029][T12260] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 230.782062][T12260] RIP: 0033:0x7f3741d8f6c9 [ 230.782081][T12260] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 230.782113][T12260] RSP: 002b:00007f3742c8a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 230.782137][T12260] RAX: ffffffffffffffda RBX: 00007f3741fe5fa0 RCX: 00007f3741d8f6c9 [ 230.782154][T12260] RDX: 0000000000000001 RSI: 0000200000000000 RDI: 0000000000000005 [ 230.782168][T12260] RBP: 00007f3742c8a090 R08: 0000000000000000 R09: 0000000000000000 [ 230.782182][T12260] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 230.782195][T12260] R13: 00007f3741fe6038 R14: 00007f3741fe5fa0 R15: 00007ffe1b2177f8 [ 230.782214][T12260] [ 230.835100][T12264] netlink: 'syz.0.5462': attribute type 6 has an invalid length. [ 231.029300][T12271] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=56 sclass=netlink_route_socket pid=12271 comm=syz.4.5467 [ 231.071869][T12271] wireguard: wg2: Could not create IPv4 socket [ 231.297535][T12300] 9pnet_fd: Insufficient options for proto=fd [ 231.344363][T12304] wireguard: wg2: Could not create IPv4 socket [ 231.371093][ T323] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 231.540371][ T323] usb 1-1: Using ep0 maxpacket: 32 [ 231.551500][ T323] usb 1-1: config 8 has an invalid interface number: 203 but max is 0 [ 231.570147][ T323] usb 1-1: config 8 has no interface number 0 [ 231.580313][ T323] usb 1-1: config 8 interface 203 has no altsetting 0 [ 231.595819][ T323] usb 1-1: New USB device found, idVendor=054c, idProduct=06c3, bcdDevice=eb.7a [ 231.611155][ T323] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 231.630835][ T323] usb 1-1: Product: syz [ 231.639588][ T323] usb 1-1: Manufacturer: syz [ 231.649785][ T323] usb 1-1: SerialNumber: syz [ 231.776148][T12330] wireguard: wg2: Could not create IPv4 socket [ 231.866580][ T323] usb 1-1: USB disconnect, device number 10 [ 232.097323][ T36] audit: type=1400 audit(1762984376.098:450): avc: denied { bind } for pid=12339 comm="syz.4.5500" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 232.369367][ T9] usb 2-1: new high-speed USB device number 22 using dummy_hcd [ 232.452165][T12369] 9pnet_fd: Insufficient options for proto=fd [ 232.534386][T12375] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1155 [ 232.541147][ T9] usb 2-1: Using ep0 maxpacket: 8 [ 232.580769][ T9] usb 2-1: unable to get BOS descriptor or descriptor too short [ 232.594735][ T9] usb 2-1: config 6 has an invalid interface number: 185 but max is 0 [ 232.604422][ T9] usb 2-1: config 6 has no interface number 0 [ 232.610548][ T9] usb 2-1: config 6 interface 185 altsetting 8 has an invalid descriptor for endpoint zero, skipping [ 232.629091][ T9] usb 2-1: config 6 interface 185 has no altsetting 0 [ 232.637606][ T9] usb 2-1: New USB device found, idVendor=04e6, idProduct=000c, bcdDevice= 1.00 [ 232.650874][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 232.666216][ T9] usb 2-1: Product: syz [ 232.670420][ T9] usb 2-1: Manufacturer: syz [ 232.675094][ T9] usb 2-1: SerialNumber: syz [ 232.689702][T12391] wireguard: wg2: Could not create IPv4 socket [ 232.792123][T12395] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1167 [ 232.874960][ T31] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 232.898436][ T9] usb-storage 2-1:6.185: USB Mass Storage device detected [ 232.921726][ T9] usb-storage 2-1:6.185: Quirks match for vid 04e6 pid 000c: 4 [ 232.967944][ T9] usb 2-1: USB disconnect, device number 22 [ 233.066580][ T31] usb 1-1: Using ep0 maxpacket: 32 [ 233.077725][ T31] usb 1-1: config 8 has an invalid interface number: 203 but max is 0 [ 233.096197][ T31] usb 1-1: config 8 has no interface number 0 [ 233.106536][ T31] usb 1-1: config 8 interface 203 has no altsetting 0 [ 233.124975][ T31] usb 1-1: New USB device found, idVendor=054c, idProduct=06c3, bcdDevice=eb.7a [ 233.137261][ T31] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 233.155664][ T31] usb 1-1: Product: syz [ 233.165707][ T31] usb 1-1: Manufacturer: syz [ 233.175982][ T31] usb 1-1: SerialNumber: syz [ 233.231489][T12412] selinux_netlink_send: 4 callbacks suppressed [ 233.231512][T12412] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=56 sclass=netlink_route_socket pid=12412 comm=syz.5.5530 [ 233.251357][T12412] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=12412 comm=syz.5.5530 [ 233.265362][T12412] wireguard: wg2: Could not create IPv4 socket [ 233.394764][ T31] usb 1-1: USB disconnect, device number 11 [ 233.624554][T12435] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:607 [ 233.884610][ T323] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 234.046503][ T323] usb 6-1: Using ep0 maxpacket: 8 [ 234.055550][ T323] usb 6-1: unable to get BOS descriptor or descriptor too short [ 234.056269][ T7599] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 234.075257][ T323] usb 6-1: config 6 has an invalid interface number: 185 but max is 0 [ 234.086511][ T323] usb 6-1: config 6 has no interface number 0 [ 234.105251][ T323] usb 6-1: config 6 interface 185 altsetting 8 has an invalid descriptor for endpoint zero, skipping [ 234.128135][ T323] usb 6-1: config 6 interface 185 has no altsetting 0 [ 234.138084][ T323] usb 6-1: New USB device found, idVendor=04e6, idProduct=000c, bcdDevice= 1.00 [ 234.147556][ T323] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 234.155576][ T323] usb 6-1: Product: syz [ 234.159829][ T323] usb 6-1: Manufacturer: syz [ 234.164447][ T323] usb 6-1: SerialNumber: syz [ 234.237916][ T7599] usb 5-1: Using ep0 maxpacket: 16 [ 234.250263][ T7599] usb 5-1: config 0 has an invalid interface number: 109 but max is 0 [ 234.268189][ T7599] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 234.291475][ T7599] usb 5-1: config 0 has no interface number 0 [ 234.299269][T12459] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:617 [ 234.314061][ T7599] usb 5-1: New USB device found, idVendor=0421, idProduct=0094, bcdDevice=28.8e [ 234.332514][ T7599] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 234.340729][ T7599] usb 5-1: Product: syz [ 234.350811][ T7599] usb 5-1: Manufacturer: syz [ 234.355497][ T7599] usb 5-1: SerialNumber: syz [ 234.367259][ T7599] usb 5-1: config 0 descriptor?? [ 234.374086][T12463] FAULT_INJECTION: forcing a failure. [ 234.374086][T12463] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 234.379927][ T323] usb-storage 6-1:6.185: USB Mass Storage device detected [ 234.387983][T12463] CPU: 0 UID: 0 PID: 12463 Comm: syz.1.5554 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 234.388021][T12463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 234.388043][T12463] Call Trace: [ 234.388052][T12463] [ 234.388064][T12463] __dump_stack+0x21/0x30 [ 234.388105][T12463] dump_stack_lvl+0x10c/0x190 [ 234.388141][T12463] ? __cfi_dump_stack_lvl+0x10/0x10 [ 234.388176][T12463] ? kstrtoull+0x13b/0x1e0 [ 234.388202][T12463] dump_stack+0x19/0x20 [ 234.388235][T12463] should_fail_ex+0x3d9/0x530 [ 234.388263][T12463] should_fail+0xf/0x20 [ 234.388286][T12463] should_fail_usercopy+0x1e/0x30 [ 234.388315][T12463] _copy_from_user+0x22/0xb0 [ 234.388347][T12463] ___sys_sendmsg+0x159/0x2a0 [ 234.388387][T12463] ? __sys_sendmsg+0x280/0x280 [ 234.388437][T12463] ? proc_fail_nth_write+0x17e/0x210 [ 234.388471][T12463] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 234.388511][T12463] __x64_sys_sendmsg+0x1eb/0x2c0 [ 234.388549][T12463] ? fput+0x1a5/0x240 [ 234.388578][T12463] ? __cfi___x64_sys_sendmsg+0x10/0x10 [ 234.388615][T12463] ? ksys_write+0x1ef/0x250 [ 234.388641][T12463] ? __kasan_check_read+0x15/0x20 [ 234.388679][T12463] x64_sys_call+0x2a4c/0x2ee0 [ 234.388719][T12463] do_syscall_64+0x58/0xf0 [ 234.388752][T12463] ? clear_bhb_loop+0x50/0xa0 [ 234.388781][T12463] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 234.388808][T12463] RIP: 0033:0x7f4c2838f6c9 [ 234.388828][T12463] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 234.388854][T12463] RSP: 002b:00007f4c2926f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 234.388882][T12463] RAX: ffffffffffffffda RBX: 00007f4c285e5fa0 RCX: 00007f4c2838f6c9 [ 234.388901][T12463] RDX: 0000000000000004 RSI: 0000200000000540 RDI: 0000000000000005 [ 234.388919][T12463] RBP: 00007f4c2926f090 R08: 0000000000000000 R09: 0000000000000000 [ 234.388944][T12463] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 234.388961][T12463] R13: 00007f4c285e6038 R14: 00007f4c285e5fa0 R15: 00007ffc0592a8f8 [ 234.388985][T12463] [ 234.576628][T12447] Invalid ELF header len 1 [ 234.609578][ T323] usb-storage 6-1:6.185: Quirks match for vid 04e6 pid 000c: 4 [ 234.640699][ T7599] rndis_host 5-1:0.109: More than one union descriptor, skipping ... [ 234.653230][ T7599] usb 5-1: bad CDC descriptors [ 234.658227][ T7599] cdc_acm 5-1:0.109: More than one union descriptor, skipping ... [ 234.670506][ T7599] usb 5-1: USB disconnect, device number 16 [ 234.682960][ T323] usb 6-1: USB disconnect, device number 11 [ 234.873791][ T45] usb 2-1: new high-speed USB device number 23 using dummy_hcd [ 234.883041][T12472] 9pnet_fd: Insufficient options for proto=fd [ 234.991112][T12481] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:490 [ 235.025128][ T45] usb 2-1: Using ep0 maxpacket: 32 [ 235.040942][ T45] usb 2-1: config 8 has an invalid interface number: 203 but max is 0 [ 235.053122][ T45] usb 2-1: config 8 has no interface number 0 [ 235.059783][ T45] usb 2-1: config 8 interface 203 has no altsetting 0 [ 235.068438][ T45] usb 2-1: New USB device found, idVendor=054c, idProduct=06c3, bcdDevice=eb.7a [ 235.078273][ T45] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 235.087134][ T45] usb 2-1: Product: syz [ 235.091490][ T45] usb 2-1: Manufacturer: syz [ 235.096432][ T45] usb 2-1: SerialNumber: syz [ 235.184078][T12504] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:504 [ 235.314233][ T45] usb 2-1: USB disconnect, device number 23 [ 235.375285][T12526] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1194 [ 235.652156][ T323] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 235.791392][T12554] SELinux: security_context_str_to_sid (syste_uÝGй ‰:ÿß) failed with errno=-22 [ 235.842179][ T323] usb 1-1: Using ep0 maxpacket: 16 [ 235.849630][ T323] usb 1-1: config 0 has an invalid interface number: 109 but max is 0 [ 235.862353][ T323] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 235.891935][ T323] usb 1-1: config 0 has no interface number 0 [ 235.901339][ T323] usb 1-1: New USB device found, idVendor=0421, idProduct=0094, bcdDevice=28.8e [ 235.910814][ T323] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 235.931114][ T323] usb 1-1: Product: syz [ 235.935369][ T323] usb 1-1: Manufacturer: syz [ 235.945034][ T323] usb 1-1: SerialNumber: syz [ 235.952659][ T323] usb 1-1: config 0 descriptor?? [ 236.161405][T12529] Invalid ELF header len 1 [ 236.235449][ T7599] usb 2-1: new high-speed USB device number 24 using dummy_hcd [ 236.376794][T12615] FAULT_INJECTION: forcing a failure. [ 236.376794][T12615] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 236.390012][T12615] CPU: 0 UID: 0 PID: 12615 Comm: syz.4.5621 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 236.390046][T12615] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 236.390060][T12615] Call Trace: [ 236.390068][T12615] [ 236.390080][T12615] __dump_stack+0x21/0x30 [ 236.390112][T12615] dump_stack_lvl+0x10c/0x190 [ 236.390145][T12615] ? __cfi_dump_stack_lvl+0x10/0x10 [ 236.390175][T12615] ? kernel_text_address+0xa9/0xe0 [ 236.390207][T12615] dump_stack+0x19/0x20 [ 236.390227][T12615] should_fail_ex+0x3d9/0x530 [ 236.390244][T12615] should_fail+0xf/0x20 [ 236.390259][T12615] should_fail_usercopy+0x1e/0x30 [ 236.390284][T12615] _copy_from_user+0x22/0xb0 [ 236.390314][T12615] ___sys_sendmsg+0x159/0x2a0 [ 236.390347][T12615] ? __sys_sendmsg+0x280/0x280 [ 236.390375][T12615] ? kstrtouint+0x78/0xf0 [ 236.390394][T12615] __sys_sendmmsg+0x271/0x470 [ 236.390425][T12615] ? __cfi___sys_sendmmsg+0x10/0x10 [ 236.390465][T12615] ? __cfi_ksys_write+0x10/0x10 [ 236.390495][T12615] __x64_sys_sendmmsg+0xa4/0xc0 [ 236.390530][T12615] x64_sys_call+0xfec/0x2ee0 [ 236.390554][T12615] do_syscall_64+0x58/0xf0 [ 236.390582][T12615] ? clear_bhb_loop+0x50/0xa0 [ 236.390608][T12615] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 236.390631][T12615] RIP: 0033:0x7f3741d8f6c9 [ 236.390651][T12615] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 236.390666][T12615] RSP: 002b:00007f3742c8a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 236.390683][T12615] RAX: ffffffffffffffda RBX: 00007f3741fe5fa0 RCX: 00007f3741d8f6c9 [ 236.390696][T12615] RDX: 0000000000000001 RSI: 00002000000006c0 RDI: 0000000000000005 [ 236.390707][T12615] RBP: 00007f3742c8a090 R08: 0000000000000000 R09: 0000000000000000 [ 236.390730][T12615] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 236.390747][T12615] R13: 00007f3741fe6038 R14: 00007f3741fe5fa0 R15: 00007ffe1b2177f8 [ 236.390767][T12615] [ 236.596297][ T7599] usb 2-1: Using ep0 maxpacket: 32 [ 236.603076][ T7599] usb 2-1: config 8 has an invalid interface number: 203 but max is 0 [ 236.611316][ T7599] usb 2-1: config 8 has no interface number 0 [ 236.617414][ T7599] usb 2-1: config 8 interface 203 has no altsetting 0 [ 236.625898][ T7599] usb 2-1: New USB device found, idVendor=054c, idProduct=06c3, bcdDevice=eb.7a [ 236.635246][ T7599] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 236.643540][ T7599] usb 2-1: Product: syz [ 236.647749][ T7599] usb 2-1: Manufacturer: syz [ 236.652585][ T7599] usb 2-1: SerialNumber: syz [ 236.750025][ T36] audit: type=1400 audit(1762984380.705:451): avc: denied { unlink } for pid=12629 comm="syz.5.5628" name="binder0" dev="binder" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 236.867837][ T7599] usb 2-1: USB disconnect, device number 24 [ 236.991669][T12646] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=12646 comm=syz.5.5636 [ 237.005427][T12646] wireguard: wg2: Could not create IPv4 socket [ 237.324510][T12665] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=12665 comm=syz.4.5645 [ 237.338266][T12665] wireguard: wg2: Could not create IPv4 socket [ 237.386585][T12667] 9pnet_fd: Insufficient options for proto=fd [ 237.858121][ T10] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 238.009809][T12691] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=12691 comm=syz.5.5657 [ 238.023528][T12691] wireguard: wg2: Could not create IPv4 socket [ 238.029850][ T10] usb 5-1: Using ep0 maxpacket: 32 [ 238.036146][ T10] usb 5-1: config 8 has an invalid interface number: 203 but max is 0 [ 238.046033][ T10] usb 5-1: config 8 has no interface number 0 [ 238.054052][ T10] usb 5-1: config 8 interface 203 has no altsetting 0 [ 238.062533][ T10] usb 5-1: New USB device found, idVendor=054c, idProduct=06c3, bcdDevice=eb.7a [ 238.071764][ T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 238.079829][ T10] usb 5-1: Product: syz [ 238.084097][ T10] usb 5-1: Manufacturer: syz [ 238.101319][ T10] usb 5-1: SerialNumber: syz [ 238.136422][T12695] 9pnet: Could not find request transport: fd0xffffffffffffffff [ 238.317822][ T10] usb 5-1: USB disconnect, device number 17 [ 238.382051][ T323] rndis_host 1-1:0.109: More than one union descriptor, skipping ... [ 238.401659][ T323] usb 1-1: bad CDC descriptors [ 238.410148][ T323] cdc_acm 1-1:0.109: More than one union descriptor, skipping ... [ 238.419746][T12712] wireguard: wg2: Could not create IPv4 socket [ 238.427176][ T323] usb 1-1: USB disconnect, device number 12 [ 238.499469][T12718] 9pnet: Could not find request transport: fd0xffffffffffffffff [ 238.709193][T12730] 9pnet_fd: Insufficient options for proto=fd [ 239.006425][ T323] usb 2-1: new high-speed USB device number 25 using dummy_hcd [ 239.059468][ T13] bridge_slave_1: left allmulticast mode [ 239.066849][ T13] bridge_slave_1: left promiscuous mode [ 239.074497][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 239.082449][ T13] bridge_slave_0: left allmulticast mode [ 239.089168][ T13] bridge_slave_0: left promiscuous mode [ 239.094921][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 239.103488][ T13] tipc: Resetting bearer [ 239.121080][ T13] tipc: Disabling bearer [ 239.167475][ T323] usb 2-1: Using ep0 maxpacket: 16 [ 239.173802][ T323] usb 2-1: config 0 has an invalid interface number: 109 but max is 0 [ 239.183117][ T323] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 239.193250][ T323] usb 2-1: config 0 has no interface number 0 [ 239.201449][ T323] usb 2-1: New USB device found, idVendor=0421, idProduct=0094, bcdDevice=28.8e [ 239.210684][ T323] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 239.220380][T12745] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5681'. [ 239.229358][ T323] usb 2-1: Product: syz [ 239.229618][T12747] wireguard: wg2: Could not create IPv4 socket [ 239.233534][ T323] usb 2-1: Manufacturer: syz [ 239.233558][ T323] usb 2-1: SerialNumber: syz [ 239.260415][ T323] usb 2-1: config 0 descriptor?? [ 239.261134][ T13] tipc: Left network mode [ 239.290841][ T13] veth1_macvtap: left promiscuous mode [ 239.296416][ T13] veth0_vlan: left promiscuous mode [ 239.424603][T12741] bridge0: port 1(bridge_slave_0) entered blocking state [ 239.432429][T12741] bridge0: port 1(bridge_slave_0) entered disabled state [ 239.440651][T12741] bridge_slave_0: entered allmulticast mode [ 239.447197][T12741] bridge_slave_0: entered promiscuous mode [ 239.458100][T12741] bridge0: port 2(bridge_slave_1) entered blocking state [ 239.469286][T12741] bridge0: port 2(bridge_slave_1) entered disabled state [ 239.477738][T12733] Invalid ELF header len 1 [ 239.494398][T12741] bridge_slave_1: entered allmulticast mode [ 239.510322][T12741] bridge_slave_1: entered promiscuous mode [ 239.694160][T12776] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5690'. [ 239.746715][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 239.753836][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 239.767457][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 239.774582][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 239.824038][T12741] veth0_vlan: entered promiscuous mode [ 239.845092][T12741] veth1_macvtap: entered promiscuous mode [ 239.877792][ T36] audit: type=1400 audit(1762984383.812:452): avc: denied { mount } for pid=12741 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 239.914432][T12781] 9pnet: Could not find request transport: fd0xffffffffffffffff [ 240.137894][T12797] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:556 [ 240.138478][T12795] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5698'. [ 240.426123][T12815] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:24 [ 240.526254][ T10] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 240.697890][ T10] usb 1-1: Using ep0 maxpacket: 8 [ 240.704640][ T10] usb 1-1: unable to get BOS descriptor or descriptor too short [ 240.713383][ T10] usb 1-1: config 6 has an invalid interface number: 185 but max is 0 [ 240.721884][ T10] usb 1-1: config 6 has no interface number 0 [ 240.737666][ T10] usb 1-1: config 6 interface 185 altsetting 8 has an invalid descriptor for endpoint zero, skipping [ 240.755240][ T10] usb 1-1: config 6 interface 185 has no altsetting 0 [ 240.771186][ T10] usb 1-1: New USB device found, idVendor=04e6, idProduct=000c, bcdDevice= 1.00 [ 240.781881][ T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 240.792676][ T10] usb 1-1: Product: syz [ 240.797158][ T10] usb 1-1: Manufacturer: syz [ 240.803176][ T10] usb 1-1: SerialNumber: syz [ 241.015579][ T10] usb-storage 1-1:6.185: USB Mass Storage device detected [ 241.027994][ T10] usb-storage 1-1:6.185: Quirks match for vid 04e6 pid 000c: 4 [ 241.088666][ T10] usb 1-1: USB disconnect, device number 13 [ 241.317015][T12839] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:33 [ 241.614559][T12857] 9pnet: Could not find request transport: fd0xffffffffffffffff [ 241.744089][ T323] rndis_host 2-1:0.109: More than one union descriptor, skipping ... [ 241.752266][ T323] usb 2-1: bad CDC descriptors [ 241.773392][ T323] cdc_acm 2-1:0.109: More than one union descriptor, skipping ... [ 241.792652][ T323] usb 2-1: USB disconnect, device number 25 [ 242.087906][T12882] Invalid ELF header len 1 [ 242.527999][ T10] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 242.658017][T12921] 9pnet_fd: Insufficient options for proto=fd [ 242.688859][ T10] usb 6-1: Using ep0 maxpacket: 32 [ 242.700094][ T10] usb 6-1: config 8 has an invalid interface number: 203 but max is 0 [ 242.718560][ T10] usb 6-1: config 8 has no interface number 0 [ 242.719208][T12927] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5760'. [ 242.724789][ T10] usb 6-1: config 8 interface 203 has no altsetting 0 [ 242.760662][ T10] usb 6-1: New USB device found, idVendor=054c, idProduct=06c3, bcdDevice=eb.7a [ 242.769879][ T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 242.777897][ T10] usb 6-1: Product: syz [ 242.799476][ T10] usb 6-1: Manufacturer: syz [ 242.804293][ T10] usb 6-1: SerialNumber: syz [ 242.921904][T12940] 9pnet_fd: Insufficient options for proto=fd [ 243.017551][ T10] usb 6-1: USB disconnect, device number 12 [ 243.050024][T12950] Invalid ELF header len 1 [ 243.066731][T12953] 9pnet_fd: Insufficient options for proto=fd [ 243.081737][T12954] Invalid logical block size (1050623) [ 243.309993][T12976] 9pnet_fd: Insufficient options for proto=fd [ 243.821512][T13022] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:628 [ 244.122639][T13049] Invalid ELF header len 1 [ 244.158525][T13053] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:97 [ 244.186696][T13057] 9pnet_fd: Insufficient options for proto=fd [ 244.288962][T13073] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:109 [ 244.442728][T13095] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:118 [ 244.756108][T13129] 9pnet: Could not find request transport: fd0xffffffffffffffff [ 245.276279][T13164] 9pnet_fd: Insufficient options for proto=fd [ 245.418613][T13177] Invalid logical block size (1050623) [ 245.646371][T13190] Invalid ELF header len 1 [ 245.784150][T13209] Invalid ELF header len 1 [ 245.930176][T13223] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5898'. [ 246.262296][T13233] 9pnet_fd: Insufficient options for proto=fd [ 246.365774][T13245] 9pnet: Could not find request transport: fd0xffffffffffffffff [ 246.447154][T13257] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=13257 comm=syz.5.5904 [ 246.508884][T13269] Invalid ELF header len 1 [ 246.624754][T13287] FAULT_INJECTION: forcing a failure. [ 246.624754][T13287] name failslab, interval 1, probability 0, space 0, times 0 [ 246.643707][T13287] CPU: 0 UID: 0 PID: 13287 Comm: syz.5.5928 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 246.643744][T13287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 246.643759][T13287] Call Trace: [ 246.643768][T13287] [ 246.643777][T13287] __dump_stack+0x21/0x30 [ 246.643814][T13287] dump_stack_lvl+0x10c/0x190 [ 246.643846][T13287] ? __cfi_dump_stack_lvl+0x10/0x10 [ 246.643880][T13287] dump_stack+0x19/0x20 [ 246.643919][T13287] should_fail_ex+0x3d9/0x530 [ 246.643944][T13287] should_failslab+0xac/0x100 [ 246.643970][T13287] __kmalloc_node_track_caller_noprof+0x68/0x520 [ 246.643996][T13287] ? rust_helper_krealloc+0x33/0xd0 [ 246.644031][T13287] ? krealloc_noprof+0xfa/0x130 [ 246.644056][T13287] krealloc_noprof+0x8d/0x130 [ 246.644079][T13287] rust_helper_krealloc+0x33/0xd0 [ 246.644113][T13287] ? _RNvMNtNtCs43vyB533jt3_6kernel5alloc9allocatorNtB2_11ReallocFunc4call+0x70/0xc0 [ 246.644146][T13287] _RNvMNtNtCs43vyB533jt3_6kernel5alloc9allocatorNtB2_11ReallocFunc4call+0x8e/0xc0 [ 246.644179][T13287] _RNvMs4_NtCs5gLWsBERDPK_16rust_binder_main7processNtB5_7Process18get_current_thread+0x6f0/0x1400 [ 246.644212][T13287] ? inode_init_always_gfp+0x756/0x9e0 [ 246.644239][T13287] ? alloc_inode+0xc5/0x270 [ 246.644266][T13287] ? proc_pident_instantiate+0x6d/0x2c0 [ 246.644293][T13287] ? path_openat+0x1301/0x34b0 [ 246.644324][T13287] ? __cfi__RNvMs4_NtCs5gLWsBERDPK_16rust_binder_main7processNtB5_7Process18get_current_thread+0x10/0x10 [ 246.644357][T13287] ? avc_has_perm_noaudit+0x268/0x360 [ 246.644390][T13287] ? __asan_memcpy+0x5a/0x80 [ 246.644412][T13287] ? avc_has_perm_noaudit+0x286/0x360 [ 246.644446][T13287] ? avc_has_perm+0x144/0x220 [ 246.644478][T13287] ? __cfi_avc_has_perm+0x10/0x10 [ 246.644508][T13287] ? kasan_save_alloc_info+0x40/0x50 [ 246.644543][T13287] ? selinux_file_open+0x457/0x610 [ 246.644570][T13287] _RNvMs6_NtCs5gLWsBERDPK_16rust_binder_main7processNtB5_7Process5ioctl+0x1a7/0x2cf0 [ 246.644604][T13287] ? avc_has_extended_perms+0x7c7/0xdd0 [ 246.644637][T13287] ? __asan_memcpy+0x5a/0x80 [ 246.644659][T13287] ? avc_has_extended_perms+0x921/0xdd0 [ 246.644692][T13287] ? __cfi__RNvMs6_NtCs5gLWsBERDPK_16rust_binder_main7processNtB5_7Process5ioctl+0x10/0x10 [ 246.644725][T13287] ? do_vfs_ioctl+0xeda/0x1e30 [ 246.644751][T13287] ? arch_stack_walk+0x10b/0x170 [ 246.644774][T13287] ? __ia32_compat_sys_ioctl+0x850/0x850 [ 246.644802][T13287] ? _parse_integer+0x2e/0x40 [ 246.644839][T13287] ? ioctl_has_perm+0x384/0x4d0 [ 246.644867][T13287] ? has_cap_mac_admin+0xd0/0xd0 [ 246.644894][T13287] ? proc_fail_nth_write+0x17e/0x210 [ 246.644932][T13287] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 246.644963][T13287] ? selinux_file_ioctl+0x6e0/0x1360 [ 246.644989][T13287] ? vfs_write+0x93e/0xf30 [ 246.645008][T13287] ? __cfi_selinux_file_ioctl+0x10/0x10 [ 246.645036][T13287] ? __cfi_vfs_write+0x10/0x10 [ 246.645056][T13287] ? __kasan_check_write+0x18/0x20 [ 246.645091][T13287] ? mutex_unlock+0x8b/0x240 [ 246.645111][T13287] ? __cfi_mutex_unlock+0x10/0x10 [ 246.645132][T13287] ? __fget_files+0x2c5/0x340 [ 246.645156][T13287] ? __fget_files+0x2c5/0x340 [ 246.645180][T13287] _RNvCs5gLWsBERDPK_16rust_binder_main26rust_binder_unlocked_ioctl+0xa0/0x100 [ 246.645215][T13287] ? __se_sys_ioctl+0x114/0x1b0 [ 246.645240][T13287] ? __cfi__RNvCs5gLWsBERDPK_16rust_binder_main26rust_binder_unlocked_ioctl+0x10/0x10 [ 246.645275][T13287] __se_sys_ioctl+0x135/0x1b0 [ 246.645301][T13287] __x64_sys_ioctl+0x7f/0xa0 [ 246.645326][T13287] x64_sys_call+0x1878/0x2ee0 [ 246.645361][T13287] do_syscall_64+0x58/0xf0 [ 246.645390][T13287] ? clear_bhb_loop+0x50/0xa0 [ 246.645417][T13287] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 246.645442][T13287] RIP: 0033:0x7fa48758f6c9 [ 246.645462][T13287] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 246.645483][T13287] RSP: 002b:00007fa48844e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 246.645506][T13287] RAX: ffffffffffffffda RBX: 00007fa4877e5fa0 RCX: 00007fa48758f6c9 [ 246.645524][T13287] RDX: 00002000000001c0 RSI: 00000000c0306201 RDI: 0000000000000005 [ 246.645541][T13287] RBP: 00007fa48844e090 R08: 0000000000000000 R09: 0000000000000000 [ 246.645556][T13287] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 246.645571][T13287] R13: 00007fa4877e6038 R14: 00007fa4877e5fa0 R15: 00007ffc687003d8 [ 246.645592][T13287] [ 246.816486][T13296] 9pnet_fd: Insufficient options for proto=fd [ 247.190198][T13306] 9pnet_fd: Insufficient options for proto=fd [ 247.203985][T13295] bridge0: port 1(bridge_slave_0) entered blocking state [ 247.211398][T13295] bridge0: port 1(bridge_slave_0) entered disabled state [ 247.218780][T13295] bridge_slave_0: entered allmulticast mode [ 247.230150][T13295] bridge_slave_0: entered promiscuous mode [ 247.237731][T13295] bridge0: port 2(bridge_slave_1) entered blocking state [ 247.245165][T13295] bridge0: port 2(bridge_slave_1) entered disabled state [ 247.252294][T13295] bridge_slave_1: entered allmulticast mode [ 247.258749][T13295] bridge_slave_1: entered promiscuous mode [ 247.272998][ T12] bridge_slave_1: left allmulticast mode [ 247.278844][ T12] bridge_slave_1: left promiscuous mode [ 247.284751][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 247.294732][ T12] bridge_slave_0: left allmulticast mode [ 247.300183][T13318] 9pnet_fd: Insufficient options for proto=fd [ 247.300408][ T12] bridge_slave_0: left promiscuous mode [ 247.312575][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 247.347096][T13322] 9pnet_fd: Insufficient options for proto=fd [ 247.381372][T13326] 9pnet: Could not find request transport: fd0xffffffffffffffff [ 247.447319][ T12] veth1_macvtap: left promiscuous mode [ 247.453096][ T12] veth0_vlan: left promiscuous mode [ 247.614283][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 247.621397][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 247.644703][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 247.651929][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 247.709530][T13295] veth0_vlan: entered promiscuous mode [ 247.736452][T13295] veth1_macvtap: entered promiscuous mode [ 248.046087][T13372] 9pnet_fd: Insufficient options for proto=fd [ 248.094712][T13374] FAULT_INJECTION: forcing a failure. [ 248.094712][T13374] name failslab, interval 1, probability 0, space 0, times 0 [ 248.127456][T13374] CPU: 1 UID: 0 PID: 13374 Comm: syz.4.5965 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 248.127496][T13374] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 248.127512][T13374] Call Trace: [ 248.127521][T13374] [ 248.127530][T13374] __dump_stack+0x21/0x30 [ 248.127567][T13374] dump_stack_lvl+0x10c/0x190 [ 248.127599][T13374] ? __cfi_dump_stack_lvl+0x10/0x10 [ 248.127632][T13374] dump_stack+0x19/0x20 [ 248.127662][T13374] should_fail_ex+0x3d9/0x530 [ 248.127688][T13374] should_failslab+0xac/0x100 [ 248.127715][T13374] kmem_cache_alloc_noprof+0x42/0x430 [ 248.127737][T13374] ? __kasan_slab_alloc+0x73/0x90 [ 248.127795][T13374] ? fasync_alloc+0x2e/0xb0 [ 248.127819][T13374] ? kmem_cache_alloc_noprof+0x1ee/0x430 [ 248.127846][T13374] fasync_alloc+0x2e/0xb0 [ 248.127868][T13374] fcntl_setlease+0x337/0x570 [ 248.127891][T13374] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 248.127922][T13374] ? __cfi_fcntl_setlease+0x10/0x10 [ 248.127945][T13374] ? bpf_lsm_file_permission+0xd/0x20 [ 248.127978][T13374] ? vfs_write+0x93e/0xf30 [ 248.128000][T13374] do_fcntl+0x5a3/0x1500 [ 248.128023][T13374] ? __cfi_selinux_file_fcntl+0x10/0x10 [ 248.128052][T13374] ? check_fcntl_cmd+0xb0/0xb0 [ 248.128076][T13374] ? mutex_unlock+0x8b/0x240 [ 248.128097][T13374] ? __cfi_mutex_unlock+0x10/0x10 [ 248.128118][T13374] ? __fget_files+0x2c5/0x340 [ 248.128145][T13374] ? bpf_lsm_file_fcntl+0xd/0x20 [ 248.128176][T13374] ? security_file_fcntl+0x34/0xd0 [ 248.128203][T13374] __se_sys_fcntl+0xe4/0x180 [ 248.128226][T13374] __x64_sys_fcntl+0x7f/0xa0 [ 248.128249][T13374] x64_sys_call+0x1cb3/0x2ee0 [ 248.128283][T13374] do_syscall_64+0x58/0xf0 [ 248.128312][T13374] ? clear_bhb_loop+0x50/0xa0 [ 248.128338][T13374] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 248.128362][T13374] RIP: 0033:0x7f566338f6c9 [ 248.128383][T13374] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 248.128403][T13374] RSP: 002b:00007f566414e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000048 [ 248.128429][T13374] RAX: ffffffffffffffda RBX: 00007f56635e5fa0 RCX: 00007f566338f6c9 [ 248.128448][T13374] RDX: 0000000000000000 RSI: 0000000000000400 RDI: 0000000000000006 [ 248.128463][T13374] RBP: 00007f566414e090 R08: 0000000000000000 R09: 0000000000000000 [ 248.128479][T13374] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 248.128494][T13374] R13: 00007f56635e6038 R14: 00007f56635e5fa0 R15: 00007ffe516aba98 [ 248.128515][T13374] [ 248.329448][T13382] 9pnet_fd: Insufficient options for proto=fd [ 248.514675][T13391] 9pnet_fd: Insufficient options for proto=fd [ 248.590156][T13400] 9pnet_fd: Insufficient options for proto=fd [ 248.625829][T13405] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=56 sclass=netlink_route_socket pid=13405 comm=syz.1.5982 [ 248.626820][T13409] 9pnet_fd: Insufficient options for proto=fd [ 248.640023][T13405] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=13405 comm=syz.1.5982 [ 248.659843][T13405] wireguard: wg2: Could not create IPv4 socket [ 248.731212][T13419] Invalid ELF header len 1 [ 248.808374][T13427] 9pnet_fd: Insufficient options for proto=fd [ 248.884239][T13433] 9pnet_fd: Insufficient options for proto=fd [ 249.365430][T13440] Invalid logical block size (1050623) [ 249.609892][T13443] Invalid ELF header len 1 [ 249.674411][T13449] 9pnet_fd: Insufficient options for proto=fd [ 249.696057][T13451] 9pnet_fd: Insufficient options for proto=fd [ 249.842949][T13465] 9pnet_fd: Insufficient options for proto=fd [ 250.100951][ T323] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 250.235628][T13483] 9pnet_fd: Insufficient options for proto=fd [ 250.251539][ T323] usb 5-1: Using ep0 maxpacket: 8 [ 250.259698][ T323] usb 5-1: unable to get BOS descriptor or descriptor too short [ 250.268879][ T323] usb 5-1: config 6 has an invalid interface number: 185 but max is 0 [ 250.282269][ T323] usb 5-1: config 6 has no interface number 0 [ 250.288515][ T323] usb 5-1: config 6 interface 185 altsetting 8 has an invalid descriptor for endpoint zero, skipping [ 250.309608][ T323] usb 5-1: config 6 interface 185 has no altsetting 0 [ 250.332383][ T323] usb 5-1: New USB device found, idVendor=04e6, idProduct=000c, bcdDevice= 1.00 [ 250.341535][ T323] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 250.349615][ T323] usb 5-1: Product: syz [ 250.353813][ T323] usb 5-1: Manufacturer: syz [ 250.358431][ T323] usb 5-1: SerialNumber: syz [ 250.457343][T13491] 9pnet_fd: Insufficient options for proto=fd [ 250.568967][ T323] usb-storage 5-1:6.185: USB Mass Storage device detected [ 250.577150][ T323] usb-storage 5-1:6.185: Quirks match for vid 04e6 pid 000c: 4 [ 250.612233][ T323] usb 5-1: USB disconnect, device number 18 [ 250.883112][T13527] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=56 sclass=netlink_route_socket pid=13527 comm=syz.1.6035 [ 250.898138][T13527] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=13527 comm=syz.1.6035 [ 250.912574][T13527] wireguard: wg2: Could not create IPv4 socket [ 251.064664][T13547] rust_binder: 13542 RLIMIT_NICE not set [ 251.065686][T13542] fuse: Bad value for 'rootmode' [ 251.107983][T13552] 9pnet_fd: Insufficient options for proto=fd [ 251.217275][T13566] 9pnet_fd: Insufficient options for proto=fd [ 251.233886][T13568] 9pnet: Could not find request transport: fd0xffffffffffffffff [ 251.605989][T13604] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=56 sclass=netlink_route_socket pid=13604 comm=syz.0.6071 [ 251.627999][T13604] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=13604 comm=syz.0.6071 [ 251.642132][T13604] wireguard: wg2: Could not create IPv4 socket [ 251.748722][T13619] FAULT_INJECTION: forcing a failure. [ 251.748722][T13619] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 251.775576][T13619] CPU: 0 UID: 0 PID: 13619 Comm: syz.0.6078 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 251.775613][T13619] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 251.775628][T13619] Call Trace: [ 251.775637][T13619] [ 251.775647][T13619] __dump_stack+0x21/0x30 [ 251.775683][T13619] dump_stack_lvl+0x10c/0x190 [ 251.775714][T13619] ? __cfi_dump_stack_lvl+0x10/0x10 [ 251.775747][T13619] dump_stack+0x19/0x20 [ 251.775775][T13619] should_fail_ex+0x3d9/0x530 [ 251.775812][T13619] should_fail+0xf/0x20 [ 251.775832][T13619] should_fail_usercopy+0x1e/0x30 [ 251.775856][T13619] copy_fpstate_to_sigframe+0x919/0xb80 [ 251.775884][T13619] ? ktime_get+0x1df/0x210 [ 251.775915][T13619] ? copy_fpstate_to_sigframe+0x174/0xb80 [ 251.775943][T13619] ? __cfi_copy_fpstate_to_sigframe+0x10/0x10 [ 251.775973][T13619] ? tick_program_event+0x9b/0x120 [ 251.775996][T13619] ? hrtimer_reprogram+0x341/0x3e0 [ 251.776021][T13619] ? _raw_spin_unlock_irqrestore+0x4a/0x70 [ 251.776051][T13619] ? fpu__alloc_mathframe+0xb8/0x160 [ 251.776079][T13619] get_sigframe+0x58e/0x7d0 [ 251.776111][T13619] ? __cfi_get_sigframe+0x10/0x10 [ 251.776143][T13619] ? __kasan_check_write+0x18/0x20 [ 251.776176][T13619] ? _raw_spin_lock+0x8c/0x120 [ 251.776203][T13619] ? __cfi__raw_spin_lock+0x10/0x10 [ 251.776233][T13619] ? _raw_spin_unlock_irqrestore+0x4a/0x70 [ 251.776269][T13619] x64_setup_rt_frame+0x15d/0xcc0 [ 251.776302][T13619] ? get_signal+0x1098/0x14f0 [ 251.776330][T13619] ? _raw_spin_unlock_irq+0x45/0x70 [ 251.776359][T13619] ? get_signal+0x1250/0x14f0 [ 251.776387][T13619] ? __cfi_x64_setup_rt_frame+0x10/0x10 [ 251.776421][T13619] arch_do_signal_or_restart+0x31d/0x720 [ 251.776454][T13619] ? __cfi_arch_do_signal_or_restart+0x10/0x10 [ 251.776491][T13619] ? irqtime_account_irq+0x51/0x1c0 [ 251.776522][T13619] irqentry_exit_to_user_mode+0x4e/0xb0 [ 251.776547][T13619] irqentry_exit+0x16/0x60 [ 251.776570][T13619] sysvec_apic_timer_interrupt+0x50/0x90 [ 251.776593][T13619] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 251.776620][T13619] RIP: 0033:0x7fb4f6bb74ff [ 251.776638][T13619] Code: 2e 0f 1f 84 00 00 00 00 00 66 90 83 e7 02 74 0b c3 66 2e 0f 1f 84 00 00 00 00 00 64 48 8b 04 25 10 00 00 00 8b 90 08 03 00 00 <48> 8d b8 08 03 00 00 89 d1 89 d0 83 e1 fd f0 0f b1 0f 75 49 83 e2 [ 251.776657][T13619] RSP: 002b:00007fb4f794d028 EFLAGS: 00000246 [ 251.776677][T13619] RAX: 00007fb4f794d6c0 RBX: 0000000000000006 RCX: 00007fb4f6b8e17f [ 251.776695][T13619] RDX: 0000000000000002 RSI: 00007fb4f794d090 RDI: 0000000000000000 [ 251.776710][T13619] RBP: 00007fb4f794d090 R08: 0000000000000000 R09: 00007fb4f794cdf7 [ 251.776726][T13619] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 251.776740][T13619] R13: 00007fb4f6de6038 R14: 00007fb4f6de5fa0 R15: 00007ffc963df818 [ 251.776760][T13619] [ 251.988920][T13626] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=56 sclass=netlink_route_socket pid=13626 comm=syz.5.6082 [ 252.130766][T13626] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=13626 comm=syz.5.6082 [ 252.148542][T13626] wireguard: wg2: Could not create IPv4 socket [ 252.184034][T13641] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:86 [ 252.243976][T13652] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6094'. [ 252.284565][T13658] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=56 sclass=netlink_route_socket pid=13658 comm=syz.0.6096 [ 252.306522][T13658] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=13658 comm=syz.0.6096 [ 252.325848][T13658] wireguard: wg2: Could not create IPv4 socket [ 252.354563][T13660] 9pnet_fd: Insufficient options for proto=fd [ 252.567270][T13705] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6119'. [ 252.698613][T13728] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6130'. [ 252.860743][T13760] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=13760 comm=syz.4.6145 [ 252.887705][T13760] wireguard: wg2: Could not create IPv4 socket [ 253.095617][T13792] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=13792 comm=syz.4.6160 [ 253.111906][T13792] wireguard: wg2: Could not create IPv4 socket [ 253.395618][T13819] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=13819 comm=syz.1.6173 [ 253.432085][T13819] wireguard: wg2: Could not create IPv4 socket [ 253.733838][T13833] 9pnet_fd: Insufficient options for proto=fd [ 253.751999][T13835] 9pnet: Could not find request transport: fd0xffffffffffffffff [ 253.835333][T13839] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=13839 comm=syz.5.6183 [ 253.851767][T13839] wireguard: wg2: Could not create IPv4 socket [ 254.091548][T13854] 9pnet_fd: Insufficient options for proto=fd [ 254.364055][T13873] 9pnet_fd: Insufficient options for proto=fd [ 255.184543][T13961] 9pnet_fd: Insufficient options for proto=fd [ 255.216748][T13967] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:334 [ 255.245603][T13970] wireguard: wg2: Could not create IPv4 socket [ 255.372375][T13983] Invalid ELF header len 1 [ 255.444899][T13999] wireguard: wg2: Could not create IPv4 socket [ 255.666529][T14034] Invalid ELF header len 1 [ 255.813598][T14059] Invalid ELF header len 1 [ 255.957066][T14086] Invalid ELF header len 1 [ 256.227342][T14126] 9pnet: Could not find request transport: fd0xffffffffffffffff [ 256.306806][T14134] 9pnet_fd: Insufficient options for proto=fd [ 256.411132][T14145] 9pnet: Could not find request transport: fd0xffffffffffffffff [ 256.626492][T14170] wireguard: wg2: Could not create IPv4 socket [ 256.877203][T14197] 9pnet: Could not find request transport: fd0xffffffffffffffff [ 257.122030][T14219] 9pnet: Could not find request transport: fd0xffffffffffffffff [ 257.584564][T14272] FAULT_INJECTION: forcing a failure. [ 257.584564][T14272] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 257.605666][T14272] CPU: 1 UID: 0 PID: 14272 Comm: syz.0.6388 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 257.605703][T14272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 257.605718][T14272] Call Trace: [ 257.605727][T14272] [ 257.605737][T14272] __dump_stack+0x21/0x30 [ 257.605774][T14272] dump_stack_lvl+0x10c/0x190 [ 257.605805][T14272] ? __cfi_dump_stack_lvl+0x10/0x10 [ 257.605839][T14272] dump_stack+0x19/0x20 [ 257.605869][T14272] should_fail_ex+0x3d9/0x530 [ 257.605893][T14272] should_fail+0xf/0x20 [ 257.605914][T14272] should_fail_usercopy+0x1e/0x30 [ 257.605940][T14272] _copy_from_iter+0x1a3/0x14d0 [ 257.605977][T14272] ? kmalloc_reserve+0xcf/0x500 [ 257.606006][T14272] ? __virt_addr_valid+0x2a6/0x380 [ 257.606033][T14272] ? __cfi__copy_from_iter+0x10/0x10 [ 257.606060][T14272] ? __check_object_size+0x50a/0x810 [ 257.606084][T14272] ? __cfi___check_object_size+0x10/0x10 [ 257.606107][T14272] ? skb_put+0x112/0x1f0 [ 257.606135][T14272] netlink_sendmsg+0x680/0xaf0 [ 257.606170][T14272] ? __cfi_netlink_sendmsg+0x10/0x10 [ 257.606205][T14272] ? bpf_lsm_socket_sendmsg+0xd/0x20 [ 257.606233][T14272] ? security_socket_sendmsg+0x33/0xd0 [ 257.606256][T14272] ? __cfi_netlink_sendmsg+0x10/0x10 [ 257.606289][T14272] ____sys_sendmsg+0xa15/0xa70 [ 257.606324][T14272] ? __sys_sendmsg_sock+0x50/0x50 [ 257.606359][T14272] ? import_iovec+0x81/0xb0 [ 257.606389][T14272] ___sys_sendmsg+0x220/0x2a0 [ 257.606424][T14272] ? __sys_sendmsg+0x280/0x280 [ 257.606457][T14272] ? proc_fail_nth_write+0x17e/0x210 [ 257.606488][T14272] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 257.606526][T14272] __x64_sys_sendmsg+0x1eb/0x2c0 [ 257.606560][T14272] ? fput+0x1a5/0x240 [ 257.606588][T14272] ? __cfi___x64_sys_sendmsg+0x10/0x10 [ 257.606621][T14272] ? ksys_write+0x1ef/0x250 [ 257.606644][T14272] ? __kasan_check_read+0x15/0x20 [ 257.606680][T14272] x64_sys_call+0x2a4c/0x2ee0 [ 257.606713][T14272] do_syscall_64+0x58/0xf0 [ 257.606744][T14272] ? clear_bhb_loop+0x50/0xa0 [ 257.606770][T14272] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 257.606795][T14272] RIP: 0033:0x7fb4f6b8f6c9 [ 257.606814][T14272] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 257.606835][T14272] RSP: 002b:00007fb4f794d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 257.606860][T14272] RAX: ffffffffffffffda RBX: 00007fb4f6de5fa0 RCX: 00007fb4f6b8f6c9 [ 257.606879][T14272] RDX: 0000000000008010 RSI: 0000200000000fc0 RDI: 0000000000000006 [ 257.606894][T14272] RBP: 00007fb4f794d090 R08: 0000000000000000 R09: 0000000000000000 [ 257.606909][T14272] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 257.606924][T14272] R13: 00007fb4f6de6038 R14: 00007fb4f6de5fa0 R15: 00007ffc963df818 [ 257.606945][T14272] [ 258.033670][T14279] SELinux: security_context_str_to_sid () failed with errno=-22 [ 258.522914][ T31] usb 5-1: new high-speed USB device number 19 using dummy_hcd [ 258.683174][ T31] usb 5-1: Using ep0 maxpacket: 8 [ 258.694521][ T31] usb 5-1: unable to get BOS descriptor or descriptor too short [ 258.716025][ T31] usb 5-1: config 6 has an invalid interface number: 185 but max is 0 [ 258.729907][ T31] usb 5-1: config 6 has no interface number 0 [ 258.743281][ T31] usb 5-1: config 6 interface 185 has no altsetting 0 [ 258.761744][ T31] usb 5-1: New USB device found, idVendor=04e6, idProduct=000c, bcdDevice= 1.00 [ 258.773325][ T31] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 258.791652][ T31] usb 5-1: Product: syz [ 258.801627][ T31] usb 5-1: Manufacturer: syz [ 258.806457][ T31] usb 5-1: SerialNumber: syz [ 259.015405][ T31] usb-storage 5-1:6.185: USB Mass Storage device detected [ 259.023566][ T31] usb-storage 5-1:6.185: Quirks match for vid 04e6 pid 000c: 4 [ 259.082215][ T31] usb 5-1: USB disconnect, device number 19 [ 259.170443][T14386] selinux_netlink_send: 4 callbacks suppressed [ 259.170467][T14386] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=14386 comm=syz.1.6441 [ 260.444798][T14498] 9pnet: Could not find request transport: fd0xffffffffffffffff [ 260.668394][T14511] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14511 comm=syz.4.6493 [ 260.811190][T14521] 9pnet: Could not find request transport: fd0xffffffffffffffff [ 261.158050][T14544] 9pnet: Could not find request transport: fd0xffffffffffffffff [ 261.466405][T14555] Invalid logical block size (1050623) [ 261.715886][T14562] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14562 comm=syz.0.6525 [ 261.949896][T14580] 9pnet_fd: Insufficient options for proto=fd [ 262.102598][ T7599] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 262.269424][ T7599] usb 1-1: Using ep0 maxpacket: 8 [ 262.280332][ T7599] usb 1-1: unable to get BOS descriptor or descriptor too short [ 262.297134][ T7599] usb 1-1: unable to read config index 0 descriptor/start: -71 [ 262.304810][ T7599] usb 1-1: can't read configurations, error -71 [ 262.384132][T14611] 9pnet_fd: Insufficient options for proto=fd [ 262.500700][T14633] Invalid logical block size (1050623) [ 262.517133][T14635] 9pnet_fd: Insufficient options for proto=fd [ 262.633356][T14655] 9pnet_fd: Insufficient options for proto=fd [ 262.709541][T14665] FAULT_INJECTION: forcing a failure. [ 262.709541][T14665] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 262.722764][T14665] CPU: 0 UID: 0 PID: 14665 Comm: syz.5.6571 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 262.722800][T14665] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 262.722834][T14665] Call Trace: [ 262.722842][T14665] [ 262.722851][T14665] __dump_stack+0x21/0x30 [ 262.722888][T14665] dump_stack_lvl+0x10c/0x190 [ 262.722919][T14665] ? __cfi_dump_stack_lvl+0x10/0x10 [ 262.722952][T14665] dump_stack+0x19/0x20 [ 262.722982][T14665] should_fail_ex+0x3d9/0x530 [ 262.723007][T14665] should_fail+0xf/0x20 [ 262.723029][T14665] should_fail_usercopy+0x1e/0x30 [ 262.723055][T14665] _copy_from_iter+0x1a3/0x14d0 [ 262.723083][T14665] ? kmalloc_reserve+0xcf/0x500 [ 262.723113][T14665] ? __virt_addr_valid+0x2a6/0x380 [ 262.723140][T14665] ? __cfi__copy_from_iter+0x10/0x10 [ 262.723167][T14665] ? __check_object_size+0x50a/0x810 [ 262.723190][T14665] ? __cfi___check_object_size+0x10/0x10 [ 262.723212][T14665] ? skb_put+0x112/0x1f0 [ 262.723241][T14665] netlink_sendmsg+0x680/0xaf0 [ 262.723291][T14665] ? __cfi_netlink_sendmsg+0x10/0x10 [ 262.723326][T14665] ? bpf_lsm_socket_sendmsg+0xd/0x20 [ 262.723354][T14665] ? security_socket_sendmsg+0x33/0xd0 [ 262.723377][T14665] ? __cfi_netlink_sendmsg+0x10/0x10 [ 262.723410][T14665] ____sys_sendmsg+0xa15/0xa70 [ 262.723446][T14665] ? __sys_sendmsg_sock+0x50/0x50 [ 262.723481][T14665] ? import_iovec+0x81/0xb0 [ 262.723512][T14665] ___sys_sendmsg+0x220/0x2a0 [ 262.723546][T14665] ? __sys_sendmsg+0x280/0x280 [ 262.723581][T14665] ? proc_fail_nth_write+0x17e/0x210 [ 262.723612][T14665] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 262.723651][T14665] __x64_sys_sendmsg+0x1eb/0x2c0 [ 262.723685][T14665] ? fput+0x1a5/0x240 [ 262.723713][T14665] ? __cfi___x64_sys_sendmsg+0x10/0x10 [ 262.723747][T14665] ? ksys_write+0x1ef/0x250 [ 262.723770][T14665] ? __kasan_check_read+0x15/0x20 [ 262.723806][T14665] x64_sys_call+0x2a4c/0x2ee0 [ 262.723840][T14665] do_syscall_64+0x58/0xf0 [ 262.723869][T14665] ? clear_bhb_loop+0x50/0xa0 [ 262.723895][T14665] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 262.723920][T14665] RIP: 0033:0x7f3705b8f6c9 [ 262.723939][T14665] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 262.723960][T14665] RSP: 002b:00007f3706968038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 262.723986][T14665] RAX: ffffffffffffffda RBX: 00007f3705de5fa0 RCX: 00007f3705b8f6c9 [ 262.724004][T14665] RDX: 0000000000008010 RSI: 0000200000000fc0 RDI: 0000000000000006 [ 262.724021][T14665] RBP: 00007f3706968090 R08: 0000000000000000 R09: 0000000000000000 [ 262.724036][T14665] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 262.724051][T14665] R13: 00007f3705de6038 R14: 00007f3705de5fa0 R15: 00007fffc5094b68 [ 262.724070][T14665] [ 263.241597][ T36] audit: type=1400 audit(1762984407.104:453): avc: denied { connect } for pid=14688 comm="syz.1.6583" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 263.360566][T14698] rust_binder: BINDER_SET_CONTEXT_MGR already set [ 263.375773][T14702] FAULT_INJECTION: forcing a failure. [ 263.375773][T14702] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 263.391090][ T31] usb 6-1: new high-speed USB device number 13 using dummy_hcd [ 263.395730][T14702] CPU: 0 UID: 0 PID: 14702 Comm: syz.1.6589 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 263.395768][T14702] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 263.395785][T14702] Call Trace: [ 263.395794][T14702] [ 263.395804][T14702] __dump_stack+0x21/0x30 [ 263.395846][T14702] dump_stack_lvl+0x10c/0x190 [ 263.395880][T14702] ? __cfi_dump_stack_lvl+0x10/0x10 [ 263.395917][T14702] ? vsnprintf+0x7b4/0x1aa0 [ 263.395949][T14702] ? check_stack_object+0x107/0x140 [ 263.395974][T14702] dump_stack+0x19/0x20 [ 263.396007][T14702] should_fail_ex+0x3d9/0x530 [ 263.396035][T14702] should_fail+0xf/0x20 [ 263.396059][T14702] should_fail_usercopy+0x1e/0x30 [ 263.396088][T14702] _copy_from_user+0x22/0xb0 [ 263.396121][T14702] kstrtouint_from_user+0xc2/0x150 [ 263.396146][T14702] ? __cfi_kstrtouint_from_user+0x10/0x10 [ 263.396172][T14702] ? selinux_file_permission+0x309/0xb30 [ 263.396206][T14702] ? __cfi_selinux_file_permission+0x10/0x10 [ 263.396237][T14702] proc_fail_nth_write+0x89/0x210 [ 263.396270][T14702] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 263.396306][T14702] ? bpf_lsm_file_permission+0xd/0x20 [ 263.396342][T14702] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 263.396377][T14702] vfs_write+0x3c0/0xf30 [ 263.396402][T14702] ? __cfi_vfs_write+0x10/0x10 [ 263.396424][T14702] ? __kasan_check_write+0x18/0x20 [ 263.396469][T14702] ? mutex_lock+0x92/0x1c0 [ 263.396501][T14702] ? __cfi_mutex_lock+0x10/0x10 [ 263.396524][T14702] ? __fget_files+0x2c5/0x340 [ 263.396554][T14702] ksys_write+0x141/0x250 [ 263.396579][T14702] ? __cfi_ksys_write+0x10/0x10 [ 263.396604][T14702] ? __kasan_check_read+0x15/0x20 [ 263.396643][T14702] __x64_sys_write+0x7f/0x90 [ 263.396667][T14702] x64_sys_call+0x271c/0x2ee0 [ 263.396705][T14702] do_syscall_64+0x58/0xf0 [ 263.396739][T14702] ? clear_bhb_loop+0x50/0xa0 [ 263.396768][T14702] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 263.396795][T14702] RIP: 0033:0x7f4c2838e17f [ 263.396817][T14702] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 263.396839][T14702] RSP: 002b:00007f4c2926f030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 263.396868][T14702] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4c2838e17f [ 263.396890][T14702] RDX: 0000000000000001 RSI: 00007f4c2926f0a0 RDI: 0000000000000007 [ 263.396908][T14702] RBP: 00007f4c2926f090 R08: 0000000000000000 R09: 0000000000000000 [ 263.396926][T14702] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 263.396944][T14702] R13: 00007f4c285e6038 R14: 00007f4c285e5fa0 R15: 00007ffc0592a8f8 [ 263.396969][T14702] [ 263.538365][T14706] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=56 sclass=netlink_route_socket pid=14706 comm=syz.4.6591 [ 263.594768][T14712] wireguard: wg2: Could not create IPv4 socket [ 263.761637][ T31] usb 6-1: Using ep0 maxpacket: 8 [ 263.771077][ T31] usb 6-1: unable to get BOS descriptor or descriptor too short [ 263.781438][ T31] usb 6-1: unable to read config index 0 descriptor/start: -71 [ 263.790544][ T31] usb 6-1: can't read configurations, error -71 [ 263.937574][T14736] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=56 sclass=netlink_route_socket pid=14736 comm=syz.4.6604 [ 263.952691][T14736] wireguard: wg2: Could not create IPv4 socket [ 264.377320][T14794] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=56 sclass=netlink_route_socket pid=14794 comm=syz.4.6631 [ 264.394568][T14794] wireguard: wg2: Could not create IPv4 socket [ 264.509528][ T36] audit: type=1400 audit(1762984408.362:454): avc: denied { setopt } for pid=14811 comm="syz.4.6639" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 264.513836][T14812] EXT4-fs (rnullb0): VFS: Can't find ext4 filesystem [ 264.833055][ T31] usb 6-1: new high-speed USB device number 14 using dummy_hcd [ 264.961055][T14869] 9pnet_fd: Insufficient options for proto=fd [ 264.993300][ T31] usb 6-1: Using ep0 maxpacket: 8 [ 265.010997][ T31] usb 6-1: unable to get BOS descriptor or descriptor too short [ 265.013920][T14878] EXT4-fs (rnullb0): VFS: Can't find ext4 filesystem [ 265.025756][ T31] usb 6-1: unable to read config index 0 descriptor/start: -71 [ 265.036160][ T31] usb 6-1: can't read configurations, error -71 [ 265.042678][ T31] usb usb6-port1: attempt power cycle [ 265.462717][T14897] EXT4-fs (rnullb0): VFS: Can't find ext4 filesystem [ 266.116593][T14931] overlay: ./file0 is not a directory [ 267.551968][T15002] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=15002 comm=syz.5.6722 [ 267.596350][ T45] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 267.669175][T15015] FAULT_INJECTION: forcing a failure. [ 267.669175][T15015] name failslab, interval 1, probability 0, space 0, times 0 [ 267.694963][T15015] CPU: 1 UID: 0 PID: 15015 Comm: syz.5.6728 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 267.695002][T15015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 267.695017][T15015] Call Trace: [ 267.695024][T15015] [ 267.695034][T15015] __dump_stack+0x21/0x30 [ 267.695070][T15015] dump_stack_lvl+0x10c/0x190 [ 267.695101][T15015] ? __cfi_dump_stack_lvl+0x10/0x10 [ 267.695146][T15015] dump_stack+0x19/0x20 [ 267.695173][T15015] should_fail_ex+0x3d9/0x530 [ 267.695215][T15015] should_failslab+0xac/0x100 [ 267.695242][T15015] kmem_cache_alloc_noprof+0x42/0x430 [ 267.695264][T15015] ? getname_flags+0xc6/0x710 [ 267.695287][T15015] ? __kasan_check_write+0x18/0x20 [ 267.695322][T15015] getname_flags+0xc6/0x710 [ 267.695345][T15015] user_path_at+0x2b/0x60 [ 267.695370][T15015] do_fchownat+0x109/0x270 [ 267.695398][T15015] ? __cfi_do_fchownat+0x10/0x10 [ 267.695426][T15015] __x64_sys_fchownat+0xc3/0xe0 [ 267.695453][T15015] x64_sys_call+0x29d4/0x2ee0 [ 267.695486][T15015] do_syscall_64+0x58/0xf0 [ 267.695516][T15015] ? clear_bhb_loop+0x50/0xa0 [ 267.695541][T15015] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 267.695566][T15015] RIP: 0033:0x7f3705b8f6c9 [ 267.695585][T15015] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 267.695605][T15015] RSP: 002b:00007f3706968038 EFLAGS: 00000246 ORIG_RAX: 0000000000000104 [ 267.695630][T15015] RAX: ffffffffffffffda RBX: 00007f3705de5fa0 RCX: 00007f3705b8f6c9 [ 267.695648][T15015] RDX: 000000000000ee01 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 267.695666][T15015] RBP: 00007f3706968090 R08: 0000000000001000 R09: 0000000000000000 [ 267.695682][T15015] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001 [ 267.695699][T15015] R13: 00007f3705de6038 R14: 00007f3705de5fa0 R15: 00007fffc5094b68 [ 267.695719][T15015] [ 267.906685][ T45] usb 5-1: Using ep0 maxpacket: 16 [ 267.913102][ T45] usb 5-1: config 6 has 0 interfaces, different from the descriptor's value: 1 [ 267.923633][ T45] usb 5-1: New USB device found, idVendor=0698, idProduct=6b82, bcdDevice=d3.eb [ 267.932831][ T45] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 267.940890][ T45] usb 5-1: Product: syz [ 267.945068][ T45] usb 5-1: Manufacturer: syz [ 267.949698][ T45] usb 5-1: SerialNumber: syz [ 267.960141][T15021] 9pnet_fd: Insufficient options for proto=fd [ 268.104741][T15037] Invalid logical block size (1050623) [ 268.161561][ T45] usb 5-1: USB disconnect, device number 20 [ 268.260579][T15056] netlink: 48 bytes leftover after parsing attributes in process `syz.5.6746'. [ 268.269999][T15056] binder: Bad value for 'stats' [ 268.290375][T15058] 9pnet: Could not find request transport: 0xffffffffffffffff [ 268.858193][ T37] INFO: task syz.3.3098:7181 blocked for more than 122 seconds. [ 268.866070][ T37] Not tainted syzkaller #0 [ 268.871172][ T37] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 268.883310][ T37] task:syz.3.3098 state:D stack:0 pid:7181 tgid:7179 ppid:5489 flags:0x00000004 [ 268.894353][ T37] Call Trace: [ 268.898032][ T37] [ 268.900999][ T37] __schedule+0x1322/0x1df0 [ 268.905794][ T37] ? __sched_text_start+0x10/0x10 [ 268.911272][ T37] ? __kmalloc_noprof+0x271/0x530 [ 268.920743][ T37] ? update_curr+0xdc/0xaa0 [ 268.926367][ T37] ? enqueue_task+0x1133/0x11f0 [ 268.931391][ T37] schedule+0xc6/0x240 [ 268.935485][ T37] schedule_timeout+0xb2/0x3a0 [ 268.940300][ T37] ? __cfi_schedule_timeout+0x10/0x10 [ 268.945691][ T37] ? __cfi__raw_spin_lock_irq+0x10/0x10 [ 268.951261][ T37] ? __cfi_check_preempt_wakeup_fair+0x10/0x10 [ 268.957440][ T37] wait_for_common+0x359/0x630 [ 268.962305][ T37] ? wait_for_completion+0x40/0x40 [ 268.967467][ T37] ? _raw_spin_lock_irq+0x8d/0x120 [ 268.972609][ T37] ? __cfi__raw_spin_lock_irq+0x10/0x10 [ 268.978284][ T37] wait_for_completion_state+0x19/0x40 [ 268.983768][ T37] do_coredump+0x7cf/0x2bd0 [ 268.988311][ T37] ? stack_depot_save_flags+0x38/0x800 [ 268.993780][ T37] ? kasan_save_track+0x4f/0x80 [ 268.998659][ T37] ? kasan_save_track+0x3e/0x80 [ 269.003521][ T37] ? kasan_save_free_info+0x4a/0x60 [ 269.008747][ T37] ? __kasan_slab_free+0x5f/0x80 [ 269.013702][ T37] ? __cfi_do_coredump+0x10/0x10 [ 269.018667][ T37] ? asm_exc_invalid_op+0x1f/0x30 [ 269.023716][ T37] ? __kasan_slab_free+0x6a/0x80 [ 269.028672][ T37] ? kmem_cache_free+0x1c1/0x510 [ 269.033633][ T37] ? get_signal+0xa75/0x14f0 [ 269.038246][ T37] get_signal+0x11fd/0x14f0 [ 269.042767][ T37] arch_do_signal_or_restart+0x96/0x720 [ 269.048377][ T37] ? __cfi_arch_do_signal_or_restart+0x10/0x10 [ 269.054549][ T37] ? do_trap+0x228/0x3c0 [ 269.058845][ T37] irqentry_exit_to_user_mode+0x4e/0xb0 [ 269.064401][ T37] irqentry_exit+0x16/0x60 [ 269.068853][ T37] exc_invalid_op+0x42/0x60 [ 269.073374][ T37] asm_exc_invalid_op+0x1f/0x30 [ 269.078426][ T37] RIP: 0033:0x200000000000 [ 269.082849][ T37] RSP: 002b:00007f8e8dc03a78 EFLAGS: 00010246 [ 269.088936][ T37] RAX: 0000000000000000 RBX: 00007f8e8cfe6090 RCX: 00007f8e8cd8f6c9 [ 269.096913][ T37] RDX: 00007f8e8dc03a80 RSI: 00007f8e8dc03bb0 RDI: 000000000000000d [ 269.104898][ T37] RBP: 00007f8e8ce11f91 R08: 0000000000000000 R09: 0000000000000000 [ 269.112891][ T37] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000 [ 269.120928][ T37] R13: 00007f8e8cfe6128 R14: 00007f8e8cfe6090 R15: 00007fffdf108db8 [ 269.128925][ T37] [ 269.142139][ T37] NMI backtrace for cpu 0 [ 269.142159][ T37] CPU: 0 UID: 0 PID: 37 Comm: khungtaskd Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 269.142187][ T37] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 269.142201][ T37] Call Trace: [ 269.142209][ T37] [ 269.142218][ T37] __dump_stack+0x21/0x30 [ 269.142252][ T37] dump_stack_lvl+0x10c/0x190 [ 269.142281][ T37] ? __cfi_dump_stack_lvl+0x10/0x10 [ 269.142314][ T37] dump_stack+0x19/0x20 [ 269.142343][ T37] nmi_cpu_backtrace+0x2bf/0x2d0 [ 269.142371][ T37] ? rcu_read_unlock_special+0xab/0x410 [ 269.142399][ T37] ? __cfi_nmi_cpu_backtrace+0x10/0x10 [ 269.142426][ T37] ? sched_show_task+0x379/0x560 [ 269.142454][ T37] ? __rcu_read_unlock+0xc0/0xc0 [ 269.142481][ T37] ? __cfi_nmi_raise_cpu_backtrace+0x10/0x10 [ 269.142509][ T37] ? __cfi_nmi_raise_cpu_backtrace+0x10/0x10 [ 269.142539][ T37] nmi_trigger_cpumask_backtrace+0x142/0x2c0 [ 269.142569][ T37] arch_trigger_cpumask_backtrace+0x14/0x20 [ 269.142599][ T37] watchdog+0xd8f/0xed0 [ 269.142637][ T37] ? __cfi_watchdog+0x10/0x10 [ 269.142667][ T37] ? __kasan_check_read+0x15/0x20 [ 269.142702][ T37] ? __kthread_parkme+0x138/0x180 [ 269.142723][ T37] ? schedule+0xc6/0x240 [ 269.142753][ T37] kthread+0x2ca/0x370 [ 269.142775][ T37] ? __cfi_watchdog+0x10/0x10 [ 269.142810][ T37] ? __cfi_kthread+0x10/0x10 [ 269.142834][ T37] ret_from_fork+0x67/0xa0 [ 269.142863][ T37] ? __cfi_kthread+0x10/0x10 [ 269.142885][ T37] ret_from_fork_asm+0x1a/0x30 [ 269.142919][ T37] [ 269.142944][ T37] Sending NMI from CPU 0 to CPUs 1: [ 269.302247][ C1] NMI backtrace for cpu 1 [ 269.302261][ C1] CPU: 1 UID: 0 PID: 13295 Comm: syz-executor Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 269.302282][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 269.302293][ C1] RIP: 0010:__sanitizer_cov_trace_const_cmp4+0xc/0x90 [ 269.302323][ C1] Code: 48 89 44 11 20 5d e9 83 b8 09 04 cc 66 90 b8 62 cb 05 3e 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 55 48 89 e5 48 8b 45 08 <65> 48 8b 14 25 00 eb 04 00 65 8b 0d fc e7 7e 7e 81 e1 00 01 ff 00 [ 269.302338][ C1] RSP: 0018:ffffc9000164f4f0 EFLAGS: 00000082 [ 269.302353][ C1] RAX: ffffffff858bb855 RBX: 0000000000000008 RCX: ffff888122ec5f00 [ 269.302366][ C1] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000002 [ 269.302376][ C1] RBP: ffffc9000164f4f0 R08: ffff88814a95f0ff R09: 1ffff1102952be1f [ 269.302390][ C1] R10: dffffc0000000000 R11: ffffed102952be20 R12: ffff88814cb0a734 [ 269.302403][ C1] R13: dffffc0000000000 R14: ffffc9000164f5c0 R15: 0000000000000002 [ 269.302415][ C1] FS: 00005555876fc500(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 269.302430][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 269.302442][ C1] CR2: 00005555877174a8 CR3: 0000000131452000 CR4: 00000000003526b0 [ 269.302457][ C1] Call Trace: [ 269.302463][ C1] [ 269.302470][ C1] xas_init_marks+0x1b5/0x2d0 [ 269.302496][ C1] __filemap_remove_folio+0x27a/0x410 [ 269.302515][ C1] ? __cfi___filemap_remove_folio+0x10/0x10 [ 269.302535][ C1] ? find_lock_entries+0x987/0xa10 [ 269.302557][ C1] filemap_remove_folio+0x10e/0x460 [ 269.302575][ C1] ? __cfi_filemap_remove_folio+0x10/0x10 [ 269.302594][ C1] ? truncate_cleanup_folio+0x2ed/0x3a0 [ 269.302617][ C1] ? truncate_inode_folio+0x51/0x80 [ 269.302639][ C1] truncate_inode_folio+0x61/0x80 [ 269.302662][ C1] shmem_undo_range+0x35d/0x1140 [ 269.302681][ C1] ? shmem_truncate_range+0xc0/0xc0 [ 269.302709][ C1] ? kernel_text_address+0xa9/0xe0 [ 269.302733][ C1] ? stack_depot_save_flags+0x38/0x800 [ 269.302761][ C1] shmem_evict_inode+0x26e/0xa00 [ 269.302781][ C1] ? inode_wait_for_writeback+0x113/0x2a0 [ 269.302809][ C1] ? __cfi_shmem_evict_inode+0x10/0x10 [ 269.302829][ C1] ? __cfi_inode_wait_for_writeback+0x10/0x10 [ 269.302854][ C1] ? __call_rcu_common+0x41f/0x700 [ 269.302869][ C1] ? __cfi_shmem_evict_inode+0x10/0x10 [ 269.302888][ C1] evict+0x4d3/0xa90 [ 269.302910][ C1] ? mapping_shrinkable+0x140/0x140 [ 269.302931][ C1] ? _raw_spin_lock+0x8c/0x120 [ 269.302951][ C1] ? __cfi__raw_spin_lock+0x10/0x10 [ 269.302970][ C1] ? _raw_spin_lock+0x8c/0x120 [ 269.302990][ C1] ? __cfi__raw_spin_lock+0x10/0x10 [ 269.303010][ C1] ? __kasan_check_write+0x18/0x20 [ 269.303034][ C1] iput+0x639/0x8d0 [ 269.303052][ C1] do_unlinkat+0x38b/0x5a0 [ 269.303073][ C1] ? __cfi_do_unlinkat+0x10/0x10 [ 269.303093][ C1] ? __kasan_check_write+0x18/0x20 [ 269.303115][ C1] ? getname_flags+0x209/0x710 [ 269.303130][ C1] ? __kasan_check_read+0x15/0x20 [ 269.303153][ C1] __x64_sys_unlink+0x4b/0x60 [ 269.303173][ C1] x64_sys_call+0x286c/0x2ee0 [ 269.303196][ C1] do_syscall_64+0x58/0xf0 [ 269.303215][ C1] ? clear_bhb_loop+0x50/0xa0 [ 269.303232][ C1] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 269.303249][ C1] RIP: 0033:0x7f3705b8ec77 [ 269.303262][ C1] Code: 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 57 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 269.303276][ C1] RSP: 002b:00007fffc5093df8 EFLAGS: 00000206 ORIG_RAX: 0000000000000057 [ 269.303291][ C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3705b8ec77 [ 269.303302][ C1] RDX: 00007fffc5093e20 RSI: 00007fffc5093eb0 RDI: 00007fffc5093eb0 [ 269.303331][ C1] RBP: 00007fffc5093eb0 R08: 0000000000000000 R09: 0000000000000000 [ 269.303342][ C1] R10: 0000000000000100 R11: 0000000000000206 R12: 00007fffc5094f40 [ 269.303353][ C1] R13: 00007f3705c11d7d R14: 00000000000416da R15: 00007fffc5094f80 [ 269.303367][ C1]