last executing test programs: 1.965839143s ago: executing program 3 (id=19680): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000000040)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040) 1.925340627s ago: executing program 2 (id=19681): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES32=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) 1.59214439s ago: executing program 3 (id=19688): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r2, &(0x7f0000000100)={0xa, 0x4e24, 0xfffffffe, @loopback}, 0x1c) setsockopt$inet6_IPV6_DSTOPTS(r2, 0x29, 0x3b, &(0x7f0000000040)={0x3c}, 0x8) 1.538550666s ago: executing program 3 (id=19690): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r0, &(0x7f00000026c0)=[{{&(0x7f0000000140)={0xa, 0x4e20, 0x1ff, @private0, 0x5}, 0x1c, &(0x7f0000000280)=[{&(0x7f00000001c0)="e157211cc94890a5c7b52388", 0xc}, {&(0x7f0000000380)="d1c17ef7381a03d78119eb8eaad6cedccfda12b0a4b1ae7aa2728754c4d1169565aa95377ae819573050e92ca1d25d6124bf73040cd613e091587f8eaf3275cef841942295ef5cf316a0bfc67043d6e8af26f68685a174f73f1796ef73161ab377a663b1d618cda481500555916571006a4c9a43ea97f036d689421a3e375d8fda73c0de25dc263e676351a8f6fc15cbaa749efe8d0d25675014aa1e1360be44a55eee282f1535190bb5ec77bac8968db3175e8f502e04aca78eb6e7ce34b8dbd7fb7170e396e8b6a2c99adb30", 0xcd}, {&(0x7f0000000240)="9040172bc2668cb75b18f5819a185aadae004117ae638e4bee2adf7326f59602ff0fed11feea5c71e51b5821fbc95fc195f16ef23d3bdb586297adc016", 0x3d}, {&(0x7f0000000480)="d789a9aacd5e09ac47725cf0879c914e23dc83cdcfdc1d02fb8d704d2126f6fb041bfa05f695d06fad4a30d0ef0fb873e01722925f55a9a6ad3374d2f867f336edd66b52e5ca9f04510057c085673db54875fe3fdf36ffb6e085e54ace1a37ba53755e86f4337aabd57ada4dbc35fcefd30638b49d266eda93fd6879c6a01d0d79d51ae499ecb342f2cdb56c96142cbd3985e9864cdae0", 0x97}, {&(0x7f0000000540)="b23cbcf37daf6dfc744beb213b9bac0a0395a8fbdd4a2816543b1c52fe19b1d6dc9fcdc39e463f5d41259b403d2cdbcceb7fbbee356fdc949d01572622f415c6cfbee9b6db15ce3d4dd97e2235cf8dbba52e8497facf71acf51a1f3a1c4c0a0adf32265fab73fe44926c7f98ab2fe3acbe949295bce07cc3dbd18f7f8d412b2c9ea4a45f0e2e6bf1ce8a8b43e0", 0x8d}], 0x5, &(0x7f0000000600)=[@hoplimit_2292={{0x14, 0x29, 0x8, 0x1ff}}, @rthdrdstopts={{0x110, 0x29, 0x37, {0x3c, 0x1e, '\x00', [@calipso={0x7, 0x28, {0x0, 0x8, 0xdf, 0x8, [0xe, 0x0, 0xd0f, 0xf222]}}, @pad1, @hao={0xc9, 0x10, @private1}, @generic={0x9, 0xaa, "fcbea77b20199720ae470b458ab0060032138c18ac3c6f164f0ef7afd4f6e0c9e3b19425b06cfcdce4300b6e28c0d11f6d2c7d2552d6a6f555d1ae4a64b9c5bcebb16095fb1afb4896c25a3fd30d89d5a3f3f11ad72b5378ba003c6602c27fa5902c74e27cd1badfe37a932a0e7c8e7209c0e5e31ea8fb8073bc657ceeb33c408479335ff71b24ade7cf3b464823e7c4dbc0f1ad67de3a826e6fb57603674e4ef87d88ee3e75d34c2094"}, @enc_lim={0x4, 0x1, 0x6}, @pad1]}}}, @flowinfo={{0x14, 0x29, 0xb, 0x10000}}, @tclass={{0x14, 0x29, 0x43, 0x2}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x1}}, @dontfrag={{0x14, 0x29, 0x3e, 0x5}}, @hopopts={{0x198, 0x29, 0x36, {0x89, 0x30, '\x00', [@generic={0x5, 0xef, "3071b6c32a767a370047e61b236df7beb60c4fa2169b017795e9947a2c169e28a267ea1227f57e0e90ab2f9ab5fccf13e0b4b85feda46e3f7d38f42c8f968bd88c7738d0d96a9a3356b434a6e68480a0735cecba60dd7a74fa31ca3b72198cee214451e26feba42877b2a552774c3f8a90f96ab457a27dde649b37c5fe1ccaf809cf4ecf76f76542e71dd20c6cb8bbf539cd4dd4e4d553b505717245990bf6a88ef365cc01df04eed224ffbbfca1d69c58687de807519e294fe94b880fdb5bd4654cc43b0a5898463d989bb760bf7105257ae0af9551b74093291ae4fd43dd74e4afe1be9547c45b0f4daf29df97ef"}, @generic={0x3, 0x87, "a023e91b8a03253a8824432ec3f9949e4424f9d05385206700d0622fb6492fa90e2666e4f3a4afb503b39e32d02a73a51b8fb8c115321ed176ac570e58b89db3385e41a8eef8ce92b6e8086d21c47d3df9d1c913589b891f05679de1af710f36127f82c4178ba345a4b5666bc7ba5ecec61c95186e593d096dd0fbb19f7784607955caa01b80fb"}, @jumbo={0xc2, 0x4, 0xffff}]}}}], 0x320}}, {{&(0x7f0000000940)={0xa, 0x4e22, 0x485, @empty, 0x4}, 0x1c, &(0x7f00000009c0)=[{&(0x7f0000000980)="f42a0b88db4584b9cb337fe823066b4977f2857224703b29a0", 0x19}], 0x1, &(0x7f0000000a80)=[@hoplimit={{0x14, 0x29, 0x34, 0xffff1020}}, @dstopts_2292={{0x80, 0x29, 0x4, {0x3b, 0xc, '\x00', [@jumbo={0xc2, 0x4, 0xe4b}, @hao={0xc9, 0x10, @loopback}, @hao={0xc9, 0x10, @private0={0xfc, 0x0, '\x00', 0x1}}, @ra={0x5, 0x2, 0x7}, @jumbo={0xc2, 0x4, 0x2}, @hao={0xc9, 0x10, @dev={0xfe, 0x80, '\x00', 0x35}}, @jumbo={0xc2, 0x4, 0xf}, @calipso={0x7, 0x10, {0x0, 0x2, 0x6, 0x8be, [0x6]}}, @jumbo={0xc2, 0x4, 0x34a}]}}}], 0x98}}, {{&(0x7f0000000a00)={0xa, 0x4e23, 0x3, @private0, 0x8}, 0x1c, &(0x7f0000001d00)=[{&(0x7f0000000c40)="cba712a3e056cfbcfc052e407d8de974ccf7c2d95188f0c5af34fe2176c117e4a4b96787f8433c23fe2dc66549249520f8389937d755945be0521789b392c9c81fd90975fc6291ceb04a6fff1d0098c9e803ff266bcc8615e0204d3feeedf8458d2d2592cbb35ff2694c", 0x6a}, {&(0x7f0000000b40)="36e39b9853966f9fb1", 0x9}, {&(0x7f0000001cc0)="817ee95caf5e8a9ad35a374fea07a1f781fc8c691fc8b7266ea038fac3fad35b839b07f64ba10dca20", 0x29}], 0x3}}, {{&(0x7f0000001e80)={0xa, 0x4e22, 0x2c82, @rand_addr=' \x01\x00', 0x8}, 0x1c, &(0x7f0000002140)=[{&(0x7f0000001ec0)="29de5dbc7dae3122bb3068e7e29485de82335b94664c82cda2266c66b64ed4b697a316a2af64f13eb5c0d4d7db9fe064684fc0eefeb961b0672bae3e2c0c29eb91fd3d57fc50f1f512ff3134d91b4f839648a5eb8c1ad5a9b262a21fb2a702e51d5b8eca329b6645bb34ccd4f8296b52a5945e53282b9e235fd1baa11ce95574b8a736f9faf2121dbc68569165a07df26c3e1b5765f0d722e3be17f3d2f882917d1a089b74a3a4956b1523cd8adc95464f33d299920746b105", 0xb9}, {&(0x7f0000001f80)="0d3e7d95d9011d3d2efea4bfd665a885772ef22c682347b154247256ddd9d070090708a97b33aa46dd0bb673638854914e761f59e98baee30a02cfb1854250c139a014f77cfe73031465d0bcd856fa19f4d3756c1a4e9c9aafebf9b1470bb362cfca69ac639cc8cd39eaf2a0cd12d47576ad2e6f801de097", 0x78}, {&(0x7f0000002000)="afe77bfd744f2a3c949b5bc5c35d0860357b9006c9f0511d185ed6e46eadc16a91f375ec4c547315968066c2c1a7a55bea0e9e8c8ac30557846d7a24345aa2af536f3db2b530a787f6ec79ef96a31233401be1cd460a3cb10d9b27476ef4bdede5793f045e87b0418abc8c9eca73373a887823634b7ad3dd929539ca940b075f3d8a556ebf8b29eecaaf3541949d1381", 0x90}, {&(0x7f00000020c0)="d80e89a15692492168afe9b695fd13573ff66906be9b20651a2bc98c8c02af784c9a7b45e707f9d81c49d8c8f5f6778e1162cd5070d15a7108dbe40d7461789d03a28b5da7a593e28a89e3", 0x4b}], 0x4, &(0x7f0000002180)=[@hoplimit={{0x14, 0x29, 0x34, 0xffff}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0xffffff8b}}, @rthdr={{0x68, 0x29, 0x39, {0x62, 0xa, 0x2, 0xd2, 0x0, [@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @empty, @empty, @empty, @local]}}}, @rthdrdstopts={{0x38, 0x29, 0x37, {0xff, 0x3, '\x00', [@padn={0x1, 0x5, [0x0, 0x0, 0x0, 0x0, 0x0]}, @hao={0xc9, 0x10, @mcast1}]}}}, @hopopts={{0x18, 0x29, 0x36, {0x32}}}, @rthdr_2292={{0x58, 0x29, 0x39, {0x87, 0x8, 0x0, 0x0, 0x0, [@empty, @mcast2, @remote, @private0={0xfc, 0x0, '\x00', 0x1}]}}}, @dstopts={{0x28, 0x29, 0x37, {0x73, 0x1, '\x00', [@pad1, @enc_lim={0x4, 0x1, 0x6}, @pad1]}}}, @hoplimit={{0x14, 0x29, 0x34, 0x352c565d}}, @rthdr={{0x48, 0x29, 0x39, {0x3b, 0x6, 0x1, 0x5, 0x0, [@remote, @private0, @remote]}}}], 0x1c8}}], 0x4, 0x8008080) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendmmsg$inet(r2, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(r1, &(0x7f00000028c0)={&(0x7f00000027c0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000002880)={&(0x7f0000002900)=ANY=[@ANYBLOB="4c000000a570fa78d5d1893d8be38ac79712994ac4d9185fdc5199f2009c1b90718cae13ccc168db76da00576846cbdafde6a8ca8a0e78da4d73b76ec2ef1579fba8cbbe63b0632bd4204eec84c8c33d60655fe09c5a862e7a14cda723447337a2c4cea8e007a092d5776ca273925e8e7ea28a22c1fb51287ef7af6e5dfbc8b1c90baa7bd843e50e415ceb56f2098afb4cc3cedc8f75b6415f42343ee5cd9fa5dde95e6bb2347f6801040000e361aa5009d8e70e898636c64b61e76a05c9bd55e759b1541ac622b33934eeb625a87dd838c96d26d981d828986d97b667f2f05f45677b2c8b", @ANYRES16=0x0, @ANYBLOB="10002bbd7000ffdbdf25130000000e0001006e657464657673696d0000000f0002006e657464657673696d300000080003000300000008000b00008000000600110006000000"], 0x4c}, 0x1, 0x0, 0x0, 0xb5626087fa90eb98}, 0x4000811) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r4, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r4, @ANYRES64=r3], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r4, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000140)={0x73622a85, 0x1381, 0x3}) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000100)={0x90, 0x0, &(0x7f0000002680)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x70, 0x18, &(0x7f00000004c0)={@ptr={0x70742a85, 0x0, &(0x7f0000000280)=""/226, 0xe2, 0x2, 0x4}, @fda={0x66646185, 0xffffffffffffffff, 0x0, 0xe}, @ptr={0x70742a85, 0x0, &(0x7f0000002740)=""/243, 0xf3, 0x0, 0x28}}, &(0x7f00000001c0)={0x0, 0x28, 0x48}}, 0x1000}, @reply={0x40406301, {0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000080)={@fda={0x66646185, 0xffffffff7fffffff, 0xfffffffffffffffe, 0x10}, @ptr={0x70742a85, 0x1, &(0x7f0000000580)=""/173, 0xad, 0x0, 0x14}, @flat=@binder={0x73622a85, 0x110a, 0x1}}, &(0x7f0000000000)={0x0, 0x20, 0x48}}}], 0x0, 0x0, 0x0}) ioctl$KVM_X86_SETUP_MCE(r4, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000540)=ANY=[@ANYBLOB="280000001300010002000000f6dbdf2508000000030000001000b1800c005b80080028"], 0x28}], 0x1}, 0x0) 1.479179012s ago: executing program 3 (id=19692): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x8901, 0x0) ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x110c23003f) ioctl$PPPIOCGNPMODE(r0, 0xc008744c, &(0x7f0000000080)={0x283, 0x3}) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000000040)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040) 1.473265792s ago: executing program 1 (id=19693): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x8901, 0x0) ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x110c23003f) ioctl$PPPIOCGNPMODE(r0, 0xc008744c, &(0x7f0000000080)={0x283, 0x3}) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendmmsg$inet(r2, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000000040)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040) 1.011619699s ago: executing program 0 (id=19703): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r0, &(0x7f00000026c0)=[{{&(0x7f0000000140)={0xa, 0x4e20, 0x1ff, @private0, 0x5}, 0x1c, &(0x7f0000000280)=[{&(0x7f00000001c0)="e157211cc94890a5c7b52388", 0xc}, {&(0x7f0000000380)="d1c17ef7381a03d78119eb8eaad6cedccfda12b0a4b1ae7aa2728754c4d1169565aa95377ae819573050e92ca1d25d6124bf73040cd613e091587f8eaf3275cef841942295ef5cf316a0bfc67043d6e8af26f68685a174f73f1796ef73161ab377a663b1d618cda481500555916571006a4c9a43ea97f036d689421a3e375d8fda73c0de25dc263e676351a8f6fc15cbaa749efe8d0d25675014aa1e1360be44a55eee282f1535190bb5ec77bac8968db3175e8f502e04aca78eb6e7ce34b8dbd7fb7170e396e8b6a2c99adb30", 0xcd}, {&(0x7f0000000240)="9040172bc2668cb75b18f5819a185aadae004117ae638e4bee2adf7326f59602ff0fed11feea5c71e51b5821fbc95fc195f16ef23d3bdb586297adc016", 0x3d}, {&(0x7f0000000480)="d789a9aacd5e09ac47725cf0879c914e23dc83cdcfdc1d02fb8d704d2126f6fb041bfa05f695d06fad4a30d0ef0fb873e01722925f55a9a6ad3374d2f867f336edd66b52e5ca9f04510057c085673db54875fe3fdf36ffb6e085e54ace1a37ba53755e86f4337aabd57ada4dbc35fcefd30638b49d266eda93fd6879c6a01d0d79d51ae499ecb342f2cdb56c96142cbd3985e9864cdae0", 0x97}, {&(0x7f0000000540)="b23cbcf37daf6dfc744beb213b9bac0a0395a8fbdd4a2816543b1c52fe19b1d6dc9fcdc39e463f5d41259b403d2cdbcceb7fbbee356fdc949d01572622f415c6cfbee9b6db15ce3d4dd97e2235cf8dbba52e8497facf71acf51a1f3a1c4c0a0adf32265fab73fe44926c7f98ab2fe3acbe949295bce07cc3dbd18f7f8d412b2c9ea4a45f0e2e6bf1ce8a8b43e0", 0x8d}], 0x5, &(0x7f0000000600)=[@hoplimit_2292={{0x14, 0x29, 0x8, 0x1ff}}, @rthdrdstopts={{0x110, 0x29, 0x37, {0x3c, 0x1e, '\x00', [@calipso={0x7, 0x28, {0x0, 0x8, 0xdf, 0x8, [0xe, 0x0, 0xd0f, 0xf222]}}, @pad1, @hao={0xc9, 0x10, @private1}, @generic={0x9, 0xaa, "fcbea77b20199720ae470b458ab0060032138c18ac3c6f164f0ef7afd4f6e0c9e3b19425b06cfcdce4300b6e28c0d11f6d2c7d2552d6a6f555d1ae4a64b9c5bcebb16095fb1afb4896c25a3fd30d89d5a3f3f11ad72b5378ba003c6602c27fa5902c74e27cd1badfe37a932a0e7c8e7209c0e5e31ea8fb8073bc657ceeb33c408479335ff71b24ade7cf3b464823e7c4dbc0f1ad67de3a826e6fb57603674e4ef87d88ee3e75d34c2094"}, @enc_lim={0x4, 0x1, 0x6}, @pad1]}}}, @flowinfo={{0x14, 0x29, 0xb, 0x10000}}, @tclass={{0x14, 0x29, 0x43, 0x2}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x1}}, @dontfrag={{0x14, 0x29, 0x3e, 0x5}}, @hopopts={{0x198, 0x29, 0x36, {0x89, 0x30, '\x00', [@generic={0x5, 0xef, "3071b6c32a767a370047e61b236df7beb60c4fa2169b017795e9947a2c169e28a267ea1227f57e0e90ab2f9ab5fccf13e0b4b85feda46e3f7d38f42c8f968bd88c7738d0d96a9a3356b434a6e68480a0735cecba60dd7a74fa31ca3b72198cee214451e26feba42877b2a552774c3f8a90f96ab457a27dde649b37c5fe1ccaf809cf4ecf76f76542e71dd20c6cb8bbf539cd4dd4e4d553b505717245990bf6a88ef365cc01df04eed224ffbbfca1d69c58687de807519e294fe94b880fdb5bd4654cc43b0a5898463d989bb760bf7105257ae0af9551b74093291ae4fd43dd74e4afe1be9547c45b0f4daf29df97ef"}, @generic={0x3, 0x87, "a023e91b8a03253a8824432ec3f9949e4424f9d05385206700d0622fb6492fa90e2666e4f3a4afb503b39e32d02a73a51b8fb8c115321ed176ac570e58b89db3385e41a8eef8ce92b6e8086d21c47d3df9d1c913589b891f05679de1af710f36127f82c4178ba345a4b5666bc7ba5ecec61c95186e593d096dd0fbb19f7784607955caa01b80fb"}, @jumbo={0xc2, 0x4, 0xffff}]}}}], 0x320}}, {{&(0x7f0000000940)={0xa, 0x4e22, 0x485, @empty, 0x4}, 0x1c, &(0x7f00000009c0)=[{&(0x7f0000000980)="f42a0b88db4584b9cb337fe823066b4977f2857224703b29a0", 0x19}], 0x1, &(0x7f0000000a80)=[@hoplimit={{0x14, 0x29, 0x34, 0xffff1020}}, @dstopts_2292={{0x80, 0x29, 0x4, {0x3b, 0xc, '\x00', [@jumbo={0xc2, 0x4, 0xe4b}, @hao={0xc9, 0x10, @loopback}, @hao={0xc9, 0x10, @private0={0xfc, 0x0, '\x00', 0x1}}, @ra={0x5, 0x2, 0x7}, @jumbo={0xc2, 0x4, 0x2}, @hao={0xc9, 0x10, @dev={0xfe, 0x80, '\x00', 0x35}}, @jumbo={0xc2, 0x4, 0xf}, @calipso={0x7, 0x10, {0x0, 0x2, 0x6, 0x8be, [0x6]}}, @jumbo={0xc2, 0x4, 0x34a}]}}}], 0x98}}, {{&(0x7f0000000a00)={0xa, 0x4e23, 0x3, @private0, 0x8}, 0x1c, &(0x7f0000001d00)=[{&(0x7f0000000c40)="cba712a3e056cfbcfc052e407d8de974ccf7c2d95188f0c5af34fe2176c117e4a4b96787f8433c23fe2dc66549249520f8389937d755945be0521789b392c9c81fd90975fc6291ceb04a6fff1d0098c9e803ff266bcc8615e0204d3feeedf8458d2d2592cbb35ff2694c", 0x6a}, {&(0x7f0000000b40)="36e39b9853966f9fb1", 0x9}, {&(0x7f0000001cc0)="817ee95caf5e8a9ad35a374fea07a1f781fc8c691fc8b7266ea038fac3fad35b839b07f64ba10dca20", 0x29}], 0x3, &(0x7f0000001d80)=[@hopopts_2292={{0x68, 0x29, 0x36, {0x84, 0x9, '\x00', [@pad1, @jumbo={0xc2, 0x4, 0x7}, @jumbo={0xc2, 0x4, 0x6}, @jumbo={0xc2, 0x4, 0x5}, @hao={0xc9, 0x10, @remote}, @pad1, @calipso={0x7, 0x20, {0x0, 0x6, 0xb8, 0x9, [0x7fffffffffffffff, 0x2, 0x3]}}, @pad1]}}}], 0x68}}, {{&(0x7f0000001e80)={0xa, 0x4e22, 0x2c82, @rand_addr=' \x01\x00', 0x8}, 0x1c, &(0x7f0000002140)=[{&(0x7f0000001ec0)="29de5dbc7dae3122bb3068e7e29485de82335b94664c82cda2266c66b64ed4b697a316a2af64f13eb5c0d4d7db9fe064684fc0eefeb961b0672bae3e2c0c29eb91fd3d57fc50f1f512ff3134d91b4f839648a5eb8c1ad5a9b262a21fb2a702e51d5b8eca329b6645bb34ccd4f8296b52a5945e53282b9e235fd1baa11ce95574b8a736f9faf2121dbc68569165a07df26c3e1b5765f0d722e3be17f3d2f882917d1a089b74a3a4956b1523cd8adc95464f33d299920746b105", 0xb9}, {&(0x7f0000001f80)="0d3e7d95d9011d3d2efea4bfd665a885772ef22c682347b154247256ddd9d070090708a97b33aa46dd0bb673638854914e761f59e98baee30a02cfb1854250c139a014f77cfe73031465d0bcd856fa19f4d3756c1a4e9c9aafebf9b1470bb362cfca69ac639cc8cd39eaf2a0cd12d47576ad2e6f801de097", 0x78}, {&(0x7f0000002000)="afe77bfd744f2a3c949b5bc5c35d0860357b9006c9f0511d185ed6e46eadc16a91f375ec4c547315968066c2c1a7a55bea0e9e8c8ac30557846d7a24345aa2af536f3db2b530a787f6ec79ef96a31233401be1cd460a3cb10d9b27476ef4bdede5793f045e87b0418abc8c9eca73373a887823634b7ad3dd929539ca940b075f3d8a556ebf8b29eecaaf3541949d1381", 0x90}, {&(0x7f00000020c0)="d80e89a15692492168afe9b695fd13573ff66906be9b20651a2bc98c8c02af784c9a7b45e707f9d81c49d8c8f5f6778e1162cd5070d15a7108dbe40d7461789d03a28b5da7a593e28a89e3", 0x4b}], 0x4, &(0x7f0000002180)=[@hoplimit={{0x14, 0x29, 0x34, 0xffff}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0xffffff8b}}, @rthdr={{0x68, 0x29, 0x39, {0x62, 0xa, 0x2, 0xd2, 0x0, [@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @empty, @empty, @empty, @local]}}}, @rthdrdstopts={{0x38, 0x29, 0x37, {0xff, 0x3, '\x00', [@padn={0x1, 0x5, [0x0, 0x0, 0x0, 0x0, 0x0]}, @hao={0xc9, 0x10, @mcast1}]}}}, @hopopts={{0x18, 0x29, 0x36, {0x32}}}, @rthdr_2292={{0x58, 0x29, 0x39, {0x87, 0x8, 0x0, 0x0, 0x0, [@empty, @mcast2, @remote, @private0={0xfc, 0x0, '\x00', 0x1}]}}}, @dstopts={{0x28, 0x29, 0x37, {0x73, 0x1, '\x00', [@pad1, @enc_lim={0x4, 0x1, 0x6}, @pad1]}}}, @hoplimit={{0x14, 0x29, 0x34, 0x352c565d}}, @rthdr={{0x48, 0x29, 0x39, {0x3b, 0x6, 0x1, 0x5, 0x0, [@remote, @private0, @remote]}}}], 0x1c8}}], 0x4, 0x8008080) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendmmsg$inet(r2, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(r1, &(0x7f00000028c0)={&(0x7f00000027c0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000002880)={&(0x7f0000002900)=ANY=[@ANYBLOB="4c000000a570fa78d5d1893d8be38ac79712994ac4d9185fdc5199f2009c1b90718cae13ccc168db76da00576846cbdafde6a8ca8a0e78da4d73b76ec2ef1579fba8cbbe63b0632bd4204eec84c8c33d60655fe09c5a862e7a14cda723447337a2c4cea8e007a092d5776ca273925e8e7ea28a22c1fb51287ef7af6e5dfbc8b1c90baa7bd843e50e415ceb56f2098afb4cc3cedc8f75b6415f42343ee5cd9fa5dde95e6bb2347f6801040000e361aa5009d8e70e898636c64b61e76a05c9bd55e759b1541ac622b33934eeb625a87dd838c96d26d981d828986d97b667f2f05f45677b2c8b", @ANYRES16=0x0, @ANYBLOB="10002bbd7000ffdbdf25130000000e0001006e657464657673696d0000000f0002006e657464657673696d300000080003000300000008000b00008000000600110006000000"], 0x4c}, 0x1, 0x0, 0x0, 0xb5626087fa90eb98}, 0x4000811) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r4, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r4, @ANYRES64=r3], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r4, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000140)={0x73622a85, 0x1381, 0x3}) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000100)={0x90, 0x0, &(0x7f0000002680)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x70, 0x18, &(0x7f00000004c0)={@ptr={0x70742a85, 0x0, &(0x7f0000000280)=""/226, 0xe2, 0x2, 0x4}, @fda={0x66646185, 0xffffffffffffffff, 0x0, 0xe}, @ptr={0x70742a85, 0x0, &(0x7f0000002740)=""/243, 0xf3, 0x0, 0x28}}, &(0x7f00000001c0)={0x0, 0x28, 0x48}}, 0x1000}, @reply={0x40406301, {0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000080)={@fda={0x66646185, 0xffffffff7fffffff, 0xfffffffffffffffe, 0x10}, @ptr={0x70742a85, 0x1, &(0x7f0000000580)=""/173, 0xad, 0x0, 0x14}, @flat=@binder={0x73622a85, 0x110a, 0x1}}, &(0x7f0000000000)={0x0, 0x20, 0x48}}}], 0x0, 0x0, 0x0}) ioctl$KVM_X86_SETUP_MCE(r4, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000540)=ANY=[@ANYBLOB="280000001300010002000000f6dbdf2508000000030000001000b1800c005b80080028"], 0x28}], 0x1}, 0x0) 978.861152ms ago: executing program 0 (id=19704): rt_sigaction(0xd, &(0x7f0000000180)={0x0, 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendmmsg$inet(r2, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000000040)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040) 913.079639ms ago: executing program 0 (id=19705): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES32=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) 912.355419ms ago: executing program 2 (id=19706): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r2) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000004c0)={'syz_tun\x00', 0x0}) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x2c, r3, 0x1, 0x70bd26, 0x25dfdbff, {}, [@ETHTOOL_A_LINKMODES_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}]}, @ETHTOOL_A_LINKMODES_OURS={0xc, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x8, 0x3, 0x0, 0x1, [{0x4}]}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x400c815}, 0x20048884) 910.894819ms ago: executing program 0 (id=19707): rt_sigaction(0xd, &(0x7f0000000180)={0x0, 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8=0x0, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$packet(0x11, 0x2, 0x300) recvfrom$packet(r2, 0x0, 0x0, 0x2000, 0x0, 0x0) 827.788267ms ago: executing program 0 (id=19708): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x8901, 0x0) ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x110c23003f) ioctl$PPPIOCGNPMODE(r0, 0xc008744c, &(0x7f0000000080)={0x283, 0x3}) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000000040)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040) 781.600762ms ago: executing program 3 (id=19709): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendmmsg$inet(r2, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) epoll_create(0x3) 625.138377ms ago: executing program 2 (id=19710): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x8901, 0x0) ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x110c23003f) ioctl$PPPIOCGNPMODE(r0, 0xc008744c, &(0x7f0000000080)={0x283, 0x3}) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r2, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r2, @ANYRES64=r1], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r2, 0x0) ioctl$KVM_X86_SETUP_MCE(r2, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000000c0)) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000000040)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040) 595.13686ms ago: executing program 1 (id=19711): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r2, &(0x7f0000000100)={0xa, 0x4e24, 0xfffffffe, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, 0x0, 0x0) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r2, 0x11a, 0x23, &(0x7f00000013c0)={&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0}, &(0x7f0000000140)=0x40) 594.179471ms ago: executing program 2 (id=19712): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r2) r4 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000004c0)={'syz_tun\x00', 0x0}) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x2c, r3, 0x1, 0x70bd26, 0x25dfdbff, {}, [@ETHTOOL_A_LINKMODES_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}, @ETHTOOL_A_LINKMODES_OURS={0xc, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x8, 0x3, 0x0, 0x1, [{0x4}]}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x400c815}, 0x20048884) 542.409036ms ago: executing program 2 (id=19713): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendmmsg$inet(r2, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000000040)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040) 494.922891ms ago: executing program 3 (id=19714): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x5) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r5) r7 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f00000004c0)={'syz_tun\x00', 0x0}) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x2c, r6, 0x1, 0x70bd26, 0x25dfdbff, {}, [@ETHTOOL_A_LINKMODES_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}]}, @ETHTOOL_A_LINKMODES_OURS={0xc, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x8, 0x3, 0x0, 0x1, [{0x4}]}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x400c815}, 0x20048884) ioctl$sock_ipv6_tunnel_SIOCGET6RD(r1, 0x89f8, &(0x7f00000001c0)={'erspan0\x00', &(0x7f0000000940)={'syztnl1\x00', 0x0, 0x10, 0x7, 0x800, 0x0, {{0x32, 0x4, 0x1, 0xa, 0xc8, 0x68, 0x0, 0xc3, 0x29, 0x0, @dev={0xac, 0x14, 0x14, 0x19}, @rand_addr=0x64010100, {[@end, @rr={0x7, 0x1b, 0xcd, [@remote, @empty, @dev={0xac, 0x14, 0x14, 0x38}, @local, @broadcast, @multicast1]}, @timestamp={0x44, 0x10, 0x7f, 0x0, 0x5, [0x5, 0x6, 0xffff]}, @end, @noop, @ra={0x94, 0x4, 0x1}, @lsrr={0x83, 0x7, 0x29, [@remote]}, @cipso={0x86, 0x42, 0x3, [{0x6, 0x6, "c2514e17"}, {0x7, 0xd, "b6b54345ae1bf2508d83dc"}, {0x5, 0x6, "ef71b694"}, {0x0, 0xc, "061723c9d1f5e380ea6d"}, {0x7, 0x8, "dfa066a40152"}, {0x5, 0xf, "ed56d234706259d6eedb2748ca"}]}, @cipso={0x86, 0x26, 0x3, [{0x6, 0x7, "202a15aec4"}, {0x1, 0x7, "66179d5f37"}, {0x4, 0x12, "eeec0b7a2648849b6c729cf6f9a9d180"}]}, @ssrr={0x89, 0x13, 0x82, [@dev={0xac, 0x14, 0x14, 0x32}, @multicast1, @local, @private=0xa010102]}]}}}}}) ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000000)={0x2, 0x0, [{0x40000000, 0x0, 0x1000}, {0x40000001}]}) 494.472001ms ago: executing program 2 (id=19715): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f0000000040)={'lo\x00'}) 238.629516ms ago: executing program 1 (id=19716): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000080)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000007, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) rt_sigaction(0x4, &(0x7f0000000200)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x1, 0x0, {[0x1000000000002]}}, 0x0, 0x8, &(0x7f0000000300)) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r4, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r4, @ANYRES64=r3], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r4, 0x0) ioctl$KVM_X86_SETUP_MCE(r4, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000000100)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) fsetxattr$security_capability(r3, &(0x7f0000000140), &(0x7f0000000240)=@v1={0x1000000, [{0x4, 0x9}]}, 0xc, 0x3) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r5, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r5, @ANYRES64=r2], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r5, 0x0) ioctl$KVM_X86_SETUP_MCE(r5, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r6 = socket$pppl2tp(0x18, 0x1, 0x1) ppoll(&(0x7f00000000c0)=[{r6, 0xe208}], 0x1, 0x0, 0x0, 0x0) r7 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r7) ptrace$setregs(0xd, r7, 0x0, &(0x7f00000003c0)="18607651149d7b10b4024fbbdc08899b8f589df2dbb5d7a8d1b36cfab675cb3976ee8100e2878c9cfa178cac130eb046eda93df39ed4b41924dc225ad4028dd63defb87d698be5c749450b350a789dcfc6b2d6a696b5026d1e52f19274566d1da0f353dd65e330ebf71c5e823f2753c5fd76724828ef31b353e71805205c3dceb44cc4c7b3664e29fb") ptrace$getregset(0x4204, r7, 0x200, &(0x7f0000000240)={&(0x7f0000000140)=""/96, 0x60}) ioctl$TIOCGSID(r1, 0x5429, &(0x7f0000000040)=0x0) syz_open_procfs(r8, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) 151.882155ms ago: executing program 1 (id=19717): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x8901, 0x0) ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x110c23003f) ioctl$PPPIOCGNPMODE(r0, 0xc008744c, &(0x7f0000000080)={0x283, 0x3}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r2, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r2, @ANYRES64=r1], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r2, 0x0) ioctl$KVM_X86_SETUP_MCE(r2, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r1, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000000040)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040) 143.312986ms ago: executing program 1 (id=19718): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r0, &(0x7f00000026c0)=[{{&(0x7f0000000140)={0xa, 0x4e20, 0x1ff, @private0, 0x5}, 0x1c, &(0x7f0000000280)=[{&(0x7f00000001c0)="e157211cc94890a5c7b52388", 0xc}, {&(0x7f0000000380)="d1c17ef7381a03d78119eb8eaad6cedccfda12b0a4b1ae7aa2728754c4d1169565aa95377ae819573050e92ca1d25d6124bf73040cd613e091587f8eaf3275cef841942295ef5cf316a0bfc67043d6e8af26f68685a174f73f1796ef73161ab377a663b1d618cda481500555916571006a4c9a43ea97f036d689421a3e375d8fda73c0de25dc263e676351a8f6fc15cbaa749efe8d0d25675014aa1e1360be44a55eee282f1535190bb5ec77bac8968db3175e8f502e04aca78eb6e7ce34b8dbd7fb7170e396e8b6a2c99adb30", 0xcd}, {&(0x7f0000000240)="9040172bc2668cb75b18f5819a185aadae004117ae638e4bee2adf7326f59602ff0fed11feea5c71e51b5821fbc95fc195f16ef23d3bdb586297adc016", 0x3d}, {&(0x7f0000000480)="d789a9aacd5e09ac47725cf0879c914e23dc83cdcfdc1d02fb8d704d2126f6fb041bfa05f695d06fad4a30d0ef0fb873e01722925f55a9a6ad3374d2f867f336edd66b52e5ca9f04510057c085673db54875fe3fdf36ffb6e085e54ace1a37ba53755e86f4337aabd57ada4dbc35fcefd30638b49d266eda93fd6879c6a01d0d79d51ae499ecb342f2cdb56c96142cbd3985e9864cdae0", 0x97}, {&(0x7f0000000540)="b23cbcf37daf6dfc744beb213b9bac0a0395a8fbdd4a2816543b1c52fe19b1d6dc9fcdc39e463f5d41259b403d2cdbcceb7fbbee356fdc949d01572622f415c6cfbee9b6db15ce3d4dd97e2235cf8dbba52e8497facf71acf51a1f3a1c4c0a0adf32265fab73fe44926c7f98ab2fe3acbe949295bce07cc3dbd18f7f8d412b2c9ea4a45f0e2e6bf1ce8a8b43e0", 0x8d}], 0x5, &(0x7f0000000600)=[@hoplimit_2292={{0x14, 0x29, 0x8, 0x1ff}}, @rthdrdstopts={{0x110, 0x29, 0x37, {0x3c, 0x1e, '\x00', [@calipso={0x7, 0x28, {0x0, 0x8, 0xdf, 0x8, [0xe, 0x0, 0xd0f, 0xf222]}}, @pad1, @hao={0xc9, 0x10, @private1}, @generic={0x9, 0xaa, "fcbea77b20199720ae470b458ab0060032138c18ac3c6f164f0ef7afd4f6e0c9e3b19425b06cfcdce4300b6e28c0d11f6d2c7d2552d6a6f555d1ae4a64b9c5bcebb16095fb1afb4896c25a3fd30d89d5a3f3f11ad72b5378ba003c6602c27fa5902c74e27cd1badfe37a932a0e7c8e7209c0e5e31ea8fb8073bc657ceeb33c408479335ff71b24ade7cf3b464823e7c4dbc0f1ad67de3a826e6fb57603674e4ef87d88ee3e75d34c2094"}, @enc_lim={0x4, 0x1, 0x6}, @pad1]}}}, @flowinfo={{0x14, 0x29, 0xb, 0x10000}}, @tclass={{0x14, 0x29, 0x43, 0x2}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x1}}, @dontfrag={{0x14, 0x29, 0x3e, 0x5}}, @hopopts={{0x198, 0x29, 0x36, {0x89, 0x30, '\x00', [@generic={0x5, 0xef, "3071b6c32a767a370047e61b236df7beb60c4fa2169b017795e9947a2c169e28a267ea1227f57e0e90ab2f9ab5fccf13e0b4b85feda46e3f7d38f42c8f968bd88c7738d0d96a9a3356b434a6e68480a0735cecba60dd7a74fa31ca3b72198cee214451e26feba42877b2a552774c3f8a90f96ab457a27dde649b37c5fe1ccaf809cf4ecf76f76542e71dd20c6cb8bbf539cd4dd4e4d553b505717245990bf6a88ef365cc01df04eed224ffbbfca1d69c58687de807519e294fe94b880fdb5bd4654cc43b0a5898463d989bb760bf7105257ae0af9551b74093291ae4fd43dd74e4afe1be9547c45b0f4daf29df97ef"}, @generic={0x3, 0x87, "a023e91b8a03253a8824432ec3f9949e4424f9d05385206700d0622fb6492fa90e2666e4f3a4afb503b39e32d02a73a51b8fb8c115321ed176ac570e58b89db3385e41a8eef8ce92b6e8086d21c47d3df9d1c913589b891f05679de1af710f36127f82c4178ba345a4b5666bc7ba5ecec61c95186e593d096dd0fbb19f7784607955caa01b80fb"}, @jumbo={0xc2, 0x4, 0xffff}]}}}], 0x320}}, {{&(0x7f0000000940)={0xa, 0x4e22, 0x485, @empty, 0x4}, 0x1c, &(0x7f00000009c0)=[{&(0x7f0000000980)="f42a0b88db4584b9cb337fe823066b4977f2857224703b29a0", 0x19}], 0x1, &(0x7f0000000a80)=[@hoplimit={{0x14, 0x29, 0x34, 0xffff1020}}, @dstopts_2292={{0x80, 0x29, 0x4, {0x3b, 0xc, '\x00', [@jumbo={0xc2, 0x4, 0xe4b}, @hao={0xc9, 0x10, @loopback}, @hao={0xc9, 0x10, @private0={0xfc, 0x0, '\x00', 0x1}}, @ra={0x5, 0x2, 0x7}, @jumbo={0xc2, 0x4, 0x2}, @hao={0xc9, 0x10, @dev={0xfe, 0x80, '\x00', 0x35}}, @jumbo={0xc2, 0x4, 0xf}, @calipso={0x7, 0x10, {0x0, 0x2, 0x6, 0x8be, [0x6]}}, @jumbo={0xc2, 0x4, 0x34a}]}}}], 0x98}}, {{&(0x7f0000000a00)={0xa, 0x4e23, 0x3, @private0, 0x8}, 0x1c, &(0x7f0000001d00)=[{&(0x7f0000000c40)="cba712a3e056cfbcfc052e407d8de974ccf7c2d95188f0c5af34fe2176c117e4a4b96787f8433c23fe2dc66549249520f8389937d755945be0521789b392c9c81fd90975fc6291ceb04a6fff1d0098c9e803ff266bcc8615e0204d3feeedf8458d2d2592cbb35ff2694c", 0x6a}, {&(0x7f0000000b40)="36e39b9853966f9fb1", 0x9}, {&(0x7f0000001cc0)="817ee95caf5e8a9ad35a374fea07a1f781fc8c691fc8b7266ea038fac3fad35b839b07f64ba10dca20", 0x29}], 0x3, &(0x7f0000001d80)=[@hopopts_2292={{0x68, 0x29, 0x36, {0x84, 0x9, '\x00', [@pad1, @jumbo={0xc2, 0x4, 0x7}, @jumbo={0xc2, 0x4, 0x6}, @jumbo={0xc2, 0x4, 0x5}, @hao={0xc9, 0x10, @remote}, @pad1, @calipso={0x7, 0x20, {0x0, 0x6, 0xb8, 0x9, [0x7fffffffffffffff, 0x2, 0x3]}}, @pad1]}}}, @dstopts_2292={{0x18, 0x29, 0x4, {0x2f}}}], 0x80}}, {{&(0x7f0000001e80)={0xa, 0x4e22, 0x2c82, @rand_addr=' \x01\x00', 0x8}, 0x1c, &(0x7f0000002140)=[{&(0x7f0000001ec0)="29de5dbc7dae3122bb3068e7e29485de82335b94664c82cda2266c66b64ed4b697a316a2af64f13eb5c0d4d7db9fe064684fc0eefeb961b0672bae3e2c0c29eb91fd3d57fc50f1f512ff3134d91b4f839648a5eb8c1ad5a9b262a21fb2a702e51d5b8eca329b6645bb34ccd4f8296b52a5945e53282b9e235fd1baa11ce95574b8a736f9faf2121dbc68569165a07df26c3e1b5765f0d722e3be17f3d2f882917d1a089b74a3a4956b1523cd8adc95464f33d299920746b105", 0xb9}, {&(0x7f0000001f80)="0d3e7d95d9011d3d2efea4bfd665a885772ef22c682347b154247256ddd9d070090708a97b33aa46dd0bb673638854914e761f59e98baee30a02cfb1854250c139a014f77cfe73031465d0bcd856fa19f4d3756c1a4e9c9aafebf9b1470bb362cfca69ac639cc8cd39eaf2a0cd12d47576ad2e6f801de097", 0x78}, {&(0x7f0000002000)="afe77bfd744f2a3c949b5bc5c35d0860357b9006c9f0511d185ed6e46eadc16a91f375ec4c547315968066c2c1a7a55bea0e9e8c8ac30557846d7a24345aa2af536f3db2b530a787f6ec79ef96a31233401be1cd460a3cb10d9b27476ef4bdede5793f045e87b0418abc8c9eca73373a887823634b7ad3dd929539ca940b075f3d8a556ebf8b29eecaaf3541949d1381", 0x90}, {&(0x7f00000020c0)="d80e89a15692492168afe9b695fd13573ff66906be9b20651a2bc98c8c02af784c9a7b45e707f9d81c49d8c8f5f6778e1162cd5070d15a7108dbe40d7461789d03a28b5da7a593e28a89e3", 0x4b}], 0x4, &(0x7f0000002180)=[@hoplimit={{0x14, 0x29, 0x34, 0xffff}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0xffffff8b}}, @rthdr={{0x68, 0x29, 0x39, {0x62, 0xa, 0x2, 0xd2, 0x0, [@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @empty, @empty, @empty, @local]}}}, @rthdrdstopts={{0x38, 0x29, 0x37, {0xff, 0x3, '\x00', [@padn={0x1, 0x5, [0x0, 0x0, 0x0, 0x0, 0x0]}, @hao={0xc9, 0x10, @mcast1}]}}}, @hopopts={{0x18, 0x29, 0x36, {0x32}}}, @rthdr_2292={{0x58, 0x29, 0x39, {0x87, 0x8, 0x0, 0x0, 0x0, [@empty, @mcast2, @remote, @private0={0xfc, 0x0, '\x00', 0x1}]}}}, @dstopts={{0x28, 0x29, 0x37, {0x73, 0x1, '\x00', [@pad1, @enc_lim={0x4, 0x1, 0x6}, @pad1]}}}, @hoplimit={{0x14, 0x29, 0x34, 0x352c565d}}, @rthdr={{0x48, 0x29, 0x39, {0x3b, 0x6, 0x1, 0x5, 0x0, [@remote, @private0, @remote]}}}], 0x1c8}}], 0x4, 0x8008080) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendmmsg$inet(r2, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(r1, &(0x7f00000028c0)={&(0x7f00000027c0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000002880)={&(0x7f0000002900)=ANY=[@ANYBLOB="4c000000a570fa78d5d1893d8be38ac79712994ac4d9185fdc5199f2009c1b90718cae13ccc168db76da00576846cbdafde6a8ca8a0e78da4d73b76ec2ef1579fba8cbbe63b0632bd4204eec84c8c33d60655fe09c5a862e7a14cda723447337a2c4cea8e007a092d5776ca273925e8e7ea28a22c1fb51287ef7af6e5dfbc8b1c90baa7bd843e50e415ceb56f2098afb4cc3cedc8f75b6415f42343ee5cd9fa5dde95e6bb2347f6801040000e361aa5009d8e70e898636c64b61e76a05c9bd55e759b1541ac622b33934eeb625a87dd838c96d26d981d828986d97b667f2f05f45677b2c8b", @ANYRES16=0x0, @ANYBLOB="10002bbd7000ffdbdf25130000000e0001006e657464657673696d0000000f0002006e657464657673696d300000080003000300000008000b00008000000600110006000000"], 0x4c}, 0x1, 0x0, 0x0, 0xb5626087fa90eb98}, 0x4000811) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r4, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r4, @ANYRES64=r3], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r4, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000140)={0x73622a85, 0x1381, 0x3}) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000100)={0x90, 0x0, &(0x7f0000002680)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x70, 0x18, &(0x7f00000004c0)={@ptr={0x70742a85, 0x0, &(0x7f0000000280)=""/226, 0xe2, 0x2, 0x4}, @fda={0x66646185, 0xffffffffffffffff, 0x0, 0xe}, @ptr={0x70742a85, 0x0, &(0x7f0000002740)=""/243, 0xf3, 0x0, 0x28}}, &(0x7f00000001c0)={0x0, 0x28, 0x48}}, 0x1000}, @reply={0x40406301, {0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000080)={@fda={0x66646185, 0xffffffff7fffffff, 0xfffffffffffffffe, 0x10}, @ptr={0x70742a85, 0x1, &(0x7f0000000580)=""/173, 0xad, 0x0, 0x14}, @flat=@binder={0x73622a85, 0x110a, 0x1}}, &(0x7f0000000000)={0x0, 0x20, 0x48}}}], 0x0, 0x0, 0x0}) ioctl$KVM_X86_SETUP_MCE(r4, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000540)=ANY=[@ANYBLOB="280000001300010002000000f6dbdf2508000000030000001000b1800c005b80080028"], 0x28}], 0x1}, 0x0) 105.45453ms ago: executing program 1 (id=19719): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x8901, 0x0) ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x110c23003f) ioctl$PPPIOCGNPMODE(r0, 0xc008744c, &(0x7f0000000080)={0x283, 0x3}) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendmmsg$inet(r2, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000000040)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040) 0s ago: executing program 0 (id=19720): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x0, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000000040)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040) kernel console output (not intermixed with test programs): all_64+0x58/0xf0 [ 549.161612][T32543] ? clear_bhb_loop+0x50/0xa0 [ 549.161638][T32543] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 549.161663][T32543] RIP: 0033:0x7f6a6e38f6c9 [ 549.161681][T32543] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 549.161702][T32543] RSP: 002b:00007f6a6f2b6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 549.161728][T32543] RAX: ffffffffffffffda RBX: 00007f6a6e5e5fa0 RCX: 00007f6a6e38f6c9 [ 549.161747][T32543] RDX: 0000200000000480 RSI: 0000200000000440 RDI: 0000000000000000 [ 549.161764][T32543] RBP: 00007f6a6f2b6090 R08: 0000000000000000 R09: 0000000000000000 [ 549.161779][T32543] R10: 0000000001808800 R11: 0000000000000246 R12: 0000000000000001 [ 549.161795][T32543] R13: 00007f6a6e5e6038 R14: 00007f6a6e5e5fa0 R15: 00007ffed07689a8 [ 549.161815][T32543] [ 549.337971][T32553] netlink: 84 bytes leftover after parsing attributes in process `syz.2.14194'. [ 549.562734][T32560] bridge0: port 1(bridge_slave_0) entered blocking state [ 549.570162][T32560] bridge0: port 1(bridge_slave_0) entered disabled state [ 549.577427][T32560] bridge_slave_0: entered allmulticast mode [ 549.583939][T32560] bridge_slave_0: entered promiscuous mode [ 549.590930][T32560] bridge0: port 2(bridge_slave_1) entered blocking state [ 549.598050][T32560] bridge0: port 2(bridge_slave_1) entered disabled state [ 549.605322][T32560] bridge_slave_1: entered allmulticast mode [ 549.611835][T32560] bridge_slave_1: entered promiscuous mode [ 549.696402][T32577] FAULT_INJECTION: forcing a failure. [ 549.696402][T32577] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 549.709584][T32577] CPU: 0 UID: 0 PID: 32577 Comm: syz.2.14203 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 549.709622][T32577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 549.709637][T32577] Call Trace: [ 549.709645][T32577] [ 549.709655][T32577] __dump_stack+0x21/0x30 [ 549.709691][T32577] dump_stack_lvl+0x10c/0x190 [ 549.709731][T32577] ? __cfi_dump_stack_lvl+0x10/0x10 [ 549.709764][T32577] dump_stack+0x19/0x20 [ 549.709794][T32577] should_fail_ex+0x3d9/0x530 [ 549.709819][T32577] should_fail+0xf/0x20 [ 549.709841][T32577] should_fail_usercopy+0x1e/0x30 [ 549.709866][T32577] _copy_from_iter+0x1a3/0x14d0 [ 549.709894][T32577] ? kmalloc_reserve+0xcf/0x500 [ 549.709924][T32577] ? __virt_addr_valid+0x2a6/0x380 [ 549.709949][T32577] ? __cfi__copy_from_iter+0x10/0x10 [ 549.709977][T32577] ? __check_object_size+0x50a/0x810 [ 549.710000][T32577] ? __cfi___check_object_size+0x10/0x10 [ 549.710022][T32577] ? skb_put+0x112/0x1f0 [ 549.710051][T32577] netlink_sendmsg+0x680/0xaf0 [ 549.710088][T32577] ? __cfi_netlink_sendmsg+0x10/0x10 [ 549.710122][T32577] ? bpf_lsm_socket_sendmsg+0xd/0x20 [ 549.710151][T32577] ? security_socket_sendmsg+0x33/0xd0 [ 549.710173][T32577] ? __cfi_netlink_sendmsg+0x10/0x10 [ 549.710207][T32577] ____sys_sendmsg+0xa15/0xa70 [ 549.710243][T32577] ? __sys_sendmsg_sock+0x50/0x50 [ 549.710278][T32577] ? import_iovec+0x81/0xb0 [ 549.710309][T32577] ___sys_sendmsg+0x220/0x2a0 [ 549.710343][T32577] ? __sys_sendmsg+0x280/0x280 [ 549.710377][T32577] ? proc_fail_nth_write+0x17e/0x210 [ 549.710408][T32577] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 549.710446][T32577] __x64_sys_sendmsg+0x1eb/0x2c0 [ 549.710481][T32577] ? fput+0x1a5/0x240 [ 549.710508][T32577] ? __cfi___x64_sys_sendmsg+0x10/0x10 [ 549.710541][T32577] ? ksys_write+0x1ef/0x250 [ 549.710565][T32577] ? __kasan_check_read+0x15/0x20 [ 549.710600][T32577] x64_sys_call+0x2a4c/0x2ee0 [ 549.710634][T32577] do_syscall_64+0x58/0xf0 [ 549.710663][T32577] ? clear_bhb_loop+0x50/0xa0 [ 549.710689][T32577] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 549.710721][T32577] RIP: 0033:0x7f29f7f8f6c9 [ 549.710741][T32577] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 549.710761][T32577] RSP: 002b:00007f29f69e3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 549.710787][T32577] RAX: ffffffffffffffda RBX: 00007f29f81e5fa0 RCX: 00007f29f7f8f6c9 [ 549.710805][T32577] RDX: 0000000000000040 RSI: 00002000000000c0 RDI: 0000000000000005 [ 549.710821][T32577] RBP: 00007f29f69e3090 R08: 0000000000000000 R09: 0000000000000000 [ 549.710837][T32577] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 549.710851][T32577] R13: 00007f29f81e6038 R14: 00007f29f81e5fa0 R15: 00007ffe144b6878 [ 549.710872][T32577] [ 549.715284][T32575] netlink: 16 bytes leftover after parsing attributes in process `syz.3.14202'. [ 549.768500][T32583] netlink: 84 bytes leftover after parsing attributes in process `syz.2.14206'. [ 549.970970][ T36] kauditd_printk_skb: 30 callbacks suppressed [ 549.970992][ T36] audit: type=1400 audit(2000000228.943:827): avc: denied { nlmsg_read } for pid=32584 comm="syz.3.14207" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1 [ 550.058703][ T46] bridge_slave_1: left allmulticast mode [ 550.064507][ T46] bridge_slave_1: left promiscuous mode [ 550.076776][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 550.096002][ T46] bridge_slave_0: left allmulticast mode [ 550.105586][ T46] bridge_slave_0: left promiscuous mode [ 550.128695][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 550.225255][T32560] bridge0: port 2(bridge_slave_1) entered blocking state [ 550.232471][T32560] bridge0: port 2(bridge_slave_1) entered forwarding state [ 550.239828][T32560] bridge0: port 1(bridge_slave_0) entered blocking state [ 550.246902][T32560] bridge0: port 1(bridge_slave_0) entered forwarding state [ 550.274898][ T46] veth1_macvtap: left promiscuous mode [ 550.280801][ T46] veth0_vlan: left promiscuous mode [ 550.354547][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 550.362107][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 550.381986][ T329] bridge0: port 1(bridge_slave_0) entered blocking state [ 550.389109][ T329] bridge0: port 1(bridge_slave_0) entered forwarding state [ 550.409725][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 550.416831][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 550.418644][T32616] FAULT_INJECTION: forcing a failure. [ 550.418644][T32616] name failslab, interval 1, probability 0, space 0, times 0 [ 550.437950][T32616] CPU: 0 UID: 0 PID: 32616 Comm: syz.3.14219 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 550.437987][T32616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 550.438001][T32616] Call Trace: [ 550.438009][T32616] [ 550.438018][T32616] __dump_stack+0x21/0x30 [ 550.438052][T32616] dump_stack_lvl+0x10c/0x190 [ 550.438083][T32616] ? __cfi_dump_stack_lvl+0x10/0x10 [ 550.438115][T32616] dump_stack+0x19/0x20 [ 550.438144][T32616] should_fail_ex+0x3d9/0x530 [ 550.438167][T32616] should_failslab+0xac/0x100 [ 550.438193][T32616] __kmalloc_cache_noprof+0x41/0x490 [ 550.438216][T32616] ? __kasan_kmalloc+0x96/0xb0 [ 550.438240][T32616] ? legacy_init_fs_context+0x62/0x160 [ 550.438271][T32616] legacy_init_fs_context+0x62/0x160 [ 550.438301][T32616] alloc_fs_context+0x5ee/0x830 [ 550.438330][T32616] fs_context_for_mount+0x26/0x40 [ 550.438357][T32616] do_new_mount+0x116/0xb40 [ 550.438378][T32616] ? security_capable+0xcf/0xf0 [ 550.438420][T32616] path_mount+0x688/0x1050 [ 550.438441][T32616] ? putname+0x113/0x150 [ 550.438464][T32616] __se_sys_mount+0x2bd/0x480 [ 550.438487][T32616] ? __x64_sys_mount+0xf0/0xf0 [ 550.438515][T32616] __x64_sys_mount+0xc3/0xf0 [ 550.438537][T32616] x64_sys_call+0x2021/0x2ee0 [ 550.438569][T32616] do_syscall_64+0x58/0xf0 [ 550.438598][T32616] ? clear_bhb_loop+0x50/0xa0 [ 550.438622][T32616] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 550.438646][T32616] RIP: 0033:0x7f8690b8f6c9 [ 550.438666][T32616] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 550.438684][T32616] RSP: 002b:00007f8691ab8038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 550.438709][T32616] RAX: ffffffffffffffda RBX: 00007f8690de5fa0 RCX: 00007f8690b8f6c9 [ 550.438726][T32616] RDX: 0000200000000100 RSI: 0000200000000040 RDI: 0000000000000000 [ 550.438743][T32616] RBP: 00007f8691ab8090 R08: 0000200000000200 R09: 0000000000000000 [ 550.438759][T32616] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 550.438773][T32616] R13: 00007f8690de6038 R14: 00007f8690de5fa0 R15: 00007ffef38c9728 [ 550.438794][T32616] [ 550.532516][T32560] veth0_vlan: entered promiscuous mode [ 550.666691][T32560] veth1_macvtap: entered promiscuous mode [ 551.178955][ T36] audit: type=1326 audit(2000000230.153:828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32660 comm="syz.1.14239" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f248e58f6c9 code=0x0 [ 551.253136][T32666] netlink: 92 bytes leftover after parsing attributes in process `syz.3.14242'. [ 551.278887][T32666] FAULT_INJECTION: forcing a failure. [ 551.278887][T32666] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 551.318490][T32666] CPU: 0 UID: 0 PID: 32666 Comm: syz.3.14242 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 551.318529][T32666] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 551.318543][T32666] Call Trace: [ 551.318551][T32666] [ 551.318561][T32666] __dump_stack+0x21/0x30 [ 551.318596][T32666] dump_stack_lvl+0x10c/0x190 [ 551.318625][T32666] ? __cfi_dump_stack_lvl+0x10/0x10 [ 551.318652][T32666] ? check_stack_object+0x12c/0x140 [ 551.318675][T32666] dump_stack+0x19/0x20 [ 551.318703][T32666] should_fail_ex+0x3d9/0x530 [ 551.318727][T32666] should_fail+0xf/0x20 [ 551.318748][T32666] should_fail_usercopy+0x1e/0x30 [ 551.318774][T32666] _copy_to_user+0x24/0xa0 [ 551.318809][T32666] simple_read_from_buffer+0xed/0x160 [ 551.318839][T32666] proc_fail_nth_read+0x19e/0x210 [ 551.318871][T32666] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 551.318902][T32666] ? bpf_lsm_file_permission+0xd/0x20 [ 551.318934][T32666] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 551.318965][T32666] vfs_read+0x27d/0xc70 [ 551.318987][T32666] ? __cfi_vfs_read+0x10/0x10 [ 551.319006][T32666] ? __kasan_check_write+0x18/0x20 [ 551.319041][T32666] ? mutex_lock+0x92/0x1c0 [ 551.319062][T32666] ? __cfi_mutex_lock+0x10/0x10 [ 551.319083][T32666] ? __fget_files+0x2c5/0x340 [ 551.319110][T32666] ksys_read+0x141/0x250 [ 551.319129][T32666] ? xfd_validate_state+0x68/0x150 [ 551.319160][T32666] ? __cfi_ksys_read+0x10/0x10 [ 551.319182][T32666] ? __kasan_check_write+0x18/0x20 [ 551.319217][T32666] ? fpregs_restore_userregs+0x11d/0x260 [ 551.319244][T32666] __x64_sys_read+0x7f/0x90 [ 551.319265][T32666] x64_sys_call+0x2638/0x2ee0 [ 551.319299][T32666] do_syscall_64+0x58/0xf0 [ 551.319338][T32666] ? clear_bhb_loop+0x50/0xa0 [ 551.319365][T32666] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 551.319390][T32666] RIP: 0033:0x7f8690b8e0dc [ 551.319409][T32666] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 551.319430][T32666] RSP: 002b:00007f8691ab8030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 551.319455][T32666] RAX: ffffffffffffffda RBX: 00007f8690de5fa0 RCX: 00007f8690b8e0dc [ 551.319474][T32666] RDX: 000000000000000f RSI: 00007f8691ab80a0 RDI: 0000000000000006 [ 551.319490][T32666] RBP: 00007f8691ab8090 R08: 0000000000000000 R09: 0000000000000000 [ 551.319505][T32666] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 551.319520][T32666] R13: 00007f8690de6038 R14: 00007f8690de5fa0 R15: 00007ffef38c9728 [ 551.319541][T32666] [ 551.923011][T32689] loop5: detected capacity change from 0 to 7 [ 553.095557][T32708] netlink: 16 bytes leftover after parsing attributes in process `syz.3.14258'. [ 553.432680][T32727] No source specified [ 553.528848][T32729] netlink: 16 bytes leftover after parsing attributes in process `syz.1.14271'. [ 553.924837][T32757] SELinux: security_context_str_to_sid (sytem_uÝGй) failed with errno=-22 [ 553.978528][T32757] binder: Unknown parameter 'measure' [ 554.292852][ T321] FAULT_INJECTION: forcing a failure. [ 554.292852][ T321] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 554.325521][ T321] CPU: 1 UID: 0 PID: 321 Comm: syz.2.14299 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 554.325559][ T321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 554.325576][ T321] Call Trace: [ 554.325585][ T321] [ 554.325595][ T321] __dump_stack+0x21/0x30 [ 554.325630][ T321] dump_stack_lvl+0x10c/0x190 [ 554.325660][ T321] ? __cfi_dump_stack_lvl+0x10/0x10 [ 554.325693][ T321] dump_stack+0x19/0x20 [ 554.325722][ T321] should_fail_ex+0x3d9/0x530 [ 554.325747][ T321] should_fail+0xf/0x20 [ 554.325768][ T321] should_fail_usercopy+0x1e/0x30 [ 554.325793][ T321] strncpy_from_user+0x28/0x270 [ 554.325816][ T321] __se_sys_request_key+0xa3/0x340 [ 554.325847][ T321] ? ksys_write+0x1ef/0x250 [ 554.325868][ T321] ? __x64_sys_request_key+0xc0/0xc0 [ 554.325901][ T321] __x64_sys_request_key+0x9f/0xc0 [ 554.325931][ T321] x64_sys_call+0x2b60/0x2ee0 [ 554.325964][ T321] do_syscall_64+0x58/0xf0 [ 554.326058][ T321] ? clear_bhb_loop+0x50/0xa0 [ 554.326085][ T321] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 554.326110][ T321] RIP: 0033:0x7f29f7f8f6c9 [ 554.326129][ T321] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 554.326149][ T321] RSP: 002b:00007f29f69e3038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f9 [ 554.326174][ T321] RAX: ffffffffffffffda RBX: 00007f29f81e5fa0 RCX: 00007f29f7f8f6c9 [ 554.326192][ T321] RDX: 0000200000000080 RSI: 0000200000000040 RDI: 0000200000000000 [ 554.326210][ T321] RBP: 00007f29f69e3090 R08: 0000000000000000 R09: 0000000000000000 [ 554.326226][ T321] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 554.326239][ T321] R13: 00007f29f81e6038 R14: 00007f29f81e5fa0 R15: 00007ffe144b6878 [ 554.326261][ T321] [ 554.405468][ T323] netlink: 84 bytes leftover after parsing attributes in process `syz.0.14290'. [ 554.795017][ T352] netlink: 84 bytes leftover after parsing attributes in process `syz.2.14311'. [ 555.139534][ T378] netlink: 84 bytes leftover after parsing attributes in process `syz.0.14322'. [ 555.227665][ T358] rust_binder: Write failure EINVAL in pid:1166 [ 555.338994][ T397] FAULT_INJECTION: forcing a failure. [ 555.338994][ T397] name failslab, interval 1, probability 0, space 0, times 0 [ 555.368919][ T395] can: request_module (can-proto-0) failed. [ 555.378351][ T397] CPU: 0 UID: 0 PID: 397 Comm: syz.1.14333 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 555.378403][ T397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 555.378426][ T397] Call Trace: [ 555.378435][ T397] [ 555.378448][ T397] __dump_stack+0x21/0x30 [ 555.378484][ T397] dump_stack_lvl+0x10c/0x190 [ 555.378515][ T397] ? __cfi_dump_stack_lvl+0x10/0x10 [ 555.378549][ T397] dump_stack+0x19/0x20 [ 555.378577][ T397] should_fail_ex+0x3d9/0x530 [ 555.378602][ T397] should_failslab+0xac/0x100 [ 555.378629][ T397] __kmalloc_cache_noprof+0x41/0x490 [ 555.378653][ T397] ? proc_self_get_link+0x11a/0x290 [ 555.378685][ T397] proc_self_get_link+0x11a/0x290 [ 555.378713][ T397] ? security_inode_follow_link+0x74/0x140 [ 555.378737][ T397] ? __cfi_proc_self_get_link+0x10/0x10 [ 555.378766][ T397] pick_link+0x6d5/0xe80 [ 555.378788][ T397] step_into+0xc58/0xf50 [ 555.378808][ T397] ? __kasan_check_read+0x15/0x20 [ 555.378841][ T397] ? read_word_at_a_time+0x1a/0x40 [ 555.378868][ T397] ? set_root+0x420/0x420 [ 555.378886][ T397] ? lookup_fast+0x167/0x530 [ 555.378903][ T397] ? inode_permission+0xf3/0x4c0 [ 555.378925][ T397] link_path_walk+0x753/0xec0 [ 555.378962][ T397] path_openat+0x281/0x34b0 [ 555.378992][ T397] ? kasan_save_track+0x3e/0x80 [ 555.379016][ T397] ? kasan_save_alloc_info+0x40/0x50 [ 555.379048][ T397] ? getname+0x1b/0x30 [ 555.379069][ T397] ? x64_sys_call+0xe69/0x2ee0 [ 555.379103][ T397] ? entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 555.379139][ T397] ? do_filp_open+0x3e0/0x3e0 [ 555.379169][ T397] do_filp_open+0x1c6/0x3e0 [ 555.379203][ T397] ? __cfi_do_filp_open+0x10/0x10 [ 555.379235][ T397] ? alloc_fd+0x4e7/0x5a0 [ 555.379260][ T397] do_sys_openat2+0x12c/0x1c0 [ 555.379290][ T397] ? fput+0x1a5/0x240 [ 555.379323][ T397] ? do_sys_open+0x100/0x100 [ 555.379351][ T397] ? ksys_write+0x1ef/0x250 [ 555.379372][ T397] ? __cfi_ksys_write+0x10/0x10 [ 555.379395][ T397] __x64_sys_openat+0x13a/0x170 [ 555.379425][ T397] x64_sys_call+0xe69/0x2ee0 [ 555.379458][ T397] do_syscall_64+0x58/0xf0 [ 555.379487][ T397] ? clear_bhb_loop+0x50/0xa0 [ 555.379512][ T397] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 555.379536][ T397] RIP: 0033:0x7f248e58df10 [ 555.379555][ T397] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 69 95 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 bc 95 02 00 8b 44 [ 555.379575][ T397] RSP: 002b:00007f248f4c1f60 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 555.379601][ T397] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f248e58df10 [ 555.379619][ T397] RDX: 0000000000000000 RSI: 00007f248e61207e RDI: 00000000ffffff9c [ 555.379635][ T397] RBP: 00007f248e61207e R08: 0000000000000000 R09: 0000000000000000 [ 555.379650][ T397] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 555.379665][ T397] R13: 00007f248e7e6038 R14: 00007f248e7e5fa0 R15: 00007ffc82c34688 [ 555.379686][ T397] [ 555.731774][ T417] netlink: 4 bytes leftover after parsing attributes in process `syz.1.14341'. [ 555.920027][ T440] No source specified [ 556.518786][ T450] rust_binder: 1122: no such ref 0 [ 556.546658][ T451] rust_binder: BC_REQUEST_DEATH_NOTIFICATION invalid ref 0 [ 556.568326][ T451] rust_binder: BC_CLEAR_DEATH_NOTIFICATION invalid ref 0 [ 556.626586][ T459] rust_binder: 1199: no such ref 3 [ 556.631797][ T459] rust_binder: 1199: no such ref 1 [ 556.636959][ T459] rust_binder: BC_CLEAR_DEATH_NOTIFICATION invalid ref 0 [ 556.658496][ T459] rust_binder: BC_CLEAR_DEATH_NOTIFICATION invalid ref 0 [ 556.678206][ T459] rust_binder: 1199: no such ref 0 [ 556.762580][ T467] netlink: 16 bytes leftover after parsing attributes in process `syz.2.14363'. [ 556.820969][ T475] netlink: 80 bytes leftover after parsing attributes in process `syz.2.14367'. [ 556.839437][ T477] FAULT_INJECTION: forcing a failure. [ 556.839437][ T477] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 556.861262][ T477] CPU: 1 UID: 0 PID: 477 Comm: syz.1.14368 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 556.861301][ T477] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 556.861316][ T477] Call Trace: [ 556.861324][ T477] [ 556.861334][ T477] __dump_stack+0x21/0x30 [ 556.861372][ T477] dump_stack_lvl+0x10c/0x190 [ 556.861403][ T477] ? __cfi_dump_stack_lvl+0x10/0x10 [ 556.861435][ T477] ? check_stack_object+0x12c/0x140 [ 556.861459][ T477] dump_stack+0x19/0x20 [ 556.861488][ T477] should_fail_ex+0x3d9/0x530 [ 556.861513][ T477] should_fail+0xf/0x20 [ 556.861534][ T477] should_fail_usercopy+0x1e/0x30 [ 556.861559][ T477] _copy_to_user+0x24/0xa0 [ 556.861587][ T477] simple_read_from_buffer+0xed/0x160 [ 556.861618][ T477] proc_fail_nth_read+0x19e/0x210 [ 556.861647][ T477] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 556.861677][ T477] ? bpf_lsm_file_permission+0xd/0x20 [ 556.861709][ T477] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 556.861740][ T477] vfs_read+0x27d/0xc70 [ 556.861761][ T477] ? __cfi_vfs_read+0x10/0x10 [ 556.861780][ T477] ? __kasan_check_write+0x18/0x20 [ 556.861816][ T477] ? mutex_lock+0x92/0x1c0 [ 556.861839][ T477] ? __cfi_mutex_lock+0x10/0x10 [ 556.861859][ T477] ? __fget_files+0x2c5/0x340 [ 556.861885][ T477] ksys_read+0x141/0x250 [ 556.861904][ T477] ? __cfi_ksys_read+0x10/0x10 [ 556.861924][ T477] ? __x64_sys_clock_getres+0x22c/0x280 [ 556.861959][ T477] ? __kasan_check_read+0x15/0x20 [ 556.861993][ T477] __x64_sys_read+0x7f/0x90 [ 556.862015][ T477] x64_sys_call+0x2638/0x2ee0 [ 556.862048][ T477] do_syscall_64+0x58/0xf0 [ 556.862087][ T477] ? clear_bhb_loop+0x50/0xa0 [ 556.862113][ T477] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 556.862138][ T477] RIP: 0033:0x7f248e58e0dc [ 556.862157][ T477] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 556.862177][ T477] RSP: 002b:00007f248f4c2030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 556.862202][ T477] RAX: ffffffffffffffda RBX: 00007f248e7e5fa0 RCX: 00007f248e58e0dc [ 556.862220][ T477] RDX: 000000000000000f RSI: 00007f248f4c20a0 RDI: 0000000000000005 [ 556.862234][ T477] RBP: 00007f248f4c2090 R08: 0000000000000000 R09: 0000000000000000 [ 556.862248][ T477] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 556.862262][ T477] R13: 00007f248e7e6038 R14: 00007f248e7e5fa0 R15: 00007ffc82c34688 [ 556.862288][ T477] [ 557.431476][ T497] netlink: 16 bytes leftover after parsing attributes in process `syz.0.14377'. [ 557.487546][ T503] FAULT_INJECTION: forcing a failure. [ 557.487546][ T503] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 557.506874][ T503] CPU: 0 UID: 0 PID: 503 Comm: syz.0.14381 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 557.506912][ T503] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 557.506928][ T503] Call Trace: [ 557.506937][ T503] [ 557.506947][ T503] __dump_stack+0x21/0x30 [ 557.506983][ T503] dump_stack_lvl+0x10c/0x190 [ 557.507014][ T503] ? __cfi_dump_stack_lvl+0x10/0x10 [ 557.507047][ T503] ? check_stack_object+0x12c/0x140 [ 557.507070][ T503] dump_stack+0x19/0x20 [ 557.507099][ T503] should_fail_ex+0x3d9/0x530 [ 557.507123][ T503] should_fail+0xf/0x20 [ 557.507145][ T503] should_fail_usercopy+0x1e/0x30 [ 557.507170][ T503] _copy_to_user+0x24/0xa0 [ 557.507198][ T503] simple_read_from_buffer+0xed/0x160 [ 557.507228][ T503] proc_fail_nth_read+0x19e/0x210 [ 557.507259][ T503] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 557.507290][ T503] ? bpf_lsm_file_permission+0xd/0x20 [ 557.507323][ T503] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 557.507353][ T503] vfs_read+0x27d/0xc70 [ 557.507374][ T503] ? do_writev+0x2d0/0x2d0 [ 557.507402][ T503] ? __cfi_vfs_read+0x10/0x10 [ 557.507421][ T503] ? __kasan_check_write+0x18/0x20 [ 557.507463][ T503] ? mutex_lock+0x92/0x1c0 [ 557.507484][ T503] ? __cfi_mutex_lock+0x10/0x10 [ 557.507504][ T503] ? __fget_files+0x2c5/0x340 [ 557.507532][ T503] ksys_read+0x141/0x250 [ 557.507551][ T503] ? fput+0x1a5/0x240 [ 557.507578][ T503] ? __cfi_ksys_read+0x10/0x10 [ 557.507598][ T503] ? __x64_sys_pwritev+0x1df/0x2a0 [ 557.507623][ T503] ? __kasan_check_read+0x15/0x20 [ 557.507658][ T503] __x64_sys_read+0x7f/0x90 [ 557.507686][ T503] x64_sys_call+0x2638/0x2ee0 [ 557.507720][ T503] do_syscall_64+0x58/0xf0 [ 557.507750][ T503] ? clear_bhb_loop+0x50/0xa0 [ 557.507776][ T503] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 557.507800][ T503] RIP: 0033:0x7f875b38e0dc [ 557.507820][ T503] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 557.507840][ T503] RSP: 002b:00007f875c202030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 557.507866][ T503] RAX: ffffffffffffffda RBX: 00007f875b5e5fa0 RCX: 00007f875b38e0dc [ 557.507884][ T503] RDX: 000000000000000f RSI: 00007f875c2020a0 RDI: 0000000000000006 [ 557.507900][ T503] RBP: 00007f875c202090 R08: 0000000000000000 R09: 0000000000000000 [ 557.507916][ T503] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 557.507930][ T503] R13: 00007f875b5e6038 R14: 00007f875b5e5fa0 R15: 00007ffd364940d8 [ 557.507952][ T503] [ 557.836390][ T517] netlink: 16 bytes leftover after parsing attributes in process `syz.2.14387'. [ 558.184344][ T36] audit: type=1400 audit(2000000237.153:829): avc: denied { append } for pid=544 comm="syz.0.14400" name="binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 558.218183][ T545] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1150 [ 558.273727][ T553] FAULT_INJECTION: forcing a failure. [ 558.273727][ T553] name failslab, interval 1, probability 0, space 0, times 0 [ 558.295821][ T553] CPU: 1 UID: 0 PID: 553 Comm: syz.0.14405 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 558.295861][ T553] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 558.295876][ T553] Call Trace: [ 558.295886][ T553] [ 558.295895][ T553] __dump_stack+0x21/0x30 [ 558.295933][ T553] dump_stack_lvl+0x10c/0x190 [ 558.295968][ T553] ? __cfi_dump_stack_lvl+0x10/0x10 [ 558.295998][ T553] ? _raw_spin_lock_irqsave+0xaf/0x150 [ 558.296028][ T553] ? __cfi__raw_spin_lock_irqsave+0x10/0x10 [ 558.296059][ T553] ? selinux_ip_postroute+0x250/0xf40 [ 558.296089][ T553] dump_stack+0x19/0x20 [ 558.296118][ T553] should_fail_ex+0x3d9/0x530 [ 558.296142][ T553] ? ___neigh_create+0x75b/0x2160 [ 558.296168][ T553] should_failslab+0xac/0x100 [ 558.296195][ T553] __kmalloc_noprof+0x69/0x530 [ 558.296216][ T553] ? ___neigh_create+0x75b/0x2160 [ 558.296242][ T553] ___neigh_create+0x75b/0x2160 [ 558.296266][ T553] ? __cfi_do_softirq+0x10/0x10 [ 558.296301][ T553] ? __local_bh_enable_ip+0x74/0x80 [ 558.296335][ T553] ? netif_rx+0x8c/0x290 [ 558.296362][ T553] __neigh_create+0x72/0xb0 [ 558.296386][ T553] ip6_finish_output2+0xafa/0x1990 [ 558.296416][ T553] ? __cfi_ip6_finish_output2+0x10/0x10 [ 558.296441][ T553] ? __cfi_dev_loopback_xmit+0x10/0x10 [ 558.296470][ T553] ip6_finish_output+0x54e/0xb40 [ 558.296493][ T553] ip6_output+0x1d5/0x3c0 [ 558.296515][ T553] ? __cfi_ip6_output+0x10/0x10 [ 558.296535][ T553] ? __cfi_ip6_finish_output+0x10/0x10 [ 558.296555][ T553] ? __cfi_ip6t_do_table+0x10/0x10 [ 558.296582][ T553] ip6_local_out+0x23a/0x4a0 [ 558.296605][ T553] ? __cfi_ip6_local_out+0x10/0x10 [ 558.296628][ T553] ? __cfi_dst_output+0x10/0x10 [ 558.296658][ T553] ? __asan_memcpy+0x5a/0x80 [ 558.296679][ T553] ? skb_store_bits+0x5eb/0x880 [ 558.296702][ T553] ip6_push_pending_frames+0x181/0x2e0 [ 558.296727][ T553] rawv6_push_pending_frames+0x6e8/0x8d0 [ 558.296756][ T553] ? raw6_getfrag+0x390/0x390 [ 558.296780][ T553] ? __cfi_raw6_getfrag+0x10/0x10 [ 558.296807][ T553] rawv6_sendmsg+0x12ea/0x17d0 [ 558.296840][ T553] ? __cfi_avc_has_perm+0x10/0x10 [ 558.296873][ T553] ? __cfi_rawv6_sendmsg+0x10/0x10 [ 558.296897][ T553] ? unwind_get_return_address+0x51/0x90 [ 558.296926][ T553] ? selinux_socket_sendmsg+0x284/0x380 [ 558.296962][ T553] ? avc_has_perm+0x144/0x220 [ 558.296996][ T553] ? inet_send_prepare+0x64/0x4f0 [ 558.297018][ T553] ? __cfi_rawv6_sendmsg+0x10/0x10 [ 558.297043][ T553] inet_sendmsg+0x116/0x120 [ 558.297064][ T553] sock_write_iter+0x3cb/0x4f0 [ 558.297089][ T553] ? __cfi_sock_write_iter+0x10/0x10 [ 558.297114][ T553] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 558.297146][ T553] vfs_write+0x718/0xf30 [ 558.297167][ T553] ? __cfi_sock_write_iter+0x10/0x10 [ 558.297191][ T553] ? __cfi_vfs_write+0x10/0x10 [ 558.297215][ T553] ksys_write+0x141/0x250 [ 558.297236][ T553] ? __cfi_ksys_write+0x10/0x10 [ 558.297258][ T553] ? __kasan_check_read+0x15/0x20 [ 558.297292][ T553] __x64_sys_write+0x7f/0x90 [ 558.297313][ T553] x64_sys_call+0x271c/0x2ee0 [ 558.297347][ T553] do_syscall_64+0x58/0xf0 [ 558.297375][ T553] ? clear_bhb_loop+0x50/0xa0 [ 558.297401][ T553] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 558.297425][ T553] RIP: 0033:0x7f875b38f6c9 [ 558.297445][ T553] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 558.297465][ T553] RSP: 002b:00007f875c202038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 558.297491][ T553] RAX: ffffffffffffffda RBX: 00007f875b5e5fa0 RCX: 00007f875b38f6c9 [ 558.297509][ T553] RDX: 0000000000000005 RSI: 00002000000000c0 RDI: 0000000000000005 [ 558.297524][ T553] RBP: 00007f875c202090 R08: 0000000000000000 R09: 0000000000000000 [ 558.297540][ T553] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 558.297554][ T553] R13: 00007f875b5e6038 R14: 00007f875b5e5fa0 R15: 00007ffd364940d8 [ 558.297574][ T553] [ 558.995280][ T601] overlayfs: failed to resolve './file1': -2 [ 559.080389][ T613] FAULT_INJECTION: forcing a failure. [ 559.080389][ T613] name failslab, interval 1, probability 0, space 0, times 0 [ 559.108086][ T613] CPU: 0 UID: 0 PID: 613 Comm: syz.2.14431 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 559.108125][ T613] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 559.108142][ T613] Call Trace: [ 559.108149][ T613] [ 559.108159][ T613] __dump_stack+0x21/0x30 [ 559.108196][ T613] dump_stack_lvl+0x10c/0x190 [ 559.108226][ T613] ? __cfi_dump_stack_lvl+0x10/0x10 [ 559.108263][ T613] ? __kasan_check_write+0x18/0x20 [ 559.108297][ T613] ? proc_fail_nth_write+0x17e/0x210 [ 559.108329][ T613] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 559.108359][ T613] dump_stack+0x19/0x20 [ 559.108389][ T613] should_fail_ex+0x3d9/0x530 [ 559.108414][ T613] should_failslab+0xac/0x100 [ 559.108439][ T613] kmem_cache_alloc_noprof+0x42/0x430 [ 559.108462][ T613] ? getname_flags+0xc6/0x710 [ 559.108486][ T613] getname_flags+0xc6/0x710 [ 559.108508][ T613] ? build_open_flags+0x487/0x600 [ 559.108539][ T613] getname+0x1b/0x30 [ 559.108559][ T613] do_sys_openat2+0xcb/0x1c0 [ 559.108587][ T613] ? fput+0x1a5/0x240 [ 559.108613][ T613] ? do_sys_open+0x100/0x100 [ 559.108641][ T613] ? ksys_write+0x1ef/0x250 [ 559.108662][ T613] ? __cfi_ksys_write+0x10/0x10 [ 559.108685][ T613] __x64_sys_openat+0x13a/0x170 [ 559.108715][ T613] x64_sys_call+0xe69/0x2ee0 [ 559.108749][ T613] do_syscall_64+0x58/0xf0 [ 559.108786][ T613] ? clear_bhb_loop+0x50/0xa0 [ 559.108812][ T613] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 559.108835][ T613] RIP: 0033:0x7f29f7f8f6c9 [ 559.108854][ T613] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 559.108874][ T613] RSP: 002b:00007f29f69e3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 559.108899][ T613] RAX: ffffffffffffffda RBX: 00007f29f81e5fa0 RCX: 00007f29f7f8f6c9 [ 559.108917][ T613] RDX: 0000000000000042 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 559.108933][ T613] RBP: 00007f29f69e3090 R08: 0000000000000000 R09: 0000000000000000 [ 559.108949][ T613] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001 [ 559.108963][ T613] R13: 00007f29f81e6038 R14: 00007f29f81e5fa0 R15: 00007ffe144b6878 [ 559.108984][ T613] [ 559.345773][ T625] netlink: 16 bytes leftover after parsing attributes in process `syz.3.14435'. [ 559.505484][ T658] netlink: 12 bytes leftover after parsing attributes in process `syz.2.14449'. [ 559.628051][ T635] usb 4-1: new high-speed USB device number 45 using dummy_hcd [ 559.681609][ T678] rust_binder: Failed to allocate buffer. len:4120, is_oneway:true [ 559.681642][ T678] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC } [ 559.683705][ T680] netlink: 16 bytes leftover after parsing attributes in process `syz.2.14459'. [ 559.708080][ T678] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:1196 [ 559.828026][ T635] usb 4-1: Using ep0 maxpacket: 16 [ 559.863625][ T635] usb 4-1: config 0 has an invalid interface number: 64 but max is 0 [ 559.881964][ T635] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 559.918052][ T635] usb 4-1: config 0 has no interface number 0 [ 559.924208][ T635] usb 4-1: New USB device found, idVendor=0bd3, idProduct=05f4, bcdDevice= 0.5b [ 559.948063][ T635] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 559.967320][ T635] usb 4-1: config 0 descriptor?? [ 559.979138][ T635] usb 4-1: Found UVC 0.00 device (0bd3:05f4) [ 559.986090][ T635] usb 4-1: No valid video chain found. [ 560.021811][ T692] bridge0: port 1(bridge_slave_0) entered blocking state [ 560.038119][ T692] bridge0: port 1(bridge_slave_0) entered disabled state [ 560.051853][ T692] bridge_slave_0: entered allmulticast mode [ 560.068654][ T692] bridge_slave_0: entered promiscuous mode [ 560.077641][ T692] bridge0: port 2(bridge_slave_1) entered blocking state [ 560.094557][ T692] bridge0: port 2(bridge_slave_1) entered disabled state [ 560.109162][ T692] bridge_slave_1: entered allmulticast mode [ 560.122207][ T692] bridge_slave_1: entered promiscuous mode [ 560.222932][ T329] bridge_slave_1: left allmulticast mode [ 560.228918][ T329] bridge_slave_1: left promiscuous mode [ 560.234713][ T329] bridge0: port 2(bridge_slave_1) entered disabled state [ 560.243039][ T329] bridge_slave_0: left allmulticast mode [ 560.248981][ T329] bridge_slave_0: left promiscuous mode [ 560.256436][ T329] bridge0: port 1(bridge_slave_0) entered disabled state [ 560.361691][ T692] bridge0: port 2(bridge_slave_1) entered blocking state [ 560.368816][ T692] bridge0: port 2(bridge_slave_1) entered forwarding state [ 560.376129][ T692] bridge0: port 1(bridge_slave_0) entered blocking state [ 560.383224][ T692] bridge0: port 1(bridge_slave_0) entered forwarding state [ 560.392091][ T712] netlink: 16 bytes leftover after parsing attributes in process `syz.1.14469'. [ 560.411875][ T329] veth1_macvtap: left promiscuous mode [ 560.417448][ T329] veth0_vlan: left promiscuous mode [ 560.482220][ T62] usb 4-1: USB disconnect, device number 45 [ 560.494236][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 560.504413][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 560.516531][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 560.523649][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 560.540248][T32617] bridge0: port 2(bridge_slave_1) entered blocking state [ 560.547340][T32617] bridge0: port 2(bridge_slave_1) entered forwarding state [ 560.580217][ T692] veth0_vlan: entered promiscuous mode [ 560.595212][ T692] veth1_macvtap: entered promiscuous mode [ 560.719269][ T733] netlink: 16 bytes leftover after parsing attributes in process `syz.2.14478'. [ 561.030115][ T778] netlink: 100 bytes leftover after parsing attributes in process `syz.1.14500'. [ 561.608828][ T820] bridge0: port 1(bridge_slave_0) entered blocking state [ 561.615932][ T820] bridge0: port 1(bridge_slave_0) entered disabled state [ 561.634560][ T820] bridge_slave_0: entered allmulticast mode [ 561.641428][ T820] bridge_slave_0: entered promiscuous mode [ 561.655187][ T820] bridge0: port 2(bridge_slave_1) entered blocking state [ 561.667057][ T820] bridge0: port 2(bridge_slave_1) entered disabled state [ 561.684396][ T820] bridge_slave_1: entered allmulticast mode [ 561.694672][ T820] bridge_slave_1: entered promiscuous mode [ 561.800165][ T329] bridge_slave_1: left allmulticast mode [ 561.806679][ T329] bridge_slave_1: left promiscuous mode [ 561.813577][ T329] bridge0: port 2(bridge_slave_1) entered disabled state [ 561.823778][ T329] bridge_slave_0: left allmulticast mode [ 561.829727][ T329] bridge_slave_0: left promiscuous mode [ 561.835463][ T329] bridge0: port 1(bridge_slave_0) entered disabled state [ 561.955198][ T329] veth1_macvtap: left promiscuous mode [ 561.970643][ T329] veth0_vlan: left promiscuous mode [ 562.041739][ T881] netlink: 100 bytes leftover after parsing attributes in process `syz.1.14547'. [ 562.117121][ T820] bridge0: port 2(bridge_slave_1) entered blocking state [ 562.124290][ T820] bridge0: port 2(bridge_slave_1) entered forwarding state [ 562.131657][ T820] bridge0: port 1(bridge_slave_0) entered blocking state [ 562.138811][ T820] bridge0: port 1(bridge_slave_0) entered forwarding state [ 562.211649][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 562.229299][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 562.252857][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 562.259988][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 562.290059][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 562.297237][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 562.389135][ T820] veth0_vlan: entered promiscuous mode [ 562.422712][ T820] veth1_macvtap: entered promiscuous mode [ 563.078731][ T919] bridge0: port 1(bridge_slave_0) entered blocking state [ 563.085822][ T919] bridge0: port 1(bridge_slave_0) entered disabled state [ 563.117921][ T919] bridge_slave_0: entered allmulticast mode [ 563.126017][ T919] bridge_slave_0: entered promiscuous mode [ 563.138852][ T919] bridge0: port 2(bridge_slave_1) entered blocking state [ 563.156076][ T919] bridge0: port 2(bridge_slave_1) entered disabled state [ 563.177874][ T919] bridge_slave_1: entered allmulticast mode [ 563.190285][ T919] bridge_slave_1: entered promiscuous mode [ 563.269131][ T13] bridge_slave_1: left allmulticast mode [ 563.274827][ T13] bridge_slave_1: left promiscuous mode [ 563.297953][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 563.328269][ T13] bridge_slave_0: left allmulticast mode [ 563.333971][ T13] bridge_slave_0: left promiscuous mode [ 563.357891][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 563.543937][ T13] veth1_macvtap: left promiscuous mode [ 563.549564][ T13] veth0_vlan: left promiscuous mode [ 563.863825][ T329] bridge0: port 1(bridge_slave_0) entered blocking state [ 563.870971][ T329] bridge0: port 1(bridge_slave_0) entered forwarding state [ 563.892147][ T329] bridge0: port 2(bridge_slave_1) entered blocking state [ 563.899256][ T329] bridge0: port 2(bridge_slave_1) entered forwarding state [ 563.986852][ T919] veth0_vlan: entered promiscuous mode [ 564.020078][ T919] veth1_macvtap: entered promiscuous mode [ 564.289013][ T961] netlink: 84 bytes leftover after parsing attributes in process `syz.1.14576'. [ 565.533962][ T1049] netlink: 100 bytes leftover after parsing attributes in process `syz.0.14616'. [ 566.527463][ T1111] netlink: 16 bytes leftover after parsing attributes in process `syz.1.14646'. [ 569.929570][ T1311] netlink: 108 bytes leftover after parsing attributes in process `syz.1.14740'. [ 570.544588][ T1348] netlink: 16 bytes leftover after parsing attributes in process `syz.0.14756'. [ 570.784825][ T1362] netlink: 108 bytes leftover after parsing attributes in process `syz.2.14764'. [ 571.071947][ T1388] netlink: 108 bytes leftover after parsing attributes in process `syz.1.14775'. [ 571.278722][ T1404] netlink: 16 bytes leftover after parsing attributes in process `syz.1.14784'. [ 571.303715][ T1406] netlink: 108 bytes leftover after parsing attributes in process `syz.3.14785'. [ 576.891671][ T1667] rust_binder: Error while translating object. [ 576.891711][ T1667] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT } [ 576.897064][ T36] audit: type=1400 audit(2000000255.864:830): avc: denied { connect } for pid=1666 comm="syz.1.14908" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 576.907424][ T1667] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:440 [ 578.659679][ T1772] FAULT_INJECTION: forcing a failure. [ 578.659679][ T1772] name failslab, interval 1, probability 0, space 0, times 0 [ 578.685522][ T1772] CPU: 0 UID: 0 PID: 1772 Comm: syz.2.14955 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 578.685559][ T1772] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 578.685575][ T1772] Call Trace: [ 578.685583][ T1772] [ 578.685592][ T1772] __dump_stack+0x21/0x30 [ 578.685629][ T1772] dump_stack_lvl+0x10c/0x190 [ 578.685660][ T1772] ? __cfi_dump_stack_lvl+0x10/0x10 [ 578.685692][ T1772] ? release_sock+0x171/0x1f0 [ 578.685721][ T1772] dump_stack+0x19/0x20 [ 578.685750][ T1772] should_fail_ex+0x3d9/0x530 [ 578.685775][ T1772] should_failslab+0xac/0x100 [ 578.685801][ T1772] kmem_cache_alloc_node_noprof+0x45/0x440 [ 578.685824][ T1772] ? netlink_data_ready+0x20/0x20 [ 578.685855][ T1772] ? __alloc_skb+0x10c/0x370 [ 578.685885][ T1772] __alloc_skb+0x10c/0x370 [ 578.685913][ T1772] netlink_alloc_large_skb+0xf7/0x1b0 [ 578.685943][ T1772] netlink_sendmsg+0x586/0xaf0 [ 578.685978][ T1772] ? __cfi_netlink_sendmsg+0x10/0x10 [ 578.686021][ T1772] ? bpf_lsm_socket_sendmsg+0xd/0x20 [ 578.686050][ T1772] ? security_socket_sendmsg+0x33/0xd0 [ 578.686073][ T1772] ? __cfi_netlink_sendmsg+0x10/0x10 [ 578.686107][ T1772] ____sys_sendmsg+0xa15/0xa70 [ 578.686142][ T1772] ? __sys_sendmsg_sock+0x50/0x50 [ 578.686177][ T1772] ? import_iovec+0x81/0xb0 [ 578.686209][ T1772] ___sys_sendmsg+0x220/0x2a0 [ 578.686243][ T1772] ? __sys_sendmsg+0x280/0x280 [ 578.686276][ T1772] ? proc_fail_nth_write+0x17e/0x210 [ 578.686307][ T1772] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 578.686346][ T1772] __x64_sys_sendmsg+0x1eb/0x2c0 [ 578.686380][ T1772] ? fput+0x1a5/0x240 [ 578.686408][ T1772] ? __cfi___x64_sys_sendmsg+0x10/0x10 [ 578.686442][ T1772] ? ksys_write+0x1ef/0x250 [ 578.686465][ T1772] ? __kasan_check_read+0x15/0x20 [ 578.686501][ T1772] x64_sys_call+0x2a4c/0x2ee0 [ 578.686535][ T1772] do_syscall_64+0x58/0xf0 [ 578.686564][ T1772] ? clear_bhb_loop+0x50/0xa0 [ 578.686591][ T1772] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 578.686614][ T1772] RIP: 0033:0x7f9aebb8f6c9 [ 578.686634][ T1772] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 578.686654][ T1772] RSP: 002b:00007f9aeca63038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 578.686680][ T1772] RAX: ffffffffffffffda RBX: 00007f9aebde5fa0 RCX: 00007f9aebb8f6c9 [ 578.686698][ T1772] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000006 [ 578.686714][ T1772] RBP: 00007f9aeca63090 R08: 0000000000000000 R09: 0000000000000000 [ 578.686729][ T1772] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 578.686744][ T1772] R13: 00007f9aebde6038 R14: 00007f9aebde5fa0 R15: 00007ffc34651748 [ 578.686765][ T1772] [ 580.051879][ T1893] FAULT_INJECTION: forcing a failure. [ 580.051879][ T1893] name failslab, interval 1, probability 0, space 0, times 0 [ 580.086872][ T1893] CPU: 1 UID: 0 PID: 1893 Comm: syz.1.15009 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 580.086908][ T1893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 580.086922][ T1893] Call Trace: [ 580.086930][ T1893] [ 580.086940][ T1893] __dump_stack+0x21/0x30 [ 580.086977][ T1893] dump_stack_lvl+0x10c/0x190 [ 580.087009][ T1893] ? __cfi_dump_stack_lvl+0x10/0x10 [ 580.087042][ T1893] dump_stack+0x19/0x20 [ 580.087073][ T1893] should_fail_ex+0x3d9/0x530 [ 580.087097][ T1893] should_failslab+0xac/0x100 [ 580.087122][ T1893] __kmalloc_cache_noprof+0x41/0x490 [ 580.087144][ T1893] ? __kasan_kmalloc+0x96/0xb0 [ 580.087168][ T1893] ? legacy_init_fs_context+0x62/0x160 [ 580.087198][ T1893] legacy_init_fs_context+0x62/0x160 [ 580.087227][ T1893] alloc_fs_context+0x5ee/0x830 [ 580.087256][ T1893] fs_context_for_mount+0x26/0x40 [ 580.087283][ T1893] do_new_mount+0x116/0xb40 [ 580.087303][ T1893] ? security_capable+0xcf/0xf0 [ 580.087336][ T1893] path_mount+0x688/0x1050 [ 580.087355][ T1893] ? putname+0x113/0x150 [ 580.087379][ T1893] __se_sys_mount+0x2bd/0x480 [ 580.087401][ T1893] ? __x64_sys_mount+0xf0/0xf0 [ 580.087424][ T1893] __x64_sys_mount+0xc3/0xf0 [ 580.087445][ T1893] x64_sys_call+0x2021/0x2ee0 [ 580.087479][ T1893] do_syscall_64+0x58/0xf0 [ 580.087508][ T1893] ? clear_bhb_loop+0x50/0xa0 [ 580.087534][ T1893] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 580.087568][ T1893] RIP: 0033:0x7f248e58f6c9 [ 580.087588][ T1893] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 580.087609][ T1893] RSP: 002b:00007f248f4c2038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 580.087634][ T1893] RAX: ffffffffffffffda RBX: 00007f248e7e5fa0 RCX: 00007f248e58f6c9 [ 580.087652][ T1893] RDX: 0000200000000100 RSI: 0000200000000040 RDI: 0000000000000000 [ 580.087668][ T1893] RBP: 00007f248f4c2090 R08: 0000200000000200 R09: 0000000000000000 [ 580.087685][ T1893] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 580.087700][ T1893] R13: 00007f248e7e6038 R14: 00007f248e7e5fa0 R15: 00007ffc82c34688 [ 580.087720][ T1893] [ 580.345250][ T1909] netlink: 16 bytes leftover after parsing attributes in process `syz.0.15017'. [ 580.366520][ T1911] mmap: syz.2.15020 (1911) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 580.631892][ T1929] FAULT_INJECTION: forcing a failure. [ 580.631892][ T1929] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 580.656903][ T1929] CPU: 1 UID: 0 PID: 1929 Comm: syz.1.15027 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 580.656942][ T1929] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 580.656958][ T1929] Call Trace: [ 580.656967][ T1929] [ 580.656977][ T1929] __dump_stack+0x21/0x30 [ 580.657013][ T1929] dump_stack_lvl+0x10c/0x190 [ 580.657044][ T1929] ? __cfi_dump_stack_lvl+0x10/0x10 [ 580.657076][ T1929] ? __kasan_check_write+0x18/0x20 [ 580.657112][ T1929] dump_stack+0x19/0x20 [ 580.657140][ T1929] should_fail_ex+0x3d9/0x530 [ 580.657164][ T1929] should_fail_alloc_page+0xeb/0x110 [ 580.657191][ T1929] __alloc_pages_noprof+0x19b/0x7b0 [ 580.657223][ T1929] ? sched_clock+0x44/0x60 [ 580.657251][ T1929] ? __cfi___alloc_pages_noprof+0x10/0x10 [ 580.657282][ T1929] ? sched_clock_cpu+0x75/0x400 [ 580.657313][ T1929] ? xfd_validate_state+0x68/0x150 [ 580.657343][ T1929] ? save_fpregs_to_fpstate+0x196/0x230 [ 580.657369][ T1929] ? __kasan_check_write+0x18/0x20 [ 580.657403][ T1929] __folio_alloc_noprof+0x14/0x80 [ 580.657434][ T1929] shmem_alloc_and_add_folio+0x452/0x1050 [ 580.657465][ T1929] ? put_swap_device+0x130/0x130 [ 580.657511][ T1929] ? shmem_huge_global_enabled+0x2da/0x360 [ 580.657539][ T1929] ? shmem_allowable_huge_orders+0x1f7/0x430 [ 580.657566][ T1929] shmem_get_folio_gfp+0x5f0/0x1380 [ 580.657596][ T1929] ? shmem_get_folio+0xc0/0xc0 [ 580.657619][ T1929] ? inode_maybe_inc_iversion+0x17d/0x1e0 [ 580.657650][ T1929] ? __cfi_inode_maybe_inc_iversion+0x10/0x10 [ 580.657682][ T1929] ? inode_to_bdi+0x6d/0x100 [ 580.657715][ T1929] shmem_write_begin+0xf4/0x270 [ 580.657742][ T1929] generic_perform_write+0x330/0x960 [ 580.657784][ T1929] ? locked_inode_to_wb_and_lock_list+0x205/0x2e0 [ 580.657811][ T1929] ? __cfi_generic_perform_write+0x10/0x10 [ 580.657844][ T1929] ? down_write+0xe9/0x2a0 [ 580.657868][ T1929] ? mnt_get_write_access_file+0x1af/0x3b0 [ 580.657898][ T1929] ? mnt_put_write_access_file+0xc2/0x100 [ 580.657927][ T1929] ? file_update_time+0x1ef/0x220 [ 580.657958][ T1929] shmem_file_write_iter+0x105/0x130 [ 580.657989][ T1929] iter_file_splice_write+0x98a/0x11b0 [ 580.658021][ T1929] ? __cfi_iter_file_splice_write+0x10/0x10 [ 580.658048][ T1929] ? selinux_file_permission+0x309/0xb30 [ 580.658077][ T1929] ? bpf_lsm_file_permission+0xd/0x20 [ 580.658109][ T1929] ? security_file_permission+0x2e/0xc0 [ 580.658135][ T1929] ? rw_verify_area+0xac/0x230 [ 580.658169][ T1929] ? do_splice+0xe86/0x1d10 [ 580.658195][ T1929] ? __cfi_iter_file_splice_write+0x10/0x10 [ 580.658221][ T1929] do_splice+0x10f0/0x1d10 [ 580.658247][ T1929] ? bpf_lsm_file_permission+0xd/0x20 [ 580.658280][ T1929] ? vfs_write+0x93e/0xf30 [ 580.658303][ T1929] ? __cfi_vfs_write+0x10/0x10 [ 580.658324][ T1929] ? pipe_clear_nowait+0x10e/0x180 [ 580.658352][ T1929] ? __cfi_do_splice+0x10/0x10 [ 580.658381][ T1929] __se_sys_splice+0x38b/0x480 [ 580.658409][ T1929] ? __x64_sys_splice+0x110/0x110 [ 580.658438][ T1929] __x64_sys_splice+0xe9/0x110 [ 580.658467][ T1929] x64_sys_call+0x2ea8/0x2ee0 [ 580.658500][ T1929] do_syscall_64+0x58/0xf0 [ 580.658528][ T1929] ? clear_bhb_loop+0x50/0xa0 [ 580.658555][ T1929] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 580.658579][ T1929] RIP: 0033:0x7f248e58f6c9 [ 580.658599][ T1929] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 580.658619][ T1929] RSP: 002b:00007f248f4c2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 580.658645][ T1929] RAX: ffffffffffffffda RBX: 00007f248e7e5fa0 RCX: 00007f248e58f6c9 [ 580.658663][ T1929] RDX: 0000000000000007 RSI: 0000000000000000 RDI: 0000000000000008 [ 580.658678][ T1929] RBP: 00007f248f4c2090 R08: 0000000000001000 R09: 0000000000000000 [ 580.658694][ T1929] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 580.658708][ T1929] R13: 00007f248e7e6038 R14: 00007f248e7e5fa0 R15: 00007ffc82c34688 [ 580.658728][ T1929] [ 581.630388][ T1983] syz.3.15047 (1983): attempted to duplicate a private mapping with mremap. This is not supported. [ 581.657849][ T1987] FAULT_INJECTION: forcing a failure. [ 581.657849][ T1987] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 581.675517][ T1987] CPU: 1 UID: 0 PID: 1987 Comm: syz.0.15051 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 581.675555][ T1987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 581.675569][ T1987] Call Trace: [ 581.675578][ T1987] [ 581.675587][ T1987] __dump_stack+0x21/0x30 [ 581.675622][ T1987] dump_stack_lvl+0x10c/0x190 [ 581.675653][ T1987] ? __cfi_dump_stack_lvl+0x10/0x10 [ 581.675691][ T1987] dump_stack+0x19/0x20 [ 581.675720][ T1987] should_fail_ex+0x3d9/0x530 [ 581.675744][ T1987] should_fail+0xf/0x20 [ 581.675766][ T1987] should_fail_usercopy+0x1e/0x30 [ 581.675789][ T1987] _copy_from_user+0x22/0xb0 [ 581.675819][ T1987] _RNvMs2_NtCs5gLWsBERDPK_16rust_binder_main6threadNtB5_6Thread10write_read+0x127a/0xa380 [ 581.675872][ T1987] ? __cfi__RNvMs2_NtCs5gLWsBERDPK_16rust_binder_main6threadNtB5_6Thread10write_read+0x10/0x10 [ 581.675945][ T1987] ? is_bpf_text_address+0x17b/0x1a0 [ 581.675971][ T1987] ? kernel_text_address+0xa9/0xe0 [ 581.676000][ T1987] ? __kernel_text_address+0x11/0x40 [ 581.676029][ T1987] ? unwind_get_return_address+0x51/0x90 [ 581.676056][ T1987] ? __cfi_stack_trace_consume_entry+0x10/0x10 [ 581.676090][ T1987] ? arch_stack_walk+0x10b/0x170 [ 581.676115][ T1987] ? stack_trace_save+0x9d/0xe0 [ 581.676147][ T1987] ? stack_depot_save_flags+0x38/0x800 [ 581.676174][ T1987] ? kasan_save_stack+0x4d/0x60 [ 581.676198][ T1987] ? kasan_save_stack+0x3e/0x60 [ 581.676221][ T1987] ? __kasan_record_aux_stack+0xb2/0xd0 [ 581.676253][ T1987] ? kasan_record_aux_stack_noalloc+0xf/0x20 [ 581.676285][ T1987] ? __call_rcu_common+0xd5/0x700 [ 581.676306][ T1987] ? call_rcu+0x14/0x20 [ 581.676326][ T1987] ? __kasan_check_write+0x18/0x20 [ 581.676360][ T1987] ? _raw_spin_trylock+0xaf/0x130 [ 581.676389][ T1987] ? __cfi__raw_spin_trylock+0x10/0x10 [ 581.676418][ T1987] ? entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 581.676450][ T1987] ? is_bpf_text_address+0x17b/0x1a0 [ 581.676483][ T1987] ? is_bpf_text_address+0x17b/0x1a0 [ 581.676508][ T1987] ? kernel_text_address+0xa9/0xe0 [ 581.676537][ T1987] ? __kernel_text_address+0x11/0x40 [ 581.676564][ T1987] ? unwind_get_return_address+0x51/0x90 [ 581.676591][ T1987] ? __cfi_stack_trace_consume_entry+0x10/0x10 [ 581.676626][ T1987] ? arch_stack_walk+0x10b/0x170 [ 581.676649][ T1987] ? stack_depot_save_flags+0x38/0x800 [ 581.676675][ T1987] ? kasan_save_alloc_info+0x40/0x50 [ 581.676715][ T1987] ? kasan_save_track+0x4f/0x80 [ 581.676742][ T1987] ? kasan_save_track+0x3e/0x80 [ 581.676767][ T1987] ? kasan_save_alloc_info+0x40/0x50 [ 581.676798][ T1987] ? __kasan_kmalloc+0x96/0xb0 [ 581.676823][ T1987] ? __kmalloc_node_track_caller_noprof+0x261/0x520 [ 581.676847][ T1987] ? krealloc_noprof+0x8d/0x130 [ 581.676869][ T1987] ? rust_helper_krealloc+0x33/0xd0 [ 581.676904][ T1987] ? _RNvMNtNtCs43vyB533jt3_6kernel5alloc9allocatorNtB2_11ReallocFunc4call+0x8e/0xc0 [ 581.676936][ T1987] ? _RNvMs4_NtCs5gLWsBERDPK_16rust_binder_main7processNtB5_7Process18get_current_thread+0x6f0/0x1400 [ 581.676967][ T1987] ? _RNvMs6_NtCs5gLWsBERDPK_16rust_binder_main7processNtB5_7Process5ioctl+0x1a7/0x2cf0 [ 581.676997][ T1987] ? _RNvCs5gLWsBERDPK_16rust_binder_main26rust_binder_unlocked_ioctl+0xa0/0x100 [ 581.677032][ T1987] ? __se_sys_ioctl+0x135/0x1b0 [ 581.677056][ T1987] ? __x64_sys_ioctl+0x7f/0xa0 [ 581.677080][ T1987] ? x64_sys_call+0x1878/0x2ee0 [ 581.677113][ T1987] ? do_syscall_64+0x58/0xf0 [ 581.677142][ T1987] ? entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 581.677173][ T1987] ? __kasan_kmalloc+0x96/0xb0 [ 581.677198][ T1987] ? kasan_save_alloc_info+0x40/0x50 [ 581.677230][ T1987] ? __kasan_kmalloc+0x96/0xb0 [ 581.677255][ T1987] ? __kmalloc_node_track_caller_noprof+0x261/0x520 [ 581.677279][ T1987] ? rust_helper_krealloc+0x33/0xd0 [ 581.677313][ T1987] ? __kasan_check_write+0x18/0x20 [ 581.677346][ T1987] ? _raw_spin_lock+0x8c/0x120 [ 581.677374][ T1987] ? __cfi__raw_spin_lock+0x10/0x10 [ 581.677423][ T1987] ? __asan_memset+0x39/0x50 [ 581.677443][ T1987] ? _raw_spin_unlock+0x45/0x60 [ 581.677473][ T1987] ? rust_helper_spin_unlock+0x19/0x30 [ 581.677493][ T1987] ? _RNvMs4_NtCs5gLWsBERDPK_16rust_binder_main7processNtB5_7Process18get_current_thread+0xdeb/0x1400 [ 581.677525][ T1987] ? inode_init_always_gfp+0x756/0x9e0 [ 581.677551][ T1987] ? alloc_inode+0xc5/0x270 [ 581.677581][ T1987] ? __cfi__RNvMs4_NtCs5gLWsBERDPK_16rust_binder_main7processNtB5_7Process18get_current_thread+0x10/0x10 [ 581.677613][ T1987] ? avc_has_perm_noaudit+0x268/0x360 [ 581.677646][ T1987] ? avc_has_perm_noaudit+0x286/0x360 [ 581.677677][ T1987] ? avc_has_perm+0x144/0x220 [ 581.677715][ T1987] ? __cfi_avc_has_perm+0x10/0x10 [ 581.677745][ T1987] ? kasan_save_alloc_info+0x40/0x50 [ 581.677778][ T1987] ? selinux_file_open+0x457/0x610 [ 581.677806][ T1987] _RNvMs6_NtCs5gLWsBERDPK_16rust_binder_main7processNtB5_7Process5ioctl+0x40c/0x2cf0 [ 581.677840][ T1987] ? avc_has_extended_perms+0x7c7/0xdd0 [ 581.677871][ T1987] ? __asan_memcpy+0x5a/0x80 [ 581.677892][ T1987] ? avc_has_extended_perms+0x921/0xdd0 [ 581.677923][ T1987] ? __cfi__RNvMs6_NtCs5gLWsBERDPK_16rust_binder_main7processNtB5_7Process5ioctl+0x10/0x10 [ 581.677955][ T1987] ? do_vfs_ioctl+0xeda/0x1e30 [ 581.677979][ T1987] ? arch_stack_walk+0x10b/0x170 [ 581.678000][ T1987] ? __ia32_compat_sys_ioctl+0x850/0x850 [ 581.678028][ T1987] ? _parse_integer+0x2e/0x40 [ 581.678065][ T1987] ? ioctl_has_perm+0x384/0x4d0 [ 581.678092][ T1987] ? has_cap_mac_admin+0xd0/0xd0 [ 581.678119][ T1987] ? proc_fail_nth_write+0x17e/0x210 [ 581.678149][ T1987] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 581.678180][ T1987] ? selinux_file_ioctl+0x6e0/0x1360 [ 581.678205][ T1987] ? vfs_write+0x93e/0xf30 [ 581.678225][ T1987] ? __cfi_selinux_file_ioctl+0x10/0x10 [ 581.678252][ T1987] ? __cfi_vfs_write+0x10/0x10 [ 581.678273][ T1987] ? __kasan_check_write+0x18/0x20 [ 581.678306][ T1987] ? mutex_unlock+0x8b/0x240 [ 581.678326][ T1987] ? __cfi_mutex_unlock+0x10/0x10 [ 581.678346][ T1987] ? __fget_files+0x2c5/0x340 [ 581.678371][ T1987] ? __fget_files+0x2c5/0x340 [ 581.678395][ T1987] _RNvCs5gLWsBERDPK_16rust_binder_main26rust_binder_unlocked_ioctl+0xa0/0x100 [ 581.678429][ T1987] ? __se_sys_ioctl+0x114/0x1b0 [ 581.678453][ T1987] ? __cfi__RNvCs5gLWsBERDPK_16rust_binder_main26rust_binder_unlocked_ioctl+0x10/0x10 [ 581.678487][ T1987] __se_sys_ioctl+0x135/0x1b0 [ 581.678513][ T1987] __x64_sys_ioctl+0x7f/0xa0 [ 581.678537][ T1987] x64_sys_call+0x1878/0x2ee0 [ 581.678571][ T1987] do_syscall_64+0x58/0xf0 [ 581.678599][ T1987] ? clear_bhb_loop+0x50/0xa0 [ 581.678625][ T1987] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 581.678650][ T1987] RIP: 0033:0x7f71beb8f6c9 [ 581.678670][ T1987] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 581.678700][ T1987] RSP: 002b:00007f71bf9d0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 581.678726][ T1987] RAX: ffffffffffffffda RBX: 00007f71bede5fa0 RCX: 00007f71beb8f6c9 [ 581.678745][ T1987] RDX: 00002000000007c0 RSI: 00000000c0306201 RDI: 0000000000000005 [ 581.678761][ T1987] RBP: 00007f71bf9d0090 R08: 0000000000000000 R09: 0000000000000000 [ 581.678776][ T1987] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 581.678791][ T1987] R13: 00007f71bede6038 R14: 00007f71bede5fa0 R15: 00007ffdc9c053a8 [ 581.678811][ T1987] [ 582.376910][ T1987] rust_binder: Write failure EFAULT in pid:322 [ 582.686633][ T2034] netlink: 16 bytes leftover after parsing attributes in process `syz.0.15071'. [ 583.369995][ T2061] FAULT_INJECTION: forcing a failure. [ 583.369995][ T2061] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 583.390474][ T2061] CPU: 0 UID: 0 PID: 2061 Comm: syz.0.15086 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 583.390512][ T2061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 583.390527][ T2061] Call Trace: [ 583.390535][ T2061] [ 583.390545][ T2061] __dump_stack+0x21/0x30 [ 583.390579][ T2061] dump_stack_lvl+0x10c/0x190 [ 583.390609][ T2061] ? __cfi_dump_stack_lvl+0x10/0x10 [ 583.390639][ T2061] ? check_stack_object+0x12c/0x140 [ 583.390663][ T2061] dump_stack+0x19/0x20 [ 583.390691][ T2061] should_fail_ex+0x3d9/0x530 [ 583.390716][ T2061] should_fail+0xf/0x20 [ 583.390737][ T2061] should_fail_usercopy+0x1e/0x30 [ 583.390761][ T2061] _copy_to_user+0x24/0xa0 [ 583.390790][ T2061] simple_read_from_buffer+0xed/0x160 [ 583.390821][ T2061] proc_fail_nth_read+0x19e/0x210 [ 583.390852][ T2061] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 583.390883][ T2061] ? bpf_lsm_file_permission+0xd/0x20 [ 583.390914][ T2061] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 583.390944][ T2061] vfs_read+0x27d/0xc70 [ 583.390963][ T2061] ? dev_ioctl+0x1030/0x1030 [ 583.390994][ T2061] ? __cfi_vfs_read+0x10/0x10 [ 583.391013][ T2061] ? __kasan_check_write+0x18/0x20 [ 583.391046][ T2061] ? mutex_lock+0x92/0x1c0 [ 583.391068][ T2061] ? __cfi_mutex_lock+0x10/0x10 [ 583.391089][ T2061] ? __fget_files+0x2c5/0x340 [ 583.391115][ T2061] ksys_read+0x141/0x250 [ 583.391135][ T2061] ? __cfi_ksys_read+0x10/0x10 [ 583.391156][ T2061] ? __kasan_check_read+0x15/0x20 [ 583.391190][ T2061] __x64_sys_read+0x7f/0x90 [ 583.391211][ T2061] x64_sys_call+0x2638/0x2ee0 [ 583.391244][ T2061] do_syscall_64+0x58/0xf0 [ 583.391281][ T2061] ? clear_bhb_loop+0x50/0xa0 [ 583.391309][ T2061] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 583.391334][ T2061] RIP: 0033:0x7f71beb8e0dc [ 583.391354][ T2061] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 583.391374][ T2061] RSP: 002b:00007f71bf9d0030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 583.391399][ T2061] RAX: ffffffffffffffda RBX: 00007f71bede5fa0 RCX: 00007f71beb8e0dc [ 583.391418][ T2061] RDX: 000000000000000f RSI: 00007f71bf9d00a0 RDI: 0000000000000006 [ 583.391434][ T2061] RBP: 00007f71bf9d0090 R08: 0000000000000000 R09: 0000000000000000 [ 583.391449][ T2061] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 583.391465][ T2061] R13: 00007f71bede6038 R14: 00007f71bede5fa0 R15: 00007ffdc9c053a8 [ 583.391485][ T2061] [ 583.438365][ T2063] 9pnet: Could not find request transport: fM´eã j Wcw%d [ 583.795223][ T36] audit: type=1400 audit(2000000262.764:831): avc: denied { listen } for pid=2082 comm="syz.1.15095" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 584.287954][ T2117] FAULT_INJECTION: forcing a failure. [ 584.287954][ T2117] name failslab, interval 1, probability 0, space 0, times 0 [ 584.339720][ T2117] CPU: 1 UID: 0 PID: 2117 Comm: syz.0.15110 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 584.339759][ T2117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 584.339775][ T2117] Call Trace: [ 584.339784][ T2117] [ 584.339794][ T2117] __dump_stack+0x21/0x30 [ 584.339830][ T2117] dump_stack_lvl+0x10c/0x190 [ 584.339860][ T2117] ? __cfi_dump_stack_lvl+0x10/0x10 [ 584.339890][ T2117] ? is_bpf_text_address+0x17b/0x1a0 [ 584.339918][ T2117] dump_stack+0x19/0x20 [ 584.339947][ T2117] should_fail_ex+0x3d9/0x530 [ 584.339971][ T2117] should_failslab+0xac/0x100 [ 584.339998][ T2117] __kmalloc_cache_noprof+0x41/0x490 [ 584.340020][ T2117] ? avc_has_perm_noaudit+0x268/0x360 [ 584.340052][ T2117] ? alloc_pipe_info+0xfb/0x600 [ 584.340085][ T2117] ? __asan_memcpy+0x5a/0x80 [ 584.340106][ T2117] alloc_pipe_info+0xfb/0x600 [ 584.340139][ T2117] splice_direct_to_actor+0x96d/0xbc0 [ 584.340168][ T2117] ? __cfi_avc_has_perm+0x10/0x10 [ 584.340198][ T2117] ? avc_has_perm+0x144/0x220 [ 584.340237][ T2117] ? __cfi_avc_has_perm+0x10/0x10 [ 584.340269][ T2117] ? __cfi_direct_splice_actor+0x10/0x10 [ 584.340297][ T2117] ? __cfi_splice_direct_to_actor+0x10/0x10 [ 584.340327][ T2117] do_splice_direct+0x182/0x270 [ 584.340354][ T2117] ? __cfi_do_splice_direct+0x10/0x10 [ 584.340382][ T2117] ? __cfi_direct_file_splice_eof+0x10/0x10 [ 584.340412][ T2117] ? security_file_permission+0x2e/0xc0 [ 584.340439][ T2117] ? rw_verify_area+0xac/0x230 [ 584.340479][ T2117] do_sendfile+0x5c8/0xfb0 [ 584.340508][ T2117] ? vfs_writev+0xcf0/0xcf0 [ 584.340535][ T2117] ? __kasan_check_write+0x18/0x20 [ 584.340569][ T2117] __x64_sys_sendfile64+0x142/0x1f0 [ 584.340596][ T2117] ? __cfi___x64_sys_sendfile64+0x10/0x10 [ 584.340622][ T2117] ? __kasan_check_read+0x15/0x20 [ 584.340656][ T2117] x64_sys_call+0xa26/0x2ee0 [ 584.340689][ T2117] do_syscall_64+0x58/0xf0 [ 584.340718][ T2117] ? clear_bhb_loop+0x50/0xa0 [ 584.340743][ T2117] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 584.340769][ T2117] RIP: 0033:0x7f71beb8f6c9 [ 584.340788][ T2117] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 584.340808][ T2117] RSP: 002b:00007f71bf9d0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 584.340833][ T2117] RAX: ffffffffffffffda RBX: 00007f71bede5fa0 RCX: 00007f71beb8f6c9 [ 584.340851][ T2117] RDX: 00002000000001c0 RSI: 0000000000000007 RDI: 0000000000000006 [ 584.340867][ T2117] RBP: 00007f71bf9d0090 R08: 0000000000000000 R09: 0000000000000000 [ 584.340883][ T2117] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000001 [ 584.340897][ T2117] R13: 00007f71bede6038 R14: 00007f71bede5fa0 R15: 00007ffdc9c053a8 [ 584.340918][ T2117] [ 584.362613][ T2119] FAULT_INJECTION: forcing a failure. [ 584.362613][ T2119] name failslab, interval 1, probability 0, space 0, times 0 [ 584.642639][ T2119] CPU: 0 UID: 0 PID: 2119 Comm: syz.0.15111 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 584.642678][ T2119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 584.642694][ T2119] Call Trace: [ 584.642702][ T2119] [ 584.642712][ T2119] __dump_stack+0x21/0x30 [ 584.642748][ T2119] dump_stack_lvl+0x10c/0x190 [ 584.642779][ T2119] ? __cfi_dump_stack_lvl+0x10/0x10 [ 584.642813][ T2119] dump_stack+0x19/0x20 [ 584.642842][ T2119] should_fail_ex+0x3d9/0x530 [ 584.642867][ T2119] should_failslab+0xac/0x100 [ 584.642894][ T2119] kmem_cache_alloc_node_noprof+0x45/0x440 [ 584.642917][ T2119] ? __alloc_skb+0x10c/0x370 [ 584.642958][ T2119] ? kernel_text_address+0xa9/0xe0 [ 584.642988][ T2119] __alloc_skb+0x10c/0x370 [ 584.643014][ T2119] ? __cfi_stack_trace_consume_entry+0x10/0x10 [ 584.643047][ T2119] sock_omalloc+0xda/0x1f0 [ 584.643079][ T2119] msg_zerocopy_realloc+0x9d/0x760 [ 584.643110][ T2119] __ip6_append_data+0xc48/0x3ab0 [ 584.643138][ T2119] ? unwind_get_return_address+0x51/0x90 [ 584.643165][ T2119] ? __cfi_stack_trace_consume_entry+0x10/0x10 [ 584.643198][ T2119] ? __cfi_ip_generic_getfrag+0x10/0x10 [ 584.643230][ T2119] ? ip6_setup_cork+0x1390/0x1390 [ 584.643255][ T2119] ip6_make_skb+0x2e0/0x720 [ 584.643279][ T2119] ? ip6_dst_check+0x5d1/0x720 [ 584.643305][ T2119] ? __cfi_ip_generic_getfrag+0x10/0x10 [ 584.643335][ T2119] ? __cfi_ip6_make_skb+0x10/0x10 [ 584.643358][ T2119] ? sk_dst_check+0x12e/0x290 [ 584.643384][ T2119] ? ip6_sk_dst_lookup_flow+0x64c/0x790 [ 584.643418][ T2119] udpv6_sendmsg+0x1cb7/0x27b0 [ 584.643438][ T2119] ? avc_has_perm_noaudit+0x268/0x360 [ 584.643471][ T2119] ? __cfi_ip_generic_getfrag+0x10/0x10 [ 584.643500][ T2119] ? __cfi_udpv6_sendmsg+0x10/0x10 [ 584.643519][ T2119] ? avc_has_perm+0x144/0x220 [ 584.643552][ T2119] ? __cfi_selinux_socket_sendmsg+0x10/0x10 [ 584.643588][ T2119] ? inet_send_prepare+0x64/0x4f0 [ 584.643609][ T2119] ? __cfi_udpv6_sendmsg+0x10/0x10 [ 584.643629][ T2119] inet6_sendmsg+0xef/0x120 [ 584.643660][ T2119] ____sys_sendmsg+0x5db/0xa70 [ 584.643693][ T2119] ? __sys_sendmsg_sock+0x50/0x50 [ 584.643728][ T2119] ? import_iovec+0x81/0xb0 [ 584.643757][ T2119] ___sys_sendmsg+0x220/0x2a0 [ 584.643789][ T2119] ? __sys_sendmsg+0x280/0x280 [ 584.643821][ T2119] ? kstrtouint+0x78/0xf0 [ 584.643847][ T2119] __sys_sendmmsg+0x271/0x470 [ 584.643881][ T2119] ? __cfi___sys_sendmmsg+0x10/0x10 [ 584.643919][ T2119] ? __cfi_ksys_write+0x10/0x10 [ 584.643941][ T2119] __x64_sys_sendmmsg+0xa4/0xc0 [ 584.643974][ T2119] x64_sys_call+0xfec/0x2ee0 [ 584.644006][ T2119] do_syscall_64+0x58/0xf0 [ 584.644034][ T2119] ? clear_bhb_loop+0x50/0xa0 [ 584.644058][ T2119] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 584.644081][ T2119] RIP: 0033:0x7f71beb8f6c9 [ 584.644099][ T2119] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 584.644120][ T2119] RSP: 002b:00007f71bf9d0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 584.644162][ T2119] RAX: ffffffffffffffda RBX: 00007f71bede5fa0 RCX: 00007f71beb8f6c9 [ 584.644181][ T2119] RDX: 0000000000000001 RSI: 0000200000003cc0 RDI: 0000000000000005 [ 584.644197][ T2119] RBP: 00007f71bf9d0090 R08: 0000000000000000 R09: 0000000000000000 [ 584.644213][ T2119] R10: 0000000004001c00 R11: 0000000000000246 R12: 0000000000000001 [ 584.644229][ T2119] R13: 00007f71bede6038 R14: 00007f71bede5fa0 R15: 00007ffdc9c053a8 [ 584.644249][ T2119] [ 584.771098][ T36] audit: type=1400 audit(2000000263.745:832): avc: denied { create } for pid=2127 comm="syz.2.15112" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 585.004854][ T36] audit: type=1400 audit(2000000263.955:833): avc: denied { read } for pid=2131 comm="syz.2.15119" name="msr" dev="devtmpfs" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 585.027627][ T36] audit: type=1400 audit(2000000263.955:834): avc: denied { open } for pid=2131 comm="syz.2.15119" path="/dev/cpu/0/msr" dev="devtmpfs" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 585.956556][ T36] audit: type=1400 audit(2000000264.925:835): avc: denied { load_policy } for pid=2184 comm="syz.0.15141" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1 [ 586.014083][ T2185] SELinux: failed to load policy [ 587.259105][ T36] audit: type=1400 audit(2000000266.235:836): avc: denied { lock } for pid=2222 comm="syz.2.15152" path="/dev/ashmem" dev="devtmpfs" ino=201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 587.480546][ T2240] overlayfs: failed to resolve './file1': -2 [ 587.602442][ T36] audit: type=1400 audit(2000000266.575:837): avc: denied { getopt } for pid=2246 comm="syz.0.15170" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 587.727841][ T2261] FAULT_INJECTION: forcing a failure. [ 587.727841][ T2261] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 587.762136][ T2265] overlayfs: failed to resolve './file1': -2 [ 587.766509][ T2261] CPU: 1 UID: 0 PID: 2261 Comm: syz.0.15177 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 587.766574][ T2261] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 587.766591][ T2261] Call Trace: [ 587.766601][ T2261] [ 587.766611][ T2261] __dump_stack+0x21/0x30 [ 587.766652][ T2261] dump_stack_lvl+0x10c/0x190 [ 587.766693][ T2261] ? __cfi_dump_stack_lvl+0x10/0x10 [ 587.766746][ T2261] ? check_stack_object+0x12c/0x140 [ 587.766777][ T2261] dump_stack+0x19/0x20 [ 587.766815][ T2261] should_fail_ex+0x3d9/0x530 [ 587.766844][ T2261] should_fail+0xf/0x20 [ 587.766876][ T2261] should_fail_usercopy+0x1e/0x30 [ 587.766905][ T2261] _copy_to_user+0x24/0xa0 [ 587.766938][ T2261] simple_read_from_buffer+0xed/0x160 [ 587.766983][ T2261] proc_fail_nth_read+0x19e/0x210 [ 587.767018][ T2261] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 587.767052][ T2261] ? bpf_lsm_file_permission+0xd/0x20 [ 587.767088][ T2261] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 587.767134][ T2261] vfs_read+0x27d/0xc70 [ 587.767158][ T2261] ? sock_show_fdinfo+0xd0/0xd0 [ 587.767187][ T2261] ? __cfi_vfs_read+0x10/0x10 [ 587.767214][ T2261] ? __kasan_check_write+0x18/0x20 [ 587.767258][ T2261] ? mutex_lock+0x92/0x1c0 [ 587.767283][ T2261] ? __cfi_mutex_lock+0x10/0x10 [ 587.767312][ T2261] ? __fget_files+0x2c5/0x340 [ 587.767344][ T2261] ksys_read+0x141/0x250 [ 587.767366][ T2261] ? __cfi_ksys_read+0x10/0x10 [ 587.767391][ T2261] ? __kasan_check_read+0x15/0x20 [ 587.767426][ T2261] __x64_sys_read+0x7f/0x90 [ 587.767451][ T2261] x64_sys_call+0x2638/0x2ee0 [ 587.767488][ T2261] do_syscall_64+0x58/0xf0 [ 587.767523][ T2261] ? clear_bhb_loop+0x50/0xa0 [ 587.767552][ T2261] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 587.767579][ T2261] RIP: 0033:0x7f71beb8e0dc [ 587.767602][ T2261] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 587.767624][ T2261] RSP: 002b:00007f71bf9d0030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 587.767653][ T2261] RAX: ffffffffffffffda RBX: 00007f71bede5fa0 RCX: 00007f71beb8e0dc [ 587.767675][ T2261] RDX: 000000000000000f RSI: 00007f71bf9d00a0 RDI: 000000000000000a [ 587.767692][ T2261] RBP: 00007f71bf9d0090 R08: 0000000000000000 R09: 0000000000000000 [ 587.767710][ T2261] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 587.767725][ T2261] R13: 00007f71bede6038 R14: 00007f71bede5fa0 R15: 00007ffdc9c053a8 [ 587.767749][ T2261] [ 588.400772][ T2295] FAULT_INJECTION: forcing a failure. [ 588.400772][ T2295] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 588.426586][ T2295] CPU: 1 UID: 0 PID: 2295 Comm: syz.0.15191 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 588.426624][ T2295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 588.426641][ T2295] Call Trace: [ 588.426648][ T2295] [ 588.426657][ T2295] __dump_stack+0x21/0x30 [ 588.426694][ T2295] dump_stack_lvl+0x10c/0x190 [ 588.426724][ T2295] ? __cfi_dump_stack_lvl+0x10/0x10 [ 588.426755][ T2295] ? check_stack_object+0x12c/0x140 [ 588.426777][ T2295] dump_stack+0x19/0x20 [ 588.426806][ T2295] should_fail_ex+0x3d9/0x530 [ 588.426831][ T2295] should_fail+0xf/0x20 [ 588.426852][ T2295] should_fail_usercopy+0x1e/0x30 [ 588.426878][ T2295] _copy_to_user+0x24/0xa0 [ 588.426907][ T2295] simple_read_from_buffer+0xed/0x160 [ 588.426939][ T2295] proc_fail_nth_read+0x19e/0x210 [ 588.426970][ T2295] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 588.427002][ T2295] ? bpf_lsm_file_permission+0xd/0x20 [ 588.427034][ T2295] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 588.427075][ T2295] vfs_read+0x27d/0xc70 [ 588.427095][ T2295] ? ip_setsockopt+0xa7/0x100 [ 588.427130][ T2295] ? ipv6_setsockopt+0x10f/0x170 [ 588.427158][ T2295] ? __cfi_vfs_read+0x10/0x10 [ 588.427178][ T2295] ? __kasan_check_write+0x18/0x20 [ 588.427212][ T2295] ? mutex_lock+0x92/0x1c0 [ 588.427232][ T2295] ? __cfi_mutex_lock+0x10/0x10 [ 588.427251][ T2295] ? __fget_files+0x2c5/0x340 [ 588.427278][ T2295] ksys_read+0x141/0x250 [ 588.427298][ T2295] ? __cfi_ksys_read+0x10/0x10 [ 588.427319][ T2295] ? __kasan_check_write+0x18/0x20 [ 588.427351][ T2295] ? __kasan_check_read+0x15/0x20 [ 588.427385][ T2295] __x64_sys_read+0x7f/0x90 [ 588.427404][ T2295] x64_sys_call+0x2638/0x2ee0 [ 588.427437][ T2295] do_syscall_64+0x58/0xf0 [ 588.427465][ T2295] ? clear_bhb_loop+0x50/0xa0 [ 588.427491][ T2295] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 588.427517][ T2295] RIP: 0033:0x7f71beb8e0dc [ 588.427537][ T2295] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 588.427557][ T2295] RSP: 002b:00007f71bf9d0030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 588.427582][ T2295] RAX: ffffffffffffffda RBX: 00007f71bede5fa0 RCX: 00007f71beb8e0dc [ 588.427599][ T2295] RDX: 000000000000000f RSI: 00007f71bf9d00a0 RDI: 0000000000000005 [ 588.427614][ T2295] RBP: 00007f71bf9d0090 R08: 0000000000000000 R09: 0000000000000000 [ 588.427630][ T2295] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000001 [ 588.427646][ T2295] R13: 00007f71bede6038 R14: 00007f71bede5fa0 R15: 00007ffdc9c053a8 [ 588.427667][ T2295] [ 588.828418][ T2308] rust_binder: Write failure EFAULT in pid:411 [ 589.043706][ T36] audit: type=1400 audit(2000000268.015:838): avc: denied { accept } for pid=2335 comm="syz.2.15209" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 589.139793][ T2349] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=56 sclass=netlink_route_socket pid=2349 comm=syz.0.15215 [ 589.197338][ T2360] FAULT_INJECTION: forcing a failure. [ 589.197338][ T2360] name failslab, interval 1, probability 0, space 0, times 0 [ 589.210447][ T2360] CPU: 0 UID: 0 PID: 2360 Comm: syz.0.15220 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 589.210485][ T2360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 589.210500][ T2360] Call Trace: [ 589.210508][ T2360] [ 589.210518][ T2360] __dump_stack+0x21/0x30 [ 589.210553][ T2360] dump_stack_lvl+0x10c/0x190 [ 589.210583][ T2360] ? __cfi_dump_stack_lvl+0x10/0x10 [ 589.210616][ T2360] dump_stack+0x19/0x20 [ 589.210644][ T2360] should_fail_ex+0x3d9/0x530 [ 589.210668][ T2360] should_failslab+0xac/0x100 [ 589.210694][ T2360] kmem_cache_alloc_lru_noprof+0x44/0x430 [ 589.210717][ T2360] ? __d_lookup_rcu+0x334/0x3c0 [ 589.210737][ T2360] ? proc_alloc_inode+0x48/0x150 [ 589.210771][ T2360] proc_alloc_inode+0x48/0x150 [ 589.210804][ T2360] ? __cfi_proc_alloc_inode+0x10/0x10 [ 589.210836][ T2360] alloc_inode+0x7a/0x270 [ 589.210864][ T2360] new_inode+0x25/0x1e0 [ 589.210889][ T2360] proc_pid_make_inode+0x25/0x140 [ 589.210914][ T2360] proc_pident_instantiate+0x6d/0x2c0 [ 589.210940][ T2360] proc_pident_lookup+0x1c7/0x270 [ 589.210974][ T2360] proc_tgid_base_lookup+0x2f/0x40 [ 589.211000][ T2360] __lookup_slow+0x2d4/0x400 [ 589.211026][ T2360] ? lookup_one_len+0x2f0/0x2f0 [ 589.211051][ T2360] ? down_read+0x79/0xe0 [ 589.211076][ T2360] lookup_slow+0x57/0x80 [ 589.211100][ T2360] link_path_walk+0x990/0xec0 [ 589.211135][ T2360] path_openat+0x281/0x34b0 [ 589.211163][ T2360] ? kasan_save_track+0x3e/0x80 [ 589.211186][ T2360] ? kasan_save_alloc_info+0x40/0x50 [ 589.211217][ T2360] ? getname+0x1b/0x30 [ 589.211238][ T2360] ? x64_sys_call+0xe69/0x2ee0 [ 589.211270][ T2360] ? entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 589.211298][ T2360] ? do_filp_open+0x3e0/0x3e0 [ 589.211329][ T2360] do_filp_open+0x1c6/0x3e0 [ 589.211356][ T2360] ? __cfi_do_filp_open+0x10/0x10 [ 589.211384][ T2360] ? __cfi_kfree_link+0x10/0x10 [ 589.211415][ T2360] ? alloc_fd+0x4e7/0x5a0 [ 589.211445][ T2360] do_sys_openat2+0x12c/0x1c0 [ 589.211475][ T2360] ? fput+0x1a5/0x240 [ 589.211501][ T2360] ? do_sys_open+0x100/0x100 [ 589.211529][ T2360] ? ksys_write+0x1ef/0x250 [ 589.211551][ T2360] ? __cfi_ksys_write+0x10/0x10 [ 589.211573][ T2360] __x64_sys_openat+0x13a/0x170 [ 589.211605][ T2360] x64_sys_call+0xe69/0x2ee0 [ 589.211639][ T2360] do_syscall_64+0x58/0xf0 [ 589.211668][ T2360] ? clear_bhb_loop+0x50/0xa0 [ 589.211694][ T2360] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 589.211718][ T2360] RIP: 0033:0x7f71beb8df10 [ 589.211738][ T2360] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 69 95 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 bc 95 02 00 8b 44 [ 589.211758][ T2360] RSP: 002b:00007f71bf9cff60 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 589.211783][ T2360] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f71beb8df10 [ 589.211800][ T2360] RDX: 0000000000000000 RSI: 00007f71bec1207e RDI: 00000000ffffff9c [ 589.211816][ T2360] RBP: 00007f71bec1207e R08: 0000000000000000 R09: 0000000000000000 [ 589.211831][ T2360] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 589.211845][ T2360] R13: 00007f71bede6038 R14: 00007f71bede5fa0 R15: 00007ffdc9c053a8 [ 589.211865][ T2360] [ 589.215074][ T2364] FAULT_INJECTION: forcing a failure. [ 589.215074][ T2364] name failslab, interval 1, probability 0, space 0, times 0 [ 589.537747][ T2364] CPU: 1 UID: 0 PID: 2364 Comm: syz.2.15222 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 589.537788][ T2364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 589.537803][ T2364] Call Trace: [ 589.537812][ T2364] [ 589.537823][ T2364] __dump_stack+0x21/0x30 [ 589.537858][ T2364] dump_stack_lvl+0x10c/0x190 [ 589.537892][ T2364] ? __cfi_dump_stack_lvl+0x10/0x10 [ 589.537924][ T2364] dump_stack+0x19/0x20 [ 589.537952][ T2364] should_fail_ex+0x3d9/0x530 [ 589.537975][ T2364] should_failslab+0xac/0x100 [ 589.538001][ T2364] __kmalloc_cache_noprof+0x41/0x490 [ 589.538023][ T2364] ? __kasan_kmalloc+0x96/0xb0 [ 589.538048][ T2364] ? legacy_init_fs_context+0x62/0x160 [ 589.538078][ T2364] legacy_init_fs_context+0x62/0x160 [ 589.538106][ T2364] alloc_fs_context+0x5ee/0x830 [ 589.538133][ T2364] fs_context_for_mount+0x26/0x40 [ 589.538158][ T2364] do_new_mount+0x116/0xb40 [ 589.538175][ T2364] ? security_capable+0xcf/0xf0 [ 589.538205][ T2364] path_mount+0x688/0x1050 [ 589.538223][ T2364] ? putname+0x113/0x150 [ 589.538245][ T2364] __se_sys_mount+0x2bd/0x480 [ 589.538265][ T2364] ? __x64_sys_mount+0xf0/0xf0 [ 589.538286][ T2364] __x64_sys_mount+0xc3/0xf0 [ 589.538306][ T2364] x64_sys_call+0x2021/0x2ee0 [ 589.538337][ T2364] do_syscall_64+0x58/0xf0 [ 589.538364][ T2364] ? clear_bhb_loop+0x50/0xa0 [ 589.538389][ T2364] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 589.538411][ T2364] RIP: 0033:0x7f9aebb8f6c9 [ 589.538428][ T2364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 589.538446][ T2364] RSP: 002b:00007f9aeca63038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 589.538468][ T2364] RAX: ffffffffffffffda RBX: 00007f9aebde5fa0 RCX: 00007f9aebb8f6c9 [ 589.538484][ T2364] RDX: 0000200000000100 RSI: 0000200000000040 RDI: 0000000000000000 [ 589.538498][ T2364] RBP: 00007f9aeca63090 R08: 0000200000000200 R09: 0000000000000000 [ 589.538512][ T2364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 589.538524][ T2364] R13: 00007f9aebde6038 R14: 00007f9aebde5fa0 R15: 00007ffc34651748 [ 589.538542][ T2364] [ 589.763408][ T2377] fuse: Unknown parameter 'rootmode'00000000000' [ 589.787269][ T36] audit: type=1400 audit(2000000268.735:839): avc: denied { ioctl } for pid=2373 comm="syz.0.15226" path="net:[4026532332]" dev="nsfs" ino=4026532332 ioctlcmd=0xb701 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 589.901314][ T36] audit: type=1400 audit(2000000268.875:840): avc: denied { map } for pid=2389 comm="syz.1.15232" path="socket:[167200]" dev="sockfs" ino=167200 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=udp_socket permissive=1 [ 590.064451][ T36] audit: type=1400 audit(2000000269.035:841): avc: denied { remount } for pid=2416 comm="syz.0.15245" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 590.350168][ T2435] netlink: 72 bytes leftover after parsing attributes in process `syz.0.15253'. [ 590.588567][ T2453] FAULT_INJECTION: forcing a failure. [ 590.588567][ T2453] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 590.601751][ T2453] CPU: 1 UID: 0 PID: 2453 Comm: syz.3.15263 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 590.601788][ T2453] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 590.601804][ T2453] Call Trace: [ 590.601812][ T2453] [ 590.601822][ T2453] __dump_stack+0x21/0x30 [ 590.601858][ T2453] dump_stack_lvl+0x10c/0x190 [ 590.601897][ T2453] ? __cfi_dump_stack_lvl+0x10/0x10 [ 590.601929][ T2453] ? vfs_write+0x93e/0xf30 [ 590.601952][ T2453] dump_stack+0x19/0x20 [ 590.601982][ T2453] should_fail_ex+0x3d9/0x530 [ 590.602006][ T2453] should_fail+0xf/0x20 [ 590.602027][ T2453] should_fail_usercopy+0x1e/0x30 [ 590.602053][ T2453] _copy_from_user+0x22/0xb0 [ 590.602081][ T2453] do_sock_getsockopt+0x1d7/0x6d0 [ 590.602117][ T2453] ? __cfi_do_sock_getsockopt+0x10/0x10 [ 590.602151][ T2453] ? __fget_files+0x2c5/0x340 [ 590.602179][ T2453] __x64_sys_getsockopt+0x1d5/0x280 [ 590.602213][ T2453] x64_sys_call+0x10db/0x2ee0 [ 590.602247][ T2453] do_syscall_64+0x58/0xf0 [ 590.602276][ T2453] ? clear_bhb_loop+0x50/0xa0 [ 590.602302][ T2453] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 590.602327][ T2453] RIP: 0033:0x7f590318f6c9 [ 590.602346][ T2453] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 590.602367][ T2453] RSP: 002b:00007f5904000038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 590.602392][ T2453] RAX: ffffffffffffffda RBX: 00007f59033e5fa0 RCX: 00007f590318f6c9 [ 590.602411][ T2453] RDX: 0000000000000050 RSI: 0000000000000029 RDI: 0000000000000005 [ 590.602426][ T2453] RBP: 00007f5904000090 R08: 0000200000000180 R09: 0000000000000000 [ 590.602442][ T2453] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 590.602457][ T2453] R13: 00007f59033e6038 R14: 00007f59033e5fa0 R15: 00007ffecf413888 [ 590.602478][ T2453] [ 591.096672][ T36] audit: type=1400 audit(2000000270.075:842): avc: denied { create } for pid=2480 comm="syz.3.15275" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_nflog_socket permissive=1 [ 591.529068][ T2500] rust_binder: Write failure EFAULT in pid:357 [ 592.709835][ T2580] rust_binder: Write failure EFAULT in pid:502 [ 592.784501][ T36] audit: type=1400 audit(2000000271.755:843): avc: denied { relabelfrom } for pid=2581 comm="syz.0.15323" name="NETLINK" dev="sockfs" ino=166763 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 592.784521][ T2582] SELinux: Context system_u:object_r:syslog_conf_t:s0 is not valid (left unmapped). [ 592.862267][ T36] audit: type=1400 audit(2000000271.755:844): avc: denied { relabelto } for pid=2581 comm="syz.0.15323" name="NETLINK" dev="sockfs" ino=166763 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=netlink_tcpdiag_socket permissive=1 trawcon="system_u:object_r:syslog_conf_t:s0" [ 592.867378][T19291] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 592.960499][T19291] hid-generic 0000:0000:0000.0007: hidraw0: HID v0.00 Device [syz1] on syz0 [ 593.326134][T19291] usb 1-1: new high-speed USB device number 37 using dummy_hcd [ 593.497258][T19291] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 593.516124][T19291] usb 1-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00 [ 593.531473][T19291] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 593.546382][T19291] usb 1-1: config 0 descriptor?? [ 593.976651][T19291] lenovo 0003:17EF:6047.0008: hidraw1: USB HID v0.00 Device [HID 17ef:6047] on usb-dummy_hcd.0-1/input0 [ 594.179368][T19291] lenovo 0003:17EF:6047.0008: Failed to switch F7/9/11 mode: -71 [ 594.187541][T19291] lenovo 0003:17EF:6047.0008: Failed to switch middle button: -71 [ 594.196667][T19291] lenovo 0003:17EF:6047.0008: Fn-lock setting failed: -71 [ 594.204732][T19291] lenovo 0003:17EF:6047.0008: Sensitivity setting failed: -71 [ 594.225574][T19291] usb 1-1: USB disconnect, device number 37 [ 594.388066][ T2667] overlayfs: missing 'lowerdir' [ 594.523451][ T2675] rust_binder: Write failure EFAULT in pid:421 [ 594.695479][ T2684] overlayfs: missing 'lowerdir' [ 594.909845][ T2694] rust_binder: Write failure EFAULT in pid:511 [ 595.102693][ T2704] rust_binder: Write failure EFAULT in pid:381 [ 595.178365][ T2708] overlayfs: missing 'lowerdir' [ 595.741038][ T2724] rust_binder: Write failure EFAULT in pid:517 [ 595.840315][ T2729] rust_binder: Write failure EFAULT in pid:395 [ 596.183949][ T2739] overlayfs: missing 'lowerdir' [ 596.465440][ T2750] rust_binder: Write failure EFAULT in pid:529 [ 596.691236][ T2774] FAULT_INJECTION: forcing a failure. [ 596.691236][ T2774] name failslab, interval 1, probability 0, space 0, times 0 [ 596.720294][ T2774] CPU: 0 UID: 0 PID: 2774 Comm: syz.2.15405 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 596.720333][ T2774] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 596.720349][ T2774] Call Trace: [ 596.720358][ T2774] [ 596.720368][ T2774] __dump_stack+0x21/0x30 [ 596.720404][ T2774] dump_stack_lvl+0x10c/0x190 [ 596.720435][ T2774] ? __cfi_dump_stack_lvl+0x10/0x10 [ 596.720468][ T2774] ? release_sock+0x171/0x1f0 [ 596.720497][ T2774] dump_stack+0x19/0x20 [ 596.720527][ T2774] should_fail_ex+0x3d9/0x530 [ 596.720551][ T2774] should_failslab+0xac/0x100 [ 596.720578][ T2774] kmem_cache_alloc_node_noprof+0x45/0x440 [ 596.720601][ T2774] ? netlink_data_ready+0x20/0x20 [ 596.720632][ T2774] ? __alloc_skb+0x10c/0x370 [ 596.720661][ T2774] __alloc_skb+0x10c/0x370 [ 596.720689][ T2774] netlink_alloc_large_skb+0xf7/0x1b0 [ 596.720720][ T2774] netlink_sendmsg+0x586/0xaf0 [ 596.720755][ T2774] ? __cfi_netlink_sendmsg+0x10/0x10 [ 596.720790][ T2774] ? bpf_lsm_socket_sendmsg+0xd/0x20 [ 596.720819][ T2774] ? security_socket_sendmsg+0x33/0xd0 [ 596.720841][ T2774] ? __cfi_netlink_sendmsg+0x10/0x10 [ 596.720875][ T2774] ____sys_sendmsg+0xa15/0xa70 [ 596.720910][ T2774] ? __sys_sendmsg_sock+0x50/0x50 [ 596.720946][ T2774] ? import_iovec+0x81/0xb0 [ 596.720978][ T2774] ___sys_sendmsg+0x220/0x2a0 [ 596.721012][ T2774] ? __sys_sendmsg+0x280/0x280 [ 596.721046][ T2774] ? proc_fail_nth_write+0x17e/0x210 [ 596.721077][ T2774] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 596.721116][ T2774] __x64_sys_sendmsg+0x1eb/0x2c0 [ 596.721149][ T2774] ? fput+0x1a5/0x240 [ 596.721177][ T2774] ? __cfi___x64_sys_sendmsg+0x10/0x10 [ 596.721211][ T2774] ? ksys_write+0x1ef/0x250 [ 596.721234][ T2774] ? __kasan_check_read+0x15/0x20 [ 596.721277][ T2774] x64_sys_call+0x2a4c/0x2ee0 [ 596.721312][ T2774] do_syscall_64+0x58/0xf0 [ 596.721341][ T2774] ? clear_bhb_loop+0x50/0xa0 [ 596.721367][ T2774] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 596.721392][ T2774] RIP: 0033:0x7f9aebb8f6c9 [ 596.721412][ T2774] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 596.721432][ T2774] RSP: 002b:00007f9aeca63038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 596.721457][ T2774] RAX: ffffffffffffffda RBX: 00007f9aebde5fa0 RCX: 00007f9aebb8f6c9 [ 596.721475][ T2774] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000005 [ 596.721491][ T2774] RBP: 00007f9aeca63090 R08: 0000000000000000 R09: 0000000000000000 [ 596.721507][ T2774] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 596.721521][ T2774] R13: 00007f9aebde6038 R14: 00007f9aebde5fa0 R15: 00007ffc34651748 [ 596.721542][ T2774] [ 597.190971][ T2783] rust_binder: Write failure EFAULT in pid:403 [ 597.192970][ T2785] rust_binder: Write failure EFAULT in pid:542 [ 597.579904][ T2810] rust_binder: Write failure EFAULT in pid:471 [ 597.680207][ T2814] FAULT_INJECTION: forcing a failure. [ 597.680207][ T2814] name failslab, interval 1, probability 0, space 0, times 0 [ 597.722043][ T2814] CPU: 0 UID: 0 PID: 2814 Comm: syz.2.15424 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 597.722083][ T2814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 597.722098][ T2814] Call Trace: [ 597.722106][ T2814] [ 597.722115][ T2814] __dump_stack+0x21/0x30 [ 597.722151][ T2814] dump_stack_lvl+0x10c/0x190 [ 597.722179][ T2814] ? __cfi_dump_stack_lvl+0x10/0x10 [ 597.722210][ T2814] ? is_bpf_text_address+0x17b/0x1a0 [ 597.722236][ T2814] dump_stack+0x19/0x20 [ 597.722264][ T2814] should_fail_ex+0x3d9/0x530 [ 597.722287][ T2814] should_failslab+0xac/0x100 [ 597.722312][ T2814] kmem_cache_alloc_noprof+0x42/0x430 [ 597.722333][ T2814] ? mas_alloc_nodes+0x254/0x9e0 [ 597.722357][ T2814] mas_alloc_nodes+0x254/0x9e0 [ 597.722380][ T2814] ? stack_depot_save_flags+0x38/0x800 [ 597.722405][ T2814] mas_preallocate+0x762/0xc60 [ 597.722426][ T2814] ? kasan_save_track+0x3e/0x80 [ 597.722450][ T2814] ? __cfi_mas_preallocate+0x10/0x10 [ 597.722473][ T2814] ? __asan_memcpy+0x5a/0x80 [ 597.722494][ T2814] vma_link+0x115/0x680 [ 597.722517][ T2814] ? __cfi_vma_link+0x10/0x10 [ 597.722541][ T2814] ? __kasan_check_read+0x15/0x20 [ 597.722573][ T2814] ? __vm_enough_memory+0x11f/0x380 [ 597.722596][ T2814] ? security_vm_enough_memory_mm+0x1ce/0x1e0 [ 597.722629][ T2814] insert_vm_struct+0x2b4/0x390 [ 597.722652][ T2814] ? __cfi_insert_vm_struct+0x10/0x10 [ 597.722676][ T2814] ? __asan_memset+0x39/0x50 [ 597.722695][ T2814] ? vm_area_alloc+0x5f/0x1a0 [ 597.722718][ T2814] alloc_bprm+0x79c/0xb50 [ 597.722749][ T2814] do_execveat_common+0x198/0xa80 [ 597.722780][ T2814] ? __kasan_check_write+0x18/0x20 [ 597.722812][ T2814] ? getname_flags+0x209/0x710 [ 597.722834][ T2814] __x64_sys_execve+0x96/0xb0 [ 597.722864][ T2814] x64_sys_call+0x12c4/0x2ee0 [ 597.722896][ T2814] do_syscall_64+0x58/0xf0 [ 597.722923][ T2814] ? clear_bhb_loop+0x50/0xa0 [ 597.722956][ T2814] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 597.722979][ T2814] RIP: 0033:0x7f9aebb8f6c9 [ 597.722998][ T2814] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 597.723017][ T2814] RSP: 002b:00007f9aeca63038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 597.723042][ T2814] RAX: ffffffffffffffda RBX: 00007f9aebde5fa0 RCX: 00007f9aebb8f6c9 [ 597.723060][ T2814] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000800 [ 597.723075][ T2814] RBP: 00007f9aeca63090 R08: 0000000000000000 R09: 0000000000000000 [ 597.723090][ T2814] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 597.723104][ T2814] R13: 00007f9aebde6038 R14: 00007f9aebde5fa0 R15: 00007ffc34651748 [ 597.723124][ T2814] [ 598.053247][ T2828] rust_binder: Write failure EFAULT in pid:413 [ 598.265491][ T2841] overlayfs: option "workdir=./file1" is useless in a non-upper mount, ignore [ 598.309659][ T2841] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 598.702331][ T36] audit: type=1400 audit(2000000277.675:845): avc: denied { checkpoint_restore } for pid=2873 comm="syz.3.15451" capability=40 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 598.743886][ T2874] rust_binder: Write failure EFAULT in pid:430 [ 598.843338][ T2882] fuse: Unknown parameter '' [ 599.343639][ T2900] FAULT_INJECTION: forcing a failure. [ 599.343639][ T2900] name failslab, interval 1, probability 0, space 0, times 0 [ 599.375796][ T2900] CPU: 0 UID: 0 PID: 2900 Comm: syz.3.15464 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 599.375835][ T2900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 599.375855][ T2900] Call Trace: [ 599.375863][ T2900] [ 599.375873][ T2900] __dump_stack+0x21/0x30 [ 599.375908][ T2900] dump_stack_lvl+0x10c/0x190 [ 599.375938][ T2900] ? __cfi_dump_stack_lvl+0x10/0x10 [ 599.375971][ T2900] dump_stack+0x19/0x20 [ 599.375998][ T2900] should_fail_ex+0x3d9/0x530 [ 599.376021][ T2900] should_failslab+0xac/0x100 [ 599.376055][ T2900] kmem_cache_alloc_node_noprof+0x45/0x440 [ 599.376078][ T2900] ? __alloc_skb+0x10c/0x370 [ 599.376107][ T2900] __alloc_skb+0x10c/0x370 [ 599.376134][ T2900] tipc_msg_build+0x14d/0xed0 [ 599.376164][ T2900] ? _raw_spin_lock_bh+0x90/0x120 [ 599.376193][ T2900] ? __cfi__raw_spin_lock_bh+0x10/0x10 [ 599.376223][ T2900] ? __cfi_tipc_msg_build+0x10/0x10 [ 599.376250][ T2900] ? tipc_node_get_mtu+0x1ee/0x630 [ 599.376275][ T2900] ? tipc_nametbl_lookup_anycast+0x509/0x1050 [ 599.376310][ T2900] ? tipc_dest_find+0x135/0x160 [ 599.376342][ T2900] __tipc_sendmsg+0x1679/0x26f0 [ 599.376364][ T2900] ? kernel_text_address+0xa9/0xe0 [ 599.376391][ T2900] ? tipc_sk_respond+0x430/0x430 [ 599.376411][ T2900] ? unwind_get_return_address+0x51/0x90 [ 599.376437][ T2900] ? __cfi_stack_trace_consume_entry+0x10/0x10 [ 599.376472][ T2900] ? avc_has_perm_noaudit+0x268/0x360 [ 599.376504][ T2900] ? __asan_memcpy+0x5a/0x80 [ 599.376525][ T2900] ? avc_has_perm_noaudit+0x286/0x360 [ 599.376558][ T2900] ? avc_has_perm+0x144/0x220 [ 599.376590][ T2900] ? __kasan_check_write+0x18/0x20 [ 599.376623][ T2900] ? _raw_spin_lock_bh+0x90/0x120 [ 599.376652][ T2900] ? __cfi__raw_spin_lock_bh+0x10/0x10 [ 599.376684][ T2900] ? lock_sock_nested+0x1f5/0x290 [ 599.376708][ T2900] ? __cfi_lock_sock_nested+0x10/0x10 [ 599.376733][ T2900] ? __cfi_woken_wake_function+0x10/0x10 [ 599.376759][ T2900] ? __asan_memset+0x39/0x50 [ 599.376780][ T2900] ? iov_iter_kvec+0xc0/0x180 [ 599.376809][ T2900] tipc_connect+0x50a/0x6e0 [ 599.376842][ T2900] ? __cfi_tipc_connect+0x10/0x10 [ 599.376875][ T2900] ? check_stack_object+0x107/0x140 [ 599.376898][ T2900] ? selinux_socket_connect+0x27/0x40 [ 599.376932][ T2900] ? bpf_lsm_socket_connect+0xd/0x20 [ 599.376961][ T2900] ? security_socket_connect+0x33/0xd0 [ 599.376983][ T2900] __sys_connect+0x39d/0x440 [ 599.377014][ T2900] ? __cfi___sys_connect+0x10/0x10 [ 599.377054][ T2900] ? __kasan_check_read+0x15/0x20 [ 599.377089][ T2900] __x64_sys_connect+0x7e/0x90 [ 599.377119][ T2900] x64_sys_call+0x1c2f/0x2ee0 [ 599.377153][ T2900] do_syscall_64+0x58/0xf0 [ 599.377182][ T2900] ? clear_bhb_loop+0x50/0xa0 [ 599.377208][ T2900] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 599.377233][ T2900] RIP: 0033:0x7f590318f6c9 [ 599.377252][ T2900] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 599.377274][ T2900] RSP: 002b:00007f5904000038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 599.377300][ T2900] RAX: ffffffffffffffda RBX: 00007f59033e5fa0 RCX: 00007f590318f6c9 [ 599.377319][ T2900] RDX: 0000000000000010 RSI: 0000200000000000 RDI: 0000000000000005 [ 599.377335][ T2900] RBP: 00007f5904000090 R08: 0000000000000000 R09: 0000000000000000 [ 599.377351][ T2900] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 599.377365][ T2900] R13: 00007f59033e6038 R14: 00007f59033e5fa0 R15: 00007ffecf413888 [ 599.377385][ T2900] [ 599.467371][ T2902] can0: slcan on ttyS3. [ 599.488861][ T36] audit: type=1400 audit(2000000278.465:846): avc: denied { read } for pid=149 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1 [ 599.496928][ T2902] capability: warning: `syz.1.15465' uses 32-bit capabilities (legacy support in use) [ 599.536447][ T36] audit: type=1400 audit(2000000278.515:847): avc: denied { search } for pid=149 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 599.597100][ T2912] overlayfs: missing 'lowerdir' [ 599.601809][ T36] audit: type=1400 audit(2000000278.535:848): avc: denied { read } for pid=149 comm="dhcpcd" name="n15" dev="tmpfs" ino=8756 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 599.654354][ T2916] rust_binder: Write failure EFAULT in pid:490 [ 599.656890][ T36] audit: type=1400 audit(2000000278.535:849): avc: denied { open } for pid=149 comm="dhcpcd" path="/run/udev/data/n15" dev="tmpfs" ino=8756 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 599.839616][ T36] audit: type=1400 audit(2000000278.535:850): avc: denied { getattr } for pid=149 comm="dhcpcd" path="/run/udev/data/n15" dev="tmpfs" ino=8756 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 599.926426][ T36] audit: type=1400 audit(2000000278.905:851): avc: denied { read } for pid=2930 comm="dhcpcd-run-hook" name="resolv.conf" dev="tmpfs" ino=426 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 599.929539][ T2910] can0 (unregistered): slcan off ttyS3. [ 599.954198][ T36] audit: type=1400 audit(2000000278.925:852): avc: denied { open } for pid=2930 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=426 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 600.055759][ T36] audit: type=1400 audit(2000000278.925:853): avc: denied { getattr } for pid=2930 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=426 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 600.168545][ T36] audit: type=1400 audit(2000000279.135:854): avc: denied { write } for pid=2928 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=425 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 603.740041][ T3184] FAULT_INJECTION: forcing a failure. [ 603.740041][ T3184] name failslab, interval 1, probability 0, space 0, times 0 [ 603.765537][ T3184] CPU: 0 UID: 0 PID: 3184 Comm: syz.0.15573 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 603.765576][ T3184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 603.765591][ T3184] Call Trace: [ 603.765598][ T3184] [ 603.765607][ T3184] __dump_stack+0x21/0x30 [ 603.765649][ T3184] dump_stack_lvl+0x10c/0x190 [ 603.765679][ T3184] ? __cfi_dump_stack_lvl+0x10/0x10 [ 603.765709][ T3184] ? cred_has_capability+0x281/0x380 [ 603.765737][ T3184] ? selinux_perf_event_alloc+0x110/0x110 [ 603.765763][ T3184] dump_stack+0x19/0x20 [ 603.765791][ T3184] should_fail_ex+0x3d9/0x530 [ 603.765815][ T3184] should_failslab+0xac/0x100 [ 603.765841][ T3184] kmem_cache_alloc_noprof+0x42/0x430 [ 603.765862][ T3184] ? prepare_creds+0x48/0x6b0 [ 603.765886][ T3184] ? bpf_lsm_capable+0xd/0x20 [ 603.765909][ T3184] prepare_creds+0x48/0x6b0 [ 603.765931][ T3184] ? ns_capable_setid+0x94/0xf0 [ 603.765964][ T3184] __sys_setresgid+0x62a/0xb20 [ 603.765991][ T3184] __x64_sys_setresgid+0x7e/0x90 [ 603.766018][ T3184] x64_sys_call+0x256c/0x2ee0 [ 603.766053][ T3184] do_syscall_64+0x58/0xf0 [ 603.766082][ T3184] ? clear_bhb_loop+0x50/0xa0 [ 603.766110][ T3184] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 603.766134][ T3184] RIP: 0033:0x7f71beb8f6c9 [ 603.766155][ T3184] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 603.766175][ T3184] RSP: 002b:00007f71bf9d0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000077 [ 603.766200][ T3184] RAX: ffffffffffffffda RBX: 00007f71bede5fa0 RCX: 00007f71beb8f6c9 [ 603.766219][ T3184] RDX: 00000000ffffff00 RSI: 0000000000000000 RDI: 0000000000000000 [ 603.766235][ T3184] RBP: 00007f71bf9d0090 R08: 0000000000000000 R09: 0000000000000000 [ 603.766252][ T3184] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 603.766268][ T3184] R13: 00007f71bede6038 R14: 00007f71bede5fa0 R15: 00007ffdc9c053a8 [ 603.766289][ T3184] [ 604.988792][ T3274] FAULT_INJECTION: forcing a failure. [ 604.988792][ T3274] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 605.002130][ T3274] CPU: 1 UID: 0 PID: 3274 Comm: syz.1.15614 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 605.002168][ T3274] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 605.002184][ T3274] Call Trace: [ 605.002193][ T3274] [ 605.002202][ T3274] __dump_stack+0x21/0x30 [ 605.002237][ T3274] dump_stack_lvl+0x10c/0x190 [ 605.002269][ T3274] ? __cfi_dump_stack_lvl+0x10/0x10 [ 605.002301][ T3274] ? _parse_integer+0x2e/0x40 [ 605.002337][ T3274] dump_stack+0x19/0x20 [ 605.002366][ T3274] should_fail_ex+0x3d9/0x530 [ 605.002391][ T3274] should_fail+0xf/0x20 [ 605.002412][ T3274] should_fail_usercopy+0x1e/0x30 [ 605.002437][ T3274] _copy_from_user+0x22/0xb0 [ 605.002465][ T3274] do_ip_setsockopt+0x415/0x29e0 [ 605.002509][ T3274] ? __cfi_do_ip_setsockopt+0x10/0x10 [ 605.002543][ T3274] ? selinux_socket_setsockopt+0x2ea/0x390 [ 605.002579][ T3274] ? __cfi_selinux_socket_setsockopt+0x10/0x10 [ 605.002616][ T3274] ip_setsockopt+0x63/0x100 [ 605.002649][ T3274] tcp_setsockopt+0xf2/0x110 [ 605.002671][ T3274] sock_common_setsockopt+0xb5/0xd0 [ 605.002697][ T3274] ? __cfi_sock_common_setsockopt+0x10/0x10 [ 605.002724][ T3274] do_sock_setsockopt+0x26d/0x400 [ 605.002758][ T3274] ? __cfi_do_sock_setsockopt+0x10/0x10 [ 605.002790][ T3274] __x64_sys_setsockopt+0x1b8/0x250 [ 605.002825][ T3274] x64_sys_call+0x2adc/0x2ee0 [ 605.002860][ T3274] do_syscall_64+0x58/0xf0 [ 605.002890][ T3274] ? clear_bhb_loop+0x50/0xa0 [ 605.002916][ T3274] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 605.002941][ T3274] RIP: 0033:0x7f248e58f6c9 [ 605.002960][ T3274] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 605.002981][ T3274] RSP: 002b:00007f248f4c2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 605.003007][ T3274] RAX: ffffffffffffffda RBX: 00007f248e7e5fa0 RCX: 00007f248e58f6c9 [ 605.003026][ T3274] RDX: 000000000000000d RSI: 0000000000000000 RDI: 0000000000000005 [ 605.003040][ T3274] RBP: 00007f248f4c2090 R08: 0000000000000001 R09: 0000000000000000 [ 605.003056][ T3274] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000001 [ 605.003072][ T3274] R13: 00007f248e7e6038 R14: 00007f248e7e5fa0 R15: 00007ffc82c34688 [ 605.003093][ T3274] [ 610.957032][ T36] kauditd_printk_skb: 6 callbacks suppressed [ 610.957052][ T36] audit: type=1400 audit(2000000289.936:861): avc: denied { compute_member } for pid=3517 comm="syz.3.15723" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1 [ 612.787730][ T36] audit: type=1400 audit(2000000291.766:862): avc: denied { create } for pid=3627 comm="syz.2.15771" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 613.930890][ T3693] netlink: 12 bytes leftover after parsing attributes in process `syz.1.15801'. [ 613.952253][ T3693] bridge0: port 1(bridge_slave_0) entered disabled state [ 613.962293][ T3693] bridge_slave_0 (unregistering): left allmulticast mode [ 613.972199][ T3693] bridge_slave_0 (unregistering): left promiscuous mode [ 613.979456][ T3693] bridge0: port 1(bridge_slave_0) entered disabled state [ 615.438894][ T3757] overlayfs: missing 'lowerdir' [ 615.471150][ T36] audit: type=1400 audit(2000000294.446:863): avc: granted { setsecparam } for pid=3758 comm="syz.0.15833" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security [ 616.415887][ T36] audit: type=1400 audit(2000000295.396:864): avc: denied { bind } for pid=3845 comm="syz.3.15873" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 616.475824][ T36] audit: type=1400 audit(2000000295.416:865): avc: denied { name_bind } for pid=3845 comm="syz.3.15873" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1 [ 616.526393][ T36] audit: type=1400 audit(2000000295.416:866): avc: denied { node_bind } for pid=3845 comm="syz.3.15873" saddr=fc01:: src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1 [ 617.051295][ T36] audit: type=1400 audit(2000000296.026:867): avc: denied { execute } for pid=3900 comm="syz.2.15900" path="/dev/ashmem" dev="devtmpfs" ino=201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 617.053305][ T3901] rust_binder: Error while translating object. [ 617.106007][ T3901] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT } [ 617.112244][ T3901] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:731 [ 619.495468][ T4032] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4032 comm=syz.3.15961 [ 620.662877][ T36] audit: type=1400 audit(2000000299.637:868): avc: denied { read } for pid=4127 comm="syz.1.16007" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 620.715941][ T36] audit: type=1400 audit(2000000299.697:869): avc: denied { setopt } for pid=4127 comm="syz.1.16007" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 621.864295][ T4173] FAT-fs (rnullb0): bogus number of reserved sectors [ 621.871429][ T4173] FAT-fs (rnullb0): Can't find a valid FAT filesystem [ 621.879019][ T4173] FAT-fs (rnullb0): bogus number of reserved sectors [ 621.886113][ T4173] FAT-fs (rnullb0): Can't find a valid FAT filesystem [ 621.893756][ T4173] FAT-fs (rnullb0): bogus number of reserved sectors [ 621.900673][ T4173] FAT-fs (rnullb0): Can't find a valid FAT filesystem [ 621.908099][ T4173] FAT-fs (rnullb0): bogus number of reserved sectors [ 621.915088][ T4173] FAT-fs (rnullb0): Can't find a valid FAT filesystem [ 621.922344][ T4173] FAT-fs (rnullb0): bogus number of reserved sectors [ 621.929156][ T4173] FAT-fs (rnullb0): Can't find a valid FAT filesystem [ 621.936373][ T4173] FAT-fs (rnullb0): bogus number of reserved sectors [ 621.943151][ T4173] FAT-fs (rnullb0): Can't find a valid FAT filesystem [ 621.950451][ T4173] FAT-fs (rnullb0): bogus number of reserved sectors [ 621.957264][ T4173] FAT-fs (rnullb0): Can't find a valid FAT filesystem [ 621.964565][ T4173] FAT-fs (rnullb0): bogus number of reserved sectors [ 621.971342][ T4173] FAT-fs (rnullb0): Can't find a valid FAT filesystem [ 621.978588][ T4173] FAT-fs (rnullb0): bogus number of reserved sectors [ 621.985382][ T4173] FAT-fs (rnullb0): Can't find a valid FAT filesystem [ 621.992622][ T4173] FAT-fs (rnullb0): bogus number of reserved sectors [ 621.999423][ T4173] FAT-fs (rnullb0): Can't find a valid FAT filesystem [ 622.006647][ T4173] FAT-fs (rnullb0): bogus number of reserved sectors [ 622.013431][ T4173] FAT-fs (rnullb0): Can't find a valid FAT filesystem [ 622.020734][ T4173] FAT-fs (rnullb0): bogus number of reserved sectors [ 622.027569][ T4173] FAT-fs (rnullb0): Can't find a valid FAT filesystem [ 622.034843][ T4173] FAT-fs (rnullb0): bogus number of reserved sectors [ 622.041641][ T4173] FAT-fs (rnullb0): Can't find a valid FAT filesystem [ 622.048891][ T4173] FAT-fs (rnullb0): bogus number of reserved sectors [ 622.055730][ T4173] FAT-fs (rnullb0): Can't find a valid FAT filesystem [ 622.063021][ T4173] FAT-fs (rnullb0): bogus number of reserved sectors [ 622.069864][ T4173] FAT-fs (rnullb0): Can't find a valid FAT filesystem [ 622.077271][ T4173] FAT-fs (rnullb0): bogus number of reserved sectors [ 622.084053][ T4173] FAT-fs (rnullb0): Can't find a valid FAT filesystem [ 622.091453][ T4173] FAT-fs (rnullb0): bogus number of reserved sectors [ 622.098271][ T4173] FAT-fs (rnullb0): Can't find a valid FAT filesystem [ 622.105530][ T4173] FAT-fs (rnullb0): bogus number of reserved sectors [ 622.112334][ T4173] FAT-fs (rnullb0): Can't find a valid FAT filesystem [ 622.119589][ T4173] FAT-fs (rnullb0): bogus number of reserved sectors [ 622.126489][ T4173] FAT-fs (rnullb0): Can't find a valid FAT filesystem [ 622.133776][ T4173] FAT-fs (rnullb0): bogus number of reserved sectors [ 622.140621][ T4173] FAT-fs (rnullb0): Can't find a valid FAT filesystem [ 622.147884][ T4173] FAT-fs (rnullb0): bogus number of reserved sectors [ 622.154790][ T4173] FAT-fs (rnullb0): Can't find a valid FAT filesystem [ 622.162084][ T4173] FAT-fs (rnullb0): bogus number of reserved sectors [ 622.168926][ T4173] FAT-fs (rnullb0): Can't find a valid FAT filesystem [ 622.176180][ T4173] FAT-fs (rnullb0): bogus number of reserved sectors [ 622.182974][ T4173] FAT-fs (rnullb0): Can't find a valid FAT filesystem [ 622.190616][ T4173] FAT-fs (rnullb0): bogus number of reserved sectors [ 622.197760][ T4173] FAT-fs (rnullb0): Can't find a valid FAT filesystem [ 622.205755][ T4173] FAT-fs (rnullb0): bogus number of reserved sectors [ 622.212555][ T4173] FAT-fs (rnullb0): Can't find a valid FAT filesystem [ 622.219867][ T4173] FAT-fs (rnullb0): bogus number of reserved sectors [ 622.226745][ T4173] FAT-fs (rnullb0): Can't find a valid FAT filesystem [ 622.234003][ T4173] FAT-fs (rnullb0): bogus number of reserved sectors [ 622.240804][ T4173] FAT-fs (rnullb0): Can't find a valid FAT filesystem [ 622.248370][ T4173] FAT-fs (rnullb0): bogus number of reserved sectors [ 622.255182][ T4173] FAT-fs (rnullb0): Can't find a valid FAT filesystem [ 622.262409][ T4173] FAT-fs (rnullb0): bogus number of reserved sectors [ 622.269229][ T4173] FAT-fs (rnullb0): Can't find a valid FAT filesystem [ 622.276520][ T4173] FAT-fs (rnullb0): bogus number of reserved sectors [ 622.283306][ T4173] FAT-fs (rnullb0): Can't find a valid FAT filesystem [ 622.290562][ T4173] FAT-fs (rnullb0): bogus number of reserved sectors [ 622.297364][ T4173] FAT-fs (rnullb0): Can't find a valid FAT filesystem [ 622.304707][ T4173] FAT-fs (rnullb0): bogus number of reserved sectors [ 622.311494][ T4173] FAT-fs (rnullb0): Can't find a valid FAT filesystem [ 622.318753][ T4173] FAT-fs (rnullb0): bogus number of reserved sectors [ 622.325568][ T4173] FAT-fs (rnullb0): Can't find a valid FAT filesystem [ 623.301342][ T4240] FAULT_INJECTION: forcing a failure. [ 623.301342][ T4240] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 623.327010][ T4240] CPU: 1 UID: 0 PID: 4240 Comm: syz.1.16060 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 623.327048][ T4240] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 623.327063][ T4240] Call Trace: [ 623.327071][ T4240] [ 623.327080][ T4240] __dump_stack+0x21/0x30 [ 623.327118][ T4240] dump_stack_lvl+0x10c/0x190 [ 623.327149][ T4240] ? __cfi_dump_stack_lvl+0x10/0x10 [ 623.327182][ T4240] ? kernel_text_address+0xa9/0xe0 [ 623.327213][ T4240] dump_stack+0x19/0x20 [ 623.327243][ T4240] should_fail_ex+0x3d9/0x530 [ 623.327268][ T4240] should_fail+0xf/0x20 [ 623.327289][ T4240] should_fail_usercopy+0x1e/0x30 [ 623.327315][ T4240] _copy_from_user+0x22/0xb0 [ 623.327345][ T4240] ___sys_sendmsg+0x159/0x2a0 [ 623.327381][ T4240] ? __sys_sendmsg+0x280/0x280 [ 623.327416][ T4240] ? kstrtouint+0x78/0xf0 [ 623.327445][ T4240] __sys_sendmmsg+0x271/0x470 [ 623.327481][ T4240] ? __cfi___sys_sendmmsg+0x10/0x10 [ 623.327530][ T4240] ? __cfi_ksys_write+0x10/0x10 [ 623.327556][ T4240] __x64_sys_sendmmsg+0xa4/0xc0 [ 623.327592][ T4240] x64_sys_call+0xfec/0x2ee0 [ 623.327626][ T4240] do_syscall_64+0x58/0xf0 [ 623.327657][ T4240] ? clear_bhb_loop+0x50/0xa0 [ 623.327683][ T4240] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 623.327708][ T4240] RIP: 0033:0x7f248e58f6c9 [ 623.327727][ T4240] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 623.327747][ T4240] RSP: 002b:00007f248f4c2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 623.327771][ T4240] RAX: ffffffffffffffda RBX: 00007f248e7e5fa0 RCX: 00007f248e58f6c9 [ 623.327790][ T4240] RDX: 0000000000000001 RSI: 0000200000003c00 RDI: 0000000000000005 [ 623.327805][ T4240] RBP: 00007f248f4c2090 R08: 0000000000000000 R09: 0000000000000000 [ 623.327820][ T4240] R10: 0000000000008086 R11: 0000000000000246 R12: 0000000000000001 [ 623.327834][ T4240] R13: 00007f248e7e6038 R14: 00007f248e7e5fa0 R15: 00007ffc82c34688 [ 623.327855][ T4240] [ 623.658291][ T4257] rust_binder: Write failure EFAULT in pid:826 [ 624.689675][ T36] audit: type=1400 audit(2000000303.667:870): avc: denied { mount } for pid=4312 comm="syz.1.16094" name="/" dev="configfs" ino=1671 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1 [ 624.854501][ T9] usb 3-1: new high-speed USB device number 52 using dummy_hcd [ 625.034368][ T9] usb 3-1: Using ep0 maxpacket: 32 [ 625.043926][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 625.064398][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 625.074186][ T9] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 625.104328][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 625.113457][ T9] usb 3-1: config 0 descriptor?? [ 625.540057][ T9] savu 0003:1E7D:2D5A.0009: hiddev96,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.2-1/input0 [ 625.802530][T19291] usb 3-1: USB disconnect, device number 52 [ 628.917692][T19291] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 628.948148][T19291] hid-generic 0000:0000:0000.000A: hidraw0: HID v0.00 Device [syz1] on syz0 [ 630.105287][ T4635] FAULT_INJECTION: forcing a failure. [ 630.105287][ T4635] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 630.144043][ T4635] CPU: 1 UID: 0 PID: 4635 Comm: syz.3.16246 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 630.144084][ T4635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 630.144099][ T4635] Call Trace: [ 630.144108][ T4635] [ 630.144118][ T4635] __dump_stack+0x21/0x30 [ 630.144155][ T4635] dump_stack_lvl+0x10c/0x190 [ 630.144186][ T4635] ? __cfi_dump_stack_lvl+0x10/0x10 [ 630.144218][ T4635] ? check_stack_object+0x12c/0x140 [ 630.144242][ T4635] dump_stack+0x19/0x20 [ 630.144271][ T4635] should_fail_ex+0x3d9/0x530 [ 630.144295][ T4635] should_fail+0xf/0x20 [ 630.144317][ T4635] should_fail_usercopy+0x1e/0x30 [ 630.144342][ T4635] _copy_to_user+0x24/0xa0 [ 630.144370][ T4635] simple_read_from_buffer+0xed/0x160 [ 630.144401][ T4635] proc_fail_nth_read+0x19e/0x210 [ 630.144432][ T4635] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 630.144463][ T4635] ? bpf_lsm_file_permission+0xd/0x20 [ 630.144495][ T4635] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 630.144526][ T4635] vfs_read+0x27d/0xc70 [ 630.144546][ T4635] ? __cfi_kernfs_fop_write_iter+0x10/0x10 [ 630.144577][ T4635] ? __cfi_vfs_read+0x10/0x10 [ 630.144597][ T4635] ? __kasan_check_write+0x18/0x20 [ 630.144631][ T4635] ? mutex_lock+0x92/0x1c0 [ 630.144653][ T4635] ? __cfi_mutex_lock+0x10/0x10 [ 630.144674][ T4635] ? __fget_files+0x2c5/0x340 [ 630.144701][ T4635] ksys_read+0x141/0x250 [ 630.144721][ T4635] ? __cfi_ksys_read+0x10/0x10 [ 630.144744][ T4635] ? __kasan_check_read+0x15/0x20 [ 630.144778][ T4635] __x64_sys_read+0x7f/0x90 [ 630.144799][ T4635] x64_sys_call+0x2638/0x2ee0 [ 630.144833][ T4635] do_syscall_64+0x58/0xf0 [ 630.144869][ T4635] ? clear_bhb_loop+0x50/0xa0 [ 630.144894][ T4635] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 630.144919][ T4635] RIP: 0033:0x7f590318e0dc [ 630.144938][ T4635] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 630.144958][ T4635] RSP: 002b:00007f5904000030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 630.144983][ T4635] RAX: ffffffffffffffda RBX: 00007f59033e5fa0 RCX: 00007f590318e0dc [ 630.145001][ T4635] RDX: 000000000000000f RSI: 00007f59040000a0 RDI: 0000000000000006 [ 630.145016][ T4635] RBP: 00007f5904000090 R08: 0000000000000000 R09: 0000000000000000 [ 630.145031][ T4635] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 630.145045][ T4635] R13: 00007f59033e6038 R14: 00007f59033e5fa0 R15: 00007ffecf413888 [ 630.145066][ T4635] [ 631.068632][ T36] audit: type=1400 audit(2000000310.047:871): avc: denied { getattr } for pid=4648 comm="syz.2.16253" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 632.965096][ T4697] FAULT_INJECTION: forcing a failure. [ 632.965096][ T4697] name failslab, interval 1, probability 0, space 0, times 0 [ 632.985085][ T4697] CPU: 0 UID: 0 PID: 4697 Comm: syz.3.16277 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 632.985123][ T4697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 632.985139][ T4697] Call Trace: [ 632.985148][ T4697] [ 632.985157][ T4697] __dump_stack+0x21/0x30 [ 632.985194][ T4697] dump_stack_lvl+0x10c/0x190 [ 632.985224][ T4697] ? __cfi_dump_stack_lvl+0x10/0x10 [ 632.985255][ T4697] ? __kasan_check_write+0x18/0x20 [ 632.985289][ T4697] ? proc_fail_nth_write+0x17e/0x210 [ 632.985320][ T4697] dump_stack+0x19/0x20 [ 632.985349][ T4697] should_fail_ex+0x3d9/0x530 [ 632.985373][ T4697] should_failslab+0xac/0x100 [ 632.985398][ T4697] kmem_cache_alloc_noprof+0x42/0x430 [ 632.985420][ T4697] ? create_new_namespaces+0x48/0x720 [ 632.985453][ T4697] create_new_namespaces+0x48/0x720 [ 632.985485][ T4697] __se_sys_setns+0x2d1/0x12b0 [ 632.985516][ T4697] ? fput+0x1a5/0x240 [ 632.985543][ T4697] ? __x64_sys_setns+0x80/0x80 [ 632.985575][ T4697] ? __kasan_check_read+0x15/0x20 [ 632.985609][ T4697] __x64_sys_setns+0x5f/0x80 [ 632.985639][ T4697] x64_sys_call+0x2de8/0x2ee0 [ 632.985671][ T4697] do_syscall_64+0x58/0xf0 [ 632.985699][ T4697] ? clear_bhb_loop+0x50/0xa0 [ 632.985724][ T4697] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 632.985748][ T4697] RIP: 0033:0x7f590318f6c9 [ 632.985766][ T4697] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 632.985786][ T4697] RSP: 002b:00007f5904000038 EFLAGS: 00000246 ORIG_RAX: 0000000000000134 [ 632.985812][ T4697] RAX: ffffffffffffffda RBX: 00007f59033e5fa0 RCX: 00007f590318f6c9 [ 632.985830][ T4697] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005 [ 632.985845][ T4697] RBP: 00007f5904000090 R08: 0000000000000000 R09: 0000000000000000 [ 632.985868][ T4697] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 632.985882][ T4697] R13: 00007f59033e6038 R14: 00007f59033e5fa0 R15: 00007ffecf413888 [ 632.985902][ T4697] [ 633.508488][ T4712] binder: Bad value for 'max' [ 633.700061][ T4736] binder: Bad value for 'max' [ 634.344034][ T9] usb 3-1: new high-speed USB device number 53 using dummy_hcd [ 634.493809][ T9] usb 3-1: Using ep0 maxpacket: 32 [ 634.506119][ T9] usb 3-1: config 0 has an invalid interface number: 184 but max is 0 [ 634.514540][ T9] usb 3-1: config 0 has no interface number 0 [ 634.520667][ T9] usb 3-1: config 0 interface 184 has no altsetting 0 [ 634.564254][ T9] usb 3-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 634.573352][ T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 634.588773][ T9] usb 3-1: Product: syz [ 634.592993][ T9] usb 3-1: Manufacturer: syz [ 634.599367][ T9] usb 3-1: SerialNumber: syz [ 634.604824][ T9] usb 3-1: config 0 descriptor?? [ 634.619605][ T9] smsc75xx v1.0.0 [ 634.909967][ T36] audit: type=1400 audit(2000000313.887:872): avc: denied { append } for pid=4887 comm="syz.3.16369" name="ptp0" dev="devtmpfs" ino=196 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 634.949265][ T4893] FAULT_INJECTION: forcing a failure. [ 634.949265][ T4893] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 634.965261][ T4893] CPU: 0 UID: 0 PID: 4893 Comm: syz.3.16372 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 634.965297][ T4893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 634.965312][ T4893] Call Trace: [ 634.965321][ T4893] [ 634.965331][ T4893] __dump_stack+0x21/0x30 [ 634.965371][ T4893] dump_stack_lvl+0x10c/0x190 [ 634.965403][ T4893] ? __cfi_dump_stack_lvl+0x10/0x10 [ 634.965434][ T4893] ? avc_has_perm_noaudit+0x286/0x360 [ 634.965469][ T4893] dump_stack+0x19/0x20 [ 634.965497][ T4893] should_fail_ex+0x3d9/0x530 [ 634.965521][ T4893] should_fail_alloc_page+0xeb/0x110 [ 634.965548][ T4893] __alloc_pages_noprof+0x19b/0x7b0 [ 634.965579][ T4893] ? __cfi___alloc_pages_noprof+0x10/0x10 [ 634.965610][ T4893] ? selinux_file_open+0x457/0x610 [ 634.965642][ T4893] pte_alloc_one+0x97/0x520 [ 634.965664][ T4893] ? __cfi_pte_alloc_one+0x10/0x10 [ 634.965686][ T4893] ? is_bpf_text_address+0x17b/0x1a0 [ 634.965721][ T4893] ? kernel_text_address+0xa9/0xe0 [ 634.965751][ T4893] __pte_alloc+0x79/0x420 [ 634.965771][ T4893] ? __cfi_stack_trace_consume_entry+0x10/0x10 [ 634.965807][ T4893] ? __cfi___pte_alloc+0x10/0x10 [ 634.965829][ T4893] do_pte_missing+0x1f98/0x4240 [ 634.965858][ T4893] ? _parse_integer+0x2e/0x40 [ 634.965895][ T4893] ? pte_marker_clear+0x1b0/0x1b0 [ 634.965923][ T4893] ? kstrtouint_from_user+0xfb/0x150 [ 634.965946][ T4893] ? __x64_sys_openat+0x13a/0x170 [ 634.965977][ T4893] ? x64_sys_call+0xe69/0x2ee0 [ 634.966010][ T4893] ? __cfi_kstrtouint_from_user+0x10/0x10 [ 634.966033][ T4893] ? selinux_file_permission+0x309/0xb30 [ 634.966060][ T4893] ? mtree_range_walk+0x573/0x730 [ 634.966086][ T4893] handle_mm_fault+0x1166/0x1b90 [ 634.966115][ T4893] ? __cfi_handle_mm_fault+0x10/0x10 [ 634.966140][ T4893] ? lock_vma_under_rcu+0x49d/0x540 [ 634.966169][ T4893] ? __kasan_check_write+0x18/0x20 [ 634.966206][ T4893] do_user_addr_fault+0x96c/0x1200 [ 634.966239][ T4893] ? __cfi_ksys_write+0x10/0x10 [ 634.966263][ T4893] exc_page_fault+0x59/0xc0 [ 634.966287][ T4893] asm_exc_page_fault+0x2b/0x30 [ 634.966311][ T4893] RIP: 0033:0x7f5903053420 [ 634.966330][ T4893] Code: 48 89 74 24 30 48 8b 5c 24 38 4c 8b 7c 24 30 48 89 44 24 10 48 8d 05 b9 7d 19 00 48 29 c8 48 89 5c 24 28 4d 8d b7 00 10 00 00 <49> c7 47 10 ff 03 00 00 4d 89 77 08 48 89 44 24 18 89 5c 24 0c e9 [ 634.966351][ T4893] RSP: 002b:00007f5903ffff90 EFLAGS: 00010206 [ 634.966373][ T4893] RAX: 00000000000004fa RBX: ffffffffffffffff RCX: 00007f59031eacd0 [ 634.966390][ T4893] RDX: 0000000000000000 RSI: 0000200000b20000 RDI: ffffffffffffffff [ 634.966407][ T4893] RBP: 00007f590322d300 R08: 0000000000000000 R09: 0000000000000000 [ 634.966423][ T4893] R10: ffffffffffffffff R11: 0000000000000000 R12: 00007f590322d390 [ 634.966440][ T4893] R13: 00000000003ff000 R14: 0000200000b21000 R15: 0000200000b20000 [ 634.966460][ T4893] [ 634.966501][ T4893] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 635.255595][ T9] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32 [ 635.266703][ T9] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 635.277548][ T9] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -61 [ 635.297011][ T9] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -61 [ 635.306892][ T9] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset [ 635.319063][ T9] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -61 [ 635.328951][ T9] smsc75xx 3-1:0.184: probe with driver smsc75xx failed with error -61 [ 635.600408][ T4955] binder: Bad value for 'max' [ 635.666339][ T36] audit: type=1400 audit(2000000314.647:873): avc: denied { create } for pid=4962 comm="syz.3.16405" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 635.774530][ T4986] rust_binder: Error while translating object. [ 635.774560][ T4986] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT } [ 635.780813][ T4986] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1088 [ 636.426047][ T5068] binder: Bad value for 'max' [ 636.456367][ T5070] FAULT_INJECTION: forcing a failure. [ 636.456367][ T5070] name failslab, interval 1, probability 0, space 0, times 0 [ 636.469349][ T5070] CPU: 1 UID: 0 PID: 5070 Comm: syz.3.16457 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 636.469388][ T5070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 636.469405][ T5070] Call Trace: [ 636.469414][ T5070] [ 636.469423][ T5070] __dump_stack+0x21/0x30 [ 636.469460][ T5070] dump_stack_lvl+0x10c/0x190 [ 636.469491][ T5070] ? __cfi_dump_stack_lvl+0x10/0x10 [ 636.469523][ T5070] dump_stack+0x19/0x20 [ 636.469552][ T5070] should_fail_ex+0x3d9/0x530 [ 636.469577][ T5070] should_failslab+0xac/0x100 [ 636.469613][ T5070] kmem_cache_alloc_lru_noprof+0x44/0x430 [ 636.469636][ T5070] ? __d_lookup_rcu+0x334/0x3c0 [ 636.469658][ T5070] ? proc_alloc_inode+0x48/0x150 [ 636.469694][ T5070] proc_alloc_inode+0x48/0x150 [ 636.469727][ T5070] ? __cfi_proc_alloc_inode+0x10/0x10 [ 636.469760][ T5070] alloc_inode+0x7a/0x270 [ 636.469788][ T5070] new_inode+0x25/0x1e0 [ 636.469813][ T5070] proc_pid_make_inode+0x25/0x140 [ 636.469836][ T5070] proc_pident_instantiate+0x6d/0x2c0 [ 636.469861][ T5070] proc_pident_lookup+0x1c7/0x270 [ 636.469887][ T5070] proc_tgid_base_lookup+0x2f/0x40 [ 636.469911][ T5070] __lookup_slow+0x2d4/0x400 [ 636.469936][ T5070] ? lookup_one_len+0x2f0/0x2f0 [ 636.469961][ T5070] ? down_read+0x79/0xe0 [ 636.469986][ T5070] lookup_slow+0x57/0x80 [ 636.470010][ T5070] link_path_walk+0x990/0xec0 [ 636.470047][ T5070] path_openat+0x281/0x34b0 [ 636.470077][ T5070] ? kasan_save_track+0x3e/0x80 [ 636.470101][ T5070] ? kasan_save_alloc_info+0x40/0x50 [ 636.470133][ T5070] ? getname+0x1b/0x30 [ 636.470160][ T5070] ? x64_sys_call+0xe69/0x2ee0 [ 636.470192][ T5070] ? entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 636.470220][ T5070] ? do_filp_open+0x3e0/0x3e0 [ 636.470250][ T5070] do_filp_open+0x1c6/0x3e0 [ 636.470277][ T5070] ? __cfi_do_filp_open+0x10/0x10 [ 636.470306][ T5070] ? __cfi_kfree_link+0x10/0x10 [ 636.470337][ T5070] ? alloc_fd+0x4e7/0x5a0 [ 636.470363][ T5070] do_sys_openat2+0x12c/0x1c0 [ 636.470392][ T5070] ? fput+0x1a5/0x240 [ 636.470419][ T5070] ? do_sys_open+0x100/0x100 [ 636.470447][ T5070] ? ksys_write+0x1ef/0x250 [ 636.470469][ T5070] ? __cfi_ksys_write+0x10/0x10 [ 636.470491][ T5070] __x64_sys_openat+0x13a/0x170 [ 636.470523][ T5070] x64_sys_call+0xe69/0x2ee0 [ 636.470555][ T5070] do_syscall_64+0x58/0xf0 [ 636.470584][ T5070] ? clear_bhb_loop+0x50/0xa0 [ 636.470617][ T5070] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 636.470641][ T5070] RIP: 0033:0x7f590318df10 [ 636.470661][ T5070] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 69 95 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 bc 95 02 00 8b 44 [ 636.470683][ T5070] RSP: 002b:00007f5903ffff60 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 636.470709][ T5070] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f590318df10 [ 636.470727][ T5070] RDX: 0000000000000000 RSI: 00007f590321207e RDI: 00000000ffffff9c [ 636.470743][ T5070] RBP: 00007f590321207e R08: 0000000000000000 R09: 0000000000000000 [ 636.470759][ T5070] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 636.470774][ T5070] R13: 00007f59033e6038 R14: 00007f59033e5fa0 R15: 00007ffecf413888 [ 636.470794][ T5070] [ 637.148870][ T9] usb 3-1: USB disconnect, device number 53 [ 637.202370][ T5136] FAULT_INJECTION: forcing a failure. [ 637.202370][ T5136] name failslab, interval 1, probability 0, space 0, times 0 [ 637.217296][ T5136] CPU: 1 UID: 0 PID: 5136 Comm: syz.3.16477 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 637.217331][ T5136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 637.217346][ T5136] Call Trace: [ 637.217355][ T5136] [ 637.217365][ T5136] __dump_stack+0x21/0x30 [ 637.217402][ T5136] dump_stack_lvl+0x10c/0x190 [ 637.217432][ T5136] ? __cfi_dump_stack_lvl+0x10/0x10 [ 637.217465][ T5136] ? check_stack_object+0x82/0x140 [ 637.217486][ T5136] ? __virt_addr_valid+0x2a6/0x380 [ 637.217523][ T5136] dump_stack+0x19/0x20 [ 637.217553][ T5136] should_fail_ex+0x3d9/0x530 [ 637.217578][ T5136] should_failslab+0xac/0x100 [ 637.217606][ T5136] __kmalloc_cache_noprof+0x41/0x490 [ 637.217628][ T5136] ? memdup_user+0xb1/0x180 [ 637.217661][ T5136] ? __se_sys_mount+0x15f/0x480 [ 637.217684][ T5136] __se_sys_mount+0x15f/0x480 [ 637.217706][ T5136] ? ksys_write+0x1ef/0x250 [ 637.217727][ T5136] ? __x64_sys_mount+0xf0/0xf0 [ 637.217750][ T5136] __x64_sys_mount+0xc3/0xf0 [ 637.217780][ T5136] x64_sys_call+0x2021/0x2ee0 [ 637.217813][ T5136] do_syscall_64+0x58/0xf0 [ 637.217843][ T5136] ? clear_bhb_loop+0x50/0xa0 [ 637.217869][ T5136] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 637.217894][ T5136] RIP: 0033:0x7f590318f6c9 [ 637.217913][ T5136] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 637.217933][ T5136] RSP: 002b:00007f5904000038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 637.217959][ T5136] RAX: ffffffffffffffda RBX: 00007f59033e5fa0 RCX: 00007f590318f6c9 [ 637.217978][ T5136] RDX: 0000200000000180 RSI: 0000200000000140 RDI: 0000000000000000 [ 637.217995][ T5136] RBP: 00007f5904000090 R08: 0000200000000000 R09: 0000000000000000 [ 637.218012][ T5136] R10: 0000000000008c48 R11: 0000000000000246 R12: 0000000000000001 [ 637.218027][ T5136] R13: 00007f59033e6038 R14: 00007f59033e5fa0 R15: 00007ffecf413888 [ 637.218048][ T5136] [ 637.779698][ T5183] binder: Bad value for 'max' [ 638.207856][ T5226] __vm_enough_memory: pid: 5226, comm: syz.1.16531, bytes: 18014402804453376 not enough memory for the allocation [ 638.222147][ T5227] __vm_enough_memory: pid: 5227, comm: syz.1.16531, bytes: 18014402804453376 not enough memory for the allocation [ 638.323628][ T635] usb 4-1: new high-speed USB device number 46 using dummy_hcd [ 638.484634][ T635] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 638.495751][ T635] usb 4-1: config 27 interface 0 altsetting 0 has a duplicate endpoint with address 0xB, skipping [ 638.518941][ T635] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 638.536414][ T635] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 638.560528][ T635] usb 4-1: invalid MIDI out EP 0 [ 638.621142][ T635] snd-usb-audio 4-1:27.0: probe with driver snd-usb-audio failed with error -22 [ 638.624615][ T4809] udevd[4809]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:27.0/sound/card0/controlC0/../uevent} for writing: No such file or directory [ 638.758658][ T635] usb 4-1: USB disconnect, device number 46 [ 638.770322][ T36] audit: type=1400 audit(2000000317.738:874): avc: denied { write } for pid=5214 comm="syz.3.16526" name="/" dev="incremental-fs" ino=3519 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 638.817479][ T36] audit: type=1400 audit(2000000317.738:875): avc: denied { add_name } for pid=5214 comm="syz.3.16526" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 638.858898][ T36] audit: type=1400 audit(2000000317.738:876): avc: denied { create } for pid=5214 comm="syz.3.16526" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 638.903553][ T36] audit: type=1400 audit(2000000317.738:877): avc: denied { associate } for pid=5214 comm="syz.3.16526" name="file1" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 638.996167][ T5266] netlink: 8 bytes leftover after parsing attributes in process `syz.0.16551'. [ 639.340341][ T329] bridge_slave_1: left allmulticast mode [ 639.346091][ T329] bridge_slave_1: left promiscuous mode [ 639.351742][ T329] bridge0: port 2(bridge_slave_1) entered disabled state [ 639.455114][ T5291] netlink: 8 bytes leftover after parsing attributes in process `syz.3.16561'. [ 639.488037][ T329] veth1_macvtap: left promiscuous mode [ 639.493699][ T329] veth0_vlan: left promiscuous mode [ 639.607759][ T5279] bridge0: port 1(bridge_slave_0) entered blocking state [ 639.623542][ T5279] bridge0: port 1(bridge_slave_0) entered disabled state [ 639.630696][ T5279] bridge_slave_0: entered allmulticast mode [ 639.637267][ T5279] bridge_slave_0: entered promiscuous mode [ 639.644049][ T5279] bridge0: port 2(bridge_slave_1) entered blocking state [ 639.651110][ T5279] bridge0: port 2(bridge_slave_1) entered disabled state [ 639.659379][ T5279] bridge_slave_1: entered allmulticast mode [ 639.665948][ T5279] bridge_slave_1: entered promiscuous mode [ 639.829591][ T5279] bridge0: port 2(bridge_slave_1) entered blocking state [ 639.836692][ T5279] bridge0: port 2(bridge_slave_1) entered forwarding state [ 639.844026][ T5279] bridge0: port 1(bridge_slave_0) entered blocking state [ 639.851073][ T5279] bridge0: port 1(bridge_slave_0) entered forwarding state [ 639.917639][ T329] bridge0: port 1(bridge_slave_0) entered disabled state [ 639.925902][ T329] bridge0: port 2(bridge_slave_1) entered disabled state [ 639.964309][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 639.971389][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 639.991016][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 639.998128][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 640.070259][ T5279] veth0_vlan: entered promiscuous mode [ 640.103281][ T5279] veth1_macvtap: entered promiscuous mode [ 640.371471][ T36] audit: type=1400 audit(2000000319.348:878): avc: denied { getopt } for pid=5362 comm="syz.2.16592" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 640.745459][ T5392] netlink: 8 bytes leftover after parsing attributes in process `syz.3.16605'. [ 641.261834][ T5407] netlink: 8 bytes leftover after parsing attributes in process `syz.0.16611'. [ 641.749147][ T5439] netlink: 8 bytes leftover after parsing attributes in process `syz.0.16629'. [ 641.810363][ T5445] netlink: 8 bytes leftover after parsing attributes in process `syz.3.16631'. [ 642.292162][ T5461] netlink: 8 bytes leftover after parsing attributes in process `syz.1.16639'. [ 642.465128][ T5468] netlink: 8 bytes leftover after parsing attributes in process `syz.1.16643'. [ 643.755358][ T5563] netlink: 'syz.2.16688': attribute type 11 has an invalid length. [ 644.184245][ T5574] netlink: 8 bytes leftover after parsing attributes in process `syz.0.16695'. [ 644.524686][ T5592] binder: Bad value for 'max' [ 644.852333][ T5612] netlink: 8 bytes leftover after parsing attributes in process `syz.1.16713'. [ 644.901557][ T5614] netlink: 128 bytes leftover after parsing attributes in process `syz.1.16714'. [ 645.013542][ T5618] netlink: 8 bytes leftover after parsing attributes in process `syz.1.16717'. [ 645.075246][ T5622] netlink: 8 bytes leftover after parsing attributes in process `syz.0.16711'. [ 645.258950][ T5648] netlink: 8 bytes leftover after parsing attributes in process `syz.1.16729'. [ 645.327196][ T5654] netlink: 8 bytes leftover after parsing attributes in process `syz.0.16732'. [ 645.419162][ T5670] netlink: 8 bytes leftover after parsing attributes in process `syz.0.16740'. [ 645.578957][ T5683] netlink: 8 bytes leftover after parsing attributes in process `syz.0.16746'. [ 645.592991][ T5685] binder: Bad value for 'max' [ 645.620747][ T5687] FAULT_INJECTION: forcing a failure. [ 645.620747][ T5687] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 645.637487][ T9] usb 4-1: new full-speed USB device number 47 using dummy_hcd [ 645.645312][ T5687] CPU: 0 UID: 0 PID: 5687 Comm: syz.2.16747 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 645.645349][ T5687] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 645.645365][ T5687] Call Trace: [ 645.645378][ T5687] [ 645.645388][ T5687] __dump_stack+0x21/0x30 [ 645.645424][ T5687] dump_stack_lvl+0x10c/0x190 [ 645.645475][ T5687] ? __cfi_dump_stack_lvl+0x10/0x10 [ 645.645506][ T5687] ? check_stack_object+0x107/0x140 [ 645.645548][ T5687] dump_stack+0x19/0x20 [ 645.645577][ T5687] should_fail_ex+0x3d9/0x530 [ 645.645620][ T5687] should_fail+0xf/0x20 [ 645.645641][ T5687] should_fail_usercopy+0x1e/0x30 [ 645.645666][ T5687] _copy_from_user+0x22/0xb0 [ 645.645694][ T5687] vga_arb_write+0xf4/0x1c60 [ 645.645725][ T5687] ? __cfi_vga_arb_write+0x10/0x10 [ 645.645756][ T5687] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 645.645787][ T5687] ? bpf_lsm_file_permission+0xd/0x20 [ 645.645818][ T5687] ? __cfi_vga_arb_write+0x10/0x10 [ 645.645848][ T5687] vfs_write+0x3c0/0xf30 [ 645.645870][ T5687] ? __cfi_vfs_write+0x10/0x10 [ 645.645891][ T5687] ? __fget_files+0x2c5/0x340 [ 645.645917][ T5687] ksys_write+0x141/0x250 [ 645.645938][ T5687] ? __cfi_ksys_write+0x10/0x10 [ 645.645960][ T5687] ? __kasan_check_read+0x15/0x20 [ 645.645994][ T5687] __x64_sys_write+0x7f/0x90 [ 645.646016][ T5687] x64_sys_call+0x271c/0x2ee0 [ 645.646049][ T5687] do_syscall_64+0x58/0xf0 [ 645.646078][ T5687] ? clear_bhb_loop+0x50/0xa0 [ 645.646102][ T5687] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 645.646126][ T5687] RIP: 0033:0x7f9aebb8f6c9 [ 645.646146][ T5687] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 645.646166][ T5687] RSP: 002b:00007f9aeca63038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 645.646192][ T5687] RAX: ffffffffffffffda RBX: 00007f9aebde5fa0 RCX: 00007f9aebb8f6c9 [ 645.646210][ T5687] RDX: 000000000000000c RSI: 0000200000000040 RDI: 0000000000000005 [ 645.646225][ T5687] RBP: 00007f9aeca63090 R08: 0000000000000000 R09: 0000000000000000 [ 645.646241][ T5687] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 645.646255][ T5687] R13: 00007f9aebde6038 R14: 00007f9aebde5fa0 R15: 00007ffc34651748 [ 645.646276][ T5687] [ 645.651928][ T36] audit: type=1400 audit(2000000324.628:879): avc: denied { listen } for pid=5688 comm="syz.0.16748" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 645.953171][ T9] usb 4-1: device descriptor read/64, error -71 [ 646.203364][ T9] usb 4-1: device descriptor read/64, error -71 [ 646.313144][ T45] usb 1-1: new high-speed USB device number 38 using dummy_hcd [ 646.443145][ T9] usb 4-1: new full-speed USB device number 48 using dummy_hcd [ 646.474180][ T45] usb 1-1: config 0 has no interfaces? [ 646.481187][ T45] usb 1-1: New USB device found, idVendor=10d6, idProduct=2200, bcdDevice= 0.02 [ 646.499342][ T45] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 646.507925][ T45] usb 1-1: SerialNumber: syz [ 646.523248][ T45] usb 1-1: config 0 descriptor?? [ 646.593157][ T9] usb 4-1: device descriptor read/64, error -71 [ 646.738884][ T45] usb 1-1: USB disconnect, device number 38 [ 646.833123][ T9] usb 4-1: device descriptor read/64, error -71 [ 646.943320][ T9] usb usb4-port1: attempt power cycle [ 647.068608][ T5762] netlink: 8 bytes leftover after parsing attributes in process `syz.1.16783'. [ 647.293101][ T9] usb 4-1: new full-speed USB device number 49 using dummy_hcd [ 647.334118][ T9] usb 4-1: device descriptor read/8, error -71 [ 647.464095][ T9] usb 4-1: device descriptor read/8, error -71 [ 647.532026][ T5789] tipc: Started in network mode [ 647.537074][ T5789] tipc: Node identity fe80000000000000000000000000001, cluster identity 4711 [ 647.563458][ T5789] tipc: Enabled bearer , priority 10 [ 647.703086][ T9] usb 4-1: new full-speed USB device number 50 using dummy_hcd [ 647.724095][ T9] usb 4-1: device descriptor read/8, error -71 [ 647.864063][ T9] usb 4-1: device descriptor read/8, error -71 [ 647.983384][ T9] usb usb4-port1: unable to enumerate USB device [ 648.683034][T19291] tipc: Node number set to 4269801488 [ 649.842930][ T36] audit: type=1400 audit(2000000328.818:880): avc: denied { read } for pid=5873 comm="syz.2.16831" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 650.056064][ T46] bridge_slave_1: left allmulticast mode [ 650.061770][ T46] bridge_slave_1: left promiscuous mode [ 650.073308][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 650.083601][ T46] bridge_slave_0: left allmulticast mode [ 650.089285][ T46] bridge_slave_0: left promiscuous mode [ 650.095483][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 650.223781][ T5875] bridge0: port 1(bridge_slave_0) entered blocking state [ 650.230869][ T5875] bridge0: port 1(bridge_slave_0) entered disabled state [ 650.252946][ T5875] bridge_slave_0: entered allmulticast mode [ 650.259410][ T5875] bridge_slave_0: entered promiscuous mode [ 650.283647][ T5875] bridge0: port 2(bridge_slave_1) entered blocking state [ 650.290733][ T5875] bridge0: port 2(bridge_slave_1) entered disabled state [ 650.305872][ T5875] bridge_slave_1: entered allmulticast mode [ 650.312486][ T5875] bridge_slave_1: entered promiscuous mode [ 650.318923][ T5880] __nla_validate_parse: 2 callbacks suppressed [ 650.318941][ T5880] netlink: 8 bytes leftover after parsing attributes in process `syz.1.16839'. [ 650.335188][ T46] veth1_macvtap: left promiscuous mode [ 650.340742][ T46] veth0_vlan: left promiscuous mode [ 650.434014][ T5886] netlink: 8 bytes leftover after parsing attributes in process `syz.1.16843'. [ 650.531851][ T5875] bridge0: port 2(bridge_slave_1) entered blocking state [ 650.539082][ T5875] bridge0: port 2(bridge_slave_1) entered forwarding state [ 650.546426][ T5875] bridge0: port 1(bridge_slave_0) entered blocking state [ 650.553503][ T5875] bridge0: port 1(bridge_slave_0) entered forwarding state [ 650.582075][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 650.590228][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 650.601912][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 650.609038][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 650.634979][ T329] bridge0: port 2(bridge_slave_1) entered blocking state [ 650.642077][ T329] bridge0: port 2(bridge_slave_1) entered forwarding state [ 650.696647][ T5875] veth0_vlan: entered promiscuous mode [ 650.724693][ T5875] veth1_macvtap: entered promiscuous mode [ 650.815097][ T5915] netlink: 8 bytes leftover after parsing attributes in process `syz.2.16853'. [ 650.842350][ T5917] netlink: 8 bytes leftover after parsing attributes in process `syz.0.16854'. [ 650.990214][ T329] bridge_slave_1: left allmulticast mode [ 650.995983][ T329] bridge_slave_1: left promiscuous mode [ 651.010507][ T329] bridge0: port 2(bridge_slave_1) entered disabled state [ 651.024696][ T329] bridge_slave_0: left allmulticast mode [ 651.031234][ T329] bridge_slave_0: left promiscuous mode [ 651.043121][ T329] bridge0: port 1(bridge_slave_0) entered disabled state [ 651.152034][ T5938] netlink: 8 bytes leftover after parsing attributes in process `syz.0.16863'. [ 651.204111][ T329] veth1_macvtap: left promiscuous mode [ 651.211949][ T329] veth0_vlan: left promiscuous mode [ 651.343366][ T5926] bridge0: port 1(bridge_slave_0) entered blocking state [ 651.368303][ T5926] bridge0: port 1(bridge_slave_0) entered disabled state [ 651.395096][ T5926] bridge_slave_0: entered allmulticast mode [ 651.417747][ T5926] bridge_slave_0: entered promiscuous mode [ 651.443652][ T5926] bridge0: port 2(bridge_slave_1) entered blocking state [ 651.450736][ T5926] bridge0: port 2(bridge_slave_1) entered disabled state [ 651.492913][ T5926] bridge_slave_1: entered allmulticast mode [ 651.499458][ T5926] bridge_slave_1: entered promiscuous mode [ 651.709378][ T5926] bridge0: port 2(bridge_slave_1) entered blocking state [ 651.716499][ T5926] bridge0: port 2(bridge_slave_1) entered forwarding state [ 651.723844][ T5926] bridge0: port 1(bridge_slave_0) entered blocking state [ 651.730915][ T5926] bridge0: port 1(bridge_slave_0) entered forwarding state [ 651.758267][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 651.773335][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 651.798596][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 651.805707][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 651.828992][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 651.836106][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 651.883324][ T5926] veth0_vlan: entered promiscuous mode [ 651.898079][ T5926] veth1_macvtap: entered promiscuous mode [ 651.911261][ T5963] binder: Bad value for 'max' [ 651.991868][ T36] audit: type=1400 audit(2000000330.968:881): avc: denied { getopt } for pid=5965 comm="syz.1.16872" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 652.024381][ T36] audit: type=1400 audit(2000000331.008:882): avc: denied { create } for pid=5965 comm="syz.1.16872" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 652.048425][ T36] audit: type=1400 audit(2000000331.028:883): avc: denied { ioctl } for pid=5965 comm="syz.1.16872" path="socket:[184848]" dev="sockfs" ino=184848 ioctlcmd=0x8981 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 652.173723][ T5986] binder: Bad value for 'max' [ 652.489113][ T6021] netlink: 8 bytes leftover after parsing attributes in process `syz.1.16898'. [ 652.803839][ T6055] netlink: 8 bytes leftover after parsing attributes in process `syz.3.16913'. [ 652.999113][ T6078] netlink: 'syz.1.16924': attribute type 4 has an invalid length. [ 653.033939][ T6078] netlink: 'syz.1.16924': attribute type 17 has an invalid length. [ 653.262785][ T62] usb 4-1: new high-speed USB device number 51 using dummy_hcd [ 653.432751][ T62] usb 4-1: Using ep0 maxpacket: 32 [ 653.443812][ T62] usb 4-1: config 0 has an invalid interface number: 67 but max is 0 [ 653.462724][ T62] usb 4-1: config 0 has no interface number 0 [ 653.471394][ T62] usb 4-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 653.491434][ T62] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 653.502730][ T62] usb 4-1: Product: syz [ 653.506939][ T62] usb 4-1: Manufacturer: syz [ 653.521679][ T62] usb 4-1: SerialNumber: syz [ 653.533680][ T62] usb 4-1: config 0 descriptor?? [ 653.545997][ T62] smsc95xx v2.0.0 [ 653.793838][ T45] usb 2-1: new high-speed USB device number 49 using dummy_hcd [ 653.848982][ T6132] binder: Bad value for 'max' [ 653.962782][ T45] usb 2-1: config 0 has no interfaces? [ 653.969707][ T45] usb 2-1: New USB device found, idVendor=10d6, idProduct=2200, bcdDevice= 0.02 [ 653.978959][ T45] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 653.999151][ T45] usb 2-1: SerialNumber: syz [ 654.009527][ T45] usb 2-1: config 0 descriptor?? [ 654.221526][ T45] usb 2-1: USB disconnect, device number 49 [ 654.405987][ T62] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000030: -71 [ 654.422678][ T62] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Error writing E2P_CMD [ 654.442397][ T62] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71 [ 654.462899][ T62] smsc95xx 4-1:0.67: probe with driver smsc95xx failed with error -71 [ 654.491226][ T62] usb 4-1: USB disconnect, device number 51 [ 654.615694][ T6159] netlink: 8 bytes leftover after parsing attributes in process `syz.2.16959'. [ 654.713495][ T36] audit: type=1400 audit(2000000333.698:884): avc: denied { write } for pid=6175 comm="syz.0.16967" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 654.754358][ T6181] netlink: 8 bytes leftover after parsing attributes in process `syz.1.16970'. [ 654.835300][ T6195] FAULT_INJECTION: forcing a failure. [ 654.835300][ T6195] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 654.851997][ T6195] CPU: 0 UID: 0 PID: 6195 Comm: syz.1.16976 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 654.852035][ T6195] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 654.852051][ T6195] Call Trace: [ 654.852059][ T6195] [ 654.852069][ T6195] __dump_stack+0x21/0x30 [ 654.852105][ T6195] dump_stack_lvl+0x10c/0x190 [ 654.852136][ T6195] ? __cfi_dump_stack_lvl+0x10/0x10 [ 654.852167][ T6195] ? avc_has_perm_noaudit+0x286/0x360 [ 654.852202][ T6195] dump_stack+0x19/0x20 [ 654.852230][ T6195] should_fail_ex+0x3d9/0x530 [ 654.852266][ T6195] should_fail_alloc_page+0xeb/0x110 [ 654.852298][ T6195] __alloc_pages_noprof+0x19b/0x7b0 [ 654.852329][ T6195] ? __cfi___alloc_pages_noprof+0x10/0x10 [ 654.852359][ T6195] ? selinux_file_open+0x457/0x610 [ 654.852391][ T6195] pte_alloc_one+0x97/0x520 [ 654.852413][ T6195] ? __cfi_pte_alloc_one+0x10/0x10 [ 654.852433][ T6195] ? is_bpf_text_address+0x17b/0x1a0 [ 654.852459][ T6195] ? kernel_text_address+0xa9/0xe0 [ 654.852493][ T6195] __pte_alloc+0x79/0x420 [ 654.852513][ T6195] ? __cfi_stack_trace_consume_entry+0x10/0x10 [ 654.852547][ T6195] ? __cfi___pte_alloc+0x10/0x10 [ 654.852569][ T6195] do_pte_missing+0x1f98/0x4240 [ 654.852598][ T6195] ? _parse_integer+0x2e/0x40 [ 654.852636][ T6195] ? pte_marker_clear+0x1b0/0x1b0 [ 654.852663][ T6195] ? kstrtouint_from_user+0xfb/0x150 [ 654.852684][ T6195] ? __x64_sys_openat+0x13a/0x170 [ 654.852714][ T6195] ? x64_sys_call+0xe69/0x2ee0 [ 654.852748][ T6195] ? __cfi_kstrtouint_from_user+0x10/0x10 [ 654.852771][ T6195] ? selinux_file_permission+0x309/0xb30 [ 654.852800][ T6195] ? mtree_range_walk+0x573/0x730 [ 654.852825][ T6195] handle_mm_fault+0x1166/0x1b90 [ 654.852861][ T6195] ? __cfi_handle_mm_fault+0x10/0x10 [ 654.852886][ T6195] ? lock_vma_under_rcu+0x49d/0x540 [ 654.852916][ T6195] ? __kasan_check_write+0x18/0x20 [ 654.852953][ T6195] do_user_addr_fault+0x96c/0x1200 [ 654.852986][ T6195] ? __cfi_ksys_write+0x10/0x10 [ 654.853010][ T6195] exc_page_fault+0x59/0xc0 [ 654.853034][ T6195] asm_exc_page_fault+0x2b/0x30 [ 654.853058][ T6195] RIP: 0033:0x7f4154a53420 [ 654.853078][ T6195] Code: 48 89 74 24 30 48 8b 5c 24 38 4c 8b 7c 24 30 48 89 44 24 10 48 8d 05 b9 7d 19 00 48 29 c8 48 89 5c 24 28 4d 8d b7 00 10 00 00 <49> c7 47 10 ff 03 00 00 4d 89 77 08 48 89 44 24 18 89 5c 24 0c e9 [ 654.853099][ T6195] RSP: 002b:00007f4155a10f90 EFLAGS: 00010206 [ 654.853120][ T6195] RAX: 00000000000004fa RBX: ffffffffffffffff RCX: 00007f4154beacd0 [ 654.853139][ T6195] RDX: 0000000000000000 RSI: 0000200000b20000 RDI: ffffffffffffffff [ 654.853156][ T6195] RBP: 00007f4154c2d300 R08: 0000000000000000 R09: 0000000000000000 [ 654.853172][ T6195] R10: ffffffffffffffff R11: 0000000000000000 R12: 00007f4154c2d390 [ 654.853190][ T6195] R13: 00000000003ff000 R14: 0000200000b21000 R15: 0000200000b20000 [ 654.853210][ T6195] [ 655.159948][ T6195] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 655.257649][ T6214] netlink: 8 bytes leftover after parsing attributes in process `syz.3.16983'. [ 655.382644][ T62] usb 3-1: new high-speed USB device number 54 using dummy_hcd [ 655.443358][ T6229] FAULT_INJECTION: forcing a failure. [ 655.443358][ T6229] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 655.471513][ T6229] CPU: 1 UID: 0 PID: 6229 Comm: syz.0.16989 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 655.471553][ T6229] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 655.471569][ T6229] Call Trace: [ 655.471577][ T6229] [ 655.471588][ T6229] __dump_stack+0x21/0x30 [ 655.471625][ T6229] dump_stack_lvl+0x10c/0x190 [ 655.471656][ T6229] ? __cfi_dump_stack_lvl+0x10/0x10 [ 655.471688][ T6229] ? check_stack_object+0x12c/0x140 [ 655.471711][ T6229] dump_stack+0x19/0x20 [ 655.471741][ T6229] should_fail_ex+0x3d9/0x530 [ 655.471766][ T6229] should_fail+0xf/0x20 [ 655.471787][ T6229] should_fail_usercopy+0x1e/0x30 [ 655.471812][ T6229] _copy_to_user+0x24/0xa0 [ 655.471848][ T6229] simple_read_from_buffer+0xed/0x160 [ 655.471879][ T6229] proc_fail_nth_read+0x19e/0x210 [ 655.471911][ T6229] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 655.471942][ T6229] ? bpf_lsm_file_permission+0xd/0x20 [ 655.471973][ T6229] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 655.472002][ T6229] vfs_read+0x27d/0xc70 [ 655.472022][ T6229] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 655.472049][ T6229] ? __cfi_vfs_read+0x10/0x10 [ 655.472068][ T6229] ? __kasan_check_write+0x18/0x20 [ 655.472104][ T6229] ? mutex_lock+0x92/0x1c0 [ 655.472126][ T6229] ? __cfi_mutex_lock+0x10/0x10 [ 655.472147][ T6229] ? __fget_files+0x2c5/0x340 [ 655.472175][ T6229] ksys_read+0x141/0x250 [ 655.472196][ T6229] ? __cfi_ksys_read+0x10/0x10 [ 655.472218][ T6229] ? __kasan_check_read+0x15/0x20 [ 655.472251][ T6229] __x64_sys_read+0x7f/0x90 [ 655.472273][ T6229] x64_sys_call+0x2638/0x2ee0 [ 655.472307][ T6229] do_syscall_64+0x58/0xf0 [ 655.472336][ T6229] ? clear_bhb_loop+0x50/0xa0 [ 655.472362][ T6229] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 655.472387][ T6229] RIP: 0033:0x7f607938e0dc [ 655.472407][ T6229] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 655.472428][ T6229] RSP: 002b:00007f607a2e9030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 655.472453][ T6229] RAX: ffffffffffffffda RBX: 00007f60795e5fa0 RCX: 00007f607938e0dc [ 655.472472][ T6229] RDX: 000000000000000f RSI: 00007f607a2e90a0 RDI: 0000000000000008 [ 655.472488][ T6229] RBP: 00007f607a2e9090 R08: 0000000000000000 R09: 0000000000000000 [ 655.472504][ T6229] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 655.472519][ T6229] R13: 00007f60795e6038 R14: 00007f60795e5fa0 R15: 00007ffe1de70bf8 [ 655.472540][ T6229] [ 655.574062][ T62] usb 3-1: config 0 has no interfaces? [ 655.765217][ T62] usb 3-1: New USB device found, idVendor=10d6, idProduct=2200, bcdDevice= 0.02 [ 655.781445][ T62] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 655.799325][ T62] usb 3-1: SerialNumber: syz [ 655.805946][ T62] usb 3-1: config 0 descriptor?? [ 655.914619][ T6256] binder: Bad value for 'max' [ 656.015455][ T62] usb 3-1: USB disconnect, device number 54 [ 656.288734][ T6291] rust_binder: Error in use_page_slow: ESRCH [ 656.288766][ T6291] rust_binder: use_range failure ESRCH [ 656.302754][ T6291] rust_binder: Failed to allocate buffer. len:8, is_oneway:true [ 656.308519][ T6291] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH } [ 656.318138][ T6291] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:129 [ 656.556167][ T6324] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 656.574228][ T6324] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 656.643303][ T6334] binder: Bad value for 'max' [ 656.775037][ T6356] 9pnet_fd: Insufficient options for proto=fd [ 656.797517][ T6360] binder: Bad value for 'max' [ 656.805625][ T6362] netlink: 8 bytes leftover after parsing attributes in process `syz.0.17054'. [ 656.963121][ T36] audit: type=1400 audit(2000000335.949:885): avc: denied { append } for pid=6378 comm="syz.3.17062" name="001" dev="devtmpfs" ino=114 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 657.278329][ T6399] netlink: 4 bytes leftover after parsing attributes in process `syz.1.17071'. [ 657.474574][ T6415] netlink: 8 bytes leftover after parsing attributes in process `syz.3.17079'. [ 657.636358][ T6431] netlink: 8 bytes leftover after parsing attributes in process `syz.2.17086'. [ 657.731993][ T6438] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL } [ 657.732028][ T6438] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1178 [ 657.808427][ T6449] netlink: 8 bytes leftover after parsing attributes in process `syz.2.17094'. [ 657.942023][ T6463] netlink: 8 bytes leftover after parsing attributes in process `syz.0.17099'. [ 657.943901][ T6457] FAULT_INJECTION: forcing a failure. [ 657.943901][ T6457] name failslab, interval 1, probability 0, space 0, times 0 [ 658.012468][ T6457] CPU: 1 UID: 0 PID: 6457 Comm: syz.1.17096 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 658.012513][ T6457] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 658.012528][ T6457] Call Trace: [ 658.012536][ T6457] [ 658.012547][ T6457] __dump_stack+0x21/0x30 [ 658.012584][ T6457] dump_stack_lvl+0x10c/0x190 [ 658.012615][ T6457] ? __cfi_dump_stack_lvl+0x10/0x10 [ 658.012647][ T6457] ? vfs_write+0x93e/0xf30 [ 658.012670][ T6457] dump_stack+0x19/0x20 [ 658.012700][ T6457] should_fail_ex+0x3d9/0x530 [ 658.012724][ T6457] should_failslab+0xac/0x100 [ 658.012751][ T6457] kmem_cache_alloc_noprof+0x42/0x430 [ 658.012773][ T6457] ? prepare_creds+0x48/0x6b0 [ 658.012798][ T6457] ? __cfi_make_kuid+0x10/0x10 [ 658.012831][ T6457] ? fput+0x1a5/0x240 [ 658.012858][ T6457] prepare_creds+0x48/0x6b0 [ 658.012883][ T6457] __sys_setreuid+0x106/0xb00 [ 658.012910][ T6457] ? __kasan_check_read+0x15/0x20 [ 658.012946][ T6457] __x64_sys_setreuid+0x5e/0x70 [ 658.012972][ T6457] x64_sys_call+0x1132/0x2ee0 [ 658.013007][ T6457] do_syscall_64+0x58/0xf0 [ 658.013036][ T6457] ? clear_bhb_loop+0x50/0xa0 [ 658.013063][ T6457] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 658.013088][ T6457] RIP: 0033:0x7f4154b8f6c9 [ 658.013106][ T6457] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 658.013126][ T6457] RSP: 002b:00007f4155a11038 EFLAGS: 00000246 ORIG_RAX: 0000000000000071 [ 658.013152][ T6457] RAX: ffffffffffffffda RBX: 00007f4154de5fa0 RCX: 00007f4154b8f6c9 [ 658.013171][ T6457] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffffffffff [ 658.013187][ T6457] RBP: 00007f4155a11090 R08: 0000000000000000 R09: 0000000000000000 [ 658.013202][ T6457] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 658.013217][ T6457] R13: 00007f4154de6038 R14: 00007f4154de5fa0 R15: 00007fff3a3a6188 [ 658.013238][ T6457] [ 658.236544][ T6471] netlink: 8 bytes leftover after parsing attributes in process `syz.2.17104'. [ 658.507548][ T6485] netlink: 8 bytes leftover after parsing attributes in process `syz.1.17111'. [ 659.111688][ T6504] netlink: 8 bytes leftover after parsing attributes in process `syz.3.17121'. [ 659.512400][ T45] usb 4-1: new high-speed USB device number 52 using dummy_hcd [ 659.663443][ T45] usb 4-1: config 0 has no interfaces? [ 659.670482][ T45] usb 4-1: New USB device found, idVendor=10d6, idProduct=2200, bcdDevice= 0.02 [ 659.680074][ T45] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 659.693644][ T45] usb 4-1: SerialNumber: syz [ 659.709258][ T45] usb 4-1: config 0 descriptor?? [ 659.823516][ T6532] netlink: 8 bytes leftover after parsing attributes in process `syz.1.17132'. [ 659.916009][ T36] audit: type=1400 audit(2000000338.899:886): avc: denied { mounton } for pid=6541 comm="syz.1.17137" path="/proc/414/task" dev="proc" ino=186340 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1 [ 659.921958][ T45] usb 4-1: USB disconnect, device number 52 [ 659.938780][ T36] audit: type=1400 audit(2000000338.899:887): avc: denied { associate } for pid=6541 comm="syz.1.17137" name="cpuacct.usage_percpu" scontext=root:object_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 660.451509][ T6569] binder: Bad value for 'max' [ 660.576990][ T6584] FAULT_INJECTION: forcing a failure. [ 660.576990][ T6584] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 660.591672][ T6584] CPU: 1 UID: 0 PID: 6584 Comm: syz.2.17156 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 660.591712][ T6584] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 660.591729][ T6584] Call Trace: [ 660.591737][ T6584] [ 660.591747][ T6584] __dump_stack+0x21/0x30 [ 660.591783][ T6584] dump_stack_lvl+0x10c/0x190 [ 660.591814][ T6584] ? __cfi_dump_stack_lvl+0x10/0x10 [ 660.591845][ T6584] ? bpf_lsm_file_permission+0xd/0x20 [ 660.591878][ T6584] dump_stack+0x19/0x20 [ 660.591906][ T6584] should_fail_ex+0x3d9/0x530 [ 660.591930][ T6584] should_fail+0xf/0x20 [ 660.591951][ T6584] should_fail_usercopy+0x1e/0x30 [ 660.591976][ T6584] _copy_from_user+0x22/0xb0 [ 660.592004][ T6584] get_timespec64+0x8f/0x1a0 [ 660.592030][ T6584] ? __cfi_get_timespec64+0x10/0x10 [ 660.592056][ T6584] __se_sys_io_getevents+0xac/0x210 [ 660.592083][ T6584] ? __x64_sys_io_getevents+0xf0/0xf0 [ 660.592110][ T6584] __x64_sys_io_getevents+0xc3/0xf0 [ 660.592135][ T6584] x64_sys_call+0x26ec/0x2ee0 [ 660.592168][ T6584] do_syscall_64+0x58/0xf0 [ 660.592196][ T6584] ? clear_bhb_loop+0x50/0xa0 [ 660.592222][ T6584] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 660.592253][ T6584] RIP: 0033:0x7f9aebb8f6c9 [ 660.592271][ T6584] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 660.592295][ T6584] RSP: 002b:00007f9aeca63038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d0 [ 660.592320][ T6584] RAX: ffffffffffffffda RBX: 00007f9aebde5fa0 RCX: 00007f9aebb8f6c9 [ 660.592339][ T6584] RDX: 0000000000000000 RSI: 00000000000009d7 RDI: 0000000000000000 [ 660.592353][ T6584] RBP: 00007f9aeca63090 R08: 0000200000000480 R09: 0000000000000000 [ 660.592370][ T6584] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 660.592385][ T6584] R13: 00007f9aebde6038 R14: 00007f9aebde5fa0 R15: 00007ffc34651748 [ 660.592405][ T6584] [ 660.794019][ T6587] netlink: 'syz.0.17157': attribute type 4 has an invalid length. [ 660.803781][ T6587] netlink: 'syz.0.17157': attribute type 4 has an invalid length. [ 660.922021][ T6599] binder: Bad value for 'max' [ 661.102322][ T62] usb 2-1: new high-speed USB device number 50 using dummy_hcd [ 661.263376][ T62] usb 2-1: config 0 has no interfaces? [ 661.270290][ T62] usb 2-1: New USB device found, idVendor=10d6, idProduct=2200, bcdDevice= 0.02 [ 661.282289][ T62] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 661.300523][ T62] usb 2-1: SerialNumber: syz [ 661.311369][ T62] usb 2-1: config 0 descriptor?? [ 661.522904][ T62] usb 2-1: USB disconnect, device number 50 [ 661.812862][ T6623] __nla_validate_parse: 1 callbacks suppressed [ 661.812886][ T6623] netlink: 8 bytes leftover after parsing attributes in process `syz.0.17173'. [ 662.110095][ T13] Bluetooth: hci0: Frame reassembly failed (-84) [ 662.193023][ T6651] netlink: 8 bytes leftover after parsing attributes in process `syz.1.17186'. [ 662.342251][ T62] usb 1-1: new high-speed USB device number 39 using dummy_hcd [ 662.430719][ T6676] netlink: 24 bytes leftover after parsing attributes in process `syz.2.17193'. [ 662.502538][ T62] usb 1-1: Using ep0 maxpacket: 8 [ 662.512254][ T9] usb 4-1: new high-speed USB device number 53 using dummy_hcd [ 662.522457][ T62] usb 1-1: config 179 has an invalid interface number: 65 but max is 0 [ 662.530738][ T62] usb 1-1: config 179 has no interface number 0 [ 662.539017][ T62] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 662.550590][ T62] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 662.562134][ T62] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 662.573538][ T62] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 662.585206][ T62] usb 1-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 662.601337][ T62] usb 1-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 662.611250][ T62] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 662.626513][ T6639] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 662.693547][ T9] usb 4-1: config 0 has no interfaces? [ 662.700605][ T9] usb 4-1: New USB device found, idVendor=10d6, idProduct=2200, bcdDevice= 0.02 [ 662.710606][ T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 662.719057][ T9] usb 4-1: SerialNumber: syz [ 662.730073][ T9] usb 4-1: config 0 descriptor?? [ 662.789065][ T6706] FAULT_INJECTION: forcing a failure. [ 662.789065][ T6706] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 662.802385][ T6706] CPU: 1 UID: 0 PID: 6706 Comm: syz.2.17209 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 662.802430][ T6706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 662.802445][ T6706] Call Trace: [ 662.802454][ T6706] [ 662.802464][ T6706] __dump_stack+0x21/0x30 [ 662.802501][ T6706] dump_stack_lvl+0x10c/0x190 [ 662.802532][ T6706] ? __cfi_dump_stack_lvl+0x10/0x10 [ 662.802564][ T6706] ? kstrtoull+0x13b/0x1e0 [ 662.802586][ T6706] dump_stack+0x19/0x20 [ 662.802615][ T6706] should_fail_ex+0x3d9/0x530 [ 662.802639][ T6706] should_fail+0xf/0x20 [ 662.802661][ T6706] should_fail_usercopy+0x1e/0x30 [ 662.802687][ T6706] _copy_from_user+0x22/0xb0 [ 662.802715][ T6706] ___sys_sendmsg+0x159/0x2a0 [ 662.802751][ T6706] ? __sys_sendmsg+0x280/0x280 [ 662.802785][ T6706] ? proc_fail_nth_write+0x17e/0x210 [ 662.802816][ T6706] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 662.802864][ T6706] __x64_sys_sendmsg+0x1eb/0x2c0 [ 662.802898][ T6706] ? fput+0x1a5/0x240 [ 662.802926][ T6706] ? __cfi___x64_sys_sendmsg+0x10/0x10 [ 662.802961][ T6706] ? ksys_write+0x1ef/0x250 [ 662.802985][ T6706] ? __kasan_check_read+0x15/0x20 [ 662.803022][ T6706] x64_sys_call+0x2a4c/0x2ee0 [ 662.803055][ T6706] do_syscall_64+0x58/0xf0 [ 662.803084][ T6706] ? clear_bhb_loop+0x50/0xa0 [ 662.803111][ T6706] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 662.803137][ T6706] RIP: 0033:0x7f9aebb8f6c9 [ 662.803156][ T6706] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 662.803177][ T6706] RSP: 002b:00007f9aeca63038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 662.803203][ T6706] RAX: ffffffffffffffda RBX: 00007f9aebde5fa0 RCX: 00007f9aebb8f6c9 [ 662.803221][ T6706] RDX: 0000000000000080 RSI: 0000200000000340 RDI: 0000000000000006 [ 662.803238][ T6706] RBP: 00007f9aeca63090 R08: 0000000000000000 R09: 0000000000000000 [ 662.803254][ T6706] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 662.803269][ T6706] R13: 00007f9aebde6038 R14: 00007f9aebde5fa0 R15: 00007ffc34651748 [ 662.803291][ T6706] [ 662.938317][ T9] usb 4-1: USB disconnect, device number 53 [ 663.040397][T16162] input: Generic X-Box pad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:179.65/input/input11 [ 663.666587][ T6746] FAULT_INJECTION: forcing a failure. [ 663.666587][ T6746] name failslab, interval 1, probability 0, space 0, times 0 [ 663.695778][ T6746] CPU: 1 UID: 0 PID: 6746 Comm: syz.2.17227 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 663.695817][ T6746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 663.695832][ T6746] Call Trace: [ 663.695840][ T6746] [ 663.695850][ T6746] __dump_stack+0x21/0x30 [ 663.695888][ T6746] dump_stack_lvl+0x10c/0x190 [ 663.695919][ T6746] ? __cfi_dump_stack_lvl+0x10/0x10 [ 663.695951][ T6746] ? __kasan_check_write+0x18/0x20 [ 663.695995][ T6746] ? copy_mm+0x2ab/0x1cb0 [ 663.696022][ T6746] dump_stack+0x19/0x20 [ 663.696053][ T6746] should_fail_ex+0x3d9/0x530 [ 663.696077][ T6746] should_failslab+0xac/0x100 [ 663.696103][ T6746] kmem_cache_alloc_noprof+0x42/0x430 [ 663.696125][ T6746] ? alloc_pid+0xa5/0xba0 [ 663.696148][ T6746] ? __asan_memcpy+0x5a/0x80 [ 663.696169][ T6746] alloc_pid+0xa5/0xba0 [ 663.696194][ T6746] copy_process+0x13ff/0x3220 [ 663.696225][ T6746] ? __cfi_copy_process+0x10/0x10 [ 663.696252][ T6746] ? __kmalloc_cache_noprof+0x24c/0x490 [ 663.696276][ T6746] ? __kasan_check_write+0x18/0x20 [ 663.696310][ T6746] ? __cfi_kvm_nx_huge_page_recovery_worker+0x10/0x10 [ 663.696337][ T6746] vhost_task_create+0x1d6/0x350 [ 663.696360][ T6746] ? __cfi_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10 [ 663.696388][ T6746] ? __cfi_vhost_task_create+0x10/0x10 [ 663.696412][ T6746] ? __cfi_vhost_task_fn+0x10/0x10 [ 663.696435][ T6746] ? __kasan_check_write+0x18/0x20 [ 663.696469][ T6746] ? mutex_lock+0x92/0x1c0 [ 663.696490][ T6746] ? __cfi_mutex_lock+0x10/0x10 [ 663.696512][ T6746] ? kernel_text_address+0xa9/0xe0 [ 663.696541][ T6746] kvm_mmu_post_init_vm+0x156/0x2d0 [ 663.696573][ T6746] kvm_arch_vcpu_ioctl_run+0xd7/0x1aa0 [ 663.696605][ T6746] ? _parse_integer_limit+0x195/0x1e0 [ 663.696642][ T6746] ? __cfi_kvm_arch_vcpu_ioctl_run+0x10/0x10 [ 663.696673][ T6746] ? kstrtoull+0x13b/0x1e0 [ 663.696694][ T6746] ? kstrtouint+0x78/0xf0 [ 663.696714][ T6746] ? ioctl_has_perm+0x1aa/0x4d0 [ 663.696742][ T6746] ? __asan_memcpy+0x5a/0x80 [ 663.696764][ T6746] ? ioctl_has_perm+0x3e0/0x4d0 [ 663.696792][ T6746] ? has_cap_mac_admin+0xd0/0xd0 [ 663.696823][ T6746] ? __kasan_check_write+0x18/0x20 [ 663.696857][ T6746] ? mutex_lock_killable+0x92/0x1c0 [ 663.696880][ T6746] ? __cfi_mutex_lock_killable+0x10/0x10 [ 663.696904][ T6746] ? proc_fail_nth_write+0x17e/0x210 [ 663.696937][ T6746] kvm_vcpu_ioctl+0x96f/0xee0 [ 663.696960][ T6746] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 663.696988][ T6746] ? __cfi_vfs_write+0x10/0x10 [ 663.697010][ T6746] ? __kasan_check_write+0x18/0x20 [ 663.697044][ T6746] ? mutex_unlock+0x8b/0x240 [ 663.697066][ T6746] ? __cfi_mutex_unlock+0x10/0x10 [ 663.697088][ T6746] ? __fget_files+0x2c5/0x340 [ 663.697116][ T6746] ? __fget_files+0x2c5/0x340 [ 663.697141][ T6746] ? bpf_lsm_file_ioctl+0xd/0x20 [ 663.697173][ T6746] ? security_file_ioctl+0x34/0xd0 [ 663.697199][ T6746] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 663.697221][ T6746] __se_sys_ioctl+0x135/0x1b0 [ 663.697247][ T6746] __x64_sys_ioctl+0x7f/0xa0 [ 663.697272][ T6746] x64_sys_call+0x1878/0x2ee0 [ 663.697307][ T6746] do_syscall_64+0x58/0xf0 [ 663.697336][ T6746] ? clear_bhb_loop+0x50/0xa0 [ 663.697362][ T6746] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 663.697387][ T6746] RIP: 0033:0x7f9aebb8f6c9 [ 663.697407][ T6746] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 663.697429][ T6746] RSP: 002b:00007f9aeca63038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 663.697455][ T6746] RAX: ffffffffffffffda RBX: 00007f9aebde5fa0 RCX: 00007f9aebb8f6c9 [ 663.697474][ T6746] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007 [ 663.697489][ T6746] RBP: 00007f9aeca63090 R08: 0000000000000000 R09: 0000000000000000 [ 663.697505][ T6746] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 663.697520][ T6746] R13: 00007f9aebde6038 R14: 00007f9aebde5fa0 R15: 00007ffc34651748 [ 663.697542][ T6746] [ 664.193100][ T54] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 664.284808][ T9] usb 1-1: USB disconnect, device number 39 [ 664.290790][ C0] xpad 1-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 664.290836][ C0] xpad 1-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 664.320412][ T9] xpad 1-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 664.482126][ T62] usb 2-1: new high-speed USB device number 51 using dummy_hcd [ 664.633407][ T62] usb 2-1: config 0 has no interfaces? [ 664.640471][ T62] usb 2-1: New USB device found, idVendor=10d6, idProduct=2200, bcdDevice= 0.02 [ 664.650005][ T62] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 664.658233][ T62] usb 2-1: SerialNumber: syz [ 664.666907][ T62] usb 2-1: config 0 descriptor?? [ 664.844695][ T6774] netlink: 8 bytes leftover after parsing attributes in process `syz.0.17239'. [ 664.874134][ T62] usb 2-1: USB disconnect, device number 51 [ 664.993968][ T6790] netlink: 8 bytes leftover after parsing attributes in process `syz.3.17247'. [ 665.054896][ T6796] netlink: 8 bytes leftover after parsing attributes in process `syz.3.17250'. [ 665.318893][ T6806] netlink: 8 bytes leftover after parsing attributes in process `syz.2.17256'. [ 665.396044][ T6808] netlink: 8 bytes leftover after parsing attributes in process `syz.2.17257'. [ 665.651379][ T6835] binder: Bad value for 'max' [ 665.774001][ T6847] netlink: 8 bytes leftover after parsing attributes in process `syz.2.17275'. [ 666.129960][ T329] bridge_slave_1: left allmulticast mode [ 666.136174][ T329] bridge_slave_1: left promiscuous mode [ 666.141843][ T329] bridge0: port 2(bridge_slave_1) entered disabled state [ 666.150485][ T329] bridge_slave_0: left allmulticast mode [ 666.156351][ T329] bridge_slave_0: left promiscuous mode [ 666.162231][ T329] bridge0: port 1(bridge_slave_0) entered disabled state [ 666.246506][ T6875] netlink: 8 bytes leftover after parsing attributes in process `syz.3.17285'. [ 666.299122][ T329] tipc: Disabling bearer [ 666.312347][ T329] tipc: Left network mode [ 666.323420][ T329] veth1_macvtap: left promiscuous mode [ 666.333894][ T329] veth0_vlan: left promiscuous mode [ 666.496967][ T6874] bridge0: port 1(bridge_slave_0) entered blocking state [ 666.506245][ T6874] bridge0: port 1(bridge_slave_0) entered disabled state [ 666.513635][ T6874] bridge_slave_0: entered allmulticast mode [ 666.522037][ T6874] bridge_slave_0: entered promiscuous mode [ 666.528642][ T6874] bridge0: port 2(bridge_slave_1) entered blocking state [ 666.542065][ T6874] bridge0: port 2(bridge_slave_1) entered disabled state [ 666.549464][ T6874] bridge_slave_1: entered allmulticast mode [ 666.557454][ T6874] bridge_slave_1: entered promiscuous mode [ 666.704114][ T6874] bridge0: port 2(bridge_slave_1) entered blocking state [ 666.711229][ T6874] bridge0: port 2(bridge_slave_1) entered forwarding state [ 666.718614][ T6874] bridge0: port 1(bridge_slave_0) entered blocking state [ 666.725713][ T6874] bridge0: port 1(bridge_slave_0) entered forwarding state [ 666.754327][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 666.766741][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 666.785164][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 666.792271][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 666.823585][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 666.830655][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 666.894743][ T6874] veth0_vlan: entered promiscuous mode [ 666.922750][ T6874] veth1_macvtap: entered promiscuous mode [ 667.221981][T19291] usb 4-1: new high-speed USB device number 54 using dummy_hcd [ 667.261825][ T6969] __nla_validate_parse: 1 callbacks suppressed [ 667.261850][ T6969] netlink: 8 bytes leftover after parsing attributes in process `syz.0.17325'. [ 667.393274][T19291] usb 4-1: config 0 has no interfaces? [ 667.400265][T19291] usb 4-1: New USB device found, idVendor=10d6, idProduct=2200, bcdDevice= 0.02 [ 667.421943][T19291] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 667.442064][T19291] usb 4-1: SerialNumber: syz [ 667.460463][T19291] usb 4-1: config 0 descriptor?? [ 667.613455][ T6989] netlink: 8 bytes leftover after parsing attributes in process `syz.1.17334'. [ 667.636181][ T6991] netlink: 8 bytes leftover after parsing attributes in process `syz.0.17335'. [ 667.676446][ T45] usb 4-1: USB disconnect, device number 54 [ 667.981033][ T7008] netlink: 8 bytes leftover after parsing attributes in process `syz.0.17342'. [ 667.991315][ T7010] netlink: 8 bytes leftover after parsing attributes in process `syz.2.17343'. [ 668.031497][ T7014] netlink: 8 bytes leftover after parsing attributes in process `syz.2.17345'. [ 668.155527][ T7031] netlink: 8 bytes leftover after parsing attributes in process `syz.0.17353'. [ 668.251611][ T7040] netlink: 8 bytes leftover after parsing attributes in process `syz.2.17357'. [ 668.566036][ T7067] netlink: 8 bytes leftover after parsing attributes in process `syz.2.17369'. [ 670.338072][ T7145] netlink: 20 bytes leftover after parsing attributes in process `syz.1.17402'. [ 671.283983][ T7208] binder: Bad value for 'max' [ 672.663538][ T7268] binder: Bad value for 'max' [ 672.713826][ T7270] __nla_validate_parse: 6 callbacks suppressed [ 672.713850][ T7270] netlink: 8 bytes leftover after parsing attributes in process `syz.3.17464'. [ 672.942081][ T7282] netlink: 20 bytes leftover after parsing attributes in process `syz.0.17463'. [ 672.971440][ T7285] netlink: 8 bytes leftover after parsing attributes in process `syz.3.17471'. [ 673.023857][ T7293] netlink: 8 bytes leftover after parsing attributes in process `syz.2.17474'. [ 673.310744][ T7327] netlink: 8 bytes leftover after parsing attributes in process `syz.1.17491'. [ 673.513902][ T7353] netlink: 20 bytes leftover after parsing attributes in process `syz.3.17503'. [ 673.574230][ T7357] netlink: 8 bytes leftover after parsing attributes in process `syz.1.17505'. [ 674.386691][ T7435] netlink: 8 bytes leftover after parsing attributes in process `syz.3.17543'. [ 674.499913][ T7453] netlink: 8 bytes leftover after parsing attributes in process `syz.3.17552'. [ 675.033551][ T7528] netlink: 8 bytes leftover after parsing attributes in process `syz.1.17586'. [ 681.113456][ T7962] __nla_validate_parse: 4 callbacks suppressed [ 681.113479][ T7962] netlink: 8 bytes leftover after parsing attributes in process `syz.0.17794'. [ 681.649294][ T7998] netlink: 8 bytes leftover after parsing attributes in process `syz.1.17805'. [ 681.897514][ T8023] netlink: 8 bytes leftover after parsing attributes in process `syz.1.17824'. [ 682.552505][ T8062] netlink: 8 bytes leftover after parsing attributes in process `syz.3.17837'. [ 683.059537][ T8084] netlink: 8 bytes leftover after parsing attributes in process `syz.2.17854'. [ 683.895539][ T8130] netlink: 8 bytes leftover after parsing attributes in process `syz.0.17876'. [ 684.297201][ T8150] netlink: 8 bytes leftover after parsing attributes in process `syz.0.17886'. [ 684.935366][ T8172] netlink: 8 bytes leftover after parsing attributes in process `syz.1.17896'. [ 684.986007][ T8177] netlink: 8 bytes leftover after parsing attributes in process `syz.3.17899'. [ 685.433584][ T8192] netlink: 8 bytes leftover after parsing attributes in process `syz.2.17907'. [ 686.138941][ T8232] __nla_validate_parse: 1 callbacks suppressed [ 686.138967][ T8232] netlink: 8 bytes leftover after parsing attributes in process `syz.2.17927'. [ 689.559365][ T36] audit: type=1400 audit(2000000368.530:888): avc: denied { write } for pid=8435 comm="syz.0.18024" name="anycast6" dev="proc" ino=4026532517 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1 [ 689.663240][ T8450] netlink: 8 bytes leftover after parsing attributes in process `syz.3.18032'. [ 689.829085][ T8476] netlink: 8 bytes leftover after parsing attributes in process `syz.3.18044'. [ 690.047097][ T8503] netlink: 8 bytes leftover after parsing attributes in process `syz.3.18057'. [ 690.687687][ T8579] FAULT_INJECTION: forcing a failure. [ 690.687687][ T8579] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 690.709561][ T8579] CPU: 0 UID: 0 PID: 8579 Comm: syz.3.18095 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 690.709602][ T8579] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 690.709618][ T8579] Call Trace: [ 690.709626][ T8579] [ 690.709635][ T8579] __dump_stack+0x21/0x30 [ 690.709672][ T8579] dump_stack_lvl+0x10c/0x190 [ 690.709704][ T8579] ? __cfi_dump_stack_lvl+0x10/0x10 [ 690.709737][ T8579] ? check_stack_object+0x12c/0x140 [ 690.709760][ T8579] dump_stack+0x19/0x20 [ 690.709789][ T8579] should_fail_ex+0x3d9/0x530 [ 690.709814][ T8579] should_fail+0xf/0x20 [ 690.709836][ T8579] should_fail_usercopy+0x1e/0x30 [ 690.709860][ T8579] _copy_to_user+0x24/0xa0 [ 690.709889][ T8579] simple_read_from_buffer+0xed/0x160 [ 690.709920][ T8579] proc_fail_nth_read+0x19e/0x210 [ 690.709950][ T8579] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 690.709980][ T8579] ? bpf_lsm_file_permission+0xd/0x20 [ 690.710010][ T8579] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 690.710039][ T8579] vfs_read+0x27d/0xc70 [ 690.710058][ T8579] ? kmem_cache_free+0x1c1/0x510 [ 690.710082][ T8579] ? __cfi_vfs_read+0x10/0x10 [ 690.710103][ T8579] ? __kasan_check_write+0x18/0x20 [ 690.710136][ T8579] ? mutex_lock+0x92/0x1c0 [ 690.710157][ T8579] ? __cfi_mutex_lock+0x10/0x10 [ 690.710179][ T8579] ? __fget_files+0x2c5/0x340 [ 690.710205][ T8579] ksys_read+0x141/0x250 [ 690.710225][ T8579] ? __cfi_ksys_read+0x10/0x10 [ 690.710256][ T8579] ? __kasan_check_read+0x15/0x20 [ 690.710290][ T8579] __x64_sys_read+0x7f/0x90 [ 690.710311][ T8579] x64_sys_call+0x2638/0x2ee0 [ 690.710344][ T8579] do_syscall_64+0x58/0xf0 [ 690.710374][ T8579] ? clear_bhb_loop+0x50/0xa0 [ 690.710400][ T8579] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 690.710424][ T8579] RIP: 0033:0x7f13eb58e0dc [ 690.710444][ T8579] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 690.710466][ T8579] RSP: 002b:00007f13ec3c4030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 690.710491][ T8579] RAX: ffffffffffffffda RBX: 00007f13eb7e5fa0 RCX: 00007f13eb58e0dc [ 690.710515][ T8579] RDX: 000000000000000f RSI: 00007f13ec3c40a0 RDI: 0000000000000005 [ 690.710530][ T8579] RBP: 00007f13ec3c4090 R08: 0000000000000000 R09: 0000000000000000 [ 690.710544][ T8579] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000001 [ 690.710559][ T8579] R13: 00007f13eb7e6038 R14: 00007f13eb7e5fa0 R15: 00007ffcc870ecf8 [ 690.710585][ T8579] [ 690.831448][ T8585] netlink: 8 bytes leftover after parsing attributes in process `syz.1.18096'. [ 691.450599][T19291] usb 3-1: new high-speed USB device number 55 using dummy_hcd [ 691.616548][T19291] usb 3-1: config 1 has an invalid descriptor of length 68, skipping remainder of the config [ 691.640577][T19291] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 691.670588][T19291] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 691.701965][T19291] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 691.711288][T19291] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 691.719316][T19291] usb 3-1: Product: syz [ 691.737240][T19291] usb 3-1: Manufacturer: syz [ 691.742177][T19291] usb 3-1: SerialNumber: syz [ 691.955334][T19291] cdc_ncm 3-1:1.0: CDC Union missing and no IAD found [ 691.962215][ T36] audit: type=1400 audit(2000000370.931:889): avc: denied { map } for pid=8614 comm="syz.2.18113" path="/212" dev="tmpfs" ino=1329 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 691.973348][T19291] cdc_ncm 3-1:1.0: bind() failure [ 691.994749][T19291] usb 3-1: USB disconnect, device number 55 [ 692.002197][ T36] audit: type=1400 audit(2000000370.931:890): avc: denied { execute } for pid=8614 comm="syz.2.18113" path="/212" dev="tmpfs" ino=1329 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 693.908058][ T36] audit: type=1400 audit(2000000372.881:891): avc: denied { unmount } for pid=5875 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:pstore_t tclass=filesystem permissive=1 [ 694.069371][ T8757] EXT4-fs (rnullb0): VFS: Can't find ext4 filesystem [ 694.326952][ T36] audit: type=1400 audit(2000000373.301:892): avc: denied { ioctl } for pid=8772 comm="syz.3.18185" path="socket:[196603]" dev="sockfs" ino=196603 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 694.883670][ T8820] overlayfs: overlapping lowerdir path [ 695.092339][ T36] audit: type=1400 audit(2000000374.071:893): avc: denied { write } for pid=8841 comm="syz.2.18216" name="file2" dev="tmpfs" ino=1486 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 695.141594][ T8842] overlayfs: overlapping lowerdir path [ 695.151407][ T8845] rust_binder: Write failure EFAULT in pid:783 [ 701.916358][ T9144] netlink: 8 bytes leftover after parsing attributes in process `syz.1.18365'. [ 702.760128][ T9197] netlink: 8 bytes leftover after parsing attributes in process `syz.2.18391'. [ 703.188299][ T9248] netlink: 8 bytes leftover after parsing attributes in process `syz.1.18415'. [ 703.524248][ T9290] 9pnet_fd: Insufficient options for proto=fd [ 704.366669][ T9360] veth1_macvtap: left promiscuous mode [ 704.379889][ T9360] macsec0: entered promiscuous mode [ 704.395419][ T9360] macsec0: entered allmulticast mode [ 704.661400][ T9380] netlink: 8 bytes leftover after parsing attributes in process `syz.1.18471'. [ 704.901797][ T9392] FAULT_INJECTION: forcing a failure. [ 704.901797][ T9392] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 704.935323][ T9392] CPU: 1 UID: 0 PID: 9392 Comm: syz.1.18484 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 704.935363][ T9392] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 704.935380][ T9392] Call Trace: [ 704.935388][ T9392] [ 704.935398][ T9392] __dump_stack+0x21/0x30 [ 704.935435][ T9392] dump_stack_lvl+0x10c/0x190 [ 704.935467][ T9392] ? __cfi_dump_stack_lvl+0x10/0x10 [ 704.935499][ T9392] ? check_stack_object+0x12c/0x140 [ 704.935524][ T9392] dump_stack+0x19/0x20 [ 704.935554][ T9392] should_fail_ex+0x3d9/0x530 [ 704.935579][ T9392] should_fail+0xf/0x20 [ 704.935600][ T9392] should_fail_usercopy+0x1e/0x30 [ 704.935625][ T9392] _copy_to_user+0x24/0xa0 [ 704.935664][ T9392] simple_read_from_buffer+0xed/0x160 [ 704.935694][ T9392] proc_fail_nth_read+0x19e/0x210 [ 704.935724][ T9392] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 704.935754][ T9392] ? make_vfsgid+0x4d/0xa0 [ 704.935794][ T9392] ? bpf_lsm_file_permission+0xd/0x20 [ 704.935834][ T9392] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 704.935866][ T9392] vfs_read+0x27d/0xc70 [ 704.935885][ T9392] ? __cfi_atime_needs_update+0x10/0x10 [ 704.935918][ T9392] ? __cfi_vfs_read+0x10/0x10 [ 704.935937][ T9392] ? __kasan_check_write+0x18/0x20 [ 704.935971][ T9392] ? mutex_lock+0x92/0x1c0 [ 704.935993][ T9392] ? __cfi_mutex_lock+0x10/0x10 [ 704.936014][ T9392] ? __fget_files+0x2c5/0x340 [ 704.936040][ T9392] ksys_read+0x141/0x250 [ 704.936061][ T9392] ? __cfi_filldir+0x10/0x10 [ 704.936088][ T9392] ? __cfi_ksys_read+0x10/0x10 [ 704.936110][ T9392] ? __kasan_check_read+0x15/0x20 [ 704.936144][ T9392] __x64_sys_read+0x7f/0x90 [ 704.936165][ T9392] x64_sys_call+0x2638/0x2ee0 [ 704.936199][ T9392] do_syscall_64+0x58/0xf0 [ 704.936228][ T9392] ? clear_bhb_loop+0x50/0xa0 [ 704.936253][ T9392] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 704.936279][ T9392] RIP: 0033:0x7f4154b8e0dc [ 704.936298][ T9392] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 704.936319][ T9392] RSP: 002b:00007f4155a11030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 704.936346][ T9392] RAX: ffffffffffffffda RBX: 00007f4154de5fa0 RCX: 00007f4154b8e0dc [ 704.936365][ T9392] RDX: 000000000000000f RSI: 00007f4155a110a0 RDI: 0000000000000009 [ 704.936381][ T9392] RBP: 00007f4155a11090 R08: 0000000000000000 R09: 0000000000000000 [ 704.936397][ T9392] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 704.936412][ T9392] R13: 00007f4154de6038 R14: 00007f4154de5fa0 R15: 00007fff3a3a6188 [ 704.936433][ T9392] [ 706.467639][ T9441] netlink: 8 bytes leftover after parsing attributes in process `syz.0.18510'. [ 708.373428][ T9564] FAULT_INJECTION: forcing a failure. [ 708.373428][ T9564] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 708.399666][ T9564] CPU: 0 UID: 0 PID: 9564 Comm: syz.2.18566 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 708.399705][ T9564] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 708.399720][ T9564] Call Trace: [ 708.399728][ T9564] [ 708.399738][ T9564] __dump_stack+0x21/0x30 [ 708.399775][ T9564] dump_stack_lvl+0x10c/0x190 [ 708.399804][ T9564] ? __cfi_dump_stack_lvl+0x10/0x10 [ 708.399835][ T9564] ? check_stack_object+0x12c/0x140 [ 708.399858][ T9564] dump_stack+0x19/0x20 [ 708.399886][ T9564] should_fail_ex+0x3d9/0x530 [ 708.399910][ T9564] should_fail+0xf/0x20 [ 708.399931][ T9564] should_fail_usercopy+0x1e/0x30 [ 708.399955][ T9564] _copy_to_user+0x24/0xa0 [ 708.399983][ T9564] simple_read_from_buffer+0xed/0x160 [ 708.400012][ T9564] proc_fail_nth_read+0x19e/0x210 [ 708.400042][ T9564] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 708.400072][ T9564] ? bpf_lsm_file_permission+0xd/0x20 [ 708.400103][ T9564] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 708.400132][ T9564] vfs_read+0x27d/0xc70 [ 708.400154][ T9564] ? __cfi_vfs_read+0x10/0x10 [ 708.400172][ T9564] ? __kasan_check_write+0x18/0x20 [ 708.400206][ T9564] ? mutex_lock+0x92/0x1c0 [ 708.400226][ T9564] ? __cfi_mutex_lock+0x10/0x10 [ 708.400246][ T9564] ? __fget_files+0x2c5/0x340 [ 708.400272][ T9564] ksys_read+0x141/0x250 [ 708.400292][ T9564] ? __cfi_ksys_read+0x10/0x10 [ 708.400313][ T9564] ? __kasan_check_read+0x15/0x20 [ 708.400346][ T9564] __x64_sys_read+0x7f/0x90 [ 708.400367][ T9564] x64_sys_call+0x2638/0x2ee0 [ 708.400399][ T9564] do_syscall_64+0x58/0xf0 [ 708.400428][ T9564] ? clear_bhb_loop+0x50/0xa0 [ 708.400453][ T9564] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 708.400477][ T9564] RIP: 0033:0x7f128578e0dc [ 708.400505][ T9564] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 708.400527][ T9564] RSP: 002b:00007f12865d3030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 708.400552][ T9564] RAX: ffffffffffffffda RBX: 00007f12859e5fa0 RCX: 00007f128578e0dc [ 708.400570][ T9564] RDX: 000000000000000f RSI: 00007f12865d30a0 RDI: 0000000000000005 [ 708.400585][ T9564] RBP: 00007f12865d3090 R08: 0000000000000000 R09: 0000000000000000 [ 708.400601][ T9564] R10: 00000000ffffffff R11: 0000000000000246 R12: 0000000000000001 [ 708.400615][ T9564] R13: 00007f12859e6038 R14: 00007f12859e5fa0 R15: 00007fff9c82d568 [ 708.400635][ T9564] [ 708.570079][ T36] audit: type=1400 audit(2000000387.501:894): avc: denied { setcheckreqprot } for pid=9574 comm="syz.3.18572" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1 [ 708.722779][ T9586] netlink: 8 bytes leftover after parsing attributes in process `syz.1.18576'. [ 709.062381][ T9614] netlink: 8 bytes leftover after parsing attributes in process `syz.2.18590'. [ 710.362392][ T9668] FAULT_INJECTION: forcing a failure. [ 710.362392][ T9668] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 710.389566][ T9668] CPU: 0 UID: 0 PID: 9668 Comm: syz.1.18615 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 710.389605][ T9668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 710.389619][ T9668] Call Trace: [ 710.389626][ T9668] [ 710.389635][ T9668] __dump_stack+0x21/0x30 [ 710.389671][ T9668] dump_stack_lvl+0x10c/0x190 [ 710.389702][ T9668] ? __cfi_dump_stack_lvl+0x10/0x10 [ 710.389734][ T9668] ? kstrtoull+0x13b/0x1e0 [ 710.389756][ T9668] dump_stack+0x19/0x20 [ 710.389787][ T9668] should_fail_ex+0x3d9/0x530 [ 710.389810][ T9668] should_fail+0xf/0x20 [ 710.389833][ T9668] should_fail_usercopy+0x1e/0x30 [ 710.389859][ T9668] _copy_from_user+0x22/0xb0 [ 710.389888][ T9668] ___sys_sendmsg+0x159/0x2a0 [ 710.389921][ T9668] ? __sys_sendmsg+0x280/0x280 [ 710.389961][ T9668] ? proc_fail_nth_write+0x17e/0x210 [ 710.389992][ T9668] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 710.390035][ T9668] __x64_sys_sendmsg+0x1eb/0x2c0 [ 710.390068][ T9668] ? fput+0x1a5/0x240 [ 710.390095][ T9668] ? __cfi___x64_sys_sendmsg+0x10/0x10 [ 710.390128][ T9668] ? ksys_write+0x1ef/0x250 [ 710.390151][ T9668] ? __kasan_check_read+0x15/0x20 [ 710.390186][ T9668] x64_sys_call+0x2a4c/0x2ee0 [ 710.390219][ T9668] do_syscall_64+0x58/0xf0 [ 710.390248][ T9668] ? clear_bhb_loop+0x50/0xa0 [ 710.390273][ T9668] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 710.390297][ T9668] RIP: 0033:0x7f4154b8f6c9 [ 710.390316][ T9668] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 710.390335][ T9668] RSP: 002b:00007f4155a11038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 710.390369][ T9668] RAX: ffffffffffffffda RBX: 00007f4154de5fa0 RCX: 00007f4154b8f6c9 [ 710.390385][ T9668] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000005 [ 710.390398][ T9668] RBP: 00007f4155a11090 R08: 0000000000000000 R09: 0000000000000000 [ 710.390412][ T9668] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 710.390426][ T9668] R13: 00007f4154de6038 R14: 00007f4154de5fa0 R15: 00007fff3a3a6188 [ 710.390445][ T9668] [ 710.550726][ T9673] netlink: 8 bytes leftover after parsing attributes in process `syz.0.18618'. [ 711.662943][ T9709] netlink: 8 bytes leftover after parsing attributes in process `syz.2.18637'. [ 712.046069][ T9736] netlink: 8 bytes leftover after parsing attributes in process `syz.1.18648'. [ 712.498888][ T9760] netlink: 8 bytes leftover after parsing attributes in process `syz.1.18660'. [ 712.913176][ T9783] netlink: 8 bytes leftover after parsing attributes in process `syz.2.18671'. [ 713.080170][ T9784] bridge0: port 1(bridge_slave_0) entered blocking state [ 713.087260][ T9784] bridge0: port 1(bridge_slave_0) entered disabled state [ 713.107008][ T9784] bridge_slave_0: entered allmulticast mode [ 713.119857][ T9784] bridge_slave_0: entered promiscuous mode [ 713.126509][ T9784] bridge0: port 2(bridge_slave_1) entered blocking state [ 713.144817][ T9784] bridge0: port 2(bridge_slave_1) entered disabled state [ 713.159435][ T9784] bridge_slave_1: entered allmulticast mode [ 713.175883][ T9784] bridge_slave_1: entered promiscuous mode [ 713.281734][ T13] bridge_slave_1: left allmulticast mode [ 713.287610][ T13] bridge_slave_1: left promiscuous mode [ 713.293785][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 713.322615][ T13] bridge_slave_0: left allmulticast mode [ 713.338694][ T13] bridge_slave_0: left promiscuous mode [ 713.348870][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 713.525962][ T13] veth1_macvtap: left promiscuous mode [ 713.531615][ T13] veth0_vlan: left promiscuous mode [ 713.693724][ T9784] bridge0: port 2(bridge_slave_1) entered blocking state [ 713.700865][ T9784] bridge0: port 2(bridge_slave_1) entered forwarding state [ 713.708192][ T9784] bridge0: port 1(bridge_slave_0) entered blocking state [ 713.715317][ T9784] bridge0: port 1(bridge_slave_0) entered forwarding state [ 713.780978][ T329] bridge0: port 1(bridge_slave_0) entered disabled state [ 713.808720][ T329] bridge0: port 2(bridge_slave_1) entered disabled state [ 713.860404][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 713.867494][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 713.889644][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 713.896757][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 713.959686][ T9784] veth0_vlan: entered promiscuous mode [ 713.996772][ T9784] veth1_macvtap: entered promiscuous mode [ 717.197781][ T9997] netlink: 57 bytes leftover after parsing attributes in process `syz.2.18766'. [ 717.219756][ T9997] netlink: 12 bytes leftover after parsing attributes in process `syz.2.18766'. [ 717.913738][T10056] netlink: 8 bytes leftover after parsing attributes in process `syz.3.18795'. [ 718.419842][T10083] netlink: 8 bytes leftover after parsing attributes in process `syz.0.18807'. [ 718.623706][T10108] netlink: 8 bytes leftover after parsing attributes in process `syz.2.18819'. [ 719.179132][T10134] netlink: 8 bytes leftover after parsing attributes in process `syz.3.18829'. [ 720.508967][ T635] usb 2-1: new high-speed USB device number 52 using dummy_hcd [ 720.689997][ T635] usb 2-1: config index 0 descriptor too short (expected 39, got 27) [ 720.698424][ T635] usb 2-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 720.718478][ T635] usb 2-1: config 0 interface 0 has no altsetting 0 [ 720.740058][ T635] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 720.749245][ T635] usb 2-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 720.757456][ T635] usb 2-1: Product: syz [ 720.769081][ T635] usb 2-1: Manufacturer: syz [ 720.773789][ T635] usb 2-1: SerialNumber: syz [ 720.779478][ T635] usb 2-1: config 0 descriptor?? [ 720.786925][ T635] hub 2-1:0.0: bad descriptor, ignoring hub [ 720.798942][ T635] hub 2-1:0.0: probe with driver hub failed with error -5 [ 720.819731][ T635] usb 2-1: selecting invalid altsetting 0 [ 721.099042][ T45] usb 2-1: USB disconnect, device number 52 [ 722.558854][ T36] audit: type=1326 audit(2000000401.522:895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10271 comm="syz.2.18895" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f128578f6c9 code=0x0 [ 724.368477][T10370] FAULT_INJECTION: forcing a failure. [ 724.368477][T10370] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 724.398752][T10370] CPU: 0 UID: 0 PID: 10370 Comm: syz.1.18943 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 724.398792][T10370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 724.398807][T10370] Call Trace: [ 724.398816][T10370] [ 724.398826][T10370] __dump_stack+0x21/0x30 [ 724.398863][T10370] dump_stack_lvl+0x10c/0x190 [ 724.398894][T10370] ? __cfi_dump_stack_lvl+0x10/0x10 [ 724.398927][T10370] ? kstrtoull+0x13b/0x1e0 [ 724.398948][T10370] dump_stack+0x19/0x20 [ 724.398978][T10370] should_fail_ex+0x3d9/0x530 [ 724.399002][T10370] should_fail+0xf/0x20 [ 724.399023][T10370] should_fail_usercopy+0x1e/0x30 [ 724.399050][T10370] _copy_from_user+0x22/0xb0 [ 724.399078][T10370] ___sys_sendmsg+0x159/0x2a0 [ 724.399113][T10370] ? __sys_sendmsg+0x280/0x280 [ 724.399147][T10370] ? proc_fail_nth_write+0x17e/0x210 [ 724.399178][T10370] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 724.399217][T10370] __x64_sys_sendmsg+0x1eb/0x2c0 [ 724.399250][T10370] ? fput+0x1a5/0x240 [ 724.399286][T10370] ? __cfi___x64_sys_sendmsg+0x10/0x10 [ 724.399321][T10370] ? ksys_write+0x1ef/0x250 [ 724.399345][T10370] ? __kasan_check_read+0x15/0x20 [ 724.399380][T10370] x64_sys_call+0x2a4c/0x2ee0 [ 724.399414][T10370] do_syscall_64+0x58/0xf0 [ 724.399445][T10370] ? clear_bhb_loop+0x50/0xa0 [ 724.399471][T10370] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 724.399496][T10370] RIP: 0033:0x7ff55998f6c9 [ 724.399516][T10370] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 724.399537][T10370] RSP: 002b:00007ff55a77f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 724.399562][T10370] RAX: ffffffffffffffda RBX: 00007ff559be5fa0 RCX: 00007ff55998f6c9 [ 724.399581][T10370] RDX: 0000000000000000 RSI: 00002000000003c0 RDI: 0000000000000005 [ 724.399597][T10370] RBP: 00007ff55a77f090 R08: 0000000000000000 R09: 0000000000000000 [ 724.399613][T10370] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 724.399628][T10370] R13: 00007ff559be6038 R14: 00007ff559be5fa0 R15: 00007ffee43ab2f8 [ 724.399649][T10370] [ 726.451823][T10470] FAULT_INJECTION: forcing a failure. [ 726.451823][T10470] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 726.482063][T10470] CPU: 0 UID: 0 PID: 10470 Comm: syz.1.18993 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 726.482101][T10470] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 726.482117][T10470] Call Trace: [ 726.482125][T10470] [ 726.482135][T10470] __dump_stack+0x21/0x30 [ 726.482172][T10470] dump_stack_lvl+0x10c/0x190 [ 726.482202][T10470] ? __cfi_dump_stack_lvl+0x10/0x10 [ 726.482233][T10470] ? kstrtoull+0x13b/0x1e0 [ 726.482254][T10470] dump_stack+0x19/0x20 [ 726.482284][T10470] should_fail_ex+0x3d9/0x530 [ 726.482307][T10470] should_fail+0xf/0x20 [ 726.482328][T10470] should_fail_usercopy+0x1e/0x30 [ 726.482353][T10470] _copy_from_user+0x22/0xb0 [ 726.482382][T10470] ___sys_sendmsg+0x159/0x2a0 [ 726.482417][T10470] ? __sys_sendmsg+0x280/0x280 [ 726.482450][T10470] ? proc_fail_nth_write+0x17e/0x210 [ 726.482481][T10470] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 726.482519][T10470] __x64_sys_sendmsg+0x1eb/0x2c0 [ 726.482551][T10470] ? fput+0x1a5/0x240 [ 726.482578][T10470] ? __cfi___x64_sys_sendmsg+0x10/0x10 [ 726.482611][T10470] ? ksys_write+0x1ef/0x250 [ 726.482634][T10470] ? __kasan_check_read+0x15/0x20 [ 726.482669][T10470] x64_sys_call+0x2a4c/0x2ee0 [ 726.482702][T10470] do_syscall_64+0x58/0xf0 [ 726.482731][T10470] ? clear_bhb_loop+0x50/0xa0 [ 726.482757][T10470] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 726.482782][T10470] RIP: 0033:0x7ff55998f6c9 [ 726.482801][T10470] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 726.482821][T10470] RSP: 002b:00007ff55a77f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 726.482847][T10470] RAX: ffffffffffffffda RBX: 00007ff559be5fa0 RCX: 00007ff55998f6c9 [ 726.482865][T10470] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000005 [ 726.482881][T10470] RBP: 00007ff55a77f090 R08: 0000000000000000 R09: 0000000000000000 [ 726.482903][T10470] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 726.482919][T10470] R13: 00007ff559be6038 R14: 00007ff559be5fa0 R15: 00007ffee43ab2f8 [ 726.482940][T10470] [ 727.814086][T10540] netlink: 8 bytes leftover after parsing attributes in process `syz.1.19026'. [ 727.853489][T10542] overlayfs: failed to clone upperpath [ 728.011050][T10569] incfs: mount failed -22 [ 728.292218][T10611] netlink: 'syz.1.19061': attribute type 4 has an invalid length. [ 728.384865][T10621] incfs: mount failed -22 [ 728.400883][ T36] audit: type=1326 audit(2000000407.383:896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10626 comm="syz.0.19068" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f607938f6c9 code=0x0 [ 728.916616][T10695] netlink: 8 bytes leftover after parsing attributes in process `syz.1.19101'. [ 729.161478][T10731] netlink: 8 bytes leftover after parsing attributes in process `syz.2.19119'. [ 729.369770][T10743] incfs: mount failed -22 [ 729.662985][T10758] incfs: mount failed -22 [ 729.800804][T10759] bridge0: port 1(bridge_slave_0) entered blocking state [ 729.807886][T10759] bridge0: port 1(bridge_slave_0) entered disabled state [ 729.859967][T10759] bridge_slave_0: entered allmulticast mode [ 729.866408][T10759] bridge_slave_0: entered promiscuous mode [ 729.905750][T10759] bridge0: port 2(bridge_slave_1) entered blocking state [ 729.918323][T10759] bridge0: port 2(bridge_slave_1) entered disabled state [ 729.925676][T10759] bridge_slave_1: entered allmulticast mode [ 729.932265][T10759] bridge_slave_1: entered promiscuous mode [ 729.995068][ T46] bridge_slave_1: left allmulticast mode [ 730.003689][ T46] bridge_slave_1: left promiscuous mode [ 730.019663][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 730.038920][ T46] bridge_slave_0: left allmulticast mode [ 730.049087][ T46] bridge_slave_0: left promiscuous mode [ 730.054762][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 730.125441][ T36] audit: type=1400 audit(2000000409.103:897): avc: denied { associate } for pid=10784 comm="syz.3.19144" name="cpuacct.usage_percpu" scontext=root:object_r:etc_runtime_t tcontext=system_u:object_r:root_t tclass=filesystem permissive=1 [ 730.170867][ T36] audit: type=1400 audit(2000000409.143:898): avc: denied { mount } for pid=10784 comm="syz.3.19144" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1 [ 730.253259][ T46] veth1_macvtap: left promiscuous mode [ 730.259211][ T46] veth0_vlan: left promiscuous mode [ 730.338069][T10808] overlayfs: missing 'lowerdir' [ 730.393433][T10759] bridge0: port 2(bridge_slave_1) entered blocking state [ 730.400563][T10759] bridge0: port 2(bridge_slave_1) entered forwarding state [ 730.407843][T10759] bridge0: port 1(bridge_slave_0) entered blocking state [ 730.414923][T10759] bridge0: port 1(bridge_slave_0) entered forwarding state [ 730.466471][ T329] bridge0: port 1(bridge_slave_0) entered disabled state [ 730.474269][ T329] bridge0: port 2(bridge_slave_1) entered disabled state [ 730.494941][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 730.502066][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 730.526015][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 730.533123][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 730.597854][T10759] veth0_vlan: entered promiscuous mode [ 730.623455][T10759] veth1_macvtap: entered promiscuous mode [ 730.727908][ T36] audit: type=1400 audit(2000000409.703:899): avc: denied { setopt } for pid=10861 comm="syz.3.19177" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 732.983761][T11047] FAULT_INJECTION: forcing a failure. [ 732.983761][T11047] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 733.004480][T11047] CPU: 1 UID: 0 PID: 11047 Comm: syz.0.19267 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 733.004518][T11047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 733.004579][T11047] Call Trace: [ 733.004588][T11047] [ 733.004598][T11047] __dump_stack+0x21/0x30 [ 733.004635][T11047] dump_stack_lvl+0x10c/0x190 [ 733.004665][T11047] ? __cfi_dump_stack_lvl+0x10/0x10 [ 733.004697][T11047] ? check_stack_object+0x12c/0x140 [ 733.004720][T11047] dump_stack+0x19/0x20 [ 733.004749][T11047] should_fail_ex+0x3d9/0x530 [ 733.004781][T11047] should_fail+0xf/0x20 [ 733.004803][T11047] should_fail_usercopy+0x1e/0x30 [ 733.004827][T11047] _copy_to_user+0x24/0xa0 [ 733.004857][T11047] simple_read_from_buffer+0xed/0x160 [ 733.004887][T11047] proc_fail_nth_read+0x19e/0x210 [ 733.004918][T11047] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 733.004949][T11047] ? bpf_lsm_file_permission+0xd/0x20 [ 733.004987][T11047] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 733.005018][T11047] vfs_read+0x27d/0xc70 [ 733.005040][T11047] ? __cfi_vfs_read+0x10/0x10 [ 733.005059][T11047] ? __kasan_check_write+0x18/0x20 [ 733.005094][T11047] ? mutex_lock+0x92/0x1c0 [ 733.005116][T11047] ? __cfi_mutex_lock+0x10/0x10 [ 733.005137][T11047] ? __fget_files+0x2c5/0x340 [ 733.005172][T11047] ksys_read+0x141/0x250 [ 733.005192][T11047] ? __cfi_ksys_read+0x10/0x10 [ 733.005213][T11047] ? __kasan_check_read+0x15/0x20 [ 733.005247][T11047] __x64_sys_read+0x7f/0x90 [ 733.005268][T11047] x64_sys_call+0x2638/0x2ee0 [ 733.005301][T11047] do_syscall_64+0x58/0xf0 [ 733.005331][T11047] ? clear_bhb_loop+0x50/0xa0 [ 733.005357][T11047] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 733.005382][T11047] RIP: 0033:0x7f2cfb18e0dc [ 733.005410][T11047] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 733.005431][T11047] RSP: 002b:00007f2cfbf8e030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 733.005456][T11047] RAX: ffffffffffffffda RBX: 00007f2cfb3e5fa0 RCX: 00007f2cfb18e0dc [ 733.005475][T11047] RDX: 000000000000000f RSI: 00007f2cfbf8e0a0 RDI: 0000000000000005 [ 733.005491][T11047] RBP: 00007f2cfbf8e090 R08: 0000000000000000 R09: 0000000000000000 [ 733.005506][T11047] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001 [ 733.005521][T11047] R13: 00007f2cfb3e6038 R14: 00007f2cfb3e5fa0 R15: 00007ffc320b8fe8 [ 733.005550][T11047] [ 734.560630][T11191] incfs: mount failed -22 [ 735.216746][T11213] incfs_lookup_dentry err:-1 [ 735.228156][T11213] incfs: Can't find or create .index dir in ./file0 [ 735.228167][ T36] audit: type=1400 audit(2000000414.193:900): avc: denied { mounton } for pid=11212 comm="syz.3.19345" path="/file0" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=dir permissive=1 [ 735.245827][T11213] incfs: mount failed -1 [ 735.708891][T11222] bridge0: port 1(bridge_slave_0) entered blocking state [ 735.716084][T11222] bridge0: port 1(bridge_slave_0) entered disabled state [ 735.738171][T11222] bridge_slave_0: entered allmulticast mode [ 735.744603][T11222] bridge_slave_0: entered promiscuous mode [ 735.788863][T11222] bridge0: port 2(bridge_slave_1) entered blocking state [ 735.795948][T11222] bridge0: port 2(bridge_slave_1) entered disabled state [ 735.818729][T11222] bridge_slave_1: entered allmulticast mode [ 735.825159][T11222] bridge_slave_1: entered promiscuous mode [ 735.860121][T11227] /dev/nbd1: Can't lookup blockdev [ 735.904553][ T12] bridge_slave_1: left allmulticast mode [ 735.910307][ T12] bridge_slave_1: left promiscuous mode [ 735.916599][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 735.938979][ T12] bridge_slave_0: left allmulticast mode [ 735.944865][ T12] bridge_slave_0: left promiscuous mode [ 735.951275][T11233] incfs: mount failed -22 [ 735.966969][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 735.989165][T11235] 9pnet: Unknown protocol version 90.u [ 736.045643][ T36] audit: type=1400 audit(2000000415.023:901): avc: denied { read write } for pid=11240 comm="syz.0.19357" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 736.085118][ T36] audit: type=1400 audit(2000000415.023:902): avc: denied { open } for pid=11240 comm="syz.0.19357" path="/32/file0" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 736.111476][ T12] veth0_vlan: left promiscuous mode [ 736.171602][T11249] incfs_lookup_dentry err:-1 [ 736.176596][T11249] incfs: Can't find or create .index dir in ./file0 [ 736.186469][T11249] incfs: mount failed -1 [ 736.299636][T11222] bridge0: port 2(bridge_slave_1) entered blocking state [ 736.306746][T11222] bridge0: port 2(bridge_slave_1) entered forwarding state [ 736.314109][T11222] bridge0: port 1(bridge_slave_0) entered blocking state [ 736.321207][T11222] bridge0: port 1(bridge_slave_0) entered forwarding state [ 736.389260][ T329] bridge0: port 2(bridge_slave_1) entered disabled state [ 736.409119][ T329] bridge0: port 2(bridge_slave_1) entered blocking state [ 736.416207][ T329] bridge0: port 2(bridge_slave_1) entered forwarding state [ 736.444887][T11222] veth0_vlan: entered promiscuous mode [ 736.465016][T11222] veth1_macvtap: entered promiscuous mode [ 736.526238][T11263] FAULT_INJECTION: forcing a failure. [ 736.526238][T11263] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 736.539868][T11263] CPU: 0 UID: 0 PID: 11263 Comm: syz.3.19349 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 736.539906][T11263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 736.539921][T11263] Call Trace: [ 736.539929][T11263] [ 736.539939][T11263] __dump_stack+0x21/0x30 [ 736.539975][T11263] dump_stack_lvl+0x10c/0x190 [ 736.540006][T11263] ? __cfi_dump_stack_lvl+0x10/0x10 [ 736.540038][T11263] ? kstrtoull+0x13b/0x1e0 [ 736.540059][T11263] dump_stack+0x19/0x20 [ 736.540088][T11263] should_fail_ex+0x3d9/0x530 [ 736.540120][T11263] should_fail+0xf/0x20 [ 736.540142][T11263] should_fail_usercopy+0x1e/0x30 [ 736.540167][T11263] _copy_from_user+0x22/0xb0 [ 736.540196][T11263] ___sys_sendmsg+0x159/0x2a0 [ 736.540231][T11263] ? __sys_sendmsg+0x280/0x280 [ 736.540265][T11263] ? proc_fail_nth_write+0x17e/0x210 [ 736.540296][T11263] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 736.540335][T11263] __x64_sys_sendmsg+0x1eb/0x2c0 [ 736.540370][T11263] ? fput+0x1a5/0x240 [ 736.540396][T11263] ? __cfi___x64_sys_sendmsg+0x10/0x10 [ 736.540431][T11263] ? ksys_write+0x1ef/0x250 [ 736.540454][T11263] ? __kasan_check_read+0x15/0x20 [ 736.540491][T11263] x64_sys_call+0x2a4c/0x2ee0 [ 736.540525][T11263] do_syscall_64+0x58/0xf0 [ 736.540555][T11263] ? clear_bhb_loop+0x50/0xa0 [ 736.540581][T11263] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 736.540606][T11263] RIP: 0033:0x7f0c20b8f6c9 [ 736.540625][T11263] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 736.540646][T11263] RSP: 002b:00007f0c21a13038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 736.540672][T11263] RAX: ffffffffffffffda RBX: 00007f0c20de5fa0 RCX: 00007f0c20b8f6c9 [ 736.540690][T11263] RDX: 000000000404c004 RSI: 0000200000000bc0 RDI: 0000000000000005 [ 736.540707][T11263] RBP: 00007f0c21a13090 R08: 0000000000000000 R09: 0000000000000000 [ 736.540723][T11263] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 736.540739][T11263] R13: 00007f0c20de6038 R14: 00007f0c20de5fa0 R15: 00007ffd79640188 [ 736.540760][T11263] [ 737.563471][T11293] incfs_lookup_dentry err:-1 [ 737.584521][T11293] incfs: Can't find or create .index dir in ./file0 [ 737.584606][ T36] audit: type=1400 audit(2000000416.563:903): avc: denied { mounton } for pid=11294 comm="syz.0.19378" path="/41/file0" dev="tmpfs" ino=276 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1 [ 737.598095][T11293] incfs: mount failed -1 [ 737.995239][ T36] audit: type=1400 audit(2000000416.953:904): avc: denied { mount } for pid=11325 comm="syz.0.19395" name="/" dev="ramfs" ino=208026 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 738.037978][ T36] audit: type=1400 audit(2000000416.963:905): avc: denied { execute } for pid=11325 comm="syz.0.19395" path="/memory.events.local" dev="ramfs" ino=208027 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=file permissive=1 [ 738.107998][ T36] audit: type=1400 audit(2000000417.003:906): avc: denied { execute } for pid=11327 comm="syz.0.19396" path="/50/cpuacct.usage_percpu" dev="tmpfs" ino=333 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 738.204607][ T36] audit: type=1400 audit(2000000417.183:907): avc: denied { mounton } for pid=11337 comm="syz.3.19394" path="/6/file0" dev="tmpfs" ino=56 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 740.380077][T11391] 9pnet_fd: Insufficient options for proto=fd [ 740.681120][ T36] audit: type=1400 audit(2000000419.663:908): avc: denied { create } for pid=11426 comm="syz.2.19441" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 740.708058][T11427] incfs: mount failed -22 [ 740.723130][T11428] netlink: 24 bytes leftover after parsing attributes in process `syz.0.19442'. [ 741.565841][T11474] 9pnet_fd: Insufficient options for proto=fd [ 741.958936][T11490] FAULT_INJECTION: forcing a failure. [ 741.958936][T11490] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 741.991285][T11490] CPU: 0 UID: 0 PID: 11490 Comm: syz.3.19475 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 741.991325][T11490] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 741.991342][T11490] Call Trace: [ 741.991350][T11490] [ 741.991371][T11490] __dump_stack+0x21/0x30 [ 741.991409][T11490] dump_stack_lvl+0x10c/0x190 [ 741.991440][T11490] ? __cfi_dump_stack_lvl+0x10/0x10 [ 741.991473][T11490] ? is_bpf_text_address+0x17b/0x1a0 [ 741.991500][T11490] dump_stack+0x19/0x20 [ 741.991529][T11490] should_fail_ex+0x3d9/0x530 [ 741.991553][T11490] should_fail+0xf/0x20 [ 741.991575][T11490] should_fail_usercopy+0x1e/0x30 [ 741.991600][T11490] _copy_from_user+0x22/0xb0 [ 741.991630][T11490] do_ipv6_setsockopt+0x321/0x2ec0 [ 741.991661][T11490] ? __cfi_do_ipv6_setsockopt+0x10/0x10 [ 741.991689][T11490] ? kstrtoull+0x13b/0x1e0 [ 741.991709][T11490] ? avc_has_perm_noaudit+0x268/0x360 [ 741.991741][T11490] ? __asan_memcpy+0x5a/0x80 [ 741.991762][T11490] ? avc_has_perm_noaudit+0x286/0x360 [ 741.991795][T11490] ? avc_has_perm+0x144/0x220 [ 741.991838][T11490] ? __cfi_avc_has_perm+0x10/0x10 [ 741.991870][T11490] ? selinux_socket_setsockopt+0x2ea/0x390 [ 741.991905][T11490] ? __cfi_selinux_socket_setsockopt+0x10/0x10 [ 741.991941][T11490] ipv6_setsockopt+0x5d/0x170 [ 741.991969][T11490] tcp_setsockopt+0xf2/0x110 [ 741.991989][T11490] sock_common_setsockopt+0xb5/0xd0 [ 741.992014][T11490] ? __cfi_sock_common_setsockopt+0x10/0x10 [ 741.992040][T11490] do_sock_setsockopt+0x26d/0x400 [ 741.992071][T11490] ? __cfi_do_sock_setsockopt+0x10/0x10 [ 741.992106][T11490] __x64_sys_setsockopt+0x1b8/0x250 [ 741.992157][T11490] x64_sys_call+0x2adc/0x2ee0 [ 741.992204][T11490] do_syscall_64+0x58/0xf0 [ 741.992232][T11490] ? clear_bhb_loop+0x50/0xa0 [ 741.992275][T11490] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 741.992299][T11490] RIP: 0033:0x7f0c20b8f6c9 [ 741.992318][T11490] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 741.992338][T11490] RSP: 002b:00007f0c21a13038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 741.992392][T11490] RAX: ffffffffffffffda RBX: 00007f0c20de5fa0 RCX: 00007f0c20b8f6c9 [ 741.992410][T11490] RDX: 000000000000003b RSI: 0000000000000029 RDI: 0000000000000005 [ 741.992426][T11490] RBP: 00007f0c21a13090 R08: 0000000000000008 R09: 0000000000000000 [ 741.992442][T11490] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000001 [ 741.992459][T11490] R13: 00007f0c20de6038 R14: 00007f0c20de5fa0 R15: 00007ffd79640188 [ 741.992480][T11490] [ 742.273069][T11506] 9pnet_fd: Insufficient options for proto=fd [ 742.352098][T11520] netlink: 'syz.0.19486': attribute type 4 has an invalid length. [ 742.844678][T11530] 9pnet_fd: Insufficient options for proto=fd [ 745.197928][ T36] audit: type=1400 audit(2000000424.184:909): avc: denied { create } for pid=11702 comm="syz.3.19574" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=atmpvc_socket permissive=1 [ 747.399060][ T12] bridge_slave_1: left allmulticast mode [ 747.404742][ T12] bridge_slave_1: left promiscuous mode [ 747.418132][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 747.438120][ T12] bridge_slave_0: left allmulticast mode [ 747.443815][ T12] bridge_slave_0: left promiscuous mode [ 747.467506][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 747.618781][T11783] bridge0: port 1(bridge_slave_0) entered blocking state [ 747.625876][T11783] bridge0: port 1(bridge_slave_0) entered disabled state [ 747.643744][T11783] bridge_slave_0: entered allmulticast mode [ 747.650231][T11783] bridge_slave_0: entered promiscuous mode [ 747.657106][T11783] bridge0: port 2(bridge_slave_1) entered blocking state [ 747.664205][T11783] bridge0: port 2(bridge_slave_1) entered disabled state [ 747.671370][T11783] bridge_slave_1: entered allmulticast mode [ 747.677830][T11783] bridge_slave_1: entered promiscuous mode [ 747.688114][ T12] veth1_macvtap: left promiscuous mode [ 747.693684][ T12] veth0_vlan: left promiscuous mode [ 747.939278][T11783] bridge0: port 2(bridge_slave_1) entered blocking state [ 747.946379][T11783] bridge0: port 2(bridge_slave_1) entered forwarding state [ 747.953773][T11783] bridge0: port 1(bridge_slave_0) entered blocking state [ 747.960875][T11783] bridge0: port 1(bridge_slave_0) entered forwarding state [ 748.034082][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 748.045074][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 748.081909][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 748.089200][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 748.097523][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 748.104597][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 748.145033][T11783] veth0_vlan: entered promiscuous mode [ 748.160732][T11783] veth1_macvtap: entered promiscuous mode [ 748.388144][ T36] audit: type=1400 audit(2000000427.364:910): avc: denied { read } for pid=11835 comm="poweroff" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 Stopping sshd: stopped /usr/sbin/sshd (pid 202) OK Stopping crond: stopped /usr/sbin/crond (pid 194) OK [ 748.991396][T11889] FAULT_INJECTION: forcing a failure. [ 748.991396][T11889] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 749.037375][T11889] CPU: 1 UID: 0 PID: 11889 Comm: syz.2.19656 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 749.037421][T11889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 749.037438][T11889] Call Trace: [ 749.037447][T11889] [ 749.037457][T11889] __dump_stack+0x21/0x30 [ 749.037494][T11889] dump_stack_lvl+0x10c/0x190 [ 749.037524][T11889] ? __cfi_dump_stack_lvl+0x10/0x10 [ 749.037556][T11889] ? check_stack_object+0x12c/0x140 Stopping dhcpcd.[ 749.037580][T11889] dump_stack+0x19/0x20 [ 749.037609][T11889] should_fail_ex+0x3d9/0x530 [ 749.037633][T11889] should_fail+0xf/0x20 [ 749.037655][T11889] should_fail_usercopy+0x1e/0x30 .. [ 749.037680][T11889] _copy_to_user+0x24/0xa0 [ 749.037710][T11889] simple_read_from_buffer+0xed/0x160 [ 749.037740][T11889] proc_fail_nth_read+0x19e/0x210 [ 749.037770][T11889] ? avc_has_perm_noaudit+0x268/0x360 [ 749.037803][T11889] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 749.037834][T11889] ? bpf_lsm_file_permission+0xd/0x20 [ 749.037866][T11889] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 749.037896][T11889] vfs_read+0x27d/0xc70 [ 749.037917][T11889] ? __cfi_avc_has_perm+0x10/0x10 [ 749.037957][T11889] ? __cfi_vfs_read+0x10/0x10 stopped /sbin/dh[ 749.037976][T11889] ? __kasan_check_write+0x18/0x20 [ 749.038011][T11889] ? mutex_lock+0x92/0x1c0 [ 749.038031][T11889] ? __cfi_mutex_lock+0x10/0x10 cpcd (pid 148)[ 749.038052][T11889] ? __fget_files+0x2c5/0x340 [ 749.038078][T11889] ksys_read+0x141/0x250 [ 749.038098][T11889] ? __cfi_ksys_read+0x10/0x10 [ 749.038119][T11889] ? __kasan_check_read+0x15/0x20 [ 749.038153][T11889] __x64_sys_read+0x7f/0x90 [ 749.038174][T11889] x64_sys_call+0x2638/0x2ee0 [ 749.038207][T11889] do_syscall_64+0x58/0xf0 [ 749.038235][T11889] ? clear_bhb_loop+0x50/0xa0 [ 749.038261][T11889] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 749.038285][T11889] RIP: 0033:0x7f1c1ab8e0dc [ 749.038304][T11889] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 749.038325][T11889] RSP: 002b:00007f1c1b944030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 749.038350][T11889] RAX: ffffffffffffffda RBX: 00007f1c1ade5fa0 RCX: 00007f1c1ab8e0dc [ 749.038367][T11889] RDX: 000000000000000f RSI: 00007f1c1b9440a0 RDI: 0000000000000006 [ 749.038382][T11889] RBP: 00007f1c1b944090 R08: 0000000000000000 R09: 0000000000000000 [ 749.038397][T11889] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 749.038412][T11889] R13: 00007f1c1ade6038 R14: 00007f1c1ade5fa0 R15: 00007ffca8442c38 Stopping network[ 749.038432][T11889] : [ 749.447707][T11917] incfs: mount failed -22 [ 749.467074][ T36] audit: type=1400 audit(2000000428.444:911): avc: denied { unlink } for pid=149 comm="dhcpcd" name="sock" dev="tmpfs" ino=423 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=sock_file permissive=1 [ 749.587335][ T36] audit: type=1400 audit(2000000428.544:912): avc: denied { read write } for pid=11918 comm="ip" path="/dev/console" dev="rootfs" ino=101 scontext=system_u:system_r:ifconfig_t tcontext=system_u:object_r:root_t tclass=chr_file permissive=1 OK Stopping iptables: [ 749.762335][ T36] audit: type=1400 audit(2000000428.744:913): avc: denied { read write } for pid=11938 comm="iptables" path="/dev/console" dev="rootfs" ino=101 scontext=system_u:system_r:iptables_t tcontext=system_u:object_r:root_t tclass=chr_file permissive=1 OK Stopping system message bus: [ 749.839851][ T36] audit: type=1400 audit(2000000428.744:914): avc: denied { search } for pid=11938 comm="iptables" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:iptables_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 749.901182][ T36] audit: type=1400 audit(2000000428.744:915): avc: denied { write } for pid=11938 comm="iptables" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:iptables_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 749.957961][ T36] audit: type=1400 audit(2000000428.744:916): avc: denied { add_name } for pid=11938 comm="iptables" name="xtables.lock" scontext=system_u:system_r:iptables_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 done [ 750.017508][ T36] audit: type=1400 audit(2000000428.744:917): avc: denied { create } for pid=11938 comm="iptables" name="xtables.lock" scontext=system_u:system_r:iptables_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 750.087337][ T36] audit: type=1400 audit(2000000428.744:918): avc: denied { read open } for pid=11938 comm="iptables" path="/run/xtables.lock" dev="tmpfs" ino=9288 scontext=system_u:system_r:iptables_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 750.155349][ T36] audit: type=1400 audit(2000000428.744:919): avc: denied { lock } for pid=11938 comm="iptables" path="/run/xtables.lock" dev="tmpfs" ino=9288 scontext=system_u:system_r:iptables_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 Stopping klogd: OK Stopping acpid: OK Stopping syslogd: stopped /sbin/syslogd (pid 92) OK umount: can't remount debugfs read-only umount: sysfs busy - remounted read-only umount: devtmpfs busy - remounted read-only umount: can't remount /dev/root read-only The system is going down NOW! Connection to 10.128.0.20 closed by remote host. Sent SIGTERM to all processes [ 752.240257][ T46] bridge_slave_1: left allmulticast mode [ 752.245946][ T46] bridge_slave_1: left promiscuous mode [ 752.267229][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 752.278152][ T46] bridge_slave_0: left allmulticast mode [ 752.283826][ T46] bridge_slave_0: left promiscuous mode [ 752.317008][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 752.489541][ T46] veth1_macvtap: left promiscuous mode [ 752.495057][ T46] veth0_vlan: left promiscuous mode [ 752.810768][ T46] bridge_slave_1: left allmulticast mode [ 752.816427][ T46] bridge_slave_1: left promiscuous mode [ 752.822079][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 752.831214][ T46] bridge_slave_0: left allmulticast mode [ 752.836862][ T46] bridge_slave_0: left promiscuous mode [ 752.842485][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 752.850139][ T46] bridge_slave_1: left allmulticast mode [ 752.855781][ T46] bridge_slave_1: left promiscuous mode [ 752.861507][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 752.868959][ T46] bridge_slave_0: left allmulticast mode [ 752.874594][ T46] bridge_slave_0: left promiscuous mode [ 752.880283][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 752.887880][ T46] bridge_slave_1: left allmulticast mode [ 752.893513][ T46] bridge_slave_1: left promiscuous mode [ 752.899323][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 752.906844][ T46] bridge_slave_0: left allmulticast mode [ 752.912541][ T46] bridge_slave_0: left promiscuous mode [ 752.918197][ T46] bridge0: port 1(bridge_slave_0) entered disabled state Sent SIGKILL to all processes Requesting system poweroff [ 753.162572][ T46] veth1_macvtap: left promiscuous mode [ 753.168142][ T46] veth0_vlan: left promiscuous mode [ 753.173655][ T46] veth1_macvtap: left promiscuous mode [ 753.179194][ T46] veth0_vlan: left promiscuous mode [ 753.184771][ T46] veth1_macvtap: left promiscuous mode [ 753.190296][ T46] veth0_vlan: left promiscuous mode [ 754.150773][T12058] sd 0:0:1:0: [sda] Synchronizing SCSI cache [ 754.157522][T12058] ACPI: PM: Preparing to enter system sleep state S5 [ 754.164474][T12058] kvm: exiting hardware virtualization [ 754.169994][T12058] reboot: Power down serialport: VM disconnected.