last executing test programs: 19m13.916110444s ago: executing program 2 (id=50622): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x0, 0x8008000000010, &(0x7f0000000240)="17000000020001000003be8c5ee17688a20032000203000a0292000098fc5a000a00bb6a880000d6c8db0000dba67e0602000043c59ed66b5571ca5f2ae0e28900000200df018002000000fc060f0000000000000061547a681f009cee4a5a2d8f89814bc6c252674f00c88ebb01005033bf79ac2dfc060115003901000000000000ea0000000000000800b59bd2b8e50ce5af649a702202ffff02dfccebf6ba000840024f0298e9e90554062a80e605197f71174aa951f3", 0xb8) r1 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r1, 0x40087703, 0x3d29) mmap(&(0x7f0000701000/0x1000)=nil, 0x1000, 0x0, 0x12, r1, 0x0) ioctl$ASHMEM_SET_NAME(r1, 0x40087707, &(0x7f0000000ec0)='\x00\x00\x00\x00\x00\x00\x00\x1f\x00x\x92\x12\xac\x06^\xbewV\xf3\"\xc4\x04\xbb\x0642\x9c\x1a\xd1\xcb{\xb0\xd6\x1e\x00gQ\xca\x0eU\xf7\'\x8c\xc1\xc6\xbb\xc5\x1c\xf7\xaf\x95\x83=\t7\x96\x1a\xad\xd0\xd0\xee\x9c\x962\bu\xba\xfc\xae\xc2\x19\xeb\x91\xc9\t\xbc\xc1\xcb\xba\xe3\x8e\xf6\x89\xc2\'\xdfn(Q=v-<\r\x87\xa3\xd1?$\x8b\x17Bn\x17h\x1b\xac\xfc\x82\x1c\xf4\xd0\xf5\xd5\x80\xc0\xb4a \x15\x9a\x9f\xfc\"\xee\xc4\x93Q\x82\x16\xbf\xe3c\x8d \x0f\xb1\xe9\xf2o \x00\x00\x00\x00\x00\x00\x00H\xaf\t\x18\xc8\x1b\x1e\xbe\xd8>\xec\x9f~\xa7\xf7\xafdd\xf1\xdbjE\x01\xd1sD\x89\x94&\\U\f\x18\x99]\xaba\xe93\x01\xa23\xc9hP1\xdc-\'\xd0\x9e}\x89\xff\x8c\xec^\x84\x19\x9f_D\xbdt/\'\xf6\xc3\x8c\xb8\vS\x80\xad\xf8\xbf\xa2\xa0\x99\xc2\x16=\xcc\xb0\x1b^:4\xeb\xd37\xe3-\'\x02\x16\xf5\xe6\x93\x02E\n\xe8\x00\x00\x8c\xed\x11\xf7\xf2J\xf6\x90A@\x01\x13\xc7`g\xcb\xd7\xdb\x1e\xb2\xc9\xfd\xf7\xa9\x96\xf8/0Hd\xcf\xb9\xa2\x1d\x13\x8fC\xd2&\xd8\x9d\x8b\xe0E\xd2\xc6\x1a\xf3\xa8\x0e\xba\xecOv$\xc8\"\a\xd7T\xfb\xfc\xfauT\xf8\x9e\x86\xef.\xc9\x91\xbfB\xe7\x80\x1a\a\t+x_B=\xe7\xa5\x89\xfb\xa2\xc6\x97\xeb\xdecY{\x0e\xc2\x00\x00\x00\x00\x00\x00\x00\a\xf4\x88\x06\xe3\xcb\xc8\xe0\xcc\vE\x18\"\x87\xa0\xa9:\xceY\xf0\xa2\xe0\x9d\x8c\x8e\x11\xb7\x98\xa5\xda$\x94D\xb4\xf2>\x01\x00+\xfa\xa9 \xe1\x13Y\x86\xd8\xbfH\xc6\x9c\x8cs4\r\xcd\xd1\x83JT\xf9\xa2\x83?\xb3\x0f\xc6&\x1d\xa3\xc4\xc3\xd2\xfd\xad\xa35o\xe8\xcd^/\xd8\xf4[n\x9fJ\xf4\n\x92c\xaa\xddT&L<+\x19R\a\xfc\xf2\x17\xb8$\xa9]\xc2\\\xda<\xc8d.w\x9c\xaf4\xbb\xe8Co\xb3\xd8\x82\x92\xba+\x99PXB\xdc\xc26\x06\x10\x92\xc7\xa55\x9fZ\xff*ir\x1e\xe8\a\x00\x00\x00\x00\x00\x00\x00\x88\x19\xf7\xdd\xa8\xef\xa0\x98\xcd\x81\x10>\xc7{\x84\xb9\xc0B\xe1\t\x00\xbaQj\x81\xc8\xf8\x146%Z\x83H\xabF\x18<\x86h\x01=\x03i\xc4\t\x8e/\x12\a\xdf\xe7zU\x1d\x15\x0e\xc1?\xeau\xb4\x84\x1b\xdaR-\xf4\xe9\x1f\xcd\x05\x0fz_\x8d,^\xde\xfd\xd1\xbed\xed\xa1\xf5\xc6(p\xb4;\x0e\x18\xf7/A\xfd\x92\xd0}ur\xaag\xdb&e$\f\rrT\xd8\x88~\x13\xc22t\xf6\xf4Fs\xc1\x05\xfa\x99\x15\x87\x14\x13$\t\xa8?\xee\x94W\x8e\xe1\xcc\xc3U\x84\xc6]:\x9a|W\xec\x84\x18\bb\x82\x8f\xc0\xab\xe3a\x99\x17\x85\x9a\x05\x06\x00\x00\x00\xf2\xd5\b^[D~\x00\x00\x00\x00\x00\x00\x00') write$UHID_CREATE2(0xffffffffffffffff, &(0x7f00000003c0)=ANY=[@ANYRESHEX=r1, @ANYRES8=0x0, @ANYRES8, @ANYRES32=r0], 0x118) 19m13.902673365s ago: executing program 2 (id=50624): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000004c0)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendmmsg$inet(r2, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040) socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r3 = userfaultfd(0x80001) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)) ioctl$UFFDIO_ZEROPAGE(r3, 0xc020aa07, 0x0) 19m13.872183868s ago: executing program 2 (id=50625): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r4, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) inotify_init() openat(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu/cpuset.cpus\x00', 0x2, 0x0) 19m13.871231368s ago: executing program 2 (id=50627): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) socket$inet6_tcp(0xa, 0x1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r0, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r1, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mremap(&(0x7f0000241000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) 19m13.85217333s ago: executing program 2 (id=50628): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) socket$packet(0x11, 0x3, 0x300) socket$inet6(0xa, 0x3, 0x6) socket$inet_tcp(0x2, 0x1, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket$netlink(0x10, 0x3, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) 19m13.808462105s ago: executing program 2 (id=50629): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) (async) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) (async) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) r2 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffa) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r4, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r4, @ANYRES64=r3], 0x118) (async) write$UHID_CREATE2(r4, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r4, @ANYRES64=r3], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r4, 0x0) ioctl$KVM_X86_SETUP_MCE(r4, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r5, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) fstat(r6, &(0x7f0000000240)) (async) fstat(r6, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0}) ioprio_set$uid(0x3, r7, 0x4000) r8 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r8, &(0x7f0000000200)='asymmetric\x00', &(0x7f00000002c0)=@chain) add_key$user(&(0x7f0000000180), &(0x7f0000000200)={'syz', 0x2}, &(0x7f0000000280)="3618", 0x2, r8) (async) add_key$user(&(0x7f0000000180), &(0x7f0000000200)={'syz', 0x2}, &(0x7f0000000280)="3618", 0x2, r8) keyctl$link(0x8, r2, r8) (async) keyctl$link(0x8, r2, r8) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) (async) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (async) mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r11 = dup(r10) setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000000c0), 0x3) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000004380), 0x1814800, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r9}, 0x2c, {'wfdno', 0x3d, r11}, 0x2c, {[{@version_u}, {@nodevmap}, {@access_any}], [], 0x6b}}) (async) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000004380), 0x1814800, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r9}, 0x2c, {'wfdno', 0x3d, r11}, 0x2c, {[{@version_u}, {@nodevmap}, {@access_any}], [], 0x6b}}) 18m58.752915834s ago: executing program 32 (id=50629): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) (async) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) (async) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) r2 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffa) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r4, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r4, @ANYRES64=r3], 0x118) (async) write$UHID_CREATE2(r4, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r4, @ANYRES64=r3], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r4, 0x0) ioctl$KVM_X86_SETUP_MCE(r4, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r5, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) fstat(r6, &(0x7f0000000240)) (async) fstat(r6, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0}) ioprio_set$uid(0x3, r7, 0x4000) r8 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r8, &(0x7f0000000200)='asymmetric\x00', &(0x7f00000002c0)=@chain) add_key$user(&(0x7f0000000180), &(0x7f0000000200)={'syz', 0x2}, &(0x7f0000000280)="3618", 0x2, r8) (async) add_key$user(&(0x7f0000000180), &(0x7f0000000200)={'syz', 0x2}, &(0x7f0000000280)="3618", 0x2, r8) keyctl$link(0x8, r2, r8) (async) keyctl$link(0x8, r2, r8) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) (async) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (async) mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r11 = dup(r10) setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000000c0), 0x3) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000004380), 0x1814800, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r9}, 0x2c, {'wfdno', 0x3d, r11}, 0x2c, {[{@version_u}, {@nodevmap}, {@access_any}], [], 0x6b}}) (async) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000004380), 0x1814800, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r9}, 0x2c, {'wfdno', 0x3d, r11}, 0x2c, {[{@version_u}, {@nodevmap}, {@access_any}], [], 0x6b}}) 7m25.105900963s ago: executing program 3 (id=69524): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000000500), 0x0, 0x4) r5 = socket$igmp(0x2, 0x3, 0x2) sendmsg$inet(r5, &(0x7f00000002c0)={&(0x7f00000000c0)={0x2, 0x4e24, @multicast1}, 0x10, &(0x7f0000000200)=[{&(0x7f0000000100)="0f024a3bb690944e3de505d3fced17aab3fc6219c223664b375536c43567b24217e7515b6bcc37c8ebc93e44706d388af11f89fff5df3f3c79372812dc95f7b1ca96c12eed232568f7f9b84cdbd6ababb6ca215ace17674ec1a8a30fc08a9a897aea8220c07207c0e46eaa8c6bdd844de199c51e5083a17f977bed486827cba2971472aa5a2ccac93df1be76a576f791f9778e8342e35eea79baa2da394b8f0ae40682d3742748724a2d0d37a2c0b553f44ba8f211424765f8fc7ed0f78991b14b279f736883abe88d1ea836732a28bea1b3f719361b672e68a1839eedc67915707fcede", 0xe4}, {&(0x7f0000000a00)="d32d1ff9f777ae43ce49e7fb007481ba0ae03746e42fb027fc5eba0830195cc090902bc045f8ed20c7221d5adbc09e3da42bfb0c47dcc092fd386c9cc57c90f3f46002ebdf53851936f6d2716ddd2d2e613e6417cf42cda2d759b5f7778c5900e66d878cdba4173f5036ccea7a45a1521bf747ad7825dbd8c173711371fbbbbbab538c1f501cf94e48ff45c6bb4afea15fe550ab5e0cf1b5ad2cd269c7f9d221fee08c79dcb093f45880b1aca23372c2722bf9f9f81a75ed18379781769e51c3724ea0e364ebb5e0c6ff26b479b2847a092f21e46b704a253cde2080e119c5f77034e37df227c03d8504967606cbf8d41f827dbd21dcae93aca49ffc8e79e4d8787e6585cbbca0c4291cebc504b9a5b08a42cea31a4807a363bcf6a9bf573c99ec42a9c9963a368c7bb2b38fc4e589432c68b771be29087747ea1045d46d8965389afc6bf09beda8dba38329be15a4455a6a5a8180eaa555d2f569f9447b4d9fa0937b927486d98bf877d3f926664031262bc68ed8f434fc4e528108a10adaef9000fd1baa663d868bbdd68ad6956207f200895054b8ce3c652f50a0328881c78d2824941bcc447ca7cdb5d15ea7380f9b35099e5572a745bfee42df9ac659daba6ce446d4cec521a4e259f1508e069f851bf1b0a3ee863e5bb1814674ecba455f77d9ad5048f49807d6a33ed065bb448fec212ce51af363d5997641d03295c1111041f36398d4408c2332233f72d8ce51332140bf174caba82f9fbe3a2c0217fbb7500546dafd5b97ae64e9bb029fa191e8c079c01fcbe7d8a25126f7479071d04b11ede4e951c718fbe2297cefd5b7ced91e9b59b61402185b7262fc6d8577727963", 0x263}], 0x2, &(0x7f0000000040)=[@ip_retopts={{0x30, 0x0, 0x7, {[@timestamp_prespec={0x44, 0x1c, 0x66, 0x3, 0x9, [{@local, 0x1}, {@multicast2, 0xdcd}, {@local, 0x57}]}, @ra={0x94, 0x4, 0x1}]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x38}, @dev={0xac, 0x14, 0x14, 0x2b}}}}], 0x50}, 0x0) 7m25.097773514s ago: executing program 3 (id=69525): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x24000]}}, 0x0, 0x8, &(0x7f0000000300)) socket$inet6_tcp(0xa, 0x1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r0, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') r1 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r1, &(0x7f0000005800)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) mkdir(&(0x7f0000000400)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000000)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@xino_on}]}) 7m25.024508261s ago: executing program 3 (id=69528): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32=0xffffffffffffffff, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x80e02, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f0000000380)=ANY=[@ANYBLOB="0100000000000000b5000040"]) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r6, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r7 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r7, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r8 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r8, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r9 = socket$inet6_tcp(0xa, 0x1, 0x0) r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r10, &(0x7f0000000040)=ANY=[@ANYRES32, @ANYRESOCT=r0, @ANYRES8=r10, @ANYRES32=r2], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r10, 0x0) ioctl$KVM_X86_SETUP_MCE(r10, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r9, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) modify_ldt$write(0x1, &(0x7f0000000080)={0x5596c369, 0x0, 0x4000, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1}, 0x10) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2000000022, &(0x7f0000000480)={0x77359400}) r11 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "5d9bc136c963254c661fb620148b6f72ca6ae2a44829bfa79ec13499f8ec9077d85d879711d98bb1687ad36dfe5f14a7b0ce15c1e6be0e7ecabfdfde0dfa00b1"}, 0x48, 0xffffffffffffffff) keyctl$unlink(0x9, r11, 0x0) 7m24.965022887s ago: executing program 3 (id=69533): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32=0xffffffffffffffff, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x80e02, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f0000000380)=ANY=[@ANYBLOB="0100000000000000b5000040"]) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r6, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r7 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r7, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r8 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r8, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r9 = socket$inet6_tcp(0xa, 0x1, 0x0) r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r10, &(0x7f0000000040)=ANY=[@ANYRES32, @ANYRESOCT=r0, @ANYRES8=r10, @ANYRES32=r2], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r10, 0x0) ioctl$KVM_X86_SETUP_MCE(r10, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r9, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) modify_ldt$write(0x1, &(0x7f0000000080)={0x5596c369, 0x0, 0x4000, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1}, 0x10) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2000000022, &(0x7f0000000480)={0x77359400}) add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "5d9bc136c963254c661fb620148b6f72ca6ae2a44829bfa79ec13499f8ec9077d85d879711d98bb1687ad36dfe5f14a7b0ce15c1e6be0e7ecabfdfde0dfa00b1"}, 0x48, 0xffffffffffffffff) add_key(&(0x7f00000000c0)='logon\x00', &(0x7f0000000100)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffc) 7m24.869582097s ago: executing program 3 (id=69537): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4018}, 0x0) 7m24.824315192s ago: executing program 3 (id=69538): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) socket$inet6_tcp(0xa, 0x1, 0x0) (async) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) (async) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x31, 0x0}}], 0x1, 0x4) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) dup(r4) (async) r5 = dup(r4) mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000004380), 0x1814800, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@access_user}, {@debug={'debug', 0x3d, 0x7fffffff}}, {@cachetag}], [], 0x6b}}) (async) mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000004380), 0x1814800, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@access_user}, {@debug={'debug', 0x3d, 0x7fffffff}}, {@cachetag}], [], 0x6b}}) 7m9.828298184s ago: executing program 33 (id=69538): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) socket$inet6_tcp(0xa, 0x1, 0x0) (async) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) (async) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x31, 0x0}}], 0x1, 0x4) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) dup(r4) (async) r5 = dup(r4) mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000004380), 0x1814800, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@access_user}, {@debug={'debug', 0x3d, 0x7fffffff}}, {@cachetag}], [], 0x6b}}) (async) mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000004380), 0x1814800, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@access_user}, {@debug={'debug', 0x3d, 0x7fffffff}}, {@cachetag}], [], 0x6b}}) 1.230837487s ago: executing program 1 (id=84553): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r5, 0x0, 0x0, 0x24040014, 0x0, 0x0) 876.444912ms ago: executing program 1 (id=84577): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r5, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mount$9p_fd(0x0, 0x0, 0x0, 0x1a14800, 0x0) 850.028235ms ago: executing program 1 (id=84579): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040)=0x2000) 809.251209ms ago: executing program 1 (id=84581): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00), 0x0, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r4, 0x5) close_range(r4, 0xffffffffffffffff, 0x0) 808.403219ms ago: executing program 1 (id=84583): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r0, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r0, @ANYRES64], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r1, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$sock_int(r2, 0x1, 0x3c, &(0x7f0000000000)=0x10000, 0x4) 677.598292ms ago: executing program 0 (id=84586): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r5, 0x0, 0x0, 0x24040014, 0x0, 0x0) 630.237927ms ago: executing program 0 (id=84587): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00), 0x0, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r5, 0x5) close_range(r5, 0xffffffffffffffff, 0x0) 629.535917ms ago: executing program 0 (id=84588): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r4, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @loopback}, 0x58) ioctl$int_in(r4, 0x5452, 0x0) listen(r4, 0x5) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r5, 0x0, 0x0, 0x24040014, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @empty}, 0x1c) close_range(r4, 0xffffffffffffffff, 0x0) 604.35586ms ago: executing program 0 (id=84589): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) r4 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_opts(r4, 0x0, 0x4, 0x0, 0x0) 555.986714ms ago: executing program 0 (id=84591): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040)=0x2000) 555.625724ms ago: executing program 0 (id=84592): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) socket$inet6_tcp(0xa, 0x1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r1, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r4, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @loopback}, 0x58) ioctl$int_in(r4, 0x5452, &(0x7f0000000080)=0x10000) listen(r4, 0x5) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r5, 0x0, 0x0, 0x24040014, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @empty}, 0x1c) close_range(r4, 0xffffffffffffffff, 0x0) 259.754034ms ago: executing program 5 (id=84598): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_opts(r5, 0x0, 0x4, 0x0, 0x0) 240.736736ms ago: executing program 5 (id=84600): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) r4 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_opts(r4, 0x0, 0x4, 0x0, 0x0) 218.529368ms ago: executing program 5 (id=84601): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, 0x0, 0x0, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r5, 0x5) close_range(r5, 0xffffffffffffffff, 0x0) 207.275949ms ago: executing program 5 (id=84603): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003780)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) userfaultfd(0x40800) 181.172992ms ago: executing program 5 (id=84604): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) socket$inet6_tcp(0xa, 0x1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r0, &(0x7f0000000340)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r0, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') r1 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r1, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_opts(r3, 0x0, 0x4, &(0x7f0000000000)="890803", 0x3) 180.322772ms ago: executing program 5 (id=84606): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$inet6_int(r2, 0x29, 0x4e, 0x0, &(0x7f0000000040)) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f00000000c0)={0xc, 0x0, 0x6}) r4 = syz_open_dev$usbfs(&(0x7f0000000080), 0x3a2b, 0x34bf01) ioctl$USBDEVFS_RESETEP(r4, 0x80045503, &(0x7f00000001c0)={0xd, 0x1}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40094) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r5, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000880)='./binderfs/binder1\x00', 0x800, 0x0) ioctl$BINDER_SET_MAX_THREADS(r6, 0x40046205, &(0x7f0000000000)=0x2) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r7 = socket$inet6_tcp(0xa, 0x1, 0x0) r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r8, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r8, @ANYRES64=r7], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r8, 0x0) ioctl$KVM_X86_SETUP_MCE(r8, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r7, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) unshare(0x0) ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000300)={0xc, 0x0, &(0x7f00000008c0)=[@enter_looper, @release={0x40046306, 0x1}], 0x4, 0x0, &(0x7f0000000040)="1f4e6086"}) 136.163336ms ago: executing program 4 (id=84607): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r3, 0x0, 0x0, 0x805, 0x0, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r6, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r6, @ANYRES64=r5], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r6, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(r6, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r5, &(0x7f0000000080)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syslog(0x2, 0x0, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r4, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) sendmmsg$inet6(r4, &(0x7f00000075c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40804) bind$inet(r2, 0x0, 0x0) 78.780752ms ago: executing program 1 (id=84608): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) r4 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_opts(r4, 0x0, 0x4, 0x0, 0x0) 78.251812ms ago: executing program 4 (id=84609): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) r4 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_opts(r4, 0x0, 0x4, &(0x7f0000000000)="890803", 0x3) 77.828332ms ago: executing program 4 (id=84610): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) socket$inet6_tcp(0xa, 0x1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r0, 0x0, 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r1, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r4, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @loopback}, 0x58) listen(r4, 0x5) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r5, 0x0, 0x0, 0x24040014, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @empty}, 0x1c) 49.807395ms ago: executing program 4 (id=84611): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003780)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) userfaultfd(0x40800) 962.65µs ago: executing program 4 (id=84612): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) sendmmsg$inet6(r3, &(0x7f00000075c0)=[{{&(0x7f00000000c0)={0xa, 0x4e21, 0x54ce, @empty, 0x7}, 0x1c, 0x0, 0x0, &(0x7f00000077c0)=[@dstopts={{0x30, 0x29, 0x37, {0x2c, 0x2, '\x00', [@hao={0xc9, 0x10, @ipv4={'\x00', '\xff\xff', @remote}}]}}}], 0x30}}], 0x1, 0x40804) 0s ago: executing program 4 (id=84613): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mkdir(&(0x7f00000000c0)='./bus\x00', 0x0) mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0) chdir(&(0x7f00000001c0)='./bus\x00') rmdir(&(0x7f0000000100)='./bus\x00') r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000940)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40086315, {0x1, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0}) kernel console output (not intermixed with test programs): dge_slave_0: left promiscuous mode [ 2667.077453][T24743] bridge0: port 1(bridge_slave_0) entered disabled state [ 2667.205359][ T2182] bridge0: port 1(bridge_slave_0) entered blocking state [ 2667.212603][ T2182] bridge0: port 1(bridge_slave_0) entered disabled state [ 2667.220258][ T2182] bridge_slave_0: entered allmulticast mode [ 2667.226788][ T2182] bridge_slave_0: entered promiscuous mode [ 2667.234498][T24743] veth1_macvtap: left promiscuous mode [ 2667.240186][T24743] veth0_vlan: left promiscuous mode [ 2667.298534][ T2182] bridge0: port 2(bridge_slave_1) entered blocking state [ 2667.305675][ T2182] bridge0: port 2(bridge_slave_1) entered disabled state [ 2667.317397][ T2182] bridge_slave_1: entered allmulticast mode [ 2667.323920][ T2182] bridge_slave_1: entered promiscuous mode [ 2667.403226][ T2182] bridge0: port 2(bridge_slave_1) entered blocking state [ 2667.410299][ T2182] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2667.417619][ T2182] bridge0: port 1(bridge_slave_0) entered blocking state [ 2667.424676][ T2182] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2667.450220][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 2667.458354][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 2667.475625][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 2667.482701][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2667.490320][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 2667.497488][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2667.524954][ T2182] veth0_vlan: entered promiscuous mode [ 2667.538379][ T2182] veth1_macvtap: entered promiscuous mode [ 2668.720542][ T2299] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 2668.749506][ T2299] overlayfs: option "index=on" is useless in a non-upper mount, ignore [ 2668.781763][ T2299] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 2668.878673][ T2313] netlink: 76 bytes leftover after parsing attributes in process `syz.5.76588'. [ 2668.952315][ T2321] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 2668.981723][ T2321] overlayfs: option "index=on" is useless in a non-upper mount, ignore [ 2668.990014][ T2321] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 2669.395793][ T2345] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 2669.421658][ T2345] overlayfs: option "index=on" is useless in a non-upper mount, ignore [ 2669.445728][ T2345] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 2669.689547][ T2357] netlink: 76 bytes leftover after parsing attributes in process `syz.1.76610'. [ 2669.872608][ T2367] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 2669.901654][ T2367] overlayfs: option "index=on" is useless in a non-upper mount, ignore [ 2669.924256][ T2367] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 2670.019039][ T2380] netlink: 76 bytes leftover after parsing attributes in process `syz.4.76620'. [ 2670.807008][ T2452] netlink: 76 bytes leftover after parsing attributes in process `syz.1.76654'. [ 2670.993866][ T2473] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 2671.023785][ T2473] overlayfs: option "index=on" is useless in a non-upper mount, ignore [ 2671.051178][ T2473] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 2671.236309][ T2488] netlink: 76 bytes leftover after parsing attributes in process `syz.1.76674'. [ 2671.266347][ T2490] netlink: 76 bytes leftover after parsing attributes in process `syz.5.76672'. [ 2671.291867][ T2493] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 2671.299831][ T2494] netlink: 76 bytes leftover after parsing attributes in process `syz.1.76676'. [ 2671.300653][ T2493] overlayfs: option "index=on" is useless in a non-upper mount, ignore [ 2671.318178][ T2493] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 2671.369782][ T2500] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 2671.398796][ T2500] overlayfs: option "index=on" is useless in a non-upper mount, ignore [ 2671.431590][ T2500] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 2671.488860][ T2516] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 2671.517960][ T2516] overlayfs: option "index=on" is useless in a non-upper mount, ignore [ 2671.541560][ T2516] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 2671.896095][ T2536] bridge0: port 1(bridge_slave_0) entered blocking state [ 2671.903601][ T2536] bridge0: port 1(bridge_slave_0) entered disabled state [ 2671.910751][ T2536] bridge_slave_0: entered allmulticast mode [ 2671.917287][ T2536] bridge_slave_0: entered promiscuous mode [ 2671.924381][ T2536] bridge0: port 2(bridge_slave_1) entered blocking state [ 2671.931623][ T2536] bridge0: port 2(bridge_slave_1) entered disabled state [ 2671.938768][ T2536] bridge_slave_1: entered allmulticast mode [ 2671.945456][ T2536] bridge_slave_1: entered promiscuous mode [ 2672.011653][ T2536] bridge0: port 2(bridge_slave_1) entered blocking state [ 2672.018825][ T2536] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2672.026137][ T2536] bridge0: port 1(bridge_slave_0) entered blocking state [ 2672.033179][ T2536] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2672.058668][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 2672.066604][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 2672.081680][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 2672.088758][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2672.097308][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 2672.104374][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2672.323342][ T46] bridge_slave_1: left allmulticast mode [ 2672.337629][ T46] bridge_slave_1: left promiscuous mode [ 2672.345086][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 2672.353965][ T46] bridge_slave_0: left allmulticast mode [ 2672.359691][ T46] bridge_slave_0: left promiscuous mode [ 2672.369845][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 2672.423027][ T2557] netlink: 76 bytes leftover after parsing attributes in process `syz.0.76703'. [ 2672.450949][ T2536] veth0_vlan: entered promiscuous mode [ 2672.478754][ T2536] veth1_macvtap: entered promiscuous mode [ 2672.496243][ T46] veth1_macvtap: left promiscuous mode [ 2672.504172][ T46] veth0_vlan: left promiscuous mode [ 2672.511831][ T2565] netlink: 76 bytes leftover after parsing attributes in process `syz.5.76707'. [ 2672.751988][ T2583] netlink: 76 bytes leftover after parsing attributes in process `syz.4.76716'. [ 2672.876256][ T2591] netlink: 76 bytes leftover after parsing attributes in process `syz.1.76719'. [ 2673.133828][ T2601] netlink: 24 bytes leftover after parsing attributes in process `syz.5.76724'. [ 2673.145494][ T2601] 9pnet_fd: Insufficient options for proto=fd [ 2673.199397][ T2607] veth0_to_team: mtu greater than device maximum [ 2673.286914][ T2613] FAULT_INJECTION: forcing a failure. [ 2673.286914][ T2613] name failslab, interval 1, probability 0, space 0, times 0 [ 2673.299708][ T2613] CPU: 1 UID: 0 PID: 2613 Comm: syz.5.76730 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2673.299741][ T2613] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2673.299753][ T2613] Call Trace: [ 2673.299759][ T2613] [ 2673.299767][ T2613] __dump_stack+0x21/0x30 [ 2673.299798][ T2613] dump_stack_lvl+0x10c/0x190 [ 2673.299821][ T2613] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2673.299852][ T2613] ? proc_fail_nth_write+0x17e/0x210 [ 2673.299876][ T2613] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 2673.299900][ T2613] dump_stack+0x19/0x20 [ 2673.299922][ T2613] should_fail_ex+0x3d9/0x530 [ 2673.299942][ T2613] should_failslab+0xac/0x100 [ 2673.299963][ T2613] kmem_cache_alloc_noprof+0x42/0x430 [ 2673.299981][ T2613] ? getname_flags+0xc6/0x710 [ 2673.300001][ T2613] getname_flags+0xc6/0x710 [ 2673.300018][ T2613] ? __fget_files+0x2c5/0x340 [ 2673.300038][ T2613] user_path_at+0x2b/0x60 [ 2673.300059][ T2613] __se_sys_mount+0x288/0x480 [ 2673.300077][ T2613] ? ksys_write+0x1ef/0x250 [ 2673.300100][ T2613] ? __x64_sys_mount+0xf0/0xf0 [ 2673.300118][ T2613] __x64_sys_mount+0xc3/0xf0 [ 2673.300135][ T2613] x64_sys_call+0x2021/0x2ee0 [ 2673.300161][ T2613] do_syscall_64+0x58/0xf0 [ 2673.300185][ T2613] ? clear_bhb_loop+0x50/0xa0 [ 2673.300205][ T2613] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2673.300224][ T2613] RIP: 0033:0x7ff57eb8f6c9 [ 2673.300241][ T2613] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2673.300257][ T2613] RSP: 002b:00007ff57f9ef038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 2673.300277][ T2613] RAX: ffffffffffffffda RBX: 00007ff57ede5fa0 RCX: 00007ff57eb8f6c9 [ 2673.300291][ T2613] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000000 [ 2673.300303][ T2613] RBP: 00007ff57f9ef090 R08: 0000000000000000 R09: 0000000000000000 [ 2673.300315][ T2613] R10: 0000000001a14800 R11: 0000000000000246 R12: 0000000000000001 [ 2673.300329][ T2613] R13: 00007ff57ede6038 R14: 00007ff57ede5fa0 R15: 00007ffefee5a1f8 [ 2673.300344][ T2613] [ 2673.582359][ T2625] veth0_to_team: mtu greater than device maximum [ 2673.781900][ T2633] x_tables: duplicate entry at hook 1 [ 2673.821590][ T2636] FAULT_INJECTION: forcing a failure. [ 2673.821590][ T2636] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2673.851420][ T2636] CPU: 0 UID: 0 PID: 2636 Comm: syz.4.76742 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2673.851450][ T2636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2673.851461][ T2636] Call Trace: [ 2673.851467][ T2636] [ 2673.851473][ T2636] __dump_stack+0x21/0x30 [ 2673.851500][ T2636] dump_stack_lvl+0x10c/0x190 [ 2673.851517][ T2636] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2673.851536][ T2636] ? check_stack_object+0x107/0x140 [ 2673.851553][ T2636] dump_stack+0x19/0x20 [ 2673.851574][ T2636] should_fail_ex+0x3d9/0x530 [ 2673.851591][ T2636] should_fail+0xf/0x20 [ 2673.851601][ T2636] should_fail_usercopy+0x1e/0x30 [ 2673.851612][ T2636] _copy_from_user+0x22/0xb0 [ 2673.851625][ T2636] copy_clone_args_from_user+0x1ec/0x6a0 [ 2673.851639][ T2636] ? __delayed_free_task+0x40/0x40 [ 2673.851651][ T2636] ? proc_fail_nth_write+0x17e/0x210 [ 2673.851665][ T2636] ? bpf_lsm_file_permission+0xd/0x20 [ 2673.851679][ T2636] __se_sys_clone3+0xf2/0x2d0 [ 2673.851691][ T2636] ? __x64_sys_clone3+0x80/0x80 [ 2673.851703][ T2636] ? __kasan_check_write+0x18/0x20 [ 2673.851718][ T2636] ? fput+0x1a5/0x240 [ 2673.851731][ T2636] ? __kasan_check_read+0x15/0x20 [ 2673.851744][ T2636] __x64_sys_clone3+0x5f/0x80 [ 2673.851755][ T2636] x64_sys_call+0x28fc/0x2ee0 [ 2673.851768][ T2636] do_syscall_64+0x58/0xf0 [ 2673.851782][ T2636] ? clear_bhb_loop+0x50/0xa0 [ 2673.851793][ T2636] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2673.851804][ T2636] RIP: 0033:0x7f8532f8f6c9 [ 2673.851814][ T2636] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2673.851822][ T2636] RSP: 002b:00007f8533e2ef08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 2673.851835][ T2636] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f8532f8f6c9 [ 2673.851843][ T2636] RDX: 00007f8533e2ef20 RSI: 0000000000000058 RDI: 00007f8533e2ef20 [ 2673.851850][ T2636] RBP: 00007f8533e2f090 R08: 0000000000000000 R09: 0000000000000058 [ 2673.851857][ T2636] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2673.851864][ T2636] R13: 00007f85331e6038 R14: 00007f85331e5fa0 R15: 00007fff26a00e28 [ 2673.851872][ T2636] [ 2674.895158][ T36] audit: type=1400 audit(1763114148.494:3382): avc: denied { read } for pid=2690 comm="syz.4.76769" name="ashmem" dev="devtmpfs" ino=201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 2674.917929][ T36] audit: type=1400 audit(1763114148.494:3383): avc: denied { open } for pid=2690 comm="syz.4.76769" path="/dev/ashmem" dev="devtmpfs" ino=201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 2674.973326][ T2701] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 2674.982183][ T2701] overlayfs: option "index=on" is useless in a non-upper mount, ignore [ 2674.990522][ T2701] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 2675.059393][ T2709] netlink: 76 bytes leftover after parsing attributes in process `syz.5.76778'. [ 2675.209361][ T2727] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 2675.218166][ T2727] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 2675.349274][ T2741] 9pnet_fd: Insufficient options for proto=fd [ 2675.447326][ T2759] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 2675.456108][ T2759] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 2676.000530][ T2779] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 2676.009338][ T2779] overlayfs: option "index=on" is useless in a non-upper mount, ignore [ 2676.017958][ T2779] overlayfs: missing 'lowerdir' [ 2677.200774][ T2811] x_tables: duplicate entry at hook 1 [ 2677.501503][ T2815] FAULT_INJECTION: forcing a failure. [ 2677.501503][ T2815] name failslab, interval 1, probability 0, space 0, times 0 [ 2677.546350][ T2815] CPU: 0 UID: 0 PID: 2815 Comm: syz.4.76833 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2677.546381][ T2815] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2677.546393][ T2815] Call Trace: [ 2677.546413][ T2815] [ 2677.546420][ T2815] __dump_stack+0x21/0x30 [ 2677.546455][ T2815] dump_stack_lvl+0x10c/0x190 [ 2677.546478][ T2815] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2677.546503][ T2815] dump_stack+0x19/0x20 [ 2677.546524][ T2815] should_fail_ex+0x3d9/0x530 [ 2677.546545][ T2815] should_failslab+0xac/0x100 [ 2677.546567][ T2815] __kmalloc_cache_noprof+0x41/0x490 [ 2677.546584][ T2815] ? madvise_collapse+0x198/0xb10 [ 2677.546680][ T2815] madvise_collapse+0x198/0xb10 [ 2677.546700][ T2815] ? selinux_file_open+0x457/0x610 [ 2677.546722][ T2815] ? __cfi_selinux_file_open+0x10/0x10 [ 2677.546745][ T2815] madvise_vma_behavior+0x694/0x2d40 [ 2677.546770][ T2815] ? __cfi_madvise_vma_behavior+0x10/0x10 [ 2677.546794][ T2815] ? is_bpf_text_address+0x17b/0x1a0 [ 2677.546815][ T2815] ? kernel_text_address+0xa9/0xe0 [ 2677.546838][ T2815] ? __kernel_text_address+0x11/0x40 [ 2677.546859][ T2815] ? unwind_get_return_address+0x51/0x90 [ 2677.546880][ T2815] ? __cfi_stack_trace_consume_entry+0x10/0x10 [ 2677.546908][ T2815] ? arch_stack_walk+0x10b/0x170 [ 2677.546926][ T2815] ? _parse_integer_limit+0x195/0x1e0 [ 2677.546953][ T2815] ? mtree_range_walk+0x573/0x730 [ 2677.546974][ T2815] ? mas_prev_slot+0xab4/0xb60 [ 2677.546992][ T2815] ? mas_prev+0x5f/0xa0 [ 2677.547008][ T2815] ? find_vma_prev+0xfd/0x170 [ 2677.547025][ T2815] ? __cfi_find_vma_prev+0x10/0x10 [ 2677.547043][ T2815] ? __kasan_check_write+0x18/0x20 [ 2677.547068][ T2815] ? rwsem_read_trylock+0x2b1/0x660 [ 2677.547165][ T2815] ? downgrade_write+0x440/0x440 [ 2677.547187][ T2815] ? bpf_lsm_file_permission+0xd/0x20 [ 2677.547211][ T2815] madvise_walk_vmas+0x3ec/0x700 [ 2677.547235][ T2815] ? __cfi_madvise_vma_behavior+0x10/0x10 [ 2677.547258][ T2815] ? down_read+0x79/0xe0 [ 2677.547275][ T2815] ? madvise_set_anon_name+0x610/0x610 [ 2677.547297][ T2815] ? __asan_memset+0x39/0x50 [ 2677.547310][ T2815] ? blk_start_plug+0x72/0x1c0 [ 2677.547381][ T2815] do_madvise+0x5c0/0xb70 [ 2677.547409][ T2815] ? __cfi_do_madvise+0x10/0x10 [ 2677.547428][ T2815] ? ksys_write+0x1ef/0x250 [ 2677.547442][ T2815] ? __cfi_ksys_write+0x10/0x10 [ 2677.547456][ T2815] __x64_sys_madvise+0xae/0xc0 [ 2677.547476][ T2815] x64_sys_call+0x20c3/0x2ee0 [ 2677.547496][ T2815] do_syscall_64+0x58/0xf0 [ 2677.547514][ T2815] ? clear_bhb_loop+0x50/0xa0 [ 2677.547531][ T2815] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2677.547546][ T2815] RIP: 0033:0x7f8532f8f6c9 [ 2677.547560][ T2815] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2677.547573][ T2815] RSP: 002b:00007f8533e2f038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 2677.547590][ T2815] RAX: ffffffffffffffda RBX: 00007f85331e5fa0 RCX: 00007f8532f8f6c9 [ 2677.547602][ T2815] RDX: 0000000000000019 RSI: 0000000000600722 RDI: 0000200000000000 [ 2677.547612][ T2815] RBP: 00007f8533e2f090 R08: 0000000000000000 R09: 0000000000000000 [ 2677.547621][ T2815] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2677.547630][ T2815] R13: 00007f85331e6038 R14: 00007f85331e5fa0 R15: 00007fff26a00e28 [ 2677.547643][ T2815] [ 2678.627693][ T2873] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 2678.661161][ T2873] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 2679.151466][ T2906] FAULT_INJECTION: forcing a failure. [ 2679.151466][ T2906] name failslab, interval 1, probability 0, space 0, times 0 [ 2679.164200][ T2906] CPU: 1 UID: 0 PID: 2906 Comm: syz.5.76874 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2679.164233][ T2906] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2679.164244][ T2906] Call Trace: [ 2679.164251][ T2906] [ 2679.164259][ T2906] __dump_stack+0x21/0x30 [ 2679.164288][ T2906] dump_stack_lvl+0x10c/0x190 [ 2679.164312][ T2906] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2679.164337][ T2906] dump_stack+0x19/0x20 [ 2679.164359][ T2906] should_fail_ex+0x3d9/0x530 [ 2679.164379][ T2906] should_failslab+0xac/0x100 [ 2679.164401][ T2906] __kmalloc_cache_noprof+0x41/0x490 [ 2679.164420][ T2906] ? madvise_collapse+0x198/0xb10 [ 2679.164444][ T2906] madvise_collapse+0x198/0xb10 [ 2679.164465][ T2906] ? selinux_file_open+0x457/0x610 [ 2679.164488][ T2906] ? __cfi_selinux_file_open+0x10/0x10 [ 2679.164511][ T2906] madvise_vma_behavior+0x694/0x2d40 [ 2679.164538][ T2906] ? __cfi_madvise_vma_behavior+0x10/0x10 [ 2679.164564][ T2906] ? is_bpf_text_address+0x17b/0x1a0 [ 2679.164586][ T2906] ? kernel_text_address+0xa9/0xe0 [ 2679.164608][ T2906] ? __kernel_text_address+0x11/0x40 [ 2679.164630][ T2906] ? unwind_get_return_address+0x51/0x90 [ 2679.164652][ T2906] ? __cfi_stack_trace_consume_entry+0x10/0x10 [ 2679.164679][ T2906] ? arch_stack_walk+0x10b/0x170 [ 2679.164706][ T2906] ? _parse_integer_limit+0x195/0x1e0 [ 2679.164733][ T2906] ? mtree_range_walk+0x573/0x730 [ 2679.164754][ T2906] ? mas_prev_slot+0xab4/0xb60 [ 2679.164775][ T2906] ? mas_prev+0x5f/0xa0 [ 2679.164793][ T2906] ? find_vma_prev+0xfd/0x170 [ 2679.164810][ T2906] ? __cfi_find_vma_prev+0x10/0x10 [ 2679.164828][ T2906] ? __kasan_check_write+0x18/0x20 [ 2679.164853][ T2906] ? rwsem_read_trylock+0x2b1/0x660 [ 2679.164877][ T2906] ? downgrade_write+0x440/0x440 [ 2679.164899][ T2906] ? bpf_lsm_file_permission+0xd/0x20 [ 2679.164924][ T2906] madvise_walk_vmas+0x3ec/0x700 [ 2679.164948][ T2906] ? __cfi_madvise_vma_behavior+0x10/0x10 [ 2679.164974][ T2906] ? down_read+0x79/0xe0 [ 2679.164992][ T2906] ? madvise_set_anon_name+0x610/0x610 [ 2679.165017][ T2906] ? __asan_memset+0x39/0x50 [ 2679.165034][ T2906] ? blk_start_plug+0x72/0x1c0 [ 2679.165053][ T2906] do_madvise+0x5c0/0xb70 [ 2679.165077][ T2906] ? __cfi_do_madvise+0x10/0x10 [ 2679.165102][ T2906] ? ksys_write+0x1ef/0x250 [ 2679.165119][ T2906] ? __cfi_ksys_write+0x10/0x10 [ 2679.165138][ T2906] __x64_sys_madvise+0xae/0xc0 [ 2679.165163][ T2906] x64_sys_call+0x20c3/0x2ee0 [ 2679.165189][ T2906] do_syscall_64+0x58/0xf0 [ 2679.165211][ T2906] ? clear_bhb_loop+0x50/0xa0 [ 2679.165233][ T2906] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2679.165253][ T2906] RIP: 0033:0x7ff57eb8f6c9 [ 2679.165269][ T2906] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2679.165286][ T2906] RSP: 002b:00007ff57f9ef038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 2679.165307][ T2906] RAX: ffffffffffffffda RBX: 00007ff57ede5fa0 RCX: 00007ff57eb8f6c9 [ 2679.165322][ T2906] RDX: 0000000000000019 RSI: 0000000000600722 RDI: 0000200000000000 [ 2679.165335][ T2906] RBP: 00007ff57f9ef090 R08: 0000000000000000 R09: 0000000000000000 [ 2679.165348][ T2906] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2679.165360][ T2906] R13: 00007ff57ede6038 R14: 00007ff57ede5fa0 R15: 00007ffefee5a1f8 [ 2679.165376][ T2906] [ 2679.502772][ T2909] __nla_validate_parse: 2 callbacks suppressed [ 2679.502792][ T2909] netlink: 76 bytes leftover after parsing attributes in process `syz.1.76875'. [ 2679.643545][ T2924] overlayfs: missing 'lowerdir' [ 2679.736521][ T2938] netlink: 76 bytes leftover after parsing attributes in process `syz.5.76890'. [ 2679.760616][ T2942] x_tables: duplicate entry at hook 1 [ 2679.783695][ T2946] overlayfs: missing 'lowerdir' [ 2679.906534][ T2972] overlayfs: option "index=on" is useless in a non-upper mount, ignore [ 2679.934867][ T2972] overlayfs: missing 'lowerdir' [ 2679.963764][ T2983] netlink: 76 bytes leftover after parsing attributes in process `syz.5.76912'. [ 2680.151944][ T3016] FAULT_INJECTION: forcing a failure. [ 2680.151944][ T3016] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2680.165100][ T3016] CPU: 1 UID: 0 PID: 3016 Comm: syz.5.76928 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2680.165131][ T3016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2680.165143][ T3016] Call Trace: [ 2680.165149][ T3016] [ 2680.165157][ T3016] __dump_stack+0x21/0x30 [ 2680.165187][ T3016] dump_stack_lvl+0x10c/0x190 [ 2680.165210][ T3016] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2680.165234][ T3016] ? kstrtoull+0x13b/0x1e0 [ 2680.165252][ T3016] dump_stack+0x19/0x20 [ 2680.165273][ T3016] should_fail_ex+0x3d9/0x530 [ 2680.165293][ T3016] should_fail+0xf/0x20 [ 2680.165310][ T3016] should_fail_usercopy+0x1e/0x30 [ 2680.165329][ T3016] _copy_from_user+0x22/0xb0 [ 2680.165352][ T3016] ___sys_sendmsg+0x159/0x2a0 [ 2680.165380][ T3016] ? __sys_sendmsg+0x280/0x280 [ 2680.165405][ T3016] ? proc_fail_nth_write+0x17e/0x210 [ 2680.165431][ T3016] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 2680.165459][ T3016] __x64_sys_sendmsg+0x1eb/0x2c0 [ 2680.165484][ T3016] ? fput+0x1a5/0x240 [ 2680.165505][ T3016] ? __cfi___x64_sys_sendmsg+0x10/0x10 [ 2680.165531][ T3016] ? ksys_write+0x1ef/0x250 [ 2680.165549][ T3016] ? __kasan_check_read+0x15/0x20 [ 2680.165576][ T3016] x64_sys_call+0x2a4c/0x2ee0 [ 2680.165602][ T3016] do_syscall_64+0x58/0xf0 [ 2680.165625][ T3016] ? clear_bhb_loop+0x50/0xa0 [ 2680.165645][ T3016] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2680.165664][ T3016] RIP: 0033:0x7ff57eb8f6c9 [ 2680.165679][ T3016] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2680.165695][ T3016] RSP: 002b:00007ff57f9ef038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2680.165717][ T3016] RAX: ffffffffffffffda RBX: 00007ff57ede5fa0 RCX: 00007ff57eb8f6c9 [ 2680.165732][ T3016] RDX: 0000000000000000 RSI: 00002000000035c0 RDI: 0000000000000006 [ 2680.165745][ T3016] RBP: 00007ff57f9ef090 R08: 0000000000000000 R09: 0000000000000000 [ 2680.165758][ T3016] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2680.165770][ T3016] R13: 00007ff57ede6038 R14: 00007ff57ede5fa0 R15: 00007ffefee5a1f8 [ 2680.165787][ T3016] [ 2680.395445][ T3026] x_tables: duplicate entry at hook 1 [ 2681.483367][ T3120] netlink: 76 bytes leftover after parsing attributes in process `syz.5.76979'. [ 2681.512307][ T3127] x_tables: duplicate entry at hook 1 [ 2683.185983][ T3220] overlayfs: option "index=on" is useless in a non-upper mount, ignore [ 2683.194299][ T3220] overlayfs: missing 'lowerdir' [ 2683.296468][ T3242] x_tables: duplicate entry at hook 1 [ 2683.530433][ T3279] FAULT_INJECTION: forcing a failure. [ 2683.530433][ T3279] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2683.570919][ T3279] CPU: 0 UID: 0 PID: 3279 Comm: syz.1.77058 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2683.570951][ T3279] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2683.570963][ T3279] Call Trace: [ 2683.570970][ T3279] [ 2683.570978][ T3279] __dump_stack+0x21/0x30 [ 2683.571006][ T3279] dump_stack_lvl+0x10c/0x190 [ 2683.571026][ T3279] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2683.571050][ T3279] ? check_stack_object+0x12c/0x140 [ 2683.571069][ T3279] dump_stack+0x19/0x20 [ 2683.571091][ T3279] should_fail_ex+0x3d9/0x530 [ 2683.571112][ T3279] should_fail+0xf/0x20 [ 2683.571128][ T3279] should_fail_usercopy+0x1e/0x30 [ 2683.571148][ T3279] _copy_to_user+0x24/0xa0 [ 2683.571171][ T3279] simple_read_from_buffer+0xed/0x160 [ 2683.571195][ T3279] proc_fail_nth_read+0x19e/0x210 [ 2683.571218][ T3279] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 2683.571241][ T3279] ? bpf_lsm_file_permission+0xd/0x20 [ 2683.571265][ T3279] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 2683.571288][ T3279] vfs_read+0x27d/0xc70 [ 2683.571305][ T3279] ? __cfi_mutex_unlock+0x10/0x10 [ 2683.571333][ T3279] ? __cfi_vfs_read+0x10/0x10 [ 2683.571349][ T3279] ? __kasan_check_write+0x18/0x20 [ 2683.571375][ T3279] ? mutex_lock+0x92/0x1c0 [ 2683.571391][ T3279] ? __cfi_mutex_lock+0x10/0x10 [ 2683.571408][ T3279] ? __fget_files+0x2c5/0x340 [ 2683.571429][ T3279] ksys_read+0x141/0x250 [ 2683.571446][ T3279] ? __cfi_ksys_read+0x10/0x10 [ 2683.571464][ T3279] ? __secure_computing+0xef/0x2b0 [ 2683.571482][ T3279] __x64_sys_read+0x7f/0x90 [ 2683.571499][ T3279] x64_sys_call+0x2638/0x2ee0 [ 2683.571523][ T3279] do_syscall_64+0x58/0xf0 [ 2683.571546][ T3279] ? clear_bhb_loop+0x50/0xa0 [ 2683.571567][ T3279] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2683.571586][ T3279] RIP: 0033:0x7f058cd8e0dc [ 2683.571602][ T3279] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 2683.571619][ T3279] RSP: 002b:00007f058dc0c030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 2683.571641][ T3279] RAX: ffffffffffffffda RBX: 00007f058cfe5fa0 RCX: 00007f058cd8e0dc [ 2683.571656][ T3279] RDX: 000000000000000f RSI: 00007f058dc0c0a0 RDI: 0000000000000006 [ 2683.571669][ T3279] RBP: 00007f058dc0c090 R08: 0000000000000000 R09: 0000000000000000 [ 2683.571682][ T3279] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2683.571694][ T3279] R13: 00007f058cfe6038 R14: 00007f058cfe5fa0 R15: 00007fffc8b7c198 [ 2683.571711][ T3279] [ 2683.919925][ T3306] netlink: 76 bytes leftover after parsing attributes in process `syz.0.77073'. [ 2684.020832][ T3333] netlink: 76 bytes leftover after parsing attributes in process `syz.0.77083'. [ 2684.077896][ T3347] FAULT_INJECTION: forcing a failure. [ 2684.077896][ T3347] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2684.085844][ T3348] netlink: 76 bytes leftover after parsing attributes in process `syz.0.77093'. [ 2684.091235][ T3347] CPU: 1 UID: 0 PID: 3347 Comm: syz.5.77092 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2684.091265][ T3347] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2684.091277][ T3347] Call Trace: [ 2684.091283][ T3347] [ 2684.091292][ T3347] __dump_stack+0x21/0x30 [ 2684.091320][ T3347] dump_stack_lvl+0x10c/0x190 [ 2684.091342][ T3347] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2684.091365][ T3347] ? kstrtoull+0x13b/0x1e0 [ 2684.091382][ T3347] dump_stack+0x19/0x20 [ 2684.091403][ T3347] should_fail_ex+0x3d9/0x530 [ 2684.091422][ T3347] should_fail+0xf/0x20 [ 2684.091439][ T3347] should_fail_usercopy+0x1e/0x30 [ 2684.091457][ T3347] _copy_from_user+0x22/0xb0 [ 2684.091479][ T3347] ___sys_sendmsg+0x159/0x2a0 [ 2684.091504][ T3347] ? __sys_sendmsg+0x280/0x280 [ 2684.091528][ T3347] ? proc_fail_nth_write+0x17e/0x210 [ 2684.091551][ T3347] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 2684.091588][ T3347] __x64_sys_sendmsg+0x1eb/0x2c0 [ 2684.091612][ T3347] ? fput+0x1a5/0x240 [ 2684.091632][ T3347] ? __cfi___x64_sys_sendmsg+0x10/0x10 [ 2684.091656][ T3347] ? ksys_write+0x1ef/0x250 [ 2684.091674][ T3347] ? __kasan_check_read+0x15/0x20 [ 2684.091700][ T3347] x64_sys_call+0x2a4c/0x2ee0 [ 2684.091724][ T3347] do_syscall_64+0x58/0xf0 [ 2684.091745][ T3347] ? clear_bhb_loop+0x50/0xa0 [ 2684.091765][ T3347] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2684.091783][ T3347] RIP: 0033:0x7ff57eb8f6c9 [ 2684.091798][ T3347] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2684.091815][ T3347] RSP: 002b:00007ff57f9ef038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2684.091836][ T3347] RAX: ffffffffffffffda RBX: 00007ff57ede5fa0 RCX: 00007ff57eb8f6c9 [ 2684.091851][ T3347] RDX: 0000000000044000 RSI: 00002000000009c0 RDI: 0000000000000008 [ 2684.091864][ T3347] RBP: 00007ff57f9ef090 R08: 0000000000000000 R09: 0000000000000000 [ 2684.091876][ T3347] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2684.091887][ T3347] R13: 00007ff57ede6038 R14: 00007ff57ede5fa0 R15: 00007ffefee5a1f8 [ 2684.091903][ T3347] [ 2684.252395][ T3370] netlink: 76 bytes leftover after parsing attributes in process `syz.5.77105'. [ 2684.595312][ T3422] netlink: 76 bytes leftover after parsing attributes in process `syz.0.77131'. [ 2684.731411][ T3439] netlink: 76 bytes leftover after parsing attributes in process `syz.1.77139'. [ 2684.889801][ T3456] netlink: 76 bytes leftover after parsing attributes in process `syz.0.77147'. [ 2685.735922][ T3544] x_tables: duplicate entry at hook 1 [ 2686.141359][ T3588] x_tables: duplicate entry at hook 1 [ 2686.401291][ T3608] x_tables: duplicate entry at hook 1 [ 2686.853209][ T3676] netlink: 76 bytes leftover after parsing attributes in process `syz.1.77258'. [ 2687.234306][ T3708] netlink: 76 bytes leftover after parsing attributes in process `syz.1.77274'. [ 2687.374077][ T3723] netlink: 76 bytes leftover after parsing attributes in process `syz.1.77280'. [ 2687.644493][ T3744] x_tables: duplicate entry at hook 1 [ 2687.866393][ T3773] netlink: 76 bytes leftover after parsing attributes in process `syz.5.77307'. [ 2687.882766][ T3774] netlink: 76 bytes leftover after parsing attributes in process `syz.4.77306'. [ 2688.382256][ T3818] netlink: 76 bytes leftover after parsing attributes in process `syz.0.77328'. [ 2688.418795][ T3823] netlink: 76 bytes leftover after parsing attributes in process `syz.4.77330'. [ 2690.481626][ T4008] __nla_validate_parse: 4 callbacks suppressed [ 2690.481640][ T4008] netlink: 76 bytes leftover after parsing attributes in process `syz.1.77423'. [ 2690.612818][ T4016] netlink: 76 bytes leftover after parsing attributes in process `syz.1.77427'. [ 2691.354739][ T4036] netlink: 76 bytes leftover after parsing attributes in process `syz.0.77432'. [ 2691.859669][ T4058] netlink: 76 bytes leftover after parsing attributes in process `syz.5.77448'. [ 2692.413760][ T4070] netlink: 76 bytes leftover after parsing attributes in process `syz.5.77455'. [ 2692.454326][ T4074] netlink: 76 bytes leftover after parsing attributes in process `syz.5.77457'. [ 2692.479434][ T4076] netlink: 76 bytes leftover after parsing attributes in process `syz.5.77458'. [ 2692.589476][ T4093] netlink: 76 bytes leftover after parsing attributes in process `syz.5.77466'. [ 2692.740795][ T4104] netlink: 76 bytes leftover after parsing attributes in process `syz.4.77472'. [ 2693.058154][ T4110] netlink: 76 bytes leftover after parsing attributes in process `syz.5.77476'. [ 2694.100439][ T4216] x_tables: duplicate entry at hook 1 [ 2694.331920][ T4236] x_tables: duplicate entry at hook 1 [ 2695.600759][ T4410] __nla_validate_parse: 1 callbacks suppressed [ 2695.600783][ T4410] netlink: 76 bytes leftover after parsing attributes in process `syz.4.77626'. [ 2697.002240][ T4475] netlink: 76 bytes leftover after parsing attributes in process `syz.0.77648'. [ 2698.426927][ T4516] netlink: 76 bytes leftover after parsing attributes in process `syz.5.77678'. [ 2698.823829][ T4534] netlink: 76 bytes leftover after parsing attributes in process `syz.1.77682'. [ 2700.522821][ T4577] netlink: 76 bytes leftover after parsing attributes in process `syz.5.77708'. [ 2700.649412][ T4598] netlink: 76 bytes leftover after parsing attributes in process `syz.5.77719'. [ 2700.958627][ T4640] netlink: 76 bytes leftover after parsing attributes in process `syz.5.77740'. [ 2701.046846][ T4656] netlink: 76 bytes leftover after parsing attributes in process `syz.4.77748'. [ 2702.637633][ T4706] netlink: 76 bytes leftover after parsing attributes in process `syz.5.77773'. [ 2702.710615][ T4714] netlink: 76 bytes leftover after parsing attributes in process `syz.5.77777'. [ 2703.395183][ T4763] netlink: 76 bytes leftover after parsing attributes in process `syz.5.77800'. [ 2703.687867][ T4781] netlink: 76 bytes leftover after parsing attributes in process `syz.1.77810'. [ 2704.097761][ T4832] netlink: 76 bytes leftover after parsing attributes in process `syz.1.77835'. [ 2704.550832][ T4904] netlink: 76 bytes leftover after parsing attributes in process `syz.5.77871'. [ 2704.680562][ T4933] netlink: 68 bytes leftover after parsing attributes in process `syz.5.77885'. [ 2706.063022][ T5021] __nla_validate_parse: 1 callbacks suppressed [ 2706.063044][ T5021] netlink: 68 bytes leftover after parsing attributes in process `syz.0.77929'. [ 2707.357449][ T5085] bridge0: port 1(bridge_slave_0) entered blocking state [ 2707.365304][ T5085] bridge0: port 1(bridge_slave_0) entered disabled state [ 2707.385195][ T5085] bridge_slave_0: entered allmulticast mode [ 2707.399970][ T5085] bridge_slave_0: entered promiscuous mode [ 2707.406650][ T5085] bridge0: port 2(bridge_slave_1) entered blocking state [ 2707.423972][ T5085] bridge0: port 2(bridge_slave_1) entered disabled state [ 2707.439559][ T5085] bridge_slave_1: entered allmulticast mode [ 2707.450139][ T5085] bridge_slave_1: entered promiscuous mode [ 2707.581439][ T5085] bridge0: port 2(bridge_slave_1) entered blocking state [ 2707.588541][ T5085] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2707.595860][ T5085] bridge0: port 1(bridge_slave_0) entered blocking state [ 2707.602930][ T5085] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2707.681430][T24743] bridge0: port 1(bridge_slave_0) entered disabled state [ 2707.689720][T24743] bridge0: port 2(bridge_slave_1) entered disabled state [ 2707.720986][T24743] bridge0: port 1(bridge_slave_0) entered blocking state [ 2707.728057][T24743] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2707.750540][T24743] bridge0: port 2(bridge_slave_1) entered blocking state [ 2707.757723][T24743] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2707.794249][ T5085] veth0_vlan: entered promiscuous mode [ 2707.817644][ T5085] veth1_macvtap: entered promiscuous mode [ 2707.977949][ T5114] netlink: 68 bytes leftover after parsing attributes in process `syz.0.77957'. [ 2708.190291][T24743] bridge_slave_1: left allmulticast mode [ 2708.195995][T24743] bridge_slave_1: left promiscuous mode [ 2708.201984][T24743] bridge0: port 2(bridge_slave_1) entered disabled state [ 2708.221774][T24743] bridge_slave_0: left allmulticast mode [ 2708.227457][T24743] bridge_slave_0: left promiscuous mode [ 2708.242925][T24743] bridge0: port 1(bridge_slave_0) entered disabled state [ 2708.491143][T24743] veth1_macvtap: left promiscuous mode [ 2708.496915][T24743] veth0_vlan: left promiscuous mode [ 2708.595045][ T5146] bridge0: port 1(bridge_slave_0) entered blocking state [ 2708.602165][ T5146] bridge0: port 1(bridge_slave_0) entered disabled state [ 2708.609289][ T5146] bridge_slave_0: entered allmulticast mode [ 2708.615675][ T5146] bridge_slave_0: entered promiscuous mode [ 2708.623921][ T5146] bridge0: port 2(bridge_slave_1) entered blocking state [ 2708.631077][ T5146] bridge0: port 2(bridge_slave_1) entered disabled state [ 2708.638426][ T5146] bridge_slave_1: entered allmulticast mode [ 2708.644990][ T5146] bridge_slave_1: entered promiscuous mode [ 2708.716037][ T5146] bridge0: port 2(bridge_slave_1) entered blocking state [ 2708.723129][ T5146] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2708.730464][ T5146] bridge0: port 1(bridge_slave_0) entered blocking state [ 2708.737507][ T5146] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2708.761544][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 2708.769097][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 2708.788005][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 2708.795098][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2708.803241][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 2708.810312][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2708.834024][ T5146] veth0_vlan: entered promiscuous mode [ 2708.847561][ T5146] veth1_macvtap: entered promiscuous mode [ 2708.947272][ T5167] netlink: 76 bytes leftover after parsing attributes in process `syz.1.77991'. [ 2709.141399][T24743] bridge_slave_1: left allmulticast mode [ 2709.149450][T24743] bridge_slave_1: left promiscuous mode [ 2709.155092][T24743] bridge0: port 2(bridge_slave_1) entered disabled state [ 2709.179971][T24743] bridge_slave_0: left allmulticast mode [ 2709.189573][T24743] bridge_slave_0: left promiscuous mode [ 2709.195222][T24743] bridge0: port 1(bridge_slave_0) entered disabled state [ 2709.510689][T24743] veth1_macvtap: left promiscuous mode [ 2709.516243][T24743] veth0_vlan: left promiscuous mode [ 2709.798225][ T5241] netlink: 76 bytes leftover after parsing attributes in process `syz.4.78028'. [ 2711.111821][ T5411] netlink: 68 bytes leftover after parsing attributes in process `syz.5.78114'. [ 2711.752887][ T5445] netlink: 76 bytes leftover after parsing attributes in process `syz.4.78131'. [ 2715.317543][ T5705] netlink: 68 bytes leftover after parsing attributes in process `syz.5.78262'. [ 2718.526685][ T5889] netlink: 60 bytes leftover after parsing attributes in process `syz.4.78352'. [ 2718.951484][ T5916] netlink: 60 bytes leftover after parsing attributes in process `syz.5.78366'. [ 2719.090928][ T5938] netlink: 68 bytes leftover after parsing attributes in process `syz.1.78376'. [ 2720.599617][ T6051] netlink: 68 bytes leftover after parsing attributes in process `syz.1.78433'. [ 2721.220376][ T6125] netlink: 60 bytes leftover after parsing attributes in process `syz.5.78470'. [ 2744.114693][T24743] bridge_slave_1: left allmulticast mode [ 2744.120621][T24743] bridge_slave_1: left promiscuous mode [ 2744.126248][T24743] bridge0: port 2(bridge_slave_1) entered disabled state [ 2744.134188][T24743] bridge_slave_0: left allmulticast mode [ 2744.140154][T24743] bridge_slave_0: left promiscuous mode [ 2744.145796][T24743] bridge0: port 1(bridge_slave_0) entered disabled state [ 2744.246337][ T7738] bridge0: port 1(bridge_slave_0) entered blocking state [ 2744.253476][ T7738] bridge0: port 1(bridge_slave_0) entered disabled state [ 2744.261226][ T7738] bridge_slave_0: entered allmulticast mode [ 2744.267875][ T7738] bridge_slave_0: entered promiscuous mode [ 2744.274536][ T7738] bridge0: port 2(bridge_slave_1) entered blocking state [ 2744.281887][ T7738] bridge0: port 2(bridge_slave_1) entered disabled state [ 2744.289165][ T7738] bridge_slave_1: entered allmulticast mode [ 2744.295724][ T7738] bridge_slave_1: entered promiscuous mode [ 2744.302859][T24743] veth1_macvtap: left promiscuous mode [ 2744.308558][T24743] veth0_vlan: left promiscuous mode [ 2744.446319][ T7738] bridge0: port 2(bridge_slave_1) entered blocking state [ 2744.453415][ T7738] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2744.460722][ T7738] bridge0: port 1(bridge_slave_0) entered blocking state [ 2744.467785][ T7738] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2744.492928][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 2744.501745][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 2744.511879][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 2744.518962][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2744.541054][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 2744.548144][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2744.569630][ T7738] veth0_vlan: entered promiscuous mode [ 2744.582666][ T7738] veth1_macvtap: entered promiscuous mode [ 2747.236549][ T8045] netlink: 68 bytes leftover after parsing attributes in process `syz.5.79424'. [ 2747.449174][ T8081] netlink: 68 bytes leftover after parsing attributes in process `syz.5.79442'. [ 2748.857549][ T8243] netlink: 68 bytes leftover after parsing attributes in process `syz.4.79523'. [ 2749.754048][ T8337] netlink: 68 bytes leftover after parsing attributes in process `syz.5.79570'. [ 2751.361343][ T8400] netlink: 68 bytes leftover after parsing attributes in process `syz.5.79603'. [ 2751.638632][ T8447] netlink: 68 bytes leftover after parsing attributes in process `syz.5.79625'. [ 2752.868710][ T8511] netlink: 68 bytes leftover after parsing attributes in process `syz.4.79658'. [ 2754.759261][ T13] bridge_slave_1: left allmulticast mode [ 2754.765062][ T13] bridge_slave_1: left promiscuous mode [ 2754.776914][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 2754.803817][ T13] bridge_slave_0: left allmulticast mode [ 2754.818179][ T13] bridge_slave_0: left promiscuous mode [ 2754.840431][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 2754.975585][ T8571] bridge0: port 1(bridge_slave_0) entered blocking state [ 2754.990456][ T8571] bridge0: port 1(bridge_slave_0) entered disabled state [ 2755.009017][ T8571] bridge_slave_0: entered allmulticast mode [ 2755.015375][ T8571] bridge_slave_0: entered promiscuous mode [ 2755.037831][ T13] veth1_macvtap: left promiscuous mode [ 2755.043376][ T13] veth0_vlan: left promiscuous mode [ 2755.177022][ T8571] bridge0: port 2(bridge_slave_1) entered blocking state [ 2755.184088][ T8571] bridge0: port 2(bridge_slave_1) entered disabled state [ 2755.208095][ T8571] bridge_slave_1: entered allmulticast mode [ 2755.214942][ T8571] bridge_slave_1: entered promiscuous mode [ 2755.371797][ T8571] bridge0: port 2(bridge_slave_1) entered blocking state [ 2755.378893][ T8571] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2755.386176][ T8571] bridge0: port 1(bridge_slave_0) entered blocking state [ 2755.393264][ T8571] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2755.503632][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 2755.525522][T24743] bridge0: port 2(bridge_slave_1) entered blocking state [ 2755.532609][T24743] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2755.587211][ T8571] veth0_vlan: entered promiscuous mode [ 2755.610663][ T8571] veth1_macvtap: entered promiscuous mode [ 2756.626993][ T8690] netlink: 68 bytes leftover after parsing attributes in process `syz.1.79742'. [ 2758.437585][ T8836] netlink: 68 bytes leftover after parsing attributes in process `syz.5.79815'. [ 2761.575297][ T8978] netlink: 68 bytes leftover after parsing attributes in process `syz.5.79886'. [ 2762.233486][ T8998] bridge0: port 1(bridge_slave_0) entered blocking state [ 2762.246402][ T8998] bridge0: port 1(bridge_slave_0) entered disabled state [ 2762.266467][ T8998] bridge_slave_0: entered allmulticast mode [ 2762.272822][ T8998] bridge_slave_0: entered promiscuous mode [ 2762.476840][T24743] bridge_slave_1: left allmulticast mode [ 2762.482805][T24743] bridge_slave_1: left promiscuous mode [ 2762.488784][T24743] bridge0: port 2(bridge_slave_1) entered disabled state [ 2762.496713][T24743] bridge_slave_0: left allmulticast mode [ 2762.502811][T24743] bridge_slave_0: left promiscuous mode [ 2762.508762][T24743] bridge0: port 1(bridge_slave_0) entered disabled state [ 2762.582908][ T8998] bridge0: port 2(bridge_slave_1) entered blocking state [ 2762.590116][ T8998] bridge0: port 2(bridge_slave_1) entered disabled state [ 2762.597439][ T8998] bridge_slave_1: entered allmulticast mode [ 2762.603838][ T8998] bridge_slave_1: entered promiscuous mode [ 2762.647833][T24743] veth1_macvtap: left promiscuous mode [ 2762.653512][T24743] veth0_vlan: left promiscuous mode [ 2762.741761][ T8998] bridge0: port 2(bridge_slave_1) entered blocking state [ 2762.748857][ T8998] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2762.756180][ T8998] bridge0: port 1(bridge_slave_0) entered blocking state [ 2762.763271][ T8998] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2762.797702][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 2762.805420][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 2762.824440][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 2762.831555][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2762.840248][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 2762.847328][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2762.875214][ T8998] veth0_vlan: entered promiscuous mode [ 2762.888911][ T8998] veth1_macvtap: entered promiscuous mode [ 2766.456812][ T9317] netlink: 68 bytes leftover after parsing attributes in process `syz.5.80049'. [ 2768.363187][ T36] audit: type=1400 audit(1763114241.969:3384): avc: denied { write } for pid=9412 comm="syz.5.80098" name="raw-gadget" dev="devtmpfs" ino=190 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 2768.393628][ T36] audit: type=1400 audit(1763114241.999:3385): avc: denied { ioctl } for pid=9412 comm="syz.5.80098" path="/dev/raw-gadget" dev="devtmpfs" ino=190 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 2768.626126][T20159] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 2768.776684][T20159] usb 6-1: too many configurations: 72, using maximum allowed: 8 [ 2768.790959][T20159] usb 6-1: New USB device found, idVendor=7de0, idProduct=676e, bcdDevice=77.db [ 2768.800204][T20159] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2768.817366][T20159] usb 6-1: config 0 descriptor?? [ 2768.825222][T20159] usb 6-1: bad CDC descriptors [ 2768.884588][ T9446] netlink: 68 bytes leftover after parsing attributes in process `syz.1.80113'. [ 2769.046819][T20159] usb 6-1: USB disconnect, device number 2 [ 2769.245530][ T9478] netlink: 68 bytes leftover after parsing attributes in process `syz.5.80130'. [ 2770.916689][ T9577] netlink: 68 bytes leftover after parsing attributes in process `syz.1.80179'. [ 2773.113951][ T9683] netlink: 68 bytes leftover after parsing attributes in process `syz.5.80230'. [ 2773.184644][ T9691] FAULT_INJECTION: forcing a failure. [ 2773.184644][ T9691] name failslab, interval 1, probability 0, space 0, times 0 [ 2773.201092][ T9691] CPU: 1 UID: 0 PID: 9691 Comm: syz.5.80235 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2773.201126][ T9691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2773.201152][ T9691] Call Trace: [ 2773.201159][ T9691] [ 2773.201167][ T9691] __dump_stack+0x21/0x30 [ 2773.201209][ T9691] dump_stack_lvl+0x10c/0x190 [ 2773.201232][ T9691] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2773.201256][ T9691] ? __kasan_check_write+0x18/0x20 [ 2773.201282][ T9691] ? proc_fail_nth_write+0x17e/0x210 [ 2773.201306][ T9691] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 2773.201329][ T9691] dump_stack+0x19/0x20 [ 2773.201351][ T9691] should_fail_ex+0x3d9/0x530 [ 2773.201371][ T9691] should_failslab+0xac/0x100 [ 2773.201391][ T9691] kmem_cache_alloc_noprof+0x42/0x430 [ 2773.201409][ T9691] ? getname_flags+0xc6/0x710 [ 2773.201429][ T9691] getname_flags+0xc6/0x710 [ 2773.201447][ T9691] ? build_open_flags+0x487/0x600 [ 2773.201471][ T9691] getname+0x1b/0x30 [ 2773.201487][ T9691] do_sys_openat2+0xcb/0x1c0 [ 2773.201509][ T9691] ? fput+0x1a5/0x240 [ 2773.201530][ T9691] ? do_sys_open+0x100/0x100 [ 2773.201551][ T9691] ? ksys_write+0x1ef/0x250 [ 2773.201568][ T9691] ? __cfi_ksys_write+0x10/0x10 [ 2773.201586][ T9691] __x64_sys_openat+0x13a/0x170 [ 2773.201610][ T9691] x64_sys_call+0xe69/0x2ee0 [ 2773.201635][ T9691] do_syscall_64+0x58/0xf0 [ 2773.201658][ T9691] ? clear_bhb_loop+0x50/0xa0 [ 2773.201679][ T9691] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2773.201698][ T9691] RIP: 0033:0x7fd4ea18df10 [ 2773.201718][ T9691] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 69 95 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 bc 95 02 00 8b 44 [ 2773.201734][ T9691] RSP: 002b:00007fd4eb01bf60 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 2773.201759][ T9691] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fd4ea18df10 [ 2773.201774][ T9691] RDX: 0000000000000000 RSI: 00007fd4ea21207e RDI: 00000000ffffff9c [ 2773.201787][ T9691] RBP: 00007fd4ea21207e R08: 0000000000000000 R09: 0000000000000000 [ 2773.201799][ T9691] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 2773.201813][ T9691] R13: 00007fd4ea3e6038 R14: 00007fd4ea3e5fa0 R15: 00007ffdda089058 [ 2773.201830][ T9691] [ 2773.488213][ T9699] netlink: 68 bytes leftover after parsing attributes in process `syz.5.80240'. [ 2773.568138][ T36] audit: type=1400 audit(1763114247.180:3386): avc: denied { setopt } for pid=9708 comm="syz.1.80236" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 2775.335610][ T9769] netlink: 68 bytes leftover after parsing attributes in process `syz.5.80274'. [ 2775.865667][ T36] audit: type=1400 audit(1763114249.470:3387): avc: denied { bind } for pid=9810 comm="syz.4.80294" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 2779.043601][T10010] netlink: 68 bytes leftover after parsing attributes in process `syz.5.80395'. [ 2779.717008][T10037] netlink: 68 bytes leftover after parsing attributes in process `syz.5.80407'. [ 2781.388308][T10193] netlink: 68 bytes leftover after parsing attributes in process `syz.5.80485'. [ 2781.426852][T10199] FAULT_INJECTION: forcing a failure. [ 2781.426852][T10199] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2781.465348][T10199] CPU: 0 UID: 0 PID: 10199 Comm: syz.1.80489 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2781.465382][T10199] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2781.465393][T10199] Call Trace: [ 2781.465399][T10199] [ 2781.465406][T10199] __dump_stack+0x21/0x30 [ 2781.465436][T10199] dump_stack_lvl+0x10c/0x190 [ 2781.465457][T10199] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2781.465481][T10199] ? kernel_text_address+0xa9/0xe0 [ 2781.465503][T10199] dump_stack+0x19/0x20 [ 2781.465520][T10199] should_fail_ex+0x3d9/0x530 [ 2781.465540][T10199] should_fail+0xf/0x20 [ 2781.465557][T10199] should_fail_usercopy+0x1e/0x30 [ 2781.465575][T10199] _copy_from_user+0x22/0xb0 [ 2781.465597][T10199] ___sys_sendmsg+0x159/0x2a0 [ 2781.465624][T10199] ? __sys_sendmsg+0x280/0x280 [ 2781.465649][T10199] ? kstrtouint+0x78/0xf0 [ 2781.465671][T10199] __sys_sendmmsg+0x271/0x470 [ 2781.465696][T10199] ? __cfi___sys_sendmmsg+0x10/0x10 [ 2781.465724][T10199] ? __cfi_ksys_write+0x10/0x10 [ 2781.465742][T10199] __x64_sys_sendmmsg+0xa4/0xc0 [ 2781.465768][T10199] x64_sys_call+0xfec/0x2ee0 [ 2781.465792][T10199] do_syscall_64+0x58/0xf0 [ 2781.465814][T10199] ? clear_bhb_loop+0x50/0xa0 [ 2781.465833][T10199] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2781.465852][T10199] RIP: 0033:0x7f3cfdf8f6c9 [ 2781.465865][T10199] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2781.465880][T10199] RSP: 002b:00007f3cfeef8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2781.465900][T10199] RAX: ffffffffffffffda RBX: 00007f3cfe1e5fa0 RCX: 00007f3cfdf8f6c9 [ 2781.465914][T10199] RDX: 0000000000000001 RSI: 0000200000003c00 RDI: 0000000000000007 [ 2781.465925][T10199] RBP: 00007f3cfeef8090 R08: 0000000000000000 R09: 0000000000000000 [ 2781.465937][T10199] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2781.465947][T10199] R13: 00007f3cfe1e6038 R14: 00007f3cfe1e5fa0 R15: 00007fff891d7568 [ 2781.465962][T10199] [ 2784.725517][T10539] FAULT_INJECTION: forcing a failure. [ 2784.725517][T10539] name failslab, interval 1, probability 0, space 0, times 0 [ 2784.765178][T10539] CPU: 0 UID: 0 PID: 10539 Comm: syz.4.80659 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2784.765212][T10539] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2784.765224][T10539] Call Trace: [ 2784.765231][T10539] [ 2784.765239][T10539] __dump_stack+0x21/0x30 [ 2784.765275][T10539] dump_stack_lvl+0x10c/0x190 [ 2784.765326][T10539] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2784.765351][T10539] dump_stack+0x19/0x20 [ 2784.765371][T10539] should_fail_ex+0x3d9/0x530 [ 2784.765388][T10539] should_failslab+0xac/0x100 [ 2784.765407][T10539] kmem_cache_alloc_node_noprof+0x45/0x440 [ 2784.765425][T10539] ? dup_task_struct+0xbc/0xc50 [ 2784.765446][T10539] ? kasan_save_alloc_info+0x40/0x50 [ 2784.765469][T10539] ? __kasan_kmalloc+0x96/0xb0 [ 2784.765489][T10539] ? __kmalloc_cache_noprof+0x24c/0x490 [ 2784.765507][T10539] dup_task_struct+0xbc/0xc50 [ 2784.765526][T10539] ? copy_process+0x3220/0x3220 [ 2784.765545][T10539] ? __kasan_check_write+0x18/0x20 [ 2784.765570][T10539] copy_process+0x538/0x3220 [ 2784.765593][T10539] ? kasan_save_alloc_info+0x40/0x50 [ 2784.765618][T10539] ? __cfi_copy_process+0x10/0x10 [ 2784.765639][T10539] ? __kmalloc_cache_noprof+0x24c/0x490 [ 2784.765658][T10539] ? __kasan_check_write+0x18/0x20 [ 2784.765683][T10539] ? __cfi_kvm_nx_huge_page_recovery_worker+0x10/0x10 [ 2784.765705][T10539] vhost_task_create+0x1d6/0x350 [ 2784.765724][T10539] ? __cfi_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10 [ 2784.765746][T10539] ? __cfi_vhost_task_create+0x10/0x10 [ 2784.765765][T10539] ? __cfi_vhost_task_fn+0x10/0x10 [ 2784.765783][T10539] ? __kasan_check_write+0x18/0x20 [ 2784.765807][T10539] ? mutex_lock+0x92/0x1c0 [ 2784.765826][T10539] ? __cfi_mutex_lock+0x10/0x10 [ 2784.765843][T10539] ? kernel_text_address+0xa9/0xe0 [ 2784.765866][T10539] kvm_mmu_post_init_vm+0x156/0x2d0 [ 2784.765891][T10539] kvm_arch_vcpu_ioctl_run+0xd7/0x1aa0 [ 2784.765915][T10539] ? _parse_integer_limit+0x195/0x1e0 [ 2784.765944][T10539] ? __cfi_kvm_arch_vcpu_ioctl_run+0x10/0x10 [ 2784.765966][T10539] ? kstrtoull+0x13b/0x1e0 [ 2784.765983][T10539] ? kstrtouint+0x78/0xf0 [ 2784.766000][T10539] ? ioctl_has_perm+0x1aa/0x4d0 [ 2784.766021][T10539] ? __asan_memcpy+0x5a/0x80 [ 2784.766038][T10539] ? ioctl_has_perm+0x3e0/0x4d0 [ 2784.766059][T10539] ? has_cap_mac_admin+0xd0/0xd0 [ 2784.766080][T10539] ? __kasan_check_write+0x18/0x20 [ 2784.766105][T10539] ? mutex_lock_killable+0x92/0x1c0 [ 2784.766122][T10539] ? __cfi_mutex_lock_killable+0x10/0x10 [ 2784.766140][T10539] ? proc_fail_nth_write+0x17e/0x210 [ 2784.766165][T10539] kvm_vcpu_ioctl+0x96f/0xee0 [ 2784.766183][T10539] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 2784.766200][T10539] ? __cfi_vfs_write+0x10/0x10 [ 2784.766218][T10539] ? __kasan_check_write+0x18/0x20 [ 2784.766242][T10539] ? mutex_unlock+0x8b/0x240 [ 2784.766265][T10539] ? __cfi_mutex_unlock+0x10/0x10 [ 2784.766282][T10539] ? __fget_files+0x2c5/0x340 [ 2784.766304][T10539] ? __fget_files+0x2c5/0x340 [ 2784.766324][T10539] ? bpf_lsm_file_ioctl+0xd/0x20 [ 2784.766348][T10539] ? security_file_ioctl+0x34/0xd0 [ 2784.766369][T10539] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 2784.766385][T10539] __se_sys_ioctl+0x135/0x1b0 [ 2784.766406][T10539] __x64_sys_ioctl+0x7f/0xa0 [ 2784.766426][T10539] x64_sys_call+0x1878/0x2ee0 [ 2784.766451][T10539] do_syscall_64+0x58/0xf0 [ 2784.766473][T10539] ? clear_bhb_loop+0x50/0xa0 [ 2784.766494][T10539] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2784.766513][T10539] RIP: 0033:0x7f389178f6c9 [ 2784.766530][T10539] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2784.766546][T10539] RSP: 002b:00007f3892705038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2784.766567][T10539] RAX: ffffffffffffffda RBX: 00007f38919e5fa0 RCX: 00007f389178f6c9 [ 2784.766582][T10539] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008 [ 2784.766595][T10539] RBP: 00007f3892705090 R08: 0000000000000000 R09: 0000000000000000 [ 2784.766608][T10539] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2784.766619][T10539] R13: 00007f38919e6038 R14: 00007f38919e5fa0 R15: 00007ffd2caa6108 [ 2784.766636][T10539] [ 2785.451445][T10573] netlink: 68 bytes leftover after parsing attributes in process `syz.0.80676'. [ 2785.472157][T10577] FAULT_INJECTION: forcing a failure. [ 2785.472157][T10577] name failslab, interval 1, probability 0, space 0, times 0 [ 2785.484960][T10577] CPU: 0 UID: 0 PID: 10577 Comm: syz.0.80677 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2785.484991][T10577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2785.485004][T10577] Call Trace: [ 2785.485011][T10577] [ 2785.485019][T10577] __dump_stack+0x21/0x30 [ 2785.485053][T10577] dump_stack_lvl+0x10c/0x190 [ 2785.485075][T10577] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2785.485100][T10577] dump_stack+0x19/0x20 [ 2785.485119][T10577] should_fail_ex+0x3d9/0x530 [ 2785.485138][T10577] should_failslab+0xac/0x100 [ 2785.485169][T10577] __kmalloc_node_track_caller_noprof+0x68/0x520 [ 2785.485189][T10577] ? rust_helper_krealloc+0x33/0xd0 [ 2785.485218][T10577] krealloc_noprof+0x8d/0x130 [ 2785.485237][T10577] rust_helper_krealloc+0x33/0xd0 [ 2785.485261][T10577] ? _RNvMNtNtCs43vyB533jt3_6kernel5alloc9allocatorNtB2_11ReallocFunc4call+0x70/0xc0 [ 2785.485286][T10577] _RNvMNtNtCs43vyB533jt3_6kernel5alloc9allocatorNtB2_11ReallocFunc4call+0x8e/0xc0 [ 2785.485309][T10577] _RNvMs3_NtCs5gLWsBERDPK_16rust_binder_main6threadNtB5_11ThreadError7try_new+0x81/0x3b0 [ 2785.485335][T10577] _RNvMs4_NtCs5gLWsBERDPK_16rust_binder_main7processNtB5_7Process18get_current_thread+0x481/0x1400 [ 2785.485359][T10577] ? inode_init_always_gfp+0x756/0x9e0 [ 2785.485379][T10577] ? alloc_inode+0xc5/0x270 [ 2785.485398][T10577] ? proc_pident_instantiate+0x6d/0x2c0 [ 2785.485417][T10577] ? proc_pident_lookup+0x1c7/0x270 [ 2785.485436][T10577] ? path_openat+0x1301/0x34b0 [ 2785.485457][T10577] ? __x64_sys_openat+0x13a/0x170 [ 2785.485479][T10577] ? x64_sys_call+0xe69/0x2ee0 [ 2785.485504][T10577] ? do_syscall_64+0x58/0xf0 [ 2785.485527][T10577] ? entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2785.485545][T10577] ? __cfi__RNvMs4_NtCs5gLWsBERDPK_16rust_binder_main7processNtB5_7Process18get_current_thread+0x10/0x10 [ 2785.485567][T10577] ? avc_has_perm_noaudit+0x268/0x360 [ 2785.485591][T10577] ? __asan_memcpy+0x5a/0x80 [ 2785.485608][T10577] ? avc_has_perm_noaudit+0x286/0x360 [ 2785.485632][T10577] ? avc_has_perm+0x144/0x220 [ 2785.485654][T10577] ? __cfi_avc_has_perm+0x10/0x10 [ 2785.485675][T10577] ? kasan_save_alloc_info+0x40/0x50 [ 2785.485701][T10577] ? selinux_file_open+0x457/0x610 [ 2785.485722][T10577] _RNvMs6_NtCs5gLWsBERDPK_16rust_binder_main7processNtB5_7Process5ioctl+0x1a7/0x2cf0 [ 2785.485749][T10577] ? avc_has_extended_perms+0x7c7/0xdd0 [ 2785.485773][T10577] ? __asan_memcpy+0x5a/0x80 [ 2785.485791][T10577] ? avc_has_extended_perms+0x921/0xdd0 [ 2785.485815][T10577] ? __cfi__RNvMs6_NtCs5gLWsBERDPK_16rust_binder_main7processNtB5_7Process5ioctl+0x10/0x10 [ 2785.485840][T10577] ? do_vfs_ioctl+0xeda/0x1e30 [ 2785.485859][T10577] ? arch_stack_walk+0x10b/0x170 [ 2785.485876][T10577] ? __ia32_compat_sys_ioctl+0x850/0x850 [ 2785.485896][T10577] ? _parse_integer+0x2e/0x40 [ 2785.485926][T10577] ? ioctl_has_perm+0x384/0x4d0 [ 2785.485948][T10577] ? has_cap_mac_admin+0xd0/0xd0 [ 2785.485969][T10577] ? proc_fail_nth_write+0x17e/0x210 [ 2785.485992][T10577] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 2785.486016][T10577] ? selinux_file_ioctl+0x6e0/0x1360 [ 2785.486037][T10577] ? vfs_write+0x93e/0xf30 [ 2785.486053][T10577] ? __cfi_selinux_file_ioctl+0x10/0x10 [ 2785.486074][T10577] ? __cfi_vfs_write+0x10/0x10 [ 2785.486091][T10577] ? __kasan_check_write+0x18/0x20 [ 2785.486116][T10577] ? mutex_unlock+0x8b/0x240 [ 2785.486134][T10577] ? __cfi_mutex_unlock+0x10/0x10 [ 2785.486158][T10577] ? __fget_files+0x2c5/0x340 [ 2785.486178][T10577] ? __fget_files+0x2c5/0x340 [ 2785.486198][T10577] _RNvCs5gLWsBERDPK_16rust_binder_main26rust_binder_unlocked_ioctl+0xa0/0x100 [ 2785.486224][T10577] ? __se_sys_ioctl+0x114/0x1b0 [ 2785.486244][T10577] ? __cfi__RNvCs5gLWsBERDPK_16rust_binder_main26rust_binder_unlocked_ioctl+0x10/0x10 [ 2785.486271][T10577] __se_sys_ioctl+0x135/0x1b0 [ 2785.486290][T10577] __x64_sys_ioctl+0x7f/0xa0 [ 2785.486309][T10577] x64_sys_call+0x1878/0x2ee0 [ 2785.486334][T10577] do_syscall_64+0x58/0xf0 [ 2785.486356][T10577] ? clear_bhb_loop+0x50/0xa0 [ 2785.486376][T10577] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2785.486395][T10577] RIP: 0033:0x7f773a98f6c9 [ 2785.486412][T10577] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2785.486428][T10577] RSP: 002b:00007f773b895038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2785.486449][T10577] RAX: ffffffffffffffda RBX: 00007f773abe5fa0 RCX: 00007f773a98f6c9 [ 2785.486464][T10577] RDX: 0000000000000000 RSI: 00000000c0306201 RDI: 0000000000000008 [ 2785.486477][T10577] RBP: 00007f773b895090 R08: 0000000000000000 R09: 0000000000000000 [ 2785.486489][T10577] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2785.486502][T10577] R13: 00007f773abe6038 R14: 00007f773abe5fa0 R15: 00007ffd0b19e288 [ 2785.486518][T10577] [ 2786.065936][T10612] netlink: 68 bytes leftover after parsing attributes in process `syz.0.80693'. [ 2786.132228][T10615] bridge0: port 1(bridge_slave_0) entered blocking state [ 2786.139923][T10615] bridge0: port 1(bridge_slave_0) entered disabled state [ 2786.147241][T10615] bridge_slave_0: entered allmulticast mode [ 2786.153615][T10615] bridge_slave_0: entered promiscuous mode [ 2786.239464][T10646] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 2786.276122][T10655] FAULT_INJECTION: forcing a failure. [ 2786.276122][T10655] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2786.289571][T10655] CPU: 0 UID: 0 PID: 10655 Comm: syz.0.80712 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2786.289598][T10655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2786.289607][T10655] Call Trace: [ 2786.289612][T10655] [ 2786.289617][T10655] __dump_stack+0x21/0x30 [ 2786.289635][T10655] dump_stack_lvl+0x10c/0x190 [ 2786.289648][T10655] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2786.289661][T10655] ? selinux_file_open+0x457/0x610 [ 2786.289675][T10655] dump_stack+0x19/0x20 [ 2786.289690][T10655] should_fail_ex+0x3d9/0x530 [ 2786.289701][T10655] should_fail_alloc_page+0xeb/0x110 [ 2786.289712][T10655] __alloc_pages_noprof+0x19b/0x7b0 [ 2786.289726][T10655] ? __cfi___alloc_pages_noprof+0x10/0x10 [ 2786.289739][T10655] ? is_bpf_text_address+0x17b/0x1a0 [ 2786.289752][T10655] ? __kernel_text_address+0x11/0x40 [ 2786.289764][T10655] ? unwind_get_return_address+0x51/0x90 [ 2786.289776][T10655] ? __cfi_stack_trace_consume_entry+0x10/0x10 [ 2786.289792][T10655] ? arch_stack_walk+0x10b/0x170 [ 2786.289801][T10655] __folio_alloc_noprof+0x14/0x80 [ 2786.289814][T10655] folio_prealloc+0x46/0x240 [ 2786.289826][T10655] do_pte_missing+0x164c/0x4240 [ 2786.289837][T10655] ? _parse_integer+0x2e/0x40 [ 2786.289852][T10655] ? pte_marker_clear+0x1b0/0x1b0 [ 2786.289864][T10655] ? kstrtouint_from_user+0xfb/0x150 [ 2786.289880][T10655] ? __x64_sys_openat+0x13a/0x170 [ 2786.289893][T10655] ? x64_sys_call+0xe69/0x2ee0 [ 2786.289906][T10655] ? selinux_file_permission+0x309/0xb30 [ 2786.289918][T10655] ? __pte_offset_map+0x1b0/0x230 [ 2786.289932][T10655] ? pte_offset_map_rw_nolock+0xba/0x110 [ 2786.289945][T10655] handle_mm_fault+0x1166/0x1b90 [ 2786.289957][T10655] ? __cfi_handle_mm_fault+0x10/0x10 [ 2786.289967][T10655] ? lock_vma_under_rcu+0x49d/0x540 [ 2786.289980][T10655] ? __kasan_check_write+0x18/0x20 [ 2786.289995][T10655] do_user_addr_fault+0x96c/0x1200 [ 2786.290008][T10655] ? __cfi_ksys_write+0x10/0x10 [ 2786.290019][T10655] exc_page_fault+0x59/0xc0 [ 2786.290029][T10655] asm_exc_page_fault+0x2b/0x30 [ 2786.290040][T10655] RIP: 0033:0x7f773a85a5ab [ 2786.290051][T10655] Code: 00 00 00 48 8d 3d 8d 3b 19 00 48 89 c1 31 c0 e8 db 39 ff ff eb d2 66 0f 1f 84 00 00 00 00 00 55 31 c0 53 48 81 ec 68 10 00 00 <48> 89 7c 24 08 48 8d 3d c1 3b 19 00 48 89 34 24 48 8b 14 24 48 8b [ 2786.290060][T10655] RSP: 002b:00007f773b893fb0 EFLAGS: 00010202 [ 2786.290071][T10655] RAX: 0000000000000000 RBX: 00007f773abe5fa0 RCX: 0000000000000000 [ 2786.290079][T10655] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 00002000000008c0 [ 2786.290086][T10655] RBP: 00007f773b895090 R08: 0000000000000000 R09: 0000000000000000 [ 2786.290093][T10655] R10: 00002000000008c0 R11: 0000000000000000 R12: 0000000000000001 [ 2786.290101][T10655] R13: 00007f773abe6038 R14: 00007f773abe5fa0 R15: 00007ffd0b19e288 [ 2786.290109][T10655] [ 2786.290118][T10655] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 2786.605503][T10615] bridge0: port 2(bridge_slave_1) entered blocking state [ 2786.612573][T10615] bridge0: port 2(bridge_slave_1) entered disabled state [ 2786.620238][T10615] bridge_slave_1: entered allmulticast mode [ 2786.626745][T10615] bridge_slave_1: entered promiscuous mode [ 2786.637452][T24743] bridge_slave_1: left allmulticast mode [ 2786.643115][T24743] bridge_slave_1: left promiscuous mode [ 2786.649054][T24743] bridge0: port 2(bridge_slave_1) entered disabled state [ 2786.656966][T24743] bridge_slave_0: left allmulticast mode [ 2786.662623][T24743] bridge_slave_0: left promiscuous mode [ 2786.668622][T24743] bridge0: port 1(bridge_slave_0) entered disabled state [ 2786.780727][T24743] veth1_macvtap: left promiscuous mode [ 2786.786545][T24743] veth0_vlan: left promiscuous mode [ 2786.812404][T10672] netlink: 68 bytes leftover after parsing attributes in process `syz.4.80720'. [ 2786.864687][T10615] bridge0: port 2(bridge_slave_1) entered blocking state [ 2786.871785][T10615] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2786.879103][T10615] bridge0: port 1(bridge_slave_0) entered blocking state [ 2786.886209][T10615] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2786.916613][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 2786.923992][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 2786.933918][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 2786.940990][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2786.959697][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 2786.966800][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2786.989776][T10615] veth0_vlan: entered promiscuous mode [ 2787.002610][T10615] veth1_macvtap: entered promiscuous mode [ 2787.198925][T10710] FAULT_INJECTION: forcing a failure. [ 2787.198925][T10710] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2787.213005][T10710] CPU: 0 UID: 0 PID: 10710 Comm: syz.0.80735 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2787.213043][T10710] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2787.213055][T10710] Call Trace: [ 2787.213061][T10710] [ 2787.213069][T10710] __dump_stack+0x21/0x30 [ 2787.213099][T10710] dump_stack_lvl+0x10c/0x190 [ 2787.213122][T10710] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2787.213145][T10710] ? kstrtoull+0x13b/0x1e0 [ 2787.213163][T10710] dump_stack+0x19/0x20 [ 2787.213190][T10710] should_fail_ex+0x3d9/0x530 [ 2787.213209][T10710] should_fail+0xf/0x20 [ 2787.213226][T10710] should_fail_usercopy+0x1e/0x30 [ 2787.213246][T10710] _copy_from_user+0x22/0xb0 [ 2787.213267][T10710] ___sys_sendmsg+0x159/0x2a0 [ 2787.213294][T10710] ? __sys_sendmsg+0x280/0x280 [ 2787.213319][T10710] ? proc_fail_nth_write+0x17e/0x210 [ 2787.213342][T10710] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 2787.213371][T10710] __x64_sys_sendmsg+0x1eb/0x2c0 [ 2787.213396][T10710] ? fput+0x1a5/0x240 [ 2787.213418][T10710] ? __cfi___x64_sys_sendmsg+0x10/0x10 [ 2787.213443][T10710] ? ksys_write+0x1ef/0x250 [ 2787.213461][T10710] ? __kasan_check_read+0x15/0x20 [ 2787.213489][T10710] x64_sys_call+0x2a4c/0x2ee0 [ 2787.213513][T10710] do_syscall_64+0x58/0xf0 [ 2787.213536][T10710] ? clear_bhb_loop+0x50/0xa0 [ 2787.213557][T10710] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2787.213576][T10710] RIP: 0033:0x7f773a98f6c9 [ 2787.213592][T10710] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2787.213608][T10710] RSP: 002b:00007f773b895038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2787.213630][T10710] RAX: ffffffffffffffda RBX: 00007f773abe5fa0 RCX: 00007f773a98f6c9 [ 2787.213645][T10710] RDX: 0000000000044000 RSI: 00002000000009c0 RDI: 0000000000000008 [ 2787.213659][T10710] RBP: 00007f773b895090 R08: 0000000000000000 R09: 0000000000000000 [ 2787.213672][T10710] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2787.213684][T10710] R13: 00007f773abe6038 R14: 00007f773abe5fa0 R15: 00007ffd0b19e288 [ 2787.213701][T10710] [ 2787.723299][T10732] netlink: 68 bytes leftover after parsing attributes in process `syz.5.80744'. [ 2787.875674][T10752] FAULT_INJECTION: forcing a failure. [ 2787.875674][T10752] name failslab, interval 1, probability 0, space 0, times 0 [ 2787.910636][T10752] CPU: 0 UID: 0 PID: 10752 Comm: syz.0.80755 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2787.910665][T10752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2787.910676][T10752] Call Trace: [ 2787.910682][T10752] [ 2787.910690][T10752] __dump_stack+0x21/0x30 [ 2787.910742][T10752] dump_stack_lvl+0x10c/0x190 [ 2787.910762][T10752] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2787.910783][T10752] dump_stack+0x19/0x20 [ 2787.910802][T10752] should_fail_ex+0x3d9/0x530 [ 2787.910820][T10752] should_failslab+0xac/0x100 [ 2787.910840][T10752] kmem_cache_alloc_noprof+0x42/0x430 [ 2787.910854][T10752] ? find_exception+0x106/0x4a0 [ 2787.910961][T10752] ? dst_alloc+0x13c/0x250 [ 2787.910978][T10752] dst_alloc+0x13c/0x250 [ 2787.910992][T10752] ip_route_output_key_hash_rcu+0x1302/0x1f90 [ 2787.911016][T10752] ip_route_output_key_hash+0xef/0x180 [ 2787.911039][T10752] ? __asan_memcpy+0x5a/0x80 [ 2787.911055][T10752] ? __cfi_ip_route_output_key_hash+0x10/0x10 [ 2787.911078][T10752] ? avc_has_perm_noaudit+0x286/0x360 [ 2787.911104][T10752] ? avc_has_perm+0x144/0x220 [ 2787.911128][T10752] tcp_v4_connect+0x69b/0x19e0 [ 2787.911179][T10752] ? __cfi_tcp_v4_connect+0x10/0x10 [ 2787.911197][T10752] ? __kasan_check_write+0x18/0x20 [ 2787.911223][T10752] ? _raw_spin_lock_bh+0x90/0x120 [ 2787.911247][T10752] __inet_stream_connect+0x2a4/0xf40 [ 2787.911265][T10752] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 2787.911290][T10752] ? _raw_spin_unlock_bh+0x54/0x60 [ 2787.911311][T10752] ? lock_sock_nested+0x1f5/0x290 [ 2787.911331][T10752] ? __cfi___inet_stream_connect+0x10/0x10 [ 2787.911347][T10752] ? check_stack_object+0x107/0x140 [ 2787.911365][T10752] ? __check_object_size+0xe0/0x810 [ 2787.911383][T10752] ? __fget_files+0x2c5/0x340 [ 2787.911402][T10752] inet_stream_connect+0x66/0xa0 [ 2787.911420][T10752] __sys_connect+0x39d/0x440 [ 2787.911442][T10752] ? __cfi___sys_connect+0x10/0x10 [ 2787.911466][T10752] ? __kasan_check_read+0x15/0x20 [ 2787.911492][T10752] __x64_sys_connect+0x7e/0x90 [ 2787.911514][T10752] x64_sys_call+0x1c2f/0x2ee0 [ 2787.911539][T10752] do_syscall_64+0x58/0xf0 [ 2787.911562][T10752] ? clear_bhb_loop+0x50/0xa0 [ 2787.911582][T10752] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2787.911601][T10752] RIP: 0033:0x7f773a98f6c9 [ 2787.911616][T10752] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2787.911633][T10752] RSP: 002b:00007f773b895038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2787.911654][T10752] RAX: ffffffffffffffda RBX: 00007f773abe5fa0 RCX: 00007f773a98f6c9 [ 2787.911667][T10752] RDX: 0000000000000010 RSI: 0000200000000180 RDI: 0000000000000005 [ 2787.911680][T10752] RBP: 00007f773b895090 R08: 0000000000000000 R09: 0000000000000000 [ 2787.911692][T10752] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2787.911716][T10752] R13: 00007f773abe6038 R14: 00007f773abe5fa0 R15: 00007ffd0b19e288 [ 2787.911732][T10752] [ 2788.332462][T10796] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 2789.548549][T10852] netlink: 68 bytes leftover after parsing attributes in process `syz.0.80806'. [ 2789.658029][T10856] FAULT_INJECTION: forcing a failure. [ 2789.658029][T10856] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2789.704901][T10856] CPU: 0 UID: 0 PID: 10856 Comm: syz.0.80809 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2789.704936][T10856] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2789.704951][T10856] Call Trace: [ 2789.704958][T10856] [ 2789.704966][T10856] __dump_stack+0x21/0x30 [ 2789.704997][T10856] dump_stack_lvl+0x10c/0x190 [ 2789.705020][T10856] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2789.705045][T10856] ? kstrtoull+0x13b/0x1e0 [ 2789.705062][T10856] dump_stack+0x19/0x20 [ 2789.705085][T10856] should_fail_ex+0x3d9/0x530 [ 2789.705104][T10856] should_fail+0xf/0x20 [ 2789.705121][T10856] should_fail_usercopy+0x1e/0x30 [ 2789.705141][T10856] _copy_from_user+0x22/0xb0 [ 2789.705163][T10856] ___sys_sendmsg+0x159/0x2a0 [ 2789.705190][T10856] ? __sys_sendmsg+0x280/0x280 [ 2789.705215][T10856] ? proc_fail_nth_write+0x17e/0x210 [ 2789.705240][T10856] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 2789.705269][T10856] __x64_sys_sendmsg+0x1eb/0x2c0 [ 2789.705294][T10856] ? fput+0x1a5/0x240 [ 2789.705315][T10856] ? __cfi___x64_sys_sendmsg+0x10/0x10 [ 2789.705341][T10856] ? ksys_write+0x1ef/0x250 [ 2789.705359][T10856] ? __kasan_check_read+0x15/0x20 [ 2789.705386][T10856] x64_sys_call+0x2a4c/0x2ee0 [ 2789.705411][T10856] do_syscall_64+0x58/0xf0 [ 2789.705434][T10856] ? clear_bhb_loop+0x50/0xa0 [ 2789.705454][T10856] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2789.705473][T10856] RIP: 0033:0x7f773a98f6c9 [ 2789.705490][T10856] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2789.705507][T10856] RSP: 002b:00007f773b895038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2789.705528][T10856] RAX: ffffffffffffffda RBX: 00007f773abe5fa0 RCX: 00007f773a98f6c9 [ 2789.705544][T10856] RDX: 0000000000000000 RSI: 00002000000035c0 RDI: 0000000000000006 [ 2789.705556][T10856] RBP: 00007f773b895090 R08: 0000000000000000 R09: 0000000000000000 [ 2789.705569][T10856] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2789.705581][T10856] R13: 00007f773abe6038 R14: 00007f773abe5fa0 R15: 00007ffd0b19e288 [ 2789.705597][T10856] [ 2790.113219][T10874] netlink: 68 bytes leftover after parsing attributes in process `syz.1.80818'. [ 2791.176330][T10954] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 2791.204284][T10958] FAULT_INJECTION: forcing a failure. [ 2791.204284][T10958] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2791.217416][T10958] CPU: 1 UID: 0 PID: 10958 Comm: syz.5.80858 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2791.217450][T10958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2791.217463][T10958] Call Trace: [ 2791.217478][T10958] [ 2791.217486][T10958] __dump_stack+0x21/0x30 [ 2791.217515][T10958] dump_stack_lvl+0x10c/0x190 [ 2791.217538][T10958] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2791.217562][T10958] ? kstrtoull+0x13b/0x1e0 [ 2791.217580][T10958] dump_stack+0x19/0x20 [ 2791.217602][T10958] should_fail_ex+0x3d9/0x530 [ 2791.217621][T10958] should_fail+0xf/0x20 [ 2791.217639][T10958] should_fail_usercopy+0x1e/0x30 [ 2791.217657][T10958] _copy_from_user+0x22/0xb0 [ 2791.217679][T10958] ___sys_sendmsg+0x159/0x2a0 [ 2791.217705][T10958] ? __sys_sendmsg+0x280/0x280 [ 2791.217730][T10958] ? proc_fail_nth_write+0x17e/0x210 [ 2791.217754][T10958] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 2791.217781][T10958] __x64_sys_sendmsg+0x1eb/0x2c0 [ 2791.217805][T10958] ? fput+0x1a5/0x240 [ 2791.217827][T10958] ? __cfi___x64_sys_sendmsg+0x10/0x10 [ 2791.217852][T10958] ? ksys_write+0x1ef/0x250 [ 2791.217871][T10958] ? __kasan_check_read+0x15/0x20 [ 2791.217898][T10958] x64_sys_call+0x2a4c/0x2ee0 [ 2791.217923][T10958] do_syscall_64+0x58/0xf0 [ 2791.217946][T10958] ? clear_bhb_loop+0x50/0xa0 [ 2791.217966][T10958] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2791.217986][T10958] RIP: 0033:0x7f51aff8f6c9 [ 2791.218001][T10958] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2791.218017][T10958] RSP: 002b:00007f51b0e45038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2791.218039][T10958] RAX: ffffffffffffffda RBX: 00007f51b01e5fa0 RCX: 00007f51aff8f6c9 [ 2791.218054][T10958] RDX: 0000000000044000 RSI: 00002000000009c0 RDI: 0000000000000007 [ 2791.218067][T10958] RBP: 00007f51b0e45090 R08: 0000000000000000 R09: 0000000000000000 [ 2791.218080][T10958] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2791.218092][T10958] R13: 00007f51b01e6038 R14: 00007f51b01e5fa0 R15: 00007ffd56116198 [ 2791.218108][T10958] [ 2791.526747][T10978] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 2791.610349][T10994] FAULT_INJECTION: forcing a failure. [ 2791.610349][T10994] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2791.628814][T10998] netlink: 68 bytes leftover after parsing attributes in process `syz.5.80877'. [ 2791.651429][T10994] CPU: 0 UID: 0 PID: 10994 Comm: syz.0.80874 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2791.651457][T10994] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2791.651468][T10994] Call Trace: [ 2791.651474][T10994] [ 2791.651481][T10994] __dump_stack+0x21/0x30 [ 2791.651510][T10994] dump_stack_lvl+0x10c/0x190 [ 2791.651532][T10994] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2791.651553][T10994] ? check_stack_object+0x12c/0x140 [ 2791.651570][T10994] dump_stack+0x19/0x20 [ 2791.651589][T10994] should_fail_ex+0x3d9/0x530 [ 2791.651607][T10994] should_fail+0xf/0x20 [ 2791.651621][T10994] should_fail_usercopy+0x1e/0x30 [ 2791.651638][T10994] _copy_to_user+0x24/0xa0 [ 2791.651658][T10994] simple_read_from_buffer+0xed/0x160 [ 2791.651690][T10994] proc_fail_nth_read+0x19e/0x210 [ 2791.651713][T10994] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 2791.651736][T10994] ? bpf_lsm_file_permission+0xd/0x20 [ 2791.651759][T10994] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 2791.651782][T10994] vfs_read+0x27d/0xc70 [ 2791.651799][T10994] ? __cfi_vfs_read+0x10/0x10 [ 2791.651814][T10994] ? __kasan_check_write+0x18/0x20 [ 2791.651840][T10994] ? mutex_lock+0x92/0x1c0 [ 2791.651857][T10994] ? __cfi_mutex_lock+0x10/0x10 [ 2791.651873][T10994] ? __fget_files+0x2c5/0x340 [ 2791.651893][T10994] ksys_read+0x141/0x250 [ 2791.651910][T10994] ? __cfi_ksys_read+0x10/0x10 [ 2791.651925][T10994] ? __kasan_check_read+0x15/0x20 [ 2791.651949][T10994] __x64_sys_read+0x7f/0x90 [ 2791.651964][T10994] x64_sys_call+0x2638/0x2ee0 [ 2791.651987][T10994] do_syscall_64+0x58/0xf0 [ 2791.652009][T10994] ? clear_bhb_loop+0x50/0xa0 [ 2791.652029][T10994] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2791.652047][T10994] RIP: 0033:0x7f773a98e0dc [ 2791.652064][T10994] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 2791.652080][T10994] RSP: 002b:00007f773b895030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 2791.652100][T10994] RAX: ffffffffffffffda RBX: 00007f773abe5fa0 RCX: 00007f773a98e0dc [ 2791.652114][T10994] RDX: 000000000000000f RSI: 00007f773b8950a0 RDI: 0000000000000007 [ 2791.652127][T10994] RBP: 00007f773b895090 R08: 0000000000000000 R09: 0000000000000000 [ 2791.652139][T10994] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2791.652152][T10994] R13: 00007f773abe6038 R14: 00007f773abe5fa0 R15: 00007ffd0b19e288 [ 2791.652167][T10994] [ 2792.845393][T24743] bridge_slave_1: left allmulticast mode [ 2792.851074][T24743] bridge_slave_1: left promiscuous mode [ 2792.856984][T24743] bridge0: port 2(bridge_slave_1) entered disabled state [ 2792.875225][T24743] bridge_slave_0: left allmulticast mode [ 2792.880911][T24743] bridge_slave_0: left promiscuous mode [ 2792.894951][T24743] bridge0: port 1(bridge_slave_0) entered disabled state [ 2793.015877][T11067] bridge0: port 1(bridge_slave_0) entered blocking state [ 2793.034839][T11067] bridge0: port 1(bridge_slave_0) entered disabled state [ 2793.041944][T11067] bridge_slave_0: entered allmulticast mode [ 2793.065131][T11067] bridge_slave_0: entered promiscuous mode [ 2793.075697][T24743] veth1_macvtap: left promiscuous mode [ 2793.081240][T24743] veth0_vlan: left promiscuous mode [ 2793.275779][T11067] bridge0: port 2(bridge_slave_1) entered blocking state [ 2793.284695][T11067] bridge0: port 2(bridge_slave_1) entered disabled state [ 2793.311997][T11067] bridge_slave_1: entered allmulticast mode [ 2793.333717][T11067] bridge_slave_1: entered promiscuous mode [ 2793.521491][T11067] bridge0: port 2(bridge_slave_1) entered blocking state [ 2793.528695][T11067] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2793.536100][T11067] bridge0: port 1(bridge_slave_0) entered blocking state [ 2793.543141][T11067] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2793.569229][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 2793.579088][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 2793.597608][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 2793.604722][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2793.635529][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 2793.642680][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2793.663545][T11067] veth0_vlan: entered promiscuous mode [ 2793.679476][T11067] veth1_macvtap: entered promiscuous mode [ 2793.903482][T11184] FAULT_INJECTION: forcing a failure. [ 2793.903482][T11184] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2793.916666][T11184] CPU: 1 UID: 0 PID: 11184 Comm: syz.5.80962 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2793.916696][T11184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2793.916706][T11184] Call Trace: [ 2793.916712][T11184] [ 2793.916719][T11184] __dump_stack+0x21/0x30 [ 2793.916748][T11184] dump_stack_lvl+0x10c/0x190 [ 2793.916770][T11184] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2793.916793][T11184] ? kstrtoull+0x13b/0x1e0 [ 2793.916810][T11184] dump_stack+0x19/0x20 [ 2793.916832][T11184] should_fail_ex+0x3d9/0x530 [ 2793.916851][T11184] should_fail+0xf/0x20 [ 2793.916867][T11184] should_fail_usercopy+0x1e/0x30 [ 2793.916887][T11184] _copy_from_user+0x22/0xb0 [ 2793.916907][T11184] ___sys_sendmsg+0x159/0x2a0 [ 2793.916934][T11184] ? __sys_sendmsg+0x280/0x280 [ 2793.916957][T11184] ? proc_fail_nth_write+0x17e/0x210 [ 2793.916980][T11184] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 2793.917008][T11184] __x64_sys_sendmsg+0x1eb/0x2c0 [ 2793.917032][T11184] ? fput+0x1a5/0x240 [ 2793.917051][T11184] ? __cfi___x64_sys_sendmsg+0x10/0x10 [ 2793.917075][T11184] ? ksys_write+0x1ef/0x250 [ 2793.917093][T11184] ? __kasan_check_read+0x15/0x20 [ 2793.917127][T11184] x64_sys_call+0x2a4c/0x2ee0 [ 2793.917152][T11184] do_syscall_64+0x58/0xf0 [ 2793.917173][T11184] ? clear_bhb_loop+0x50/0xa0 [ 2793.917193][T11184] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2793.917220][T11184] RIP: 0033:0x7f51aff8f6c9 [ 2793.917236][T11184] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2793.917252][T11184] RSP: 002b:00007f51b0e45038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2793.917273][T11184] RAX: ffffffffffffffda RBX: 00007f51b01e5fa0 RCX: 00007f51aff8f6c9 [ 2793.917288][T11184] RDX: 0000000000044000 RSI: 00002000000009c0 RDI: 0000000000000008 [ 2793.917301][T11184] RBP: 00007f51b0e45090 R08: 0000000000000000 R09: 0000000000000000 [ 2793.917313][T11184] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2793.917326][T11184] R13: 00007f51b01e6038 R14: 00007f51b01e5fa0 R15: 00007ffd56116198 [ 2793.917341][T11184] [ 2794.152005][ T36] audit: type=1400 audit(1763114267.761:3388): avc: denied { write } for pid=11186 comm="syz.5.80963" name="loop-control" dev="devtmpfs" ino=48 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 2794.849469][T11338] netlink: 68 bytes leftover after parsing attributes in process `syz.1.81025'. [ 2795.014170][T11374] netlink: 68 bytes leftover after parsing attributes in process `syz.0.81041'. [ 2795.074504][T11381] netlink: 68 bytes leftover after parsing attributes in process `syz.1.81045'. [ 2795.199207][T11393] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 2795.404284][T11415] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 2795.534816][T11429] netlink: 68 bytes leftover after parsing attributes in process `syz.1.81068'. [ 2795.786630][T11449] netlink: 68 bytes leftover after parsing attributes in process `syz.1.81078'. [ 2796.007956][T11473] netlink: 68 bytes leftover after parsing attributes in process `syz.5.81089'. [ 2796.859451][T11539] FAULT_INJECTION: forcing a failure. [ 2796.859451][T11539] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2796.904490][T11539] CPU: 0 UID: 0 PID: 11539 Comm: syz.4.81122 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2796.904529][T11539] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2796.904541][T11539] Call Trace: [ 2796.904548][T11539] [ 2796.904557][T11539] __dump_stack+0x21/0x30 [ 2796.904590][T11539] dump_stack_lvl+0x10c/0x190 [ 2796.904613][T11539] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2796.904638][T11539] ? kernel_text_address+0xa9/0xe0 [ 2796.904662][T11539] dump_stack+0x19/0x20 [ 2796.904683][T11539] should_fail_ex+0x3d9/0x530 [ 2796.904704][T11539] should_fail+0xf/0x20 [ 2796.904721][T11539] should_fail_usercopy+0x1e/0x30 [ 2796.904741][T11539] _copy_from_user+0x22/0xb0 [ 2796.904765][T11539] ___sys_sendmsg+0x159/0x2a0 [ 2796.904792][T11539] ? __sys_sendmsg+0x280/0x280 [ 2796.904817][T11539] ? kstrtouint+0x78/0xf0 [ 2796.904839][T11539] __sys_sendmmsg+0x271/0x470 [ 2796.904865][T11539] ? __cfi___sys_sendmmsg+0x10/0x10 [ 2796.904894][T11539] ? __cfi_ksys_write+0x10/0x10 [ 2796.904915][T11539] __x64_sys_sendmmsg+0xa4/0xc0 [ 2796.904941][T11539] x64_sys_call+0xfec/0x2ee0 [ 2796.904966][T11539] do_syscall_64+0x58/0xf0 [ 2796.905000][T11539] ? clear_bhb_loop+0x50/0xa0 [ 2796.905022][T11539] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2796.905041][T11539] RIP: 0033:0x7f389178f6c9 [ 2796.905058][T11539] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2796.905074][T11539] RSP: 002b:00007f3892705038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2796.905096][T11539] RAX: ffffffffffffffda RBX: 00007f38919e5fa0 RCX: 00007f389178f6c9 [ 2796.905111][T11539] RDX: 0000000000000001 RSI: 0000200000003c00 RDI: 0000000000000007 [ 2796.905123][T11539] RBP: 00007f3892705090 R08: 0000000000000000 R09: 0000000000000000 [ 2796.905135][T11539] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2796.905147][T11539] R13: 00007f38919e6038 R14: 00007f38919e5fa0 R15: 00007ffd2caa6108 [ 2796.905165][T11539] [ 2797.212811][T11554] netlink: 68 bytes leftover after parsing attributes in process `syz.4.81130'. [ 2797.531848][T11583] netlink: 68 bytes leftover after parsing attributes in process `syz.1.81139'. [ 2799.201934][T11806] netlink: 68 bytes leftover after parsing attributes in process `syz.5.81245'. [ 2799.498350][T11849] netlink: 68 bytes leftover after parsing attributes in process `syz.5.81264'. [ 2805.632464][T12268] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 2809.132576][T12381] overlayfs: failed to resolve './file1': -2 [ 2809.938268][T12437] overlayfs: failed to resolve './file0': -2 [ 2811.443268][T12478] overlayfs: failed to resolve './file0': -2 [ 2811.620119][T12499] overlayfs: failed to resolve './file1': -2 [ 2812.715596][T12544] overlayfs: failed to resolve './file1': -2 [ 2812.834583][T12565] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 2813.005218][T12591] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 2813.555882][T12617] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 2815.409198][T12769] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 2815.894874][T12840] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 2818.884341][T13090] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 2819.229439][T13143] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 2820.094189][T24743] bridge_slave_1: left allmulticast mode [ 2820.099865][T24743] bridge_slave_1: left promiscuous mode [ 2820.105935][T24743] bridge0: port 2(bridge_slave_1) entered disabled state [ 2820.113909][T24743] bridge_slave_0: left allmulticast mode [ 2820.119564][T24743] bridge_slave_0: left promiscuous mode [ 2820.125651][T24743] bridge0: port 1(bridge_slave_0) entered disabled state [ 2820.257011][T13227] bridge0: port 1(bridge_slave_0) entered blocking state [ 2820.264373][T13227] bridge0: port 1(bridge_slave_0) entered disabled state [ 2820.271450][T13227] bridge_slave_0: entered allmulticast mode [ 2820.278384][T13227] bridge_slave_0: entered promiscuous mode [ 2820.285280][T13227] bridge0: port 2(bridge_slave_1) entered blocking state [ 2820.292395][T13227] bridge0: port 2(bridge_slave_1) entered disabled state [ 2820.299776][T13227] bridge_slave_1: entered allmulticast mode [ 2820.306443][T13227] bridge_slave_1: entered promiscuous mode [ 2820.313361][T24743] veth1_macvtap: left promiscuous mode [ 2820.318892][T24743] veth0_vlan: left promiscuous mode [ 2820.453905][T13227] bridge0: port 2(bridge_slave_1) entered blocking state [ 2820.460969][T13227] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2820.468329][T13227] bridge0: port 1(bridge_slave_0) entered blocking state [ 2820.475404][T13227] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2820.501218][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 2820.508917][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 2820.520523][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 2820.527717][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2820.545623][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 2820.552702][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2820.578110][T13227] veth0_vlan: entered promiscuous mode [ 2820.590649][T13227] veth1_macvtap: entered promiscuous mode [ 2820.872099][T13291] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 2825.881505][T13676] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 2831.368148][T14038] overlayfs: missing 'lowerdir' [ 2833.121969][T14194] overlayfs: missing 'lowerdir' [ 2834.978260][T14288] overlayfs: missing 'lowerdir' [ 2835.180215][T14302] overlayfs: missing 'lowerdir' [ 2836.567064][T14434] overlayfs: missing 'workdir' [ 2855.441868][T15691] bridge0: port 1(bridge_slave_0) entered blocking state [ 2855.448945][T15691] bridge0: port 1(bridge_slave_0) entered disabled state [ 2855.458288][T15691] bridge_slave_0: entered allmulticast mode [ 2855.464861][T15691] bridge_slave_0: entered promiscuous mode [ 2855.471582][T15691] bridge0: port 2(bridge_slave_1) entered blocking state [ 2855.478622][T15691] bridge0: port 2(bridge_slave_1) entered disabled state [ 2855.485938][T15691] bridge_slave_1: entered allmulticast mode [ 2855.492424][T15691] bridge_slave_1: entered promiscuous mode [ 2855.595230][T15691] bridge0: port 2(bridge_slave_1) entered blocking state [ 2855.602309][T15691] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2855.609606][T15691] bridge0: port 1(bridge_slave_0) entered blocking state [ 2855.616679][T15691] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2855.843296][T24743] bridge_slave_1: left allmulticast mode [ 2855.849435][T24743] bridge_slave_1: left promiscuous mode [ 2855.855437][T24743] bridge0: port 2(bridge_slave_1) entered disabled state [ 2855.863301][T24743] bridge_slave_0: left allmulticast mode [ 2855.868964][T24743] bridge_slave_0: left promiscuous mode [ 2855.875068][T24743] bridge0: port 1(bridge_slave_0) entered disabled state [ 2855.963248][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 2855.971009][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 2855.986392][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 2855.993488][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2856.002286][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 2856.009467][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2856.022451][T24743] veth1_macvtap: left promiscuous mode [ 2856.027988][T24743] veth0_vlan: left promiscuous mode [ 2856.107214][T15691] veth0_vlan: entered promiscuous mode [ 2856.130217][T15691] veth1_macvtap: entered promiscuous mode [ 2861.632720][ T46] bridge_slave_1: left allmulticast mode [ 2861.638490][ T46] bridge_slave_1: left promiscuous mode [ 2861.644391][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 2861.656457][ T46] bridge_slave_0: left allmulticast mode [ 2861.668829][ T46] bridge_slave_0: left promiscuous mode [ 2861.681039][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 2861.823982][ T46] veth1_macvtap: left promiscuous mode [ 2861.839765][ T46] veth0_vlan: left promiscuous mode [ 2861.951544][T16102] bridge0: port 1(bridge_slave_0) entered blocking state [ 2861.968787][T16102] bridge0: port 1(bridge_slave_0) entered disabled state [ 2861.980836][T16102] bridge_slave_0: entered allmulticast mode [ 2861.991550][T16102] bridge_slave_0: entered promiscuous mode [ 2862.008253][T16102] bridge0: port 2(bridge_slave_1) entered blocking state [ 2862.025553][T16102] bridge0: port 2(bridge_slave_1) entered disabled state [ 2862.041353][T16102] bridge_slave_1: entered allmulticast mode [ 2862.051379][T16102] bridge_slave_1: entered promiscuous mode [ 2862.171427][T16102] bridge0: port 2(bridge_slave_1) entered blocking state [ 2862.178503][T16102] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2862.185851][T16102] bridge0: port 1(bridge_slave_0) entered blocking state [ 2862.192905][T16102] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2862.263338][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 2862.270704][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 2862.298167][T24743] bridge0: port 1(bridge_slave_0) entered blocking state [ 2862.305256][T24743] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2862.326969][T24743] bridge0: port 2(bridge_slave_1) entered blocking state [ 2862.334067][T24743] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2862.407547][T16102] veth0_vlan: entered promiscuous mode [ 2862.434353][T16102] veth1_macvtap: entered promiscuous mode [ 2863.113895][ T46] bridge_slave_1: left allmulticast mode [ 2863.119594][ T46] bridge_slave_1: left promiscuous mode [ 2863.130851][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 2863.151180][ T46] bridge_slave_0: left allmulticast mode [ 2863.156944][ T46] bridge_slave_0: left promiscuous mode [ 2863.171321][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 2863.324663][T16228] bridge0: port 1(bridge_slave_0) entered blocking state [ 2863.346662][T16228] bridge0: port 1(bridge_slave_0) entered disabled state [ 2863.366010][T16228] bridge_slave_0: entered allmulticast mode [ 2863.384455][T16228] bridge_slave_0: entered promiscuous mode [ 2863.411086][T16228] bridge0: port 2(bridge_slave_1) entered blocking state [ 2863.425200][T16228] bridge0: port 2(bridge_slave_1) entered disabled state [ 2863.442517][T16228] bridge_slave_1: entered allmulticast mode [ 2863.449004][T16228] bridge_slave_1: entered promiscuous mode [ 2863.493154][ T46] veth1_macvtap: left promiscuous mode [ 2863.498710][ T46] veth0_vlan: left promiscuous mode [ 2863.780311][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 2863.787422][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2863.798279][T24743] bridge0: port 2(bridge_slave_1) entered blocking state [ 2863.805361][T24743] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2863.846876][T16228] veth0_vlan: entered promiscuous mode [ 2863.861557][T16228] veth1_macvtap: entered promiscuous mode [ 2883.725762][T17933] FAULT_INJECTION: forcing a failure. [ 2883.725762][T17933] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2883.739036][T17933] CPU: 1 UID: 0 PID: 17933 Comm: syz.5.84157 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2883.739070][T17933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2883.739095][T17933] Call Trace: [ 2883.739102][T17933] [ 2883.739110][T17933] __dump_stack+0x21/0x30 [ 2883.739140][T17933] dump_stack_lvl+0x10c/0x190 [ 2883.739164][T17933] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2883.739188][T17933] ? kstrtoull+0x13b/0x1e0 [ 2883.739206][T17933] dump_stack+0x19/0x20 [ 2883.739227][T17933] should_fail_ex+0x3d9/0x530 [ 2883.739247][T17933] should_fail+0xf/0x20 [ 2883.739264][T17933] should_fail_usercopy+0x1e/0x30 [ 2883.739283][T17933] _copy_from_user+0x22/0xb0 [ 2883.739306][T17933] ___sys_sendmsg+0x159/0x2a0 [ 2883.739333][T17933] ? __sys_sendmsg+0x280/0x280 [ 2883.739358][T17933] ? proc_fail_nth_write+0x17e/0x210 [ 2883.739383][T17933] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 2883.739412][T17933] __x64_sys_sendmsg+0x1eb/0x2c0 [ 2883.739442][T17933] ? fput+0x1a5/0x240 [ 2883.739464][T17933] ? __cfi___x64_sys_sendmsg+0x10/0x10 [ 2883.739489][T17933] ? ksys_write+0x1ef/0x250 [ 2883.739511][T17933] ? __kasan_check_read+0x15/0x20 [ 2883.739536][T17933] x64_sys_call+0x2a4c/0x2ee0 [ 2883.739560][T17933] do_syscall_64+0x58/0xf0 [ 2883.739584][T17933] ? clear_bhb_loop+0x50/0xa0 [ 2883.739604][T17933] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2883.739623][T17933] RIP: 0033:0x7f354218f6c9 [ 2883.739640][T17933] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2883.739656][T17933] RSP: 002b:00007f3542fee038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2883.739678][T17933] RAX: ffffffffffffffda RBX: 00007f35423e5fa0 RCX: 00007f354218f6c9 [ 2883.739693][T17933] RDX: 0000000000044000 RSI: 00002000000009c0 RDI: 0000000000000008 [ 2883.739706][T17933] RBP: 00007f3542fee090 R08: 0000000000000000 R09: 0000000000000000 [ 2883.739719][T17933] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2883.739731][T17933] R13: 00007f35423e6038 R14: 00007f35423e5fa0 R15: 00007fff4d548068 [ 2883.739747][T17933] [ 2885.962433][T18120] FAULT_INJECTION: forcing a failure. [ 2885.962433][T18120] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2886.009487][T18120] CPU: 0 UID: 0 PID: 18120 Comm: syz.1.84250 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2886.009518][T18120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2886.009529][T18120] Call Trace: [ 2886.009536][T18120] [ 2886.009543][T18120] __dump_stack+0x21/0x30 [ 2886.009568][T18120] dump_stack_lvl+0x10c/0x190 [ 2886.009582][T18120] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2886.009595][T18120] ? __kasan_check_write+0x18/0x20 [ 2886.009612][T18120] ? kvm_arch_vcpu_load+0x650/0x8c0 [ 2886.009628][T18120] dump_stack+0x19/0x20 [ 2886.009647][T18120] should_fail_ex+0x3d9/0x530 [ 2886.009659][T18120] should_fail+0xf/0x20 [ 2886.009668][T18120] should_fail_usercopy+0x1e/0x30 [ 2886.009679][T18120] _copy_from_user+0x22/0xb0 [ 2886.009692][T18120] kvm_arch_vcpu_ioctl+0x6ef/0x2e50 [ 2886.009702][T18120] ? avc_has_perm+0x144/0x220 [ 2886.009717][T18120] ? __cfi_kvm_arch_vcpu_ioctl+0x10/0x10 [ 2886.009727][T18120] ? kasan_save_alloc_info+0x40/0x50 [ 2886.009741][T18120] ? selinux_file_open+0x457/0x610 [ 2886.009754][T18120] ? __cfi_selinux_file_open+0x10/0x10 [ 2886.009767][T18120] ? is_bpf_text_address+0x17b/0x1a0 [ 2886.009781][T18120] ? kernel_text_address+0xa9/0xe0 [ 2886.009795][T18120] ? __kernel_text_address+0x11/0x40 [ 2886.009807][T18120] ? do_vfs_ioctl+0xeda/0x1e30 [ 2886.009819][T18120] ? arch_stack_walk+0x10b/0x170 [ 2886.009829][T18120] ? __ia32_compat_sys_ioctl+0x850/0x850 [ 2886.009841][T18120] ? _parse_integer_limit+0x195/0x1e0 [ 2886.009855][T18120] ? _parse_integer+0x2e/0x40 [ 2886.009868][T18120] ? kstrtoull+0x13b/0x1e0 [ 2886.009877][T18120] ? kstrtouint+0x78/0xf0 [ 2886.009886][T18120] ? ioctl_has_perm+0x1aa/0x4d0 [ 2886.009900][T18120] ? __asan_memcpy+0x5a/0x80 [ 2886.009909][T18120] ? ioctl_has_perm+0x3e0/0x4d0 [ 2886.009920][T18120] ? has_cap_mac_admin+0xd0/0xd0 [ 2886.009931][T18120] ? __kasan_check_write+0x18/0x20 [ 2886.009945][T18120] ? mutex_lock_killable+0x92/0x1c0 [ 2886.009956][T18120] ? __cfi_mutex_lock_killable+0x10/0x10 [ 2886.009966][T18120] ? proc_fail_nth_write+0x17e/0x210 [ 2886.009979][T18120] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 2886.009992][T18120] kvm_vcpu_ioctl+0x77c/0xee0 [ 2886.010002][T18120] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 2886.010011][T18120] ? __cfi_vfs_write+0x10/0x10 [ 2886.010022][T18120] ? __kasan_check_write+0x18/0x20 [ 2886.010035][T18120] ? mutex_unlock+0x8b/0x240 [ 2886.010044][T18120] ? __cfi_mutex_unlock+0x10/0x10 [ 2886.010053][T18120] ? __fget_files+0x2c5/0x340 [ 2886.010065][T18120] ? __fget_files+0x2c5/0x340 [ 2886.010075][T18120] ? bpf_lsm_file_ioctl+0xd/0x20 [ 2886.010089][T18120] ? security_file_ioctl+0x34/0xd0 [ 2886.010101][T18120] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 2886.010110][T18120] __se_sys_ioctl+0x135/0x1b0 [ 2886.010121][T18120] __x64_sys_ioctl+0x7f/0xa0 [ 2886.010131][T18120] x64_sys_call+0x1878/0x2ee0 [ 2886.010145][T18120] do_syscall_64+0x58/0xf0 [ 2886.010157][T18120] ? clear_bhb_loop+0x50/0xa0 [ 2886.010169][T18120] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2886.010180][T18120] RIP: 0033:0x7ff20538f6c9 [ 2886.010190][T18120] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2886.010199][T18120] RSP: 002b:00007ff2061c8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2886.010213][T18120] RAX: ffffffffffffffda RBX: 00007ff2055e5fa0 RCX: 00007ff20538f6c9 [ 2886.010222][T18120] RDX: 0000000000000000 RSI: 000000004008ae9c RDI: 0000000000000009 [ 2886.010229][T18120] RBP: 00007ff2061c8090 R08: 0000000000000000 R09: 0000000000000000 [ 2886.010236][T18120] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2886.010242][T18120] R13: 00007ff2055e6038 R14: 00007ff2055e5fa0 R15: 00007fffd8495188 [ 2886.010251][T18120] [ 2889.357109][T18337] FAULT_INJECTION: forcing a failure. [ 2889.357109][T18337] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2889.371042][T18337] CPU: 1 UID: 0 PID: 18337 Comm: syz.5.84351 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2889.371076][T18337] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2889.371088][T18337] Call Trace: [ 2889.371094][T18337] [ 2889.371102][T18337] __dump_stack+0x21/0x30 [ 2889.371132][T18337] dump_stack_lvl+0x10c/0x190 [ 2889.371156][T18337] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2889.371198][T18337] ? selinux_file_open+0x457/0x610 [ 2889.371222][T18337] dump_stack+0x19/0x20 [ 2889.371243][T18337] should_fail_ex+0x3d9/0x530 [ 2889.371268][T18337] should_fail_alloc_page+0xeb/0x110 [ 2889.371290][T18337] __alloc_pages_noprof+0x19b/0x7b0 [ 2889.371315][T18337] ? __cfi___alloc_pages_noprof+0x10/0x10 [ 2889.371339][T18337] ? is_bpf_text_address+0x17b/0x1a0 [ 2889.371362][T18337] ? __kernel_text_address+0x11/0x40 [ 2889.371385][T18337] ? unwind_get_return_address+0x51/0x90 [ 2889.371407][T18337] ? __cfi_stack_trace_consume_entry+0x10/0x10 [ 2889.371434][T18337] ? arch_stack_walk+0x10b/0x170 [ 2889.371452][T18337] __folio_alloc_noprof+0x14/0x80 [ 2889.371475][T18337] folio_prealloc+0x46/0x240 [ 2889.371498][T18337] do_pte_missing+0x164c/0x4240 [ 2889.371520][T18337] ? _parse_integer+0x2e/0x40 [ 2889.371548][T18337] ? pte_marker_clear+0x1b0/0x1b0 [ 2889.371569][T18337] ? kstrtouint_from_user+0xfb/0x150 [ 2889.371586][T18337] ? __x64_sys_openat+0x13a/0x170 [ 2889.371610][T18337] ? x64_sys_call+0xe69/0x2ee0 [ 2889.371635][T18337] ? selinux_file_permission+0x309/0xb30 [ 2889.371663][T18337] ? __pte_offset_map+0x1b0/0x230 [ 2889.371688][T18337] ? pte_offset_map_rw_nolock+0xba/0x110 [ 2889.371714][T18337] handle_mm_fault+0x1166/0x1b90 [ 2889.371737][T18337] ? __cfi_handle_mm_fault+0x10/0x10 [ 2889.371757][T18337] ? lock_vma_under_rcu+0x49d/0x540 [ 2889.371779][T18337] ? __kasan_check_write+0x18/0x20 [ 2889.371807][T18337] do_user_addr_fault+0x96c/0x1200 [ 2889.371836][T18337] ? __cfi_ksys_write+0x10/0x10 [ 2889.371856][T18337] exc_page_fault+0x59/0xc0 [ 2889.371875][T18337] asm_exc_page_fault+0x2b/0x30 [ 2889.371895][T18337] RIP: 0033:0x7f354205a5ab [ 2889.371913][T18337] Code: 00 00 00 48 8d 3d 8d 3b 19 00 48 89 c1 31 c0 e8 db 39 ff ff eb d2 66 0f 1f 84 00 00 00 00 00 55 31 c0 53 48 81 ec 68 10 00 00 <48> 89 7c 24 08 48 8d 3d c1 3b 19 00 48 89 34 24 48 8b 14 24 48 8b [ 2889.371930][T18337] RSP: 002b:00007f3542fecfb0 EFLAGS: 00010202 [ 2889.371947][T18337] RAX: 0000000000000000 RBX: 00007f35423e5fa0 RCX: 0000000000000000 [ 2889.371961][T18337] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 00002000000008c0 [ 2889.371974][T18337] RBP: 00007f3542fee090 R08: 0000000000000000 R09: 0000000000000000 [ 2889.371987][T18337] R10: 00002000000008c0 R11: 0000000000000000 R12: 0000000000000001 [ 2889.372000][T18337] R13: 00007f35423e6038 R14: 00007f35423e5fa0 R15: 00007fff4d548068 [ 2889.372016][T18337] [ 2889.372030][T18337] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 2889.976975][T18376] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 2889.989242][ T2838] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 2890.139236][ T2838] usb 6-1: Using ep0 maxpacket: 32 [ 2890.145645][ T2838] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2890.156748][ T2838] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2890.166773][ T2838] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00 [ 2890.176030][ T2838] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2890.184977][ T2838] usb 6-1: config 0 descriptor?? [ 2890.609265][ T2838] kone 0003:1E7D:2CED.0011: hidraw0: USB HID v0.00 Device [HID 1e7d:2ced] on usb-dummy_hcd.5-1/input0 [ 2890.798658][ T2838] kone 0003:1E7D:2CED.0011: couldn't init struct kone_device [ 2890.806162][ T2838] kone 0003:1E7D:2CED.0011: couldn't install mouse [ 2890.816845][ T2838] kone 0003:1E7D:2CED.0011: probe with driver kone failed with error -5 [ 2890.829801][ T2838] usb 6-1: USB disconnect, device number 3 [ 2892.124000][T18483] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 2892.213260][T24743] bridge_slave_1: left allmulticast mode [ 2892.218981][T24743] bridge_slave_1: left promiscuous mode [ 2892.224901][T24743] bridge0: port 2(bridge_slave_1) entered disabled state [ 2892.232785][T24743] bridge_slave_0: left allmulticast mode [ 2892.238438][T24743] bridge_slave_0: left promiscuous mode [ 2892.244328][T24743] bridge0: port 1(bridge_slave_0) entered disabled state [ 2892.346178][T18467] bridge0: port 1(bridge_slave_0) entered blocking state [ 2892.353284][T18467] bridge0: port 1(bridge_slave_0) entered disabled state [ 2892.360653][T18467] bridge_slave_0: entered allmulticast mode [ 2892.366988][T18467] bridge_slave_0: entered promiscuous mode [ 2892.375513][T18467] bridge0: port 2(bridge_slave_1) entered blocking state [ 2892.383022][T18467] bridge0: port 2(bridge_slave_1) entered disabled state [ 2892.390274][T18467] bridge_slave_1: entered allmulticast mode [ 2892.396606][T18467] bridge_slave_1: entered promiscuous mode [ 2892.404237][T24743] veth1_macvtap: left promiscuous mode [ 2892.410057][T24743] veth0_vlan: left promiscuous mode [ 2892.539737][T18467] bridge0: port 2(bridge_slave_1) entered blocking state [ 2892.546932][T18467] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2892.554256][T18467] bridge0: port 1(bridge_slave_0) entered blocking state [ 2892.561418][T18467] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2892.586574][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 2892.595003][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 2892.600418][T18508] FAULT_INJECTION: forcing a failure. [ 2892.600418][T18508] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2892.639285][T18467] veth0_vlan: entered promiscuous mode [ 2892.647695][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 2892.654971][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2892.655640][T18508] CPU: 0 UID: 0 PID: 18508 Comm: syz.1.84425 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2892.655668][T18508] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2892.655679][T18508] Call Trace: [ 2892.655686][T18508] [ 2892.655698][T18508] __dump_stack+0x21/0x30 [ 2892.655728][T18508] dump_stack_lvl+0x10c/0x190 [ 2892.655750][T18508] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2892.655773][T18508] ? kstrtoull+0x13b/0x1e0 [ 2892.655790][T18508] dump_stack+0x19/0x20 [ 2892.655811][T18508] should_fail_ex+0x3d9/0x530 [ 2892.655829][T18508] should_fail+0xf/0x20 [ 2892.655845][T18508] should_fail_usercopy+0x1e/0x30 [ 2892.655864][T18508] _copy_from_user+0x22/0xb0 [ 2892.655884][T18508] ___sys_sendmsg+0x159/0x2a0 [ 2892.655909][T18508] ? __sys_sendmsg+0x280/0x280 [ 2892.655934][T18508] ? proc_fail_nth_write+0x17e/0x210 [ 2892.655960][T18508] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 2892.655987][T18508] __x64_sys_sendmsg+0x1eb/0x2c0 [ 2892.656011][T18508] ? fput+0x1a5/0x240 [ 2892.656032][T18508] ? __cfi___x64_sys_sendmsg+0x10/0x10 [ 2892.656056][T18508] ? ksys_write+0x1ef/0x250 [ 2892.656073][T18508] ? __kasan_check_read+0x15/0x20 [ 2892.656106][T18508] x64_sys_call+0x2a4c/0x2ee0 [ 2892.656130][T18508] do_syscall_64+0x58/0xf0 [ 2892.656153][T18508] ? clear_bhb_loop+0x50/0xa0 [ 2892.656173][T18508] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2892.656191][T18508] RIP: 0033:0x7ff20538f6c9 [ 2892.656210][T18508] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2892.656226][T18508] RSP: 002b:00007ff2061c8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2892.656246][T18508] RAX: ffffffffffffffda RBX: 00007ff2055e5fa0 RCX: 00007ff20538f6c9 [ 2892.656261][T18508] RDX: 0000000000044000 RSI: 00002000000009c0 RDI: 0000000000000008 [ 2892.656273][T18508] RBP: 00007ff2061c8090 R08: 0000000000000000 R09: 0000000000000000 [ 2892.656286][T18508] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2892.656298][T18508] R13: 00007ff2055e6038 R14: 00007ff2055e5fa0 R15: 00007fffd8495188 [ 2892.656313][T18508] [ 2892.810450][T18517] FAULT_INJECTION: forcing a failure. [ 2892.810450][T18517] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2892.822384][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 2892.849184][T18517] CPU: 0 UID: 0 PID: 18517 Comm: syz.1.84429 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2892.849220][T18517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2892.849233][T18517] Call Trace: [ 2892.849239][T18517] [ 2892.849246][T18517] __dump_stack+0x21/0x30 [ 2892.849282][T18517] dump_stack_lvl+0x10c/0x190 [ 2892.849304][T18517] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2892.849327][T18517] ? kstrtoull+0x13b/0x1e0 [ 2892.849344][T18517] dump_stack+0x19/0x20 [ 2892.849365][T18517] should_fail_ex+0x3d9/0x530 [ 2892.849383][T18517] should_fail+0xf/0x20 [ 2892.849399][T18517] should_fail_usercopy+0x1e/0x30 [ 2892.849417][T18517] _copy_from_user+0x22/0xb0 [ 2892.849438][T18517] ___sys_sendmsg+0x159/0x2a0 [ 2892.849463][T18517] ? __sys_sendmsg+0x280/0x280 [ 2892.849487][T18517] ? proc_fail_nth_write+0x17e/0x210 [ 2892.849510][T18517] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 2892.849537][T18517] __x64_sys_sendmsg+0x1eb/0x2c0 [ 2892.849561][T18517] ? fput+0x1a5/0x240 [ 2892.849582][T18517] ? __cfi___x64_sys_sendmsg+0x10/0x10 [ 2892.849606][T18517] ? ksys_write+0x1ef/0x250 [ 2892.849623][T18517] ? __kasan_check_read+0x15/0x20 [ 2892.849649][T18517] x64_sys_call+0x2a4c/0x2ee0 [ 2892.849673][T18517] do_syscall_64+0x58/0xf0 [ 2892.849695][T18517] ? clear_bhb_loop+0x50/0xa0 [ 2892.849715][T18517] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2892.849734][T18517] RIP: 0033:0x7ff20538f6c9 [ 2892.849750][T18517] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2892.849766][T18517] RSP: 002b:00007ff2061c8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2892.849786][T18517] RAX: ffffffffffffffda RBX: 00007ff2055e5fa0 RCX: 00007ff20538f6c9 [ 2892.849801][T18517] RDX: 0000000000044000 RSI: 00002000000009c0 RDI: 0000000000000008 [ 2892.849814][T18517] RBP: 00007ff2061c8090 R08: 0000000000000000 R09: 0000000000000000 [ 2892.849827][T18517] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2892.849838][T18517] R13: 00007ff2055e6038 R14: 00007ff2055e5fa0 R15: 00007fffd8495188 [ 2892.849854][T18517] [ 2893.100983][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2893.119848][T18467] veth1_macvtap: entered promiscuous mode [ 2893.336751][T18541] overlayfs: failed to resolve './file0': -2 [ 2893.455343][T18553] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 2893.639100][ T2838] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 2893.744050][T18579] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 2893.789048][ T2838] usb 6-1: Using ep0 maxpacket: 16 [ 2893.795470][ T2838] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2893.806663][ T2838] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2893.817450][ T2838] usb 6-1: New USB device found, idVendor=258a, idProduct=6a88, bcdDevice= 0.00 [ 2893.826686][ T2838] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2893.839306][ T2838] usb 6-1: config 0 descriptor?? [ 2893.910539][T18588] FAULT_INJECTION: forcing a failure. [ 2893.910539][T18588] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2893.941675][T18588] CPU: 0 UID: 0 PID: 18588 Comm: syz.4.84464 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2893.941702][T18588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2893.941711][T18588] Call Trace: [ 2893.941714][T18588] [ 2893.941719][T18588] __dump_stack+0x21/0x30 [ 2893.941738][T18588] dump_stack_lvl+0x10c/0x190 [ 2893.941765][T18588] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2893.941789][T18588] ? kernel_text_address+0xa9/0xe0 [ 2893.941814][T18588] dump_stack+0x19/0x20 [ 2893.941833][T18588] should_fail_ex+0x3d9/0x530 [ 2893.941845][T18588] should_fail+0xf/0x20 [ 2893.941855][T18588] should_fail_usercopy+0x1e/0x30 [ 2893.941866][T18588] _copy_from_user+0x22/0xb0 [ 2893.941878][T18588] ___sys_sendmsg+0x159/0x2a0 [ 2893.941895][T18588] ? __sys_sendmsg+0x280/0x280 [ 2893.941920][T18588] ? kstrtouint+0x78/0xf0 [ 2893.941951][T18588] __sys_sendmmsg+0x271/0x470 [ 2893.941976][T18588] ? __cfi___sys_sendmmsg+0x10/0x10 [ 2893.941992][T18588] ? __cfi_ksys_write+0x10/0x10 [ 2893.942003][T18588] __x64_sys_sendmmsg+0xa4/0xc0 [ 2893.942016][T18588] x64_sys_call+0xfec/0x2ee0 [ 2893.942029][T18588] do_syscall_64+0x58/0xf0 [ 2893.942048][T18588] ? clear_bhb_loop+0x50/0xa0 [ 2893.942070][T18588] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2893.942089][T18588] RIP: 0033:0x7fc61bf8f6c9 [ 2893.942106][T18588] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2893.942120][T18588] RSP: 002b:00007fc61ceeb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2893.942132][T18588] RAX: ffffffffffffffda RBX: 00007fc61c1e5fa0 RCX: 00007fc61bf8f6c9 [ 2893.942140][T18588] RDX: 0000000000000001 RSI: 0000200000003c00 RDI: 0000000000000007 [ 2893.942147][T18588] RBP: 00007fc61ceeb090 R08: 0000000000000000 R09: 0000000000000000 [ 2893.942154][T18588] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2893.942161][T18588] R13: 00007fc61c1e6038 R14: 00007fc61c1e5fa0 R15: 00007fff05361708 [ 2893.942170][T18588] [ 2894.247184][ T2838] usb 6-1: string descriptor 0 read error: -71 [ 2894.257723][ T2838] usbhid 6-1:0.0: can't add hid device: -71 [ 2894.265685][ T2838] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 2894.277435][ T2838] usb 6-1: USB disconnect, device number 4 [ 2894.943056][T18633] FAULT_INJECTION: forcing a failure. [ 2894.943056][T18633] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2894.956227][T18633] CPU: 1 UID: 0 PID: 18633 Comm: syz.5.84487 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2894.956260][T18633] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2894.956272][T18633] Call Trace: [ 2894.956279][T18633] [ 2894.956287][T18633] __dump_stack+0x21/0x30 [ 2894.956317][T18633] dump_stack_lvl+0x10c/0x190 [ 2894.956341][T18633] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2894.956365][T18633] ? __kasan_check_write+0x18/0x20 [ 2894.956392][T18633] ? kvm_arch_vcpu_load+0x650/0x8c0 [ 2894.956419][T18633] dump_stack+0x19/0x20 [ 2894.956441][T18633] should_fail_ex+0x3d9/0x530 [ 2894.956461][T18633] should_fail+0xf/0x20 [ 2894.956478][T18633] should_fail_usercopy+0x1e/0x30 [ 2894.956498][T18633] _copy_from_user+0x22/0xb0 [ 2894.956520][T18633] kvm_arch_vcpu_ioctl+0x6ef/0x2e50 [ 2894.956545][T18633] ? avc_has_perm+0x144/0x220 [ 2894.956570][T18633] ? __cfi_kvm_arch_vcpu_ioctl+0x10/0x10 [ 2894.956588][T18633] ? kasan_save_alloc_info+0x40/0x50 [ 2894.956615][T18633] ? selinux_file_open+0x457/0x610 [ 2894.956637][T18633] ? __cfi_selinux_file_open+0x10/0x10 [ 2894.956661][T18633] ? is_bpf_text_address+0x17b/0x1a0 [ 2894.956683][T18633] ? kernel_text_address+0xa9/0xe0 [ 2894.956705][T18633] ? __kernel_text_address+0x11/0x40 [ 2894.956728][T18633] ? do_vfs_ioctl+0xeda/0x1e30 [ 2894.956748][T18633] ? arch_stack_walk+0x10b/0x170 [ 2894.956766][T18633] ? __ia32_compat_sys_ioctl+0x850/0x850 [ 2894.956787][T18633] ? _parse_integer_limit+0x195/0x1e0 [ 2894.956815][T18633] ? _parse_integer+0x2e/0x40 [ 2894.956840][T18633] ? kstrtoull+0x13b/0x1e0 [ 2894.956857][T18633] ? kstrtouint+0x78/0xf0 [ 2894.956873][T18633] ? ioctl_has_perm+0x1aa/0x4d0 [ 2894.956895][T18633] ? __asan_memcpy+0x5a/0x80 [ 2894.956912][T18633] ? ioctl_has_perm+0x3e0/0x4d0 [ 2894.956933][T18633] ? has_cap_mac_admin+0xd0/0xd0 [ 2894.956954][T18633] ? __kasan_check_write+0x18/0x20 [ 2894.956980][T18633] ? mutex_lock_killable+0x92/0x1c0 [ 2894.956999][T18633] ? __cfi_mutex_lock_killable+0x10/0x10 [ 2894.957018][T18633] ? proc_fail_nth_write+0x17e/0x210 [ 2894.957043][T18633] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 2894.957067][T18633] kvm_vcpu_ioctl+0x77c/0xee0 [ 2894.957086][T18633] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 2894.957103][T18633] ? __cfi_vfs_write+0x10/0x10 [ 2894.957127][T18633] ? __kasan_check_write+0x18/0x20 [ 2894.957152][T18633] ? mutex_unlock+0x8b/0x240 [ 2894.957169][T18633] ? __cfi_mutex_unlock+0x10/0x10 [ 2894.957186][T18633] ? __fget_files+0x2c5/0x340 [ 2894.957207][T18633] ? __fget_files+0x2c5/0x340 [ 2894.957227][T18633] ? bpf_lsm_file_ioctl+0xd/0x20 [ 2894.957252][T18633] ? security_file_ioctl+0x34/0xd0 [ 2894.957281][T18633] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 2894.957298][T18633] __se_sys_ioctl+0x135/0x1b0 [ 2894.957318][T18633] __x64_sys_ioctl+0x7f/0xa0 [ 2894.957337][T18633] x64_sys_call+0x1878/0x2ee0 [ 2894.957362][T18633] do_syscall_64+0x58/0xf0 [ 2894.957384][T18633] ? clear_bhb_loop+0x50/0xa0 [ 2894.957405][T18633] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2894.957424][T18633] RIP: 0033:0x7f04e318f6c9 [ 2894.957441][T18633] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2894.957459][T18633] RSP: 002b:00007f04e403e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2894.957481][T18633] RAX: ffffffffffffffda RBX: 00007f04e33e5fa0 RCX: 00007f04e318f6c9 [ 2894.957497][T18633] RDX: 0000000000000000 RSI: 000000004008ae9c RDI: 0000000000000008 [ 2894.957510][T18633] RBP: 00007f04e403e090 R08: 0000000000000000 R09: 0000000000000000 [ 2894.957534][T18633] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2894.957569][T18633] R13: 00007f04e33e6038 R14: 00007f04e33e5fa0 R15: 00007ffe5595c028 [ 2894.957588][T18633] [ 2895.350452][T18643] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 2895.472230][T18673] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 2895.558028][T18676] rust_binder: Error in use_page_slow: ESRCH [ 2895.558041][T18676] rust_binder: use_range failure ESRCH [ 2895.569092][T18676] rust_binder: Failed to allocate buffer. len:4096, is_oneway:false [ 2895.584102][T18676] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH } [ 2895.599026][T18676] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:544 [ 2895.958934][T25283] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 2895.978875][ T10] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 2896.039501][T18728] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 2896.118879][T25283] usb 6-1: Using ep0 maxpacket: 32 [ 2896.125161][T25283] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2896.136898][T25283] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2896.147124][T25283] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00 [ 2896.150375][ T10] usb 5-1: Using ep0 maxpacket: 32 [ 2896.156674][T25283] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2896.172809][T25283] usb 6-1: config 0 descriptor?? [ 2896.179903][ T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2896.208894][ T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2896.238923][ T10] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00 [ 2896.248006][ T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2896.289561][ T10] usb 5-1: config 0 descriptor?? [ 2896.583386][T25283] kone 0003:1E7D:2CED.0012: hidraw0: USB HID v0.00 Device [HID 1e7d:2ced] on usb-dummy_hcd.5-1/input0 [ 2896.698431][ T10] kone 0003:1E7D:2CED.0013: hidraw1: USB HID v0.00 Device [HID 1e7d:2ced] on usb-dummy_hcd.4-1/input0 [ 2896.782017][T25283] kone 0003:1E7D:2CED.0012: couldn't init struct kone_device [ 2896.792089][T25283] kone 0003:1E7D:2CED.0012: couldn't install mouse [ 2896.800344][T25283] kone 0003:1E7D:2CED.0012: probe with driver kone failed with error -5 [ 2896.813979][T25283] usb 6-1: USB disconnect, device number 5 [ 2896.890664][T18750] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 2896.901195][ T10] kone 0003:1E7D:2CED.0013: couldn't init struct kone_device [ 2896.908623][ T10] kone 0003:1E7D:2CED.0013: couldn't install mouse [ 2896.925537][ T10] kone 0003:1E7D:2CED.0013: probe with driver kone failed with error -5 [ 2896.955028][ T10] usb 5-1: USB disconnect, device number 10 [ 2897.935987][T18806] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 2898.049117][T18827] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 2898.520674][T18858] bridge0: port 1(bridge_slave_0) entered blocking state [ 2898.527827][T18858] bridge0: port 1(bridge_slave_0) entered disabled state [ 2898.536756][T18858] bridge_slave_0: entered allmulticast mode [ 2898.543424][T18858] bridge_slave_0: entered promiscuous mode [ 2898.550235][T18858] bridge0: port 2(bridge_slave_1) entered blocking state [ 2898.563026][T18858] bridge0: port 2(bridge_slave_1) entered disabled state [ 2898.577181][T18858] bridge_slave_1: entered allmulticast mode [ 2898.583749][T18858] bridge_slave_1: entered promiscuous mode [ 2898.645178][T18869] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 2898.754743][T18889] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 2898.826782][ T13] bridge_slave_1: left allmulticast mode [ 2898.838755][ T13] bridge_slave_1: left promiscuous mode [ 2898.844496][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 2898.869090][ T13] bridge_slave_0: left allmulticast mode [ 2898.874858][ T13] bridge_slave_0: left promiscuous mode [ 2898.888776][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 2898.942288][T18901] incfs: Unexpected inode type [ 2898.943402][ T36] audit: type=1400 audit(1763114372.557:3389): avc: denied { rmdir } for pid=18900 comm="syz.4.84613" name="bus" dev="incremental-fs" ino=1718 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 2898.971295][T16228] ------------[ cut here ]------------ [ 2898.976958][T16228] WARNING: CPU: 0 PID: 16228 at fs/inode.c:340 drop_nlink+0xce/0x110 [ 2898.985128][T16228] Modules linked in: [ 2898.989091][T16228] CPU: 0 UID: 0 PID: 16228 Comm: syz-executor Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2899.000995][T16228] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2899.011323][T16228] RIP: 0010:drop_nlink+0xce/0x110 [ 2899.016697][T16228] Code: 04 00 00 be 08 00 00 00 e8 cf 54 ee ff f0 48 ff 83 b8 04 00 00 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc e8 32 e4 97 ff <0f> 0b eb 81 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c 59 ff ff ff 4c [ 2899.036762][T16228] RSP: 0018:ffffc9000285fc60 EFLAGS: 00010293 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 2899.042913][T16228] RAX: ffffffff81ee1a7e RBX: ffff888156ce3838 RCX: ffff888128669300 [ 2899.049128][ T36] audit: type=1400 audit(1763114372.657:3390): avc: denied { write } for pid=282 comm="syz-executor" path="pipe:[2726]" dev="pipefs" ino=2726 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 2899.050930][T16228] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 2899.050945][T16228] RBP: ffffc9000285fc88 R08: 0000000000000003 R09: 0000000000000004 [ 2899.050958][T16228] R10: dffffc0000000000 R11: fffff5200050bf7c R12: dffffc0000000000 [ 2899.050972][T16228] R13: 1ffff1102ad9c710 R14: ffff888156ce3880 R15: 0000000000000000 [ 2899.106072][T16228] FS: 0000555567d58500(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 2899.115098][T16228] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 2899.121722][T16228] CR2: 0000555567d7b4e8 CR3: 000000011e1ec000 CR4: 00000000003526b0 [ 2899.129863][T16228] Call Trace: [ 2899.133144][T16228] [ 2899.136091][T16228] shmem_rmdir+0x5f/0x90 [ 2899.140678][T16228] vfs_rmdir+0x3dd/0x560 [ 2899.145386][T16228] incfs_kill_sb+0x109/0x230 [ 2899.150265][T16228] deactivate_locked_super+0xd5/0x2a0 [ 2899.156182][T16228] deactivate_super+0xb8/0xe0 [ 2899.161330][T16228] cleanup_mnt+0x3f1/0x480 [ 2899.165767][T16228] __cleanup_mnt+0x1d/0x40 [ 2899.170245][T16228] task_work_run+0x1e0/0x250 [ 2899.174954][T16228] ? __cfi_task_work_run+0x10/0x10 [ 2899.180118][T16228] ? __x64_sys_umount+0x126/0x170 [ 2899.185154][T16228] ? __cfi___x64_sys_umount+0x10/0x10 [ 2899.190696][T16228] ? __kasan_check_read+0x15/0x20 [ 2899.195827][T16228] resume_user_mode_work+0x36/0x50 [ 2899.201000][T16228] syscall_exit_to_user_mode+0x64/0xb0 [ 2899.206477][T16228] do_syscall_64+0x64/0xf0 [ 2899.211126][T16228] ? clear_bhb_loop+0x50/0xa0 [ 2899.215820][T16228] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2899.221783][T16228] RIP: 0033:0x7fc61bf909f7 [ 2899.226332][T16228] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 2899.246371][T16228] RSP: 002b:00007fff05360998 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 2899.254885][T16228] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fc61bf909f7 [ 2899.262915][T16228] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff05360a50 [ 2899.270936][T16228] RBP: 00007fff05360a50 R08: 0000000000000000 R09: 0000000000000000 [ 2899.279055][T16228] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff05361ae0 [ 2899.287086][T16228] R13: 00007fc61c011d7d R14: 00000000002c3c7c R15: 00007fff05361b20 [ 2899.295347][T16228] [ 2899.298379][T16228] ---[ end trace 0000000000000000 ]--- [ 2899.390104][T16228] ================================================================== [ 2899.398203][T16228] BUG: KASAN: null-ptr-deref in ihold+0x24/0x70 [ 2899.404448][T16228] Write of size 4 at addr 0000000000000168 by task syz-executor/16228 [ 2899.412854][T16228] [ 2899.415169][T16228] CPU: 0 UID: 0 PID: 16228 Comm: syz-executor Tainted: G W syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2899.415194][T16228] Tainted: [W]=WARN [ 2899.415201][T16228] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2899.415211][T16228] Call Trace: [ 2899.415217][T16228] [ 2899.415225][T16228] __dump_stack+0x21/0x30 [ 2899.415251][T16228] dump_stack_lvl+0x10c/0x190 [ 2899.415271][T16228] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2899.415292][T16228] print_report+0x3d/0x70 [ 2899.415309][T16228] kasan_report+0x163/0x1a0 [ 2899.415328][T16228] ? ihold+0x24/0x70 [ 2899.415345][T16228] ? _raw_spin_unlock+0x45/0x60 [ 2899.415365][T16228] ? ihold+0x24/0x70 [ 2899.415381][T16228] kasan_check_range+0x299/0x2a0 [ 2899.415400][T16228] __kasan_check_write+0x18/0x20 [ 2899.415421][T16228] ihold+0x24/0x70 [ 2899.415438][T16228] vfs_rmdir+0x26a/0x560 [ 2899.415457][T16228] incfs_kill_sb+0x109/0x230 [ 2899.415481][T16228] deactivate_locked_super+0xd5/0x2a0 [ 2899.415501][T16228] deactivate_super+0xb8/0xe0 [ 2899.415520][T16228] cleanup_mnt+0x3f1/0x480 [ 2899.415537][T16228] __cleanup_mnt+0x1d/0x40 [ 2899.415554][T16228] task_work_run+0x1e0/0x250 [ 2899.415573][T16228] ? __cfi_task_work_run+0x10/0x10 [ 2899.415591][T16228] ? __x64_sys_umount+0x126/0x170 [ 2899.415611][T16228] ? __cfi___x64_sys_umount+0x10/0x10 [ 2899.415632][T16228] ? __kasan_check_read+0x15/0x20 [ 2899.415655][T16228] resume_user_mode_work+0x36/0x50 [ 2899.415674][T16228] syscall_exit_to_user_mode+0x64/0xb0 [ 2899.415690][T16228] do_syscall_64+0x64/0xf0 [ 2899.415710][T16228] ? clear_bhb_loop+0x50/0xa0 [ 2899.415733][T16228] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2899.415750][T16228] RIP: 0033:0x7fc61bf909f7 [ 2899.415765][T16228] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 2899.415779][T16228] RSP: 002b:00007fff05360998 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 2899.415797][T16228] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fc61bf909f7 [ 2899.415809][T16228] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff05360a50 [ 2899.415820][T16228] RBP: 00007fff05360a50 R08: 0000000000000000 R09: 0000000000000000 [ 2899.415831][T16228] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff05361ae0 [ 2899.415844][T16228] R13: 00007fc61c011d7d R14: 00000000002c3c7c R15: 00007fff05361b20 [ 2899.415858][T16228] [ 2899.415864][T16228] ================================================================== [ 2899.663552][T16228] Disabling lock debugging due to kernel taint [ 2899.669824][T16228] BUG: kernel NULL pointer dereference, address: 0000000000000168 [ 2899.677900][T16228] #PF: supervisor write access in kernel mode [ 2899.684142][T16228] #PF: error_code(0x0002) - not-present page [ 2899.690111][T16228] PGD 8000000150276067 P4D 8000000150276067 PUD 0 [ 2899.696607][T16228] Oops: Oops: 0002 [#1] PREEMPT SMP KASAN PTI [ 2899.702675][T16228] CPU: 0 UID: 0 PID: 16228 Comm: syz-executor Tainted: G B W syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2899.716290][T16228] Tainted: [B]=BAD_PAGE, [W]=WARN [ 2899.721468][T16228] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2899.731511][T16228] RIP: 0010:ihold+0x2a/0x70 [ 2899.736011][T16228] Code: f3 0f 1e fa 55 48 89 e5 41 56 53 48 89 fb e8 1d db 97 ff 48 8d bb 68 01 00 00 be 04 00 00 00 e8 8c 4b ee ff 41 be 01 00 00 00 44 0f c1 b3 68 01 00 00 41 ff c6 bf 02 00 00 00 44 89 f6 e8 2d [ 2899.755613][T16228] RSP: 0018:ffffc9000285fca0 EFLAGS: 00010246 [ 2899.761688][T16228] RAX: ffff888128669300 RBX: 0000000000000000 RCX: ffff888128669300 [ 2899.769646][T16228] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 2899.777598][T16228] RBP: ffffc9000285fcb0 R08: ffffffff88972947 R09: 1ffffffff112e528 [ 2899.785554][T16228] R10: dffffc0000000000 R11: fffffbfff112e529 R12: ffff888156ce3844 [ 2899.793511][T16228] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000000 [ 2899.801557][T16228] FS: 0000555567d58500(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 2899.810584][T16228] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 2899.817166][T16228] CR2: 0000000000000168 CR3: 000000011e1ec000 CR4: 00000000003526b0 [ 2899.825137][T16228] Call Trace: [ 2899.828424][T16228] [ 2899.831433][T16228] vfs_rmdir+0x26a/0x560 [ 2899.835850][T16228] incfs_kill_sb+0x109/0x230 [ 2899.840432][T16228] deactivate_locked_super+0xd5/0x2a0 [ 2899.845885][T16228] deactivate_super+0xb8/0xe0 [ 2899.850650][T16228] cleanup_mnt+0x3f1/0x480 [ 2899.855146][T16228] __cleanup_mnt+0x1d/0x40 [ 2899.859570][T16228] task_work_run+0x1e0/0x250 [ 2899.864170][T16228] ? __cfi_task_work_run+0x10/0x10 [ 2899.869373][T16228] ? __x64_sys_umount+0x126/0x170 [ 2899.874390][T16228] ? __cfi___x64_sys_umount+0x10/0x10 [ 2899.879755][T16228] ? __kasan_check_read+0x15/0x20 [ 2899.884771][T16228] resume_user_mode_work+0x36/0x50 [ 2899.889877][T16228] syscall_exit_to_user_mode+0x64/0xb0 [ 2899.895428][T16228] do_syscall_64+0x64/0xf0 [ 2899.899836][T16228] ? clear_bhb_loop+0x50/0xa0 [ 2899.904502][T16228] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2899.910382][T16228] RIP: 0033:0x7fc61bf909f7 [ 2899.914804][T16228] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 2899.934395][T16228] RSP: 002b:00007fff05360998 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 2899.942795][T16228] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fc61bf909f7 [ 2899.950841][T16228] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff05360a50 [ 2899.958823][T16228] RBP: 00007fff05360a50 R08: 0000000000000000 R09: 0000000000000000 [ 2899.966870][T16228] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff05361ae0 [ 2899.974889][T16228] R13: 00007fc61c011d7d R14: 00000000002c3c7c R15: 00007fff05361b20 [ 2899.983339][T16228] [ 2899.986447][T16228] Modules linked in: [ 2899.990418][T16228] CR2: 0000000000000168 [ 2899.994576][T16228] ---[ end trace 0000000000000000 ]--- [ 2900.000031][T16228] RIP: 0010:ihold+0x2a/0x70 [ 2900.004814][T16228] Code: f3 0f 1e fa 55 48 89 e5 41 56 53 48 89 fb e8 1d db 97 ff 48 8d bb 68 01 00 00 be 04 00 00 00 e8 8c 4b ee ff 41 be 01 00 00 00 44 0f c1 b3 68 01 00 00 41 ff c6 bf 02 00 00 00 44 89 f6 e8 2d [ 2900.025029][T16228] RSP: 0018:ffffc9000285fca0 EFLAGS: 00010246 [ 2900.031104][T16228] RAX: ffff888128669300 RBX: 0000000000000000 RCX: ffff888128669300 [ 2900.039585][T16228] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 2900.047544][T16228] RBP: ffffc9000285fcb0 R08: ffffffff88972947 R09: 1ffffffff112e528 [ 2900.055507][T16228] R10: dffffc0000000000 R11: fffffbfff112e529 R12: ffff888156ce3844 [ 2900.063559][T16228] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000000 [ 2900.071713][T16228] FS: 0000555567d58500(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 2900.080643][T16228] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 2900.087209][T16228] CR2: 0000000000000168 CR3: 000000011e1ec000 CR4: 00000000003526b0 [ 2900.095172][T16228] Kernel panic - not syncing: Fatal exception [ 2900.101584][T16228] Kernel Offset: disabled [ 2900.105999][T16228] Rebooting in 86400 seconds..