last executing test programs: 7.856125153s ago: executing program 1 (id=1153): sendmsg$inet(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f00c00e}, 0x0) setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000040)={0x802}, 0x10) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_CAP_HYPERV_ENLIGHTENED_VMCS(r4, 0x4068aea3, &(0x7f00000001c0)={0xa3, 0x0, &(0x7f00000000c0)}) r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GUEST_DEBUG(r5, 0x4048ae9b, &(0x7f0000000300)={0x4376ea830d4d549b, 0x0, [0xffffffffffffffff, 0x7, 0x1000000, 0x0, 0x5, 0x3, 0xfffffffffffffffc, 0x800000]}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f00000ab000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="36d0e866b8970000000f23c80f21f866350c00a0000f23f89d0f326635000400000f302e8dcc0f23742e3b5753baf80466b8f494f78e66efbafc0c66b83ac80000666fda6509", 0x46}], 0x1, 0x1a, 0x0, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) 6.766938037s ago: executing program 3 (id=1163): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000}) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDGKBLED(r1, 0x560b, 0x0) setsockopt(r0, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c) socket$inet6(0xa, 0x1, 0x8010000000000084) sendto$inet6(r0, &(0x7f0000000200)="cf", 0x1, 0x400c0d4, &(0x7f0000000140)={0xa, 0x4e23, 0xfa82, @loopback, 0xffffffff}, 0x1c) r2 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa02, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x12, r2, 0x45809000) setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(r0, 0x84, 0x23, &(0x7f0000000100)={0x0, 0xe7f2}, 0x8) socket$inet6_sctp(0xa, 0x1, 0x84) (async) capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000}) (async) syz_open_dev$tty1(0xc, 0x4, 0x1) (async) ioctl$KDGKBLED(r1, 0x560b, 0x0) (async) setsockopt(r0, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8) (async) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c) (async) socket$inet6(0xa, 0x1, 0x8010000000000084) (async) sendto$inet6(r0, &(0x7f0000000200)="cf", 0x1, 0x400c0d4, &(0x7f0000000140)={0xa, 0x4e23, 0xfa82, @loopback, 0xffffffff}, 0x1c) (async) openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa02, 0x0) (async) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x12, r2, 0x45809000) (async) setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(r0, 0x84, 0x23, &(0x7f0000000100)={0x0, 0xe7f2}, 0x8) (async) 6.699930671s ago: executing program 1 (id=1164): r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@private0, 0x8000000, 0x0, 0xff, 0x1}, 0x20) r1 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r1, 0x0, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x0, 0x2, 0x9}, 0x20) r2 = syz_usb_connect(0x6, 0x2d, &(0x7f0000000140)={{0x12, 0x1, 0x0, 0x2b, 0x5e, 0xfa, 0x20, 0x19d2, 0x1115, 0x3229, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0x10, 0x40, [{{0x9, 0x4, 0xf7, 0x0, 0x1, 0xff, 0xff, 0xff, 0x0, [], [{{0x9, 0x5, 0xb, 0x10, 0x200, 0x5, 0x4, 0x4d}}]}}]}}]}}, 0x0) syz_usb_control_io$printer(r2, 0x0, 0x0) syz_usb_ep_write$ath9k_ep1(r2, 0x82, 0x12, &(0x7f0000000000)=ANY=[@ANYBLOB="a200004ef3b11f948ef66b0ee0b3d41b1b"]) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000180)={@mcast1, 0x8000400, 0x2, 0x3, 0x9}, 0x20) r3 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000), 0x8502, 0x0) write$sndseq(r3, &(0x7f00000005c0)=[{0x6, 0x0, 0x0, 0x0, @time, {0x6}, {}, @ext={0x0, 0x0}}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"272be5806cd46d7b9ff797a0"}}, {}], 0x70) unshare(0x6a040000) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0xc3490000) unshare(0x60000100) r4 = syz_open_dev$usbfs(&(0x7f0000000000), 0x20000007d, 0x0) r5 = openat$drirender128(0xffffff9c, &(0x7f0000000040), 0x414000, 0x0) ioctl$DRM_IOCTL_GEM_OPEN(r5, 0xc0106442, &(0x7f0000000000)) r6 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$IP6T_SO_GET_INFO(r6, 0x29, 0x40, 0x0, 0x0) close(r4) r7 = socket$l2tp(0x2, 0x2, 0x73) setsockopt$inet_buf(r7, 0x0, 0x20, &(0x7f0000000040)="be9b5683", 0x4) 6.540024423s ago: executing program 3 (id=1166): open$dir(&(0x7f0000000000)='./file1\x00', 0x240, 0x0) r0 = landlock_create_ruleset(&(0x7f0000000100)={0x2604}, 0x18, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x200000, 0x0) landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r0, 0x1, &(0x7f0000000340)={0x2000, r1}, 0x0) mount(&(0x7f0000000000)=@rnullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080)='xfs\x00', 0x1200051, 0x0) open$dir(&(0x7f0000000000)='./file1\x00', 0x240, 0x0) (async) landlock_create_ruleset(&(0x7f0000000100)={0x2604}, 0x18, 0x0) (async) openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x200000, 0x0) (async) landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r0, 0x1, &(0x7f0000000340)={0x2000, r1}, 0x0) (async) mount(&(0x7f0000000000)=@rnullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080)='xfs\x00', 0x1200051, 0x0) (async) 5.647113078s ago: executing program 3 (id=1169): r0 = syz_open_procfs(0x0, &(0x7f0000000040)='maps\x00') r1 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4) close(r1) ioctl$MON_IOCQ_RING_SIZE(r0, 0x9205) accept(r1, &(0x7f0000000100)=@nfc={0x27, 0x0}, &(0x7f0000000200)=0x80) openat$fuse(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0) openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) dup(r5) creat(&(0x7f0000000240)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84080) write$P9_RVERSION(r7, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15) r8 = dup(r7) write$FUSE_BMAP(r8, &(0x7f0000000100)={0x18, 0xfffffffffffffff5, 0x0, {0x4000}}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r8, &(0x7f00000000c0)={0x30, 0x5, 0x0, {0x0, 0x0, 0xfffffffffffffffa}}, 0x30) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="000000000000000000f5ff0400000029c839d18382a75ae81f40e35b93de4d29db4a5b3cdc552cabe867db52a0cf0776dc98a49136513a166f1118fe0e95d27e1e38763b5292ca0a8746dce4ef514938", @ANYRESHEX=r8, @ANYBLOB=',wfdno=', @ANYRESDEC=r6, @ANYBLOB=',k']) chmod(&(0x7f0000000080)='./file0\x00', 0x2) r9 = creat(&(0x7f0000000300)='./file0\x00', 0x10) write$UHID_INPUT(r9, &(0x7f0000000540)={0x8, {"1a17924ab218eacb15a3fccf929e2dd2497903c1f853d95b995c65e99449ff953fa11c7723b2149ecdaa7f833f60e13b19a66e963f7e8da4297ebbfdda5b36fb4d01bd02e6c652dc4d99e2cb82c2a1d4a45e4c89ba9994e82f854bbc34a40b3a58aa256c9b4512fbf91b9846446c4909e4ec53982e7d7fd11ee0bdeab0bb4c469c9665dde8cb58f0ca148223b6cc4e2f306cfbeccedec8db5212f2fc4e14f836c68bdace4db1afbde9d463e5ac24567925b5fdf0e3af1a52dbd7669fe9227302c8f635bc2ddbf5bd7dccd7b92a9bd5c7363375a57851c2bc72509f2005f138f5a59cf85e9ddb1c972c89d50806e8941b7059cd3eca77527a7f20af70841b4d6f026614bdbb276a6814cc74d91856b968c5fdb52674d892a90d01ab91841b6811def78bdac9bc6f9df2598569fbdfef75079832b2750801dc83fd1987713c61136ac9e5f2f7e67f302109bb9a7fea75290b506a89a19d7e0e472937a8c9ecfe16ef6eb88c7a88a060756196d55d6a3d3f7cdf9915d22b6b3af69ec55017b821ec0621e8a59414efc2b46977a85846b53ae75a350947afcafbdef7233cc371bc2a6f29c0315b352ac2741c81df534303ddb30a4408db5679d05d245259c245c9d7f861711cc287cfd0462b948512623b921060386c587fd166df29e71ecfc8ed90031e95b2af1406b5ae73f6084e39e88194e3d37dc801982656b5b66342d74100f9f5b8c94c1e91b626bbf426a07b4be91dbdb76a6e40d0b788f89359e462e69bc4499fd4f9aa1e7f0c3f73a996b6ecef606c7651286e1f18a6823eed7191cd542057eaaf09aa32e8ce370c09050278b85fd359b8ca23e66e9d294ec57b3ddd90409d9b1ca28c6993b244f8ca46f6bf478ff22fb1df53e33abdda4b2b1e5cff7de19957bdc8e7ca39e4762204b1f9f33b9375b7282422b91841706751038e42023ba45c1cd0998c1794c1c2a5ff65466189bbb27bcbf01e5a48bfd8b6845f7d5c87d977df4ded5273ebf56b96c50b4eadc44bfaa0994259eeb1031644415fa9d729753d2138b06f9b7b624d9eeb1ef71dfdff0b639078f058c7a070451c4670af0c6eb1202f77be82faba9b6287995066b5f7e59b7967706d8d8c5bde48137e13df537ae54664fe4e8460b1bdf5b92a1dcf39ee1726bc6690d0ac5f799bcfab918c59cb132c45054ba17b8a44d505ad3eaeee95b4275b25b2087da8902552727a1e739014df348cfa3a1102661c35a6a38df6c410f5343577955dd57de5af089e3f1bcdf96d4ef1d5944243470b0ed10616144cccc5cac44e36fefd9441120c5d047867af0ea353da21fc0ae73b78b84d53a62efeb94ea8d441cc698c92fd7b36cf41472d036c5093bbdf943620c29ffa3b21ef4a0bb9274912b046834ee6f855ceadf18fb488040d5829ab6e8bf69a90315f7f84d002ac4e929e9f1010a8486746bd316799ba3a65744980c388202324ba50768c77a8481ba74d135da7507048c82714a8234837b69922126e4084a68f7418bfd26417cade786c7f8185e2492e3b64eb9d2c2c721504c7b4aeb383503f745fd69315c56b5b0158decd1b1606a63366b7e2d2b9124b6efca4480c703c8f37d6ddff55b0ec15f2ce6be6c902d06aec2ccabeba13b442b608076c33d19e690ab66cf6678d679758d22fb5d8d963f25d00c45576f8b2938543080297b9cb6c305e3131d2f412f00370c285251909f8ebefc3d18a23e25a183997b08251450b29fff32781e6a70e6e070ab3921f3f809392deb732d6f30cc034b5f77d41218bca86d515b16da0457dbf7aaefdcef9d5358e7b4f1e5d1a410f55449e765609d122f938fd57b71482244dff0523067cabfd322fc47aca1c331112e3d969f5fe3594c3c7adea7c36e9b9af6754cdea5ccf05b139f783d4b24540c50a6a9f7dff472d47c87c151d8439b5740cd1f423335dae2680050bd44766159cba66666b7dbc9e190130494327a0d8c9dbed5c8b831ce2b2bb236353ff7175a48b61a0f3209fa3db44f07a21a485ef1682a33cdf632ac2d6ca993b6cd90913e31704bb851711e1f2b5ebb19baaba102dd42d550933e9dfc17311665fef4d0206d7debbcbbd97efafffb905bf9a77b8eeb67d5f8bef8526f6f8607672bb3c50b14e16c264265594e05fa481f724290abdc9f60a899f26033236e3b90548c24288a7b627b51c4d7c638c359ec6325b0d79e1d69cf18cd9136a263b6aa84ad062b9831fc7c201b7ccec7d3b7ea2132ee4579632bf614bcde285527c36ef8a8e12651ef34a677a8d2f84360afa2f2245e4e0d61a12e8e446045fae61375082f983363795f11848edad24b3f7ae53f0eeb329fa62b6d7b446e3b2c1257981f9c0c3ea371c71021af834a285203b2e3177ddf5251044ea215c048f78701dec36a94ca3c435278d1fd889996adf5ea7c8db62f2b1331bc22c4b7798d587a5c4e619b7b576e19d92996bc0bdc0c8c15374e11b6eeda0e18b35aac4b96db9cdba025080bf5bea4ffdf4fa3c93ec5feede0a140f7f6727ef255783565935d59d348aaa6d12c060afd5f6d084346309d8cbf54b33050ecccf30ae083c4034165880214a94a5296427e2fcb6d90692a82212b6b8d86c6d163f0643944aaba4af1171aed463994f1374e1ec1654b89b04e9d635074e8d131bc2443daf1caad455671470329a287f4c711cb907403d5c05184cd3a647823b5b9c6dc4451fdde92dc1cb87010197026458b40d4809ab60aca1af6bb3702a3e0506cdd21faa6d9909f4ed74723de75fc48d44314fa3cc0c8e8ea226ec1d5875b9595aeacdff0a9f75b4a60dde781c58179f997ecb6479c91ecacc65bfe293a2d26c21ae7c1d7be1241cc1c4ea86a6cf8d93012bd98508aae8db723ff167026298cab227b7d0062c27ccc8e81df7268423ad063638760b44e77147ee9bd84140166ae2bfd592f845ca68c719f7520ae3c9988cc89db73bf93ad6f2f7d9394b2288f0176723acd167081ade4e066a26832f7b655cd874aa5026a7369bb9912c90599d1407f0488a9c540a31997890f5433bd1df91ba13a9e0721c9a707eac7cff1c3efef6cd716779c7ad631c3560caa2031d9d2591329c1867d0d5f96b5897cac2c6a381f0ce5c27969c2b3e7d188e1e896d815b01a3e177933817325953140272ad718a36ae522d43de109ba92255ee66d2a14897f2b2014dc9a495c108727e0eef54df617e269e43a0c48d28a91aaf14d58719e21ea39c1c534e39a1dfabb61377b55d2f69fe79c7d5111b8b952c388925ea8ab1503ae68bce95a34a10a85aa0e5da52add14b93eaac5861a6504e23dda8034e809253c1071ddda934663faac454cd378c5725f5c6f4d943779994357185e512a4b6993156e624f25d86d24e7254d3e9b231aa80ed5a32e108cb528d402f93e58c25ac937420ff7dcd7d9ec2126c7fe7cefa47c038f23de40523d5e026fe3bb4cfd3040f9bd9631cf5a2cde1e20a6032703cd64c2ad97ea95d05a7aa3ea3b3b9d5a86961116dd1338c0a2caae0ceab3178ac7736dfa8a949cd81d261748e6678cb730b57468fb2b7e22c5eb08ad496e76775dce0c31950a596580ad7d6c3fd9ce90dded340f20b77fe53e81fb6e2a7a6c450b8ac9009c7c077893f704457a90401fb758c0769fbfd38e40ae692e410b889bbf0b09a32dc731b6768c0fa3963a5b6279b6a5db611174339f3218fff567f6cfb7377ddc8e2c730da35cc3ec680a6bc95010dd03834caab7afb2c0023ad9ce3aae3c0fd1ece42ea840bf5fc798a0b5fbe7692f13549cdba4a0b68f722ef6877856a76fc3c39f7cfd760675a9f341d9f09f381972be9171e50455ed13e665e61a03b0c2a79276a871c25fc5c486639a71a8dfdf36174373b8995014752aba3026045be6b43074ac3824d687bbf5f6544228cea52791828f54980ee9f728534ea32edd205aaace717adcf61ce28f92719048d44b09812bcfd2d22cc9d7a45ed6b4634756f6b3189908c71728c373ea94aa5c74ce4a73c20138b8cb21db6e2dfb35329b86b1805a5208dd370b8342ca8aa3cbd3e7a3ec79d7b8ee677b04e19c524ddc6de0b22443ac15de908f61719399d0f9890ca2b0283a7db914944f424af10ba0ec9e3e253c060d7b28552eaae5eed1e906f8f93c2195293deabdad6cb38ddab51603e4a96ef1e086de911fb716ffbca467294d9e66e5d0f8225bc28d6c074c4ffba76706f61b0b386b7e4b6500a15fad291f34f6c84f1596a97512f31196a529a7a5725437c038e17d531da3838c8aef3bade6bc1d4c7624560d4fba72e5f8be2c5dc905e1e4bcb2aa7eddb275408ef4288ac69c7a18ae58fb26c2f5a6964f051b81d2e426fc2a5d8617050341b96d5a746e3419fbe94bd3752403868b655c2dba6f48ef109a2e6ec0041842fae52bfab70481ecfe8d27f3d5e444f1b941d871c8057cbe35df68665bc3aadea02d203b106d1179a428daa7d9fea9dbddd8955bb289a92ec790de74cd6a1edf925ab85471633dedf8ba46abe456963a2381addce2aa16c06dd80bb54d8e53d7c82607916af175061da29122afde8687add6b6f42233b76a1164893dcc1ec3dcf935576d2d0f3ab3b1adbace086da915234b4f9bad0afc2915608fc4f6611dc3b91d7e0e48cb0a0f3fdc70ef70ef82043afbd3325f0f6186390ab28ca9f0009184637530d79f0c5a77c6e912afbe6533988f543fc6c02d3d44fbdb0e2ebfad2680184f1ed451991667df958a71fb41cf4367bdb931389ea8b6340e225b312a09dadd8e2ac2d200db6e75323d48c73c6b819e13f92b01bf405e796a2e10b863e773598abcbcc196987e18b19530337809b56480778207103a12acfff1c0ad62846088251a1a0d0d6b300059a99698c84ccac78d53eb32e3984001978db7679960b4d75d71b49696909826c66320526fe02a060265821d15b8b2337121a201402a118ec03ff0d4f3dfa48f2dadd20b510ecdf4e6440b5b2466b9bf28e32327189f0405245694a6371dbe4eae7a8293cdc15193c284123d64690120634f808096a8f3f7a04a5bac9dd86c09f2e4e87c7d7c98d0b370e84ea5f265730f5480eb1375d4f82c7d4efbb6e58c5a92848331b2becd2531f6c456b5d0e690b102dd8faec55bde56f95727f4abf52c58543faaeb9cefd39bba788bd7e2b02b27ecbc1679a1ac00823c83e1ae29690cd25544d3ae0a8db25e963e9fb5bd94987637ac3546b9b312bf04d5c6211c135e806525d423fde9ccb5ef7962ec1e056e6f29adaeebb331f6c234586d1fe21577f56d620c6942a29d4915772144cc60008d1236db21100d5a3112c29396b9e18cdb5b104bed2df2b6ea72c9aa03bb6082f3eb07f0eae359864967a749492d21005b0d39c9613c20b1e21700ab66a4f5ca03ec08d67b95f759252d758743820ba243032e1708447fbaebc27e1316af4cf547cef3ac4966a1f04dd07012f257a0204107c23a0046b12493d9784b24dc561c1f88e591056bcc3b338ab1de65e5ad578021f26f93e9b12f00b5f8c8ae2db6b7b8f254303c7ff06514735974e65fb9a93dc79b115a12310040490ca11ef315340af104e20a2e22dcd132f7d7a61d9d3a12e832ee048a2170dbe03d747ed7402180eb964fde0ecb77e778b18a4e5a83479bb7e0ea0a7d5145ffed4607bd7e6b8f961625d5e3dcac2d4a05e71dc9c2e52195bd55aed4e6749dc1c329e2cda966d18e9bf882c05db627c1047fc71533bbba2c8a83d04db5bad6da349a9ad1992eb88e0274d32a16137e2396ad973c0ecbbc2d243e68b6959bf9b", 0x1000}}, 0x1006) write$dsp(r9, &(0x7f0000000340)="7c810357efc965", 0x7) r10 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_HOPOPTS(r10, 0x29, 0x36, &(0x7f0000000040)=ANY=[], 0x8) connect$inet6(r10, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote, 0xa}, 0x1c) setsockopt$SO_BINDTODEVICE(r10, 0x1, 0x19, &(0x7f0000000080)='bridge0\x00', 0x10) sendmmsg$inet6(r10, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000140)='\x00\x00', 0x2}], 0x1}}, {{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000000)="936d8a7e287a8a78e1140519d8803e33f66c2be3a3ea5b255afdb1141f0faee28d9d5e0c90", 0x25}, {&(0x7f0000001580)="f9110d131394f390a74151c96dcf7b7330960430f68351717412222b4819657168a842e54c62a3a7f7fd5e45731195ca45f260bc3e2e4f955814380b9b23107242467b3b3b03850f3fd6d75d21744d1947b911ee6a7215f909166be673a444c339a558fcb20d83ff05b26091619fa79518a43c11bba39c681c5f2ae08801cb52b1fc7c93243004ed5489f3dd46a7165f0aeb7edfadd72957c78567839f", 0x9d}], 0x2, &(0x7f0000000480)=[@rthdrdstopts={{0x68, 0x29, 0x37, {0x16, 0x9, '\x00', [@hao={0xc9, 0x10, @mcast2}, @enc_lim={0x4, 0x1, 0x4}, @padn={0x1, 0x2, [0x0, 0x0]}, @calipso={0x7, 0x10, {0x2, 0x2, 0x8, 0x4, [0x8]}}, @calipso={0x7, 0x20, {0x1, 0x6, 0x10, 0xf092, [0x1, 0x1, 0x9]}}]}}}, @hoplimit={{0x14, 0x29, 0x34, 0x401}}], 0x80}}, {{&(0x7f00000003c0)={0xa, 0x4e24, 0x9, @private2, 0x9}, 0x1c, &(0x7f00000018c0)=[{&(0x7f0000001640)="51c8093bf335084cf6b23e5f1815c335cd07f070542363c1ad45fe6e9034c97ff997cc66bc50a9395c7c449ad3ad40679467a90a8aba5b86ae94d94645c24962f32e27219569386b068f14438e1363124735cb6967db5830d70abab6c7a0dbf2a744401bcb327c17b6829845e75fbd5fc88267b5acbe759bd6cc96e54ec9274117116f6b8ef71f828c27dbff0f4e87dccf633b7587d3b0d7a2b93ce2e5803948ce9273488b1c025638e2df2d467a21682a11529f859b87486c0455890f7422cdeee46458b9cd8cd680adf115a09e945589b80645f5c12eccd5f5c381784e017eb52b2cb418a46233ca35f5d3e716d32a7b5207736f513fd9", 0xf8}, {&(0x7f0000001740)="ac0039e8f3e2f11d6c0532aa195fdaef7ad6317a9d70f570653269f603a68fe8205b923a57a2578619eade9c44d6b35fd6efce68c0eb247b6f50177604370d9064aa818fcd05f274397749585497bba7ecdb3952f1a345f895f111dd69020ac00ac6df84d7256a601483cd4cc0d819ef07186b47d2ef058ab42c61fcc209173ed67437f51673008e02d8bc30b7e25208d2e8d4d96618ef6f90dfdb10673b9e154671254890f33a4aaf19cb96ea7dfab6efef687f3ffb2f24d5e732b21afb75f39bd0e3e33ec755f1dba050ed3944e8977ab914627757e1c2abffd02d97c1ff8c9eeccaf55cdbf13ba5598aab02c2515ff2d998", 0xf3}, {&(0x7f0000001940)="18369eeb24c2b99831b2d490a4040f55f59fedab3764c5b41d8817c573d6f6d04f59fc6946f520a3ca01c2db95b2d20a246600efb0a43da1dbb1e0f0b72def931981147f923da163052519f9cfb4c4dd822fef4c47f0c1b7df78383a72f4e03a39c80594f9c1ae22c9378b0a2d32a4baad81ebcbf95ed41b416ad91f891451df16dab438e68efa06d688803ce2ea416abb6b4705d69b583f4eb21184b49e897d1c0b19bd3343df4bbb984e943236cd95401105fa184716f750e1a359d4388fc5bfa4b18a71fc6ef538b07d8fca5a27843b4bf007", 0xd4}, {&(0x7f0000001840)="9d93badafa8d43abc02e0a9e9915ecc406dbcee644e1557a89c64d51a21f52b9be9dfe9cec74a6c5c01666c3790a624ebcfe33447313e193bc4861c1bbee7afb9c775ff84eb20d2f20a8942589327fd0c90aa7988ce840c5db35a713c9f61c75cd94dfa16070ea3c8b", 0x69}], 0x4, &(0x7f0000001a40)=[@rthdr={{0x78, 0x29, 0x39, {0x2b, 0xc, 0x0, 0x6, 0x0, [@loopback, @private2, @remote, @private1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @empty]}}}], 0x78}}], 0x3, 0x4400c800) sendto$inet6(r10, &(0x7f0000000300), 0x16, 0x3b00, 0x0, 0xfffffffffffffdfd) r11 = creat(&(0x7f00000001c0)='./file0\x00', 0x3) ioctl$KVM_SET_MSRS(r11, 0x4048aecb, &(0x7f0000000180)=ANY=[@ANYRES8=r2, @ANYRES64, @ANYRESOCT=r6]) 5.416128126s ago: executing program 3 (id=1170): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$netlink(0xffffffffffffffff, 0x0, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4001, 0x0, @loopback}, 0x1c) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x20048000) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$MPTCP_PM_CMD_SET_FLAGS(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100000000400000000002000000200001801400040000000000000000000000000000000001060001000a000000", @ANYRES16=r2, @ANYRESOCT], 0x34}, 0x1, 0x0, 0x0, 0x94}, 0x0) 5.25687395s ago: executing program 3 (id=1173): sendmsg$inet(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f00c00e}, 0x0) setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000040)={0x802}, 0x10) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_CAP_HYPERV_ENLIGHTENED_VMCS(r4, 0x4068aea3, &(0x7f00000001c0)={0xa3, 0x0, &(0x7f00000000c0)}) r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GUEST_DEBUG(r5, 0x4048ae9b, &(0x7f0000000300)={0x4376ea830d4d549b, 0x0, [0xffffffffffffffff, 0x7, 0x1000000, 0x0, 0x5, 0x3, 0xfffffffffffffffc, 0x800000]}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f00000ab000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="36d0e866b8970000000f23c80f21f866350c00a0000f23f89d0f326635000400000f302e8dcc0f23742e3b5753baf80466b8f494f78e66efbafc0c66b83ac80000666fda6509", 0x46}], 0x1, 0x1a, 0x0, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) 5.112220977s ago: executing program 0 (id=1174): r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$RFKILL_IOCTL_NOINPUT(r0, 0x5201) (async) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000), 0x103000, 0x0) (async) r2 = creat(&(0x7f0000000440)='./file0\x00', 0x0) open_by_handle_at(r2, &(0x7f0000000540)=ANY=[], 0x0) (async) ioctl$RFKILL_IOCTL_NOINPUT(r1, 0x5201) r3 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa80, 0x0) (async) inotify_init() (async) r4 = gettid() close(r0) (async) ptrace(0x11, r4) (async) r5 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) ioctl$sock_SIOCGSKNS(r5, 0x894c, 0x0) (async) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x800, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r7, 0xae60) (async) ioctl$KVM_CREATE_PIT2(r7, 0x4040ae77, &(0x7f0000000040)) (async) close(r7) (async) inotify_add_watch(0xffffffffffffffff, 0x0, 0x80000000) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000002, 0x22052, r3, 0x2000) 4.80028199s ago: executing program 0 (id=1176): openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) r0 = creat(&(0x7f0000000240)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f00000024c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@debug={'debug', 0x3d, 0x10000000000001}}], [], 0x6b}}) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) r3 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_opts(r3, 0x0, 0x5, &(0x7f0000000140)="26a1", 0x2) setsockopt$MRT_INIT(r3, 0x0, 0xc8, &(0x7f0000002e80), 0x4) r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) r5 = fanotify_init(0x8, 0x80000) r6 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="2015000018000200000000000093a33d59af6075949e010000000000000001000000000004000880"], 0x20}}, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000080)={0x5, &(0x7f0000000000)=[{0x0, 0x6, 0x60, 0x6a}, {0x8, 0x4, 0x9, 0xfffffff9}, {0x4, 0x7f, 0x2, 0xd2}, {0x9fbe, 0x6, 0x1}, {0x40, 0xd4, 0x6, 0xcf0}]}) fanotify_mark(r5, 0x105, 0x10, r4, 0x0) r7 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r7, 0x6, 0xe, &(0x7f0000000000)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x46, 0x0, "2431d0edd9b36cb74d7df7671eacf04be3b08353efa3641776f56c7556fd3713097bd0072577bc6fefb4cdc9e94e420b0ea4fbc5b07a32056eff5e6c42784b46ddab72b1b8fc87f208ad6db80d8dfe25"}, 0xd8) ioctl$KVM_SET_VCPU_EVENTS(r0, 0x4040aea0, &(0x7f0000000100)=@arm64={0x10, 0xa, 0x6, '\x00', 0xfffffffffffffffa}) setsockopt$inet6_tcp_TCP_MD5SIG(r7, 0x6, 0xe, &(0x7f00000001c0)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, "aeb81d8ee3a82d67eea9e5bdf2247481041a5b9cddbc936efc471c56ae3d5f6945d296a285858a891a3b4e7bff572ef69992da867f406182d70f47773434b8349435f2ad628d62a3b45bb98872fb1900"}, 0xd8) close(0x3) syz_open_dev$sndctrl(&(0x7f0000000040), 0x8000000000000100, 0x0) 4.567911349s ago: executing program 1 (id=1178): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000000000e006"]) (fail_nth: 1) sendmsg$TCPDIAG_GETSOCK(0xffffffffffffffff, 0x0, 0x20004010) mmap(&(0x7f0000787000/0x4000)=nil, 0x4000, 0x5a051feb1f984a1d, 0x202812, 0xffffffffffffffff, 0x7dfff000) 4.414518789s ago: executing program 0 (id=1179): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f00000000c0)={0x8, "7acbc646aa2e5168"}) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000100)={0x0, 0x0, @ioapic={0x11101000, 0x64c, 0x101, 0x2, 0x0, [{0x7, 0x7, 0x7, '\x00', 0x5}, {0xa, 0x4}, {0x1, 0x4, 0xd2, '\x00', 0x1}, {0x80, 0x8, 0x0, '\x00', 0x3}, {0x40, 0x4, 0x9, '\x00', 0xe}, {0x7, 0x2b, 0x0, '\x00', 0x20}, {0xf8, 0x80, 0x9, '\x00', 0x8}, {0x6, 0x16, 0x3, '\x00', 0x6}, {0x5, 0x4, 0x62, '\x00', 0x1}, {0x9, 0x6, 0x8, '\x00', 0x8}, {0xe1, 0x9, 0x28}, {0x6, 0x4, 0x0, '\x00', 0x1}, {0x9, 0x6, 0x7, '\x00', 0x3}, {0x2, 0xd1, 0x8, '\x00', 0x4}, {0x3, 0x5, 0x2, '\x00', 0x7b}, {0x9, 0x8, 0x4, '\x00', 0x80}, {0x8, 0x7f, 0x9, '\x00', 0x1}, {0x4, 0xf9, 0x4, '\x00', 0xa}, {0x1, 0x6, 0x3, '\x00', 0xd}, {0x1a, 0x6, 0x7, '\x00', 0xa}, {0x6, 0xc5, 0x4, '\x00', 0x4}, {0xff, 0xa, 0x3, '\x00', 0xf9}, {0x2, 0x2, 0xb, '\x00', 0x36}, {0x1, 0xe, 0x80, '\x00', 0x7}]}}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000000000e006"]) fsopen(&(0x7f0000000080)='cgroup2\x00', 0x0) sendmsg$TCPDIAG_GETSOCK(0xffffffffffffffff, 0x0, 0x20004010) mmap(&(0x7f0000787000/0x4000)=nil, 0x4000, 0x5a051feb1f984a1d, 0x202812, 0xffffffffffffffff, 0x7dfff000) 3.820042624s ago: executing program 1 (id=1180): mount(0x0, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000240)='hfs\x00', 0x300000, 0x0) prctl$PR_SET_SECUREBITS(0x1c, 0x1a) r0 = socket$inet_icmp(0x2, 0x2, 0x1) setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f0000000500)={'filter\x00', 0x7, 0x4, 0x3a0, 0x1d0, 0x1d0, 0xe8, 0x2b8, 0x2b8, 0x2b8, 0x4, 0x0, {[{{@arp={@private=0xa010101, @remote, 0x0, 0xff, 0x0, 0x6, {@mac=@broadcast, {[0xff, 0xff, 0x0, 0xff]}}, {@mac=@broadcast, {[0x1fe, 0xff, 0xff, 0x0, 0xff]}}, 0x5, 0x1, 0x6, 0x800, 0x2, 0x400, 'veth0_to_bond\x00', 'veth0_virt_wifi\x00', {0xff}, {0xff}, 0x0, 0x111}, 0xc0, 0xe8}, @unspec=@CLASSIFY={0x28, 'CLASSIFY\x00', 0x0, {0x7}}}, {{@arp={@remote, @empty, 0xffffff00, 0xff000000, 0x10, 0xc, {@empty, {[0xff, 0xff]}}, {@empty, {[0xff, 0xff, 0xff, 0xff, 0xff]}}, 0x27e, 0x6, 0xb4, 0xb, 0x7, 0x8001, 'macvlan1\x00', 'sit0\x00', {}, {0xff}, 0x0, 0x412}, 0xc0, 0xe8}, @unspec=@NFQUEUE0={0x28, 'NFQUEUE\x00', 0x0, {0x6}}}, {{@arp={@dev={0xac, 0x14, 0x14, 0x31}, @local, 0xff, 0x0, 0xd, 0x2, {@empty, {[0xff, 0x0, 0xff, 0xff, 0x0, 0xff]}}, {@mac=@remote, {[0xff, 0x0, 0x0, 0x0, 0xff]}}, 0x3e53, 0x7, 0x100, 0x2, 0x7ff, 0x22, 'caif0\x00', 'veth0\x00', {}, {}, 0x0, 0x40}, 0xc0, 0xe8}, @unspec=@AUDIT={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x3f0) lsetxattr$security_evm(&(0x7f0000000080)='./cgroup\x00', &(0x7f00000000c0), &(0x7f0000000100)=@md5={0x1, "1e7fec4bde00881bab48e2df6ae9c66c"}, 0x11, 0x1) statx(0xffffffffffffffff, 0x0, 0x6000, 0x40, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) quotactl_fd$Q_GETNEXTQUOTA(0xffffffffffffffff, 0xffffffff80000902, r1, 0x0) ioctl$CEC_S_MODE(0xffffffffffffffff, 0x40046109, &(0x7f0000000100)=0x22) r2 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000009e602206d0414c340000000000109022400010400a000090480000103010100093700086ce82201000905815f"], 0x0) syz_usb_control_io$hid(r2, 0x0, 0x0) syz_usb_control_io$hid(r2, 0x0, &(0x7f0000000480)={0x2c, &(0x7f0000000380)=ANY=[@ANYBLOB="200900000000f1e8c8fe2fcdda626fa530b6af68aa181ac3beee12728958765fd59c28ce6b3e810d50c0717eb90553e04ffd3c54b5ae744ebbb4351595641e1ce3b4803256458b71fdbe7414db6bd35f9f19e720d9e2e1baa7592f82d9e520234459897a19ec220d43721f67c31a58dff80bbfeaa2591478d3ff2653db263d77d54f2321286075881cee42978899427030c4"], 0x0, 0x0, 0x0, 0x0}) 1.65255096s ago: executing program 2 (id=1181): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0) ioctl$HIDIOCGRDESC(0xffffffffffffffff, 0x90044802, &(0x7f0000000980)={0x550, "5c16ce5dbbc08cabc01c7cc2bcd08838b634e037b9dfd22ccedeeef216246201702483c2187499271cd308a6443da943e706de8d603b1635cb871a4cd45229f615b4b74714cb235a2ad90c104c389896c8a55d85987a9f39c2b999844da0d4df4c3a38a1f27a1b5edcb48fccf70a6fb9b1ad1df524824056a914aa9b476efe84dbe6733f2be92de2b20a76954811cc96e3a79685adfcc177a9e7aca859c78ea80a45b37a4b4f4d313f3d893bb2aaf36d9152f10fa09ad8a0276d29e3920c9032ad2339efca5abaf5cffd58b603fe74790d3b4ece6f935a1c4c868fffaae0286dbc6a7e1df4f0faaf3d2653628934e3004f825ada079a3382db94297111dfb120dab5cb00a4c30eaf66ce3f35ec7be9e9804659bcdafb9e1be67e61221a4bef6275bf364955192537f69dd4265b370be66a80c44da0fdcd982655374d3fb407fdeadbdbb7e0c0913376320cf7c2208ad4f1dd8f4c0f131aeef6e9359281519a0e1fcdc951fc91627cd790dcc4964a3f834943d1b8dda19017dc658bfb7878c5ffdaec83442275e752f86ee6b8babce03eec37f8872bb57e613e676cb6bb5ee631f39b0000e068027851e133d5e05590f7e7d6083b8bb7d89650f311fa1db5e29d66f07595c0cf55e373819e5970d74401c2aa65593cd536f4c46473ae1b1dd5ef8bb5b0f7c718828568ead5e53d162cb50f2340fbd0351b8d765fe58b14d58e4d77328335e0ed007449d3b41f9ded7187a970f1754a712285876077d30ae047bdf20777936a769b17061a9458addfab43752fcf228612cd1da2f2164712c7335e1b23b4c9bb1d921d0aee169b813d1daacf2cd7d2b2c2e7a2f5c57e93cd4cbce6eabf3b4a0c9bbeda0b72abf2630a89514200058330cfbe315ac583f3e8f94cafa8cc06e92d76c9adeae40ccf3922bbac05b87ae47f38aab2d912babb0be3b3f5f2a37e0c524f0fa93b4a77b9ee54f4afd75020997a80a2c431ea658176b434dc322077fbb5a616b44be0c008048c6e944a84e69a180026fff71e1ce5c86e5c20e836ea904369b7e8fe3bfabbc0e7b3b997213a5ef4898f2c6d14922eadcbbe36fbc29e8c4a1d675acaff9a983508421fa0684124cfb98d28e272b6462b2d201eabe260bccf0567f283df167ad17e5954f940d5e727c592e79d951a3e38d64c67adf44cc31381c20b43f654a07cf6c782e076febc64efa06eb1345f277a335ef75f9b2c7c96c0714e7134fb6a0fb6353c2d437c1546abb7a5596c95c63d526dfe1079495a9c5606b4cf2fecdf2bf3dfb6306d1aa7e6fa0fef0321324b844120a687e0705ba4116c20e4e6097ddc95b7a5d382ef8d1f6c3e069271ddf80a8963137ca0a21d2addfc79550eaefccbb5387d2003d8549d46bef219d6db3981ca8b4980cec90810ff521e6dded7d7a2a8ac4857e0bd1545c1cbf64f6bf1b61aa618a75498211bc6f601e00da0ea73833ec3a50d03fe294422b4b74edcf9b84d18a5a91016fe01f4259c01a980cc271e702fe3c8113b9c9105f92b56f68e3197a76ee509a9389dffaa4afbd1737b5754658b5c8bedf01cf92f0e386b288169750a443fb464abdea96563e9416653fc15ecba0768511077eeb845f8aee907054b56742843a4d7e78ce1c2bdbfedc543a5e896e32ee09cd06d6a73a9a7e676ffa65e51fbdae536d6c579171add19bcb489a1ebf0d25fb3221d8cb461e6637ad7c9987ca2640fccfc29de4749793e63410394daa5138123d2ece80e573fd90197f51764e04a26ec05cb67f3a8d726a5155b3d769102fab24941bbb22c31289ae2bb559e9febd5ed1065556a0640c624df0a0e55eff775319c9b68bb33cb73216127b81af5c584ffb3d05ad7ff970ee5fe44bbacf02ef6b016021b249320c56694957a901719b2a17e0548edf86651b24f194b6006"}) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000280)=ANY=[@ANYBLOB='\t\x00\x00\x00\x00\x00\x00\x004\x00']) r4 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setreuid(0x0, r5) fsetxattr$system_posix_acl(r0, &(0x7f0000000080)='system.posix_acl_access\x00', 0x0, 0x0, 0x3) r6 = socket$inet6_mptcp(0xa, 0x1, 0x106) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000900)={0x4c, 0x2, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0x3}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0x14, 0x3, 'hash:ip,port,ip\x00'}]}, 0x4c}, 0x1, 0x0, 0x0, 0x24040844}, 0x800) prctl$PR_SET_FPEMU(0xa, 0x2) setsockopt$inet6_tcp_TCP_CONGESTION(r6, 0x6, 0xd, 0x0, 0x0) r8 = socket$nl_rdma(0x10, 0x3, 0x14) r9 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r9, 0x40305829, &(0x7f0000000180)={0x17c04, 0xffffffffffffffff, 0x200000000000005, 0x7f, 0x1ff, 0x6}) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r10 = openat$fuse(0xffffffffffffff9c, &(0x7f00000005c0), 0x42, 0x0) mount$fuse(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r10, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r10, &(0x7f000000e280)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r10, &(0x7f0000000100)={0x50, 0x0, r11}, 0x50) syz_fuse_handle_req(r10, &(0x7f000000c280)="897c6500ff3035465c7acb4e06980b05687c1480c7aafe631c0543db2bf0d6f539506e8782da06c1ca018774d72e9e5a3418ab66ee78dad68457b17ec9d47bf7d8272d607c1c0a4bd906f0cee7f8451828d2458596bdd6a459ba18ebaf61b38f5d66c27fa8a024ad7832a85e58689a4c254c94cbcf7208fce6e61d9566459789d15a6f91dd7db7c54cc3a94da956fb290a8a15f849270bc459d9d9f47801be86dd5c9d18382081a993b7bfde5c28adca4c7132fd6be743b076033b5859891703eb65fa256d6f47450b6edacbd05a9bd8b372e90cfc30f32826566dac6c48e6ef001881cbc30482f9ec469e476a101da496b8c0785eaf875d3608b0c49e9d39baaa1041f903a805f0f24aa63722fa2d87b98595fa5cfaf8b79c458de43ee39904e7cac7540a934b4108957785d58807abff186949f1b94cd21b724aff34ac45c7066dcdbd68ea7b766af9d045cd7fafeafc5c5a0c3400ef4e0c71a6fdd5b8d68a6f317644cda9d2fd2c839a82b97b3d909b54c672227bef573c9de1991d65a63017f724d1f7f1575e69db53318a7fd7065b303e751518c8eef04f642dbd4dfa349040a7b5401050ffc2b4ef62803a7c8eaba99e011dfac24d81b2b61e0b0581e53bf520f623eca17f0545c5e59ff15b527475f970f589894ae589145fa4283f7225088ccfeba1d72e9128f8c223ae1840f2edae3dbcdf7e560d5cdf4f71c9ada1931c0f8312c000101b264aaddb9fab166ba8d8903d6098eca20935ca607ea79e936798b3dfb22a7e159abb234cf21f3733dbf263a8ff116092f251659108892b2e21e1b428fd225096a5040270b2d70347013eaa1fd8e452942200283aab092c4ffc5b8b427b5d691a5a773e09da20539ff0f8214331c5d84107ae8a59aeb58efe22d7a079e446f1dfb07510377799bfdc7ee59cabcd76af0fe8a427ac8258ff33bbad5a8061f1cfdfbf375d73d676cc7916d6658ce46a0b17ad6350150f98e3512b513e25ca73f5f5df0a1fb9582ace7906c493fe1fd2889d9aac0b7c29c2b6c205537627bad64df433336a5ace32ca871e51b4dab0fbb00886a1fa81a98b74de0a26cebf65723515ebb807fc3c161ed42d1a7b6b55717613577ea437f3a2967c66ce45ff85a6a35b7cd40625fc575b107d7394e3d2db51d58347276c33e21f50b5a6b5672bf9fda63139bb75aead1fe4ee9a4064af5a5958466aa39faa6d821489fa415224c8d69d3b5922236832c2b1e4f6b8863b32f9aea83fb522a2de081d674502b48f73ce6db98d84136059b4a6676bc85ac6b7626329afa9bc7d3f9f2caa3c4d872744e0a8e02d72a75c6c545b8ec8e15b6fb0fe4185bd0d154960e6fef05ba40e5fe2968eb1301dcc52a03337179e74ba1522af93d77827845f8941c69ed8bb84567e3c63f1cc378a542f1de7007b688ff0a9c69d5861f0b85402c30a2fd391c52bafbe65f8e82135fd38361d7c0b43c982b2f3e7cb09c40c7e215114f4243d670cd576bcd93c1e959345170c75d6c3cf89cf8c2c70dc792e646e7c649d4c5f36bb016c7acd466ad58473d40dfef36394e581065a8581ab852250403cf372ac0065bf757fa3f445424ac0d82aec1938a2ea116bdfd306baa1cb06c62a4a97d66ab1b9489469cb8ba842da12e310caed02c5ef05c0be1e1e8c9c8b87d6871c94c57d164d08672b205c948086a06a545b266b7ad902a908681eb188bc51b6190b5cb9d8ca59b8c4c6e7369c00d6f6119fd5d437239e3d3c89cb81e09e560fb817590106015f08e7b09f1e1e65bfab3b8489fa058e24081978b9e25463d9945bfbca81c08885d4b6d4c62e217bd9e19460762f36c66bc948fe31cde089626fbb310e3c78a8d3f2eac21d374d9b58d887235d3a95721168e4b9475849071d60ecfe7ea5d6c4bf60da3747612ef59bb651270f326c0af31bc8c71361f851de34ccb3c8071b96f1128d7ee79b41246e566edd0272dbd3ccfe472b38e5e03d3ef83218bd498e6de8b4d92cb6f82716449ede7ba845028eccdb9137be8a622ac88ac53118fbc39637fa7a93cd3abc6f7671c7804420d66e94720acbcac916950f9baca77fef4217155ccc2cd0507339a0486f9f468eb28772986ee768c63eba671bf8c52e48a2a5dc2cc24fe925368706c2d712dd1064692b0fb2a32ddfbd4a0ffcf9c2abcedaae6e527bc1d42637aff2a275b76a7a7f010e42e1cc1d27141f6c3585a2bf58c6c5789ce61551d10118a000e3764631ec0b7f4b1a6f22a678133a30940b79dc76f863dd9f6e0d7776300898c97cef286c731c2050928c492439256e481652bff0d202db3cfdc54c9816ceea7895357bfa0362fad79afd09ed55189294d6ead7e898ac091cddbe7efcedb314bc02a18dd5bbddc42e089124758bb491fd1536aab27c5c124567bc325e7028bced5a179a011d1cb9a5ffb61d7af863e91ec8e60495561188b74d158ba1418228d44e92915a22eb1c166ef7d6179e84381ed950ffd747f13e24172942d922ca3109fb8b1e4e6264fa4a4eec75ad0d0e22579d90f45d6cd157300e38ae665eb56457202e25a8dd5877ba99725de288660badd2704345d9bad208c903ba27ea167dd45a77f77b6502b525b2973270582858183c784c324c1366fbba8d410c38bf75b41e067f6a9a017c56595161db4fc5639393fdafb1f148d3f416c1adc5fe1ab9cebe4689855c9b4bda6dcba5d5fa858a1b87d2ad23cdf54dbdf4d14aa4462da0b6f1107f4afa0091c2643508861a4d9f133ba77751941bb8fb756abf1a104205b80d47a3b4a59724d959c8b5833da4f56fb6613231f230a9378c9af741e94fd2c7213ac1d7625559b3f032f6c8df3ab441929720fe43d7c548cc661eed5b3c62b3c61f538ea3228376e2a18c6da2ad906322f64fb4865cde8e1889a8e5237fd6a39bbd6662f1dedc22fbd74e4376fa610cd710703dbd3924a38beae69783d1d5abf36122cbb87129ba719042748f060f4303a3199c5891c5040fd8cdb9761b006bf64cdcb65e5cc50a29994b8c1c34b83760ece12ed9ed7c3d2a7f8911cdf23a1afe0d7db1bf342aa0123dd5cd31339f5c8e160c4efef882602b3eccbe76fb690162b8bfb8a31910bcdf9a4a5dde76c2ac2fcd8678add7a000cfdcab398eb2171c026313eb6eb56b4b87bf8ef93f7f8a1c0bcc3775b681d4229ea561cb52281d8ba4315c3694ed08433596884d5a7ce3a8b1f82359846b7136726e2fe37bf4f7b7e2206cdcdb0705ced9f0dcaaa2ed3a78ea70d2cfeab668eb321400fc955e9aeb7bbcf86cd03f02dd443503a1480d9d9f899f53bd747a95293786798fc59fceb09e686a9328da4f929b6201841bbbefaffcf3386abdf69540e3b46a643ec10f0acf21f27c0053dc13f18485dbc898729dfbeaaa4887b58cd442d7ffa941808cd9658595be8650a815b088621278d89f0d8a4252566b923df3a3cd65c0e4af08fad385927251b31d35f75eaf25e6cf13a579aeeb0bcc0a14ca4a20a6831d532be0b2af3821792a2df95131b7fafef245aa19b214053342aa820c35858d13f84e496294529411015c41ed447b5b51dc44a45d52552a2be1abfc157f3ace7bfa32d5b931421d5a152dd66b7bf549311b08325e5a7201f793037b38990bedeca8a647c08d2478670f8fc2b4e8983ea18bcd514daeeeeb9d7a778f783c76edf01bd4beda4b77b612cd2e865c2e4f58ca7ae06147bf66ae6aee221cf9b9505dc07e6fb6cf4f82dc8c406c78e270210c11cf2531011ed678d9dfe1f49c9a69a95a9f3b0e5b624d9c2664d787ab911b75a4a38d63e9d6c353f8aaf433ff961fe5e34d84936ead0d0bc7954caf84e541f5c6f3f20c9eed21eb0316b82c0dc5182540e63a0af25565496792153d6395adc2b8d68b8bcd93dd110ff5685879db4384ec390d44b89663d43a5de3bdc0e103b7c1b355dc5f6fe3518c93628780ba03f156badea65d1d0af8433c9e8a975fdd19453da662a33fa9f0f5fa15fdb216b483fb48370a967246e0b763df8b3bc7924a6c76c4b114f803dbfa3b312e6815b4eb67be167283a9e482d9a5beac250089d069d4c386b7fda5fc228404a0f58b12ca4dc131c381b49b42b570bcfc0dd663f24afaf65a26a21f6d92f52c9f8de36cb76bacbaa0eef98ba6b7dbbc2629a03bb2b6f83fc5adaf20c217bc8d0f0d2421e01472532bcb546aeb2d483c8f95011a3ba1d2fd8086a717cb015dd53064ef4a80b6d6fdc12d9069223fdf2aa9b192a0e0bdb38436f49d9eedfef3665815633fee4344aff11162526362b70b18e1dbedbb5d8c4698860beccf667851878a25a1e766caae2861f2e23404aac859e62fdfeac06a6057554828d7035806e8ab3ee2fa6d711e5811db61231a22f4672f6a11b27641f350bcab78792362e6ebc1c054a643bbbf2746678c14dc567d1f73e37005c8ab6374c4d8d3106384a2d32c5fcf05cb9ba97cb7fa1aff11505a701bead543e555f3901ef3b693d5b9ebf49518c3509af042b7e84b1b867c22b7e08725220e4338fd074edce428212e6a3563a08e2ccd8ab71910256532904542e93d5c7deb5bf5d49beb3202d4da4f643649e55edbb91188cdcf0883a40c6ed6b8a086fb5c50dc08fee00308420121d4c7431b3cfb80f9c1e099423ac451d67b12e930d9e391d0a799c7d4b54a0d56ea0aae00c1d009e21fb5459416b464b227d66ccc1a68da59d64c1583dee54bbcd7d61ffe541fd0fb7452adba91906918966a7d58019ad1f8fdebeceeed7018837b6e4272eefeec8385abe7207fb2d7061fa6cdc478165a98971f9729b818a73edefed976d5c7c0a651c091cfd1174c020e39330a79144271fe4cbc61ea0ffa274d0d87d06dd08c1d5f8a0364d46ef7b54426bc286330c75fa257afeb2715c2ae511ff53b1189cc59ab80b1325fbdcedfdb8f36ed71f70091116e16b52188b794e637755027caac8db8554f8674b844964c710cacd7a9d6b06baf6fef76159a380e639b0d3e66080a7cf7f86baac01dbe47fe687fcef2f3bfbf6f8fba045181dee688360a11ee56e5fc73ed31c0e2924ae57f0cc93c63a30662a65c5d5f17123ae28cc5b74dd13ed81b03dc7fa61dc575668868c0df12d3553269f04ba79084d070abcdbd4745de80e90e4e3e524f27249b5c4a2f2d4c8b331b0cb6d4efe62a298daacc6eacdfe008c1f912795dbdc37098c42db860953120fda709baa6d46f52eaba781505e68561ca0f281e850532ef8e7c779883e312806e1c357bdef8d0dda005e710cfa6eb8686e8bf3bff036b3fcdc4036541d93530ce6f598442c24170b307ef05f23c93aa0ec96831b532d8120402214a940d1fa01ed649061a4a71308be189cffd729a196754fb8a75f23851189589be1b819f0612cad3dc94ccee88f4ab9ef6ac9c7daad8cf94f5ed9496c4c824e5b4f66ce32a80e7a6ef069a32f6812e656aa5f5742bd432afdf026c86e8f28212c1139dad47d7fc07e5c1a83e993daaa4a4bb5f0c9435ccab2a10f867ffe259dba7a1d9168619b1e3048860a5122e4a5d0b00372eaae861a0cc88549852fffa76e6d78739b654d67df15ea97a9a46b7c382d83191a673aa619b4a10ec05bc681379b0d6df824cb6fe158e9d89ae5dd1ef66976f67972b553db52eb6feef836dca6026293f83a61e117754a7424a3da63bd82d017f87f0603e2a9b8fc550aae611681935ae91f7ca2b5341b05a25208bd28f1a202a7f2a213b1d7411ffb557470aec00c4d13c70163f22a038a189710dd19a47e8db4a87c3fd329a63abca172a9810edad2d8e19ef85b57ea4287cfb3d740d7ea3fa9c80d06e1aa84b317f678ddb3c147ba5e0db432125f59ca4944c8e9050281ca82a3ecf67b2a5df678697a52a7297af1ecb03c586af7b91d74e881964ed95f7be12fa07e2a4e71aab8b913a13996fa33e915144bf00e49b8e7adec5b2c4b8165f54ba3155230e241ee023af77a295ab87c40f63f6092ccee05cb08a265abe8f57c9919bf45064b6c2240ba8011db223a283a4e2292d9b59df8c9a4fdc763f0631007db9976f351717db0e6b5f9c6e5f227c2efa1ae5fe0be1af0b22fc164f9f9678a01fe8b059749fe8a2972455732da1989c609d191544ef9fbb3e58da93ec4a582430523f260b776e4d747312747d18a9bae14740f5dcd35fd1072f8a4d81573b5882203be856b62d7e1d87081a9e431872c9d68864197bbc61f15dd8aeae950d34d6ce97182deebd2ad64cabd1c723baf512acfc7e94675b31369bd60e155af79b97bb734312569f736dcd5b5a78223ffaa0f7e93e1a112cb9f6a5b88fe3cf12c30024c16c6b8380fdf086c662665d3751c11617cc4dbd5b8bc7543301a23fbc90ba8d060193cdc2b68c31c734d516707b759f7db009c8f06e69b40154e1cd8ae444afb28134acdf871136b4fd78bd86d7faaaf618afb25e92d1ee37cdff0595278f9565f5eb109e181e9cacec2f22e32e9f34774ee223fdb992febcc5dbc5cceeda16cbcf1434730d859e7e03d36ff17636a7a7e66956b515894da114f3040909f90ce3cfbb2d7d46e37049c0fb124e0683d662eb427cd7b851ada229451e6e3aaee64b9964ced3036bde5d9d80eb062474f96ecfb9b65fcafc719494ac12ab7df245475f2a5e7f85ca4789833ca373e6214d39176c8f51dde87a4cfe5414a20f68bb9f34709979b99533ba3435c4aa56e525195e10ffd00f8e41aee30a909c07b973bbf733d45500b539ebe2206d438216690998d9e256db1b7ac6bef3e810785e1986985c945a2b820323a592721fcfa444934d0faf8aa439d5efca5dcd77b72d1eb91b3790d50d0a7483e354c415f81d99c133d648c1293e795b3c43f9b47e23ef982e10072ea5baafb0df675e69af1807b225afa0cec3eafbde8535d3ecaa0ea6ddbffe4465207425bb003670320324df0aeeb16b38a043f9c0e85673b36def332fd68b2b1e6edda621d0cadebbced8c7fc8f890489115b457249e8d8103676b3207a472804d33e0fe511ac56cd8dc5333b2333892f87b455940ada78fcf5075c358fce990e6f65f095eb416d876ce6f120b8b02cfa6b176ee269c942f881247c3e464cce2aa65c39137607c585aeb4b5f24f5f8e058c9c8b48003c1809da3e8aad1bee7955c3a976d43fe132e2b16f4758a0a9884e51d13b930675a4361ff366b0fed190ad7b2a00385528951e39cd44ea06d8921b9d613d7626221154cf86249a550198fe4e5b05ad3052b474291da0a0a2f701759859bc0392adf243ad5eca89e6d18e28dff99ef95743bcabe75504be8c715cd6360facf3bb06cb97c29989d4f6ff5083573cefe6ef0b39a252a2678112fa88e5b06c9a6bfc9597cc96e5a49710c4fc120fb0da4945b9d94e46de1e9989d0fc3d8d20df23d815b660c799a903f651b0d013f7fe158f1d297f7fcb6a48780ca5525f1d081ada0aafa83552318b848783306549750b6254cf676c7b934cf7fdab992717f0cdc089b34278f3fb151cadde14d0d3250e85a4b0ff2a2778a219aa40563d3ef575285484424b6d0e7cc8392342e4848c6fc8cb20fa1b450cc4c1fca19f3bbdd9e342e6c49cd7ac893b1eda2e93d1d74d20969465946b398fbc733757741ac822c4a118632cd242a439fc37512cf79b7c629504ccc1e7f2f11798955c3262b5e9695625ba74d8050e20f51d4769e1ab938f487f1bc4b55b5abcaa3ec079c2d0972b2ae9bfb7c5423b959119292ea05f1d79d35afe47e49d97c946b193bffc0a8f607f18a6845cecbbdd98cd351db2b2dce05a4848ba84a6a497b4618950130cb7e76c03d0976eb2fb41d3a42a1430063ed8e5b8c67e80fd4fc1148911958babbcbff33a6505de209b0d9320017fd736fd027a16564008ab2e1f48a6dd66c9256730e9fda0a60687090871b2b9b0bc2ed4e1b696dbf0283c8dc72cf4338e595266f5390bc3a21f988353118f2948fc75d050ea076b73508d9ed89bade0ba305c1f4e5daf9d40d2f5e7ababed8d1b1d919c61a6d3fb149c1a9b44e38585a2fe322f83d73a3aecb44da3f0e82942d75d62ed3f91eb44f3411df014f88839e4cb1e21b9b259d4eb4adaf6b0be433d0ed4c87ec77dde5ee9d566e3dd8d928fc1875c63af26c59daba5ae267d9bd5da72b99a03e6a33cc48ed961ab484ff4a46c2d5fa597e626e00b530d7b9a9705e4e08d03f3a7f2a5a5233ad6340e3b5c89db81ca713b6d7d855c6324955f85109b204566f50178cd88abe3fcba25de905e8ea0b75ad51831761ed9b1af2470f976f05ec73bf74d137c207270cfd614170518cdc449aeeb663e114359c8124eaf2499d8cf5dc84a0872301db2e57b50bd285060ec4390d99d4ae3674ca3bb8679c1b08e566ba4f30daec8684a980055eb43cb5a1306c4b52a154682aa96637e06c869278aa2f74ef7345632c11265ef8ac97e953745302556881ba0cb590fef271c0abb193fb84d18ee3f24d9976ae816b857d6f68d1fdfe10b312c799fe014debf875d04bff8b4f387859e97c6bf13f7083c28a2045a0b5eb09c94e781a165965e8617c0efed1701ea9667aeca26d9577ea7b1242e1d91b25d6a66756cc627648a293b9f4345966bc469fafaeddc1118d0972bd5c7751a1f51e5989fd952f314ae10417c97b41e60ebfbc47e496486fa4a89fd16aea7fa1eabebd26eb2a37a3e2b351e0c9d2f67b2e5be0f921adc9b6045b045948e5103af0e5050b9c0799b513c00865deebda730de538f956ceb6164e08bd6f58644a294b4b44fc65309b30f9c00f92ef5bd5b911a3d830f72c258b19521bb8e80db02129954efb61423f518d2c5f36587303890cad9a93fa4f4bcd0e24c67db679c67ea59c1350b8442577632d5e8735833f3daf5a74bc7bd82659a81beba8c889632efe03cd24187aee856cf659e16e195464f52f2b984fc7a299e7b2aa53979a147ebed35705d5e89691666536f2febacfcef9b32d14952f958b72512869e4f6a0a34176918217888b1eb8b89322ebb6bb1dead2b4744e728479880db70e6147edaff6c3f083f18e0696bdbd78cf0bda14d9f42e5c1077ced00041aadff90470aacec0e48e2a5f2a0ed37818a173b96061e8c5bf24c0bde9e09f9e0ddb8e13306ef1d4eb8043ebadde5d7553e5212ecd4691eb426251f9d6720b8276ac543dde02399a35d974b22c1727d4b6df01957cae47443b706d43165e01d6932b136f561ce837431254cfb2a6e7d8070a2d3805aaa15b3c10ccd0cda2e9b418ce9ef380e5d08217752e12b3b892d03a9495c83d78d674612fde5a67738b2d4649ce44606ecce6bf3bd1293eca246a83643e4f1c7ba362b110e07c8479f216e3d4afc4fcb8d0820c8ab702a66d8183e83174597035e92b9b500dee08c80b927b42c3689c7c9617b4112c9e54cbfa51e989b5fd42b80c595d3edd265f138e8128cfbbb0e4f53aa0aa95a2ecda4518b2e564c42d5de7671560843d08103b9bdceac5fdeb0b1266f72f491265dd2b2b80a225a50955167da1812364ea340d82f61535401bae6f3140a8795d7c318a64cee4676627244930957b2f0b227be21b72d90027e6a5a7af3c59470c74dcdb71d1ef090a0f49c91acd604c792385c8f4e085765292822ee5eca03885fd6bfeaca9b3bbbdeac939f7846a487c5a483ed1e4fbf37c93886ea27bb35c812089b900b77c7c924147e97b6a71533610750bc84921012aa8158b213f7601d934a20bdd1f757b0a33042a683af6b9069f3900059d7f80f9fdcc9f33ece8cf7888dc9e24f1fc6ca0ecccf161c5334c60f440feb3acfc3d115011c176dfa05314c5bcf089e3c82bbe7680a3eefdcdbf3ac27265b779db4f49bade0128eda6e29bc5933ef454601db1b49628fd39ab938794fa46a330cacb307ed4412a2078636f9cc8e11c5c31cc0f9edd7be6d1e31a1513a58e25215f5a24245cb988589e6d5e5119f4f6557c697fad7d1c3a7e3bae064db4382701e33e48c5b6a52fe9141a385ef2325c6f7781134607e98bfd02c43d6deefaa861700388b40d98e941cfb2ddec209f977e8b9f93d29fdbf85e3010ce7cd622e8c75ce3df535e392052b6d65d5042d2a6e78bbfe5ee146e8b18d4bc7fb024dbba57cbe0402205593766a313950cb719d00c67bb6b3bcaa1015b89e820f11475afce655947113a7c3dcbb52427f090df994fbf076db867e0ab3f6125fb8884c1d13ff3e99fab5fa8b9f0b72cb44db4d0a48d9ec17f9733764e213c40a15ad821ec60e4a88cb2fd9dd9a4f35e6a708f4b74067f4be3f03a95261f6b191df53fa5bb5164e4a164630ad9ce39087aa950ad9e60cd2c44fa2237c49abf858c97737fd21180fd0b9542767150fbed3f39a29e6c3484d9437e15d2439f2a54b2a1ac7e63e6c436658abc3f1dd52d984f6c6901768a8cf2ec98ebf44e90e0fc0c24f8957c62e05d8eacecaf25b178fd710af609a8a1bc4d7955b5f0cb4f48a37685e6304ea5843573a1abff37b5106916c83c8f23f939a0dc43aea8d196191ed6e18dd793990d1f37d7de0bf8fac6f469843724eaab86be8a483be281b8ecf4aa29d9c571951cde8cd8c2aaf4d597ac2cb48f23fad145916920a55d655924940573b64dbd42a280cddc4810434f930183fdbbdc72db1491a4c9d44daf9b1bc2fecd855508648063040faeb125da0e68e6cd2002181118eecff0be1dd8eae726af5d451630cd65119c52abd6dded97f931202f186a18c4ba34bc2c3f6d765e2d8f445e959f26ffb55827cf3ff2cc0289f17b82c8caa5a2d3d54306a300f0ef42bbe4ea9e32c5d4b1173942745cdcfe4f5d1619eefaf8dc600afbc9171d516f7f4b35331d0b9be005132ffad5e9df59710278b842afb626a78b8b8b37fc3a894dc705b2d4e0940cb264e9dc87eaa148e6faf78125462f28a0f1d7b3c65a291b85713fa71ffc478f6601e8716c35489f4a54ed0c70bcfd5502cc91374dc3c982075c5180398bc6b195b36e79dcc4087cb990cc9d964a150e0dcc887d496bdd27c3f298736b9ad8345ba2df46021964cf43c38f9d2e94b77bee2b7bf059e0870ff9f17b9ef1320c0aa88a2fa9781e9017ab64643de9a3df9ed4b8cfd8fa080a2e494409520b795eb1517d224a05e450c4c8ae0e9fd29c0e72d3a592cce55f6dd5107f21214e1a3f9a5448384de06149f959ec0c92790f0ff229ab4971171f1c528ae6d095ec007bf5e7f55d623a68194e9ea8edc3af418075338328f24e7504341c22bef72c2963fc9c3237ba990d29c2c8aa3007395f6d96e95b40ee1b18dbad550bf39d0d98268cb74dde76d987c3169c9067495fb1b88508bbb7e94cbb7dfc15c03b1d5b163132c8a468906f02d422a8cf98d0b432b5779dd962074b72dd27439b2e94312f573435e5aa84664432c1914839cd6e172186ce93eeb1d7cb0659696d9d550eb3b185f8c6ee16e53f78233cbe709f99d2879d63d93f7d0ed133241d2f1ab1eb2c56605ca0f0e01c39ab0ba2370fe5c4e68de0561b517ff9a10023c386236398372c7176e35443e2cf5dd6cbed9f23395f231e6a54f65626cb5860a8b72122c34664119e7c47204ef4a70583a00", 0x2000, &(0x7f0000001940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000780)={0x90, 0x0, 0x8, {0x8000004, 0x0, 0x1, 0x0, 0x1, 0x101, {0xffffffffffffffff, 0x8bdf, 0x1, 0x3, 0x5, 0x0, 0x0, 0x6, 0x0, 0x4000, 0x8000, 0x0, 0x0, 0x8}}}, 0x0, 0x0, 0x0, 0x0, 0x0}) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0/file0\x00', 0x0, 0x2a0011, 0x0) sendmsg$RDMA_NLDEV_CMD_RES_GET(r8, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)={0x18, 0x1409, 0x1, 0x70bd29, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x18}, 0x1, 0x0, 0x0, 0x80}, 0x40040000) r12 = geteuid() ioprio_set$uid(0x0, r12, 0x6000) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0) 1.652331752s ago: executing program 3 (id=1182): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_clone(0x20300000, 0x0, 0x0, 0x0, 0x0, 0x0) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r3) mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000005000/0x4000)=nil) r4 = getpgrp(0x0) r5 = syz_pidfd_open(r4, 0x0) pidfd_send_signal(r5, 0xc, &(0x7f0000001fc0)={0x19, 0x1, 0xc}, 0x0) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000440)=ANY=[@ANYBLOB="12010000000000106a0531030000000000010902"], 0x0) syz_usb_connect$hid(0x5, 0x36, &(0x7f00000001c0)=ANY=[@ANYBLOB="1201100100000020ac0531824000010203010902240001010820060904000b020301020409210400090122da0209058103100007fc0bebd44d11296ac7f321b0f89fd57b97c66479fbe4319694ea693fdcb9b18501c8c9b1850b7559452eb0625b0e8b3fa3a5b310a078c08486153370a569ea5ba39bb4acf06c86b8b35cf696f1c593bdab8aa71919165454afdca38dc1c23ccc36f8254c9af7509df44e555582a63469c744ad6e1375c48a288d"], 0x0) r6 = syz_open_procfs(r2, &(0x7f00000002c0)='oom_score\x00') preadv(r6, &(0x7f0000000100)=[{&(0x7f0000000340)=""/228, 0xe4}], 0x1, 0x1, 0x9) unshare(0x2c020400) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$KVM_CREATE_VM(r7, 0x40049409, 0x0) r8 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_X86_SETUP_MCE(r8, 0x4008ae9c, &(0x7f0000000040)={0x2, 0x4, 0xfd}) ioctl$KVM_SET_MSRS(r8, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="eed224a09c4442023ca700c0a829057b9905be2683d6975781af58f7e9d5"]) 1.65149131s ago: executing program 0 (id=1189): sendmsg$inet(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, 0x1f00c00e}, 0x0) setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000040)={0x802}, 0x10) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_CAP_HYPERV_ENLIGHTENED_VMCS(r4, 0x4068aea3, &(0x7f00000001c0)={0xa3, 0x0, &(0x7f00000000c0)}) r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GUEST_DEBUG(r5, 0x4048ae9b, &(0x7f0000000300)={0x4376ea830d4d549b, 0x0, [0xffffffffffffffff, 0x7, 0x1000000, 0x0, 0x5, 0x3, 0xfffffffffffffffc, 0x800000]}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f00000ab000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="36d0e866b8970000000f23c80f21f866350c00a0000f23f89d0f326635000400000f302e8dcc0f23742e3b5753baf80466b8f494f78e66efbafc0c66b83ac80000666fda6509", 0x46}], 0x1, 0x1a, 0x0, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) 1.462227069s ago: executing program 2 (id=1183): sendmsg$inet(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f00c00e}, 0x0) setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000040)={0x802}, 0x10) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_CAP_HYPERV_ENLIGHTENED_VMCS(r4, 0x4068aea3, &(0x7f00000001c0)={0xa3, 0x0, &(0x7f00000000c0)}) r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GUEST_DEBUG(r5, 0x4048ae9b, &(0x7f0000000300)={0x4376ea830d4d549b, 0x0, [0xffffffffffffffff, 0x7, 0x1000000, 0x0, 0x5, 0x3, 0xfffffffffffffffc, 0x800000]}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f00000ab000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="36d0e866b8970000000f23c80f21f866350c00a0000f23f89d0f326635000400000f302e8dcc0f23742e3b5753baf80466b8f494f78e66efbafc0c66b83ac80000666fda6509", 0x46}], 0x1, 0x1a, 0x0, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) 728.188838ms ago: executing program 1 (id=1184): creat(&(0x7f0000001380)='./file0\x00', 0x4) mount(&(0x7f0000000040)=@loop={'/dev/loop', 0x0}, &(0x7f0000001440)='./file0\x00', &(0x7f0000000100)='xfs\x00', 0x208083, 0x0) 445.429085ms ago: executing program 1 (id=1185): r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa02, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x12, r0, 0x45809000) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) mremap(&(0x7f00006a2000/0x4000)=nil, 0x4000, 0x2000, 0x3, &(0x7f00004a6000/0x2000)=nil) syz_usb_control_io$cdc_ecm(0xffffffffffffffff, &(0x7f0000000140)={0x14, &(0x7f0000000000)={0x40, 0x31, 0xd1, {0xd1, 0x23, "454f6fcc695bf8fbe437944fa19aff04072e4b9f80024c68e42ed02dbe56c5d235a1e4094297e005699313da4f93c29ae0366fd6a997acf73bff56eccd6dd7eeba215515d7b07893806e25c0f20bbdbfec8cd683ea393a37e62f8753aefa7ea665bba803cc2e0dbc33187424238cd32399e4e1efbcfac31e0b758c5ea7475cd8aa0045e770636477aeb1d32394b0d2f68c6f35fb0d36a9c7c0dbcd3a0a5399c451d5be3206b7760f05ea0ea7e399a44b545e318efe39bee66f35e9e695fe2ebd2616de38e5b743850ed60662b9bde9"}}, &(0x7f0000000100)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f00000002c0)={0x1c, &(0x7f0000000180)={0xd90386e4feac11c2, 0x7, 0xb9, "8a5beb3bb934065c706dea7eb26bf5ec10fff36fb81a75c1c12916f99818c9ad751fbf6b1432bb95b2978d269e5c72640d2dd638580f927a6a2fda3c30a250d3c37b3c20180e6e933e75bdc1c0b3209e44eda1fb2b92c9c2ad9f6a0c5e39b10eca23185bf790221451b6cf8b6f9834daa74da1b81e89c99806f7f5c8eea66fd6679aac9af91bca8f31d0a11377a4520cc6abe163a566a018117797dcad2c0884f9234d89a631b0009415d5956f9c4ea56cde4285be11c111fb"}, &(0x7f0000000240)={0x0, 0xa, 0x1, 0x8}, &(0x7f0000000280)={0x0, 0x8, 0x1, 0x6}}) (async) syz_usb_control_io$cdc_ecm(0xffffffffffffffff, &(0x7f0000000140)={0x14, &(0x7f0000000000)={0x40, 0x31, 0xd1, {0xd1, 0x23, "454f6fcc695bf8fbe437944fa19aff04072e4b9f80024c68e42ed02dbe56c5d235a1e4094297e005699313da4f93c29ae0366fd6a997acf73bff56eccd6dd7eeba215515d7b07893806e25c0f20bbdbfec8cd683ea393a37e62f8753aefa7ea665bba803cc2e0dbc33187424238cd32399e4e1efbcfac31e0b758c5ea7475cd8aa0045e770636477aeb1d32394b0d2f68c6f35fb0d36a9c7c0dbcd3a0a5399c451d5be3206b7760f05ea0ea7e399a44b545e318efe39bee66f35e9e695fe2ebd2616de38e5b743850ed60662b9bde9"}}, &(0x7f0000000100)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f00000002c0)={0x1c, &(0x7f0000000180)={0xd90386e4feac11c2, 0x7, 0xb9, "8a5beb3bb934065c706dea7eb26bf5ec10fff36fb81a75c1c12916f99818c9ad751fbf6b1432bb95b2978d269e5c72640d2dd638580f927a6a2fda3c30a250d3c37b3c20180e6e933e75bdc1c0b3209e44eda1fb2b92c9c2ad9f6a0c5e39b10eca23185bf790221451b6cf8b6f9834daa74da1b81e89c99806f7f5c8eea66fd6679aac9af91bca8f31d0a11377a4520cc6abe163a566a018117797dcad2c0884f9234d89a631b0009415d5956f9c4ea56cde4285be11c111fb"}, &(0x7f0000000240)={0x0, 0xa, 0x1, 0x8}, &(0x7f0000000280)={0x0, 0x8, 0x1, 0x6}}) 314.213882ms ago: executing program 0 (id=1186): r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendmmsg$inet6(r1, &(0x7f0000002fc0)=[{{&(0x7f0000000340)={0xa, 0x4e22, 0xfffffff9, @private1, 0x7}, 0x1c, &(0x7f00000004c0)=[{&(0x7f00000005c0)="05", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f00000006c0)="02", 0x1}], 0x1}}], 0x2, 0x0) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r2, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4) shutdown(r1, 0x1) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x10) sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)={{0x14}, [@NFT_MSG_NEWRULE={0x14, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x5, 0x0, 0x6}}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x4000000) r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0) write$RDMA_USER_CM_CMD_CONNECT(r4, &(0x7f0000005b00)={0x6, 0x118, 0xfa00, {{0x0, 0x0, "145afb30733decdcdac38bcf0ee2cff88682606ecd972193645e67b11b4359537edbde960078ac9f279c4b729339e483b1163e354b3bc1daa66a677908a57728d133973f60ed3299b46a4d744874cec18bdfb1f05104e3d709e86cefd5d0d107d23c2b43c87e7c1737349e674746de92fcf98fb1de63a178585456c2c6f8c35976934e04000000d80fc8a75f26b3a3f22794da50550875c18334978d37dc948d316ead36ff3be98e24e7b9eb59c95851123ec88e28c12e2e3c281bad58e0ec7cf3b46d9a670cf5e4ed333f0a7a88f61886e9ce20a812425b6685424a2ff802039613755894feb8a92ecf57b0b005d30000d72fbed446b3da0478ff8b40d2dff4"}}}, 0x120) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x22052, r0, 0x2000) lsm_list_modules(0x0, &(0x7f0000000040), 0x0) socket$inet6(0xa, 0x3, 0xe892) 267.324286ms ago: executing program 2 (id=1187): mount(&(0x7f0000000080)=@rnullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000240)='hfs\x00', 0x200000, 0x0) r0 = socket$key(0xf, 0x3, 0x2) quotactl$Q_GETINFO(0xffffffff80000500, &(0x7f00000000c0)=@loop={'/dev/loop', 0x0}, 0xee01, &(0x7f0000000100)) sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000140)={0x2, 0x1, 0x0, 0x2, 0xe, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x33, 0x20, 0x0, @in6={0xa, 0x0, 0x0, @private2}}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @broadcast}}}, @sadb_x_sa2={0x2, 0x13, 0x3, 0x0, 0x0, 0x0, 0x3507}]}, 0x70}, 0x1, 0x7}, 0x0) rmdir(&(0x7f0000000000)='./cgroup\x00') 168.178253ms ago: executing program 2 (id=1188): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000) recvmmsg(r0, &(0x7f0000002c00)=[{{0x0, 0x0, 0x0}, 0x200001}, {{0x0, 0x0, 0x0}, 0x2046}, {{0x0, 0x0, 0x0}, 0x1}, {{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000800)=""/213, 0xd5}, {&(0x7f0000000900)=""/242, 0xf2}, {&(0x7f0000003e00)=""/4098, 0x1002}], 0x3}, 0x101}, {{0x0, 0x0, 0x0}, 0x40}, {{0x0, 0x41, 0x0}, 0x409}, {{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000540)=""/130, 0x82}, {&(0x7f0000001900)=""/229, 0xe5}, {&(0x7f0000001a00)=""/4109, 0x100d}, {&(0x7f0000006080)=""/4085, 0xff5}, {&(0x7f0000000040)=""/113, 0x71}], 0x5}, 0x4db}, {{0x0, 0x0, 0x0}, 0x8}], 0x8, 0x40010020, 0x0) 131.684842ms ago: executing program 2 (id=1190): r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0) syz_genetlink_get_family_id$devlink(&(0x7f0000000000), 0xffffffffffffffff) r1 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setreuid(r2, r2) mmap(&(0x7f0000787000/0x4000)=nil, 0x4000, 0x5a051feb1f984a1d, 0x202812, r0, 0x7dfff000) 54.02386ms ago: executing program 2 (id=1191): bind$unix(0xffffffffffffffff, &(0x7f0000003000)=@file={0x1}, 0x6e) r0 = syz_open_procfs$pagemap(0x0, &(0x7f0000001080)) ioctl$PAGEMAP_SCAN(r0, 0xc0606610, &(0x7f00000001c0)={0x60, 0x0, &(0x7f0000001000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, 0x0, &(0x7f0000000000)=[{0x7, 0x0, 0x83}], 0x1, 0x1, 0x0, 0x400000000000000, 0x42, 0x5c}) 0s ago: executing program 0 (id=1192): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000100), 0x6) socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_audit(0x10, 0x3, 0x9) socket$alg(0x26, 0x5, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) socket(0x10, 0x3, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = socket$inet_udp(0x2, 0x2, 0x0) close(r3) socket$netlink(0x10, 0x3, 0x0) writev(r2, &(0x7f00000000c0)=[{&(0x7f0000000140)="390000001100090468fe0700000000000700ff3f0800000045000e070000001419001a00", 0x24}], 0x1) write$binfmt_misc(r2, &(0x7f00000002c0), 0x15) splice(r1, 0x0, r3, 0x0, 0x19404, 0x0) ioctl$sock_bt_hci(r0, 0x800448d5, 0x0) r4 = socket$inet_udp(0x2, 0x2, 0x0) sendmsg$inet(r4, &(0x7f0000000740)={&(0x7f0000000140)={0x2, 0x4e20, @local}, 0x10, 0x0, 0x0, &(0x7f0000000100)=[@ip_retopts={{0x18, 0x0, 0x7, {[@cipso={0x86, 0x8, 0x2, [{0x0, 0x2}]}]}}}], 0x18}, 0x4000014) kernel console output (not intermixed with test programs): ntel: kvm [6266]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0xff [ 113.065661][ T5886] usb 2-1: Found UVC 7.01 device syz (8086:0b07) [ 113.074330][ T5886] usb 2-1: No valid video chain found. [ 113.096467][ T5886] cdc_ncm 2-1:220.1: CDC Union missing and no IAD found [ 113.106156][ T5886] cdc_ncm 2-1:220.1: bind() failure [ 113.126884][ T5886] usb 2-1: USB disconnect, device number 10 [ 113.353691][ T6272] /dev/iommu: Can't lookup blockdev [ 113.801361][ T5896] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 113.963327][ T5896] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 113.977398][ T5896] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 113.986660][ T5896] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 113.997874][ T5896] usb 4-1: config 0 descriptor?? [ 114.230681][ T5896] usbhid 4-1:0.0: can't add hid device: -71 [ 114.245246][ T5896] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 114.273722][ T5896] usb 4-1: USB disconnect, device number 5 [ 114.294401][ T6282] omfs: Invalid superblock (0) [ 114.433341][ T6287] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 114.558963][ T6290] openvswitch: netlink: IP tunnel dst address not specified [ 114.749562][ T5896] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 114.903209][ T5896] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 114.918263][ T5896] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 114.929755][ T5896] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 114.948366][ T5896] usb 4-1: config 0 descriptor?? [ 115.579485][ T5896] usbhid 4-1:0.0: can't add hid device: -71 [ 115.585541][ T5896] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 115.608673][ C0] Unknown status report in ack skb [ 115.614718][ T5896] usb 4-1: USB disconnect, device number 6 [ 116.530650][ T5896] usb 4-1: new full-speed USB device number 7 using dummy_hcd [ 116.691177][ T5896] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 116.691204][ T5896] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 116.693513][ T5896] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 116.693542][ T5896] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 116.693563][ T5896] usb 4-1: Product: syz [ 116.693579][ T5896] usb 4-1: Manufacturer: syz [ 116.748428][ T5896] usb 4-1: SerialNumber: syz [ 116.953591][ T6352] EXT4-fs (rnullb0): VFS: Can't find ext4 filesystem [ 116.984756][ T6335] XFS (rnullb0): Invalid superblock magic number [ 117.065303][ T5896] usb 4-1: 0:2 : does not exist [ 117.091618][ T5896] usb 4-1: 5:0: failed to get current value for ch 0 (-22) [ 117.142084][ T5896] usb 4-1: USB disconnect, device number 7 [ 117.489433][ T5896] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 117.569577][ T5835] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 117.642945][ T5896] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 117.654638][ T5896] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 117.663801][ T5896] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 117.674164][ T5896] usb 4-1: config 0 descriptor?? [ 117.721522][ T5835] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 117.732826][ T5835] usb 2-1: New USB device found, idVendor=046d, idProduct=c50c, bcdDevice= 0.00 [ 117.742022][ T5835] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 117.758608][ T5835] usb 2-1: config 0 descriptor?? [ 117.904320][ T5896] usbhid 4-1:0.0: can't add hid device: -71 [ 117.920766][ T5896] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 117.942307][ T5896] usb 4-1: USB disconnect, device number 8 [ 118.180940][ T5835] logitech 0003:046D:C50C.0002: unknown main item tag 0x0 [ 118.188365][ T5835] logitech 0003:046D:C50C.0002: unknown main item tag 0x0 [ 118.196882][ T5835] logitech 0003:046D:C50C.0002: unknown main item tag 0x0 [ 118.206042][ T5835] logitech 0003:046D:C50C.0002: unknown main item tag 0x0 [ 118.216586][ T5835] logitech 0003:046D:C50C.0002: unknown main item tag 0x0 [ 118.224372][ T5835] logitech 0003:046D:C50C.0002: unknown main item tag 0x0 [ 118.231916][ T5835] logitech 0003:046D:C50C.0002: unknown main item tag 0x0 [ 118.245816][ T5835] logitech 0003:046D:C50C.0002: hidraw0: USB HID v0.00 Device [HID 046d:c50c] on usb-dummy_hcd.1-1/input0 [ 118.384256][ T5879] usb 2-1: USB disconnect, device number 11 [ 118.449606][ T5896] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 118.622560][ T5896] usb 4-1: Using ep0 maxpacket: 16 [ 118.631353][ T5896] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 118.645706][ T5896] usb 4-1: New USB device found, idVendor=0458, idProduct=5016, bcdDevice= 0.00 [ 118.662982][ T5896] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 118.675107][ T5896] usb 4-1: config 0 descriptor?? [ 119.056334][ T5896] usbhid 4-1:0.0: can't add hid device: -71 [ 119.086727][ T5896] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 119.126167][ T6396] Zero length message leads to an empty skb [ 119.132586][ T5896] usb 4-1: USB disconnect, device number 9 [ 119.363533][ T6404] af_packet: tpacket_rcv: packet too big, clamped from 100 to 4294967272. macoff=96 [ 119.373841][ T6404] netlink: 80 bytes leftover after parsing attributes in process `syz.1.176'. [ 119.445272][ T6407] netlink: 8 bytes leftover after parsing attributes in process `syz.1.177'. [ 119.784323][ T6423] netlink: 8 bytes leftover after parsing attributes in process `syz.3.181'. [ 120.102417][ T5886] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 120.289669][ T5886] usb 2-1: Using ep0 maxpacket: 32 [ 120.302851][ T5886] usb 2-1: too many configurations: 33, using maximum allowed: 8 [ 120.330976][ T5886] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 120.364173][ T5886] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 120.402003][ T5886] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 120.433369][ T5886] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 120.462410][ T5886] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 120.491602][ T5886] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 120.509729][ T5886] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 120.529294][ T5886] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 120.539644][ T5886] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 120.569619][ T5886] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 120.600614][ T5886] usb 2-1: config 0 descriptor?? [ 120.620664][ T5886] hub 2-1:0.0: Invalid hub with more than one config or interface [ 120.628536][ T5886] hub 2-1:0.0: probe with driver hub failed with error -22 [ 120.816530][ T6440] virtio-fs: tag not found [ 120.824599][ T5886] usb 2-1: USB disconnect, device number 12 [ 121.452205][ T6458] FAULT_INJECTION: forcing a failure. [ 121.452205][ T6458] name failslab, interval 1, probability 0, space 0, times 0 [ 121.475193][ T6458] CPU: 0 UID: 0 PID: 6458 Comm: syz.1.194 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 121.475222][ T6458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 121.475234][ T6458] Call Trace: [ 121.475243][ T6458] [ 121.475252][ T6458] dump_stack_lvl+0x189/0x250 [ 121.475293][ T6458] ? __pfx____ratelimit+0x10/0x10 [ 121.475319][ T6458] ? __pfx_dump_stack_lvl+0x10/0x10 [ 121.475341][ T6458] ? __pfx__printk+0x10/0x10 [ 121.475370][ T6458] ? __pfx___might_resched+0x10/0x10 [ 121.475387][ T6458] ? fs_reclaim_acquire+0x7d/0x100 [ 121.475419][ T6458] should_fail_ex+0x414/0x560 [ 121.475453][ T6458] ? pfifo_fast_init+0x363/0x6b0 [ 121.475476][ T6458] should_failslab+0xa8/0x100 [ 121.475502][ T6458] __kvmalloc_node_noprof+0x161/0x5f0 [ 121.475527][ T6458] ? pfifo_fast_init+0x363/0x6b0 [ 121.475558][ T6458] pfifo_fast_init+0x363/0x6b0 [ 121.475587][ T6458] qdisc_create_dflt+0x138/0x4e0 [ 121.475618][ T6458] dev_activate+0x378/0x1150 [ 121.475658][ T6458] __dev_open+0x69c/0x880 [ 121.475690][ T6458] ? __pfx___dev_open+0x10/0x10 [ 121.475726][ T6458] __dev_change_flags+0x1ea/0x6d0 [ 121.475757][ T6458] ? __lock_acquire+0xab9/0xd20 [ 121.475789][ T6458] ? __pfx___dev_change_flags+0x10/0x10 [ 121.475815][ T6458] ? devinet_ioctl+0x323/0x1b50 [ 121.475848][ T6458] ? __pfx___mutex_lock+0x10/0x10 [ 121.475877][ T6458] netif_change_flags+0x88/0x1a0 [ 121.475911][ T6458] dev_change_flags+0x130/0x260 [ 121.475944][ T6458] devinet_ioctl+0xbb4/0x1b50 [ 121.475984][ T6458] ? __pfx_devinet_ioctl+0x10/0x10 [ 121.476018][ T6458] ? get_user_ifreq+0x12c/0x180 [ 121.476040][ T6458] inet_ioctl+0x3c0/0x4c0 [ 121.476064][ T6458] ? __pfx_inet_ioctl+0x10/0x10 [ 121.476105][ T6458] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 121.476153][ T6458] ? packet_ioctl+0x254/0x350 [ 121.476186][ T6458] sock_do_ioctl+0xdc/0x300 [ 121.476212][ T6458] ? __pfx_sock_do_ioctl+0x10/0x10 [ 121.476231][ T6458] ? __lock_acquire+0xab9/0xd20 [ 121.476277][ T6458] sock_ioctl+0x576/0x790 [ 121.476302][ T6458] ? __pfx_sock_ioctl+0x10/0x10 [ 121.476324][ T6458] ? __fget_files+0x2a/0x420 [ 121.476351][ T6458] ? __fget_files+0x3a0/0x420 [ 121.476377][ T6458] ? __fget_files+0x2a/0x420 [ 121.476409][ T6458] ? bpf_lsm_file_ioctl+0x9/0x20 [ 121.476427][ T6458] ? __pfx_sock_ioctl+0x10/0x10 [ 121.476447][ T6458] __se_sys_ioctl+0xfc/0x170 [ 121.476473][ T6458] do_syscall_64+0xfa/0x3b0 [ 121.476498][ T6458] ? lockdep_hardirqs_on+0x9c/0x150 [ 121.476522][ T6458] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 121.476540][ T6458] ? clear_bhb_loop+0x60/0xb0 [ 121.476563][ T6458] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 121.476581][ T6458] RIP: 0033:0x7f63c558e929 [ 121.476607][ T6458] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 121.476624][ T6458] RSP: 002b:00007f63c634f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 121.476653][ T6458] RAX: ffffffffffffffda RBX: 00007f63c57b5fa0 RCX: 00007f63c558e929 [ 121.476668][ T6458] RDX: 0000200000000180 RSI: 0000000000008914 RDI: 0000000000000004 [ 121.476681][ T6458] RBP: 00007f63c634f090 R08: 0000000000000000 R09: 0000000000000000 [ 121.476693][ T6458] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 121.476705][ T6458] R13: 0000000000000000 R14: 00007f63c57b5fa0 R15: 00007ffdceb5a768 [ 121.476737][ T6458] [ 121.477519][ T6458] syzkaller1: default qdisc (pfifo_fast) fail, fallback to noqueue [ 121.827314][ T6460] netlink: 28 bytes leftover after parsing attributes in process `syz.3.195'. [ 122.529581][ T1769] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 122.699489][ T1769] usb 2-1: Using ep0 maxpacket: 16 [ 122.710976][ T1769] usb 2-1: config index 0 descriptor too short (expected 59154, got 18) [ 122.724982][ T1769] usb 2-1: config 0 has an invalid interface number: 0 but max is -1 [ 122.733662][ T1769] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 0 [ 122.748637][ T1769] usb 2-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15 [ 122.763528][ T1769] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 122.772881][ T1769] usb 2-1: Product: syz [ 122.777087][ T1769] usb 2-1: Manufacturer: syz [ 122.784799][ T1769] usb 2-1: SerialNumber: syz [ 122.794829][ T1769] usb 2-1: config 0 descriptor?? [ 122.812955][ T1769] ssu100 2-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected [ 122.960250][ T6492] warning: `syz.2.209' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 123.216416][ T1769] ssu100 2-1:0.0: probe with driver ssu100 failed with error -71 [ 123.246093][ T1769] usb 2-1: USB disconnect, device number 13 [ 123.412372][ T6503] netlink: 8 bytes leftover after parsing attributes in process `syz.2.213'. [ 123.504262][ T6505] 8021q: VLANs not supported on caif0 [ 123.729454][ T5879] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 123.889665][ T5879] usb 4-1: Using ep0 maxpacket: 32 [ 123.901055][ T5879] usb 4-1: config 4 has an invalid interface number: 128 but max is 0 [ 123.925687][ T5879] usb 4-1: config 4 has no interface number 0 [ 123.939580][ T5879] usb 4-1: config 4 interface 128 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 123.969458][ T6517] netlink: 12 bytes leftover after parsing attributes in process `syz.2.218'. [ 123.983850][ T5879] usb 4-1: config 4 interface 128 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 124.020567][ T5879] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 124.046180][ T5879] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 124.072141][ T5879] hub 4-1:4.128: USB hub found [ 124.279195][ T5879] hub 4-1:4.128: 2 ports detected [ 124.297408][ T5879] hub 4-1:4.128: Using single TT (err -22) [ 124.479716][ T31] audit: type=1800 audit(1751298797.689:2): pid=6531 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.224" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 124.627868][ T6534] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 124.689742][ T5879] usb 4-1: USB disconnect, device number 10 [ 126.125732][ T6555] netlink: 232 bytes leftover after parsing attributes in process `syz.1.230'. [ 126.135855][ T6557] netlink: 12 bytes leftover after parsing attributes in process `syz.3.231'. [ 126.323123][ T6562] random: crng reseeded on system resumption [ 126.390828][ T6566] FAULT_INJECTION: forcing a failure. [ 126.390828][ T6566] name failslab, interval 1, probability 0, space 0, times 0 [ 126.414818][ T6566] CPU: 0 UID: 0 PID: 6566 Comm: syz.3.235 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 126.414846][ T6566] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 126.414857][ T6566] Call Trace: [ 126.414864][ T6566] [ 126.414873][ T6566] dump_stack_lvl+0x189/0x250 [ 126.414900][ T6566] ? __pfx____ratelimit+0x10/0x10 [ 126.414924][ T6566] ? __pfx_dump_stack_lvl+0x10/0x10 [ 126.414945][ T6566] ? __pfx__printk+0x10/0x10 [ 126.414973][ T6566] ? __pfx___might_resched+0x10/0x10 [ 126.414991][ T6566] ? fs_reclaim_acquire+0x7d/0x100 [ 126.415028][ T6566] should_fail_ex+0x414/0x560 [ 126.415061][ T6566] should_failslab+0xa8/0x100 [ 126.415087][ T6566] __kmalloc_cache_noprof+0x70/0x3d0 [ 126.415108][ T6566] ? snd_seq_create_port+0xc7/0x760 [ 126.415141][ T6566] snd_seq_create_port+0xc7/0x760 [ 126.415178][ T6566] snd_seq_ioctl_create_port+0x2a4/0x950 [ 126.415231][ T6566] ? __pfx_snd_seq_ioctl_create_port+0x10/0x10 [ 126.415273][ T6566] snd_seq_oss_open+0x545/0xea0 [ 126.415314][ T6566] ? __pfx_snd_seq_oss_open+0x10/0x10 [ 126.415357][ T6566] ? __lock_acquire+0xab9/0xd20 [ 126.415395][ T6566] ? __mutex_trylock_common+0x153/0x260 [ 126.415420][ T6566] ? __pfx___mutex_trylock_common+0x10/0x10 [ 126.415446][ T6566] ? rcu_is_watching+0x15/0xb0 [ 126.415466][ T6566] ? trace_contention_end+0x39/0x120 [ 126.415507][ T6566] ? __pfx___mutex_lock+0x10/0x10 [ 126.415537][ T6566] ? __pfx_snd_seq_oss_event_input+0x10/0x10 [ 126.415556][ T6566] ? __pfx_free_devinfo+0x10/0x10 [ 126.415572][ T6566] ? do_raw_spin_unlock+0x122/0x240 [ 126.415600][ T6566] ? soundcore_open+0x2da/0x490 [ 126.415622][ T6566] odev_open+0x67/0xa0 [ 126.415651][ T6566] chrdev_open+0x4cc/0x5e0 [ 126.415681][ T6566] ? __pfx_chrdev_open+0x10/0x10 [ 126.415716][ T6566] ? __pfx_chrdev_open+0x10/0x10 [ 126.415742][ T6566] do_dentry_open+0xdf3/0x1970 [ 126.415788][ T6566] vfs_open+0x3b/0x340 [ 126.415815][ T6566] ? path_openat+0x2ecd/0x3830 [ 126.415839][ T6566] path_openat+0x2ee5/0x3830 [ 126.415858][ T6566] ? arch_stack_walk+0xfc/0x150 [ 126.415926][ T6566] ? __pfx_path_openat+0x10/0x10 [ 126.415944][ T6566] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 126.415983][ T6566] do_filp_open+0x1fa/0x410 [ 126.416001][ T6566] ? __lock_acquire+0xab9/0xd20 [ 126.416036][ T6566] ? __pfx_do_filp_open+0x10/0x10 [ 126.416096][ T6566] ? _raw_spin_unlock+0x28/0x50 [ 126.416115][ T6566] ? alloc_fd+0x64c/0x6c0 [ 126.416174][ T6566] do_sys_openat2+0x121/0x1c0 [ 126.416196][ T6566] ? __pfx_do_sys_openat2+0x10/0x10 [ 126.416216][ T6566] ? exc_page_fault+0x76/0xf0 [ 126.416253][ T6566] ? do_user_addr_fault+0xc8a/0x1390 [ 126.416283][ T6566] __x64_sys_openat+0x138/0x170 [ 126.416306][ T6566] do_syscall_64+0xfa/0x3b0 [ 126.416329][ T6566] ? lockdep_hardirqs_on+0x9c/0x150 [ 126.416352][ T6566] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 126.416370][ T6566] ? clear_bhb_loop+0x60/0xb0 [ 126.416393][ T6566] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 126.416411][ T6566] RIP: 0033:0x7f1d7818d290 [ 126.416427][ T6566] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 126.416443][ T6566] RSP: 002b:00007f1d78fc5b70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 126.416463][ T6566] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f1d7818d290 [ 126.416475][ T6566] RDX: 0000000000000000 RSI: 00007f1d78fc5c10 RDI: 00000000ffffff9c [ 126.416487][ T6566] RBP: 00007f1d78fc5c10 R08: 0000000000000000 R09: 007265636e657571 [ 126.416500][ T6566] R10: 0000000000000000 R11: 0000000000000293 R12: cccccccccccccccd [ 126.416510][ T6566] R13: 0000000000000000 R14: 00007f1d783b5fa0 R15: 00007ffc19e208a8 [ 126.416539][ T6566] [ 126.416547][ T6566] ALSA: seq_oss: can't create port [ 126.731336][ C0] vkms_vblank_simulate: vblank timer overrun [ 127.010953][ T6576] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 127.581791][ T6599] exFAT-fs (rnullb0): invalid boot record signature [ 127.588978][ T6599] exFAT-fs (rnullb0): failed to read boot sector [ 127.596607][ T6599] exFAT-fs (rnullb0): failed to recognize exfat type [ 127.839951][ T6605] EXT4-fs (rnullb0): VFS: Can't find ext4 filesystem [ 128.235253][ T6618] Invalid logical block size (50331648) [ 128.746896][ T6628] exFAT-fs (nullb0): invalid boot record signature [ 128.754592][ T6628] exFAT-fs (nullb0): failed to read boot sector [ 128.762556][ T6628] exFAT-fs (nullb0): failed to recognize exfat type [ 129.408012][ T5835] usb 2-1: new full-speed USB device number 14 using dummy_hcd [ 129.433414][ T6648] netlink: 4 bytes leftover after parsing attributes in process `syz.0.269'. [ 129.572580][ T6647] sd 0:0:1:0: PR command failed: 1026 [ 129.578899][ T5835] usb 2-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 129.597672][ T5835] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x94, changing to 0x84 [ 129.610165][ T6647] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 129.616931][ T6647] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 129.627493][ T5835] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 129.637378][ T5835] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 129.666099][ T5835] usb 2-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=ed.ae [ 129.684941][ T6652] binder: 6651:6652 unknown command 0 [ 129.691045][ T6652] binder: 6651:6652 ioctl c0306201 200000000540 returned -22 [ 129.691365][ T5835] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 129.715579][ T5835] usb 2-1: Product: syz [ 129.738421][ T5835] usb 2-1: Manufacturer: syz [ 129.744108][ T5835] usb 2-1: SerialNumber: syz [ 129.770965][ T5835] usb 2-1: config 0 descriptor?? [ 129.998954][ T5835] usb 2-1: USB disconnect, device number 14 [ 130.394651][ T6673] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 130.403739][ T6676] FAULT_INJECTION: forcing a failure. [ 130.403739][ T6676] name failslab, interval 1, probability 0, space 0, times 0 [ 130.420735][ T6676] CPU: 1 UID: 0 PID: 6676 Comm: syz.0.282 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 130.420762][ T6676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 130.420775][ T6676] Call Trace: [ 130.420783][ T6676] [ 130.420792][ T6676] dump_stack_lvl+0x189/0x250 [ 130.420820][ T6676] ? __pfx____ratelimit+0x10/0x10 [ 130.420845][ T6676] ? __pfx_dump_stack_lvl+0x10/0x10 [ 130.420868][ T6676] ? __pfx__printk+0x10/0x10 [ 130.420898][ T6676] ? __pfx___might_resched+0x10/0x10 [ 130.420917][ T6676] ? fs_reclaim_acquire+0x7d/0x100 [ 130.420949][ T6676] should_fail_ex+0x414/0x560 [ 130.420985][ T6676] should_failslab+0xa8/0x100 [ 130.421012][ T6676] kmem_cache_alloc_noprof+0x73/0x3c0 [ 130.421034][ T6676] ? __kernfs_new_node+0xd7/0x7e0 [ 130.421071][ T6676] __kernfs_new_node+0xd7/0x7e0 [ 130.421101][ T6676] ? __lock_acquire+0xab9/0xd20 [ 130.421139][ T6676] ? __pfx___kernfs_new_node+0x10/0x10 [ 130.421172][ T6676] ? kernfs_root+0x1c/0x230 [ 130.421208][ T6676] ? kernfs_root+0x1c/0x230 [ 130.421237][ T6676] ? kernfs_root+0x1c/0x230 [ 130.421263][ T6676] ? kernfs_root+0x1c/0x230 [ 130.421297][ T6676] kernfs_new_node+0x102/0x210 [ 130.421333][ T6676] __kernfs_create_file+0x4b/0x2e0 [ 130.421361][ T6676] sysfs_add_file_mode_ns+0x238/0x300 [ 130.421396][ T6676] sysfs_create_file_ns+0x128/0x1a0 [ 130.421424][ T6676] ? __pfx_sysfs_create_file_ns+0x10/0x10 [ 130.421453][ T6676] ? kobject_put+0x43f/0x480 [ 130.421478][ T6676] ? kobject_create_and_add+0x178/0x240 [ 130.421512][ T6676] iommu_group_alloc+0x2c5/0x3a0 [ 130.421539][ T6676] __iommu_probe_device+0x5b3/0x11f0 [ 130.421572][ T6676] iommu_bus_notifier+0x87/0x2c0 [ 130.421597][ T6676] notifier_call_chain+0x1b3/0x3e0 [ 130.421627][ T6676] blocking_notifier_call_chain+0x6a/0x90 [ 130.421651][ T6676] bus_notify+0x143/0x180 [ 130.421684][ T6676] device_add+0x54d/0xb50 [ 130.421717][ T6676] iommufd_test+0x2f95/0x5170 [ 130.421757][ T6676] ? __pfx_iommufd_test+0x10/0x10 [ 130.421785][ T6676] ? __lock_acquire+0xab9/0xd20 [ 130.421825][ T6676] ? __might_fault+0xb0/0x130 [ 130.421872][ T6676] iommufd_fops_ioctl+0x45e/0x580 [ 130.421899][ T6676] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 130.421924][ T6676] ? __fget_files+0x2a/0x420 [ 130.421959][ T6676] ? __fget_files+0x2a/0x420 [ 130.421991][ T6676] ? bpf_lsm_file_ioctl+0x9/0x20 [ 130.422010][ T6676] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 130.422030][ T6676] __se_sys_ioctl+0xfc/0x170 [ 130.422055][ T6676] do_syscall_64+0xfa/0x3b0 [ 130.422079][ T6676] ? lockdep_hardirqs_on+0x9c/0x150 [ 130.422102][ T6676] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 130.422122][ T6676] ? clear_bhb_loop+0x60/0xb0 [ 130.422147][ T6676] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 130.422165][ T6676] RIP: 0033:0x7fe28318e929 [ 130.422183][ T6676] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 130.422199][ T6676] RSP: 002b:00007fe283f40038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 130.422220][ T6676] RAX: ffffffffffffffda RBX: 00007fe2833b5fa0 RCX: 00007fe28318e929 [ 130.422235][ T6676] RDX: 00002000000002c0 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 130.422248][ T6676] RBP: 00007fe283f40090 R08: 0000000000000000 R09: 0000000000000000 [ 130.422260][ T6676] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 130.422271][ T6676] R13: 0000000000000000 R14: 00007fe2833b5fa0 R15: 00007fff368aae78 [ 130.422303][ T6676] [ 130.861684][ T6680] gfs2: not a GFS2 filesystem [ 131.525456][ T6703] Bluetooth: MGMT ver 1.23 [ 131.624669][ T6710] capability: warning: `syz.3.295' uses deprecated v2 capabilities in a way that may be insecure [ 132.276206][ T31] audit: type=1800 audit(1751298805.489:3): pid=6734 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.303" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0 [ 133.294178][ T6737] netlink: 12 bytes leftover after parsing attributes in process `syz.2.304'. [ 133.909698][ T5843] Bluetooth: hci1: command 0x0c1a tx timeout [ 133.915894][ T6710] Bluetooth: hci1: Opcode 0x0c1a failed: -110 [ 134.281308][ T6744] netlink: 60 bytes leftover after parsing attributes in process `syz.2.306'. [ 134.290906][ T6743] netlink: 60 bytes leftover after parsing attributes in process `syz.2.306'. [ 134.300285][ T6744] netlink: 60 bytes leftover after parsing attributes in process `syz.2.306'. [ 134.594763][ T6710] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 134.602202][ T6710] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 134.608798][ T6710] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 134.864421][ T6752] netlink: 40 bytes leftover after parsing attributes in process `syz.1.309'. [ 134.877674][ T6752] tipc: Invalid UDP bearer configuration [ 134.877744][ T6752] tipc: Enabling of bearer rejected, failed to enable media [ 134.893495][ T6754] netlink: 4 bytes leftover after parsing attributes in process `syz.3.311'. [ 135.249444][ T6545] usb 2-1: new full-speed USB device number 15 using dummy_hcd [ 135.411719][ T6545] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xE has invalid wMaxPacketSize 0 [ 135.421588][ T6545] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xB3, changing to 0x83 [ 135.433841][ T6545] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10 [ 135.445257][ T6545] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 135.457658][ T6545] usb 2-1: New USB device found, idVendor=077d, idProduct=627a, bcdDevice= 0.10 [ 135.466911][ T6545] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 135.474967][ T6545] usb 2-1: Product: syz [ 135.479176][ T6545] usb 2-1: Manufacturer: syz [ 135.483897][ T6545] usb 2-1: SerialNumber: syz [ 135.491439][ T6545] usb 2-1: config 0 descriptor?? [ 135.502861][ T6545] radioshark2 2-1:0.0: Invalid radioSHARK2 device [ 135.512633][ T6545] radioshark2 2-1:0.0: probe with driver radioshark2 failed with error -22 [ 135.989532][ T5843] Bluetooth: hci2: command 0x0c1a tx timeout [ 136.533291][ T6765] orangefs_devreq_open: device cannot be opened in blocking mode [ 136.629770][ T5843] Bluetooth: hci3: command 0x0c1a tx timeout [ 136.639456][ T5843] Bluetooth: hci0: command 0x0c1a tx timeout [ 137.908282][ T6545] usb 2-1: USB disconnect, device number 15 [ 137.922961][ T6811] Mount JFS Failure: -22 [ 138.404614][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.824016][ T6850] FAULT_INJECTION: forcing a failure. [ 138.824016][ T6850] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 138.837337][ T6850] CPU: 1 UID: 0 PID: 6850 Comm: syz.0.331 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 138.837365][ T6850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 138.837377][ T6850] Call Trace: [ 138.837385][ T6850] [ 138.837394][ T6850] dump_stack_lvl+0x189/0x250 [ 138.837422][ T6850] ? __pfx____ratelimit+0x10/0x10 [ 138.837447][ T6850] ? __pfx_dump_stack_lvl+0x10/0x10 [ 138.837469][ T6850] ? __pfx__printk+0x10/0x10 [ 138.837491][ T6850] ? __might_fault+0xb0/0x130 [ 138.837523][ T6850] should_fail_ex+0x414/0x560 [ 138.837559][ T6850] _copy_from_user+0x2d/0xb0 [ 138.837589][ T6850] kvm_arch_vcpu_ioctl+0x1129/0x2a40 [ 138.837620][ T6850] ? __lock_acquire+0xab9/0xd20 [ 138.837654][ T6850] ? __pfx_kvm_arch_vcpu_ioctl+0x10/0x10 [ 138.837687][ T6850] ? __lock_acquire+0xab9/0xd20 [ 138.837736][ T6850] ? is_bpf_text_address+0x26/0x2b0 [ 138.837771][ T6850] ? is_bpf_text_address+0x292/0x2b0 [ 138.837799][ T6850] ? is_bpf_text_address+0x26/0x2b0 [ 138.837831][ T6850] ? kernel_text_address+0xa5/0xe0 [ 138.837859][ T6850] ? __kernel_text_address+0xd/0x40 [ 138.837884][ T6850] ? unwind_get_return_address+0x4d/0x90 [ 138.837913][ T6850] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 138.837937][ T6850] ? arch_stack_walk+0xfc/0x150 [ 138.837971][ T6850] ? stack_trace_save+0x9c/0xe0 [ 138.837997][ T6850] ? stack_depot_save_flags+0x40/0x900 [ 138.838036][ T6850] ? kasan_save_track+0x4f/0x80 [ 138.838055][ T6850] ? kasan_save_track+0x3e/0x80 [ 138.838083][ T6850] ? __lock_acquire+0xab9/0xd20 [ 138.838120][ T6850] ? __mutex_trylock_common+0x153/0x260 [ 138.838145][ T6850] ? __pfx___mutex_trylock_common+0x10/0x10 [ 138.838172][ T6850] ? rcu_is_watching+0x15/0xb0 [ 138.838192][ T6850] ? trace_contention_end+0x39/0x120 [ 138.838214][ T6850] ? __mutex_lock+0x330/0xe80 [ 138.838242][ T6850] ? kasan_quarantine_put+0xdd/0x220 [ 138.838266][ T6850] ? kvm_vcpu_ioctl+0x22e/0xe90 [ 138.838292][ T6850] ? __pfx___mutex_lock+0x10/0x10 [ 138.838322][ T6850] ? tomoyo_path_number_perm+0x1bc/0x5a0 [ 138.838354][ T6850] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 138.838392][ T6850] kvm_vcpu_ioctl+0x74d/0xe90 [ 138.838419][ T6850] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 138.838437][ T6850] ? __lock_acquire+0xab9/0xd20 [ 138.838485][ T6850] ? __fget_files+0x2a/0x420 [ 138.838515][ T6850] ? __fget_files+0x2a/0x420 [ 138.838541][ T6850] ? __fget_files+0x3a0/0x420 [ 138.838566][ T6850] ? __fget_files+0x2a/0x420 [ 138.838597][ T6850] ? bpf_lsm_file_ioctl+0x9/0x20 [ 138.838615][ T6850] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 138.838638][ T6850] __se_sys_ioctl+0xfc/0x170 [ 138.838662][ T6850] do_syscall_64+0xfa/0x3b0 [ 138.838687][ T6850] ? lockdep_hardirqs_on+0x9c/0x150 [ 138.838710][ T6850] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 138.838729][ T6850] ? clear_bhb_loop+0x60/0xb0 [ 138.838753][ T6850] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 138.838772][ T6850] RIP: 0033:0x7fe28318e929 [ 138.838789][ T6850] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 138.838805][ T6850] RSP: 002b:00007fe283f40038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 138.838826][ T6850] RAX: ffffffffffffffda RBX: 00007fe2833b5fa0 RCX: 00007fe28318e929 [ 138.838840][ T6850] RDX: 00002000000000c0 RSI: 000000004048aecb RDI: 000000000000000a [ 138.838853][ T6850] RBP: 00007fe283f40090 R08: 0000000000000000 R09: 0000000000000000 [ 138.838865][ T6850] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 138.838876][ T6850] R13: 0000000000000000 R14: 00007fe2833b5fa0 R15: 00007fff368aae78 [ 138.838913][ T6850] [ 139.325039][ T1769] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 139.338240][ T6854] sp0: Synchronizing with TNC [ 139.486467][ T1769] usb 2-1: Using ep0 maxpacket: 32 [ 139.495131][ T1769] usb 2-1: config 4 has an invalid interface number: 128 but max is 0 [ 139.504184][ T1769] usb 2-1: config 4 has no interface number 0 [ 139.510440][ T1769] usb 2-1: config 4 interface 128 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 139.521605][ T1769] usb 2-1: config 4 interface 128 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 139.531656][ T1769] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 139.540752][ T1769] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 139.556234][ T1769] hub 2-1:4.128: USB hub found [ 139.697244][ T6858] 9pnet_fd: Insufficient options for proto=fd [ 139.755870][ T1769] hub 2-1:4.128: 2 ports detected [ 139.761180][ T1769] hub 2-1:4.128: Using single TT (err -22) [ 140.162488][ T1769] usb 2-1: USB disconnect, device number 16 [ 141.615460][ T6877] openvswitch: netlink: Flow actions attr not present in new flow. [ 141.746947][ T6883] FAULT_INJECTION: forcing a failure. [ 141.746947][ T6883] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 141.761472][ T6883] CPU: 0 UID: 0 PID: 6883 Comm: syz.1.343 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 141.761500][ T6883] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 141.761512][ T6883] Call Trace: [ 141.761521][ T6883] [ 141.761538][ T6883] dump_stack_lvl+0x189/0x250 [ 141.761567][ T6883] ? __pfx____ratelimit+0x10/0x10 [ 141.761592][ T6883] ? __pfx_dump_stack_lvl+0x10/0x10 [ 141.761615][ T6883] ? __pfx__printk+0x10/0x10 [ 141.761638][ T6883] ? __might_fault+0xb0/0x130 [ 141.761673][ T6883] should_fail_ex+0x414/0x560 [ 141.761709][ T6883] _copy_from_user+0x2d/0xb0 [ 141.761742][ T6883] input_event_from_user+0xb2/0x280 [ 141.761780][ T6883] ? __pfx_input_event_from_user+0x10/0x10 [ 141.761813][ T6883] ? input_inject_event+0xbc/0x320 [ 141.761837][ T6883] evdev_write+0x2a6/0x480 [ 141.761871][ T6883] ? __pfx_evdev_write+0x10/0x10 [ 141.761899][ T6883] ? bpf_lsm_file_permission+0x9/0x20 [ 141.761916][ T6883] ? security_file_permission+0x75/0x290 [ 141.761948][ T6883] ? rw_verify_area+0x258/0x650 [ 141.761970][ T6883] ? __pfx_evdev_write+0x10/0x10 [ 141.761999][ T6883] vfs_write+0x27b/0xa90 [ 141.762032][ T6883] ? __pfx_vfs_write+0x10/0x10 [ 141.762063][ T6883] ? __fget_files+0x2a/0x420 [ 141.762094][ T6883] ? __fget_files+0x2a/0x420 [ 141.762121][ T6883] ? __fget_files+0x3a0/0x420 [ 141.762159][ T6883] ? __fget_files+0x2a/0x420 [ 141.762214][ T6883] ksys_write+0x145/0x250 [ 141.762241][ T6883] ? __pfx_ksys_write+0x10/0x10 [ 141.762263][ T6883] ? rcu_is_watching+0x15/0xb0 [ 141.762288][ T6883] ? do_syscall_64+0xbe/0x3b0 [ 141.762319][ T6883] do_syscall_64+0xfa/0x3b0 [ 141.762342][ T6883] ? lockdep_hardirqs_on+0x9c/0x150 [ 141.762366][ T6883] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 141.762386][ T6883] ? clear_bhb_loop+0x60/0xb0 [ 141.762411][ T6883] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 141.762429][ T6883] RIP: 0033:0x7f63c558e929 [ 141.762448][ T6883] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 141.762464][ T6883] RSP: 002b:00007f63c634f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 141.762490][ T6883] RAX: ffffffffffffffda RBX: 00007f63c57b5fa0 RCX: 00007f63c558e929 [ 141.762504][ T6883] RDX: 0000000000002250 RSI: 0000200000000040 RDI: 0000000000000003 [ 141.762517][ T6883] RBP: 00007f63c634f090 R08: 0000000000000000 R09: 0000000000000000 [ 141.762530][ T6883] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 141.762539][ T6883] R13: 0000000000000000 R14: 00007f63c57b5fa0 R15: 00007ffdceb5a768 [ 141.762563][ T6883] [ 142.024767][ C0] vkms_vblank_simulate: vblank timer overrun [ 142.053661][ T6886] /dev/rnullb0: Can't open blockdev [ 142.445432][ T6901] FAULT_INJECTION: forcing a failure. [ 142.445432][ T6901] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 142.458694][ T6901] CPU: 1 UID: 0 PID: 6901 Comm: syz.3.349 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 142.458722][ T6901] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 142.458734][ T6901] Call Trace: [ 142.458742][ T6901] [ 142.458751][ T6901] dump_stack_lvl+0x189/0x250 [ 142.458778][ T6901] ? __pfx____ratelimit+0x10/0x10 [ 142.458803][ T6901] ? __pfx_dump_stack_lvl+0x10/0x10 [ 142.458825][ T6901] ? __pfx__printk+0x10/0x10 [ 142.458847][ T6901] ? __might_fault+0xb0/0x130 [ 142.458881][ T6901] should_fail_ex+0x414/0x560 [ 142.458916][ T6901] _copy_from_user+0x2d/0xb0 [ 142.458948][ T6901] kvm_arch_vcpu_ioctl+0x638/0x2a40 [ 142.458980][ T6901] ? __lock_acquire+0xab9/0xd20 [ 142.459007][ T6901] ? kvm_arch_vcpu_ioctl+0x5f8/0x2a40 [ 142.459039][ T6901] ? __pfx_kvm_arch_vcpu_ioctl+0x10/0x10 [ 142.459072][ T6901] ? __lock_acquire+0xab9/0xd20 [ 142.459121][ T6901] ? is_bpf_text_address+0x26/0x2b0 [ 142.459156][ T6901] ? is_bpf_text_address+0x292/0x2b0 [ 142.459185][ T6901] ? is_bpf_text_address+0x26/0x2b0 [ 142.459217][ T6901] ? kernel_text_address+0xa5/0xe0 [ 142.459244][ T6901] ? __kernel_text_address+0xd/0x40 [ 142.459269][ T6901] ? unwind_get_return_address+0x4d/0x90 [ 142.459289][ T6901] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 142.459311][ T6901] ? arch_stack_walk+0xfc/0x150 [ 142.459349][ T6901] ? stack_trace_save+0x9c/0xe0 [ 142.459381][ T6901] ? stack_depot_save_flags+0x40/0x900 [ 142.459420][ T6901] ? kasan_save_track+0x4f/0x80 [ 142.459438][ T6901] ? kasan_save_track+0x3e/0x80 [ 142.459467][ T6901] ? __lock_acquire+0xab9/0xd20 [ 142.459505][ T6901] ? __mutex_trylock_common+0x153/0x260 [ 142.459530][ T6901] ? __pfx___mutex_trylock_common+0x10/0x10 [ 142.459557][ T6901] ? rcu_is_watching+0x15/0xb0 [ 142.459577][ T6901] ? trace_contention_end+0x39/0x120 [ 142.459599][ T6901] ? __mutex_lock+0x330/0xe80 [ 142.459628][ T6901] ? kasan_quarantine_put+0xdd/0x220 [ 142.459653][ T6901] ? kvm_vcpu_ioctl+0x22e/0xe90 [ 142.459678][ T6901] ? __pfx___mutex_lock+0x10/0x10 [ 142.459705][ T6901] ? tomoyo_path_number_perm+0x1bc/0x5a0 [ 142.459737][ T6901] ? tomoyo_path_number_perm+0x1bc/0x5a0 [ 142.459768][ T6901] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 142.459805][ T6901] kvm_vcpu_ioctl+0x74d/0xe90 [ 142.459834][ T6901] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 142.459854][ T6901] ? __lock_acquire+0xab9/0xd20 [ 142.459903][ T6901] ? __fget_files+0x2a/0x420 [ 142.459934][ T6901] ? __fget_files+0x2a/0x420 [ 142.459959][ T6901] ? __fget_files+0x3a0/0x420 [ 142.459984][ T6901] ? __fget_files+0x2a/0x420 [ 142.460015][ T6901] ? bpf_lsm_file_ioctl+0x9/0x20 [ 142.460034][ T6901] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 142.460057][ T6901] __se_sys_ioctl+0xfc/0x170 [ 142.460082][ T6901] do_syscall_64+0xfa/0x3b0 [ 142.460106][ T6901] ? lockdep_hardirqs_on+0x9c/0x150 [ 142.460130][ T6901] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 142.460150][ T6901] ? clear_bhb_loop+0x60/0xb0 [ 142.460174][ T6901] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 142.460193][ T6901] RIP: 0033:0x7f1d7818e929 [ 142.460210][ T6901] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 142.460226][ T6901] RSP: 002b:00007f1d78fc6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 142.460247][ T6901] RAX: ffffffffffffffda RBX: 00007f1d783b5fa0 RCX: 00007f1d7818e929 [ 142.460261][ T6901] RDX: 00002000000000c0 RSI: 000000004008ae89 RDI: 0000000000000005 [ 142.460274][ T6901] RBP: 00007f1d78fc6090 R08: 0000000000000000 R09: 0000000000000000 [ 142.460286][ T6901] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 142.460297][ T6901] R13: 0000000000000000 R14: 00007f1d783b5fa0 R15: 00007ffc19e208a8 [ 142.460328][ T6901] [ 142.490025][ T6903] netlink: 'syz.2.350': attribute type 6 has an invalid length. [ 145.992411][ T6931] binder: Bad value for 'stats' [ 147.349669][ T6961] Invalid logical block size (33554432) [ 147.482796][ T6967] hpfs: Bad magic ... probably not HPFS [ 148.135725][ T6982] hpfs: Bad magic ... probably not HPFS [ 148.144949][ T6981] hpfs: Bad magic ... probably not HPFS [ 148.408748][ T6993] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 148.761391][ T7011] /dev/rnullb0: Can't open blockdev [ 149.193610][ T7029] netlink: 'syz.0.402': attribute type 1 has an invalid length. [ 149.201676][ T7029] netlink: 16150 bytes leftover after parsing attributes in process `syz.0.402'. [ 149.356987][ T7033] hpfs: Bad magic ... probably not HPFS [ 149.642431][ T7040] XFS (rnullb0): Invalid superblock magic number [ 150.064812][ T7062] MTD: Couldn't look up '/dev/sg0': -15 [ 150.070652][ T7062] /dev/sg0: Can't lookup blockdev [ 150.089092][ T7064] MTD: Couldn't look up '/dev/sg0': -15 [ 150.095135][ T7064] /dev/sg0: Can't lookup blockdev [ 150.492516][ T7080] netlink: 8 bytes leftover after parsing attributes in process `syz.1.419'. [ 150.668861][ T7082] binder: 7075:7082 ioctl c018620c 200000000180 returned -1 [ 151.248687][ T7082] Bluetooth: hci0: Opcode 0x0401 failed: -4 [ 151.429420][ T7092] netlink: 8 bytes leftover after parsing attributes in process `syz.0.424'. [ 151.567830][ T30] nci: nci_add_new_protocol: the target found does not have the desired protocol [ 152.710644][ T5843] Bluetooth: hci0: command 0x0c1a tx timeout [ 153.694362][ T7109] netlink: zone id is out of range [ 153.703211][ T7109] netlink: zone id is out of range [ 153.712534][ T7109] netlink: zone id is out of range [ 153.717684][ T7109] netlink: zone id is out of range [ 153.723425][ T7109] netlink: zone id is out of range [ 153.728659][ T7109] netlink: zone id is out of range [ 153.734845][ T7109] netlink: zone id is out of range [ 153.741092][ T7109] netlink: zone id is out of range [ 153.747324][ T7109] netlink: zone id is out of range [ 153.757795][ T7109] netlink: zone id is out of range [ 154.484825][ T7096] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 155.274202][ T7161] program syz.2.448 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 155.553961][ T7168] netlink: 8 bytes leftover after parsing attributes in process `syz.1.450'. [ 155.611401][ T7170] netlink: 16186 bytes leftover after parsing attributes in process `syz.1.451'. [ 156.135471][ T7182] netlink: 12 bytes leftover after parsing attributes in process `syz.1.455'. [ 156.241254][ T7188] omfs: Invalid superblock (0) [ 156.752164][ T7199] netlink: 232 bytes leftover after parsing attributes in process `syz.0.463'. [ 157.797955][ T7217] FAULT_INJECTION: forcing a failure. [ 157.797955][ T7217] name failslab, interval 1, probability 0, space 0, times 0 [ 157.816823][ T7217] CPU: 0 UID: 0 PID: 7217 Comm: syz.0.468 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 157.816847][ T7217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 157.816858][ T7217] Call Trace: [ 157.816865][ T7217] [ 157.816873][ T7217] dump_stack_lvl+0x189/0x250 [ 157.816900][ T7217] ? __pfx____ratelimit+0x10/0x10 [ 157.816923][ T7217] ? __pfx_dump_stack_lvl+0x10/0x10 [ 157.816944][ T7217] ? __pfx__printk+0x10/0x10 [ 157.816971][ T7217] ? __pfx___might_resched+0x10/0x10 [ 157.816987][ T7217] ? fs_reclaim_acquire+0x7d/0x100 [ 157.817016][ T7217] should_fail_ex+0x414/0x560 [ 157.817049][ T7217] should_failslab+0xa8/0x100 [ 157.817072][ T7217] __kmalloc_cache_noprof+0x70/0x3d0 [ 157.817092][ T7217] ? snd_seq_queue_alloc+0x5d/0x790 [ 157.817124][ T7217] snd_seq_queue_alloc+0x5d/0x790 [ 157.817149][ T7217] ? __pfx_snd_seq_ioctl_create_port+0x10/0x10 [ 157.817182][ T7217] snd_seq_ioctl_create_queue+0x7f/0x3c0 [ 157.817215][ T7217] snd_seq_oss_open+0x5e0/0xea0 [ 157.817254][ T7217] ? __pfx_snd_seq_oss_open+0x10/0x10 [ 157.817294][ T7217] ? __lock_acquire+0xab9/0xd20 [ 157.817342][ T7217] ? rcu_is_watching+0x15/0xb0 [ 157.817361][ T7217] ? trace_contention_end+0x39/0x120 [ 157.817399][ T7217] ? __pfx___mutex_lock+0x10/0x10 [ 157.817428][ T7217] ? __pfx_snd_seq_oss_event_input+0x10/0x10 [ 157.817445][ T7217] ? __pfx_free_devinfo+0x10/0x10 [ 157.817460][ T7217] ? do_raw_spin_unlock+0x122/0x240 [ 157.817487][ T7217] ? soundcore_open+0x2da/0x490 [ 157.817506][ T7217] odev_open+0x67/0xa0 [ 157.817534][ T7217] chrdev_open+0x4cc/0x5e0 [ 157.817562][ T7217] ? __pfx_chrdev_open+0x10/0x10 [ 157.817594][ T7217] ? __pfx_chrdev_open+0x10/0x10 [ 157.817618][ T7217] do_dentry_open+0xdf3/0x1970 [ 157.817662][ T7217] vfs_open+0x3b/0x340 [ 157.817687][ T7217] ? path_openat+0x2ecd/0x3830 [ 157.817709][ T7217] path_openat+0x2ee5/0x3830 [ 157.817727][ T7217] ? arch_stack_walk+0xfc/0x150 [ 157.817780][ T7217] ? __pfx_path_openat+0x10/0x10 [ 157.817797][ T7217] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 157.817835][ T7217] do_filp_open+0x1fa/0x410 [ 157.817853][ T7217] ? __lock_acquire+0xab9/0xd20 [ 157.817881][ T7217] ? __pfx_do_filp_open+0x10/0x10 [ 157.817922][ T7217] ? _raw_spin_unlock+0x28/0x50 [ 157.817940][ T7217] ? alloc_fd+0x64c/0x6c0 [ 157.817976][ T7217] do_sys_openat2+0x121/0x1c0 [ 157.817996][ T7217] ? __pfx_do_sys_openat2+0x10/0x10 [ 157.818014][ T7217] ? exc_page_fault+0x76/0xf0 [ 157.818039][ T7217] ? do_user_addr_fault+0xc8a/0x1390 [ 157.818068][ T7217] __x64_sys_openat+0x138/0x170 [ 157.818091][ T7217] do_syscall_64+0xfa/0x3b0 [ 157.818130][ T7217] ? lockdep_hardirqs_on+0x9c/0x150 [ 157.818150][ T7217] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 157.818166][ T7217] ? clear_bhb_loop+0x60/0xb0 [ 157.818187][ T7217] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 157.818203][ T7217] RIP: 0033:0x7fe28318d290 [ 157.818219][ T7217] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 157.818233][ T7217] RSP: 002b:00007fe283f3fb70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 157.818251][ T7217] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe28318d290 [ 157.818262][ T7217] RDX: 0000000000000000 RSI: 00007fe283f3fc10 RDI: 00000000ffffff9c [ 157.818273][ T7217] RBP: 00007fe283f3fc10 R08: 0000000000000000 R09: 007265636e657571 [ 157.818284][ T7217] R10: 0000000000000000 R11: 0000000000000293 R12: cccccccccccccccd [ 157.818295][ T7217] R13: 0000000000000000 R14: 00007fe2833b5fa0 R15: 00007fff368aae78 [ 157.818321][ T7217] [ 158.166831][ C0] vkms_vblank_simulate: vblank timer overrun [ 158.260463][ T7221] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 158.570907][ T7233] Invalid logical block size (67108864) [ 158.574157][ T7229] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 158.826353][ T7245] /dev/rnullb0: Can't open blockdev [ 159.126344][ T7255] /dev/sg0: Can't lookup blockdev [ 159.151664][ T7255] program syz.1.480 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 159.178717][ T7256] netlink: 12 bytes leftover after parsing attributes in process `syz.2.479'. [ 159.655746][ T7272] netlink: 'syz.3.482': attribute type 1 has an invalid length. [ 159.656119][ T7274] /dev/rnullb0: Can't open blockdev [ 159.663694][ T7272] netlink: 16150 bytes leftover after parsing attributes in process `syz.3.482'. [ 159.673299][ T7274] /dev/rnullb0: Can't open blockdev [ 159.817048][ T7280] binder: 7279:7280 unknown command 0 [ 159.824220][ T7280] binder: 7279:7280 ioctl c0306201 200000000540 returned -22 [ 160.074523][ T7238] cgroup: fork rejected by pids controller in /syz0 [ 160.822991][ T7307] FAULT_INJECTION: forcing a failure. [ 160.822991][ T7307] name failslab, interval 1, probability 0, space 0, times 0 [ 160.836201][ T7307] CPU: 0 UID: 0 PID: 7307 Comm: syz.3.489 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 160.836227][ T7307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 160.836239][ T7307] Call Trace: [ 160.836247][ T7307] [ 160.836255][ T7307] dump_stack_lvl+0x189/0x250 [ 160.836282][ T7307] ? __pfx____ratelimit+0x10/0x10 [ 160.836307][ T7307] ? __pfx_dump_stack_lvl+0x10/0x10 [ 160.836329][ T7307] ? __pfx__printk+0x10/0x10 [ 160.836357][ T7307] ? __pfx___might_resched+0x10/0x10 [ 160.836376][ T7307] ? fs_reclaim_acquire+0x7d/0x100 [ 160.836405][ T7307] should_fail_ex+0x414/0x560 [ 160.836440][ T7307] should_failslab+0xa8/0x100 [ 160.836465][ T7307] kmem_cache_alloc_noprof+0x73/0x3c0 [ 160.836486][ T7307] ? __kernfs_new_node+0xd7/0x7e0 [ 160.836521][ T7307] __kernfs_new_node+0xd7/0x7e0 [ 160.836550][ T7307] ? __lock_acquire+0xab9/0xd20 [ 160.836586][ T7307] ? __pfx___kernfs_new_node+0x10/0x10 [ 160.836617][ T7307] ? kernfs_root+0x1c/0x230 [ 160.836652][ T7307] ? kernfs_root+0x1c/0x230 [ 160.836679][ T7307] ? kernfs_root+0x1c/0x230 [ 160.836704][ T7307] ? kernfs_root+0x1c/0x230 [ 160.836737][ T7307] kernfs_new_node+0x102/0x210 [ 160.836773][ T7307] __kernfs_create_file+0x4b/0x2e0 [ 160.836799][ T7307] sysfs_add_file_mode_ns+0x238/0x300 [ 160.836834][ T7307] sysfs_create_file_ns+0x128/0x1a0 [ 160.836862][ T7307] ? __pfx_sysfs_create_file_ns+0x10/0x10 [ 160.836890][ T7307] ? kobject_put+0x43f/0x480 [ 160.836914][ T7307] ? kobject_create_and_add+0x178/0x240 [ 160.836946][ T7307] iommu_group_alloc+0x27f/0x3a0 [ 160.836972][ T7307] __iommu_probe_device+0x5b3/0x11f0 [ 160.837003][ T7307] iommu_bus_notifier+0x87/0x2c0 [ 160.837027][ T7307] notifier_call_chain+0x1b3/0x3e0 [ 160.837062][ T7307] blocking_notifier_call_chain+0x6a/0x90 [ 160.837085][ T7307] bus_notify+0x143/0x180 [ 160.837118][ T7307] device_add+0x54d/0xb50 [ 160.837143][ T7307] iommufd_test+0x2f95/0x5170 [ 160.837194][ T7307] ? __pfx_iommufd_test+0x10/0x10 [ 160.837222][ T7307] ? __lock_acquire+0xab9/0xd20 [ 160.837260][ T7307] ? __might_fault+0xb0/0x130 [ 160.837324][ T7307] iommufd_fops_ioctl+0x45e/0x580 [ 160.837351][ T7307] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 160.837376][ T7307] ? __fget_files+0x2a/0x420 [ 160.837411][ T7307] ? __fget_files+0x2a/0x420 [ 160.837442][ T7307] ? bpf_lsm_file_ioctl+0x9/0x20 [ 160.837461][ T7307] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 160.837481][ T7307] __se_sys_ioctl+0xfc/0x170 [ 160.837506][ T7307] do_syscall_64+0xfa/0x3b0 [ 160.837530][ T7307] ? lockdep_hardirqs_on+0x9c/0x150 [ 160.837554][ T7307] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 160.837574][ T7307] ? clear_bhb_loop+0x60/0xb0 [ 160.837598][ T7307] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 160.837617][ T7307] RIP: 0033:0x7f1d7818e929 [ 160.837635][ T7307] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 160.837651][ T7307] RSP: 002b:00007f1d78fc6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 160.837672][ T7307] RAX: ffffffffffffffda RBX: 00007f1d783b5fa0 RCX: 00007f1d7818e929 [ 160.837687][ T7307] RDX: 00002000000002c0 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 160.837700][ T7307] RBP: 00007f1d78fc6090 R08: 0000000000000000 R09: 0000000000000000 [ 160.837712][ T7307] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 160.837723][ T7307] R13: 0000000000000000 R14: 00007f1d783b5fa0 R15: 00007ffc19e208a8 [ 160.837755][ T7307] [ 161.793274][ T7316] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 162.317392][ T7332] FAULT_INJECTION: forcing a failure. [ 162.317392][ T7332] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 162.331165][ T7332] CPU: 0 UID: 0 PID: 7332 Comm: syz.0.497 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 162.331192][ T7332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 162.331204][ T7332] Call Trace: [ 162.331213][ T7332] [ 162.331221][ T7332] dump_stack_lvl+0x189/0x250 [ 162.331250][ T7332] ? __pfx____ratelimit+0x10/0x10 [ 162.331274][ T7332] ? __pfx_dump_stack_lvl+0x10/0x10 [ 162.331297][ T7332] ? __pfx__printk+0x10/0x10 [ 162.331319][ T7332] ? __might_fault+0xb0/0x130 [ 162.331354][ T7332] should_fail_ex+0x414/0x560 [ 162.331389][ T7332] _copy_from_user+0x2d/0xb0 [ 162.331421][ T7332] ___sys_sendmsg+0x158/0x2a0 [ 162.331454][ T7332] ? __pfx____sys_sendmsg+0x10/0x10 [ 162.331523][ T7332] ? __fget_files+0x2a/0x420 [ 162.331550][ T7332] ? __fget_files+0x3a0/0x420 [ 162.331589][ T7332] __x64_sys_sendmsg+0x19b/0x260 [ 162.331622][ T7332] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 162.331663][ T7332] ? __pfx_ksys_write+0x10/0x10 [ 162.331691][ T7332] ? rcu_is_watching+0x15/0xb0 [ 162.331716][ T7332] ? do_syscall_64+0xbe/0x3b0 [ 162.331746][ T7332] do_syscall_64+0xfa/0x3b0 [ 162.331770][ T7332] ? lockdep_hardirqs_on+0x9c/0x150 [ 162.331793][ T7332] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 162.331813][ T7332] ? clear_bhb_loop+0x60/0xb0 [ 162.331837][ T7332] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 162.331856][ T7332] RIP: 0033:0x7fe28318e929 [ 162.331873][ T7332] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 162.331889][ T7332] RSP: 002b:00007fe283f40038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 162.331910][ T7332] RAX: ffffffffffffffda RBX: 00007fe2833b5fa0 RCX: 00007fe28318e929 [ 162.331925][ T7332] RDX: 0000000000000000 RSI: 0000200000000c00 RDI: 0000000000000003 [ 162.331937][ T7332] RBP: 00007fe283f40090 R08: 0000000000000000 R09: 0000000000000000 [ 162.331949][ T7332] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 162.331960][ T7332] R13: 0000000000000000 R14: 00007fe2833b5fa0 R15: 00007fff368aae78 [ 162.331991][ T7332] [ 162.781210][ T7338] syzkaller1: entered promiscuous mode [ 162.786711][ T7338] syzkaller1: entered allmulticast mode [ 163.069931][ T7340] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 163.076807][ T7340] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 163.083192][ T7340] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 163.089278][ T7340] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 163.251074][ T7347] netlink: 4 bytes leftover after parsing attributes in process `syz.1.505'. [ 164.403020][ T7366] netlink: 8 bytes leftover after parsing attributes in process `syz.2.511'. [ 165.029558][ T5843] Bluetooth: hci1: command 0x0c1a tx timeout [ 165.073009][ T7382] sp0: Synchronizing with TNC [ 165.109536][ T5843] Bluetooth: hci3: command 0x0c1a tx timeout [ 165.109558][ T5837] Bluetooth: hci0: command 0x0c1a tx timeout [ 165.115781][ T5846] Bluetooth: hci2: command 0x0c1a tx timeout [ 165.524622][ T5846] Bluetooth: hci0: Malformed HCI Event [ 165.527267][ T7394] hpfs: Bad magic ... probably not HPFS [ 166.415203][ T7408] netlink: 'syz.0.528': attribute type 1 has an invalid length. [ 166.423685][ T7408] netlink: 16150 bytes leftover after parsing attributes in process `syz.0.528'. [ 166.841193][ T7418] net_ratelimit: 341 callbacks suppressed [ 166.841214][ T7418] sock: sock_set_timeout: `syz.1.533' (pid 7418) tries to set negative timeout [ 167.065913][ T7429] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 167.638654][ T7435] netlink: 'syz.2.539': attribute type 1 has an invalid length. [ 167.659554][ T7435] netlink: 16150 bytes leftover after parsing attributes in process `syz.2.539'. [ 169.818953][ T7447] netlink: 12 bytes leftover after parsing attributes in process `syz.0.545'. [ 170.123201][ T7457] netlink: 60 bytes leftover after parsing attributes in process `syz.1.549'. [ 170.633042][ T7468] ntfs3(rnullb0): Primary boot signature is not NTFS. [ 170.643652][ T7468] ntfs3(rnullb0): Alternative boot signature is not NTFS. [ 171.188748][ T7478] tipc: Started in network mode [ 171.196603][ T7478] tipc: Node identity ac14142f, cluster identity 4711 [ 171.210280][ T7478] tipc: New replicast peer: 0.0.0.0 [ 171.217883][ T7478] tipc: Enabled bearer , priority 10 [ 171.447420][ T7488] netlink: 8 bytes leftover after parsing attributes in process `syz.2.563'. [ 171.596055][ T7492] hfs: can't find a HFS filesystem on dev rnullb0 [ 172.330536][ T6861] tipc: Node number set to 2886997039 [ 172.513938][ T7500] netlink: 8 bytes leftover after parsing attributes in process `syz.2.568'. [ 172.606799][ T7502] netlink: 'syz.2.569': attribute type 1 has an invalid length. [ 172.616533][ T7502] netlink: 16150 bytes leftover after parsing attributes in process `syz.2.569'. [ 172.898183][ T7506] omfs: Invalid superblock (0) [ 173.235770][ T7518] netlink: 28 bytes leftover after parsing attributes in process `syz.0.575'. [ 173.422319][ T7524] netlink: 'syz.0.578': attribute type 1 has an invalid length. [ 173.431462][ T7524] netlink: 16150 bytes leftover after parsing attributes in process `syz.0.578'. [ 173.733892][ T7528] syz.0.580: attempt to access beyond end of device [ 173.733892][ T7528] loop0: rw=0, sector=0, nr_sectors = 1 limit=0 [ 173.746833][ T7528] exFAT-fs (loop0): unable to read boot sector [ 173.753594][ T7528] exFAT-fs (loop0): failed to read boot sector [ 173.760341][ T7528] exFAT-fs (loop0): failed to recognize exfat type [ 173.995427][ T7534] FAULT_INJECTION: forcing a failure. [ 173.995427][ T7534] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 174.008679][ T7534] CPU: 1 UID: 0 PID: 7534 Comm: syz.1.582 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 174.008707][ T7534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 174.008719][ T7534] Call Trace: [ 174.008728][ T7534] [ 174.008737][ T7534] dump_stack_lvl+0x189/0x250 [ 174.008764][ T7534] ? __pfx____ratelimit+0x10/0x10 [ 174.008789][ T7534] ? __pfx_dump_stack_lvl+0x10/0x10 [ 174.008805][ T7534] ? __pfx__printk+0x10/0x10 [ 174.008831][ T7534] should_fail_ex+0x414/0x560 [ 174.008857][ T7534] _copy_to_user+0x31/0xb0 [ 174.008872][ T7534] simple_read_from_buffer+0xe1/0x170 [ 174.008895][ T7534] proc_fail_nth_read+0x1df/0x250 [ 174.008919][ T7534] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 174.008943][ T7534] ? rw_verify_area+0x258/0x650 [ 174.008959][ T7534] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 174.008981][ T7534] vfs_read+0x1fd/0x980 [ 174.009002][ T7534] ? __pfx___mutex_lock+0x10/0x10 [ 174.009035][ T7534] ? __pfx_vfs_read+0x10/0x10 [ 174.009052][ T7534] ? __fget_files+0x2a/0x420 [ 174.009074][ T7534] ? __fget_files+0x3a0/0x420 [ 174.009093][ T7534] ? __fget_files+0x2a/0x420 [ 174.009118][ T7534] ksys_read+0x145/0x250 [ 174.009136][ T7534] ? __pfx_ksys_read+0x10/0x10 [ 174.009157][ T7534] ? do_syscall_64+0xbe/0x3b0 [ 174.009177][ T7534] do_syscall_64+0xfa/0x3b0 [ 174.009194][ T7534] ? lockdep_hardirqs_on+0x9c/0x150 [ 174.009211][ T7534] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 174.009225][ T7534] ? clear_bhb_loop+0x60/0xb0 [ 174.009242][ T7534] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 174.009256][ T7534] RIP: 0033:0x7f63c558d33c [ 174.009269][ T7534] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 174.009280][ T7534] RSP: 002b:00007f63c634f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 174.009295][ T7534] RAX: ffffffffffffffda RBX: 00007f63c57b5fa0 RCX: 00007f63c558d33c [ 174.009307][ T7534] RDX: 000000000000000f RSI: 00007f63c634f0a0 RDI: 0000000000000004 [ 174.009322][ T7534] RBP: 00007f63c634f090 R08: 0000000000000000 R09: 0000000000000000 [ 174.009333][ T7534] R10: 0000000000000013 R11: 0000000000000246 R12: 0000000000000001 [ 174.009344][ T7534] R13: 0000000000000000 R14: 00007f63c57b5fa0 R15: 00007ffdceb5a768 [ 174.009373][ T7534] [ 174.613946][ T7549] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 175.924126][ T7567] infiniband syz1: set active [ 175.929522][ T7567] infiniband syz1: added syz_tun [ 176.004566][ T7567] RDS/IB: syz1: added [ 176.012278][ T7567] smc: adding ib device syz1 with port count 1 [ 176.018701][ T7567] smc: ib device syz1 port 1 has pnetid SYZ0 (user defined) [ 176.557977][ T7577] netlink: 232 bytes leftover after parsing attributes in process `syz.2.599'. [ 176.681804][ T7580] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 178.051591][ T7600] netlink: 'syz.0.606': attribute type 1 has an invalid length. [ 178.065780][ T7600] netlink: 16150 bytes leftover after parsing attributes in process `syz.0.606'. [ 178.850710][ T7611] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 178.978786][ T5846] Bluetooth: hci2: Malformed HCI Event [ 179.318818][ T7624] netlink: 'syz.3.615': attribute type 1 has an invalid length. [ 179.330710][ T7624] netlink: 16150 bytes leftover after parsing attributes in process `syz.3.615'. [ 179.534041][ T7633] binder: BINDER_SET_CONTEXT_MGR already set [ 179.542681][ T7633] binder: 7631:7633 ioctl 4018620d 2000000000c0 returned -16 [ 179.554093][ T7632] binder: 7631:7632 unknown command 0 [ 179.554092][ T7633] binder: 7631:7633 unknown command 0 [ 179.554114][ T7632] binder: 7631:7632 ioctl c0306201 2000000002c0 returned -22 [ 179.559539][ T7633] binder: 7631:7633 ioctl c0306201 2000000002c0 returned -22 [ 179.562797][ T7633] binder: 7631:7633 ioctl 8138ae83 7f1d78fa3aa0 returned -22 [ 179.625390][ T5846] Bluetooth: hci2: Malformed HCI Event [ 179.735748][ T7637] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 179.996644][ T7644] FAULT_INJECTION: forcing a failure. [ 179.996644][ T7644] name failslab, interval 1, probability 0, space 0, times 0 [ 180.009528][ T7644] CPU: 1 UID: 0 PID: 7644 Comm: syz.3.624 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 180.009555][ T7644] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 180.009566][ T7644] Call Trace: [ 180.009574][ T7644] [ 180.009582][ T7644] dump_stack_lvl+0x189/0x250 [ 180.009610][ T7644] ? __pfx____ratelimit+0x10/0x10 [ 180.009634][ T7644] ? __pfx_dump_stack_lvl+0x10/0x10 [ 180.009656][ T7644] ? __pfx__printk+0x10/0x10 [ 180.009683][ T7644] ? __pfx___might_resched+0x10/0x10 [ 180.009707][ T7644] should_fail_ex+0x414/0x560 [ 180.009742][ T7644] should_failslab+0xa8/0x100 [ 180.009767][ T7644] kmem_cache_alloc_node_noprof+0x76/0x3c0 [ 180.009789][ T7644] ? __alloc_skb+0x112/0x2d0 [ 180.009820][ T7644] __alloc_skb+0x112/0x2d0 [ 180.009850][ T7644] netlink_sendmsg+0x5c6/0xb30 [ 180.009885][ T7644] ? __pfx_netlink_sendmsg+0x10/0x10 [ 180.009914][ T7644] ? aa_sock_msg_perm+0xf1/0x1d0 [ 180.009936][ T7644] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 180.009963][ T7644] ? __pfx_netlink_sendmsg+0x10/0x10 [ 180.009990][ T7644] __sock_sendmsg+0x21c/0x270 [ 180.010015][ T7644] ____sys_sendmsg+0x505/0x830 [ 180.010061][ T7644] ? __pfx_____sys_sendmsg+0x10/0x10 [ 180.010098][ T7644] ? import_iovec+0x74/0xa0 [ 180.010129][ T7644] ___sys_sendmsg+0x21f/0x2a0 [ 180.010159][ T7644] ? __pfx____sys_sendmsg+0x10/0x10 [ 180.010221][ T7644] ? __fget_files+0x2a/0x420 [ 180.010252][ T7644] ? __fget_files+0x3a0/0x420 [ 180.010305][ T7644] __x64_sys_sendmsg+0x19b/0x260 [ 180.010337][ T7644] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 180.010377][ T7644] ? __pfx_ksys_write+0x10/0x10 [ 180.010406][ T7644] ? do_syscall_64+0xbe/0x3b0 [ 180.010434][ T7644] do_syscall_64+0xfa/0x3b0 [ 180.010457][ T7644] ? lockdep_hardirqs_on+0x9c/0x150 [ 180.010479][ T7644] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 180.010498][ T7644] ? clear_bhb_loop+0x60/0xb0 [ 180.010521][ T7644] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 180.010540][ T7644] RIP: 0033:0x7f1d7818e929 [ 180.010557][ T7644] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 180.010572][ T7644] RSP: 002b:00007f1d78fc6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 180.010593][ T7644] RAX: ffffffffffffffda RBX: 00007f1d783b5fa0 RCX: 00007f1d7818e929 [ 180.010607][ T7644] RDX: 0000000000000000 RSI: 0000200000000c00 RDI: 0000000000000003 [ 180.010619][ T7644] RBP: 00007f1d78fc6090 R08: 0000000000000000 R09: 0000000000000000 [ 180.010630][ T7644] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 180.010641][ T7644] R13: 0000000000000000 R14: 00007f1d783b5fa0 R15: 00007ffc19e208a8 [ 180.010670][ T7644] [ 180.317735][ T7646] netlink: 'syz.3.625': attribute type 1 has an invalid length. [ 180.325641][ T7646] netlink: 16150 bytes leftover after parsing attributes in process `syz.3.625'. [ 180.433849][ T7648] hpfs: Bad magic ... probably not HPFS [ 180.579660][ T7654] syzkaller1: entered promiscuous mode [ 180.585272][ T7654] syzkaller1: entered allmulticast mode [ 180.674289][ T5846] Bluetooth: hci2: Malformed HCI Event [ 180.754560][ T7658] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 181.027013][ T7665] syz.2.633: attempt to access beyond end of device [ 181.027013][ T7665] nbd2: rw=0, sector=0, nr_sectors = 1 limit=0 [ 181.040007][ T7665] exFAT-fs (nbd2): unable to read boot sector [ 181.046084][ T7665] exFAT-fs (nbd2): failed to read boot sector [ 181.053575][ T7665] exFAT-fs (nbd2): failed to recognize exfat type [ 181.172157][ T7669] netlink: 4 bytes leftover after parsing attributes in process `syz.2.635'. [ 181.967566][ T7697] sp0: Synchronizing with TNC [ 182.375990][ T7705] FAULT_INJECTION: forcing a failure. [ 182.375990][ T7705] name failslab, interval 1, probability 0, space 0, times 0 [ 182.390042][ T7705] CPU: 0 UID: 0 PID: 7705 Comm: syz.0.649 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 182.390070][ T7705] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 182.390081][ T7705] Call Trace: [ 182.390089][ T7705] [ 182.390097][ T7705] dump_stack_lvl+0x189/0x250 [ 182.390125][ T7705] ? __pfx____ratelimit+0x10/0x10 [ 182.390150][ T7705] ? __pfx_dump_stack_lvl+0x10/0x10 [ 182.390172][ T7705] ? __pfx__printk+0x10/0x10 [ 182.390201][ T7705] ? ref_tracker_alloc+0x318/0x460 [ 182.390223][ T7705] should_fail_ex+0x414/0x560 [ 182.390257][ T7705] should_failslab+0xa8/0x100 [ 182.390289][ T7705] kmem_cache_alloc_noprof+0x73/0x3c0 [ 182.390310][ T7705] ? skb_clone+0x212/0x3a0 [ 182.390334][ T7705] skb_clone+0x212/0x3a0 [ 182.390357][ T7705] __netlink_deliver_tap+0x404/0x850 [ 182.390396][ T7705] ? netlink_deliver_tap+0x2e/0x1b0 [ 182.390423][ T7705] netlink_deliver_tap+0x19c/0x1b0 [ 182.390450][ T7705] netlink_unicast+0x72f/0x8d0 [ 182.390485][ T7705] netlink_sendmsg+0x805/0xb30 [ 182.390521][ T7705] ? __pfx_netlink_sendmsg+0x10/0x10 [ 182.390551][ T7705] ? aa_sock_msg_perm+0xf1/0x1d0 [ 182.390574][ T7705] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 182.390602][ T7705] ? __pfx_netlink_sendmsg+0x10/0x10 [ 182.390630][ T7705] __sock_sendmsg+0x21c/0x270 [ 182.390656][ T7705] ____sys_sendmsg+0x505/0x830 [ 182.390691][ T7705] ? __pfx_____sys_sendmsg+0x10/0x10 [ 182.390731][ T7705] ? import_iovec+0x74/0xa0 [ 182.390765][ T7705] ___sys_sendmsg+0x21f/0x2a0 [ 182.390798][ T7705] ? __pfx____sys_sendmsg+0x10/0x10 [ 182.390866][ T7705] ? __fget_files+0x2a/0x420 [ 182.390892][ T7705] ? __fget_files+0x3a0/0x420 [ 182.390930][ T7705] __x64_sys_sendmsg+0x19b/0x260 [ 182.390963][ T7705] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 182.391007][ T7705] ? __pfx_ksys_write+0x10/0x10 [ 182.391056][ T7705] ? do_syscall_64+0xbe/0x3b0 [ 182.391086][ T7705] do_syscall_64+0xfa/0x3b0 [ 182.391110][ T7705] ? lockdep_hardirqs_on+0x9c/0x150 [ 182.391133][ T7705] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 182.391153][ T7705] ? clear_bhb_loop+0x60/0xb0 [ 182.391177][ T7705] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 182.391196][ T7705] RIP: 0033:0x7fe28318e929 [ 182.391214][ T7705] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 182.391230][ T7705] RSP: 002b:00007fe283f40038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 182.391251][ T7705] RAX: ffffffffffffffda RBX: 00007fe2833b5fa0 RCX: 00007fe28318e929 [ 182.391272][ T7705] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003 [ 182.391284][ T7705] RBP: 00007fe283f40090 R08: 0000000000000000 R09: 0000000000000000 [ 182.391296][ T7705] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 182.391307][ T7705] R13: 0000000000000000 R14: 00007fe2833b5fa0 R15: 00007fff368aae78 [ 182.391337][ T7705] [ 182.771722][ T7709] Can't find a SQUASHFS superblock on rnullb0 [ 182.779020][ T7709] Can't find a SQUASHFS superblock on rnullb0 [ 183.178350][ T7725] msdos: Unknown parameter '**' [ 183.906577][ T7734] FAULT_INJECTION: forcing a failure. [ 183.906577][ T7734] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 183.920127][ T7734] CPU: 0 UID: 0 PID: 7734 Comm: syz.1.659 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 183.920154][ T7734] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 183.920167][ T7734] Call Trace: [ 183.920175][ T7734] [ 183.920183][ T7734] dump_stack_lvl+0x189/0x250 [ 183.920211][ T7734] ? __pfx____ratelimit+0x10/0x10 [ 183.920236][ T7734] ? __pfx_dump_stack_lvl+0x10/0x10 [ 183.920259][ T7734] ? __pfx__printk+0x10/0x10 [ 183.920282][ T7734] ? __might_fault+0xb0/0x130 [ 183.920317][ T7734] should_fail_ex+0x414/0x560 [ 183.920352][ T7734] _copy_from_user+0x2d/0xb0 [ 183.920384][ T7734] input_event_from_user+0xb2/0x280 [ 183.920414][ T7734] ? __pfx_input_event_from_user+0x10/0x10 [ 183.920447][ T7734] ? input_inject_event+0xbc/0x320 [ 183.920472][ T7734] evdev_write+0x2a6/0x480 [ 183.920505][ T7734] ? __pfx_evdev_write+0x10/0x10 [ 183.920532][ T7734] ? bpf_lsm_file_permission+0x9/0x20 [ 183.920550][ T7734] ? security_file_permission+0x75/0x290 [ 183.920580][ T7734] ? rw_verify_area+0x258/0x650 [ 183.920602][ T7734] ? __pfx_evdev_write+0x10/0x10 [ 183.920630][ T7734] vfs_write+0x27b/0xa90 [ 183.920662][ T7734] ? __pfx_vfs_write+0x10/0x10 [ 183.920688][ T7734] ? __fget_files+0x2a/0x420 [ 183.920719][ T7734] ? __fget_files+0x2a/0x420 [ 183.920744][ T7734] ? __fget_files+0x3a0/0x420 [ 183.920770][ T7734] ? __fget_files+0x2a/0x420 [ 183.920807][ T7734] ksys_write+0x145/0x250 [ 183.920833][ T7734] ? __pfx_ksys_write+0x10/0x10 [ 183.920862][ T7734] ? do_syscall_64+0xbe/0x3b0 [ 183.920892][ T7734] do_syscall_64+0xfa/0x3b0 [ 183.920924][ T7734] ? lockdep_hardirqs_on+0x9c/0x150 [ 183.920948][ T7734] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 183.920967][ T7734] ? clear_bhb_loop+0x60/0xb0 [ 183.920992][ T7734] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 183.921011][ T7734] RIP: 0033:0x7f63c558e929 [ 183.921029][ T7734] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 183.921045][ T7734] RSP: 002b:00007f63c634f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 183.921067][ T7734] RAX: ffffffffffffffda RBX: 00007f63c57b5fa0 RCX: 00007f63c558e929 [ 183.921081][ T7734] RDX: 0000000000002250 RSI: 0000200000000040 RDI: 0000000000000003 [ 183.921093][ T7734] RBP: 00007f63c634f090 R08: 0000000000000000 R09: 0000000000000000 [ 183.921104][ T7734] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 183.921115][ T7734] R13: 0000000000000000 R14: 00007f63c57b5fa0 R15: 00007ffdceb5a768 [ 183.921146][ T7734] [ 184.310488][ C0] vkms_vblank_simulate: vblank timer overrun [ 184.538130][ T7756] FAULT_INJECTION: forcing a failure. [ 184.538130][ T7756] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 184.561484][ T7756] CPU: 1 UID: 0 PID: 7756 Comm: syz.1.665 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 184.561511][ T7756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 184.561524][ T7756] Call Trace: [ 184.561532][ T7756] [ 184.561540][ T7756] dump_stack_lvl+0x189/0x250 [ 184.561568][ T7756] ? __pfx____ratelimit+0x10/0x10 [ 184.561593][ T7756] ? __pfx_dump_stack_lvl+0x10/0x10 [ 184.561615][ T7756] ? __pfx__printk+0x10/0x10 [ 184.561639][ T7756] ? __might_fault+0xb0/0x130 [ 184.561673][ T7756] should_fail_ex+0x414/0x560 [ 184.561710][ T7756] _copy_from_user+0x2d/0xb0 [ 184.561742][ T7756] memdup_user+0x5e/0xd0 [ 184.561772][ T7756] kvm_arch_vcpu_ioctl+0x1aa8/0x2a40 [ 184.561803][ T7756] ? __lock_acquire+0xab9/0xd20 [ 184.561831][ T7756] ? kvm_arch_vcpu_ioctl+0x5f8/0x2a40 [ 184.561872][ T7756] ? __pfx_kvm_arch_vcpu_ioctl+0x10/0x10 [ 184.561906][ T7756] ? __lock_acquire+0xab9/0xd20 [ 184.561957][ T7756] ? is_bpf_text_address+0x26/0x2b0 [ 184.561993][ T7756] ? is_bpf_text_address+0x292/0x2b0 [ 184.562022][ T7756] ? is_bpf_text_address+0x26/0x2b0 [ 184.562056][ T7756] ? kernel_text_address+0xa5/0xe0 [ 184.562084][ T7756] ? __kernel_text_address+0xd/0x40 [ 184.562109][ T7756] ? unwind_get_return_address+0x4d/0x90 [ 184.562130][ T7756] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 184.562154][ T7756] ? arch_stack_walk+0xfc/0x150 [ 184.562189][ T7756] ? stack_trace_save+0x9c/0xe0 [ 184.562215][ T7756] ? stack_depot_save_flags+0x40/0x900 [ 184.562257][ T7756] ? kasan_save_track+0x4f/0x80 [ 184.562274][ T7756] ? kasan_save_track+0x3e/0x80 [ 184.562304][ T7756] ? __lock_acquire+0xab9/0xd20 [ 184.562342][ T7756] ? __mutex_trylock_common+0x153/0x260 [ 184.562367][ T7756] ? __pfx___mutex_trylock_common+0x10/0x10 [ 184.562395][ T7756] ? rcu_is_watching+0x15/0xb0 [ 184.562415][ T7756] ? trace_contention_end+0x39/0x120 [ 184.562437][ T7756] ? __mutex_lock+0x330/0xe80 [ 184.562466][ T7756] ? kasan_quarantine_put+0xdd/0x220 [ 184.562491][ T7756] ? kvm_vcpu_ioctl+0x22e/0xe90 [ 184.562517][ T7756] ? __pfx___mutex_lock+0x10/0x10 [ 184.562544][ T7756] ? tomoyo_path_number_perm+0x1bc/0x5a0 [ 184.562578][ T7756] ? tomoyo_path_number_perm+0x1bc/0x5a0 [ 184.562609][ T7756] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 184.562667][ T7756] kvm_vcpu_ioctl+0x74d/0xe90 [ 184.562698][ T7756] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 184.562718][ T7756] ? __lock_acquire+0xab9/0xd20 [ 184.562770][ T7756] ? __fget_files+0x2a/0x420 [ 184.562801][ T7756] ? __fget_files+0x2a/0x420 [ 184.562827][ T7756] ? __fget_files+0x3a0/0x420 [ 184.562859][ T7756] ? __fget_files+0x2a/0x420 [ 184.562897][ T7756] ? bpf_lsm_file_ioctl+0x9/0x20 [ 184.562925][ T7756] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 184.562956][ T7756] __se_sys_ioctl+0xfc/0x170 [ 184.562993][ T7756] do_syscall_64+0xfa/0x3b0 [ 184.563026][ T7756] ? lockdep_hardirqs_on+0x9c/0x150 [ 184.563069][ T7756] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 184.563095][ T7756] ? clear_bhb_loop+0x60/0xb0 [ 184.563126][ T7756] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 184.563151][ T7756] RIP: 0033:0x7f63c558e929 [ 184.563175][ T7756] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 184.563194][ T7756] RSP: 002b:00007f63c634f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 184.563220][ T7756] RAX: ffffffffffffffda RBX: 00007f63c57b5fa0 RCX: 00007f63c558e929 [ 184.563240][ T7756] RDX: 00002000000000c0 RSI: 000000004008ae89 RDI: 0000000000000005 [ 184.563258][ T7756] RBP: 00007f63c634f090 R08: 0000000000000000 R09: 0000000000000000 [ 184.563273][ T7756] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 184.563289][ T7756] R13: 0000000000000000 R14: 00007f63c57b5fa0 R15: 00007ffdceb5a768 [ 184.563329][ T7756] [ 184.583721][ T7752] overlay: ./file0 is not a directory [ 184.891359][ C0] vkms_vblank_simulate: vblank timer overrun [ 186.945872][ T7822] gfs2: not a GFS2 filesystem [ 186.953218][ T7821] netlink: 12 bytes leftover after parsing attributes in process `syz.3.692'. [ 187.361312][ T7833] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 187.531213][ T7831] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 188.214987][ T7844] netlink: 8 bytes leftover after parsing attributes in process `syz.3.700'. [ 188.238977][ T7843] workqueue: Failed to create a rescuer kthread for wq "xfs-blockgc/rnullb0": -EINTR [ 188.774996][ T7871] overlay: Unknown parameter 'uid>00000000000000000000' [ 189.135639][ T7877] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 190.217355][ T7886] @: renamed from vlan0 (while UP) [ 190.252827][ T7886] netlink: 212408 bytes leftover after parsing attributes in process `syz.0.714'. [ 190.428983][ T7892] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 190.448157][ T7892] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 190.579618][ T7895] netlink: 8 bytes leftover after parsing attributes in process `syz.0.717'. [ 191.890266][ T7905] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 191.908076][ T7905] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 191.922245][ T7905] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 191.935264][ T7905] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 191.949961][ T7905] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 192.577015][ T7909] Malformed UNC in devname [ 192.577015][ T7909] [ 192.585212][ T7909] CIFS: VFS: Malformed UNC in devname [ 194.998252][ T7961] 8021q: adding VLAN 0 to HW filter on device bond0 [ 195.018771][ T7961] bond0: (slave rose0): Enslaving as an active interface with an up link [ 195.240530][ T7971] exFAT-fs (nullb0): invalid boot record signature [ 195.248289][ T7971] exFAT-fs (nullb0): failed to read boot sector [ 195.255524][ T7971] exFAT-fs (nullb0): failed to recognize exfat type [ 196.038373][ T7998] binder: 7997:7998 unknown command 0 [ 196.043965][ T7998] binder: 7997:7998 ioctl c0306201 200000000540 returned -22 [ 196.923780][ T8031] netlink: 'syz.1.756': attribute type 4 has an invalid length. [ 196.962363][ T8031] netlink: 'syz.1.756': attribute type 4 has an invalid length. [ 196.984181][ T8034] FAULT_INJECTION: forcing a failure. [ 196.984181][ T8034] name failslab, interval 1, probability 0, space 0, times 0 [ 197.001296][ T8034] CPU: 0 UID: 0 PID: 8034 Comm: syz.0.757 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 197.001326][ T8034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 197.001339][ T8034] Call Trace: [ 197.001348][ T8034] [ 197.001357][ T8034] dump_stack_lvl+0x189/0x250 [ 197.001385][ T8034] ? __pfx____ratelimit+0x10/0x10 [ 197.001412][ T8034] ? __pfx_dump_stack_lvl+0x10/0x10 [ 197.001434][ T8034] ? __pfx__printk+0x10/0x10 [ 197.001464][ T8034] ? __pfx___might_resched+0x10/0x10 [ 197.001484][ T8034] ? fs_reclaim_acquire+0x7d/0x100 [ 197.001517][ T8034] should_fail_ex+0x414/0x560 [ 197.001554][ T8034] should_failslab+0xa8/0x100 [ 197.001580][ T8034] kmem_cache_alloc_noprof+0x73/0x3c0 [ 197.001620][ T8034] ? __kernfs_new_node+0xd7/0x7e0 [ 197.001650][ T8034] ? iommufd_fops_ioctl+0x45e/0x580 [ 197.001674][ T8034] __kernfs_new_node+0xd7/0x7e0 [ 197.001704][ T8034] ? __lock_acquire+0xab9/0xd20 [ 197.001742][ T8034] ? __pfx___kernfs_new_node+0x10/0x10 [ 197.001774][ T8034] ? kernfs_root+0x1c/0x230 [ 197.001811][ T8034] ? kernfs_root+0x1c/0x230 [ 197.001840][ T8034] ? kernfs_root+0x1c/0x230 [ 197.001867][ T8034] ? kernfs_root+0x1c/0x230 [ 197.001902][ T8034] kernfs_new_node+0x102/0x210 [ 197.001938][ T8034] kernfs_create_link+0xa7/0x200 [ 197.001967][ T8034] sysfs_do_create_link_sd+0x83/0x110 [ 197.002008][ T8034] iommu_group_alloc_device+0xb0/0x370 [ 197.002034][ T8034] ? iommu_group_alloc+0x314/0x3a0 [ 197.002060][ T8034] __iommu_probe_device+0x899/0x11f0 [ 197.002093][ T8034] iommu_bus_notifier+0x87/0x2c0 [ 197.002118][ T8034] notifier_call_chain+0x1b3/0x3e0 [ 197.002149][ T8034] blocking_notifier_call_chain+0x6a/0x90 [ 197.002173][ T8034] bus_notify+0x143/0x180 [ 197.002208][ T8034] device_add+0x54d/0xb50 [ 197.002234][ T8034] iommufd_test+0x2f95/0x5170 [ 197.002273][ T8034] ? __pfx_iommufd_test+0x10/0x10 [ 197.002301][ T8034] ? __lock_acquire+0xab9/0xd20 [ 197.002340][ T8034] ? __might_fault+0xb0/0x130 [ 197.002382][ T8034] iommufd_fops_ioctl+0x45e/0x580 [ 197.002408][ T8034] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 197.002432][ T8034] ? __fget_files+0x2a/0x420 [ 197.002465][ T8034] ? __fget_files+0x2a/0x420 [ 197.002495][ T8034] ? bpf_lsm_file_ioctl+0x9/0x20 [ 197.002513][ T8034] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 197.002532][ T8034] __se_sys_ioctl+0xfc/0x170 [ 197.002556][ T8034] do_syscall_64+0xfa/0x3b0 [ 197.002580][ T8034] ? lockdep_hardirqs_on+0x9c/0x150 [ 197.002602][ T8034] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 197.002621][ T8034] ? clear_bhb_loop+0x60/0xb0 [ 197.002645][ T8034] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 197.002663][ T8034] RIP: 0033:0x7fe28318e929 [ 197.002681][ T8034] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 197.002698][ T8034] RSP: 002b:00007fe283f40038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 197.002720][ T8034] RAX: ffffffffffffffda RBX: 00007fe2833b5fa0 RCX: 00007fe28318e929 [ 197.002734][ T8034] RDX: 00002000000002c0 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 197.002748][ T8034] RBP: 00007fe283f40090 R08: 0000000000000000 R09: 0000000000000000 [ 197.002760][ T8034] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 197.002771][ T8034] R13: 0000000000000000 R14: 00007fe2833b5fa0 R15: 00007fff368aae78 [ 197.002801][ T8034] [ 197.002834][ T8034] iommufd_mock iommufd_mock0: Failed to add to iommu group 0: -12 [ 197.033804][ T8037] netlink: 'syz.1.756': attribute type 4 has an invalid length. [ 197.123261][ T8030] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 197.180951][ T8031] workqueue: Failed to create a rescuer kthread for wq "xfs-reclaim/rnullb0": -EINTR [ 197.525614][ T8048] XFS (rnullb0): Invalid superblock magic number [ 197.713413][ T8061] netlink: 8 bytes leftover after parsing attributes in process `syz.2.763'. [ 198.667936][ T8068] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 198.674777][ T8068] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 198.683194][ T8068] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 198.689924][ T8068] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 199.819458][ T8112] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 199.833921][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.840210][ T8112] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 199.840559][ T8112] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 199.858985][ T8112] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 200.519537][ T8134] /dev/rnullb0: Can't open blockdev [ 200.686424][ T8139] /dev/rnullb0: Can't open blockdev [ 200.778586][ T8143] netlink: 4 bytes leftover after parsing attributes in process `syz.3.795'. [ 200.788516][ T8143] netlink: 4 bytes leftover after parsing attributes in process `syz.3.795'. [ 200.811765][ T8143] netlink: 4416 bytes leftover after parsing attributes in process `syz.3.795'. [ 201.689903][ T8180] netlink: 'syz.2.808': attribute type 29 has an invalid length. [ 201.698167][ T8179] netlink: 'syz.2.808': attribute type 29 has an invalid length. [ 201.749496][ T5846] Bluetooth: hci1: command 0x0c1a tx timeout [ 201.919580][ T5846] Bluetooth: hci3: command 0x0c1a tx timeout [ 201.925670][ T5846] Bluetooth: hci0: command 0x0c1a tx timeout [ 201.932858][ T5843] Bluetooth: hci2: command 0x0c1a tx timeout [ 202.220827][ T8201] syz.2.817: attempt to access beyond end of device [ 202.220827][ T8201] nbd2: rw=0, sector=1, nr_sectors = 1 limit=0 [ 202.220949][ T8201] qnx4: unable to read the superblock [ 202.238550][ T8202] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 202.388187][ T8206] netlink: 12 bytes leftover after parsing attributes in process `syz.2.818'. [ 202.630452][ T8211] /dev/rnullb0: Can't open blockdev [ 203.062371][ T8219] Invalid logical block size (67108864) [ 204.261666][ T8258] netlink: 8 bytes leftover after parsing attributes in process `syz.1.839'. [ 204.572812][ T8272] netlink: 28 bytes leftover after parsing attributes in process `syz.3.843'. [ 205.772070][ T8291] netlink: 8 bytes leftover after parsing attributes in process `syz.1.852'. [ 206.993263][ T8308] netlink: 12 bytes leftover after parsing attributes in process `syz.2.858'. [ 207.301960][ T8323] netlink: 232 bytes leftover after parsing attributes in process `syz.3.865'. [ 207.675432][ T8338] Mount JFS Failure: -22 [ 208.339202][ T8358] FAULT_INJECTION: forcing a failure. [ 208.339202][ T8358] name failslab, interval 1, probability 0, space 0, times 0 [ 208.379531][ T8358] CPU: 1 UID: 0 PID: 8358 Comm: syz.1.874 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 208.379560][ T8358] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 208.379573][ T8358] Call Trace: [ 208.379581][ T8358] [ 208.379591][ T8358] dump_stack_lvl+0x189/0x250 [ 208.379620][ T8358] ? __pfx____ratelimit+0x10/0x10 [ 208.379650][ T8358] ? __pfx_dump_stack_lvl+0x10/0x10 [ 208.379686][ T8358] ? __pfx__printk+0x10/0x10 [ 208.379715][ T8358] ? __pfx___might_resched+0x10/0x10 [ 208.379733][ T8358] ? fs_reclaim_acquire+0x7d/0x100 [ 208.379763][ T8358] should_fail_ex+0x414/0x560 [ 208.379797][ T8358] should_failslab+0xa8/0x100 [ 208.379823][ T8358] __kmalloc_cache_noprof+0x70/0x3d0 [ 208.379845][ T8358] ? snd_timer_instance_new+0x51/0x220 [ 208.379880][ T8358] snd_timer_instance_new+0x51/0x220 [ 208.379911][ T8358] snd_seq_timer_open+0x237/0x5f0 [ 208.379945][ T8358] ? __pfx_snd_seq_timer_open+0x10/0x10 [ 208.379969][ T8358] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 208.379995][ T8358] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 208.380016][ T8358] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 208.380049][ T8358] snd_seq_queue_alloc+0x407/0x790 [ 208.380083][ T8358] snd_seq_ioctl_create_queue+0x7f/0x3c0 [ 208.380125][ T8358] snd_seq_oss_open+0x5e0/0xea0 [ 208.380165][ T8358] ? __pfx_snd_seq_oss_open+0x10/0x10 [ 208.380208][ T8358] ? __lock_acquire+0xab9/0xd20 [ 208.380258][ T8358] ? rcu_is_watching+0x15/0xb0 [ 208.380278][ T8358] ? trace_contention_end+0x39/0x120 [ 208.380319][ T8358] ? __pfx___mutex_lock+0x10/0x10 [ 208.380349][ T8358] ? __pfx_snd_seq_oss_event_input+0x10/0x10 [ 208.380367][ T8358] ? __pfx_free_devinfo+0x10/0x10 [ 208.380384][ T8358] ? do_raw_spin_unlock+0x122/0x240 [ 208.380412][ T8358] ? soundcore_open+0x2da/0x490 [ 208.380433][ T8358] odev_open+0x67/0xa0 [ 208.380462][ T8358] chrdev_open+0x4cc/0x5e0 [ 208.380492][ T8358] ? __pfx_chrdev_open+0x10/0x10 [ 208.380528][ T8358] ? __pfx_chrdev_open+0x10/0x10 [ 208.380553][ T8358] do_dentry_open+0xdf3/0x1970 [ 208.380599][ T8358] vfs_open+0x3b/0x340 [ 208.380626][ T8358] ? path_openat+0x2ecd/0x3830 [ 208.380667][ T8358] path_openat+0x2ee5/0x3830 [ 208.380686][ T8358] ? arch_stack_walk+0xfc/0x150 [ 208.380731][ T8358] ? __lock_acquire+0xab9/0xd20 [ 208.380769][ T8358] ? __pfx_path_openat+0x10/0x10 [ 208.380787][ T8358] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 208.380829][ T8358] do_filp_open+0x1fa/0x410 [ 208.380849][ T8358] ? __lock_acquire+0xab9/0xd20 [ 208.380879][ T8358] ? __pfx_do_filp_open+0x10/0x10 [ 208.380943][ T8358] ? _raw_spin_unlock+0x28/0x50 [ 208.380962][ T8358] ? alloc_fd+0x64c/0x6c0 [ 208.381002][ T8358] do_sys_openat2+0x121/0x1c0 [ 208.381024][ T8358] ? __pfx_do_sys_openat2+0x10/0x10 [ 208.381045][ T8358] ? exc_page_fault+0x76/0xf0 [ 208.381072][ T8358] ? do_user_addr_fault+0xc8a/0x1390 [ 208.381110][ T8358] __x64_sys_openat+0x138/0x170 [ 208.381136][ T8358] do_syscall_64+0xfa/0x3b0 [ 208.381160][ T8358] ? lockdep_hardirqs_on+0x9c/0x150 [ 208.381184][ T8358] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 208.381204][ T8358] ? clear_bhb_loop+0x60/0xb0 [ 208.381229][ T8358] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 208.381248][ T8358] RIP: 0033:0x7f63c558d290 [ 208.381266][ T8358] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 208.381284][ T8358] RSP: 002b:00007f63c634eb70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 208.381305][ T8358] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f63c558d290 [ 208.381320][ T8358] RDX: 0000000000000000 RSI: 00007f63c634ec10 RDI: 00000000ffffff9c [ 208.381333][ T8358] RBP: 00007f63c634ec10 R08: 0000000000000000 R09: 007265636e657571 [ 208.381346][ T8358] R10: 0000000000000000 R11: 0000000000000293 R12: cccccccccccccccd [ 208.381359][ T8358] R13: 0000000000000000 R14: 00007f63c57b5fa0 R15: 00007ffdceb5a768 [ 208.381392][ T8358] [ 208.769335][ C1] vkms_vblank_simulate: vblank timer overrun [ 208.866168][ T8363] efs: device does not support 512 byte blocks [ 208.912489][ T8363] device does not support 512 byte blocks [ 208.912489][ T8363] [ 209.138698][ T8375] exFAT-fs (nullb0): invalid boot record signature [ 209.156923][ T8375] exFAT-fs (nullb0): failed to read boot sector [ 209.172682][ T8375] exFAT-fs (nullb0): failed to recognize exfat type [ 210.512061][ T8402] FAULT_INJECTION: forcing a failure. [ 210.512061][ T8402] name failslab, interval 1, probability 0, space 0, times 0 [ 210.524907][ T8402] CPU: 1 UID: 0 PID: 8402 Comm: syz.2.891 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 210.524936][ T8402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 210.524949][ T8402] Call Trace: [ 210.524957][ T8402] [ 210.524966][ T8402] dump_stack_lvl+0x189/0x250 [ 210.524994][ T8402] ? __pfx____ratelimit+0x10/0x10 [ 210.525020][ T8402] ? __pfx_dump_stack_lvl+0x10/0x10 [ 210.525042][ T8402] ? __pfx__printk+0x10/0x10 [ 210.525070][ T8402] ? __pfx___might_resched+0x10/0x10 [ 210.525088][ T8402] ? fs_reclaim_acquire+0x7d/0x100 [ 210.525119][ T8402] should_fail_ex+0x414/0x560 [ 210.525154][ T8402] should_failslab+0xa8/0x100 [ 210.525180][ T8402] __kmalloc_node_track_caller_noprof+0xcc/0x4e0 [ 210.525204][ T8402] ? kasprintf+0xd4/0x120 [ 210.525228][ T8402] kvasprintf+0xdc/0x190 [ 210.525249][ T8402] ? __pfx_kvasprintf+0x10/0x10 [ 210.525282][ T8402] kasprintf+0xd4/0x120 [ 210.525308][ T8402] ? __pfx_kasprintf+0x10/0x10 [ 210.525329][ T8402] ? kernfs_create_link+0x187/0x200 [ 210.525362][ T8402] iommu_group_alloc_device+0xf2/0x370 [ 210.525389][ T8402] ? iommu_group_alloc+0x314/0x3a0 [ 210.525415][ T8402] __iommu_probe_device+0x899/0x11f0 [ 210.525448][ T8402] iommu_bus_notifier+0x87/0x2c0 [ 210.525473][ T8402] notifier_call_chain+0x1b3/0x3e0 [ 210.525502][ T8402] blocking_notifier_call_chain+0x6a/0x90 [ 210.525527][ T8402] bus_notify+0x143/0x180 [ 210.525569][ T8402] device_add+0x54d/0xb50 [ 210.525594][ T8402] iommufd_test+0x2f95/0x5170 [ 210.525641][ T8402] ? __pfx_iommufd_test+0x10/0x10 [ 210.525687][ T8402] ? __lock_acquire+0xab9/0xd20 [ 210.525730][ T8402] ? __might_fault+0xb0/0x130 [ 210.525777][ T8402] iommufd_fops_ioctl+0x45e/0x580 [ 210.525812][ T8402] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 210.525838][ T8402] ? __fget_files+0x2a/0x420 [ 210.525874][ T8402] ? __fget_files+0x2a/0x420 [ 210.525906][ T8402] ? bpf_lsm_file_ioctl+0x9/0x20 [ 210.525926][ T8402] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 210.525947][ T8402] __se_sys_ioctl+0xfc/0x170 [ 210.525973][ T8402] do_syscall_64+0xfa/0x3b0 [ 210.526004][ T8402] ? lockdep_hardirqs_on+0x9c/0x150 [ 210.526039][ T8402] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 210.526060][ T8402] ? clear_bhb_loop+0x60/0xb0 [ 210.526086][ T8402] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 210.526105][ T8402] RIP: 0033:0x7fbadf78e929 [ 210.526122][ T8402] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 210.526153][ T8402] RSP: 002b:00007fbae05f9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 210.526175][ T8402] RAX: ffffffffffffffda RBX: 00007fbadf9b5fa0 RCX: 00007fbadf78e929 [ 210.526190][ T8402] RDX: 00002000000002c0 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 210.526203][ T8402] RBP: 00007fbae05f9090 R08: 0000000000000000 R09: 0000000000000000 [ 210.526216][ T8402] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 210.526229][ T8402] R13: 0000000000000000 R14: 00007fbadf9b5fa0 R15: 00007ffd789799f8 [ 210.526261][ T8402] [ 210.526344][ T8402] iommufd_mock iommufd_mock0: Failed to add to iommu group 0: -12 [ 211.436274][ T8411] /dev/rnullb0: Can't open blockdev [ 212.639264][ T8426] netlink: 4 bytes leftover after parsing attributes in process `syz.1.901'. [ 212.863838][ T8436] /dev/rnullb0: Can't open blockdev [ 213.318117][ T8449] input: syz0 as /devices/virtual/input/input5 [ 213.830564][ T8464] FAULT_INJECTION: forcing a failure. [ 213.830564][ T8464] name failslab, interval 1, probability 0, space 0, times 0 [ 213.846398][ T8464] CPU: 1 UID: 0 PID: 8464 Comm: syz.3.918 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 213.846424][ T8464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 213.846437][ T8464] Call Trace: [ 213.846445][ T8464] [ 213.846454][ T8464] dump_stack_lvl+0x189/0x250 [ 213.846481][ T8464] ? __pfx____ratelimit+0x10/0x10 [ 213.846506][ T8464] ? __pfx_dump_stack_lvl+0x10/0x10 [ 213.846527][ T8464] ? __pfx__printk+0x10/0x10 [ 213.846557][ T8464] ? __pfx___might_resched+0x10/0x10 [ 213.846573][ T8464] ? fs_reclaim_acquire+0x7d/0x100 [ 213.846598][ T8464] should_fail_ex+0x414/0x560 [ 213.846628][ T8464] should_failslab+0xa8/0x100 [ 213.846650][ T8464] __kmalloc_cache_noprof+0x70/0x3d0 [ 213.846668][ T8464] ? nf_tables_newtable+0x435/0x1890 [ 213.846691][ T8464] ? nla_strcmp+0x106/0x140 [ 213.846710][ T8464] nf_tables_newtable+0x435/0x1890 [ 213.846733][ T8464] ? nfnl_pernet+0x21/0x240 [ 213.846763][ T8464] nfnetlink_rcv+0x112f/0x2520 [ 213.846804][ T8464] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 213.846833][ T8464] ? ref_tracker_free+0x63a/0x7d0 [ 213.846873][ T8464] ? __netlink_deliver_tap+0x807/0x850 [ 213.846901][ T8464] ? netlink_deliver_tap+0x2e/0x1b0 [ 213.846921][ T8464] ? netlink_deliver_tap+0x2e/0x1b0 [ 213.846948][ T8464] netlink_unicast+0x758/0x8d0 [ 213.846976][ T8464] netlink_sendmsg+0x805/0xb30 [ 213.847005][ T8464] ? __pfx_netlink_sendmsg+0x10/0x10 [ 213.847030][ T8464] ? aa_sock_msg_perm+0xf1/0x1d0 [ 213.847049][ T8464] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 213.847072][ T8464] ? __pfx_netlink_sendmsg+0x10/0x10 [ 213.847094][ T8464] __sock_sendmsg+0x21c/0x270 [ 213.847116][ T8464] ____sys_sendmsg+0x505/0x830 [ 213.847145][ T8464] ? __pfx_____sys_sendmsg+0x10/0x10 [ 213.847177][ T8464] ? import_iovec+0x74/0xa0 [ 213.847205][ T8464] ___sys_sendmsg+0x21f/0x2a0 [ 213.847231][ T8464] ? __pfx____sys_sendmsg+0x10/0x10 [ 213.847285][ T8464] ? __fget_files+0x2a/0x420 [ 213.847307][ T8464] ? __fget_files+0x3a0/0x420 [ 213.847337][ T8464] __x64_sys_sendmsg+0x19b/0x260 [ 213.847365][ T8464] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 213.847397][ T8464] ? __pfx_ksys_write+0x10/0x10 [ 213.847421][ T8464] ? do_syscall_64+0xbe/0x3b0 [ 213.847445][ T8464] do_syscall_64+0xfa/0x3b0 [ 213.847464][ T8464] ? lockdep_hardirqs_on+0x9c/0x150 [ 213.847483][ T8464] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 213.847499][ T8464] ? clear_bhb_loop+0x60/0xb0 [ 213.847519][ T8464] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 213.847534][ T8464] RIP: 0033:0x7f1d7818e929 [ 213.847556][ T8464] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 213.847570][ T8464] RSP: 002b:00007f1d78fc6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 213.847588][ T8464] RAX: ffffffffffffffda RBX: 00007f1d783b5fa0 RCX: 00007f1d7818e929 [ 213.847600][ T8464] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003 [ 213.847610][ T8464] RBP: 00007f1d78fc6090 R08: 0000000000000000 R09: 0000000000000000 [ 213.847619][ T8464] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 213.847628][ T8464] R13: 0000000000000000 R14: 00007f1d783b5fa0 R15: 00007ffc19e208a8 [ 213.847651][ T8464] [ 216.709419][ T5846] Bluetooth: hci1: command 0x0c1a tx timeout [ 216.716534][ T8473] Bluetooth: hci1: Opcode 0x0c1a failed: -110 [ 217.377692][ T8473] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 217.384022][ T8473] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 217.391491][ T8473] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 217.525074][ T8495] process 'syz.2.927' launched './file2' with NULL argv: empty string added [ 218.799672][ T5846] Bluetooth: hci2: command 0x0c1a tx timeout [ 219.416944][ T8532] netlink: 8 bytes leftover after parsing attributes in process `syz.3.944'. [ 219.429572][ T5843] Bluetooth: hci0: command 0x0c1a tx timeout [ 219.435848][ T5846] Bluetooth: hci3: command 0x0c1a tx timeout [ 219.540003][ T8536] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 220.145636][ T8551] MTD: Attempt to mount non-MTD device "/dev/rnullb0" [ 220.154284][ T8551] VFS: Can't find a romfs filesystem on dev rnullb0. [ 220.154284][ T8551] [ 220.264626][ T8553] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 220.275950][ T8553] netlink: 'syz.3.953': attribute type 3 has an invalid length. [ 220.283924][ T8553] netlink: 132 bytes leftover after parsing attributes in process `syz.3.953'. [ 221.496334][ T8569] UDF-fs: warning (device rnullb0): udf_load_vrs: No VRS found [ 221.526576][ T8569] UDF-fs: Scanning with blocksize 4096 failed [ 221.591362][ T8572] netlink: 8 bytes leftover after parsing attributes in process `syz.3.959'. [ 221.716055][ T8570] netlink: 48 bytes leftover after parsing attributes in process `syz.1.958'. [ 221.725112][ T8570] netlink: 48 bytes leftover after parsing attributes in process `syz.1.958'. [ 222.307879][ T8608] /dev/sg0: Can't lookup blockdev [ 225.548038][ T8671] netlink: 4 bytes leftover after parsing attributes in process `syz.2.998'. [ 225.887577][ T8681] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(11) [ 225.894332][ T8681] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 225.905271][ T8681] vhci_hcd vhci_hcd.0: Device attached [ 225.914879][ T8681] vhci_hcd vhci_hcd.0: pdev(1) rhport(1) sockfd(13) [ 225.921482][ T8681] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 225.932242][ T8681] vhci_hcd vhci_hcd.0: Device attached [ 226.149656][ T6861] usb 35-1: new high-speed USB device number 2 using vhci_hcd [ 226.916396][ T8700] sp0: Synchronizing with TNC [ 227.232582][ T8707] netlink: 'syz.0.1012': attribute type 1 has an invalid length. [ 227.246624][ T8707] qnx4: no qnx4 filesystem (no root dir). [ 228.925625][ T8684] vhci_hcd: connection closed [ 228.929869][ T8682] vhci_hcd: connection reset by peer [ 228.950216][ T12] vhci_hcd: stop threads [ 228.972095][ T12] vhci_hcd: release socket [ 228.981277][ T12] vhci_hcd: disconnect device [ 228.992662][ T12] vhci_hcd: stop threads [ 229.006313][ T12] vhci_hcd: release socket [ 229.022068][ T12] vhci_hcd: disconnect device [ 230.529066][ T8793] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 230.666553][ T8798] hpfs: Bad magic ... probably not HPFS [ 230.727140][ T8800] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1051'. [ 230.987769][ T8813] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1056'. [ 230.997429][ T8815] FAT-fs (rnullb0): bogus number of reserved sectors [ 230.997465][ T8815] FAT-fs (rnullb0): Can't find a valid FAT filesystem [ 231.259564][ T6861] vhci_hcd: vhci_device speed not set [ 231.547445][ T8840] UDF-fs: warning (device rnullb0): udf_load_vrs: No VRS found [ 231.555447][ T8840] UDF-fs: Scanning with blocksize 4096 failed [ 231.703942][ T8845] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1071'. [ 231.755268][ T8847] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1072'. [ 232.332271][ T8867] FAULT_INJECTION: forcing a failure. [ 232.332271][ T8867] name failslab, interval 1, probability 0, space 0, times 0 [ 232.345061][ T8867] CPU: 0 UID: 0 PID: 8867 Comm: syz.3.1079 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 232.345088][ T8867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 232.345101][ T8867] Call Trace: [ 232.345110][ T8867] [ 232.345119][ T8867] dump_stack_lvl+0x189/0x250 [ 232.345149][ T8867] ? __pfx____ratelimit+0x10/0x10 [ 232.345173][ T8867] ? __pfx_dump_stack_lvl+0x10/0x10 [ 232.345190][ T8867] ? __pfx__printk+0x10/0x10 [ 232.345208][ T8867] ? __pfx___might_resched+0x10/0x10 [ 232.345223][ T8867] ? fs_reclaim_acquire+0x7d/0x100 [ 232.345246][ T8867] should_fail_ex+0x414/0x560 [ 232.345272][ T8867] should_failslab+0xa8/0x100 [ 232.345291][ T8867] __kmalloc_noprof+0xcb/0x4f0 [ 232.345307][ T8867] ? fib6_info_alloc+0x30/0xf0 [ 232.345328][ T8867] fib6_info_alloc+0x30/0xf0 [ 232.345347][ T8867] ip6_route_info_create+0x142/0x860 [ 232.345373][ T8867] ip6_route_add+0x49/0x1b0 [ 232.345395][ T8867] addrconf_add_dev+0x24f/0x340 [ 232.345415][ T8867] ? __pfx_addrconf_add_dev+0x10/0x10 [ 232.345445][ T8867] ? __lock_acquire+0xab9/0xd20 [ 232.345477][ T8867] addrconf_init_auto_addrs+0x590/0xbb0 [ 232.345501][ T8867] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 232.345515][ T8867] ? __pfx_addrconf_init_auto_addrs+0x10/0x10 [ 232.345536][ T8867] ? addrconf_permanent_addr+0x917/0x9d0 [ 232.345560][ T8867] ? addrconf_permanent_addr+0x917/0x9d0 [ 232.345583][ T8867] ? addrconf_permanent_addr+0x917/0x9d0 [ 232.345612][ T8867] ? __pfx_addrconf_permanent_addr+0x10/0x10 [ 232.345637][ T8867] ? __mutex_unlock_slowpath+0x1cd/0x700 [ 232.345659][ T8867] ? __pfx___mutex_lock+0x10/0x10 [ 232.345678][ T8867] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 232.345696][ T8867] ? tls_dev_event+0x717/0xec0 [ 232.345721][ T8867] ? addrconf_link_ready+0x112/0x170 [ 232.345752][ T8867] addrconf_notify+0xacc/0x1010 [ 232.345791][ T8867] notifier_call_chain+0x1b3/0x3e0 [ 232.345811][ T8867] __dev_notify_flags+0x18d/0x2e0 [ 232.345835][ T8867] ? __pfx___dev_notify_flags+0x10/0x10 [ 232.345854][ T8867] ? __dev_change_flags+0x4cc/0x6d0 [ 232.345878][ T8867] ? __pfx___dev_change_flags+0x10/0x10 [ 232.345898][ T8867] ? devinet_ioctl+0x323/0x1b50 [ 232.345920][ T8867] ? __pfx___mutex_lock+0x10/0x10 [ 232.345941][ T8867] netif_change_flags+0xe8/0x1a0 [ 232.345966][ T8867] dev_change_flags+0x130/0x260 [ 232.345997][ T8867] devinet_ioctl+0xbb4/0x1b50 [ 232.346027][ T8867] ? __pfx_devinet_ioctl+0x10/0x10 [ 232.346051][ T8867] ? get_user_ifreq+0x12c/0x180 [ 232.346067][ T8867] inet_ioctl+0x3c0/0x4c0 [ 232.346084][ T8867] ? __pfx_inet_ioctl+0x10/0x10 [ 232.346114][ T8867] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 232.346140][ T8867] ? packet_ioctl+0x254/0x350 [ 232.346163][ T8867] sock_do_ioctl+0xdc/0x300 [ 232.346180][ T8867] ? __pfx_sock_do_ioctl+0x10/0x10 [ 232.346216][ T8867] ? __lock_acquire+0xab9/0xd20 [ 232.346264][ T8867] sock_ioctl+0x576/0x790 [ 232.346280][ T8867] ? __pfx_sock_ioctl+0x10/0x10 [ 232.346296][ T8867] ? __fget_files+0x2a/0x420 [ 232.346316][ T8867] ? __fget_files+0x3a0/0x420 [ 232.346334][ T8867] ? __fget_files+0x2a/0x420 [ 232.346356][ T8867] ? bpf_lsm_file_ioctl+0x9/0x20 [ 232.346370][ T8867] ? __pfx_sock_ioctl+0x10/0x10 [ 232.346384][ T8867] __se_sys_ioctl+0xfc/0x170 [ 232.346402][ T8867] do_syscall_64+0xfa/0x3b0 [ 232.346420][ T8867] ? lockdep_hardirqs_on+0x9c/0x150 [ 232.346437][ T8867] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 232.346451][ T8867] ? clear_bhb_loop+0x60/0xb0 [ 232.346468][ T8867] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 232.346482][ T8867] RIP: 0033:0x7f1d7818e929 [ 232.346496][ T8867] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 232.346508][ T8867] RSP: 002b:00007f1d78fc6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 232.346523][ T8867] RAX: ffffffffffffffda RBX: 00007f1d783b5fa0 RCX: 00007f1d7818e929 [ 232.346534][ T8867] RDX: 0000200000000180 RSI: 0000000000008914 RDI: 0000000000000004 [ 232.346543][ T8867] RBP: 00007f1d78fc6090 R08: 0000000000000000 R09: 0000000000000000 [ 232.346553][ T8867] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 232.346561][ T8867] R13: 0000000000000000 R14: 00007f1d783b5fa0 R15: 00007ffc19e208a8 [ 232.346583][ T8867] [ 233.083147][ T8883] netlink: 232 bytes leftover after parsing attributes in process `syz.1.1084'. [ 233.654440][ T8900] FAULT_INJECTION: forcing a failure. [ 233.654440][ T8900] name failslab, interval 1, probability 0, space 0, times 0 [ 233.669548][ T8900] CPU: 0 UID: 0 PID: 8900 Comm: syz.2.1091 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 233.669576][ T8900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 233.669588][ T8900] Call Trace: [ 233.669595][ T8900] [ 233.669604][ T8900] dump_stack_lvl+0x189/0x250 [ 233.669632][ T8900] ? __pfx____ratelimit+0x10/0x10 [ 233.669657][ T8900] ? __pfx_dump_stack_lvl+0x10/0x10 [ 233.669679][ T8900] ? __pfx__printk+0x10/0x10 [ 233.669707][ T8900] ? __pfx___might_resched+0x10/0x10 [ 233.669733][ T8900] should_fail_ex+0x414/0x560 [ 233.669768][ T8900] should_failslab+0xa8/0x100 [ 233.669795][ T8900] __kmalloc_cache_noprof+0x70/0x3d0 [ 233.669817][ T8900] ? snd_seq_oss_readq_new+0x51/0x250 [ 233.669847][ T8900] snd_seq_oss_readq_new+0x51/0x250 [ 233.669874][ T8900] snd_seq_oss_open+0x770/0xea0 [ 233.669915][ T8900] ? __pfx_snd_seq_oss_open+0x10/0x10 [ 233.669965][ T8900] ? __lock_acquire+0xab9/0xd20 [ 233.670018][ T8900] ? rcu_is_watching+0x15/0xb0 [ 233.670038][ T8900] ? trace_contention_end+0x39/0x120 [ 233.670080][ T8900] ? __pfx___mutex_lock+0x10/0x10 [ 233.670111][ T8900] ? __pfx_snd_seq_oss_event_input+0x10/0x10 [ 233.670130][ T8900] ? __pfx_free_devinfo+0x10/0x10 [ 233.670147][ T8900] ? do_raw_spin_unlock+0x122/0x240 [ 233.670176][ T8900] ? soundcore_open+0x2da/0x490 [ 233.670197][ T8900] odev_open+0x67/0xa0 [ 233.670227][ T8900] chrdev_open+0x4cc/0x5e0 [ 233.670257][ T8900] ? __pfx_chrdev_open+0x10/0x10 [ 233.670293][ T8900] ? __pfx_chrdev_open+0x10/0x10 [ 233.670319][ T8900] do_dentry_open+0xdf3/0x1970 [ 233.670366][ T8900] vfs_open+0x3b/0x340 [ 233.670393][ T8900] ? path_openat+0x2ecd/0x3830 [ 233.670417][ T8900] path_openat+0x2ee5/0x3830 [ 233.670437][ T8900] ? arch_stack_walk+0xfc/0x150 [ 233.670495][ T8900] ? __pfx_path_openat+0x10/0x10 [ 233.670514][ T8900] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 233.670555][ T8900] do_filp_open+0x1fa/0x410 [ 233.670574][ T8900] ? __lock_acquire+0xab9/0xd20 [ 233.670605][ T8900] ? __pfx_do_filp_open+0x10/0x10 [ 233.670650][ T8900] ? _raw_spin_unlock+0x28/0x50 [ 233.670670][ T8900] ? alloc_fd+0x64c/0x6c0 [ 233.670716][ T8900] do_sys_openat2+0x121/0x1c0 [ 233.670739][ T8900] ? __pfx_do_sys_openat2+0x10/0x10 [ 233.670758][ T8900] ? exc_page_fault+0x76/0xf0 [ 233.670786][ T8900] ? do_user_addr_fault+0xc8a/0x1390 [ 233.670818][ T8900] __x64_sys_openat+0x138/0x170 [ 233.670843][ T8900] do_syscall_64+0xfa/0x3b0 [ 233.670867][ T8900] ? lockdep_hardirqs_on+0x9c/0x150 [ 233.670890][ T8900] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 233.670910][ T8900] ? clear_bhb_loop+0x60/0xb0 [ 233.670934][ T8900] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 233.670970][ T8900] RIP: 0033:0x7fbadf78d290 [ 233.670988][ T8900] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 233.671005][ T8900] RSP: 002b:00007fbae05f8b70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 233.671025][ T8900] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fbadf78d290 [ 233.671039][ T8900] RDX: 0000000000000000 RSI: 00007fbae05f8c10 RDI: 00000000ffffff9c [ 233.671070][ T8900] RBP: 00007fbae05f8c10 R08: 0000000000000000 R09: 007265636e657571 [ 233.671085][ T8900] R10: 0000000000000000 R11: 0000000000000293 R12: cccccccccccccccd [ 233.671097][ T8900] R13: 0000000000000000 R14: 00007fbadf9b5fa0 R15: 00007ffd789799f8 [ 233.671130][ T8900] [ 234.155640][ T8904] ntfs3(rnullb0): Primary boot signature is not NTFS. [ 234.164723][ T8904] ntfs3(rnullb0): Alternative boot signature is not NTFS. [ 234.566789][ T8914] exFAT-fs (nullb0): invalid boot record signature [ 234.573910][ T8914] exFAT-fs (nullb0): failed to read boot sector [ 234.583292][ T8914] exFAT-fs (nullb0): failed to recognize exfat type [ 234.777218][ T8922] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 234.785797][ T8922] FAULT_INJECTION: forcing a failure. [ 234.785797][ T8922] name failslab, interval 1, probability 0, space 0, times 0 [ 234.798881][ T8922] CPU: 1 UID: 0 PID: 8922 Comm: syz.0.1102 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 234.798908][ T8922] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 234.798920][ T8922] Call Trace: [ 234.798946][ T8922] [ 234.798955][ T8922] dump_stack_lvl+0x189/0x250 [ 234.798982][ T8922] ? __pfx____ratelimit+0x10/0x10 [ 234.799008][ T8922] ? __pfx_dump_stack_lvl+0x10/0x10 [ 234.799030][ T8922] ? __pfx__printk+0x10/0x10 [ 234.799059][ T8922] ? __pfx___might_resched+0x10/0x10 [ 234.799084][ T8922] should_fail_ex+0x414/0x560 [ 234.799120][ T8922] should_failslab+0xa8/0x100 [ 234.799146][ T8922] __kmalloc_cache_noprof+0x70/0x3d0 [ 234.799169][ T8922] ? kobject_uevent_env+0x27c/0x8c0 [ 234.799202][ T8922] ? __pfx_dev_uevent_name+0x10/0x10 [ 234.799229][ T8922] kobject_uevent_env+0x27c/0x8c0 [ 234.799260][ T8922] ? kobject_put+0x43f/0x480 [ 234.799293][ T8922] device_add+0x557/0xb50 [ 234.799323][ T8922] iommufd_test+0x2f95/0x5170 [ 234.799363][ T8922] ? __pfx_iommufd_test+0x10/0x10 [ 234.799392][ T8922] ? __lock_acquire+0xab9/0xd20 [ 234.799434][ T8922] ? __might_fault+0xb0/0x130 [ 234.799481][ T8922] iommufd_fops_ioctl+0x45e/0x580 [ 234.799508][ T8922] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 234.799654][ T8922] ? __fget_files+0x2a/0x420 [ 234.799689][ T8922] ? __fget_files+0x2a/0x420 [ 234.799720][ T8922] ? bpf_lsm_file_ioctl+0x9/0x20 [ 234.799739][ T8922] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 234.799759][ T8922] __se_sys_ioctl+0xfc/0x170 [ 234.799782][ T8922] do_syscall_64+0xfa/0x3b0 [ 234.799805][ T8922] ? lockdep_hardirqs_on+0x9c/0x150 [ 234.799828][ T8922] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 234.799848][ T8922] ? clear_bhb_loop+0x60/0xb0 [ 234.799872][ T8922] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 234.799891][ T8922] RIP: 0033:0x7fe28318e929 [ 234.799909][ T8922] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 234.799926][ T8922] RSP: 002b:00007fe283f40038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 234.799946][ T8922] RAX: ffffffffffffffda RBX: 00007fe2833b5fa0 RCX: 00007fe28318e929 [ 234.799961][ T8922] RDX: 00002000000002c0 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 234.799974][ T8922] RBP: 00007fe283f40090 R08: 0000000000000000 R09: 0000000000000000 [ 234.799986][ T8922] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 234.799997][ T8922] R13: 0000000000000000 R14: 00007fe2833b5fa0 R15: 00007fff368aae78 [ 234.800028][ T8922] [ 235.046955][ C1] vkms_vblank_simulate: vblank timer overrun [ 235.136349][ T8924] netlink: 124 bytes leftover after parsing attributes in process `syz.2.1103'. [ 236.413262][ T8942] FAULT_INJECTION: forcing a failure. [ 236.413262][ T8942] name failslab, interval 1, probability 0, space 0, times 0 [ 236.438859][ T8942] CPU: 1 UID: 0 PID: 8942 Comm: syz.0.1110 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 236.438889][ T8942] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 236.438901][ T8942] Call Trace: [ 236.438908][ T8942] [ 236.438916][ T8942] dump_stack_lvl+0x189/0x250 [ 236.438943][ T8942] ? __pfx____ratelimit+0x10/0x10 [ 236.438967][ T8942] ? __pfx_dump_stack_lvl+0x10/0x10 [ 236.438990][ T8942] ? __pfx__printk+0x10/0x10 [ 236.439015][ T8942] ? __pfx___might_resched+0x10/0x10 [ 236.439039][ T8942] ? fs_reclaim_acquire+0x7d/0x100 [ 236.439070][ T8942] should_fail_ex+0x414/0x560 [ 236.439108][ T8942] should_failslab+0xa8/0x100 [ 236.439134][ T8942] __kmalloc_noprof+0xcb/0x4f0 [ 236.439154][ T8942] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 236.439172][ T8942] ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0 [ 236.439200][ T8942] genl_family_rcv_msg_attrs_parse+0xa3/0x2a0 [ 236.439229][ T8942] genl_family_rcv_msg_doit+0xb8/0x300 [ 236.439257][ T8942] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 236.439281][ T8942] ? rcu_is_watching+0x15/0xb0 [ 236.439305][ T8942] ? apparmor_capable+0x137/0x1b0 [ 236.439334][ T8942] ? bpf_lsm_capable+0x9/0x20 [ 236.439355][ T8942] ? security_capable+0x7e/0x2e0 [ 236.439382][ T8942] genl_rcv_msg+0x60e/0x790 [ 236.439432][ T8942] ? __pfx_genl_rcv_msg+0x10/0x10 [ 236.439449][ T8942] ? ref_tracker_free+0x63a/0x7d0 [ 236.439466][ T8942] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 236.439485][ T8942] ? __pfx_nl80211_tx_mgmt+0x10/0x10 [ 236.439510][ T8942] ? __pfx_nl80211_post_doit+0x10/0x10 [ 236.439531][ T8942] ? __pfx_ref_tracker_free+0x10/0x10 [ 236.439562][ T8942] netlink_rcv_skb+0x205/0x470 [ 236.439603][ T8942] ? __pfx_genl_rcv_msg+0x10/0x10 [ 236.439624][ T8942] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 236.439667][ T8942] ? down_read+0x1ad/0x2e0 [ 236.439696][ T8942] genl_rcv+0x28/0x40 [ 236.439712][ T8942] netlink_unicast+0x758/0x8d0 [ 236.439746][ T8942] netlink_sendmsg+0x805/0xb30 [ 236.439782][ T8942] ? __pfx_netlink_sendmsg+0x10/0x10 [ 236.439812][ T8942] ? aa_sock_msg_perm+0xf1/0x1d0 [ 236.439835][ T8942] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 236.439863][ T8942] ? __pfx_netlink_sendmsg+0x10/0x10 [ 236.439891][ T8942] __sock_sendmsg+0x21c/0x270 [ 236.439917][ T8942] ____sys_sendmsg+0x505/0x830 [ 236.439952][ T8942] ? __pfx_____sys_sendmsg+0x10/0x10 [ 236.439994][ T8942] ? import_iovec+0x74/0xa0 [ 236.440028][ T8942] ___sys_sendmsg+0x21f/0x2a0 [ 236.440060][ T8942] ? __pfx____sys_sendmsg+0x10/0x10 [ 236.440128][ T8942] ? __fget_files+0x2a/0x420 [ 236.440155][ T8942] ? __fget_files+0x3a0/0x420 [ 236.440193][ T8942] __x64_sys_sendmsg+0x19b/0x260 [ 236.440226][ T8942] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 236.440267][ T8942] ? __pfx_ksys_write+0x10/0x10 [ 236.440288][ T8942] ? rcu_is_watching+0x15/0xb0 [ 236.440313][ T8942] ? do_syscall_64+0xbe/0x3b0 [ 236.440341][ T8942] do_syscall_64+0xfa/0x3b0 [ 236.440364][ T8942] ? lockdep_hardirqs_on+0x9c/0x150 [ 236.440387][ T8942] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 236.440416][ T8942] ? clear_bhb_loop+0x60/0xb0 [ 236.440440][ T8942] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 236.440459][ T8942] RIP: 0033:0x7fe28318e929 [ 236.440477][ T8942] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 236.440494][ T8942] RSP: 002b:00007fe283f40038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 236.440515][ T8942] RAX: ffffffffffffffda RBX: 00007fe2833b5fa0 RCX: 00007fe28318e929 [ 236.440530][ T8942] RDX: 0000000000000000 RSI: 0000200000000c00 RDI: 0000000000000003 [ 236.440543][ T8942] RBP: 00007fe283f40090 R08: 0000000000000000 R09: 0000000000000000 [ 236.440555][ T8942] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 236.440566][ T8942] R13: 0000000000000000 R14: 00007fe2833b5fa0 R15: 00007fff368aae78 [ 236.440598][ T8942] [ 236.815338][ C1] vkms_vblank_simulate: vblank timer overrun [ 236.847227][ T8946] sit0: entered promiscuous mode [ 236.856533][ T8946] netlink: 'syz.3.1113': attribute type 1 has an invalid length. [ 236.864498][ T8946] netlink: 1 bytes leftover after parsing attributes in process `syz.3.1113'. [ 236.878707][ T8946] Can't find a SQUASHFS superblock on rnullb0 [ 237.031523][ T8954] 9pnet_fd: Insufficient options for proto=fd [ 237.038605][ T8954] random: crng reseeded on system resumption [ 237.262754][ T8958] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 237.388274][ T8962] sp0: Synchronizing with TNC [ 238.399278][ T8988] batadv_slave_0: entered promiscuous mode [ 238.406770][ T8988] batadv_slave_0: left promiscuous mode [ 241.284616][ T9015] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 241.362612][ T9018] XFS (rnullb0): Invalid superblock magic number [ 241.720518][ T9037] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1148'. [ 241.804953][ T9043] netlink: 'syz.0.1152': attribute type 10 has an invalid length. [ 241.824028][ T9044] netlink: 'syz.0.1152': attribute type 10 has an invalid length. [ 241.835712][ T9045] Invalid logical block size (2) [ 241.849005][ T9043] team0: Port device dummy0 added [ 241.917040][ T9044] team0: Port device dummy0 removed [ 241.954278][ T9044] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 242.014310][ T9050] syz.3.1154: attempt to access beyond end of device [ 242.014310][ T9050] loop3: rw=4096, sector=0, nr_sectors = 1 limit=0 [ 242.071665][ T9049] kvm: kvm [9047]: vcpu0, guest rIP: 0x161 Unhandled WRMSR(0xc2) = 0x400 [ 242.127313][ T9049] kvm: kvm [9047]: vcpu0, guest rIP: 0x161 Unhandled WRMSR(0xc1) = 0x400 [ 242.141350][ T9049] kvm: kvm [9047]: vcpu0, guest rIP: 0x161 Unhandled WRMSR(0xc1) = 0x400 [ 242.196129][ T9049] kvm: kvm [9047]: vcpu0, guest rIP: 0x161 Unhandled WRMSR(0xc1) = 0x400 [ 242.209855][ T9049] kvm: kvm [9047]: vcpu0, guest rIP: 0x161 Unhandled WRMSR(0xc2) = 0x400 [ 242.222613][ T9049] kvm: kvm [9047]: vcpu0, guest rIP: 0x161 Unhandled WRMSR(0xc2) = 0x400 [ 242.240854][ T9049] kvm: kvm [9047]: vcpu0, guest rIP: 0x161 Unhandled WRMSR(0xc2) = 0x400 [ 242.323736][ T9049] kvm: kvm [9047]: vcpu0, guest rIP: 0x161 Unhandled WRMSR(0xc2) = 0x400 [ 242.354719][ T9049] kvm: kvm [9047]: vcpu0, guest rIP: 0x161 Unhandled WRMSR(0xc2) = 0x400 [ 242.374237][ T9049] kvm: kvm [9047]: vcpu0, guest rIP: 0x161 Unhandled WRMSR(0xc1) = 0x400 [ 242.647434][ T9069] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1159'. [ 242.677919][ T9069] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1159'. [ 242.687226][ T9070] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1159'. [ 242.909593][ T9074] trusted_key: syz.3.1161 sent an empty control message without MSG_MORE. [ 243.159087][ T9085] dlm: no locking on control device [ 243.309979][ T9090] XFS (rnullb0): Invalid superblock magic number [ 243.418572][ T9100] FAULT_INJECTION: forcing a failure. [ 243.418572][ T9100] name failslab, interval 1, probability 0, space 0, times 0 [ 243.458486][ T9100] CPU: 1 UID: 0 PID: 9100 Comm: syz.0.1167 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 243.458516][ T9100] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 243.458538][ T9100] Call Trace: [ 243.458546][ T9100] [ 243.458556][ T9100] dump_stack_lvl+0x189/0x250 [ 243.458584][ T9100] ? __pfx____ratelimit+0x10/0x10 [ 243.458609][ T9100] ? __pfx_dump_stack_lvl+0x10/0x10 [ 243.458635][ T9100] ? __pfx__printk+0x10/0x10 [ 243.458661][ T9100] ? __pfx___might_resched+0x10/0x10 [ 243.458681][ T9100] ? fs_reclaim_acquire+0x7d/0x100 [ 243.458712][ T9100] should_fail_ex+0x414/0x560 [ 243.458748][ T9100] should_failslab+0xa8/0x100 [ 243.458774][ T9100] __kmalloc_noprof+0xcb/0x4f0 [ 243.458795][ T9100] ? fib6_info_alloc+0x30/0xf0 [ 243.458825][ T9100] fib6_info_alloc+0x30/0xf0 [ 243.458858][ T9100] ip6_route_info_create+0x142/0x860 [ 243.458895][ T9100] ip6_route_add+0x49/0x1b0 [ 243.458925][ T9100] addrconf_add_dev+0x24f/0x340 [ 243.458952][ T9100] ? __pfx_addrconf_add_dev+0x10/0x10 [ 243.458997][ T9100] ? __lock_acquire+0xab9/0xd20 [ 243.459041][ T9100] addrconf_init_auto_addrs+0x590/0xbb0 [ 243.459073][ T9100] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 243.459093][ T9100] ? __pfx_addrconf_init_auto_addrs+0x10/0x10 [ 243.459123][ T9100] ? addrconf_permanent_addr+0x917/0x9d0 [ 243.459155][ T9100] ? addrconf_permanent_addr+0x917/0x9d0 [ 243.459187][ T9100] ? addrconf_permanent_addr+0x917/0x9d0 [ 243.459227][ T9100] ? __pfx_addrconf_permanent_addr+0x10/0x10 [ 243.459262][ T9100] ? __mutex_unlock_slowpath+0x1cd/0x700 [ 243.459291][ T9100] ? __pfx___mutex_lock+0x10/0x10 [ 243.459316][ T9100] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 243.459341][ T9100] ? tls_dev_event+0x717/0xec0 [ 243.459375][ T9100] ? addrconf_link_ready+0x112/0x170 [ 243.459408][ T9100] addrconf_notify+0xacc/0x1010 [ 243.459443][ T9100] notifier_call_chain+0x1b3/0x3e0 [ 243.459472][ T9100] __dev_notify_flags+0x18d/0x2e0 [ 243.459506][ T9100] ? __pfx___dev_notify_flags+0x10/0x10 [ 243.459533][ T9100] ? __dev_change_flags+0x4cc/0x6d0 [ 243.459568][ T9100] ? __pfx___dev_change_flags+0x10/0x10 [ 243.459594][ T9100] ? devinet_ioctl+0x323/0x1b50 [ 243.459626][ T9100] ? __pfx___mutex_lock+0x10/0x10 [ 243.459655][ T9100] netif_change_flags+0xe8/0x1a0 [ 243.459691][ T9100] dev_change_flags+0x130/0x260 [ 243.459724][ T9100] devinet_ioctl+0xbb4/0x1b50 [ 243.459766][ T9100] ? __pfx_devinet_ioctl+0x10/0x10 [ 243.459800][ T9100] ? get_user_ifreq+0x12c/0x180 [ 243.459823][ T9100] inet_ioctl+0x3c0/0x4c0 [ 243.459854][ T9100] ? __pfx_inet_ioctl+0x10/0x10 [ 243.459897][ T9100] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 243.459933][ T9100] ? packet_ioctl+0x254/0x350 [ 243.459965][ T9100] sock_do_ioctl+0xdc/0x300 [ 243.459990][ T9100] ? __pfx_sock_do_ioctl+0x10/0x10 [ 243.460010][ T9100] ? __lock_acquire+0xab9/0xd20 [ 243.460055][ T9100] sock_ioctl+0x576/0x790 [ 243.460079][ T9100] ? __pfx_sock_ioctl+0x10/0x10 [ 243.460102][ T9100] ? __fget_files+0x2a/0x420 [ 243.460129][ T9100] ? __fget_files+0x3a0/0x420 [ 243.460155][ T9100] ? __fget_files+0x2a/0x420 [ 243.460186][ T9100] ? bpf_lsm_file_ioctl+0x9/0x20 [ 243.460205][ T9100] ? __pfx_sock_ioctl+0x10/0x10 [ 243.460227][ T9100] __se_sys_ioctl+0xfc/0x170 [ 243.460251][ T9100] do_syscall_64+0xfa/0x3b0 [ 243.460276][ T9100] ? lockdep_hardirqs_on+0x9c/0x150 [ 243.460300][ T9100] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 243.460319][ T9100] ? clear_bhb_loop+0x60/0xb0 [ 243.460344][ T9100] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 243.460363][ T9100] RIP: 0033:0x7fe28318e929 [ 243.460381][ T9100] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 243.460398][ T9100] RSP: 002b:00007fe283f40038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 243.460420][ T9100] RAX: ffffffffffffffda RBX: 00007fe2833b5fa0 RCX: 00007fe28318e929 [ 243.460434][ T9100] RDX: 0000200000000180 RSI: 0000000000008914 RDI: 0000000000000004 [ 243.460447][ T9100] RBP: 00007fe283f40090 R08: 0000000000000000 R09: 0000000000000000 [ 243.460460][ T9100] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 243.460472][ T9100] R13: 0000000000000000 R14: 00007fe2833b5fa0 R15: 00007fff368aae78 [ 243.460503][ T9100] [ 244.425311][ T9111] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 244.633243][ T9115] syz.2.1172: attempt to access beyond end of device [ 244.633243][ T9115] loop2: rw=4096, sector=0, nr_sectors = 1 limit=0 [ 245.356673][ T9136] FAULT_INJECTION: forcing a failure. [ 245.356673][ T9136] name failslab, interval 1, probability 0, space 0, times 0 [ 245.396863][ T9136] CPU: 1 UID: 0 PID: 9136 Comm: syz.1.1178 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 245.396901][ T9136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 245.396927][ T9136] Call Trace: [ 245.396937][ T9136] [ 245.396952][ T9136] dump_stack_lvl+0x189/0x250 [ 245.396989][ T9136] ? __pfx____ratelimit+0x10/0x10 [ 245.397022][ T9136] ? __pfx_dump_stack_lvl+0x10/0x10 [ 245.397054][ T9136] ? __pfx__printk+0x10/0x10 [ 245.397093][ T9136] ? __pfx___might_resched+0x10/0x10 [ 245.397121][ T9136] ? fs_reclaim_acquire+0x7d/0x100 [ 245.397165][ T9136] should_fail_ex+0x414/0x560 [ 245.397215][ T9136] should_failslab+0xa8/0x100 [ 245.397251][ T9136] __kmalloc_noprof+0xcb/0x4f0 [ 245.397280][ T9136] ? kfree+0x4d/0x440 [ 245.397304][ T9136] ? tomoyo_realpath_from_path+0xe3/0x5d0 [ 245.397343][ T9136] tomoyo_realpath_from_path+0xe3/0x5d0 [ 245.397377][ T9136] ? tomoyo_domain+0xd9/0x130 [ 245.397418][ T9136] ? tomoyo_path_number_perm+0x1bc/0x5a0 [ 245.397459][ T9136] tomoyo_path_number_perm+0x1e8/0x5a0 [ 245.397520][ T9136] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 245.397601][ T9136] ? __lock_acquire+0xab9/0xd20 [ 245.397665][ T9136] ? __fget_files+0x2a/0x420 [ 245.397708][ T9136] ? __fget_files+0x2a/0x420 [ 245.397744][ T9136] ? __fget_files+0x3a0/0x420 [ 245.397780][ T9136] ? __fget_files+0x2a/0x420 [ 245.397824][ T9136] security_file_ioctl+0xcb/0x2d0 [ 245.397865][ T9136] __se_sys_ioctl+0x47/0x170 [ 245.397902][ T9136] do_syscall_64+0xfa/0x3b0 [ 245.397943][ T9136] ? lockdep_hardirqs_on+0x9c/0x150 [ 245.397979][ T9136] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 245.398004][ T9136] ? clear_bhb_loop+0x60/0xb0 [ 245.398038][ T9136] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 245.398066][ T9136] RIP: 0033:0x7f63c558e929 [ 245.398092][ T9136] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 245.398115][ T9136] RSP: 002b:00007f63c634f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 245.398145][ T9136] RAX: ffffffffffffffda RBX: 00007f63c57b5fa0 RCX: 00007f63c558e929 [ 245.398163][ T9136] RDX: 0000200000000040 RSI: 00000000c008ae88 RDI: 0000000000000005 [ 245.398183][ T9136] RBP: 00007f63c634f090 R08: 0000000000000000 R09: 0000000000000000 [ 245.398199][ T9136] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 245.398214][ T9136] R13: 0000000000000000 R14: 00007f63c57b5fa0 R15: 00007ffdceb5a768 [ 245.398257][ T9136] [ 245.647254][ T9136] ERROR: Out of memory at tomoyo_realpath_from_path. [ 248.421612][ T9152] kvm_pr_unimpl_wrmsr: 44 callbacks suppressed [ 248.421632][ T9152] kvm: kvm [9151]: vcpu0, guest rIP: 0x161 Unhandled WRMSR(0xc2) = 0x400 [ 248.458116][ T9152] kvm: kvm [9151]: vcpu0, guest rIP: 0x161 Unhandled WRMSR(0xc1) = 0x400 [ 248.480874][ T9152] kvm: kvm [9151]: vcpu0, guest rIP: 0x161 Unhandled WRMSR(0xc1) = 0x400 [ 248.548359][ T9152] kvm: kvm [9151]: vcpu0, guest rIP: 0x161 Unhandled WRMSR(0xc1) = 0x400 [ 248.578304][ T9152] kvm: kvm [9151]: vcpu0, guest rIP: 0x161 Unhandled WRMSR(0xc2) = 0x400 [ 248.603641][ T9152] kvm: kvm [9151]: vcpu0, guest rIP: 0x161 Unhandled WRMSR(0xc2) = 0x400 [ 248.638437][ T9152] kvm: kvm [9151]: vcpu0, guest rIP: 0x161 Unhandled WRMSR(0xc2) = 0x400 [ 248.649184][ T9152] kvm: kvm [9151]: vcpu0, guest rIP: 0x161 Unhandled WRMSR(0xc2) = 0x400 [ 248.663530][ T9152] kvm: kvm [9151]: vcpu0, guest rIP: 0x161 Unhandled WRMSR(0xc2) = 0x400 [ 248.686851][ T9152] kvm: kvm [9151]: vcpu0, guest rIP: 0x161 Unhandled WRMSR(0xc2) = 0x400 [ 249.224857][ T9155] syz.1.1184: attempt to access beyond end of device [ 249.224857][ T9155] loop1: rw=4096, sector=0, nr_sectors = 1 limit=0 [ 249.532111][ T9167] /dev/rnullb0: Can't open blockdev [ 249.755058][ T32] INFO: task kworker/0:1:10 blocked for more than 143 seconds. [ 249.778313][ T32] Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 [ 249.808361][ T32] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 249.817586][ T32] task:kworker/0:1 state:D stack:24968 pid:10 tgid:10 ppid:2 task_flags:0x4208060 flags:0x00004000 [ 249.830431][ T32] Workqueue: events_power_efficient hub_init_func2 [ 249.837079][ T32] Call Trace: [ 249.840728][ T32] [ 249.843813][ T32] __schedule+0x16f5/0x4d00 [ 249.848548][ T32] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 249.855541][ T32] ? schedule+0x165/0x360 [ 249.866496][ T32] ? __pfx___schedule+0x10/0x10 [ 249.871835][ T32] ? schedule+0x91/0x360 [ 249.876128][ T32] schedule+0x165/0x360 [ 249.884014][ T32] schedule_preempt_disabled+0x13/0x30 [ 249.898834][ T32] __mutex_lock+0x724/0xe80 [ 249.904766][ T32] ? __mutex_lock+0x51b/0xe80 [ 249.909811][ T32] ? hub_activate+0xb7/0x1ea0 [ 249.914526][ T32] ? __pfx___mutex_lock+0x10/0x10 [ 249.919905][ T32] ? do_raw_spin_lock+0x121/0x290 [ 249.924977][ T32] ? __lock_acquire+0xab9/0xd20 [ 249.929881][ T32] hub_activate+0xb7/0x1ea0 [ 249.934412][ T32] ? process_scheduled_works+0x9ef/0x17b0 [ 249.940238][ T32] ? _raw_spin_unlock_irq+0x23/0x50 [ 249.959415][ T32] ? process_scheduled_works+0x9ef/0x17b0 [ 249.965195][ T32] ? process_scheduled_works+0x9ef/0x17b0 [ 249.970989][ T32] process_scheduled_works+0xae1/0x17b0 [ 249.976607][ T32] ? __pfx_process_scheduled_works+0x10/0x10 [ 249.983116][ T32] worker_thread+0x8a0/0xda0 [ 249.987749][ T32] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 249.995720][ T32] ? __kthread_parkme+0x7b/0x200 [ 250.005462][ T32] kthread+0x70e/0x8a0 [ 250.012700][ T32] ? __pfx_worker_thread+0x10/0x10 [ 250.017861][ T32] ? __pfx_kthread+0x10/0x10 [ 250.025674][ T32] ? _raw_spin_unlock_irq+0x23/0x50 [ 250.030973][ T32] ? lockdep_hardirqs_on+0x9c/0x150 [ 250.036236][ T32] ? __pfx_kthread+0x10/0x10 [ 250.042983][ T32] ret_from_fork+0x3fc/0x770 [ 250.047602][ T32] ? __pfx_ret_from_fork+0x10/0x10 [ 250.052771][ T32] ? __switch_to_asm+0x39/0x70 [ 250.057564][ T32] ? __switch_to_asm+0x33/0x70 [ 250.064541][ T32] ? __pfx_kthread+0x10/0x10 [ 250.069151][ T32] ret_from_fork_asm+0x1a/0x30 [ 250.074099][ T32] [ 250.077312][ T32] INFO: task kworker/1:0:24 blocked for more than 143 seconds. [ 250.087550][ T32] Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 [ 250.096019][ T32] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 250.104861][ T32] task:kworker/1:0 state:D stack:24264 pid:24 tgid:24 ppid:2 task_flags:0x4208060 flags:0x00004000 [ 250.116977][ T32] Workqueue: events_power_efficient hub_init_func2 [ 250.124603][ T32] Call Trace: [ 250.127905][ T32] [ 250.130887][ T32] __schedule+0x16f5/0x4d00 [ 250.135412][ T32] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 250.140853][ T32] ? schedule+0x165/0x360 [ 250.145210][ T32] ? __pfx___schedule+0x10/0x10 [ 250.150210][ T32] ? schedule+0x91/0x360 [ 250.154694][ T32] schedule+0x165/0x360 [ 250.158882][ T32] schedule_preempt_disabled+0x13/0x30 [ 250.164422][ T32] __mutex_lock+0x724/0xe80 [ 250.168951][ T32] ? __mutex_lock+0x51b/0xe80 [ 250.173679][ T32] ? hub_activate+0xb7/0x1ea0 [ 250.178380][ T32] ? __pfx___mutex_lock+0x10/0x10 [ 250.183472][ T32] ? do_raw_spin_lock+0x121/0x290 [ 250.188540][ T32] ? __lock_acquire+0xab9/0xd20 [ 250.193459][ T32] hub_activate+0xb7/0x1ea0 [ 250.198982][ T32] ? process_scheduled_works+0x9ef/0x17b0 [ 250.204938][ T32] ? _raw_spin_unlock_irq+0x23/0x50 [ 250.210181][ T32] ? process_scheduled_works+0x9ef/0x17b0 [ 250.215915][ T32] ? process_scheduled_works+0x9ef/0x17b0 [ 250.221769][ T32] process_scheduled_works+0xae1/0x17b0 [ 250.227419][ T32] ? __pfx_process_scheduled_works+0x10/0x10 [ 250.233519][ T32] worker_thread+0x8a0/0xda0 [ 250.238174][ T32] kthread+0x70e/0x8a0 [ 250.242393][ T32] ? __pfx_worker_thread+0x10/0x10 [ 250.247529][ T32] ? __pfx_kthread+0x10/0x10 [ 250.252199][ T32] ? _raw_spin_unlock_irq+0x23/0x50 [ 250.257422][ T32] ? lockdep_hardirqs_on+0x9c/0x150 [ 250.262671][ T32] ? __pfx_kthread+0x10/0x10 [ 250.267291][ T32] ret_from_fork+0x3fc/0x770 [ 250.271927][ T32] ? __pfx_ret_from_fork+0x10/0x10 [ 250.277092][ T32] ? __switch_to_asm+0x39/0x70 [ 250.281961][ T32] ? __switch_to_asm+0x33/0x70 [ 250.286752][ T32] ? __pfx_kthread+0x10/0x10 [ 250.291404][ T32] ret_from_fork_asm+0x1a/0x30 [ 250.296206][ T32] [ 250.300395][ T32] INFO: task kworker/0:2:979 blocked for more than 143 seconds. [ 250.308047][ T32] Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 [ 250.315889][ T32] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 250.324672][ T32] task:kworker/0:2 state:D stack:21960 pid:979 tgid:979 ppid:2 task_flags:0x4288060 flags:0x00004000 [ 250.336722][ T32] Workqueue: usb_hub_wq hub_event [ 250.341837][ T32] Call Trace: [ 250.345136][ T32] [ 250.348085][ T32] __schedule+0x16f5/0x4d00 [ 250.353481][ T32] ? schedule+0x165/0x360 [ 250.357879][ T32] ? __pfx___schedule+0x10/0x10 [ 250.362848][ T32] ? preempt_schedule_common+0x83/0xd0 [ 250.368347][ T32] ? __pfx_preempt_schedule+0x10/0x10 [ 250.374669][ T32] ? schedule+0x91/0x360 [ 250.378927][ T32] schedule+0x165/0x360 [ 250.383139][ T32] schedule_timeout+0x9a/0x270 [ 250.387929][ T32] ? __pfx_schedule_timeout+0x10/0x10 [ 250.393575][ T32] ? _raw_spin_unlock_irq+0x23/0x50 [ 250.398811][ T32] ? lockdep_hardirqs_on+0x9c/0x150 [ 250.405208][ T32] ? wait_for_completion+0x267/0x5d0 [ 250.410578][ T32] wait_for_completion+0x2bf/0x5d0 [ 250.415812][ T32] ? __pfx_wait_for_completion+0x10/0x10 [ 250.421659][ T32] ? __flush_work+0xd2/0xbc0 [ 250.426294][ T32] ? __flush_work+0xd2/0xbc0 [ 250.430953][ T32] __flush_work+0x9b9/0xbc0 [ 250.435500][ T32] ? __flush_work+0xd2/0xbc0 [ 250.441225][ T32] ? __pfx___flush_work+0x10/0x10 [ 250.446298][ T32] ? __pfx_wq_barrier_func+0x10/0x10 [ 250.451657][ T32] ? __queue_work+0xc56/0xfb0 [ 250.456358][ T32] ? flush_delayed_work+0x11d/0x190 [ 250.461683][ T32] flush_delayed_work+0x13e/0x190 [ 250.466740][ T32] ? __pfx_flush_delayed_work+0x10/0x10 [ 250.472391][ T32] ? lockdep_hardirqs_on+0x9c/0x150 [ 250.477630][ T32] ? usb_hcd_flush_endpoint+0x3e9/0x400 [ 250.483278][ T32] hub_quiesce+0x1f0/0x330 [ 250.487731][ T32] hub_disconnect+0xc8/0x470 [ 250.492448][ T32] usb_unbind_interface+0x26b/0x910 [ 250.497741][ T32] ? __pfx_usb_unbind_interface+0x10/0x10 [ 250.506671][ T32] device_release_driver_internal+0x4d6/0x7c0 [ 250.512807][ T32] bus_remove_device+0x34d/0x410 [ 250.517777][ T32] device_del+0x511/0x8e0 [ 250.524493][ T32] ? kfree+0x18e/0x440 [ 250.528580][ T32] ? __pfx_device_del+0x10/0x10 [ 250.533600][ T32] ? kobject_put+0x446/0x480 [ 250.538232][ T32] usb_disable_device+0x3e9/0x8a0 [ 250.545498][ T32] usb_disconnect+0x330/0x950 [ 250.550979][ T32] hub_event+0x1cdb/0x4a00 [ 250.555448][ T32] ? do_raw_spin_lock+0x121/0x290 [ 250.563536][ T32] ? register_lock_class+0x51/0x320 [ 250.568766][ T32] ? __pfx_hub_event+0x10/0x10 [ 250.573586][ T32] ? process_scheduled_works+0x9ef/0x17b0 [ 250.579533][ T32] ? _raw_spin_unlock_irq+0x23/0x50 [ 250.584770][ T32] ? process_scheduled_works+0x9ef/0x17b0 [ 250.590535][ T32] ? process_scheduled_works+0x9ef/0x17b0 [ 250.596286][ T32] process_scheduled_works+0xae1/0x17b0 [ 250.601959][ T32] ? __pfx_process_scheduled_works+0x10/0x10 [ 250.608921][ T32] worker_thread+0x8a0/0xda0 [ 250.613594][ T32] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 250.619993][ T32] ? __kthread_parkme+0x7b/0x200 [ 250.624970][ T32] kthread+0x70e/0x8a0 [ 250.629076][ T32] ? __pfx_worker_thread+0x10/0x10 [ 250.634275][ T32] ? __pfx_kthread+0x10/0x10 [ 250.638892][ T32] ? _raw_spin_unlock_irq+0x23/0x50 [ 250.644305][ T32] ? lockdep_hardirqs_on+0x9c/0x150 [ 250.649566][ T32] ? __pfx_kthread+0x10/0x10 [ 250.654164][ T32] ret_from_fork+0x3fc/0x770 [ 250.658781][ T32] ? __pfx_ret_from_fork+0x10/0x10 [ 250.663999][ T32] ? __switch_to_asm+0x39/0x70 [ 250.668793][ T32] ? __switch_to_asm+0x33/0x70 [ 250.673642][ T32] ? __pfx_kthread+0x10/0x10 [ 250.678257][ T32] ret_from_fork_asm+0x1a/0x30 [ 250.683139][ T32] [ 250.686277][ T32] INFO: task kworker/1:6:5934 blocked for more than 144 seconds. [ 250.698497][ T32] Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 [ 250.705657][ T32] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 250.715264][ T32] task:kworker/1:6 state:D stack:23272 pid:5934 tgid:5934 ppid:2 task_flags:0x4288060 flags:0x00004000 [ 250.727411][ T32] Workqueue: usb_hub_wq hub_event [ 250.732506][ T32] Call Trace: [ 250.735784][ T32] [ 250.738722][ T32] __schedule+0x16f5/0x4d00 [ 250.743317][ T32] ? schedule+0x165/0x360 [ 250.747684][ T32] ? __pfx___schedule+0x10/0x10 [ 250.752774][ T32] ? preempt_schedule_common+0x83/0xd0 [ 250.758290][ T32] ? __pfx_preempt_schedule+0x10/0x10 [ 250.763788][ T32] ? schedule+0x91/0x360 [ 250.768071][ T32] schedule+0x165/0x360 [ 250.772315][ T32] schedule_timeout+0x9a/0x270 [ 250.777131][ T32] ? __pfx_schedule_timeout+0x10/0x10 [ 250.782584][ T32] ? _raw_spin_unlock_irq+0x23/0x50 [ 250.787810][ T32] ? lockdep_hardirqs_on+0x9c/0x150 [ 250.793189][ T32] ? wait_for_completion+0x267/0x5d0 [ 250.798507][ T32] wait_for_completion+0x2bf/0x5d0 [ 250.803730][ T32] ? __pfx_wait_for_completion+0x10/0x10 [ 250.809436][ T32] ? __flush_work+0xd2/0xbc0 [ 250.815007][ T32] ? __flush_work+0xd2/0xbc0 [ 250.819684][ T32] __flush_work+0x9b9/0xbc0 [ 250.824214][ T32] ? __flush_work+0xd2/0xbc0 [ 250.828821][ T32] ? __pfx___flush_work+0x10/0x10 [ 250.833915][ T32] ? __pfx_wq_barrier_func+0x10/0x10 [ 250.839947][ T32] ? __queue_work+0xc56/0xfb0 [ 250.844649][ T32] ? flush_delayed_work+0x11d/0x190 [ 250.849920][ T32] flush_delayed_work+0x13e/0x190 [ 250.854975][ T32] ? __pfx_flush_delayed_work+0x10/0x10 [ 250.860717][ T32] ? lockdep_hardirqs_on+0x9c/0x150 [ 250.865957][ T32] ? usb_hcd_flush_endpoint+0x3e9/0x400 [ 250.871581][ T32] hub_quiesce+0x1f0/0x330 [ 250.876041][ T32] hub_disconnect+0xc8/0x470 [ 250.882238][ T32] usb_unbind_interface+0x26b/0x910 [ 250.887485][ T32] ? __pfx_usb_unbind_interface+0x10/0x10 [ 250.893270][ T32] device_release_driver_internal+0x4d6/0x7c0 [ 250.899524][ T32] bus_remove_device+0x34d/0x410 [ 250.904505][ T32] device_del+0x511/0x8e0 [ 250.908844][ T32] ? kfree+0x18e/0x440 [ 250.912962][ T32] ? __pfx_device_del+0x10/0x10 [ 250.918923][ T32] ? kobject_put+0x446/0x480 [ 250.923654][ T32] usb_disable_device+0x3e9/0x8a0 [ 250.928720][ T32] usb_disconnect+0x330/0x950 [ 250.933457][ T32] hub_event+0x1cdb/0x4a00 [ 250.937907][ T32] ? check_path+0x21/0x40 [ 250.942395][ T32] ? do_raw_spin_lock+0x121/0x290 [ 250.947454][ T32] ? register_lock_class+0x51/0x320 [ 250.953016][ T32] ? __pfx_hub_event+0x10/0x10 [ 250.957822][ T32] ? process_scheduled_works+0x9ef/0x17b0 [ 250.963687][ T32] ? _raw_spin_unlock_irq+0x23/0x50 [ 250.968911][ T32] ? process_scheduled_works+0x9ef/0x17b0 [ 250.974813][ T32] ? process_scheduled_works+0x9ef/0x17b0 [ 250.980646][ T32] process_scheduled_works+0xae1/0x17b0 [ 250.986251][ T32] ? __pfx_process_scheduled_works+0x10/0x10 [ 250.992322][ T32] worker_thread+0x8a0/0xda0 [ 250.996944][ T32] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 251.003418][ T32] ? __kthread_parkme+0x7b/0x200 [ 251.008405][ T32] kthread+0x70e/0x8a0 [ 251.012562][ T32] ? __pfx_worker_thread+0x10/0x10 [ 251.018924][ T32] ? __pfx_kthread+0x10/0x10 [ 251.023632][ T32] ? _raw_spin_unlock_irq+0x23/0x50 [ 251.028963][ T32] ? lockdep_hardirqs_on+0x9c/0x150 [ 251.034396][ T32] ? __pfx_kthread+0x10/0x10 [ 251.040833][ T32] ret_from_fork+0x3fc/0x770 [ 251.045447][ T32] ? __pfx_ret_from_fork+0x10/0x10 [ 251.050646][ T32] ? __switch_to_asm+0x39/0x70 [ 251.055436][ T32] ? __switch_to_asm+0x33/0x70 [ 251.061386][ T32] ? __pfx_kthread+0x10/0x10 [ 251.065996][ T32] ret_from_fork_asm+0x1a/0x30 [ 251.070831][ T32] [ 251.073898][ T32] [ 251.073898][ T32] Showing all locks held in the system: [ 251.082029][ T32] 3 locks held by kworker/0:0/9: [ 251.086984][ T32] #0: ffff88801a882148 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 251.099487][ T32] #1: ffffc900000e7bc0 ((work_completion)(&(&hub->init_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 251.112613][ T32] #2: ffff8880776b2198 (&dev->mutex){....}-{4:4}, at: hub_activate+0xb7/0x1ea0 [ 251.122829][ T32] 3 locks held by kworker/0:1/10: [ 251.127885][ T32] #0: ffff88801a882148 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 251.140438][ T32] #1: ffffc900000f7bc0 ((work_completion)(&(&hub->init_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 251.153694][ T32] #2: ffff88804ea51198 (&dev->mutex){....}-{4:4}, at: hub_activate+0xb7/0x1ea0 [ 251.165812][ T32] 3 locks held by kworker/1:0/24: [ 251.170961][ T32] #0: ffff88801a882148 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 251.186633][ T32] #1: ffffc900001e7bc0 ((work_completion)(&(&hub->init_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 251.203079][ T32] #2: ffff88805bc75198 (&dev->mutex){....}-{4:4}, at: hub_activate+0xb7/0x1ea0 [ 251.213282][ T32] 1 lock held by khungtaskd/32: [ 251.218256][ T32] #0: ffffffff8e33bee0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180 [ 251.233010][ T32] 5 locks held by kworker/0:2/979: [ 251.238132][ T32] #0: ffff888020ab7148 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 251.249619][ T32] #1: ffffc90003a67bc0 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 251.261589][ T32] #2: ffff8881453f5198 (&dev->mutex){....}-{4:4}, at: hub_event+0x184/0x4a00 [ 251.270570][ T32] #3: ffff88804ea51198 (&dev->mutex){....}-{4:4}, at: usb_disconnect+0xf8/0x950 [ 251.279830][ T32] #4: ffff88804ea55160 (&dev->mutex){....}-{4:4}, at: device_release_driver_internal+0xb6/0x7c0 [ 251.290710][ T32] 5 locks held by kworker/1:2/1769: [ 251.295961][ T32] #0: ffff888020ab7148 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 251.307628][ T32] #1: ffffc90004e67bc0 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 251.319835][ T32] #2: ffff8880283a5198 (&dev->mutex){....}-{4:4}, at: hub_event+0x184/0x4a00 [ 251.330375][ T32] #3: ffff88802fdfe198 (&dev->mutex){....}-{4:4}, at: usb_disconnect+0xf8/0x950 [ 251.340746][ T32] #4: ffff888026edd160 (&dev->mutex){....}-{4:4}, at: device_release_driver_internal+0xb6/0x7c0 [ 251.351783][ T32] 2 locks held by getty/5592: [ 251.356548][ T32] #0: ffff88814dcf60a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 251.366429][ T32] #1: ffffc9000331b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400 [ 251.376782][ T32] 5 locks held by kworker/0:3/5879: [ 251.382036][ T32] #0: ffff888020ab7148 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 251.393520][ T32] #1: ffffc900043afbc0 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 251.405461][ T32] #2: ffff8880283c5198 (&dev->mutex){....}-{4:4}, at: hub_event+0x184/0x4a00 [ 251.414562][ T32] #3: ffff8880776b2198 (&dev->mutex){....}-{4:4}, at: usb_disconnect+0xf8/0x950 [ 251.423822][ T32] #4: ffff8880284fb160 (&dev->mutex){....}-{4:4}, at: device_release_driver_internal+0xb6/0x7c0 [ 251.439830][ T32] 3 locks held by kworker/1:4/5893: [ 251.445047][ T32] #0: ffff88801a882148 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 251.460696][ T32] #1: ffffc9000449fbc0 ((work_completion)(&(&hub->init_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 251.473704][ T32] #2: ffff88802fdfe198 (&dev->mutex){....}-{4:4}, at: hub_activate+0xb7/0x1ea0 [ 251.482929][ T32] 5 locks held by kworker/1:6/5934: [ 251.488176][ T32] #0: ffff888020ab7148 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 251.499809][ T32] #1: ffffc9000460fbc0 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 251.511887][ T32] #2: ffff88814578d198 (&dev->mutex){....}-{4:4}, at: hub_event+0x184/0x4a00 [ 251.521064][ T32] #3: ffff88805bc75198 (&dev->mutex){....}-{4:4}, at: usb_disconnect+0xf8/0x950 [ 251.531526][ T32] #4: ffff888143ee5160 (&dev->mutex){....}-{4:4}, at: device_release_driver_internal+0xb6/0x7c0 [ 251.542453][ T32] 1 lock held by syz.3.1182/9145: [ 251.547500][ T32] #0: ffffffff8e3418c0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 251.557746][ T32] [ 251.560439][ T32] ============================================= [ 251.560439][ T32] [ 251.568887][ T32] NMI backtrace for cpu 0 [ 251.568902][ T32] CPU: 0 UID: 0 PID: 32 Comm: khungtaskd Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 251.568921][ T32] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 251.568931][ T32] Call Trace: [ 251.568938][ T32] [ 251.568944][ T32] dump_stack_lvl+0x189/0x250 [ 251.568965][ T32] ? __wake_up_klogd+0xd9/0x110 [ 251.568987][ T32] ? __pfx_dump_stack_lvl+0x10/0x10 [ 251.569005][ T32] ? __pfx__printk+0x10/0x10 [ 251.569032][ T32] nmi_cpu_backtrace+0x39e/0x3d0 [ 251.569051][ T32] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 251.569065][ T32] ? _printk+0xcf/0x120 [ 251.569086][ T32] ? __pfx__printk+0x10/0x10 [ 251.569105][ T32] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 251.569131][ T32] nmi_trigger_cpumask_backtrace+0x17a/0x300 [ 251.569150][ T32] watchdog+0xfee/0x1030 [ 251.569173][ T32] ? watchdog+0x1de/0x1030 [ 251.569201][ T32] kthread+0x70e/0x8a0 [ 251.569228][ T32] ? __pfx_watchdog+0x10/0x10 [ 251.569248][ T32] ? __pfx_kthread+0x10/0x10 [ 251.569272][ T32] ? _raw_spin_unlock_irq+0x23/0x50 [ 251.569294][ T32] ? lockdep_hardirqs_on+0x9c/0x150 [ 251.569316][ T32] ? __pfx_kthread+0x10/0x10 [ 251.569340][ T32] ret_from_fork+0x3fc/0x770 [ 251.569374][ T32] ? __pfx_ret_from_fork+0x10/0x10 [ 251.569410][ T32] ? __switch_to_asm+0x39/0x70 [ 251.569432][ T32] ? __switch_to_asm+0x33/0x70 [ 251.569454][ T32] ? __pfx_kthread+0x10/0x10 [ 251.569475][ T32] ret_from_fork_asm+0x1a/0x30 [ 251.569507][ T32] [ 251.720866][ T32] Sending NMI from CPU 0 to CPUs 1: [ 251.726111][ C1] NMI backtrace for cpu 1 [ 251.726127][ C1] CPU: 1 UID: 0 PID: 66 Comm: kworker/u8:4 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 251.726148][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 251.726160][ C1] Workqueue: bat_events batadv_nc_worker [ 251.726184][ C1] RIP: 0010:__lock_acquire+0x73f/0xd20 [ 251.726213][ C1] Code: fb 31 0f 83 e0 05 00 00 48 8d 04 9b 45 8b 66 20 48 8b 4c 24 10 8b 44 c1 f8 44 31 e0 25 00 60 00 00 31 c9 89 c2 f7 da 48 19 c9 <49> 09 cf 85 c0 b8 01 00 00 00 0f 45 e8 eb 4b 48 89 fb 4c 89 f6 a9 [ 251.726228][ C1] RSP: 0018:ffffc9000215f840 EFLAGS: 00000046 [ 251.726242][ C1] RAX: 0000000000000000 RBX: 0000000000000002 RCX: 0000000000000000 [ 251.726252][ C1] RDX: 0000000000000000 RSI: ffff88801c3e6540 RDI: ffff88801c3e5a00 [ 251.726264][ C1] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffffff8b451017 [ 251.726275][ C1] R10: dffffc0000000000 R11: fffffbfff1f852e7 R12: 0000000000040748 [ 251.726288][ C1] R13: 0000000000000003 R14: ffff88801c3e6540 R15: b89dd58e5d211294 [ 251.726300][ C1] FS: 0000000000000000(0000) GS:ffff888125ae4000(0000) knlGS:0000000000000000 [ 251.726314][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 251.726326][ C1] CR2: 000055557bfd75c8 CR3: 000000000e136000 CR4: 00000000003526f0 [ 251.726341][ C1] DR0: 0000000000000000 DR1: 0000000000000097 DR2: 0000000000000000 [ 251.726352][ C1] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 251.726362][ C1] Call Trace: [ 251.726369][ C1] [ 251.726380][ C1] ? batadv_nc_purge_paths+0xe7/0x3b0 [ 251.726399][ C1] lock_acquire+0x120/0x360 [ 251.726423][ C1] ? batadv_nc_purge_paths+0xe7/0x3b0 [ 251.726450][ C1] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 251.726469][ C1] ? batadv_nc_purge_paths+0xe7/0x3b0 [ 251.726488][ C1] _raw_spin_lock_bh+0x36/0x50 [ 251.726506][ C1] ? batadv_nc_purge_paths+0xe7/0x3b0 [ 251.726524][ C1] ? __pfx_batadv_nc_to_purge_nc_path_coding+0x10/0x10 [ 251.726544][ C1] batadv_nc_purge_paths+0xe7/0x3b0 [ 251.726569][ C1] batadv_nc_worker+0x328/0x610 [ 251.726593][ C1] ? process_scheduled_works+0x9ef/0x17b0 [ 251.726621][ C1] process_scheduled_works+0xae1/0x17b0 [ 251.726659][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 251.726693][ C1] worker_thread+0x8a0/0xda0 [ 251.726710][ C1] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 251.726732][ C1] ? __kthread_parkme+0x7b/0x200 [ 251.726753][ C1] kthread+0x70e/0x8a0 [ 251.726774][ C1] ? __pfx_worker_thread+0x10/0x10 [ 251.726789][ C1] ? __pfx_kthread+0x10/0x10 [ 251.726809][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 251.726826][ C1] ? lockdep_hardirqs_on+0x9c/0x150 [ 251.726845][ C1] ? __pfx_kthread+0x10/0x10 [ 251.726865][ C1] ret_from_fork+0x3fc/0x770 [ 251.726892][ C1] ? __pfx_ret_from_fork+0x10/0x10 [ 251.726920][ C1] ? __switch_to_asm+0x39/0x70 [ 251.726940][ C1] ? __switch_to_asm+0x33/0x70 [ 251.726960][ C1] ? __pfx_kthread+0x10/0x10 [ 251.726979][ C1] ret_from_fork_asm+0x1a/0x30 [ 251.727007][ C1] [ 251.749512][ T32] Kernel panic - not syncing: hung_task: blocked tasks [ 251.749539][ T32] CPU: 1 UID: 0 PID: 32 Comm: khungtaskd Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 251.749569][ T32] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 251.749585][ T32] Call Trace: [ 251.749596][ T32] [ 251.749606][ T32] dump_stack_lvl+0x99/0x250 [ 251.749639][ T32] ? __asan_memcpy+0x40/0x70 [ 251.749676][ T32] ? __pfx_dump_stack_lvl+0x10/0x10 [ 251.749702][ T32] ? __pfx__printk+0x10/0x10 [ 251.749744][ T32] panic+0x2db/0x790 [ 251.749771][ T32] ? __pfx_panic+0x10/0x10 [ 251.749791][ T32] ? nmi_backtrace_stall_check+0x433/0x440 [ 251.749822][ T32] ? preempt_schedule_thunk+0x16/0x30 [ 251.749858][ T32] ? nmi_trigger_cpumask_backtrace+0x2b6/0x300 [ 251.749889][ T32] watchdog+0x102d/0x1030 [ 251.749924][ T32] ? watchdog+0x1de/0x1030 [ 251.749964][ T32] kthread+0x70e/0x8a0 [ 251.749996][ T32] ? __pfx_watchdog+0x10/0x10 [ 251.750026][ T32] ? __pfx_kthread+0x10/0x10 [ 251.750055][ T32] ? _raw_spin_unlock_irq+0x23/0x50 [ 251.750081][ T32] ? lockdep_hardirqs_on+0x9c/0x150 [ 251.750107][ T32] ? __pfx_kthread+0x10/0x10 [ 251.750135][ T32] ret_from_fork+0x3fc/0x770 [ 251.750175][ T32] ? __pfx_ret_from_fork+0x10/0x10 [ 251.750216][ T32] ? __switch_to_asm+0x39/0x70 [ 251.750243][ T32] ? __switch_to_asm+0x33/0x70 [ 251.750269][ T32] ? __pfx_kthread+0x10/0x10 [ 251.750297][ T32] ret_from_fork_asm+0x1a/0x30 [ 251.750343][ T32] [ 252.171110][ T32] Kernel Offset: disabled [ 252.175448][ T32] Rebooting in 86400 seconds..