last executing test programs: 10m15.527152533s ago: executing program 2 (id=13531): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x24000]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="020d000014000000000000000000000005000600000000000a00000000000000fc0100000000000000000000ea2fa43c000000000000000005000500000000000a0000000000000000000000000000000000000000000000000000000000000008001200"], 0xa0}}, 0x0) 10m15.500020906s ago: executing program 2 (id=13533): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) writev(r0, &(0x7f0000000040)=[{&(0x7f0000000380)="ea", 0x1}], 0x1) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r3, 0x0, 0x0) sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0) r5 = socket$nl_audit(0x10, 0x3, 0x9) ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f0000000380)={'team_slave_0\x00', &(0x7f00000003c0)=@ethtool_rxnfc={0x32, 0x11, 0x4, {0xa, @udp_ip4_spec={@multicast1, @multicast1, 0x4e21, 0x4622, 0x5d}, {0x0, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x5, 0xfb44, [0x5, 0x9]}, @esp_ip4_spec={@local, @multicast1, 0x9}, {0x0, @broadcast, 0x46, 0x3ff, [0x2]}, 0x2, 0x2}, 0x4, [0x6, 0x0, 0xf, 0x9]}}) 10m15.474567259s ago: executing program 2 (id=13535): rt_sigaction(0xd, 0x0, 0x0, 0x8, &(0x7f0000000140)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r3, &(0x7f0000000340)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r3, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r5, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r6, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000000, 0x13, r2, 0x0) 10m15.447845362s ago: executing program 2 (id=13537): rt_sigaction(0x1, &(0x7f0000000040)={&(0x7f0000000140)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f00000009c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket(0x26, 0x3, 0x0) sendmsg$nl_generic(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="840100001900010000000000000000001d010900500011"], 0x184}, 0x1, 0x0, 0x0, 0x5}, 0x0) 10m15.373304449s ago: executing program 2 (id=13538): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000140)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r3, 0x0, 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r3, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r2, 0x0, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r5, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r6, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000000, 0x13, r2, 0x0) 10m15.372626779s ago: executing program 2 (id=13541): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) socket$inet6_tcp(0xa, 0x1, 0x0) (async) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuacct.usage_sys\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000100)='net/ip_tables_targets\x00') (async) syz_open_procfs(0x0, &(0x7f0000000100)='net/ip_tables_targets\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) (async) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000005800)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000240), 0x0) (async) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r6 = dup(r5) mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000004380), 0x181c800, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[{@noxattr}], [], 0x6b}}) (async) mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000004380), 0x181c800, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[{@noxattr}], [], 0x6b}}) 10m0.319781236s ago: executing program 32 (id=13541): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) socket$inet6_tcp(0xa, 0x1, 0x0) (async) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuacct.usage_sys\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000100)='net/ip_tables_targets\x00') (async) syz_open_procfs(0x0, &(0x7f0000000100)='net/ip_tables_targets\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) (async) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000005800)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000240), 0x0) (async) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r6 = dup(r5) mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000004380), 0x181c800, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[{@noxattr}], [], 0x6b}}) (async) mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000004380), 0x181c800, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[{@noxattr}], [], 0x6b}}) 2.462669333s ago: executing program 0 (id=32738): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1002, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2002, 0x0) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) close_range(r3, 0xffffffffffffffff, 0x0) 2.333390236s ago: executing program 0 (id=32745): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000880)='./binderfs/binder1\x00', 0x800, 0x0) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x52, 0x0, &(0x7f0000000540)="70d07134252032fdd3365ef96b919649b1b13c6f6f6f7aaa12b1c0578b26dfe3b2b741205d28752ac5acbb5a5b0d2b225871a4b865d995f95d6aa99c4901dbf986b562794f45f28d37773ab5417f62829ea8"}) 1.872498662s ago: executing program 1 (id=32755): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000880)='./binderfs/binder1\x00', 0x800, 0x0) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x52, 0x0, &(0x7f0000000540)="70d07134252032fdd3365ef96b919649b1b13c6f6f6f7aaa12b1c0578b26dfe3b2b741205d28752ac5acbb5a5b0d2b225871a4b865d995f95d6aa99c4901dbf986b562794f45f28d37773ab5417f62829ea8"}) 1.842592795s ago: executing program 4 (id=32756): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r3, 0x0, 0x0, 0x805, 0x0, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) sendmmsg$inet6(r4, &(0x7f00000075c0), 0x0, 0x40804) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r5, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_clone3(&(0x7f0000000000)={0x1403100, &(0x7f00000000c0), 0x0, 0x0, {0x24}, 0x0, 0x0, 0x0, 0x0}, 0x58) 1.751988764s ago: executing program 4 (id=32757): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r3 = socket$inet_udplite(0x2, 0x2, 0x88) bind$inet(r3, &(0x7f00000001c0)={0x2, 0x4e24, @rand_addr=0x64010102}, 0x10) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r5, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r5, @ANYRES64=r4], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r5, 0x0) ioctl$KVM_X86_SETUP_MCE(r5, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1002, 0x0) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2002, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r8, r9, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x7c, 0x0, 0x0) close_range(r6, 0xffffffffffffffff, 0x0) recvmmsg(r3, &(0x7f0000008280)=[{{0x0, 0x0, 0x0}, 0x80000000}], 0x1, 0x40, 0x0) 1.678416011s ago: executing program 4 (id=32758): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x0, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r3, 0x0, 0x0, 0x805, 0x0, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) syz_clone3(&(0x7f0000000000)={0x1403100, &(0x7f00000000c0), 0x0, 0x0, {0x24}, 0x0, 0x0, 0x0, 0x0}, 0x58) 1.651542094s ago: executing program 4 (id=32759): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r0, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r0, @ANYRES64], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r0, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r1 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r1, 0x0, 0x0, 0x805, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) sendmmsg$inet6(r2, &(0x7f00000075c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40804) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_clone3(&(0x7f0000000000)={0x1403100, &(0x7f00000000c0), 0x0, 0x0, {0x24}, 0x0, 0x0, 0x0, 0x0}, 0x58) 1.38890993s ago: executing program 0 (id=32762): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r3, 0x0, 0x0, 0x805, 0x0, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) sendmmsg$inet6(r4, &(0x7f00000075c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40804) syz_clone3(&(0x7f0000000000)={0x1403100, &(0x7f00000000c0), 0x0, 0x0, {0x24}, 0x0, 0x0, 0x0, 0x0}, 0x58) 1.101190929s ago: executing program 0 (id=32768): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r0, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r0, @ANYRES64], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r0, 0x0) ioctl$KVM_X86_SETUP_MCE(r0, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r1 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r1, 0x0, 0x0, 0x805, 0x0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0) fcntl$lock(r2, 0x6, &(0x7f0000000000)={0x1, 0x0, 0x8000000008}) fcntl$lock(r2, 0x26, &(0x7f00000000c0)={0x0, 0x2, 0x9, 0xe71}) fcntl$lock(r2, 0x5, &(0x7f0000000040)={0x0, 0x0, 0x40, 0x3}) 1.031690076s ago: executing program 1 (id=32771): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet_udplite(0x2, 0x2, 0x88) bind$inet(r3, &(0x7f00000001c0)={0x2, 0x4e24, @rand_addr=0x64010102}, 0x10) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r5, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r5, @ANYRES64=r4], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r5, 0x0) ioctl$KVM_X86_SETUP_MCE(r5, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1002, 0x0) r7 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r7, r8, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x7c, 0x0, 0x0) ioctl$KVM_RUN(r8, 0xae80, 0x0) close_range(r6, 0xffffffffffffffff, 0x0) 1.009858058s ago: executing program 4 (id=32773): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000880)='./binderfs/binder1\x00', 0x800, 0x0) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000000)={0x4, 0x0, &(0x7f0000000380)=[@enter_looper], 0x0, 0x0, 0x0}) 851.387305ms ago: executing program 3 (id=32775): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r3 = socket$inet_udplite(0x2, 0x2, 0x88) bind$inet(r3, &(0x7f00000001c0)={0x2, 0x4e24, @rand_addr=0x64010102}, 0x10) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r5, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r5, @ANYRES64=r4], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r5, 0x0) ioctl$KVM_X86_SETUP_MCE(r5, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1002, 0x0) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2002, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r8, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x7c, 0x0, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) close_range(r6, 0xffffffffffffffff, 0x0) recvmmsg(r3, &(0x7f0000008280)=[{{0x0, 0x0, 0x0}, 0x80000000}], 0x1, 0x40, 0x0) 850.949664ms ago: executing program 1 (id=32776): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r3, 0x0, 0x0, 0x805, 0x0, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) sendmmsg$inet6(r4, &(0x7f00000075c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40804) syz_clone3(&(0x7f0000000000)={0x1403100, &(0x7f00000000c0), 0x0, 0x0, {0x24}, 0x0, 0x0, 0x0, 0x0}, 0x58) 783.754951ms ago: executing program 1 (id=32777): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000000)={0x4, 0x0, &(0x7f0000000380)=[@enter_looper], 0x29, 0x0, &(0x7f0000000540)="70d07134252032fdd3365ef96b919649b1b13c6f6f6f7aaa12b1c0578b26dfe3b2b741205d28752ac5"}) 783.335501ms ago: executing program 1 (id=32778): rt_sigaction(0xd, &(0x7f0000000180)={0x0, 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r3, 0x0, 0x0, 0x805, 0x0, 0x0) syz_clone3(&(0x7f0000000000)={0x1403100, &(0x7f00000000c0), 0x0, 0x0, {0x24}, 0x0, 0x0, 0x0, 0x0}, 0x58) 769.481873ms ago: executing program 3 (id=32779): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0) fcntl$lock(r2, 0x6, &(0x7f0000000000)={0x1, 0x0, 0x8000000008}) fcntl$lock(r2, 0x26, &(0x7f00000000c0)={0x0, 0x2, 0x9, 0xe71}) fcntl$lock(r2, 0x5, &(0x7f0000000040)={0x0, 0x0, 0x40, 0x3}) 753.727694ms ago: executing program 1 (id=32780): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000880)='./binderfs/binder1\x00', 0x800, 0x0) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x52, 0x0, &(0x7f0000000540)="70d07134252032fdd3365ef96b919649b1b13c6f6f6f7aaa12b1c0578b26dfe3b2b741205d28752ac5acbb5a5b0d2b225871a4b865d995f95d6aa99c4901dbf986b562794f45f28d37773ab5417f62829ea8"}) 703.777389ms ago: executing program 3 (id=32781): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00), 0x0, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet_udplite(0x2, 0x2, 0x88) bind$inet(r4, &(0x7f00000001c0)={0x2, 0x4e24, @rand_addr=0x64010102}, 0x10) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r6, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r6, @ANYRES64=r5], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r6, 0x0) ioctl$KVM_X86_SETUP_MCE(r6, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r5, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1002, 0x0) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2002, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r9, r10, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x7c, 0x0, 0x0) ioctl$KVM_RUN(r10, 0xae80, 0x0) close_range(r7, 0xffffffffffffffff, 0x0) sendmmsg$inet(r4, &(0x7f0000004040)=[{{&(0x7f0000000080)={0x2, 0x4e24, @empty}, 0x10, 0x0}}], 0x1, 0x4000000) recvmmsg(r4, &(0x7f0000008280)=[{{0x0, 0x0, 0x0}, 0x80000000}], 0x1, 0x40, 0x0) 611.361379ms ago: executing program 3 (id=32782): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x0, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0) r3 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r3, 0x0, 0x0, 0x805, 0x0, 0x0) syz_clone3(&(0x7f0000000000)={0x1403100, &(0x7f00000000c0), 0x0, 0x0, {0x24}, 0x0, 0x0, 0x0, 0x0}, 0x58) 582.761791ms ago: executing program 3 (id=32783): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r3, 0x0, 0x0, 0x805, 0x0, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) syz_clone3(&(0x7f0000000000)={0x1403100, &(0x7f00000000c0), 0x0, 0x0, {0x24}, 0x0, 0x0, 0x0, 0x0}, 0x58) 512.010318ms ago: executing program 3 (id=32784): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000880)='./binderfs/binder1\x00', 0x800, 0x0) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000000)={0x4, 0x0, &(0x7f0000000380)=[@enter_looper], 0x0, 0x0, 0x0}) 492.37987ms ago: executing program 0 (id=32785): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000880)='./binderfs/binder1\x00', 0x800, 0x0) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x52, 0x0, &(0x7f0000000540)="70d07134252032fdd3365ef96b919649b1b13c6f6f6f7aaa12b1c0578b26dfe3b2b741205d28752ac5acbb5a5b0d2b225871a4b865d995f95d6aa99c4901dbf986b562794f45f28d37773ab5417f62829ea8"}) 154.477344ms ago: executing program 0 (id=32786): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000880)='./binderfs/binder1\x00', 0x800, 0x0) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000000)={0x4, 0x0, &(0x7f0000000380)=[@enter_looper], 0x29, 0x0, &(0x7f0000000540)="70d07134252032fdd3365ef96b919649b1b13c6f6f6f7aaa12b1c0578b26dfe3b2b741205d28752ac5"}) 0s ago: executing program 4 (id=32787): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) socket$inet6_tcp(0xa, 0x1, 0x0) r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000880)='./binderfs/binder1\x00', 0x800, 0x0) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000000)={0x4, 0x0, &(0x7f0000000380)=[@enter_looper], 0x29, 0x0, &(0x7f0000000540)="70d07134252032fdd3365ef96b919649b1b13c6f6f6f7aaa12b1c0578b26dfe3b2b741205d28752ac5"}) kernel console output (not intermixed with test programs): 834.156563][T27302] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 834.178758][T27302] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 834.190939][T27496] FAULT_INJECTION: forcing a failure. [ 834.190939][T27496] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 834.201517][T27302] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 834.206427][T27496] CPU: 0 UID: 0 PID: 27496 Comm: syz.4.25912 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 834.206460][T27496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 834.206472][T27496] Call Trace: [ 834.206479][T27496] [ 834.206487][T27496] __dump_stack+0x21/0x30 [ 834.206516][T27496] dump_stack_lvl+0x10c/0x190 [ 834.206538][T27496] ? __cfi_dump_stack_lvl+0x10/0x10 [ 834.206563][T27496] dump_stack+0x19/0x20 [ 834.206584][T27496] should_fail_ex+0x3d9/0x530 [ 834.206603][T27496] should_fail_alloc_page+0xeb/0x110 [ 834.206709][T27496] __alloc_pages_noprof+0x19b/0x7b0 [ 834.206732][T27496] ? __cfi___alloc_pages_noprof+0x10/0x10 [ 834.206755][T27496] ? kernel_text_address+0xa9/0xe0 [ 834.206777][T27496] ? __kernel_text_address+0x11/0x40 [ 834.206798][T27496] ? unwind_get_return_address+0x51/0x90 [ 834.206819][T27496] ? __cfi_stack_trace_consume_entry+0x10/0x10 [ 834.206847][T27496] pte_alloc_one+0x97/0x520 [ 834.206864][T27496] ? __cfi_pte_alloc_one+0x10/0x10 [ 834.206882][T27496] __pte_alloc+0x79/0x420 [ 834.206896][T27496] ? __cfi___pte_alloc+0x10/0x10 [ 834.206909][T27496] ? kernel_text_address+0xa9/0xe0 [ 834.206927][T27496] ? unwind_get_return_address+0x51/0x90 [ 834.206946][T27496] do_pte_missing+0x1f98/0x4240 [ 834.206969][T27496] ? stack_trace_save+0x9d/0xe0 [ 834.206991][T27496] ? pte_marker_clear+0x1b0/0x1b0 [ 834.207012][T27496] ? kasan_save_track+0x4f/0x80 [ 834.207041][T27496] ? kasan_save_track+0x3e/0x80 [ 834.207058][T27496] ? kasan_save_alloc_info+0x40/0x50 [ 834.207081][T27496] ? __kasan_slab_alloc+0x73/0x90 [ 834.207100][T27496] ? kmem_cache_alloc_noprof+0x1cb/0x430 [ 834.207117][T27496] ? security_inode_alloc+0x51/0x200 [ 834.207142][T27496] ? inode_init_always_gfp+0x756/0x9e0 [ 834.207161][T27496] ? alloc_inode+0xc5/0x270 [ 834.207180][T27496] ? new_inode+0x25/0x1e0 [ 834.207198][T27496] ? proc_pid_make_inode+0x25/0x140 [ 834.207217][T27496] ? proc_pident_instantiate+0x6d/0x2c0 [ 834.207235][T27496] ? proc_pident_lookup+0x1c7/0x270 [ 834.207254][T27496] ? proc_tid_base_lookup+0x2f/0x40 [ 834.207279][T27496] handle_mm_fault+0x1166/0x1b90 [ 834.207301][T27496] ? __cfi_handle_mm_fault+0x10/0x10 [ 834.207379][T27496] ? avc_has_perm+0x144/0x220 [ 834.207406][T27496] ? __cfi_find_vma+0x10/0x10 [ 834.207423][T27496] ? vma_is_secretmem+0x11/0x50 [ 834.207447][T27496] __get_user_pages+0x1169/0x22d0 [ 834.207472][T27496] ? populate_vma_page_range+0x230/0x230 [ 834.207494][T27496] ? kernel_text_address+0xa9/0xe0 [ 834.207515][T27496] __gup_longterm_locked+0xcb1/0x1580 [ 834.207539][T27496] ? __kasan_check_write+0x18/0x20 [ 834.207564][T27496] ? rwsem_read_trylock+0x2b1/0x660 [ 834.207586][T27496] ? _parse_integer_limit+0x195/0x1e0 [ 834.207613][T27496] pin_user_pages_remote+0x171/0x220 [ 834.207636][T27496] ? __cfi_pin_user_pages_remote+0x10/0x10 [ 834.207668][T27496] ? up_read+0x26/0x1d0 [ 834.207688][T27496] ? mm_access+0x18d/0x210 [ 834.207708][T27496] process_vm_rw+0x5d4/0xbb0 [ 834.207730][T27496] ? __ia32_sys_process_vm_writev+0x110/0x110 [ 834.207751][T27496] ? proc_fail_nth_write+0x17e/0x210 [ 834.207776][T27496] ? vfs_write+0x93e/0xf30 [ 834.207793][T27496] ? __kasan_check_write+0x18/0x20 [ 834.207819][T27496] ? __kasan_check_write+0x18/0x20 [ 834.207843][T27496] ? fput+0x1a5/0x240 [ 834.207865][T27496] ? __cfi_ksys_write+0x10/0x10 [ 834.207882][T27496] __x64_sys_process_vm_writev+0xeb/0x100 [ 834.207903][T27496] x64_sys_call+0x1ab/0x2ee0 [ 834.207928][T27496] do_syscall_64+0x58/0xf0 [ 834.207951][T27496] ? clear_bhb_loop+0x50/0xa0 [ 834.207972][T27496] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 834.207990][T27496] RIP: 0033:0x7fd97138f6c9 [ 834.208007][T27496] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 834.208035][T27496] RSP: 002b:00007fd972218038 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 834.208057][T27496] RAX: ffffffffffffffda RBX: 00007fd9715e5fa0 RCX: 00007fd97138f6c9 [ 834.208072][T27496] RDX: 0000000000000001 RSI: 0000200000000040 RDI: 0000000000000014 [ 834.208086][T27496] RBP: 00007fd972218090 R08: 0000000000000001 R09: 0000000000000000 [ 834.208098][T27496] R10: 0000200000121000 R11: 0000000000000246 R12: 0000000000000001 [ 834.208111][T27496] R13: 00007fd9715e6038 R14: 00007fd9715e5fa0 R15: 00007fff4f19b8c8 [ 834.208124][T27496] [ 834.252006][T27506] netlink: 'syz.3.25917': attribute type 1 has an invalid length. [ 834.313909][ T803] usb 2-1: 0:2 : does not exist [ 834.319547][T27510] veth0_virt_wifi: mtu less than device minimum [ 834.333832][ T803] usb 2-1: USB disconnect, device number 36 [ 834.353082][T27506] netlink: 'syz.3.25917': attribute type 3 has an invalid length. [ 834.391875][T26910] udevd[26910]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory [ 834.402421][T27506] netlink: 296 bytes leftover after parsing attributes in process `syz.3.25917'. [ 834.842288][T27524] overlayfs: failed to resolve './file0': -2 [ 834.892191][T27532] overlayfs: conflicting lowerdir path [ 834.921234][T27539] overlayfs: conflicting lowerdir path [ 834.997240][T27549] overlayfs: failed to resolve './file0': -2 [ 835.111493][T27577] overlayfs: failed to resolve './file0': -2 [ 835.158959][T27583] netlink: 48 bytes leftover after parsing attributes in process `syz.4.25949'. [ 835.198994][T27592] overlayfs: conflicting lowerdir path [ 835.226678][T27596] overlayfs: conflicting lowerdir path [ 835.274516][T27610] veth0_virt_wifi: mtu less than device minimum [ 835.306404][T27615] netlink: 48 bytes leftover after parsing attributes in process `syz.3.25964'. [ 835.368042][T27622] overlayfs: conflicting lowerdir path [ 835.388588][T27624] overlayfs: failed to resolve './file1': -2 [ 835.436329][T27630] veth0_virt_wifi: mtu less than device minimum [ 835.476525][T27632] netlink: 48 bytes leftover after parsing attributes in process `syz.3.25974'. [ 835.494460][T27635] overlayfs: failed to resolve './file1': -2 [ 835.573141][T27648] veth0_virt_wifi: mtu less than device minimum [ 835.661235][T27659] overlayfs: failed to resolve './file1': -2 [ 835.722702][T27668] overlayfs: failed to resolve './file1': -2 [ 835.955165][T27703] overlayfs: conflicting lowerdir path [ 836.126869][T27726] veth0_virt_wifi: mtu less than device minimum [ 836.167520][T27728] netlink: 48 bytes leftover after parsing attributes in process `syz.1.26002'. [ 836.201632][T27733] veth0_virt_wifi: mtu less than device minimum [ 836.263429][T27740] overlayfs: conflicting lowerdir path [ 836.399951][T27760] veth0_virt_wifi: mtu less than device minimum [ 836.630832][T27779] overlayfs: conflicting lowerdir path [ 836.700959][T27788] overlayfs: conflicting lowerdir path [ 836.870312][T27804] overlayfs: conflicting lowerdir path [ 837.177093][T27820] overlayfs: conflicting lowerdir path [ 837.566318][T27851] overlayfs: conflicting lowerdir path [ 837.598329][T27854] overlayfs: conflicting lowerdir path [ 837.649179][T27859] netlink: 48 bytes leftover after parsing attributes in process `syz.0.26082'. [ 837.887301][T27901] overlayfs: conflicting lowerdir path [ 837.942075][T27905] overlayfs: conflicting lowerdir path [ 838.005232][T27910] overlayfs: conflicting lowerdir path [ 838.297210][T27930] net_ratelimit: 2 callbacks suppressed [ 838.297231][T27930] veth0_virt_wifi: mtu less than device minimum [ 838.400460][T27937] netlink: 48 bytes leftover after parsing attributes in process `syz.0.26119'. [ 838.634804][T27959] overlayfs: conflicting lowerdir path [ 838.664732][T27961] overlayfs: conflicting lowerdir path [ 838.792398][T27975] overlayfs: conflicting lowerdir path [ 838.871445][T27983] overlayfs: conflicting lowerdir path [ 839.475714][T28010] overlayfs: conflicting lowerdir path [ 839.827187][T28043] overlayfs: conflicting lowerdir path [ 839.837127][T28049] overlayfs: conflicting lowerdir path [ 840.011017][T28074] overlayfs: conflicting lowerdir path [ 840.050673][T28078] overlayfs: conflicting lowerdir path [ 840.059310][T28076] overlayfs: conflicting lowerdir path [ 840.187725][T28097] overlayfs: conflicting lowerdir path [ 840.227185][T28101] overlayfs: conflicting lowerdir path [ 840.256037][T28105] overlayfs: conflicting lowerdir path [ 840.340933][T28121] overlayfs: conflicting lowerdir path [ 840.362957][T28123] overlayfs: conflicting lowerdir path [ 840.416374][T28129] overlayfs: conflicting lowerdir path [ 840.511928][T28144] netlink: 48 bytes leftover after parsing attributes in process `syz.4.26218'. [ 840.658626][T28156] veth0_virt_wifi: mtu less than device minimum [ 840.694257][T28159] overlayfs: conflicting lowerdir path [ 840.992849][T28178] veth0_virt_wifi: mtu less than device minimum [ 842.029055][T28219] netlink: 48 bytes leftover after parsing attributes in process `syz.4.26248'. [ 842.140723][T28225] netlink: 48 bytes leftover after parsing attributes in process `syz.4.26257'. [ 842.185966][T28231] veth0_virt_wifi: mtu less than device minimum [ 842.220405][T28234] overlayfs: conflicting lowerdir path [ 842.263695][T28238] netlink: 48 bytes leftover after parsing attributes in process `syz.3.26263'. [ 843.051987][T28304] overlayfs: conflicting lowerdir path [ 843.077628][T28306] veth0_virt_wifi: mtu less than device minimum [ 843.162184][T28314] overlayfs: conflicting lowerdir path [ 843.637576][T28327] bridge0: port 1(bridge_slave_0) entered blocking state [ 843.648618][T28327] bridge0: port 1(bridge_slave_0) entered disabled state [ 843.663492][T28327] bridge_slave_0: entered allmulticast mode [ 843.671965][T28327] bridge_slave_0: entered promiscuous mode [ 843.679644][T28327] bridge0: port 2(bridge_slave_1) entered blocking state [ 843.721669][T28327] bridge0: port 2(bridge_slave_1) entered disabled state [ 843.759044][T28327] bridge_slave_1: entered allmulticast mode [ 843.767853][T28327] bridge_slave_1: entered promiscuous mode [ 843.949380][ T293] bridge_slave_1: left allmulticast mode [ 843.956243][ T293] bridge_slave_1: left promiscuous mode [ 843.965989][ T293] bridge0: port 2(bridge_slave_1) entered disabled state [ 843.989381][ T293] bridge_slave_0: left allmulticast mode [ 843.997084][ T293] bridge_slave_0: left promiscuous mode [ 844.019005][ T293] bridge0: port 1(bridge_slave_0) entered disabled state [ 844.088220][T28338] overlayfs: conflicting lowerdir path [ 844.146006][T28327] bridge0: port 2(bridge_slave_1) entered blocking state [ 844.157323][T28327] bridge0: port 2(bridge_slave_1) entered forwarding state [ 844.165889][T28327] bridge0: port 1(bridge_slave_0) entered blocking state [ 844.175512][T28327] bridge0: port 1(bridge_slave_0) entered forwarding state [ 844.185503][T28344] overlayfs: conflicting lowerdir path [ 844.218164][ T293] veth1_macvtap: left promiscuous mode [ 844.230221][ T293] veth0_vlan: left promiscuous mode [ 844.247113][T28348] overlayfs: conflicting lowerdir path [ 844.311642][T28346] veth0_virt_wifi: mtu less than device minimum [ 844.366508][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 844.390620][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 844.418530][T30061] bridge0: port 1(bridge_slave_0) entered blocking state [ 844.421420][T28365] overlayfs: conflicting lowerdir path [ 844.426939][T30061] bridge0: port 1(bridge_slave_0) entered forwarding state [ 844.462733][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 844.470650][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 844.521268][T28327] veth0_vlan: entered promiscuous mode [ 844.537839][T28327] veth1_macvtap: entered promiscuous mode [ 844.651772][T28381] veth0_virt_wifi: mtu less than device minimum [ 844.722412][T28387] overlayfs: conflicting lowerdir path [ 845.255596][T28401] overlayfs: conflicting lowerdir path [ 845.320596][T28403] netlink: 48 bytes leftover after parsing attributes in process `syz.1.26337'. [ 845.444147][T28409] overlayfs: conflicting lowerdir path [ 845.610422][T28422] overlayfs: conflicting lowerdir path [ 845.750389][T28432] overlayfs: conflicting lowerdir path [ 845.789620][T28436] veth0_virt_wifi: mtu less than device minimum [ 845.869520][T28448] overlayfs: conflicting lowerdir path [ 845.940304][T28458] overlayfs: conflicting lowerdir path [ 845.955554][T28460] veth0_virt_wifi: mtu less than device minimum [ 846.050018][T28470] overlayfs: conflicting lowerdir path [ 846.143373][T28483] veth0_virt_wifi: mtu less than device minimum [ 846.174111][T28486] overlayfs: conflicting lowerdir path [ 846.256676][T28496] overlayfs: conflicting lowerdir path [ 847.020442][T28526] netlink: 48 bytes leftover after parsing attributes in process `syz.3.26394'. [ 847.196381][T28534] netlink: 48 bytes leftover after parsing attributes in process `syz.3.26399'. [ 847.394609][T28542] overlayfs: conflicting lowerdir path [ 847.466502][T28545] netlink: 48 bytes leftover after parsing attributes in process `syz.3.26405'. [ 847.581253][T28544] bridge0: port 1(bridge_slave_0) entered blocking state [ 847.613954][T28544] bridge0: port 1(bridge_slave_0) entered disabled state [ 847.624481][T28544] bridge_slave_0: entered allmulticast mode [ 847.634767][T28544] bridge_slave_0: entered promiscuous mode [ 847.642750][T28544] bridge0: port 2(bridge_slave_1) entered blocking state [ 847.653166][T28544] bridge0: port 2(bridge_slave_1) entered disabled state [ 847.664683][T28544] bridge_slave_1: entered allmulticast mode [ 847.679400][T28544] bridge_slave_1: entered promiscuous mode [ 847.839101][ T46] bridge_slave_1: left allmulticast mode [ 847.846262][ T46] bridge_slave_1: left promiscuous mode [ 847.869015][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 847.909119][ T46] bridge_slave_0: left allmulticast mode [ 847.915548][ T46] bridge_slave_0: left promiscuous mode [ 847.949061][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 848.076581][ T46] veth1_macvtap: left promiscuous mode [ 848.089264][ T46] veth0_vlan: left promiscuous mode [ 848.239583][T28544] bridge0: port 2(bridge_slave_1) entered blocking state [ 848.248232][T28544] bridge0: port 2(bridge_slave_1) entered forwarding state [ 848.256769][T28544] bridge0: port 1(bridge_slave_0) entered blocking state [ 848.264223][T28544] bridge0: port 1(bridge_slave_0) entered forwarding state [ 848.399999][ T293] bridge0: port 1(bridge_slave_0) entered disabled state [ 848.429166][ T293] bridge0: port 2(bridge_slave_1) entered disabled state [ 848.455897][T28371] bridge0: port 1(bridge_slave_0) entered blocking state [ 848.463642][T28371] bridge0: port 1(bridge_slave_0) entered forwarding state [ 848.531378][T28371] bridge0: port 2(bridge_slave_1) entered blocking state [ 848.540657][T28371] bridge0: port 2(bridge_slave_1) entered forwarding state [ 848.617589][T28544] veth0_vlan: entered promiscuous mode [ 848.653265][T28572] overlayfs: conflicting lowerdir path [ 848.660551][T28544] veth1_macvtap: entered promiscuous mode [ 848.703621][T28578] netlink: 48 bytes leftover after parsing attributes in process `syz.4.26416'. [ 848.769217][T28583] netlink: 48 bytes leftover after parsing attributes in process `syz.1.26418'. [ 848.796034][T28588] overlayfs: conflicting lowerdir path [ 848.833742][T28592] overlayfs: conflicting lowerdir path [ 848.949400][T28612] overlayfs: conflicting lowerdir path [ 848.990201][T28616] overlayfs: conflicting lowerdir path [ 849.043680][T28620] veth0_virt_wifi: mtu less than device minimum [ 849.100174][T28624] veth0_virt_wifi: mtu less than device minimum [ 849.132624][T28626] overlayfs: conflicting lowerdir path [ 849.389219][T28649] overlayfs: conflicting lowerdir path [ 849.441704][T28651] veth0_virt_wifi: mtu less than device minimum [ 849.557425][T28659] veth0_virt_wifi: mtu less than device minimum [ 849.716469][T28665] overlayfs: conflicting lowerdir path [ 849.763354][T28667] overlayfs: conflicting lowerdir path [ 850.135730][T28698] overlayfs: missing 'lowerdir' [ 850.210255][T28704] overlayfs: conflicting lowerdir path [ 850.220842][T28706] veth0_virt_wifi: mtu less than device minimum [ 850.421610][T28723] overlayfs: missing 'lowerdir' [ 850.470710][T28725] netlink: 48 bytes leftover after parsing attributes in process `syz.0.26486'. [ 850.520482][T28727] overlayfs: conflicting lowerdir path [ 850.539643][T28729] veth0_virt_wifi: mtu less than device minimum [ 850.645222][T28738] netlink: 48 bytes leftover after parsing attributes in process `syz.1.26487'. [ 850.719992][T28744] overlayfs: missing 'lowerdir' [ 850.822757][T28752] overlayfs: conflicting lowerdir path [ 850.950954][T28761] netlink: 48 bytes leftover after parsing attributes in process `syz.4.26503'. [ 851.020851][T28765] veth0_virt_wifi: mtu less than device minimum [ 851.121204][T28773] overlayfs: conflicting lowerdir path [ 851.140769][T28775] veth0_virt_wifi: mtu less than device minimum [ 851.199269][T28778] netlink: 48 bytes leftover after parsing attributes in process `syz.4.26513'. [ 851.212763][T28781] overlayfs: missing 'lowerdir' [ 851.260364][T28785] veth0_virt_wifi: mtu less than device minimum [ 851.511709][T28822] netlink: 48 bytes leftover after parsing attributes in process `syz.1.26533'. [ 852.082069][T28849] netlink: 48 bytes leftover after parsing attributes in process `syz.4.26546'. [ 852.208959][T28855] overlayfs: conflicting lowerdir path [ 852.840079][T28888] veth0_virt_wifi: mtu less than device minimum [ 853.491701][T28904] overlayfs: conflicting lowerdir path [ 853.785667][T28909] bridge0: port 1(bridge_slave_0) entered blocking state [ 853.808935][T28909] bridge0: port 1(bridge_slave_0) entered disabled state [ 853.816698][T28909] bridge_slave_0: entered allmulticast mode [ 853.823670][T28909] bridge_slave_0: entered promiscuous mode [ 853.831569][T28909] bridge0: port 2(bridge_slave_1) entered blocking state [ 853.840429][T28909] bridge0: port 2(bridge_slave_1) entered disabled state [ 853.849262][T28909] bridge_slave_1: entered allmulticast mode [ 853.856313][T28909] bridge_slave_1: entered promiscuous mode [ 853.972832][T28371] bridge_slave_1: left allmulticast mode [ 853.979138][T28371] bridge_slave_1: left promiscuous mode [ 853.992069][T28927] overlayfs: conflicting lowerdir path [ 853.995199][T28371] bridge0: port 2(bridge_slave_1) entered disabled state [ 854.012387][T28371] bridge_slave_0: left allmulticast mode [ 854.020133][T28371] bridge_slave_0: left promiscuous mode [ 854.026595][T28371] bridge0: port 1(bridge_slave_0) entered disabled state [ 854.117992][T28949] overlayfs: missing 'lowerdir' [ 854.143719][T28954] overlayfs: conflicting lowerdir path [ 854.163635][T28944] veth0_virt_wifi: mtu less than device minimum [ 854.194660][T28909] bridge0: port 2(bridge_slave_1) entered blocking state [ 854.203912][T28909] bridge0: port 2(bridge_slave_1) entered forwarding state [ 854.211487][T28909] bridge0: port 1(bridge_slave_0) entered blocking state [ 854.219180][T28909] bridge0: port 1(bridge_slave_0) entered forwarding state [ 854.246520][T28371] veth1_macvtap: left promiscuous mode [ 854.250178][T28975] overlayfs: missing 'lowerdir' [ 854.256202][T28371] veth0_vlan: left promiscuous mode [ 854.303507][T28980] overlayfs: conflicting lowerdir path [ 854.380648][T28984] veth0_virt_wifi: mtu less than device minimum [ 854.425323][ T293] bridge0: port 1(bridge_slave_0) entered disabled state [ 854.435287][ T293] bridge0: port 2(bridge_slave_1) entered disabled state [ 854.460402][ T293] bridge0: port 1(bridge_slave_0) entered blocking state [ 854.470259][ T293] bridge0: port 1(bridge_slave_0) entered forwarding state [ 854.489929][T28999] overlayfs: missing 'lowerdir' [ 854.493496][T29006] overlayfs: conflicting lowerdir path [ 854.509342][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 854.518314][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 854.570471][T28909] veth0_vlan: entered promiscuous mode [ 854.590260][T28909] veth1_macvtap: entered promiscuous mode [ 854.664559][T29018] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 854.679356][T29018] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 854.730272][T29024] overlayfs: missing 'lowerdir' [ 854.781477][T29028] overlayfs: conflicting lowerdir path [ 854.890198][T29044] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 854.904280][T29044] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 854.921506][T29046] veth0_virt_wifi: mtu less than device minimum [ 854.979538][T29050] overlayfs: missing 'lowerdir' [ 854.989841][T29052] veth0_virt_wifi: mtu less than device minimum [ 855.092183][T29064] veth0_virt_wifi: mtu less than device minimum [ 855.122100][T29066] veth0_virt_wifi: mtu less than device minimum [ 855.181811][T29074] overlayfs: missing 'lowerdir' [ 855.212369][T29076] veth0_virt_wifi: mtu less than device minimum [ 855.287868][T29088] overlayfs: conflicting lowerdir path [ 855.344840][T29092] overlayfs: conflicting lowerdir path [ 855.409663][T29096] overlayfs: missing 'lowerdir' [ 855.573754][T29109] overlayfs: conflicting lowerdir path [ 855.719335][T29122] veth0_virt_wifi: mtu less than device minimum [ 855.748291][T29124] overlayfs: missing 'lowerdir' [ 855.860880][T29130] veth0_virt_wifi: mtu less than device minimum [ 856.053050][T29141] veth0_virt_wifi: mtu less than device minimum [ 856.151396][T29149] overlayfs: conflicting lowerdir path [ 856.292159][T29165] veth0_virt_wifi: mtu less than device minimum [ 856.335199][T29170] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 856.345409][T29170] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 856.714752][T29203] overlayfs: conflicting lowerdir path [ 856.813908][T29212] overlayfs: missing 'workdir' [ 857.016923][T29227] overlayfs: conflicting lowerdir path [ 857.030843][T29229] veth0_virt_wifi: mtu less than device minimum [ 857.339678][T29252] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 857.365835][T29252] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 857.572908][T29277] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 857.599109][T29277] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 857.758070][T29305] overlayfs: missing 'lowerdir' [ 857.939256][T29327] overlayfs: missing 'lowerdir' [ 858.266465][T29371] overlayfs: missing 'lowerdir' [ 858.379204][T29380] overlayfs: missing 'lowerdir' [ 859.226226][T29476] overlayfs: missing 'lowerdir' [ 860.030873][T29517] overlayfs: missing 'lowerdir' [ 860.379379][T29535] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 860.408952][T29535] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 860.859646][T29550] overlayfs: missing 'workdir' [ 862.758721][T29619] net_ratelimit: 4 callbacks suppressed [ 862.758745][T29619] veth0_virt_wifi: mtu less than device minimum [ 863.167594][T29640] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 863.189353][T29640] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 864.287561][T29689] veth0_virt_wifi: mtu less than device minimum [ 865.346856][T29747] veth0_virt_wifi: mtu less than device minimum [ 865.368916][T29749] veth0_virt_wifi: mtu less than device minimum [ 865.492035][T29769] veth0_virt_wifi: mtu less than device minimum [ 865.516573][T29773] veth0_virt_wifi: mtu less than device minimum [ 866.207496][T29825] veth0_virt_wifi: mtu less than device minimum [ 866.253374][T29827] veth0_virt_wifi: mtu less than device minimum [ 867.711189][T29866] veth0_virt_wifi: mtu less than device minimum [ 869.882419][T29934] veth0_virt_wifi: mtu less than device minimum [ 870.009682][T29944] veth0_virt_wifi: mtu less than device minimum [ 870.507978][T29986] veth0_virt_wifi: mtu less than device minimum [ 870.694148][T30008] veth0_virt_wifi: mtu less than device minimum [ 870.832445][T30033] veth0_virt_wifi: mtu less than device minimum [ 871.161077][T30066] veth0_virt_wifi: mtu less than device minimum [ 871.529317][T30085] veth0_virt_wifi: mtu less than device minimum [ 871.831537][T30098] veth0_virt_wifi: mtu less than device minimum [ 873.169450][T30140] veth0_virt_wifi: mtu less than device minimum [ 874.790669][T30276] veth0_virt_wifi: mtu less than device minimum [ 875.118394][T30329] veth0_virt_wifi: mtu less than device minimum [ 875.547891][T30382] veth0_virt_wifi: mtu less than device minimum [ 875.721100][T30410] veth0_virt_wifi: mtu less than device minimum [ 875.942349][T30452] veth0_virt_wifi: mtu less than device minimum [ 875.975552][T30458] veth0_virt_wifi: mtu less than device minimum [ 876.196272][T30487] veth0_virt_wifi: mtu less than device minimum [ 878.571324][T30593] veth0_virt_wifi: mtu less than device minimum [ 879.239357][T30648] veth0_virt_wifi: mtu less than device minimum [ 879.649078][T30664] veth0_virt_wifi: mtu less than device minimum [ 879.981331][T30683] veth0_virt_wifi: mtu less than device minimum [ 884.371406][T31076] veth0_virt_wifi: mtu less than device minimum [ 899.240224][T31910] veth0_virt_wifi: mtu less than device minimum [ 899.488388][T31938] veth0_virt_wifi: mtu less than device minimum [ 901.507144][ T293] bridge_slave_1: left allmulticast mode [ 901.515059][ T293] bridge_slave_1: left promiscuous mode [ 901.536996][ T293] bridge0: port 2(bridge_slave_1) entered disabled state [ 901.555711][ T293] bridge_slave_0: left allmulticast mode [ 901.568001][ T293] bridge_slave_0: left promiscuous mode [ 901.584954][ T293] bridge0: port 1(bridge_slave_0) entered disabled state [ 901.751071][ T293] veth1_macvtap: left promiscuous mode [ 901.757896][ T293] veth0_vlan: left promiscuous mode [ 901.939688][T32234] bridge0: port 1(bridge_slave_0) entered blocking state [ 901.956908][T32234] bridge0: port 1(bridge_slave_0) entered disabled state [ 901.985046][T32234] bridge_slave_0: entered allmulticast mode [ 902.000022][T32234] bridge_slave_0: entered promiscuous mode [ 902.010923][T32234] bridge0: port 2(bridge_slave_1) entered blocking state [ 902.019774][T32234] bridge0: port 2(bridge_slave_1) entered disabled state [ 902.029654][T32234] bridge_slave_1: entered allmulticast mode [ 902.044611][T32234] bridge_slave_1: entered promiscuous mode [ 902.198980][T32234] bridge0: port 2(bridge_slave_1) entered blocking state [ 902.208207][T32234] bridge0: port 2(bridge_slave_1) entered forwarding state [ 902.217259][T32234] bridge0: port 1(bridge_slave_0) entered blocking state [ 902.226959][T32234] bridge0: port 1(bridge_slave_0) entered forwarding state [ 902.321641][ T293] bridge0: port 1(bridge_slave_0) entered disabled state [ 902.331780][ T293] bridge0: port 2(bridge_slave_1) entered disabled state [ 902.349594][T28371] bridge0: port 1(bridge_slave_0) entered blocking state [ 902.358063][T28371] bridge0: port 1(bridge_slave_0) entered forwarding state [ 902.403176][T28371] bridge0: port 2(bridge_slave_1) entered blocking state [ 902.412497][T28371] bridge0: port 2(bridge_slave_1) entered forwarding state [ 902.495076][T32234] veth0_vlan: entered promiscuous mode [ 902.531894][T32234] veth1_macvtap: entered promiscuous mode [ 916.160175][T28371] bridge_slave_1: left allmulticast mode [ 916.178908][T28371] bridge_slave_1: left promiscuous mode [ 916.186752][T28371] bridge0: port 2(bridge_slave_1) entered disabled state [ 916.219161][T28371] bridge_slave_0: left allmulticast mode [ 916.227281][T28371] bridge_slave_0: left promiscuous mode [ 916.269090][T28371] bridge0: port 1(bridge_slave_0) entered disabled state [ 916.409200][T28371] veth1_macvtap: left promiscuous mode [ 916.426633][T28371] veth0_vlan: left promiscuous mode [ 916.709669][ T584] bridge0: port 1(bridge_slave_0) entered blocking state [ 916.720033][ T584] bridge0: port 1(bridge_slave_0) entered disabled state [ 916.728624][ T584] bridge_slave_0: entered allmulticast mode [ 916.759829][ T584] bridge_slave_0: entered promiscuous mode [ 916.772987][ T584] bridge0: port 2(bridge_slave_1) entered blocking state [ 916.803192][ T584] bridge0: port 2(bridge_slave_1) entered disabled state [ 916.839036][ T584] bridge_slave_1: entered allmulticast mode [ 916.846703][ T584] bridge_slave_1: entered promiscuous mode [ 917.037870][ T584] bridge0: port 2(bridge_slave_1) entered blocking state [ 917.047510][ T584] bridge0: port 2(bridge_slave_1) entered forwarding state [ 917.055597][ T584] bridge0: port 1(bridge_slave_0) entered blocking state [ 917.065775][ T584] bridge0: port 1(bridge_slave_0) entered forwarding state [ 917.106313][T28371] bridge0: port 1(bridge_slave_0) entered disabled state [ 917.116220][T28371] bridge0: port 2(bridge_slave_1) entered disabled state [ 917.138247][T28371] bridge0: port 1(bridge_slave_0) entered blocking state [ 917.146703][T28371] bridge0: port 1(bridge_slave_0) entered forwarding state [ 917.185339][T28371] bridge0: port 2(bridge_slave_1) entered blocking state [ 917.194481][T28371] bridge0: port 2(bridge_slave_1) entered forwarding state [ 917.268625][ T584] veth0_vlan: entered promiscuous mode [ 917.308227][ T584] veth1_macvtap: entered promiscuous mode [ 921.559225][ T293] bridge_slave_1: left allmulticast mode [ 921.566307][ T293] bridge_slave_1: left promiscuous mode [ 921.578981][ T293] bridge0: port 2(bridge_slave_1) entered disabled state [ 921.599831][ T293] bridge_slave_0: left allmulticast mode [ 921.606064][ T293] bridge_slave_0: left promiscuous mode [ 921.628976][ T293] bridge0: port 1(bridge_slave_0) entered disabled state [ 921.824383][ T293] veth1_macvtap: left promiscuous mode [ 921.844237][ T293] veth0_vlan: left promiscuous mode [ 922.009851][ T826] bridge0: port 1(bridge_slave_0) entered blocking state [ 922.026468][ T826] bridge0: port 1(bridge_slave_0) entered disabled state [ 922.035915][ T826] bridge_slave_0: entered allmulticast mode [ 922.048255][ T826] bridge_slave_0: entered promiscuous mode [ 922.056774][ T826] bridge0: port 2(bridge_slave_1) entered blocking state [ 922.068125][ T826] bridge0: port 2(bridge_slave_1) entered disabled state [ 922.076484][ T826] bridge_slave_1: entered allmulticast mode [ 922.085547][ T826] bridge_slave_1: entered promiscuous mode [ 922.240021][ T826] bridge0: port 2(bridge_slave_1) entered blocking state [ 922.248887][ T826] bridge0: port 2(bridge_slave_1) entered forwarding state [ 922.257510][ T826] bridge0: port 1(bridge_slave_0) entered blocking state [ 922.267591][ T826] bridge0: port 1(bridge_slave_0) entered forwarding state [ 922.317836][ T293] bridge0: port 1(bridge_slave_0) entered disabled state [ 922.327931][ T293] bridge0: port 2(bridge_slave_1) entered disabled state [ 922.352097][ T293] bridge0: port 1(bridge_slave_0) entered blocking state [ 922.362288][ T293] bridge0: port 1(bridge_slave_0) entered forwarding state [ 922.377462][ T293] bridge0: port 2(bridge_slave_1) entered blocking state [ 922.385836][ T293] bridge0: port 2(bridge_slave_1) entered forwarding state [ 922.419337][ T826] veth0_vlan: entered promiscuous mode [ 922.440698][ T826] veth1_macvtap: entered promiscuous mode [ 934.440347][ T293] bridge_slave_1: left allmulticast mode [ 934.447090][ T293] bridge_slave_1: left promiscuous mode [ 934.467458][ T293] bridge0: port 2(bridge_slave_1) entered disabled state [ 934.488341][ T293] bridge_slave_0: left allmulticast mode [ 934.508892][ T293] bridge_slave_0: left promiscuous mode [ 934.519459][ T293] bridge0: port 1(bridge_slave_0) entered disabled state [ 934.659666][ T293] veth1_macvtap: left promiscuous mode [ 934.680179][ T293] veth0_vlan: left promiscuous mode [ 934.832651][ T1695] bridge0: port 1(bridge_slave_0) entered blocking state [ 934.848949][ T1695] bridge0: port 1(bridge_slave_0) entered disabled state [ 934.878966][ T1695] bridge_slave_0: entered allmulticast mode [ 934.899266][ T1695] bridge_slave_0: entered promiscuous mode [ 934.907677][ T1695] bridge0: port 2(bridge_slave_1) entered blocking state [ 934.932195][ T1695] bridge0: port 2(bridge_slave_1) entered disabled state [ 934.948945][ T1695] bridge_slave_1: entered allmulticast mode [ 934.970181][ T1695] bridge_slave_1: entered promiscuous mode [ 935.136031][ T1695] bridge0: port 2(bridge_slave_1) entered blocking state [ 935.145230][ T1695] bridge0: port 2(bridge_slave_1) entered forwarding state [ 935.155331][ T1695] bridge0: port 1(bridge_slave_0) entered blocking state [ 935.163830][ T1695] bridge0: port 1(bridge_slave_0) entered forwarding state [ 935.264790][ T293] bridge0: port 1(bridge_slave_0) entered disabled state [ 935.273272][ T293] bridge0: port 2(bridge_slave_1) entered disabled state [ 935.309454][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 935.320537][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 935.369338][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 935.376868][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 935.465613][ T1695] veth0_vlan: entered promiscuous mode [ 935.507370][ T1695] veth1_macvtap: entered promiscuous mode [ 972.096260][ T4144] FAULT_INJECTION: forcing a failure. [ 972.096260][ T4144] name failslab, interval 1, probability 0, space 0, times 0 [ 972.128911][ T4144] CPU: 1 UID: 0 PID: 4144 Comm: syz.3.30356 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 972.128947][ T4144] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 972.128959][ T4144] Call Trace: [ 972.128966][ T4144] [ 972.128975][ T4144] __dump_stack+0x21/0x30 [ 972.129004][ T4144] dump_stack_lvl+0x10c/0x190 [ 972.129026][ T4144] ? __cfi_dump_stack_lvl+0x10/0x10 [ 972.129049][ T4144] ? __kasan_check_write+0x18/0x20 [ 972.129075][ T4144] ? proc_fail_nth_write+0x17e/0x210 [ 972.129097][ T4144] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 972.129120][ T4144] dump_stack+0x19/0x20 [ 972.129141][ T4144] should_fail_ex+0x3d9/0x530 [ 972.129159][ T4144] should_failslab+0xac/0x100 [ 972.129178][ T4144] kmem_cache_alloc_noprof+0x42/0x430 [ 972.129195][ T4144] ? getname_flags+0xc6/0x710 [ 972.129214][ T4144] getname_flags+0xc6/0x710 [ 972.129231][ T4144] ? build_open_flags+0x487/0x600 [ 972.129253][ T4144] getname+0x1b/0x30 [ 972.129270][ T4144] do_sys_openat2+0xcb/0x1c0 [ 972.129292][ T4144] ? fput+0x1a5/0x240 [ 972.129312][ T4144] ? do_sys_open+0x100/0x100 [ 972.129334][ T4144] ? ksys_write+0x1ef/0x250 [ 972.129351][ T4144] ? __cfi_ksys_write+0x10/0x10 [ 972.129368][ T4144] __x64_sys_openat+0x13a/0x170 [ 972.129392][ T4144] x64_sys_call+0xe69/0x2ee0 [ 972.129417][ T4144] do_syscall_64+0x58/0xf0 [ 972.129438][ T4144] ? clear_bhb_loop+0x50/0xa0 [ 972.129459][ T4144] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 972.129479][ T4144] RIP: 0033:0x7f903c38f6c9 [ 972.129495][ T4144] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 972.129512][ T4144] RSP: 002b:00007f903d25e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 972.129533][ T4144] RAX: ffffffffffffffda RBX: 00007f903c5e5fa0 RCX: 00007f903c38f6c9 [ 972.129552][ T4144] RDX: 0000000000000002 RSI: 0000200000000240 RDI: 0000000000000006 [ 972.129566][ T4144] RBP: 00007f903d25e090 R08: 0000000000000000 R09: 0000000000000000 [ 972.129579][ T4144] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 972.129592][ T4144] R13: 00007f903c5e6038 R14: 00007f903c5e5fa0 R15: 00007ffdc96bb158 [ 972.129609][ T4144] [ 976.778903][ T36] audit: type=1400 audit(1763400037.379:8985): avc: denied { connect } for pid=4526 comm="syz.0.30546" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 976.812290][ T36] audit: type=1400 audit(1763400037.419:8986): avc: denied { mount } for pid=4529 comm="syz.0.30547" name="/" dev="ramfs" ino=457366 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 976.974590][ T4562] FAULT_INJECTION: forcing a failure. [ 976.974590][ T4562] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 976.989809][ T4562] CPU: 1 UID: 0 PID: 4562 Comm: syz.1.30560 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 976.989843][ T4562] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 976.989855][ T4562] Call Trace: [ 976.989861][ T4562] [ 976.989869][ T4562] __dump_stack+0x21/0x30 [ 976.989899][ T4562] dump_stack_lvl+0x10c/0x190 [ 976.989922][ T4562] ? __cfi_dump_stack_lvl+0x10/0x10 [ 976.989946][ T4562] ? check_stack_object+0x12c/0x140 [ 976.989965][ T4562] dump_stack+0x19/0x20 [ 976.989987][ T4562] should_fail_ex+0x3d9/0x530 [ 976.990007][ T4562] should_fail+0xf/0x20 [ 976.990024][ T4562] should_fail_usercopy+0x1e/0x30 [ 976.990045][ T4562] _copy_to_user+0x24/0xa0 [ 976.990068][ T4562] simple_read_from_buffer+0xed/0x160 [ 976.990093][ T4562] proc_fail_nth_read+0x19e/0x210 [ 976.990117][ T4562] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 976.990142][ T4562] ? bpf_lsm_file_permission+0xd/0x20 [ 976.990166][ T4562] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 976.990189][ T4562] vfs_read+0x27d/0xc70 [ 976.990206][ T4562] ? __cfi_vfs_read+0x10/0x10 [ 976.990223][ T4562] ? __kasan_check_write+0x18/0x20 [ 976.990260][ T4562] ? mutex_lock+0x92/0x1c0 [ 976.990277][ T4562] ? __cfi_mutex_lock+0x10/0x10 [ 976.990294][ T4562] ? __fget_files+0x2c5/0x340 [ 976.990315][ T4562] ksys_read+0x141/0x250 [ 976.990332][ T4562] ? __cfi_ksys_read+0x10/0x10 [ 976.990350][ T4562] ? __kasan_check_read+0x15/0x20 [ 976.990375][ T4562] __x64_sys_read+0x7f/0x90 [ 976.990388][ T4562] x64_sys_call+0x2638/0x2ee0 [ 976.990409][ T4562] do_syscall_64+0x58/0xf0 [ 976.990434][ T4562] ? clear_bhb_loop+0x50/0xa0 [ 976.990454][ T4562] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 976.990474][ T4562] RIP: 0033:0x7f18cf18e0dc [ 976.990491][ T4562] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 976.990508][ T4562] RSP: 002b:00007f18d00c6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 976.990531][ T4562] RAX: ffffffffffffffda RBX: 00007f18cf3e5fa0 RCX: 00007f18cf18e0dc [ 976.990546][ T4562] RDX: 000000000000000f RSI: 00007f18d00c60a0 RDI: 0000000000000008 [ 976.990559][ T4562] RBP: 00007f18d00c6090 R08: 0000000000000000 R09: 0000000000000000 [ 976.990573][ T4562] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 976.990586][ T4562] R13: 00007f18cf3e6038 R14: 00007f18cf3e5fa0 R15: 00007ffc02d49448 [ 976.990603][ T4562] [ 977.336655][ T4583] FAULT_INJECTION: forcing a failure. [ 977.336655][ T4583] name failslab, interval 1, probability 0, space 0, times 0 [ 977.357235][ T4583] CPU: 1 UID: 0 PID: 4583 Comm: syz.3.30571 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 977.357268][ T4583] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 977.357280][ T4583] Call Trace: [ 977.357286][ T4583] [ 977.357295][ T4583] __dump_stack+0x21/0x30 [ 977.357323][ T4583] dump_stack_lvl+0x10c/0x190 [ 977.357344][ T4583] ? __cfi_dump_stack_lvl+0x10/0x10 [ 977.357365][ T4583] ? handle_mm_fault+0x169b/0x1b90 [ 977.357384][ T4583] dump_stack+0x19/0x20 [ 977.357404][ T4583] should_fail_ex+0x3d9/0x530 [ 977.357423][ T4583] should_failslab+0xac/0x100 [ 977.357443][ T4583] kmem_cache_alloc_noprof+0x42/0x430 [ 977.357460][ T4583] ? lock_vma_under_rcu+0x49d/0x540 [ 977.357478][ T4583] ? getname_flags+0xc6/0x710 [ 977.357497][ T4583] getname_flags+0xc6/0x710 [ 977.357514][ T4583] ? build_open_flags+0x487/0x600 [ 977.357538][ T4583] getname+0x1b/0x30 [ 977.357555][ T4583] do_sys_openat2+0xcb/0x1c0 [ 977.357591][ T4583] ? do_sys_open+0x100/0x100 [ 977.357617][ T4583] ? __kasan_check_write+0x18/0x20 [ 977.357643][ T4583] ? do_user_addr_fault+0xbc4/0x1200 [ 977.357667][ T4583] ? __cfi_ksys_write+0x10/0x10 [ 977.357683][ T4583] __x64_sys_openat+0x13a/0x170 [ 977.357704][ T4583] x64_sys_call+0xe69/0x2ee0 [ 977.357727][ T4583] do_syscall_64+0x58/0xf0 [ 977.357747][ T4583] ? clear_bhb_loop+0x50/0xa0 [ 977.357766][ T4583] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 977.357785][ T4583] RIP: 0033:0x7f903c38df10 [ 977.357801][ T4583] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 69 95 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 bc 95 02 00 8b 44 [ 977.357818][ T4583] RSP: 002b:00007f903d25db70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 977.357839][ T4583] RAX: ffffffffffffffda RBX: 0000000000000402 RCX: 00007f903c38df10 [ 977.357853][ T4583] RDX: 0000000000000402 RSI: 00007f903d25dc10 RDI: 00000000ffffff9c [ 977.357866][ T4583] RBP: 00007f903d25dc10 R08: 0000000000000000 R09: 0000000000000000 [ 977.357879][ T4583] R10: 0000000000000000 R11: 0000000000000293 R12: cccccccccccccccd [ 977.357892][ T4583] R13: 00007f903c5e6038 R14: 00007f903c5e5fa0 R15: 00007ffdc96bb158 [ 977.357909][ T4583] [ 977.672690][ T4604] bridge0: port 1(bridge_slave_0) entered blocking state [ 977.679998][ T4604] bridge0: port 1(bridge_slave_0) entered disabled state [ 977.687433][ T4604] bridge_slave_0: entered allmulticast mode [ 977.694095][ T4604] bridge_slave_0: entered promiscuous mode [ 977.700881][ T4604] bridge0: port 2(bridge_slave_1) entered blocking state [ 977.708024][ T4604] bridge0: port 2(bridge_slave_1) entered disabled state [ 977.715412][ T4604] bridge_slave_1: entered allmulticast mode [ 977.721894][ T4604] bridge_slave_1: entered promiscuous mode [ 977.789869][T28371] bridge_slave_1: left allmulticast mode [ 977.802602][T28371] bridge_slave_1: left promiscuous mode [ 977.813462][T28371] bridge0: port 2(bridge_slave_1) entered disabled state [ 977.821944][T28371] bridge_slave_0: left allmulticast mode [ 977.829396][T28371] bridge_slave_0: left promiscuous mode [ 977.837006][T28371] bridge0: port 1(bridge_slave_0) entered disabled state [ 977.960284][T28371] veth1_macvtap: left promiscuous mode [ 977.966221][T28371] veth0_vlan: left promiscuous mode [ 978.150049][ T4604] bridge0: port 2(bridge_slave_1) entered blocking state [ 978.153591][ T4657] FAULT_INJECTION: forcing a failure. [ 978.153591][ T4657] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 978.157534][ T4604] bridge0: port 2(bridge_slave_1) entered forwarding state [ 978.178966][ T4604] bridge0: port 1(bridge_slave_0) entered blocking state [ 978.186470][ T4604] bridge0: port 1(bridge_slave_0) entered forwarding state [ 978.189178][ T4657] CPU: 0 UID: 0 PID: 4657 Comm: syz.1.30603 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 978.189220][ T4657] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 978.189232][ T4657] Call Trace: [ 978.189239][ T4657] [ 978.189247][ T4657] __dump_stack+0x21/0x30 [ 978.189276][ T4657] dump_stack_lvl+0x10c/0x190 [ 978.189299][ T4657] ? __cfi_dump_stack_lvl+0x10/0x10 [ 978.189321][ T4657] ? check_stack_object+0x12c/0x140 [ 978.189339][ T4657] dump_stack+0x19/0x20 [ 978.189360][ T4657] should_fail_ex+0x3d9/0x530 [ 978.189380][ T4657] should_fail+0xf/0x20 [ 978.189399][ T4657] should_fail_usercopy+0x1e/0x30 [ 978.189418][ T4657] _copy_to_user+0x24/0xa0 [ 978.189439][ T4657] simple_read_from_buffer+0xed/0x160 [ 978.189462][ T4657] proc_fail_nth_read+0x19e/0x210 [ 978.189485][ T4657] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 978.189507][ T4657] ? bpf_lsm_file_permission+0xd/0x20 [ 978.189530][ T4657] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 978.189553][ T4657] vfs_read+0x27d/0xc70 [ 978.189570][ T4657] ? __cfi_vfs_read+0x10/0x10 [ 978.189590][ T4657] ? __kasan_check_write+0x18/0x20 [ 978.189614][ T4657] ? mutex_lock+0x92/0x1c0 [ 978.189631][ T4657] ? __cfi_mutex_lock+0x10/0x10 [ 978.189647][ T4657] ? __fget_files+0x2c5/0x340 [ 978.189667][ T4657] ksys_read+0x141/0x250 [ 978.189684][ T4657] ? __cfi_ksys_read+0x10/0x10 [ 978.189700][ T4657] ? __kasan_check_read+0x15/0x20 [ 978.189724][ T4657] __x64_sys_read+0x7f/0x90 [ 978.189741][ T4657] x64_sys_call+0x2638/0x2ee0 [ 978.189765][ T4657] do_syscall_64+0x58/0xf0 [ 978.189786][ T4657] ? clear_bhb_loop+0x50/0xa0 [ 978.189806][ T4657] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 978.189824][ T4657] RIP: 0033:0x7f18cf18e0dc [ 978.189841][ T4657] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 978.189856][ T4657] RSP: 002b:00007f18d00c6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 978.189877][ T4657] RAX: ffffffffffffffda RBX: 00007f18cf3e5fa0 RCX: 00007f18cf18e0dc [ 978.189891][ T4657] RDX: 000000000000000f RSI: 00007f18d00c60a0 RDI: 0000000000000007 [ 978.189903][ T4657] RBP: 00007f18d00c6090 R08: 0000000000000000 R09: 0000000000000000 [ 978.189915][ T4657] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 978.189926][ T4657] R13: 00007f18cf3e6038 R14: 00007f18cf3e5fa0 R15: 00007ffc02d49448 [ 978.189942][ T4657] [ 978.477119][ T293] bridge0: port 1(bridge_slave_0) entered disabled state [ 978.489592][ T293] bridge0: port 2(bridge_slave_1) entered disabled state [ 978.507532][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 978.515113][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 978.543917][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 978.552032][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 978.563510][ T36] audit: type=1400 audit(1763400039.149:8987): avc: denied { ioctl } for pid=4685 comm="syz.1.30615" path="/dev/fuse" dev="devtmpfs" ino=23 ioctlcmd=0xe500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 978.563978][ T4688] FAULT_INJECTION: forcing a failure. [ 978.563978][ T4688] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 978.592414][ T36] audit: type=1400 audit(1763400039.149:8988): avc: denied { setattr } for pid=4685 comm="syz.1.30615" name="fuse" dev="devtmpfs" ino=23 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 978.634606][ T4688] CPU: 1 UID: 0 PID: 4688 Comm: syz.0.30616 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 978.634641][ T4688] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 978.634653][ T4688] Call Trace: [ 978.634660][ T4688] [ 978.634667][ T4688] __dump_stack+0x21/0x30 [ 978.634696][ T4688] dump_stack_lvl+0x10c/0x190 [ 978.634718][ T4688] ? __cfi_dump_stack_lvl+0x10/0x10 [ 978.634742][ T4688] ? kstrtoull+0x13b/0x1e0 [ 978.634759][ T4688] dump_stack+0x19/0x20 [ 978.634780][ T4688] should_fail_ex+0x3d9/0x530 [ 978.634799][ T4688] should_fail+0xf/0x20 [ 978.634815][ T4688] should_fail_usercopy+0x1e/0x30 [ 978.634833][ T4688] _copy_from_user+0x22/0xb0 [ 978.634853][ T4688] ___sys_sendmsg+0x159/0x2a0 [ 978.634879][ T4688] ? __sys_sendmsg+0x280/0x280 [ 978.634905][ T4688] ? proc_fail_nth_write+0x17e/0x210 [ 978.634929][ T4688] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 978.634982][ T4688] __x64_sys_sendmsg+0x1eb/0x2c0 [ 978.635007][ T4688] ? fput+0x1a5/0x240 [ 978.635029][ T4688] ? __cfi___x64_sys_sendmsg+0x10/0x10 [ 978.635055][ T4688] ? ksys_write+0x1ef/0x250 [ 978.635074][ T4688] ? __kasan_check_read+0x15/0x20 [ 978.635102][ T4688] x64_sys_call+0x2a4c/0x2ee0 [ 978.635127][ T4688] do_syscall_64+0x58/0xf0 [ 978.635151][ T4688] ? clear_bhb_loop+0x50/0xa0 [ 978.635172][ T4688] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 978.635193][ T4688] RIP: 0033:0x7fa88978f6c9 [ 978.635211][ T4688] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 978.635228][ T4688] RSP: 002b:00007fa88a6f0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 978.635250][ T4688] RAX: ffffffffffffffda RBX: 00007fa8899e5fa0 RCX: 00007fa88978f6c9 [ 978.635263][ T4688] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000007 [ 978.635275][ T4688] RBP: 00007fa88a6f0090 R08: 0000000000000000 R09: 0000000000000000 [ 978.635298][ T4688] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 978.635311][ T4688] R13: 00007fa8899e6038 R14: 00007fa8899e5fa0 R15: 00007ffcc6cec818 [ 978.635328][ T4688] [ 978.774156][ T36] audit: type=1400 audit(1763400039.169:8989): avc: denied { unmount } for pid=1695 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 978.808503][ T4604] veth0_vlan: entered promiscuous mode [ 978.888892][ T36] audit: type=1400 audit(1763400039.389:8990): avc: denied { mounton } for pid=4705 comm="syz.3.30625" path="/414/file0" dev="pstore" ino=1358 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:pstore_t tclass=dir permissive=1 [ 978.968604][ T4714] 9pnet_fd: Insufficient options for proto=fd [ 978.969779][ T4604] veth1_macvtap: entered promiscuous mode [ 979.004214][ T4714] rust_binder: Read failure Err(EAGAIN) in pid:867 [ 979.036339][ T4727] FAULT_INJECTION: forcing a failure. [ 979.036339][ T4727] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 979.071331][ T4727] CPU: 0 UID: 0 PID: 4727 Comm: syz.4.30581 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 979.071367][ T4727] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 979.071380][ T4727] Call Trace: [ 979.071386][ T4727] [ 979.071395][ T4727] __dump_stack+0x21/0x30 [ 979.071423][ T4727] dump_stack_lvl+0x10c/0x190 [ 979.071444][ T4727] ? __cfi_dump_stack_lvl+0x10/0x10 [ 979.071467][ T4727] dump_stack+0x19/0x20 [ 979.071488][ T4727] should_fail_ex+0x3d9/0x530 [ 979.071504][ T4727] should_fail+0xf/0x20 [ 979.071519][ T4727] should_fail_usercopy+0x1e/0x30 [ 979.071539][ T4727] _copy_from_user+0x22/0xb0 [ 979.071559][ T4727] do_fcntl+0x84f/0x1500 [ 979.071578][ T4727] ? __cfi_selinux_file_fcntl+0x10/0x10 [ 979.071601][ T4727] ? check_fcntl_cmd+0xb0/0xb0 [ 979.071618][ T4727] ? __cfi_mutex_unlock+0x10/0x10 [ 979.071634][ T4727] ? __fget_files+0x2c5/0x340 [ 979.071655][ T4727] ? bpf_lsm_file_fcntl+0xd/0x20 [ 979.071679][ T4727] ? security_file_fcntl+0x34/0xd0 [ 979.071700][ T4727] __se_sys_fcntl+0xe4/0x180 [ 979.071720][ T4727] __x64_sys_fcntl+0x7f/0xa0 [ 979.071738][ T4727] x64_sys_call+0x1cb3/0x2ee0 [ 979.071763][ T4727] do_syscall_64+0x58/0xf0 [ 979.071787][ T4727] ? clear_bhb_loop+0x50/0xa0 [ 979.071808][ T4727] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 979.071828][ T4727] RIP: 0033:0x7f084bb8f6c9 [ 979.071845][ T4727] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 979.071863][ T4727] RSP: 002b:00007f084c973038 EFLAGS: 00000246 ORIG_RAX: 0000000000000048 [ 979.071886][ T4727] RAX: ffffffffffffffda RBX: 00007f084bde5fa0 RCX: 00007f084bb8f6c9 [ 979.071902][ T4727] RDX: 0000200000000040 RSI: 0000000000000006 RDI: 0000000000000006 [ 979.071915][ T4727] RBP: 00007f084c973090 R08: 0000000000000000 R09: 0000000000000000 [ 979.071927][ T4727] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 979.071939][ T4727] R13: 00007f084bde6038 R14: 00007f084bde5fa0 R15: 00007ffd1d8e3258 [ 979.071956][ T4727] [ 979.088766][ T4737] FAULT_INJECTION: forcing a failure. [ 979.088766][ T4737] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 979.343551][ T4737] CPU: 1 UID: 0 PID: 4737 Comm: syz.1.30639 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 979.343583][ T4737] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 979.343595][ T4737] Call Trace: [ 979.343603][ T4737] [ 979.343611][ T4737] __dump_stack+0x21/0x30 [ 979.343661][ T4737] dump_stack_lvl+0x10c/0x190 [ 979.343686][ T4737] ? __cfi_dump_stack_lvl+0x10/0x10 [ 979.343713][ T4737] dump_stack+0x19/0x20 [ 979.343735][ T4737] should_fail_ex+0x3d9/0x530 [ 979.343756][ T4737] should_fail+0xf/0x20 [ 979.343774][ T4737] should_fail_usercopy+0x1e/0x30 [ 979.343795][ T4737] _copy_from_user+0x22/0xb0 [ 979.343819][ T4737] do_tcp_setsockopt+0x541/0x1f60 [ 979.343848][ T4737] ? __cfi_do_tcp_setsockopt+0x10/0x10 [ 979.343876][ T4737] ? selinux_socket_setsockopt+0x2ea/0x390 [ 979.343904][ T4737] ? __cfi_selinux_socket_setsockopt+0x10/0x10 [ 979.343935][ T4737] tcp_setsockopt+0x58/0x110 [ 979.343953][ T4737] sock_common_setsockopt+0xb5/0xd0 [ 979.343975][ T4737] ? __cfi_sock_common_setsockopt+0x10/0x10 [ 979.343997][ T4737] do_sock_setsockopt+0x26d/0x400 [ 979.344023][ T4737] ? __cfi_do_sock_setsockopt+0x10/0x10 [ 979.344048][ T4737] __x64_sys_setsockopt+0x1b8/0x250 [ 979.344071][ T4737] x64_sys_call+0x2adc/0x2ee0 [ 979.344096][ T4737] do_syscall_64+0x58/0xf0 [ 979.344126][ T4737] ? clear_bhb_loop+0x50/0xa0 [ 979.344144][ T4737] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 979.344162][ T4737] RIP: 0033:0x7f18cf18f6c9 [ 979.344178][ T4737] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 979.344198][ T4737] RSP: 002b:00007f18d00c6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 979.344218][ T4737] RAX: ffffffffffffffda RBX: 00007f18cf3e5fa0 RCX: 00007f18cf18f6c9 [ 979.344232][ T4737] RDX: 0000000000000013 RSI: 0000000000000006 RDI: 0000000000000006 [ 979.344243][ T4737] RBP: 00007f18d00c6090 R08: 0000000000000004 R09: 0000000000000000 [ 979.344255][ T4737] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001 [ 979.344267][ T4737] R13: 00007f18cf3e6038 R14: 00007f18cf3e5fa0 R15: 00007ffc02d49448 [ 979.344284][ T4737] [ 979.709204][ T4767] FAULT_INJECTION: forcing a failure. [ 979.709204][ T4767] name failslab, interval 1, probability 0, space 0, times 0 [ 979.748920][ T4767] CPU: 0 UID: 0 PID: 4767 Comm: syz.4.30653 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 979.748958][ T4767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 979.748970][ T4767] Call Trace: [ 979.748977][ T4767] [ 979.748992][ T4767] __dump_stack+0x21/0x30 [ 979.749022][ T4767] dump_stack_lvl+0x10c/0x190 [ 979.749046][ T4767] ? __cfi_dump_stack_lvl+0x10/0x10 [ 979.749069][ T4767] ? avc_has_perm+0x144/0x220 [ 979.749091][ T4767] dump_stack+0x19/0x20 [ 979.749109][ T4767] should_fail_ex+0x3d9/0x530 [ 979.749125][ T4767] should_failslab+0xac/0x100 [ 979.749143][ T4767] __kmalloc_cache_noprof+0x41/0x490 [ 979.749160][ T4767] ? vhost_task_create+0x101/0x350 [ 979.749180][ T4767] ? __cfi_kvm_nx_huge_page_recovery_worker+0x10/0x10 [ 979.749200][ T4767] vhost_task_create+0x101/0x350 [ 979.749217][ T4767] ? __cfi_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10 [ 979.749237][ T4767] ? __cfi_vhost_task_create+0x10/0x10 [ 979.749255][ T4767] ? __cfi_vhost_task_fn+0x10/0x10 [ 979.749271][ T4767] ? __kasan_check_write+0x18/0x20 [ 979.749296][ T4767] ? mutex_lock+0x92/0x1c0 [ 979.749324][ T4767] ? __cfi_mutex_lock+0x10/0x10 [ 979.749340][ T4767] ? kernel_text_address+0xa9/0xe0 [ 979.749366][ T4767] kvm_mmu_post_init_vm+0x156/0x2d0 [ 979.749390][ T4767] kvm_arch_vcpu_ioctl_run+0xd7/0x1aa0 [ 979.749417][ T4767] ? _parse_integer_limit+0x195/0x1e0 [ 979.749445][ T4767] ? __cfi_kvm_arch_vcpu_ioctl_run+0x10/0x10 [ 979.749469][ T4767] ? kstrtoull+0x13b/0x1e0 [ 979.749485][ T4767] ? kstrtouint+0x78/0xf0 [ 979.749502][ T4767] ? ioctl_has_perm+0x1aa/0x4d0 [ 979.749523][ T4767] ? __asan_memcpy+0x5a/0x80 [ 979.749539][ T4767] ? ioctl_has_perm+0x3e0/0x4d0 [ 979.749559][ T4767] ? has_cap_mac_admin+0xd0/0xd0 [ 979.749580][ T4767] ? __kasan_check_write+0x18/0x20 [ 979.749606][ T4767] ? mutex_lock_killable+0x92/0x1c0 [ 979.749625][ T4767] ? __cfi_mutex_lock_killable+0x10/0x10 [ 979.749643][ T4767] ? proc_fail_nth_write+0x17e/0x210 [ 979.749669][ T4767] kvm_vcpu_ioctl+0x96f/0xee0 [ 979.749687][ T4767] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 979.749705][ T4767] ? __cfi_vfs_write+0x10/0x10 [ 979.749722][ T4767] ? __kasan_check_write+0x18/0x20 [ 979.749748][ T4767] ? mutex_unlock+0x8b/0x240 [ 979.749765][ T4767] ? __cfi_mutex_unlock+0x10/0x10 [ 979.749782][ T4767] ? __fget_files+0x2c5/0x340 [ 979.749803][ T4767] ? __fget_files+0x2c5/0x340 [ 979.749823][ T4767] ? bpf_lsm_file_ioctl+0xd/0x20 [ 979.749847][ T4767] ? security_file_ioctl+0x34/0xd0 [ 979.749868][ T4767] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 979.749884][ T4767] __se_sys_ioctl+0x135/0x1b0 [ 979.749905][ T4767] __x64_sys_ioctl+0x7f/0xa0 [ 979.749924][ T4767] x64_sys_call+0x1878/0x2ee0 [ 979.749956][ T4767] do_syscall_64+0x58/0xf0 [ 979.749983][ T4767] ? clear_bhb_loop+0x50/0xa0 [ 979.750005][ T4767] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 979.750025][ T4767] RIP: 0033:0x7f084bb8f6c9 [ 979.750042][ T4767] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 979.750060][ T4767] RSP: 002b:00007f084c973038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 979.750082][ T4767] RAX: ffffffffffffffda RBX: 00007f084bde5fa0 RCX: 00007f084bb8f6c9 [ 979.750098][ T4767] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007 [ 979.750112][ T4767] RBP: 00007f084c973090 R08: 0000000000000000 R09: 0000000000000000 [ 979.750123][ T4767] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 979.750133][ T4767] R13: 00007f084bde6038 R14: 00007f084bde5fa0 R15: 00007ffd1d8e3258 [ 979.750149][ T4767] [ 980.193670][ T4790] FAULT_INJECTION: forcing a failure. [ 980.193670][ T4790] name failslab, interval 1, probability 0, space 0, times 0 [ 980.219591][ T4790] CPU: 1 UID: 0 PID: 4790 Comm: syz.3.30663 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 980.219626][ T4790] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 980.219652][ T4790] Call Trace: [ 980.219659][ T4790] [ 980.219666][ T4790] __dump_stack+0x21/0x30 [ 980.219693][ T4790] dump_stack_lvl+0x10c/0x190 [ 980.219716][ T4790] ? __cfi_dump_stack_lvl+0x10/0x10 [ 980.219738][ T4790] ? __kasan_check_write+0x18/0x20 [ 980.219763][ T4790] ? proc_fail_nth_write+0x17e/0x210 [ 980.219792][ T4790] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 980.219813][ T4790] dump_stack+0x19/0x20 [ 980.219831][ T4790] should_fail_ex+0x3d9/0x530 [ 980.219847][ T4790] should_failslab+0xac/0x100 [ 980.219864][ T4790] kmem_cache_alloc_noprof+0x42/0x430 [ 980.219878][ T4790] ? getname_flags+0xc6/0x710 [ 980.219894][ T4790] getname_flags+0xc6/0x710 [ 980.219909][ T4790] ? build_open_flags+0x487/0x600 [ 980.219930][ T4790] getname+0x1b/0x30 [ 980.219946][ T4790] do_sys_openat2+0xcb/0x1c0 [ 980.219965][ T4790] ? fput+0x1a5/0x240 [ 980.219983][ T4790] ? do_sys_open+0x100/0x100 [ 980.220001][ T4790] ? ksys_write+0x1ef/0x250 [ 980.220016][ T4790] ? __cfi_ksys_write+0x10/0x10 [ 980.220031][ T4790] __x64_sys_openat+0x13a/0x170 [ 980.220051][ T4790] x64_sys_call+0xe69/0x2ee0 [ 980.220073][ T4790] do_syscall_64+0x58/0xf0 [ 980.220092][ T4790] ? clear_bhb_loop+0x50/0xa0 [ 980.220110][ T4790] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 980.220126][ T4790] RIP: 0033:0x7f903c38f6c9 [ 980.220140][ T4790] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 980.220154][ T4790] RSP: 002b:00007f903d25e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 980.220172][ T4790] RAX: ffffffffffffffda RBX: 00007f903c5e5fa0 RCX: 00007f903c38f6c9 [ 980.220185][ T4790] RDX: 00000000000e0982 RSI: 00002000000001c0 RDI: ffffffffffffff9c [ 980.220196][ T4790] RBP: 00007f903d25e090 R08: 0000000000000000 R09: 0000000000000000 [ 980.220207][ T4790] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 980.220217][ T4790] R13: 00007f903c5e6038 R14: 00007f903c5e5fa0 R15: 00007ffdc96bb158 [ 980.220230][ T4790] [ 980.234260][ T4793] rust_binder: Read failure Err(EAGAIN) in pid:1070 [ 980.609312][ T4815] FAULT_INJECTION: forcing a failure. [ 980.609312][ T4815] name failslab, interval 1, probability 0, space 0, times 0 [ 980.671855][ T4815] CPU: 1 UID: 0 PID: 4815 Comm: syz.4.30674 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 980.671897][ T4815] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 980.671909][ T4815] Call Trace: [ 980.671916][ T4815] [ 980.671924][ T4815] __dump_stack+0x21/0x30 [ 980.671955][ T4815] dump_stack_lvl+0x10c/0x190 [ 980.671979][ T4815] ? __cfi_dump_stack_lvl+0x10/0x10 [ 980.672005][ T4815] dump_stack+0x19/0x20 [ 980.672028][ T4815] should_fail_ex+0x3d9/0x530 [ 980.672049][ T4815] should_failslab+0xac/0x100 [ 980.672070][ T4815] kmem_cache_alloc_noprof+0x42/0x430 [ 980.672089][ T4815] ? getname_flags+0xc6/0x710 [ 980.672109][ T4815] getname_flags+0xc6/0x710 [ 980.672128][ T4815] user_path_at+0x2b/0x60 [ 980.672149][ T4815] __se_sys_inotify_add_watch+0x1b3/0xf10 [ 980.672187][ T4815] ? fput+0x1a5/0x240 [ 980.672209][ T4815] ? ksys_write+0x1ef/0x250 [ 980.672227][ T4815] ? __x64_sys_inotify_add_watch+0xa0/0xa0 [ 980.672247][ T4815] ? __cfi_ksys_write+0x10/0x10 [ 980.672266][ T4815] ? __kasan_check_read+0x15/0x20 [ 980.672293][ T4815] __x64_sys_inotify_add_watch+0x7f/0xa0 [ 980.672313][ T4815] x64_sys_call+0x2c68/0x2ee0 [ 980.672339][ T4815] do_syscall_64+0x58/0xf0 [ 980.672363][ T4815] ? clear_bhb_loop+0x50/0xa0 [ 980.672384][ T4815] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 980.672413][ T4815] RIP: 0033:0x7f084bb8f6c9 [ 980.672438][ T4815] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 980.672456][ T4815] RSP: 002b:00007f084c973038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fe [ 980.672489][ T4815] RAX: ffffffffffffffda RBX: 00007f084bde5fa0 RCX: 00007f084bb8f6c9 [ 980.672505][ T4815] RDX: 0000000004000cdd RSI: 0000200000000080 RDI: 0000000000000008 [ 980.672519][ T4815] RBP: 00007f084c973090 R08: 0000000000000000 R09: 0000000000000000 [ 980.672533][ T4815] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 980.672546][ T4815] R13: 00007f084bde6038 R14: 00007f084bde5fa0 R15: 00007ffd1d8e3258 [ 980.672564][ T4815] [ 980.985736][ T4831] rust_binder: Read failure Err(EAGAIN) in pid:1081 [ 981.069641][ T4838] 9pnet_fd: Insufficient options for proto=fd [ 981.149076][ T36] audit: type=1400 audit(1763400041.669:8991): avc: denied { create } for pid=4837 comm="syz.0.30685" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1 [ 981.243387][ T36] audit: type=1400 audit(1763400041.669:8992): avc: denied { write } for pid=4837 comm="syz.0.30685" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1 [ 981.311228][ T36] audit: type=1400 audit(1763400041.669:8993): avc: denied { listen } for pid=4837 comm="syz.0.30685" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1 [ 981.342641][ T4859] netlink: 'syz.1.30695': attribute type 15 has an invalid length. [ 981.369501][ T4859] netlink: 24 bytes leftover after parsing attributes in process `syz.1.30695'. [ 981.417996][ T36] audit: type=1400 audit(1763400042.019:8994): avc: denied { watch watch_reads } for pid=4858 comm="syz.1.30695" path="/450/file0" dev="tmpfs" ino=2724 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 981.446845][ T4866] netlink: 'syz.3.30697': attribute type 4 has an invalid length. [ 981.460508][ T4866] netlink: 'syz.3.30697': attribute type 5 has an invalid length. [ 981.478036][ T4866] netlink: 3657 bytes leftover after parsing attributes in process `syz.3.30697'. [ 981.527512][ T4872] FAULT_INJECTION: forcing a failure. [ 981.527512][ T4872] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 981.560180][ T4872] CPU: 1 UID: 0 PID: 4872 Comm: syz.3.30700 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 981.560220][ T4872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 981.560233][ T4872] Call Trace: [ 981.560240][ T4872] [ 981.560249][ T4872] __dump_stack+0x21/0x30 [ 981.560280][ T4872] dump_stack_lvl+0x10c/0x190 [ 981.560305][ T4872] ? __cfi_dump_stack_lvl+0x10/0x10 [ 981.560345][ T4872] ? check_stack_object+0x12c/0x140 [ 981.560366][ T4872] dump_stack+0x19/0x20 [ 981.560389][ T4872] should_fail_ex+0x3d9/0x530 [ 981.560410][ T4872] should_fail+0xf/0x20 [ 981.560428][ T4872] should_fail_usercopy+0x1e/0x30 [ 981.560449][ T4872] _copy_to_user+0x24/0xa0 [ 981.560472][ T4872] simple_read_from_buffer+0xed/0x160 [ 981.560497][ T4872] proc_fail_nth_read+0x19e/0x210 [ 981.560529][ T4872] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 981.560554][ T4872] ? bpf_lsm_file_permission+0xd/0x20 [ 981.560580][ T4872] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 981.560604][ T4872] vfs_read+0x27d/0xc70 [ 981.560623][ T4872] ? __cfi_vfs_read+0x10/0x10 [ 981.560640][ T4872] ? __kasan_check_write+0x18/0x20 [ 981.560667][ T4872] ? mutex_lock+0x92/0x1c0 [ 981.560685][ T4872] ? __cfi_mutex_lock+0x10/0x10 [ 981.560702][ T4872] ? __fget_files+0x2c5/0x340 [ 981.560727][ T4872] ksys_read+0x141/0x250 [ 981.560745][ T4872] ? __cfi_ksys_read+0x10/0x10 [ 981.560763][ T4872] ? __kasan_check_read+0x15/0x20 [ 981.560790][ T4872] __x64_sys_read+0x7f/0x90 [ 981.560807][ T4872] x64_sys_call+0x2638/0x2ee0 [ 981.560834][ T4872] do_syscall_64+0x58/0xf0 [ 981.560939][ T4872] ? clear_bhb_loop+0x50/0xa0 [ 981.560964][ T4872] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 981.560982][ T4872] RIP: 0033:0x7f903c38e0dc [ 981.560996][ T4872] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 981.561010][ T4872] RSP: 002b:00007f903d25e030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 981.561030][ T4872] RAX: ffffffffffffffda RBX: 00007f903c5e5fa0 RCX: 00007f903c38e0dc [ 981.561042][ T4872] RDX: 000000000000000f RSI: 00007f903d25e0a0 RDI: 000000000000000b [ 981.561052][ T4872] RBP: 00007f903d25e090 R08: 0000000000000000 R09: 0000000000000000 [ 981.561063][ T4872] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 981.561074][ T4872] R13: 00007f903c5e6038 R14: 00007f903c5e5fa0 R15: 00007ffdc96bb158 [ 981.561088][ T4872] [ 982.321406][ T4897] FAULT_INJECTION: forcing a failure. [ 982.321406][ T4897] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 982.358871][ T4897] CPU: 1 UID: 0 PID: 4897 Comm: syz.3.30714 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 982.358907][ T4897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 982.358924][ T4897] Call Trace: [ 982.358932][ T4897] [ 982.358941][ T4897] __dump_stack+0x21/0x30 [ 982.358971][ T4897] dump_stack_lvl+0x10c/0x190 [ 982.359003][ T4897] ? __cfi_dump_stack_lvl+0x10/0x10 [ 982.359027][ T4897] ? __kasan_check_write+0x18/0x20 [ 982.359054][ T4897] ? check_stack_object+0x107/0x140 [ 982.359073][ T4897] dump_stack+0x19/0x20 [ 982.359095][ T4897] should_fail_ex+0x3d9/0x530 [ 982.359115][ T4897] should_fail+0xf/0x20 [ 982.359132][ T4897] should_fail_usercopy+0x1e/0x30 [ 982.359152][ T4897] _copy_from_user+0x22/0xb0 [ 982.359175][ T4897] __sys_sendto+0x29e/0x6f0 [ 982.359197][ T4897] ? __cfi___sys_sendto+0x10/0x10 [ 982.359223][ T4897] ? __kasan_check_write+0x18/0x20 [ 982.359251][ T4897] ? __cfi_ksys_write+0x10/0x10 [ 982.359269][ T4897] __x64_sys_sendto+0xe9/0x100 [ 982.359294][ T4897] x64_sys_call+0x2c2c/0x2ee0 [ 982.359319][ T4897] do_syscall_64+0x58/0xf0 [ 982.359341][ T4897] ? clear_bhb_loop+0x50/0xa0 [ 982.359362][ T4897] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 982.359382][ T4897] RIP: 0033:0x7f903c38f6c9 [ 982.359398][ T4897] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 982.359415][ T4897] RSP: 002b:00007f903d25e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 982.359437][ T4897] RAX: ffffffffffffffda RBX: 00007f903c5e5fa0 RCX: 00007f903c38f6c9 [ 982.359452][ T4897] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 982.359464][ T4897] RBP: 00007f903d25e090 R08: 0000200000e68000 R09: 0000000000000010 [ 982.359478][ T4897] R10: 00000000200007fd R11: 0000000000000246 R12: 0000000000000001 [ 982.359490][ T4897] R13: 00007f903c5e6038 R14: 00007f903c5e5fa0 R15: 00007ffdc96bb158 [ 982.359506][ T4897] [ 982.551800][ T4918] 9pnet_fd: Insufficient options for proto=fd [ 982.675442][ T4929] FAULT_INJECTION: forcing a failure. [ 982.675442][ T4929] name failslab, interval 1, probability 0, space 0, times 0 [ 982.695289][ T4929] CPU: 0 UID: 0 PID: 4929 Comm: syz.3.30727 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 982.695326][ T4929] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 982.695338][ T4929] Call Trace: [ 982.695349][ T4929] [ 982.695358][ T4929] __dump_stack+0x21/0x30 [ 982.695397][ T4929] dump_stack_lvl+0x10c/0x190 [ 982.695426][ T4929] ? __cfi_dump_stack_lvl+0x10/0x10 [ 982.695449][ T4929] ? __kasan_check_write+0x18/0x20 [ 982.695481][ T4929] ? proc_fail_nth_write+0x17e/0x210 [ 982.695505][ T4929] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 982.695542][ T4929] dump_stack+0x19/0x20 [ 982.695569][ T4929] should_fail_ex+0x3d9/0x530 [ 982.695595][ T4929] should_failslab+0xac/0x100 [ 982.695616][ T4929] kmem_cache_alloc_noprof+0x42/0x430 [ 982.695654][ T4929] ? getname_flags+0xc6/0x710 [ 982.695674][ T4929] getname_flags+0xc6/0x710 [ 982.695692][ T4929] ? build_open_flags+0x487/0x600 [ 982.695716][ T4929] getname+0x1b/0x30 [ 982.695731][ T4929] do_sys_openat2+0xcb/0x1c0 [ 982.695759][ T4929] ? fput+0x1a5/0x240 [ 982.695780][ T4929] ? do_sys_open+0x100/0x100 [ 982.695808][ T4929] ? ksys_write+0x1ef/0x250 [ 982.695825][ T4929] ? __cfi_ksys_write+0x10/0x10 [ 982.695843][ T4929] __x64_sys_openat+0x13a/0x170 [ 982.695873][ T4929] x64_sys_call+0xe69/0x2ee0 [ 982.695898][ T4929] do_syscall_64+0x58/0xf0 [ 982.695922][ T4929] ? clear_bhb_loop+0x50/0xa0 [ 982.695943][ T4929] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 982.695961][ T4929] RIP: 0033:0x7f903c38df10 [ 982.695989][ T4929] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 69 95 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 bc 95 02 00 8b 44 [ 982.696009][ T4929] RSP: 002b:00007f903d25df60 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 982.696030][ T4929] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f903c38df10 [ 982.696045][ T4929] RDX: 0000000000000000 RSI: 00007f903c41207e RDI: 00000000ffffff9c [ 982.696058][ T4929] RBP: 00007f903c41207e R08: 0000000000000000 R09: 0000000000000000 [ 982.696077][ T4929] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 982.696090][ T4929] R13: 00007f903c5e6038 R14: 00007f903c5e5fa0 R15: 00007ffdc96bb158 [ 982.696106][ T4929] [ 983.008388][ T4957] 9pnet_fd: Insufficient options for proto=fd [ 983.601111][ T4985] capability: warning: `syz.4.30751' uses deprecated v2 capabilities in a way that may be insecure [ 983.979402][ T36] kauditd_printk_skb: 1 callbacks suppressed [ 983.979420][ T36] audit: type=1400 audit(1763400044.579:8996): avc: denied { create } for pid=5031 comm="syz.4.30771" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_nflog_socket permissive=1 [ 984.079549][ T5055] rust_binder: Read failure Err(EAGAIN) in pid:51 [ 984.237968][ T5098] FAULT_INJECTION: forcing a failure. [ 984.237968][ T5098] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 984.238332][ T5097] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2570 sclass=netlink_route_socket pid=5097 comm=syz.3.30800 [ 984.249066][ T5098] CPU: 1 UID: 0 PID: 5098 Comm: syz.1.30801 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 984.249112][ T5098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 984.249124][ T5098] Call Trace: [ 984.249130][ T5098] [ 984.249138][ T5098] __dump_stack+0x21/0x30 [ 984.249166][ T5098] dump_stack_lvl+0x10c/0x190 [ 984.249188][ T5098] ? __cfi_dump_stack_lvl+0x10/0x10 [ 984.249216][ T5098] ? kernel_text_address+0xa9/0xe0 [ 984.249246][ T5098] dump_stack+0x19/0x20 [ 984.249267][ T5098] should_fail_ex+0x3d9/0x530 [ 984.249291][ T5098] should_fail+0xf/0x20 [ 984.249311][ T5098] should_fail_usercopy+0x1e/0x30 [ 984.249335][ T5098] _copy_from_user+0x22/0xb0 [ 984.249356][ T5098] ___sys_sendmsg+0x159/0x2a0 [ 984.249382][ T5098] ? __sys_sendmsg+0x280/0x280 [ 984.249407][ T5098] ? kstrtouint+0x78/0xf0 [ 984.249428][ T5098] __sys_sendmmsg+0x271/0x470 [ 984.249452][ T5098] ? __cfi___sys_sendmmsg+0x10/0x10 [ 984.249484][ T5098] ? __cfi_ksys_write+0x10/0x10 [ 984.249502][ T5098] __x64_sys_sendmmsg+0xa4/0xc0 [ 984.249527][ T5098] x64_sys_call+0xfec/0x2ee0 [ 984.249551][ T5098] do_syscall_64+0x58/0xf0 [ 984.249573][ T5098] ? clear_bhb_loop+0x50/0xa0 [ 984.249593][ T5098] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 984.249612][ T5098] RIP: 0033:0x7f18cf18f6c9 [ 984.249628][ T5098] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 984.249643][ T5098] RSP: 002b:00007f18d00c6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 984.249664][ T5098] RAX: ffffffffffffffda RBX: 00007f18cf3e5fa0 RCX: 00007f18cf18f6c9 [ 984.249683][ T5098] RDX: 0000000000000001 RSI: 00002000000000c0 RDI: 0000000000000008 [ 984.249695][ T5098] RBP: 00007f18d00c6090 R08: 0000000000000000 R09: 0000000000000000 [ 984.249707][ T5098] R10: 0000000000000040 R11: 0000000000000246 R12: 0000000000000001 [ 984.249720][ T5098] R13: 00007f18cf3e6038 R14: 00007f18cf3e5fa0 R15: 00007ffc02d49448 [ 984.249735][ T5098] [ 984.266198][ T5105] netlink: 'syz.1.30804': attribute type 15 has an invalid length. [ 984.435906][ T5125] FAULT_INJECTION: forcing a failure. [ 984.435906][ T5125] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 984.459364][ T36] audit: type=1400 audit(1763400045.039:8997): avc: denied { bind } for pid=5123 comm="syz.3.30812" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 984.515753][ T5125] CPU: 0 UID: 0 PID: 5125 Comm: syz.3.30812 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 984.515785][ T5125] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 984.515797][ T5125] Call Trace: [ 984.515804][ T5125] [ 984.515812][ T5125] __dump_stack+0x21/0x30 [ 984.515841][ T5125] dump_stack_lvl+0x10c/0x190 [ 984.515861][ T5125] ? __cfi_dump_stack_lvl+0x10/0x10 [ 984.515881][ T5125] ? unwind_get_return_address+0x51/0x90 [ 984.515900][ T5125] ? __cfi_stack_trace_consume_entry+0x10/0x10 [ 984.515996][ T5125] dump_stack+0x19/0x20 [ 984.516020][ T5125] should_fail_ex+0x3d9/0x530 [ 984.516041][ T5125] should_fail+0xf/0x20 [ 984.516057][ T5125] should_fail_usercopy+0x1e/0x30 [ 984.516076][ T5125] _copy_from_user+0x22/0xb0 [ 984.516098][ T5125] ___sys_recvmsg+0x12f/0x510 [ 984.516114][ T5125] ? __sys_recvmsg+0x280/0x280 [ 984.516131][ T5125] ? __cfi_kstrtouint_from_user+0x10/0x10 [ 984.516148][ T5125] ? selinux_file_permission+0x309/0xb30 [ 984.516171][ T5125] ? __fget_files+0x2c5/0x340 [ 984.516192][ T5125] do_recvmmsg+0x326/0x770 [ 984.516208][ T5125] ? __sys_recvmmsg+0x290/0x290 [ 984.516225][ T5125] ? __cfi_vfs_write+0x10/0x10 [ 984.516244][ T5125] ? fput+0x1a5/0x240 [ 984.516263][ T5125] __x64_sys_recvmmsg+0x191/0x240 [ 984.516274][ T5125] ? __cfi___x64_sys_recvmmsg+0x10/0x10 [ 984.516283][ T5125] ? __kasan_check_read+0x15/0x20 [ 984.516300][ T5125] x64_sys_call+0x292c/0x2ee0 [ 984.516325][ T5125] do_syscall_64+0x58/0xf0 [ 984.516347][ T5125] ? clear_bhb_loop+0x50/0xa0 [ 984.516367][ T5125] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 984.516386][ T5125] RIP: 0033:0x7f903c38f6c9 [ 984.516402][ T5125] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 984.516419][ T5125] RSP: 002b:00007f903d25e038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 984.516441][ T5125] RAX: ffffffffffffffda RBX: 00007f903c5e5fa0 RCX: 00007f903c38f6c9 [ 984.516455][ T5125] RDX: 0000000000000001 RSI: 0000200000008280 RDI: 0000000000000007 [ 984.516468][ T5125] RBP: 00007f903d25e090 R08: 0000000000000000 R09: 0000000000000000 [ 984.516480][ T5125] R10: 0000000000000040 R11: 0000000000000246 R12: 0000000000000001 [ 984.516493][ T5125] R13: 00007f903c5e6038 R14: 00007f903c5e5fa0 R15: 00007ffdc96bb158 [ 984.516509][ T5125] [ 984.559521][ T5105] netlink: 24 bytes leftover after parsing attributes in process `syz.1.30804'. [ 984.588747][ T36] audit: type=1400 audit(1763400045.039:8998): avc: denied { name_bind } for pid=5123 comm="syz.3.30812" src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1 [ 984.730118][ T5144] rust_binder: Read failure Err(EAGAIN) in pid:974 [ 984.742721][ T36] audit: type=1400 audit(1763400045.039:8999): avc: denied { node_bind } for pid=5123 comm="syz.3.30812" src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1 [ 984.954586][ T36] audit: type=1400 audit(1763400045.289:9000): avc: denied { name_bind } for pid=5139 comm="syz.3.30818" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1 [ 984.970070][ T5172] rust_binder: Read failure Err(EAGAIN) in pid:968 [ 984.987631][ T36] audit: type=1400 audit(1763400045.309:9001): avc: denied { read } for pid=5124 comm="syz.4.30813" lport=55078 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 985.107688][ T5190] netlink: 'syz.1.30842': attribute type 15 has an invalid length. [ 985.126373][ T5190] netlink: 24 bytes leftover after parsing attributes in process `syz.1.30842'. [ 985.139667][ T5199] rust_binder: Read failure Err(EAGAIN) in pid:990 [ 985.143762][ T5190] netlink: 'syz.1.30842': attribute type 1 has an invalid length. [ 985.163205][ T5190] netlink: 'syz.1.30842': attribute type 2 has an invalid length. [ 985.199684][ T5206] FAULT_INJECTION: forcing a failure. [ 985.199684][ T5206] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 985.217881][ T5206] CPU: 1 UID: 0 PID: 5206 Comm: syz.0.30849 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 985.217915][ T5206] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 985.217926][ T5206] Call Trace: [ 985.217934][ T5206] [ 985.217943][ T5206] __dump_stack+0x21/0x30 [ 985.217971][ T5206] dump_stack_lvl+0x10c/0x190 [ 985.217994][ T5206] ? __cfi_dump_stack_lvl+0x10/0x10 [ 985.218016][ T5206] ? __kasan_check_write+0x18/0x20 [ 985.218042][ T5206] ? check_stack_object+0x107/0x140 [ 985.218059][ T5206] dump_stack+0x19/0x20 [ 985.218081][ T5206] should_fail_ex+0x3d9/0x530 [ 985.218100][ T5206] should_fail+0xf/0x20 [ 985.218117][ T5206] should_fail_usercopy+0x1e/0x30 [ 985.218136][ T5206] _copy_from_user+0x22/0xb0 [ 985.218159][ T5206] __sys_sendto+0x29e/0x6f0 [ 985.218190][ T5206] ? __cfi___sys_sendto+0x10/0x10 [ 985.218215][ T5206] ? __kasan_check_write+0x18/0x20 [ 985.218240][ T5206] ? __cfi_ksys_write+0x10/0x10 [ 985.218256][ T5206] __x64_sys_sendto+0xe9/0x100 [ 985.218277][ T5206] x64_sys_call+0x2c2c/0x2ee0 [ 985.218302][ T5206] do_syscall_64+0x58/0xf0 [ 985.218324][ T5206] ? clear_bhb_loop+0x50/0xa0 [ 985.218344][ T5206] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 985.218361][ T5206] RIP: 0033:0x7fa88978f6c9 [ 985.218377][ T5206] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 985.218394][ T5206] RSP: 002b:00007fa88a6f0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 985.218414][ T5206] RAX: ffffffffffffffda RBX: 00007fa8899e5fa0 RCX: 00007fa88978f6c9 [ 985.218429][ T5206] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 985.218440][ T5206] RBP: 00007fa88a6f0090 R08: 0000200000000140 R09: 000000000000001c [ 985.218453][ T5206] R10: 0000000008000801 R11: 0000000000000246 R12: 0000000000000001 [ 985.218465][ T5206] R13: 00007fa8899e6038 R14: 00007fa8899e5fa0 R15: 00007ffcc6cec818 [ 985.218481][ T5206] [ 985.353336][ T5228] rust_binder: Read failure Err(EAGAIN) in pid:1004 [ 985.528179][ T5243] netlink: 'syz.3.30867': attribute type 15 has an invalid length. [ 985.546250][ T5243] netlink: 24 bytes leftover after parsing attributes in process `syz.3.30867'. [ 985.557056][ T5243] netlink: 'syz.3.30867': attribute type 1 has an invalid length. [ 985.565762][ T5243] netlink: 'syz.3.30867': attribute type 2 has an invalid length. [ 985.652952][ T5263] FAULT_INJECTION: forcing a failure. [ 985.652952][ T5263] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 985.664510][ T5265] netlink: 24 bytes leftover after parsing attributes in process `syz.0.30878'. [ 985.678918][ T5263] CPU: 1 UID: 0 PID: 5263 Comm: syz.4.30877 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 985.678954][ T5263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 985.678966][ T5263] Call Trace: [ 985.678973][ T5263] [ 985.678982][ T5263] __dump_stack+0x21/0x30 [ 985.679011][ T5263] dump_stack_lvl+0x10c/0x190 [ 985.679033][ T5263] ? __cfi_dump_stack_lvl+0x10/0x10 [ 985.679056][ T5263] ? do_vfs_ioctl+0xeda/0x1e30 [ 985.679077][ T5263] dump_stack+0x19/0x20 [ 985.679098][ T5263] should_fail_ex+0x3d9/0x530 [ 985.679117][ T5263] should_fail+0xf/0x20 [ 985.679138][ T5263] should_fail_usercopy+0x1e/0x30 [ 985.679157][ T5263] _copy_from_user+0x22/0xb0 [ 985.679178][ T5263] addrconf_add_ifaddr+0xfa/0x1b0 [ 985.679201][ T5263] ? __cfi_addrconf_add_ifaddr+0x10/0x10 [ 985.679223][ T5263] ? ioctl_has_perm+0x384/0x4d0 [ 985.679244][ T5263] inet6_ioctl+0x139/0x280 [ 985.679269][ T5263] ? __cfi_inet6_ioctl+0x10/0x10 [ 985.679296][ T5263] ? proc_fail_nth_write+0x17e/0x210 [ 985.679319][ T5263] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 985.679343][ T5263] sock_do_ioctl+0x105/0x330 [ 985.679452][ T5263] ? sock_show_fdinfo+0xd0/0xd0 [ 985.679474][ T5263] ? __cfi_vfs_write+0x10/0x10 [ 985.679491][ T5263] ? __kasan_check_write+0x18/0x20 [ 985.679515][ T5263] ? mutex_unlock+0x8b/0x240 [ 985.679532][ T5263] sock_ioctl+0x634/0x7b0 [ 985.679549][ T5263] ? __cfi_sock_ioctl+0x10/0x10 [ 985.679567][ T5263] ? __fget_files+0x2c5/0x340 [ 985.679587][ T5263] ? bpf_lsm_file_ioctl+0xd/0x20 [ 985.679607][ T5263] ? security_file_ioctl+0x34/0xd0 [ 985.679625][ T5263] ? __cfi_sock_ioctl+0x10/0x10 [ 985.679641][ T5263] __se_sys_ioctl+0x135/0x1b0 [ 985.679658][ T5263] __x64_sys_ioctl+0x7f/0xa0 [ 985.679676][ T5263] x64_sys_call+0x1878/0x2ee0 [ 985.679699][ T5263] do_syscall_64+0x58/0xf0 [ 985.679722][ T5263] ? clear_bhb_loop+0x50/0xa0 [ 985.679743][ T5263] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 985.679766][ T5263] RIP: 0033:0x7f084bb8f6c9 [ 985.679789][ T5263] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 985.679805][ T5263] RSP: 002b:00007f084c973038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 985.679826][ T5263] RAX: ffffffffffffffda RBX: 00007f084bde5fa0 RCX: 00007f084bb8f6c9 [ 985.679840][ T5263] RDX: 00002000000000c0 RSI: 0000000000008916 RDI: 000000000000000b [ 985.679854][ T5263] RBP: 00007f084c973090 R08: 0000000000000000 R09: 0000000000000000 [ 985.679866][ T5263] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 985.679878][ T5263] R13: 00007f084bde6038 R14: 00007f084bde5fa0 R15: 00007ffd1d8e3258 [ 985.679894][ T5263] [ 986.152444][ T5290] overlayfs: overlapping lowerdir path [ 986.501446][ T46] bridge_slave_1: left allmulticast mode [ 986.508208][ T46] bridge_slave_1: left promiscuous mode [ 986.528959][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 986.548643][ T46] bridge_slave_0: left allmulticast mode [ 986.555404][ T46] bridge_slave_0: left promiscuous mode [ 986.569143][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 986.725709][ T46] veth1_macvtap: left promiscuous mode [ 986.748910][ T46] veth0_vlan: left promiscuous mode [ 986.908196][ T5337] validate_nla: 1 callbacks suppressed [ 986.908216][ T5337] netlink: 'syz.1.30910': attribute type 15 has an invalid length. [ 986.945984][ T5337] netlink: 24 bytes leftover after parsing attributes in process `syz.1.30910'. [ 986.978931][ T5314] bridge0: port 1(bridge_slave_0) entered blocking state [ 986.986080][ T5314] bridge0: port 1(bridge_slave_0) entered disabled state [ 986.998899][ T5314] bridge_slave_0: entered allmulticast mode [ 987.005401][ T5314] bridge_slave_0: entered promiscuous mode [ 987.030050][ T5314] bridge0: port 2(bridge_slave_1) entered blocking state [ 987.044342][ T5314] bridge0: port 2(bridge_slave_1) entered disabled state [ 987.058448][ T5314] bridge_slave_1: entered allmulticast mode [ 987.071202][ T5314] bridge_slave_1: entered promiscuous mode [ 987.243708][ T5314] bridge0: port 2(bridge_slave_1) entered blocking state [ 987.251458][ T5314] bridge0: port 2(bridge_slave_1) entered forwarding state [ 987.259809][ T5314] bridge0: port 1(bridge_slave_0) entered blocking state [ 987.268116][ T5314] bridge0: port 1(bridge_slave_0) entered forwarding state [ 987.296520][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 987.309232][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 987.332010][ T293] bridge0: port 1(bridge_slave_0) entered blocking state [ 987.339132][ T293] bridge0: port 1(bridge_slave_0) entered forwarding state [ 987.382437][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 987.389814][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 987.434321][ T5314] veth0_vlan: entered promiscuous mode [ 987.465222][ T5314] veth1_macvtap: entered promiscuous mode [ 987.513550][ T36] audit: type=1400 audit(1763400048.119:9002): avc: denied { mount } for pid=5314 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 988.076623][ T5390] FAULT_INJECTION: forcing a failure. [ 988.076623][ T5390] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 988.110200][ T5390] CPU: 1 UID: 0 PID: 5390 Comm: syz.0.30933 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 988.110239][ T5390] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 988.110252][ T5390] Call Trace: [ 988.110259][ T5390] [ 988.110268][ T5390] __dump_stack+0x21/0x30 [ 988.110298][ T5390] dump_stack_lvl+0x10c/0x190 [ 988.110322][ T5390] ? __cfi_dump_stack_lvl+0x10/0x10 [ 988.110347][ T5390] ? kstrtoull+0x13b/0x1e0 [ 988.110365][ T5390] dump_stack+0x19/0x20 [ 988.110388][ T5390] should_fail_ex+0x3d9/0x530 [ 988.110407][ T5390] should_fail+0xf/0x20 [ 988.110426][ T5390] should_fail_usercopy+0x1e/0x30 [ 988.110446][ T5390] _copy_from_user+0x22/0xb0 [ 988.110469][ T5390] ___sys_sendmsg+0x159/0x2a0 [ 988.110506][ T5390] ? __sys_sendmsg+0x280/0x280 [ 988.110537][ T5390] ? proc_fail_nth_write+0x17e/0x210 [ 988.110573][ T5390] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 988.110602][ T5390] __x64_sys_sendmsg+0x1eb/0x2c0 [ 988.110628][ T5390] ? fput+0x1a5/0x240 [ 988.110651][ T5390] ? __cfi___x64_sys_sendmsg+0x10/0x10 [ 988.110677][ T5390] ? ksys_write+0x1ef/0x250 [ 988.110697][ T5390] ? __kasan_check_read+0x15/0x20 [ 988.110725][ T5390] x64_sys_call+0x2a4c/0x2ee0 [ 988.110755][ T5390] do_syscall_64+0x58/0xf0 [ 988.110779][ T5390] ? clear_bhb_loop+0x50/0xa0 [ 988.110800][ T5390] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 988.110820][ T5390] RIP: 0033:0x7f0067b8f6c9 [ 988.110838][ T5390] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 988.110856][ T5390] RSP: 002b:00007f00689a9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 988.110878][ T5390] RAX: ffffffffffffffda RBX: 00007f0067de5fa0 RCX: 00007f0067b8f6c9 [ 988.110895][ T5390] RDX: 000000000400c8c0 RSI: 0000200000000200 RDI: 0000000000000006 [ 988.110909][ T5390] RBP: 00007f00689a9090 R08: 0000000000000000 R09: 0000000000000000 [ 988.110921][ T5390] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 988.110934][ T5390] R13: 00007f0067de6038 R14: 00007f0067de5fa0 R15: 00007ffdb8ee9738 [ 988.110951][ T5390] [ 988.525332][ T5414] netlink: 'syz.3.30934': attribute type 15 has an invalid length. [ 988.534359][ T5414] netlink: 24 bytes leftover after parsing attributes in process `syz.3.30934'. [ 988.547335][ T5414] netlink: 'syz.3.30934': attribute type 1 has an invalid length. [ 988.555488][ T5416] FAULT_INJECTION: forcing a failure. [ 988.555488][ T5416] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 988.556841][ T5414] netlink: 'syz.3.30934': attribute type 2 has an invalid length. [ 988.592124][ T5416] CPU: 1 UID: 0 PID: 5416 Comm: syz.0.30945 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 988.592160][ T5416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 988.592172][ T5416] Call Trace: [ 988.592178][ T5416] [ 988.592187][ T5416] __dump_stack+0x21/0x30 [ 988.592217][ T5416] dump_stack_lvl+0x10c/0x190 [ 988.592241][ T5416] ? __cfi_dump_stack_lvl+0x10/0x10 [ 988.592268][ T5416] dump_stack+0x19/0x20 [ 988.592296][ T5416] should_fail_ex+0x3d9/0x530 [ 988.592317][ T5416] should_fail+0xf/0x20 [ 988.592334][ T5416] should_fail_usercopy+0x1e/0x30 [ 988.592355][ T5416] _copy_from_user+0x22/0xb0 [ 988.592376][ T5416] _RNvMs2_NtCs5gLWsBERDPK_16rust_binder_main6threadNtB5_6Thread10write_read+0x493/0xa380 [ 988.592413][ T5416] ? __cfi__RNvMs2_NtCs5gLWsBERDPK_16rust_binder_main6threadNtB5_6Thread10write_read+0x10/0x10 [ 988.592481][ T5416] ? is_bpf_text_address+0x17b/0x1a0 [ 988.592502][ T5416] ? kernel_text_address+0xa9/0xe0 [ 988.592524][ T5416] ? __kernel_text_address+0x11/0x40 [ 988.592545][ T5416] ? unwind_get_return_address+0x51/0x90 [ 988.592566][ T5416] ? __cfi_stack_trace_consume_entry+0x10/0x10 [ 988.592593][ T5416] ? arch_stack_walk+0x10b/0x170 [ 988.592612][ T5416] ? stack_trace_save+0x9d/0xe0 [ 988.592636][ T5416] ? stack_depot_save_flags+0x38/0x800 [ 988.592657][ T5416] ? kasan_save_stack+0x4d/0x60 [ 988.592676][ T5416] ? kasan_save_stack+0x3e/0x60 [ 988.592693][ T5416] ? __kasan_record_aux_stack+0xb2/0xd0 [ 988.592736][ T5416] ? kasan_record_aux_stack_noalloc+0xf/0x20 [ 988.592759][ T5416] ? __call_rcu_common+0xd5/0x700 [ 988.592776][ T5416] ? call_rcu+0x14/0x20 [ 988.592792][ T5416] ? __kasan_check_write+0x18/0x20 [ 988.592818][ T5416] ? _raw_spin_trylock+0xaf/0x130 [ 988.592841][ T5416] ? __cfi__raw_spin_trylock+0x10/0x10 [ 988.592863][ T5416] ? entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 988.592884][ T5416] ? _raw_spin_unlock+0x45/0x60 [ 988.592906][ T5416] ? call_rcu_nocb+0x6bd/0xc10 [ 988.592933][ T5416] ? is_bpf_text_address+0x17b/0x1a0 [ 988.592954][ T5416] ? kernel_text_address+0xa9/0xe0 [ 988.592977][ T5416] ? __kernel_text_address+0x11/0x40 [ 988.593000][ T5416] ? unwind_get_return_address+0x51/0x90 [ 988.593091][ T5416] ? __cfi_stack_trace_consume_entry+0x10/0x10 [ 988.593117][ T5416] ? arch_stack_walk+0x10b/0x170 [ 988.593139][ T5416] ? is_bpf_text_address+0x17b/0x1a0 [ 988.593162][ T5416] ? kernel_text_address+0xa9/0xe0 [ 988.593185][ T5416] ? __kernel_text_address+0x11/0x40 [ 988.593208][ T5416] ? unwind_get_return_address+0x51/0x90 [ 988.593231][ T5416] ? __cfi_stack_trace_consume_entry+0x10/0x10 [ 988.593259][ T5416] ? arch_stack_walk+0x10b/0x170 [ 988.593280][ T5416] ? is_bpf_text_address+0x17b/0x1a0 [ 988.593301][ T5416] ? kernel_text_address+0xa9/0xe0 [ 988.593325][ T5416] ? __kernel_text_address+0x11/0x40 [ 988.593348][ T5416] ? unwind_get_return_address+0x51/0x90 [ 988.593371][ T5416] ? __cfi_stack_trace_consume_entry+0x10/0x10 [ 988.593400][ T5416] ? arch_stack_walk+0x10b/0x170 [ 988.593432][ T5416] ? __kasan_check_write+0x18/0x20 [ 988.593461][ T5416] ? _raw_spin_lock+0x8c/0x120 [ 988.593486][ T5416] ? __cfi__raw_spin_lock+0x10/0x10 [ 988.593509][ T5416] ? stack_depot_save_flags+0x38/0x800 [ 988.593532][ T5416] ? stack_trace_save+0x9d/0xe0 [ 988.593559][ T5416] ? _raw_spin_unlock+0x45/0x60 [ 988.593583][ T5416] ? rust_helper_spin_unlock+0x19/0x30 [ 988.593603][ T5416] ? _RNvMs4_NtCs5gLWsBERDPK_16rust_binder_main7processNtB5_7Process18get_current_thread+0x914/0x1400 [ 988.593631][ T5416] ? security_inode_alloc+0x51/0x200 [ 988.593660][ T5416] ? inode_init_always_gfp+0x756/0x9e0 [ 988.593683][ T5416] ? alloc_inode+0xc5/0x270 [ 988.593705][ T5416] ? proc_pident_instantiate+0x6d/0x2c0 [ 988.593726][ T5416] ? proc_pident_lookup+0x1c7/0x270 [ 988.593748][ T5416] ? path_openat+0x1301/0x34b0 [ 988.593771][ T5416] ? do_sys_openat2+0x12c/0x1c0 [ 988.593812][ T5416] ? __x64_sys_openat+0x13a/0x170 [ 988.593837][ T5416] ? x64_sys_call+0xe69/0x2ee0 [ 988.593865][ T5416] ? do_syscall_64+0x58/0xf0 [ 988.593890][ T5416] ? entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 988.593913][ T5416] ? __cfi__RNvMs4_NtCs5gLWsBERDPK_16rust_binder_main7processNtB5_7Process18get_current_thread+0x10/0x10 [ 988.593943][ T5416] ? avc_has_perm_noaudit+0x268/0x360 [ 988.593971][ T5416] ? __asan_memcpy+0x5a/0x80 [ 988.593989][ T5416] ? avc_has_perm_noaudit+0x286/0x360 [ 988.594021][ T5416] ? avc_has_perm+0x144/0x220 [ 988.594047][ T5416] ? __cfi_avc_has_perm+0x10/0x10 [ 988.594073][ T5416] ? kasan_save_alloc_info+0x40/0x50 [ 988.594102][ T5416] ? selinux_file_open+0x457/0x610 [ 988.594128][ T5416] _RNvMs6_NtCs5gLWsBERDPK_16rust_binder_main7processNtB5_7Process5ioctl+0x40c/0x2cf0 [ 988.594158][ T5416] ? avc_has_extended_perms+0x7c7/0xdd0 [ 988.594183][ T5416] ? __asan_memcpy+0x5a/0x80 [ 988.594202][ T5416] ? avc_has_extended_perms+0x921/0xdd0 [ 988.594228][ T5416] ? __cfi__RNvMs6_NtCs5gLWsBERDPK_16rust_binder_main7processNtB5_7Process5ioctl+0x10/0x10 [ 988.594298][ T5416] ? do_vfs_ioctl+0xeda/0x1e30 [ 988.594325][ T5416] ? arch_stack_walk+0x10b/0x170 [ 988.594344][ T5416] ? __ia32_compat_sys_ioctl+0x850/0x850 [ 988.594458][ T5416] ? _parse_integer+0x2e/0x40 [ 988.594490][ T5416] ? ioctl_has_perm+0x384/0x4d0 [ 988.594514][ T5416] ? has_cap_mac_admin+0xd0/0xd0 [ 988.594538][ T5416] ? proc_fail_nth_write+0x17e/0x210 [ 988.594564][ T5416] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 988.594592][ T5416] ? selinux_file_ioctl+0x6e0/0x1360 [ 988.594624][ T5416] ? vfs_write+0x93e/0xf30 [ 988.594648][ T5416] ? __cfi_selinux_file_ioctl+0x10/0x10 [ 988.594702][ T5416] ? __cfi_vfs_write+0x10/0x10 [ 988.594751][ T5416] ? __kasan_check_write+0x18/0x20 [ 988.594791][ T5416] ? mutex_unlock+0x8b/0x240 [ 988.594816][ T5416] ? __cfi_mutex_unlock+0x10/0x10 [ 988.594834][ T5416] ? __fget_files+0x2c5/0x340 [ 988.594869][ T5416] ? __fget_files+0x2c5/0x340 [ 988.594898][ T5416] _RNvCs5gLWsBERDPK_16rust_binder_main26rust_binder_unlocked_ioctl+0xa0/0x100 [ 988.594929][ T5416] ? __se_sys_ioctl+0x114/0x1b0 [ 988.594959][ T5416] ? __cfi__RNvCs5gLWsBERDPK_16rust_binder_main26rust_binder_unlocked_ioctl+0x10/0x10 [ 988.594997][ T5416] __se_sys_ioctl+0x135/0x1b0 [ 988.595023][ T5416] __x64_sys_ioctl+0x7f/0xa0 [ 988.595045][ T5416] x64_sys_call+0x1878/0x2ee0 [ 988.595074][ T5416] do_syscall_64+0x58/0xf0 [ 988.595098][ T5416] ? clear_bhb_loop+0x50/0xa0 [ 988.595120][ T5416] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 988.595141][ T5416] RIP: 0033:0x7f0067b8f6c9 [ 988.595161][ T5416] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 988.595186][ T5416] RSP: 002b:00007f00689a9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 988.595210][ T5416] RAX: ffffffffffffffda RBX: 00007f0067de5fa0 RCX: 00007f0067b8f6c9 [ 988.595227][ T5416] RDX: 0000200000000100 RSI: 00000000c0306201 RDI: 0000000000000005 [ 988.595242][ T5416] RBP: 00007f00689a9090 R08: 0000000000000000 R09: 0000000000000000 [ 988.595256][ T5416] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 988.595269][ T5416] R13: 00007f0067de6038 R14: 00007f0067de5fa0 R15: 00007ffdb8ee9738 [ 988.595288][ T5416] [ 989.522361][ T5425] fuse: Bad value for 'fd' [ 989.601979][ T5436] netlink: 'syz.0.30954': attribute type 15 has an invalid length. [ 989.616884][ T5436] netlink: 24 bytes leftover after parsing attributes in process `syz.0.30954'. [ 989.629198][ T5436] netlink: 'syz.0.30954': attribute type 1 has an invalid length. [ 989.639836][ T5436] netlink: 'syz.0.30954': attribute type 2 has an invalid length. [ 989.862268][ T5449] rust_binder: Read failure Err(EAGAIN) in pid:47 [ 989.917368][ T5452] FAULT_INJECTION: forcing a failure. [ 989.917368][ T5452] name failslab, interval 1, probability 0, space 0, times 0 [ 989.942595][ T5452] CPU: 1 UID: 0 PID: 5452 Comm: syz.0.30963 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 989.942631][ T5452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 989.942645][ T5452] Call Trace: [ 989.942656][ T5452] [ 989.942665][ T5452] __dump_stack+0x21/0x30 [ 989.942695][ T5452] dump_stack_lvl+0x10c/0x190 [ 989.942720][ T5452] ? __cfi_dump_stack_lvl+0x10/0x10 [ 989.942751][ T5452] ? release_sock+0x171/0x1f0 [ 989.942775][ T5452] dump_stack+0x19/0x20 [ 989.942798][ T5452] should_fail_ex+0x3d9/0x530 [ 989.942820][ T5452] should_failslab+0xac/0x100 [ 989.942842][ T5452] kmem_cache_alloc_node_noprof+0x45/0x440 [ 989.942861][ T5452] ? netlink_data_ready+0x20/0x20 [ 989.942884][ T5452] ? __alloc_skb+0x10c/0x370 [ 989.942913][ T5452] __alloc_skb+0x10c/0x370 [ 989.942937][ T5452] netlink_alloc_large_skb+0xf7/0x1b0 [ 989.942963][ T5452] netlink_sendmsg+0x586/0xaf0 [ 989.942989][ T5452] ? __kasan_check_write+0x18/0x20 [ 989.943018][ T5452] ? __cfi_netlink_sendmsg+0x10/0x10 [ 989.943045][ T5452] ? __fget_files+0x2c5/0x340 [ 989.943067][ T5452] ? bpf_lsm_socket_sendmsg+0xd/0x20 [ 989.943090][ T5452] ? security_socket_sendmsg+0x33/0xd0 [ 989.943111][ T5452] __sys_sendto+0x66d/0x6f0 [ 989.943137][ T5452] ? __cfi___sys_sendto+0x10/0x10 [ 989.943163][ T5452] ? __kasan_check_write+0x18/0x20 [ 989.943191][ T5452] ? __cfi_ksys_write+0x10/0x10 [ 989.943212][ T5452] __x64_sys_sendto+0xe9/0x100 [ 989.943237][ T5452] x64_sys_call+0x2c2c/0x2ee0 [ 989.943264][ T5452] do_syscall_64+0x58/0xf0 [ 989.943290][ T5452] ? clear_bhb_loop+0x50/0xa0 [ 989.943313][ T5452] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 989.943334][ T5452] RIP: 0033:0x7f0067b8f6c9 [ 989.943352][ T5452] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 989.943371][ T5452] RSP: 002b:00007f00689a9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 989.943405][ T5452] RAX: ffffffffffffffda RBX: 00007f0067de5fa0 RCX: 00007f0067b8f6c9 [ 989.943422][ T5452] RDX: 0000000000000090 RSI: 00002000000000c0 RDI: 0000000000000006 [ 989.943437][ T5452] RBP: 00007f00689a9090 R08: 0000000000000000 R09: 0000000000000000 [ 989.943452][ T5452] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 989.943465][ T5452] R13: 00007f0067de6038 R14: 00007f0067de5fa0 R15: 00007ffdb8ee9738 [ 989.943483][ T5452] [ 989.986996][ T5454] FAULT_INJECTION: forcing a failure. [ 989.986996][ T5454] name failslab, interval 1, probability 0, space 0, times 0 [ 990.285233][ T5454] CPU: 0 UID: 0 PID: 5454 Comm: syz.1.30957 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 990.285271][ T5454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 990.285285][ T5454] Call Trace: [ 990.285292][ T5454] [ 990.285300][ T5454] __dump_stack+0x21/0x30 [ 990.285485][ T5454] dump_stack_lvl+0x10c/0x190 [ 990.285509][ T5454] ? __cfi_dump_stack_lvl+0x10/0x10 [ 990.285536][ T5454] dump_stack+0x19/0x20 [ 990.285559][ T5454] should_fail_ex+0x3d9/0x530 [ 990.285580][ T5454] should_failslab+0xac/0x100 [ 990.285602][ T5454] kmem_cache_alloc_noprof+0x42/0x430 [ 990.285621][ T5454] ? __khugepaged_enter+0x78/0x330 [ 990.285645][ T5454] __khugepaged_enter+0x78/0x330 [ 990.285667][ T5454] khugepaged_enter_vma+0x3ff/0x430 [ 990.285690][ T5454] hugepage_madvise+0xaf/0xd0 [ 990.285712][ T5454] madvise_vma_behavior+0x6b4/0x2d40 [ 990.285741][ T5454] ? __cfi_madvise_vma_behavior+0x10/0x10 [ 990.285768][ T5454] ? is_bpf_text_address+0x17b/0x1a0 [ 990.285791][ T5454] ? kernel_text_address+0xa9/0xe0 [ 990.285814][ T5454] ? __kernel_text_address+0x11/0x40 [ 990.285837][ T5454] ? unwind_get_return_address+0x51/0x90 [ 990.285860][ T5454] ? __cfi_stack_trace_consume_entry+0x10/0x10 [ 990.285888][ T5454] ? arch_stack_walk+0x10b/0x170 [ 990.285907][ T5454] ? _parse_integer_limit+0x195/0x1e0 [ 990.285935][ T5454] ? mtree_range_walk+0x573/0x730 [ 990.285956][ T5454] ? mas_prev_slot+0xab4/0xb60 [ 990.285977][ T5454] ? mas_prev+0x5f/0xa0 [ 990.285997][ T5454] ? find_vma_prev+0xfd/0x170 [ 990.286016][ T5454] ? __cfi_find_vma_prev+0x10/0x10 [ 990.286040][ T5454] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 990.286137][ T5454] ? bpf_lsm_file_permission+0xd/0x20 [ 990.286163][ T5454] madvise_walk_vmas+0x3ec/0x700 [ 990.286189][ T5454] ? __cfi_madvise_vma_behavior+0x10/0x10 [ 990.286216][ T5454] ? down_write_killable+0xe9/0x2d0 [ 990.286238][ T5454] ? madvise_set_anon_name+0x610/0x610 [ 990.286271][ T5454] ? __asan_memset+0x39/0x50 [ 990.286288][ T5454] ? blk_start_plug+0x72/0x1c0 [ 990.286309][ T5454] do_madvise+0x5c0/0xb70 [ 990.286334][ T5454] ? __cfi_do_madvise+0x10/0x10 [ 990.286363][ T5454] ? ksys_write+0x1ef/0x250 [ 990.286383][ T5454] ? __cfi_ksys_write+0x10/0x10 [ 990.286403][ T5454] __x64_sys_madvise+0xae/0xc0 [ 990.286429][ T5454] x64_sys_call+0x20c3/0x2ee0 [ 990.286457][ T5454] do_syscall_64+0x58/0xf0 [ 990.286480][ T5454] ? clear_bhb_loop+0x50/0xa0 [ 990.286502][ T5454] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 990.286522][ T5454] RIP: 0033:0x7f18cf18f6c9 [ 990.286541][ T5454] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 990.286559][ T5454] RSP: 002b:00007f18d00a5038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 990.286587][ T5454] RAX: ffffffffffffffda RBX: 00007f18cf3e6090 RCX: 00007f18cf18f6c9 [ 990.286603][ T5454] RDX: 000000000000000e RSI: 0000000000004000 RDI: 0000200000a93000 [ 990.286617][ T5454] RBP: 00007f18d00a5090 R08: 0000000000000000 R09: 0000000000000000 [ 990.286630][ T5454] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 990.286642][ T5454] R13: 00007f18cf3e6128 R14: 00007f18cf3e6090 R15: 00007ffc02d49448 [ 990.286660][ T5454] [ 990.828916][ T5468] rust_binder: Read failure Err(EAGAIN) in pid:1062 [ 990.877221][ T5474] fuseblk: Unknown parameter '0x000000000000000c' [ 991.099256][ T5488] FAULT_INJECTION: forcing a failure. [ 991.099256][ T5488] name failslab, interval 1, probability 0, space 0, times 0 [ 991.131644][ T5488] CPU: 0 UID: 0 PID: 5488 Comm: syz.1.30979 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 991.131676][ T5488] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 991.131687][ T5488] Call Trace: [ 991.131693][ T5488] [ 991.131701][ T5488] __dump_stack+0x21/0x30 [ 991.131727][ T5488] dump_stack_lvl+0x10c/0x190 [ 991.131750][ T5488] ? __cfi_dump_stack_lvl+0x10/0x10 [ 991.131772][ T5488] ? release_sock+0x171/0x1f0 [ 991.131793][ T5488] dump_stack+0x19/0x20 [ 991.131814][ T5488] should_fail_ex+0x3d9/0x530 [ 991.131833][ T5488] should_failslab+0xac/0x100 [ 991.131854][ T5488] kmem_cache_alloc_node_noprof+0x45/0x440 [ 991.131873][ T5488] ? netlink_data_ready+0x20/0x20 [ 991.131897][ T5488] ? __alloc_skb+0x10c/0x370 [ 991.131920][ T5488] __alloc_skb+0x10c/0x370 [ 991.131943][ T5488] netlink_alloc_large_skb+0xf7/0x1b0 [ 991.131977][ T5488] netlink_sendmsg+0x586/0xaf0 [ 991.132000][ T5488] ? __cfi_netlink_sendmsg+0x10/0x10 [ 991.132021][ T5488] ? __asan_memcpy+0x5a/0x80 [ 991.132037][ T5488] ? bpf_lsm_socket_sendmsg+0xd/0x20 [ 991.132059][ T5488] ? security_socket_sendmsg+0x33/0xd0 [ 991.132077][ T5488] sock_write_iter+0x49c/0x4f0 [ 991.132096][ T5488] ? __cfi_sock_write_iter+0x10/0x10 [ 991.132116][ T5488] do_iter_readv_writev+0x628/0x810 [ 991.132137][ T5488] ? vfs_iter_read+0x5f0/0x5f0 [ 991.132158][ T5488] ? bpf_lsm_file_permission+0xd/0x20 [ 991.132183][ T5488] vfs_writev+0x485/0xcf0 [ 991.132206][ T5488] ? do_writev+0x2d0/0x2d0 [ 991.132225][ T5488] ? vfs_write+0x93e/0xf30 [ 991.132247][ T5488] do_writev+0x14d/0x2d0 [ 991.132268][ T5488] ? vfs_readv+0xa50/0xa50 [ 991.132290][ T5488] ? __kasan_check_read+0x15/0x20 [ 991.132316][ T5488] __x64_sys_writev+0x81/0x90 [ 991.132336][ T5488] x64_sys_call+0x1fbb/0x2ee0 [ 991.132362][ T5488] do_syscall_64+0x58/0xf0 [ 991.132385][ T5488] ? clear_bhb_loop+0x50/0xa0 [ 991.132406][ T5488] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 991.132427][ T5488] RIP: 0033:0x7f18cf18f6c9 [ 991.132445][ T5488] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 991.132462][ T5488] RSP: 002b:00007f18d00c6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 991.132485][ T5488] RAX: ffffffffffffffda RBX: 00007f18cf3e5fa0 RCX: 00007f18cf18f6c9 [ 991.132501][ T5488] RDX: 0000000000000001 RSI: 0000200000000180 RDI: 0000000000000007 [ 991.132514][ T5488] RBP: 00007f18d00c6090 R08: 0000000000000000 R09: 0000000000000000 [ 991.132526][ T5488] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 991.132537][ T5488] R13: 00007f18cf3e6038 R14: 00007f18cf3e5fa0 R15: 00007ffc02d49448 [ 991.132553][ T5488] [ 991.482641][ T36] audit: type=1400 audit(1763400052.089:9003): avc: denied { getopt } for pid=5494 comm="syz.0.30981" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 991.539318][ T5500] netlink: 'syz.1.30984': attribute type 15 has an invalid length. [ 991.551672][ T5500] netlink: 24 bytes leftover after parsing attributes in process `syz.1.30984'. [ 991.561826][ T5500] netlink: 'syz.1.30984': attribute type 1 has an invalid length. [ 991.570562][ T5500] netlink: 'syz.1.30984': attribute type 2 has an invalid length. [ 991.617269][ T5508] netlink: 24 bytes leftover after parsing attributes in process `syz.4.30988'. [ 991.738327][ T36] audit: type=1400 audit(1763400052.339:9004): avc: denied { append } for pid=5516 comm="syz.1.30992" name="loop2" dev="devtmpfs" ino=51 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 992.353464][ T5535] FAULT_INJECTION: forcing a failure. [ 992.353464][ T5535] name failslab, interval 1, probability 0, space 0, times 0 [ 992.388912][ T5535] CPU: 0 UID: 0 PID: 5535 Comm: syz.1.31001 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 992.388962][ T5535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 992.388975][ T5535] Call Trace: [ 992.388983][ T5535] [ 992.388991][ T5535] __dump_stack+0x21/0x30 [ 992.389023][ T5535] dump_stack_lvl+0x10c/0x190 [ 992.389047][ T5535] ? __cfi_dump_stack_lvl+0x10/0x10 [ 992.389069][ T5535] ? __cfi_vfs_write+0x10/0x10 [ 992.389087][ T5535] dump_stack+0x19/0x20 [ 992.389110][ T5535] should_fail_ex+0x3d9/0x530 [ 992.389131][ T5535] should_failslab+0xac/0x100 [ 992.389152][ T5535] kmem_cache_alloc_noprof+0x42/0x430 [ 992.389169][ T5535] ? getname_flags+0xc6/0x710 [ 992.389192][ T5535] ? ksys_write+0x1ef/0x250 [ 992.389210][ T5535] getname_flags+0xc6/0x710 [ 992.389228][ T5535] getname_uflags+0x28/0x40 [ 992.389246][ T5535] __x64_sys_execveat+0xba/0xf0 [ 992.389270][ T5535] x64_sys_call+0x906/0x2ee0 [ 992.389294][ T5535] do_syscall_64+0x58/0xf0 [ 992.389317][ T5535] ? clear_bhb_loop+0x50/0xa0 [ 992.389336][ T5535] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 992.389356][ T5535] RIP: 0033:0x7f18cf18f6c9 [ 992.389373][ T5535] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 992.389389][ T5535] RSP: 002b:00007f18d00c6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 992.389411][ T5535] RAX: ffffffffffffffda RBX: 00007f18cf3e5fa0 RCX: 00007f18cf18f6c9 [ 992.389426][ T5535] RDX: 0000000000000000 RSI: 0000200000000140 RDI: ffffffffffffff9c [ 992.389440][ T5535] RBP: 00007f18d00c6090 R08: 0000000000001000 R09: 0000000000000000 [ 992.389453][ T5535] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 992.389466][ T5535] R13: 00007f18cf3e6038 R14: 00007f18cf3e5fa0 R15: 00007ffc02d49448 [ 992.389482][ T5535] [ 992.486540][ T5539] rust_binder: Read failure Err(EAGAIN) in pid:158 [ 992.501786][ T5541] FAULT_INJECTION: forcing a failure. [ 992.501786][ T5541] name failslab, interval 1, probability 0, space 0, times 0 [ 992.647406][ T5545] validate_nla: 3 callbacks suppressed [ 992.647430][ T5545] netlink: 'syz.4.31004': attribute type 15 has an invalid length. [ 992.664789][ T5545] netlink: 24 bytes leftover after parsing attributes in process `syz.4.31004'. [ 992.676515][ T5545] netlink: 'syz.4.31004': attribute type 1 has an invalid length. [ 992.684933][ T5541] CPU: 0 UID: 0 PID: 5541 Comm: syz.0.30998 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 992.684967][ T5541] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 992.684980][ T5541] Call Trace: [ 992.684987][ T5541] [ 992.684995][ T5541] __dump_stack+0x21/0x30 [ 992.685026][ T5541] dump_stack_lvl+0x10c/0x190 [ 992.685050][ T5541] ? __cfi_dump_stack_lvl+0x10/0x10 [ 992.685080][ T5541] ? __kasan_check_write+0x18/0x20 [ 992.685107][ T5541] ? proc_fail_nth_write+0x17e/0x210 [ 992.685132][ T5541] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 992.685156][ T5541] dump_stack+0x19/0x20 [ 992.685177][ T5541] should_fail_ex+0x3d9/0x530 [ 992.685197][ T5541] should_failslab+0xac/0x100 [ 992.685217][ T5541] kmem_cache_alloc_noprof+0x42/0x430 [ 992.685235][ T5541] ? getname_flags+0xc6/0x710 [ 992.685254][ T5541] getname_flags+0xc6/0x710 [ 992.685272][ T5541] ? build_open_flags+0x487/0x600 [ 992.685294][ T5541] getname+0x1b/0x30 [ 992.685311][ T5541] do_sys_openat2+0xcb/0x1c0 [ 992.685334][ T5541] ? fput+0x1a5/0x240 [ 992.685355][ T5541] ? do_sys_open+0x100/0x100 [ 992.685376][ T5541] ? ksys_write+0x1ef/0x250 [ 992.685394][ T5541] ? __cfi_ksys_write+0x10/0x10 [ 992.685412][ T5541] __x64_sys_openat+0x13a/0x170 [ 992.685436][ T5541] x64_sys_call+0xe69/0x2ee0 [ 992.685460][ T5541] do_syscall_64+0x58/0xf0 [ 992.685488][ T5541] ? clear_bhb_loop+0x50/0xa0 [ 992.685509][ T5541] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 992.685528][ T5541] RIP: 0033:0x7f0067b8f6c9 [ 992.685544][ T5541] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 992.685560][ T5541] RSP: 002b:00007f00689a9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 992.685583][ T5541] RAX: ffffffffffffffda RBX: 00007f0067de5fa0 RCX: 00007f0067b8f6c9 [ 992.685598][ T5541] RDX: 0000000000000000 RSI: 0000200000000180 RDI: ffffffffffffff9c [ 992.685612][ T5541] RBP: 00007f00689a9090 R08: 0000000000000000 R09: 0000000000000000 [ 992.685625][ T5541] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 992.685638][ T5541] R13: 00007f0067de6038 R14: 00007f0067de5fa0 R15: 00007ffdb8ee9738 [ 992.685654][ T5541] [ 992.685799][ T5545] netlink: 'syz.4.31004': attribute type 2 has an invalid length. [ 993.206077][ T5571] netlink: 'syz.3.31015': attribute type 15 has an invalid length. [ 993.228883][ T5571] netlink: 24 bytes leftover after parsing attributes in process `syz.3.31015'. [ 993.249613][ T5571] netlink: 'syz.3.31015': attribute type 1 has an invalid length. [ 993.269260][ T5571] netlink: 'syz.3.31015': attribute type 2 has an invalid length. [ 993.341236][ T5573] rust_binder: Read failure Err(EAGAIN) in pid:1086 [ 993.680492][ T5591] netlink: 'syz.1.31025': attribute type 15 has an invalid length. [ 993.716760][ T5591] netlink: 24 bytes leftover after parsing attributes in process `syz.1.31025'. [ 993.941274][ T36] audit: type=1400 audit(1763400054.549:9005): avc: denied { relabelfrom } for pid=5597 comm="syz.1.31030" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1 [ 993.963198][ T5598] FAULT_INJECTION: forcing a failure. [ 993.963198][ T5598] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 993.999547][ T36] audit: type=1400 audit(1763400054.549:9006): avc: denied { relabelto } for pid=5597 comm="syz.1.31030" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1 [ 994.028868][ T5598] CPU: 1 UID: 0 PID: 5598 Comm: syz.1.31030 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 994.028902][ T5598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 994.028921][ T5598] Call Trace: [ 994.028928][ T5598] [ 994.028937][ T5598] __dump_stack+0x21/0x30 [ 994.028966][ T5598] dump_stack_lvl+0x10c/0x190 [ 994.028984][ T5598] ? __cfi_dump_stack_lvl+0x10/0x10 [ 994.029004][ T5598] ? __cfi_avc_has_perm+0x10/0x10 [ 994.029027][ T5598] ? kasan_save_alloc_info+0x40/0x50 [ 994.029052][ T5598] dump_stack+0x19/0x20 [ 994.029074][ T5598] should_fail_ex+0x3d9/0x530 [ 994.029091][ T5598] should_fail+0xf/0x20 [ 994.029107][ T5598] should_fail_usercopy+0x1e/0x30 [ 994.029126][ T5598] _copy_from_iter+0x1a3/0x14d0 [ 994.029148][ T5598] ? __cfi__copy_from_iter+0x10/0x10 [ 994.029172][ T5598] tun_get_user+0x40b/0x3450 [ 994.029193][ T5598] ? unwind_get_return_address+0x51/0x90 [ 994.029217][ T5598] ? _parse_integer_limit+0x195/0x1e0 [ 994.029246][ T5598] ? ptr_ring_consume+0x430/0x430 [ 994.029265][ T5598] ? _parse_integer+0x2e/0x40 [ 994.029290][ T5598] ? kstrtoull+0x13b/0x1e0 [ 994.029312][ T5598] ? __kasan_check_write+0x18/0x20 [ 994.029341][ T5598] ? ref_tracker_alloc+0x308/0x540 [ 994.029360][ T5598] ? __x64_sys_openat+0x13a/0x170 [ 994.029381][ T5598] ? __cfi_ref_tracker_alloc+0x10/0x10 [ 994.029400][ T5598] ? selinux_file_permission+0x309/0xb30 [ 994.029423][ T5598] ? __kasan_check_write+0x18/0x20 [ 994.029449][ T5598] tun_chr_write_iter+0x1fc/0x310 [ 994.029469][ T5598] vfs_write+0x718/0xf30 [ 994.029485][ T5598] ? __cfi_tun_chr_write_iter+0x10/0x10 [ 994.029503][ T5598] ? __cfi_vfs_write+0x10/0x10 [ 994.029521][ T5598] ksys_write+0x141/0x250 [ 994.029540][ T5598] ? __cfi_ksys_write+0x10/0x10 [ 994.029558][ T5598] ? __kasan_check_read+0x15/0x20 [ 994.029584][ T5598] __x64_sys_write+0x7f/0x90 [ 994.029601][ T5598] x64_sys_call+0x271c/0x2ee0 [ 994.029631][ T5598] do_syscall_64+0x58/0xf0 [ 994.029654][ T5598] ? clear_bhb_loop+0x50/0xa0 [ 994.029673][ T5598] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 994.029692][ T5598] RIP: 0033:0x7f18cf18f6c9 [ 994.029708][ T5598] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 994.029724][ T5598] RSP: 002b:00007f18d00c6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 994.029745][ T5598] RAX: ffffffffffffffda RBX: 00007f18cf3e5fa0 RCX: 00007f18cf18f6c9 [ 994.029760][ T5598] RDX: 000000000000ffdd RSI: 0000200000000080 RDI: 0000000000000004 [ 994.029774][ T5598] RBP: 00007f18d00c6090 R08: 0000000000000000 R09: 0000000000000000 [ 994.029787][ T5598] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 994.029800][ T5598] R13: 00007f18cf3e6038 R14: 00007f18cf3e5fa0 R15: 00007ffc02d49448 [ 994.029817][ T5598] [ 994.318186][ T5603] rust_binder: Read failure Err(EAGAIN) in pid:71 [ 994.326997][ T5604] rust_binder: Read failure Err(EAGAIN) in pid:172 [ 994.339645][ T5601] netlink: 'syz.3.31031': attribute type 15 has an invalid length. [ 994.355129][ T5601] netlink: 24 bytes leftover after parsing attributes in process `syz.3.31031'. [ 994.364551][ T5607] batadv_slave_1: entered promiscuous mode [ 994.371857][ T5607] batadv_slave_1: left promiscuous mode [ 994.405021][ T5613] netlink: 'syz.1.31036': attribute type 15 has an invalid length. [ 994.420328][ T5613] netlink: 24 bytes leftover after parsing attributes in process `syz.1.31036'. [ 994.436101][ T5613] netlink: 'syz.1.31036': attribute type 1 has an invalid length. [ 994.661640][ T5631] FAULT_INJECTION: forcing a failure. [ 994.661640][ T5631] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 994.691232][ T5631] CPU: 1 UID: 0 PID: 5631 Comm: syz.1.31043 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 994.691268][ T5631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 994.691281][ T5631] Call Trace: [ 994.691287][ T5631] [ 994.691296][ T5631] __dump_stack+0x21/0x30 [ 994.691326][ T5631] dump_stack_lvl+0x10c/0x190 [ 994.691349][ T5631] ? __cfi_dump_stack_lvl+0x10/0x10 [ 994.691373][ T5631] ? _raw_spin_lock_bh+0x90/0x120 [ 994.691396][ T5631] ? __cfi__raw_spin_lock_bh+0x10/0x10 [ 994.691420][ T5631] dump_stack+0x19/0x20 [ 994.691442][ T5631] should_fail_ex+0x3d9/0x530 [ 994.691463][ T5631] should_fail+0xf/0x20 [ 994.691480][ T5631] should_fail_usercopy+0x1e/0x30 [ 994.691500][ T5631] _copy_from_user+0x22/0xb0 [ 994.691523][ T5631] sock_do_ioctl+0x18b/0x330 [ 994.691544][ T5631] ? sock_show_fdinfo+0xd0/0xd0 [ 994.691564][ T5631] ? __cfi_vfs_write+0x10/0x10 [ 994.691608][ T5631] ? __kasan_check_write+0x18/0x20 [ 994.691635][ T5631] ? mutex_unlock+0x8b/0x240 [ 994.691653][ T5631] sock_ioctl+0x634/0x7b0 [ 994.691672][ T5631] ? __cfi_sock_ioctl+0x10/0x10 [ 994.691691][ T5631] ? __fget_files+0x2c5/0x340 [ 994.691712][ T5631] ? bpf_lsm_file_ioctl+0xd/0x20 [ 994.691737][ T5631] ? security_file_ioctl+0x34/0xd0 [ 994.691757][ T5631] ? __cfi_sock_ioctl+0x10/0x10 [ 994.691776][ T5631] __se_sys_ioctl+0x135/0x1b0 [ 994.691796][ T5631] __x64_sys_ioctl+0x7f/0xa0 [ 994.691816][ T5631] x64_sys_call+0x1878/0x2ee0 [ 994.691840][ T5631] do_syscall_64+0x58/0xf0 [ 994.691863][ T5631] ? clear_bhb_loop+0x50/0xa0 [ 994.691883][ T5631] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 994.691903][ T5631] RIP: 0033:0x7f18cf18f6c9 [ 994.691921][ T5631] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 994.691937][ T5631] RSP: 002b:00007f18d00c6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 994.691959][ T5631] RAX: ffffffffffffffda RBX: 00007f18cf3e5fa0 RCX: 00007f18cf18f6c9 [ 994.691974][ T5631] RDX: 0000200000000440 RSI: 0000000000008922 RDI: 0000000000000007 [ 994.691988][ T5631] RBP: 00007f18d00c6090 R08: 0000000000000000 R09: 0000000000000000 [ 994.692001][ T5631] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 994.692013][ T5631] R13: 00007f18cf3e6038 R14: 00007f18cf3e5fa0 R15: 00007ffc02d49448 [ 994.692030][ T5631] [ 995.113735][ T5638] rust_binder: Read failure Err(EAGAIN) in pid:1083 [ 995.162112][ T5640] netlink: 24 bytes leftover after parsing attributes in process `syz.1.31048'. [ 995.469337][ T5652] rust_binder: Read failure Err(EAGAIN) in pid:88 [ 995.608314][ T5662] FAULT_INJECTION: forcing a failure. [ 995.608314][ T5662] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 995.637371][ T5662] CPU: 0 UID: 0 PID: 5662 Comm: syz.0.31057 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 995.637409][ T5662] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 995.637423][ T5662] Call Trace: [ 995.637430][ T5662] [ 995.637438][ T5662] __dump_stack+0x21/0x30 [ 995.637471][ T5662] dump_stack_lvl+0x10c/0x190 [ 995.637496][ T5662] ? __cfi_dump_stack_lvl+0x10/0x10 [ 995.637533][ T5662] ? check_stack_object+0x107/0x140 [ 995.637554][ T5662] dump_stack+0x19/0x20 [ 995.637577][ T5662] should_fail_ex+0x3d9/0x530 [ 995.637599][ T5662] should_fail+0xf/0x20 [ 995.637616][ T5662] should_fail_usercopy+0x1e/0x30 [ 995.637637][ T5662] _copy_from_user+0x22/0xb0 [ 995.637660][ T5662] __sys_connect+0x136/0x440 [ 995.637685][ T5662] ? __cfi___sys_connect+0x10/0x10 [ 995.637711][ T5662] ? __kasan_check_read+0x15/0x20 [ 995.637739][ T5662] __x64_sys_connect+0x7e/0x90 [ 995.637763][ T5662] x64_sys_call+0x1c2f/0x2ee0 [ 995.637788][ T5662] do_syscall_64+0x58/0xf0 [ 995.637811][ T5662] ? clear_bhb_loop+0x50/0xa0 [ 995.637833][ T5662] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 995.637853][ T5662] RIP: 0033:0x7f0067b8f6c9 [ 995.637871][ T5662] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 995.637889][ T5662] RSP: 002b:00007f00689a9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 995.637912][ T5662] RAX: ffffffffffffffda RBX: 00007f0067de5fa0 RCX: 00007f0067b8f6c9 [ 995.637927][ T5662] RDX: 000000000000001c RSI: 0000200000000340 RDI: 0000000000000008 [ 995.637941][ T5662] RBP: 00007f00689a9090 R08: 0000000000000000 R09: 0000000000000000 [ 995.637954][ T5662] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 995.637966][ T5662] R13: 00007f0067de6038 R14: 00007f0067de5fa0 R15: 00007ffdb8ee9738 [ 995.637983][ T5662] [ 996.083877][ T5683] rust_binder: Read failure Err(EAGAIN) in pid:100 [ 996.135110][ T5687] rust_binder: Read failure Err(EAGAIN) in pid:102 [ 996.381619][ T5710] rust_binder: Read failure Err(EAGAIN) in pid:1124 [ 996.462768][ T5716] rust_binder: Read failure Err(EAGAIN) in pid:1126 [ 996.932746][ T5731] FAULT_INJECTION: forcing a failure. [ 996.932746][ T5731] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 996.952813][ T5731] CPU: 1 UID: 0 PID: 5731 Comm: syz.4.31086 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 996.952846][ T5731] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 996.952859][ T5731] Call Trace: [ 996.952866][ T5731] [ 996.952873][ T5731] __dump_stack+0x21/0x30 [ 996.952894][ T5731] dump_stack_lvl+0x10c/0x190 [ 996.952907][ T5731] ? __cfi_dump_stack_lvl+0x10/0x10 [ 996.952921][ T5731] ? check_stack_object+0x107/0x140 [ 996.952932][ T5731] dump_stack+0x19/0x20 [ 996.952944][ T5731] should_fail_ex+0x3d9/0x530 [ 996.952956][ T5731] should_fail+0xf/0x20 [ 996.952965][ T5731] should_fail_usercopy+0x1e/0x30 [ 996.952976][ T5731] _copy_from_user+0x22/0xb0 [ 996.952990][ T5731] __sys_connect+0x136/0x440 [ 996.953004][ T5731] ? __cfi___sys_connect+0x10/0x10 [ 996.953019][ T5731] ? __kasan_check_read+0x15/0x20 [ 996.953034][ T5731] __x64_sys_connect+0x7e/0x90 [ 996.953046][ T5731] x64_sys_call+0x1c2f/0x2ee0 [ 996.953060][ T5731] do_syscall_64+0x58/0xf0 [ 996.953086][ T5731] ? clear_bhb_loop+0x50/0xa0 [ 996.953106][ T5731] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 996.953126][ T5731] RIP: 0033:0x7f084bb8f6c9 [ 996.953142][ T5731] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 996.953158][ T5731] RSP: 002b:00007f084c973038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 996.953180][ T5731] RAX: ffffffffffffffda RBX: 00007f084bde5fa0 RCX: 00007f084bb8f6c9 [ 996.953188][ T5731] RDX: 000000000000001c RSI: 0000200000000000 RDI: 0000000000000008 [ 996.953196][ T5731] RBP: 00007f084c973090 R08: 0000000000000000 R09: 0000000000000000 [ 996.953204][ T5731] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 996.953211][ T5731] R13: 00007f084bde6038 R14: 00007f084bde5fa0 R15: 00007ffd1d8e3258 [ 996.953222][ T5731] [ 997.164754][ T5738] netlink: 24 bytes leftover after parsing attributes in process `syz.0.31091'. [ 997.212417][ T5742] rust_binder: Read failure Err(EAGAIN) in pid:120 [ 997.330725][ T5759] FAULT_INJECTION: forcing a failure. [ 997.330725][ T5759] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 997.352615][ T5759] CPU: 0 UID: 0 PID: 5759 Comm: syz.1.31101 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 997.352639][ T5759] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 997.352647][ T5759] Call Trace: [ 997.352652][ T5759] [ 997.352657][ T5759] __dump_stack+0x21/0x30 [ 997.352677][ T5759] dump_stack_lvl+0x10c/0x190 [ 997.352694][ T5759] ? __cfi_dump_stack_lvl+0x10/0x10 [ 997.352708][ T5759] ? inet6_ioctl+0x200/0x280 [ 997.352722][ T5759] dump_stack+0x19/0x20 [ 997.352734][ T5759] should_fail_ex+0x3d9/0x530 [ 997.352746][ T5759] should_fail+0xf/0x20 [ 997.352755][ T5759] should_fail_usercopy+0x1e/0x30 [ 997.352767][ T5759] _copy_from_user+0x22/0xb0 [ 997.352780][ T5759] sock_do_ioctl+0x18b/0x330 [ 997.352792][ T5759] ? sock_show_fdinfo+0xd0/0xd0 [ 997.352803][ T5759] ? __cfi_vfs_write+0x10/0x10 [ 997.352814][ T5759] ? __kasan_check_write+0x18/0x20 [ 997.352828][ T5759] ? mutex_unlock+0x8b/0x240 [ 997.352839][ T5759] sock_ioctl+0x634/0x7b0 [ 997.352850][ T5759] ? __cfi_sock_ioctl+0x10/0x10 [ 997.352860][ T5759] ? __fget_files+0x2c5/0x340 [ 997.352872][ T5759] ? bpf_lsm_file_ioctl+0xd/0x20 [ 997.352886][ T5759] ? security_file_ioctl+0x34/0xd0 [ 997.352898][ T5759] ? __cfi_sock_ioctl+0x10/0x10 [ 997.352909][ T5759] __se_sys_ioctl+0x135/0x1b0 [ 997.352920][ T5759] __x64_sys_ioctl+0x7f/0xa0 [ 997.352931][ T5759] x64_sys_call+0x1878/0x2ee0 [ 997.352945][ T5759] do_syscall_64+0x58/0xf0 [ 997.352959][ T5759] ? clear_bhb_loop+0x50/0xa0 [ 997.352971][ T5759] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 997.352982][ T5759] RIP: 0033:0x7f18cf18f6c9 [ 997.352994][ T5759] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 997.353004][ T5759] RSP: 002b:00007f18d00c6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 997.353017][ T5759] RAX: ffffffffffffffda RBX: 00007f18cf3e5fa0 RCX: 00007f18cf18f6c9 [ 997.353026][ T5759] RDX: 0000200000000040 RSI: 0000000000008915 RDI: 0000000000000008 [ 997.353034][ T5759] RBP: 00007f18d00c6090 R08: 0000000000000000 R09: 0000000000000000 [ 997.353041][ T5759] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 997.353049][ T5759] R13: 00007f18cf3e6038 R14: 00007f18cf3e5fa0 R15: 00007ffc02d49448 [ 997.353058][ T5759] [ 997.701603][ T5769] rust_binder: Read failure Err(EAGAIN) in pid:1116 [ 997.735756][ T5774] rust_binder: Read failure Err(EAGAIN) in pid:1119 [ 997.760442][ T5776] FAULT_INJECTION: forcing a failure. [ 997.760442][ T5776] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 997.812975][ T5776] CPU: 1 UID: 0 PID: 5776 Comm: syz.3.31109 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 997.813010][ T5776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 997.813023][ T5776] Call Trace: [ 997.813030][ T5776] [ 997.813039][ T5776] __dump_stack+0x21/0x30 [ 997.813075][ T5776] dump_stack_lvl+0x10c/0x190 [ 997.813099][ T5776] ? __cfi_dump_stack_lvl+0x10/0x10 [ 997.813123][ T5776] ? check_stack_object+0x12c/0x140 [ 997.813143][ T5776] dump_stack+0x19/0x20 [ 997.813166][ T5776] should_fail_ex+0x3d9/0x530 [ 997.813186][ T5776] should_fail+0xf/0x20 [ 997.813203][ T5776] should_fail_usercopy+0x1e/0x30 [ 997.813223][ T5776] _copy_to_user+0x24/0xa0 [ 997.813247][ T5776] simple_read_from_buffer+0xed/0x160 [ 997.813271][ T5776] proc_fail_nth_read+0x19e/0x210 [ 997.813296][ T5776] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 997.813321][ T5776] ? bpf_lsm_file_permission+0xd/0x20 [ 997.813344][ T5776] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 997.813368][ T5776] vfs_read+0x27d/0xc70 [ 997.813385][ T5776] ? __cfi_vfs_read+0x10/0x10 [ 997.813399][ T5776] ? __kasan_check_write+0x18/0x20 [ 997.813425][ T5776] ? mutex_lock+0x92/0x1c0 [ 997.813443][ T5776] ? __cfi_mutex_lock+0x10/0x10 [ 997.813459][ T5776] ? __fget_files+0x2c5/0x340 [ 997.813480][ T5776] ksys_read+0x141/0x250 [ 997.813497][ T5776] ? __cfi_ksys_read+0x10/0x10 [ 997.813515][ T5776] ? __kasan_check_read+0x15/0x20 [ 997.813540][ T5776] __x64_sys_read+0x7f/0x90 [ 997.813557][ T5776] x64_sys_call+0x2638/0x2ee0 [ 997.813583][ T5776] do_syscall_64+0x58/0xf0 [ 997.813611][ T5776] ? clear_bhb_loop+0x50/0xa0 [ 997.813631][ T5776] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 997.813658][ T5776] RIP: 0033:0x7f903c38e0dc [ 997.813676][ T5776] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 997.813694][ T5776] RSP: 002b:00007f903d25e030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 997.813715][ T5776] RAX: ffffffffffffffda RBX: 00007f903c5e5fa0 RCX: 00007f903c38e0dc [ 997.813731][ T5776] RDX: 000000000000000f RSI: 00007f903d25e0a0 RDI: 0000000000000009 [ 997.813744][ T5776] RBP: 00007f903d25e090 R08: 0000000000000000 R09: 0000000000000000 [ 997.813758][ T5776] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 997.813770][ T5776] R13: 00007f903c5e6038 R14: 00007f903c5e5fa0 R15: 00007ffdc96bb158 [ 997.813791][ T5776] [ 999.196813][ T5864] FAULT_INJECTION: forcing a failure. [ 999.196813][ T5864] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 999.211684][ T5864] CPU: 1 UID: 0 PID: 5864 Comm: syz.1.31151 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 999.211721][ T5864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 999.211734][ T5864] Call Trace: [ 999.211741][ T5864] [ 999.211749][ T5864] __dump_stack+0x21/0x30 [ 999.211779][ T5864] dump_stack_lvl+0x10c/0x190 [ 999.211801][ T5864] ? __cfi_dump_stack_lvl+0x10/0x10 [ 999.211825][ T5864] ? has_cap_mac_admin+0xd0/0xd0 [ 999.211848][ T5864] dump_stack+0x19/0x20 [ 999.211870][ T5864] should_fail_ex+0x3d9/0x530 [ 999.211890][ T5864] should_fail+0xf/0x20 [ 999.211907][ T5864] should_fail_usercopy+0x1e/0x30 [ 999.211927][ T5864] _copy_from_user+0x22/0xb0 [ 999.211951][ T5864] sock_do_ioctl+0x18b/0x330 [ 999.211973][ T5864] ? sock_show_fdinfo+0xd0/0xd0 [ 999.211993][ T5864] ? __cfi_vfs_write+0x10/0x10 [ 999.212011][ T5864] ? __kasan_check_write+0x18/0x20 [ 999.212037][ T5864] ? mutex_unlock+0x8b/0x240 [ 999.212055][ T5864] sock_ioctl+0x634/0x7b0 [ 999.212073][ T5864] ? __cfi_sock_ioctl+0x10/0x10 [ 999.212096][ T5864] ? __fget_files+0x2c5/0x340 [ 999.212117][ T5864] ? bpf_lsm_file_ioctl+0xd/0x20 [ 999.212141][ T5864] ? security_file_ioctl+0x34/0xd0 [ 999.212163][ T5864] ? __cfi_sock_ioctl+0x10/0x10 [ 999.212181][ T5864] __se_sys_ioctl+0x135/0x1b0 [ 999.212202][ T5864] __x64_sys_ioctl+0x7f/0xa0 [ 999.212221][ T5864] x64_sys_call+0x1878/0x2ee0 [ 999.212263][ T5864] do_syscall_64+0x58/0xf0 [ 999.212286][ T5864] ? clear_bhb_loop+0x50/0xa0 [ 999.212305][ T5864] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 999.212325][ T5864] RIP: 0033:0x7f18cf18f6c9 [ 999.212341][ T5864] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 999.212358][ T5864] RSP: 002b:00007f18d00c6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 999.212380][ T5864] RAX: ffffffffffffffda RBX: 00007f18cf3e5fa0 RCX: 00007f18cf18f6c9 [ 999.212395][ T5864] RDX: 0000200000000480 RSI: 0000000000008933 RDI: 0000000000000008 [ 999.212409][ T5864] RBP: 00007f18d00c6090 R08: 0000000000000000 R09: 0000000000000000 [ 999.212427][ T5864] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 999.212439][ T5864] R13: 00007f18cf3e6038 R14: 00007f18cf3e5fa0 R15: 00007ffc02d49448 [ 999.212456][ T5864] [ 999.507073][ T36] audit: type=1400 audit(1763400060.099:9007): avc: denied { map } for pid=5882 comm="syz.1.31159" path="pipe:[429234]" dev="pipefs" ino=429234 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1 [ 999.568915][ T36] audit: type=1400 audit(1763400060.099:9008): avc: denied { execute } for pid=5882 comm="syz.1.31159" path="pipe:[429234]" dev="pipefs" ino=429234 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1 [ 999.698847][ T36] audit: type=1400 audit(1763400060.299:9009): avc: denied { mount } for pid=5902 comm="syz.0.31170" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1 [ 999.768854][ T36] audit: type=1400 audit(1763400060.329:9010): avc: denied { unmount } for pid=5314 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1 [ 999.812828][ T5897] FAULT_INJECTION: forcing a failure. [ 999.812828][ T5897] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 999.826519][ T36] audit: type=1400 audit(1763400060.419:9011): avc: denied { ioctl } for pid=5896 comm="syz.1.31166" path="/dev/vhost-vsock" dev="devtmpfs" ino=200 ioctlcmd=0xaf01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 999.862420][ T5897] CPU: 0 UID: 0 PID: 5897 Comm: syz.1.31166 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 999.862448][ T5897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 999.862459][ T5897] Call Trace: [ 999.862465][ T5897] [ 999.862473][ T5897] __dump_stack+0x21/0x30 [ 999.862506][ T5897] dump_stack_lvl+0x10c/0x190 [ 999.862528][ T5897] ? __cfi_dump_stack_lvl+0x10/0x10 [ 999.862551][ T5897] ? selinux_file_ioctl+0x6e0/0x1360 [ 999.862573][ T5897] dump_stack+0x19/0x20 [ 999.862593][ T5897] should_fail_ex+0x3d9/0x530 [ 999.862611][ T5897] should_fail+0xf/0x20 [ 999.862626][ T5897] should_fail_usercopy+0x1e/0x30 [ 999.862646][ T5897] _copy_from_user+0x22/0xb0 [ 999.862667][ T5897] vhost_vsock_dev_ioctl+0x12c/0xdb0 [ 999.862692][ T5897] ? __cfi_vhost_vsock_dev_ioctl+0x10/0x10 [ 999.862713][ T5897] ? __fget_files+0x2c5/0x340 [ 999.862733][ T5897] ? bpf_lsm_file_ioctl+0xd/0x20 [ 999.862756][ T5897] ? security_file_ioctl+0x34/0xd0 [ 999.862776][ T5897] ? __cfi_vhost_vsock_dev_ioctl+0x10/0x10 [ 999.862797][ T5897] __se_sys_ioctl+0x135/0x1b0 [ 999.862817][ T5897] __x64_sys_ioctl+0x7f/0xa0 [ 999.862836][ T5897] x64_sys_call+0x1878/0x2ee0 [ 999.862860][ T5897] do_syscall_64+0x58/0xf0 [ 999.862882][ T5897] ? clear_bhb_loop+0x50/0xa0 [ 999.862903][ T5897] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 999.862922][ T5897] RIP: 0033:0x7f18cf18f6c9 [ 999.862938][ T5897] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 999.862954][ T5897] RSP: 002b:00007f18d00c6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 999.862975][ T5897] RAX: ffffffffffffffda RBX: 00007f18cf3e5fa0 RCX: 00007f18cf18f6c9 [ 999.862990][ T5897] RDX: 0000200000000000 RSI: 000000004004af61 RDI: 0000000000000006 [ 999.863002][ T5897] RBP: 00007f18d00c6090 R08: 0000000000000000 R09: 0000000000000000 [ 999.863014][ T5897] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 999.863025][ T5897] R13: 00007f18cf3e6038 R14: 00007f18cf3e5fa0 R15: 00007ffc02d49448 [ 999.863042][ T5897] [ 1000.125393][ T5927] rust_binder: Read failure Err(EAGAIN) in pid:218 [ 1000.165275][ T5935] overlayfs: failed to resolve './file0': -2 [ 1000.231583][ T5950] netlink: 68 bytes leftover after parsing attributes in process `syz.3.31189'. [ 1000.326845][ T5958] rust_binder: Read failure Err(EAGAIN) in pid:1201 [ 1000.347286][ T5960] rust_binder: Read failure Err(EAGAIN) in pid:1161 [ 1000.383756][ T5966] FAULT_INJECTION: forcing a failure. [ 1000.383756][ T5966] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1000.416341][ T5966] CPU: 1 UID: 0 PID: 5966 Comm: syz.3.31197 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 1000.416374][ T5966] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1000.416387][ T5966] Call Trace: [ 1000.416394][ T5966] [ 1000.416403][ T5966] __dump_stack+0x21/0x30 [ 1000.416432][ T5966] dump_stack_lvl+0x10c/0x190 [ 1000.416452][ T5966] ? __cfi_dump_stack_lvl+0x10/0x10 [ 1000.416475][ T5966] ? kstrtoull+0x13b/0x1e0 [ 1000.416493][ T5966] dump_stack+0x19/0x20 [ 1000.416515][ T5966] should_fail_ex+0x3d9/0x530 [ 1000.416534][ T5966] should_fail+0xf/0x20 [ 1000.416551][ T5966] should_fail_usercopy+0x1e/0x30 [ 1000.416571][ T5966] _copy_from_user+0x22/0xb0 [ 1000.416592][ T5966] ___sys_sendmsg+0x159/0x2a0 [ 1000.416618][ T5966] ? __sys_sendmsg+0x280/0x280 [ 1000.416642][ T5966] ? proc_fail_nth_write+0x17e/0x210 [ 1000.416666][ T5966] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 1000.416694][ T5966] __x64_sys_sendmsg+0x1eb/0x2c0 [ 1000.416722][ T5966] ? fput+0x1a5/0x240 [ 1000.416740][ T5966] ? __cfi___x64_sys_sendmsg+0x10/0x10 [ 1000.416763][ T5966] ? ksys_write+0x1ef/0x250 [ 1000.416779][ T5966] ? __kasan_check_read+0x15/0x20 [ 1000.416805][ T5966] x64_sys_call+0x2a4c/0x2ee0 [ 1000.416829][ T5966] do_syscall_64+0x58/0xf0 [ 1000.416851][ T5966] ? clear_bhb_loop+0x50/0xa0 [ 1000.416871][ T5966] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 1000.416890][ T5966] RIP: 0033:0x7f903c38f6c9 [ 1000.416907][ T5966] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1000.416923][ T5966] RSP: 002b:00007f903d25e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1000.416943][ T5966] RAX: ffffffffffffffda RBX: 00007f903c5e5fa0 RCX: 00007f903c38f6c9 [ 1000.416956][ T5966] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 000000000000000a [ 1000.416969][ T5966] RBP: 00007f903d25e090 R08: 0000000000000000 R09: 0000000000000000 [ 1000.416980][ T5966] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1000.416991][ T5966] R13: 00007f903c5e6038 R14: 00007f903c5e5fa0 R15: 00007ffdc96bb158 [ 1000.417011][ T5966] [ 1000.678957][ T5981] FAULT_INJECTION: forcing a failure. [ 1000.678957][ T5981] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1000.707351][ T5985] bridge0: port 3(erspan0) entered blocking state [ 1000.716170][ T5985] bridge0: port 3(erspan0) entered disabled state [ 1000.717717][ T5981] CPU: 0 UID: 0 PID: 5981 Comm: syz.1.31204 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 1000.717747][ T5981] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1000.717759][ T5981] Call Trace: [ 1000.717767][ T5981] [ 1000.717775][ T5981] __dump_stack+0x21/0x30 [ 1000.717805][ T5981] dump_stack_lvl+0x10c/0x190 [ 1000.717832][ T5981] ? __cfi_dump_stack_lvl+0x10/0x10 [ 1000.717864][ T5981] ? has_cap_mac_admin+0xd0/0xd0 [ 1000.717891][ T5981] dump_stack+0x19/0x20 [ 1000.717916][ T5981] should_fail_ex+0x3d9/0x530 [ 1000.717935][ T5981] should_fail+0xf/0x20 [ 1000.717951][ T5981] should_fail_usercopy+0x1e/0x30 [ 1000.717970][ T5981] _copy_from_user+0x22/0xb0 [ 1000.717993][ T5981] sock_do_ioctl+0x18b/0x330 [ 1000.718013][ T5981] ? sock_show_fdinfo+0xd0/0xd0 [ 1000.718032][ T5981] ? __cfi_vfs_write+0x10/0x10 [ 1000.718049][ T5981] ? __kasan_check_write+0x18/0x20 [ 1000.718074][ T5981] ? mutex_unlock+0x8b/0x240 [ 1000.718092][ T5981] sock_ioctl+0x634/0x7b0 [ 1000.718110][ T5981] ? __cfi_sock_ioctl+0x10/0x10 [ 1000.718128][ T5981] ? __fget_files+0x2c5/0x340 [ 1000.718153][ T5981] ? bpf_lsm_file_ioctl+0xd/0x20 [ 1000.718176][ T5981] ? security_file_ioctl+0x34/0xd0 [ 1000.718195][ T5981] ? __cfi_sock_ioctl+0x10/0x10 [ 1000.718212][ T5981] __se_sys_ioctl+0x135/0x1b0 [ 1000.718230][ T5981] __x64_sys_ioctl+0x7f/0xa0 [ 1000.718255][ T5981] x64_sys_call+0x1878/0x2ee0 [ 1000.718279][ T5981] do_syscall_64+0x58/0xf0 [ 1000.718310][ T5981] ? clear_bhb_loop+0x50/0xa0 [ 1000.718329][ T5981] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 1000.718348][ T5981] RIP: 0033:0x7f18cf18f6c9 [ 1000.718364][ T5981] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1000.718380][ T5981] RSP: 002b:00007f18d00c6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1000.718401][ T5981] RAX: ffffffffffffffda RBX: 00007f18cf3e5fa0 RCX: 00007f18cf18f6c9 [ 1000.718416][ T5981] RDX: 0000200000000200 RSI: 00000000000089a2 RDI: 0000000000000006 [ 1000.718428][ T5981] RBP: 00007f18d00c6090 R08: 0000000000000000 R09: 0000000000000000 [ 1000.718441][ T5981] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1000.718452][ T5981] R13: 00007f18cf3e6038 R14: 00007f18cf3e5fa0 R15: 00007ffc02d49448 [ 1000.718471][ T5981] [ 1000.760657][ T5993] rust_binder: Read failure Err(EAGAIN) in pid:187 [ 1000.762803][ T5985] erspan0: entered allmulticast mode [ 1000.802233][ T5997] rust_binder: Read failure Err(EAGAIN) in pid:189 [ 1000.804002][ T5985] erspan0: entered promiscuous mode [ 1000.881349][ T6003] rust_binder: Read failure Err(EAGAIN) in pid:1175 [ 1000.884126][ T5985] bridge0: port 3(erspan0) entered blocking state [ 1000.996412][ T5985] bridge0: port 3(erspan0) entered forwarding state [ 1001.032738][ T6015] FAULT_INJECTION: forcing a failure. [ 1001.032738][ T6015] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1001.047707][ T6015] CPU: 1 UID: 0 PID: 6015 Comm: syz.3.31220 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 1001.047741][ T6015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1001.047753][ T6015] Call Trace: [ 1001.047759][ T6015] [ 1001.047767][ T6015] __dump_stack+0x21/0x30 [ 1001.047796][ T6015] dump_stack_lvl+0x10c/0x190 [ 1001.047819][ T6015] ? __cfi_dump_stack_lvl+0x10/0x10 [ 1001.047842][ T6015] ? kstrtoull+0x13b/0x1e0 [ 1001.047859][ T6015] dump_stack+0x19/0x20 [ 1001.047880][ T6015] should_fail_ex+0x3d9/0x530 [ 1001.047898][ T6015] should_fail+0xf/0x20 [ 1001.047915][ T6015] should_fail_usercopy+0x1e/0x30 [ 1001.047934][ T6015] _copy_from_user+0x22/0xb0 [ 1001.047955][ T6015] ___sys_sendmsg+0x159/0x2a0 [ 1001.047981][ T6015] ? __sys_sendmsg+0x280/0x280 [ 1001.048005][ T6015] ? proc_fail_nth_write+0x17e/0x210 [ 1001.048209][ T6015] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 1001.048242][ T6015] __x64_sys_sendmsg+0x1eb/0x2c0 [ 1001.048269][ T6015] ? fput+0x1a5/0x240 [ 1001.048329][ T6015] ? __cfi___x64_sys_sendmsg+0x10/0x10 [ 1001.048355][ T6015] ? ksys_write+0x1ef/0x250 [ 1001.048373][ T6015] ? __kasan_check_read+0x15/0x20 [ 1001.048400][ T6015] x64_sys_call+0x2a4c/0x2ee0 [ 1001.048425][ T6015] do_syscall_64+0x58/0xf0 [ 1001.048448][ T6015] ? clear_bhb_loop+0x50/0xa0 [ 1001.048467][ T6015] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 1001.048486][ T6015] RIP: 0033:0x7f903c38f6c9 [ 1001.048511][ T6015] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1001.048527][ T6015] RSP: 002b:00007f903d25e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1001.048548][ T6015] RAX: ffffffffffffffda RBX: 00007f903c5e5fa0 RCX: 00007f903c38f6c9 [ 1001.048563][ T6015] RDX: 0000000000004000 RSI: 0000200000000000 RDI: 0000000000000007 [ 1001.048581][ T6015] RBP: 00007f903d25e090 R08: 0000000000000000 R09: 0000000000000000 [ 1001.048594][ T6015] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1001.048606][ T6015] R13: 00007f903c5e6038 R14: 00007f903c5e5fa0 R15: 00007ffdc96bb158 [ 1001.048622][ T6015] [ 1001.279501][ T6022] rust_binder: Read failure Err(EAGAIN) in pid:193 [ 1001.433754][ T6038] rust_binder: Read failure Err(EAGAIN) in pid:243 [ 1001.575709][ T6068] tipc: Started in network mode [ 1001.587578][ T6068] tipc: Node identity 4, cluster identity 4711 [ 1001.593872][ T6068] tipc: Node number set to 4 [ 1001.599492][ T6070] FAULT_INJECTION: forcing a failure. [ 1001.599492][ T6070] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1001.612750][ T6070] CPU: 1 UID: 0 PID: 6070 Comm: syz.0.31246 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 1001.612780][ T6070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1001.612792][ T6070] Call Trace: [ 1001.612798][ T6070] [ 1001.612805][ T6070] __dump_stack+0x21/0x30 [ 1001.612832][ T6070] dump_stack_lvl+0x10c/0x190 [ 1001.612853][ T6070] ? __cfi_dump_stack_lvl+0x10/0x10 [ 1001.612874][ T6070] ? kstrtoull+0x13b/0x1e0 [ 1001.612890][ T6070] dump_stack+0x19/0x20 [ 1001.612909][ T6070] should_fail_ex+0x3d9/0x530 [ 1001.612928][ T6070] should_fail+0xf/0x20 [ 1001.612951][ T6070] should_fail_usercopy+0x1e/0x30 [ 1001.612970][ T6070] _copy_from_user+0x22/0xb0 [ 1001.612991][ T6070] ___sys_sendmsg+0x159/0x2a0 [ 1001.613016][ T6070] ? __sys_sendmsg+0x280/0x280 [ 1001.613038][ T6070] ? proc_fail_nth_write+0x17e/0x210 [ 1001.613061][ T6070] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 1001.613088][ T6070] __x64_sys_sendmsg+0x1eb/0x2c0 [ 1001.613113][ T6070] ? fput+0x1a5/0x240 [ 1001.613135][ T6070] ? __cfi___x64_sys_sendmsg+0x10/0x10 [ 1001.613159][ T6070] ? ksys_write+0x1ef/0x250 [ 1001.613181][ T6070] ? __kasan_check_read+0x15/0x20 [ 1001.613207][ T6070] x64_sys_call+0x2a4c/0x2ee0 [ 1001.613232][ T6070] do_syscall_64+0x58/0xf0 [ 1001.613255][ T6070] ? clear_bhb_loop+0x50/0xa0 [ 1001.613276][ T6070] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 1001.613303][ T6070] RIP: 0033:0x7f0067b8f6c9 [ 1001.613319][ T6070] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1001.613336][ T6070] RSP: 002b:00007f00689a9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1001.613357][ T6070] RAX: ffffffffffffffda RBX: 00007f0067de5fa0 RCX: 00007f0067b8f6c9 [ 1001.613372][ T6070] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000004 [ 1001.613385][ T6070] RBP: 00007f00689a9090 R08: 0000000000000000 R09: 0000000000000000 [ 1001.613398][ T6070] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1001.613411][ T6070] R13: 00007f0067de6038 R14: 00007f0067de5fa0 R15: 00007ffdb8ee9738 [ 1001.613427][ T6070] [ 1001.670620][ T6083] rust_binder: Read failure Err(EAGAIN) in pid:215 [ 1001.915389][ T36] audit: type=1400 audit(1763400062.519:9012): avc: denied { bind } for pid=6092 comm="syz.1.31256" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 1001.919761][ T6096] overlayfs: The uuid=off requires a single fs for lower and upper, falling back to uuid=null. [ 1001.959006][ T6097] netlink: 120 bytes leftover after parsing attributes in process `syz.1.31256'. [ 1001.989070][ T36] audit: type=1400 audit(1763400062.599:9013): avc: denied { ioctl } for pid=6092 comm="syz.1.31256" path="socket:[469377]" dev="sockfs" ino=469377 ioctlcmd=0x660b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 1002.006538][ T6104] FAULT_INJECTION: forcing a failure. [ 1002.006538][ T6104] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1002.038914][ T6104] CPU: 0 UID: 0 PID: 6104 Comm: syz.4.31261 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 1002.038950][ T6104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1002.038961][ T6104] Call Trace: [ 1002.038967][ T6104] [ 1002.038974][ T6104] __dump_stack+0x21/0x30 [ 1002.039034][ T6104] dump_stack_lvl+0x10c/0x190 [ 1002.039056][ T6104] ? __cfi_dump_stack_lvl+0x10/0x10 [ 1002.039076][ T6104] ? kstrtoull+0x13b/0x1e0 [ 1002.039094][ T6104] dump_stack+0x19/0x20 [ 1002.039114][ T6104] should_fail_ex+0x3d9/0x530 [ 1002.039131][ T6104] should_fail+0xf/0x20 [ 1002.039145][ T6104] should_fail_usercopy+0x1e/0x30 [ 1002.039162][ T6104] _copy_from_user+0x22/0xb0 [ 1002.039180][ T6104] ___sys_sendmsg+0x159/0x2a0 [ 1002.039205][ T6104] ? __sys_sendmsg+0x280/0x280 [ 1002.039245][ T6104] ? proc_fail_nth_write+0x17e/0x210 [ 1002.039269][ T6104] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 1002.039294][ T6104] __x64_sys_sendmsg+0x1eb/0x2c0 [ 1002.039315][ T6104] ? fput+0x1a5/0x240 [ 1002.039334][ T6104] ? __cfi___x64_sys_sendmsg+0x10/0x10 [ 1002.039358][ T6104] ? ksys_write+0x1ef/0x250 [ 1002.039376][ T6104] ? __kasan_check_read+0x15/0x20 [ 1002.039400][ T6104] x64_sys_call+0x2a4c/0x2ee0 [ 1002.039422][ T6104] do_syscall_64+0x58/0xf0 [ 1002.039443][ T6104] ? clear_bhb_loop+0x50/0xa0 [ 1002.039461][ T6104] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 1002.039479][ T6104] RIP: 0033:0x7f084bb8f6c9 [ 1002.039496][ T6104] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1002.039511][ T6104] RSP: 002b:00007f084c973038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1002.039533][ T6104] RAX: ffffffffffffffda RBX: 00007f084bde5fa0 RCX: 00007f084bb8f6c9 [ 1002.039547][ T6104] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000007 [ 1002.039559][ T6104] RBP: 00007f084c973090 R08: 0000000000000000 R09: 0000000000000000 [ 1002.039571][ T6104] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1002.039582][ T6104] R13: 00007f084bde6038 R14: 00007f084bde5fa0 R15: 00007ffd1d8e3258 [ 1002.039598][ T6104] [ 1002.276088][ T36] audit: type=1400 audit(1763400062.659:9014): avc: denied { write } for pid=6108 comm="syz.0.31264" name="ptp0" dev="devtmpfs" ino=196 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 1002.371885][ T6126] rust_binder: Read failure Err(EAGAIN) in pid:1199 [ 1002.377636][ T6128] rust_binder: Read failure Err(EAGAIN) in pid:229 [ 1002.434675][ T6139] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null. [ 1002.450599][ T6139] overlayfs: missing 'lowerdir' [ 1002.561177][ T6152] rust_binder: Read failure Err(EAGAIN) in pid:239 [ 1002.696332][ T6171] rust_binder: Read failure Err(EAGAIN) in pid:1206 [ 1002.734251][ T6165] bridge0: port 1(bridge_slave_0) entered blocking state [ 1002.748991][ T6165] bridge0: port 1(bridge_slave_0) entered disabled state [ 1002.759230][ T6165] bridge_slave_0: entered allmulticast mode [ 1002.767399][ T6165] bridge_slave_0: entered promiscuous mode [ 1002.774294][ T6182] FAULT_INJECTION: forcing a failure. [ 1002.774294][ T6182] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1002.774318][ T6165] bridge0: port 2(bridge_slave_1) entered blocking state [ 1002.795218][ T6165] bridge0: port 2(bridge_slave_1) entered disabled state [ 1002.802716][ T6165] bridge_slave_1: entered allmulticast mode [ 1002.809327][ T6165] bridge_slave_1: entered promiscuous mode [ 1002.811553][ T6182] CPU: 0 UID: 0 PID: 6182 Comm: syz.0.31295 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 1002.811585][ T6182] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1002.811598][ T6182] Call Trace: [ 1002.811605][ T6182] [ 1002.811613][ T6182] __dump_stack+0x21/0x30 [ 1002.811642][ T6182] dump_stack_lvl+0x10c/0x190 [ 1002.811665][ T6182] ? __cfi_dump_stack_lvl+0x10/0x10 [ 1002.811688][ T6182] ? unwind_get_return_address+0x51/0x90 [ 1002.811708][ T6182] ? __cfi_stack_trace_consume_entry+0x10/0x10 [ 1002.811734][ T6182] dump_stack+0x19/0x20 [ 1002.811754][ T6182] should_fail_ex+0x3d9/0x530 [ 1002.811774][ T6182] should_fail+0xf/0x20 [ 1002.811790][ T6182] should_fail_usercopy+0x1e/0x30 [ 1002.811808][ T6182] _copy_from_user+0x22/0xb0 [ 1002.811831][ T6182] ___sys_recvmsg+0x12f/0x510 [ 1002.811848][ T6182] ? __sys_recvmsg+0x280/0x280 [ 1002.811865][ T6182] ? __cfi_kstrtouint_from_user+0x10/0x10 [ 1002.811882][ T6182] ? selinux_file_permission+0x309/0xb30 [ 1002.811905][ T6182] ? __fget_files+0x2c5/0x340 [ 1002.811934][ T6182] do_recvmmsg+0x326/0x770 [ 1002.811952][ T6182] ? __sys_recvmmsg+0x290/0x290 [ 1002.811968][ T6182] ? __cfi_vfs_write+0x10/0x10 [ 1002.811987][ T6182] ? fput+0x1a5/0x240 [ 1002.812007][ T6182] __x64_sys_recvmmsg+0x191/0x240 [ 1002.812025][ T6182] ? __cfi___x64_sys_recvmmsg+0x10/0x10 [ 1002.812041][ T6182] ? __kasan_check_read+0x15/0x20 [ 1002.812068][ T6182] x64_sys_call+0x292c/0x2ee0 [ 1002.812092][ T6182] do_syscall_64+0x58/0xf0 [ 1002.812114][ T6182] ? clear_bhb_loop+0x50/0xa0 [ 1002.812133][ T6182] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 1002.812151][ T6182] RIP: 0033:0x7f0067b8f6c9 [ 1002.812167][ T6182] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1002.812182][ T6182] RSP: 002b:00007f00689a9038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 1002.812202][ T6182] RAX: ffffffffffffffda RBX: 00007f0067de5fa0 RCX: 00007f0067b8f6c9 [ 1002.812217][ T6182] RDX: 0000000000000002 RSI: 0000200000000380 RDI: 0000000000000007 [ 1002.812230][ T6182] RBP: 00007f00689a9090 R08: 0000000000000000 R09: 0000000000000000 [ 1002.812243][ T6182] R10: 0000000040012160 R11: 0000000000000246 R12: 0000000000000001 [ 1002.812255][ T6182] R13: 00007f0067de6038 R14: 00007f0067de5fa0 R15: 00007ffdb8ee9738 [ 1002.812272][ T6182] [ 1003.187839][ T6165] bridge0: port 2(bridge_slave_1) entered blocking state [ 1003.196107][ T6165] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1003.204427][ T6165] bridge0: port 1(bridge_slave_0) entered blocking state [ 1003.211575][ T6165] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1003.266339][ T293] bridge0: port 1(bridge_slave_0) entered disabled state [ 1003.277541][ T6211] rust_binder: Read failure Err(EAGAIN) in pid:269 [ 1003.279216][ T293] bridge0: port 2(bridge_slave_1) entered disabled state [ 1003.316499][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 1003.324083][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1003.339804][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 1003.346868][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1003.418448][ T6165] veth0_vlan: entered promiscuous mode [ 1003.441547][ T6165] veth1_macvtap: entered promiscuous mode [ 1003.480194][ T6227] FAULT_INJECTION: forcing a failure. [ 1003.480194][ T6227] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1003.495583][ T6227] CPU: 1 UID: 0 PID: 6227 Comm: syz.0.31315 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 1003.495616][ T6227] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1003.495633][ T6227] Call Trace: [ 1003.495640][ T6227] [ 1003.495648][ T6227] __dump_stack+0x21/0x30 [ 1003.495677][ T6227] dump_stack_lvl+0x10c/0x190 [ 1003.495698][ T6227] ? __cfi_dump_stack_lvl+0x10/0x10 [ 1003.495724][ T6227] ? kstrtoull+0x13b/0x1e0 [ 1003.495741][ T6227] dump_stack+0x19/0x20 [ 1003.495761][ T6227] should_fail_ex+0x3d9/0x530 [ 1003.495780][ T6227] should_fail+0xf/0x20 [ 1003.495796][ T6227] should_fail_usercopy+0x1e/0x30 [ 1003.495816][ T6227] _copy_from_user+0x22/0xb0 [ 1003.495837][ T6227] ___sys_sendmsg+0x159/0x2a0 [ 1003.495864][ T6227] ? __sys_sendmsg+0x280/0x280 [ 1003.495887][ T6227] ? proc_fail_nth_write+0x17e/0x210 [ 1003.495912][ T6227] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 1003.495940][ T6227] __x64_sys_sendmsg+0x1eb/0x2c0 [ 1003.495965][ T6227] ? fput+0x1a5/0x240 [ 1003.495986][ T6227] ? __cfi___x64_sys_sendmsg+0x10/0x10 [ 1003.496017][ T6227] ? ksys_write+0x1ef/0x250 [ 1003.496033][ T6227] ? __kasan_check_read+0x15/0x20 [ 1003.496056][ T6227] x64_sys_call+0x2a4c/0x2ee0 [ 1003.496077][ T6227] do_syscall_64+0x58/0xf0 [ 1003.496098][ T6227] ? clear_bhb_loop+0x50/0xa0 [ 1003.496117][ T6227] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 1003.496136][ T6227] RIP: 0033:0x7f0067b8f6c9 [ 1003.496151][ T6227] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1003.496165][ T6227] RSP: 002b:00007f00689a9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1003.496186][ T6227] RAX: ffffffffffffffda RBX: 00007f0067de5fa0 RCX: 00007f0067b8f6c9 [ 1003.496200][ T6227] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000009 [ 1003.496213][ T6227] RBP: 00007f00689a9090 R08: 0000000000000000 R09: 0000000000000000 [ 1003.496224][ T6227] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1003.496236][ T6227] R13: 00007f0067de6038 R14: 00007f0067de5fa0 R15: 00007ffdb8ee9738 [ 1003.496253][ T6227] [ 1003.765325][ T6235] rust_binder: Read failure Err(EAGAIN) in pid:4 [ 1005.671278][ T6315] rust_binder: Read failure Err(EAGAIN) in pid:42 [ 1005.949956][ T6341] rust_binder: Read failure Err(EAGAIN) in pid:54 [ 1006.019917][ T6347] rust_binder: Read failure Err(EAGAIN) in pid:309 [ 1006.534203][ T6367] netlink: 4 bytes leftover after parsing attributes in process `syz.3.31382'. [ 1006.651000][ T6374] rust_binder: Read failure Err(EAGAIN) in pid:307 [ 1006.716109][ T46] bridge_slave_1: left allmulticast mode [ 1006.729725][ T6382] rust_binder: Read failure Err(EAGAIN) in pid:311 [ 1006.738571][ T46] bridge_slave_1: left promiscuous mode [ 1006.751291][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 1006.761032][ T46] bridge_slave_0: left allmulticast mode [ 1006.766996][ T46] bridge_slave_0: left promiscuous mode [ 1006.773240][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 1006.927128][ T46] veth1_macvtap: left promiscuous mode [ 1006.934559][ T6401] rust_binder: Read failure Err(EAGAIN) in pid:321 [ 1006.940202][ T46] veth0_vlan: left promiscuous mode [ 1007.020346][ T6375] bridge0: port 1(bridge_slave_0) entered blocking state [ 1007.030963][ T6375] bridge0: port 1(bridge_slave_0) entered disabled state [ 1007.038061][ T6375] bridge_slave_0: entered allmulticast mode [ 1007.044572][ T6375] bridge_slave_0: entered promiscuous mode [ 1007.052669][ T6375] bridge0: port 2(bridge_slave_1) entered blocking state [ 1007.061294][ T6375] bridge0: port 2(bridge_slave_1) entered disabled state [ 1007.068716][ T6375] bridge_slave_1: entered allmulticast mode [ 1007.075760][ T6375] bridge_slave_1: entered promiscuous mode [ 1007.083186][ T6420] rust_binder: Read failure Err(EAGAIN) in pid:329 [ 1007.171792][ T6375] bridge0: port 2(bridge_slave_1) entered blocking state [ 1007.185450][ T6375] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1007.192801][ T6375] bridge0: port 1(bridge_slave_0) entered blocking state [ 1007.199868][ T6375] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1007.235161][T28371] bridge0: port 1(bridge_slave_0) entered disabled state [ 1007.242639][T28371] bridge0: port 2(bridge_slave_1) entered disabled state [ 1007.255313][T28371] bridge0: port 1(bridge_slave_0) entered blocking state [ 1007.261974][ T6448] rust_binder: Read failure Err(EAGAIN) in pid:97 [ 1007.262408][T28371] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1007.276194][ T6450] rust_binder: Read failure Err(EAGAIN) in pid:99 [ 1007.302979][T28371] bridge0: port 2(bridge_slave_1) entered blocking state [ 1007.316474][T28371] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1007.339772][ T6375] veth0_vlan: entered promiscuous mode [ 1007.362861][ T6375] veth1_macvtap: entered promiscuous mode [ 1007.415595][ T6466] rust_binder: Read failure Err(EAGAIN) in pid:107 [ 1007.468153][ T6480] rust_binder: Read failure Err(EAGAIN) in pid:111 [ 1007.483658][ T6478] rust_binder: Read failure Err(EAGAIN) in pid:4 [ 1007.648910][ T6522] rust_binder: Read failure Err(EAGAIN) in pid:16 [ 1007.761857][ T6550] rust_binder: Read failure Err(EAGAIN) in pid:28 [ 1007.914454][ T6573] rust_binder: Read failure Err(EAGAIN) in pid:358 [ 1008.005635][ T6584] rust_binder: Read failure Err(EAGAIN) in pid:364 [ 1008.135533][ T6596] rust_binder: Read failure Err(EAGAIN) in pid:354 [ 1008.181023][ T6598] rust_binder: Read failure Err(EAGAIN) in pid:372 [ 1008.244045][ T6602] rust_binder: Read failure Err(EAGAIN) in pid:374 [ 1008.412273][ T6618] rust_binder: Read failure Err(EAGAIN) in pid:364 [ 1008.571075][ T6639] rust_binder: Read failure Err(EAGAIN) in pid:389 [ 1008.600649][ T6641] rust_binder: Read failure Err(EAGAIN) in pid:151 [ 1009.850006][ T6709] rust_binder: Read failure Err(EAGAIN) in pid:408 [ 1010.272243][ T6733] rust_binder: Read failure Err(EAGAIN) in pid:424 [ 1010.272883][ T6732] rust_binder: Read failure Err(EAGAIN) in pid:382 [ 1010.689420][ T6772] rust_binder: Read failure Err(EAGAIN) in pid:399 [ 1010.715818][ T6774] rust_binder: Read failure Err(EAGAIN) in pid:176 [ 1010.880627][ T6800] rust_binder: Read failure Err(EAGAIN) in pid:86 [ 1010.888584][ T6804] rust_binder: Read failure Err(EAGAIN) in pid:415 [ 1011.057276][ T6830] rust_binder: Read failure Err(EAGAIN) in pid:423 [ 1011.234787][ T6855] rust_binder: Read failure Err(EAGAIN) in pid:103 [ 1011.369702][ T6870] rust_binder: Read failure Err(EAGAIN) in pid:113 [ 1011.519523][ T6886] rust_binder: Read failure Err(EAGAIN) in pid:443 [ 1011.587337][ T6890] rust_binder: Read failure Err(EAGAIN) in pid:447 [ 1011.687186][ T6894] rust_binder: Read failure Err(EAGAIN) in pid:451 [ 1012.215446][ T6928] rust_binder: Read failure Err(EAGAIN) in pid:123 [ 1012.320306][ T6938] rust_binder: Read failure Err(EAGAIN) in pid:467 [ 1012.374838][ T6944] rust_binder: Read failure Err(EAGAIN) in pid:210 [ 1012.570974][ T6960] rust_binder: Read failure Err(EAGAIN) in pid:222 [ 1012.873900][ T6978] rust_binder: Read failure Err(EAGAIN) in pid:444 [ 1013.113059][ T7000] rust_binder: Read failure Err(EAGAIN) in pid:131 [ 1013.270777][ T7017] rust_binder: Read failure Err(EAGAIN) in pid:464 [ 1013.295356][ T7021] rust_binder: Read failure Err(EAGAIN) in pid:475 [ 1013.340360][ T7026] rust_binder: Read failure Err(EAGAIN) in pid:477 [ 1013.422243][ T7037] rust_binder: Read failure Err(EAGAIN) in pid:143 [ 1014.030530][ T7069] rust_binder: Read failure Err(EAGAIN) in pid:257 [ 1016.098969][ T7133] rust_binder: Read failure Err(EAGAIN) in pid:493 [ 1016.809817][ T7148] rust_binder: Read failure Err(EAGAIN) in pid:268 [ 1016.822983][ T7150] rust_binder: Read failure Err(EAGAIN) in pid:181 [ 1017.090841][ T7160] rust_binder: Read failure Err(EAGAIN) in pid:499 [ 1017.131489][ T7162] rust_binder: Read failure Err(EAGAIN) in pid:501 [ 1017.532544][ T7175] rust_binder: Read failure Err(EAGAIN) in pid:514 [ 1017.562478][ T7177] rust_binder: Read failure Err(EAGAIN) in pid:516 [ 1017.719892][ T7187] rust_binder: Read failure Err(EAGAIN) in pid:514 [ 1017.923776][ T7212] rust_binder: Read failure Err(EAGAIN) in pid:525 [ 1018.127011][ T7230] rust_binder: Read failure Err(EAGAIN) in pid:535 [ 1018.434724][ T7247] rust_binder: Read failure Err(EAGAIN) in pid:210 [ 1019.620420][ T7315] rust_binder: Read failure Err(EAGAIN) in pid:231 [ 1019.826508][ T7329] rust_binder: Read failure Err(EAGAIN) in pid:547 [ 1020.242422][ T7352] rust_binder: Read failure Err(EAGAIN) in pid:561 [ 1020.749693][ T7370] rust_binder: Read failure Err(EAGAIN) in pid:576 [ 1020.899119][ T7393] rust_binder: Read failure Err(EAGAIN) in pid:564 [ 1021.171006][ T7415] rust_binder: Read failure Err(EAGAIN) in pid:324 [ 1021.585081][ T7438] rust_binder: Read failure Err(EAGAIN) in pid:244 [ 1021.752988][ T7446] rust_binder: Read failure Err(EAGAIN) in pid:588 [ 1022.315056][ T7476] rust_binder: Read failure Err(EAGAIN) in pid:340 [ 1024.182589][ T7538] rust_binder: Read failure Err(EAGAIN) in pid:620 [ 1025.880049][ T7651] rust_binder: Read failure Err(EAGAIN) in pid:385 [ 1027.709026][ T7761] rust_binder: Read failure Err(EAGAIN) in pid:430 [ 1029.582450][ T7849] rust_binder: Read failure Err(EAGAIN) in pid:314 [ 1030.151997][ T7906] rust_binder: Read failure Err(EAGAIN) in pid:340 [ 1031.219589][ T8006] No source specified [ 1031.532829][ T8043] No source specified [ 1031.928982][ T8067] rust_binder: Read failure Err(EAGAIN) in pid:739 [ 1032.249823][ T8087] rust_binder: Read failure Err(EAGAIN) in pid:376 [ 1032.396015][ T8113] rust_binder: Read failure Err(EAGAIN) in pid:759 [ 1034.822119][ T8410] No source specified [ 1042.226200][ T8833] rust_binder: Read failure Err(EAGAIN) in pid:940 [ 1042.359633][ T8854] rust_binder: Read failure Err(EAGAIN) in pid:954 [ 1044.284924][ T8988] rust_binder: Read failure Err(EAGAIN) in pid:973 [ 1044.425254][ T9011] rust_binder: Read failure Err(EAGAIN) in pid:979 [ 1045.121002][ T9063] rust_binder: Read failure Err(EAGAIN) in pid:672 [ 1045.759377][ T9081] rust_binder: Read failure Err(EAGAIN) in pid:1005 [ 1045.848502][ T9091] rust_binder: Read failure Err(EAGAIN) in pid:1047 [ 1045.940332][ T9102] rust_binder: Read failure Err(EAGAIN) in pid:1016 [ 1046.279219][ T9130] rust_binder: Read failure Err(EAGAIN) in pid:1066 [ 1046.331882][ T9132] rust_binder: Read failure Err(EAGAIN) in pid:1068 [ 1046.669764][ T9149] rust_binder: Read failure Err(EAGAIN) in pid:1085 [ 1046.711686][ T9151] FAULT_INJECTION: forcing a failure. [ 1046.711686][ T9151] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1046.748854][ T9151] CPU: 0 UID: 0 PID: 9151 Comm: syz.0.32700 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 1046.748889][ T9151] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1046.748903][ T9151] Call Trace: [ 1046.748910][ T9151] [ 1046.748918][ T9151] __dump_stack+0x21/0x30 [ 1046.748948][ T9151] dump_stack_lvl+0x10c/0x190 [ 1046.748972][ T9151] ? __cfi_dump_stack_lvl+0x10/0x10 [ 1046.748996][ T9151] dump_stack+0x19/0x20 [ 1046.749019][ T9151] should_fail_ex+0x3d9/0x530 [ 1046.749039][ T9151] should_fail+0xf/0x20 [ 1046.749056][ T9151] should_fail_usercopy+0x1e/0x30 [ 1046.749076][ T9151] _copy_from_user+0x22/0xb0 [ 1046.749098][ T9151] inet6_ioctl+0x17c/0x280 [ 1046.749122][ T9151] ? __cfi_inet6_ioctl+0x10/0x10 [ 1046.749147][ T9151] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 1046.749172][ T9151] sock_do_ioctl+0x105/0x330 [ 1046.749193][ T9151] ? sock_show_fdinfo+0xd0/0xd0 [ 1046.749212][ T9151] ? __cfi_vfs_write+0x10/0x10 [ 1046.749230][ T9151] ? __kasan_check_write+0x18/0x20 [ 1046.749256][ T9151] ? mutex_unlock+0x8b/0x240 [ 1046.749274][ T9151] sock_ioctl+0x634/0x7b0 [ 1046.749293][ T9151] ? __cfi_sock_ioctl+0x10/0x10 [ 1046.749311][ T9151] ? __fget_files+0x2c5/0x340 [ 1046.749331][ T9151] ? bpf_lsm_file_ioctl+0xd/0x20 [ 1046.749356][ T9151] ? security_file_ioctl+0x34/0xd0 [ 1046.749376][ T9151] ? __cfi_sock_ioctl+0x10/0x10 [ 1046.749394][ T9151] __se_sys_ioctl+0x135/0x1b0 [ 1046.749415][ T9151] __x64_sys_ioctl+0x7f/0xa0 [ 1046.749435][ T9151] x64_sys_call+0x1878/0x2ee0 [ 1046.749460][ T9151] do_syscall_64+0x58/0xf0 [ 1046.749483][ T9151] ? clear_bhb_loop+0x50/0xa0 [ 1046.749503][ T9151] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 1046.749522][ T9151] RIP: 0033:0x7f0067b8f6c9 [ 1046.749538][ T9151] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1046.749555][ T9151] RSP: 002b:00007f00689a9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1046.749576][ T9151] RAX: ffffffffffffffda RBX: 00007f0067de5fa0 RCX: 00007f0067b8f6c9 [ 1046.749592][ T9151] RDX: 0000200000000340 RSI: 000000000000890b RDI: 0000000000000009 [ 1046.749606][ T9151] RBP: 00007f00689a9090 R08: 0000000000000000 R09: 0000000000000000 [ 1046.749619][ T9151] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1046.749632][ T9151] R13: 00007f0067de6038 R14: 00007f0067de5fa0 R15: 00007ffdb8ee9738 [ 1046.749649][ T9151] [ 1047.224735][ T36] audit: type=1400 audit(1763400107.829:9015): avc: denied { read } for pid=9172 comm="poweroff" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [ 1047.419452][ T9187] rust_binder: Read failure Err(EAGAIN) in pid:1104 [ 1047.550249][ T36] audit: type=1400 audit(1763400108.159:9016): avc: denied { execute } for pid=9198 comm="syz.1.32720" path="/322/blkio.bfq.group_wait_time" dev="tmpfs" ino=2009 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 Stopping sshd: stopped /usr/sbin/sshd (pid 201) OK Stopping crond: stopped /usr/sbin/crond (pid 194) OK Stopping dhcpcd... stopped /sbin/dhcpcd (pid 148) Stopping network: [ 1048.029120][ T36] audit: type=1400 audit(1763400108.629:9017): avc: denied { read write } for pid=9261 comm="ip" path="/dev/console" dev="rootfs" ino=104 scontext=system_u:system_r:ifconfig_t tcontext=system_u:object_r:root_t tclass=chr_file permissive=1 [ 1048.115033][ T36] audit: type=1400 audit(1763400108.719:9018): avc: denied { write } for pid=149 comm="dhcpcd" name="dhcpcd" dev="tmpfs" ino=421 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1048.170466][ T36] audit: type=1400 audit(1763400108.719:9019): avc: denied { remove_name } for pid=149 comm="dhcpcd" name="sock" dev="tmpfs" ino=423 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 OK [ 1048.227193][ T36] audit: type=1400 audit(1763400108.719:9020): avc: denied { unlink } for pid=149 comm="dhcpcd" name="sock" dev="tmpfs" ino=423 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=sock_file permissive=1 Stopping iptables: [ 1048.285084][ T36] audit: type=1400 audit(1763400108.749:9021): avc: denied { unlink } for pid=149 comm="dhcpcd" name="pid" dev="tmpfs" ino=422 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 OK [ 1048.327496][ T36] audit: type=1400 audit(1763400108.869:9022): avc: denied { read write } for pid=9284 comm="iptables" path="/dev/console" dev="rootfs" ino=104 scontext=system_u:system_r:iptables_t tcontext=system_u:object_r:root_t tclass=chr_file permissive=1 Stopping system message bus: [ 1048.388831][ T36] audit: type=1400 audit(1763400108.889:9023): avc: denied { search } for pid=9284 comm="iptables" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:iptables_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1048.441039][ T36] audit: type=1400 audit(1763400108.889:9024): avc: denied { write } for pid=9284 comm="iptables" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:iptables_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 done Stopping klogd: OK Stopping acpid: [ 1049.129298][ T9330] No source specified OK Stopping syslogd: stopped /sbin/syslogd (pid 92) OK [ 1049.353536][ T9344] rust_binder: Read failure Err(EAGAIN) in pid:710 umount: can't remount debugfs read-only Connection to 10.128.1.160 closed by remote host. umount: sysfs busy - remounted read-only umount: devtmpfs busy - remounted read-only umount: can't remount /dev/root read-only The system is going down NOW! Sent SIGTERM to all processes [ 1050.187968][ T9381] rust_binder: Read failure Err(EAGAIN) in pid:1129 [ 1050.631529][ T46] bridge_slave_1: left allmulticast mode [ 1050.648319][ T46] bridge_slave_1: left promiscuous mode [ 1050.654212][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 1050.661872][ T46] bridge_slave_0: left allmulticast mode [ 1050.667602][ T46] bridge_slave_0: left promiscuous mode [ 1050.692597][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 1050.861605][ T46] veth1_macvtap: left promiscuous mode [ 1050.867117][ T46] veth0_vlan: left promiscuous mode [ 1051.150845][ T46] bridge_slave_1: left allmulticast mode [ 1051.156502][ T46] bridge_slave_1: left promiscuous mode [ 1051.162269][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 1051.170017][ T46] bridge_slave_0: left allmulticast mode [ 1051.175655][ T46] bridge_slave_0: left promiscuous mode [ 1051.181269][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 1051.188974][ T46] bridge_slave_1: left allmulticast mode [ 1051.194621][ T46] bridge_slave_1: left promiscuous mode [ 1051.200316][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 1051.207726][ T46] bridge_slave_0: left allmulticast mode [ 1051.213506][ T46] bridge_slave_0: left promiscuous mode [ 1051.219132][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 1051.421470][ T46] veth1_macvtap: left promiscuous mode [ 1051.426974][ T46] veth0_vlan: left promiscuous mode [ 1051.432419][ T46] veth1_macvtap: left promiscuous mode [ 1051.437899][ T46] veth0_vlan: left promiscuous mode Sent SIGKILL to all processes Requesting system poweroff [ 1052.508250][ T9386] sd 0:0:1:0: [sda] Synchronizing SCSI cache [ 1052.515467][ T9386] ACPI: PM: Preparing to enter system sleep state S5 [ 1052.522800][ T9386] kvm: exiting hardware virtualization [ 1052.528294][ T9386] reboot: Power down serialport: VM disconnected.