last executing test programs: 4.683533787s ago: executing program 3 (id=4): r0 = socket$netlink(0x10, 0x3, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x180) mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f00000001c0), 0x8, &(0x7f0000000280)={[{@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@nfs_export_on}]}) chdir(&(0x7f00000003c0)='./bus\x00') linkat(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup\x00', 0xffffffffffffff9c, &(0x7f0000000100)='./file7\x00', 0x1000) lstat(&(0x7f0000000000)='./cgroup\x00', &(0x7f0000000140)) writev(r0, &(0x7f0000000080)=[{&(0x7f0000000000)="290000002000190f00003fffffffda060200000000e80001dd0000040d000600ea11004a35f4667d41", 0x29}], 0x1) 4.628800807s ago: executing program 3 (id=5): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) write$cgroup_devices(r1, &(0x7f0000000080)={'c', ' *:* ', 'wm\x00'}, 0x9) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CAP_SPLIT_IRQCHIP(r3, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0xd53}) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000000a00)={0x1, 0x0, [{0x1, 0x0, 0x3, 0x6, 0x6, 0xfffffffb, 0x2c0000}]}) ioctl$KVM_SET_LAPIC(r4, 0x4400ae8f, &(0x7f0000000a40)={"6aac8466ec35eb64534f2f0407a64b7709be5b7d7ae80bc2cd0e5e5ef565cb2eafd8f315fcf0f0408d6b94854468967a605b53fca76f3438546e25a688806d27e7a44ff34d6bbcc902bf729294673532fde39f6d04570800000000000000b9e1b71249b34b0bc9aa6df11d045f3b78a957db107ff19420192136aa57586b61549346a9f51d823c8e4b4b3d6aec1dc000dd5f4f63648f3f1a085a95ad4b172e1dc2e6e34f244a99774b61b6a52a70b299bf39303c8d2a75a7cf64752582883c9c77d42c73015287e1b891957791ca62c73ca0116328cbad7245156eeea28b2644e8baea410a4a9f7aa610fe48a552df832e46acef7c229ef02e8b787e9b72145486184a3dae630d2b06c5dbc55915050fc000091994b8ee1bf0ad231e684f84e1930d35fcc7fd3baee69822e27faec6cd41df7d210d1599f7355d7e694e22a8622fbf67db9cfc744a006a0fac64c470b2543b19f133115d64a17819bd5243635d1c7651b65dba113d5dd95405f96d7055063f817dce0560e811f38f82412563efbf7b92352d356ea52f247e5c2c288cc2d24e80004ed9e8ce697b3bda2756f73cd718a3b4119cabef5b891094857ce0cb2180885a525b3c8559293da416c0aaf68622547b8c79a485ae31628b155f8a27c77eeeaa17247387de72f07df53aff9a7ca8fe4e46e0ba79ed1ab02f7267cfbaf6b723a1071ed5a3f20202f2e641db8c142206f93c4d584441432ee8b66efaeda853335e73251854e67567de5011b9f73cfff64c80985eaadcd79d21f4328de372175a785c95dfdcc5e0b44cfe559501cb804a9cded0c0c49c358cb3e4648e120eb32653108760c89a2f6e1752b03b7a70b0b864ab1830a65acc0ae9a9cc2b6e1fea84af155220dd6b0db2481af55e609594aa1503126df76203000000e895982713e9b7dbb6b5dbcd17c9ce4f7a9448acd50e781ae3411d00675fda472cadbe172d9f29e3fbaf65d1139b5948d188aa758f71a65fb196b42eb0044e230755ca10a858ffd2e5e505da41780c803de1c7b512ca2b1404413488bcd1403b2088000334f753fc92f8e997af00947f97b269314119da47328e873cb23b322f736b5034e4877c1ebed594e0b8175b5bb8c182cf60e5c8d604f07a1b2316784179dd666a8214653b222384eec5928862ff7c2d5e182858c102e7be5ff427613c7a7733f1f90bc31a7a43d519234ed7f192c89c3e157801196a9c65d75baf5736ae0ee8de7aca4c1c993421537eeb73392eadbf7b55e74bac500107768def32f7e1c39f3f12b5b82b9c09a254e1da9c040700c4588fef85b35000b546dcc32d93c02ce884c6c6418a7747e2951924b11eaa89ca3468e4fce4f5380d3e251895c70700000000000000c09aa8a8be33457487f71445a2de8634418a142a599ea5340d00b400000000000000000000000000000004"}) ioctl$KVM_GET_LAPIC(r4, 0x8400ae8e, &(0x7f0000000340)) r5 = socket$igmp6(0xa, 0x3, 0x2) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r5, 0x8983, &(0x7f0000000300)={0x0, 'syzkaller1\x00', {0x1}}) close(0x3) 4.578946138s ago: executing program 1 (id=6): mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000400)='ramfs\x00', 0x2800000, 0x0) mkdirat(0xffffffffffffff9c, 0x0, 0x1) mount$incfs(&(0x7f0000000080)='./file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f0000000000), 0x82, 0x0) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000000c0)={0x0, 0x0, 0x0}) r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x8c) r1 = openat$incfs(r0, &(0x7f00000001c0)='.pending_reads\x00', 0x0, 0x130) ioctl$TIOCL_GETKMSGREDIRECT(r1, 0xc058671e, &(0x7f00000000c0)) (fail_nth: 9) 4.285980731s ago: executing program 1 (id=7): r0 = syz_usb_connect$hid(0x5, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="12011001000000406104724e00000000000109022d0001000000830904000001030001000921fcff0001220b0009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x200, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CHECK_EXTENSION_VM(r2, 0xae03, 0xd1) r3 = syz_open_procfs(0x0, &(0x7f0000000300)='task\x00') fchdir(r3) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x800000, 0x0) r4 = syz_clone(0x25986600, 0x0, 0x4f, 0x0, 0x0, 0x0) r5 = syz_open_procfs(r4, &(0x7f0000000140)='status\x00') pread64(r5, &(0x7f0000000100)=""/45, 0x2d, 0x40000000009) syz_usb_control_io(r0, &(0x7f0000000000)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="400e0b0000000b2100f133738f4afbef003c6bfb77782d57ff17"], 0x0, 0x0, 0x0, 0x0}, 0x0) capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080)={0x2, 0x0, 0xfffffffe}) r6 = openat$ashmem(0xffffffffffffff9c, &(0x7f00000003c0), 0x20002, 0x0) ioctl$ASHMEM_PURGE_ALL_CACHES(r6, 0x770a, 0x0) syz_usb_connect$uac2(0x2, 0x0, 0x0, 0x0) getsockopt(0xffffffffffffffff, 0x8, 0x7, 0x0, 0x0) socket$packet(0x11, 0x3, 0x300) ioctl$XFS_IOC_FSBULKSTAT(0xffffffffffffffff, 0xc0205865, 0x0) 4.271185832s ago: executing program 0 (id=8): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0xe0e03, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x5) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, 0x0}], 0x1, 0x71, &(0x7f0000000100)=[@vmwrite={0x8, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7fffffff}], 0x1) ioctl$KVM_RUN(r2, 0xae80, 0x0) (fail_nth: 10) 3.720017618s ago: executing program 0 (id=10): r0 = syz_open_dev$usbfs(&(0x7f0000000040), 0x76, 0x141201) socket$netlink(0x10, 0x3, 0x4) syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo/3\x00') r1 = syz_open_dev$evdev(&(0x7f000001fa80), 0x2, 0x300) syz_usb_connect$uac1(0x3, 0xdc, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000000106b1d01014000010203010902ca0003010070000904000000010100000a24010800000201020d24060000030800000000000000240803960c03112d9cd2ce0c240208000103000000ff000924060506020100000924030003030005490c240206", @ANYRES8=r1, @ANYBLOB="06"], 0x0) syz_usb_connect(0x1, 0x2d, 0x0, 0x0) syz_clone3(0x0, 0x0) fstat(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0}) mount$incfs(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x3040000, &(0x7f0000000240)=ANY=[@ANYBLOB='rlog_wakeup_cnt=00000000000000000008,no_bf_readahead=00000000000000000001,rlog_wakeup_cnt=00000000000000000003,obj_type=/dev/kvm\x00,euid>', @ANYRESDEC=r2, @ANYBLOB=',appraiseser_u,\x00'/30]) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x8008551d, &(0x7f00000000c0)={0x6632, 0xe, [{0xe, 0x1}, {}, {0xc, 0x1}, {0xe}, {0xd, 0x1}, {0x6, 0x1}, {0xe}, {0xe}, {0x1}, {0x4}, {0x4}, {0x8, 0x1}, {0x2, 0x1}, {0xb, 0x1}]}) r3 = socket(0x10, 0x803, 0x0) sendto(r3, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r3, &(0x7f0000006a40)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000001fc0)=""/4096, 0x1000}, {&(0x7f0000000b00)=""/113, 0x71}, {&(0x7f0000000300)=""/45, 0x2d}, {&(0x7f0000000000)=""/104, 0x68}, {&(0x7f0000003740)=""/40, 0x28}, {&(0x7f0000003800)=""/4096, 0x1000}], 0x6}, 0x8}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}, 0x2}, {{0x0, 0x0, 0x0}, 0x4}], 0x4, 0x120, 0x0) r4 = syz_open_dev$usbfs(&(0x7f0000000340), 0x8000000000000000, 0x8201) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched_retired(r5, &(0x7f0000003b80)={0x0, 0x0, &(0x7f0000003b40)={&(0x7f00000015c0)=@newtfilter={0x24, 0x2c, 0x603, 0x70bd2a, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0xc, 0xc}, {0xffff, 0xa}, {0x4}}}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x80) ioctl$USBDEVFS_CONNECTINFO(r4, 0x40085511, &(0x7f0000000380)) syz_usb_connect$cdc_ecm(0x2, 0x56, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000020000082505a5a44000000001010902440001010000000904000003020600000524ab0000"], 0x0) r6 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$TIPC_CMD_SHOW_NAME_TABLE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000600)={0x30, r6, 0xa01, 0x0, 0x0, {{}, {}, {0x14, 0x19, {0x0, 0x201, 0x8c6, 0x800}}}}, 0x30}, 0x1, 0x0, 0x0, 0x800}, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x20000, 0x0) syz_usb_connect(0x0, 0x57, &(0x7f0000000000)=ANY=[@ANYBLOB="12010102882333404f17cf8af4390102030109024500013f06400409044207000e0100010a240107000105ff010302070724050107638c0924030500030406810c2402"], &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0}) 3.716364068s ago: executing program 3 (id=12): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x109001, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000003240)='net/netlink\x00') read$FUSE(r2, &(0x7f0000000040)={0x2020}, 0x229) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_ublk_add_dev(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x2e, 0xb, 0x0, 0xffffffffffffffff, 0xc0207504, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, '\x00', {0xffffffff, 0xffff, 0x0, 0x0}}, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000140)=@arm64={0x0, 0x34, 0x1, '\x00', 0x5}) (fail_nth: 2) 3.200364264s ago: executing program 3 (id=13): openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x42, 0x85) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x2004000, &(0x7f0000000080)=ANY=[@ANYBLOB="7472616e733d66642c7266646e6fbd", @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',access=client,k']) ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, &(0x7f0000000080)={[{0x6, 0x480c, 0x3, 0x2f, 0x1, 0x20, 0x47, 0x3, 0xed, 0xfe, 0x49, 0xc, 0x3}, {0x5296, 0x401, 0xa, 0xc1, 0xa, 0x1, 0x47, 0xf1, 0x7, 0x3, 0x44, 0x3, 0x40000000003}, {0x7, 0x4, 0x1, 0x3e, 0x5a, 0x9, 0x8, 0xf8, 0x0, 0x8, 0x81, 0x3, 0x4}], 0x7}) syz_usb_connect$cdc_ncm(0x4, 0xd1, &(0x7f0000000040)=ANY=[@ANYBLOB="12011003020000182505a1a44100010203010902bf0002010650000900000000020d001b052401082400a9b30d2d0f010a0000000300ff000606241a05001407240a050905580c240c00000000a90c0900030424020204240200042406024424"], 0x0) syz_usb_connect(0x3, 0xf5, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000772aed408680070bb96c010203010902e30003dc2000000904003f000e01000505a40600010524007f000d240f0104000000080000000006241a03000a05240101070424020a1524120009a317a88b045e4f01a607c0ffcb7e392a09044c03003a92a2010a240109000102010205240401050c2402"], 0x0) 1.913908038s ago: executing program 2 (id=20): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0xe0e03, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x5) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, 0x0}], 0x1, 0x71, &(0x7f0000000100)=[@vmwrite={0x8, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7fffffff}], 0x1) ioctl$KVM_RUN(r2, 0xae80, 0x0) (fail_nth: 11) 1.871474089s ago: executing program 2 (id=21): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0xe0e03, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x5) pipe(&(0x7f0000000000)={0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) ppoll(0x0, 0x0, &(0x7f0000000040)={0x0, 0x3938700}, 0x0, 0x0) splice(r3, 0x0, r4, 0x0, 0x100, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, 0x0}], 0x1, 0x71, &(0x7f0000000100)=[@vmwrite={0x8, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7fffffff}], 0x1) ioctl$KVM_RUN(r2, 0xae80, 0x0) 1.710220161s ago: executing program 2 (id=22): mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000400)='ramfs\x00', 0x2800000, 0x0) mkdirat(0xffffffffffffff9c, 0x0, 0x1) mount$incfs(&(0x7f0000000080)='./file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f0000000000), 0x82, 0x0) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000000c0)={0x0, 0x0, 0x0}) r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x8c) r1 = openat$incfs(r0, &(0x7f00000001c0)='.pending_reads\x00', 0x0, 0x130) ioctl$TIOCL_GETKMSGREDIRECT(r1, 0xc058671e, &(0x7f00000000c0)) (fail_nth: 11) 1.648020701s ago: executing program 0 (id=23): mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000400)='ramfs\x00', 0x2800000, 0x0) mkdirat(0xffffffffffffff9c, 0x0, 0x1) mount$incfs(&(0x7f0000000080)='./file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f0000000000), 0x82, 0x0) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000000c0)={0x0, 0x0, 0x0}) r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x8c) r1 = openat$incfs(r0, &(0x7f00000001c0)='.pending_reads\x00', 0x0, 0x130) ioctl$TIOCL_GETKMSGREDIRECT(r1, 0xc058671e, &(0x7f00000000c0)) read$FUSE(r1, &(0x7f0000000440)={0x2020}, 0x2020) 1.591448802s ago: executing program 0 (id=24): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x109001, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000003240)='net/netlink\x00') read$FUSE(r2, &(0x7f0000000040)={0x2020}, 0x229) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_ublk_add_dev(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x2e, 0xb, 0x0, 0xffffffffffffffff, 0xc0207504, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, '\x00', {0xffffffff, 0xffff, 0x0, 0x0}}, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000140)=@arm64={0x0, 0x34, 0x1, '\x00', 0x5}) 1.555323313s ago: executing program 3 (id=25): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup(r2) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000100)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}) sendmmsg$inet(r0, &(0x7f0000002f80)=[{{0x0, 0x0, &(0x7f0000002b40)=[{&(0x7f0000001240)='f', 0x1}], 0x1}}], 0x1, 0x404080d) (fail_nth: 1) 1.447673594s ago: executing program 2 (id=26): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0xc03, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.numa_stat\x00', 0x275a, 0x0) write$cgroup_subtree(r1, 0x0, 0x32600) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5) ioctl$KVM_SET_XSAVE(r3, 0x5000aea5, &(0x7f0000000200)={[0x8, 0x401, 0x829, 0xc304, 0xffffffbe, 0x7, 0x1, 0x4, 0x80000000, 0x8, 0x8272, 0x2, 0x3c, 0x0, 0x2cbe, 0x8000, 0x1ff, 0x56db, 0x9, 0x1, 0x6, 0x7fff, 0x3228, 0x0, 0x9, 0xf7, 0x6, 0xfffffff9, 0x8, 0xbbe, 0x8, 0x6, 0xf, 0x9, 0xfffffffb, 0x8, 0xfffffffc, 0x70, 0x5ffe039b, 0x400, 0x7, 0xa9, 0x8, 0xfffff2cc, 0x6, 0x78, 0x4, 0x55eb, 0x7ff, 0x0, 0x1, 0x800, 0x891d, 0x8, 0x6, 0x0, 0xffffffff, 0x0, 0x3, 0x3, 0x7ff, 0x4, 0x8, 0x800, 0x6, 0xe, 0x3, 0x7cd1374f, 0x3ff, 0x5, 0x0, 0x1, 0x571, 0x887, 0x7fffffff, 0x4, 0x7fffffff, 0x4, 0xfffffffc, 0x9b7, 0x2a02, 0x7, 0x7f, 0x99, 0x9, 0x8, 0x2, 0x3, 0xffffffc0, 0xb, 0x3d7, 0x7, 0xffff, 0x2, 0x3, 0x0, 0xe8800, 0x0, 0x5, 0x0, 0x4, 0x8000, 0x10000, 0x8, 0x9, 0xeb2, 0x0, 0x1, 0x6, 0x5, 0x6, 0x2, 0x0, 0x7, 0xfffffff7, 0xfffffeff, 0x3b00, 0x4, 0x3, 0x8b, 0x3, 0x6, 0x0, 0xfffffc00, 0x9, 0x1, 0x4, 0x1, 0x5, 0xb, 0x2, 0xd, 0x5, 0x7fff, 0xd, 0x2, 0x977, 0xccd, 0x7ff, 0x7fffffff, 0x101, 0x2, 0x4, 0xb, 0x4, 0x9, 0x3, 0x17, 0xff, 0x7, 0x80000001, 0xd1, 0x7f, 0x4, 0x6, 0x6, 0xfffffffc, 0x1, 0xde7, 0xc, 0xb, 0x1, 0x3, 0x2, 0xa8a, 0x80, 0x80000000, 0x3, 0x9, 0x81, 0xa, 0x100, 0x0, 0x80000000, 0xfd4, 0x8e, 0x10000, 0x0, 0x88, 0x2, 0xc6, 0x0, 0x2, 0x80000001, 0x5, 0x3ff, 0x101, 0x8, 0x6, 0x6, 0x2, 0x8, 0x6, 0x4, 0x7fffffff, 0x5, 0xd5, 0xf104, 0x6, 0x5, 0x4, 0x1ff, 0x6, 0xff, 0x4, 0x0, 0x5, 0x4, 0xfff, 0xff, 0x400, 0xd, 0x9, 0x3, 0x3, 0xfffffffd, 0x400, 0x1000, 0x4, 0x5, 0x4, 0x7fff, 0x1, 0x5, 0x40, 0x9, 0xb, 0x4, 0x80000000, 0x1, 0x6, 0x4, 0x101, 0x8, 0x101, 0x7, 0xc, 0x5, 0x8000, 0xa, 0x1, 0x800, 0x4, 0x589b, 0x6, 0x3, 0x2, 0x3ff, 0x9, 0x57, 0xffff, 0x3, 0x1ff, 0x4, 0x400, 0x1000, 0xfffff4ab, 0x19, 0x9, 0xb, 0x7fffffff, 0x8, 0x9, 0x1, 0x8, 0xf, 0x2, 0x40, 0x1154, 0x7, 0x3, 0x8, 0x25b4, 0x7, 0x26, 0x7, 0x8, 0x3b4, 0x8000, 0x5, 0x8, 0x8, 0x400, 0x6f54d0ab, 0x4, 0x6, 0x0, 0x9, 0x3, 0x5, 0x3, 0x5, 0x6, 0x5, 0x8, 0x1, 0xe000000, 0x80000000, 0x9, 0x9, 0x3, 0xfffffff9, 0x6d, 0x7d01, 0x2, 0x800, 0xaf33, 0x800, 0x8, 0x101, 0x7, 0x9, 0x8e50, 0x4, 0xb4fa, 0x8, 0x2, 0xf8, 0x9, 0x9, 0x2, 0x7, 0x0, 0x0, 0x9, 0x8, 0x4, 0x6, 0x1, 0x0, 0x9, 0x7fff, 0x7, 0x2, 0x795, 0x1, 0x3, 0x7ff, 0x9, 0xc, 0x8001, 0xe9b, 0x2, 0x7, 0x6, 0x7, 0x7fff, 0x10001, 0x0, 0x52df, 0x7, 0x2, 0x2, 0x3, 0x400, 0x0, 0x2, 0xffffffff, 0xbcc, 0x52b0, 0x7, 0x1, 0x9e, 0x40, 0xc, 0x10000, 0x9, 0xffffffff, 0x0, 0x2e, 0x800, 0x8, 0x6, 0x101, 0x1, 0x5, 0x7a, 0x8, 0x6, 0x1, 0x8, 0x11c9fabf, 0x3aa3, 0x9, 0x3, 0x5fd, 0x7, 0x7, 0x1, 0xfffffff8, 0x0, 0x9, 0x4, 0x200, 0xde9, 0x9, 0x2, 0x7, 0xffff, 0x6, 0x28, 0x64, 0x1, 0x9, 0x527e, 0xc, 0x0, 0x0, 0x6, 0x7ff, 0x7, 0x4e, 0x5, 0x7, 0x6, 0x3f65634a, 0x400, 0x9, 0x20002000, 0x4, 0x4, 0x0, 0x0, 0xffffffff, 0x3, 0x5, 0x7, 0x1, 0x7bc8, 0x2, 0xfffffffd, 0x7, 0x5, 0x80, 0x4, 0x7322, 0xc, 0x20b808e9, 0x1, 0x3, 0x4, 0x4, 0xaf9, 0x10000, 0x1, 0xf80, 0x6, 0x7, 0x4, 0xd, 0xbd9, 0x5, 0xffffffff, 0x9, 0x1, 0x7ff, 0xc58, 0x9, 0x5, 0x1, 0x8, 0x7, 0x3, 0x3, 0x6, 0x8001, 0x0, 0x0, 0x7fffffff, 0x4c, 0x578e, 0x10, 0x0, 0x9, 0x8, 0x5, 0xcc, 0x10000, 0x2, 0xfffffff7, 0x9, 0x80, 0x7, 0x4, 0x4391bf8f, 0x7ff, 0x6, 0xe160, 0x10000, 0x7, 0x4, 0x8, 0x360, 0x200, 0x1ff, 0x4, 0xce01, 0x0, 0x8000, 0x956, 0x1, 0xfff, 0x0, 0x1, 0x2, 0x4, 0x9, 0x8, 0x800, 0x7fff, 0x2, 0x8, 0x8, 0x2, 0x5d7, 0x80, 0x43, 0xfff, 0x7, 0x200, 0x1, 0x7, 0x8, 0x9f4c, 0x2d1, 0x1ff, 0x4, 0xb1, 0x2, 0x6, 0x7000000, 0x9, 0x5, 0x5, 0x6, 0x7, 0xd, 0x3f, 0x4, 0x1, 0x1, 0xffff0001, 0x40, 0x2, 0x8, 0xd, 0x1, 0xfffffffd, 0x0, 0x1, 0x3, 0x0, 0x4, 0x1, 0x4, 0x1, 0x3, 0x200, 0x81, 0x92a, 0x80000000, 0x8, 0xd02, 0x6, 0x6bf, 0x3, 0x80000001, 0x4, 0xf4000000, 0x400, 0x0, 0x8, 0x5, 0x93d, 0x5d43, 0x2, 0x1000, 0x10000, 0xffffffff, 0x7, 0x1ff, 0x401, 0xfff, 0x1, 0xfffffffe, 0xfffffffa, 0x0, 0x6, 0x5, 0xffffffff, 0x800, 0x5, 0x10001, 0x200, 0x101, 0x3, 0x1, 0xaa, 0xa, 0x10001, 0x4, 0x80, 0x8, 0x0, 0x73, 0x0, 0xa00, 0x9, 0xfff, 0xfffffffa, 0x58, 0x7, 0x5, 0x401, 0x9, 0x80, 0x0, 0xfff, 0xffff0000, 0x4, 0x4, 0x7, 0x6, 0x8, 0x7, 0x5c9c8c3c, 0x145, 0x10001, 0x5, 0x3, 0x1, 0x2, 0x0, 0x8, 0x401, 0x3ff, 0x0, 0x46, 0x6, 0x9, 0x7fff, 0x0, 0x401, 0x6, 0x9, 0x2, 0x8, 0x8, 0xf, 0x5, 0x6, 0x6, 0x7, 0xfffffff8, 0x0, 0x93baeae, 0x101, 0x1, 0x6, 0x2, 0x0, 0x4, 0x2, 0x3ff, 0x3, 0x3, 0x4, 0xc6, 0x8, 0x9, 0x8, 0x7, 0xfffffff9, 0x7ff, 0x4, 0x5, 0x81, 0x10001, 0x3f, 0x5, 0x7fffffff, 0x80000000, 0x8, 0x7f, 0xffffff70, 0x18, 0xb68, 0xb, 0x771a, 0x2291, 0x0, 0x80000000, 0x7f, 0x9, 0x9, 0x2, 0x8, 0x40, 0xfffffffd, 0x7f, 0x9, 0x4, 0x0, 0xfffffffb, 0xb, 0x2, 0x0, 0x2, 0x3, 0x5, 0x2, 0x12, 0x9, 0x8a, 0x78, 0x1, 0x2, 0x5, 0x6deb, 0x6, 0x3, 0x80, 0x6, 0x8, 0x4, 0x7257576d, 0x9, 0x2, 0xa, 0xa2, 0x1, 0x1, 0x0, 0x6, 0x4, 0x9d, 0x1, 0xfffffffb, 0x8000, 0x1a, 0x5, 0x5230, 0x200, 0x8, 0xff, 0x6, 0x5, 0x8, 0x1, 0x0, 0x1, 0x8, 0xaa5, 0x7, 0x0, 0x3, 0x7, 0xf, 0xa, 0x0, 0xa, 0x6, 0x4, 0x8, 0x4, 0x2, 0x4, 0xffffffff, 0x5c1, 0x8, 0x4, 0x80000000, 0x864f, 0x0, 0x8, 0x3, 0x7f, 0xfff, 0x45, 0x3, 0x3, 0x9, 0x7, 0x9, 0x1, 0x6, 0xf, 0x5, 0x8, 0x3, 0x3, 0x4, 0x81, 0x2, 0x3, 0x3, 0x6, 0x6, 0x7, 0x9, 0x4, 0xffff8001, 0x7, 0x2, 0x4, 0x8, 0x3, 0x9, 0x9, 0x2, 0x5, 0x2, 0xd93e, 0x6, 0x3, 0xb, 0xfffffff7, 0x2, 0x7, 0x10, 0xe11c, 0x1, 0x6, 0x8, 0x2, 0x4, 0x3, 0x3ff, 0xb4, 0x3, 0x10001, 0x7f, 0x5, 0x7, 0x3, 0x1, 0x6, 0x6, 0x5, 0x1, 0x10000, 0x0, 0xfffffffc, 0x0, 0x1, 0x4f4, 0x4, 0x4, 0x7fff, 0x9, 0x9, 0xffffffff, 0x782, 0x0, 0x8, 0x7fff, 0x800, 0x6, 0x4, 0x8, 0x5, 0x5, 0x9, 0xfffffffa, 0xffff, 0x2, 0x5, 0xfffffff4, 0xf3, 0x0, 0x5, 0x6, 0x2, 0x8000, 0x401, 0x9, 0x3, 0x5, 0x40, 0x9, 0x5, 0x2, 0xf87, 0x0, 0x1, 0x5, 0x400, 0x5, 0x3, 0x400, 0x4, 0x7, 0x9, 0x100, 0xc, 0x2, 0x7, 0x40, 0x4, 0x8, 0x8, 0xbdad, 0xec9d, 0x101, 0x3c, 0x0, 0x1, 0x7, 0xf6eb, 0xffffffff, 0xe0, 0x6, 0x7, 0xa4, 0x72, 0x6, 0x461a, 0x7, 0xfffffffe, 0xf, 0x0, 0x401, 0x81, 0xff, 0x4, 0x9, 0x5, 0x2, 0x7d, 0x0, 0x1, 0x0, 0x7, 0x3, 0x0, 0xfff, 0x5, 0xb, 0x8, 0xff, 0x80000001, 0x9, 0x3, 0x9, 0x4, 0x2, 0x305ecbb3, 0xa629, 0x10001, 0x9, 0x7, 0xd, 0xaa, 0x4, 0x6, 0x8, 0x6, 0x3d, 0x8, 0x1, 0x4, 0x8, 0x1, 0x5, 0x6, 0x3, 0xfffffff8, 0x1, 0xc, 0x7, 0x7, 0x3eb, 0x3454, 0x9, 0x0, 0x5, 0x9, 0x1, 0x5, 0x3, 0x279, 0x5, 0xf8, 0xffff, 0xffffffff, 0x80000001, 0x3, 0x9, 0x92, 0x7fffffff, 0x4, 0x5, 0x5, 0x0, 0x2, 0x5, 0x6, 0x200, 0x7, 0x3, 0xece, 0x800, 0x0, 0x563c, 0x14, 0x7ac18a19, 0x5, 0x40, 0x5, 0x8, 0x8, 0x85, 0x0, 0x5000000, 0xa, 0x3cd, 0x81, 0x1ff, 0x1, 0x1, 0x5, 0xffffffff, 0x6, 0x3]}) 1.074242328s ago: executing program 1 (id=27): r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f0000000600)=[{{0x0, 0x0, 0x0}, 0xd47}, {{0x0, 0x0, 0x0}, 0x8}, {{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001180)=""/4059, 0xfdb}, {&(0x7f00000004c0)=""/209, 0xd1}, {&(0x7f0000000bc0)=""/279, 0x117}, {&(0x7f0000000980)=""/173, 0xad}, {&(0x7f0000000880)=""/224, 0xe0}, {&(0x7f0000000080)=""/96, 0x60}, {&(0x7f00000002c0)=""/229, 0xe5}, {&(0x7f0000000240)=""/109, 0x6d}, {&(0x7f00000003c0)=""/85, 0x55}], 0x9}, 0x1ff}], 0x3, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000)="f1584ee6d03cfb5809bfc86f8b9b209517aaef", 0x13, 0x60804, &(0x7f0000000140)={0xa, 0x4e23, 0x3a, @mcast2, 0x2}, 0x1c) 1.014361799s ago: executing program 1 (id=28): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x109001, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000003240)='net/netlink\x00') read$FUSE(r2, &(0x7f0000000040)={0x2020}, 0x229) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_ublk_add_dev(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x2e, 0xb, 0x0, 0xffffffffffffffff, 0xc0207504, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, '\x00', {0xffffffff, 0xffff, 0x0, 0x0}}, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000140)=@arm64={0x0, 0x34, 0x1, '\x00', 0x5}) (fail_nth: 4) 963.252699ms ago: executing program 3 (id=29): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0xe0e03, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x5) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, 0x0}], 0x1, 0x71, &(0x7f0000000100)=[@vmwrite={0x8, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7fffffff}], 0x1) ioctl$KVM_RUN(r2, 0xae80, 0x0) (fail_nth: 12) 961.28506ms ago: executing program 0 (id=30): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = syz_open_dev$usbfs(&(0x7f0000000240), 0x75, 0x109301) ioctl$USBDEVFS_DISCONNECT_CLAIM(r1, 0x8108551b, &(0x7f0000002600)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d806726615380fe65a6a0a72e19c2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d90d1f6"}) ioctl$USBDEVFS_SUBMITURB(r1, 0x8038550a, &(0x7f0000000400)=@urb_type_iso={0x0, {0x1, 0x1}, 0x1ff, 0x80, 0x0, 0x0, 0x68d, 0x2, 0x1, 0x7, 0x1, 0x0, [{0x8, 0x4, 0x10001}]}) ioctl$F2FS_IOC_SET_COMPRESS_OPTION(r0, 0x4002f516, &(0x7f0000000140)={0x5, 0x2}) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000a40)="2e9b3d0007e03dd651930100c575963f886411", 0x13}, {&(0x7f0000000040)="00000000350283", 0x7}], 0x2) mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0) mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2151090, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f0000000380)='./file0\x00', 0x0, 0x8b145a, 0x0) lstat(0x0, 0x0) mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0xc00, 0x0) capset(&(0x7f0000000100)={0x20080522}, &(0x7f0000000080)={0x4, 0x10fffe, 0xfffffffd, 0x20000}) socket$packet(0x11, 0x2, 0x300) 960.845349ms ago: executing program 2 (id=31): mount$bind(0x0, 0x0, 0x0, 0x2a05404, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) r0 = socket$netlink(0x10, 0x3, 0x4) writev(r0, 0x0, 0x0) r1 = syz_ublk_setup_io_uring(0x20, &(0x7f0000000340)={0x0, 0x0, 0x100, 0x2, 0x1e5}, &(0x7f0000000000)=0x0, &(0x7f0000000540)=0x0, &(0x7f0000000140)=0x0) syz_ublk_add_dev(r1, r2, r3, r4, &(0x7f0000000180)={0x2e, 0x18, 0x0, 0xffffffffffffffff, 0xc0207504, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, '\x00', {0xffffffff, 0xffff, 0x40, &(0x7f00000000c0)=@new_dev={0x3, 0xf14, 0x0, 0x0, 0x1000, 0xffffffff, 0x0, 0x0, 0x100}}}, &(0x7f0000000280)=0x0) syz_kvm_setup_syzos_vm$x86(0xffffffffffffffff, &(0x7f00004e5000/0x400000)=nil) sendto$packet(0xffffffffffffffff, &(0x7f00000000c0)="3f031c00", 0x4, 0x800, 0x0, 0x0) r7 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), r0) sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000400)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000003c0)={&(0x7f00000002c0)={0x70, r7, 0x10, 0x70bd2a, 0x25dfdbfe, {}, [@DEVLINK_ATTR_RATE_TX_MAX={0xc, 0xa7, 0xc}, @handle=@pci={{0x8}, {0x11}}, @handle=@pci={{0x8}, {0x11}}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x1}, @DEVLINK_ATTR_RATE_NODE_NAME={0xe}]}, 0x70}, 0x1, 0x0, 0x0, 0x4040400}, 0x200000d1) syz_ublk_setup_queues(r1, r6, &(0x7f0000000200)={0x0, 0x1467, 0x10700, 0x2, 0xb2}, &(0x7f0000000600)=[{0x0, 0x0, 0xffffffffffffffff, {0x0, 0x4485, 0x10234, 0x401, 0x200031c, 0x0, r1}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0x7682, 0x4000, 0x4, 0x2000008, 0x0, r1}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0x1002, 0x8, 0x10008001, 0x902c4, 0x0, r1}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0xfeda, 0x0, 0x2, 0x221, 0x0, r1}}], 0x4, &(0x7f0000001540)={0x2e, 0x6, 0x0, 0xffffffffffffffff, 0xc0107520, 0x0, 0x0, 0x0, 0x0, {0x6}, 0x0, r5, '\x00', {0x5, 0x487, 0x0, 0x0}}, 0x0) 578.262044ms ago: executing program 1 (id=32): mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000400)='ramfs\x00', 0x2800000, 0x0) mkdirat(0xffffffffffffff9c, 0x0, 0x1) socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0x3, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_KEY_SET(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r0, @ANYRES16=r1], 0x54}, 0x1, 0x0, 0x0, 0x20004000}, 0x0) r3 = socket$inet6(0xa, 0x2, 0x0) sendmmsg$inet6(r3, &(0x7f0000004700)=[{{&(0x7f00000000c0)={0xa, 0x4e22, 0x2b4, @remote, 0x8}, 0xa, &(0x7f0000000ac0)=[{0x0}, {&(0x7f0000000500)="ebce8f4a3ad6f79b42231f8a6ae6d1795c143943bf58052d91d293163a2c070ef977e96f475ea53b479d22cc60700215c356a383d8fdb6da91ef81ab4f4d9351", 0x40}, {&(0x7f0000001640)="b42debb7bb5e0d4a9d147347af095030d170505f0c50579da4770ba44548dac35812c481acd13ae0eda0f56b02e248608fd7c6ba1815b0a169586d0c38edcac401754717a3db76925e6b440348469d96903cb7a17c3fd7d778dd8dabd8417659061eba46f8c2ef4972370c50735ac1320e277ecc1230a74b0314bfb4319495d12df0257709ada4a79b6db9dc0d4d5605f3788a84158bb484d4dc9701ed6d7f57fdd3fc1d75d1add15472a01899365793a0b6d43a8cdeb4261f844345125b24f0f6ca16270d0b2487aeaa3dd9fbc65fcdffcb39a84eae121d4f9decfa1816e32e98090ba2414aa3c1be60fc0a95a533c2e9d44f24fb28bb8ff334a4fa64293166494f15bb3be6d6b5dba7dfeb88362656178f9d8a5e5aa812ee6df95a3bf46e89fa186d6c796c1086290ca7c224f197f041ef304b65608984d1ee2f8ca6ab0bae74f88a5628efab0036e68f2aacd2575fe59a7896c81b0f26ae9809ddfc714a67f389945c4e35dd7ce91e334381dc4e4dec39137e2e672752aad296156b1cfbda2e9ca4c3ec5f46d0d2926e14868bca86b3ae216165ce892c3399604e19aa0e193c92bc90e72869238d87429ab86505d77b896c366a08fce4192e35a8329b43071f5a0c07d532c081ad8fa23b8ea31edce68cc57314cad6571afe98e6da3b4216d25c5f7a6706dbca215c99fcf0b13b0fa7d0d5528042ee12f8bb73d783d508d82c64a1854df7f9e54c01ee4c376898e66cdaf23b9c33927799ed211fd656c67190ed8739cc827a327cd53f73b74f2eb248521e9afe4cff26c05613b5bc9bdb0637a0946b93038256e542f04450fc4e8f8772ae64e8177157508479e118677f0b8dd05134f5d666ad3a22dfb9e74da21cd843e9a0ada6d281f3f5c2798c5ba0a75fb1babf4f694814f29f3e99f7b47c8bb1f556bcd99c01af29409fa7015050ccfbfac6c43ddb60e797789ca895b6419e56f43438cfbeffe2011a331bdc2ebe0cf535d064f859516f1c257fa902f4ce512e9d261f387c7ec3956d44d3cf23744ccc0c04cf21b87172c4d3dba5343041368f5de174061c8ab0a7b95e8669700939e3a3ed4a242e14438499d30c0dda69a88f009e2d64011d186a8f4600a75b598fb183010046c1ba4122d7c71de63524c53dca96d5e7de9fcacf69cf578a9a7ec6bb54f560e4a10dbd87bd61a95bef5dc4db87c490944e93768a893c556e826398de9c2dea4bbecd4cfe306f01173fbd979a2b5ab08e9de8551b347d1aae56d79c3446b0620cbd2cfc8d9ab8e76a234ce29690fc2020d8ee1903212ce4440363f1833b4b7eac859d3796b86a4c7959b0366774918fe04d020e7fa156991ae01e3428ea50826eac3ae900355eb4f72b7bab4508b3ffcc1fabfb41b23beac5fecefdedd361127f7f4d51560381ca5f9aaa27fbee6e699daae5a50b2522f450424a7dc84bedc89c70401838e95416eb6f4784c250d9575220122d72ba4206a751e289029b0873602483cba80ccad4a3c638401b76f615ca1d19d43fbabea159284cf6219c45fedcc3a8c1266865bf08c5aa259690a776a2d2b30679fa94e47f63c889287c0c12878d33df7778d673be0669cf72d1d7ca1dde36673a204f4658ddb04e852264273309cf652a5aa8346adc0820ef53e0aeae0ce4ec53a1507582452a83822bfb9023a22ed35bf4667de19292ea6431a034961dddedbb0f9983b3f8643d07b8a8866547fa3d305f5b3de6bcfcf778118bfe28412e2edfc3aeeb1097d2db5cffc8036814349d9b7f4c339f428980f2448f3baf802e7691f5ab831baf66a522c1b3ab45fd927d1ea8cdb7aa91e1a072fc84bc869c5241326b043145aa7b3cba92b5d2b1a4902f53f16344fa76a3102729bb40f0dee81838ece09af81813044c1f4518ce3c8fdda81a60f2d29a5fdc5302114b1b66734f7b", 0x559}], 0x3}}], 0x1, 0x80040c4) mount$incfs(&(0x7f0000000080)='./file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f0000000000), 0x82, 0x0) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000000c0)={0x0, 0x0, 0x0}) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x12) syz_clone(0x1022000, 0x0, 0xfffffffffffffc76, 0x0, 0x0, 0x0) lsetxattr(&(0x7f0000001000)='./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000002000)=@known='user.incfs.id\x00', 0x0, 0x0, 0x2) r4 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x8c) r5 = openat$incfs(r4, &(0x7f00000001c0)='.pending_reads\x00', 0x0, 0x130) ioctl$TIOCL_GETKMSGREDIRECT(r5, 0xc058671e, &(0x7f00000000c0)) 577.607264ms ago: executing program 1 (id=33): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x1b, &(0x7f0000000080)=0x21, 0x4) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f00000013c0)=0x80000000001, 0x4) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback}, 0x1c) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = dup3(r0, r1, 0x0) mmap(&(0x7f0000003000/0x1000)=nil, 0x1000, 0x2000000, 0x2172, 0xffffffffffffffff, 0xfe6d1000) munmap(&(0x7f0000001000/0x4000)=nil, 0x4000) futex(&(0x7f0000004000)=0x2, 0x1, 0x0, 0x0, 0x0, 0x1) r3 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x8001) ioctl$USBDEVFS_CONTROL(r3, 0xc0105500, &(0x7f0000000040)={0x0, 0x18, 0x1, 0xe, 0x1, 0x7, 0x0}) r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f00000001c0), 0x210002, 0x0) ioctl$PPPIOCNEWUNIT(r4, 0xc004743e, &(0x7f00000002c0)) ioctl$PPPIOCGFLAGS1(r4, 0x8004745a, &(0x7f0000000100)) io_setup(0x2278, &(0x7f0000000180)=0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) io_submit(r5, 0x1, &(0x7f0000000140)=[&(0x7f00000001c0)={0x0, 0x4, 0x87, 0x0, 0x0, r6, 0x0, 0x0, 0x0, 0x0, 0x2}]) sendmsg$inet6(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000001500)="e041c6845b8ef826b504a1b736f24b878a482512b55b63705d0d635eb03a2015139d39828d56583b235ac370afd8d3b168c8a4bfea79a4b219562d7517d943353687f7198b49bf841eeb6b58b5d8dde82ff881e0166b24ef225c36f5b94a3a9075dac96cfb7ee469eb4908b88e2100feddd15d6e61beae24bdbfced348ee8a2bfe2aa72cce89e185b9315d03d1e9aaceb39963d148b56854aee37ea9f5d0a4d922311d057ad3c7ec752762b88d01b57d2415fe7316df69ccbdce5495fbc69c0f6f7ab85721fe1925760c0c35f5f8ba81c54d5a36dc9ce28ce7dd27fac37266d8fd86e38f96a1c5cf8e240104eddbe18bac779be1bd459898ae2080ad91722f1beb5f430ee86792d5ea02d97dd650867f6fb3bbcd20f88b016b62ced88fc10e3c41674bffc70aeddd80d2cf193f0e73514cc58da911f1cd59e05ca89e7e9e8f82df11663d4f3f97ab71aa6407373443d791b2a9a26b6f581e30d574a9e21cad26dd5275be942e46b0cb7db9c6f4b5fff1239485a7de3e0e011369fc061f468b8002a543f85eda815f01eefdae7e5112b72ee00c5c9ce5fbc06b2c5784e308d228bb79c06063fe2441fae101f177cf0e902caec56227b44e407aca3a57e385924e21832ed714fea2de4026cd1560f41d99681d7150d93b5e42fbd3ba39450070a4a3226ffe3dbb8c9dbeaa0e5f07cb553e288902838720952ca320d1a08b40e382159010aa87db9d43292038b604cd9b10780b2f0f5e8c87555e00f9d56e8714a44482779281b8b2753531325c6f96296e0ea14fcae7513415397f9d28955b306fdd0e829acfd5b74e531ce04bb408ad232d6cdb8ac63cac7924431934241d1823195837043063960e22d18caa9b2ea3376f03652b1af89ea3be2fdb6a0115cb128e5c1613fe367a325bd6daabdef2f7f348a6642e71028c9bb52f631488c286483e26f998a55b691aabd6840c5cc0f101213c5ad6cc88ed479d31d6ba3cb25f836bf61ac1e10c1d398a8383c879e384701f7ef28f95c2225f9d0ff91503ea201cc4104a3fdabbc1177458d68c23efce243e07f4b8b4a50f3a813c540330aca47870468f7d574e0d0b5406d95ea241bd07981303268af1a85b127db5347da0dd0b8a3163500d78b2fe626b36eece2808d9f29eb9542e64459a535d2cf6cfd56f26f5f131e66bad20c33a3b838a0477e7dde678f040df676e656fd4c971bde4239983717ac3f25811967cfdc0ef84aa9c88d7d42557fcbc650271f1aa1b6ca96ae59fbb032c3608d61f768e481b78746717d81c052804cb905a8e037558496e74d704afe4b46d09aefe461a369a49cb9918fbe8c86407fe7a9aef2080672909e7ce5497fbee041239b9c457f7cb703ba38218f09df900ef0d30a38689a20e04638716637750691722234d9abd786716a24ffdd06ce624d57b2c43ccddba95f518899dfe6857b6d9e6091b822ecbd33e3cd12636a9b731a58f88d68e5dbce43590de8bc6ea18242ccfe881df9316289b394529fb813c8c6cbaadd11da47bef3ecdacfc619df60fba01034461bc34c2251397b0f775b80601dac3e30bdc0fcae7fafc6df723781b7dab9786a88acd3e59f49ca4b280d95079ad6f9775d32e76984fe10b4e67a710af319a34a34e19b295187986ee85ea7d6a1e0f9e13b7de76a9e345265ab6d4febb1ae4766e4f2a60f792a144e039aaf01982d2415f4e5ab862efb27032ecf9c89d0d9c6c7ccb1b96cd4057d2b9c215e6a2b6f7e9a0c1f9e13b4e32df2e039b2f7a2269077d31689406f8ac2d7a91e852f6b3d753b1af463aed5ee175f66812428eef2702c8d8397b86f73ac6f7d434e0a420843af23c6b7e33c1a7c740f78ac34fdf190b5956d69f69a5b05d7d5580da468b6cf77bf5970148b8fd55733b5bf84d832f06a8a9c76bbe620bb4f019529b1ef583409865ece0679d84de3f75cd07130d2ec9bc6a7e5087ef9210711dad69c3d8bd153bdc086e1b647fcd07038e51027710dbce64a2577f724180c4a2950b554984f760991def22bc0d6bb7d4f1989e2d584b229ebb555e86cabd169a963c6c218ab83fdf0c0e84901513bfa32b0301b0ffd0024ed30554eac787968ae9b52da07e8e169837c500b2df12d5e6f91dbcc12d8632bb3a6d4953264ee4570866c0d4b06d7cd67bd709defd5b112efef200f4faf2894cf912d4065ac93e5b7011bc28df478330024362544bd1c1e6d847195de4db32beada722b5d9986539f779d17f83a095fc65db03f0bb13d5cebf97fc6ad907b5f35cada397b5cec15a6031737ac7fbe3633ebd844800091c48d02b822811056f64382b1d38c3ba87f6a673969be4bd27784fb3e0667b58fa8942da38ab599da85105a4a7618d7b4f448ffa0caf492d804954e0252b6ea31dbab2500d598ee6b4945c4303b96c05e06fdbf372621164273169a34f5bf4c1e18eb513e703a732430d1e66032035c79398f4a4b1714875a331c56b5435f515ef3d9b98e7c7d422dc304accdd7938ce98c064633bcc60403d1132e3518e798105b855c481a44b1fbca7377269ab23dd95bc1f1874d3365940e4045b0187778cb538230e1e59955b129ec6cf83b9270594d7cc7bfe1147859d2ca0e8f55495089c0069719c3a8701d1fd906cd3af1e36a5bd21b54bd4bd8ab7fb2e4a0b840dac37d49cef219b7d8fd41cdec4b5be0ef8de5128744b06630442dae26cecc40004b111baf652b0a73d13fe18b85990c4f9ae7b648966a5a3d5923f524e5ca5b601b6aa3ddd7e3cb6f2d648b5124330e05fbd7056d145909a274ca175c3e08798ac7aae76ef01a12ccdcea682f193e16b65df8ef879eba418e30f4c7b3aca82ed3dcb22eaf61cc14d16d9468844de96b5b9b88549f1e26cbf34bcf91f6c89ebe5f0a28a580291941783dff966916a1c4b901b9bf4c1e50b5d8bffc9b5bb037fbee281c0bf20c974a338a813e95845c80f0d179fee50ae9de7abf34964c78263ccfceb8df5893d2b977941d79ae93c1ca27960a46729464da704d74dd49a4ad00b3065a4b022aa45c647d7b00e0350654d4c07a8e5581800e200c0d75f4019008fd0deb69842d230e296c2ef810521c65d653da88b8b76d6503c3a79da1ca915a499c76e1361f33fad59c9eeecf6e61174785b17dcb057453799551506395b433afca88d9bd9fa5796098b85cc92fba3411fa321210d8ae55e53461e5962580f3a66ef216930254541c13514f0239b58fe3c825b1df6a666eecd602e26ad704d3ad3746ad6574a705273c9183d2326f5f0c5607d7ecb64a3f83fb5489cb6ec5ede2d1fd1aedcc58d3da1981d2fb9db3847527b7565719211e947696e7f3e8e3bdefe4bb238d51882c0c3dc3d164141bb3164bc4ff131559d6cd58a73bbec77b69da832b668e8ce916c63ab0ec03e456eada0ed84bd25f5e09f072bdb0b108ac8f203842ab604b1ad5bf59e87a6e3fa400623a8ab31965319b57fc362d87659b7cff965a71a27c5fdd72239cbe5adcbc84b4957e9245e35b1ca6455f839f87af3bdac4cf706fe4bd4d50cb633d9bbf76a3b184ed001e7e05d5bd8e36ef1b957fba7f2305d1773bd322372525fd7b3f31c08e8e153aacfd6c81bd40087624cc95259b4e7bf389b325c59c515154069de50acf843cb3b1be7e5979e143fdb1daabea26a73d76c7f6c9070c7e53739309858c4bdbc174b9a80de704cee1458fa3cc8761275656b8232df28c38df1b25dd543f4978494a31b41d7b77cbdfcaa9f2c26abd4ef145183c56c214bcef1042508c346b94327784ef42c1c6b2c61cac3bd03502e61ada586999818471b153351d999d50aa3727b64a199584f3e024e2947c63df1b19d346fc2ea93f6565d4c1592fc30309ecdd160746d02af6f0e65307ed7f8b0ed070bcea3fcf8a11563fb8a5ec83fc55432501efe2ed495e31674f3bc873a1acfe613d418c2f41dc865731380b460e59bbbe88d490e6e5dec2c7b80c897b6d056f4b49e0f8322e4c3ec7e485e3dcab5cbc4708fe16af6aeda1b4e9cad184d5485dfa435737eee2324e0d2d7c1ecdd458b94e4f765cbe4b7e53f9a913fd3beb3df254870e0c29fa561de38f4523a05f86d925c11e921ac88f1b39f23aa0f1669015aebee8b944b8195fa1fd1951dec0c516de0b626bdacd6946ba8f184e7f0658bf2033ddb31ceb5895c1aa5fc0555cca4c71e379882e081b59a53c28cb79820bcdc4894e7615c358d554490e4792bf940a2ce890c2ec01e6a1149c3cb30a462e607b69ff1e1d0adbe2f4daa9e2c78e535aa2c00ae4203247c2173855250ccc4ef0a3602cb5a23731d8afa6f34c2aae3c5017d66edce41b780a1dccdca4faec68cb5e3ae8a2130a829d1da474814e00db97a53e94fd9e877dcfce5f83c1ce917add2c2bb64b677ace2b4d64606e9309b2587c78493ce57d291159929d368df0ea2a208a229893d3617bcf28dae48bb9f068af41e38fb96a02dc32b0146acefecb8a62e8e6e42e7c29e321d7d7357085a353d76d3d323335fc07117ca8f388760e3beed4c469784910ece9c414948a4ac7dd68c841c4b7ebccae156576e7218ca310f495117c0466d7368f82905814e1cb560f7896c9ede193137f571b78f4d1b0e922593f62e7a8f0f6f37528612e9e8895e55aacc0e4cfd0f88f30badef5bd992da31c599c78a1e39b0734c1f275b6f376b6ed79b24a962756cb4423671b35c80f9703f5181c59815cdb66fc9fa804c945e16581b8cd09fb78e02591e41c5ce15c449f6e6487bfedad78643c17ce13d4afdf0c0ea384c5bc357a893cd41030082385bdf4788ec1f37052819de344e7aca8b2f52b098e62963923cbb2564181294bb2804a25adf5a8dab0c893e1162bbb0283510f964f1c1deedcecb96c0ac8d3ada73e951c14657409249d8b66d7d13f5c8b552182b4f69d0a860db1407fb84d2c5466c46bcf1e09a02d6a991736b855d8e213372c4483721138ba2391ceb5076a14e821db71f741350088b8ea39b9f88ee484c51a2040efbb860bb39777874da8d9b30dc9ac4d6592a2def1003bcffa0b012c948794940b98d72ff04b848184b7fff5639f85936b8bafc98bb626bf4fe4f837d6d119f2faa5e90819f6e5d66534afd0739ec3a8fcf0438a1859626fa7941c5f739e96df8204e5dd9938d40d1488000bc1b0dab69e6bdc6dc557824c801ff9f49ad893f6dc113d2f2698dfbdb30ad39ba73e0410ffb3eda85cf0672d28de7a578de8bd2bc5672a448a528290f8d73e49ac67011d476b533d4b4c75cd115015e06b7a994d86cdabc1c41957b20b5fd6adfdb55626626c2360e23cfa7020ec7e47f68dd5c1ea3c5041c568060232c8c1c8f765987e76a3f91fffa4177208dec7522a55017e0e52b1a98c315037f5d763b8fe3d53313dc97f9aa03de23f54b6711b87c5b568eb8b0819b6228cded0fea022a8a8fe6bda9b1b6788152d5fe7842086bf418118b6ead2bb327097d7a8624e379abe7a0ae9fe2b017948956e7c4a9f5ca1685e94a17c210e691e170b9d5aa075ebfc408a7a9939b7d00effd773cb6589be1c56f21d59a00fd4e09d4a5c1713ef0ca7321543a78829cede9da8f39460555474480f99efe97f9c694d58796d6de8bc1598aad94ddb565c48666730c7e33ced213cbd42b1e480116b7c7de0a70e1a68fa3c9cbdd94f49b508f0f46abe5501b78c27fc5f9637e5b733ce23cbd37cb87da4837eac9b04f422eb83c104b629c16f4671b65d4380a27c0a6ceb1fa01d5c6e3eca757722e04d1054028f84713c954ba323f04bb3d730db2ff62", 0x1000}], 0x1}, 0x4004080) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000ffc000/0x4000)=nil, 0xc00, 0x0, 0x0, 0x0, &(0x7f0000001400)=""/200, 0xfffffffffffffeaf, 0x0, 0x0}, &(0x7f0000000140)=0x40) ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r2, 0x8008ae9d, &(0x7f0000000000)) 10.41073ms ago: executing program 2 (id=34): mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000400)='ramfs\x00', 0x2800000, 0x0) mkdirat(0xffffffffffffff9c, 0x0, 0x1) mount$incfs(&(0x7f0000000080)='./file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f0000000000), 0x82, 0x0) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000000c0)={0x0, 0x0, 0x0}) r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x8c) r1 = openat$incfs(r0, &(0x7f00000001c0)='.pending_reads\x00', 0x0, 0x130) ioctl$TIOCL_GETKMSGREDIRECT(r1, 0xc058671e, &(0x7f00000000c0)) (fail_nth: 12) 0s ago: executing program 0 (id=35): r0 = syz_open_dev$hiddev(&(0x7f00000000c0), 0x3, 0x20801) ioctl$HIDIOCGUSAGE(r0, 0xc018480b, &(0x7f0000000140)={0x2, 0x2, 0x3, 0x7, 0x0, 0x4}) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000040)={'batadv_slave_1\x00', {0x2, 0x2, @loopback=0x7f000000}}) ioctl$sock_inet_SIOCSIFADDR(r2, 0x891c, &(0x7f0000000080)={'batadv_slave_1\x00', {0x2, 0x0, @private=0xfffffffc}}) sched_setscheduler(0x0, 0x2, 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) sched_setscheduler(0x0, 0x1, 0x0) socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60) ioctl$KVM_CREATE_PIT2(r4, 0x4040ae77, &(0x7f0000000040)={0x4}) ioctl$KVM_GET_PIT(r4, 0xc048ae65, &(0x7f0000000000)) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x8000, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2) r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) syz_usb_connect(0x3, 0x49, &(0x7f0000003d40)={{0x12, 0x1, 0x310, 0xf, 0xbc, 0xd8, 0x20, 0x499, 0x5001, 0x515e, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x37, 0x1, 0x9, 0x9, 0x40, 0x6, "", [{{0x9, 0x4, 0x26, 0x4, 0x2, 0xa9, 0x52, 0x7e, 0x80, [@uac_control={{0xa, 0x24, 0x1, 0x23, 0x13}, [@output_terminal={0x9, 0x24, 0x3, 0x6, 0x405, 0x1, 0x6, 0xc}]}], [{{0x9, 0x5, 0x9, 0x10, 0x10, 0x5}}, {{0x9, 0x5, 0x0, 0x3, 0x10, 0x1, 0x0, 0x1}}]}}]}}]}}, &(0x7f0000004bc0)={0x0, 0x0, 0x0, 0x0}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r8, 0x0) ioctl$KVM_GET_NESTED_STATE(r7, 0xc080aebe, 0x0) r9 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_opts(r9, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5) sendto$inet(r9, 0x0, 0x0, 0x4044810, &(0x7f0000000080)={0x2, 0x4e23, @loopback}, 0x10) setsockopt$netlink_NETLINK_NO_ENOBUFS(r1, 0x10e, 0xc, &(0x7f0000000040)=0x7f, 0x4) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.131' (ED25519) to the list of known hosts. [ 23.680508][ T36] audit: type=1400 audit(1778489452.210:64): avc: denied { mounton } for pid=286 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2023 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 23.683628][ T286] cgroup: Unknown subsys name 'net' [ 23.703268][ T36] audit: type=1400 audit(1778489452.210:65): avc: denied { mount } for pid=286 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 23.730599][ T36] audit: type=1400 audit(1778489452.250:66): avc: denied { unmount } for pid=286 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 23.731069][ T286] cgroup: Unknown subsys name 'devices' [ 23.936713][ T286] cgroup: Unknown subsys name 'hugetlb' [ 23.942345][ T286] cgroup: Unknown subsys name 'rlimit' [ 24.037555][ T36] audit: type=1400 audit(1778489452.570:67): avc: denied { setattr } for pid=286 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=190 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 24.060766][ T36] audit: type=1400 audit(1778489452.570:68): avc: denied { mounton } for pid=286 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 24.085715][ T36] audit: type=1400 audit(1778489452.570:69): avc: denied { mount } for pid=286 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 Setting up swapspace version 1, size = 127995904 bytes [ 24.131466][ T288] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 24.140353][ T36] audit: type=1400 audit(1778489452.670:70): avc: denied { relabelto } for pid=288 comm="mkswap" name="swap-file" dev="sda1" ino=2026 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 24.165867][ T36] audit: type=1400 audit(1778489452.670:71): avc: denied { write } for pid=288 comm="mkswap" path="/root/swap-file" dev="sda1" ino=2026 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 24.181785][ T286] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 24.191451][ T36] audit: type=1400 audit(1778489452.710:72): avc: denied { read } for pid=286 comm="syz-executor" name="swap-file" dev="sda1" ino=2026 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 24.225775][ T36] audit: type=1400 audit(1778489452.710:73): avc: denied { open } for pid=286 comm="syz-executor" path="/root/swap-file" dev="sda1" ino=2026 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 25.567655][ T294] bridge0: port 1(bridge_slave_0) entered blocking state [ 25.574750][ T294] bridge0: port 1(bridge_slave_0) entered disabled state [ 25.581787][ T294] bridge_slave_0: entered allmulticast mode [ 25.588301][ T294] bridge_slave_0: entered promiscuous mode [ 25.596197][ T294] bridge0: port 2(bridge_slave_1) entered blocking state [ 25.603252][ T294] bridge0: port 2(bridge_slave_1) entered disabled state [ 25.610377][ T294] bridge_slave_1: entered allmulticast mode [ 25.616663][ T294] bridge_slave_1: entered promiscuous mode [ 25.632231][ T293] bridge0: port 1(bridge_slave_0) entered blocking state [ 25.639303][ T293] bridge0: port 1(bridge_slave_0) entered disabled state [ 25.646430][ T293] bridge_slave_0: entered allmulticast mode [ 25.652651][ T293] bridge_slave_0: entered promiscuous mode [ 25.661746][ T293] bridge0: port 2(bridge_slave_1) entered blocking state [ 25.668806][ T293] bridge0: port 2(bridge_slave_1) entered disabled state [ 25.675900][ T293] bridge_slave_1: entered allmulticast mode [ 25.682137][ T293] bridge_slave_1: entered promiscuous mode [ 25.712120][ T296] bridge0: port 1(bridge_slave_0) entered blocking state [ 25.719199][ T296] bridge0: port 1(bridge_slave_0) entered disabled state [ 25.726303][ T296] bridge_slave_0: entered allmulticast mode [ 25.732531][ T296] bridge_slave_0: entered promiscuous mode [ 25.741535][ T296] bridge0: port 2(bridge_slave_1) entered blocking state [ 25.748599][ T296] bridge0: port 2(bridge_slave_1) entered disabled state [ 25.755683][ T296] bridge_slave_1: entered allmulticast mode [ 25.762087][ T296] bridge_slave_1: entered promiscuous mode [ 25.793480][ T295] bridge0: port 1(bridge_slave_0) entered blocking state [ 25.800590][ T295] bridge0: port 1(bridge_slave_0) entered disabled state [ 25.807719][ T295] bridge_slave_0: entered allmulticast mode [ 25.813945][ T295] bridge_slave_0: entered promiscuous mode [ 25.820388][ T295] bridge0: port 2(bridge_slave_1) entered blocking state [ 25.827450][ T295] bridge0: port 2(bridge_slave_1) entered disabled state [ 25.834635][ T295] bridge_slave_1: entered allmulticast mode [ 25.841006][ T295] bridge_slave_1: entered promiscuous mode [ 25.966917][ T294] bridge0: port 2(bridge_slave_1) entered blocking state [ 25.974014][ T294] bridge0: port 2(bridge_slave_1) entered forwarding state [ 25.981322][ T294] bridge0: port 1(bridge_slave_0) entered blocking state [ 25.988392][ T294] bridge0: port 1(bridge_slave_0) entered forwarding state [ 26.000951][ T295] bridge0: port 2(bridge_slave_1) entered blocking state [ 26.008032][ T295] bridge0: port 2(bridge_slave_1) entered forwarding state [ 26.015496][ T295] bridge0: port 1(bridge_slave_0) entered blocking state [ 26.022544][ T295] bridge0: port 1(bridge_slave_0) entered forwarding state [ 26.046607][ T293] bridge0: port 2(bridge_slave_1) entered blocking state [ 26.053668][ T293] bridge0: port 2(bridge_slave_1) entered forwarding state [ 26.060942][ T293] bridge0: port 1(bridge_slave_0) entered blocking state [ 26.068013][ T293] bridge0: port 1(bridge_slave_0) entered forwarding state [ 26.101987][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 26.109543][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 26.116979][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 26.124160][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 26.132489][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 26.139947][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 26.157121][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 26.164190][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 26.175746][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 26.182823][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 26.198144][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 26.205248][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 26.213403][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 26.220475][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 26.228854][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 26.235922][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 26.246745][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 26.253878][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 26.302280][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 26.309388][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 26.317694][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 26.324739][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 26.349379][ T294] veth0_vlan: entered promiscuous mode [ 26.359564][ T295] veth0_vlan: entered promiscuous mode [ 26.366988][ T293] veth0_vlan: entered promiscuous mode [ 26.389551][ T294] veth1_macvtap: entered promiscuous mode [ 26.398847][ T295] veth1_macvtap: entered promiscuous mode [ 26.421700][ T296] veth0_vlan: entered promiscuous mode [ 26.432564][ T293] veth1_macvtap: entered promiscuous mode [ 26.450403][ T296] veth1_macvtap: entered promiscuous mode [ 26.478838][ T295] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 26.539365][ T314] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 26.594089][ T319] netlink: 'syz.3.4': attribute type 6 has an invalid length. [ 26.680801][ T326] FAULT_INJECTION: forcing a failure. [ 26.680801][ T326] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 26.695224][ T326] CPU: 1 UID: 0 PID: 326 Comm: syz.1.6 Not tainted syzkaller #0 88ceac27f2f759e3bbd2a088bdce4bdb7d92b188 [ 26.695258][ T326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 26.695281][ T326] Call Trace: [ 26.695288][ T326] [ 26.695297][ T326] __dump_stack+0x21/0x30 [ 26.695343][ T326] dump_stack_lvl+0x140/0x1c0 [ 26.695376][ T326] ? __cfi_dump_stack_lvl+0x10/0x10 [ 26.695411][ T326] dump_stack+0x19/0x20 [ 26.695441][ T326] should_fail_ex+0x3d7/0x530 [ 26.695463][ T326] should_fail+0xf/0x20 [ 26.695488][ T326] should_fail_usercopy+0x1e/0x30 [ 26.695511][ T326] _copy_from_user+0x20/0xa0 [ 26.695536][ T326] pending_reads_dispatch_ioctl+0x2d2/0x2080 [ 26.695571][ T326] ? proc_fail_nth_write+0x184/0x220 [ 26.695602][ T326] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 26.695628][ T326] ? __cfi_pending_reads_dispatch_ioctl+0x10/0x10 [ 26.695656][ T326] ? selinux_file_ioctl+0x732/0x1480 [ 26.695685][ T326] ? vfs_write+0x9a4/0xf90 [ 26.695702][ T326] ? __cfi_selinux_file_ioctl+0x10/0x10 [ 26.695731][ T326] ? __cfi_vfs_write+0x10/0x10 [ 26.695749][ T326] ? __kasan_check_write+0x18/0x20 [ 26.695766][ T326] ? mutex_unlock+0x90/0x240 [ 26.695787][ T326] ? __cfi_mutex_unlock+0x10/0x10 [ 26.695807][ T326] ? __fget_files+0x2c5/0x340 [ 26.695830][ T326] ? __fget_files+0x2c5/0x340 [ 26.695851][ T326] ? bpf_lsm_file_ioctl+0xd/0x20 [ 26.695876][ T326] ? security_file_ioctl+0x3e/0x110 [ 26.695903][ T326] ? __cfi_pending_reads_dispatch_ioctl+0x10/0x10 [ 26.695930][ T326] __se_sys_ioctl+0x132/0x1b0 [ 26.695952][ T326] __x64_sys_ioctl+0x7f/0xa0 [ 26.695974][ T326] x64_sys_call+0x1878/0x2ee0 [ 26.695991][ T326] do_syscall_64+0x57/0xf0 [ 26.696007][ T326] ? clear_bhb_loop+0x50/0xa0 [ 26.696027][ T326] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 26.696045][ T326] RIP: 0033:0x7fee0379cdd9 [ 26.696079][ T326] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 26.696094][ T326] RSP: 002b:00007fee046f3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 26.696117][ T326] RAX: ffffffffffffffda RBX: 00007fee03a15fa0 RCX: 00007fee0379cdd9 [ 26.696130][ T326] RDX: 00002000000000c0 RSI: 00000000c058671e RDI: 0000000000000004 [ 26.696142][ T326] RBP: 00007fee046f3090 R08: 0000000000000000 R09: 0000000000000000 [ 26.696154][ T326] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 26.696164][ T326] R13: 00007fee03a16038 R14: 00007fee03a15fa0 R15: 00007ffc9f157b78 [ 26.696180][ T326] [ 27.017446][ T330] FAULT_INJECTION: forcing a failure. [ 27.017446][ T330] name failslab, interval 1, probability 0, space 0, times 1 [ 27.030278][ T330] CPU: 0 UID: 0 PID: 330 Comm: syz.0.8 Not tainted syzkaller #0 88ceac27f2f759e3bbd2a088bdce4bdb7d92b188 [ 27.030300][ T330] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 27.030310][ T330] Call Trace: [ 27.030315][ T330] [ 27.030320][ T330] __dump_stack+0x21/0x30 [ 27.030345][ T330] dump_stack_lvl+0x140/0x1c0 [ 27.030366][ T330] ? __cfi_dump_stack_lvl+0x10/0x10 [ 27.030389][ T330] dump_stack+0x19/0x20 [ 27.030409][ T330] should_fail_ex+0x3d7/0x530 [ 27.030423][ T330] should_failslab+0xac/0x100 [ 27.030441][ T330] kmem_cache_alloc_noprof+0x42/0x410 [ 27.030458][ T330] ? __kvm_mmu_topup_memory_cache+0x1eb/0x850 [ 27.030482][ T330] __kvm_mmu_topup_memory_cache+0x1eb/0x850 [ 27.030505][ T330] ? mutex_unlock+0x90/0x240 [ 27.030523][ T330] kvm_mmu_topup_memory_cache+0x24/0x30 [ 27.030546][ T330] kvm_mmu_load+0xa2/0x2890 [ 27.030566][ T330] ? kvm_hv_setup_tsc_page+0x5f4/0xa80 [ 27.030588][ T330] ? vmx_flush_tlb_guest+0x1d3/0x3b0 [ 27.030606][ T330] ? kvm_apic_has_interrupt+0x793/0x7a0 [ 27.030626][ T330] ? kvm_service_local_tlb_flush_requests+0x61/0x150 [ 27.030643][ T330] vcpu_run+0x4e31/0x78e0 [ 27.030701][ T330] ? signal_pending+0xc0/0xc0 [ 27.030731][ T330] ? __kasan_check_write+0x18/0x20 [ 27.030745][ T330] ? xfd_validate_state+0x68/0x140 [ 27.030765][ T330] ? fpu_swap_kvm_fpstate+0x92/0x5e0 [ 27.030783][ T330] ? __kasan_check_write+0x18/0x20 [ 27.030796][ T330] ? fpregs_mark_activate+0x68/0x160 [ 27.030814][ T330] ? fpu_swap_kvm_fpstate+0x44c/0x5e0 [ 27.030831][ T330] ? fpu_swap_kvm_fpstate+0x92/0x5e0 [ 27.030850][ T330] kvm_arch_vcpu_ioctl_run+0x1167/0x1bd0 [ 27.030871][ T330] ? __cfi_kvm_arch_vcpu_ioctl_run+0x10/0x10 [ 27.030892][ T330] ? kstrtoull+0x13b/0x1e0 [ 27.030913][ T330] ? kstrtouint+0x78/0xf0 [ 27.030933][ T330] ? ioctl_has_perm+0x1bc/0x500 [ 27.030946][ T330] ? __asan_memcpy+0x5a/0x80 [ 27.030960][ T330] ? ioctl_has_perm+0x408/0x500 [ 27.030973][ T330] ? has_cap_mac_admin+0xd0/0xd0 [ 27.030986][ T330] ? __kasan_check_write+0x18/0x20 [ 27.030999][ T330] ? mutex_lock_killable+0x97/0x1d0 [ 27.031017][ T330] ? __cfi_mutex_lock_killable+0x10/0x10 [ 27.031033][ T330] ? proc_fail_nth_write+0x184/0x220 [ 27.031056][ T330] kvm_vcpu_ioctl+0xa48/0x1000 [ 27.031071][ T330] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 27.031086][ T330] ? __cfi_vfs_write+0x10/0x10 [ 27.031100][ T330] ? __kasan_check_write+0x18/0x20 [ 27.031114][ T330] ? mutex_unlock+0x90/0x240 [ 27.031130][ T330] ? __cfi_mutex_unlock+0x10/0x10 [ 27.031145][ T330] ? __fget_files+0x2c5/0x340 [ 27.031163][ T330] ? __fget_files+0x2c5/0x340 [ 27.031180][ T330] ? bpf_lsm_file_ioctl+0xd/0x20 [ 27.031203][ T330] ? security_file_ioctl+0x3e/0x110 [ 27.031225][ T330] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 27.031239][ T330] __se_sys_ioctl+0x132/0x1b0 [ 27.031257][ T330] __x64_sys_ioctl+0x7f/0xa0 [ 27.031274][ T330] x64_sys_call+0x1878/0x2ee0 [ 27.031287][ T330] do_syscall_64+0x57/0xf0 [ 27.031300][ T330] ? clear_bhb_loop+0x50/0xa0 [ 27.031316][ T330] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 27.031330][ T330] RIP: 0033:0x7fdd2699cdd9 [ 27.031342][ T330] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 27.031354][ T330] RSP: 002b:00007fdd27801028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 27.031370][ T330] RAX: ffffffffffffffda RBX: 00007fdd26c15fa0 RCX: 00007fdd2699cdd9 [ 27.031381][ T330] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 27.031390][ T330] RBP: 00007fdd27801090 R08: 0000000000000000 R09: 0000000000000000 [ 27.031399][ T330] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 27.031408][ T330] R13: 00007fdd26c16038 R14: 00007fdd26c15fa0 R15: 00007ffe00b68838 [ 27.031420][ T330] [ 27.297552][ T31] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 27.530703][ T339] overlay: Unknown parameter 'subj_user' [ 27.565941][ T31] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 27.580365][ T341] FAULT_INJECTION: forcing a failure. [ 27.580365][ T341] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 27.593649][ T31] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 27.614728][ T341] CPU: 1 UID: 0 PID: 341 Comm: syz.3.12 Not tainted syzkaller #0 88ceac27f2f759e3bbd2a088bdce4bdb7d92b188 [ 27.614758][ T341] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 27.614771][ T341] Call Trace: [ 27.614782][ T341] [ 27.614790][ T341] __dump_stack+0x21/0x30 [ 27.614825][ T341] dump_stack_lvl+0x140/0x1c0 [ 27.614856][ T341] ? __cfi_dump_stack_lvl+0x10/0x10 [ 27.614887][ T341] ? check_stack_object+0x81/0x150 [ 27.614909][ T341] ? __virt_addr_valid+0x2a6/0x380 [ 27.614935][ T341] dump_stack+0x19/0x20 [ 27.614964][ T341] should_fail_ex+0x3d7/0x530 [ 27.614985][ T341] should_fail+0xf/0x20 [ 27.615002][ T341] should_fail_usercopy+0x1e/0x30 [ 27.615035][ T341] _copy_from_user+0x20/0xa0 [ 27.615078][ T341] memdup_user+0x81/0x170 [ 27.615098][ T341] ? kvm_arch_vcpu_ioctl+0xd77/0x2d90 [ 27.615124][ T341] kvm_arch_vcpu_ioctl+0xd8b/0x2d90 [ 27.615149][ T341] ? avc_has_perm+0x155/0x240 [ 27.615175][ T341] ? __cfi_avc_has_perm+0x10/0x10 [ 27.615199][ T341] ? kasan_save_alloc_info+0x40/0x50 [ 27.615235][ T341] ? __cfi_kvm_arch_vcpu_ioctl+0x10/0x10 [ 27.615261][ T341] ? selinux_file_open+0x46c/0x630 [ 27.615283][ T341] ? __cfi_selinux_file_open+0x10/0x10 [ 27.615310][ T341] ? is_bpf_text_address+0x17b/0x1a0 [ 27.615346][ T341] ? kernel_text_address+0xa9/0xe0 [ 27.615378][ T341] ? __kernel_text_address+0x11/0x40 [ 27.615410][ T341] ? __asan_set_shadow_00+0x12/0x20 [ 27.615443][ T341] ? do_vfs_ioctl+0x182d/0x2010 [ 27.615479][ T341] ? arch_stack_walk+0x10a/0x170 [ 27.615504][ T341] ? __ia32_compat_sys_ioctl+0x920/0x920 [ 27.615533][ T341] ? _parse_integer_limit+0x195/0x1e0 [ 27.615568][ T341] ? _parse_integer+0x2e/0x40 [ 27.615600][ T341] ? kstrtoull+0x13b/0x1e0 [ 27.615633][ T341] ? kstrtouint+0x78/0xf0 [ 27.615665][ T341] ? ioctl_has_perm+0x1bc/0x500 [ 27.615686][ T341] ? __asan_memcpy+0x5a/0x80 [ 27.615709][ T341] ? ioctl_has_perm+0x408/0x500 [ 27.615730][ T341] ? has_cap_mac_admin+0xd0/0xd0 [ 27.615751][ T341] ? __kasan_check_write+0x18/0x20 [ 27.615774][ T341] ? mutex_lock_killable+0x97/0x1d0 [ 27.615802][ T341] ? __cfi_mutex_lock_killable+0x10/0x10 [ 27.615830][ T341] ? proc_fail_nth_write+0x184/0x220 [ 27.615863][ T341] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 27.615898][ T341] kvm_vcpu_ioctl+0x7da/0x1000 [ 27.615923][ T341] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 27.615947][ T341] ? __cfi_vfs_write+0x10/0x10 [ 27.615970][ T341] ? __kasan_check_write+0x18/0x20 [ 27.615992][ T341] ? mutex_unlock+0x90/0x240 [ 27.616018][ T341] ? __cfi_mutex_unlock+0x10/0x10 [ 27.616044][ T341] ? __fget_files+0x2c5/0x340 [ 27.616072][ T341] ? __fget_files+0x2c5/0x340 [ 27.616099][ T341] ? bpf_lsm_file_ioctl+0xd/0x20 [ 27.616130][ T341] ? security_file_ioctl+0x3e/0x110 [ 27.616164][ T341] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 27.616203][ T341] __se_sys_ioctl+0x132/0x1b0 [ 27.616231][ T341] __x64_sys_ioctl+0x7f/0xa0 [ 27.616257][ T341] x64_sys_call+0x1878/0x2ee0 [ 27.616280][ T341] do_syscall_64+0x57/0xf0 [ 27.616311][ T341] ? clear_bhb_loop+0x50/0xa0 [ 27.616335][ T341] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 27.616356][ T341] RIP: 0033:0x7f194379cdd9 [ 27.616374][ T341] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 27.616391][ T341] RSP: 002b:00007f194467d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 27.616414][ T341] RAX: ffffffffffffffda RBX: 00007f1943a15fa0 RCX: 00007f194379cdd9 [ 27.616430][ T341] RDX: 0000200000000140 RSI: 000000004400ae8f RDI: 0000000000000006 [ 27.616444][ T341] RBP: 00007f194467d090 R08: 0000000000000000 R09: 0000000000000000 [ 27.616472][ T341] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 27.616485][ T341] R13: 00007f1943a16038 R14: 00007f1943a15fa0 R15: 00007ffff9956138 [ 27.616503][ T341] [ 27.616593][ T31] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 28.011426][ T31] usb 2-1: New USB device found, idVendor=0461, idProduct=4e72, bcdDevice= 0.00 [ 28.020508][ T31] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 28.029514][ T31] usb 2-1: config 0 descriptor?? [ 28.052190][ T344] 9pnet_fd: Insufficient options for proto=fd [ 28.134517][ T337] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 28.294424][ T337] usb 1-1: Using ep0 maxpacket: 16 [ 28.300738][ T337] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 28.311052][ T337] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 28.314502][ T10] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 28.323287][ T337] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 28.336572][ T337] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 28.344623][ T337] usb 1-1: Product: syz [ 28.348800][ T337] usb 1-1: Manufacturer: syz [ 28.353407][ T337] usb 1-1: SerialNumber: syz [ 28.447343][ T31] hid-rmi 0003:0461:4E72.0001: unknown main item tag 0x7 [ 28.454578][ T31] hid-rmi 0003:0461:4E72.0001: unknown main item tag 0x0 [ 28.462572][ T31] hid-rmi 0003:0461:4E72.0001: hidraw0: USB HID vff.fc Device [HID 0461:4e72] on usb-dummy_hcd.1-1/input0 [ 28.476031][ T10] usb 4-1: config 220 has an invalid interface number: 76 but max is 2 [ 28.485615][ T10] usb 4-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 28.496450][ T10] usb 4-1: config 220 has no interface number 2 [ 28.509163][ T10] usb 4-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 28.541916][ T10] usb 4-1: config 220 interface 0 has no altsetting 0 [ 28.548806][ T10] usb 4-1: config 220 interface 76 has no altsetting 0 [ 28.556236][ T10] usb 4-1: config 220 interface 1 has no altsetting 0 [ 28.564447][ T10] usb 4-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 28.574458][ T336] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 28.582978][ T336] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 28.591223][ T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 28.599296][ T10] usb 4-1: Product: syz [ 28.603758][ T10] usb 4-1: Manufacturer: syz [ 28.608765][ T10] usb 4-1: SerialNumber: syz [ 28.613778][ T336] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 28.622720][ T336] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 28.639411][ T337] usb 1-1: 0:2 : does not exist [ 28.646758][ T337] usb 1-1: 5:0: failed to get current value for ch 0 (-22) [ 28.670548][ T337] usb 1-1: USB disconnect, device number 2 [ 28.691340][ T311] udevd[311]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory [ 28.718632][ T36] kauditd_printk_skb: 58 callbacks suppressed [ 28.718646][ T36] audit: type=1400 audit(1778489457.250:132): avc: denied { write } for pid=351 comm="syz.2.16" laddr=fe80::a8aa:aaff:feaa:aaaa lport=58 faddr=ff03::1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 28.749700][ T45] usb 2-1: USB disconnect, device number 2 [ 28.836079][ T10] usb 4-1: Found UVC 7.01 device syz (8086:0b07) [ 28.842496][ T10] usb 4-1: No valid video chain found. [ 28.848150][ T10] usb 4-1: selecting invalid altsetting 0 [ 28.862118][ T10] usb 4-1: USB disconnect, device number 2 [ 28.898337][ T36] audit: type=1400 audit(1778489457.430:133): avc: denied { getopt } for pid=360 comm="syz.2.19" lport=1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 28.937886][ T363] FAULT_INJECTION: forcing a failure. [ 28.937886][ T363] name failslab, interval 1, probability 0, space 0, times 0 [ 28.950602][ T363] CPU: 1 UID: 0 PID: 363 Comm: syz.2.20 Not tainted syzkaller #0 88ceac27f2f759e3bbd2a088bdce4bdb7d92b188 [ 28.950628][ T363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 28.950640][ T363] Call Trace: [ 28.950646][ T363] [ 28.950653][ T363] __dump_stack+0x21/0x30 [ 28.950684][ T363] dump_stack_lvl+0x140/0x1c0 [ 28.950712][ T363] ? __cfi_dump_stack_lvl+0x10/0x10 [ 28.950741][ T363] dump_stack+0x19/0x20 [ 28.950767][ T363] should_fail_ex+0x3d7/0x530 [ 28.950786][ T363] should_failslab+0xac/0x100 [ 28.950809][ T363] kmem_cache_alloc_noprof+0x42/0x410 [ 28.950829][ T363] ? __kvm_mmu_topup_memory_cache+0x1eb/0x850 [ 28.950860][ T363] __kvm_mmu_topup_memory_cache+0x1eb/0x850 [ 28.950890][ T363] ? mutex_unlock+0x90/0x240 [ 28.950913][ T363] kvm_mmu_topup_memory_cache+0x24/0x30 [ 28.950942][ T363] kvm_mmu_load+0xa2/0x2890 [ 28.950967][ T363] ? kvm_hv_setup_tsc_page+0x5f4/0xa80 [ 28.950995][ T363] ? vmx_flush_tlb_guest+0x1d3/0x3b0 [ 28.951019][ T363] ? kvm_apic_has_interrupt+0x793/0x7a0 [ 28.951054][ T363] ? kvm_service_local_tlb_flush_requests+0x61/0x150 [ 28.951075][ T363] vcpu_run+0x4e31/0x78e0 [ 28.951114][ T363] ? signal_pending+0xc0/0xc0 [ 28.951139][ T363] ? __kasan_check_write+0x18/0x20 [ 28.951157][ T363] ? xfd_validate_state+0x68/0x140 [ 28.951184][ T363] ? fpu_swap_kvm_fpstate+0x92/0x5e0 [ 28.951207][ T363] ? __kasan_check_write+0x18/0x20 [ 28.951225][ T363] ? fpregs_mark_activate+0x68/0x160 [ 28.951249][ T363] ? fpu_swap_kvm_fpstate+0x44c/0x5e0 [ 28.951272][ T363] ? fpu_swap_kvm_fpstate+0x92/0x5e0 [ 28.951296][ T363] kvm_arch_vcpu_ioctl_run+0x1167/0x1bd0 [ 28.951324][ T363] ? __cfi_kvm_arch_vcpu_ioctl_run+0x10/0x10 [ 28.951351][ T363] ? kstrtoull+0x13b/0x1e0 [ 28.951379][ T363] ? kstrtouint+0x78/0xf0 [ 28.951404][ T363] ? ioctl_has_perm+0x1bc/0x500 [ 28.951416][ T363] ? __asan_memcpy+0x5a/0x80 [ 28.951429][ T363] ? ioctl_has_perm+0x408/0x500 [ 28.951441][ T363] ? has_cap_mac_admin+0xd0/0xd0 [ 28.951453][ T363] ? __kasan_check_write+0x18/0x20 [ 28.951466][ T363] ? mutex_lock_killable+0x97/0x1d0 [ 28.951482][ T363] ? __cfi_mutex_lock_killable+0x10/0x10 [ 28.951498][ T363] ? proc_fail_nth_write+0x184/0x220 [ 28.951519][ T363] kvm_vcpu_ioctl+0xa48/0x1000 [ 28.951533][ T363] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 28.951547][ T363] ? __cfi_vfs_write+0x10/0x10 [ 28.951560][ T363] ? __kasan_check_write+0x18/0x20 [ 28.951590][ T363] ? mutex_unlock+0x90/0x240 [ 28.951606][ T363] ? __cfi_mutex_unlock+0x10/0x10 [ 28.951622][ T363] ? __fget_files+0x2c5/0x340 [ 28.951640][ T363] ? __fget_files+0x2c5/0x340 [ 28.951656][ T363] ? bpf_lsm_file_ioctl+0xd/0x20 [ 28.951675][ T363] ? security_file_ioctl+0x3e/0x110 [ 28.951697][ T363] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 28.951711][ T363] __se_sys_ioctl+0x132/0x1b0 [ 28.951728][ T363] __x64_sys_ioctl+0x7f/0xa0 [ 28.951745][ T363] x64_sys_call+0x1878/0x2ee0 [ 28.951759][ T363] do_syscall_64+0x57/0xf0 [ 28.951771][ T363] ? clear_bhb_loop+0x50/0xa0 [ 28.951787][ T363] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 28.951802][ T363] RIP: 0033:0x7f898799cdd9 [ 28.951814][ T363] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 28.951826][ T363] RSP: 002b:00007f8988920028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 28.951841][ T363] RAX: ffffffffffffffda RBX: 00007f8987c15fa0 RCX: 00007f898799cdd9 [ 28.951852][ T363] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 28.951861][ T363] RBP: 00007f8988920090 R08: 0000000000000000 R09: 0000000000000000 [ 28.951870][ T363] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 28.951879][ T363] R13: 00007f8987c16038 R14: 00007f8987c15fa0 R15: 00007fff59203248 [ 28.951891][ T363] [ 29.383358][ T36] audit: type=1400 audit(1778489457.910:134): avc: denied { read write } for pid=365 comm="syz.2.21" name="fuse" dev="devtmpfs" ino=23 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 29.406584][ T36] audit: type=1400 audit(1778489457.910:135): avc: denied { open } for pid=365 comm="syz.2.21" path="/dev/fuse" dev="devtmpfs" ino=23 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 29.539266][ T370] FAULT_INJECTION: forcing a failure. [ 29.539266][ T370] name failslab, interval 1, probability 0, space 0, times 0 [ 29.552341][ T370] CPU: 0 UID: 0 PID: 370 Comm: syz.2.22 Not tainted syzkaller #0 88ceac27f2f759e3bbd2a088bdce4bdb7d92b188 [ 29.552374][ T370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 29.552389][ T370] Call Trace: [ 29.552396][ T370] [ 29.552405][ T370] __dump_stack+0x21/0x30 [ 29.552442][ T370] dump_stack_lvl+0x140/0x1c0 [ 29.552475][ T370] ? __cfi_dump_stack_lvl+0x10/0x10 [ 29.552509][ T370] ? __kasan_check_write+0x18/0x20 [ 29.552532][ T370] ? _raw_spin_lock_irqsave+0xc1/0x160 [ 29.552569][ T370] dump_stack+0x19/0x20 [ 29.552600][ T370] should_fail_ex+0x3d7/0x530 [ 29.552621][ T370] should_failslab+0xac/0x100 [ 29.552650][ T370] kmem_cache_alloc_lru_noprof+0x44/0x410 [ 29.552674][ T370] ? __d_alloc+0x42/0x8e0 [ 29.552695][ T370] __d_alloc+0x42/0x8e0 [ 29.552714][ T370] ? close_fd+0x7e/0xa0 [ 29.552737][ T370] ? pending_reads_dispatch_ioctl+0x10fc/0x2080 [ 29.552773][ T370] ? __se_sys_ioctl+0x132/0x1b0 [ 29.552799][ T370] ? __x64_sys_ioctl+0x7f/0xa0 [ 29.552825][ T370] d_alloc_parallel+0xe4/0x1320 [ 29.552849][ T370] ? avc_has_perm_noaudit+0x26c/0x360 [ 29.552876][ T370] ? __asan_memcpy+0x5a/0x80 [ 29.552898][ T370] ? avc_has_perm_noaudit+0x28a/0x360 [ 29.552925][ T370] ? selinux_inode_permission+0x3f2/0x5d0 [ 29.552959][ T370] ? __cfi_d_alloc_parallel+0x10/0x10 [ 29.552982][ T370] ? __cfi_selinux_inode_permission+0x10/0x10 [ 29.553016][ T370] ? make_vfsuid+0x4d/0xa0 [ 29.553051][ T370] ? generic_permission+0x1e6/0x580 [ 29.553078][ T370] __lookup_slow+0x150/0x420 [ 29.553105][ T370] ? __d_lookup+0x4e8/0x550 [ 29.553127][ T370] ? lookup_one_len+0x300/0x300 [ 29.553166][ T370] ? lookup_one_common+0x320/0x470 [ 29.553194][ T370] lookup_one_len+0x1a1/0x300 [ 29.553221][ T370] ? __kasan_check_write+0x18/0x20 [ 29.553250][ T370] ? __cfi_lookup_one_len+0x10/0x10 [ 29.553279][ T370] ? close_fd+0x7e/0xa0 [ 29.553303][ T370] incfs_lookup_dentry+0x64/0xc0 [ 29.553330][ T370] pending_reads_dispatch_ioctl+0x121b/0x2080 [ 29.553365][ T370] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 29.553399][ T370] ? __cfi_pending_reads_dispatch_ioctl+0x10/0x10 [ 29.553433][ T370] ? selinux_file_ioctl+0x732/0x1480 [ 29.553467][ T370] ? vfs_write+0x9a4/0xf90 [ 29.553488][ T370] ? __cfi_selinux_file_ioctl+0x10/0x10 [ 29.553524][ T370] ? __cfi_vfs_write+0x10/0x10 [ 29.553546][ T370] ? __kasan_check_write+0x18/0x20 [ 29.553568][ T370] ? mutex_unlock+0x90/0x240 [ 29.553594][ T370] ? __cfi_mutex_unlock+0x10/0x10 [ 29.553619][ T370] ? __fget_files+0x2c5/0x340 [ 29.553646][ T370] ? __fget_files+0x2c5/0x340 [ 29.553673][ T370] ? bpf_lsm_file_ioctl+0xd/0x20 [ 29.553701][ T370] ? security_file_ioctl+0x3e/0x110 [ 29.553735][ T370] ? __cfi_pending_reads_dispatch_ioctl+0x10/0x10 [ 29.553769][ T370] __se_sys_ioctl+0x132/0x1b0 [ 29.553796][ T370] __x64_sys_ioctl+0x7f/0xa0 [ 29.553823][ T370] x64_sys_call+0x1878/0x2ee0 [ 29.553845][ T370] do_syscall_64+0x57/0xf0 [ 29.553884][ T370] ? clear_bhb_loop+0x50/0xa0 [ 29.553910][ T370] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 29.553934][ T370] RIP: 0033:0x7f898799cdd9 [ 29.553954][ T370] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 29.553974][ T370] RSP: 002b:00007f8988920028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 29.553997][ T370] RAX: ffffffffffffffda RBX: 00007f8987c15fa0 RCX: 00007f898799cdd9 [ 29.554015][ T370] RDX: 00002000000000c0 RSI: 00000000c058671e RDI: 0000000000000004 [ 29.554031][ T370] RBP: 00007f8988920090 R08: 0000000000000000 R09: 0000000000000000 [ 29.554046][ T370] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 29.554060][ T370] R13: 00007f8987c16038 R14: 00007f8987c15fa0 R15: 00007fff59203248 [ 29.554080][ T370] [ 29.554091][ T370] incfs_lookup_dentry err:-12 [ 29.708639][ T374] FAULT_INJECTION: forcing a failure. [ 29.708639][ T374] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 29.711836][ T36] audit: type=1400 audit(1778489458.230:136): avc: denied { name_bind } for pid=373 comm="syz.3.25" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 29.717753][ T374] CPU: 1 UID: 0 PID: 374 Comm: syz.3.25 Not tainted syzkaller #0 88ceac27f2f759e3bbd2a088bdce4bdb7d92b188 [ 29.717845][ T374] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 29.717879][ T374] Call Trace: [ 29.717899][ T374] [ 29.717921][ T374] __dump_stack+0x21/0x30 [ 29.718029][ T374] dump_stack_lvl+0x140/0x1c0 [ 29.718134][ T374] ? __cfi_dump_stack_lvl+0x10/0x10 [ 29.718210][ T374] ? kernel_text_address+0xa9/0xe0 [ 29.718301][ T374] dump_stack+0x19/0x20 [ 29.718378][ T374] should_fail_ex+0x3d7/0x530 [ 29.718434][ T374] should_fail+0xf/0x20 [ 29.718480][ T374] should_fail_usercopy+0x1e/0x30 [ 29.718543][ T374] _copy_from_user+0x20/0xa0 [ 29.718631][ T374] ___sys_sendmsg+0x1c7/0x370 [ 29.718744][ T374] ? __sys_sendmsg+0x2a0/0x2a0 [ 29.718824][ T374] ? kstrtouint+0x78/0xf0 [ 29.718931][ T374] __sys_sendmmsg+0x2b4/0x4e0 [ 29.719019][ T374] ? __cfi___sys_sendmmsg+0x10/0x10 [ 29.719116][ T374] ? __cfi_ksys_write+0x10/0x10 [ 29.719188][ T374] __x64_sys_sendmmsg+0xa4/0xc0 [ 29.719276][ T374] x64_sys_call+0xfec/0x2ee0 [ 29.719331][ T374] do_syscall_64+0x57/0xf0 [ 29.719385][ T374] ? clear_bhb_loop+0x50/0xa0 [ 29.719453][ T374] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 29.719527][ T374] RIP: 0033:0x7f194379cdd9 [ 29.719569][ T374] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 29.719616][ T374] RSP: 002b:00007f194467d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 29.719682][ T374] RAX: ffffffffffffffda RBX: 00007f1943a15fa0 RCX: 00007f194379cdd9 [ 29.719721][ T374] RDX: 0000000000000001 RSI: 0000200000002f80 RDI: 0000000000000003 [ 29.719792][ T374] RBP: 00007f194467d090 R08: 0000000000000000 R09: 0000000000000000 [ 29.719831][ T374] R10: 000000000404080d R11: 0000000000000246 R12: 0000000000000001 [ 29.719871][ T374] R13: 00007f1943a16038 R14: 00007f1943a15fa0 R15: 00007ffff9956138 [ 29.719915][ T374] [ 30.167862][ T36] audit: type=1400 audit(1778489458.230:137): avc: denied { node_bind } for pid=373 comm="syz.3.25" saddr=224.0.0.1 src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 30.285671][ T382] FAULT_INJECTION: forcing a failure. [ 30.285671][ T382] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 30.306655][ T386] ======================================================= [ 30.306655][ T386] WARNING: The mand mount option has been deprecated and [ 30.306655][ T386] and is ignored by this kernel. Remove the mand [ 30.306655][ T386] option from the mount to silence this warning. [ 30.306655][ T386] ======================================================= [ 30.314633][ T382] CPU: 0 UID: 0 PID: 382 Comm: syz.1.28 Not tainted syzkaller #0 88ceac27f2f759e3bbd2a088bdce4bdb7d92b188 [ 30.314722][ T382] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 30.314799][ T382] Call Trace: [ 30.314806][ T382] [ 30.314829][ T382] __dump_stack+0x21/0x30 [ 30.314937][ T382] dump_stack_lvl+0x140/0x1c0 [ 30.315023][ T382] ? __cfi_dump_stack_lvl+0x10/0x10 [ 30.315110][ T382] ? check_stack_object+0x12b/0x150 [ 30.315202][ T382] dump_stack+0x19/0x20 [ 30.315299][ T382] should_fail_ex+0x3d7/0x530 [ 30.315361][ T382] should_fail+0xf/0x20 [ 30.315407][ T382] should_fail_usercopy+0x1e/0x30 [ 30.315469][ T382] _copy_to_user+0x24/0xa0 [ 30.315536][ T382] simple_read_from_buffer+0xed/0x160 [ 30.315621][ T382] proc_fail_nth_read+0x1aa/0x220 [ 30.315706][ T382] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 30.315791][ T382] ? bpf_lsm_file_permission+0xd/0x20 [ 30.315868][ T382] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 30.315953][ T382] vfs_read+0x289/0xcb0 [ 30.316009][ T382] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 30.316085][ T382] ? __cfi_vfs_read+0x10/0x10 [ 30.316134][ T382] ? __kasan_check_write+0x18/0x20 [ 30.316216][ T382] ? mutex_lock+0x97/0x1d0 [ 30.316281][ T382] ? __cfi_mutex_lock+0x10/0x10 [ 30.316347][ T382] ? __fget_files+0x2c5/0x340 [ 30.316422][ T382] ksys_read+0x145/0x260 [ 30.316477][ T382] ? __cfi_ksys_read+0x10/0x10 [ 30.316548][ T382] ? __kasan_check_read+0x15/0x20 [ 30.316623][ T382] __x64_sys_read+0x7f/0x90 [ 30.316726][ T382] x64_sys_call+0x2638/0x2ee0 [ 30.316790][ T382] do_syscall_64+0x57/0xf0 [ 30.316836][ T382] ? clear_bhb_loop+0x50/0xa0 [ 30.316939][ T382] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 30.316995][ T382] RIP: 0033:0x7fee0375d60e [ 30.317048][ T382] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 30.317100][ T382] RSP: 002b:00007fee046f2fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 30.317157][ T382] RAX: ffffffffffffffda RBX: 00007fee046f36c0 RCX: 00007fee0375d60e [ 30.317202][ T382] RDX: 000000000000000f RSI: 00007fee046f30a0 RDI: 0000000000000007 [ 30.317237][ T382] RBP: 00007fee046f3090 R08: 0000000000000000 R09: 0000000000000000 [ 30.317278][ T382] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 30.317312][ T382] R13: 00007fee03a16038 R14: 00007fee03a15fa0 R15: 00007ffc9f157b78 [ 30.317365][ T382] [ 30.364251][ T36] audit: type=1400 audit(1778489458.900:138): avc: denied { create } for pid=387 comm="syz.2.31" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 30.369924][ T389] syz.3.29: vmalloc error: size 16384, failed to allocate pages, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null) [ 30.379224][ T36] audit: type=1400 audit(1778489458.910:139): avc: denied { create } for pid=387 comm="syz.2.31" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 30.401601][ T389] ,cpuset= [ 30.403069][ T36] audit: type=1400 audit(1778489458.910:140): avc: denied { map } for pid=387 comm="syz.2.31" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=4588 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 30.408856][ T388] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=388 comm=syz.2.31 [ 30.411402][ T36] audit: type=1400 audit(1778489458.910:141): avc: denied { read write } for pid=387 comm="syz.2.31" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=4588 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 30.418284][ T389] syz3,mems_allowed=0 [ 30.709199][ T389] CPU: 1 UID: 0 PID: 389 Comm: syz.3.29 Not tainted syzkaller #0 88ceac27f2f759e3bbd2a088bdce4bdb7d92b188 [ 30.709227][ T389] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 30.709239][ T389] Call Trace: [ 30.709245][ T389] [ 30.709252][ T389] __dump_stack+0x21/0x30 [ 30.709285][ T389] dump_stack_lvl+0x140/0x1c0 [ 30.709313][ T389] ? __cfi_dump_stack_lvl+0x10/0x10 [ 30.709343][ T389] dump_stack+0x19/0x20 [ 30.709369][ T389] warn_alloc+0x1e7/0x2c0 [ 30.709396][ T389] ? __cfi_warn_alloc+0x10/0x10 [ 30.709422][ T389] ? alloc_pages_bulk_noprof+0x3c3/0x870 [ 30.709452][ T389] ? __vmalloc_node_range_noprof+0x549/0x1480 [ 30.709483][ T389] __vmalloc_node_range_noprof+0x1139/0x1480 [ 30.709517][ T389] ? __cfi___vmalloc_node_range_noprof+0x10/0x10 [ 30.709547][ T389] ? kasan_save_alloc_info+0x40/0x50 [ 30.709576][ T389] ? __kasan_slab_alloc+0x73/0x90 [ 30.709599][ T389] ? arch_dup_task_struct+0x5b/0xe0 [ 30.709629][ T389] ? __asan_memcpy+0x5a/0x80 [ 30.709648][ T389] dup_task_struct+0x5d6/0xd80 [ 30.709673][ T389] ? copy_process+0x55a/0x32a0 [ 30.709699][ T389] ? _raw_spin_lock_irq+0x93/0x120 [ 30.709728][ T389] ? copy_process+0x32a0/0x32a0 [ 30.709753][ T389] ? __kasan_check_write+0x18/0x20 [ 30.709772][ T389] copy_process+0x55a/0x32a0 [ 30.709799][ T389] ? __cfi_copy_process+0x10/0x10 [ 30.709823][ T389] ? __kmalloc_cache_noprof+0x23c/0x470 [ 30.709843][ T389] ? __kasan_check_write+0x18/0x20 [ 30.709872][ T389] ? __cfi_kvm_nx_huge_page_recovery_worker+0x10/0x10 [ 30.709896][ T389] vhost_task_create+0x1f7/0x400 [ 30.709918][ T389] ? __cfi_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10 [ 30.709943][ T389] ? __cfi_vhost_task_create+0x10/0x10 [ 30.709966][ T389] ? __cfi_vhost_task_fn+0x10/0x10 [ 30.709986][ T389] ? __kasan_check_write+0x18/0x20 [ 30.710006][ T389] ? mutex_lock+0x97/0x1d0 [ 30.710044][ T389] ? __cfi_mutex_lock+0x10/0x10 [ 30.710067][ T389] ? kernel_text_address+0xa9/0xe0 [ 30.710098][ T389] kvm_mmu_post_init_vm+0x161/0x300 [ 30.710131][ T389] kvm_arch_vcpu_ioctl_run+0xf3/0x1bd0 [ 30.710172][ T389] ? __cfi_kvm_arch_vcpu_ioctl_run+0x10/0x10 [ 30.710203][ T389] ? kstrtoull+0x13b/0x1e0 [ 30.710235][ T389] ? kstrtouint+0x78/0xf0 [ 30.710265][ T389] ? ioctl_has_perm+0x1bc/0x500 [ 30.710283][ T389] ? __asan_memcpy+0x5a/0x80 [ 30.710303][ T389] ? ioctl_has_perm+0x408/0x500 [ 30.710322][ T389] ? has_cap_mac_admin+0xd0/0xd0 [ 30.710340][ T389] ? __kasan_check_write+0x18/0x20 [ 30.710361][ T389] ? mutex_lock_killable+0x97/0x1d0 [ 30.710386][ T389] ? __cfi_mutex_lock_killable+0x10/0x10 [ 30.710410][ T389] ? proc_fail_nth_write+0x184/0x220 [ 30.710442][ T389] kvm_vcpu_ioctl+0xa48/0x1000 [ 30.710465][ T389] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 30.710486][ T389] ? __cfi_vfs_write+0x10/0x10 [ 30.710507][ T389] ? __kasan_check_write+0x18/0x20 [ 30.710527][ T389] ? mutex_unlock+0x90/0x240 [ 30.710550][ T389] ? __cfi_mutex_unlock+0x10/0x10 [ 30.710574][ T389] ? __fget_files+0x2c5/0x340 [ 30.710611][ T389] ? __fget_files+0x2c5/0x340 [ 30.710635][ T389] ? bpf_lsm_file_ioctl+0xd/0x20 [ 30.710662][ T389] ? security_file_ioctl+0x3e/0x110 [ 30.710692][ T389] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 30.710713][ T389] __se_sys_ioctl+0x132/0x1b0 [ 30.710735][ T389] __x64_sys_ioctl+0x7f/0xa0 [ 30.710757][ T389] x64_sys_call+0x1878/0x2ee0 [ 30.710775][ T389] do_syscall_64+0x57/0xf0 [ 30.710792][ T389] ? clear_bhb_loop+0x50/0xa0 [ 30.710813][ T389] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 30.710833][ T389] RIP: 0033:0x7f194379cdd9 [ 30.710848][ T389] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 30.710871][ T389] RSP: 002b:00007f194465c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 30.710892][ T389] RAX: ffffffffffffffda RBX: 00007f1943a16090 RCX: 00007f194379cdd9 [ 30.710907][ T389] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 30.710919][ T389] RBP: 00007f194465c090 R08: 0000000000000000 R09: 0000000000000000 [ 30.710931][ T389] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 30.710943][ T389] R13: 00007f1943a16128 R14: 00007f1943a16090 R15: 00007ffff9956138 [ 30.710959][ T389] [ 30.710988][ T389] Mem-Info: [ 31.134489][ T389] active_anon:10225 inactive_anon:0 isolated_anon:0 [ 31.134489][ T389] active_file:10089 inactive_file:2285 isolated_file:0 [ 31.134489][ T389] unevictable:0 dirty:1597 writeback:0 [ 31.134489][ T389] slab_reclaimable:4129 slab_unreclaimable:70986 [ 31.134489][ T389] mapped:28482 shmem:4514 pagetables:791 [ 31.134489][ T389] sec_pagetables:0 bounce:0 [ 31.134489][ T389] kernel_misc_reclaimable:0 [ 31.134489][ T389] free:1531783 free_pcp:6264 free_cma:0 [ 31.200421][ T389] Node 0 active_anon:41084kB inactive_anon:0kB active_file:40560kB inactive_file:9148kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:113316kB dirty:6432kB writeback:0kB shmem:18128kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:4108kB pagetables:3000kB sec_pagetables:0kB all_unreclaimable? no [ 31.243411][ T389] DMA32 free:2958164kB boost:0kB min:19080kB low:23848kB high:28616kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:2963324kB mlocked:0kB bounce:0kB free_pcp:5160kB local_pcp:5092kB free_cma:0kB [ 31.296154][ T394] ------------[ cut here ]------------ [ 31.301679][ T394] WARNING: CPU: 0 PID: 394 at fs/inode.c:340 drop_nlink+0xce/0x110 [ 31.309654][ T394] Modules linked in: [ 31.311712][ T402] FAULT_INJECTION: forcing a failure. [ 31.311712][ T402] name failslab, interval 1, probability 0, space 0, times 0 [ 31.313571][ T394] CPU: 0 UID: 0 PID: 394 Comm: syz.1.32 Not tainted syzkaller #0 88ceac27f2f759e3bbd2a088bdce4bdb7d92b188 [ 31.338139][ T394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 31.344525][ T389] lowmem_reserve[]: [ 31.348232][ T394] RIP: 0010:drop_nlink+0xce/0x110 [ 31.348265][ T394] Code: 04 00 00 be 08 00 00 00 e8 af 15 ee ff f0 48 ff 83 b8 04 00 00 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc e8 a2 8f 95 ff <0f> 0b eb 81 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c 59 ff ff ff 4c [ 31.348282][ T394] RSP: 0018:ffffc9000d4cf820 EFLAGS: 00010293 [ 31.352104][ T389] 0 3921 [ 31.357142][ T394] RAX: ffffffff81f22cfe RBX: ffff8881250c6d80 RCX: ffff8881174a2600 [ 31.357164][ T394] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 31.357179][ T394] RBP: ffffc9000d4cf848 R08: 0000000000000003 R09: 0000000000000004 [ 31.379017][ T402] CPU: 1 UID: 0 PID: 402 Comm: syz.2.34 Not tainted syzkaller #0 88ceac27f2f759e3bbd2a088bdce4bdb7d92b188 [ 31.379151][ T402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 31.379194][ T402] Call Trace: [ 31.379215][ T402] [ 31.379244][ T402] __dump_stack+0x21/0x30 [ 31.379339][ T402] dump_stack_lvl+0x140/0x1c0 [ 31.379429][ T402] ? __cfi_dump_stack_lvl+0x10/0x10 [ 31.379512][ T402] dump_stack+0x19/0x20 [ 31.379587][ T402] should_fail_ex+0x3d7/0x530 [ 31.379637][ T402] should_failslab+0xac/0x100 [ 31.379714][ T402] kmem_cache_alloc_noprof+0x42/0x410 [ 31.379791][ T402] ? security_inode_alloc+0x51/0x230 [ 31.379887][ T402] security_inode_alloc+0x51/0x230 [ 31.379949][ T402] inode_init_always_gfp+0x756/0x9e0 [ 31.380005][ T402] alloc_inode+0xc5/0x270 [ 31.380077][ T402] new_inode+0x25/0x1e0 [ 31.380140][ T402] ramfs_get_inode+0x2e/0x2c0 [ 31.380186][ T402] ramfs_mknod+0x56/0x140 [ 31.380226][ T402] ramfs_create+0x30/0x40 [ 31.380270][ T402] vfs_create+0x4f9/0x740 [ 31.380335][ T402] pending_reads_dispatch_ioctl+0x197b/0x2080 [ 31.380414][ T402] ? __cfi_pending_reads_dispatch_ioctl+0x10/0x10 [ 31.380482][ T402] ? selinux_file_ioctl+0x732/0x1480 [ 31.380549][ T402] ? vfs_write+0x9a4/0xf90 [ 31.380598][ T402] ? __cfi_selinux_file_ioctl+0x10/0x10 [ 31.380673][ T402] ? __cfi_vfs_write+0x10/0x10 [ 31.380725][ T402] ? __kasan_check_write+0x18/0x20 [ 31.380771][ T402] ? mutex_unlock+0x90/0x240 [ 31.380815][ T402] ? __cfi_mutex_unlock+0x10/0x10 [ 31.380870][ T402] ? __fget_files+0x2c5/0x340 [ 31.380932][ T402] ? __fget_files+0x2c5/0x340 [ 31.380988][ T402] ? bpf_lsm_file_ioctl+0xd/0x20 [ 31.381046][ T402] ? security_file_ioctl+0x3e/0x110 [ 31.381154][ T402] ? __cfi_pending_reads_dispatch_ioctl+0x10/0x10 [ 31.381263][ T402] __se_sys_ioctl+0x132/0x1b0 [ 31.381316][ T402] __x64_sys_ioctl+0x7f/0xa0 [ 31.381377][ T402] x64_sys_call+0x1878/0x2ee0 [ 31.381414][ T402] do_syscall_64+0x57/0xf0 [ 31.381462][ T402] ? clear_bhb_loop+0x50/0xa0 [ 31.381520][ T402] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 31.381571][ T402] RIP: 0033:0x7f898799cdd9 [ 31.381613][ T402] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 31.381659][ T402] RSP: 002b:00007f8988920028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 31.381710][ T402] RAX: ffffffffffffffda RBX: 00007f8987c15fa0 RCX: 00007f898799cdd9 [ 31.381749][ T402] RDX: 00002000000000c0 RSI: 00000000c058671e RDI: 0000000000000004 [ 31.381776][ T402] RBP: 00007f8988920090 R08: 0000000000000000 R09: 0000000000000000 [ 31.381807][ T402] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 31.381842][ T402] R13: 00007f8987c16038 R14: 00007f8987c15fa0 R15: 00007fff59203248 [ 31.381890][ T402] [ 31.383255][ T389] 3921 [ 31.385907][ T394] R10: dffffc0000000000 R11: fffff52001a99efc R12: dffffc0000000000 [ 31.420307][ T389] [ 31.422413][ T394] R13: 1ffff11024a18db9 R14: ffff8881250c6dc8 R15: 0000000000000000 [ 31.432561][ T389] Normal free:3187656kB boost:0kB min:25972kB low:32464kB high:38956kB reserved_highatomic:0KB free_highatomic:0KB active_anon:40884kB inactive_anon:0kB active_file:40560kB inactive_file:9148kB unevictable:0kB writepending:6432kB present:5242880kB managed:4015864kB mlocked:0kB bounce:0kB free_pcp:3620kB local_pcp:3264kB free_cma:0kB [ 31.435222][ T394] FS: 0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 31.435247][ T394] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 31.449444][ T389] lowmem_reserve[]: [ 31.453594][ T394] CR2: 00007fdd27748060 CR3: 000000010db2c000 CR4: 00000000003526b0 [ 31.453619][ T394] Call Trace: [ 31.458518][ T389] 0 [ 31.462525][ T394] [ 31.462537][ T394] simple_rmdir+0x153/0x260 [ 31.467985][ T389] 0 [ 31.472641][ T394] vfs_rmdir+0x3e3/0x560 [ 31.478920][ T389] 0 [ 31.483158][ T394] incfs_kill_sb+0x109/0x230 [ 31.489181][ T389] [ 31.493703][ T394] deactivate_locked_super+0xd5/0x2a0 [ 31.497997][ T389] DMA32: [ 31.502157][ T394] deactivate_super+0xb8/0xe0 [ 31.525827][ T389] 3*4kB [ 31.527730][ T394] cleanup_mnt+0x406/0x4a0 [ 31.533167][ T389] (M) [ 31.537465][ T394] __cleanup_mnt+0x1d/0x40 [ 31.544026][ T389] 1*8kB [ 31.547844][ T394] task_work_run+0x1e5/0x260 [ 31.553511][ T389] (M) [ 31.557573][ T394] ? __cfi_task_work_run+0x10/0x10 [ 31.563266][ T389] 2*16kB [ 31.567329][ T394] ? free_nsproxy+0x223/0x290 [ 31.567369][ T394] do_exit+0x9ad/0x2720 [ 31.567400][ T394] ? __cfi_do_exit+0x10/0x10 [ 31.567432][ T394] do_group_exit+0x229/0x2f0 [ 31.567461][ T394] ? get_signal+0xa74/0x14e0 [ 31.567493][ T394] get_signal+0x1398/0x14e0 [ 31.567527][ T394] arch_do_signal_or_restart+0xbc/0x760 [ 31.567550][ T394] ? fixup_vdso_exception+0x20d/0x310 [ 31.567575][ T394] ? __cfi_arch_do_signal_or_restart+0x10/0x10 [ 31.567602][ T394] irqentry_exit_to_user_mode+0x4d/0xb0 [ 31.574848][ T389] (M) [ 31.578500][ T394] irqentry_exit+0x16/0x60 [ 31.582549][ T389] 5*32kB [ 31.589556][ T394] exc_page_fault+0x65/0xc0 [ 31.597574][ T389] (M) [ 31.598222][ T394] asm_exc_page_fault+0x2b/0x30 [ 31.602978][ T389] 4*64kB [ 31.607333][ T394] RIP: 0033:0x7fee0379cde1 [ 31.612918][ T389] (M) [ 31.617915][ T394] Code: Unable to access opcode bytes at 0x7fee0379cdb7. [ 31.617933][ T394] RSP: 002b:fffffffffffffc70 EFLAGS: 00010217 [ 31.622874][ T389] 5*128kB [ 31.642002][ T394] [ 31.642023][ T394] RAX: 0000000000000000 RBX: 00007fee03a15fa0 RCX: 00007fee0379cdd9 [ 31.651491][ T389] (M) [ 31.660230][ T394] RDX: 0000000000000000 RSI: fffffffffffffc70 RDI: 0000000001022000 [ 31.667879][ T389] 5*256kB [ 31.675210][ T394] RBP: 00007fee03832d69 R08: 0000000000000000 R09: 0000000000000000 [ 31.675232][ T394] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 31.683817][ T389] (M) [ 31.691197][ T394] R13: 00007fee03a16038 R14: 00007fee03a15fa0 R15: 00007ffc9f157b78 [ 31.694961][ T389] 5*512kB [ 31.697064][ T394] [ 31.705572][ T389] (M) [ 31.707334][ T394] ---[ end trace 0000000000000000 ]--- [ 31.710369][ T394] ================================================================== [ 31.718353][ T389] 4*1024kB [ 31.746481][ T394] BUG: KASAN: null-ptr-deref in ihold+0x24/0x70 [ 31.746514][ T394] Write of size 4 at addr 0000000000000168 by task syz.1.32/394 [ 31.746531][ T394] [ 31.746542][ T394] CPU: 0 UID: 0 PID: 394 Comm: syz.1.32 Tainted: G W syzkaller #0 88ceac27f2f759e3bbd2a088bdce4bdb7d92b188 [ 31.746572][ T394] Tainted: [W]=WARN [ 31.746580][ T394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 31.746592][ T394] Call Trace: [ 31.746599][ T394] [ 31.746606][ T394] __dump_stack+0x21/0x30 [ 31.746637][ T394] dump_stack_lvl+0x140/0x1c0 [ 31.746665][ T394] ? __cfi_dump_stack_lvl+0x10/0x10 [ 31.746696][ T394] print_report+0x3d/0x70 [ 31.746724][ T394] kasan_report+0x162/0x1a0 [ 31.746750][ T394] ? ihold+0x24/0x70 [ 31.746773][ T394] ? _raw_spin_unlock+0x45/0x60 [ 31.746791][ T394] ? ihold+0x24/0x70 [ 31.746814][ T394] kasan_check_range+0x25a/0x2b0 [ 31.746947][ T394] __kasan_check_write+0x18/0x20 [ 31.747010][ T394] ihold+0x24/0x70 [ 31.747092][ T394] vfs_rmdir+0x26a/0x560 [ 31.747178][ T394] incfs_kill_sb+0x109/0x230 [ 31.747236][ T394] deactivate_locked_super+0xd5/0x2a0 [ 31.747328][ T394] deactivate_super+0xb8/0xe0 [ 31.747405][ T394] cleanup_mnt+0x406/0x4a0 [ 31.747480][ T394] __cleanup_mnt+0x1d/0x40 [ 31.747545][ T394] task_work_run+0x1e5/0x260 [ 31.747623][ T394] ? __cfi_task_work_run+0x10/0x10 [ 31.747700][ T394] ? free_nsproxy+0x223/0x290 [ 31.747782][ T394] do_exit+0x9ad/0x2720 [ 31.747862][ T394] ? __cfi_do_exit+0x10/0x10 [ 31.747950][ T394] do_group_exit+0x229/0x2f0 [ 31.748022][ T394] ? get_signal+0xa74/0x14e0 [ 31.748110][ T394] get_signal+0x1398/0x14e0 [ 31.748209][ T394] arch_do_signal_or_restart+0xbc/0x760 [ 31.748277][ T394] ? fixup_vdso_exception+0x20d/0x310 [ 31.748397][ T394] ? __cfi_arch_do_signal_or_restart+0x10/0x10 [ 31.748494][ T394] irqentry_exit_to_user_mode+0x4d/0xb0 [ 31.748570][ T394] irqentry_exit+0x16/0x60 [ 31.748642][ T394] exc_page_fault+0x65/0xc0 [ 31.748714][ T394] asm_exc_page_fault+0x2b/0x30 [ 31.748768][ T394] RIP: 0033:0x7fee0379cde1 [ 31.748825][ T394] Code: Unable to access opcode bytes at 0x7fee0379cdb7. [ 31.748855][ T394] RSP: 002b:fffffffffffffc70 EFLAGS: 00010217 [ 31.748909][ T394] RAX: 0000000000000000 RBX: 00007fee03a15fa0 RCX: 00007fee0379cdd9 [ 31.748950][ T394] RDX: 0000000000000000 RSI: fffffffffffffc70 RDI: 0000000001022000 [ 31.748992][ T394] RBP: 00007fee03832d69 R08: 0000000000000000 R09: 0000000000000000 [ 31.749044][ T394] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 31.749089][ T394] R13: 00007fee03a16038 R14: 00007fee03a15fa0 R15: 00007ffc9f157b78 [ 31.749131][ T394] [ 31.749147][ T394] ================================================================== [ 31.762209][ T389] (UM) [ 31.767755][ T394] Disabling lock debugging due to kernel taint [ 31.774600][ T45] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 31.784647][ T394] BUG: kernel NULL pointer dereference, address: 0000000000000168 [ 31.814313][ T389] 4*2048kB [ 31.816559][ T394] #PF: supervisor write access in kernel mode [ 31.816575][ T394] #PF: error_code(0x0002) - not-present page [ 31.816588][ T394] PGD 800000010e770067 P4D 800000010e770067 [ 31.819625][ T389] (M) [ 31.823879][ T394] PUD 0 [ 31.823896][ T394] Oops: Oops: 0002 [#1] PREEMPT SMP KASAN PTI [ 31.826728][ T389] 718*4096kB [ 31.830992][ T394] CPU: 0 UID: 0 PID: 394 Comm: syz.1.32 Tainted: G B W syzkaller #0 88ceac27f2f759e3bbd2a088bdce4bdb7d92b188 [ 31.833940][ T389] (M) [ 31.838435][ T394] Tainted: [B]=BAD_PAGE, [W]=WARN [ 31.838446][ T394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 31.838459][ T394] RIP: 0010:ihold+0x2a/0x70 [ 31.841237][ T389] = 2958164kB [ 31.846251][ T394] Code: f3 0f 1e fa 55 48 89 e5 41 56 53 48 89 fb e8 8d 86 95 ff 48 8d bb 68 01 00 00 be 04 00 00 00 e8 6c 0c ee ff 41 be 01 00 00 00 44 0f c1 b3 68 01 00 00 41 ff c6 bf 02 00 00 00 44 89 f6 e8 9d [ 31.846270][ T394] RSP: 0018:ffffc9000d4cf880 EFLAGS: 00010246 [ 31.849307][ T389] Normal: [ 31.853901][ T394] [ 31.853909][ T394] RAX: ffff8881174a2600 RBX: 0000000000000000 RCX: ffff8881174a2600 [ 31.853926][ T394] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 31.858232][ T389] 31*4kB [ 31.862682][ T394] RBP: ffffc9000d4cf890 R08: ffffffff88bba947 R09: 1ffffffff1177528 [ 31.862703][ T394] R10: dffffc0000000000 R11: fffffbfff1177529 R12: ffff8881250c6d8c [ 31.867511][ T389] (U) [ 31.871894][ T394] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000000 [ 31.871910][ T394] FS: 0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 31.877197][ T389] 48*8kB [ 31.881953][ T394] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 31.881975][ T394] CR2: 0000000000000168 CR3: 0000000124a46000 CR4: 00000000003526b0 [ 31.888097][ T389] (UM) [ 31.893511][ T394] Call Trace: [ 31.893522][ T394] [ 31.893530][ T394] vfs_rmdir+0x26a/0x560 [ 31.899373][ T389] 20*16kB [ 31.901763][ T394] incfs_kill_sb+0x109/0x230 [ 31.906296][ T389] (UME) [ 31.909124][ T394] deactivate_locked_super+0xd5/0x2a0 [ 31.913818][ T389] 13*32kB [ 31.916307][ T394] deactivate_super+0xb8/0xe0 [ 31.921254][ T389] (UME) [ 31.924110][ T394] cleanup_mnt+0x406/0x4a0 [ 31.928733][ T389] 22*64kB [ 31.931212][ T394] __cleanup_mnt+0x1d/0x40 [ 31.938515][ T389] (UME) [ 31.944300][ T394] task_work_run+0x1e5/0x260 [ 31.944336][ T394] ? __cfi_task_work_run+0x10/0x10 [ 31.944367][ T394] ? free_nsproxy+0x223/0x290 [ 31.947661][ T389] 17*128kB [ 31.949724][ T394] do_exit+0x9ad/0x2720 [ 31.965429][ T45] usb 1-1: Using ep0 maxpacket: 32 [ 31.968459][ T394] ? __cfi_do_exit+0x10/0x10 [ 31.975308][ T389] (UM) [ 31.979456][ T394] do_group_exit+0x229/0x2f0 [ 31.979492][ T394] ? get_signal+0xa74/0x14e0 [ 31.988659][ T389] 19*256kB [ 31.990138][ T394] get_signal+0x1398/0x14e0 [ 31.990174][ T394] arch_do_signal_or_restart+0xbc/0x760 [ 31.999202][ T45] usb 1-1: unable to get BOS descriptor or descriptor too short [ 32.001176][ T394] ? fixup_vdso_exception+0x20d/0x310 [ 32.005368][ T389] (UM) [ 32.006889][ T394] ? __cfi_arch_do_signal_or_restart+0x10/0x10 [ 32.006941][ T394] irqentry_exit_to_user_mode+0x4d/0xb0 [ 32.012679][ T389] 15*512kB [ 32.012824][ T45] usb 1-1: config 9 has an invalid interface number: 38 but max is 0 [ 32.020470][ T394] irqentry_exit+0x16/0x60 [ 32.020502][ T394] exc_page_fault+0x65/0xc0 [ 32.024652][ T45] usb 1-1: config 9 has no interface number 0 [ 32.029873][ T394] asm_exc_page_fault+0x2b/0x30 [ 32.038173][ T45] usb 1-1: config 9 interface 38 altsetting 4 has an invalid descriptor for endpoint zero, skipping [ 32.039847][ T394] RIP: 0033:0x7fee0379cde1 [ 32.039868][ T394] Code: Unable to access opcode bytes at 0x7fee0379cdb7. [ 32.056426][ T394] RSP: 002b:fffffffffffffc70 EFLAGS: 00010217 [ 32.066778][ T389] (UM) [ 32.070131][ T394] RAX: 0000000000000000 RBX: 00007fee03a15fa0 RCX: 00007fee0379cdd9 [ 32.070153][ T394] RDX: 0000000000000000 RSI: fffffffffffffc70 RDI: 0000000001022000 [ 32.073164][ T45] usb 1-1: config 9 interface 38 has no altsetting 0 [ 32.077407][ T394] RBP: 00007fee03832d69 R08: 0000000000000000 R09: 0000000000000000 [ 32.077425][ T394] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 32.077439][ T394] R13: 00007fee03a16038 R14: 00007fee03a15fa0 R15: 00007ffc9f157b78 [ 32.077461][ T394] [ 32.083636][ T389] 4*1024kB [ 32.087415][ T394] Modules linked in: [ 32.087451][ T394] CR2: 0000000000000168 [ 32.092644][ T389] (UE) [ 32.096336][ T394] ---[ end trace 0000000000000000 ]--- [ 32.096357][ T394] RIP: 0010:ihold+0x2a/0x70 [ 32.096388][ T394] Code: f3 0f 1e fa 55 48 89 e5 41 56 53 48 89 fb e8 8d 86 95 ff 48 8d bb 68 01 00 00 be 04 00 00 00 e8 6c 0c ee ff 41 be 01 00 00 00 44 0f c1 b3 68 01 00 00 41 ff c6 bf 02 00 00 00 44 89 f6 e8 9d [ 32.101588][ T389] 3*2048kB [ 32.105140][ T394] RSP: 0018:ffffc9000d4cf880 EFLAGS: 00010246 [ 32.105168][ T394] RAX: ffff8881174a2600 RBX: 0000000000000000 RCX: ffff8881174a2600 [ 32.105185][ T394] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 32.105198][ T394] RBP: ffffc9000d4cf890 R08: ffffffff88bba947 R09: 1ffffffff1177528 [ 32.105215][ T394] R10: dffffc0000000000 R11: fffffbfff1177529 R12: ffff8881250c6d8c [ 32.105232][ T394] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000000 [ 32.110922][ T389] (ME) [ 32.114074][ T394] FS: 0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 32.114100][ T394] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 32.114118][ T394] CR2: 0000000000000168 CR3: 0000000124a46000 CR4: 00000000003526b0 [ 32.120300][ T45] usb 1-1: New USB device found, idVendor=0499, idProduct=5001, bcdDevice=51.5e [ 32.122801][ T394] Kernel panic - not syncing: Fatal exception [ 32.127616][ T394] Kernel Offset: disabled