last executing test programs: 2.557913017s ago: executing program 2 (id=3447): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendmmsg$inet(r2, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, 0x0, 0x0, 0x0) munmap(&(0x7f0000001000/0x4000)=nil, 0x4000) 2.518471271s ago: executing program 2 (id=3449): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x54000001, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r4, 0x0, 0x0, 0x805, 0x0, 0x0) r5 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r5, &(0x7f0000000240)={0x2, 0x0, @local}, 0x10) 1.616030977s ago: executing program 2 (id=3461): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x24000]}}, 0x0, 0x8, &(0x7f0000000300)) socket$inet6_tcp(0xa, 0x1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r0, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r1 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r1, 0x0, 0x0, 0x805, 0x0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r2, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8=0x0, @ANYRES8=r2, @ANYRES64], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r3 = syz_open_dev$loop(&(0x7f0000000240), 0xffffffff7ffffffd, 0x160862) r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_freeze_timeout', 0x82802, 0xf) ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f00000004c0)={r4, 0x0, {0x0, 0x0, 0x0, 0x4, 0x4000000000000ffd, 0x0, 0x0, 0x1e, 0xc, "faf900000080149989fc8dbe43ea6acc96e3a2503dc3bd3fe37d58128bbad0099cebdc25f5ab60c9e6d665f985881a350000ddffffff00", "32d8cc26f7061a74df2cfc06c89f3d9e234b30c50997d3bef409ff2176ff7bfe55cd4a5d83cd4a524bd3ffe70c7f3f800b2f7b6aa54cc50a1fcaed1e831fa79a", "715237601a8ca5b07dcc141802c4dacf162e43ac61f7ad330000000000a04100", [0xfffffffffffffce8, 0xa]}}) 1.40309712s ago: executing program 2 (id=3467): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, 0x0) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendmmsg$inet(r2, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000000580)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) 915.942662ms ago: executing program 0 (id=3475): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendmmsg$inet(r2, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000000580), 0x0, 0x0) munmap(&(0x7f0000001000/0x4000)=nil, 0x4000) 871.511887ms ago: executing program 0 (id=3477): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000140)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r3, 0x0, 0x0) sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r5, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mkdir(&(0x7f00000000c0)='./bus\x00', 0x0) mkdir(&(0x7f0000000040)='./file1\x00', 0x100) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@nfs_export_on}]}) 826.696022ms ago: executing program 0 (id=3479): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x54000001, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r3, 0x0, 0x0, 0x805, 0x0, 0x0) r4 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r4, &(0x7f0000000240)={0x2, 0x0, @local}, 0x10) 786.792516ms ago: executing program 0 (id=3481): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r4 = socket(0x10, 0x803, 0x0) recvmmsg(r4, &(0x7f0000009800)=[{{0x0, 0x0, 0x0}, 0x9}, {{0x0, 0x0, 0x0}, 0xe4e}, {{0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000dc0)=""/4096, 0x1000}, {&(0x7f0000000c80)=""/258, 0x102}, {&(0x7f0000000780)=""/212, 0xd4}, {&(0x7f0000000340)=""/158, 0x9e}, {&(0x7f0000000680)=""/126, 0x7e}], 0x5}, 0x81}], 0x3, 0x2142, 0x0) 765.776988ms ago: executing program 2 (id=3482): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) rt_sigaction(0xd, &(0x7f00000000c0)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x54000007, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r0, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r0, @ANYRES64], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r0, 0x0) ioctl$KVM_X86_SETUP_MCE(r0, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x177) write$binfmt_elf64(r1, &(0x7f0000000200)=ANY=[@ANYBLOB="7f454c4620040000000000000000000002003e00ebffffff7c000000000000004000000000000000820000000000000000000000090038000100feff02000300030000000f000000080000000000f6fffe070000000000000000000000000000e5"], 0xed) close(r1) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000) 738.408471ms ago: executing program 0 (id=3484): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60) ioctl$KVM_CREATE_PIT2(r5, 0x4040ae77, &(0x7f0000000040)) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x35, 0x7, 0x5, 0x180, 0x4, 0x10, 0xf1, 0x50, 0x12, 0x5, 0x0, 0x29, 0x0, 0x6, 0x0, 0xbdb], 0xffff1001, 0x43100}) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x6}]}, 0x10) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f00000003c0)={[0x60000000002, 0x1000000000, 0x0, 0x43, 0x2000001, 0x0, 0x2004cb, 0x0, 0x1000000, 0x68ff, 0x5, 0x9, 0x3], 0xeeee8000, 0x202}) ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000001c0)={{0x3000, 0xeeee0000, 0x8, 0x8, 0xb, 0xe6, 0x40, 0x0, 0x0, 0x2e, 0x80}, {0x5000, 0xeeee6001, 0x3, 0x0, 0x42, 0x5, 0x7d, 0x6, 0x4, 0x0, 0x2, 0x87}, {0x0, 0xdddd0000, 0x9, 0x5, 0x3, 0x7, 0x0, 0x9, 0x1, 0xa4, 0x5, 0x9}, {0x1, 0xeeee0000, 0x9, 0x6, 0x5, 0x42, 0xb, 0xff, 0x8, 0x7, 0xe}, {0x80a0000, 0xd000, 0xf, 0x3, 0x15, 0x7, 0xab, 0x8, 0x9, 0x9, 0xf7, 0x97}, {0xeeefa000, 0x3000, 0xe, 0xa0, 0xb1, 0x8, 0x1, 0xa0, 0x82, 0xf, 0x1, 0x7}, {0x6000, 0x3000, 0x4, 0x5, 0x7, 0x5, 0x6, 0x3, 0x8, 0x81, 0x40, 0x70}, {0xd000, 0x4000, 0xa, 0x5, 0xcd, 0x7, 0x1, 0x9, 0x5, 0xc, 0xb0, 0x9}, {0xeeef0000, 0x30}, {0x8000000, 0x7}, 0x80000031, 0x0, 0x0, 0x12024, 0x2, 0x0, 0x3000, [0x6800000000000000, 0x4, 0x3, 0x8]}) ioctl$KVM_RUN(r6, 0xae80, 0x0) 661.50749ms ago: executing program 3 (id=3488): rt_sigaction(0xd, &(0x7f0000000180)={0x0, 0x54000001, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9) r4 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r4, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x47) connect$inet(r4, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) 618.363944ms ago: executing program 3 (id=3490): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x54000001, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r3, 0x0, 0x0, 0x805, 0x0, 0x0) r4 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r4, &(0x7f0000000240)={0x2, 0x0, @local}, 0x10) 617.856754ms ago: executing program 3 (id=3492): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60) ioctl$KVM_CREATE_PIT2(r5, 0x4040ae77, &(0x7f0000000040)) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x35, 0x7, 0x5, 0x180, 0x4, 0x10, 0xf1, 0x50, 0x12, 0x5, 0x0, 0x29, 0x0, 0x6, 0x0, 0xbdb], 0xffff1001, 0x43100}) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f00000003c0)={[0x60000000002, 0x1000000000, 0x0, 0x43, 0x2000001, 0x0, 0x2004cb, 0x0, 0x1000000, 0x68ff, 0x5, 0x9, 0x3], 0xeeee8000, 0x202}) ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000001c0)={{0x3000, 0xeeee0000, 0x8, 0x8, 0xb, 0xe6, 0x40, 0x0, 0x0, 0x2e, 0x80}, {0x5000, 0xeeee6001, 0x3, 0x0, 0x42, 0x5, 0x7d, 0x6, 0x4, 0x0, 0x2, 0x87}, {0x0, 0xdddd0000, 0x9, 0x5, 0x3, 0x7, 0x0, 0x9, 0x1, 0xa4, 0x5, 0x9}, {0x1, 0xeeee0000, 0x9, 0x6, 0x5, 0x42, 0xb, 0xff, 0x8, 0x7, 0xe}, {0x80a0000, 0xd000, 0xf, 0x3, 0x15, 0x7, 0xab, 0x8, 0x9, 0x9, 0xf7, 0x97}, {0xeeefa000, 0x3000, 0xe, 0xa0, 0xb1, 0x8, 0x1, 0xa0, 0x82, 0xf, 0x1, 0x7}, {0x6000, 0x3000, 0x4, 0x5, 0x7, 0x5, 0x6, 0x3, 0x8, 0x81, 0x40, 0x70}, {0xd000, 0x4000, 0xa, 0x5, 0xcd, 0x7, 0x1, 0x9, 0x5, 0xc, 0xb0, 0x9}, {0xeeef0000, 0x30}, {0x8000000, 0x7}, 0x80000031, 0x0, 0x0, 0x12024, 0x2, 0x0, 0x3000, [0x6800000000000000, 0x4, 0x3, 0x8]}) ioctl$KVM_RUN(r6, 0xae80, 0x0) 524.446514ms ago: executing program 2 (id=3496): mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r0, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r0, @ANYRES64], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r0, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r1 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r1, 0x0, 0x0, 0x805, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) sendmmsg$inet6(r2, &(0x7f00000075c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40804) syz_clone(0x401000, 0x0, 0x0, 0x0, 0x0, 0x0) 508.567726ms ago: executing program 3 (id=3497): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0xb, 0x84) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000400)='./binderfs/binder1\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x0, 0x3}) mmap$binder(&(0x7f00000a0000)=nil, 0x0, 0x1, 0x11, r4, 0xc000000) ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000100)={0x4, 0x0, &(0x7f0000000040)=[@enter_looper], 0x0, 0x0, 0x0}) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r6, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r6, @ANYRES64=r5], 0x118) modify_ldt$write2(0x11, &(0x7f0000000200)={0x5, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x10) modify_ldt$read(0x0, &(0x7f0000000100)=""/107, 0xffffffffffffff09) 456.736461ms ago: executing program 3 (id=3500): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, 0x0, 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60) ioctl$KVM_CREATE_PIT2(r4, 0x4040ae77, &(0x7f0000000040)) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x35, 0x7, 0x5, 0x180, 0x4, 0x10, 0xf1, 0x50, 0x12, 0x5, 0x0, 0x29, 0x0, 0x6, 0x0, 0xbdb], 0xffff1001, 0x43100}) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x6}]}, 0x10) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000003c0)={[0x60000000002, 0x1000000000, 0x0, 0x43, 0x2000001, 0x0, 0x2004cb, 0x0, 0x1000000, 0x68ff, 0x5, 0x9, 0x3], 0xeeee8000, 0x202}) ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000001c0)={{0x3000, 0xeeee0000, 0x8, 0x8, 0xb, 0xe6, 0x40, 0x0, 0x0, 0x2e, 0x80}, {0x5000, 0xeeee6001, 0x3, 0x0, 0x42, 0x5, 0x7d, 0x6, 0x4, 0x0, 0x2, 0x87}, {0x0, 0xdddd0000, 0x9, 0x5, 0x3, 0x7, 0x0, 0x9, 0x1, 0xa4, 0x5, 0x9}, {0x1, 0xeeee0000, 0x9, 0x6, 0x5, 0x42, 0xb, 0xff, 0x8, 0x7, 0xe}, {0x80a0000, 0xd000, 0xf, 0x3, 0x15, 0x7, 0xab, 0x8, 0x9, 0x9, 0xf7, 0x97}, {0xeeefa000, 0x3000, 0xe, 0xa0, 0xb1, 0x8, 0x1, 0xa0, 0x82, 0xf, 0x1, 0x7}, {0x6000, 0x3000, 0x4, 0x5, 0x7, 0x5, 0x6, 0x3, 0x8, 0x81, 0x40, 0x70}, {0xd000, 0x4000, 0xa, 0x5, 0xcd, 0x7, 0x1, 0x9, 0x5, 0xc, 0xb0, 0x9}, {0xeeef0000, 0x30}, {0x8000000, 0x7}, 0x80000031, 0x0, 0x0, 0x12024, 0x2, 0x0, 0x3000, [0x6800000000000000, 0x4, 0x3, 0x8]}) ioctl$KVM_RUN(r5, 0xae80, 0x0) 404.563627ms ago: executing program 3 (id=3502): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, 0x0) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) write$UHID_CREATE2(0xffffffffffffffff, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8, @ANYRES64=r3], 0x118) r4 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_ADD_MFC_PROXY(r4, 0x29, 0xd2, &(0x7f0000000600)={{0xa, 0x0, 0x8, @local, 0xc}, {0xa, 0x4e24, 0x0, @empty}, 0x1}, 0x5c) setsockopt$MRT6_ADD_MFC_PROXY(r4, 0x29, 0xd2, &(0x7f0000000000)={{0xa, 0x4e24, 0x100, @local, 0x4}, {0xa, 0x4e23, 0x7, @empty, 0xd473}, 0x0, {[0x4, 0x7, 0x3, 0x8001, 0xe10, 0xe, 0x3]}}, 0x5c) 155.950064ms ago: executing program 1 (id=3507): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x54000001, 0x0, {[0x2]}}, 0x0, 0x0, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9) r4 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r4, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x47) connect$inet(r4, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) 126.014916ms ago: executing program 1 (id=3508): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x54000001, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) write(r0, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r3, 0x0, 0x0, 0x805, 0x0, 0x0) sendto$inet(r3, 0x0, 0x0, 0x80, 0x0, 0x0) r4 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r4, &(0x7f0000000240)={0x2, 0x0, @local}, 0x10) 60.844764ms ago: executing program 1 (id=3509): r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x2) ioctl$KVM_SET_DEBUGREGS(r1, 0x4080aea2, 0x0) 60.723884ms ago: executing program 1 (id=3510): mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) 60.483324ms ago: executing program 0 (id=3511): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, 0x0, 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60) ioctl$KVM_CREATE_PIT2(r4, 0x4040ae77, &(0x7f0000000040)) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x35, 0x7, 0x5, 0x180, 0x4, 0x10, 0xf1, 0x50, 0x12, 0x5, 0x0, 0x29, 0x0, 0x6, 0x0, 0xbdb], 0xffff1001, 0x43100}) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x6}]}, 0x10) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000003c0)={[0x60000000002, 0x1000000000, 0x0, 0x43, 0x2000001, 0x0, 0x2004cb, 0x0, 0x1000000, 0x68ff, 0x5, 0x9, 0x3], 0xeeee8000, 0x202}) ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000001c0)={{0x3000, 0xeeee0000, 0x8, 0x8, 0xb, 0xe6, 0x40, 0x0, 0x0, 0x2e, 0x80}, {0x5000, 0xeeee6001, 0x3, 0x0, 0x42, 0x5, 0x7d, 0x6, 0x4, 0x0, 0x2, 0x87}, {0x0, 0xdddd0000, 0x9, 0x5, 0x3, 0x7, 0x0, 0x9, 0x1, 0xa4, 0x5, 0x9}, {0x1, 0xeeee0000, 0x9, 0x6, 0x5, 0x42, 0xb, 0xff, 0x8, 0x7, 0xe}, {0x80a0000, 0xd000, 0xf, 0x3, 0x15, 0x7, 0xab, 0x8, 0x9, 0x9, 0xf7, 0x97}, {0xeeefa000, 0x3000, 0xe, 0xa0, 0xb1, 0x8, 0x1, 0xa0, 0x82, 0xf, 0x1, 0x7}, {0x6000, 0x3000, 0x4, 0x5, 0x7, 0x5, 0x6, 0x3, 0x8, 0x81, 0x40, 0x70}, {0xd000, 0x4000, 0xa, 0x5, 0xcd, 0x7, 0x1, 0x9, 0x5, 0xc, 0xb0, 0x9}, {0xeeef0000, 0x30}, {0x8000000, 0x7}, 0x80000031, 0x0, 0x0, 0x12024, 0x2, 0x0, 0x3000, [0x6800000000000000, 0x4, 0x3, 0x8]}) ioctl$KVM_RUN(r5, 0xae80, 0x0) 32.880477ms ago: executing program 1 (id=3512): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) mkdir(&(0x7f00000000c0)='./bus\x00', 0x0) mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r3, &(0x7f0000000140)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r3, @ANYRES64=r2], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r3, 0x0) ioctl$KVM_X86_SETUP_MCE(r3, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) pipe(&(0x7f00000004c0)={0xffffffffffffffff}) fstat(r4, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0}) setreuid(0x0, r5) mount$fuse(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100), 0x208010, &(0x7f0000000500)=ANY=[@ANYBLOB="66642d6b3d24b80654dafacfd87ddeb9c00620a6de96bb5c42104a0cd1baa01c6d8e2e805e4f16c0ada921a415b41775d97df768b7e02d0bf4ede6e27106c875e1a994dbbed373de912eace00b28c73db003c0c25effa3dcc487336bf2fe57", @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=r5, @ANYBLOB=',group_id=', @ANYRESDEC, @ANYBLOB=',max_read=0x0000000000000003,default_permissions,fowner=', @ANYRESDEC=0xee00, @ANYBLOB=',\x00']) chdir(&(0x7f00000001c0)='./bus\x00') openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) 0s ago: executing program 1 (id=3513): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendmmsg$inet(r2, &(0x7f0000000a40), 0x0, 0x40040) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000000580)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) kernel console output (not intermixed with test programs): entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 362.151239][ T3837] RIP: 0033:0x7f42edd8f6c9 [ 362.151256][ T3837] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 362.151272][ T3837] RSP: 002b:00007f42eeb8a038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 362.151294][ T3837] RAX: ffffffffffffffda RBX: 00007f42edfe5fa0 RCX: 00007f42edd8f6c9 [ 362.151309][ T3837] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 00002000000000c0 [ 362.151321][ T3837] RBP: 00007f42eeb8a090 R08: 0000000000000000 R09: 0000000000000000 [ 362.151334][ T3837] R10: 0000000002002814 R11: 0000000000000246 R12: 0000000000000001 [ 362.151345][ T3837] R13: 00007f42edfe6038 R14: 00007f42edfe5fa0 R15: 00007ffd58d15388 [ 362.151361][ T3837] [ 362.414719][ T3869] FAULT_INJECTION: forcing a failure. [ 362.414719][ T3869] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 362.432795][ T3869] CPU: 0 UID: 0 PID: 3869 Comm: syz.0.1682 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 362.432826][ T3869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 362.432837][ T3869] Call Trace: [ 362.432844][ T3869] [ 362.432851][ T3869] __dump_stack+0x21/0x30 [ 362.432881][ T3869] dump_stack_lvl+0x10c/0x190 [ 362.432901][ T3869] ? __cfi_dump_stack_lvl+0x10/0x10 [ 362.432924][ T3869] dump_stack+0x19/0x20 [ 362.432944][ T3869] should_fail_ex+0x3d9/0x530 [ 362.432963][ T3869] should_fail_alloc_page+0xeb/0x110 [ 362.432986][ T3869] __alloc_pages_noprof+0x19b/0x7b0 [ 362.433009][ T3869] ? __kernel_text_address+0x11/0x40 [ 362.433032][ T3869] ? unwind_get_return_address+0x51/0x90 [ 362.433054][ T3869] ? __cfi___alloc_pages_noprof+0x10/0x10 [ 362.433079][ T3869] ? stack_depot_save_flags+0x38/0x800 [ 362.433100][ T3869] __folio_alloc_noprof+0x14/0x80 [ 362.433122][ T3869] shmem_alloc_and_add_folio+0x452/0x1050 [ 362.433145][ T3869] ? avc_has_perm_noaudit+0x268/0x360 [ 362.433172][ T3869] ? put_swap_device+0x130/0x130 [ 362.433193][ T3869] ? shmem_huge_global_enabled+0x2da/0x360 [ 362.433213][ T3869] ? shmem_allowable_huge_orders+0x1f7/0x430 [ 362.433233][ T3869] ? dput+0xd0/0x510 [ 362.433256][ T3869] shmem_get_folio_gfp+0x5f0/0x1380 [ 362.433277][ T3869] ? shmem_get_folio+0xc0/0xc0 [ 362.433295][ T3869] ? inode_maybe_inc_iversion+0x17d/0x1e0 [ 362.433319][ T3869] ? __cfi_inode_maybe_inc_iversion+0x10/0x10 [ 362.433343][ T3869] ? inode_to_bdi+0x6d/0x100 [ 362.433366][ T3869] shmem_write_begin+0xf4/0x270 [ 362.433387][ T3869] generic_perform_write+0x330/0x960 [ 362.433411][ T3869] ? locked_inode_to_wb_and_lock_list+0x205/0x2e0 [ 362.433432][ T3869] ? __cfi_generic_perform_write+0x10/0x10 [ 362.433456][ T3869] ? down_write+0xe9/0x2a0 [ 362.433475][ T3869] ? mnt_get_write_access_file+0x1af/0x3b0 [ 362.433497][ T3869] ? mnt_put_write_access_file+0xc2/0x100 [ 362.433519][ T3869] ? file_update_time+0x1ef/0x220 [ 362.433542][ T3869] shmem_file_write_iter+0x105/0x130 [ 362.433566][ T3869] do_iter_readv_writev+0x628/0x810 [ 362.433585][ T3869] ? vfs_iter_read+0x5f0/0x5f0 [ 362.433603][ T3869] ? __cfi_file_remove_privs_flags+0x10/0x10 [ 362.433627][ T3869] ? _parse_integer+0x2e/0x40 [ 362.433652][ T3869] ? ovl_path_type+0x1c1/0x3f0 [ 362.433686][ T3869] ? bpf_lsm_file_permission+0xd/0x20 [ 362.433712][ T3869] vfs_iter_write+0x345/0x920 [ 362.433730][ T3869] backing_file_write_iter+0x34f/0x890 [ 362.433754][ T3869] ovl_write_iter+0x391/0x490 [ 362.433774][ T3869] ? __cfi_ovl_write_iter+0x10/0x10 [ 362.433793][ T3869] ? proc_fail_nth_write+0x17e/0x210 [ 362.433817][ T3869] ? __cfi_ovl_file_end_write+0x10/0x10 [ 362.433839][ T3869] vfs_write+0x718/0xf30 [ 362.433855][ T3869] ? __cfi_ovl_write_iter+0x10/0x10 [ 362.433875][ T3869] ? __cfi_vfs_write+0x10/0x10 [ 362.433892][ T3869] ? __cfi_mutex_lock+0x10/0x10 [ 362.433910][ T3869] ksys_write+0x141/0x250 [ 362.433927][ T3869] ? __cfi_ksys_write+0x10/0x10 [ 362.433943][ T3869] ? __kasan_check_read+0x15/0x20 [ 362.433970][ T3869] __x64_sys_write+0x7f/0x90 [ 362.433987][ T3869] x64_sys_call+0x271c/0x2ee0 [ 362.434013][ T3869] do_syscall_64+0x58/0xf0 [ 362.434035][ T3869] ? clear_bhb_loop+0x50/0xa0 [ 362.434056][ T3869] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 362.434075][ T3869] RIP: 0033:0x7fe80e18f6c9 [ 362.434091][ T3869] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 362.434106][ T3869] RSP: 002b:00007fe80f047038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 362.434127][ T3869] RAX: ffffffffffffffda RBX: 00007fe80e3e5fa0 RCX: 00007fe80e18f6c9 [ 362.434142][ T3869] RDX: 0000000000000118 RSI: 0000200000000340 RDI: 0000000000000006 [ 362.434154][ T3869] RBP: 00007fe80f047090 R08: 0000000000000000 R09: 0000000000000000 [ 362.434166][ T3869] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 362.434178][ T3869] R13: 00007fe80e3e6038 R14: 00007fe80e3e5fa0 R15: 00007ffcf305f9d8 [ 362.434194][ T3869] [ 362.846754][ T36] kauditd_printk_skb: 6 callbacks suppressed [ 362.846769][ T36] audit: type=1400 audit(1763162570.319:181): avc: denied { read write } for pid=3879 comm="syz.3.1690" name="rnullb0" dev="devtmpfs" ino=31 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 362.876279][ T36] audit: type=1400 audit(1763162570.319:182): avc: denied { ioctl open } for pid=3879 comm="syz.3.1690" path="/dev/rnullb0" dev="devtmpfs" ino=31 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 362.933381][ T36] audit: type=1400 audit(1763162570.399:183): avc: denied { append } for pid=3887 comm="syz.2.1691" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 363.086078][ T3896] FAULT_INJECTION: forcing a failure. [ 363.086078][ T3896] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 363.124537][ T3896] CPU: 1 UID: 0 PID: 3896 Comm: syz.3.1695 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 363.124569][ T3896] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 363.124586][ T3896] Call Trace: [ 363.124592][ T3896] [ 363.124604][ T3896] __dump_stack+0x21/0x30 [ 363.124633][ T3896] dump_stack_lvl+0x10c/0x190 [ 363.124653][ T3896] ? __cfi_dump_stack_lvl+0x10/0x10 [ 363.124675][ T3896] ? check_stack_object+0x12c/0x140 [ 363.124693][ T3896] dump_stack+0x19/0x20 [ 363.124715][ T3896] should_fail_ex+0x3d9/0x530 [ 363.124734][ T3896] should_fail+0xf/0x20 [ 363.124751][ T3896] should_fail_usercopy+0x1e/0x30 [ 363.124774][ T3896] _copy_from_user+0x22/0xb0 [ 363.124797][ T3896] __copy_msghdr+0x3ec/0x5d0 [ 363.124826][ T3896] ___sys_sendmsg+0x1a6/0x2a0 [ 363.124850][ T3896] ? __sys_sendmsg+0x280/0x280 [ 363.124875][ T3896] ? kstrtouint+0x78/0xf0 [ 363.124897][ T3896] __sys_sendmmsg+0x271/0x470 [ 363.124922][ T3896] ? __cfi___sys_sendmmsg+0x10/0x10 [ 363.124956][ T3896] ? __cfi_ksys_write+0x10/0x10 [ 363.124974][ T3896] __x64_sys_sendmmsg+0xa4/0xc0 [ 363.125000][ T3896] x64_sys_call+0xfec/0x2ee0 [ 363.125025][ T3896] do_syscall_64+0x58/0xf0 [ 363.125048][ T3896] ? clear_bhb_loop+0x50/0xa0 [ 363.125069][ T3896] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 363.125111][ T3896] RIP: 0033:0x7fa579d8f6c9 [ 363.125128][ T3896] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 363.125144][ T3896] RSP: 002b:00007fa57ac0e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 363.125166][ T3896] RAX: ffffffffffffffda RBX: 00007fa579fe5fa0 RCX: 00007fa579d8f6c9 [ 363.125181][ T3896] RDX: 0000000000000001 RSI: 0000200000000440 RDI: 0000000000000006 [ 363.125193][ T3896] RBP: 00007fa57ac0e090 R08: 0000000000000000 R09: 0000000000000000 [ 363.125205][ T3896] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 363.125217][ T3896] R13: 00007fa579fe6038 R14: 00007fa579fe5fa0 R15: 00007ffcc4991328 [ 363.125233][ T3896] [ 363.508813][ T36] audit: type=1400 audit(1763162570.979:184): avc: denied { write } for pid=3913 comm="syz.1.1704" name="fib_trie" dev="proc" ino=4026532421 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1 [ 363.894525][ T3942] process 'syz.3.1719' launched './file1' with NULL argv: empty string added [ 363.919532][ T36] audit: type=1400 audit(1763162571.389:185): avc: denied { execute_no_trans } for pid=3941 comm="syz.3.1719" path="/449/file1" dev="tmpfs" ino=3064 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 363.969698][ T3946] FAULT_INJECTION: forcing a failure. [ 363.969698][ T3946] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 363.993602][ T3946] CPU: 1 UID: 0 PID: 3946 Comm: syz.0.1720 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 363.993643][ T3946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 363.993654][ T3946] Call Trace: [ 363.993660][ T3946] [ 363.993668][ T3946] __dump_stack+0x21/0x30 [ 363.993697][ T3946] dump_stack_lvl+0x10c/0x190 [ 363.993719][ T3946] ? __cfi_dump_stack_lvl+0x10/0x10 [ 363.993745][ T3946] dump_stack+0x19/0x20 [ 363.993767][ T3946] should_fail_ex+0x3d9/0x530 [ 363.993787][ T3946] should_fail+0xf/0x20 [ 363.993803][ T3946] should_fail_usercopy+0x1e/0x30 [ 363.993823][ T3946] _copy_from_user+0x22/0xb0 [ 363.993845][ T3946] __se_sys_mount+0x182/0x480 [ 363.993863][ T3946] ? ksys_write+0x1ef/0x250 [ 363.993880][ T3946] ? __x64_sys_mount+0xf0/0xf0 [ 363.993898][ T3946] __x64_sys_mount+0xc3/0xf0 [ 363.993915][ T3946] x64_sys_call+0x2021/0x2ee0 [ 363.993939][ T3946] do_syscall_64+0x58/0xf0 [ 363.993962][ T3946] ? clear_bhb_loop+0x50/0xa0 [ 363.993982][ T3946] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 363.994001][ T3946] RIP: 0033:0x7fe80e18f6c9 [ 363.994017][ T3946] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 363.994033][ T3946] RSP: 002b:00007fe80f047038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 363.994054][ T3946] RAX: ffffffffffffffda RBX: 00007fe80e3e5fa0 RCX: 00007fe80e18f6c9 [ 363.994070][ T3946] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000000 [ 363.994083][ T3946] RBP: 00007fe80f047090 R08: 0000200000000200 R09: 0000000000000000 [ 363.994095][ T3946] R10: 0000000002010860 R11: 0000000000000246 R12: 0000000000000001 [ 363.994107][ T3946] R13: 00007fe80e3e6038 R14: 00007fe80e3e5fa0 R15: 00007ffcf305f9d8 [ 363.994123][ T3946] [ 364.138255][ T36] audit: type=1400 audit(1763162571.609:186): avc: denied { create } for pid=3949 comm="syz.2.1722" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 364.146318][ T3946] ======================================================= [ 364.146318][ T3946] WARNING: The mand mount option has been deprecated and [ 364.146318][ T3946] and is ignored by this kernel. Remove the mand [ 364.146318][ T3946] option from the mount to silence this warning. [ 364.146318][ T3946] ======================================================= [ 364.171548][ T36] audit: type=1400 audit(1763162571.619:187): avc: denied { remount } for pid=3945 comm="syz.0.1720" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 364.237389][ T3946] SELinux: security_context_str_to_sid (s) failed with errno=-22 [ 364.367804][ T36] audit: type=1400 audit(1763162571.639:188): avc: denied { connect } for pid=3949 comm="syz.2.1722" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 364.405956][ T3967] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 364.414688][ T36] audit: type=1400 audit(1763162571.879:189): avc: denied { append } for pid=3966 comm="syz.3.1730" name="001" dev="devtmpfs" ino=114 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 364.439375][ T3967] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 364.504065][ T3979] FAULT_INJECTION: forcing a failure. [ 364.504065][ T3979] name failslab, interval 1, probability 0, space 0, times 0 [ 364.518924][ T3979] CPU: 1 UID: 0 PID: 3979 Comm: syz.3.1736 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 364.518956][ T3979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 364.518968][ T3979] Call Trace: [ 364.518974][ T3979] [ 364.518981][ T3979] __dump_stack+0x21/0x30 [ 364.519009][ T3979] dump_stack_lvl+0x10c/0x190 [ 364.519030][ T3979] ? __cfi_dump_stack_lvl+0x10/0x10 [ 364.519051][ T3979] ? __kasan_check_write+0x18/0x20 [ 364.519076][ T3979] ? proc_fail_nth_write+0x17e/0x210 [ 364.519098][ T3979] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 364.519119][ T3979] dump_stack+0x19/0x20 [ 364.519139][ T3979] should_fail_ex+0x3d9/0x530 [ 364.519156][ T3979] should_failslab+0xac/0x100 [ 364.519175][ T3979] kmem_cache_alloc_noprof+0x42/0x430 [ 364.519191][ T3979] ? getname_flags+0xc6/0x710 [ 364.519211][ T3979] getname_flags+0xc6/0x710 [ 364.519228][ T3979] ? build_open_flags+0x487/0x600 [ 364.519252][ T3979] getname+0x1b/0x30 [ 364.519268][ T3979] do_sys_openat2+0xcb/0x1c0 [ 364.519289][ T3979] ? fput+0x1a5/0x240 [ 364.519309][ T3979] ? do_sys_open+0x100/0x100 [ 364.519330][ T3979] ? ksys_write+0x1ef/0x250 [ 364.519346][ T3979] ? __cfi_ksys_write+0x10/0x10 [ 364.519363][ T3979] __x64_sys_openat+0x13a/0x170 [ 364.519387][ T3979] x64_sys_call+0xe69/0x2ee0 [ 364.519410][ T3979] do_syscall_64+0x58/0xf0 [ 364.519432][ T3979] ? clear_bhb_loop+0x50/0xa0 [ 364.519452][ T3979] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 364.519470][ T3979] RIP: 0033:0x7fa579d8f6c9 [ 364.519486][ T3979] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 364.519503][ T3979] RSP: 002b:00007fa57ac0e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 364.519524][ T3979] RAX: ffffffffffffffda RBX: 00007fa579fe5fa0 RCX: 00007fa579d8f6c9 [ 364.519539][ T3979] RDX: 0000000000048801 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 364.519552][ T3979] RBP: 00007fa57ac0e090 R08: 0000000000000000 R09: 0000000000000000 [ 364.519565][ T3979] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 364.519577][ T3979] R13: 00007fa579fe6038 R14: 00007fa579fe5fa0 R15: 00007ffcc4991328 [ 364.519593][ T3979] [ 364.767747][ T3992] FAULT_INJECTION: forcing a failure. [ 364.767747][ T3992] name failslab, interval 1, probability 0, space 0, times 0 [ 364.780490][ T3992] CPU: 1 UID: 0 PID: 3992 Comm: syz.0.1741 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 364.780520][ T3992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 364.780532][ T3992] Call Trace: [ 364.780538][ T3992] [ 364.780545][ T3992] __dump_stack+0x21/0x30 [ 364.780597][ T3992] dump_stack_lvl+0x10c/0x190 [ 364.780620][ T3992] ? __cfi_dump_stack_lvl+0x10/0x10 [ 364.780643][ T3992] ? selinux_file_open+0x457/0x610 [ 364.780666][ T3992] ? __cfi_selinux_file_open+0x10/0x10 [ 364.780687][ T3992] dump_stack+0x19/0x20 [ 364.780709][ T3992] should_fail_ex+0x3d9/0x530 [ 364.780728][ T3992] should_failslab+0xac/0x100 [ 364.780749][ T3992] kmem_cache_alloc_lru_noprof+0x44/0x430 [ 364.780768][ T3992] ? __d_alloc+0x42/0x8e0 [ 364.780792][ T3992] __d_alloc+0x42/0x8e0 [ 364.780823][ T3992] ? ilookup+0x2e6/0x360 [ 364.780844][ T3992] d_alloc_pseudo+0x23/0xc0 [ 364.780868][ T3992] alloc_file_pseudo_noaccount+0xcd/0x310 [ 364.780891][ T3992] ? _atomic_dec_and_lock+0x98/0x120 [ 364.780915][ T3992] ? __cfi_alloc_file_pseudo_noaccount+0x10/0x10 [ 364.780937][ T3992] ? __cfi_bd_prepare_to_claim+0x10/0x10 [ 364.780958][ T3992] bdev_file_open_by_dev+0x17e/0x240 [ 364.780978][ T3992] disk_scan_partitions+0x1c5/0x2d0 [ 364.781004][ T3992] blkdev_common_ioctl+0x17e8/0x2810 [ 364.781029][ T3992] ? blkdev_bszset+0x220/0x220 [ 364.781053][ T3992] ? has_cap_mac_admin+0xd0/0xd0 [ 364.781075][ T3992] ? proc_fail_nth_write+0x17e/0x210 [ 364.781098][ T3992] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 364.781122][ T3992] ? selinux_file_ioctl+0x6e0/0x1360 [ 364.781143][ T3992] ? vfs_write+0x93e/0xf30 [ 364.781159][ T3992] ? __cfi_selinux_file_ioctl+0x10/0x10 [ 364.781180][ T3992] ? __cfi_vfs_write+0x10/0x10 [ 364.781196][ T3992] ? __kasan_check_write+0x18/0x20 [ 364.781221][ T3992] ? mutex_unlock+0x8b/0x240 [ 364.781238][ T3992] ? __cfi_mutex_unlock+0x10/0x10 [ 364.781254][ T3992] ? __fget_files+0x2c5/0x340 [ 364.781274][ T3992] blkdev_ioctl+0x484/0x680 [ 364.781297][ T3992] ? __cfi_blkdev_ioctl+0x10/0x10 [ 364.781321][ T3992] ? bpf_lsm_file_ioctl+0xd/0x20 [ 364.781345][ T3992] ? security_file_ioctl+0x34/0xd0 [ 364.781364][ T3992] ? __cfi_blkdev_ioctl+0x10/0x10 [ 364.781387][ T3992] __se_sys_ioctl+0x135/0x1b0 [ 364.781407][ T3992] __x64_sys_ioctl+0x7f/0xa0 [ 364.781426][ T3992] x64_sys_call+0x1878/0x2ee0 [ 364.781451][ T3992] do_syscall_64+0x58/0xf0 [ 364.781473][ T3992] ? clear_bhb_loop+0x50/0xa0 [ 364.781493][ T3992] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 364.781512][ T3992] RIP: 0033:0x7fe80e18f6c9 [ 364.781529][ T3992] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 364.781545][ T3992] RSP: 002b:00007fe80f047038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 364.781566][ T3992] RAX: ffffffffffffffda RBX: 00007fe80e3e5fa0 RCX: 00007fe80e18f6c9 [ 364.781580][ T3992] RDX: 0000000000000000 RSI: 000000000000125f RDI: 0000000000000005 [ 364.781592][ T3992] RBP: 00007fe80f047090 R08: 0000000000000000 R09: 0000000000000000 [ 364.781604][ T3992] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 364.781615][ T3992] R13: 00007fe80e3e6038 R14: 00007fe80e3e5fa0 R15: 00007ffcf305f9d8 [ 364.781631][ T3992] [ 365.120683][ T3993] FAULT_INJECTION: forcing a failure. [ 365.120683][ T3993] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 365.133834][ T3993] CPU: 1 UID: 0 PID: 3993 Comm: syz.3.1738 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 365.133870][ T3993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 365.133883][ T3993] Call Trace: [ 365.133889][ T3993] [ 365.133897][ T3993] __dump_stack+0x21/0x30 [ 365.133927][ T3993] dump_stack_lvl+0x10c/0x190 [ 365.133950][ T3993] ? __cfi_dump_stack_lvl+0x10/0x10 [ 365.133974][ T3993] ? vsnprintf+0x7b4/0x1aa0 [ 365.133996][ T3993] ? check_stack_object+0x107/0x140 [ 365.134015][ T3993] dump_stack+0x19/0x20 [ 365.134037][ T3993] should_fail_ex+0x3d9/0x530 [ 365.134057][ T3993] should_fail+0xf/0x20 [ 365.134074][ T3993] should_fail_usercopy+0x1e/0x30 [ 365.134093][ T3993] _copy_from_user+0x22/0xb0 [ 365.134116][ T3993] kstrtouint_from_user+0xc2/0x150 [ 365.134134][ T3993] ? __cfi_kstrtouint_from_user+0x10/0x10 [ 365.134151][ T3993] ? selinux_file_permission+0x309/0xb30 [ 365.134175][ T3993] ? __cfi_selinux_file_permission+0x10/0x10 [ 365.134197][ T3993] proc_fail_nth_write+0x89/0x210 [ 365.134220][ T3993] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 365.134248][ T3993] ? bpf_lsm_file_permission+0xd/0x20 [ 365.134272][ T3993] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 365.134295][ T3993] vfs_write+0x3c0/0xf30 [ 365.134313][ T3993] ? __cfi_vfs_write+0x10/0x10 [ 365.134329][ T3993] ? __kasan_check_write+0x18/0x20 [ 365.134355][ T3993] ? mutex_lock+0x92/0x1c0 [ 365.134370][ T3993] ? __cfi_mutex_lock+0x10/0x10 [ 365.134387][ T3993] ? __fget_files+0x2c5/0x340 [ 365.134409][ T3993] ksys_write+0x141/0x250 [ 365.134426][ T3993] ? __cfi_ksys_write+0x10/0x10 [ 365.134443][ T3993] ? fdget+0x189/0x1f0 [ 365.134461][ T3993] ? __kasan_check_read+0x15/0x20 [ 365.134487][ T3993] __x64_sys_write+0x7f/0x90 [ 365.134504][ T3993] x64_sys_call+0x271c/0x2ee0 [ 365.134528][ T3993] do_syscall_64+0x58/0xf0 [ 365.134549][ T3993] ? clear_bhb_loop+0x50/0xa0 [ 365.134568][ T3993] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 365.134587][ T3993] RIP: 0033:0x7fa579d8e17f [ 365.134602][ T3993] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 365.134619][ T3993] RSP: 002b:00007fa57abec030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 365.134639][ T3993] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fa579d8e17f [ 365.134650][ T3993] RDX: 0000000000000001 RSI: 00007fa57abec0a0 RDI: 0000000000000005 [ 365.134661][ T3993] RBP: 00007fa57abec090 R08: 0000000000000000 R09: 0000000000000000 [ 365.134672][ T3993] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 365.134682][ T3993] R13: 00007fa579fe6128 R14: 00007fa579fe6090 R15: 00007ffcc4991328 [ 365.134696][ T3993] [ 365.406354][ T4007] FAULT_INJECTION: forcing a failure. [ 365.406354][ T4007] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 365.419511][ T4007] CPU: 1 UID: 0 PID: 4007 Comm: syz.0.1747 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 365.419545][ T4007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 365.419557][ T4007] Call Trace: [ 365.419563][ T4007] [ 365.419570][ T4007] __dump_stack+0x21/0x30 [ 365.419599][ T4007] dump_stack_lvl+0x10c/0x190 [ 365.419622][ T4007] ? __cfi_dump_stack_lvl+0x10/0x10 [ 365.419646][ T4007] ? check_stack_object+0x12c/0x140 [ 365.419665][ T4007] dump_stack+0x19/0x20 [ 365.419687][ T4007] should_fail_ex+0x3d9/0x530 [ 365.419706][ T4007] should_fail+0xf/0x20 [ 365.419723][ T4007] should_fail_usercopy+0x1e/0x30 [ 365.419742][ T4007] _copy_to_user+0x24/0xa0 [ 365.419761][ T4007] simple_read_from_buffer+0xed/0x160 [ 365.419784][ T4007] proc_fail_nth_read+0x19e/0x210 [ 365.419807][ T4007] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 365.419836][ T4007] ? bpf_lsm_file_permission+0xd/0x20 [ 365.419860][ T4007] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 365.419882][ T4007] vfs_read+0x27d/0xc70 [ 365.419899][ T4007] ? __cfi_vfs_read+0x10/0x10 [ 365.419915][ T4007] ? __kasan_check_write+0x18/0x20 [ 365.419940][ T4007] ? mutex_lock+0x92/0x1c0 [ 365.419957][ T4007] ? __cfi_mutex_lock+0x10/0x10 [ 365.419973][ T4007] ? __fget_files+0x2c5/0x340 [ 365.419994][ T4007] ksys_read+0x141/0x250 [ 365.420010][ T4007] ? __cfi_ksys_read+0x10/0x10 [ 365.420025][ T4007] ? __kasan_check_read+0x15/0x20 [ 365.420049][ T4007] __x64_sys_read+0x7f/0x90 [ 365.420064][ T4007] x64_sys_call+0x2638/0x2ee0 [ 365.420088][ T4007] do_syscall_64+0x58/0xf0 [ 365.420110][ T4007] ? clear_bhb_loop+0x50/0xa0 [ 365.420130][ T4007] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 365.420149][ T4007] RIP: 0033:0x7fe80e18e0dc [ 365.420165][ T4007] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 365.420182][ T4007] RSP: 002b:00007fe80f047030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 365.420204][ T4007] RAX: ffffffffffffffda RBX: 00007fe80e3e5fa0 RCX: 00007fe80e18e0dc [ 365.420219][ T4007] RDX: 000000000000000f RSI: 00007fe80f0470a0 RDI: 0000000000000006 [ 365.420231][ T4007] RBP: 00007fe80f047090 R08: 0000000000000000 R09: 000000000000000d [ 365.420244][ T4007] R10: 00000000ffffffff R11: 0000000000000246 R12: 0000000000000001 [ 365.420256][ T4007] R13: 00007fe80e3e6038 R14: 00007fe80e3e5fa0 R15: 00007ffcf305f9d8 [ 365.420272][ T4007] [ 365.737444][ T4023] overlayfs: missing 'lowerdir' [ 365.747877][ T4021] FAULT_INJECTION: forcing a failure. [ 365.747877][ T4021] name failslab, interval 1, probability 0, space 0, times 0 [ 365.768998][ T36] audit: type=1400 audit(1763162573.239:190): avc: denied { watch watch_reads } for pid=4020 comm="syz.2.1751" path="/451/bus" dev="tmpfs" ino=2977 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 365.804619][ T4021] CPU: 0 UID: 0 PID: 4021 Comm: syz.1.1754 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 365.804650][ T4021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 365.804660][ T4021] Call Trace: [ 365.804665][ T4021] [ 365.804673][ T4021] __dump_stack+0x21/0x30 [ 365.804700][ T4021] dump_stack_lvl+0x10c/0x190 [ 365.804721][ T4021] ? __cfi_dump_stack_lvl+0x10/0x10 [ 365.804742][ T4021] ? avc_has_perm+0x144/0x220 [ 365.804762][ T4021] dump_stack+0x19/0x20 [ 365.804781][ T4021] should_fail_ex+0x3d9/0x530 [ 365.804799][ T4021] should_failslab+0xac/0x100 [ 365.804818][ T4021] __kmalloc_cache_noprof+0x41/0x490 [ 365.804835][ T4021] ? vhost_task_create+0x101/0x350 [ 365.804854][ T4021] ? __cfi_kvm_nx_huge_page_recovery_worker+0x10/0x10 [ 365.804874][ T4021] vhost_task_create+0x101/0x350 [ 365.804890][ T4021] ? __cfi_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10 [ 365.804910][ T4021] ? __cfi_vhost_task_create+0x10/0x10 [ 365.804929][ T4021] ? __cfi_vhost_task_fn+0x10/0x10 [ 365.804946][ T4021] ? __kasan_check_write+0x18/0x20 [ 365.804971][ T4021] ? mutex_lock+0x92/0x1c0 [ 365.804988][ T4021] ? __cfi_mutex_lock+0x10/0x10 [ 365.805004][ T4021] ? kernel_text_address+0xa9/0xe0 [ 365.805026][ T4021] kvm_mmu_post_init_vm+0x156/0x2d0 [ 365.805050][ T4021] kvm_arch_vcpu_ioctl_run+0xd7/0x1aa0 [ 365.805074][ T4021] ? _parse_integer_limit+0x195/0x1e0 [ 365.805101][ T4021] ? __cfi_kvm_arch_vcpu_ioctl_run+0x10/0x10 [ 365.805123][ T4021] ? kstrtoull+0x13b/0x1e0 [ 365.805138][ T4021] ? kstrtouint+0x78/0xf0 [ 365.805153][ T4021] ? ioctl_has_perm+0x1aa/0x4d0 [ 365.805173][ T4021] ? __asan_memcpy+0x5a/0x80 [ 365.805188][ T4021] ? ioctl_has_perm+0x3e0/0x4d0 [ 365.805209][ T4021] ? has_cap_mac_admin+0xd0/0xd0 [ 365.805228][ T4021] ? __kasan_check_write+0x18/0x20 [ 365.805253][ T4021] ? mutex_lock_killable+0x92/0x1c0 [ 365.805271][ T4021] ? __cfi_mutex_lock_killable+0x10/0x10 [ 365.805288][ T4021] ? proc_fail_nth_write+0x17e/0x210 [ 365.805312][ T4021] kvm_vcpu_ioctl+0x96f/0xee0 [ 365.805330][ T4021] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 365.805346][ T4021] ? __cfi_vfs_write+0x10/0x10 [ 365.805361][ T4021] ? __kasan_check_write+0x18/0x20 [ 365.805386][ T4021] ? mutex_unlock+0x8b/0x240 [ 365.805402][ T4021] ? __cfi_mutex_unlock+0x10/0x10 [ 365.805417][ T4021] ? __fget_files+0x2c5/0x340 [ 365.805436][ T4021] ? __fget_files+0x2c5/0x340 [ 365.805452][ T4021] ? bpf_lsm_file_ioctl+0xd/0x20 [ 365.805488][ T4021] ? security_file_ioctl+0x34/0xd0 [ 365.805508][ T4021] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 365.805524][ T4021] __se_sys_ioctl+0x135/0x1b0 [ 365.805543][ T4021] __x64_sys_ioctl+0x7f/0xa0 [ 365.805562][ T4021] x64_sys_call+0x1878/0x2ee0 [ 365.805588][ T4021] do_syscall_64+0x58/0xf0 [ 365.805608][ T4021] ? clear_bhb_loop+0x50/0xa0 [ 365.805628][ T4021] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 365.805647][ T4021] RIP: 0033:0x7f704df8f6c9 [ 365.805662][ T4021] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 365.805679][ T4021] RSP: 002b:00007f704ed41038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 365.805704][ T4021] RAX: ffffffffffffffda RBX: 00007f704e1e5fa0 RCX: 00007f704df8f6c9 [ 365.805718][ T4021] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000009 [ 365.805730][ T4021] RBP: 00007f704ed41090 R08: 0000000000000000 R09: 0000000000000000 [ 365.805742][ T4021] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 365.805754][ T4021] R13: 00007f704e1e6038 R14: 00007f704e1e5fa0 R15: 00007ffe36647058 [ 365.805769][ T4021] [ 365.813680][ T4028] FAULT_INJECTION: forcing a failure. [ 365.813680][ T4028] name failslab, interval 1, probability 0, space 0, times 0 [ 366.178022][ T4028] CPU: 0 UID: 0 PID: 4028 Comm: syz.2.1758 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 366.178056][ T4028] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 366.178068][ T4028] Call Trace: [ 366.178074][ T4028] [ 366.178081][ T4028] __dump_stack+0x21/0x30 [ 366.178111][ T4028] dump_stack_lvl+0x10c/0x190 [ 366.178133][ T4028] ? __cfi_dump_stack_lvl+0x10/0x10 [ 366.178155][ T4028] ? __kasan_check_write+0x18/0x20 [ 366.178181][ T4028] ? proc_fail_nth_write+0x17e/0x210 [ 366.178203][ T4028] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 366.178225][ T4028] dump_stack+0x19/0x20 [ 366.178245][ T4028] should_fail_ex+0x3d9/0x530 [ 366.178264][ T4028] should_failslab+0xac/0x100 [ 366.178282][ T4028] kmem_cache_alloc_noprof+0x42/0x430 [ 366.178299][ T4028] ? getname_flags+0xc6/0x710 [ 366.178318][ T4028] getname_flags+0xc6/0x710 [ 366.178335][ T4028] ? build_open_flags+0x487/0x600 [ 366.178357][ T4028] getname+0x1b/0x30 [ 366.178373][ T4028] do_sys_openat2+0xcb/0x1c0 [ 366.178394][ T4028] ? fput+0x1a5/0x240 [ 366.178411][ T4028] ? do_sys_open+0x100/0x100 [ 366.178431][ T4028] ? ksys_write+0x1ef/0x250 [ 366.178447][ T4028] ? __cfi_ksys_write+0x10/0x10 [ 366.178463][ T4028] __x64_sys_openat+0x13a/0x170 [ 366.178498][ T4028] x64_sys_call+0xe69/0x2ee0 [ 366.178521][ T4028] do_syscall_64+0x58/0xf0 [ 366.178543][ T4028] ? clear_bhb_loop+0x50/0xa0 [ 366.178563][ T4028] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 366.178581][ T4028] RIP: 0033:0x7f42edd8f6c9 [ 366.178597][ T4028] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 366.178614][ T4028] RSP: 002b:00007f42eeb8a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 366.178634][ T4028] RAX: ffffffffffffffda RBX: 00007f42edfe5fa0 RCX: 00007f42edd8f6c9 [ 366.178648][ T4028] RDX: 0000000000048801 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 366.178661][ T4028] RBP: 00007f42eeb8a090 R08: 0000000000000000 R09: 0000000000000000 [ 366.178674][ T4028] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 366.178686][ T4028] R13: 00007f42edfe6038 R14: 00007f42edfe5fa0 R15: 00007ffd58d15388 [ 366.178701][ T4028] [ 366.735021][ T4063] FAULT_INJECTION: forcing a failure. [ 366.735021][ T4063] name failslab, interval 1, probability 0, space 0, times 0 [ 366.764727][ T4063] CPU: 0 UID: 0 PID: 4063 Comm: syz.2.1774 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 366.764763][ T4063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 366.764776][ T4063] Call Trace: [ 366.764781][ T4063] [ 366.764789][ T4063] __dump_stack+0x21/0x30 [ 366.764819][ T4063] dump_stack_lvl+0x10c/0x190 [ 366.764841][ T4063] ? __cfi_dump_stack_lvl+0x10/0x10 [ 366.764863][ T4063] ? selinux_file_open+0x457/0x610 [ 366.764884][ T4063] ? __cfi_selinux_file_open+0x10/0x10 [ 366.764904][ T4063] dump_stack+0x19/0x20 [ 366.764925][ T4063] should_fail_ex+0x3d9/0x530 [ 366.764943][ T4063] should_failslab+0xac/0x100 [ 366.764963][ T4063] kmem_cache_alloc_lru_noprof+0x44/0x430 [ 366.764981][ T4063] ? __d_alloc+0x42/0x8e0 [ 366.765004][ T4063] __d_alloc+0x42/0x8e0 [ 366.765027][ T4063] ? ilookup+0x2e6/0x360 [ 366.765046][ T4063] d_alloc_pseudo+0x23/0xc0 [ 366.765067][ T4063] alloc_file_pseudo_noaccount+0xcd/0x310 [ 366.765089][ T4063] ? _atomic_dec_and_lock+0x98/0x120 [ 366.765111][ T4063] ? __cfi_alloc_file_pseudo_noaccount+0x10/0x10 [ 366.765133][ T4063] ? __cfi_bd_prepare_to_claim+0x10/0x10 [ 366.765152][ T4063] bdev_file_open_by_dev+0x17e/0x240 [ 366.765172][ T4063] disk_scan_partitions+0x1c5/0x2d0 [ 366.765197][ T4063] blkdev_common_ioctl+0x17e8/0x2810 [ 366.765221][ T4063] ? blkdev_bszset+0x220/0x220 [ 366.765244][ T4063] ? has_cap_mac_admin+0xd0/0xd0 [ 366.765265][ T4063] ? proc_fail_nth_write+0x17e/0x210 [ 366.765289][ T4063] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 366.765311][ T4063] ? selinux_file_ioctl+0x6e0/0x1360 [ 366.765331][ T4063] ? vfs_write+0x93e/0xf30 [ 366.765347][ T4063] ? __cfi_selinux_file_ioctl+0x10/0x10 [ 366.765367][ T4063] ? __cfi_vfs_write+0x10/0x10 [ 366.765383][ T4063] ? __kasan_check_write+0x18/0x20 [ 366.765407][ T4063] ? mutex_unlock+0x8b/0x240 [ 366.765423][ T4063] ? __cfi_mutex_unlock+0x10/0x10 [ 366.765438][ T4063] ? __fget_files+0x2c5/0x340 [ 366.765457][ T4063] blkdev_ioctl+0x484/0x680 [ 366.765479][ T4063] ? __cfi_blkdev_ioctl+0x10/0x10 [ 366.765502][ T4063] ? bpf_lsm_file_ioctl+0xd/0x20 [ 366.765524][ T4063] ? security_file_ioctl+0x34/0xd0 [ 366.765543][ T4063] ? __cfi_blkdev_ioctl+0x10/0x10 [ 366.765565][ T4063] __se_sys_ioctl+0x135/0x1b0 [ 366.765581][ T4063] __x64_sys_ioctl+0x7f/0xa0 [ 366.765597][ T4063] x64_sys_call+0x1878/0x2ee0 [ 366.765619][ T4063] do_syscall_64+0x58/0xf0 [ 366.765636][ T4063] ? clear_bhb_loop+0x50/0xa0 [ 366.765655][ T4063] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 366.765672][ T4063] RIP: 0033:0x7f42edd8f6c9 [ 366.765695][ T4063] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 366.765710][ T4063] RSP: 002b:00007f42eeb8a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 366.765730][ T4063] RAX: ffffffffffffffda RBX: 00007f42edfe5fa0 RCX: 00007f42edd8f6c9 [ 366.765743][ T4063] RDX: 0000000000000000 RSI: 000000000000125f RDI: 0000000000000007 [ 366.765753][ T4063] RBP: 00007f42eeb8a090 R08: 0000000000000000 R09: 0000000000000000 [ 366.765764][ T4063] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 366.765775][ T4063] R13: 00007f42edfe6038 R14: 00007f42edfe5fa0 R15: 00007ffd58d15388 [ 366.765791][ T4063] [ 367.484773][ T4086] FAULT_INJECTION: forcing a failure. [ 367.484773][ T4086] name failslab, interval 1, probability 0, space 0, times 0 [ 367.516194][ T4086] CPU: 1 UID: 0 PID: 4086 Comm: syz.0.1785 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 367.516227][ T4086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 367.516239][ T4086] Call Trace: [ 367.516245][ T4086] [ 367.516253][ T4086] __dump_stack+0x21/0x30 [ 367.516283][ T4086] dump_stack_lvl+0x10c/0x190 [ 367.516306][ T4086] ? __cfi_dump_stack_lvl+0x10/0x10 [ 367.516329][ T4086] ? release_sock+0x171/0x1f0 [ 367.516351][ T4086] dump_stack+0x19/0x20 [ 367.516372][ T4086] should_fail_ex+0x3d9/0x530 [ 367.516391][ T4086] should_failslab+0xac/0x100 [ 367.516412][ T4086] kmem_cache_alloc_node_noprof+0x45/0x440 [ 367.516431][ T4086] ? netlink_data_ready+0x20/0x20 [ 367.516454][ T4086] ? __alloc_skb+0x10c/0x370 [ 367.516477][ T4086] __alloc_skb+0x10c/0x370 [ 367.516498][ T4086] netlink_alloc_large_skb+0xf7/0x1b0 [ 367.516521][ T4086] netlink_sendmsg+0x586/0xaf0 [ 367.516546][ T4086] ? __cfi_netlink_sendmsg+0x10/0x10 [ 367.516571][ T4086] ? bpf_lsm_socket_sendmsg+0xd/0x20 [ 367.516593][ T4086] ? security_socket_sendmsg+0x33/0xd0 [ 367.516611][ T4086] ? __cfi_netlink_sendmsg+0x10/0x10 [ 367.516635][ T4086] ____sys_sendmsg+0xa15/0xa70 [ 367.516669][ T4086] ? __sys_sendmsg_sock+0x50/0x50 [ 367.516694][ T4086] ? import_iovec+0x81/0xb0 [ 367.516718][ T4086] ___sys_sendmsg+0x220/0x2a0 [ 367.516743][ T4086] ? __sys_sendmsg+0x280/0x280 [ 367.516767][ T4086] ? proc_fail_nth_write+0x17e/0x210 [ 367.516791][ T4086] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 367.516818][ T4086] __x64_sys_sendmsg+0x1eb/0x2c0 [ 367.516843][ T4086] ? fput+0x1a5/0x240 [ 367.516864][ T4086] ? __cfi___x64_sys_sendmsg+0x10/0x10 [ 367.516888][ T4086] ? ksys_write+0x1ef/0x250 [ 367.516906][ T4086] ? __kasan_check_read+0x15/0x20 [ 367.516932][ T4086] x64_sys_call+0x2a4c/0x2ee0 [ 367.516957][ T4086] do_syscall_64+0x58/0xf0 [ 367.516979][ T4086] ? clear_bhb_loop+0x50/0xa0 [ 367.517000][ T4086] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 367.517019][ T4086] RIP: 0033:0x7fe80e18f6c9 [ 367.517034][ T4086] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 367.517051][ T4086] RSP: 002b:00007fe80f047038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 367.517072][ T4086] RAX: ffffffffffffffda RBX: 00007fe80e3e5fa0 RCX: 00007fe80e18f6c9 [ 367.517086][ T4086] RDX: 0000000000044000 RSI: 00002000000000c0 RDI: 0000000000000005 [ 367.517099][ T4086] RBP: 00007fe80f047090 R08: 0000000000000000 R09: 0000000000000000 [ 367.517111][ T4086] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 367.517123][ T4086] R13: 00007fe80e3e6038 R14: 00007fe80e3e5fa0 R15: 00007ffcf305f9d8 [ 367.517138][ T4086] [ 367.972298][ T4118] FAULT_INJECTION: forcing a failure. [ 367.972298][ T4118] name failslab, interval 1, probability 0, space 0, times 0 [ 367.998277][ T4118] CPU: 1 UID: 0 PID: 4118 Comm: syz.0.1798 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 367.998311][ T4118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 367.998322][ T4118] Call Trace: [ 367.998328][ T4118] [ 367.998337][ T4118] __dump_stack+0x21/0x30 [ 367.998365][ T4118] dump_stack_lvl+0x10c/0x190 [ 367.998387][ T4118] ? __cfi_dump_stack_lvl+0x10/0x10 [ 367.998409][ T4118] ? selinux_file_open+0x457/0x610 [ 367.998432][ T4118] ? __cfi_selinux_file_open+0x10/0x10 [ 367.998453][ T4118] dump_stack+0x19/0x20 [ 367.998475][ T4118] should_fail_ex+0x3d9/0x530 [ 367.998494][ T4118] should_failslab+0xac/0x100 [ 367.998514][ T4118] kmem_cache_alloc_lru_noprof+0x44/0x430 [ 367.998531][ T4118] ? __d_alloc+0x42/0x8e0 [ 367.998556][ T4118] __d_alloc+0x42/0x8e0 [ 367.998578][ T4118] ? ilookup+0x2e6/0x360 [ 367.998597][ T4118] d_alloc_pseudo+0x23/0xc0 [ 367.998626][ T4118] alloc_file_pseudo_noaccount+0xcd/0x310 [ 367.998648][ T4118] ? _atomic_dec_and_lock+0x98/0x120 [ 367.998668][ T4118] ? __cfi_alloc_file_pseudo_noaccount+0x10/0x10 [ 367.998688][ T4118] ? __cfi_bd_prepare_to_claim+0x10/0x10 [ 367.998707][ T4118] bdev_file_open_by_dev+0x17e/0x240 [ 367.998724][ T4118] disk_scan_partitions+0x1c5/0x2d0 [ 367.998748][ T4118] blkdev_common_ioctl+0x17e8/0x2810 [ 367.998771][ T4118] ? blkdev_bszset+0x220/0x220 [ 367.998791][ T4118] ? has_cap_mac_admin+0xd0/0xd0 [ 367.998811][ T4118] ? proc_fail_nth_write+0x17e/0x210 [ 367.998833][ T4118] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 367.998856][ T4118] ? selinux_file_ioctl+0x6e0/0x1360 [ 367.998877][ T4118] ? vfs_write+0x93e/0xf30 [ 367.998893][ T4118] ? __cfi_selinux_file_ioctl+0x10/0x10 [ 367.998911][ T4118] ? __cfi_vfs_write+0x10/0x10 [ 367.998925][ T4118] ? __kasan_check_write+0x18/0x20 [ 367.998948][ T4118] ? mutex_unlock+0x8b/0x240 [ 367.998963][ T4118] ? __cfi_mutex_unlock+0x10/0x10 [ 367.998978][ T4118] ? __fget_files+0x2c5/0x340 [ 367.998997][ T4118] blkdev_ioctl+0x484/0x680 [ 367.999021][ T4118] ? __cfi_blkdev_ioctl+0x10/0x10 [ 367.999044][ T4118] ? bpf_lsm_file_ioctl+0xd/0x20 [ 367.999067][ T4118] ? security_file_ioctl+0x34/0xd0 [ 367.999086][ T4118] ? __cfi_blkdev_ioctl+0x10/0x10 [ 367.999108][ T4118] __se_sys_ioctl+0x135/0x1b0 [ 367.999127][ T4118] __x64_sys_ioctl+0x7f/0xa0 [ 367.999146][ T4118] x64_sys_call+0x1878/0x2ee0 [ 367.999171][ T4118] do_syscall_64+0x58/0xf0 [ 367.999193][ T4118] ? clear_bhb_loop+0x50/0xa0 [ 367.999213][ T4118] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 367.999232][ T4118] RIP: 0033:0x7fe80e18f6c9 [ 367.999249][ T4118] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 367.999264][ T4118] RSP: 002b:00007fe80f047038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 367.999285][ T4118] RAX: ffffffffffffffda RBX: 00007fe80e3e5fa0 RCX: 00007fe80e18f6c9 [ 367.999299][ T4118] RDX: 0000000000000000 RSI: 000000000000125f RDI: 0000000000000007 [ 367.999311][ T4118] RBP: 00007fe80f047090 R08: 0000000000000000 R09: 0000000000000000 [ 367.999323][ T4118] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 367.999334][ T4118] R13: 00007fe80e3e6038 R14: 00007fe80e3e5fa0 R15: 00007ffcf305f9d8 [ 367.999349][ T4118] [ 368.822850][ T36] kauditd_printk_skb: 1 callbacks suppressed [ 368.822867][ T36] audit: type=1400 audit(1763162576.289:192): avc: denied { bind } for pid=4150 comm="syz.3.1814" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 368.926373][ T4166] audit: audit_lost=2 audit_rate_limit=0 audit_backlog_limit=64 [ 368.935717][ T4166] audit: out of memory in audit_log_start [ 368.946426][ T4166] __vm_enough_memory: pid: 4166, comm: syz.0.1820, bytes: 18014402804453376 not enough memory for the allocation [ 368.947008][ T36] audit: type=1400 audit(1763162576.419:193): avc: denied { execute } for pid=4165 comm="syz.0.1820" path="/dev/ashmem" dev="devtmpfs" ino=202 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 369.064592][ T4179] FAULT_INJECTION: forcing a failure. [ 369.064592][ T4179] name failslab, interval 1, probability 0, space 0, times 0 [ 369.082252][ T4179] CPU: 1 UID: 0 PID: 4179 Comm: syz.1.1813 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 369.082285][ T4179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 369.082296][ T4179] Call Trace: [ 369.082302][ T4179] [ 369.082309][ T4179] __dump_stack+0x21/0x30 [ 369.082336][ T4179] dump_stack_lvl+0x10c/0x190 [ 369.082359][ T4179] ? __cfi_dump_stack_lvl+0x10/0x10 [ 369.082380][ T4179] ? selinux_file_open+0x457/0x610 [ 369.082403][ T4179] ? __cfi_selinux_file_open+0x10/0x10 [ 369.082424][ T4179] dump_stack+0x19/0x20 [ 369.082445][ T4179] should_fail_ex+0x3d9/0x530 [ 369.082464][ T4179] should_failslab+0xac/0x100 [ 369.082484][ T4179] kmem_cache_alloc_lru_noprof+0x44/0x430 [ 369.082503][ T4179] ? __d_alloc+0x42/0x8e0 [ 369.082527][ T4179] __d_alloc+0x42/0x8e0 [ 369.082558][ T4179] ? ilookup+0x2e6/0x360 [ 369.082578][ T4179] d_alloc_pseudo+0x23/0xc0 [ 369.082600][ T4179] alloc_file_pseudo_noaccount+0xcd/0x310 [ 369.082620][ T4179] ? _atomic_dec_and_lock+0x98/0x120 [ 369.082641][ T4179] ? __cfi_alloc_file_pseudo_noaccount+0x10/0x10 [ 369.082660][ T4179] ? __cfi_bd_prepare_to_claim+0x10/0x10 [ 369.082680][ T4179] bdev_file_open_by_dev+0x17e/0x240 [ 369.082700][ T4179] disk_scan_partitions+0x1c5/0x2d0 [ 369.082726][ T4179] blkdev_common_ioctl+0x17e8/0x2810 [ 369.082751][ T4179] ? blkdev_bszset+0x220/0x220 [ 369.082774][ T4179] ? has_cap_mac_admin+0xd0/0xd0 [ 369.082795][ T4179] ? proc_fail_nth_write+0x17e/0x210 [ 369.082816][ T4179] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 369.082838][ T4179] ? selinux_file_ioctl+0x6e0/0x1360 [ 369.082857][ T4179] ? vfs_write+0x93e/0xf30 [ 369.082872][ T4179] ? __cfi_selinux_file_ioctl+0x10/0x10 [ 369.082890][ T4179] ? __cfi_vfs_write+0x10/0x10 [ 369.082905][ T4179] ? __kasan_check_write+0x18/0x20 [ 369.082929][ T4179] ? mutex_unlock+0x8b/0x240 [ 369.082946][ T4179] ? __cfi_mutex_unlock+0x10/0x10 [ 369.082962][ T4179] ? __fget_files+0x2c5/0x340 [ 369.082981][ T4179] blkdev_ioctl+0x484/0x680 [ 369.083004][ T4179] ? __cfi_blkdev_ioctl+0x10/0x10 [ 369.083026][ T4179] ? bpf_lsm_file_ioctl+0xd/0x20 [ 369.083049][ T4179] ? security_file_ioctl+0x34/0xd0 [ 369.083067][ T4179] ? __cfi_blkdev_ioctl+0x10/0x10 [ 369.083086][ T4179] __se_sys_ioctl+0x135/0x1b0 [ 369.083105][ T4179] __x64_sys_ioctl+0x7f/0xa0 [ 369.083123][ T4179] x64_sys_call+0x1878/0x2ee0 [ 369.083145][ T4179] do_syscall_64+0x58/0xf0 [ 369.083163][ T4179] ? clear_bhb_loop+0x50/0xa0 [ 369.083180][ T4179] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 369.083199][ T4179] RIP: 0033:0x7f704df8f6c9 [ 369.083214][ T4179] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 369.083230][ T4179] RSP: 002b:00007f704ed41038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 369.083251][ T4179] RAX: ffffffffffffffda RBX: 00007f704e1e5fa0 RCX: 00007f704df8f6c9 [ 369.083264][ T4179] RDX: 0000000000000000 RSI: 000000000000125f RDI: 0000000000000007 [ 369.083276][ T4179] RBP: 00007f704ed41090 R08: 0000000000000000 R09: 0000000000000000 [ 369.083287][ T4179] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 369.083298][ T4179] R13: 00007f704e1e6038 R14: 00007f704e1e5fa0 R15: 00007ffe36647058 [ 369.083311][ T4179] [ 369.099651][ T36] audit: type=1400 audit(1763162576.559:194): avc: denied { name_bind } for pid=4181 comm="syz.0.1826" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1 [ 369.462416][ T36] audit: type=1400 audit(1763162576.929:195): avc: denied { read } for pid=4195 comm="syz.3.1832" dev="nsfs" ino=4026532566 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 369.504688][ T36] audit: type=1400 audit(1763162576.929:196): avc: denied { open } for pid=4195 comm="syz.3.1832" path="net:[4026532566]" dev="nsfs" ino=4026532566 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 369.653664][ T4203] overlayfs: failed to resolve './file1': -2 [ 369.684482][ T36] audit: type=1400 audit(1763162577.139:197): avc: denied { bind } for pid=4202 comm="syz.3.1835" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 369.724693][ T36] audit: type=1400 audit(1763162577.149:198): avc: denied { setopt } for pid=4202 comm="syz.3.1835" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 369.726960][ T4205] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1837'. [ 369.883885][ T4210] capability: warning: `syz.2.1836' uses deprecated v2 capabilities in a way that may be insecure [ 370.105850][ T36] audit: type=1400 audit(1763162577.579:199): avc: denied { bind } for pid=4234 comm="syz.2.1850" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 370.311753][ T4262] FAULT_INJECTION: forcing a failure. [ 370.311753][ T4262] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 370.324917][ T4262] CPU: 0 UID: 0 PID: 4262 Comm: syz.0.1861 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 370.324950][ T4262] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 370.324962][ T4262] Call Trace: [ 370.324969][ T4262] [ 370.324977][ T4262] __dump_stack+0x21/0x30 [ 370.325006][ T4262] dump_stack_lvl+0x10c/0x190 [ 370.325029][ T4262] ? __cfi_dump_stack_lvl+0x10/0x10 [ 370.325053][ T4262] ? check_stack_object+0x12c/0x140 [ 370.325072][ T4262] dump_stack+0x19/0x20 [ 370.325093][ T4262] should_fail_ex+0x3d9/0x530 [ 370.325113][ T4262] should_fail+0xf/0x20 [ 370.325129][ T4262] should_fail_usercopy+0x1e/0x30 [ 370.325148][ T4262] _copy_to_user+0x24/0xa0 [ 370.325171][ T4262] simple_read_from_buffer+0xed/0x160 [ 370.325194][ T4262] proc_fail_nth_read+0x19e/0x210 [ 370.325227][ T4262] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 370.325250][ T4262] ? bpf_lsm_file_permission+0xd/0x20 [ 370.325275][ T4262] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 370.325298][ T4262] vfs_read+0x27d/0xc70 [ 370.325314][ T4262] ? __cfi_vfs_read+0x10/0x10 [ 370.325330][ T4262] ? __kasan_check_write+0x18/0x20 [ 370.325356][ T4262] ? mutex_lock+0x92/0x1c0 [ 370.325373][ T4262] ? __cfi_mutex_lock+0x10/0x10 [ 370.325389][ T4262] ? __fget_files+0x2c5/0x340 [ 370.325409][ T4262] ksys_read+0x141/0x250 [ 370.325425][ T4262] ? __cfi_ksys_read+0x10/0x10 [ 370.325441][ T4262] ? __kasan_check_write+0x18/0x20 [ 370.325466][ T4262] ? __kasan_check_read+0x15/0x20 [ 370.325489][ T4262] __x64_sys_read+0x7f/0x90 [ 370.325505][ T4262] x64_sys_call+0x2638/0x2ee0 [ 370.325529][ T4262] do_syscall_64+0x58/0xf0 [ 370.325550][ T4262] ? clear_bhb_loop+0x50/0xa0 [ 370.325570][ T4262] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 370.325589][ T4262] RIP: 0033:0x7fe80e18e0dc [ 370.325607][ T4262] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 370.325623][ T4262] RSP: 002b:00007fe80f047030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 370.325644][ T4262] RAX: ffffffffffffffda RBX: 00007fe80e3e5fa0 RCX: 00007fe80e18e0dc [ 370.325658][ T4262] RDX: 000000000000000f RSI: 00007fe80f0470a0 RDI: 0000000000000007 [ 370.325670][ T4262] RBP: 00007fe80f047090 R08: 0000000000000000 R09: 0000000000000000 [ 370.325682][ T4262] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 370.325694][ T4262] R13: 00007fe80e3e6038 R14: 00007fe80e3e5fa0 R15: 00007ffcf305f9d8 [ 370.325710][ T4262] [ 370.748460][ T4290] 9pnet: Could not find request transport: fx [ 371.214300][ T967] usb 2-1: new full-speed USB device number 2 using dummy_hcd [ 371.365734][ T967] usb 2-1: config 1 has an invalid interface number: 105 but max is 0 [ 371.374998][ T967] usb 2-1: config 1 has no interface number 0 [ 371.382880][ T967] usb 2-1: config 1 interface 105 has no altsetting 0 [ 371.385084][ T4388] overlayfs: failed to resolve './file1': -2 [ 371.392165][ T967] usb 2-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d [ 371.405023][ T967] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 371.414862][ T967] usb 2-1: Product: syz [ 371.419234][ T967] usb 2-1: Manufacturer: syz [ 371.423885][ T967] usb 2-1: SerialNumber: syz [ 371.538341][ T4411] FAULT_INJECTION: forcing a failure. [ 371.538341][ T4411] name failslab, interval 1, probability 0, space 0, times 0 [ 371.550971][ T4411] CPU: 1 UID: 0 PID: 4411 Comm: syz.0.1930 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 371.550991][ T4411] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 371.550998][ T4411] Call Trace: [ 371.551003][ T4411] [ 371.551009][ T4411] __dump_stack+0x21/0x30 [ 371.551027][ T4411] dump_stack_lvl+0x10c/0x190 [ 371.551039][ T4411] ? __cfi_dump_stack_lvl+0x10/0x10 [ 371.551053][ T4411] dump_stack+0x19/0x20 [ 371.551064][ T4411] should_fail_ex+0x3d9/0x530 [ 371.551076][ T4411] should_failslab+0xac/0x100 [ 371.551093][ T4411] kmem_cache_alloc_noprof+0x42/0x430 [ 371.551110][ T4411] ? inc_rlimit_get_ucounts+0x3fb/0x470 [ 371.551136][ T4411] ? __sigqueue_alloc+0x15e/0x2b0 [ 371.551153][ T4411] __sigqueue_alloc+0x15e/0x2b0 [ 371.551164][ T4411] __send_signal_locked+0x19d/0xb90 [ 371.551175][ T4411] ? __kasan_check_write+0x18/0x20 [ 371.551190][ T4411] ? __task_pid_nr_ns+0x1e2/0x280 [ 371.551201][ T4411] send_signal_locked+0x428/0x5a0 [ 371.551212][ T4411] do_send_sig_info+0xdb/0x220 [ 371.551222][ T4411] send_sig+0x5f/0x70 [ 371.551232][ T4411] sk_stream_error+0xb6/0x130 [ 371.551246][ T4411] tcp_sendmsg_locked+0x42e0/0x4b40 [ 371.551260][ T4411] ? __asan_memcpy+0x5a/0x80 [ 371.551270][ T4411] ? __kasan_check_write+0x18/0x20 [ 371.551283][ T4411] ? _raw_spin_lock_bh+0x90/0x120 [ 371.551295][ T4411] ? __cfi__raw_spin_lock_bh+0x10/0x10 [ 371.551308][ T4411] ? _raw_spin_unlock_bh+0x54/0x60 [ 371.551319][ T4411] ? lock_sock_nested+0x1f5/0x290 [ 371.551331][ T4411] ? __cfi_tcp_sendmsg_locked+0x10/0x10 [ 371.551344][ T4411] ? __cfi_tcp_sendmsg+0x10/0x10 [ 371.551356][ T4411] tcp_sendmsg+0x3e/0xe0 [ 371.551367][ T4411] ? __cfi_tcp_sendmsg+0x10/0x10 [ 371.551384][ T4411] inet6_sendmsg+0xb7/0x120 [ 371.551399][ T4411] ____sys_sendmsg+0x5db/0xa70 [ 371.551412][ T4411] ? __sys_sendmsg_sock+0x50/0x50 [ 371.551426][ T4411] ? import_iovec+0x81/0xb0 [ 371.551438][ T4411] ___sys_sendmsg+0x220/0x2a0 [ 371.551451][ T4411] ? __sys_sendmsg+0x280/0x280 [ 371.551464][ T4411] ? kstrtouint+0x78/0xf0 [ 371.551475][ T4411] __sys_sendmmsg+0x271/0x470 [ 371.551489][ T4411] ? __cfi___sys_sendmmsg+0x10/0x10 [ 371.551503][ T4411] ? __cfi_ksys_write+0x10/0x10 [ 371.551513][ T4411] __x64_sys_sendmmsg+0xa4/0xc0 [ 371.551526][ T4411] x64_sys_call+0xfec/0x2ee0 [ 371.551539][ T4411] do_syscall_64+0x58/0xf0 [ 371.551552][ T4411] ? clear_bhb_loop+0x50/0xa0 [ 371.551564][ T4411] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 371.551574][ T4411] RIP: 0033:0x7fe80e18f6c9 [ 371.551584][ T4411] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 371.551593][ T4411] RSP: 002b:00007fe80f047038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 371.551605][ T4411] RAX: ffffffffffffffda RBX: 00007fe80e3e5fa0 RCX: 00007fe80e18f6c9 [ 371.551613][ T4411] RDX: 0000000000000001 RSI: 0000200000003c00 RDI: 0000000000000008 [ 371.551620][ T4411] RBP: 00007fe80f047090 R08: 0000000000000000 R09: 0000000000000000 [ 371.551626][ T4411] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000001 [ 371.551632][ T4411] R13: 00007fe80e3e6038 R14: 00007fe80e3e5fa0 R15: 00007ffcf305f9d8 [ 371.551641][ T4411] [ 371.866685][ T967] aqc111 2-1:1.105: probe with driver aqc111 failed with error -22 [ 371.875952][ T967] usb 2-1: USB disconnect, device number 2 [ 371.967275][ T4433] overlayfs: failed to resolve './file1': -2 [ 372.066406][ T4457] overlayfs: failed to resolve './file1': -2 [ 372.127959][ T4472] netlink: 'syz.3.1959': attribute type 4 has an invalid length. [ 372.136475][ T4472] netlink: 'syz.3.1959': attribute type 5 has an invalid length. [ 372.144204][ T4472] netlink: 3657 bytes leftover after parsing attributes in process `syz.3.1959'. [ 372.191980][ T4482] overlayfs: failed to resolve './file1': -2 [ 372.399246][ T4505] picdev_read: 77 callbacks suppressed [ 372.399269][ T4505] kvm: pic: non byte read [ 372.409376][ T4505] kvm: pic: non byte read [ 372.413824][ T4505] kvm: pic: non byte read [ 372.418289][ T4505] kvm: pic: non byte read [ 372.422736][ T4505] kvm: pic: non byte read [ 372.427263][ T4505] kvm: pic: non byte read [ 372.431714][ T4505] kvm: pic: non byte read [ 372.436205][ T4505] kvm: pic: non byte read [ 372.440644][ T4505] kvm: pic: non byte read [ 372.445101][ T4505] kvm: pic: non byte read [ 372.716722][ T4552] overlayfs: failed to resolve './file1': -2 [ 372.794348][ T330] usb 2-1: new full-speed USB device number 3 using dummy_hcd [ 372.836646][ T4578] overlayfs: failed to resolve './file1': -2 [ 372.961516][ T330] usb 2-1: config 1 has an invalid interface number: 105 but max is 0 [ 372.974537][ T330] usb 2-1: config 1 has an invalid descriptor of length 100, skipping remainder of the config [ 372.992817][ T330] usb 2-1: config 1 has no interface number 0 [ 372.999041][ T330] usb 2-1: config 1 interface 105 altsetting 2 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 373.015265][ T330] usb 2-1: config 1 interface 105 has no altsetting 0 [ 373.023330][ T4600] overlayfs: failed to resolve './file1': -2 [ 373.024359][ T330] usb 2-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d [ 373.038971][ T330] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 373.050626][ T330] usb 2-1: Product: syz [ 373.058002][ T330] usb 2-1: Manufacturer: syz [ 373.062647][ T330] usb 2-1: SerialNumber: syz [ 373.284670][ T330] aqc111 2-1:1.105: probe with driver aqc111 failed with error -22 [ 373.304585][ T330] usb 2-1: USB disconnect, device number 3 [ 373.432064][ T4664] overlayfs: failed to resolve './file1': -2 [ 373.973015][ T4742] overlayfs: failed to resolve './file1': -2 [ 374.778206][ T4795] overlayfs: failed to resolve './file1': -2 [ 375.541498][ T36] kauditd_printk_skb: 11 callbacks suppressed [ 375.541521][ T36] audit: type=1326 audit(1763162583.009:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4788 comm="syz.0.2106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe80e18f6c9 code=0x7fc00000 [ 375.895179][ T4823] overlayfs: failed to resolve './file1': -2 [ 376.045541][ T328] bridge_slave_1: left allmulticast mode [ 376.051246][ T328] bridge_slave_1: left promiscuous mode [ 376.064769][ T328] bridge0: port 2(bridge_slave_1) entered disabled state [ 376.084882][ T328] bridge_slave_0: left allmulticast mode [ 376.090595][ T328] bridge_slave_0: left promiscuous mode [ 376.104690][ T328] bridge0: port 1(bridge_slave_0) entered disabled state [ 376.225663][ T328] veth1_macvtap: left promiscuous mode [ 376.231342][ T328] veth0_vlan: left promiscuous mode [ 376.410026][ T4824] bridge0: port 1(bridge_slave_0) entered blocking state [ 376.427608][ T4824] bridge0: port 1(bridge_slave_0) entered disabled state [ 376.444718][ T4824] bridge_slave_0: entered allmulticast mode [ 376.461713][ T4824] bridge_slave_0: entered promiscuous mode [ 376.472866][ T4824] bridge0: port 2(bridge_slave_1) entered blocking state [ 376.492325][ T4824] bridge0: port 2(bridge_slave_1) entered disabled state [ 376.504102][ T4824] bridge_slave_1: entered allmulticast mode [ 376.510920][ T4824] bridge_slave_1: entered promiscuous mode [ 376.738963][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 376.746165][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 376.773807][ T328] bridge0: port 2(bridge_slave_1) entered blocking state [ 376.780930][ T328] bridge0: port 2(bridge_slave_1) entered forwarding state [ 376.803808][ T4824] veth0_vlan: entered promiscuous mode [ 376.821971][ T4824] veth1_macvtap: entered promiscuous mode [ 376.871557][ T36] audit: type=1326 audit(1763162584.339:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4852 comm="syz.1.2132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f704df8f6c9 code=0x7fc00000 [ 376.972130][ T4870] overlayfs: failed to resolve './file1': -2 [ 377.157204][ T36] audit: type=1326 audit(1763162584.629:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4884 comm="syz.1.2146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f704df8f6c9 code=0x7fc00000 [ 377.208009][ T36] audit: type=1326 audit(1763162584.629:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4884 comm="syz.1.2146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f704df8f6c9 code=0x7fc00000 [ 377.259983][ T36] audit: type=1326 audit(1763162584.629:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4884 comm="syz.1.2146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f704df8f6c9 code=0x7fc00000 [ 377.314689][ T36] audit: type=1326 audit(1763162584.629:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4884 comm="syz.1.2146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f704df8f6c9 code=0x7fc00000 [ 377.358716][ T36] audit: type=1326 audit(1763162584.629:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4884 comm="syz.1.2146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f704df8f6c9 code=0x7fc00000 [ 377.413099][ T36] audit: type=1326 audit(1763162584.629:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4884 comm="syz.1.2146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f704df8f6c9 code=0x7fc00000 [ 377.438033][ T36] audit: type=1326 audit(1763162584.629:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4884 comm="syz.1.2146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f704df8f6c9 code=0x7fc00000 [ 377.461816][ T36] audit: type=1326 audit(1763162584.629:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4884 comm="syz.1.2146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f704df8f6c9 code=0x7fc00000 [ 377.771707][ T4926] overlayfs: failed to resolve './file1': -2 [ 377.918467][ T4947] FAULT_INJECTION: forcing a failure. [ 377.918467][ T4947] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 377.968363][ T4947] CPU: 1 UID: 0 PID: 4947 Comm: syz.1.2174 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 377.968401][ T4947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 377.968412][ T4947] Call Trace: [ 377.968418][ T4947] [ 377.968426][ T4947] __dump_stack+0x21/0x30 [ 377.968457][ T4947] dump_stack_lvl+0x10c/0x190 [ 377.968480][ T4947] ? __cfi_dump_stack_lvl+0x10/0x10 [ 377.968505][ T4947] ? check_stack_object+0x12c/0x140 [ 377.968528][ T4947] dump_stack+0x19/0x20 [ 377.968550][ T4947] should_fail_ex+0x3d9/0x530 [ 377.968569][ T4947] should_fail+0xf/0x20 [ 377.968585][ T4947] should_fail_usercopy+0x1e/0x30 [ 377.968605][ T4947] _copy_to_user+0x24/0xa0 [ 377.968627][ T4947] simple_read_from_buffer+0xed/0x160 [ 377.968651][ T4947] proc_fail_nth_read+0x19e/0x210 [ 377.968675][ T4947] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 377.968697][ T4947] ? blkdev_write_iter+0x636/0x790 [ 377.968719][ T4947] ? bpf_lsm_file_permission+0xd/0x20 [ 377.968743][ T4947] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 377.968764][ T4947] vfs_read+0x27d/0xc70 [ 377.968780][ T4947] ? __cfi_blkdev_write_iter+0x10/0x10 [ 377.968801][ T4947] ? __cfi_vfs_read+0x10/0x10 [ 377.968816][ T4947] ? __kasan_check_write+0x18/0x20 [ 377.968841][ T4947] ? mutex_lock+0x92/0x1c0 [ 377.968858][ T4947] ? __cfi_mutex_lock+0x10/0x10 [ 377.968874][ T4947] ? __fget_files+0x2c5/0x340 [ 377.968894][ T4947] ksys_read+0x141/0x250 [ 377.968910][ T4947] ? __cfi_ksys_read+0x10/0x10 [ 377.968927][ T4947] ? __kasan_check_read+0x15/0x20 [ 377.968952][ T4947] __x64_sys_read+0x7f/0x90 [ 377.968969][ T4947] x64_sys_call+0x2638/0x2ee0 [ 377.968994][ T4947] do_syscall_64+0x58/0xf0 [ 377.969024][ T4947] ? clear_bhb_loop+0x50/0xa0 [ 377.969046][ T4947] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 377.969065][ T4947] RIP: 0033:0x7f704df8e0dc [ 377.969081][ T4947] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 377.969097][ T4947] RSP: 002b:00007f704ed41030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 377.969119][ T4947] RAX: ffffffffffffffda RBX: 00007f704e1e5fa0 RCX: 00007f704df8e0dc [ 377.969133][ T4947] RDX: 000000000000000f RSI: 00007f704ed410a0 RDI: 0000000000000008 [ 377.969145][ T4947] RBP: 00007f704ed41090 R08: 0000000000000000 R09: 0000000000000000 [ 377.969156][ T4947] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 377.969169][ T4947] R13: 00007f704e1e6038 R14: 00007f704e1e5fa0 R15: 00007ffe36647058 [ 377.969185][ T4947] [ 378.647807][ T4985] overlayfs: failed to resolve './file1': -2 [ 378.838301][ T5006] overlayfs: failed to resolve './file1': -2 [ 379.566153][ T5038] FAULT_INJECTION: forcing a failure. [ 379.566153][ T5038] name failslab, interval 1, probability 0, space 0, times 0 [ 379.579249][ T5038] CPU: 0 UID: 0 PID: 5038 Comm: syz.2.2218 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 379.579283][ T5038] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 379.579295][ T5038] Call Trace: [ 379.579300][ T5038] [ 379.579308][ T5038] __dump_stack+0x21/0x30 [ 379.579338][ T5038] dump_stack_lvl+0x10c/0x190 [ 379.579362][ T5038] ? __cfi_dump_stack_lvl+0x10/0x10 [ 379.579386][ T5038] dump_stack+0x19/0x20 [ 379.579408][ T5038] should_fail_ex+0x3d9/0x530 [ 379.579427][ T5038] should_failslab+0xac/0x100 [ 379.579448][ T5038] kmem_cache_alloc_lru_noprof+0x44/0x430 [ 379.579466][ T5038] ? sock_alloc_inode+0x48/0x150 [ 379.579486][ T5038] ? __kasan_check_write+0x18/0x20 [ 379.579513][ T5038] sock_alloc_inode+0x48/0x150 [ 379.579531][ T5038] ? __cfi_sock_alloc_inode+0x10/0x10 [ 379.579551][ T5038] alloc_inode+0x7a/0x270 [ 379.579571][ T5038] ? bpf_lsm_socket_create+0xd/0x20 [ 379.579592][ T5038] new_inode_pseudo+0x19/0x40 [ 379.579610][ T5038] __sock_create+0x130/0x810 [ 379.579631][ T5038] __sys_socket+0xe2/0x1c0 [ 379.579651][ T5038] __x64_sys_socket+0x7e/0x90 [ 379.579672][ T5038] x64_sys_call+0x2608/0x2ee0 [ 379.579696][ T5038] do_syscall_64+0x58/0xf0 [ 379.579718][ T5038] ? clear_bhb_loop+0x50/0xa0 [ 379.579738][ T5038] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 379.579757][ T5038] RIP: 0033:0x7f42edd8f6c9 [ 379.579772][ T5038] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 379.579787][ T5038] RSP: 002b:00007f42eeb8a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 379.579809][ T5038] RAX: ffffffffffffffda RBX: 00007f42edfe5fa0 RCX: 00007f42edd8f6c9 [ 379.579823][ T5038] RDX: 00000000ffffffff RSI: 0000000000080000 RDI: 000000000000000a [ 379.579836][ T5038] RBP: 00007f42eeb8a090 R08: 0000000000000000 R09: 0000000000000000 [ 379.579860][ T5038] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 379.579871][ T5038] R13: 00007f42edfe6038 R14: 00007f42edfe5fa0 R15: 00007ffd58d15388 [ 379.579887][ T5038] [ 379.579912][ T5038] socket: no more sockets [ 380.747609][ T5072] overlayfs: failed to resolve './file1': -2 [ 381.323805][ T5098] overlayfs: failed to resolve './file1': -2 [ 381.993855][ T5159] overlayfs: failed to resolve './file1': -2 [ 382.953027][ T36] kauditd_printk_skb: 62 callbacks suppressed [ 382.953045][ T36] audit: type=1326 audit(1763162590.419:283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5200 comm="syz.2.2295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42edd8f6c9 code=0x7fc00000 [ 383.216009][ T5225] bpf: Bad value for 'mode' [ 383.414375][ T36] audit: type=1326 audit(1763162590.879:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5232 comm="syz.3.2311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d96d8f6c9 code=0x7fc00000 [ 383.683801][ T36] audit: type=1326 audit(1763162591.149:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5251 comm="syz.3.2320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d96d8f6c9 code=0x7fc00000 [ 383.726148][ T5260] overlayfs: failed to resolve './file1': -2 [ 383.849547][ T5272] FAULT_INJECTION: forcing a failure. [ 383.849547][ T5272] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 383.879548][ T5272] CPU: 1 UID: 0 PID: 5272 Comm: syz.2.2322 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 383.879583][ T5272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 383.879595][ T5272] Call Trace: [ 383.879601][ T5272] [ 383.879609][ T5272] __dump_stack+0x21/0x30 [ 383.879639][ T5272] dump_stack_lvl+0x10c/0x190 [ 383.879662][ T5272] ? __cfi_dump_stack_lvl+0x10/0x10 [ 383.879690][ T5272] dump_stack+0x19/0x20 [ 383.879710][ T5272] should_fail_ex+0x3d9/0x530 [ 383.879729][ T5272] should_fail+0xf/0x20 [ 383.879744][ T5272] should_fail_usercopy+0x1e/0x30 [ 383.879762][ T5272] strncpy_from_user+0x28/0x270 [ 383.879780][ T5272] __se_sys_fsetxattr+0x17e/0x4b0 [ 383.879806][ T5272] ? __x64_sys_fsetxattr+0xf0/0xf0 [ 383.879835][ T5272] ? __cfi_ksys_write+0x10/0x10 [ 383.879853][ T5272] __x64_sys_fsetxattr+0xc3/0xf0 [ 383.879877][ T5272] x64_sys_call+0x1a16/0x2ee0 [ 383.879902][ T5272] do_syscall_64+0x58/0xf0 [ 383.879923][ T5272] ? clear_bhb_loop+0x50/0xa0 [ 383.879942][ T5272] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 383.879960][ T5272] RIP: 0033:0x7f42edd8f6c9 [ 383.879975][ T5272] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 383.879991][ T5272] RSP: 002b:00007f42eeb8a038 EFLAGS: 00000246 ORIG_RAX: 00000000000000be [ 383.880010][ T5272] RAX: ffffffffffffffda RBX: 00007f42edfe5fa0 RCX: 00007f42edd8f6c9 [ 383.880023][ T5272] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 383.880035][ T5272] RBP: 00007f42eeb8a090 R08: 0000000000000001 R09: 0000000000000000 [ 383.880046][ T5272] R10: 0000000000000024 R11: 0000000000000246 R12: 0000000000000001 [ 383.880057][ T5272] R13: 00007f42edfe6038 R14: 00007f42edfe5fa0 R15: 00007ffd58d15388 [ 383.880072][ T5272] [ 384.141749][ T5291] FAULT_INJECTION: forcing a failure. [ 384.141749][ T5291] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 384.184701][ T5291] CPU: 0 UID: 0 PID: 5291 Comm: syz.3.2338 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 384.184744][ T5291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 384.184758][ T5291] Call Trace: [ 384.184764][ T5291] [ 384.184772][ T5291] __dump_stack+0x21/0x30 [ 384.184806][ T5291] dump_stack_lvl+0x10c/0x190 [ 384.184830][ T5291] ? __cfi_dump_stack_lvl+0x10/0x10 [ 384.184854][ T5291] ? check_stack_object+0x12c/0x140 [ 384.184874][ T5291] dump_stack+0x19/0x20 [ 384.184896][ T5291] should_fail_ex+0x3d9/0x530 [ 384.184917][ T5291] should_fail+0xf/0x20 [ 384.184934][ T5291] should_fail_usercopy+0x1e/0x30 [ 384.184953][ T5291] _copy_to_user+0x24/0xa0 [ 384.184977][ T5291] simple_read_from_buffer+0xed/0x160 [ 384.185002][ T5291] proc_fail_nth_read+0x19e/0x210 [ 384.185025][ T5291] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 384.185048][ T5291] ? bpf_lsm_file_permission+0xd/0x20 [ 384.185070][ T5291] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 384.185092][ T5291] vfs_read+0x27d/0xc70 [ 384.185109][ T5291] ? __cfi_vfs_read+0x10/0x10 [ 384.185125][ T5291] ? __kasan_check_write+0x18/0x20 [ 384.185152][ T5291] ? mutex_lock+0x92/0x1c0 [ 384.185170][ T5291] ? __cfi_mutex_lock+0x10/0x10 [ 384.185186][ T5291] ? __fget_files+0x2c5/0x340 [ 384.185209][ T5291] ksys_read+0x141/0x250 [ 384.185225][ T5291] ? __cfi_ksys_read+0x10/0x10 [ 384.185242][ T5291] ? __kasan_check_read+0x15/0x20 [ 384.185286][ T5291] __x64_sys_read+0x7f/0x90 [ 384.185303][ T5291] x64_sys_call+0x2638/0x2ee0 [ 384.185328][ T5291] do_syscall_64+0x58/0xf0 [ 384.185352][ T5291] ? clear_bhb_loop+0x50/0xa0 [ 384.185375][ T5291] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 384.185394][ T5291] RIP: 0033:0x7f4d96d8e0dc [ 384.185411][ T5291] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 384.185426][ T5291] RSP: 002b:00007f4d97bd0030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 384.185450][ T5291] RAX: ffffffffffffffda RBX: 00007f4d96fe5fa0 RCX: 00007f4d96d8e0dc [ 384.185464][ T5291] RDX: 000000000000000f RSI: 00007f4d97bd00a0 RDI: 0000000000000007 [ 384.185476][ T5291] RBP: 00007f4d97bd0090 R08: 0000000000000000 R09: 0000000000000009 [ 384.185488][ T5291] R10: 0000000000000009 R11: 0000000000000246 R12: 0000000000000001 [ 384.185499][ T5291] R13: 00007f4d96fe6038 R14: 00007f4d96fe5fa0 R15: 00007ffcd9904df8 [ 384.185515][ T5291] [ 385.048037][ T36] audit: type=1326 audit(1763162592.519:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5303 comm="syz.2.2341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42edd8f6c9 code=0x7fc00000 [ 385.103083][ T36] audit: type=1326 audit(1763162592.519:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5303 comm="syz.2.2341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42edd8f6c9 code=0x7fc00000 [ 385.154623][ T36] audit: type=1326 audit(1763162592.519:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5303 comm="syz.2.2341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42edd8f6c9 code=0x7fc00000 [ 385.198806][ T36] audit: type=1326 audit(1763162592.519:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5303 comm="syz.2.2341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42edd8f6c9 code=0x7fc00000 [ 385.243416][ T36] audit: type=1326 audit(1763162592.519:290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5303 comm="syz.2.2341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42edd8f6c9 code=0x7fc00000 [ 385.294575][ T36] audit: type=1326 audit(1763162592.519:291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5303 comm="syz.2.2341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42edd8f6c9 code=0x7fc00000 [ 385.334600][ T36] audit: type=1326 audit(1763162592.519:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5303 comm="syz.2.2341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42edd8f6c9 code=0x7fc00000 [ 385.620775][ T5329] fuse: Bad value for 'group_id' [ 385.644683][ T5329] fuse: Bad value for 'group_id' [ 387.294323][ T5384] FAULT_INJECTION: forcing a failure. [ 387.294323][ T5384] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 387.334290][ T5384] CPU: 0 UID: 0 PID: 5384 Comm: syz.0.2380 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 387.334324][ T5384] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 387.334337][ T5384] Call Trace: [ 387.334343][ T5384] [ 387.334351][ T5384] __dump_stack+0x21/0x30 [ 387.334383][ T5384] dump_stack_lvl+0x10c/0x190 [ 387.334406][ T5384] ? __cfi_dump_stack_lvl+0x10/0x10 [ 387.334429][ T5384] dump_stack+0x19/0x20 [ 387.334451][ T5384] should_fail_ex+0x3d9/0x530 [ 387.334472][ T5384] should_fail+0xf/0x20 [ 387.334493][ T5384] should_fail_usercopy+0x1e/0x30 [ 387.334512][ T5384] strncpy_from_user+0x28/0x270 [ 387.334531][ T5384] getname_flags+0x102/0x710 [ 387.334551][ T5384] user_path_at+0x2b/0x60 [ 387.334570][ T5384] path_getxattr+0xa6/0x200 [ 387.334591][ T5384] ? path_setxattr+0x560/0x560 [ 387.334610][ T5384] __x64_sys_getxattr+0xa5/0xc0 [ 387.334635][ T5384] x64_sys_call+0x2c80/0x2ee0 [ 387.334660][ T5384] do_syscall_64+0x58/0xf0 [ 387.334683][ T5384] ? clear_bhb_loop+0x50/0xa0 [ 387.334704][ T5384] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 387.334723][ T5384] RIP: 0033:0x7fe80e18f6c9 [ 387.334740][ T5384] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 387.334756][ T5384] RSP: 002b:00007fe80f047038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bf [ 387.334778][ T5384] RAX: ffffffffffffffda RBX: 00007fe80e3e5fa0 RCX: 00007fe80e18f6c9 [ 387.334793][ T5384] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000040 [ 387.334805][ T5384] RBP: 00007fe80f047090 R08: 0000000000000000 R09: 0000000000000000 [ 387.334817][ T5384] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 387.334829][ T5384] R13: 00007fe80e3e6038 R14: 00007fe80e3e5fa0 R15: 00007ffcf305f9d8 [ 387.334845][ T5384] [ 387.959696][ T36] kauditd_printk_skb: 62 callbacks suppressed [ 387.959712][ T36] audit: type=1326 audit(1763162595.429:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5418 comm="syz.3.2395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d96d8f6c9 code=0x7fc00000 [ 388.368437][ T36] audit: type=1400 audit(1763162595.839:356): avc: denied { unmount } for pid=293 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 388.916675][ T12] bridge_slave_1: left allmulticast mode [ 388.923051][ T12] bridge_slave_1: left promiscuous mode [ 388.929121][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 388.944875][ T12] bridge_slave_0: left allmulticast mode [ 388.950938][ T12] bridge_slave_0: left promiscuous mode [ 388.964656][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 389.100742][ T12] veth1_macvtap: left promiscuous mode [ 389.107121][ T12] veth0_vlan: left promiscuous mode [ 389.258131][ T5504] bridge0: port 1(bridge_slave_0) entered blocking state [ 389.274115][ T5504] bridge0: port 1(bridge_slave_0) entered disabled state [ 389.281531][ T5504] bridge_slave_0: entered allmulticast mode [ 389.288328][ T5504] bridge_slave_0: entered promiscuous mode [ 389.304529][ T5504] bridge0: port 2(bridge_slave_1) entered blocking state [ 389.311877][ T5504] bridge0: port 2(bridge_slave_1) entered disabled state [ 389.319360][ T5504] bridge_slave_1: entered allmulticast mode [ 389.326423][ T5504] bridge_slave_1: entered promiscuous mode [ 389.448992][ T5504] bridge0: port 2(bridge_slave_1) entered blocking state [ 389.456097][ T5504] bridge0: port 2(bridge_slave_1) entered forwarding state [ 389.463416][ T5504] bridge0: port 1(bridge_slave_0) entered blocking state [ 389.470507][ T5504] bridge0: port 1(bridge_slave_0) entered forwarding state [ 389.535821][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 389.564451][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 389.576741][ T328] bridge0: port 1(bridge_slave_0) entered blocking state [ 389.583805][ T328] bridge0: port 1(bridge_slave_0) entered forwarding state [ 389.617008][ T328] bridge0: port 2(bridge_slave_1) entered blocking state [ 389.624105][ T328] bridge0: port 2(bridge_slave_1) entered forwarding state [ 389.720891][ T5504] veth0_vlan: entered promiscuous mode [ 389.747506][ T5504] veth1_macvtap: entered promiscuous mode [ 389.865670][ T5541] FAULT_INJECTION: forcing a failure. [ 389.865670][ T5541] name failslab, interval 1, probability 0, space 0, times 0 [ 389.899231][ T5541] CPU: 1 UID: 0 PID: 5541 Comm: syz.0.2448 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 389.899264][ T5541] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 389.899273][ T5541] Call Trace: [ 389.899279][ T5541] [ 389.899285][ T5541] __dump_stack+0x21/0x30 [ 389.899314][ T5541] dump_stack_lvl+0x10c/0x190 [ 389.899336][ T5541] ? __cfi_dump_stack_lvl+0x10/0x10 [ 389.899360][ T5541] ? __kasan_check_write+0x18/0x20 [ 389.899387][ T5541] ? proc_fail_nth_write+0x17e/0x210 [ 389.899412][ T5541] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 389.899435][ T5541] dump_stack+0x19/0x20 [ 389.899457][ T5541] should_fail_ex+0x3d9/0x530 [ 389.899476][ T5541] should_failslab+0xac/0x100 [ 389.899496][ T5541] kmem_cache_alloc_noprof+0x42/0x430 [ 389.899513][ T5541] ? getname_flags+0xc6/0x710 [ 389.899532][ T5541] getname_flags+0xc6/0x710 [ 389.899549][ T5541] ? build_open_flags+0x487/0x600 [ 389.899573][ T5541] getname+0x1b/0x30 [ 389.899589][ T5541] do_sys_openat2+0xcb/0x1c0 [ 389.899610][ T5541] ? fput+0x1a5/0x240 [ 389.899631][ T5541] ? do_sys_open+0x100/0x100 [ 389.899651][ T5541] ? ksys_write+0x1ef/0x250 [ 389.899667][ T5541] ? __cfi_ksys_write+0x10/0x10 [ 389.899685][ T5541] __x64_sys_openat+0x13a/0x170 [ 389.899708][ T5541] x64_sys_call+0xe69/0x2ee0 [ 389.899732][ T5541] do_syscall_64+0x58/0xf0 [ 389.899754][ T5541] ? clear_bhb_loop+0x50/0xa0 [ 389.899773][ T5541] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 389.899792][ T5541] RIP: 0033:0x7f762978df10 [ 389.899808][ T5541] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 69 95 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 bc 95 02 00 8b 44 [ 389.899823][ T5541] RSP: 002b:00007f762a6dbf10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 389.899844][ T5541] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f762978df10 [ 389.899859][ T5541] RDX: 0000000000000002 RSI: 00007f762a6dbfa0 RDI: 00000000ffffff9c [ 389.899872][ T5541] RBP: 00007f762a6dbfa0 R08: 0000000000000000 R09: 0000000000000000 [ 389.899884][ T5541] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 389.899896][ T5541] R13: 00007f76299e6038 R14: 00007f76299e5fa0 R15: 00007ffce138fb28 [ 389.899912][ T5541] [ 390.895618][ T36] audit: type=1400 audit(1763162598.369:357): avc: denied { set_context_mgr } for pid=5606 comm="syz.3.2477" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1 [ 390.916510][ T5607] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL } [ 390.916564][ T5607] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:216 [ 390.935039][ T5610] rust_binder: BINDER_SET_CONTEXT_MGR already set [ 390.944844][ T36] audit: type=1400 audit(1763162598.389:358): avc: denied { call } for pid=5606 comm="syz.3.2477" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1 [ 391.315560][ T5646] FAULT_INJECTION: forcing a failure. [ 391.315560][ T5646] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 391.353415][ T5646] CPU: 0 UID: 0 PID: 5646 Comm: syz.1.2493 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 391.353450][ T5646] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 391.353461][ T5646] Call Trace: [ 391.353468][ T5646] [ 391.353476][ T5646] __dump_stack+0x21/0x30 [ 391.353505][ T5646] dump_stack_lvl+0x10c/0x190 [ 391.353527][ T5646] ? __cfi_dump_stack_lvl+0x10/0x10 [ 391.353550][ T5646] ? check_stack_object+0x12c/0x140 [ 391.353569][ T5646] dump_stack+0x19/0x20 [ 391.353590][ T5646] should_fail_ex+0x3d9/0x530 [ 391.353610][ T5646] should_fail+0xf/0x20 [ 391.353627][ T5646] should_fail_usercopy+0x1e/0x30 [ 391.353647][ T5646] _copy_to_user+0x24/0xa0 [ 391.353671][ T5646] simple_read_from_buffer+0xed/0x160 [ 391.353695][ T5646] proc_fail_nth_read+0x19e/0x210 [ 391.353718][ T5646] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 391.353741][ T5646] ? bpf_lsm_file_permission+0xd/0x20 [ 391.353766][ T5646] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 391.353788][ T5646] vfs_read+0x27d/0xc70 [ 391.353804][ T5646] ? __send_signal_locked+0x885/0xb90 [ 391.353834][ T5646] ? __cfi_vfs_read+0x10/0x10 [ 391.353850][ T5646] ? __kasan_check_write+0x18/0x20 [ 391.353875][ T5646] ? mutex_lock+0x92/0x1c0 [ 391.353893][ T5646] ? __cfi_mutex_lock+0x10/0x10 [ 391.353909][ T5646] ? __fget_files+0x2c5/0x340 [ 391.353929][ T5646] ksys_read+0x141/0x250 [ 391.353946][ T5646] ? __cfi_ksys_read+0x10/0x10 [ 391.353963][ T5646] ? __kasan_check_read+0x15/0x20 [ 391.353987][ T5646] __x64_sys_read+0x7f/0x90 [ 391.354004][ T5646] x64_sys_call+0x2638/0x2ee0 [ 391.354029][ T5646] do_syscall_64+0x58/0xf0 [ 391.354050][ T5646] ? clear_bhb_loop+0x50/0xa0 [ 391.354070][ T5646] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 391.354088][ T5646] RIP: 0033:0x7f704df8e0dc [ 391.354103][ T5646] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 391.354117][ T5646] RSP: 002b:00007f704ed41030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 391.354135][ T5646] RAX: ffffffffffffffda RBX: 00007f704e1e5fa0 RCX: 00007f704df8e0dc [ 391.354149][ T5646] RDX: 000000000000000f RSI: 00007f704ed410a0 RDI: 0000000000000008 [ 391.354161][ T5646] RBP: 00007f704ed41090 R08: 0000000000000000 R09: 0000000000000000 [ 391.354173][ T5646] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 391.354184][ T5646] R13: 00007f704e1e6038 R14: 00007f704e1e5fa0 R15: 00007ffe36647058 [ 391.354199][ T5646] [ 391.838567][ T36] audit: type=1400 audit(1763162599.309:359): avc: denied { mount } for pid=5685 comm="syz.1.2512" name="/" dev="configfs" ino=2140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1 [ 391.862546][ T5688] FAULT_INJECTION: forcing a failure. [ 391.862546][ T5688] name failslab, interval 1, probability 0, space 0, times 0 [ 391.895066][ T5688] CPU: 0 UID: 0 PID: 5688 Comm: syz.1.2512 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 391.895103][ T5688] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 391.895115][ T5688] Call Trace: [ 391.895121][ T5688] [ 391.895129][ T5688] __dump_stack+0x21/0x30 [ 391.895157][ T5688] dump_stack_lvl+0x10c/0x190 [ 391.895181][ T5688] ? __cfi_dump_stack_lvl+0x10/0x10 [ 391.895204][ T5688] ? __kasan_check_write+0x18/0x20 [ 391.895230][ T5688] ? proc_fail_nth_write+0x17e/0x210 [ 391.895253][ T5688] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 391.895277][ T5688] dump_stack+0x19/0x20 [ 391.895298][ T5688] should_fail_ex+0x3d9/0x530 [ 391.895318][ T5688] should_failslab+0xac/0x100 [ 391.895339][ T5688] kmem_cache_alloc_noprof+0x42/0x430 [ 391.895356][ T5688] ? getname_flags+0xc6/0x710 [ 391.895375][ T5688] getname_flags+0xc6/0x710 [ 391.895392][ T5688] ? build_open_flags+0x487/0x600 [ 391.895416][ T5688] getname+0x1b/0x30 [ 391.895433][ T5688] do_sys_openat2+0xcb/0x1c0 [ 391.895455][ T5688] ? fput+0x1a5/0x240 [ 391.895475][ T5688] ? do_sys_open+0x100/0x100 [ 391.895498][ T5688] ? ksys_write+0x1ef/0x250 [ 391.895515][ T5688] ? __cfi_ksys_write+0x10/0x10 [ 391.895533][ T5688] __x64_sys_openat+0x13a/0x170 [ 391.895556][ T5688] x64_sys_call+0xe69/0x2ee0 [ 391.895581][ T5688] do_syscall_64+0x58/0xf0 [ 391.895603][ T5688] ? clear_bhb_loop+0x50/0xa0 [ 391.895623][ T5688] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 391.895642][ T5688] RIP: 0033:0x7f704df8f6c9 [ 391.895657][ T5688] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 391.895673][ T5688] RSP: 002b:00007f704ed41038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 391.895694][ T5688] RAX: ffffffffffffffda RBX: 00007f704e1e5fa0 RCX: 00007f704df8f6c9 [ 391.895709][ T5688] RDX: 000000000000275a RSI: 0000200000000080 RDI: ffffffffffffff9c [ 391.895723][ T5688] RBP: 00007f704ed41090 R08: 0000000000000000 R09: 0000000000000000 [ 391.895735][ T5688] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 391.895747][ T5688] R13: 00007f704e1e6038 R14: 00007f704e1e5fa0 R15: 00007ffe36647058 [ 391.895763][ T5688] [ 391.906751][ T36] audit: type=1400 audit(1763162599.329:360): avc: denied { search } for pid=5685 comm="syz.1.2512" name="/" dev="configfs" ino=2140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 392.146627][ T36] audit: type=1400 audit(1763162599.459:361): avc: denied { write } for pid=5701 comm="syz.1.2520" name="/" dev="configfs" ino=2140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 392.207198][ T36] audit: type=1400 audit(1763162599.459:362): avc: denied { add_name } for pid=5701 comm="syz.1.2520" name="blkio.bfq.group_wait_time" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 392.246679][ T36] audit: type=1400 audit(1763162599.459:363): avc: denied { create } for pid=5701 comm="syz.1.2520" name="blkio.bfq.group_wait_time" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:configfs_t tclass=file permissive=1 [ 392.312922][ T5748] FAULT_INJECTION: forcing a failure. [ 392.312922][ T5748] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 392.344372][ T5748] CPU: 0 UID: 0 PID: 5748 Comm: syz.1.2541 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 392.344408][ T5748] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 392.344421][ T5748] Call Trace: [ 392.344428][ T5748] [ 392.344435][ T5748] __dump_stack+0x21/0x30 [ 392.344465][ T5748] dump_stack_lvl+0x10c/0x190 [ 392.344488][ T5748] ? __cfi_dump_stack_lvl+0x10/0x10 [ 392.344512][ T5748] ? check_stack_object+0x82/0x140 [ 392.344531][ T5748] dump_stack+0x19/0x20 [ 392.344552][ T5748] should_fail_ex+0x3d9/0x530 [ 392.344571][ T5748] should_fail+0xf/0x20 [ 392.344587][ T5748] should_fail_usercopy+0x1e/0x30 [ 392.344606][ T5748] _copy_from_user+0x22/0xb0 [ 392.344627][ T5748] memdup_user+0x81/0x180 [ 392.344652][ T5748] ? strndup_user+0x40/0xd0 [ 392.344675][ T5748] strndup_user+0x6c/0xd0 [ 392.344700][ T5748] __se_sys_mount+0x9f/0x480 [ 392.344746][ T5748] ? ksys_write+0x1ef/0x250 [ 392.344764][ T5748] ? __x64_sys_mount+0xf0/0xf0 [ 392.344788][ T5748] __x64_sys_mount+0xc3/0xf0 [ 392.344806][ T5748] x64_sys_call+0x2021/0x2ee0 [ 392.344830][ T5748] do_syscall_64+0x58/0xf0 [ 392.344852][ T5748] ? clear_bhb_loop+0x50/0xa0 [ 392.344872][ T5748] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 392.344891][ T5748] RIP: 0033:0x7f704df8f6c9 [ 392.344907][ T5748] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 392.344923][ T5748] RSP: 002b:00007f704ed41038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 392.344945][ T5748] RAX: ffffffffffffffda RBX: 00007f704e1e5fa0 RCX: 00007f704df8f6c9 [ 392.344959][ T5748] RDX: 00002000000001c0 RSI: 0000200000000180 RDI: 0000000000000000 [ 392.344972][ T5748] RBP: 00007f704ed41090 R08: 0000200000000000 R09: 0000000000000000 [ 392.344986][ T5748] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 392.344998][ T5748] R13: 00007f704e1e6038 R14: 00007f704e1e5fa0 R15: 00007ffe36647058 [ 392.345014][ T5748] [ 392.925499][ T5792] bridge0: port 1(bridge_slave_0) entered blocking state [ 392.934312][ T5792] bridge0: port 1(bridge_slave_0) entered disabled state [ 392.963461][ T5792] bridge_slave_0: entered allmulticast mode [ 392.971529][ T5792] bridge_slave_0: entered promiscuous mode [ 392.978376][ T5792] bridge0: port 2(bridge_slave_1) entered blocking state [ 392.985643][ T5792] bridge0: port 2(bridge_slave_1) entered disabled state [ 392.992766][ T5792] bridge_slave_1: entered allmulticast mode [ 392.999377][ T5792] bridge_slave_1: entered promiscuous mode [ 393.132594][ T5792] bridge0: port 2(bridge_slave_1) entered blocking state [ 393.139770][ T5792] bridge0: port 2(bridge_slave_1) entered forwarding state [ 393.147109][ T5792] bridge0: port 1(bridge_slave_0) entered blocking state [ 393.154149][ T5792] bridge0: port 1(bridge_slave_0) entered forwarding state [ 393.210258][ T5824] netlink: 128 bytes leftover after parsing attributes in process `syz.2.2567'. [ 393.227620][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 393.247517][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 393.267210][ T328] bridge0: port 1(bridge_slave_0) entered blocking state [ 393.274316][ T328] bridge0: port 1(bridge_slave_0) entered forwarding state [ 393.286595][ T328] bridge0: port 2(bridge_slave_1) entered blocking state [ 393.293677][ T328] bridge0: port 2(bridge_slave_1) entered forwarding state [ 393.310280][ T5830] FAULT_INJECTION: forcing a failure. [ 393.310280][ T5830] name failslab, interval 1, probability 0, space 0, times 0 [ 393.343558][ T5830] CPU: 1 UID: 0 PID: 5830 Comm: syz.3.2573 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 393.343589][ T5830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 393.343601][ T5830] Call Trace: [ 393.343607][ T5830] [ 393.343614][ T5830] __dump_stack+0x21/0x30 [ 393.343649][ T5830] dump_stack_lvl+0x10c/0x190 [ 393.343670][ T5830] ? __cfi_dump_stack_lvl+0x10/0x10 [ 393.343692][ T5830] dump_stack+0x19/0x20 [ 393.343710][ T5830] should_fail_ex+0x3d9/0x530 [ 393.343728][ T5830] should_failslab+0xac/0x100 [ 393.343747][ T5830] __kmalloc_node_noprof+0x6c/0x520 [ 393.343765][ T5830] ? __kvmalloc_node_noprof+0x11d/0x300 [ 393.343790][ T5830] ? __check_object_size+0xe0/0x810 [ 393.343808][ T5830] __kvmalloc_node_noprof+0x11d/0x300 [ 393.343830][ T5830] ? __cfi___kvmalloc_node_noprof+0x10/0x10 [ 393.343854][ T5830] vmemdup_user+0x40/0x190 [ 393.343876][ T5830] ? __se_sys_fsetxattr+0x29c/0x4b0 [ 393.343901][ T5830] __se_sys_fsetxattr+0x2dd/0x4b0 [ 393.343925][ T5830] ? __x64_sys_fsetxattr+0xf0/0xf0 [ 393.343960][ T5830] ? __cfi_ksys_write+0x10/0x10 [ 393.343978][ T5830] __x64_sys_fsetxattr+0xc3/0xf0 [ 393.344001][ T5830] x64_sys_call+0x1a16/0x2ee0 [ 393.344024][ T5830] do_syscall_64+0x58/0xf0 [ 393.344044][ T5830] ? clear_bhb_loop+0x50/0xa0 [ 393.344063][ T5830] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 393.344082][ T5830] RIP: 0033:0x7f4d96d8f6c9 [ 393.344097][ T5830] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 393.344112][ T5830] RSP: 002b:00007f4d97bd0038 EFLAGS: 00000246 ORIG_RAX: 00000000000000be [ 393.344130][ T5830] RAX: ffffffffffffffda RBX: 00007f4d96fe5fa0 RCX: 00007f4d96d8f6c9 [ 393.344143][ T5830] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000007 [ 393.344155][ T5830] RBP: 00007f4d97bd0090 R08: 0000000000000001 R09: 0000000000000000 [ 393.344166][ T5830] R10: 0000000000000024 R11: 0000000000000246 R12: 0000000000000001 [ 393.344178][ T5830] R13: 00007f4d96fe6038 R14: 00007f4d96fe5fa0 R15: 00007ffcd9904df8 [ 393.344193][ T5830] [ 393.561991][ T5792] veth0_vlan: entered promiscuous mode [ 393.585588][ T5792] veth1_macvtap: entered promiscuous mode [ 393.869007][ T328] bridge_slave_1: left allmulticast mode [ 393.884672][ T328] bridge_slave_1: left promiscuous mode [ 393.890547][ T328] bridge0: port 2(bridge_slave_1) entered disabled state [ 393.915759][ T328] bridge_slave_0: left allmulticast mode [ 393.921460][ T328] bridge_slave_0: left promiscuous mode [ 393.944775][ T328] bridge0: port 1(bridge_slave_0) entered disabled state [ 394.056809][ T5881] FAULT_INJECTION: forcing a failure. [ 394.056809][ T5881] name failslab, interval 1, probability 0, space 0, times 0 [ 394.069973][ T5881] CPU: 0 UID: 0 PID: 5881 Comm: syz.0.2590 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 394.070013][ T5881] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 394.070025][ T5881] Call Trace: [ 394.070032][ T5881] [ 394.070038][ T5881] __dump_stack+0x21/0x30 [ 394.070067][ T5881] dump_stack_lvl+0x10c/0x190 [ 394.070088][ T5881] ? __cfi_dump_stack_lvl+0x10/0x10 [ 394.070110][ T5881] ? __kasan_check_write+0x18/0x20 [ 394.070135][ T5881] ? proc_fail_nth_write+0x17e/0x210 [ 394.070156][ T5881] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 394.070176][ T5881] dump_stack+0x19/0x20 [ 394.070194][ T5881] should_fail_ex+0x3d9/0x530 [ 394.070215][ T5881] should_failslab+0xac/0x100 [ 394.070233][ T5881] kmem_cache_alloc_noprof+0x42/0x430 [ 394.070250][ T5881] ? getname_flags+0xc6/0x710 [ 394.070268][ T5881] getname_flags+0xc6/0x710 [ 394.070283][ T5881] ? build_open_flags+0x487/0x600 [ 394.070304][ T5881] getname+0x1b/0x30 [ 394.070319][ T5881] do_sys_openat2+0xcb/0x1c0 [ 394.070339][ T5881] ? fput+0x1a5/0x240 [ 394.070359][ T5881] ? do_sys_open+0x100/0x100 [ 394.070381][ T5881] ? ksys_write+0x1ef/0x250 [ 394.070398][ T5881] ? __cfi_ksys_write+0x10/0x10 [ 394.070416][ T5881] __x64_sys_openat+0x13a/0x170 [ 394.070440][ T5881] x64_sys_call+0xe69/0x2ee0 [ 394.070465][ T5881] do_syscall_64+0x58/0xf0 [ 394.070489][ T5881] ? clear_bhb_loop+0x50/0xa0 [ 394.070511][ T5881] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 394.070530][ T5881] RIP: 0033:0x7f762978f6c9 [ 394.070547][ T5881] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 394.070564][ T5881] RSP: 002b:00007f762a6dc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 394.070587][ T5881] RAX: ffffffffffffffda RBX: 00007f76299e5fa0 RCX: 00007f762978f6c9 [ 394.070602][ T5881] RDX: 000000000000275a RSI: 0000200000000080 RDI: ffffffffffffff9c [ 394.070616][ T5881] RBP: 00007f762a6dc090 R08: 0000000000000000 R09: 0000000000000000 [ 394.070630][ T5881] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 394.070642][ T5881] R13: 00007f76299e6038 R14: 00007f76299e5fa0 R15: 00007ffce138fb28 [ 394.070659][ T5881] [ 394.296842][ T328] veth1_macvtap: left promiscuous mode [ 394.302393][ T328] veth0_vlan: left promiscuous mode [ 394.405928][ T5873] bridge0: port 1(bridge_slave_0) entered blocking state [ 394.413045][ T5873] bridge0: port 1(bridge_slave_0) entered disabled state [ 394.421037][ T5873] bridge_slave_0: entered allmulticast mode [ 394.427686][ T5873] bridge_slave_0: entered promiscuous mode [ 394.434289][ T5873] bridge0: port 2(bridge_slave_1) entered blocking state [ 394.441545][ T5873] bridge0: port 2(bridge_slave_1) entered disabled state [ 394.448867][ T5873] bridge_slave_1: entered allmulticast mode [ 394.455986][ T5873] bridge_slave_1: entered promiscuous mode [ 394.579370][ T5873] bridge0: port 2(bridge_slave_1) entered blocking state [ 394.586511][ T5873] bridge0: port 2(bridge_slave_1) entered forwarding state [ 394.593814][ T5873] bridge0: port 1(bridge_slave_0) entered blocking state [ 394.600916][ T5873] bridge0: port 1(bridge_slave_0) entered forwarding state [ 394.705044][ T328] bridge0: port 1(bridge_slave_0) entered disabled state [ 394.722828][ T328] bridge0: port 2(bridge_slave_1) entered disabled state [ 394.732859][ T328] bridge0: port 1(bridge_slave_0) entered blocking state [ 394.739983][ T328] bridge0: port 1(bridge_slave_0) entered forwarding state [ 394.762324][ T328] bridge0: port 2(bridge_slave_1) entered blocking state [ 394.769450][ T328] bridge0: port 2(bridge_slave_1) entered forwarding state [ 394.805343][ T5873] veth0_vlan: entered promiscuous mode [ 394.825101][ T5873] veth1_macvtap: entered promiscuous mode [ 395.696392][ T36] audit: type=1400 audit(1763162603.169:364): avc: denied { sqpoll } for pid=6005 comm="syz.3.2650" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 395.796053][ T36] audit: type=1400 audit(1763162603.269:365): avc: denied { create } for pid=6019 comm="syz.0.2656" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_nflog_socket permissive=1 [ 396.166917][ T6068] FAULT_INJECTION: forcing a failure. [ 396.166917][ T6068] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 396.203730][ T6068] CPU: 0 UID: 0 PID: 6068 Comm: syz.0.2680 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 396.203766][ T6068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 396.203778][ T6068] Call Trace: [ 396.203785][ T6068] [ 396.203793][ T6068] __dump_stack+0x21/0x30 [ 396.203830][ T6068] dump_stack_lvl+0x10c/0x190 [ 396.203853][ T6068] ? __cfi_dump_stack_lvl+0x10/0x10 [ 396.203877][ T6068] ? check_stack_object+0x82/0x140 [ 396.203895][ T6068] dump_stack+0x19/0x20 [ 396.203917][ T6068] should_fail_ex+0x3d9/0x530 [ 396.203938][ T6068] should_fail+0xf/0x20 [ 396.203954][ T6068] should_fail_usercopy+0x1e/0x30 [ 396.203973][ T6068] _copy_from_user+0x22/0xb0 [ 396.203995][ T6068] memdup_user+0x81/0x180 [ 396.204020][ T6068] ? strndup_user+0x40/0xd0 [ 396.204044][ T6068] strndup_user+0x6c/0xd0 [ 396.204067][ T6068] __se_sys_mount+0x9f/0x480 [ 396.204085][ T6068] ? ksys_write+0x1ef/0x250 [ 396.204104][ T6068] ? __x64_sys_mount+0xf0/0xf0 [ 396.204122][ T6068] __x64_sys_mount+0xc3/0xf0 [ 396.204139][ T6068] x64_sys_call+0x2021/0x2ee0 [ 396.204163][ T6068] do_syscall_64+0x58/0xf0 [ 396.204187][ T6068] ? clear_bhb_loop+0x50/0xa0 [ 396.204208][ T6068] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 396.204231][ T6068] RIP: 0033:0x7f762978f6c9 [ 396.204247][ T6068] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 396.204263][ T6068] RSP: 002b:00007f762a6dc038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 396.204285][ T6068] RAX: ffffffffffffffda RBX: 00007f76299e5fa0 RCX: 00007f762978f6c9 [ 396.204299][ T6068] RDX: 0000200000002100 RSI: 00002000000020c0 RDI: 0000000000000000 [ 396.204313][ T6068] RBP: 00007f762a6dc090 R08: 0000200000000380 R09: 0000000000000000 [ 396.204326][ T6068] R10: 0000000000000080 R11: 0000000000000246 R12: 0000000000000001 [ 396.204338][ T6068] R13: 00007f76299e6038 R14: 00007f76299e5fa0 R15: 00007ffce138fb28 [ 396.204355][ T6068] [ 397.007436][ T6141] loop5: detected capacity change from 0 to 7 [ 399.397903][ T6241] loop5: detected capacity change from 0 to 7 [ 400.294684][ T36] audit: type=1326 audit(1763162607.759:366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6305 comm="syz.0.2789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f762978f6c9 code=0x7fc00000 [ 400.804674][ T36] audit: type=1326 audit(1763162608.269:367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6329 comm="syz.2.2801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0aa98f6c9 code=0x7fc00000 [ 401.252898][ T6383] FAULT_INJECTION: forcing a failure. [ 401.252898][ T6383] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 401.266369][ T6383] CPU: 0 UID: 0 PID: 6383 Comm: syz.0.2827 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 401.266407][ T6383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 401.266418][ T6383] Call Trace: [ 401.266423][ T6383] [ 401.266443][ T6383] __dump_stack+0x21/0x30 [ 401.266470][ T6383] dump_stack_lvl+0x10c/0x190 [ 401.266491][ T6383] ? __cfi_dump_stack_lvl+0x10/0x10 [ 401.266512][ T6383] ? proc_fail_nth_write+0x17e/0x210 [ 401.266536][ T6383] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 401.266557][ T6383] dump_stack+0x19/0x20 [ 401.266578][ T6383] should_fail_ex+0x3d9/0x530 [ 401.266594][ T6383] should_fail_alloc_page+0xeb/0x110 [ 401.266614][ T6383] __alloc_pages_noprof+0x19b/0x7b0 [ 401.266637][ T6383] ? __cfi___alloc_pages_noprof+0x10/0x10 [ 401.266658][ T6383] ? __kasan_check_write+0x18/0x20 [ 401.266685][ T6383] ? mutex_unlock+0x8b/0x240 [ 401.266702][ T6383] ? __fget_files+0x2c5/0x340 [ 401.266718][ T6383] ? __kasan_check_write+0x18/0x20 [ 401.266743][ T6383] get_free_pages_noprof+0x14/0x40 [ 401.266765][ T6383] __se_sys_mincore+0x14f/0xb70 [ 401.266788][ T6383] __x64_sys_mincore+0x7f/0xa0 [ 401.266808][ T6383] x64_sys_call+0x2b24/0x2ee0 [ 401.266831][ T6383] do_syscall_64+0x58/0xf0 [ 401.266852][ T6383] ? clear_bhb_loop+0x50/0xa0 [ 401.266872][ T6383] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 401.266891][ T6383] RIP: 0033:0x7f762978f6c9 [ 401.266908][ T6383] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 401.266925][ T6383] RSP: 002b:00007f762a6dc038 EFLAGS: 00000246 ORIG_RAX: 000000000000001b [ 401.266946][ T6383] RAX: ffffffffffffffda RBX: 00007f76299e5fa0 RCX: 00007f762978f6c9 [ 401.266961][ T6383] RDX: 0000200000000040 RSI: 0000000000002000 RDI: 0000200000001000 [ 401.266974][ T6383] RBP: 00007f762a6dc090 R08: 0000000000000000 R09: 0000000000000000 [ 401.266986][ T6383] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 401.266996][ T6383] R13: 00007f76299e6038 R14: 00007f76299e5fa0 R15: 00007ffce138fb28 [ 401.267011][ T6383] [ 403.250297][ T6582] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2918'. [ 403.899203][ T6642] loop5: detected capacity change from 0 to 7 [ 404.242432][ T36] audit: type=1326 audit(1763162611.709:368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6669 comm="syz.1.2958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33f538f6c9 code=0x7fc00000 [ 404.267620][ T36] audit: type=1326 audit(1763162611.709:369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6669 comm="syz.1.2958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33f538f6c9 code=0x7fc00000 [ 404.292846][ T36] audit: type=1326 audit(1763162611.709:370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6669 comm="syz.1.2958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33f538f6c9 code=0x7fc00000 [ 405.500232][ T6759] loop5: detected capacity change from 0 to 7 [ 406.440509][ T36] audit: type=1326 audit(1763162613.909:371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6818 comm="syz.2.3027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0aa98f6c9 code=0x7fc00000 [ 406.494833][ T36] audit: type=1326 audit(1763162613.909:372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6818 comm="syz.2.3027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0aa98f6c9 code=0x7fc00000 [ 406.544690][ T36] audit: type=1326 audit(1763162613.909:373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6818 comm="syz.2.3027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0aa98f6c9 code=0x7fc00000 [ 406.669835][ T6838] loop5: detected capacity change from 0 to 7 [ 406.954434][ T36] audit: type=1326 audit(1763162614.419:374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6864 comm="syz.3.3047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d96d8f6c9 code=0x7fc00000 [ 407.140799][ T6907] loop5: detected capacity change from 0 to 7 [ 407.159791][ T36] audit: type=1326 audit(1763162614.629:375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6897 comm="syz.0.3063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f762978f6c9 code=0x7fc00000 [ 407.314327][ T36] audit: type=1326 audit(1763162614.779:376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6915 comm="syz.0.3072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f762978f6c9 code=0x7fc00000 [ 407.382001][ T36] audit: type=1326 audit(1763162614.849:377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6927 comm="syz.0.3078" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f762978f6c9 code=0x7fc00000 [ 408.018603][ T6970] FAULT_INJECTION: forcing a failure. [ 408.018603][ T6970] name failslab, interval 1, probability 0, space 0, times 0 [ 408.038885][ T6970] CPU: 0 UID: 0 PID: 6970 Comm: syz.3.3091 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 408.038921][ T6970] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 408.038934][ T6970] Call Trace: [ 408.038940][ T6970] [ 408.038947][ T6970] __dump_stack+0x21/0x30 [ 408.038976][ T6970] dump_stack_lvl+0x10c/0x190 [ 408.039008][ T6970] ? __cfi_dump_stack_lvl+0x10/0x10 [ 408.039032][ T6970] dump_stack+0x19/0x20 [ 408.039054][ T6970] should_fail_ex+0x3d9/0x530 [ 408.039073][ T6970] should_failslab+0xac/0x100 [ 408.039093][ T6970] kmem_cache_alloc_noprof+0x42/0x430 [ 408.039112][ T6970] ? __kasan_check_read+0x15/0x20 [ 408.039137][ T6970] ? __kernfs_new_node+0xe4/0x700 [ 408.039158][ T6970] __kernfs_new_node+0xe4/0x700 [ 408.039178][ T6970] ? kernfs_new_node+0x280/0x280 [ 408.039199][ T6970] kernfs_new_node+0x154/0x280 [ 408.039219][ T6970] kernfs_create_dir_ns+0x4b/0x130 [ 408.039239][ T6970] internal_create_group+0x429/0xe80 [ 408.039259][ T6970] ? __cfi_mutex_unlock+0x10/0x10 [ 408.039276][ T6970] ? sysfs_create_group+0x40/0x40 [ 408.039290][ T6970] ? queue_limits_commit_update+0xbf/0x280 [ 408.039315][ T6970] ? __asan_memcpy+0x5a/0x80 [ 408.039330][ T6970] sysfs_create_group+0x23/0x40 [ 408.039345][ T6970] loop_configure+0xcd3/0x1310 [ 408.039368][ T6970] ? __cfi_stack_trace_consume_entry+0x10/0x10 [ 408.039397][ T6970] ? __cfi_loop_configure+0x10/0x10 [ 408.039420][ T6970] ? is_bpf_text_address+0x17b/0x1a0 [ 408.039442][ T6970] ? __kasan_check_write+0x18/0x20 [ 408.039468][ T6970] lo_ioctl+0x802/0x1d50 [ 408.039489][ T6970] ? __cfi_lo_ioctl+0x10/0x10 [ 408.039509][ T6970] ? stack_depot_save_flags+0x38/0x800 [ 408.039528][ T6970] ? stack_trace_save+0x9d/0xe0 [ 408.039552][ T6970] ? kasan_save_track+0x4f/0x80 [ 408.039570][ T6970] ? kasan_save_track+0x3e/0x80 [ 408.039587][ T6970] ? kasan_save_alloc_info+0x40/0x50 [ 408.039610][ T6970] ? __kasan_slab_alloc+0x73/0x90 [ 408.039628][ T6970] ? kmem_cache_alloc_noprof+0x1cb/0x430 [ 408.039644][ T6970] ? security_inode_alloc+0x51/0x200 [ 408.039669][ T6970] ? inode_init_always_gfp+0x756/0x9e0 [ 408.039689][ T6970] ? alloc_inode+0xc5/0x270 [ 408.039708][ T6970] ? new_inode+0x25/0x1e0 [ 408.039726][ T6970] ? proc_pid_make_inode+0x25/0x140 [ 408.039742][ T6970] ? proc_pident_instantiate+0x6d/0x2c0 [ 408.039778][ T6970] ? proc_pident_lookup+0x1c7/0x270 [ 408.039797][ T6970] ? proc_tid_base_lookup+0x2f/0x40 [ 408.039826][ T6970] ? path_openat+0x1301/0x34b0 [ 408.039852][ T6970] ? do_filp_open+0x1c6/0x3e0 [ 408.039879][ T6970] ? do_sys_openat2+0x12c/0x1c0 [ 408.039902][ T6970] ? __x64_sys_openat+0x13a/0x170 [ 408.039925][ T6970] ? x64_sys_call+0xe69/0x2ee0 [ 408.039951][ T6970] ? do_syscall_64+0x58/0xf0 [ 408.039973][ T6970] ? entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 408.040007][ T6970] ? avc_has_perm_noaudit+0x268/0x360 [ 408.040033][ T6970] ? __asan_memcpy+0x5a/0x80 [ 408.040049][ T6970] ? avc_has_perm_noaudit+0x286/0x360 [ 408.040074][ T6970] ? avc_has_perm+0x144/0x220 [ 408.040097][ T6970] ? __cfi_avc_has_perm+0x10/0x10 [ 408.040120][ T6970] ? kasan_save_alloc_info+0x40/0x50 [ 408.040146][ T6970] ? selinux_file_open+0x457/0x610 [ 408.040175][ T6970] ? __cfi_selinux_file_open+0x10/0x10 [ 408.040198][ T6970] ? avc_has_extended_perms+0x7c7/0xdd0 [ 408.040222][ T6970] ? __asan_memcpy+0x5a/0x80 [ 408.040239][ T6970] ? avc_has_extended_perms+0x921/0xdd0 [ 408.040274][ T6970] ? do_vfs_ioctl+0xeda/0x1e30 [ 408.040294][ T6970] ? arch_stack_walk+0x10b/0x170 [ 408.040311][ T6970] ? __ia32_compat_sys_ioctl+0x850/0x850 [ 408.040333][ T6970] ? _parse_integer+0x2e/0x40 [ 408.040361][ T6970] ? blkdev_common_ioctl+0x10e4/0x2810 [ 408.040387][ T6970] ? blkdev_bszset+0x220/0x220 [ 408.040411][ T6970] ? has_cap_mac_admin+0xd0/0xd0 [ 408.040434][ T6970] ? proc_fail_nth_write+0x17e/0x210 [ 408.040461][ T6970] ? __kasan_check_write+0x18/0x20 [ 408.040486][ T6970] ? mutex_unlock+0x8b/0x240 [ 408.040502][ T6970] ? __cfi_mutex_unlock+0x10/0x10 [ 408.040519][ T6970] ? __fget_files+0x2c5/0x340 [ 408.040538][ T6970] ? __cfi_lo_ioctl+0x10/0x10 [ 408.040558][ T6970] blkdev_ioctl+0x546/0x680 [ 408.040581][ T6970] ? __cfi_blkdev_ioctl+0x10/0x10 [ 408.040605][ T6970] ? bpf_lsm_file_ioctl+0xd/0x20 [ 408.040628][ T6970] ? security_file_ioctl+0x34/0xd0 [ 408.040648][ T6970] ? __cfi_blkdev_ioctl+0x10/0x10 [ 408.040670][ T6970] __se_sys_ioctl+0x135/0x1b0 [ 408.040690][ T6970] __x64_sys_ioctl+0x7f/0xa0 [ 408.040709][ T6970] x64_sys_call+0x1878/0x2ee0 [ 408.040733][ T6970] do_syscall_64+0x58/0xf0 [ 408.040754][ T6970] ? clear_bhb_loop+0x50/0xa0 [ 408.040775][ T6970] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 408.040793][ T6970] RIP: 0033:0x7f4d96d8f6c9 [ 408.040810][ T6970] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 408.040826][ T6970] RSP: 002b:00007f4d97bd0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 408.040847][ T6970] RAX: ffffffffffffffda RBX: 00007f4d96fe5fa0 RCX: 00007f4d96d8f6c9 [ 408.040862][ T6970] RDX: 00002000000004c0 RSI: 0000000000004c0a RDI: 0000000000000008 [ 408.040875][ T6970] RBP: 00007f4d97bd0090 R08: 0000000000000000 R09: 0000000000000000 [ 408.040888][ T6970] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 408.040900][ T6970] R13: 00007f4d96fe6038 R14: 00007f4d96fe5fa0 R15: 00007ffcd9904df8 [ 408.040917][ T6970] [ 408.041788][ T6970] loop5: detected capacity change from 0 to 7 [ 409.005054][ T36] audit: type=1326 audit(1763162616.479:378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6998 comm="syz.2.3109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0aa98f6c9 code=0x7fc00000 [ 409.651485][ T36] audit: type=1326 audit(1763162617.119:379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6998 comm="syz.2.3109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fe0aa98f6c9 code=0x7fc00000 [ 410.281241][ T36] audit: type=1326 audit(1763162617.749:380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7122 comm="syz.2.3168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0aa98f6c9 code=0x7fc00000 [ 412.095489][ T7252] loop5: detected capacity change from 0 to 7 [ 412.374465][ T7270] loop5: detected capacity change from 0 to 7 [ 412.968047][ T36] audit: type=1326 audit(1763162620.439:381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7296 comm="syz.1.3249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33f538f6c9 code=0x7fc00000 [ 414.172512][ T7357] loop5: detected capacity change from 0 to 7 [ 414.777111][ T7394] rust_binder: Failure when writing BR_NOOP at beginning of buffer. [ 414.777140][ T7394] rust_binder: Read failure Err(EFAULT) in pid:531 [ 414.946715][ T36] audit: type=1326 audit(1763162622.419:382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7395 comm="syz.0.3297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f762978f6c9 code=0x7fc00000 [ 415.165814][ T7414] rust_binder: Failure when writing BR_NOOP at beginning of buffer. [ 415.165843][ T7414] rust_binder: Read failure Err(EFAULT) in pid:425 [ 415.367187][ T7434] rust_binder: Failure when writing BR_NOOP at beginning of buffer. [ 415.373767][ T7434] rust_binder: Read failure Err(EFAULT) in pid:439 [ 415.657152][ T36] audit: type=1326 audit(1763162623.129:383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7395 comm="syz.0.3297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f762978f6c9 code=0x7fc00000 [ 415.791433][ T36] audit: type=1400 audit(1763162623.259:384): avc: denied { map } for pid=7493 comm="syz.3.3342" path="/dev/binderfs/binder1" dev="binder" ino=5 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 415.822268][ T7495] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:782 [ 416.174561][ T36] audit: type=1326 audit(1763162623.639:385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7519 comm="syz.3.3354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d96d8f6c9 code=0x7fc00000 [ 416.787288][ T36] audit: type=1326 audit(1763162624.259:386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7562 comm="syz.1.3375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33f538f6c9 code=0x7fc00000 [ 417.126260][ T36] audit: type=1326 audit(1763162624.599:387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7584 comm="syz.3.3386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d96d8f6c9 code=0x7fc00000 [ 417.543348][ T36] audit: type=1326 audit(1763162625.009:388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7609 comm="syz.3.3397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d96d8f6c9 code=0x7fc00000 [ 417.660848][ T36] audit: type=1326 audit(1763162625.129:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7611 comm="syz.3.3398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d96d8f6c9 code=0x7fc00000 [ 417.870492][ T36] audit: type=1400 audit(1763162625.339:390): avc: denied { create } for pid=7622 comm="syz.1.3401" name="file2" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 417.960688][ T7631] loop5: detected capacity change from 0 to 7 [ 418.375794][ T7653] FAULT_INJECTION: forcing a failure. [ 418.375794][ T7653] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 418.394438][ T36] kauditd_printk_skb: 1 callbacks suppressed [ 418.394469][ T36] audit: type=1326 audit(1763162625.859:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7611 comm="syz.3.3398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f4d96d8f6c9 code=0x7fc00000 [ 418.484749][ T7653] CPU: 1 UID: 0 PID: 7653 Comm: syz.0.3413 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 418.484786][ T7653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 418.484795][ T7653] Call Trace: [ 418.484801][ T7653] [ 418.484809][ T7653] __dump_stack+0x21/0x30 [ 418.484840][ T7653] dump_stack_lvl+0x10c/0x190 [ 418.484861][ T7653] ? __cfi_dump_stack_lvl+0x10/0x10 [ 418.484881][ T7653] ? proc_fail_nth_write+0x17e/0x210 [ 418.484902][ T7653] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 418.484923][ T7653] dump_stack+0x19/0x20 [ 418.484945][ T7653] should_fail_ex+0x3d9/0x530 [ 418.484965][ T7653] should_fail_alloc_page+0xeb/0x110 [ 418.484985][ T7653] __alloc_pages_noprof+0x19b/0x7b0 [ 418.485006][ T7653] ? __cfi___alloc_pages_noprof+0x10/0x10 [ 418.485025][ T7653] ? __kasan_check_write+0x18/0x20 [ 418.485049][ T7653] ? mutex_unlock+0x8b/0x240 [ 418.485080][ T7653] ? __fget_files+0x2c5/0x340 [ 418.485100][ T7653] ? __kasan_check_write+0x18/0x20 [ 418.485123][ T7653] get_free_pages_noprof+0x14/0x40 [ 418.485145][ T7653] __se_sys_mincore+0x14f/0xb70 [ 418.485171][ T7653] __x64_sys_mincore+0x7f/0xa0 [ 418.485191][ T7653] x64_sys_call+0x2b24/0x2ee0 [ 418.485212][ T7653] do_syscall_64+0x58/0xf0 [ 418.485230][ T7653] ? clear_bhb_loop+0x50/0xa0 [ 418.485249][ T7653] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 418.485266][ T7653] RIP: 0033:0x7f762978f6c9 [ 418.485282][ T7653] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 418.485297][ T7653] RSP: 002b:00007f762a6dc038 EFLAGS: 00000246 ORIG_RAX: 000000000000001b [ 418.485317][ T7653] RAX: ffffffffffffffda RBX: 00007f76299e5fa0 RCX: 00007f762978f6c9 [ 418.485330][ T7653] RDX: 0000200000000040 RSI: 0000000000002000 RDI: 0000200000001000 [ 418.485343][ T7653] RBP: 00007f762a6dc090 R08: 0000000000000000 R09: 0000000000000000 [ 418.485356][ T7653] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 418.485366][ T7653] R13: 00007f76299e6038 R14: 00007f76299e5fa0 R15: 00007ffce138fb28 [ 418.485380][ T7653] [ 419.581082][ T7719] netlink: 'syz.2.3442': attribute type 10 has an invalid length. [ 419.594096][ T7719] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3442'. [ 419.605826][ T7719] veth1: entered promiscuous mode [ 419.763713][ T36] audit: type=1326 audit(1763162627.229:393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7672 comm="syz.3.3422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d96d8f6c9 code=0x7fc00000 [ 419.818525][ T7740] loop5: detected capacity change from 0 to 7 [ 420.269220][ T36] audit: type=1400 audit(1763162627.739:394): avc: denied { wake_alarm } for pid=7751 comm="syz.0.3453" capability=35 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 420.290770][ T7752] FAULT_INJECTION: forcing a failure. [ 420.290770][ T7752] name failslab, interval 1, probability 0, space 0, times 0 [ 420.330610][ T7752] CPU: 1 UID: 0 PID: 7752 Comm: syz.0.3453 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 420.330647][ T7752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 420.330659][ T7752] Call Trace: [ 420.330665][ T7752] [ 420.330673][ T7752] __dump_stack+0x21/0x30 [ 420.330701][ T7752] dump_stack_lvl+0x10c/0x190 [ 420.330724][ T7752] ? __cfi_dump_stack_lvl+0x10/0x10 [ 420.330747][ T7752] ? release_sock+0x171/0x1f0 [ 420.330768][ T7752] dump_stack+0x19/0x20 [ 420.330789][ T7752] should_fail_ex+0x3d9/0x530 [ 420.330808][ T7752] should_failslab+0xac/0x100 [ 420.330829][ T7752] kmem_cache_alloc_node_noprof+0x45/0x440 [ 420.330847][ T7752] ? netlink_data_ready+0x20/0x20 [ 420.330870][ T7752] ? __alloc_skb+0x10c/0x370 [ 420.330892][ T7752] __alloc_skb+0x10c/0x370 [ 420.330913][ T7752] netlink_alloc_large_skb+0xf7/0x1b0 [ 420.330944][ T7752] netlink_sendmsg+0x586/0xaf0 [ 420.330968][ T7752] ? __cfi_netlink_sendmsg+0x10/0x10 [ 420.330994][ T7752] ? bpf_lsm_socket_sendmsg+0xd/0x20 [ 420.331015][ T7752] ? security_socket_sendmsg+0x33/0xd0 [ 420.331033][ T7752] ? __cfi_netlink_sendmsg+0x10/0x10 [ 420.331057][ T7752] ____sys_sendmsg+0xa15/0xa70 [ 420.331083][ T7752] ? __sys_sendmsg_sock+0x50/0x50 [ 420.331109][ T7752] ? import_iovec+0x81/0xb0 [ 420.331132][ T7752] ___sys_sendmsg+0x220/0x2a0 [ 420.331157][ T7752] ? __sys_sendmsg+0x280/0x280 [ 420.331181][ T7752] ? proc_fail_nth_write+0x17e/0x210 [ 420.331204][ T7752] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 420.331231][ T7752] __x64_sys_sendmsg+0x1eb/0x2c0 [ 420.331255][ T7752] ? fput+0x1a5/0x240 [ 420.331276][ T7752] ? __cfi___x64_sys_sendmsg+0x10/0x10 [ 420.331300][ T7752] ? ksys_write+0x1ef/0x250 [ 420.331318][ T7752] ? __kasan_check_read+0x15/0x20 [ 420.331344][ T7752] x64_sys_call+0x2a4c/0x2ee0 [ 420.331369][ T7752] do_syscall_64+0x58/0xf0 [ 420.331392][ T7752] ? clear_bhb_loop+0x50/0xa0 [ 420.331412][ T7752] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 420.331430][ T7752] RIP: 0033:0x7f762978f6c9 [ 420.331447][ T7752] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 420.331463][ T7752] RSP: 002b:00007f762a6dc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 420.331485][ T7752] RAX: ffffffffffffffda RBX: 00007f76299e5fa0 RCX: 00007f762978f6c9 [ 420.331499][ T7752] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000010 [ 420.331512][ T7752] RBP: 00007f762a6dc090 R08: 0000000000000000 R09: 0000000000000000 [ 420.331524][ T7752] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 420.331536][ T7752] R13: 00007f76299e6038 R14: 00007f76299e5fa0 R15: 00007ffce138fb28 [ 420.331552][ T7752] [ 420.812950][ T7766] FAULT_INJECTION: forcing a failure. [ 420.812950][ T7766] name failslab, interval 1, probability 0, space 0, times 0 [ 420.854721][ T7766] CPU: 0 UID: 0 PID: 7766 Comm: syz.0.3466 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 420.854760][ T7766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 420.854773][ T7766] Call Trace: [ 420.854779][ T7766] [ 420.854787][ T7766] __dump_stack+0x21/0x30 [ 420.854817][ T7766] dump_stack_lvl+0x10c/0x190 [ 420.854840][ T7766] ? __cfi_dump_stack_lvl+0x10/0x10 [ 420.854865][ T7766] ? release_sock+0x171/0x1f0 [ 420.854887][ T7766] dump_stack+0x19/0x20 [ 420.854908][ T7766] should_fail_ex+0x3d9/0x530 [ 420.854928][ T7766] should_failslab+0xac/0x100 [ 420.854948][ T7766] kmem_cache_alloc_node_noprof+0x45/0x440 [ 420.854966][ T7766] ? netlink_data_ready+0x20/0x20 [ 420.854988][ T7766] ? __alloc_skb+0x10c/0x370 [ 420.855010][ T7766] __alloc_skb+0x10c/0x370 [ 420.855030][ T7766] netlink_alloc_large_skb+0xf7/0x1b0 [ 420.855053][ T7766] netlink_sendmsg+0x586/0xaf0 [ 420.855078][ T7766] ? __cfi_netlink_sendmsg+0x10/0x10 [ 420.855105][ T7766] ? bpf_lsm_socket_sendmsg+0xd/0x20 [ 420.855126][ T7766] ? security_socket_sendmsg+0x33/0xd0 [ 420.855144][ T7766] ? __cfi_netlink_sendmsg+0x10/0x10 [ 420.855175][ T7766] ____sys_sendmsg+0xa15/0xa70 [ 420.855200][ T7766] ? __sys_sendmsg_sock+0x50/0x50 [ 420.855226][ T7766] ? import_iovec+0x81/0xb0 [ 420.855249][ T7766] ___sys_sendmsg+0x220/0x2a0 [ 420.855274][ T7766] ? __sys_sendmsg+0x280/0x280 [ 420.855298][ T7766] ? proc_fail_nth_write+0x17e/0x210 [ 420.855322][ T7766] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 420.855351][ T7766] __x64_sys_sendmsg+0x1eb/0x2c0 [ 420.855376][ T7766] ? fput+0x1a5/0x240 [ 420.855396][ T7766] ? __cfi___x64_sys_sendmsg+0x10/0x10 [ 420.855420][ T7766] ? ksys_write+0x1ef/0x250 [ 420.855438][ T7766] ? __kasan_check_read+0x15/0x20 [ 420.855469][ T7766] x64_sys_call+0x2a4c/0x2ee0 [ 420.855493][ T7766] do_syscall_64+0x58/0xf0 [ 420.855516][ T7766] ? clear_bhb_loop+0x50/0xa0 [ 420.855535][ T7766] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 420.855554][ T7766] RIP: 0033:0x7f762978f6c9 [ 420.855571][ T7766] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 420.855586][ T7766] RSP: 002b:00007f762a6dc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 420.855607][ T7766] RAX: ffffffffffffffda RBX: 00007f76299e5fa0 RCX: 00007f762978f6c9 [ 420.855622][ T7766] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000010 [ 420.855635][ T7766] RBP: 00007f762a6dc090 R08: 0000000000000000 R09: 0000000000000000 [ 420.855647][ T7766] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 420.855659][ T7766] R13: 00007f76299e6038 R14: 00007f76299e5fa0 R15: 00007ffce138fb28 [ 420.855675][ T7766] [ 420.974890][ T36] audit: type=1326 audit(1763162628.399:395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7771 comm="syz.0.3468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f762978f6c9 code=0x7fc00000 [ 421.204841][ T7780] loop5: detected capacity change from 0 to 7 [ 421.263379][ T36] audit: type=1400 audit(1763162628.499:396): avc: denied { map } for pid=7775 comm="syz.1.3465" path="socket:[45598]" dev="sockfs" ino=45598 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 421.879785][ T36] audit: type=1326 audit(1763162629.349:397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7846 comm="syz.1.3503" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33f538f6c9 code=0x7fc00000 [ 422.221215][ T5792] ------------[ cut here ]------------ [ 422.226945][ T5792] WARNING: CPU: 1 PID: 5792 at fs/inode.c:340 drop_nlink+0xce/0x110 [ 422.235177][ T5792] Modules linked in: [ 422.239095][ T5792] CPU: 1 UID: 0 PID: 5792 Comm: syz-executor Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 422.250892][ T5792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 422.261713][ T5792] RIP: 0010:drop_nlink+0xce/0x110 [ 422.267053][ T5792] Code: 04 00 00 be 08 00 00 00 e8 cf 54 ee ff f0 48 ff 83 b8 04 00 00 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc e8 32 e4 97 ff <0f> 0b eb 81 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c 59 ff ff ff 4c [ 422.286859][ T5792] RSP: 0018:ffffc9000e48fc60 EFLAGS: 00010293 [ 422.293074][ T5792] RAX: ffffffff81ee1a7e RBX: ffff88810b3370c8 RCX: ffff888113139300 [ 422.301124][ T5792] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 422.309149][ T5792] RBP: ffffc9000e48fc88 R08: 0000000000000003 R09: 0000000000000004 [ 422.317166][ T5792] R10: dffffc0000000000 R11: fffff52001c91f7c R12: dffffc0000000000 [ 422.325205][ T5792] R13: 1ffff11021666e22 R14: ffff88810b337110 R15: 0000000000000000 [ 422.333278][ T5792] FS: 0000555586f18500(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 422.342401][ T5792] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 422.349173][ T5792] CR2: 0000555586f3b4e8 CR3: 00000001213d2000 CR4: 00000000003526b0 [ 422.357179][ T5792] Call Trace: [ 422.360481][ T5792] [ 422.363418][ T5792] shmem_rmdir+0x5f/0x90 [ 422.367719][ T5792] vfs_rmdir+0x3dd/0x560 [ 422.371978][ T5792] incfs_kill_sb+0x109/0x230 [ 422.376650][ T5792] deactivate_locked_super+0xd5/0x2a0 [ 422.382078][ T5792] deactivate_super+0xb8/0xe0 [ 422.386815][ T5792] cleanup_mnt+0x3f1/0x480 [ 422.391255][ T5792] __cleanup_mnt+0x1d/0x40 [ 422.395734][ T5792] task_work_run+0x1e0/0x250 [ 422.400347][ T5792] ? __cfi_task_work_run+0x10/0x10 [ 422.405523][ T5792] ? __x64_sys_umount+0x126/0x170 [ 422.410567][ T5792] ? __cfi___x64_sys_umount+0x10/0x10 [ 422.415995][ T5792] ? __kasan_check_read+0x15/0x20 [ 422.421046][ T5792] resume_user_mode_work+0x36/0x50 [ 422.426221][ T5792] syscall_exit_to_user_mode+0x64/0xb0 [ 422.431778][ T5792] do_syscall_64+0x64/0xf0 [ 422.436262][ T5792] ? clear_bhb_loop+0x50/0xa0 [ 422.440953][ T5792] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 422.446904][ T5792] RIP: 0033:0x7f33f53909f7 [ 422.451360][ T5792] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 422.471016][ T5792] RSP: 002b:00007ffecdc59f58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 422.479469][ T5792] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f33f53909f7 [ 422.487592][ T5792] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffecdc5a010 [ 422.495620][ T5792] RBP: 00007ffecdc5a010 R08: 0000000000000000 R09: 0000000000000000 [ 422.503607][ T5792] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffecdc5b0a0 [ 422.511637][ T5792] R13: 00007f33f5411d7d R14: 00000000000670f0 R15: 00007ffecdc5b0e0 [ 422.519656][ T5792] [ 422.522709][ T5792] ---[ end trace 0000000000000000 ]--- [ 422.528599][ T5792] ================================================================== [ 422.536687][ T5792] BUG: KASAN: null-ptr-deref in ihold+0x24/0x70 [ 422.542950][ T5792] Write of size 4 at addr 0000000000000168 by task syz-executor/5792 [ 422.551027][ T5792] [ 422.553366][ T5792] CPU: 1 UID: 0 PID: 5792 Comm: syz-executor Tainted: G W syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 422.553400][ T5792] Tainted: [W]=WARN [ 422.553407][ T5792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 422.553420][ T5792] Call Trace: [ 422.553426][ T5792] [ 422.553435][ T5792] __dump_stack+0x21/0x30 [ 422.553464][ T5792] dump_stack_lvl+0x10c/0x190 [ 422.553487][ T5792] ? __cfi_dump_stack_lvl+0x10/0x10 [ 422.553511][ T5792] print_report+0x3d/0x70 [ 422.553531][ T5792] kasan_report+0x163/0x1a0 [ 422.553553][ T5792] ? ihold+0x24/0x70 [ 422.553572][ T5792] ? _raw_spin_unlock+0x45/0x60 [ 422.553596][ T5792] ? ihold+0x24/0x70 [ 422.553615][ T5792] kasan_check_range+0x299/0x2a0 [ 422.553637][ T5792] __kasan_check_write+0x18/0x20 [ 422.553662][ T5792] ihold+0x24/0x70 [ 422.553680][ T5792] vfs_rmdir+0x26a/0x560 [ 422.553703][ T5792] incfs_kill_sb+0x109/0x230 [ 422.553729][ T5792] deactivate_locked_super+0xd5/0x2a0 [ 422.553752][ T5792] deactivate_super+0xb8/0xe0 [ 422.553774][ T5792] cleanup_mnt+0x3f1/0x480 [ 422.553794][ T5792] __cleanup_mnt+0x1d/0x40 [ 422.553813][ T5792] task_work_run+0x1e0/0x250 [ 422.553835][ T5792] ? __cfi_task_work_run+0x10/0x10 [ 422.553855][ T5792] ? __x64_sys_umount+0x126/0x170 [ 422.553879][ T5792] ? __cfi___x64_sys_umount+0x10/0x10 [ 422.553903][ T5792] ? __kasan_check_read+0x15/0x20 [ 422.553928][ T5792] resume_user_mode_work+0x36/0x50 [ 422.553951][ T5792] syscall_exit_to_user_mode+0x64/0xb0 [ 422.553971][ T5792] do_syscall_64+0x64/0xf0 [ 422.553993][ T5792] ? clear_bhb_loop+0x50/0xa0 [ 422.554013][ T5792] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 422.554032][ T5792] RIP: 0033:0x7f33f53909f7 [ 422.554053][ T5792] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 422.554068][ T5792] RSP: 002b:00007ffecdc59f58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 422.554087][ T5792] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f33f53909f7 [ 422.554101][ T5792] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffecdc5a010 [ 422.554114][ T5792] RBP: 00007ffecdc5a010 R08: 0000000000000000 R09: 0000000000000000 [ 422.554127][ T5792] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffecdc5b0a0 [ 422.554141][ T5792] R13: 00007f33f5411d7d R14: 00000000000670f0 R15: 00007ffecdc5b0e0 [ 422.554156][ T5792] [ 422.554163][ T5792] ================================================================== [ 422.799136][ T5792] Disabling lock debugging due to kernel taint [ 422.805411][ T5792] BUG: kernel NULL pointer dereference, address: 0000000000000168 [ 422.813217][ T5792] #PF: supervisor write access in kernel mode [ 422.819441][ T5792] #PF: error_code(0x0002) - not-present page [ 422.825409][ T5792] PGD 800000011431d067 P4D 800000011431d067 PUD 0 [ 422.831999][ T5792] Oops: Oops: 0002 [#1] PREEMPT SMP KASAN PTI [ 422.838056][ T5792] CPU: 0 UID: 0 PID: 5792 Comm: syz-executor Tainted: G B W syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 422.851390][ T5792] Tainted: [B]=BAD_PAGE, [W]=WARN [ 422.856488][ T5792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 422.866537][ T5792] RIP: 0010:ihold+0x2a/0x70 [ 422.871040][ T5792] Code: f3 0f 1e fa 55 48 89 e5 41 56 53 48 89 fb e8 1d db 97 ff 48 8d bb 68 01 00 00 be 04 00 00 00 e8 8c 4b ee ff 41 be 01 00 00 00 44 0f c1 b3 68 01 00 00 41 ff c6 bf 02 00 00 00 44 89 f6 e8 2d [ 422.890636][ T5792] RSP: 0018:ffffc9000e48fca0 EFLAGS: 00010246 [ 422.896699][ T5792] RAX: ffff888113139300 RBX: 0000000000000000 RCX: ffff888113139300 [ 422.905186][ T5792] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 422.913167][ T5792] RBP: ffffc9000e48fcb0 R08: ffffffff88972947 R09: 1ffffffff112e528 [ 422.921139][ T5792] R10: dffffc0000000000 R11: fffffbfff112e529 R12: ffff88810b3370d4 [ 422.929096][ T5792] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000000 [ 422.937066][ T5792] FS: 0000555586f18500(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 422.945986][ T5792] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 422.952564][ T5792] CR2: 0000000000000168 CR3: 00000001213d2000 CR4: 00000000003526b0 [ 422.960525][ T5792] Call Trace: [ 422.963790][ T5792] [ 422.966707][ T5792] vfs_rmdir+0x26a/0x560 [ 422.970938][ T5792] incfs_kill_sb+0x109/0x230 [ 422.975519][ T5792] deactivate_locked_super+0xd5/0x2a0 [ 422.980881][ T5792] deactivate_super+0xb8/0xe0 [ 422.985544][ T5792] cleanup_mnt+0x3f1/0x480 [ 422.989945][ T5792] __cleanup_mnt+0x1d/0x40 [ 422.994345][ T5792] task_work_run+0x1e0/0x250 [ 422.998925][ T5792] ? __cfi_task_work_run+0x10/0x10 [ 423.004046][ T5792] ? __x64_sys_umount+0x126/0x170 [ 423.009072][ T5792] ? __cfi___x64_sys_umount+0x10/0x10 [ 423.014432][ T5792] ? __kasan_check_read+0x15/0x20 [ 423.019448][ T5792] resume_user_mode_work+0x36/0x50 [ 423.024557][ T5792] syscall_exit_to_user_mode+0x64/0xb0 [ 423.030031][ T5792] do_syscall_64+0x64/0xf0 [ 423.034443][ T5792] ? clear_bhb_loop+0x50/0xa0 [ 423.039109][ T5792] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 423.044992][ T5792] RIP: 0033:0x7f33f53909f7 [ 423.049396][ T5792] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 423.068992][ T5792] RSP: 002b:00007ffecdc59f58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 423.077407][ T5792] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f33f53909f7 [ 423.085371][ T5792] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffecdc5a010 [ 423.093331][ T5792] RBP: 00007ffecdc5a010 R08: 0000000000000000 R09: 0000000000000000 [ 423.101299][ T5792] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffecdc5b0a0 [ 423.109262][ T5792] R13: 00007f33f5411d7d R14: 00000000000670f0 R15: 00007ffecdc5b0e0 [ 423.117230][ T5792] [ 423.120247][ T5792] Modules linked in: [ 423.124135][ T5792] CR2: 0000000000000168 [ 423.128282][ T5792] ---[ end trace 0000000000000000 ]--- [ 423.133728][ T5792] RIP: 0010:ihold+0x2a/0x70 [ 423.138307][ T5792] Code: f3 0f 1e fa 55 48 89 e5 41 56 53 48 89 fb e8 1d db 97 ff 48 8d bb 68 01 00 00 be 04 00 00 00 e8 8c 4b ee ff 41 be 01 00 00 00 44 0f c1 b3 68 01 00 00 41 ff c6 bf 02 00 00 00 44 89 f6 e8 2d [ 423.157915][ T5792] RSP: 0018:ffffc9000e48fca0 EFLAGS: 00010246 [ 423.163974][ T5792] RAX: ffff888113139300 RBX: 0000000000000000 RCX: ffff888113139300 [ 423.171939][ T5792] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 423.179901][ T5792] RBP: ffffc9000e48fcb0 R08: ffffffff88972947 R09: 1ffffffff112e528 [ 423.187856][ T5792] R10: dffffc0000000000 R11: fffffbfff112e529 R12: ffff88810b3370d4 [ 423.195813][ T5792] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000000 [ 423.203785][ T5792] FS: 0000555586f18500(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 423.213223][ T5792] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 423.219810][ T5792] CR2: 0000000000000168 CR3: 00000001213d2000 CR4: 00000000003526b0 [ 423.227796][ T5792] Kernel panic - not syncing: Fatal exception [ 423.234158][ T5792] Kernel Offset: disabled [ 423.238474][ T5792] Rebooting in 86400 seconds..