last executing test programs: 10.601241805s ago: executing program 2 (id=2177): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) socket$xdp(0x2c, 0x3, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0xc044) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 9.730602538s ago: executing program 2 (id=2191): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)={0x30, r2, 0x5, 0x40004000, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_SSID={0x5, 0x34, @random="8b"}, @crypto_settings=[@NL80211_ATTR_CONTROL_PORT_OVER_NL80211={0x4}, @NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0x16}]]}, 0x30}}, 0x0) 9.720793569s ago: executing program 2 (id=2192): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000380)={r0, r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x3, 0x3, &(0x7f0000000480)=@framed, &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = syz_open_procfs(0x0, &(0x7f00000001c0)='pagemap\x00') bpf$PROG_BIND_MAP(0x23, &(0x7f0000000200)={r1, r2}, 0xc) 9.702565279s ago: executing program 2 (id=2193): prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) sendmsg$BATADV_CMD_GET_GATEWAYS(r1, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x40, 0x0, 0x0, 0x70bd27, 0x25dfdbfd, {}, [@BATADV_ATTR_GW_MODE={0x5, 0x33, 0x2}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @link_local}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x3}, @BATADV_ATTR_BONDING_ENABLED={0x5}]}, 0x40}, 0x1, 0x0, 0x0, 0x4}, 0x64040010) ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x8001) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r2 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r2, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) fchmod(r1, 0x1) sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000001280)=ANY=[@ANYBLOB='D'], 0x4c}}, 0x0) write$binfmt_misc(r0, &(0x7f0000001280), 0x6) 8.811287873s ago: executing program 2 (id=2212): syz_io_uring_setup(0x48ba, &(0x7f0000000000)={0x0, 0xfffffffc, 0x3ffff, 0x0, 0x333}, 0x0, 0x0) 8.810835763s ago: executing program 2 (id=2213): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xf) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$TCFLSH(r0, 0x400455c8, 0x4) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000100)=0x2) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000180)=0x2) ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000140)=0x3) ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000400)=0x7) ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000200)=0xa) 1.28168782s ago: executing program 1 (id=2352): r0 = socket(0x200000000000011, 0x2, 0xd) syz_mount_image$ext4(&(0x7f0000000880)='ext2\x00', &(0x7f0000000000)='./file1\x00', 0x21000e, &(0x7f0000000180)={[{@nolazytime}, {@abort}, {@lazytime}, {@mblk_io_submit}, {@noauto_da_alloc}]}, 0xde, 0x53b, &(0x7f0000000e00)="$eJzs3c1vI2cZAPBnJnbIdlOSAodSqR+ii3YrWHvT0Dbi0BaBuFUClfsSJd4oWme9ip12E1WQFX8AEkJQiRMnLkjcuCCh/RMQUiX2jgCBEGzhwAEYNOPxNmvG2cD6Y5X8ftJrv/OOPc/zOvb4nY94AjizXoiINyNiLiJeioilsj0tSxz2S/64D++9t5GXvPntvySRlG0RRfW+8+XTFvp3lbr7B9fX2+3Wbjnd7O3cbHb3Dy5v76xvtbZaN1ZXV15de23tlbUrY+ln3q/Xv/KHH3z3J199/Zeff/e3V/906Vt50l8u5w/6NT7Fqxd3i9t6/lrcV4uI3fEGm5m5sj/1WScCAMCJ5KPUT0TEZ4rx/1LMFaO5wvCQbmH62QEAAADjkL2xGP9MIjIAAADg1HojIhYjSRvluQCLkaaNRv8c3k/FE2m70+197lpn78ZmPi9iOerpte1260p5Tu1y1JN8eqWofzT98tD0akQ8FRHfXzpXTDc2Ou3NWe/8AAAAgDPi/ND2/9+X+tv/AAAAwCmzPOsEAAAAgIkbtf2fTDkPAAAAYHIc/wcAAIBT7WtvvZWXbHD968139veud965vNnqXm/s7G00Njq7Nxtbnc5W8Zt9O8ctqx4R7U7n5hci9m41e61ur9ndP7i609m70bu67fqBAAAAMCtPPX/nbhIRh188V5TcfH4zN+IJzhWAUyMd0V75Mf/9ZHMBpmvU1/wJzI8zD2D6arNOAJidw1knAMzaAz/1UTEoOHryzgP7DH41uZwAAIDxuvjpO3e/XXH8v1aezw+cXqOO/wOn3yMc/89l48oDmD7H/+HsqsdctnTiR9+eaC7AbDzsUh8jf7yj6vh/5ZnBWfbQZQEAABO1WJTn00Z5LHAx0rTRiHiy+B/genJtu926EhEfj4jfLNU/lk+vFM9MXB4QAAAAAAAAAAAAAAAAAAAAAAAAAE4oy5LIAAAAgFMtIv1jUl7/6+LShcXh/QPzyT+KywPOR8S7P3r7h7fWe73dlbz9r/fbe++X7S/PYg8GAAAAnEW1Y+cOttMH2/EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAME4f3ntvY1CmGffPX4qI5ar4tVgo7heiHhFP/C2J2pHnJRExN4b4h7cj4umq+EmeViyXWQzHTyPi3HTiP5tlWWX882OID2fZnXz982bV5y+NF4r76s9/rSyP6oH13/zPj8xJ76//5kas/548YYxnPvhZc2T82xHP1KrXP4P4yYj4L1YtsOJF+eY3Dg7+q7G/8Mh+HHGx8vsneSBWs7dzs9ndP7i8vbO+1dpq3VhdXXl17bW1V9auNK9tt1vlbVWI+N6zv/j3UPR/ZX1F/6MfP6rWv8f1/0JeqR9pzIbDlME+uHXvk/1qfWgRRfxLL1a//54+Jn7+nvhs+T2Qz784qB/260c999NfP1eZWBl/c8Tr/7C//6VRCx3y0te/87sTPhQAmILBKGu3u39wfb3dbk2s8n6WZRMO8X9UIj3pg4vhYkTMPufJVGqTficsPC49nXLlwuORxv9SGceeLQAA4HHz0aB/1pkAAAAAAAAAAAAAAAAAAADA2dXdj3TSPyc2HPNwNl0FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADjWfwIAAP//nJjX8w==") open_tree(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x1, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a00)={&(0x7f0000000d00)='sched_switch\x00', r1}, 0x10) r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_HOPOPTS(r5, 0x29, 0x36, 0x0, 0x8) connect$inet6(r5, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x9}, 0x1c) sendto$inet6(r5, &(0x7f0000000300), 0x16, 0x3b00, 0x0, 0xfffffffffffffdfd) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00'}, 0x18) r6 = syz_genetlink_get_family_id$ethtool(&(0x7f00000004c0), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKINFO_GET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="0118000180140002006261746164765f736c6176655f310000"], 0x2c}, 0x1, 0x0, 0x0, 0x4000800}, 0x0) bind$packet(r0, &(0x7f0000000080)={0x11, 0x800, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0xfffd, 0x8000}, 0x4) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x3, 0xc, &(0x7f0000000500)=ANY=[@ANYBLOB="1800002444406793a1d0b19dd0053534fe797ba3bbf1", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94) 1.256084881s ago: executing program 1 (id=2353): r0 = syz_io_uring_setup(0x231, &(0x7f0000000140)={0x0, 0x0, 0x10100, 0x200}, &(0x7f0000000200), &(0x7f0000000100)) io_uring_register$IORING_REGISTER_NAPI(r0, 0x1b, 0x0, 0x1) 1.191703771s ago: executing program 1 (id=2354): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x40, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x3, 0x0, 0x0, "0062ba7d82000000000000000000f7fffeff00"}) r1 = syz_open_pts(r0, 0x8182) r2 = dup3(r1, r0, 0x0) ioctl$TIOCSTI(r2, 0x5412, 0x0) 1.191322142s ago: executing program 1 (id=2355): r0 = socket$packet(0x11, 0x2, 0x300) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) sendmsg$nl_route(r1, 0x0, 0x0) sendto$packet(r0, 0x0, 0x0, 0x0, &(0x7f0000000400)={0x11, 0x88a8, r2, 0x1, 0x0, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xe}}, 0x14) 1.190583882s ago: executing program 1 (id=2357): r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x7, 0x4, 0x208, 0x1}, 0x50) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000021000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x18) socket$inet6_udp(0xa, 0x2, 0x0) r6 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000280), 0x1, 0x0) writev(r6, &(0x7f0000000040)=[{&(0x7f0000002500)='\f7', 0x2}], 0x1) ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x5412, 0x0) socket$packet(0x11, 0x2, 0x300) socket$nl_route(0x10, 0x3, 0x0) ioctl$TCSETSW(r0, 0x5403, 0x0) ioctl$TIOCSTI(r0, 0x5412, 0x0) syz_usb_connect$cdc_ncm(0x1, 0x6e, 0x0, 0x0) 851.299697ms ago: executing program 4 (id=2368): r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'macvlan1\x00', &(0x7f0000000000)=@ethtool_stats}) 850.801967ms ago: executing program 4 (id=2369): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b000000000000000000000000800000000000009b0e6f267e3e41c6830b9699f00876512bfa14708ba1a455d82fd4a43fe1583dd13be6ed76fb793830b472e7138dc8c5e000151fe9d822f0e4c6319426f52b3c817e08e0d79b592785d2bc3490d5891b0efa2eb8ecc5f4c813c693e2fd23c5f7df1ccb1623783894e8c5f174bc982875ffd29908c9e74c2775741576279dd1c48d6f96f9fc534da39047ed6d4001a4867406f49e6ea611cf478e00659ba2eecd21d2417884ea73e8", @ANYRES32, @ANYBLOB='\x00'/15, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/27], 0x48) bpf$MAP_CREATE(0x0, 0x0, 0x48) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) read(r0, &(0x7f0000000500)=""/200, 0xc8) connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x2000000}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0e0000000400000008000000080000000000", @ANYRES32=0x0], 0x50) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sched_switch\x00', r5}, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x0) r6 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0) read$FUSE(r6, &(0x7f00000062c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r6, &(0x7f0000004200)={0x50, 0x0, r7, {0x7, 0x29, 0x0, 0x80000}}, 0x50) r8 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x42, 0x0) readv(r8, &(0x7f0000000380)=[{&(0x7f0000000340)=""/5, 0x5}], 0x1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000740)={&(0x7f0000000340)=ANY=[@ANYBLOB], &(0x7f0000000b80)=""/4090, 0x5e, 0xffa, 0x1}, 0x28) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000500)='status\x00') 692.79732ms ago: executing program 0 (id=2370): socketpair$unix(0x1, 0x2, 0x0, 0x0) r0 = gettid() r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) connect$bt_l2cap(r1, &(0x7f0000000040)={0x1f, 0x40, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) setsockopt$bt_BT_SECURITY(r1, 0x112, 0x4, &(0x7f0000003000)={0x2}, 0x2) sendmsg$sock(r1, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x0) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=0x0) timer_settime(r2, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0) 679.14515ms ago: executing program 0 (id=2371): r0 = creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39ddd8) r1 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x641, 0x0) fcntl$lock(r1, 0x25, &(0x7f0000000740)={0x1}) close(r0) 619.335541ms ago: executing program 0 (id=2372): timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000000)=0x0) timer_settime(r0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) utimensat(0xffffffffffffff9c, 0x0, 0x0, 0x0) 521.398242ms ago: executing program 0 (id=2373): syz_emit_ethernet(0x3a, &(0x7f00000000c0)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e22, 0x18, 0x0, @wg=@data={0x4, 0x2, 0x1}}}}}}, 0x0) 512.184882ms ago: executing program 0 (id=2374): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) getpid() sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x75b08000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4000000) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x3, 0x3, 0x9, 0x1, 0xb0}]}, &(0x7f0000000080)='syzkaller\x00'}, 0x80) 331.012615ms ago: executing program 0 (id=2375): socketpair$unix(0x1, 0x2, 0x0, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$tipc(0x1e, 0x2, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = ioctl$KVM_CREATE_GUEST_MEMFD(r5, 0xc040aed4, &(0x7f00000001c0)={0x200001fe0000}) fallocate(r6, 0x0, 0xfffffffe, 0x10000) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[], 0x1c}}, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x50) r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x8, 0x2, 0x0, 0x1}, 0x50) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000000c0)={r7, &(0x7f0000000300), &(0x7f0000000000)=""/10, 0x2}, 0x20) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000040)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50) 77.141489ms ago: executing program 3 (id=2377): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000f000000000000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='percpu_alloc_percpu\x00', r0}, 0x18) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, 0x0, 0x0}, 0x94) 41.579689ms ago: executing program 3 (id=2378): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={{0x14}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x505, 0x0, 0x0, {0x1}}, @NFT_MSG_NEWCHAIN={0x28, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1, 0x0, 0x8}, [@NFTA_CHAIN_ID={0x8}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0x64}}, 0x0) 41.006639ms ago: executing program 1 (id=2379): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x3d, &(0x7f00000002c0)=0x2) r0 = accept4$vsock_stream(0xffffffffffffffff, &(0x7f0000000280)={0x28, 0x0, 0xffffb1df, @local}, 0x10, 0x80800) setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r0, 0x28, 0x1, &(0x7f0000000300)=0x5, 0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) futex(&(0x7f0000000a80), 0xc, 0x2, &(0x7f0000000ac0)={0x0, 0x3938700}, &(0x7f0000000b00)=0x1, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0) ioctl$KVM_CAP_EXIT_HYPERCALL(0xffffffffffffffff, 0x4068aea3, 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) unshare(0x22020400) flistxattr(0xffffffffffffffff, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000040)='net/wireless\x00') preadv(r2, &(0x7f00000026c0)=[{&(0x7f0000000240)=""/4088, 0xff8}], 0x1, 0x15f, 0x0) r3 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_INIT(r3, 0x0, 0xc8, 0x0, 0x0) setsockopt$MRT_ADD_VIF(r3, 0x0, 0xca, 0x0, 0x0) setsockopt$MRT_ADD_MFC_PROXY(r3, 0x0, 0xd2, &(0x7f0000000280)={@initdev={0xac, 0x1e, 0x0, 0x0}, @empty, 0x0, "614af285791a63abd0f993af8077b5cd01e03d64a831683fdc3fd440829c82ae"}, 0x3c) setsockopt$MRT_FLUSH(r3, 0x0, 0xd4, &(0x7f0000000040)=0x6, 0x4) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r2) openat$sysfs(0xffffff9c, &(0x7f00000000c0)='/sys/kernel/fscaps', 0x640000, 0xa8) r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000080)) syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="9f01000083667d1040206402d14e0102030109021b000100000000090400000190f19c000905f3ed"], 0x0) 40.79997ms ago: executing program 3 (id=2380): r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/5, 0x214000, 0x800}, 0x20) setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f00000001c0)=0x800, 0x4) r1 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000040)=0x20000, 0x4) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000400)={'dummy0\x00', 0x0}) setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4) bind$xdp(r0, &(0x7f0000000100)={0x2c, 0x0, r2}, 0x10) socket$nl_netfilter(0x10, 0x3, 0xc) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='contention_end\x00'}, 0x18) setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f00000000c0)=0x10000, 0x4) 40.16923ms ago: executing program 4 (id=2381): r0 = socket$inet6(0xa, 0x2, 0x3a) sendto$inet6(r0, &(0x7f00000000c0)="800034ca269bb73c", 0x8, 0x2004c080, &(0x7f0000000040)={0xa, 0xfffd, 0xc9, @mcast2}, 0x1b) 2.10075ms ago: executing program 3 (id=2382): openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0) ioctl$KVM_CAP_EXIT_HYPERCALL(0xffffffffffffffff, 0x4068aea3, 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) unshare(0x22020400) flistxattr(0xffffffffffffffff, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/wireless\x00') preadv(r0, &(0x7f00000026c0)=[{&(0x7f0000000240)=""/4088, 0xff8}], 0x1, 0x15f, 0x0) r1 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_INIT(r1, 0x0, 0xc8, 0x0, 0x0) setsockopt$MRT_ADD_VIF(r1, 0x0, 0xca, 0x0, 0x0) setsockopt$MRT_ADD_MFC_PROXY(r1, 0x0, 0xd2, &(0x7f0000000280)={@initdev={0xac, 0x1e, 0x0, 0x0}, @empty, 0x0, "614af285791a63abd0f993af8077b5cd01e03d64a831683fdc3fd440829c82ae"}, 0x3c) setsockopt$MRT_FLUSH(r1, 0x0, 0xd4, &(0x7f0000000040)=0x6, 0x4) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r0) openat$sysfs(0xffffff9c, &(0x7f00000000c0)='/sys/kernel/fscaps', 0x640000, 0xa8) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000080)) 1.64677ms ago: executing program 4 (id=2383): r0 = syz_open_dev$tty1(0xc, 0x4, 0x4) ioctl$KDGETKEYCODE(r0, 0x4b4c, &(0x7f0000000300)={0x9, 0x10}) 1.3863ms ago: executing program 3 (id=2384): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r1 = eventfd(0xffffffff) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]}) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1) ioctl$VHOST_SET_VRING_CALL(r0, 0x4008af21, &(0x7f0000000080)={0x1, r1}) 1.06573ms ago: executing program 4 (id=2385): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r0, &(0x7f0000002140)={0x2020, 0x0, 0x0}, 0x2020) syz_fuse_handle_req(r0, &(0x7f0000004180)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9464a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0x0, {0xffffffffffffffff, 0x2, 0xfffffffffffffffe, 0x0, 0x0, 0x0, {0x40, 0x3, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x120, 0x6000, 0x0, 0x0, 0x0, 0x902}}}, 0x0, 0x0, 0x0, 0x0, 0x0}) write$FUSE_INIT(r0, &(0x7f0000000440)={0x50, 0x0, r1, {0x7, 0x29, 0x0, 0x14c0348, 0x0, 0x2, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}}, 0x50) r2 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x1) ioctl$TIOCGPTPEER(r2, 0x4004092b, 0x47ffffffff) openat(0xffffffffffffff9c, 0x0, 0x0, 0x1) 864.76碌s ago: executing program 3 (id=2386): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_VENDOR(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x2c, r0, 0x701, 0x0, 0x25dfdbfc, {{}, {@void, @val={0x8}, @void}}, [@NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0x400000}, @NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0x3}]}, 0x2c}}, 0x40) 0s ago: executing program 4 (id=2387): r0 = syz_usb_connect$hid(0x0, 0x6c, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x27b8, 0x1ed, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) getitimer(0x1, &(0x7f0000000280)) syz_usb_control_io$hid(r0, &(0x7f0000000480)={0x24, 0x0, 0x0, &(0x7f0000000280), 0x0}, 0x0) r1 = epoll_create1(0x0) openat(0xffffffffffffffff, 0x0, 0x22280, 0x8) fchdir(r1) ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, 0x0) r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r3, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1, 0x0, 0x20}, 0x1f00) fcntl$setsig(0xffffffffffffffff, 0xa, 0x13) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) ioctl$KVM_UNREGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae68, &(0x7f0000000540)={0xeeef0000, 0x6000, 0x1}) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10) mount(0x0, 0x0, 0x0, 0x1000, 0x0) syz_emit_ethernet(0x46, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000440)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x3}, {0x0, [0x61]}}, 0x0, 0x1b}, 0x28) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) syz_btf_id_by_name$bpf_lsm(&(0x7f0000000580)='bpf_lsm_kernel_act_as\x00') sendmsg$tipc(r4, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0) syz_usb_control_io(r0, &(0x7f00000004c0)={0x2c, &(0x7f00000002c0)={0x0, 0xa, 0xc8, {0xc8, 0x9, "77474d416e5cbf760265516581d2d3311ba2e1238fe159245191d90b8e1207a4209328f0afbb384d685532e17948849fb8eefadb5ca73299cf3f0ab628e061830d3aab147554ad04c5fcf691a59fd9dd12b77e7bdd85561bf77c6e91d448f1773f7113aee09be23f028cc6d54144adbb0983bb50572ef571f29cb31f4be99ab79bd43f4d7563620891a315e71007bc98db38dd350078c9465c4f3eee0c23c5cc7f8702a16bc248f70eb02d526deebd2df3cd152322c63b1302311fe3530ace4e9a6d1f1f5fc7"}}, &(0x7f00000003c0)={0x0, 0x3, 0x9b, @string={0x9b, 0x3, "1fa09e696e7c875feade91624697ba9cfb984cd379ad984a5e0ae42cf46bf5ec6dceaf3dd3b018083716c576f09d497b5fc7db0f695d86f9fd81ceb160a2d86c2d979b7e16326ec3538f5822aa595a7971850f146cf1d69411eaf68bfdc52c21db78c9ece54689ca95b5098a575b5e5471371d99c75907de7f07110fad91d4f2ba5f93a1209b6478cc39c368e381fe97317df751e059ac5f73"}}, 0x0, &(0x7f0000000200)={0x20, 0x29, 0xf, {0xf, 0x29, 0x7, 0x1, 0x3, 0x5, '|W?m', "948cdfd8"}}, 0x0}, &(0x7f0000000980)={0x84, &(0x7f0000000500)=ANY=[], &(0x7f0000000580)={0x0, 0xa, 0x1, 0x81}, 0x0, &(0x7f0000000600)={0x20, 0x0, 0x4, {0x2, 0x1}}, &(0x7f0000000640)={0x20, 0x0, 0x4, {0xc0, 0x1}}, &(0x7f0000000680)={0x40, 0x7, 0x2, 0xffff}, &(0x7f00000006c0)={0x40, 0x9, 0x1, 0xff}, &(0x7f0000000700)={0x40, 0xb, 0x2, "0b94"}, &(0x7f0000000740)={0x40, 0xf, 0x2, 0x100}, &(0x7f00000007c0)={0x40, 0x13, 0x6, @random="9b33f6abbffe"}, 0x0, 0x0, &(0x7f0000000880)={0x40, 0x1a, 0x2, 0x261d}, &(0x7f00000008c0)={0x40, 0x1c, 0x1}, &(0x7f0000000900)={0x40, 0x1e, 0x1, 0xfd}, &(0x7f0000000940)={0x40, 0x21, 0x1, 0x5}}) 0s ago: executing program 3 (id=2388): r0 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x4, 0x2, 0x0, 0x0, 0x7, 0x8}, {0x12, 0x3, 0x0, 0x1, 0x1, 0x400}, 0xa5, 0x4, 0x10000000}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}}, 0x44080) r3 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x78, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0xf}, {0xa, 0xa}, {0x6}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x7, 0xff, 0x4, 0x0, 0x7}, 0xf0, 0x1, 0x31a, 0x3, 0x88a, 0xd, 0x8e, 0x1f, 0x3, 0xff, {0x3, 0x2, 0x800, 0x5, 0x0, 0x5}}}}]}, 0x78}}, 0x4000) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000004000)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab0300817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697a8ad004eea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014751c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa407e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a0c93d47018c12e7ba8188a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab188dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b4896c7aabf4df517d90bdc01e73835d50200a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987595ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e547f7ad33850d9feccd0111a2e3700845dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005202000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a12489c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db08407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af14915f29b719f54926fc32468f65bd06b4092140faed0c329be610c3082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b4c8787361f3289f86ae826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa520000afe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da357f9e93ce055019c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c672b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981fd9086e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db41474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1bdfc64b9121bbf07099def5c0ce3c861ae4b5cad8bba5a0b6059b9ef90c2f96a59320309e25df89484522bb1d6eaa92164f9e4042cb689a45a898354c17b08705205a9189772bcbcb6414e44b33a2470d3bc16f761c33f565b9da5e7991ad8482579cc1b16c1fcec815a5482ae8b1779c5e339971a6ec1217bcfd1ef24284de8a0a9f068f297037d6478c2434a9a18dcc6c7c791e444a79d7ce37f9cf2826b47ad8ca6a2fa254aa02cd098026798a6d336348af0fc11fa2809a5ebbe17ca4d0f889d518f64ee50f562b5fdb1f76d4a7fe14701f8ed0c6a55d66a6efea3e449e6b478abc5b196dd5308cb20c4e2a0bd702651bb39f10523102dcd8ece692159028f314e0d6bfa400475c6699fdc40efe0948e3cef7419a7f113134e5ee20fd87c4521ccfbd32d6f147f743d30866bdd86ca8bf0c7bcc475f4ed53517aaa51f1c151d859a7f0b53abd332c84bdad313e82ac3777a6f7f649ff8a25f6dfe09cb29213896b49a825257bf143e9fa3bbd47009e66fe5705b3ef2b40a182e408c680727d64e00e1ce508f8fd64ac6c84ccc28fc333067de63b9bb5daaa12ce60ee3779ded79651be69d2a413cd948a873dd7ad7017b150828cf100d3df8537f22aff58343c9ee966fceb594bbe10b911427f76a25a219be2f85287b7f83d323a30991067ad1369792166062085ff20c5fb9f6e4f78dd09c7d2d6ca3c8a5d0d26ccbe576f44a1bc94194817"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r4, 0x18000000000002a0, 0xe80, 0x6000, &(0x7f0000000640)="b9ff03076844268cb89e14f088a847e088641100050000210283ac141440e0", 0x0, 0x11, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x48) kernel console output (not intermixed with test programs): ][ T4622] [ 173.237866][ T30] kauditd_printk_skb: 951 callbacks suppressed [ 173.237884][ T30] audit: type=1400 audit(1752920527.595:85352): avc: denied { map_create } for pid=4619 comm="syz.4.1622" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0 [ 173.264826][ T30] audit: type=1400 audit(1752920527.595:85353): avc: denied { create } for pid=4619 comm="syz.4.1622" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=0 [ 173.301583][ T30] audit: type=1400 audit(1752920527.595:85354): avc: denied { prog_load } for pid=4619 comm="syz.4.1622" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0 [ 173.337047][ T30] audit: type=1400 audit(1752920527.595:85355): avc: denied { prog_load } for pid=4619 comm="syz.4.1622" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0 [ 173.373995][ T30] audit: type=1400 audit(1752920527.605:85356): avc: denied { read write } for pid=4619 comm="syz.4.1622" name="loop4" dev="devtmpfs" ino=120 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0 [ 173.457828][ T30] audit: type=1400 audit(1752920527.815:85357): avc: denied { read write } for pid=4624 comm="syz.1.1624" name="loop1" dev="devtmpfs" ino=117 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0 [ 173.544592][ T60] Bluetooth: hci0: command 0x1003 tx timeout [ 173.550907][ T3168] Bluetooth: hci0: sending frame failed (-49) [ 173.557258][ T30] audit: type=1400 audit(1752920527.895:85358): avc: denied { mounton } for pid=4624 comm="syz.1.1624" path="/326/file0" dev="tmpfs" ino=1726 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=0 [ 173.580973][ T30] audit: type=1400 audit(1752920527.935:85359): avc: denied { mounton } for pid=4624 comm="syz.1.1624" path="/326/file0" dev="tmpfs" ino=1726 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=0 [ 173.680440][ T30] audit: type=1400 audit(1752920528.035:85360): avc: denied { read write } for pid=284 comm="syz-executor" name="loop0" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0 [ 173.714743][ T30] audit: type=1400 audit(1752920528.075:85361): avc: denied { execmem } for pid=4628 comm="syz.0.1625" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=0 [ 173.786199][ T4630] FAULT_INJECTION: forcing a failure. [ 173.786199][ T4630] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 173.799518][ T4630] CPU: 0 PID: 4630 Comm: syz.0.1625 Not tainted 5.15.188-syzkaller-android13-5.15.188_r00 #0 [ 173.809711][ T4630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 173.819773][ T4630] Call Trace: [ 173.823062][ T4630] [ 173.825996][ T4630] __dump_stack+0x21/0x30 [ 173.830330][ T4630] dump_stack_lvl+0xee/0x150 [ 173.835006][ T4630] ? show_regs_print_info+0x20/0x20 [ 173.840201][ T4630] ? stack_trace_save+0x98/0xe0 [ 173.845049][ T4630] ? __stack_depot_save+0x34/0x480 [ 173.850168][ T4630] dump_stack+0x15/0x20 [ 173.854330][ T4630] should_fail+0x3c1/0x510 [ 173.858751][ T4630] should_fail_usercopy+0x1a/0x20 [ 173.863777][ T4630] _copy_from_user+0x20/0xd0 [ 173.868374][ T4630] __copy_msghdr_from_user+0xaf/0x5e0 [ 173.873753][ T4630] ? _kstrtoull+0x3c0/0x4d0 [ 173.878258][ T4630] ? __ia32_sys_shutdown+0x1e0/0x1e0 [ 173.883542][ T4630] ? kstrtouint_from_user+0x1a0/0x200 [ 173.888913][ T4630] ___sys_sendmsg+0x156/0x260 [ 173.893596][ T4630] ? __sys_sendmsg+0x250/0x250 [ 173.898365][ T4630] ? __fdget+0x1a1/0x230 [ 173.902610][ T4630] __x64_sys_sendmsg+0x1e2/0x2a0 [ 173.907554][ T4630] ? ___sys_sendmsg+0x260/0x260 [ 173.912405][ T4630] ? ksys_write+0x1eb/0x240 [ 173.916916][ T4630] ? fpregs_assert_state_consistent+0xb1/0xe0 [ 173.923091][ T4630] x64_sys_call+0x4b/0x9a0 [ 173.927597][ T4630] do_syscall_64+0x4c/0xa0 [ 173.932026][ T4630] ? clear_bhb_loop+0x50/0xa0 [ 173.936705][ T4630] ? clear_bhb_loop+0x50/0xa0 [ 173.941381][ T4630] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 173.947277][ T4630] RIP: 0033:0x7fdae1cb29a9 [ 173.951713][ T4630] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 173.971319][ T4630] RSP: 002b:00007fdae02fa038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 173.979735][ T4630] RAX: ffffffffffffffda RBX: 00007fdae1eda080 RCX: 00007fdae1cb29a9 [ 173.987710][ T4630] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000005 [ 173.995681][ T4630] RBP: 00007fdae02fa090 R08: 0000000000000000 R09: 0000000000000000 [ 174.003659][ T4630] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 174.011628][ T4630] R13: 0000000000000000 R14: 00007fdae1eda080 R15: 00007ffc83dca438 [ 174.019605][ T4630] [ 174.153823][ T4636] FAULT_INJECTION: forcing a failure. [ 174.153823][ T4636] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 174.176697][ T4636] CPU: 0 PID: 4636 Comm: syz.1.1627 Not tainted 5.15.188-syzkaller-android13-5.15.188_r00 #0 [ 174.186992][ T4636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 174.197072][ T4636] Call Trace: [ 174.200367][ T4636] [ 174.203309][ T4636] __dump_stack+0x21/0x30 [ 174.207671][ T4636] dump_stack_lvl+0xee/0x150 [ 174.212281][ T4636] ? show_regs_print_info+0x20/0x20 [ 174.217503][ T4636] dump_stack+0x15/0x20 [ 174.221671][ T4636] should_fail+0x3c1/0x510 [ 174.226103][ T4636] should_fail_usercopy+0x1a/0x20 [ 174.231146][ T4636] _copy_to_user+0x20/0x90 [ 174.235588][ T4636] simple_read_from_buffer+0xe9/0x160 [ 174.240983][ T4636] proc_fail_nth_read+0x19a/0x210 [ 174.246032][ T4636] ? proc_fault_inject_write+0x2f0/0x2f0 [ 174.251687][ T4636] ? security_file_permission+0x83/0xa0 [ 174.257262][ T4636] ? proc_fault_inject_write+0x2f0/0x2f0 [ 174.262919][ T4636] vfs_read+0x282/0xbe0 [ 174.267094][ T4636] ? kernel_read+0x1f0/0x1f0 [ 174.271698][ T4636] ? __kasan_check_write+0x14/0x20 [ 174.276826][ T4636] ? mutex_lock+0x95/0x1a0 [ 174.281260][ T4636] ? wait_for_completion_killable_timeout+0x10/0x10 [ 174.288042][ T4636] ? __fget_files+0x2c4/0x320 [ 174.292752][ T4636] ? __fdget_pos+0x2d2/0x380 [ 174.297375][ T4636] ? ksys_read+0x71/0x240 [ 174.301721][ T4636] ksys_read+0x140/0x240 [ 174.305978][ T4636] ? vfs_write+0xf70/0xf70 [ 174.310500][ T4636] ? debug_smp_processor_id+0x17/0x20 [ 174.315891][ T4636] __x64_sys_read+0x7b/0x90 [ 174.320411][ T4636] x64_sys_call+0x96d/0x9a0 [ 174.324940][ T4636] do_syscall_64+0x4c/0xa0 [ 174.329372][ T4636] ? clear_bhb_loop+0x50/0xa0 [ 174.334062][ T4636] ? clear_bhb_loop+0x50/0xa0 [ 174.338754][ T4636] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 174.344665][ T4636] RIP: 0033:0x7f21391483bc [ 174.349089][ T4636] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 174.368713][ T4636] RSP: 002b:00007f2137791030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 174.377149][ T4636] RAX: ffffffffffffffda RBX: 00007f2139371080 RCX: 00007f21391483bc [ 174.385137][ T4636] RDX: 000000000000000f RSI: 00007f21377910a0 RDI: 0000000000000003 [ 174.393129][ T4636] RBP: 00007f2137791090 R08: 0000000000000000 R09: 0000000000000000 [ 174.401115][ T4636] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 174.409103][ T4636] R13: 0000000000000001 R14: 00007f2139371080 R15: 00007ffe5e2c9a88 [ 174.417096][ T4636] [ 174.436154][ T4638] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1628'. [ 174.445978][ T4638] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1628'. [ 174.699657][ T4643] device pim6reg1 entered promiscuous mode [ 174.910192][ T4652] FAULT_INJECTION: forcing a failure. [ 174.910192][ T4652] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 174.944441][ T4652] CPU: 1 PID: 4652 Comm: syz.2.1634 Not tainted 5.15.188-syzkaller-android13-5.15.188_r00 #0 [ 174.954742][ T4652] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 174.964911][ T4652] Call Trace: [ 174.968245][ T4652] [ 174.971280][ T4652] __dump_stack+0x21/0x30 [ 174.975631][ T4652] dump_stack_lvl+0xee/0x150 [ 174.980254][ T4652] ? show_regs_print_info+0x20/0x20 [ 174.985474][ T4652] dump_stack+0x15/0x20 [ 174.989656][ T4652] should_fail+0x3c1/0x510 [ 174.994091][ T4652] should_fail_usercopy+0x1a/0x20 [ 174.999144][ T4652] _copy_from_user+0x20/0xd0 [ 175.003847][ T4652] __se_sys_memfd_create+0x131/0x3b0 [ 175.009162][ T4652] __x64_sys_memfd_create+0x5b/0x70 [ 175.014386][ T4652] x64_sys_call+0x473/0x9a0 [ 175.018908][ T4652] do_syscall_64+0x4c/0xa0 [ 175.023348][ T4652] ? clear_bhb_loop+0x50/0xa0 [ 175.028048][ T4652] ? clear_bhb_loop+0x50/0xa0 [ 175.032840][ T4652] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 175.038755][ T4652] RIP: 0033:0x7f96830a39a9 [ 175.043189][ T4652] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 175.062813][ T4652] RSP: 002b:00007f968170be18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f [ 175.071241][ T4652] RAX: ffffffffffffffda RBX: 000000000000550f RCX: 00007f96830a39a9 [ 175.079215][ T4652] RDX: 00007f968170bef0 RSI: 0000000000000000 RDI: 00007f96831266fc [ 175.087191][ T4652] RBP: 000020000000cf00 R08: 00007f968170bbb7 R09: 00007f968170be40 [ 175.095166][ T4652] R10: 000000000000000a R11: 0000000000000202 R12: 00002000000001c0 [ 175.103146][ T4652] R13: 00007f968170bef0 R14: 00007f968170beb0 R15: 0000200000000a40 [ 175.111123][ T4652] [ 175.487293][ T4659] FAULT_INJECTION: forcing a failure. [ 175.487293][ T4659] name failslab, interval 1, probability 0, space 0, times 0 [ 175.504542][ T4659] CPU: 0 PID: 4659 Comm: syz.1.1635 Not tainted 5.15.188-syzkaller-android13-5.15.188_r00 #0 [ 175.514752][ T4659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 175.524828][ T4659] Call Trace: [ 175.528127][ T4659] [ 175.531072][ T4659] __dump_stack+0x21/0x30 [ 175.535478][ T4659] dump_stack_lvl+0xee/0x150 [ 175.540096][ T4659] ? show_regs_print_info+0x20/0x20 [ 175.545319][ T4659] ? ip6_pkt_drop+0x560/0x560 [ 175.550021][ T4659] dump_stack+0x15/0x20 [ 175.554197][ T4659] should_fail+0x3c1/0x510 [ 175.558633][ T4659] __should_failslab+0xa4/0xe0 [ 175.563417][ T4659] should_failslab+0x9/0x20 [ 175.567943][ T4659] slab_pre_alloc_hook+0x3b/0xe0 [ 175.572903][ T4659] ? __alloc_skb+0xe0/0x740 [ 175.577422][ T4659] kmem_cache_alloc+0x44/0x260 [ 175.582209][ T4659] __alloc_skb+0xe0/0x740 [ 175.586570][ T4659] alloc_skb_with_frags+0xa8/0x620 [ 175.591703][ T4659] ? fib6_select_path+0x107/0x620 [ 175.596749][ T4659] sock_alloc_send_pskb+0x853/0x980 [ 175.601971][ T4659] ? sock_kzfree_s+0x60/0x60 [ 175.606584][ T4659] ? __kasan_check_write+0x14/0x20 [ 175.611723][ T4659] ? ipv6_get_saddr_eval+0xaac/0xf70 [ 175.617025][ T4659] sock_alloc_send_skb+0x32/0x40 [ 175.621993][ T4659] __ip6_append_data+0x252e/0x37e0 [ 175.624680][ T60] Bluetooth: hci0: command 0x1001 tx timeout [ 175.627136][ T4659] ? local_bh_enable+0x1f/0x30 [ 175.633169][ T3168] Bluetooth: hci0: sending frame failed (-49) [ 175.637877][ T4659] ? ip6_dst_lookup_tail+0xd01/0x1370 [ 175.637901][ T4659] ? ip6_setup_cork+0x1290/0x1290 [ 175.637921][ T4659] ? ip6_setup_cork+0xd10/0x1290 [ 175.637938][ T4659] ip6_make_skb+0x37a/0x6c0 [ 175.637954][ T4659] ? ip_skb_dst_mtu+0x630/0x630 [ 175.637975][ T4659] ? ip_skb_dst_mtu+0x630/0x630 [ 175.637995][ T4659] ? ip6_flush_pending_frames+0x360/0x360 [ 175.638017][ T4659] ? ip6_sk_dst_lookup_flow+0x668/0x820 [ 175.685149][ T4659] ? selinux_sk_getsecid+0x28/0xb0 [ 175.690288][ T4659] udpv6_sendmsg+0x1b03/0x2670 [ 175.695106][ T4659] ? memcpy+0x56/0x70 [ 175.699107][ T4659] ? ip_skb_dst_mtu+0x630/0x630 [ 175.703973][ T4659] ? udp_v6_early_demux+0xbc0/0xbc0 [ 175.709192][ T4659] ? udp_lib_lport_inuse+0x6e/0x530 [ 175.714415][ T4659] ? __local_bh_enable_ip+0x58/0x80 [ 175.719636][ T4659] ? udp_lib_get_port+0x131a/0x1860 [ 175.724967][ T4659] ? __local_bh_enable_ip+0x58/0x80 [ 175.730186][ T4659] ? _raw_spin_unlock_bh+0x51/0x60 [ 175.735319][ T4659] ? release_sock+0x15b/0x1b0 [ 175.740015][ T4659] ? inet_send_prepare+0x1cf/0x4c0 [ 175.745150][ T4659] inet6_sendmsg+0xa5/0xc0 [ 175.749585][ T4659] __sys_sendto+0x423/0x580 [ 175.754105][ T4659] ? __ia32_sys_getpeername+0x90/0x90 [ 175.759501][ T4659] ? __ia32_sys_read+0x90/0x90 [ 175.764280][ T4659] __x64_sys_sendto+0xe5/0x100 [ 175.769071][ T4659] x64_sys_call+0x178/0x9a0 [ 175.773592][ T4659] do_syscall_64+0x4c/0xa0 [ 175.778024][ T4659] ? clear_bhb_loop+0x50/0xa0 [ 175.782722][ T4659] ? clear_bhb_loop+0x50/0xa0 [ 175.787415][ T4659] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 175.793333][ T4659] RIP: 0033:0x7f21391499a9 [ 175.797768][ T4659] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 175.817502][ T4659] RSP: 002b:00007f2137791038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 175.825945][ T4659] RAX: ffffffffffffffda RBX: 00007f2139371080 RCX: 00007f21391499a9 [ 175.833937][ T4659] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000005 [ 175.841924][ T4659] RBP: 00007f2137791090 R08: 0000200000000180 R09: 000000000000001c [ 175.849911][ T4659] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000001 [ 175.857989][ T4659] R13: 0000000000000000 R14: 00007f2139371080 R15: 00007ffe5e2c9a88 [ 175.865980][ T4659] [ 176.179450][ T4669] kernel profiling enabled (shift: 16) [ 177.056879][ T4701] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1649'. [ 177.084284][ T4701] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1649'. [ 177.136362][ T4703] FAULT_INJECTION: forcing a failure. [ 177.136362][ T4703] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 177.176783][ T4710] FAULT_INJECTION: forcing a failure. [ 177.176783][ T4710] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 177.192371][ T4703] CPU: 0 PID: 4703 Comm: syz.1.1647 Not tainted 5.15.188-syzkaller-android13-5.15.188_r00 #0 [ 177.202567][ T4703] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 177.212649][ T4703] Call Trace: [ 177.215949][ T4703] [ 177.218894][ T4703] __dump_stack+0x21/0x30 [ 177.223243][ T4703] dump_stack_lvl+0xee/0x150 [ 177.227854][ T4703] ? show_regs_print_info+0x20/0x20 [ 177.233180][ T4703] dump_stack+0x15/0x20 [ 177.237357][ T4703] should_fail+0x3c1/0x510 [ 177.241796][ T4703] should_fail_usercopy+0x1a/0x20 [ 177.246956][ T4703] _copy_to_user+0x20/0x90 [ 177.251406][ T4703] simple_read_from_buffer+0xe9/0x160 [ 177.256800][ T4703] proc_fail_nth_read+0x19a/0x210 [ 177.261849][ T4703] ? proc_fault_inject_write+0x2f0/0x2f0 [ 177.267594][ T4703] ? security_file_permission+0x83/0xa0 [ 177.273957][ T4703] ? proc_fault_inject_write+0x2f0/0x2f0 [ 177.279697][ T4703] vfs_read+0x282/0xbe0 [ 177.283955][ T4703] ? kernel_read+0x1f0/0x1f0 [ 177.288559][ T4703] ? __fget_files+0x2c4/0x320 [ 177.293256][ T4703] ? __kasan_check_write+0x14/0x20 [ 177.298386][ T4703] ? mutex_lock+0x95/0x1a0 [ 177.302938][ T4703] ? wait_for_completion_killable_timeout+0x10/0x10 [ 177.309546][ T4703] ? __fget_files+0x2c4/0x320 [ 177.314267][ T4703] ? __fdget_pos+0x2d2/0x380 [ 177.318890][ T4703] ? ksys_read+0x71/0x240 [ 177.323244][ T4703] ksys_read+0x140/0x240 [ 177.327503][ T4703] ? vfs_write+0xf70/0xf70 [ 177.332026][ T4703] ? debug_smp_processor_id+0x17/0x20 [ 177.337422][ T4703] __x64_sys_read+0x7b/0x90 [ 177.341954][ T4703] x64_sys_call+0x96d/0x9a0 [ 177.346472][ T4703] do_syscall_64+0x4c/0xa0 [ 177.350906][ T4703] ? clear_bhb_loop+0x50/0xa0 [ 177.355601][ T4703] ? clear_bhb_loop+0x50/0xa0 [ 177.360305][ T4703] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 177.366222][ T4703] RIP: 0033:0x7f21391483bc [ 177.370656][ T4703] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 177.390379][ T4703] RSP: 002b:00007f2137770030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 177.398834][ T4703] RAX: ffffffffffffffda RBX: 00007f2139371160 RCX: 00007f21391483bc [ 177.406830][ T4703] RDX: 000000000000000f RSI: 00007f21377700a0 RDI: 0000000000000006 [ 177.414825][ T4703] RBP: 00007f2137770090 R08: 0000000000000000 R09: 0000000000000000 [ 177.422814][ T4703] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000001 [ 177.430803][ T4703] R13: 0000000000000000 R14: 00007f2139371160 R15: 00007ffe5e2c9a88 [ 177.438804][ T4703] [ 177.444058][ T4710] CPU: 0 PID: 4710 Comm: syz.2.1650 Not tainted 5.15.188-syzkaller-android13-5.15.188_r00 #0 [ 177.454260][ T4710] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 177.464422][ T4710] Call Trace: [ 177.467713][ T4710] [ 177.470647][ T4710] __dump_stack+0x21/0x30 [ 177.474985][ T4710] dump_stack_lvl+0xee/0x150 [ 177.479580][ T4710] ? show_regs_print_info+0x20/0x20 [ 177.484783][ T4710] dump_stack+0x15/0x20 [ 177.488938][ T4710] should_fail+0x3c1/0x510 [ 177.493364][ T4710] should_fail_usercopy+0x1a/0x20 [ 177.498387][ T4710] _copy_to_user+0x20/0x90 [ 177.502808][ T4710] simple_read_from_buffer+0xe9/0x160 [ 177.508186][ T4710] proc_fail_nth_read+0x19a/0x210 [ 177.513221][ T4710] ? proc_fault_inject_write+0x2f0/0x2f0 [ 177.519034][ T4710] ? security_file_permission+0x83/0xa0 [ 177.524584][ T4710] ? proc_fault_inject_write+0x2f0/0x2f0 [ 177.530220][ T4710] vfs_read+0x282/0xbe0 [ 177.534382][ T4710] ? kernel_read+0x1f0/0x1f0 [ 177.538978][ T4710] ? __fget_files+0x2c4/0x320 [ 177.543671][ T4710] ? __kasan_check_write+0x14/0x20 [ 177.548783][ T4710] ? mutex_lock+0x95/0x1a0 [ 177.553206][ T4710] ? wait_for_completion_killable_timeout+0x10/0x10 [ 177.559931][ T4710] ? __fget_files+0x2c4/0x320 [ 177.564640][ T4710] ? __fdget_pos+0x2d2/0x380 [ 177.569241][ T4710] ? ksys_read+0x71/0x240 [ 177.573691][ T4710] ksys_read+0x140/0x240 [ 177.577958][ T4710] ? vfs_write+0xf70/0xf70 [ 177.582503][ T4710] ? debug_smp_processor_id+0x17/0x20 [ 177.587892][ T4710] __x64_sys_read+0x7b/0x90 [ 177.592424][ T4710] x64_sys_call+0x96d/0x9a0 [ 177.596939][ T4710] do_syscall_64+0x4c/0xa0 [ 177.601389][ T4710] ? clear_bhb_loop+0x50/0xa0 [ 177.606088][ T4710] ? clear_bhb_loop+0x50/0xa0 [ 177.611113][ T4710] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 177.617012][ T4710] RIP: 0033:0x7f96830a23bc [ 177.621428][ T4710] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 177.641127][ T4710] RSP: 002b:00007f96816eb030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 177.649679][ T4710] RAX: ffffffffffffffda RBX: 00007f96832cb080 RCX: 00007f96830a23bc [ 177.657672][ T4710] RDX: 000000000000000f RSI: 00007f96816eb0a0 RDI: 0000000000000009 [ 177.666491][ T4710] RBP: 00007f96816eb090 R08: 0000000000000000 R09: 0000000000000000 [ 177.674484][ T4710] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 177.682475][ T4710] R13: 0000000000000000 R14: 00007f96832cb080 R15: 00007ffe7a2f9fb8 [ 177.690473][ T4710] [ 177.704477][ T60] Bluetooth: hci0: command 0x1009 tx timeout [ 178.246037][ T30] kauditd_printk_skb: 175 callbacks suppressed [ 178.246055][ T30] audit: type=1400 audit(1752920532.605:85537): avc: denied { read write } for pid=286 comm="syz-executor" name="loop4" dev="devtmpfs" ino=120 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0 [ 178.293054][ T30] audit: type=1400 audit(1752920532.635:85538): avc: denied { read write } for pid=285 comm="syz-executor" name="loop2" dev="devtmpfs" ino=118 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0 [ 178.298559][ T4727] FAULT_INJECTION: forcing a failure. [ 178.298559][ T4727] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 178.317927][ T30] audit: type=1400 audit(1752920532.655:85539): avc: denied { create } for pid=4725 comm="syz.4.1656" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=0 [ 178.352445][ T30] audit: type=1400 audit(1752920532.655:85540): avc: denied { read write } for pid=4725 comm="syz.4.1656" name="fuse" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=0 [ 178.376209][ T4727] CPU: 0 PID: 4727 Comm: syz.4.1656 Not tainted 5.15.188-syzkaller-android13-5.15.188_r00 #0 [ 178.386388][ T4727] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 178.396462][ T4727] Call Trace: [ 178.399762][ T4727] [ 178.402702][ T4727] __dump_stack+0x21/0x30 [ 178.407039][ T4727] dump_stack_lvl+0xee/0x150 [ 178.411631][ T4727] ? show_regs_print_info+0x20/0x20 [ 178.416830][ T4727] ? format_decode+0x1bb/0x1520 [ 178.421687][ T4727] dump_stack+0x15/0x20 [ 178.425846][ T4727] should_fail+0x3c1/0x510 [ 178.430271][ T4727] should_fail_usercopy+0x1a/0x20 [ 178.435386][ T4727] _copy_from_user+0x20/0xd0 [ 178.439983][ T4727] kstrtouint_from_user+0xbe/0x200 [ 178.445110][ T4727] ? kstrtol_from_user+0x260/0x260 [ 178.450251][ T4727] ? 0xffffffff81000000 [ 178.454410][ T4727] ? _copy_to_user+0x78/0x90 [ 178.459183][ T4727] ? simple_read_from_buffer+0x10f/0x160 [ 178.464821][ T4727] proc_fail_nth_write+0x85/0x1f0 [ 178.469849][ T4727] ? proc_fail_nth_read+0x210/0x210 [ 178.475048][ T4727] ? security_file_permission+0x79/0xa0 [ 178.480597][ T4727] ? security_file_permission+0x83/0xa0 [ 178.486142][ T4727] ? proc_fail_nth_read+0x210/0x210 [ 178.491349][ T4727] vfs_write+0x3ee/0xf70 [ 178.495590][ T4727] ? file_end_write+0x1b0/0x1b0 [ 178.500439][ T4727] ? __kasan_check_write+0x14/0x20 [ 178.505556][ T4727] ? mutex_lock+0x95/0x1a0 [ 178.509977][ T4727] ? wait_for_completion_killable_timeout+0x10/0x10 [ 178.516570][ T4727] ? __fget_files+0x2c4/0x320 [ 178.521254][ T4727] ? __fdget_pos+0x2d2/0x380 [ 178.525843][ T4727] ? ksys_write+0x71/0x240 [ 178.530262][ T4727] ksys_write+0x140/0x240 [ 178.534588][ T4727] ? __ia32_sys_read+0x90/0x90 [ 178.539352][ T4727] ? debug_smp_processor_id+0x17/0x20 [ 178.544725][ T4727] __x64_sys_write+0x7b/0x90 [ 178.549313][ T4727] x64_sys_call+0x8ef/0x9a0 [ 178.553818][ T4727] do_syscall_64+0x4c/0xa0 [ 178.558233][ T4727] ? clear_bhb_loop+0x50/0xa0 [ 178.562910][ T4727] ? clear_bhb_loop+0x50/0xa0 [ 178.567591][ T4727] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 178.573484][ T4727] RIP: 0033:0x7f1464dfa45f [ 178.577906][ T4727] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 178.597517][ T4727] RSP: 002b:00007f1463464030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 178.605949][ T4727] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f1464dfa45f [ 178.613923][ T4727] RDX: 0000000000000001 RSI: 00007f14634640a0 RDI: 0000000000000003 [ 178.621895][ T4727] RBP: 00007f1463464090 R08: 0000000000000000 R09: 0000000000000000 [ 178.629881][ T4727] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 178.637853][ T4727] R13: 0000000000000000 R14: 00007f1465022fa0 R15: 00007ffdcd3f5248 [ 178.645829][ T4727] [ 178.670604][ T30] audit: type=1400 audit(1752920533.025:85541): avc: denied { read write } for pid=286 comm="syz-executor" name="loop4" dev="devtmpfs" ino=120 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0 [ 178.710616][ T30] audit: type=1400 audit(1752920533.055:85542): avc: denied { map_create } for pid=4723 comm="syz.2.1657" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0 [ 178.722602][ T4735] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1660'. [ 178.729999][ T30] audit: type=1400 audit(1752920533.055:85543): avc: denied { prog_load } for pid=4723 comm="syz.2.1657" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0 [ 178.757615][ T4736] xt_bpf: check failed: parse error [ 178.766339][ T30] audit: type=1400 audit(1752920533.055:85544): avc: denied { prog_load } for pid=4730 comm="syz.4.1658" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0 [ 178.795962][ T30] audit: type=1400 audit(1752920533.055:85545): avc: denied { prog_load } for pid=4730 comm="syz.4.1658" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0 [ 178.815277][ T4742] FAULT_INJECTION: forcing a failure. [ 178.815277][ T4742] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 178.816100][ T30] audit: type=1400 audit(1752920533.055:85546): avc: denied { read write } for pid=4730 comm="syz.4.1658" name="loop4" dev="devtmpfs" ino=120 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0 [ 178.843570][ T4742] CPU: 1 PID: 4742 Comm: syz.2.1661 Not tainted 5.15.188-syzkaller-android13-5.15.188_r00 #0 [ 178.862837][ T4742] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 178.872918][ T4742] Call Trace: [ 178.876200][ T4742] [ 178.879131][ T4742] __dump_stack+0x21/0x30 [ 178.883537][ T4742] dump_stack_lvl+0xee/0x150 [ 178.888234][ T4742] ? show_regs_print_info+0x20/0x20 [ 178.893436][ T4742] dump_stack+0x15/0x20 [ 178.897598][ T4742] should_fail+0x3c1/0x510 [ 178.902015][ T4742] should_fail_alloc_page+0x55/0x80 [ 178.907219][ T4742] prepare_alloc_pages+0x156/0x600 [ 178.912338][ T4742] ? __alloc_pages_bulk+0xab0/0xab0 [ 178.917542][ T4742] __alloc_pages+0x10a/0x440 [ 178.922193][ T4742] ? prep_new_page+0x110/0x110 [ 178.926974][ T4742] ? avc_has_perm_noaudit+0x2f4/0x460 [ 178.932351][ T4742] kmalloc_order+0x4c/0x160 [ 178.936874][ T4742] kmalloc_order_trace+0x18/0xb0 [ 178.941820][ T4742] __kmalloc+0x199/0x2c0 [ 178.946066][ T4742] kvmalloc_node+0x242/0x330 [ 178.950663][ T4742] ? vm_mmap+0xb0/0xb0 [ 178.954735][ T4742] ? cap_capable+0x1aa/0x230 [ 178.959367][ T4742] ? cap_capable+0x1aa/0x230 [ 178.963957][ T4742] alloc_netdev_mqs+0x8d/0xc90 [ 178.968720][ T4742] ? tun_not_capable+0x1f0/0x1f0 [ 178.973687][ T4742] tun_set_iff+0x535/0xe00 [ 178.978107][ T4742] __tun_chr_ioctl+0x7e8/0x1eb0 [ 178.982957][ T4742] ? tun_flow_create+0x320/0x320 [ 178.987898][ T4742] ? mutex_unlock+0x89/0x220 [ 178.992489][ T4742] ? __fget_files+0x2c4/0x320 [ 178.997169][ T4742] tun_chr_ioctl+0x2a/0x40 [ 179.001595][ T4742] ? tun_chr_poll+0x720/0x720 [ 179.006457][ T4742] __se_sys_ioctl+0x121/0x1a0 [ 179.011140][ T4742] __x64_sys_ioctl+0x7b/0x90 [ 179.015737][ T4742] x64_sys_call+0x2f/0x9a0 [ 179.020179][ T4742] do_syscall_64+0x4c/0xa0 [ 179.024604][ T4742] ? clear_bhb_loop+0x50/0xa0 [ 179.029307][ T4742] ? clear_bhb_loop+0x50/0xa0 [ 179.034105][ T4742] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 179.040018][ T4742] RIP: 0033:0x7f96830a39a9 [ 179.044453][ T4742] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 179.064202][ T4742] RSP: 002b:00007f96816eb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 179.072715][ T4742] RAX: ffffffffffffffda RBX: 00007f96832cb080 RCX: 00007f96830a39a9 [ 179.080691][ T4742] RDX: 00002000000000c0 RSI: 00000000400454ca RDI: 0000000000000006 [ 179.088670][ T4742] RBP: 00007f96816eb090 R08: 0000000000000000 R09: 0000000000000000 [ 179.096650][ T4742] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 179.104634][ T4742] R13: 0000000000000000 R14: 00007f96832cb080 R15: 00007ffe7a2f9fb8 [ 179.112619][ T4742] [ 179.266338][ T4751] FAULT_INJECTION: forcing a failure. [ 179.266338][ T4751] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 179.284032][ T4751] CPU: 0 PID: 4751 Comm: syz.2.1665 Not tainted 5.15.188-syzkaller-android13-5.15.188_r00 #0 [ 179.294238][ T4751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 179.304322][ T4751] Call Trace: [ 179.307638][ T4751] [ 179.310597][ T4751] __dump_stack+0x21/0x30 [ 179.314990][ T4751] dump_stack_lvl+0xee/0x150 [ 179.319597][ T4751] ? show_regs_print_info+0x20/0x20 [ 179.324908][ T4751] dump_stack+0x15/0x20 [ 179.329082][ T4751] should_fail+0x3c1/0x510 [ 179.333523][ T4751] should_fail_usercopy+0x1a/0x20 [ 179.338564][ T4751] _copy_to_user+0x20/0x90 [ 179.343005][ T4751] simple_read_from_buffer+0xe9/0x160 [ 179.348421][ T4751] proc_fail_nth_read+0x19a/0x210 [ 179.353738][ T4751] ? proc_fault_inject_write+0x2f0/0x2f0 [ 179.359421][ T4751] ? security_file_permission+0x83/0xa0 [ 179.364994][ T4751] ? proc_fault_inject_write+0x2f0/0x2f0 [ 179.370650][ T4751] vfs_read+0x282/0xbe0 [ 179.374827][ T4751] ? kernel_read+0x1f0/0x1f0 [ 179.379436][ T4751] ? __kasan_check_write+0x14/0x20 [ 179.384570][ T4751] ? mutex_lock+0x95/0x1a0 [ 179.389007][ T4751] ? wait_for_completion_killable_timeout+0x10/0x10 [ 179.395617][ T4751] ? __fget_files+0x2c4/0x320 [ 179.400331][ T4751] ? __fdget_pos+0x2d2/0x380 [ 179.404944][ T4751] ? ksys_read+0x71/0x240 [ 179.409294][ T4751] ksys_read+0x140/0x240 [ 179.413560][ T4751] ? vfs_write+0xf70/0xf70 [ 179.417999][ T4751] ? debug_smp_processor_id+0x17/0x20 [ 179.423396][ T4751] __x64_sys_read+0x7b/0x90 [ 179.427918][ T4751] x64_sys_call+0x96d/0x9a0 [ 179.432442][ T4751] do_syscall_64+0x4c/0xa0 [ 179.436892][ T4751] ? clear_bhb_loop+0x50/0xa0 [ 179.441686][ T4751] ? clear_bhb_loop+0x50/0xa0 [ 179.446381][ T4751] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 179.452292][ T4751] RIP: 0033:0x7f96830a23bc [ 179.456720][ T4751] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 179.476431][ T4751] RSP: 002b:00007f968170c030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 179.484874][ T4751] RAX: ffffffffffffffda RBX: 00007f96832cafa0 RCX: 00007f96830a23bc [ 179.492872][ T4751] RDX: 000000000000000f RSI: 00007f968170c0a0 RDI: 0000000000000003 [ 179.500863][ T4751] RBP: 00007f968170c090 R08: 0000000000000000 R09: 0000000000000000 [ 179.508854][ T4751] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 179.516850][ T4751] R13: 0000000000000000 R14: 00007f96832cafa0 R15: 00007ffe7a2f9fb8 [ 179.524884][ T4751] [ 180.552773][ T4775] FAULT_INJECTION: forcing a failure. [ 180.552773][ T4775] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 180.566039][ T4775] CPU: 0 PID: 4775 Comm: syz.4.1675 Not tainted 5.15.188-syzkaller-android13-5.15.188_r00 #0 [ 180.576215][ T4775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 180.586394][ T4775] Call Trace: [ 180.589692][ T4775] [ 180.592641][ T4775] __dump_stack+0x21/0x30 [ 180.596997][ T4775] dump_stack_lvl+0xee/0x150 [ 180.601608][ T4775] ? show_regs_print_info+0x20/0x20 [ 180.606823][ T4775] dump_stack+0x15/0x20 [ 180.611000][ T4775] should_fail+0x3c1/0x510 [ 180.615431][ T4775] should_fail_usercopy+0x1a/0x20 [ 180.620469][ T4775] _copy_to_user+0x20/0x90 [ 180.624904][ T4775] simple_read_from_buffer+0xe9/0x160 [ 180.630302][ T4775] proc_fail_nth_read+0x19a/0x210 [ 180.635347][ T4775] ? proc_fault_inject_write+0x2f0/0x2f0 [ 180.641001][ T4775] ? security_file_permission+0x83/0xa0 [ 180.646564][ T4775] ? proc_fault_inject_write+0x2f0/0x2f0 [ 180.652218][ T4775] vfs_read+0x282/0xbe0 [ 180.656388][ T4775] ? kernel_read+0x1f0/0x1f0 [ 180.660997][ T4775] ? __kasan_check_write+0x14/0x20 [ 180.666122][ T4775] ? mutex_lock+0x95/0x1a0 [ 180.670549][ T4775] ? wait_for_completion_killable_timeout+0x10/0x10 [ 180.677152][ T4775] ? __fget_files+0x2c4/0x320 [ 180.681858][ T4775] ? __fdget_pos+0x2d2/0x380 [ 180.686470][ T4775] ? ksys_read+0x71/0x240 [ 180.690807][ T4775] ksys_read+0x140/0x240 [ 180.695043][ T4775] ? vfs_write+0xf70/0xf70 [ 180.699449][ T4775] ? debug_smp_processor_id+0x17/0x20 [ 180.704817][ T4775] __x64_sys_read+0x7b/0x90 [ 180.709316][ T4775] x64_sys_call+0x96d/0x9a0 [ 180.713809][ T4775] do_syscall_64+0x4c/0xa0 [ 180.718215][ T4775] ? clear_bhb_loop+0x50/0xa0 [ 180.722885][ T4775] ? clear_bhb_loop+0x50/0xa0 [ 180.727557][ T4775] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 180.733443][ T4775] RIP: 0033:0x7f1464dfa3bc [ 180.737857][ T4775] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 180.757461][ T4775] RSP: 002b:00007f1463464030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 180.765878][ T4775] RAX: ffffffffffffffda RBX: 00007f1465022fa0 RCX: 00007f1464dfa3bc [ 180.773843][ T4775] RDX: 000000000000000f RSI: 00007f14634640a0 RDI: 0000000000000004 [ 180.781811][ T4775] RBP: 00007f1463464090 R08: 0000000000000000 R09: 0000000000000000 [ 180.789779][ T4775] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 180.797763][ T4775] R13: 0000000000000000 R14: 00007f1465022fa0 R15: 00007ffdcd3f5248 [ 180.805732][ T4775] [ 181.014512][ T4792] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1683'. [ 181.040818][ T4792] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1683'. [ 181.396034][ T4819] FAULT_INJECTION: forcing a failure. [ 181.396034][ T4819] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 181.424441][ T4819] CPU: 1 PID: 4819 Comm: syz.0.1692 Not tainted 5.15.188-syzkaller-android13-5.15.188_r00 #0 [ 181.434651][ T4819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 181.444729][ T4819] Call Trace: [ 181.448025][ T4819] [ 181.450972][ T4819] __dump_stack+0x21/0x30 [ 181.455326][ T4819] dump_stack_lvl+0xee/0x150 [ 181.460051][ T4819] ? show_regs_print_info+0x20/0x20 [ 181.465277][ T4819] ? proc_fail_nth_write+0x17a/0x1f0 [ 181.470600][ T4819] ? proc_fail_nth_read+0x210/0x210 [ 181.475834][ T4819] ? security_file_permission+0x79/0xa0 [ 181.481423][ T4819] dump_stack+0x15/0x20 [ 181.485726][ T4819] should_fail+0x3c1/0x510 [ 181.490172][ T4819] should_fail_usercopy+0x1a/0x20 [ 181.495343][ T4819] _copy_from_user+0x20/0xd0 [ 181.499979][ T4819] get_itimerspec64+0x19a/0x2e0 [ 181.504858][ T4819] ? put_old_timespec32+0x110/0x110 [ 181.510089][ T4819] ? mutex_unlock+0x89/0x220 [ 181.514717][ T4819] ? __mutex_lock_slowpath+0x10/0x10 [ 181.520027][ T4819] __x64_sys_timerfd_settime+0x12c/0x210 [ 181.525686][ T4819] ? __ia32_sys_timerfd_create+0x70/0x70 [ 181.531350][ T4819] ? ksys_write+0x1eb/0x240 [ 181.535876][ T4819] ? __ia32_sys_read+0x90/0x90 [ 181.540665][ T4819] ? fpregs_assert_state_consistent+0xb1/0xe0 [ 181.546759][ T4819] x64_sys_call+0x70c/0x9a0 [ 181.551282][ T4819] do_syscall_64+0x4c/0xa0 [ 181.555726][ T4819] ? clear_bhb_loop+0x50/0xa0 [ 181.560427][ T4819] ? clear_bhb_loop+0x50/0xa0 [ 181.565126][ T4819] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 181.571047][ T4819] RIP: 0033:0x7fdae1cb29a9 [ 181.575489][ T4819] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 181.595108][ T4819] RSP: 002b:00007fdae02fa038 EFLAGS: 00000246 ORIG_RAX: 000000000000011e [ 181.603538][ T4819] RAX: ffffffffffffffda RBX: 00007fdae1eda080 RCX: 00007fdae1cb29a9 [ 181.611534][ T4819] RDX: 0000200000000000 RSI: 0000000000000003 RDI: 0000000000000006 [ 181.619517][ T4819] RBP: 00007fdae02fa090 R08: 0000000000000000 R09: 0000000000000000 [ 181.627501][ T4819] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 181.635493][ T4819] R13: 0000000000000000 R14: 00007fdae1eda080 R15: 00007ffc83dca438 [ 181.643469][ T4819] [ 181.724994][ T4821] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1694'. [ 181.734706][ T4821] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1694'. [ 182.063024][ T4837] FAULT_INJECTION: forcing a failure. [ 182.063024][ T4837] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 182.094471][ T4837] CPU: 1 PID: 4837 Comm: syz.1.1699 Not tainted 5.15.188-syzkaller-android13-5.15.188_r00 #0 [ 182.104836][ T4837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 182.114921][ T4837] Call Trace: [ 182.118219][ T4837] [ 182.121167][ T4837] __dump_stack+0x21/0x30 [ 182.125517][ T4837] dump_stack_lvl+0xee/0x150 [ 182.130155][ T4837] ? show_regs_print_info+0x20/0x20 [ 182.130186][ T4837] dump_stack+0x15/0x20 [ 182.130205][ T4837] should_fail+0x3c1/0x510 [ 182.130227][ T4837] should_fail_usercopy+0x1a/0x20 [ 182.130248][ T4837] _copy_from_user+0x20/0xd0 [ 182.130273][ T4837] __se_sys_memfd_create+0x131/0x3b0 [ 182.130297][ T4837] __x64_sys_memfd_create+0x5b/0x70 [ 182.130320][ T4837] x64_sys_call+0x473/0x9a0 [ 182.130341][ T4837] do_syscall_64+0x4c/0xa0 [ 182.130361][ T4837] ? clear_bhb_loop+0x50/0xa0 [ 182.130382][ T4837] ? clear_bhb_loop+0x50/0xa0 [ 182.130403][ T4837] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 182.130424][ T4837] RIP: 0033:0x7f21391499a9 [ 182.130444][ T4837] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 182.130463][ T4837] RSP: 002b:00007f21377b1e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f [ 182.130486][ T4837] RAX: ffffffffffffffda RBX: 0000000000000500 RCX: 00007f21391499a9 [ 182.130501][ T4837] RDX: 00007f21377b1ef0 RSI: 0000000000000000 RDI: 00007f21391cc6fc [ 182.130516][ T4837] RBP: 0000200000000500 R08: 00007f21377b1bb7 R09: 00007f21377b1e40 [ 182.130531][ T4837] R10: 000000000000000a R11: 0000000000000202 R12: 00002000000000c0 [ 182.130544][ T4837] R13: 00007f21377b1ef0 R14: 00007f21377b1eb0 R15: 0000200000000100 [ 182.130573][ T4837] [ 182.431873][ T4851] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1705'. [ 182.441904][ T4851] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1705'. [ 182.546272][ T4863] FAULT_INJECTION: forcing a failure. [ 182.546272][ T4863] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 182.588242][ T4863] CPU: 1 PID: 4863 Comm: syz.2.1707 Not tainted 5.15.188-syzkaller-android13-5.15.188_r00 #0 [ 182.598460][ T4863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 182.608906][ T4863] Call Trace: [ 182.612205][ T4863] [ 182.615156][ T4863] __dump_stack+0x21/0x30 [ 182.619519][ T4863] dump_stack_lvl+0xee/0x150 [ 182.624138][ T4863] ? show_regs_print_info+0x20/0x20 [ 182.629365][ T4863] dump_stack+0x15/0x20 [ 182.633546][ T4863] should_fail+0x3c1/0x510 [ 182.637981][ T4863] should_fail_alloc_page+0x55/0x80 [ 182.643201][ T4863] prepare_alloc_pages+0x156/0x600 [ 182.648345][ T4863] ? __alloc_pages_bulk+0xab0/0xab0 [ 182.653579][ T4863] __alloc_pages+0x10a/0x440 [ 182.658187][ T4863] ? prep_new_page+0x110/0x110 [ 182.662981][ T4863] ? avc_has_perm_noaudit+0x2f4/0x460 [ 182.668378][ T4863] kmalloc_order+0x4c/0x160 [ 182.672903][ T4863] kmalloc_order_trace+0x18/0xb0 [ 182.677868][ T4863] __kmalloc+0x199/0x2c0 [ 182.682142][ T4863] kvmalloc_node+0x242/0x330 [ 182.686762][ T4863] ? vm_mmap+0xb0/0xb0 [ 182.690862][ T4863] ? cap_capable+0x1aa/0x230 [ 182.695478][ T4863] ? cap_capable+0x1aa/0x230 [ 182.700094][ T4863] alloc_netdev_mqs+0x8d/0xc90 [ 182.704879][ T4863] ? tun_not_capable+0x1f0/0x1f0 [ 182.709852][ T4863] tun_set_iff+0x535/0xe00 [ 182.714292][ T4863] __tun_chr_ioctl+0x7e8/0x1eb0 [ 182.719168][ T4863] ? tun_flow_create+0x320/0x320 [ 182.724131][ T4863] ? mutex_unlock+0x89/0x220 [ 182.728745][ T4863] ? __fget_files+0x2c4/0x320 [ 182.733719][ T4863] tun_chr_ioctl+0x2a/0x40 [ 182.738167][ T4863] ? tun_chr_poll+0x720/0x720 [ 182.742871][ T4863] __se_sys_ioctl+0x121/0x1a0 [ 182.747576][ T4863] __x64_sys_ioctl+0x7b/0x90 [ 182.752234][ T4863] x64_sys_call+0x2f/0x9a0 [ 182.756673][ T4863] do_syscall_64+0x4c/0xa0 [ 182.761110][ T4863] ? clear_bhb_loop+0x50/0xa0 [ 182.765825][ T4863] ? clear_bhb_loop+0x50/0xa0 [ 182.770567][ T4863] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 182.776487][ T4863] RIP: 0033:0x7f96830a39a9 [ 182.780928][ T4863] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 182.800945][ T4863] RSP: 002b:00007f96816eb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 182.809552][ T4863] RAX: ffffffffffffffda RBX: 00007f96832cb080 RCX: 00007f96830a39a9 [ 182.817555][ T4863] RDX: 00002000000000c0 RSI: 00000000400454ca RDI: 0000000000000006 [ 182.825664][ T4863] RBP: 00007f96816eb090 R08: 0000000000000000 R09: 0000000000000000 [ 182.833670][ T4863] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 182.841665][ T4863] R13: 0000000000000000 R14: 00007f96832cb080 R15: 00007ffe7a2f9fb8 [ 182.849660][ T4863] [ 183.263157][ T30] kauditd_printk_skb: 2156 callbacks suppressed [ 183.263175][ T30] audit: type=1400 audit(1752920538.612:87703): avc: denied { bpf } for pid=4878 comm="syz.4.1714" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=0 [ 183.313970][ T30] audit: type=1400 audit(1752920538.652:87704): avc: denied { execmem } for pid=4878 comm="syz.4.1714" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=0 [ 183.355998][ T30] audit: type=1400 audit(1752920538.702:87705): avc: denied { map_create } for pid=4878 comm="syz.4.1714" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0 [ 183.397830][ T30] audit: type=1400 audit(1752920538.702:87706): avc: denied { prog_load } for pid=4878 comm="syz.4.1714" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0 [ 183.448596][ T30] audit: type=1400 audit(1752920538.702:87707): avc: denied { bpf } for pid=4878 comm="syz.4.1714" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=0 [ 183.499420][ T30] audit: type=1400 audit(1752920538.742:87708): avc: denied { read } for pid=4855 comm="syz.2.1707" dev="nsfs" ino=4026532650 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=0 [ 183.553849][ T30] audit: type=1400 audit(1752920538.822:87709): avc: denied { read write } for pid=284 comm="syz-executor" name="loop0" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0 [ 183.589554][ T4890] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1717'. [ 183.612211][ T4890] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1717'. [ 183.623500][ T30] audit: type=1400 audit(1752920538.862:87710): avc: denied { read write } for pid=284 comm="syz-executor" name="loop0" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0 [ 183.678313][ T30] audit: type=1400 audit(1752920538.882:87711): avc: denied { map_create } for pid=4887 comm="syz.0.1716" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0 [ 183.717942][ T30] audit: type=1400 audit(1752920538.892:87712): avc: denied { prog_load } for pid=4887 comm="syz.0.1716" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0 [ 184.150753][ T4904] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1722'. [ 184.206782][ T4909] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 184.264114][ T4916] FAULT_INJECTION: forcing a failure. [ 184.264114][ T4916] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 184.277436][ T4916] CPU: 1 PID: 4916 Comm: syz.3.1727 Not tainted 5.15.188-syzkaller-android13-5.15.188_r00 #0 [ 184.287645][ T4916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 184.297729][ T4916] Call Trace: [ 184.301033][ T4916] [ 184.303986][ T4916] __dump_stack+0x21/0x30 [ 184.308347][ T4916] dump_stack_lvl+0xee/0x150 [ 184.312961][ T4916] ? show_regs_print_info+0x20/0x20 [ 184.318180][ T4916] ? stack_trace_save+0x98/0xe0 [ 184.323050][ T4916] ? __stack_depot_save+0x34/0x480 [ 184.328189][ T4916] dump_stack+0x15/0x20 [ 184.332368][ T4916] should_fail+0x3c1/0x510 [ 184.336806][ T4916] should_fail_usercopy+0x1a/0x20 [ 184.341858][ T4916] _copy_from_user+0x20/0xd0 [ 184.346657][ T4916] __copy_msghdr_from_user+0xaf/0x5e0 [ 184.352153][ T4916] ? _kstrtoull+0x3c0/0x4d0 [ 184.356686][ T4916] ? __ia32_sys_shutdown+0x1e0/0x1e0 [ 184.360142][ T4905] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1723'. [ 184.361996][ T4916] ? kstrtouint_from_user+0x1a0/0x200 [ 184.376309][ T4916] ___sys_sendmsg+0x156/0x260 [ 184.381016][ T4916] ? __sys_sendmsg+0x250/0x250 [ 184.385821][ T4916] ? __fdget+0x1a1/0x230 [ 184.390099][ T4916] __x64_sys_sendmsg+0x1e2/0x2a0 [ 184.395055][ T4916] ? ___sys_sendmsg+0x260/0x260 [ 184.399922][ T4916] ? ksys_write+0x1eb/0x240 [ 184.404443][ T4916] ? fpregs_assert_state_consistent+0xb1/0xe0 [ 184.410527][ T4916] x64_sys_call+0x4b/0x9a0 [ 184.414950][ T4916] do_syscall_64+0x4c/0xa0 [ 184.419381][ T4916] ? clear_bhb_loop+0x50/0xa0 [ 184.424085][ T4916] ? clear_bhb_loop+0x50/0xa0 [ 184.428774][ T4916] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 184.434678][ T4916] RIP: 0033:0x7f53e71829a9 [ 184.439105][ T4916] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 184.458719][ T4916] RSP: 002b:00007f53e57eb038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 184.467148][ T4916] RAX: ffffffffffffffda RBX: 00007f53e73a9fa0 RCX: 00007f53e71829a9 [ 184.475136][ T4916] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000005 [ 184.483124][ T4916] RBP: 00007f53e57eb090 R08: 0000000000000000 R09: 0000000000000000 [ 184.491108][ T4916] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 184.499090][ T4916] R13: 0000000000000000 R14: 00007f53e73a9fa0 R15: 00007ffdc50e47b8 [ 184.507084][ T4916] [ 184.537847][ T4921] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 184.588672][ T4931] FAULT_INJECTION: forcing a failure. [ 184.588672][ T4931] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 184.602181][ T4931] CPU: 0 PID: 4931 Comm: syz.2.1734 Not tainted 5.15.188-syzkaller-android13-5.15.188_r00 #0 [ 184.612468][ T4931] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 184.622634][ T4931] Call Trace: [ 184.625950][ T4931] [ 184.628907][ T4931] __dump_stack+0x21/0x30 [ 184.633269][ T4931] dump_stack_lvl+0xee/0x150 [ 184.637903][ T4931] ? show_regs_print_info+0x20/0x20 [ 184.643129][ T4931] ? format_decode+0x1bb/0x1520 [ 184.648101][ T4931] dump_stack+0x15/0x20 [ 184.652292][ T4931] should_fail+0x3c1/0x510 [ 184.656737][ T4931] should_fail_usercopy+0x1a/0x20 [ 184.661792][ T4931] _copy_from_user+0x20/0xd0 [ 184.666409][ T4931] kstrtouint_from_user+0xbe/0x200 [ 184.671541][ T4931] ? kstrtol_from_user+0x260/0x260 [ 184.676700][ T4931] ? 0xffffffff81000000 [ 184.680956][ T4931] ? _copy_to_user+0x78/0x90 [ 184.685574][ T4931] ? simple_read_from_buffer+0x10f/0x160 [ 184.691231][ T4931] proc_fail_nth_write+0x85/0x1f0 [ 184.696301][ T4931] ? proc_fail_nth_read+0x210/0x210 [ 184.701526][ T4931] ? security_file_permission+0x79/0xa0 [ 184.707189][ T4931] ? security_file_permission+0x83/0xa0 [ 184.709160][ T4945] FAULT_INJECTION: forcing a failure. [ 184.709160][ T4945] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 184.712760][ T4931] ? proc_fail_nth_read+0x210/0x210 [ 184.731288][ T4931] vfs_write+0x3ee/0xf70 [ 184.735644][ T4931] ? file_end_write+0x1b0/0x1b0 [ 184.740515][ T4931] ? __kasan_check_write+0x14/0x20 [ 184.745664][ T4931] ? mutex_lock+0x95/0x1a0 [ 184.750101][ T4931] ? wait_for_completion_killable_timeout+0x10/0x10 [ 184.756711][ T4931] ? __fget_files+0x2c4/0x320 [ 184.761423][ T4931] ? __fdget_pos+0x2d2/0x380 [ 184.766216][ T4931] ? ksys_write+0x71/0x240 [ 184.770763][ T4931] ksys_write+0x140/0x240 [ 184.775103][ T4931] ? __ia32_sys_read+0x90/0x90 [ 184.779881][ T4931] ? debug_smp_processor_id+0x17/0x20 [ 184.785284][ T4931] __x64_sys_write+0x7b/0x90 [ 184.789897][ T4931] x64_sys_call+0x8ef/0x9a0 [ 184.794419][ T4931] do_syscall_64+0x4c/0xa0 [ 184.798864][ T4931] ? clear_bhb_loop+0x50/0xa0 [ 184.803574][ T4931] ? clear_bhb_loop+0x50/0xa0 [ 184.808264][ T4931] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 184.814260][ T4931] RIP: 0033:0x7f96830a245f [ 184.818714][ T4931] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 184.838369][ T4931] RSP: 002b:00007f968170c030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 184.846807][ T4931] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f96830a245f [ 184.854809][ T4931] RDX: 0000000000000001 RSI: 00007f968170c0a0 RDI: 0000000000000003 [ 184.862898][ T4931] RBP: 00007f968170c090 R08: 0000000000000000 R09: 0000000000000014 [ 184.870886][ T4931] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 184.878884][ T4931] R13: 0000000000000000 R14: 00007f96832cafa0 R15: 00007ffe7a2f9fb8 [ 184.886879][ T4931] [ 184.902209][ T4945] CPU: 1 PID: 4945 Comm: syz.0.1738 Not tainted 5.15.188-syzkaller-android13-5.15.188_r00 #0 [ 184.903219][ T4947] FAULT_INJECTION: forcing a failure. [ 184.903219][ T4947] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 184.912499][ T4945] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 184.912519][ T4945] Call Trace: [ 184.912525][ T4945] [ 184.912533][ T4945] __dump_stack+0x21/0x30 [ 184.912557][ T4945] dump_stack_lvl+0xee/0x150 [ 184.950722][ T4945] ? show_regs_print_info+0x20/0x20 [ 184.955935][ T4945] dump_stack+0x15/0x20 [ 184.960100][ T4945] should_fail+0x3c1/0x510 [ 184.964539][ T4945] should_fail_usercopy+0x1a/0x20 [ 184.969692][ T4945] strncpy_from_user+0x24/0x2e0 [ 184.974672][ T4945] ? kmem_cache_alloc+0xf7/0x260 [ 184.979750][ T4945] getname_flags+0xf4/0x500 [ 184.984282][ T4945] getname+0x19/0x20 [ 184.988194][ T4945] do_sys_openat2+0xd9/0x7b0 [ 184.992803][ T4945] ? __kasan_check_write+0x14/0x20 [ 184.997935][ T4945] ? fput_many+0x15a/0x1a0 [ 185.002377][ T4945] ? do_sys_open+0xe0/0xe0 [ 185.006824][ T4945] ? fput+0x1a/0x20 [ 185.010649][ T4945] ? ksys_write+0x1eb/0x240 [ 185.015165][ T4945] ? __ia32_sys_read+0x90/0x90 [ 185.019952][ T4945] __x64_sys_creat+0x8e/0xb0 [ 185.024565][ T4945] x64_sys_call+0x94a/0x9a0 [ 185.029100][ T4945] do_syscall_64+0x4c/0xa0 [ 185.033549][ T4945] ? clear_bhb_loop+0x50/0xa0 [ 185.038296][ T4945] ? clear_bhb_loop+0x50/0xa0 [ 185.043603][ T4945] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 185.049542][ T4945] RIP: 0033:0x7fdae1cb29a9 [ 185.054075][ T4945] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 185.073779][ T4945] RSP: 002b:00007fdae02fa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055 [ 185.082314][ T4945] RAX: ffffffffffffffda RBX: 00007fdae1eda080 RCX: 00007fdae1cb29a9 [ 185.090302][ T4945] RDX: 0000000000000000 RSI: 0000000000000153 RDI: 0000200000000280 [ 185.098300][ T4945] RBP: 00007fdae02fa090 R08: 0000000000000000 R09: 0000000000000000 [ 185.106421][ T4945] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 185.114415][ T4945] R13: 0000000000000000 R14: 00007fdae1eda080 R15: 00007ffc83dca438 [ 185.122431][ T4945] [ 185.132196][ T4949] x_tables: duplicate underflow at hook 3 [ 185.134979][ T4947] CPU: 1 PID: 4947 Comm: syz.2.1739 Not tainted 5.15.188-syzkaller-android13-5.15.188_r00 #0 [ 185.148134][ T4947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 185.158214][ T4947] Call Trace: [ 185.161524][ T4947] [ 185.164470][ T4947] __dump_stack+0x21/0x30 [ 185.168832][ T4947] dump_stack_lvl+0xee/0x150 [ 185.173528][ T4947] ? show_regs_print_info+0x20/0x20 [ 185.178741][ T4947] dump_stack+0x15/0x20 [ 185.182936][ T4947] should_fail+0x3c1/0x510 [ 185.187368][ T4947] should_fail_usercopy+0x1a/0x20 [ 185.192403][ T4947] _copy_to_user+0x20/0x90 [ 185.196828][ T4947] simple_read_from_buffer+0xe9/0x160 [ 185.202219][ T4947] proc_fail_nth_read+0x19a/0x210 [ 185.207263][ T4947] ? proc_fault_inject_write+0x2f0/0x2f0 [ 185.212926][ T4947] ? security_file_permission+0x83/0xa0 [ 185.218477][ T4947] ? proc_fault_inject_write+0x2f0/0x2f0 [ 185.224121][ T4947] vfs_read+0x282/0xbe0 [ 185.228283][ T4947] ? kernel_read+0x1f0/0x1f0 [ 185.233022][ T4947] ? __fdget+0x1b3/0x230 [ 185.237294][ T4947] ? __kasan_check_write+0x14/0x20 [ 185.242423][ T4947] ? mutex_lock+0x95/0x1a0 [ 185.246853][ T4947] ? wait_for_completion_killable_timeout+0x10/0x10 [ 185.253454][ T4947] ? __fget_files+0x2c4/0x320 [ 185.258150][ T4947] ? __fdget_pos+0x2d2/0x380 [ 185.262761][ T4947] ? ksys_read+0x71/0x240 [ 185.267128][ T4947] ksys_read+0x140/0x240 [ 185.271381][ T4947] ? vfs_write+0xf70/0xf70 [ 185.275817][ T4947] ? debug_smp_processor_id+0x17/0x20 [ 185.281209][ T4947] __x64_sys_read+0x7b/0x90 [ 185.285722][ T4947] x64_sys_call+0x96d/0x9a0 [ 185.290237][ T4947] do_syscall_64+0x4c/0xa0 [ 185.294791][ T4947] ? clear_bhb_loop+0x50/0xa0 [ 185.299663][ T4947] ? clear_bhb_loop+0x50/0xa0 [ 185.304366][ T4947] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 185.310274][ T4947] RIP: 0033:0x7f96830a23bc [ 185.314698][ T4947] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 185.334319][ T4947] RSP: 002b:00007f968170c030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 185.342746][ T4947] RAX: ffffffffffffffda RBX: 00007f96832cafa0 RCX: 00007f96830a23bc [ 185.350725][ T4947] RDX: 000000000000000f RSI: 00007f968170c0a0 RDI: 0000000000000003 [ 185.358708][ T4947] RBP: 00007f968170c090 R08: 0000000000000000 R09: 0000000000000000 [ 185.366685][ T4947] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 185.374662][ T4947] R13: 0000000000000000 R14: 00007f96832cafa0 R15: 00007ffe7a2f9fb8 [ 185.382639][ T4947] [ 185.638532][ T4988] netlink: 'syz.2.1753': attribute type 4 has an invalid length. [ 185.989814][ T4998] FAULT_INJECTION: forcing a failure. [ 185.989814][ T4998] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 186.003113][ T4998] CPU: 0 PID: 4998 Comm: syz.3.1758 Not tainted 5.15.188-syzkaller-android13-5.15.188_r00 #0 [ 186.013295][ T4998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 186.023369][ T4998] Call Trace: [ 186.026673][ T4998] [ 186.029803][ T4998] __dump_stack+0x21/0x30 [ 186.034175][ T4998] dump_stack_lvl+0xee/0x150 [ 186.038787][ T4998] ? show_regs_print_info+0x20/0x20 [ 186.044285][ T4998] ? stack_trace_save+0x98/0xe0 [ 186.049178][ T4998] dump_stack+0x15/0x20 [ 186.053371][ T4998] should_fail+0x3c1/0x510 [ 186.057988][ T4998] should_fail_usercopy+0x1a/0x20 [ 186.063165][ T4998] _copy_from_user+0x20/0xd0 [ 186.067809][ T4998] iovec_from_user+0x1bc/0x2f0 [ 186.072607][ T4998] ? __copy_msghdr_from_user+0x302/0x5e0 [ 186.078271][ T4998] ? _kstrtoull+0x3c0/0x4d0 [ 186.082895][ T4998] __import_iovec+0x71/0x400 [ 186.087521][ T4998] ? __ia32_sys_shutdown+0x1e0/0x1e0 [ 186.092839][ T4998] ? kstrtouint_from_user+0x1a0/0x200 [ 186.098244][ T4998] import_iovec+0x7c/0xb0 [ 186.102605][ T4998] ___sys_sendmsg+0x1b9/0x260 [ 186.107311][ T4998] ? __sys_sendmsg+0x250/0x250 [ 186.112102][ T4998] ? __fdget+0x1a1/0x230 [ 186.116364][ T4998] __x64_sys_sendmsg+0x1e2/0x2a0 [ 186.121413][ T4998] ? ___sys_sendmsg+0x260/0x260 [ 186.126356][ T4998] ? ksys_write+0x1eb/0x240 [ 186.130898][ T4998] ? fpregs_assert_state_consistent+0xb1/0xe0 [ 186.136991][ T4998] x64_sys_call+0x4b/0x9a0 [ 186.141427][ T4998] do_syscall_64+0x4c/0xa0 [ 186.145869][ T4998] ? clear_bhb_loop+0x50/0xa0 [ 186.150571][ T4998] ? clear_bhb_loop+0x50/0xa0 [ 186.155276][ T4998] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 186.161222][ T4998] RIP: 0033:0x7f53e71829a9 [ 186.165665][ T4998] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 186.185351][ T4998] RSP: 002b:00007f53e57eb038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 186.193801][ T4998] RAX: ffffffffffffffda RBX: 00007f53e73a9fa0 RCX: 00007f53e71829a9 [ 186.201907][ T4998] RDX: 0000000000000040 RSI: 0000200000002f80 RDI: 0000000000000003 [ 186.209984][ T4998] RBP: 00007f53e57eb090 R08: 0000000000000000 R09: 0000000000000000 [ 186.217968][ T4998] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 186.225963][ T4998] R13: 0000000000000000 R14: 00007f53e73a9fa0 R15: 00007ffdc50e47b8 [ 186.233957][ T4998] [ 186.525451][ T5017] FAULT_INJECTION: forcing a failure. [ 186.525451][ T5017] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 186.539451][ T5017] CPU: 0 PID: 5017 Comm: syz.4.1766 Not tainted 5.15.188-syzkaller-android13-5.15.188_r00 #0 [ 186.549634][ T5017] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 186.559707][ T5017] Call Trace: [ 186.563014][ T5017] [ 186.565945][ T5017] __dump_stack+0x21/0x30 [ 186.570297][ T5017] dump_stack_lvl+0xee/0x150 [ 186.574994][ T5017] ? show_regs_print_info+0x20/0x20 [ 186.580212][ T5017] dump_stack+0x15/0x20 [ 186.584401][ T5017] should_fail+0x3c1/0x510 [ 186.588847][ T5017] should_fail_usercopy+0x1a/0x20 [ 186.593902][ T5017] _copy_to_user+0x20/0x90 [ 186.598348][ T5017] simple_read_from_buffer+0xe9/0x160 [ 186.603752][ T5017] proc_fail_nth_read+0x19a/0x210 [ 186.608815][ T5017] ? proc_fault_inject_write+0x2f0/0x2f0 [ 186.614481][ T5017] ? security_file_permission+0x83/0xa0 [ 186.620053][ T5017] ? proc_fault_inject_write+0x2f0/0x2f0 [ 186.625730][ T5017] vfs_read+0x282/0xbe0 [ 186.629899][ T5017] ? kernel_read+0x1f0/0x1f0 [ 186.634499][ T5017] ? __kasan_check_write+0x14/0x20 [ 186.639622][ T5017] ? mutex_lock+0x95/0x1a0 [ 186.644051][ T5017] ? wait_for_completion_killable_timeout+0x10/0x10 [ 186.650648][ T5017] ? __fget_files+0x2c4/0x320 [ 186.655334][ T5017] ? __fdget_pos+0x2d2/0x380 [ 186.659929][ T5017] ? ksys_read+0x71/0x240 [ 186.664264][ T5017] ksys_read+0x140/0x240 [ 186.668509][ T5017] ? fillonedir+0x430/0x430 [ 186.673016][ T5017] ? vfs_write+0xf70/0xf70 [ 186.677436][ T5017] ? debug_smp_processor_id+0x17/0x20 [ 186.682837][ T5017] __x64_sys_read+0x7b/0x90 [ 186.687346][ T5017] x64_sys_call+0x96d/0x9a0 [ 186.691852][ T5017] do_syscall_64+0x4c/0xa0 [ 186.696293][ T5017] ? clear_bhb_loop+0x50/0xa0 [ 186.700973][ T5017] ? clear_bhb_loop+0x50/0xa0 [ 186.705650][ T5017] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 186.711552][ T5017] RIP: 0033:0x7f1464dfa3bc [ 186.715970][ T5017] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 186.735577][ T5017] RSP: 002b:00007f1463464030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 186.743995][ T5017] RAX: ffffffffffffffda RBX: 00007f1465022fa0 RCX: 00007f1464dfa3bc [ 186.751968][ T5017] RDX: 000000000000000f RSI: 00007f14634640a0 RDI: 0000000000000003 [ 186.759945][ T5017] RBP: 00007f1463464090 R08: 0000000000000000 R09: 0000000000000000 [ 186.767922][ T5017] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 186.775898][ T5017] R13: 0000000000000000 R14: 00007f1465022fa0 R15: 00007ffdcd3f5248 [ 186.783878][ T5017] [ 186.827984][ T5031] FAULT_INJECTION: forcing a failure. [ 186.827984][ T5031] name failslab, interval 1, probability 0, space 0, times 0 [ 186.840719][ T5031] CPU: 1 PID: 5031 Comm: syz.2.1772 Not tainted 5.15.188-syzkaller-android13-5.15.188_r00 #0 [ 186.851332][ T5031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 186.861498][ T5031] Call Trace: [ 186.864781][ T5031] [ 186.867712][ T5031] __dump_stack+0x21/0x30 [ 186.872053][ T5031] dump_stack_lvl+0xee/0x150 [ 186.876649][ T5031] ? show_regs_print_info+0x20/0x20 [ 186.881850][ T5031] dump_stack+0x15/0x20 [ 186.886002][ T5031] should_fail+0x3c1/0x510 [ 186.890418][ T5031] __should_failslab+0xa4/0xe0 [ 186.895425][ T5031] should_failslab+0x9/0x20 [ 186.899943][ T5031] slab_pre_alloc_hook+0x3b/0xe0 [ 186.904897][ T5031] ? __alloc_skb+0xe0/0x740 [ 186.909425][ T5031] kmem_cache_alloc+0x44/0x260 [ 186.914217][ T5031] __alloc_skb+0xe0/0x740 [ 186.918553][ T5031] audit_log_start+0x3c7/0x8b0 [ 186.923316][ T5031] ? ____kasan_slab_free+0x130/0x160 [ 186.928603][ T5031] ? audit_serial+0x30/0x30 [ 186.933105][ T5031] ? migrate_enable+0x192/0x260 [ 186.937960][ T5031] ? migrate_disable+0x180/0x180 [ 186.942899][ T5031] audit_seccomp+0x62/0x160 [ 186.947438][ T5031] ? migrate_disable+0xd6/0x180 [ 186.952286][ T5031] __seccomp_filter+0xb06/0x1900 [ 186.957289][ T5031] ? file_end_write+0x1b0/0x1b0 [ 186.962161][ T5031] ? __secure_computing+0x290/0x290 [ 186.967364][ T5031] ? __kasan_check_write+0x14/0x20 [ 186.972478][ T5031] ? mutex_unlock+0x89/0x220 [ 186.977073][ T5031] ? __mutex_lock_slowpath+0x10/0x10 [ 186.982492][ T5031] ? fput+0x1a/0x20 [ 186.986306][ T5031] ? ksys_write+0x1eb/0x240 [ 186.990814][ T5031] ? __ia32_sys_read+0x90/0x90 [ 186.995584][ T5031] __secure_computing+0xea/0x290 [ 187.000533][ T5031] syscall_trace_enter+0xcf/0x180 [ 187.005565][ T5031] syscall_enter_from_user_mode+0x1f/0x30 [ 187.011312][ T5031] do_syscall_64+0x24/0xa0 [ 187.015731][ T5031] ? clear_bhb_loop+0x50/0xa0 [ 187.020412][ T5031] ? clear_bhb_loop+0x50/0xa0 [ 187.025112][ T5031] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 187.031022][ T5031] RIP: 0033:0x7f96830a39a9 [ 187.035443][ T5031] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 187.055272][ T5031] RSP: 002b:00007f968170c038 EFLAGS: 00000246 ORIG_RAX: 000000000000007d [ 187.063719][ T5031] RAX: ffffffffffffffda RBX: 00007f96832cafa0 RCX: 00007f96830a39a9 [ 187.071826][ T5031] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000002440 [ 187.079829][ T5031] RBP: 00007f968170c090 R08: 0000000000000000 R09: 0000000000000000 [ 187.087826][ T5031] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 187.096023][ T5031] R13: 0000000000000000 R14: 00007f96832cafa0 R15: 00007ffe7a2f9fb8 [ 187.104139][ T5031] [ 187.127957][ T5036] FAULT_INJECTION: forcing a failure. [ 187.127957][ T5036] name failslab, interval 1, probability 0, space 0, times 0 [ 187.140779][ T5036] CPU: 1 PID: 5036 Comm: syz.2.1774 Not tainted 5.15.188-syzkaller-android13-5.15.188_r00 #0 [ 187.150940][ T5036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 187.161008][ T5036] Call Trace: [ 187.164290][ T5036] [ 187.167222][ T5036] __dump_stack+0x21/0x30 [ 187.171563][ T5036] dump_stack_lvl+0xee/0x150 [ 187.176164][ T5036] ? show_regs_print_info+0x20/0x20 [ 187.181381][ T5036] dump_stack+0x15/0x20 [ 187.185594][ T5036] should_fail+0x3c1/0x510 [ 187.190021][ T5036] __should_failslab+0xa4/0xe0 [ 187.194798][ T5036] should_failslab+0x9/0x20 [ 187.199319][ T5036] slab_pre_alloc_hook+0x3b/0xe0 [ 187.204301][ T5036] ? dst_alloc+0x15c/0x1d0 [ 187.208724][ T5036] kmem_cache_alloc+0x44/0x260 [ 187.213502][ T5036] dst_alloc+0x15c/0x1d0 [ 187.218031][ T5036] ip_route_output_key_hash_rcu+0x11db/0x2060 [ 187.224119][ T5036] ? ip_route_output_key_hash_rcu+0x1611/0x2060 [ 187.230373][ T5036] ip_route_output_key_hash+0x123/0x1c0 [ 187.235934][ T5036] ? ip_route_input_rcu+0x24b0/0x24b0 [ 187.241314][ T5036] ? avc_has_perm+0x158/0x240 [ 187.245994][ T5036] ? slab_free_freelist_hook+0xc2/0x190 [ 187.251546][ T5036] ? kmem_cache_free+0x100/0x320 [ 187.256512][ T5036] tcp_v4_connect+0x6b7/0x19a0 [ 187.261302][ T5036] ? tcp_twsk_unique+0x970/0x970 [ 187.266239][ T5036] ? __kasan_check_write+0x14/0x20 [ 187.271527][ T5036] ? _raw_spin_lock_bh+0x8e/0xe0 [ 187.276466][ T5036] __inet_stream_connect+0x2a7/0xe10 [ 187.281872][ T5036] ? lock_sock_nested+0x1f1/0x290 [ 187.286913][ T5036] ? inet_dgram_connect+0x3e0/0x3e0 [ 187.292137][ T5036] ? __fget_files+0x2c4/0x320 [ 187.296945][ T5036] inet_stream_connect+0x62/0xa0 [ 187.302035][ T5036] ? __inet_stream_connect+0xe10/0xe10 [ 187.307508][ T5036] __sys_connect+0x389/0x410 [ 187.312125][ T5036] ? __sys_connect_file+0x170/0x170 [ 187.317330][ T5036] ? debug_smp_processor_id+0x17/0x20 [ 187.322707][ T5036] __x64_sys_connect+0x7a/0x90 [ 187.327468][ T5036] x64_sys_call+0x7c/0x9a0 [ 187.332419][ T5036] do_syscall_64+0x4c/0xa0 [ 187.336836][ T5036] ? clear_bhb_loop+0x50/0xa0 [ 187.341638][ T5036] ? clear_bhb_loop+0x50/0xa0 [ 187.346336][ T5036] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 187.352236][ T5036] RIP: 0033:0x7f96830a39a9 [ 187.356773][ T5036] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 187.376467][ T5036] RSP: 002b:00007f968170c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 187.384916][ T5036] RAX: ffffffffffffffda RBX: 00007f96832cafa0 RCX: 00007f96830a39a9 [ 187.392893][ T5036] RDX: 0000000000000010 RSI: 0000200000000300 RDI: 0000000000000003 [ 187.400876][ T5036] RBP: 00007f968170c090 R08: 0000000000000000 R09: 0000000000000000 [ 187.408851][ T5036] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 187.416823][ T5036] R13: 0000000000000000 R14: 00007f96832cafa0 R15: 00007ffe7a2f9fb8 [ 187.424886][ T5036] [ 187.504687][ T5048] xt_CT: No such helper "netbios-ns" [ 187.515907][ T5055] FAULT_INJECTION: forcing a failure. [ 187.515907][ T5055] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 187.529262][ T5055] CPU: 1 PID: 5055 Comm: syz.0.1781 Not tainted 5.15.188-syzkaller-android13-5.15.188_r00 #0 [ 187.539818][ T5055] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 187.549885][ T5055] Call Trace: [ 187.553170][ T5055] [ 187.556169][ T5055] __dump_stack+0x21/0x30 [ 187.560534][ T5055] dump_stack_lvl+0xee/0x150 [ 187.565129][ T5055] ? show_regs_print_info+0x20/0x20 [ 187.570333][ T5055] dump_stack+0x15/0x20 [ 187.574493][ T5055] should_fail+0x3c1/0x510 [ 187.578907][ T5055] should_fail_usercopy+0x1a/0x20 [ 187.583927][ T5055] _copy_from_user+0x20/0xd0 [ 187.588523][ T5055] __se_sys_mount+0x176/0x380 [ 187.593232][ T5055] ? __x64_sys_mount+0xd0/0xd0 [ 187.598030][ T5055] ? __ia32_sys_read+0x90/0x90 [ 187.602878][ T5055] __x64_sys_mount+0xbf/0xd0 [ 187.607588][ T5055] x64_sys_call+0x6bf/0x9a0 [ 187.612136][ T5055] do_syscall_64+0x4c/0xa0 [ 187.616583][ T5055] ? clear_bhb_loop+0x50/0xa0 [ 187.621291][ T5055] ? clear_bhb_loop+0x50/0xa0 [ 187.625978][ T5055] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 187.631877][ T5055] RIP: 0033:0x7fdae1cb29a9 [ 187.636299][ T5055] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 187.655910][ T5055] RSP: 002b:00007fdae031b038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 187.664345][ T5055] RAX: ffffffffffffffda RBX: 00007fdae1ed9fa0 RCX: 00007fdae1cb29a9 [ 187.672333][ T5055] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000000 [ 187.680311][ T5055] RBP: 00007fdae031b090 R08: 00002000000004c0 R09: 0000000000000000 [ 187.688291][ T5055] R10: 00000000000d0060 R11: 0000000000000246 R12: 0000000000000001 [ 187.696567][ T5055] R13: 0000000000000000 R14: 00007fdae1ed9fa0 R15: 00007ffc83dca438 [ 187.704549][ T5055] [ 188.029072][ T5072] __nla_validate_parse: 6 callbacks suppressed [ 188.029094][ T5072] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1788'. [ 188.264425][ T30] kauditd_printk_skb: 1397 callbacks suppressed [ 188.264441][ T30] audit: type=1326 audit(1752920544.615:89108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5077 comm="syz.1.1790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f21391483bc code=0x7ffc0000 [ 188.302731][ T30] audit: type=1326 audit(1752920544.655:89109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5077 comm="syz.1.1790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f21391483bc code=0x7ffc0000 [ 188.326564][ T30] audit: type=1326 audit(1752920544.655:89110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5077 comm="syz.1.1790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f21391483bc code=0x7ffc0000 [ 188.350820][ T30] audit: type=1326 audit(1752920544.655:89111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5077 comm="syz.1.1790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f21391483bc code=0x7ffc0000 [ 188.374534][ T30] audit: type=1326 audit(1752920544.655:89112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5077 comm="syz.1.1790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f21391483bc code=0x7ffc0000 [ 188.398876][ T30] audit: type=1326 audit(1752920544.655:89113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5077 comm="syz.1.1790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f21391483bc code=0x7ffc0000 [ 188.424671][ T30] audit: type=1326 audit(1752920544.655:89114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5077 comm="syz.1.1790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f21391483bc code=0x7ffc0000 [ 188.448854][ T30] audit: type=1326 audit(1752920544.655:89115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5077 comm="syz.1.1790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f21391483bc code=0x7ffc0000 [ 188.472556][ T30] audit: type=1326 audit(1752920544.655:89116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5077 comm="syz.1.1790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f21391483bc code=0x7ffc0000 [ 188.496326][ T30] audit: type=1326 audit(1752920544.655:89117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5077 comm="syz.1.1790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f21391483bc code=0x7ffc0000 [ 188.533029][ T5080] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1791'. [ 188.702247][ T5085] FAULT_INJECTION: forcing a failure. [ 188.702247][ T5085] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 188.733323][ T5085] CPU: 0 PID: 5085 Comm: syz.0.1793 Not tainted 5.15.188-syzkaller-android13-5.15.188_r00 #0 [ 188.743542][ T5085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 188.753627][ T5085] Call Trace: [ 188.756930][ T5085] [ 188.759884][ T5085] __dump_stack+0x21/0x30 [ 188.764250][ T5085] dump_stack_lvl+0xee/0x150 [ 188.768872][ T5085] ? show_regs_print_info+0x20/0x20 [ 188.774097][ T5085] dump_stack+0x15/0x20 [ 188.778384][ T5085] should_fail+0x3c1/0x510 [ 188.782834][ T5085] should_fail_usercopy+0x1a/0x20 [ 188.787889][ T5085] _copy_to_user+0x20/0x90 [ 188.792380][ T5085] simple_read_from_buffer+0xe9/0x160 [ 188.797785][ T5085] proc_fail_nth_read+0x19a/0x210 [ 188.803272][ T5085] ? proc_fault_inject_write+0x2f0/0x2f0 [ 188.808934][ T5085] ? security_file_permission+0x83/0xa0 [ 188.814512][ T5085] ? proc_fault_inject_write+0x2f0/0x2f0 [ 188.820267][ T5085] vfs_read+0x282/0xbe0 [ 188.824442][ T5085] ? kernel_read+0x1f0/0x1f0 [ 188.829052][ T5085] ? __fget_files+0x2c4/0x320 [ 188.833755][ T5085] ? __kasan_check_write+0x14/0x20 [ 188.838893][ T5085] ? mutex_lock+0x95/0x1a0 [ 188.843333][ T5085] ? wait_for_completion_killable_timeout+0x10/0x10 [ 188.849945][ T5085] ? __fget_files+0x2c4/0x320 [ 188.855001][ T5085] ? __fdget_pos+0x2d2/0x380 [ 188.859609][ T5085] ? ksys_read+0x71/0x240 [ 188.863979][ T5085] ksys_read+0x140/0x240 [ 188.868329][ T5085] ? vfs_write+0xf70/0xf70 [ 188.872774][ T5085] ? debug_smp_processor_id+0x17/0x20 [ 188.878169][ T5085] __x64_sys_read+0x7b/0x90 [ 188.882785][ T5085] x64_sys_call+0x96d/0x9a0 [ 188.887308][ T5085] do_syscall_64+0x4c/0xa0 [ 188.891922][ T5085] ? clear_bhb_loop+0x50/0xa0 [ 188.896629][ T5085] ? clear_bhb_loop+0x50/0xa0 [ 188.901325][ T5085] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 188.907243][ T5085] RIP: 0033:0x7fdae1cb13bc [ 188.911682][ T5085] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 188.931306][ T5085] RSP: 002b:00007fdae031b030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 188.939749][ T5085] RAX: ffffffffffffffda RBX: 00007fdae1ed9fa0 RCX: 00007fdae1cb13bc [ 188.947744][ T5085] RDX: 000000000000000f RSI: 00007fdae031b0a0 RDI: 0000000000000003 [ 188.955735][ T5085] RBP: 00007fdae031b090 R08: 0000000000000000 R09: 0000000000000000 [ 188.963739][ T5085] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000001 [ 188.971732][ T5085] R13: 0000000000000000 R14: 00007fdae1ed9fa0 R15: 00007ffc83dca438 [ 188.979731][ T5085] [ 189.076249][ T5094] FAULT_INJECTION: forcing a failure. [ 189.076249][ T5094] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 189.089823][ T5094] CPU: 0 PID: 5094 Comm: syz.0.1796 Not tainted 5.15.188-syzkaller-android13-5.15.188_r00 #0 [ 189.100001][ T5094] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 189.110077][ T5094] Call Trace: [ 189.113397][ T5094] [ 189.116332][ T5094] __dump_stack+0x21/0x30 [ 189.120669][ T5094] dump_stack_lvl+0xee/0x150 [ 189.125260][ T5094] ? show_regs_print_info+0x20/0x20 [ 189.130465][ T5094] ? stack_trace_save+0x98/0xe0 [ 189.135322][ T5094] ? __stack_depot_save+0x34/0x480 [ 189.140445][ T5094] dump_stack+0x15/0x20 [ 189.144602][ T5094] should_fail+0x3c1/0x510 [ 189.149026][ T5094] should_fail_usercopy+0x1a/0x20 [ 189.154057][ T5094] _copy_from_user+0x20/0xd0 [ 189.158657][ T5094] __copy_msghdr_from_user+0xaf/0x5e0 [ 189.164038][ T5094] ? _kstrtoull+0x3c0/0x4d0 [ 189.168540][ T5094] ? __ia32_sys_shutdown+0x1e0/0x1e0 [ 189.173831][ T5094] ? kstrtouint_from_user+0x1a0/0x200 [ 189.179207][ T5094] ___sys_sendmsg+0x156/0x260 [ 189.183889][ T5094] ? __sys_sendmsg+0x250/0x250 [ 189.188666][ T5094] ? __fdget+0x1a1/0x230 [ 189.192919][ T5094] __x64_sys_sendmsg+0x1e2/0x2a0 [ 189.197867][ T5094] ? ___sys_sendmsg+0x260/0x260 [ 189.202732][ T5094] ? ksys_write+0x1eb/0x240 [ 189.207397][ T5094] ? fpregs_assert_state_consistent+0xb1/0xe0 [ 189.213588][ T5094] x64_sys_call+0x4b/0x9a0 [ 189.218040][ T5094] do_syscall_64+0x4c/0xa0 [ 189.222570][ T5094] ? clear_bhb_loop+0x50/0xa0 [ 189.227256][ T5094] ? clear_bhb_loop+0x50/0xa0 [ 189.231943][ T5094] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 189.237838][ T5094] RIP: 0033:0x7fdae1cb29a9 [ 189.242279][ T5094] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 189.262061][ T5094] RSP: 002b:00007fdae02fa038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 189.270739][ T5094] RAX: ffffffffffffffda RBX: 00007fdae1eda080 RCX: 00007fdae1cb29a9 [ 189.278744][ T5094] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000005 [ 189.286851][ T5094] RBP: 00007fdae02fa090 R08: 0000000000000000 R09: 0000000000000000 [ 189.294849][ T5094] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 189.302831][ T5094] R13: 0000000000000000 R14: 00007fdae1eda080 R15: 00007ffc83dca438 [ 189.310820][ T5094] [ 189.914702][ T5104] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1800'. [ 189.997330][ T5108] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1802'. [ 190.548310][ T5124] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1808'. [ 190.574731][ T5124] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1808'. [ 190.835582][ T5136] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1812'. [ 191.219390][ T5149] FAULT_INJECTION: forcing a failure. [ 191.219390][ T5149] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 191.251081][ T5149] CPU: 1 PID: 5149 Comm: syz.3.1818 Not tainted 5.15.188-syzkaller-android13-5.15.188_r00 #0 [ 191.261515][ T5149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 191.271610][ T5149] Call Trace: [ 191.274908][ T5149] [ 191.277855][ T5149] __dump_stack+0x21/0x30 [ 191.282212][ T5149] dump_stack_lvl+0xee/0x150 [ 191.286825][ T5149] ? show_regs_print_info+0x20/0x20 [ 191.292046][ T5149] dump_stack+0x15/0x20 [ 191.296224][ T5149] should_fail+0x3c1/0x510 [ 191.300661][ T5149] should_fail_usercopy+0x1a/0x20 [ 191.305710][ T5149] _copy_from_user+0x20/0xd0 [ 191.310436][ T5149] copy_clone_args_from_user+0x1c3/0x630 [ 191.316101][ T5149] ? proc_fail_nth_write+0x17a/0x1f0 [ 191.321418][ T5149] ? proc_fail_nth_read+0x210/0x210 [ 191.326652][ T5149] ? security_file_permission+0x79/0xa0 [ 191.332250][ T5149] ? __delayed_free_task+0x20/0x20 [ 191.337503][ T5149] __x64_sys_clone3+0x123/0x2f0 [ 191.342395][ T5149] ? __ia32_sys_clone+0x1d0/0x1d0 [ 191.347459][ T5149] ? mutex_unlock+0x89/0x220 [ 191.352073][ T5149] ? fput_many+0x15a/0x1a0 [ 191.356516][ T5149] ? fpregs_assert_state_consistent+0xb1/0xe0 [ 191.362611][ T5149] x64_sys_call+0x53e/0x9a0 [ 191.367142][ T5149] do_syscall_64+0x4c/0xa0 [ 191.371578][ T5149] ? clear_bhb_loop+0x50/0xa0 [ 191.376280][ T5149] ? clear_bhb_loop+0x50/0xa0 [ 191.380980][ T5149] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 191.386898][ T5149] RIP: 0033:0x7f53e71829a9 [ 191.391333][ T5149] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 191.410961][ T5149] RSP: 002b:00007f53e57eaf08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 191.419390][ T5149] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f53e71829a9 [ 191.427376][ T5149] RDX: 00007f53e57eaf20 RSI: 0000000000000058 RDI: 00007f53e57eaf20 [ 191.435367][ T5149] RBP: 00007f53e57eb090 R08: 0000000000000000 R09: 0000000000000058 [ 191.443345][ T5149] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 191.451326][ T5149] R13: 0000000000000000 R14: 00007f53e73a9fa0 R15: 00007ffdc50e47b8 [ 191.459312][ T5149] [ 191.548247][ T5160] FAULT_INJECTION: forcing a failure. [ 191.548247][ T5160] name failslab, interval 1, probability 0, space 0, times 0 [ 191.562516][ T5160] CPU: 0 PID: 5160 Comm: syz.1.1823 Not tainted 5.15.188-syzkaller-android13-5.15.188_r00 #0 [ 191.572726][ T5160] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 191.582804][ T5160] Call Trace: [ 191.586100][ T5160] [ 191.589043][ T5160] __dump_stack+0x21/0x30 [ 191.593389][ T5160] dump_stack_lvl+0xee/0x150 [ 191.597992][ T5160] ? show_regs_print_info+0x20/0x20 [ 191.603213][ T5160] dump_stack+0x15/0x20 [ 191.607381][ T5160] should_fail+0x3c1/0x510 [ 191.611812][ T5160] __should_failslab+0xa4/0xe0 [ 191.616595][ T5160] should_failslab+0x9/0x20 [ 191.621116][ T5160] slab_pre_alloc_hook+0x3b/0xe0 [ 191.626085][ T5160] __kmalloc+0x6d/0x2c0 [ 191.630262][ T5160] ? __se_sys_memfd_create+0xf2/0x3b0 [ 191.635659][ T5160] ? strnlen_user+0x13b/0x1c0 [ 191.640362][ T5160] __se_sys_memfd_create+0xf2/0x3b0 [ 191.645584][ T5160] __x64_sys_memfd_create+0x5b/0x70 [ 191.650820][ T5160] x64_sys_call+0x473/0x9a0 [ 191.655340][ T5160] do_syscall_64+0x4c/0xa0 [ 191.659864][ T5160] ? clear_bhb_loop+0x50/0xa0 [ 191.664556][ T5160] ? clear_bhb_loop+0x50/0xa0 [ 191.669255][ T5160] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 191.675163][ T5160] RIP: 0033:0x7f21391499a9 [ 191.679605][ T5160] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 191.699237][ T5160] RSP: 002b:00007f21377b1e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f [ 191.707678][ T5160] RAX: ffffffffffffffda RBX: 000000000000052e RCX: 00007f21391499a9 [ 191.715675][ T5160] RDX: 00007f21377b1ef0 RSI: 0000000000000000 RDI: 00007f21391cc6fc [ 191.723670][ T5160] RBP: 0000200000000640 R08: 00007f21377b1bb7 R09: 00007f21377b1e40 [ 191.731669][ T5160] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000000 [ 191.739659][ T5160] R13: 00007f21377b1ef0 R14: 00007f21377b1eb0 R15: 00002000000001c0 [ 191.747668][ T5160] [ 191.755685][ T5162] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1824'. [ 192.082449][ T5177] mmap: syz.2.1829 (5177) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst. [ 192.113041][ T5181] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1831'. [ 192.154925][ T5181] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1831'. [ 192.194584][ T5183] FAULT_INJECTION: forcing a failure. [ 192.194584][ T5183] name failslab, interval 1, probability 0, space 0, times 0 [ 192.254459][ T5183] CPU: 0 PID: 5183 Comm: syz.0.1832 Not tainted 5.15.188-syzkaller-android13-5.15.188_r00 #0 [ 192.264678][ T5183] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 192.274761][ T5183] Call Trace: [ 192.278063][ T5183] [ 192.281076][ T5183] __dump_stack+0x21/0x30 [ 192.285437][ T5183] dump_stack_lvl+0xee/0x150 [ 192.290053][ T5183] ? show_regs_print_info+0x20/0x20 [ 192.295450][ T5183] dump_stack+0x15/0x20 [ 192.299654][ T5183] should_fail+0x3c1/0x510 [ 192.304104][ T5183] __should_failslab+0xa4/0xe0 [ 192.308912][ T5183] should_failslab+0x9/0x20 [ 192.313448][ T5183] slab_pre_alloc_hook+0x3b/0xe0 [ 192.318419][ T5183] __kmalloc+0x6d/0x2c0 [ 192.322605][ T5183] ? __se_sys_memfd_create+0xf2/0x3b0 [ 192.328008][ T5183] ? strnlen_user+0x13b/0x1c0 [ 192.332716][ T5183] __se_sys_memfd_create+0xf2/0x3b0 [ 192.337951][ T5183] __x64_sys_memfd_create+0x5b/0x70 [ 192.343185][ T5183] x64_sys_call+0x473/0x9a0 [ 192.347717][ T5183] do_syscall_64+0x4c/0xa0 [ 192.352159][ T5183] ? clear_bhb_loop+0x50/0xa0 [ 192.356868][ T5183] ? clear_bhb_loop+0x50/0xa0 [ 192.361588][ T5183] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 192.367513][ T5183] RIP: 0033:0x7fdae1cb29a9 [ 192.371955][ T5183] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 192.391595][ T5183] RSP: 002b:00007fdae031ae18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f [ 192.400048][ T5183] RAX: ffffffffffffffda RBX: 000000000000052e RCX: 00007fdae1cb29a9 [ 192.408172][ T5183] RDX: 00007fdae031aef0 RSI: 0000000000000000 RDI: 00007fdae1d356fc [ 192.416295][ T5183] RBP: 0000200000000640 R08: 00007fdae031abb7 R09: 00007fdae031ae40 [ 192.424294][ T5183] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000000 [ 192.432291][ T5183] R13: 00007fdae031aef0 R14: 00007fdae031aeb0 R15: 00002000000001c0 [ 192.440299][ T5183] [ 192.663278][ T5196] FAULT_INJECTION: forcing a failure. [ 192.663278][ T5196] name failslab, interval 1, probability 0, space 0, times 0 [ 192.706268][ T5196] CPU: 1 PID: 5196 Comm: syz.4.1836 Not tainted 5.15.188-syzkaller-android13-5.15.188_r00 #0 [ 192.716479][ T5196] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 192.726736][ T5196] Call Trace: [ 192.730035][ T5196] [ 192.732996][ T5196] __dump_stack+0x21/0x30 [ 192.737355][ T5196] dump_stack_lvl+0xee/0x150 [ 192.741969][ T5196] ? show_regs_print_info+0x20/0x20 [ 192.747201][ T5196] dump_stack+0x15/0x20 [ 192.751386][ T5196] should_fail+0x3c1/0x510 [ 192.755826][ T5196] __should_failslab+0xa4/0xe0 [ 192.760644][ T5196] should_failslab+0x9/0x20 [ 192.765176][ T5196] slab_pre_alloc_hook+0x3b/0xe0 [ 192.770148][ T5196] ? getname_flags+0xb9/0x500 [ 192.774866][ T5196] kmem_cache_alloc+0x44/0x260 [ 192.779666][ T5196] getname_flags+0xb9/0x500 [ 192.784192][ T5196] getname+0x19/0x20 [ 192.788112][ T5196] do_sys_openat2+0xd9/0x7b0 [ 192.792754][ T5196] ? __kasan_check_write+0x14/0x20 [ 192.797905][ T5196] ? fput_many+0x15a/0x1a0 [ 192.802347][ T5196] ? do_sys_open+0xe0/0xe0 [ 192.806785][ T5196] ? fput+0x1a/0x20 [ 192.810616][ T5196] ? ksys_write+0x1eb/0x240 [ 192.815808][ T5196] ? __ia32_sys_read+0x90/0x90 [ 192.820789][ T5196] __x64_sys_openat+0x136/0x160 [ 192.825671][ T5196] x64_sys_call+0x219/0x9a0 [ 192.830196][ T5196] do_syscall_64+0x4c/0xa0 [ 192.834634][ T5196] ? clear_bhb_loop+0x50/0xa0 [ 192.839338][ T5196] ? clear_bhb_loop+0x50/0xa0 [ 192.844036][ T5196] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 192.849950][ T5196] RIP: 0033:0x7f1464dfb9a9 [ 192.854386][ T5196] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 192.874013][ T5196] RSP: 002b:00007f1463464038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 192.882441][ T5196] RAX: ffffffffffffffda RBX: 00007f1465022fa0 RCX: 00007f1464dfb9a9 [ 192.890421][ T5196] RDX: 00000000000c2d41 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 192.898397][ T5196] RBP: 00007f1463464090 R08: 0000000000000000 R09: 0000000000000000 [ 192.906371][ T5196] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 192.914524][ T5196] R13: 0000000000000000 R14: 00007f1465022fa0 R15: 00007ffdcd3f5248 [ 192.922509][ T5196] [ 193.280620][ T30] kauditd_printk_skb: 1179 callbacks suppressed [ 193.280639][ T30] audit: type=1400 audit(1752920549.635:90297): avc: denied { map_create } for pid=5207 comm="syz.1.1841" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0 [ 193.313048][ T30] audit: type=1400 audit(1752920549.635:90298): avc: denied { read write } for pid=286 comm="syz-executor" name="loop4" dev="devtmpfs" ino=120 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0 [ 193.339902][ T30] audit: type=1400 audit(1752920549.665:90299): avc: denied { read } for pid=5207 comm="syz.1.1841" name="loop-control" dev="devtmpfs" ino=115 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=0 [ 193.365198][ T30] audit: type=1400 audit(1752920549.665:90300): avc: denied { read } for pid=5207 comm="syz.1.1841" dev="nsfs" ino=4026532290 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=0 [ 193.387421][ T5212] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1843'. [ 193.402858][ T5212] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1843'. [ 193.417079][ T30] audit: type=1400 audit(1752920549.665:90301): avc: denied { map_create } for pid=5207 comm="syz.1.1841" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0 [ 193.436814][ T5215] FAULT_INJECTION: forcing a failure. [ 193.436814][ T5215] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 193.451530][ T5215] CPU: 1 PID: 5215 Comm: syz.0.1844 Not tainted 5.15.188-syzkaller-android13-5.15.188_r00 #0 [ 193.461734][ T5215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 193.469253][ T5217] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1845'. [ 193.471955][ T5215] Call Trace: [ 193.471965][ T5215] [ 193.471974][ T5215] __dump_stack+0x21/0x30 [ 193.491409][ T5215] dump_stack_lvl+0xee/0x150 [ 193.494349][ T30] audit: type=1400 audit(1752920549.665:90302): avc: denied { prog_load } for pid=5209 comm="syz.4.1842" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0 [ 193.496070][ T5215] ? show_regs_print_info+0x20/0x20 [ 193.496099][ T5215] dump_stack+0x15/0x20 [ 193.496118][ T5215] should_fail+0x3c1/0x510 [ 193.516260][ T30] audit: type=1400 audit(1752920549.665:90303): avc: denied { mounton } for pid=5209 comm="syz.4.1842" path="/390/file0" dev="tmpfs" ino=2090 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=0 [ 193.520433][ T5215] should_fail_usercopy+0x1a/0x20 [ 193.520462][ T5215] _copy_to_user+0x20/0x90 [ 193.524905][ T30] audit: type=1400 audit(1752920549.675:90304): avc: denied { watch } for pid=5209 comm="syz.4.1842" path="/390/file0" dev="tmpfs" ino=2090 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=0 [ 193.529030][ T5215] simple_read_from_buffer+0xe9/0x160 [ 193.529058][ T5215] proc_fail_nth_read+0x19a/0x210 [ 193.529081][ T5215] ? proc_fault_inject_write+0x2f0/0x2f0 [ 193.529103][ T5215] ? security_file_permission+0x83/0xa0 [ 193.529125][ T5215] ? proc_fault_inject_write+0x2f0/0x2f0 [ 193.529146][ T5215] vfs_read+0x282/0xbe0 [ 193.529164][ T5215] ? kernel_read+0x1f0/0x1f0 [ 193.529181][ T5215] ? __kasan_check_write+0x14/0x20 [ 193.529201][ T5215] ? mutex_lock+0x95/0x1a0 [ 193.529221][ T5215] ? wait_for_completion_killable_timeout+0x10/0x10 [ 193.529243][ T5215] ? __fget_files+0x2c4/0x320 [ 193.554129][ T30] audit: type=1400 audit(1752920549.675:90305): avc: denied { prog_load } for pid=5209 comm="syz.4.1842" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0 [ 193.557121][ T5215] ? __fdget_pos+0x2d2/0x380 [ 193.557150][ T5215] ? ksys_read+0x71/0x240 [ 193.562011][ T30] audit: type=1400 audit(1752920549.685:90306): avc: denied { read write } for pid=282 comm="syz-executor" name="loop1" dev="devtmpfs" ino=117 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0 [ 193.584143][ T5215] ksys_read+0x140/0x240 [ 193.584175][ T5215] ? vfs_write+0xf70/0xf70 [ 193.584193][ T5215] ? debug_smp_processor_id+0x17/0x20 [ 193.584215][ T5215] __x64_sys_read+0x7b/0x90 [ 193.584232][ T5215] x64_sys_call+0x96d/0x9a0 [ 193.584252][ T5215] do_syscall_64+0x4c/0xa0 [ 193.584268][ T5215] ? clear_bhb_loop+0x50/0xa0 [ 193.584288][ T5215] ? clear_bhb_loop+0x50/0xa0 [ 193.730310][ T5215] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 193.730339][ T5215] RIP: 0033:0x7fdae1cb13bc [ 193.730355][ T5215] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 193.730370][ T5215] RSP: 002b:00007fdae031b030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 193.730388][ T5215] RAX: ffffffffffffffda RBX: 00007fdae1ed9fa0 RCX: 00007fdae1cb13bc [ 193.730406][ T5215] RDX: 000000000000000f RSI: 00007fdae031b0a0 RDI: 0000000000000003 [ 193.730417][ T5215] RBP: 00007fdae031b090 R08: 0000000000000000 R09: 0000000000000000 [ 193.730428][ T5215] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 193.730438][ T5215] R13: 0000000000000000 R14: 00007fdae1ed9fa0 R15: 00007ffc83dca438 [ 193.730453][ T5215] [ 194.024117][ T5235] FAULT_INJECTION: forcing a failure. [ 194.024117][ T5235] name failslab, interval 1, probability 0, space 0, times 0 [ 194.057450][ T5235] CPU: 0 PID: 5235 Comm: syz.4.1851 Not tainted 5.15.188-syzkaller-android13-5.15.188_r00 #0 [ 194.067763][ T5235] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 194.077983][ T5235] Call Trace: [ 194.081378][ T5235] [ 194.084336][ T5235] __dump_stack+0x21/0x30 [ 194.088793][ T5235] dump_stack_lvl+0xee/0x150 [ 194.093416][ T5235] ? show_regs_print_info+0x20/0x20 [ 194.098646][ T5235] ? security_file_permission+0x79/0xa0 [ 194.104241][ T5235] dump_stack+0x15/0x20 [ 194.108431][ T5235] should_fail+0x3c1/0x510 [ 194.112875][ T5235] __should_failslab+0xa4/0xe0 [ 194.117679][ T5235] should_failslab+0x9/0x20 [ 194.122213][ T5235] slab_pre_alloc_hook+0x3b/0xe0 [ 194.127267][ T5235] ? __se_sys_mount+0x9c/0x380 [ 194.132061][ T5235] __kmalloc_track_caller+0x6c/0x2c0 [ 194.137503][ T5235] ? mutex_unlock+0x89/0x220 [ 194.142126][ T5235] ? __se_sys_mount+0x9c/0x380 [ 194.147119][ T5235] ? strnlen_user+0xe8/0x1c0 [ 194.151747][ T5235] strndup_user+0x74/0x150 [ 194.156281][ T5235] __se_sys_mount+0x9c/0x380 [ 194.160900][ T5235] ? fput+0x1a/0x20 [ 194.164739][ T5235] ? __x64_sys_mount+0xd0/0xd0 [ 194.169541][ T5235] ? __ia32_sys_read+0x90/0x90 [ 194.174323][ T5235] __x64_sys_mount+0xbf/0xd0 [ 194.178933][ T5235] x64_sys_call+0x6bf/0x9a0 [ 194.183463][ T5235] do_syscall_64+0x4c/0xa0 [ 194.187898][ T5235] ? clear_bhb_loop+0x50/0xa0 [ 194.192747][ T5235] ? clear_bhb_loop+0x50/0xa0 [ 194.197542][ T5235] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 194.203470][ T5235] RIP: 0033:0x7f1464dfb9a9 [ 194.207919][ T5235] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 194.227639][ T5235] RSP: 002b:00007f1463464038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 194.236097][ T5235] RAX: ffffffffffffffda RBX: 00007f1465022fa0 RCX: 00007f1464dfb9a9 [ 194.244092][ T5235] RDX: 0000200000000b80 RSI: 0000200000000040 RDI: 0000000000000000 [ 194.252090][ T5235] RBP: 00007f1463464090 R08: 0000200000002280 R09: 0000000000000000 [ 194.260208][ T5235] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 194.268218][ T5235] R13: 0000000000000000 R14: 00007f1465022fa0 R15: 00007ffdcd3f5248 [ 194.276238][ T5235] [ 195.416810][ T5268] FAULT_INJECTION: forcing a failure. [ 195.416810][ T5268] name failslab, interval 1, probability 0, space 0, times 0 [ 195.481671][ T5268] CPU: 0 PID: 5268 Comm: syz.4.1861 Not tainted 5.15.188-syzkaller-android13-5.15.188_r00 #0 [ 195.491902][ T5268] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 195.501982][ T5268] Call Trace: [ 195.505292][ T5268] [ 195.508248][ T5268] __dump_stack+0x21/0x30 [ 195.512614][ T5268] dump_stack_lvl+0xee/0x150 [ 195.517230][ T5268] ? show_regs_print_info+0x20/0x20 [ 195.522453][ T5268] ? unwind_get_return_address+0x4d/0x90 [ 195.528112][ T5268] ? stack_trace_save+0xe0/0xe0 [ 195.532985][ T5268] dump_stack+0x15/0x20 [ 195.537164][ T5268] should_fail+0x3c1/0x510 [ 195.541611][ T5268] __should_failslab+0xa4/0xe0 [ 195.546419][ T5268] should_failslab+0x9/0x20 [ 195.550948][ T5268] slab_pre_alloc_hook+0x3b/0xe0 [ 195.555917][ T5268] kmem_cache_alloc_trace+0x48/0x270 [ 195.561229][ T5268] ? alloc_pipe_info+0xe7/0x4b0 [ 195.566100][ T5268] ? kasan_set_track+0x5b/0x70 [ 195.570885][ T5268] alloc_pipe_info+0xe7/0x4b0 [ 195.575586][ T5268] splice_direct_to_actor+0x970/0xb30 [ 195.580985][ T5268] ? _kstrtoull+0x3c0/0x4d0 [ 195.585517][ T5268] ? do_splice_direct+0x2c0/0x2c0 [ 195.590570][ T5268] ? selinux_file_permission+0x2aa/0x510 [ 195.596233][ T5268] ? fsnotify_perm+0x67/0x5b0 [ 195.600934][ T5268] ? security_file_permission+0x79/0xa0 [ 195.606513][ T5268] ? pipe_to_sendpage+0x310/0x310 [ 195.611579][ T5268] ? security_file_permission+0x83/0xa0 [ 195.617164][ T5268] ? rw_verify_area+0xa7/0x1c0 [ 195.621965][ T5268] do_splice_direct+0x1b3/0x2c0 [ 195.626842][ T5268] ? avc_policy_seqno+0x1b/0x70 [ 195.631722][ T5268] ? splice_direct_to_actor+0xb30/0xb30 [ 195.637304][ T5268] ? security_file_permission+0x83/0xa0 [ 195.642887][ T5268] do_sendfile+0x5c6/0xeb0 [ 195.647338][ T5268] ? do_preadv+0x330/0x330 [ 195.651782][ T5268] ? fput_many+0x15a/0x1a0 [ 195.656226][ T5268] ? fput+0x1a/0x20 [ 195.660054][ T5268] __x64_sys_sendfile64+0x18f/0x1f0 [ 195.665280][ T5268] ? __ia32_sys_read+0x90/0x90 [ 195.670077][ T5268] ? __ia32_sys_sendfile+0x190/0x190 [ 195.675389][ T5268] ? fpregs_assert_state_consistent+0xb1/0xe0 [ 195.681496][ T5268] x64_sys_call+0x88d/0x9a0 [ 195.686030][ T5268] do_syscall_64+0x4c/0xa0 [ 195.690467][ T5268] ? clear_bhb_loop+0x50/0xa0 [ 195.695173][ T5268] ? clear_bhb_loop+0x50/0xa0 [ 195.699894][ T5268] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 195.705816][ T5268] RIP: 0033:0x7f1464dfb9a9 [ 195.710255][ T5268] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 195.729879][ T5268] RSP: 002b:00007f1463443038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 195.738330][ T5268] RAX: ffffffffffffffda RBX: 00007f1465023080 RCX: 00007f1464dfb9a9 [ 195.746343][ T5268] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004 [ 195.754346][ T5268] RBP: 00007f1463443090 R08: 0000000000000000 R09: 0000000000000000 [ 195.762348][ T5268] R10: 000000007ffff000 R11: 0000000000000246 R12: 0000000000000001 [ 195.770352][ T5268] R13: 0000000000000001 R14: 00007f1465023080 R15: 00007ffdcd3f5248 [ 195.778353][ T5268] [ 195.898532][ T5283] FAULT_INJECTION: forcing a failure. [ 195.898532][ T5283] name failslab, interval 1, probability 0, space 0, times 0 [ 195.918828][ T5283] CPU: 0 PID: 5283 Comm: syz.1.1864 Not tainted 5.15.188-syzkaller-android13-5.15.188_r00 #0 [ 195.929219][ T5283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 195.939390][ T5283] Call Trace: [ 195.942687][ T5283] [ 195.945631][ T5283] __dump_stack+0x21/0x30 [ 195.949983][ T5283] dump_stack_lvl+0xee/0x150 [ 195.954599][ T5283] ? show_regs_print_info+0x20/0x20 [ 195.959830][ T5283] ? security_file_permission+0x79/0xa0 [ 195.965402][ T5283] dump_stack+0x15/0x20 [ 195.969576][ T5283] should_fail+0x3c1/0x510 [ 195.974099][ T5283] __should_failslab+0xa4/0xe0 [ 195.978883][ T5283] should_failslab+0x9/0x20 [ 195.983405][ T5283] slab_pre_alloc_hook+0x3b/0xe0 [ 195.988366][ T5283] ? __se_sys_mount+0x9c/0x380 [ 195.993150][ T5283] __kmalloc_track_caller+0x6c/0x2c0 [ 195.998453][ T5283] ? mutex_unlock+0x89/0x220 [ 196.003061][ T5283] ? __se_sys_mount+0x9c/0x380 [ 196.007837][ T5283] ? strnlen_user+0x13b/0x1c0 [ 196.012537][ T5283] strndup_user+0x74/0x150 [ 196.016970][ T5283] __se_sys_mount+0x9c/0x380 [ 196.021577][ T5283] ? fput+0x1a/0x20 [ 196.025398][ T5283] ? __x64_sys_mount+0xd0/0xd0 [ 196.030180][ T5283] ? __ia32_sys_read+0x90/0x90 [ 196.035055][ T5283] __x64_sys_mount+0xbf/0xd0 [ 196.039663][ T5283] x64_sys_call+0x6bf/0x9a0 [ 196.044184][ T5283] do_syscall_64+0x4c/0xa0 [ 196.048618][ T5283] ? clear_bhb_loop+0x50/0xa0 [ 196.053333][ T5283] ? clear_bhb_loop+0x50/0xa0 [ 196.058119][ T5283] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 196.064031][ T5283] RIP: 0033:0x7f21391499a9 [ 196.068582][ T5283] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 196.088307][ T5283] RSP: 002b:00007f2137791038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 196.096757][ T5283] RAX: ffffffffffffffda RBX: 00007f2139371080 RCX: 00007f21391499a9 [ 196.104754][ T5283] RDX: 0000200000000180 RSI: 0000200000000040 RDI: 0000200000000080 [ 196.112776][ T5283] RBP: 00007f2137791090 R08: 0000000000000000 R09: 0000000000000000 [ 196.120864][ T5283] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 196.128862][ T5283] R13: 0000000000000000 R14: 00007f2139371080 R15: 00007ffe5e2c9a88 [ 196.136861][ T5283] [ 196.449893][ T5293] FAULT_INJECTION: forcing a failure. [ 196.449893][ T5293] name failslab, interval 1, probability 0, space 0, times 0 [ 196.481537][ T5293] CPU: 1 PID: 5293 Comm: syz.3.1869 Not tainted 5.15.188-syzkaller-android13-5.15.188_r00 #0 [ 196.491768][ T5293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 196.501842][ T5293] Call Trace: [ 196.505135][ T5293] [ 196.508068][ T5293] __dump_stack+0x21/0x30 [ 196.512402][ T5293] dump_stack_lvl+0xee/0x150 [ 196.516996][ T5293] ? show_regs_print_info+0x20/0x20 [ 196.522199][ T5293] dump_stack+0x15/0x20 [ 196.526355][ T5293] should_fail+0x3c1/0x510 [ 196.530860][ T5293] __should_failslab+0xa4/0xe0 [ 196.535647][ T5293] should_failslab+0x9/0x20 [ 196.540156][ T5293] slab_pre_alloc_hook+0x3b/0xe0 [ 196.545102][ T5293] ? getname_flags+0xb9/0x500 [ 196.549782][ T5293] kmem_cache_alloc+0x44/0x260 [ 196.554653][ T5293] getname_flags+0xb9/0x500 [ 196.559274][ T5293] getname+0x19/0x20 [ 196.563172][ T5293] do_sys_openat2+0xd9/0x7b0 [ 196.567777][ T5293] ? __kasan_check_write+0x14/0x20 [ 196.572893][ T5293] ? fput_many+0x15a/0x1a0 [ 196.577311][ T5293] ? do_sys_open+0xe0/0xe0 [ 196.581727][ T5293] ? fput+0x1a/0x20 [ 196.585538][ T5293] ? ksys_write+0x1eb/0x240 [ 196.590049][ T5293] ? __ia32_sys_read+0x90/0x90 [ 196.594812][ T5293] __x64_sys_openat+0x136/0x160 [ 196.599677][ T5293] x64_sys_call+0x219/0x9a0 [ 196.604183][ T5293] do_syscall_64+0x4c/0xa0 [ 196.608604][ T5293] ? clear_bhb_loop+0x50/0xa0 [ 196.613285][ T5293] ? clear_bhb_loop+0x50/0xa0 [ 196.617966][ T5293] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 196.623860][ T5293] RIP: 0033:0x7f53e71829a9 [ 196.628278][ T5293] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 196.647889][ T5293] RSP: 002b:00007f53e57a9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 196.656309][ T5293] RAX: ffffffffffffffda RBX: 00007f53e73aa160 RCX: 00007f53e71829a9 [ 196.664306][ T5293] RDX: 0000000000193042 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 196.672283][ T5293] RBP: 00007f53e57a9090 R08: 0000000000000000 R09: 0000000000000000 [ 196.680259][ T5293] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 196.688233][ T5293] R13: 0000000000000000 R14: 00007f53e73aa160 R15: 00007ffdc50e47b8 [ 196.696213][ T5293] [ 196.769263][ T5300] FAULT_INJECTION: forcing a failure. [ 196.769263][ T5300] name failslab, interval 1, probability 0, space 0, times 0 [ 196.801570][ T5300] CPU: 1 PID: 5300 Comm: syz.1.1872 Not tainted 5.15.188-syzkaller-android13-5.15.188_r00 #0 [ 196.811781][ T5300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 196.821853][ T5300] Call Trace: [ 196.825148][ T5300] [ 196.828090][ T5300] __dump_stack+0x21/0x30 [ 196.832445][ T5300] dump_stack_lvl+0xee/0x150 [ 196.837051][ T5300] ? show_regs_print_info+0x20/0x20 [ 196.842268][ T5300] dump_stack+0x15/0x20 [ 196.846435][ T5300] should_fail+0x3c1/0x510 [ 196.850873][ T5300] __should_failslab+0xa4/0xe0 [ 196.855655][ T5300] should_failslab+0x9/0x20 [ 196.860171][ T5300] slab_pre_alloc_hook+0x3b/0xe0 [ 196.865125][ T5300] ? getname_flags+0xb9/0x500 [ 196.869819][ T5300] kmem_cache_alloc+0x44/0x260 [ 196.874600][ T5300] getname_flags+0xb9/0x500 [ 196.879122][ T5300] getname+0x19/0x20 [ 196.883031][ T5300] do_sys_openat2+0xd9/0x7b0 [ 196.887636][ T5300] ? __kasan_check_write+0x14/0x20 [ 196.892763][ T5300] ? fput_many+0x15a/0x1a0 [ 196.897193][ T5300] ? do_sys_open+0xe0/0xe0 [ 196.901621][ T5300] ? fput+0x1a/0x20 [ 196.905441][ T5300] ? ksys_write+0x1eb/0x240 [ 196.909956][ T5300] ? __ia32_sys_read+0x90/0x90 [ 196.914733][ T5300] __x64_sys_openat+0x136/0x160 [ 196.919602][ T5300] x64_sys_call+0x219/0x9a0 [ 196.924121][ T5300] do_syscall_64+0x4c/0xa0 [ 196.928548][ T5300] ? clear_bhb_loop+0x50/0xa0 [ 196.933241][ T5300] ? clear_bhb_loop+0x50/0xa0 [ 196.937931][ T5300] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 196.943842][ T5300] RIP: 0033:0x7f21391499a9 [ 196.948274][ T5300] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 196.967907][ T5300] RSP: 002b:00007f21377b2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 196.976346][ T5300] RAX: ffffffffffffffda RBX: 00007f2139370fa0 RCX: 00007f21391499a9 [ 196.984334][ T5300] RDX: 0000000000000000 RSI: 0000200000004280 RDI: ffffffffffffff9c [ 196.992419][ T5300] RBP: 00007f21377b2090 R08: 0000000000000000 R09: 0000000000000000 [ 197.000412][ T5300] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 197.008398][ T5300] R13: 0000000000000000 R14: 00007f2139370fa0 R15: 00007ffe5e2c9a88 [ 197.016391][ T5300] [ 198.472534][ T30] kauditd_printk_skb: 340 callbacks suppressed [ 198.472552][ T30] audit: type=1400 audit(1752920554.825:90647): avc: denied { read write } for pid=286 comm="syz-executor" name="loop4" dev="devtmpfs" ino=120 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0 [ 198.515684][ T5328] FAULT_INJECTION: forcing a failure. [ 198.515684][ T5328] name failslab, interval 1, probability 0, space 0, times 0 [ 198.541351][ T5328] CPU: 0 PID: 5328 Comm: syz.4.1882 Not tainted 5.15.188-syzkaller-android13-5.15.188_r00 #0 [ 198.551667][ T5328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 198.561746][ T5328] Call Trace: [ 198.565042][ T5328] [ 198.567993][ T5328] __dump_stack+0x21/0x30 [ 198.572350][ T5328] dump_stack_lvl+0xee/0x150 [ 198.576954][ T5328] ? show_regs_print_info+0x20/0x20 [ 198.582176][ T5328] dump_stack+0x15/0x20 [ 198.586350][ T5328] should_fail+0x3c1/0x510 [ 198.590786][ T5328] __should_failslab+0xa4/0xe0 [ 198.595567][ T5328] should_failslab+0x9/0x20 [ 198.600080][ T5328] slab_pre_alloc_hook+0x3b/0xe0 [ 198.605037][ T5328] __kmalloc+0x6d/0x2c0 [ 198.609261][ T5328] ? __se_sys_memfd_create+0xf2/0x3b0 [ 198.614655][ T5328] ? strnlen_user+0x13b/0x1c0 [ 198.619350][ T5328] __se_sys_memfd_create+0xf2/0x3b0 [ 198.624564][ T5328] __x64_sys_memfd_create+0x5b/0x70 [ 198.629781][ T5328] x64_sys_call+0x473/0x9a0 [ 198.634296][ T5328] do_syscall_64+0x4c/0xa0 [ 198.638723][ T5328] ? clear_bhb_loop+0x50/0xa0 [ 198.643411][ T5328] ? clear_bhb_loop+0x50/0xa0 [ 198.648101][ T5328] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 198.654007][ T5328] RIP: 0033:0x7f1464dfb9a9 [ 198.658446][ T5328] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 198.678071][ T5328] RSP: 002b:00007f1463463d68 EFLAGS: 00000202 ORIG_RAX: 000000000000013f [ 198.686858][ T5328] RAX: ffffffffffffffda RBX: 0000000000000618 RCX: 00007f1464dfb9a9 [ 198.694845][ T5328] RDX: 00007f1463463dec RSI: 0000000000000000 RDI: 00007f1464e7e6fc [ 198.702917][ T5328] RBP: 0000200000002200 R08: 00007f1463463b07 R09: 0000000000000000 [ 198.710899][ T5328] R10: 000000000000000a R11: 0000000000000202 R12: 0000000000000001 [ 198.718884][ T5328] R13: 00007f1463463dec R14: 00007f1463463df0 R15: 00007ffdcd3f5248 [ 198.726873][ T5328] [ 198.735459][ T30] audit: type=1400 audit(1752920554.875:90648): avc: denied { create } for pid=5327 comm="syz.4.1882" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=0 [ 198.774644][ T30] audit: type=1400 audit(1752920554.875:90649): avc: denied { read write } for pid=5327 comm="syz.4.1882" name="fuse" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=0 [ 198.816531][ T30] audit: type=1400 audit(1752920554.875:90650): avc: denied { prog_load } for pid=5327 comm="syz.4.1882" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0 [ 198.975473][ T30] audit: type=1400 audit(1752920555.335:90651): avc: denied { read write } for pid=286 comm="syz-executor" name="loop4" dev="devtmpfs" ino=120 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0 [ 199.045423][ T30] audit: type=1400 audit(1752920555.375:90652): avc: denied { read write } for pid=5329 comm="syz.4.1883" name="loop4" dev="devtmpfs" ino=120 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0 [ 199.119478][ T30] audit: type=1400 audit(1752920555.385:90653): avc: denied { map_create } for pid=5329 comm="syz.4.1883" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0 [ 199.186476][ T30] audit: type=1400 audit(1752920555.385:90654): avc: denied { prog_load } for pid=5329 comm="syz.4.1883" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0 [ 199.246450][ T30] audit: type=1400 audit(1752920555.385:90655): avc: denied { prog_load } for pid=5329 comm="syz.4.1883" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0 [ 199.284448][ T30] audit: type=1400 audit(1752920555.395:90656): avc: denied { read } for pid=5329 comm="syz.4.1883" dev="nsfs" ino=4026532552 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=0 [ 199.444794][ T5338] FAULT_INJECTION: forcing a failure. [ 199.444794][ T5338] name failslab, interval 1, probability 0, space 0, times 0 [ 199.485933][ T5338] CPU: 1 PID: 5338 Comm: syz.4.1888 Not tainted 5.15.188-syzkaller-android13-5.15.188_r00 #0 [ 199.496297][ T5338] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 199.506385][ T5338] Call Trace: [ 199.509694][ T5338] [ 199.512772][ T5338] __dump_stack+0x21/0x30 [ 199.517131][ T5338] dump_stack_lvl+0xee/0x150 [ 199.521739][ T5338] ? show_regs_print_info+0x20/0x20 [ 199.526955][ T5338] ? __kasan_check_write+0x14/0x20 [ 199.532091][ T5338] ? proc_fail_nth_write+0x17a/0x1f0 [ 199.537408][ T5338] ? proc_fail_nth_read+0x210/0x210 [ 199.542683][ T5338] dump_stack+0x15/0x20 [ 199.547035][ T5338] should_fail+0x3c1/0x510 [ 199.551485][ T5338] __should_failslab+0xa4/0xe0 [ 199.556271][ T5338] should_failslab+0x9/0x20 [ 199.560795][ T5338] slab_pre_alloc_hook+0x3b/0xe0 [ 199.565995][ T5338] ? getname_flags+0xb9/0x500 [ 199.570694][ T5338] kmem_cache_alloc+0x44/0x260 [ 199.575486][ T5338] getname_flags+0xb9/0x500 [ 199.580104][ T5338] user_path_at_empty+0x30/0x1c0 [ 199.585069][ T5338] do_readlinkat+0xd4/0x480 [ 199.589600][ T5338] ? cp_old_stat+0x490/0x490 [ 199.594212][ T5338] ? __ia32_sys_read+0x90/0x90 [ 199.598991][ T5338] __x64_sys_readlinkat+0x9a/0xb0 [ 199.604139][ T5338] x64_sys_call+0x243/0x9a0 [ 199.608680][ T5338] do_syscall_64+0x4c/0xa0 [ 199.613129][ T5338] ? clear_bhb_loop+0x50/0xa0 [ 199.617831][ T5338] ? clear_bhb_loop+0x50/0xa0 [ 199.622533][ T5338] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 199.628455][ T5338] RIP: 0033:0x7f1464dfb9a9 [ 199.632900][ T5338] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 199.652626][ T5338] RSP: 002b:00007f1463464038 EFLAGS: 00000246 ORIG_RAX: 000000000000010b [ 199.661070][ T5338] RAX: ffffffffffffffda RBX: 00007f1465022fa0 RCX: 00007f1464dfb9a9 [ 199.669064][ T5338] RDX: 00002000000003c0 RSI: 00002000000001c0 RDI: ffffffffffffffff [ 199.677063][ T5338] RBP: 00007f1463464090 R08: 0000000000000000 R09: 0000000000000000 [ 199.685071][ T5338] R10: 00000000000000ce R11: 0000000000000246 R12: 0000000000000001 [ 199.693182][ T5338] R13: 0000000000000000 R14: 00007f1465022fa0 R15: 00007ffdcd3f5248 [ 199.701180][ T5338] [ 199.784501][ T5354] netlink: 'syz.1.1890': attribute type 4 has an invalid length. [ 199.792300][ T5354] netlink: 17 bytes leftover after parsing attributes in process `syz.1.1890'. [ 200.007494][ T5362] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1895'. [ 200.054509][ T5362] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1895'. [ 200.063703][ T5362] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1895'. [ 203.341213][ T5515] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1955'. [ 203.536654][ T30] kauditd_printk_skb: 351 callbacks suppressed [ 203.536731][ T30] audit: type=1400 audit(1752920559.895:91008): avc: denied { read write } for pid=282 comm="syz-executor" name="loop1" dev="devtmpfs" ino=117 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0 [ 203.569753][ T30] audit: type=1400 audit(1752920559.925:91009): avc: denied { read write } for pid=285 comm="syz-executor" name="loop2" dev="devtmpfs" ino=118 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0 [ 203.595074][ T30] audit: type=1400 audit(1752920559.925:91010): avc: denied { create } for pid=5522 comm="syz.1.1959" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=0 [ 203.615512][ T30] audit: type=1400 audit(1752920559.955:91011): avc: denied { read write } for pid=282 comm="syz-executor" name="loop1" dev="devtmpfs" ino=117 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0 [ 203.639808][ T30] audit: type=1400 audit(1752920559.955:91012): avc: denied { map_create } for pid=5526 comm="syz.1.1961" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0 [ 203.659215][ T30] audit: type=1400 audit(1752920559.955:91013): avc: denied { execmem } for pid=5526 comm="syz.1.1961" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=0 [ 203.679051][ T30] audit: type=1400 audit(1752920559.955:91014): avc: denied { map_create } for pid=5526 comm="syz.1.1961" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0 [ 203.698503][ T30] audit: type=1400 audit(1752920559.955:91015): avc: denied { prog_load } for pid=5526 comm="syz.1.1961" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0 [ 203.717948][ T30] audit: type=1400 audit(1752920559.955:91016): avc: denied { prog_load } for pid=5526 comm="syz.1.1961" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0 [ 203.737308][ T30] audit: type=1400 audit(1752920559.955:91017): avc: denied { read write } for pid=5526 comm="syz.1.1961" name="fuse" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=0 [ 204.493926][ T5593] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1989'. [ 204.672962][ T5607] xt_TCPMSS: Only works on TCP SYN packets [ 204.713443][ T5607] netlink: 9 bytes leftover after parsing attributes in process `syz.2.1993'. [ 204.781346][ T5607] device gretap0 entered promiscuous mode [ 204.866554][ T5612] netlink: 5 bytes leftover after parsing attributes in process `syz.2.1993'. [ 204.920330][ T5612] 0猉功D: renamed from gretap0 [ 204.932465][ T5612] device 30猉功D left promiscuous mode [ 204.953919][ T5612] A link change request failed with some changes committed already. Interface 30猉功D may have been left with an inconsistent configuration, please check. [ 205.831956][ T5664] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=5664 comm=syz.4.2020 [ 205.845647][ T5664] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2020'. [ 206.928524][ T5728] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2045'. [ 207.389212][ T5755] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2058'. [ 207.511995][ T5789] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2075'. [ 208.623200][ T30] kauditd_printk_skb: 461 callbacks suppressed [ 208.623312][ T30] audit: type=1400 audit(1752920820.973:91479): avc: denied { read write } for pid=284 comm="syz-executor" name="loop0" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0 [ 208.669457][ T30] audit: type=1400 audit(1752920821.023:91480): avc: denied { read write } for pid=286 comm="syz-executor" name="loop4" dev="devtmpfs" ino=120 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0 [ 208.693995][ T30] audit: type=1400 audit(1752920821.023:91481): avc: denied { read } for pid=5852 comm="syz.4.2103" name="kvm" dev="devtmpfs" ino=82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=0 [ 208.720109][ T30] audit: type=1400 audit(1752920821.023:91482): avc: denied { read write } for pid=286 comm="syz-executor" name="loop4" dev="devtmpfs" ino=120 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0 [ 208.746443][ T30] audit: type=1400 audit(1752920821.083:91484): avc: denied { read write } for pid=5855 comm="syz.4.2104" name="uhid" dev="devtmpfs" ino=263 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=0 [ 208.777060][ T30] audit: type=1400 audit(1752920821.083:91483): avc: denied { read write } for pid=285 comm="syz-executor" name="loop2" dev="devtmpfs" ino=118 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0 [ 208.801708][ T30] audit: type=1400 audit(1752920821.083:91485): avc: denied { create } for pid=5850 comm="syz.0.2102" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=0 [ 208.824329][ T30] audit: type=1400 audit(1752920821.103:91486): avc: denied { write } for pid=5850 comm="syz.0.2102" name="kvm" dev="devtmpfs" ino=82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=0 [ 208.847578][ T30] audit: type=1400 audit(1752920821.133:91487): avc: denied { read write } for pid=285 comm="syz-executor" name="loop2" dev="devtmpfs" ino=118 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0 [ 208.883837][ T30] audit: type=1400 audit(1752920821.183:91488): avc: denied { mounton } for pid=5861 comm="syz.2.2106" path="/419/file1" dev="tmpfs" ino=2223 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=0 [ 209.905199][ T5924] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2135'. [ 212.210309][ T6073] device syzkaller0 entered promiscuous mode [ 212.917118][ T45] Bluetooth: hci0: Frame reassembly failed (-84) [ 212.930156][ T6106] Bluetooth: hci0: Frame reassembly failed (-90) [ 213.080336][ T6117] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2219'. [ 213.090674][ T6117] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2219'. [ 213.119322][ T6119] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 213.885435][ T30] kauditd_printk_skb: 371 callbacks suppressed [ 213.885452][ T30] audit: type=1400 audit(1752920826.243:91860): avc: denied { read write } for pid=284 comm="syz-executor" name="loop0" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0 [ 213.915964][ T30] audit: type=1400 audit(1752920826.243:91861): avc: denied { prog_load } for pid=6138 comm="syz.0.2229" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0 [ 213.952602][ T30] audit: type=1400 audit(1752920826.243:91862): avc: denied { execmem } for pid=6138 comm="syz.0.2229" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=0 [ 213.973383][ T30] audit: type=1400 audit(1752920826.283:91863): avc: denied { read write } for pid=286 comm="syz-executor" name="loop4" dev="devtmpfs" ino=120 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0 [ 213.997959][ T30] audit: type=1400 audit(1752920826.293:91864): avc: denied { create } for pid=6140 comm="syz.4.2230" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=0 [ 214.019280][ T30] audit: type=1400 audit(1752920826.293:91865): avc: denied { create } for pid=6138 comm="syz.0.2229" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=0 [ 214.039657][ T30] audit: type=1400 audit(1752920826.293:91866): avc: denied { mounton } for pid=6138 comm="syz.0.2229" path="/473/file0" dev="tmpfs" ino=2486 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=0 [ 214.063168][ T30] audit: type=1400 audit(1752920826.303:91867): avc: denied { read write } for pid=286 comm="syz-executor" name="loop4" dev="devtmpfs" ino=120 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0 [ 214.087886][ T30] audit: type=1400 audit(1752920826.303:91868): avc: denied { read } for pid=6143 comm="syz.4.2231" name="msr" dev="devtmpfs" ino=85 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=0 [ 214.110830][ T30] audit: type=1400 audit(1752920826.303:91869): avc: denied { write } for pid=6143 comm="syz.4.2231" name="wireless" dev="proc" ino=4026532561 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=0 [ 214.149803][ T6157] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2235'. [ 214.212637][ T6170] netlink: 96 bytes leftover after parsing attributes in process `syz.4.2242'. [ 214.762377][ T6204] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2256'. [ 214.984455][ T385] Bluetooth: hci0: command 0x1003 tx timeout [ 214.991704][ T3168] Bluetooth: hci0: sending frame failed (-49) [ 215.873090][ T6246] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2271'. [ 216.358763][ T6268] netlink: 'syz.1.2281': attribute type 8 has an invalid length. [ 216.641675][ T6286] xt_TCPMSS: Only works on TCP SYN packets [ 216.668200][ T6286] netlink: 9 bytes leftover after parsing attributes in process `syz.0.2287'. [ 216.687728][ T6288] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=6288 comm=syz.3.2289 [ 216.700456][ T6286] device gretap0 entered promiscuous mode [ 216.724920][ T6289] netlink: 5 bytes leftover after parsing attributes in process `syz.0.2287'. [ 216.748833][ T6289] 0猉功D: renamed from gretap0 [ 216.762589][ T6289] device 30猉功D left promiscuous mode [ 216.777145][ T6289] A link change request failed with some changes committed already. Interface 30猉功D may have been left with an inconsistent configuration, please check. [ 217.064460][ T385] Bluetooth: hci0: command 0x1001 tx timeout [ 217.071788][ T3168] Bluetooth: hci0: sending frame failed (-49) [ 218.925331][ T30] kauditd_printk_skb: 267 callbacks suppressed [ 218.925348][ T30] audit: type=1400 audit(1752920831.283:92137): avc: denied { read write } for pid=283 comm="syz-executor" name="loop3" dev="devtmpfs" ino=119 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0 [ 218.956150][ T30] audit: type=1400 audit(1752920831.283:92138): avc: denied { prog_load } for pid=6339 comm="syz.3.2312" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0 [ 218.975302][ T30] audit: type=1400 audit(1752920831.283:92139): avc: denied { mounton } for pid=6339 comm="syz.3.2312" path="/401/file0" dev="tmpfs" ino=2116 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=0 [ 218.998224][ T30] audit: type=1400 audit(1752920831.283:92140): avc: denied { watch } for pid=6339 comm="syz.3.2312" path="/401/file0" dev="tmpfs" ino=2116 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=0 [ 219.021045][ T30] audit: type=1400 audit(1752920831.283:92141): avc: denied { prog_load } for pid=6339 comm="syz.3.2312" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0 [ 219.040374][ T30] audit: type=1400 audit(1752920831.333:92142): avc: denied { read write } for pid=6339 comm="syz.3.2312" name="vhost-vsock" dev="devtmpfs" ino=264 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=0 [ 219.144462][ T385] Bluetooth: hci0: command 0x1009 tx timeout [ 219.303843][ T30] audit: type=1400 audit(1752920831.653:92143): avc: denied { read write } for pid=282 comm="syz-executor" name="loop1" dev="devtmpfs" ino=117 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0 [ 219.328307][ T30] audit: type=1400 audit(1752920831.663:92144): avc: denied { read } for pid=6342 comm="syz.1.2313" name="msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=0 [ 219.351613][ T30] audit: type=1400 audit(1752920831.663:92145): avc: denied { create } for pid=6342 comm="syz.1.2313" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=0 [ 219.372727][ T30] audit: type=1400 audit(1752920831.663:92146): avc: denied { create } for pid=6342 comm="syz.1.2313" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=0 [ 221.765949][ T6510] general protection fault, probably for non-canonical address 0xdffffc0000000036: 0000 [#1] PREEMPT SMP KASAN [ 221.777723][ T6510] KASAN: null-ptr-deref in range [0x00000000000001b0-0x00000000000001b7] [ 221.786241][ T6510] CPU: 0 PID: 6510 Comm: syz.3.2388 Not tainted 5.15.188-syzkaller-android13-5.15.188_r00 #0 [ 221.796417][ T6510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 221.806491][ T6510] RIP: 0010:htb_qlen_notify+0x30/0xc0 [ 221.811894][ T6510] Code: 41 56 41 55 41 54 53 49 89 f6 49 89 ff 49 bc 00 00 00 00 00 fc ff df e8 be e1 94 fd 4d 8d ae b0 01 00 00 4c 89 eb 48 c1 eb 03 <42> 0f b6 04 23 84 c0 75 58 45 8b 65 00 31 ff 44 89 e6 e8 49 e5 94 [ 221.831631][ T6510] RSP: 0018:ffffc90000ba6f48 EFLAGS: 00010206 [ 221.837845][ T6510] RAX: ffffffff83d3ce12 RBX: 0000000000000036 RCX: 0000000000080000 [ 221.845846][ T6510] RDX: ffffc90002760000 RSI: 00000000000001dd RDI: 00000000000001de [ 221.853854][ T6510] RBP: ffffc90000ba6f70 R08: ffff88811b442780 R09: 0000000000000002 [ 221.861858][ T6510] R10: 00000000ffffffff R11: 0000000000000002 R12: dffffc0000000000 [ 221.869859][ T6510] R13: 00000000000001b0 R14: 0000000000000000 R15: ffff88811992c000 [ 221.878121][ T6510] FS: 00007f53e57eb6c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 221.887126][ T6510] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 221.893740][ T6510] CR2: 00007f53e721f7b4 CR3: 000000011b4a9000 CR4: 00000000003506b0 [ 221.901761][ T6510] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 221.909761][ T6510] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 221.917766][ T6510] Call Trace: [ 221.921190][ T6510] [ 221.924406][ T6510] qdisc_tree_reduce_backlog+0x1e8/0x340 [ 221.930078][ T6510] sfq_init+0x1b59/0x2870 [ 221.934547][ T6510] ? qdisc_peek_dequeued+0x230/0x230 [ 221.940217][ T6510] qdisc_create+0x7ed/0x11a0 [ 221.944845][ T6510] ? qdisc_notify+0x350/0x350 [ 221.949553][ T6510] ? htb_dump+0x600/0x600 [ 221.954016][ T6510] tc_modify_qdisc+0x896/0x1480 [ 221.959063][ T6510] ? qdisc_offload_graft_helper+0x290/0x290 [ 221.965005][ T6510] ? cap_capable+0x1aa/0x230 [ 221.969728][ T6510] ? ns_capable+0x8c/0xf0 [ 221.974461][ T6510] ? netlink_net_capable+0x125/0x160 [ 221.979783][ T6510] ? qdisc_offload_graft_helper+0x290/0x290 [ 221.985727][ T6510] rtnetlink_rcv_msg+0x9e4/0xb90 [ 221.990703][ T6510] ? rtnetlink_bind+0x80/0x80 [ 221.995417][ T6510] ? memcpy+0x56/0x70 [ 221.999530][ T6510] ? avc_has_perm_noaudit+0x2f4/0x460 [ 222.004929][ T6510] ? arch_stack_walk+0xee/0x140 [ 222.009816][ T6510] ? avc_denied+0x1b0/0x1b0 [ 222.014365][ T6510] ? stack_trace_save+0x98/0xe0 [ 222.019252][ T6510] ? avc_has_perm+0x158/0x240 [ 222.023956][ T6510] ? avc_has_perm_noaudit+0x460/0x460 [ 222.029627][ T6510] ? x64_sys_call+0x4b/0x9a0 [ 222.034243][ T6510] ? selinux_nlmsg_lookup+0x400/0x4c0 [ 222.039651][ T6510] netlink_rcv_skb+0x1e0/0x430 [ 222.044448][ T6510] ? rtnetlink_bind+0x80/0x80 [ 222.049142][ T6510] ? netlink_ack+0xb60/0xb60 [ 222.053779][ T6510] ? __netlink_lookup+0x387/0x3b0 [ 222.058815][ T6510] rtnetlink_rcv+0x1c/0x20 [ 222.063231][ T6510] netlink_unicast+0x87c/0xa40 [ 222.068030][ T6510] netlink_sendmsg+0x86a/0xb70 [ 222.072811][ T6510] ? netlink_getsockopt+0x530/0x530 [ 222.078013][ T6510] ? sock_alloc_file+0xba/0x260 [ 222.082863][ T6510] ? security_socket_sendmsg+0x82/0xa0 [ 222.088323][ T6510] ? netlink_getsockopt+0x530/0x530 [ 222.093708][ T6510] ____sys_sendmsg+0x5a2/0x8c0 [ 222.098487][ T6510] ? __sys_sendmsg_sock+0x40/0x40 [ 222.103534][ T6510] ? import_iovec+0x7c/0xb0 [ 222.108050][ T6510] ___sys_sendmsg+0x1f0/0x260 [ 222.112737][ T6510] ? __sys_sendmsg+0x250/0x250 [ 222.117524][ T6510] ? __fdget+0x1a1/0x230 [ 222.121956][ T6510] __x64_sys_sendmsg+0x1e2/0x2a0 [ 222.126903][ T6510] ? ___sys_sendmsg+0x260/0x260 [ 222.131760][ T6510] ? __kasan_check_write+0x14/0x20 [ 222.136876][ T6510] ? switch_fpu_return+0x15d/0x2c0 [ 222.141992][ T6510] x64_sys_call+0x4b/0x9a0 [ 222.146430][ T6510] do_syscall_64+0x4c/0xa0 [ 222.150848][ T6510] ? clear_bhb_loop+0x50/0xa0 [ 222.155535][ T6510] ? clear_bhb_loop+0x50/0xa0 [ 222.160218][ T6510] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 222.166119][ T6510] RIP: 0033:0x7f53e71829a9 [ 222.170532][ T6510] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 222.190403][ T6510] RSP: 002b:00007f53e57eb038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 222.198826][ T6510] RAX: ffffffffffffffda RBX: 00007f53e73a9fa0 RCX: 00007f53e71829a9 [ 222.206912][ T6510] RDX: 0000000000004000 RSI: 0000200000000040 RDI: 0000000000000006 [ 222.215056][ T6510] RBP: 00007f53e7204d69 R08: 0000000000000000 R09: 0000000000000000 [ 222.223185][ T6510] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 222.231168][ T6510] R13: 0000000000000000 R14: 00007f53e73a9fa0 R15: 00007ffdc50e47b8 [ 222.239150][ T6510] [ 222.242184][ T6510] Modules linked in: [ 222.246167][ T6510] ---[ end trace d71a2ee4121c3ea2 ]--- [ 222.251799][ T6510] RIP: 0010:htb_qlen_notify+0x30/0xc0 [ 222.257264][ T6510] Code: 41 56 41 55 41 54 53 49 89 f6 49 89 ff 49 bc 00 00 00 00 00 fc ff df e8 be e1 94 fd 4d 8d ae b0 01 00 00 4c 89 eb 48 c1 eb 03 <42> 0f b6 04 23 84 c0 75 58 45 8b 65 00 31 ff 44 89 e6 e8 49 e5 94 [ 222.276973][ T6510] RSP: 0018:ffffc90000ba6f48 EFLAGS: 00010206 [ 222.283458][ T6510] RAX: ffffffff83d3ce12 RBX: 0000000000000036 RCX: 0000000000080000 [ 222.291498][ T6510] RDX: ffffc90002760000 RSI: 00000000000001dd RDI: 00000000000001de Jul 19 10:31:30 [ 222.299522][ T6510] RBP: ffffc90000ba6f70 R08: ffff88811b442780 R09: 0000000000000002 syzkaller kern.a[ 222.308898][ T6510] R10: 00000000ffffffff R11: 0000000000000002 R12: dffffc0000000000 lert kernel: [ [ 222.318309][ T6510] R13: 00000000000001b0 R14: 0000000000000000 R15: ffff88811992c000 221.777723][ T65[ 222.327693][ T6510] FS: 00007f53e57eb6c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 10] KASAN: null-[ 222.338026][ T6510] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 ptr-deref in ran[ 222.346006][ T6510] CR2: 00007f53e721f7b4 CR3: 000000011b4a9000 CR4: 00000000003506b0 ge [0x0000000000[ 222.355476][ T6510] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 0001b0-0x0000000[ 222.364933][ T6510] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 0000001b7] [ 222.374290][ T6510] Kernel panic - not syncing: Fatal exception in interrupt [ 222.382780][ T6510] Kernel Offset: disabled [ 222.387119][ T6510] Rebooting in 86400 seconds..