last executing test programs: 40m46.950587892s ago: executing program 1 (id=2776): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000380)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) syz_open_procfs(0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r4, &(0x7f00000001c0), 0x10) sendmsg$can_bcm(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[], 0x48}, 0x1, 0x0, 0x0, 0x50}, 0x0) 40m46.920694405s ago: executing program 1 (id=2778): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000380)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$can_bcm(0x1d, 0x2, 0x2) sendmsg$can_bcm(r4, 0x0, 0x0) 40m46.865974871s ago: executing program 1 (id=2780): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000380)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) write(r0, 0x0, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) sendmsg$can_bcm(0xffffffffffffffff, 0x0, 0x0) 40m46.865513221s ago: executing program 1 (id=2782): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000380)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1002, 0x0) r4 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r4, &(0x7f00000001c0), 0x10) sendmsg$can_bcm(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="05000000d8"], 0x48}, 0x1, 0x0, 0x0, 0x50}, 0x0) 40m46.818149986s ago: executing program 1 (id=2785): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000380)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) connect$can_bcm(0xffffffffffffffff, &(0x7f00000001c0), 0x10) sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x48}, 0x1, 0x0, 0x0, 0x50}, 0x0) 40m46.817817486s ago: executing program 1 (id=2786): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) (async) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) socket$inet_tcp(0x2, 0x1, 0x0) (async) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40a01, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) (async) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) write$tun(r3, &(0x7f00000000c0)=ANY=[@ANYBLOB="001c86dd07"], 0xffe) (async) write$tun(r3, &(0x7f00000000c0)=ANY=[@ANYBLOB="001c86dd07"], 0xffe) socket$inet6_tcp(0xa, 0x1, 0x0) (async) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r5, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r5, @ANYRES64=r4], 0x118) (async) write$UHID_CREATE2(r5, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r5, @ANYRES64=r4], 0x118) io_setup(0x2, &(0x7f0000000000)=0x0) io_submit(r6, 0x0, 0x0) io_pgetevents(r6, 0x7, 0x8, &(0x7f0000000080)=[{}, {}, {}, {}, {}, {}, {}, {}], &(0x7f00000002c0)={0x77359400}, &(0x7f00000003c0)={&(0x7f0000000380)={[0x5]}, 0x8}) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r5, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(r5, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) (async) ioctl$KVM_X86_SETUP_MCE(r5, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) dup(r8) (async) r9 = dup(r8) mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000004380), 0x2a04c98, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r7}, 0x2c, {'wfdno', 0x3d, r9}, 0x2c, {[{@directio}], [], 0x6b}}) (async) mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000004380), 0x2a04c98, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r7}, 0x2c, {'wfdno', 0x3d, r9}, 0x2c, {[{@directio}], [], 0x6b}}) 40m31.631349587s ago: executing program 32 (id=2786): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) (async) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) socket$inet_tcp(0x2, 0x1, 0x0) (async) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40a01, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) (async) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) write$tun(r3, &(0x7f00000000c0)=ANY=[@ANYBLOB="001c86dd07"], 0xffe) (async) write$tun(r3, &(0x7f00000000c0)=ANY=[@ANYBLOB="001c86dd07"], 0xffe) socket$inet6_tcp(0xa, 0x1, 0x0) (async) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r5, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r5, @ANYRES64=r4], 0x118) (async) write$UHID_CREATE2(r5, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r5, @ANYRES64=r4], 0x118) io_setup(0x2, &(0x7f0000000000)=0x0) io_submit(r6, 0x0, 0x0) io_pgetevents(r6, 0x7, 0x8, &(0x7f0000000080)=[{}, {}, {}, {}, {}, {}, {}, {}], &(0x7f00000002c0)={0x77359400}, &(0x7f00000003c0)={&(0x7f0000000380)={[0x5]}, 0x8}) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r5, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(r5, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) (async) ioctl$KVM_X86_SETUP_MCE(r5, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) dup(r8) (async) r9 = dup(r8) mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000004380), 0x2a04c98, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r7}, 0x2c, {'wfdno', 0x3d, r9}, 0x2c, {[{@directio}], [], 0x6b}}) (async) mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000004380), 0x2a04c98, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r7}, 0x2c, {'wfdno', 0x3d, r9}, 0x2c, {[{@directio}], [], 0x6b}}) 2.15393597s ago: executing program 4 (id=78164): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000500), 0x2, 0x0) ioctl$VHOST_VSOCK_SET_GUEST_CID(r2, 0x4008af60, &(0x7f0000000040)) 2.084344437s ago: executing program 4 (id=78165): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') 2.039590282s ago: executing program 4 (id=78166): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003780)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r4, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_io_uring_setup(0x149d, &(0x7f0000000280)={0x0, 0x100031a, 0x101a, 0x3, 0x36b}, 0x0, 0x0) 1.094276548s ago: executing program 4 (id=78198): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, 0x0) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='.\x00', 0x0, 0x0) ioctl$FIDEDUPERANGE(r2, 0xc0189436, &(0x7f0000000040)=ANY=[@ANYBLOB="0000000000000000000000000000000000000000df58"]) 822.353616ms ago: executing program 3 (id=78212): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_io_uring_setup(0x149d, &(0x7f0000000280)={0x0, 0x100031a, 0x101a, 0x3, 0x36b}, 0x0, 0x0) syz_clone(0xa5102000, 0x0, 0x0, 0x0, 0x0, 0x0) 794.476139ms ago: executing program 3 (id=78213): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003780)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) syz_io_uring_setup(0x149d, &(0x7f0000000280)={0x0, 0x100031a, 0x101a, 0x3, 0x36b}, 0x0, 0x0) 764.957392ms ago: executing program 3 (id=78214): r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) ptrace$cont(0x7, r0, 0xffffffffffffff7f, 0x9) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_serviced\x00', 0x275a, 0x0) write$UHID_CREATE2(r2, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8=0x0, @ANYRES8=r2, @ANYRES64=r1], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r2, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r1, 0x0, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x14, &(0x7f00000001c0)={@private1={0xfc, 0x1, '\x00', 0x1}}, 0x14) 715.808207ms ago: executing program 3 (id=78217): rt_sigaction(0xd, &(0x7f0000000180)={0x0, 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendmmsg$inet(r2, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x20, &(0x7f00000000c0)="0bbb268dd6ffa80800000000000000020000210d0000aaa8fa017242ba9380d412000000000000002900000003000000", 0xeb0e7a7d4c6f0553) 648.186594ms ago: executing program 3 (id=78219): r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) ptrace$cont(0x7, r0, 0xffffffffffffff7f, 0x9) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_serviced\x00', 0x275a, 0x0) write$UHID_CREATE2(r2, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8=0x0, @ANYRES8=r2, @ANYRES64=r1], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r2, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r1, 0x0, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r4, 0x29, 0x14, &(0x7f00000001c0)={@private1={0xfc, 0x1, '\x00', 0x1}}, 0x14) 445.577594ms ago: executing program 2 (id=78227): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x14, 0x14, 0x1, 0x70bd27, 0x0, {0xd}}, 0x14}}, 0x400c000) 406.769888ms ago: executing program 2 (id=78229): rt_sigaction(0xd, 0x0, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003780)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r4, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_io_uring_setup(0x149d, &(0x7f0000000280)={0x0, 0x100031a, 0x101a, 0x3, 0x36b}, 0x0, 0x0) 354.624724ms ago: executing program 2 (id=78231): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003780)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r4, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r7, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r7, @ANYRES64=r6], 0x118) ioctl$KVM_SET_MP_STATE(r7, 0x4004ae99, &(0x7f0000000040)=0x8) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r7, 0x0) ioctl$KVM_X86_SETUP_MCE(r7, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r6, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_io_uring_setup(0x149d, &(0x7f0000000280)={0x0, 0x100031a, 0x101a, 0x3, 0x36b}, 0x0, 0x0) syz_clone(0xa5102000, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) 284.360751ms ago: executing program 0 (id=78232): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, 0x0, 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003780)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) syz_io_uring_setup(0x149d, &(0x7f0000000280)={0x0, 0x100031a, 0x101a, 0x3, 0x36b}, 0x0, 0x0) syz_clone(0xa5102000, 0x0, 0x0, 0x0, 0x0, 0x0) 284.090361ms ago: executing program 4 (id=78233): rt_sigaction(0xd, &(0x7f0000000180)={0x0, 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendmmsg$inet(r2, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x20, &(0x7f00000000c0)="0bbb268dd6ffa80800000000000000020000210d0000aaa8fa017242ba9380d412000000000000002900000003000000", 0xeb0e7a7d4c6f0553) 269.063362ms ago: executing program 0 (id=78234): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) socket$inet6_tcp(0xa, 0x1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r1, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003780)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) syz_io_uring_setup(0x149d, &(0x7f0000000280)={0x0, 0x100031a, 0x101a, 0x3, 0x36b}, 0x0, 0x0) 238.288725ms ago: executing program 0 (id=78235): rt_sigaction(0xd, 0x0, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fremovexattr(r5, &(0x7f0000000200)=@known='trusted.overlay.opaque\x00') write$P9_RVERSION(r6, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15) ioctl$DMA_BUF_IOCTL_SYNC(r4, 0x40086200, &(0x7f0000000140)) r7 = dup(r6) write$FUSE_BMAP(r7, &(0x7f0000000100)={0x18}, 0x18) 183.357831ms ago: executing program 2 (id=78236): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') 127.710337ms ago: executing program 0 (id=78237): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003780)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r4, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_io_uring_setup(0x149d, &(0x7f0000000280)={0x0, 0x100031a, 0x101a, 0x3, 0x36b}, 0x0, 0x0) syz_clone(0xa5102000, 0x0, 0x0, 0x0, 0x0, 0x0) 126.799167ms ago: executing program 2 (id=78238): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40004) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r5, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) getsockopt$sock_int(r0, 0x1, 0x6, 0x0, 0x0) 105.087549ms ago: executing program 0 (id=78239): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_io_uring_setup(0x149d, &(0x7f0000000280)={0x0, 0x100031a, 0x101a, 0x3, 0x36b}, 0x0, 0x0) syz_clone(0xa5102000, 0x0, 0x0, 0x0, 0x0, 0x0) 56.300714ms ago: executing program 2 (id=78240): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, 0x0) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8000) modify_ldt$write2(0x11, &(0x7f0000000400)={0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x10) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) 53.697495ms ago: executing program 0 (id=78241): r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) ptrace$cont(0x7, r0, 0xffffffffffffff7f, 0x9) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_serviced\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8=0x0, @ANYRES8=r1, @ANYRES64], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(0xffffffffffffffff, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_open_procfs$namespace(r0, &(0x7f0000000000)='ns/pid\x00') 25.134187ms ago: executing program 4 (id=78242): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, 0x0) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='.\x00', 0x0, 0x0) ioctl$FIDEDUPERANGE(r2, 0xc0189436, &(0x7f0000000040)=ANY=[@ANYBLOB="0000000000000000000000000000000000000000df58"]) 0s ago: executing program 3 (id=78243): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003780)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_io_uring_setup(0x149d, &(0x7f0000000280)={0x0, 0x100031a, 0x101a, 0x3, 0x36b}, 0x0, 0x0) kernel console output (not intermixed with test programs): ce 0, times 0 [ 2456.611371][T29008] CPU: 1 UID: 0 PID: 29008 Comm: syz.0.74532 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2456.611405][T29008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2456.611417][T29008] Call Trace: [ 2456.611424][T29008] [ 2456.611432][T29008] __dump_stack+0x21/0x30 [ 2456.611461][T29008] dump_stack_lvl+0x10c/0x190 [ 2456.611484][T29008] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2456.611508][T29008] ? __kasan_check_read+0x15/0x20 [ 2456.611534][T29008] dump_stack+0x19/0x20 [ 2456.611556][T29008] should_fail_ex+0x3d9/0x530 [ 2456.611576][T29008] should_fail+0xf/0x20 [ 2456.611593][T29008] should_fail_usercopy+0x1e/0x30 [ 2456.611613][T29008] __kvm_read_guest_page+0x177/0x210 [ 2456.611633][T29008] kvm_vcpu_read_guest_page+0x31a/0x400 [ 2456.611653][T29008] kvm_fetch_guest_virt+0x146/0x190 [ 2456.611678][T29008] ? __cfi_kvm_fetch_guest_virt+0x10/0x10 [ 2456.611704][T29008] __do_insn_fetch_bytes+0x321/0x730 [ 2456.611723][T29008] ? x86_decode_insn+0x4fb0/0x4fb0 [ 2456.611741][T29008] ? emulator_read_write+0x410/0x580 [ 2456.611761][T29008] ? tdp_iter_restart+0x1c4/0x360 [ 2456.611781][T29008] ? kvm_tdp_mmu_fast_pf_get_last_sptep+0x290/0x290 [ 2456.611804][T29008] ? tdp_iter_next+0x362/0xa30 [ 2456.611823][T29008] x86_decode_insn+0x33b/0x4fb0 [ 2456.611840][T29008] ? trace_mark_mmio_spte+0x22/0x130 [ 2456.611866][T29008] ? __cfi_x86_decode_insn+0x10/0x10 [ 2456.611883][T29008] ? __kasan_check_write+0x18/0x20 [ 2456.611908][T29008] ? vmx_read_guest_seg_ar+0x1c8/0x350 [ 2456.611934][T29008] ? __asan_memset+0x39/0x50 [ 2456.611950][T29008] ? init_decode_cache+0x7c/0x90 [ 2456.611968][T29008] ? init_emulate_ctxt+0x410/0x540 [ 2456.611988][T29008] ? kvm_inject_realmode_interrupt+0x2e0/0x2e0 [ 2456.612009][T29008] ? kvm_mmu_do_page_fault+0x4b0/0x5f0 [ 2456.612031][T29008] x86_decode_emulated_instruction+0x66/0x190 [ 2456.612053][T29008] x86_emulate_instruction+0x2d3/0x1870 [ 2456.612080][T29008] ? kvm_multiple_exception+0x6d8/0xad0 [ 2456.612104][T29008] kvm_mmu_page_fault+0x336/0x970 [ 2456.612126][T29008] handle_ept_violation+0x21c/0x440 [ 2456.612145][T29008] ? vmx_vcpu_run+0x1100/0x2000 [ 2456.612170][T29008] ? __cfi_handle_ept_violation+0x10/0x10 [ 2456.612189][T29008] vmx_handle_exit+0x12c2/0x1b40 [ 2456.612213][T29008] ? kvm_deliver_exception_payload+0xd7/0x200 [ 2456.612236][T29008] ? __cfi_vmx_vcpu_run+0x10/0x10 [ 2456.612261][T29008] ? vmx_handle_exit_irqoff+0xe9/0x7a0 [ 2456.612286][T29008] vcpu_run+0x4bd0/0x7830 [ 2456.612318][T29008] ? signal_pending+0xc0/0xc0 [ 2456.612342][T29008] ? complete_emulated_mmio+0x4fb/0x790 [ 2456.612364][T29008] kvm_arch_vcpu_ioctl_run+0x101a/0x1aa0 [ 2456.612388][T29008] ? __cfi_kvm_arch_vcpu_ioctl_run+0x10/0x10 [ 2456.612411][T29008] ? kstrtoull+0x13b/0x1e0 [ 2456.612427][T29008] ? kstrtouint+0x78/0xf0 [ 2456.612444][T29008] ? ioctl_has_perm+0x1aa/0x4d0 [ 2456.612466][T29008] ? __asan_memcpy+0x5a/0x80 [ 2456.612482][T29008] ? ioctl_has_perm+0x3e0/0x4d0 [ 2456.612503][T29008] ? has_cap_mac_admin+0xd0/0xd0 [ 2456.612524][T29008] ? __kasan_check_write+0x18/0x20 [ 2456.612549][T29008] ? mutex_lock_killable+0x92/0x1c0 [ 2456.612568][T29008] ? __cfi_mutex_lock_killable+0x10/0x10 [ 2456.612586][T29008] ? proc_fail_nth_write+0x17e/0x210 [ 2456.612609][T29008] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 2456.612633][T29008] kvm_vcpu_ioctl+0x96f/0xee0 [ 2456.612651][T29008] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 2456.612668][T29008] ? __cfi_vfs_write+0x10/0x10 [ 2456.612686][T29008] ? __kasan_check_write+0x18/0x20 [ 2456.612712][T29008] ? mutex_unlock+0x8b/0x240 [ 2456.612729][T29008] ? __cfi_mutex_unlock+0x10/0x10 [ 2456.612745][T29008] ? __fget_files+0x2c5/0x340 [ 2456.612766][T29008] ? __fget_files+0x2c5/0x340 [ 2456.612786][T29008] ? bpf_lsm_file_ioctl+0xd/0x20 [ 2456.612810][T29008] ? security_file_ioctl+0x34/0xd0 [ 2456.612830][T29008] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 2456.612846][T29008] __se_sys_ioctl+0x135/0x1b0 [ 2456.612867][T29008] __x64_sys_ioctl+0x7f/0xa0 [ 2456.612886][T29008] x64_sys_call+0x1878/0x2ee0 [ 2456.612912][T29008] do_syscall_64+0x58/0xf0 [ 2456.612934][T29008] ? clear_bhb_loop+0x50/0xa0 [ 2456.612955][T29008] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2456.612974][T29008] RIP: 0033:0x7f514fb8f6c9 [ 2456.612991][T29008] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2456.613007][T29008] RSP: 002b:00007f515099a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2456.613028][T29008] RAX: ffffffffffffffda RBX: 00007f514fde5fa0 RCX: 00007f514fb8f6c9 [ 2456.613043][T29008] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008 [ 2456.613056][T29008] RBP: 00007f515099a090 R08: 0000000000000000 R09: 0000000000000000 [ 2456.613074][T29008] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2456.613086][T29008] R13: 00007f514fde6038 R14: 00007f514fde5fa0 R15: 00007fff0caff2c8 [ 2456.613104][T29008] [ 2457.739875][T29076] FAULT_INJECTION: forcing a failure. [ 2457.739875][T29076] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2457.770861][T29076] CPU: 0 UID: 0 PID: 29076 Comm: syz.3.74566 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2457.770894][T29076] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2457.770906][T29076] Call Trace: [ 2457.770913][T29076] [ 2457.770921][T29076] __dump_stack+0x21/0x30 [ 2457.770951][T29076] dump_stack_lvl+0x10c/0x190 [ 2457.770974][T29076] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2457.770998][T29076] ? check_stack_object+0x12c/0x140 [ 2457.771017][T29076] dump_stack+0x19/0x20 [ 2457.771038][T29076] should_fail_ex+0x3d9/0x530 [ 2457.771057][T29076] should_fail+0xf/0x20 [ 2457.771074][T29076] should_fail_usercopy+0x1e/0x30 [ 2457.771094][T29076] _copy_to_user+0x24/0xa0 [ 2457.771114][T29076] simple_read_from_buffer+0xed/0x160 [ 2457.771136][T29076] proc_fail_nth_read+0x19e/0x210 [ 2457.771160][T29076] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 2457.771182][T29076] ? avc_has_perm+0x144/0x220 [ 2457.771203][T29076] ? bpf_lsm_file_permission+0xd/0x20 [ 2457.771227][T29076] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 2457.771249][T29076] vfs_read+0x27d/0xc70 [ 2457.771266][T29076] ? __cfi_vfs_read+0x10/0x10 [ 2457.771281][T29076] ? __kasan_check_write+0x18/0x20 [ 2457.771309][T29076] ? mutex_lock+0x92/0x1c0 [ 2457.771327][T29076] ? __cfi_mutex_lock+0x10/0x10 [ 2457.771343][T29076] ? __fget_files+0x2c5/0x340 [ 2457.771364][T29076] ksys_read+0x141/0x250 [ 2457.771380][T29076] ? __cfi_ksys_read+0x10/0x10 [ 2457.771395][T29076] ? __kasan_check_read+0x15/0x20 [ 2457.771418][T29076] __x64_sys_read+0x7f/0x90 [ 2457.771433][T29076] x64_sys_call+0x2638/0x2ee0 [ 2457.771457][T29076] do_syscall_64+0x58/0xf0 [ 2457.771489][T29076] ? clear_bhb_loop+0x50/0xa0 [ 2457.771509][T29076] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2457.771529][T29076] RIP: 0033:0x7fa405d8e0dc [ 2457.771545][T29076] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 2457.771562][T29076] RSP: 002b:00007fa4047f7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 2457.771584][T29076] RAX: ffffffffffffffda RBX: 00007fa405fe5fa0 RCX: 00007fa405d8e0dc [ 2457.771599][T29076] RDX: 000000000000000f RSI: 00007fa4047f70a0 RDI: 0000000000000008 [ 2457.771613][T29076] RBP: 00007fa4047f7090 R08: 0000000000000000 R09: 0000000000000000 [ 2457.771625][T29076] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2457.771637][T29076] R13: 00007fa405fe6038 R14: 00007fa405fe5fa0 R15: 00007ffc650372c8 [ 2457.771653][T29076] [ 2459.211470][T29183] kvm: apic: phys broadcast and lowest prio [ 2461.379655][T29459] FAULT_INJECTION: forcing a failure. [ 2461.379655][T29459] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2461.394109][T29459] CPU: 1 UID: 0 PID: 29459 Comm: syz.0.74752 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2461.394141][T29459] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2461.394154][T29459] Call Trace: [ 2461.394160][T29459] [ 2461.394169][T29459] __dump_stack+0x21/0x30 [ 2461.394197][T29459] dump_stack_lvl+0x10c/0x190 [ 2461.394220][T29459] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2461.394245][T29459] ? check_stack_object+0x107/0x140 [ 2461.394264][T29459] dump_stack+0x19/0x20 [ 2461.394286][T29459] should_fail_ex+0x3d9/0x530 [ 2461.394305][T29459] should_fail+0xf/0x20 [ 2461.394322][T29459] should_fail_usercopy+0x1e/0x30 [ 2461.394343][T29459] _copy_from_user+0x22/0xb0 [ 2461.394365][T29459] __sys_connect+0x136/0x440 [ 2461.394390][T29459] ? __cfi___sys_connect+0x10/0x10 [ 2461.394415][T29459] ? __kasan_check_read+0x15/0x20 [ 2461.394441][T29459] __x64_sys_connect+0x7e/0x90 [ 2461.394464][T29459] x64_sys_call+0x1c2f/0x2ee0 [ 2461.394500][T29459] do_syscall_64+0x58/0xf0 [ 2461.394523][T29459] ? clear_bhb_loop+0x50/0xa0 [ 2461.394544][T29459] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2461.394564][T29459] RIP: 0033:0x7f514fb8f6c9 [ 2461.394580][T29459] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2461.394597][T29459] RSP: 002b:00007f515099a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2461.394619][T29459] RAX: ffffffffffffffda RBX: 00007f514fde5fa0 RCX: 00007f514fb8f6c9 [ 2461.394634][T29459] RDX: 0000000000000010 RSI: 0000200000000180 RDI: 0000000000000007 [ 2461.394647][T29459] RBP: 00007f515099a090 R08: 0000000000000000 R09: 0000000000000000 [ 2461.394659][T29459] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2461.394672][T29459] R13: 00007f514fde6038 R14: 00007f514fde5fa0 R15: 00007fff0caff2c8 [ 2461.394688][T29459] [ 2461.957959][T29489] FAULT_INJECTION: forcing a failure. [ 2461.957959][T29489] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2461.971045][T29489] CPU: 0 UID: 0 PID: 29489 Comm: syz.4.74760 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2461.971074][T29489] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2461.971087][T29489] Call Trace: [ 2461.971094][T29489] [ 2461.971102][T29489] __dump_stack+0x21/0x30 [ 2461.971131][T29489] dump_stack_lvl+0x10c/0x190 [ 2461.971154][T29489] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2461.971178][T29489] ? __kasan_check_read+0x15/0x20 [ 2461.971206][T29489] dump_stack+0x19/0x20 [ 2461.971227][T29489] should_fail_ex+0x3d9/0x530 [ 2461.971247][T29489] should_fail+0xf/0x20 [ 2461.971264][T29489] should_fail_usercopy+0x1e/0x30 [ 2461.971288][T29489] __kvm_read_guest_page+0x177/0x210 [ 2461.971306][T29489] kvm_vcpu_read_guest_page+0x31a/0x400 [ 2461.971326][T29489] kvm_fetch_guest_virt+0x146/0x190 [ 2461.971352][T29489] ? __cfi_kvm_fetch_guest_virt+0x10/0x10 [ 2461.971377][T29489] __do_insn_fetch_bytes+0x321/0x730 [ 2461.971397][T29489] ? x86_decode_insn+0x4fb0/0x4fb0 [ 2461.971414][T29489] ? emulator_read_write+0x410/0x580 [ 2461.971434][T29489] ? tdp_iter_restart+0x1c4/0x360 [ 2461.971463][T29489] ? kvm_tdp_mmu_fast_pf_get_last_sptep+0x290/0x290 [ 2461.971487][T29489] ? tdp_iter_next+0x362/0xa30 [ 2461.971507][T29489] x86_decode_insn+0x33b/0x4fb0 [ 2461.971525][T29489] ? trace_mark_mmio_spte+0x22/0x130 [ 2461.971551][T29489] ? __cfi_x86_decode_insn+0x10/0x10 [ 2461.971568][T29489] ? __kasan_check_write+0x18/0x20 [ 2461.971594][T29489] ? vmx_read_guest_seg_ar+0x1c8/0x350 [ 2461.971616][T29489] ? __asan_memset+0x39/0x50 [ 2461.971632][T29489] ? init_decode_cache+0x7c/0x90 [ 2461.971650][T29489] ? init_emulate_ctxt+0x410/0x540 [ 2461.971670][T29489] ? kvm_inject_realmode_interrupt+0x2e0/0x2e0 [ 2461.971692][T29489] ? kvm_mmu_do_page_fault+0x4b0/0x5f0 [ 2461.971714][T29489] x86_decode_emulated_instruction+0x66/0x190 [ 2461.971736][T29489] x86_emulate_instruction+0x2d3/0x1870 [ 2461.971757][T29489] ? kvm_multiple_exception+0x6d8/0xad0 [ 2461.971780][T29489] kvm_mmu_page_fault+0x336/0x970 [ 2461.971802][T29489] handle_ept_violation+0x21c/0x440 [ 2461.971821][T29489] ? vmx_vcpu_run+0x1100/0x2000 [ 2461.971846][T29489] ? __cfi_handle_ept_violation+0x10/0x10 [ 2461.971866][T29489] vmx_handle_exit+0x12c2/0x1b40 [ 2461.971890][T29489] ? kvm_deliver_exception_payload+0xd7/0x200 [ 2461.971913][T29489] ? __cfi_vmx_vcpu_run+0x10/0x10 [ 2461.971937][T29489] ? vmx_handle_exit_irqoff+0xe9/0x7a0 [ 2461.971963][T29489] vcpu_run+0x4bd0/0x7830 [ 2461.971995][T29489] ? signal_pending+0xc0/0xc0 [ 2461.972018][T29489] ? complete_emulated_mmio+0x4fb/0x790 [ 2461.972040][T29489] kvm_arch_vcpu_ioctl_run+0x101a/0x1aa0 [ 2461.972064][T29489] ? __cfi_kvm_arch_vcpu_ioctl_run+0x10/0x10 [ 2461.972087][T29489] ? kstrtoull+0x13b/0x1e0 [ 2461.972104][T29489] ? kstrtouint+0x78/0xf0 [ 2461.972121][T29489] ? ioctl_has_perm+0x1aa/0x4d0 [ 2461.972142][T29489] ? __asan_memcpy+0x5a/0x80 [ 2461.972159][T29489] ? ioctl_has_perm+0x3e0/0x4d0 [ 2461.972180][T29489] ? has_cap_mac_admin+0xd0/0xd0 [ 2461.972200][T29489] ? __kasan_check_write+0x18/0x20 [ 2461.972225][T29489] ? mutex_lock_killable+0x92/0x1c0 [ 2461.972244][T29489] ? __cfi_mutex_lock_killable+0x10/0x10 [ 2461.972262][T29489] ? proc_fail_nth_write+0x17e/0x210 [ 2461.972286][T29489] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 2461.972310][T29489] kvm_vcpu_ioctl+0x96f/0xee0 [ 2461.972329][T29489] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 2461.972346][T29489] ? __cfi_vfs_write+0x10/0x10 [ 2461.972363][T29489] ? __kasan_check_write+0x18/0x20 [ 2461.972389][T29489] ? mutex_unlock+0x8b/0x240 [ 2461.972406][T29489] ? __cfi_mutex_unlock+0x10/0x10 [ 2461.972423][T29489] ? __fget_files+0x2c5/0x340 [ 2461.972451][T29489] ? __fget_files+0x2c5/0x340 [ 2461.972471][T29489] ? bpf_lsm_file_ioctl+0xd/0x20 [ 2461.972495][T29489] ? security_file_ioctl+0x34/0xd0 [ 2461.972516][T29489] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 2461.972533][T29489] __se_sys_ioctl+0x135/0x1b0 [ 2461.972553][T29489] __x64_sys_ioctl+0x7f/0xa0 [ 2461.972573][T29489] x64_sys_call+0x1878/0x2ee0 [ 2461.972598][T29489] do_syscall_64+0x58/0xf0 [ 2461.972620][T29489] ? clear_bhb_loop+0x50/0xa0 [ 2461.972641][T29489] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2461.972661][T29489] RIP: 0033:0x7efc4ef8f6c9 [ 2461.972678][T29489] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2461.972694][T29489] RSP: 002b:00007efc4fea2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2461.972716][T29489] RAX: ffffffffffffffda RBX: 00007efc4f1e5fa0 RCX: 00007efc4ef8f6c9 [ 2461.972731][T29489] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007 [ 2461.972743][T29489] RBP: 00007efc4fea2090 R08: 0000000000000000 R09: 0000000000000000 [ 2461.972756][T29489] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2461.972769][T29489] R13: 00007efc4f1e6038 R14: 00007efc4f1e5fa0 R15: 00007ffeb37f2ad8 [ 2461.972786][T29489] [ 2462.961573][T29522] xt_NFQUEUE: number of total queues is 0 [ 2463.756698][T29584] FAULT_INJECTION: forcing a failure. [ 2463.756698][T29584] name failslab, interval 1, probability 0, space 0, times 0 [ 2463.781451][T29584] CPU: 0 UID: 0 PID: 29584 Comm: syz.3.74810 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2463.781483][T29584] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2463.781495][T29584] Call Trace: [ 2463.781502][T29584] [ 2463.781510][T29584] __dump_stack+0x21/0x30 [ 2463.781548][T29584] dump_stack_lvl+0x10c/0x190 [ 2463.781572][T29584] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2463.781596][T29584] ? avc_has_perm+0x144/0x220 [ 2463.781620][T29584] dump_stack+0x19/0x20 [ 2463.781642][T29584] should_fail_ex+0x3d9/0x530 [ 2463.781663][T29584] should_failslab+0xac/0x100 [ 2463.781683][T29584] __kmalloc_cache_noprof+0x41/0x490 [ 2463.781703][T29584] ? vhost_task_create+0x101/0x350 [ 2463.781722][T29584] ? __cfi_kvm_nx_huge_page_recovery_worker+0x10/0x10 [ 2463.781743][T29584] vhost_task_create+0x101/0x350 [ 2463.781761][T29584] ? __cfi_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10 [ 2463.781783][T29584] ? __cfi_vhost_task_create+0x10/0x10 [ 2463.781802][T29584] ? __cfi_vhost_task_fn+0x10/0x10 [ 2463.781820][T29584] ? __kasan_check_write+0x18/0x20 [ 2463.781846][T29584] ? mutex_lock+0x92/0x1c0 [ 2463.781863][T29584] ? __cfi_mutex_lock+0x10/0x10 [ 2463.781880][T29584] ? kernel_text_address+0xa9/0xe0 [ 2463.781903][T29584] kvm_mmu_post_init_vm+0x156/0x2d0 [ 2463.781928][T29584] kvm_arch_vcpu_ioctl_run+0xd7/0x1aa0 [ 2463.781952][T29584] ? _parse_integer_limit+0x195/0x1e0 [ 2463.781978][T29584] ? __cfi_kvm_arch_vcpu_ioctl_run+0x10/0x10 [ 2463.782001][T29584] ? kstrtoull+0x13b/0x1e0 [ 2463.782018][T29584] ? kstrtouint+0x78/0xf0 [ 2463.782035][T29584] ? ioctl_has_perm+0x1aa/0x4d0 [ 2463.782056][T29584] ? __asan_memcpy+0x5a/0x80 [ 2463.782072][T29584] ? ioctl_has_perm+0x3e0/0x4d0 [ 2463.782093][T29584] ? has_cap_mac_admin+0xd0/0xd0 [ 2463.782114][T29584] ? __kasan_check_write+0x18/0x20 [ 2463.782139][T29584] ? mutex_lock_killable+0x92/0x1c0 [ 2463.782158][T29584] ? __cfi_mutex_lock_killable+0x10/0x10 [ 2463.782175][T29584] ? proc_fail_nth_write+0x17e/0x210 [ 2463.782199][T29584] kvm_vcpu_ioctl+0x96f/0xee0 [ 2463.782217][T29584] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 2463.782234][T29584] ? __cfi_vfs_write+0x10/0x10 [ 2463.782252][T29584] ? __kasan_check_write+0x18/0x20 [ 2463.782278][T29584] ? mutex_unlock+0x8b/0x240 [ 2463.782294][T29584] ? __cfi_mutex_unlock+0x10/0x10 [ 2463.782311][T29584] ? __fget_files+0x2c5/0x340 [ 2463.782332][T29584] ? __fget_files+0x2c5/0x340 [ 2463.782352][T29584] ? bpf_lsm_file_ioctl+0xd/0x20 [ 2463.782376][T29584] ? security_file_ioctl+0x34/0xd0 [ 2463.782397][T29584] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 2463.782414][T29584] __se_sys_ioctl+0x135/0x1b0 [ 2463.782435][T29584] __x64_sys_ioctl+0x7f/0xa0 [ 2463.782454][T29584] x64_sys_call+0x1878/0x2ee0 [ 2463.782480][T29584] do_syscall_64+0x58/0xf0 [ 2463.782502][T29584] ? clear_bhb_loop+0x50/0xa0 [ 2463.782523][T29584] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2463.782549][T29584] RIP: 0033:0x7fa405d8f6c9 [ 2463.782565][T29584] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2463.782582][T29584] RSP: 002b:00007fa4047f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2463.782603][T29584] RAX: ffffffffffffffda RBX: 00007fa405fe5fa0 RCX: 00007fa405d8f6c9 [ 2463.782618][T29584] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000009 [ 2463.782630][T29584] RBP: 00007fa4047f7090 R08: 0000000000000000 R09: 0000000000000000 [ 2463.782642][T29584] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2463.782654][T29584] R13: 00007fa405fe6038 R14: 00007fa405fe5fa0 R15: 00007ffc650372c8 [ 2463.782670][T29584] [ 2465.868083][T29741] netlink: 36 bytes leftover after parsing attributes in process `syz.2.74887'. [ 2465.895287][T29741] netlink: 8 bytes leftover after parsing attributes in process `syz.2.74887'. [ 2466.611621][T29808] FAULT_INJECTION: forcing a failure. [ 2466.611621][T29808] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2466.651350][T29808] CPU: 1 UID: 0 PID: 29808 Comm: syz.2.74922 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2466.651382][T29808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2466.651393][T29808] Call Trace: [ 2466.651400][T29808] [ 2466.651408][T29808] __dump_stack+0x21/0x30 [ 2466.651437][T29808] dump_stack_lvl+0x10c/0x190 [ 2466.651461][T29808] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2466.651485][T29808] ? bpf_lsm_file_permission+0xd/0x20 [ 2466.651510][T29808] dump_stack+0x19/0x20 [ 2466.651532][T29808] should_fail_ex+0x3d9/0x530 [ 2466.651552][T29808] should_fail+0xf/0x20 [ 2466.651569][T29808] should_fail_usercopy+0x1e/0x30 [ 2466.651589][T29808] _copy_from_user+0x22/0xb0 [ 2466.651611][T29808] do_seccomp+0x1a5/0xee0 [ 2466.651630][T29808] ? __kasan_check_write+0x18/0x20 [ 2466.651655][T29808] ? prctl_set_seccomp+0x80/0x80 [ 2466.651672][T29808] ? ksys_write+0x1ef/0x250 [ 2466.651690][T29808] ? __cfi_ksys_write+0x10/0x10 [ 2466.651708][T29808] ? __kasan_check_read+0x15/0x20 [ 2466.651734][T29808] __x64_sys_seccomp+0x7f/0x90 [ 2466.651751][T29808] x64_sys_call+0x249b/0x2ee0 [ 2466.651775][T29808] do_syscall_64+0x58/0xf0 [ 2466.651798][T29808] ? clear_bhb_loop+0x50/0xa0 [ 2466.651819][T29808] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2466.651839][T29808] RIP: 0033:0x7f465858f6c9 [ 2466.651855][T29808] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2466.651872][T29808] RSP: 002b:00007f465941a038 EFLAGS: 00000246 ORIG_RAX: 000000000000013d [ 2466.651894][T29808] RAX: ffffffffffffffda RBX: 00007f46587e5fa0 RCX: 00007f465858f6c9 [ 2466.651909][T29808] RDX: 0000200000000040 RSI: 000000000000000c RDI: 0000000000000001 [ 2466.651923][T29808] RBP: 00007f465941a090 R08: 0000000000000000 R09: 0000000000000000 [ 2466.651936][T29808] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2466.651949][T29808] R13: 00007f46587e6038 R14: 00007f46587e5fa0 R15: 00007ffd55ed6998 [ 2466.651966][T29808] [ 2466.905829][T28322] bridge_slave_1: left allmulticast mode [ 2466.916983][T28322] bridge_slave_1: left promiscuous mode [ 2466.932816][T28322] bridge0: port 2(bridge_slave_1) entered disabled state [ 2466.954827][T28322] bridge_slave_0: left allmulticast mode [ 2466.965875][T28322] bridge_slave_0: left promiscuous mode [ 2466.976512][T28322] bridge0: port 1(bridge_slave_0) entered disabled state [ 2467.115576][T29809] bridge0: port 1(bridge_slave_0) entered blocking state [ 2467.122837][T29809] bridge0: port 1(bridge_slave_0) entered disabled state [ 2467.130390][T29809] bridge_slave_0: entered allmulticast mode [ 2467.136730][T29809] bridge_slave_0: entered promiscuous mode [ 2467.143335][T29809] bridge0: port 2(bridge_slave_1) entered blocking state [ 2467.150408][T29809] bridge0: port 2(bridge_slave_1) entered disabled state [ 2467.161339][T29809] bridge_slave_1: entered allmulticast mode [ 2467.167649][T29809] bridge_slave_1: entered promiscuous mode [ 2467.173515][ T36] audit: type=1326 audit(2000000129.230:751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29843 comm="syz.2.74938" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f465858f6c9 code=0x0 [ 2467.197510][T28322] veth1_macvtap: left promiscuous mode [ 2467.206476][T28322] veth0_vlan: left promiscuous mode [ 2467.474058][T29809] bridge0: port 2(bridge_slave_1) entered blocking state [ 2467.481119][T29809] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2467.488424][T29809] bridge0: port 1(bridge_slave_0) entered blocking state [ 2467.495471][T29809] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2467.565405][ T403] bridge0: port 1(bridge_slave_0) entered disabled state [ 2467.572782][ T403] bridge0: port 2(bridge_slave_1) entered disabled state [ 2467.613420][ T403] bridge0: port 1(bridge_slave_0) entered blocking state [ 2467.620480][ T403] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2467.642085][ T403] bridge0: port 2(bridge_slave_1) entered blocking state [ 2467.649133][ T403] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2467.696616][T29809] veth0_vlan: entered promiscuous mode [ 2467.771658][T29809] veth1_macvtap: entered promiscuous mode [ 2468.372174][T29930] FAULT_INJECTION: forcing a failure. [ 2468.372174][T29930] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2468.401358][T29930] CPU: 0 UID: 0 PID: 29930 Comm: syz.3.74978 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2468.401388][T29930] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2468.401400][T29930] Call Trace: [ 2468.401406][T29930] [ 2468.401414][T29930] __dump_stack+0x21/0x30 [ 2468.401443][T29930] dump_stack_lvl+0x10c/0x190 [ 2468.401467][T29930] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2468.401491][T29930] ? __kasan_check_write+0x18/0x20 [ 2468.401517][T29930] ? check_stack_object+0x107/0x140 [ 2468.401535][T29930] dump_stack+0x19/0x20 [ 2468.401557][T29930] should_fail_ex+0x3d9/0x530 [ 2468.401577][T29930] should_fail+0xf/0x20 [ 2468.401594][T29930] should_fail_usercopy+0x1e/0x30 [ 2468.401613][T29930] _copy_from_user+0x22/0xb0 [ 2468.401636][T29930] __sys_sendto+0x29e/0x6f0 [ 2468.401661][T29930] ? __cfi___sys_sendto+0x10/0x10 [ 2468.401685][T29930] ? __kasan_check_write+0x18/0x20 [ 2468.401710][T29930] ? __cfi_ksys_write+0x10/0x10 [ 2468.401730][T29930] __x64_sys_sendto+0xe9/0x100 [ 2468.401753][T29930] x64_sys_call+0x2c2c/0x2ee0 [ 2468.401778][T29930] do_syscall_64+0x58/0xf0 [ 2468.401800][T29930] ? clear_bhb_loop+0x50/0xa0 [ 2468.401820][T29930] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2468.401839][T29930] RIP: 0033:0x7f0cfd98f6c9 [ 2468.401854][T29930] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2468.401870][T29930] RSP: 002b:00007f0cfe85b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 2468.401892][T29930] RAX: ffffffffffffffda RBX: 00007f0cfdbe5fa0 RCX: 00007f0cfd98f6c9 [ 2468.401908][T29930] RDX: 000000000000000e RSI: 00002000000002c0 RDI: 0000000000000006 [ 2468.401921][T29930] RBP: 00007f0cfe85b090 R08: 0000200000000140 R09: 0000000000000014 [ 2468.401935][T29930] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000001 [ 2468.401948][T29930] R13: 00007f0cfdbe6038 R14: 00007f0cfdbe5fa0 R15: 00007ffe9353ad48 [ 2468.401965][T29930] [ 2469.157585][T29984] FAULT_INJECTION: forcing a failure. [ 2469.157585][T29984] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2469.191132][T29984] CPU: 0 UID: 0 PID: 29984 Comm: syz.2.75006 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2469.191172][T29984] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2469.191185][T29984] Call Trace: [ 2469.191191][T29984] [ 2469.191200][T29984] __dump_stack+0x21/0x30 [ 2469.191230][T29984] dump_stack_lvl+0x10c/0x190 [ 2469.191254][T29984] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2469.191278][T29984] ? __kasan_check_write+0x18/0x20 [ 2469.191307][T29984] ? check_stack_object+0x107/0x140 [ 2469.191325][T29984] dump_stack+0x19/0x20 [ 2469.191346][T29984] should_fail_ex+0x3d9/0x530 [ 2469.191366][T29984] should_fail+0xf/0x20 [ 2469.191382][T29984] should_fail_usercopy+0x1e/0x30 [ 2469.191402][T29984] _copy_from_user+0x22/0xb0 [ 2469.191423][T29984] __sys_sendto+0x29e/0x6f0 [ 2469.191448][T29984] ? __cfi___sys_sendto+0x10/0x10 [ 2469.191473][T29984] ? __kasan_check_write+0x18/0x20 [ 2469.191500][T29984] ? __cfi_ksys_write+0x10/0x10 [ 2469.191519][T29984] __x64_sys_sendto+0xe9/0x100 [ 2469.191543][T29984] x64_sys_call+0x2c2c/0x2ee0 [ 2469.191568][T29984] do_syscall_64+0x58/0xf0 [ 2469.191590][T29984] ? clear_bhb_loop+0x50/0xa0 [ 2469.191610][T29984] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2469.191630][T29984] RIP: 0033:0x7f465858f6c9 [ 2469.191646][T29984] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2469.191662][T29984] RSP: 002b:00007f465941a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 2469.191684][T29984] RAX: ffffffffffffffda RBX: 00007f46587e5fa0 RCX: 00007f465858f6c9 [ 2469.191700][T29984] RDX: 000000000000000e RSI: 00002000000002c0 RDI: 0000000000000006 [ 2469.191714][T29984] RBP: 00007f465941a090 R08: 0000200000000140 R09: 0000000000000014 [ 2469.191733][T29984] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000001 [ 2469.191746][T29984] R13: 00007f46587e6038 R14: 00007f46587e5fa0 R15: 00007ffd55ed6998 [ 2469.191763][T29984] [ 2472.448024][T30118] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:689 [ 2472.711116][T30130] FAULT_INJECTION: forcing a failure. [ 2472.711116][T30130] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2472.761357][T30130] CPU: 0 UID: 0 PID: 30130 Comm: syz.4.75077 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2472.761391][T30130] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2472.761404][T30130] Call Trace: [ 2472.761411][T30130] [ 2472.761419][T30130] __dump_stack+0x21/0x30 [ 2472.761453][T30130] dump_stack_lvl+0x10c/0x190 [ 2472.761477][T30130] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2472.761500][T30130] ? _parse_integer_limit+0x195/0x1e0 [ 2472.761527][T30130] ? check_stack_object+0x12c/0x140 [ 2472.761546][T30130] dump_stack+0x19/0x20 [ 2472.761568][T30130] should_fail_ex+0x3d9/0x530 [ 2472.761588][T30130] should_fail+0xf/0x20 [ 2472.761605][T30130] should_fail_usercopy+0x1e/0x30 [ 2472.761625][T30130] _copy_from_user+0x22/0xb0 [ 2472.761646][T30130] copy_from_sockptr+0x6f/0xa0 [ 2472.761672][T30130] do_ip_setsockopt+0x1e9c/0x29e0 [ 2472.761698][T30130] ? __cfi_do_ip_setsockopt+0x10/0x10 [ 2472.761724][T30130] ? selinux_socket_setsockopt+0x2ea/0x390 [ 2472.761753][T30130] ? __cfi_selinux_socket_setsockopt+0x10/0x10 [ 2472.761781][T30130] ip_setsockopt+0x63/0x100 [ 2472.761806][T30130] raw_setsockopt+0xf4/0x1a0 [ 2472.761827][T30130] sock_common_setsockopt+0xb5/0xd0 [ 2472.761847][T30130] ? __cfi_sock_common_setsockopt+0x10/0x10 [ 2472.761867][T30130] do_sock_setsockopt+0x26d/0x400 [ 2472.761900][T30130] ? __cfi_do_sock_setsockopt+0x10/0x10 [ 2472.761927][T30130] __x64_sys_setsockopt+0x1b8/0x250 [ 2472.761952][T30130] x64_sys_call+0x2adc/0x2ee0 [ 2472.761978][T30130] do_syscall_64+0x58/0xf0 [ 2472.762000][T30130] ? clear_bhb_loop+0x50/0xa0 [ 2472.762021][T30130] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2472.762041][T30130] RIP: 0033:0x7efc4ef8f6c9 [ 2472.762057][T30130] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2472.762075][T30130] RSP: 002b:00007efc4fea2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 2472.762096][T30130] RAX: ffffffffffffffda RBX: 00007efc4f1e5fa0 RCX: 00007efc4ef8f6c9 [ 2472.762112][T30130] RDX: 0000000000000020 RSI: 0000000000000000 RDI: 0000000000000007 [ 2472.762125][T30130] RBP: 00007efc4fea2090 R08: 0000000000000004 R09: 0000000000000000 [ 2472.762138][T30130] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000001 [ 2472.762152][T30130] R13: 00007efc4f1e6038 R14: 00007efc4f1e5fa0 R15: 00007ffeb37f2ad8 [ 2472.762170][T30130] [ 2482.174647][T18476] bridge_slave_1: left allmulticast mode [ 2482.180310][T18476] bridge_slave_1: left promiscuous mode [ 2482.189699][T18476] bridge0: port 2(bridge_slave_1) entered disabled state [ 2482.207315][T18476] bridge_slave_0: left allmulticast mode [ 2482.221332][T18476] bridge_slave_0: left promiscuous mode [ 2482.227189][T18476] bridge0: port 1(bridge_slave_0) entered disabled state [ 2482.367509][T18476] veth1_macvtap: left promiscuous mode [ 2482.373157][T18476] veth0_vlan: left promiscuous mode [ 2482.488463][T30814] bridge0: port 1(bridge_slave_0) entered blocking state [ 2482.495600][T30814] bridge0: port 1(bridge_slave_0) entered disabled state [ 2482.502920][T30814] bridge_slave_0: entered allmulticast mode [ 2482.509291][T30814] bridge_slave_0: entered promiscuous mode [ 2482.516841][T30814] bridge0: port 2(bridge_slave_1) entered blocking state [ 2482.545452][T30814] bridge0: port 2(bridge_slave_1) entered disabled state [ 2482.562096][T30814] bridge_slave_1: entered allmulticast mode [ 2482.568615][T30814] bridge_slave_1: entered promiscuous mode [ 2482.698442][T30814] bridge0: port 2(bridge_slave_1) entered blocking state [ 2482.705516][T30814] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2482.712815][T30814] bridge0: port 1(bridge_slave_0) entered blocking state [ 2482.719846][T30814] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2482.821341][ T403] bridge0: port 1(bridge_slave_0) entered disabled state [ 2482.839023][ T403] bridge0: port 2(bridge_slave_1) entered disabled state [ 2482.863063][ T403] bridge0: port 1(bridge_slave_0) entered blocking state [ 2482.870112][ T403] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2482.892010][ T403] bridge0: port 2(bridge_slave_1) entered blocking state [ 2482.899051][ T403] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2482.975655][T30814] veth0_vlan: entered promiscuous mode [ 2482.997334][T30814] veth1_macvtap: entered promiscuous mode [ 2496.111337][ T36] audit: type=1400 audit(2000000158.170:752): avc: denied { bpf } for pid=31580 comm="syz.3.75783" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 2496.833639][T31640] FAULT_INJECTION: forcing a failure. [ 2496.833639][T31640] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2496.861345][T31640] CPU: 0 UID: 0 PID: 31640 Comm: syz.2.75801 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2496.861378][T31640] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2496.861391][T31640] Call Trace: [ 2496.861398][T31640] [ 2496.861406][T31640] __dump_stack+0x21/0x30 [ 2496.861436][T31640] dump_stack_lvl+0x10c/0x190 [ 2496.861460][T31640] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2496.861484][T31640] dump_stack+0x19/0x20 [ 2496.861507][T31640] should_fail_ex+0x3d9/0x530 [ 2496.861527][T31640] should_fail_alloc_page+0xeb/0x110 [ 2496.861549][T31640] __alloc_pages_noprof+0x19b/0x7b0 [ 2496.861573][T31640] ? __cfi___alloc_pages_noprof+0x10/0x10 [ 2496.861598][T31640] ? selinux_file_open+0x457/0x610 [ 2496.861622][T31640] __pmd_alloc+0xb3/0x9b0 [ 2496.861643][T31640] ? __cfi___pmd_alloc+0x10/0x10 [ 2496.861662][T31640] ? __cfi___thp_vma_allowable_orders+0x10/0x10 [ 2496.861687][T31640] handle_mm_fault+0xd16/0x1b90 [ 2496.861709][T31640] ? __cfi_handle_mm_fault+0x10/0x10 [ 2496.861729][T31640] ? find_vma+0xcd/0x110 [ 2496.861748][T31640] ? lock_mm_and_find_vma+0xb8/0x3a0 [ 2496.861768][T31640] do_user_addr_fault+0x4ca/0x1200 [ 2496.861811][T31640] ? proc_fail_nth_read+0x161/0x210 [ 2496.861836][T31640] exc_page_fault+0x59/0xc0 [ 2496.861855][T31640] asm_exc_page_fault+0x2b/0x30 [ 2496.861874][T31640] RIP: 0010:__get_user_4+0x1a/0x40 [ 2496.861896][T31640] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 ba 00 f0 ff ff ff 7f 00 00 48 39 c2 48 19 d2 48 09 d0 0f 01 cb <8b> 10 31 c0 0f 01 ca e9 5a 56 03 00 90 90 90 90 90 90 90 90 90 90 [ 2496.861913][T31640] RSP: 0018:ffffc900031dfd58 EFLAGS: 00050206 [ 2496.861931][T31640] RAX: 000000110e22fff6 RBX: ffff8881219b4700 RCX: 0000000000000005 [ 2496.861952][T31640] RDX: 0000000000000000 RSI: ffffffff877b7e10 RDI: 00000000c004743e [ 2496.861965][T31640] RBP: ffffc900031dfe90 R08: ffff8881155d9300 R09: 0000000000000003 [ 2496.861980][T31640] R10: 00000000c004743e R11: 0000000000000000 R12: 00000000c004743e [ 2496.861993][T31640] R13: ffff88811f26e7a0 R14: ffff88811f26e780 R15: 1ffff11023e4dcf4 [ 2496.862011][T31640] ? ppp_ioctl+0x383/0x16b0 [ 2496.862035][T31640] ? __fget_files+0x2c5/0x340 [ 2496.862055][T31640] ? __cfi_ppp_ioctl+0x10/0x10 [ 2496.862077][T31640] ? __fget_files+0x2c5/0x340 [ 2496.862097][T31640] ? bpf_lsm_file_ioctl+0xd/0x20 [ 2496.862121][T31640] ? security_file_ioctl+0x34/0xd0 [ 2496.862142][T31640] ? __cfi_ppp_ioctl+0x10/0x10 [ 2496.862163][T31640] __se_sys_ioctl+0x135/0x1b0 [ 2496.862183][T31640] __x64_sys_ioctl+0x7f/0xa0 [ 2496.862202][T31640] x64_sys_call+0x1878/0x2ee0 [ 2496.862227][T31640] do_syscall_64+0x58/0xf0 [ 2496.862249][T31640] ? clear_bhb_loop+0x50/0xa0 [ 2496.862268][T31640] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2496.862288][T31640] RIP: 0033:0x7f933798f6c9 [ 2496.862302][T31640] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2496.862319][T31640] RSP: 002b:00007f9338811038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2496.862338][T31640] RAX: ffffffffffffffda RBX: 00007f9337be5fa0 RCX: 00007f933798f6c9 [ 2496.862353][T31640] RDX: 000000110e22fff6 RSI: 00000000c004743e RDI: 0000000000000006 [ 2496.862366][T31640] RBP: 00007f9338811090 R08: 0000000000000000 R09: 0000000000000000 [ 2496.862379][T31640] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2496.862391][T31640] R13: 00007f9337be6038 R14: 00007f9337be5fa0 R15: 00007ffe357f5d88 [ 2496.862408][T31640] [ 2497.592447][T31694] FAULT_INJECTION: forcing a failure. [ 2497.592447][T31694] name failslab, interval 1, probability 0, space 0, times 0 [ 2497.605560][T31694] CPU: 1 UID: 0 PID: 31694 Comm: syz.2.75837 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2497.605589][T31694] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2497.605602][T31694] Call Trace: [ 2497.605608][T31694] [ 2497.605617][T31694] __dump_stack+0x21/0x30 [ 2497.605645][T31694] dump_stack_lvl+0x10c/0x190 [ 2497.605667][T31694] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2497.605692][T31694] dump_stack+0x19/0x20 [ 2497.605714][T31694] should_fail_ex+0x3d9/0x530 [ 2497.605733][T31694] should_failslab+0xac/0x100 [ 2497.605753][T31694] __kmalloc_node_track_caller_noprof+0x68/0x520 [ 2497.605773][T31694] ? rust_helper_krealloc+0x33/0xd0 [ 2497.605799][T31694] krealloc_noprof+0x8d/0x130 [ 2497.605818][T31694] rust_helper_krealloc+0x33/0xd0 [ 2497.605841][T31694] ? _RNvMNtNtCs43vyB533jt3_6kernel5alloc9allocatorNtB2_11ReallocFunc4call+0x70/0xc0 [ 2497.605875][T31694] _RNvMNtNtCs43vyB533jt3_6kernel5alloc9allocatorNtB2_11ReallocFunc4call+0x8e/0xc0 [ 2497.605899][T31694] _RNvMs4_NtCs5gLWsBERDPK_16rust_binder_main7processNtB5_7Process18get_current_thread+0x45a/0x1400 [ 2497.605924][T31694] ? inode_init_always_gfp+0x756/0x9e0 [ 2497.605943][T31694] ? alloc_inode+0xc5/0x270 [ 2497.605962][T31694] ? proc_pident_instantiate+0x6d/0x2c0 [ 2497.605982][T31694] ? proc_pident_lookup+0x1c7/0x270 [ 2497.606001][T31694] ? path_openat+0x1301/0x34b0 [ 2497.606020][T31694] ? do_sys_openat2+0x12c/0x1c0 [ 2497.606042][T31694] ? __x64_sys_openat+0x13a/0x170 [ 2497.606063][T31694] ? x64_sys_call+0xe69/0x2ee0 [ 2497.606087][T31694] ? do_syscall_64+0x58/0xf0 [ 2497.606109][T31694] ? entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2497.606130][T31694] ? __cfi__RNvMs4_NtCs5gLWsBERDPK_16rust_binder_main7processNtB5_7Process18get_current_thread+0x10/0x10 [ 2497.606155][T31694] ? avc_has_perm_noaudit+0x268/0x360 [ 2497.606180][T31694] ? __asan_memcpy+0x5a/0x80 [ 2497.606196][T31694] ? avc_has_perm_noaudit+0x286/0x360 [ 2497.606220][T31694] ? avc_has_perm+0x144/0x220 [ 2497.606243][T31694] ? __cfi_avc_has_perm+0x10/0x10 [ 2497.606265][T31694] ? kasan_save_alloc_info+0x40/0x50 [ 2497.606291][T31694] ? selinux_file_open+0x457/0x610 [ 2497.606312][T31694] _RNvMs6_NtCs5gLWsBERDPK_16rust_binder_main7processNtB5_7Process5ioctl+0x1a7/0x2cf0 [ 2497.606338][T31694] ? avc_has_extended_perms+0x7c7/0xdd0 [ 2497.606362][T31694] ? __asan_memcpy+0x5a/0x80 [ 2497.606378][T31694] ? avc_has_extended_perms+0x921/0xdd0 [ 2497.606400][T31694] ? __cfi__RNvMs6_NtCs5gLWsBERDPK_16rust_binder_main7processNtB5_7Process5ioctl+0x10/0x10 [ 2497.606425][T31694] ? do_vfs_ioctl+0xeda/0x1e30 [ 2497.606444][T31694] ? arch_stack_walk+0x10b/0x170 [ 2497.606461][T31694] ? __ia32_compat_sys_ioctl+0x850/0x850 [ 2497.606483][T31694] ? _parse_integer+0x2e/0x40 [ 2497.606517][T31694] ? ioctl_has_perm+0x384/0x4d0 [ 2497.606542][T31694] ? has_cap_mac_admin+0xd0/0xd0 [ 2497.606563][T31694] ? proc_fail_nth_write+0x17e/0x210 [ 2497.606585][T31694] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 2497.606609][T31694] ? selinux_file_ioctl+0x6e0/0x1360 [ 2497.606628][T31694] ? vfs_write+0x93e/0xf30 [ 2497.606644][T31694] ? __cfi_selinux_file_ioctl+0x10/0x10 [ 2497.606666][T31694] ? __cfi_vfs_write+0x10/0x10 [ 2497.606682][T31694] ? __kasan_check_write+0x18/0x20 [ 2497.606707][T31694] ? mutex_unlock+0x8b/0x240 [ 2497.606723][T31694] ? __cfi_mutex_unlock+0x10/0x10 [ 2497.606740][T31694] ? __fget_files+0x2c5/0x340 [ 2497.606760][T31694] ? __fget_files+0x2c5/0x340 [ 2497.606783][T31694] _RNvCs5gLWsBERDPK_16rust_binder_main26rust_binder_unlocked_ioctl+0xa0/0x100 [ 2497.606810][T31694] ? __se_sys_ioctl+0x114/0x1b0 [ 2497.606829][T31694] ? __cfi__RNvCs5gLWsBERDPK_16rust_binder_main26rust_binder_unlocked_ioctl+0x10/0x10 [ 2497.606854][T31694] __se_sys_ioctl+0x135/0x1b0 [ 2497.606880][T31694] __x64_sys_ioctl+0x7f/0xa0 [ 2497.606899][T31694] x64_sys_call+0x1878/0x2ee0 [ 2497.606923][T31694] do_syscall_64+0x58/0xf0 [ 2497.606944][T31694] ? clear_bhb_loop+0x50/0xa0 [ 2497.606964][T31694] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2497.606982][T31694] RIP: 0033:0x7f933798f6c9 [ 2497.606998][T31694] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2497.607015][T31694] RSP: 002b:00007f9338811038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2497.607036][T31694] RAX: ffffffffffffffda RBX: 00007f9337be5fa0 RCX: 00007f933798f6c9 [ 2497.607050][T31694] RDX: 0000200000000100 RSI: 00000000c0306201 RDI: 0000000000000006 [ 2497.607063][T31694] RBP: 00007f9338811090 R08: 0000000000000000 R09: 0000000000000000 [ 2497.607076][T31694] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2497.607088][T31694] R13: 00007f9337be6038 R14: 00007f9337be5fa0 R15: 00007ffe357f5d88 [ 2497.607104][T31694] [ 2499.682216][T31839] fuse: Bad value for 'fd' [ 2500.492862][T31901] FAULT_INJECTION: forcing a failure. [ 2500.492862][T31901] name failslab, interval 1, probability 0, space 0, times 0 [ 2500.506327][T31901] CPU: 1 UID: 0 PID: 31901 Comm: syz.2.75926 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2500.506357][T31901] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2500.506369][T31901] Call Trace: [ 2500.506375][T31901] [ 2500.506383][T31901] __dump_stack+0x21/0x30 [ 2500.506411][T31901] dump_stack_lvl+0x10c/0x190 [ 2500.506434][T31901] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2500.506466][T31901] ? avc_has_perm+0x144/0x220 [ 2500.506490][T31901] dump_stack+0x19/0x20 [ 2500.506511][T31901] should_fail_ex+0x3d9/0x530 [ 2500.506531][T31901] should_failslab+0xac/0x100 [ 2500.506551][T31901] __kmalloc_cache_noprof+0x41/0x490 [ 2500.506569][T31901] ? vhost_task_create+0x101/0x350 [ 2500.506587][T31901] ? __cfi_kvm_nx_huge_page_recovery_worker+0x10/0x10 [ 2500.506608][T31901] vhost_task_create+0x101/0x350 [ 2500.506625][T31901] ? __cfi_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10 [ 2500.506646][T31901] ? __cfi_vhost_task_create+0x10/0x10 [ 2500.506692][T31901] ? __cfi_vhost_task_fn+0x10/0x10 [ 2500.506710][T31901] ? __kasan_check_write+0x18/0x20 [ 2500.506735][T31901] ? mutex_lock+0x92/0x1c0 [ 2500.506751][T31901] ? __cfi_mutex_lock+0x10/0x10 [ 2500.506768][T31901] ? kernel_text_address+0xa9/0xe0 [ 2500.506790][T31901] kvm_mmu_post_init_vm+0x156/0x2d0 [ 2500.506815][T31901] kvm_arch_vcpu_ioctl_run+0xd7/0x1aa0 [ 2500.506838][T31901] ? _parse_integer_limit+0x195/0x1e0 [ 2500.506864][T31901] ? __cfi_kvm_arch_vcpu_ioctl_run+0x10/0x10 [ 2500.506887][T31901] ? kstrtoull+0x13b/0x1e0 [ 2500.506903][T31901] ? kstrtouint+0x78/0xf0 [ 2500.506920][T31901] ? ioctl_has_perm+0x1aa/0x4d0 [ 2500.506941][T31901] ? __asan_memcpy+0x5a/0x80 [ 2500.506958][T31901] ? ioctl_has_perm+0x3e0/0x4d0 [ 2500.506980][T31901] ? has_cap_mac_admin+0xd0/0xd0 [ 2500.507001][T31901] ? __kasan_check_write+0x18/0x20 [ 2500.507026][T31901] ? mutex_lock_killable+0x92/0x1c0 [ 2500.507044][T31901] ? __cfi_mutex_lock_killable+0x10/0x10 [ 2500.507062][T31901] ? proc_fail_nth_write+0x17e/0x210 [ 2500.507087][T31901] kvm_vcpu_ioctl+0x96f/0xee0 [ 2500.507104][T31901] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 2500.507121][T31901] ? __cfi_vfs_write+0x10/0x10 [ 2500.507139][T31901] ? __kasan_check_write+0x18/0x20 [ 2500.507163][T31901] ? mutex_unlock+0x8b/0x240 [ 2500.507180][T31901] ? __cfi_mutex_unlock+0x10/0x10 [ 2500.507197][T31901] ? __fget_files+0x2c5/0x340 [ 2500.507218][T31901] ? __fget_files+0x2c5/0x340 [ 2500.507236][T31901] ? bpf_lsm_file_ioctl+0xd/0x20 [ 2500.507259][T31901] ? security_file_ioctl+0x34/0xd0 [ 2500.507279][T31901] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 2500.507296][T31901] __se_sys_ioctl+0x135/0x1b0 [ 2500.507316][T31901] __x64_sys_ioctl+0x7f/0xa0 [ 2500.507335][T31901] x64_sys_call+0x1878/0x2ee0 [ 2500.507360][T31901] do_syscall_64+0x58/0xf0 [ 2500.507383][T31901] ? clear_bhb_loop+0x50/0xa0 [ 2500.507404][T31901] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2500.507423][T31901] RIP: 0033:0x7f933798f6c9 [ 2500.507439][T31901] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2500.507456][T31901] RSP: 002b:00007f9338811038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2500.507477][T31901] RAX: ffffffffffffffda RBX: 00007f9337be5fa0 RCX: 00007f933798f6c9 [ 2500.507493][T31901] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008 [ 2500.507514][T31901] RBP: 00007f9338811090 R08: 0000000000000000 R09: 0000000000000000 [ 2500.507527][T31901] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2500.507540][T31901] R13: 00007f9337be6038 R14: 00007f9337be5fa0 R15: 00007ffe357f5d88 [ 2500.507557][T31901] [ 2500.514257][T31908] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 2501.059755][T31947] FAULT_INJECTION: forcing a failure. [ 2501.059755][T31947] name failslab, interval 1, probability 0, space 0, times 0 [ 2501.081349][T31947] CPU: 1 UID: 0 PID: 31947 Comm: syz.2.75959 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2501.081380][T31947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2501.081392][T31947] Call Trace: [ 2501.081399][T31947] [ 2501.081407][T31947] __dump_stack+0x21/0x30 [ 2501.081436][T31947] dump_stack_lvl+0x10c/0x190 [ 2501.081459][T31947] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2501.081500][T31947] ? proc_tid_base_lookup+0x2f/0x40 [ 2501.081524][T31947] ? do_filp_open+0x1c6/0x3e0 [ 2501.081545][T31947] ? do_sys_openat2+0x12c/0x1c0 [ 2501.081567][T31947] ? __x64_sys_openat+0x13a/0x170 [ 2501.081590][T31947] ? do_syscall_64+0x58/0xf0 [ 2501.081611][T31947] dump_stack+0x19/0x20 [ 2501.081631][T31947] should_fail_ex+0x3d9/0x530 [ 2501.081649][T31947] should_failslab+0xac/0x100 [ 2501.081667][T31947] kmem_cache_alloc_noprof+0x42/0x430 [ 2501.081683][T31947] ? __asan_memcpy+0x5a/0x80 [ 2501.081699][T31947] ? vm_area_dup+0x42/0x570 [ 2501.081717][T31947] vm_area_dup+0x42/0x570 [ 2501.081733][T31947] __split_vma+0x1bd/0xa80 [ 2501.081751][T31947] ? kasan_save_alloc_info+0x40/0x50 [ 2501.081776][T31947] ? vms_gather_munmap_vmas+0xdd0/0xdd0 [ 2501.081797][T31947] vms_gather_munmap_vmas+0x273/0xdd0 [ 2501.081817][T31947] mmap_region+0x598/0x1bc0 [ 2501.081836][T31947] ? __cfi_mmap_region+0x10/0x10 [ 2501.081855][T31947] ? __kasan_check_read+0x15/0x20 [ 2501.081881][T31947] ? arch_get_unmapped_area_topdown+0x232/0x8d0 [ 2501.081903][T31947] ? file_mmap_ok+0x147/0x1a0 [ 2501.081921][T31947] do_mmap+0xb6d/0x13c0 [ 2501.081938][T31947] ? __cfi_do_mmap+0x10/0x10 [ 2501.081953][T31947] ? down_write_killable+0xe9/0x2d0 [ 2501.081978][T31947] ? __cfi_down_write_killable+0x10/0x10 [ 2501.081998][T31947] vm_mmap_pgoff+0x38f/0x4e0 [ 2501.082016][T31947] ? __cfi_vm_mmap_pgoff+0x10/0x10 [ 2501.082033][T31947] ? __fget_files+0x2c5/0x340 [ 2501.082054][T31947] ksys_mmap_pgoff+0x166/0x1e0 [ 2501.082072][T31947] __x64_sys_mmap+0x121/0x140 [ 2501.082099][T31947] x64_sys_call+0x13bf/0x2ee0 [ 2501.082124][T31947] do_syscall_64+0x58/0xf0 [ 2501.082144][T31947] ? clear_bhb_loop+0x50/0xa0 [ 2501.082163][T31947] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2501.082181][T31947] RIP: 0033:0x7f933798f6c9 [ 2501.082196][T31947] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2501.082211][T31947] RSP: 002b:00007f9338811038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 2501.082232][T31947] RAX: ffffffffffffffda RBX: 00007f9337be5fa0 RCX: 00007f933798f6c9 [ 2501.082246][T31947] RDX: 0000000000000000 RSI: 0000000000030000 RDI: 0000200000001000 [ 2501.082258][T31947] RBP: 00007f9338811090 R08: 0000000000000008 R09: 0000000000000000 [ 2501.082270][T31947] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000001 [ 2501.082283][T31947] R13: 00007f9337be6038 R14: 00007f9337be5fa0 R15: 00007ffe357f5d88 [ 2501.082299][T31947] [ 2510.214088][T18476] bridge_slave_1: left allmulticast mode [ 2510.223063][T18476] bridge_slave_1: left promiscuous mode [ 2510.234221][T18476] bridge0: port 2(bridge_slave_1) entered disabled state [ 2510.251844][T18476] bridge_slave_0: left allmulticast mode [ 2510.257529][T18476] bridge_slave_0: left promiscuous mode [ 2510.266461][T18476] bridge0: port 1(bridge_slave_0) entered disabled state [ 2510.411882][T18476] veth1_macvtap: left promiscuous mode [ 2510.421499][T18476] veth0_vlan: left promiscuous mode [ 2510.612396][T32497] bridge0: port 1(bridge_slave_0) entered blocking state [ 2510.629585][T32497] bridge0: port 1(bridge_slave_0) entered disabled state [ 2510.645485][T32497] bridge_slave_0: entered allmulticast mode [ 2510.661784][T32497] bridge_slave_0: entered promiscuous mode [ 2510.669536][T32497] bridge0: port 2(bridge_slave_1) entered blocking state [ 2510.679364][T32497] bridge0: port 2(bridge_slave_1) entered disabled state [ 2510.688883][T32497] bridge_slave_1: entered allmulticast mode [ 2510.702384][T32497] bridge_slave_1: entered promiscuous mode [ 2510.908368][T32497] bridge0: port 2(bridge_slave_1) entered blocking state [ 2510.915449][T32497] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2510.922744][T32497] bridge0: port 1(bridge_slave_0) entered blocking state [ 2510.929767][T32497] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2510.982841][ T403] bridge0: port 1(bridge_slave_0) entered disabled state [ 2511.001443][ T403] bridge0: port 2(bridge_slave_1) entered disabled state [ 2511.016536][T28322] bridge0: port 1(bridge_slave_0) entered blocking state [ 2511.023590][T28322] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2511.044674][ T403] bridge0: port 2(bridge_slave_1) entered blocking state [ 2511.051723][ T403] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2511.121964][T32497] veth0_vlan: entered promiscuous mode [ 2511.145628][T32497] veth1_macvtap: entered promiscuous mode [ 2511.432860][T32550] FAULT_INJECTION: forcing a failure. [ 2511.432860][T32550] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2511.446380][T32550] CPU: 1 UID: 0 PID: 32550 Comm: syz.4.76248 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2511.446408][T32550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2511.446421][T32550] Call Trace: [ 2511.446427][T32550] [ 2511.446434][T32550] __dump_stack+0x21/0x30 [ 2511.446464][T32550] dump_stack_lvl+0x10c/0x190 [ 2511.446487][T32550] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2511.446512][T32550] ? __kasan_check_read+0x15/0x20 [ 2511.446538][T32550] dump_stack+0x19/0x20 [ 2511.446558][T32550] should_fail_ex+0x3d9/0x530 [ 2511.446574][T32550] should_fail+0xf/0x20 [ 2511.446588][T32550] should_fail_usercopy+0x1e/0x30 [ 2511.446606][T32550] __kvm_read_guest_page+0x177/0x210 [ 2511.446626][T32550] kvm_vcpu_read_guest_page+0x31a/0x400 [ 2511.446644][T32550] kvm_fetch_guest_virt+0x146/0x190 [ 2511.446668][T32550] ? __cfi_kvm_fetch_guest_virt+0x10/0x10 [ 2511.446692][T32550] __do_insn_fetch_bytes+0x321/0x730 [ 2511.446711][T32550] ? x86_decode_insn+0x4fb0/0x4fb0 [ 2511.446730][T32550] ? tdp_iter_restart+0x1c4/0x360 [ 2511.446750][T32550] ? kvm_tdp_mmu_fast_pf_get_last_sptep+0x290/0x290 [ 2511.446774][T32550] ? tdp_iter_next+0x362/0xa30 [ 2511.446794][T32550] x86_decode_insn+0x33b/0x4fb0 [ 2511.446811][T32550] ? trace_mark_mmio_spte+0x22/0x130 [ 2511.446838][T32550] ? __cfi_x86_decode_insn+0x10/0x10 [ 2511.446855][T32550] ? __kasan_check_write+0x18/0x20 [ 2511.446890][T32550] ? vmx_read_guest_seg_ar+0x1c8/0x350 [ 2511.446913][T32550] ? __asan_memset+0x39/0x50 [ 2511.446930][T32550] ? init_decode_cache+0x7c/0x90 [ 2511.446948][T32550] ? init_emulate_ctxt+0x410/0x540 [ 2511.446969][T32550] ? kvm_inject_realmode_interrupt+0x2e0/0x2e0 [ 2511.446990][T32550] ? kvm_mmu_do_page_fault+0x4b0/0x5f0 [ 2511.447010][T32550] x86_decode_emulated_instruction+0x66/0x190 [ 2511.447030][T32550] x86_emulate_instruction+0x2d3/0x1870 [ 2511.447050][T32550] ? kvm_multiple_exception+0x6d8/0xad0 [ 2511.447070][T32550] kvm_mmu_page_fault+0x336/0x970 [ 2511.447090][T32550] handle_ept_violation+0x21c/0x440 [ 2511.447108][T32550] ? vmx_vcpu_run+0x1100/0x2000 [ 2511.447131][T32550] ? __cfi_handle_ept_violation+0x10/0x10 [ 2511.447150][T32550] vmx_handle_exit+0x12c2/0x1b40 [ 2511.447171][T32550] ? kvm_deliver_exception_payload+0xd7/0x200 [ 2511.447193][T32550] ? __cfi_vmx_vcpu_run+0x10/0x10 [ 2511.447217][T32550] ? vmx_handle_exit_irqoff+0xe9/0x7a0 [ 2511.447242][T32550] vcpu_run+0x4bd0/0x7830 [ 2511.447264][T32550] ? x64_sys_call+0xe69/0x2ee0 [ 2511.447299][T32550] ? signal_pending+0xc0/0xc0 [ 2511.447321][T32550] ? __kasan_check_write+0x18/0x20 [ 2511.447346][T32550] ? xfd_validate_state+0x68/0x150 [ 2511.447368][T32550] ? fpu_swap_kvm_fpstate+0x93/0x5f0 [ 2511.447387][T32550] ? __kasan_check_write+0x18/0x20 [ 2511.447411][T32550] ? fpregs_mark_activate+0x69/0x160 [ 2511.447431][T32550] ? fpu_swap_kvm_fpstate+0x44d/0x5f0 [ 2511.447450][T32550] ? fpu_swap_kvm_fpstate+0x93/0x5f0 [ 2511.447470][T32550] kvm_arch_vcpu_ioctl_run+0x101a/0x1aa0 [ 2511.447494][T32550] ? __cfi_kvm_arch_vcpu_ioctl_run+0x10/0x10 [ 2511.447515][T32550] ? kstrtoull+0x13b/0x1e0 [ 2511.447532][T32550] ? kstrtouint+0x78/0xf0 [ 2511.447547][T32550] ? ioctl_has_perm+0x1aa/0x4d0 [ 2511.447568][T32550] ? __asan_memcpy+0x5a/0x80 [ 2511.447583][T32550] ? ioctl_has_perm+0x3e0/0x4d0 [ 2511.447603][T32550] ? has_cap_mac_admin+0xd0/0xd0 [ 2511.447623][T32550] ? __kasan_check_write+0x18/0x20 [ 2511.447647][T32550] ? mutex_lock_killable+0x92/0x1c0 [ 2511.447666][T32550] ? __cfi_mutex_lock_killable+0x10/0x10 [ 2511.447683][T32550] ? proc_fail_nth_write+0x17e/0x210 [ 2511.447706][T32550] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 2511.447729][T32550] kvm_vcpu_ioctl+0x96f/0xee0 [ 2511.447747][T32550] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 2511.447763][T32550] ? __cfi_vfs_write+0x10/0x10 [ 2511.447781][T32550] ? __kasan_check_write+0x18/0x20 [ 2511.447805][T32550] ? mutex_unlock+0x8b/0x240 [ 2511.447821][T32550] ? __cfi_mutex_unlock+0x10/0x10 [ 2511.447837][T32550] ? __fget_files+0x2c5/0x340 [ 2511.447857][T32550] ? __fget_files+0x2c5/0x340 [ 2511.447876][T32550] ? bpf_lsm_file_ioctl+0xd/0x20 [ 2511.447908][T32550] ? security_file_ioctl+0x34/0xd0 [ 2511.447927][T32550] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 2511.447944][T32550] __se_sys_ioctl+0x135/0x1b0 [ 2511.447963][T32550] __x64_sys_ioctl+0x7f/0xa0 [ 2511.447981][T32550] x64_sys_call+0x1878/0x2ee0 [ 2511.448006][T32550] do_syscall_64+0x58/0xf0 [ 2511.448027][T32550] ? clear_bhb_loop+0x50/0xa0 [ 2511.448047][T32550] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2511.448066][T32550] RIP: 0033:0x7fde4c78f6c9 [ 2511.448082][T32550] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2511.448097][T32550] RSP: 002b:00007fde4d6d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2511.448116][T32550] RAX: ffffffffffffffda RBX: 00007fde4c9e5fa0 RCX: 00007fde4c78f6c9 [ 2511.448129][T32550] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008 [ 2511.448142][T32550] RBP: 00007fde4d6d7090 R08: 0000000000000000 R09: 0000000000000000 [ 2511.448153][T32550] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2511.448165][T32550] R13: 00007fde4c9e6038 R14: 00007fde4c9e5fa0 R15: 00007ffff593cf48 [ 2511.448181][T32550] [ 2512.944007][T32686] FAULT_INJECTION: forcing a failure. [ 2512.944007][T32686] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2512.971610][T32686] CPU: 1 UID: 0 PID: 32686 Comm: syz.0.76314 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2512.971640][T32686] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2512.971653][T32686] Call Trace: [ 2512.971659][T32686] [ 2512.971667][T32686] __dump_stack+0x21/0x30 [ 2512.971697][T32686] dump_stack_lvl+0x10c/0x190 [ 2512.971720][T32686] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2512.971745][T32686] ? __kasan_check_read+0x15/0x20 [ 2512.971771][T32686] dump_stack+0x19/0x20 [ 2512.971794][T32686] should_fail_ex+0x3d9/0x530 [ 2512.971819][T32686] should_fail+0xf/0x20 [ 2512.971837][T32686] should_fail_usercopy+0x1e/0x30 [ 2512.971857][T32686] __kvm_read_guest_page+0x177/0x210 [ 2512.971877][T32686] kvm_vcpu_read_guest_page+0x31a/0x400 [ 2512.971897][T32686] kvm_fetch_guest_virt+0x146/0x190 [ 2512.971924][T32686] ? __cfi_kvm_fetch_guest_virt+0x10/0x10 [ 2512.971949][T32686] __do_insn_fetch_bytes+0x321/0x730 [ 2512.971969][T32686] ? x86_decode_insn+0x4fb0/0x4fb0 [ 2512.971987][T32686] ? __sched_text_start+0x10/0x10 [ 2512.972017][T32686] ? tdp_iter_next+0x362/0xa30 [ 2512.972037][T32686] x86_decode_insn+0x33b/0x4fb0 [ 2512.972054][T32686] ? trace_mark_mmio_spte+0x22/0x130 [ 2512.972078][T32686] ? __cfi_preempt_schedule_irq+0x10/0x10 [ 2512.972104][T32686] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 2512.972124][T32686] ? __cfi_x86_decode_insn+0x10/0x10 [ 2512.972142][T32686] ? __asan_memset+0x39/0x50 [ 2512.972158][T32686] ? init_decode_cache+0x7c/0x90 [ 2512.972176][T32686] ? init_emulate_ctxt+0x410/0x540 [ 2512.972196][T32686] ? kvm_inject_realmode_interrupt+0x2e0/0x2e0 [ 2512.972218][T32686] ? kvm_mmu_do_page_fault+0x4b0/0x5f0 [ 2512.972240][T32686] x86_decode_emulated_instruction+0x66/0x190 [ 2512.972261][T32686] x86_emulate_instruction+0x2d3/0x1870 [ 2512.972282][T32686] ? kvm_multiple_exception+0x6d8/0xad0 [ 2512.972305][T32686] ? __kernel_text_address+0x11/0x40 [ 2512.972328][T32686] kvm_mmu_page_fault+0x336/0x970 [ 2512.972350][T32686] handle_ept_violation+0x21c/0x440 [ 2512.972370][T32686] ? vmx_vcpu_run+0x1100/0x2000 [ 2512.972396][T32686] ? __cfi_handle_ept_violation+0x10/0x10 [ 2512.972415][T32686] vmx_handle_exit+0x12c2/0x1b40 [ 2512.972440][T32686] ? __cfi_vmx_vcpu_run+0x10/0x10 [ 2512.972464][T32686] ? kasan_save_track+0x4f/0x80 [ 2512.972484][T32686] ? vmx_handle_exit_irqoff+0xe9/0x7a0 [ 2512.972509][T32686] vcpu_run+0x4bd0/0x7830 [ 2512.972531][T32686] ? x64_sys_call+0xe69/0x2ee0 [ 2512.972567][T32686] ? signal_pending+0xc0/0xc0 [ 2512.972588][T32686] ? __kasan_check_write+0x18/0x20 [ 2512.972613][T32686] ? xfd_validate_state+0x68/0x150 [ 2512.972636][T32686] ? fpu_swap_kvm_fpstate+0x93/0x5f0 [ 2512.972656][T32686] ? __kasan_check_write+0x18/0x20 [ 2512.972681][T32686] ? fpregs_mark_activate+0x69/0x160 [ 2512.972701][T32686] ? fpu_swap_kvm_fpstate+0x44d/0x5f0 [ 2512.972720][T32686] ? fpu_swap_kvm_fpstate+0x93/0x5f0 [ 2512.972741][T32686] kvm_arch_vcpu_ioctl_run+0x101a/0x1aa0 [ 2512.972766][T32686] ? __cfi_kvm_arch_vcpu_ioctl_run+0x10/0x10 [ 2512.972789][T32686] ? kstrtoull+0x13b/0x1e0 [ 2512.972807][T32686] ? kstrtouint+0x78/0xf0 [ 2512.972823][T32686] ? ioctl_has_perm+0x1aa/0x4d0 [ 2512.972844][T32686] ? __asan_memcpy+0x5a/0x80 [ 2512.972861][T32686] ? ioctl_has_perm+0x3e0/0x4d0 [ 2512.972882][T32686] ? has_cap_mac_admin+0xd0/0xd0 [ 2512.972903][T32686] ? __kasan_check_write+0x18/0x20 [ 2512.972928][T32686] ? mutex_lock_killable+0x92/0x1c0 [ 2512.972947][T32686] ? __cfi_mutex_lock_killable+0x10/0x10 [ 2512.972961][T32686] ? proc_fail_nth_write+0x17e/0x210 [ 2512.972983][T32686] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 2512.973007][T32686] kvm_vcpu_ioctl+0x96f/0xee0 [ 2512.973030][T32686] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 2512.973047][T32686] ? __cfi_vfs_write+0x10/0x10 [ 2512.973064][T32686] ? __kasan_check_write+0x18/0x20 [ 2512.973089][T32686] ? mutex_unlock+0x8b/0x240 [ 2512.973104][T32686] ? __cfi_mutex_unlock+0x10/0x10 [ 2512.973120][T32686] ? __fget_files+0x2c5/0x340 [ 2512.973145][T32686] ? __fget_files+0x2c5/0x340 [ 2512.973164][T32686] ? bpf_lsm_file_ioctl+0xd/0x20 [ 2512.973188][T32686] ? security_file_ioctl+0x34/0xd0 [ 2512.973208][T32686] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 2512.973225][T32686] __se_sys_ioctl+0x135/0x1b0 [ 2512.973245][T32686] __x64_sys_ioctl+0x7f/0xa0 [ 2512.973264][T32686] x64_sys_call+0x1878/0x2ee0 [ 2512.973290][T32686] do_syscall_64+0x58/0xf0 [ 2512.973312][T32686] ? clear_bhb_loop+0x50/0xa0 [ 2512.973333][T32686] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2512.973353][T32686] RIP: 0033:0x7f514fb8f6c9 [ 2512.973370][T32686] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2512.973386][T32686] RSP: 002b:00007f515099a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2512.973407][T32686] RAX: ffffffffffffffda RBX: 00007f514fde5fa0 RCX: 00007f514fb8f6c9 [ 2512.973423][T32686] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000009 [ 2512.973436][T32686] RBP: 00007f515099a090 R08: 0000000000000000 R09: 0000000000000000 [ 2512.973449][T32686] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2512.973461][T32686] R13: 00007f514fde6038 R14: 00007f514fde5fa0 R15: 00007fff0caff2c8 [ 2512.973479][T32686] [ 2514.050573][ T403] bridge_slave_1: left allmulticast mode [ 2514.060295][ T403] bridge_slave_1: left promiscuous mode [ 2514.068554][ T403] bridge0: port 2(bridge_slave_1) entered disabled state [ 2514.076414][ T403] bridge_slave_0: left allmulticast mode [ 2514.082080][ T403] bridge_slave_0: left promiscuous mode [ 2514.087724][ T403] bridge0: port 1(bridge_slave_0) entered disabled state [ 2514.219724][ T302] bridge0: port 1(bridge_slave_0) entered blocking state [ 2514.227110][ T302] bridge0: port 1(bridge_slave_0) entered disabled state [ 2514.234357][ T302] bridge_slave_0: entered allmulticast mode [ 2514.240734][ T302] bridge_slave_0: entered promiscuous mode [ 2514.248537][ T302] bridge0: port 2(bridge_slave_1) entered blocking state [ 2514.255727][ T302] bridge0: port 2(bridge_slave_1) entered disabled state [ 2514.263189][ T302] bridge_slave_1: entered allmulticast mode [ 2514.269568][ T302] bridge_slave_1: entered promiscuous mode [ 2514.276547][ T403] veth1_macvtap: left promiscuous mode [ 2514.282547][ T403] veth0_vlan: left promiscuous mode [ 2514.482399][ T302] bridge0: port 2(bridge_slave_1) entered blocking state [ 2514.489474][ T302] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2514.496781][ T302] bridge0: port 1(bridge_slave_0) entered blocking state [ 2514.503831][ T302] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2514.531048][T18476] bridge0: port 1(bridge_slave_0) entered disabled state [ 2514.548563][T18476] bridge0: port 2(bridge_slave_1) entered disabled state [ 2514.572060][T18476] bridge0: port 1(bridge_slave_0) entered blocking state [ 2514.579118][T18476] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2514.590759][T18476] bridge0: port 2(bridge_slave_1) entered blocking state [ 2514.597828][T18476] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2514.637277][ T302] veth0_vlan: entered promiscuous mode [ 2514.668697][ T302] veth1_macvtap: entered promiscuous mode [ 2516.248730][ T452] FAULT_INJECTION: forcing a failure. [ 2516.248730][ T452] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2516.291351][ T452] CPU: 0 UID: 0 PID: 452 Comm: syz.3.76420 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2516.291381][ T452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2516.291392][ T452] Call Trace: [ 2516.291398][ T452] [ 2516.291406][ T452] __dump_stack+0x21/0x30 [ 2516.291434][ T452] dump_stack_lvl+0x10c/0x190 [ 2516.291456][ T452] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2516.291479][ T452] ? __kasan_check_read+0x15/0x20 [ 2516.291506][ T452] dump_stack+0x19/0x20 [ 2516.291527][ T452] should_fail_ex+0x3d9/0x530 [ 2516.291559][ T452] should_fail+0xf/0x20 [ 2516.291575][ T452] should_fail_usercopy+0x1e/0x30 [ 2516.291595][ T452] __kvm_read_guest_page+0x177/0x210 [ 2516.291614][ T452] kvm_vcpu_read_guest_page+0x31a/0x400 [ 2516.291633][ T452] kvm_fetch_guest_virt+0x146/0x190 [ 2516.291658][ T452] ? __cfi_kvm_fetch_guest_virt+0x10/0x10 [ 2516.291682][ T452] __do_insn_fetch_bytes+0x321/0x730 [ 2516.291702][ T452] ? x86_decode_insn+0x4fb0/0x4fb0 [ 2516.291720][ T452] ? tdp_iter_restart+0x1c4/0x360 [ 2516.291739][ T452] ? kvm_tdp_mmu_fast_pf_get_last_sptep+0x290/0x290 [ 2516.291761][ T452] ? tdp_iter_next+0x362/0xa30 [ 2516.291779][ T452] x86_decode_insn+0x33b/0x4fb0 [ 2516.291795][ T452] ? trace_mark_mmio_spte+0x22/0x130 [ 2516.291819][ T452] ? __cfi_x86_decode_insn+0x10/0x10 [ 2516.291835][ T452] ? __kasan_check_write+0x18/0x20 [ 2516.291859][ T452] ? vmx_read_guest_seg_ar+0x1c8/0x350 [ 2516.291916][ T452] ? __asan_memset+0x39/0x50 [ 2516.291932][ T452] ? init_decode_cache+0x7c/0x90 [ 2516.291949][ T452] ? init_emulate_ctxt+0x410/0x540 [ 2516.291969][ T452] ? kvm_inject_realmode_interrupt+0x2e0/0x2e0 [ 2516.291990][ T452] ? kvm_mmu_do_page_fault+0x4b0/0x5f0 [ 2516.292012][ T452] x86_decode_emulated_instruction+0x66/0x190 [ 2516.292033][ T452] x86_emulate_instruction+0x2d3/0x1870 [ 2516.292053][ T452] ? kvm_multiple_exception+0x6d8/0xad0 [ 2516.292075][ T452] ? __kernel_text_address+0x11/0x40 [ 2516.292098][ T452] kvm_mmu_page_fault+0x336/0x970 [ 2516.292119][ T452] handle_ept_violation+0x21c/0x440 [ 2516.292139][ T452] ? vmx_vcpu_run+0x1100/0x2000 [ 2516.292163][ T452] ? __cfi_handle_ept_violation+0x10/0x10 [ 2516.292182][ T452] vmx_handle_exit+0x12c2/0x1b40 [ 2516.292207][ T452] ? __cfi_vmx_vcpu_run+0x10/0x10 [ 2516.292231][ T452] ? kasan_save_track+0x4f/0x80 [ 2516.292248][ T452] ? vmx_handle_exit_irqoff+0xe9/0x7a0 [ 2516.292272][ T452] vcpu_run+0x4bd0/0x7830 [ 2516.292291][ T452] ? x64_sys_call+0xe69/0x2ee0 [ 2516.292326][ T452] ? signal_pending+0xc0/0xc0 [ 2516.292346][ T452] ? __kasan_check_write+0x18/0x20 [ 2516.292369][ T452] ? xfd_validate_state+0x68/0x150 [ 2516.292392][ T452] ? fpu_swap_kvm_fpstate+0x93/0x5f0 [ 2516.292411][ T452] ? __kasan_check_write+0x18/0x20 [ 2516.292434][ T452] ? fpregs_mark_activate+0x69/0x160 [ 2516.292451][ T452] ? fpu_swap_kvm_fpstate+0x44d/0x5f0 [ 2516.292469][ T452] ? fpu_swap_kvm_fpstate+0x93/0x5f0 [ 2516.292488][ T452] kvm_arch_vcpu_ioctl_run+0x101a/0x1aa0 [ 2516.292512][ T452] ? __cfi_kvm_arch_vcpu_ioctl_run+0x10/0x10 [ 2516.292535][ T452] ? kstrtoull+0x13b/0x1e0 [ 2516.292559][ T452] ? kstrtouint+0x78/0xf0 [ 2516.292574][ T452] ? ioctl_has_perm+0x1aa/0x4d0 [ 2516.292594][ T452] ? __asan_memcpy+0x5a/0x80 [ 2516.292611][ T452] ? ioctl_has_perm+0x3e0/0x4d0 [ 2516.292630][ T452] ? has_cap_mac_admin+0xd0/0xd0 [ 2516.292650][ T452] ? __kasan_check_write+0x18/0x20 [ 2516.292674][ T452] ? mutex_lock_killable+0x92/0x1c0 [ 2516.292691][ T452] ? __cfi_mutex_lock_killable+0x10/0x10 [ 2516.292708][ T452] ? proc_fail_nth_write+0x17e/0x210 [ 2516.292731][ T452] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 2516.292754][ T452] kvm_vcpu_ioctl+0x96f/0xee0 [ 2516.292771][ T452] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 2516.292787][ T452] ? __cfi_vfs_write+0x10/0x10 [ 2516.292803][ T452] ? __kasan_check_write+0x18/0x20 [ 2516.292826][ T452] ? mutex_unlock+0x8b/0x240 [ 2516.292842][ T452] ? __cfi_mutex_unlock+0x10/0x10 [ 2516.292857][ T452] ? __fget_files+0x2c5/0x340 [ 2516.292876][ T452] ? __fget_files+0x2c5/0x340 [ 2516.292894][ T452] ? bpf_lsm_file_ioctl+0xd/0x20 [ 2516.292916][ T452] ? security_file_ioctl+0x34/0xd0 [ 2516.292936][ T452] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 2516.292952][ T452] __se_sys_ioctl+0x135/0x1b0 [ 2516.292972][ T452] __x64_sys_ioctl+0x7f/0xa0 [ 2516.292991][ T452] x64_sys_call+0x1878/0x2ee0 [ 2516.293016][ T452] do_syscall_64+0x58/0xf0 [ 2516.293037][ T452] ? clear_bhb_loop+0x50/0xa0 [ 2516.293056][ T452] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2516.293074][ T452] RIP: 0033:0x7f0cfd98f6c9 [ 2516.293090][ T452] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2516.293107][ T452] RSP: 002b:00007f0cfe85b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2516.293128][ T452] RAX: ffffffffffffffda RBX: 00007f0cfdbe5fa0 RCX: 00007f0cfd98f6c9 [ 2516.293143][ T452] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008 [ 2516.293155][ T452] RBP: 00007f0cfe85b090 R08: 0000000000000000 R09: 0000000000000000 [ 2516.293168][ T452] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2516.293180][ T452] R13: 00007f0cfdbe6038 R14: 00007f0cfdbe5fa0 R15: 00007ffe9353ad48 [ 2516.293196][ T452] [ 2516.917482][ T480] SELinux: failed to load policy [ 2516.921317][ T36] audit: type=1400 audit(2000000178.980:753): avc: denied { load_policy } for pid=479 comm="syz.3.76433" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1 [ 2520.044303][ T666] FAULT_INJECTION: forcing a failure. [ 2520.044303][ T666] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2520.075048][ T666] CPU: 0 UID: 0 PID: 666 Comm: syz.4.76522 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2520.075078][ T666] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2520.075090][ T666] Call Trace: [ 2520.075096][ T666] [ 2520.075104][ T666] __dump_stack+0x21/0x30 [ 2520.075142][ T666] dump_stack_lvl+0x10c/0x190 [ 2520.075165][ T666] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2520.075189][ T666] ? __kasan_check_read+0x15/0x20 [ 2520.075217][ T666] dump_stack+0x19/0x20 [ 2520.075238][ T666] should_fail_ex+0x3d9/0x530 [ 2520.075256][ T666] should_fail+0xf/0x20 [ 2520.075271][ T666] should_fail_usercopy+0x1e/0x30 [ 2520.075288][ T666] __kvm_read_guest_page+0x177/0x210 [ 2520.075307][ T666] kvm_vcpu_read_guest_page+0x31a/0x400 [ 2520.075327][ T666] kvm_fetch_guest_virt+0x146/0x190 [ 2520.075352][ T666] ? __cfi_kvm_fetch_guest_virt+0x10/0x10 [ 2520.075375][ T666] __do_insn_fetch_bytes+0x321/0x730 [ 2520.075393][ T666] ? x86_decode_insn+0x4fb0/0x4fb0 [ 2520.075410][ T666] ? tdp_iter_restart+0x1c4/0x360 [ 2520.075429][ T666] ? kvm_tdp_mmu_fast_pf_get_last_sptep+0x290/0x290 [ 2520.075450][ T666] ? tdp_iter_next+0x362/0xa30 [ 2520.075470][ T666] x86_decode_insn+0x33b/0x4fb0 [ 2520.075487][ T666] ? trace_mark_mmio_spte+0x22/0x130 [ 2520.075519][ T666] ? __cfi_x86_decode_insn+0x10/0x10 [ 2520.075537][ T666] ? __kasan_check_write+0x18/0x20 [ 2520.075562][ T666] ? vmx_read_guest_seg_ar+0x1c8/0x350 [ 2520.075584][ T666] ? __asan_memset+0x39/0x50 [ 2520.075601][ T666] ? init_decode_cache+0x7c/0x90 [ 2520.075619][ T666] ? init_emulate_ctxt+0x410/0x540 [ 2520.075640][ T666] ? kvm_inject_realmode_interrupt+0x2e0/0x2e0 [ 2520.075662][ T666] ? kvm_mmu_do_page_fault+0x4b0/0x5f0 [ 2520.075684][ T666] x86_decode_emulated_instruction+0x66/0x190 [ 2520.075706][ T666] x86_emulate_instruction+0x2d3/0x1870 [ 2520.075728][ T666] ? kvm_multiple_exception+0x6d8/0xad0 [ 2520.075750][ T666] ? __kernel_text_address+0x11/0x40 [ 2520.075773][ T666] kvm_mmu_page_fault+0x336/0x970 [ 2520.075794][ T666] handle_ept_violation+0x21c/0x440 [ 2520.075814][ T666] ? vmx_vcpu_run+0x1100/0x2000 [ 2520.075839][ T666] ? __cfi_handle_ept_violation+0x10/0x10 [ 2520.075859][ T666] vmx_handle_exit+0x12c2/0x1b40 [ 2520.075884][ T666] ? __cfi_vmx_vcpu_run+0x10/0x10 [ 2520.075908][ T666] ? kasan_save_track+0x4f/0x80 [ 2520.075927][ T666] ? vmx_handle_exit_irqoff+0xe9/0x7a0 [ 2520.075953][ T666] vcpu_run+0x4bd0/0x7830 [ 2520.075974][ T666] ? x64_sys_call+0xe69/0x2ee0 [ 2520.076010][ T666] ? signal_pending+0xc0/0xc0 [ 2520.076032][ T666] ? __kasan_check_write+0x18/0x20 [ 2520.076058][ T666] ? xfd_validate_state+0x68/0x150 [ 2520.076081][ T666] ? fpu_swap_kvm_fpstate+0x93/0x5f0 [ 2520.076101][ T666] ? __kasan_check_write+0x18/0x20 [ 2520.076126][ T666] ? fpregs_mark_activate+0x69/0x160 [ 2520.076146][ T666] ? fpu_swap_kvm_fpstate+0x44d/0x5f0 [ 2520.076166][ T666] ? fpu_swap_kvm_fpstate+0x93/0x5f0 [ 2520.076186][ T666] kvm_arch_vcpu_ioctl_run+0x101a/0x1aa0 [ 2520.076210][ T666] ? __cfi_kvm_arch_vcpu_ioctl_run+0x10/0x10 [ 2520.076233][ T666] ? kstrtoull+0x13b/0x1e0 [ 2520.076251][ T666] ? kstrtouint+0x78/0xf0 [ 2520.076266][ T666] ? ioctl_has_perm+0x1aa/0x4d0 [ 2520.076287][ T666] ? __asan_memcpy+0x5a/0x80 [ 2520.076303][ T666] ? ioctl_has_perm+0x3e0/0x4d0 [ 2520.076324][ T666] ? has_cap_mac_admin+0xd0/0xd0 [ 2520.076344][ T666] ? __kasan_check_write+0x18/0x20 [ 2520.076369][ T666] ? mutex_lock_killable+0x92/0x1c0 [ 2520.076388][ T666] ? __cfi_mutex_lock_killable+0x10/0x10 [ 2520.076405][ T666] ? proc_fail_nth_write+0x17e/0x210 [ 2520.076429][ T666] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 2520.076453][ T666] kvm_vcpu_ioctl+0x96f/0xee0 [ 2520.076471][ T666] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 2520.076488][ T666] ? __cfi_vfs_write+0x10/0x10 [ 2520.076512][ T666] ? __kasan_check_write+0x18/0x20 [ 2520.076538][ T666] ? mutex_unlock+0x8b/0x240 [ 2520.076554][ T666] ? __cfi_mutex_unlock+0x10/0x10 [ 2520.076571][ T666] ? __fget_files+0x2c5/0x340 [ 2520.076592][ T666] ? __fget_files+0x2c5/0x340 [ 2520.076611][ T666] ? bpf_lsm_file_ioctl+0xd/0x20 [ 2520.076636][ T666] ? security_file_ioctl+0x34/0xd0 [ 2520.076658][ T666] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 2520.076674][ T666] __se_sys_ioctl+0x135/0x1b0 [ 2520.076695][ T666] __x64_sys_ioctl+0x7f/0xa0 [ 2520.076715][ T666] x64_sys_call+0x1878/0x2ee0 [ 2520.076740][ T666] do_syscall_64+0x58/0xf0 [ 2520.076762][ T666] ? clear_bhb_loop+0x50/0xa0 [ 2520.076783][ T666] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2520.076802][ T666] RIP: 0033:0x7fde4c78f6c9 [ 2520.076819][ T666] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2520.076836][ T666] RSP: 002b:00007fde4d6d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2520.076858][ T666] RAX: ffffffffffffffda RBX: 00007fde4c9e5fa0 RCX: 00007fde4c78f6c9 [ 2520.076873][ T666] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007 [ 2520.076886][ T666] RBP: 00007fde4d6d7090 R08: 0000000000000000 R09: 0000000000000000 [ 2520.076899][ T666] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2520.076912][ T666] R13: 00007fde4c9e6038 R14: 00007fde4c9e5fa0 R15: 00007ffff593cf48 [ 2520.076928][ T666] [ 2520.956685][ T699] FAULT_INJECTION: forcing a failure. [ 2520.956685][ T699] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2520.998234][ T699] CPU: 1 UID: 0 PID: 699 Comm: syz.0.76538 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2520.998267][ T699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2520.998278][ T699] Call Trace: [ 2520.998285][ T699] [ 2520.998292][ T699] __dump_stack+0x21/0x30 [ 2520.998322][ T699] dump_stack_lvl+0x10c/0x190 [ 2520.998345][ T699] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2520.998369][ T699] ? selinux_file_open+0x457/0x610 [ 2520.998393][ T699] dump_stack+0x19/0x20 [ 2520.998415][ T699] should_fail_ex+0x3d9/0x530 [ 2520.998434][ T699] should_fail_alloc_page+0xeb/0x110 [ 2520.998456][ T699] __alloc_pages_noprof+0x19b/0x7b0 [ 2520.998489][ T699] ? __cfi___alloc_pages_noprof+0x10/0x10 [ 2520.998513][ T699] ? is_bpf_text_address+0x17b/0x1a0 [ 2520.998535][ T699] ? __kernel_text_address+0x11/0x40 [ 2520.998558][ T699] ? unwind_get_return_address+0x51/0x90 [ 2520.998580][ T699] ? __cfi_stack_trace_consume_entry+0x10/0x10 [ 2520.998606][ T699] ? arch_stack_walk+0x10b/0x170 [ 2520.998624][ T699] __folio_alloc_noprof+0x14/0x80 [ 2520.998648][ T699] folio_prealloc+0x46/0x240 [ 2520.998670][ T699] do_pte_missing+0x164c/0x4240 [ 2520.998691][ T699] ? _parse_integer+0x2e/0x40 [ 2520.998718][ T699] ? pte_marker_clear+0x1b0/0x1b0 [ 2520.998739][ T699] ? kstrtouint_from_user+0xfb/0x150 [ 2520.998757][ T699] ? __x64_sys_openat+0x13a/0x170 [ 2520.998780][ T699] ? x64_sys_call+0xe69/0x2ee0 [ 2520.998806][ T699] ? selinux_file_permission+0x309/0xb30 [ 2520.998828][ T699] ? __pte_offset_map+0x1b0/0x230 [ 2520.998853][ T699] ? pte_offset_map_rw_nolock+0xba/0x110 [ 2520.998879][ T699] handle_mm_fault+0x1166/0x1b90 [ 2520.998902][ T699] ? __cfi_handle_mm_fault+0x10/0x10 [ 2520.998921][ T699] ? lock_vma_under_rcu+0x49d/0x540 [ 2520.998944][ T699] ? __kasan_check_write+0x18/0x20 [ 2520.998972][ T699] do_user_addr_fault+0x96c/0x1200 [ 2520.998996][ T699] ? __cfi_ksys_write+0x10/0x10 [ 2520.999016][ T699] exc_page_fault+0x59/0xc0 [ 2520.999035][ T699] asm_exc_page_fault+0x2b/0x30 [ 2520.999055][ T699] RIP: 0033:0x7f7ad3c60576 [ 2520.999071][ T699] Code: 00 00 00 00 41 57 31 c0 41 56 49 89 d6 41 55 49 89 f5 48 89 d6 41 54 49 89 fc 48 8d 3d 0c 2f 1b 00 55 53 48 81 ec 88 20 00 00 <48> 89 0c 24 4c 89 44 24 08 e8 ec d9 fe ff 4d 85 f6 0f 84 46 0a 00 [ 2520.999088][ T699] RSP: 002b:00007f7ad4bc1f70 EFLAGS: 00010202 [ 2520.999106][ T699] RAX: 0000000000000000 RBX: 00007f7ad3fe5fa0 RCX: 0000000000000000 [ 2520.999120][ T699] RDX: 0000200000000000 RSI: 0000200000000000 RDI: 00007f7ad3e13479 [ 2520.999135][ T699] RBP: 00007f7ad4bc4090 R08: 00007f7ad3c4e2f0 R09: 0000000000000000 [ 2520.999148][ T699] R10: 0000000000000002 R11: 0000200000000000 R12: 0000000000000002 [ 2520.999161][ T699] R13: 000000000000002d R14: 0000200000000000 R15: 00007ffed7bf3658 [ 2520.999178][ T699] [ 2520.999190][ T699] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 2524.073345][ T886] FAULT_INJECTION: forcing a failure. [ 2524.073345][ T886] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2524.121322][ T886] CPU: 0 UID: 0 PID: 886 Comm: syz.0.76628 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2524.121355][ T886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2524.121368][ T886] Call Trace: [ 2524.121374][ T886] [ 2524.121383][ T886] __dump_stack+0x21/0x30 [ 2524.121412][ T886] dump_stack_lvl+0x10c/0x190 [ 2524.121435][ T886] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2524.121460][ T886] ? __kasan_check_read+0x15/0x20 [ 2524.121487][ T886] dump_stack+0x19/0x20 [ 2524.121510][ T886] should_fail_ex+0x3d9/0x530 [ 2524.121529][ T886] should_fail+0xf/0x20 [ 2524.121547][ T886] should_fail_usercopy+0x1e/0x30 [ 2524.121566][ T886] __kvm_read_guest_page+0x177/0x210 [ 2524.121586][ T886] kvm_vcpu_read_guest_page+0x31a/0x400 [ 2524.121607][ T886] kvm_fetch_guest_virt+0x146/0x190 [ 2524.121633][ T886] ? __cfi_kvm_fetch_guest_virt+0x10/0x10 [ 2524.121658][ T886] __do_insn_fetch_bytes+0x321/0x730 [ 2524.121679][ T886] ? x86_decode_insn+0x4fb0/0x4fb0 [ 2524.121696][ T886] ? emulator_read_write+0x410/0x580 [ 2524.121716][ T886] ? tdp_iter_restart+0x1c4/0x360 [ 2524.121737][ T886] ? kvm_tdp_mmu_fast_pf_get_last_sptep+0x290/0x290 [ 2524.121761][ T886] ? tdp_iter_next+0x362/0xa30 [ 2524.121782][ T886] x86_decode_insn+0x33b/0x4fb0 [ 2524.121799][ T886] ? trace_mark_mmio_spte+0x22/0x130 [ 2524.121825][ T886] ? __cfi_x86_decode_insn+0x10/0x10 [ 2524.121843][ T886] ? __kasan_check_write+0x18/0x20 [ 2524.121868][ T886] ? vmx_read_guest_seg_ar+0x1c8/0x350 [ 2524.121890][ T886] ? __asan_memset+0x39/0x50 [ 2524.121907][ T886] ? init_decode_cache+0x7c/0x90 [ 2524.121924][ T886] ? init_emulate_ctxt+0x410/0x540 [ 2524.121944][ T886] ? kvm_inject_realmode_interrupt+0x2e0/0x2e0 [ 2524.121966][ T886] ? kvm_mmu_do_page_fault+0x4b0/0x5f0 [ 2524.121994][ T886] x86_decode_emulated_instruction+0x66/0x190 [ 2524.122015][ T886] x86_emulate_instruction+0x2d3/0x1870 [ 2524.122036][ T886] ? kvm_multiple_exception+0x6d8/0xad0 [ 2524.122060][ T886] kvm_mmu_page_fault+0x336/0x970 [ 2524.122081][ T886] handle_ept_violation+0x21c/0x440 [ 2524.122101][ T886] ? vmx_vcpu_run+0x1100/0x2000 [ 2524.122126][ T886] ? __cfi_handle_ept_violation+0x10/0x10 [ 2524.122146][ T886] vmx_handle_exit+0x12c2/0x1b40 [ 2524.122171][ T886] ? kvm_deliver_exception_payload+0xd7/0x200 [ 2524.122194][ T886] ? __cfi_vmx_vcpu_run+0x10/0x10 [ 2524.122219][ T886] ? vmx_handle_exit_irqoff+0xe9/0x7a0 [ 2524.122244][ T886] vcpu_run+0x4bd0/0x7830 [ 2524.122277][ T886] ? signal_pending+0xc0/0xc0 [ 2524.122301][ T886] ? complete_emulated_mmio+0x4fb/0x790 [ 2524.122323][ T886] kvm_arch_vcpu_ioctl_run+0x101a/0x1aa0 [ 2524.122347][ T886] ? __cfi_kvm_arch_vcpu_ioctl_run+0x10/0x10 [ 2524.122370][ T886] ? kstrtoull+0x13b/0x1e0 [ 2524.122386][ T886] ? kstrtouint+0x78/0xf0 [ 2524.122402][ T886] ? ioctl_has_perm+0x1aa/0x4d0 [ 2524.122424][ T886] ? __asan_memcpy+0x5a/0x80 [ 2524.122441][ T886] ? ioctl_has_perm+0x3e0/0x4d0 [ 2524.122461][ T886] ? has_cap_mac_admin+0xd0/0xd0 [ 2524.122483][ T886] ? __kasan_check_write+0x18/0x20 [ 2524.122507][ T886] ? mutex_lock_killable+0x92/0x1c0 [ 2524.122527][ T886] ? __cfi_mutex_lock_killable+0x10/0x10 [ 2524.122544][ T886] ? proc_fail_nth_write+0x17e/0x210 [ 2524.122568][ T886] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 2524.122592][ T886] kvm_vcpu_ioctl+0x96f/0xee0 [ 2524.122610][ T886] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 2524.122628][ T886] ? __cfi_vfs_write+0x10/0x10 [ 2524.122645][ T886] ? __kasan_check_write+0x18/0x20 [ 2524.122671][ T886] ? mutex_unlock+0x8b/0x240 [ 2524.122688][ T886] ? __cfi_mutex_unlock+0x10/0x10 [ 2524.122705][ T886] ? __fget_files+0x2c5/0x340 [ 2524.122725][ T886] ? __fget_files+0x2c5/0x340 [ 2524.122745][ T886] ? bpf_lsm_file_ioctl+0xd/0x20 [ 2524.122769][ T886] ? security_file_ioctl+0x34/0xd0 [ 2524.122789][ T886] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 2524.122806][ T886] __se_sys_ioctl+0x135/0x1b0 [ 2524.122826][ T886] __x64_sys_ioctl+0x7f/0xa0 [ 2524.122846][ T886] x64_sys_call+0x1878/0x2ee0 [ 2524.122872][ T886] do_syscall_64+0x58/0xf0 [ 2524.122894][ T886] ? clear_bhb_loop+0x50/0xa0 [ 2524.122914][ T886] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2524.122934][ T886] RIP: 0033:0x7f7ad3d8f6c9 [ 2524.122951][ T886] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2524.122968][ T886] RSP: 002b:00007f7ad4bc4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2524.122995][ T886] RAX: ffffffffffffffda RBX: 00007f7ad3fe5fa0 RCX: 00007f7ad3d8f6c9 [ 2524.123010][ T886] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007 [ 2524.123024][ T886] RBP: 00007f7ad4bc4090 R08: 0000000000000000 R09: 0000000000000000 [ 2524.123037][ T886] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2524.123050][ T886] R13: 00007f7ad3fe6038 R14: 00007f7ad3fe5fa0 R15: 00007ffed7bf3658 [ 2524.123067][ T886] [ 2528.192501][ T1112] FAULT_INJECTION: forcing a failure. [ 2528.192501][ T1112] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2528.241318][ T1112] CPU: 0 UID: 0 PID: 1112 Comm: syz.4.76733 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2528.241348][ T1112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2528.241361][ T1112] Call Trace: [ 2528.241367][ T1112] [ 2528.241376][ T1112] __dump_stack+0x21/0x30 [ 2528.241404][ T1112] dump_stack_lvl+0x10c/0x190 [ 2528.241427][ T1112] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2528.241451][ T1112] ? proc_fail_nth_write+0x17e/0x210 [ 2528.241474][ T1112] ? check_stack_object+0x107/0x140 [ 2528.241492][ T1112] dump_stack+0x19/0x20 [ 2528.241513][ T1112] should_fail_ex+0x3d9/0x530 [ 2528.241532][ T1112] should_fail+0xf/0x20 [ 2528.241549][ T1112] should_fail_usercopy+0x1e/0x30 [ 2528.241569][ T1112] _copy_from_user+0x22/0xb0 [ 2528.241590][ T1112] __tun_chr_ioctl+0x1f2/0x1f10 [ 2528.241610][ T1112] ? __kasan_check_write+0x18/0x20 [ 2528.241637][ T1112] ? tun_flow_create+0x410/0x410 [ 2528.241656][ T1112] ? __fget_files+0x2c5/0x340 [ 2528.241676][ T1112] ? __fget_files+0x2c5/0x340 [ 2528.241696][ T1112] tun_chr_ioctl+0x2e/0x40 [ 2528.241714][ T1112] ? __cfi_tun_chr_ioctl+0x10/0x10 [ 2528.241732][ T1112] __se_sys_ioctl+0x135/0x1b0 [ 2528.241758][ T1112] __x64_sys_ioctl+0x7f/0xa0 [ 2528.241775][ T1112] x64_sys_call+0x1878/0x2ee0 [ 2528.241798][ T1112] do_syscall_64+0x58/0xf0 [ 2528.241819][ T1112] ? clear_bhb_loop+0x50/0xa0 [ 2528.241839][ T1112] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2528.241857][ T1112] RIP: 0033:0x7fde4c78f6c9 [ 2528.241873][ T1112] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2528.241890][ T1112] RSP: 002b:00007fde4d6d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2528.241911][ T1112] RAX: ffffffffffffffda RBX: 00007fde4c9e5fa0 RCX: 00007fde4c78f6c9 [ 2528.241926][ T1112] RDX: 0000000000000000 RSI: 00000000400454ca RDI: 0000000000000007 [ 2528.241939][ T1112] RBP: 00007fde4d6d7090 R08: 0000000000000000 R09: 0000000000000000 [ 2528.241951][ T1112] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2528.241963][ T1112] R13: 00007fde4c9e6038 R14: 00007fde4c9e5fa0 R15: 00007ffff593cf48 [ 2528.241978][ T1112] [ 2529.011561][ T1154] FAULT_INJECTION: forcing a failure. [ 2529.011561][ T1154] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2529.035676][ T1154] CPU: 1 UID: 0 PID: 1154 Comm: syz.0.76752 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2529.035710][ T1154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2529.035722][ T1154] Call Trace: [ 2529.035730][ T1154] [ 2529.035737][ T1154] __dump_stack+0x21/0x30 [ 2529.035767][ T1154] dump_stack_lvl+0x10c/0x190 [ 2529.035790][ T1154] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2529.035814][ T1154] ? do_vfs_ioctl+0xeda/0x1e30 [ 2529.035836][ T1154] dump_stack+0x19/0x20 [ 2529.035858][ T1154] should_fail_ex+0x3d9/0x530 [ 2529.035885][ T1154] should_fail+0xf/0x20 [ 2529.035902][ T1154] should_fail_usercopy+0x1e/0x30 [ 2529.035922][ T1154] _copy_from_user+0x22/0xb0 [ 2529.035945][ T1154] kvm_vm_ioctl+0x692/0xb80 [ 2529.035969][ T1154] ? __cfi_kvm_vm_ioctl+0x10/0x10 [ 2529.035994][ T1154] ? ioctl_has_perm+0x3e0/0x4d0 [ 2529.036016][ T1154] ? has_cap_mac_admin+0xd0/0xd0 [ 2529.036038][ T1154] ? proc_fail_nth_write+0x17e/0x210 [ 2529.036062][ T1154] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 2529.036086][ T1154] ? selinux_file_ioctl+0x6e0/0x1360 [ 2529.036108][ T1154] ? vfs_write+0x93e/0xf30 [ 2529.036125][ T1154] ? __cfi_selinux_file_ioctl+0x10/0x10 [ 2529.036147][ T1154] ? __cfi_vfs_write+0x10/0x10 [ 2529.036165][ T1154] ? __kasan_check_write+0x18/0x20 [ 2529.036190][ T1154] ? mutex_unlock+0x8b/0x240 [ 2529.036208][ T1154] ? __cfi_mutex_unlock+0x10/0x10 [ 2529.036225][ T1154] ? __fget_files+0x2c5/0x340 [ 2529.036246][ T1154] ? __fget_files+0x2c5/0x340 [ 2529.036266][ T1154] ? bpf_lsm_file_ioctl+0xd/0x20 [ 2529.036290][ T1154] ? security_file_ioctl+0x34/0xd0 [ 2529.036310][ T1154] ? __cfi_kvm_vm_ioctl+0x10/0x10 [ 2529.036333][ T1154] __se_sys_ioctl+0x135/0x1b0 [ 2529.036354][ T1154] __x64_sys_ioctl+0x7f/0xa0 [ 2529.036373][ T1154] x64_sys_call+0x1878/0x2ee0 [ 2529.036399][ T1154] do_syscall_64+0x58/0xf0 [ 2529.036421][ T1154] ? clear_bhb_loop+0x50/0xa0 [ 2529.036442][ T1154] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2529.036461][ T1154] RIP: 0033:0x7f7ad3d8f6c9 [ 2529.036478][ T1154] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2529.036495][ T1154] RSP: 002b:00007f7ad4bc4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2529.036517][ T1154] RAX: ffffffffffffffda RBX: 00007f7ad3fe5fa0 RCX: 00007f7ad3d8f6c9 [ 2529.036532][ T1154] RDX: 0000000000000000 RSI: 000000004068aea3 RDI: 0000000000000008 [ 2529.036544][ T1154] RBP: 00007f7ad4bc4090 R08: 0000000000000000 R09: 0000000000000000 [ 2529.036557][ T1154] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2529.036569][ T1154] R13: 00007f7ad3fe6038 R14: 00007f7ad3fe5fa0 R15: 00007ffed7bf3658 [ 2529.036586][ T1154] [ 2530.017865][ T1223] netlink: 28 bytes leftover after parsing attributes in process `syz.4.76785'. [ 2531.268098][ T1294] SELinux: security_context_str_to_sid () failed with errno=-22 [ 2532.369508][ T1340] FAULT_INJECTION: forcing a failure. [ 2532.369508][ T1340] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2532.396916][ T1340] CPU: 0 UID: 0 PID: 1340 Comm: syz.3.76838 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2532.396949][ T1340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2532.396961][ T1340] Call Trace: [ 2532.396968][ T1340] [ 2532.396976][ T1340] __dump_stack+0x21/0x30 [ 2532.397005][ T1340] dump_stack_lvl+0x10c/0x190 [ 2532.397030][ T1340] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2532.397053][ T1340] ? do_vfs_ioctl+0xeda/0x1e30 [ 2532.397075][ T1340] ? check_stack_object+0x107/0x140 [ 2532.397093][ T1340] dump_stack+0x19/0x20 [ 2532.397115][ T1340] should_fail_ex+0x3d9/0x530 [ 2532.397135][ T1340] should_fail+0xf/0x20 [ 2532.397152][ T1340] should_fail_usercopy+0x1e/0x30 [ 2532.397172][ T1340] _copy_from_user+0x22/0xb0 [ 2532.397195][ T1340] kvm_vm_ioctl+0x5f7/0xb80 [ 2532.397219][ T1340] ? __cfi_kvm_vm_ioctl+0x10/0x10 [ 2532.397253][ T1340] ? ioctl_has_perm+0x1aa/0x4d0 [ 2532.397275][ T1340] ? __asan_memcpy+0x5a/0x80 [ 2532.397292][ T1340] ? ioctl_has_perm+0x3e0/0x4d0 [ 2532.397315][ T1340] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 2532.397340][ T1340] ? selinux_file_ioctl+0x6e0/0x1360 [ 2532.397362][ T1340] ? vfs_write+0x93e/0xf30 [ 2532.397385][ T1340] ? __cfi_selinux_file_ioctl+0x10/0x10 [ 2532.397408][ T1340] ? __cfi_vfs_write+0x10/0x10 [ 2532.397425][ T1340] ? __kasan_check_write+0x18/0x20 [ 2532.397451][ T1340] ? mutex_unlock+0x8b/0x240 [ 2532.397469][ T1340] ? __cfi_mutex_unlock+0x10/0x10 [ 2532.397486][ T1340] ? __fget_files+0x2c5/0x340 [ 2532.397507][ T1340] ? __fget_files+0x2c5/0x340 [ 2532.397526][ T1340] ? bpf_lsm_file_ioctl+0xd/0x20 [ 2532.397550][ T1340] ? security_file_ioctl+0x34/0xd0 [ 2532.397571][ T1340] ? __cfi_kvm_vm_ioctl+0x10/0x10 [ 2532.397595][ T1340] __se_sys_ioctl+0x135/0x1b0 [ 2532.397615][ T1340] __x64_sys_ioctl+0x7f/0xa0 [ 2532.397635][ T1340] x64_sys_call+0x1878/0x2ee0 [ 2532.397660][ T1340] do_syscall_64+0x58/0xf0 [ 2532.397684][ T1340] ? clear_bhb_loop+0x50/0xa0 [ 2532.397704][ T1340] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2532.397724][ T1340] RIP: 0033:0x7f0cfd98f6c9 [ 2532.397740][ T1340] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2532.397757][ T1340] RSP: 002b:00007f0cfe85b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2532.397779][ T1340] RAX: ffffffffffffffda RBX: 00007f0cfdbe5fa0 RCX: 00007f0cfd98f6c9 [ 2532.397795][ T1340] RDX: 0000000000000000 RSI: 000000004020ae46 RDI: 0000000000000008 [ 2532.397808][ T1340] RBP: 00007f0cfe85b090 R08: 0000000000000000 R09: 0000000000000000 [ 2532.397822][ T1340] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2532.397834][ T1340] R13: 00007f0cfdbe6038 R14: 00007f0cfdbe5fa0 R15: 00007ffe9353ad48 [ 2532.397851][ T1340] [ 2533.091508][ T1376] FAULT_INJECTION: forcing a failure. [ 2533.091508][ T1376] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2533.111353][ T1376] CPU: 0 UID: 0 PID: 1376 Comm: syz.0.76860 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2533.111385][ T1376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2533.111398][ T1376] Call Trace: [ 2533.111404][ T1376] [ 2533.111412][ T1376] __dump_stack+0x21/0x30 [ 2533.111440][ T1376] dump_stack_lvl+0x10c/0x190 [ 2533.111463][ T1376] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2533.111486][ T1376] ? check_stack_object+0x12c/0x140 [ 2533.111504][ T1376] dump_stack+0x19/0x20 [ 2533.111527][ T1376] should_fail_ex+0x3d9/0x530 [ 2533.111545][ T1376] should_fail+0xf/0x20 [ 2533.111562][ T1376] should_fail_usercopy+0x1e/0x30 [ 2533.111581][ T1376] _copy_to_user+0x24/0xa0 [ 2533.111603][ T1376] simple_read_from_buffer+0xed/0x160 [ 2533.111626][ T1376] proc_fail_nth_read+0x19e/0x210 [ 2533.111648][ T1376] ? __asan_memcpy+0x5a/0x80 [ 2533.111665][ T1376] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 2533.111688][ T1376] ? avc_has_perm_noaudit+0x286/0x360 [ 2533.111712][ T1376] ? bpf_lsm_file_permission+0xd/0x20 [ 2533.111736][ T1376] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 2533.111762][ T1376] vfs_read+0x27d/0xc70 [ 2533.111784][ T1376] ? __cfi_avc_has_perm+0x10/0x10 [ 2533.111807][ T1376] ? __kasan_check_write+0x18/0x20 [ 2533.111832][ T1376] ? __cfi_vfs_read+0x10/0x10 [ 2533.111848][ T1376] ? __kasan_check_write+0x18/0x20 [ 2533.111883][ T1376] ? mutex_lock+0x92/0x1c0 [ 2533.111900][ T1376] ? __cfi_mutex_lock+0x10/0x10 [ 2533.111916][ T1376] ? __fget_files+0x2c5/0x340 [ 2533.111937][ T1376] ksys_read+0x141/0x250 [ 2533.111953][ T1376] ? __cfi_ksys_read+0x10/0x10 [ 2533.111970][ T1376] ? __kasan_check_read+0x15/0x20 [ 2533.111995][ T1376] __x64_sys_read+0x7f/0x90 [ 2533.112011][ T1376] x64_sys_call+0x2638/0x2ee0 [ 2533.112035][ T1376] do_syscall_64+0x58/0xf0 [ 2533.112056][ T1376] ? clear_bhb_loop+0x50/0xa0 [ 2533.112075][ T1376] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2533.112094][ T1376] RIP: 0033:0x7f7ad3d8e0dc [ 2533.112110][ T1376] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 2533.112126][ T1376] RSP: 002b:00007f7ad4bc4030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 2533.112146][ T1376] RAX: ffffffffffffffda RBX: 00007f7ad3fe5fa0 RCX: 00007f7ad3d8e0dc [ 2533.112161][ T1376] RDX: 000000000000000f RSI: 00007f7ad4bc40a0 RDI: 0000000000000007 [ 2533.112174][ T1376] RBP: 00007f7ad4bc4090 R08: 0000000000000000 R09: 0000000000000000 [ 2533.112186][ T1376] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001 [ 2533.112199][ T1376] R13: 00007f7ad3fe6038 R14: 00007f7ad3fe5fa0 R15: 00007ffed7bf3658 [ 2533.112215][ T1376] [ 2533.637422][ T1401] FAULT_INJECTION: forcing a failure. [ 2533.637422][ T1401] name failslab, interval 1, probability 0, space 0, times 0 [ 2533.671350][ T1401] CPU: 1 UID: 0 PID: 1401 Comm: syz.4.76872 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2533.671382][ T1401] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2533.671393][ T1401] Call Trace: [ 2533.671400][ T1401] [ 2533.671409][ T1401] __dump_stack+0x21/0x30 [ 2533.671438][ T1401] dump_stack_lvl+0x10c/0x190 [ 2533.671462][ T1401] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2533.671487][ T1401] dump_stack+0x19/0x20 [ 2533.671509][ T1401] should_fail_ex+0x3d9/0x530 [ 2533.671526][ T1401] should_failslab+0xac/0x100 [ 2533.671545][ T1401] kmem_cache_alloc_noprof+0x42/0x430 [ 2533.671561][ T1401] ? kvm_vm_ioctl_create_vcpu+0x134/0xaa0 [ 2533.671584][ T1401] ? kvm_arch_vcpu_precreate+0x12c/0x1f0 [ 2533.671605][ T1401] kvm_vm_ioctl_create_vcpu+0x134/0xaa0 [ 2533.671629][ T1401] ? _parse_integer+0x2e/0x40 [ 2533.671652][ T1401] kvm_vm_ioctl+0x729/0xb80 [ 2533.671675][ T1401] ? __cfi_kvm_vm_ioctl+0x10/0x10 [ 2533.671696][ T1401] ? ioctl_has_perm+0x1aa/0x4d0 [ 2533.671718][ T1401] ? __asan_memcpy+0x5a/0x80 [ 2533.671734][ T1401] ? ioctl_has_perm+0x3e0/0x4d0 [ 2533.671756][ T1401] ? has_cap_mac_admin+0xd0/0xd0 [ 2533.671778][ T1401] ? proc_fail_nth_write+0x17e/0x210 [ 2533.671801][ T1401] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 2533.671825][ T1401] ? selinux_file_ioctl+0x6e0/0x1360 [ 2533.671847][ T1401] ? vfs_write+0x93e/0xf30 [ 2533.671863][ T1401] ? __cfi_selinux_file_ioctl+0x10/0x10 [ 2533.671885][ T1401] ? __cfi_vfs_write+0x10/0x10 [ 2533.671902][ T1401] ? __kasan_check_write+0x18/0x20 [ 2533.671923][ T1401] ? mutex_unlock+0x8b/0x240 [ 2533.671941][ T1401] ? __cfi_mutex_unlock+0x10/0x10 [ 2533.671957][ T1401] ? __fget_files+0x2c5/0x340 [ 2533.671978][ T1401] ? __fget_files+0x2c5/0x340 [ 2533.671998][ T1401] ? bpf_lsm_file_ioctl+0xd/0x20 [ 2533.672023][ T1401] ? security_file_ioctl+0x34/0xd0 [ 2533.672044][ T1401] ? __cfi_kvm_vm_ioctl+0x10/0x10 [ 2533.672066][ T1401] __se_sys_ioctl+0x135/0x1b0 [ 2533.672086][ T1401] __x64_sys_ioctl+0x7f/0xa0 [ 2533.672106][ T1401] x64_sys_call+0x1878/0x2ee0 [ 2533.672131][ T1401] do_syscall_64+0x58/0xf0 [ 2533.672154][ T1401] ? clear_bhb_loop+0x50/0xa0 [ 2533.672174][ T1401] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2533.672194][ T1401] RIP: 0033:0x7fde4c78f6c9 [ 2533.672210][ T1401] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2533.672227][ T1401] RSP: 002b:00007fde4d6d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2533.672248][ T1401] RAX: ffffffffffffffda RBX: 00007fde4c9e5fa0 RCX: 00007fde4c78f6c9 [ 2533.672264][ T1401] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000008 [ 2533.672277][ T1401] RBP: 00007fde4d6d7090 R08: 0000000000000000 R09: 0000000000000000 [ 2533.672298][ T1401] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2533.672310][ T1401] R13: 00007fde4c9e6038 R14: 00007fde4c9e5fa0 R15: 00007ffff593cf48 [ 2533.672327][ T1401] [ 2535.243340][ T1511] rust_binder: 399: no such ref 0 [ 2535.277991][ T1513] FAULT_INJECTION: forcing a failure. [ 2535.277991][ T1513] name failslab, interval 1, probability 0, space 0, times 0 [ 2535.311320][ T1513] CPU: 1 UID: 0 PID: 1513 Comm: syz.4.76926 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2535.311349][ T1513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2535.311362][ T1513] Call Trace: [ 2535.311368][ T1513] [ 2535.311376][ T1513] __dump_stack+0x21/0x30 [ 2535.311403][ T1513] dump_stack_lvl+0x10c/0x190 [ 2535.311425][ T1513] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2535.311449][ T1513] dump_stack+0x19/0x20 [ 2535.311469][ T1513] should_fail_ex+0x3d9/0x530 [ 2535.311489][ T1513] should_failslab+0xac/0x100 [ 2535.311511][ T1513] __kmalloc_node_track_caller_noprof+0x68/0x520 [ 2535.311530][ T1513] ? rust_helper_krealloc+0x33/0xd0 [ 2535.311558][ T1513] krealloc_noprof+0x8d/0x130 [ 2535.311577][ T1513] rust_helper_krealloc+0x33/0xd0 [ 2535.311601][ T1513] ? _RNvMNtNtCs43vyB533jt3_6kernel5alloc9allocatorNtB2_11ReallocFunc4call+0x70/0xc0 [ 2535.311628][ T1513] _RNvMNtNtCs43vyB533jt3_6kernel5alloc9allocatorNtB2_11ReallocFunc4call+0x8e/0xc0 [ 2535.311652][ T1513] _RNvMs4_NtCs5gLWsBERDPK_16rust_binder_main7processNtB5_7Process18get_current_thread+0x45a/0x1400 [ 2535.311679][ T1513] ? inode_init_always_gfp+0x756/0x9e0 [ 2535.311698][ T1513] ? alloc_inode+0xc5/0x270 [ 2535.311716][ T1513] ? proc_pident_instantiate+0x6d/0x2c0 [ 2535.311736][ T1513] ? proc_pident_lookup+0x1c7/0x270 [ 2535.311755][ T1513] ? path_openat+0x1301/0x34b0 [ 2535.311776][ T1513] ? do_sys_openat2+0x12c/0x1c0 [ 2535.311798][ T1513] ? __x64_sys_openat+0x13a/0x170 [ 2535.311820][ T1513] ? x64_sys_call+0xe69/0x2ee0 [ 2535.311844][ T1513] ? do_syscall_64+0x58/0xf0 [ 2535.311867][ T1513] ? entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2535.311887][ T1513] ? __cfi__RNvMs4_NtCs5gLWsBERDPK_16rust_binder_main7processNtB5_7Process18get_current_thread+0x10/0x10 [ 2535.311910][ T1513] ? avc_has_perm_noaudit+0x268/0x360 [ 2535.311933][ T1513] ? __asan_memcpy+0x5a/0x80 [ 2535.311949][ T1513] ? avc_has_perm_noaudit+0x286/0x360 [ 2535.311973][ T1513] ? avc_has_perm+0x144/0x220 [ 2535.311995][ T1513] ? __cfi_avc_has_perm+0x10/0x10 [ 2535.312017][ T1513] ? kasan_save_alloc_info+0x40/0x50 [ 2535.312042][ T1513] ? selinux_file_open+0x457/0x610 [ 2535.312064][ T1513] _RNvMs6_NtCs5gLWsBERDPK_16rust_binder_main7processNtB5_7Process5ioctl+0x1a7/0x2cf0 [ 2535.312091][ T1513] ? avc_has_extended_perms+0x7c7/0xdd0 [ 2535.312113][ T1513] ? __asan_memcpy+0x5a/0x80 [ 2535.312130][ T1513] ? avc_has_extended_perms+0x921/0xdd0 [ 2535.312151][ T1513] ? __cfi__RNvMs6_NtCs5gLWsBERDPK_16rust_binder_main7processNtB5_7Process5ioctl+0x10/0x10 [ 2535.312176][ T1513] ? do_vfs_ioctl+0xeda/0x1e30 [ 2535.312194][ T1513] ? arch_stack_walk+0x10b/0x170 [ 2535.312218][ T1513] ? __ia32_compat_sys_ioctl+0x850/0x850 [ 2535.312238][ T1513] ? _parse_integer+0x2e/0x40 [ 2535.312266][ T1513] ? ioctl_has_perm+0x384/0x4d0 [ 2535.312288][ T1513] ? has_cap_mac_admin+0xd0/0xd0 [ 2535.312309][ T1513] ? proc_fail_nth_write+0x17e/0x210 [ 2535.312331][ T1513] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 2535.312353][ T1513] ? selinux_file_ioctl+0x6e0/0x1360 [ 2535.312373][ T1513] ? vfs_write+0x93e/0xf30 [ 2535.312388][ T1513] ? __cfi_selinux_file_ioctl+0x10/0x10 [ 2535.312410][ T1513] ? __cfi_vfs_write+0x10/0x10 [ 2535.312426][ T1513] ? __kasan_check_write+0x18/0x20 [ 2535.312450][ T1513] ? mutex_unlock+0x8b/0x240 [ 2535.312467][ T1513] ? __cfi_mutex_unlock+0x10/0x10 [ 2535.312483][ T1513] ? __fget_files+0x2c5/0x340 [ 2535.312502][ T1513] ? __fget_files+0x2c5/0x340 [ 2535.312522][ T1513] _RNvCs5gLWsBERDPK_16rust_binder_main26rust_binder_unlocked_ioctl+0xa0/0x100 [ 2535.312548][ T1513] ? __se_sys_ioctl+0x114/0x1b0 [ 2535.312566][ T1513] ? __cfi__RNvCs5gLWsBERDPK_16rust_binder_main26rust_binder_unlocked_ioctl+0x10/0x10 [ 2535.312589][ T1513] __se_sys_ioctl+0x135/0x1b0 [ 2535.312608][ T1513] __x64_sys_ioctl+0x7f/0xa0 [ 2535.312626][ T1513] x64_sys_call+0x1878/0x2ee0 [ 2535.312651][ T1513] do_syscall_64+0x58/0xf0 [ 2535.312671][ T1513] ? clear_bhb_loop+0x50/0xa0 [ 2535.312687][ T1513] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2535.312706][ T1513] RIP: 0033:0x7fde4c78f6c9 [ 2535.312722][ T1513] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2535.312737][ T1513] RSP: 002b:00007fde4d6d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2535.312757][ T1513] RAX: ffffffffffffffda RBX: 00007fde4c9e5fa0 RCX: 00007fde4c78f6c9 [ 2535.312771][ T1513] RDX: 0000200000000080 RSI: 00000000c0306201 RDI: 0000000000000007 [ 2535.312785][ T1513] RBP: 00007fde4d6d7090 R08: 0000000000000000 R09: 0000000000000000 [ 2535.312796][ T1513] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2535.312808][ T1513] R13: 00007fde4c9e6038 R14: 00007fde4c9e5fa0 R15: 00007ffff593cf48 [ 2535.312825][ T1513] [ 2536.663926][T18476] bridge_slave_1: left allmulticast mode [ 2536.675894][ T1643] SELinux: failed to load policy [ 2536.691345][T18476] bridge_slave_1: left promiscuous mode [ 2536.696998][T18476] bridge0: port 2(bridge_slave_1) entered disabled state [ 2536.708193][T18476] bridge_slave_0: left allmulticast mode [ 2536.721323][T18476] bridge_slave_0: left promiscuous mode [ 2536.726982][T18476] bridge0: port 1(bridge_slave_0) entered disabled state [ 2536.865462][T18476] veth1_macvtap: left promiscuous mode [ 2536.871022][T18476] veth0_vlan: left promiscuous mode [ 2536.998960][ T1651] bridge0: port 1(bridge_slave_0) entered blocking state [ 2537.006295][ T1651] bridge0: port 1(bridge_slave_0) entered disabled state [ 2537.013733][ T1651] bridge_slave_0: entered allmulticast mode [ 2537.020058][ T1651] bridge_slave_0: entered promiscuous mode [ 2537.036269][ T1651] bridge0: port 2(bridge_slave_1) entered blocking state [ 2537.043586][ T1651] bridge0: port 2(bridge_slave_1) entered disabled state [ 2537.050656][ T1651] bridge_slave_1: entered allmulticast mode [ 2537.057023][ T1651] bridge_slave_1: entered promiscuous mode [ 2537.188946][ T1651] bridge0: port 2(bridge_slave_1) entered blocking state [ 2537.196047][ T1651] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2537.203352][ T1651] bridge0: port 1(bridge_slave_0) entered blocking state [ 2537.210463][ T1651] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2537.246983][ T403] bridge0: port 1(bridge_slave_0) entered disabled state [ 2537.255379][ T403] bridge0: port 2(bridge_slave_1) entered disabled state [ 2537.268081][T11945] bridge0: port 1(bridge_slave_0) entered blocking state [ 2537.275162][T11945] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2537.289716][T11945] bridge0: port 2(bridge_slave_1) entered blocking state [ 2537.296793][T11945] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2537.349920][ T1651] veth0_vlan: entered promiscuous mode [ 2537.378585][ T1651] veth1_macvtap: entered promiscuous mode [ 2537.510657][ T1719] FAULT_INJECTION: forcing a failure. [ 2537.510657][ T1719] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2537.541365][ T1719] CPU: 1 UID: 0 PID: 1719 Comm: syz.4.77018 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2537.541397][ T1719] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2537.541409][ T1719] Call Trace: [ 2537.541417][ T1719] [ 2537.541425][ T1719] __dump_stack+0x21/0x30 [ 2537.541453][ T1719] dump_stack_lvl+0x10c/0x190 [ 2537.541476][ T1719] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2537.541500][ T1719] ? do_vfs_ioctl+0xeda/0x1e30 [ 2537.541519][ T1719] ? check_stack_object+0x107/0x140 [ 2537.541537][ T1719] dump_stack+0x19/0x20 [ 2537.541558][ T1719] should_fail_ex+0x3d9/0x530 [ 2537.541578][ T1719] should_fail+0xf/0x20 [ 2537.541594][ T1719] should_fail_usercopy+0x1e/0x30 [ 2537.541613][ T1719] _copy_from_user+0x22/0xb0 [ 2537.541635][ T1719] kvm_vm_ioctl+0x5f7/0xb80 [ 2537.541658][ T1719] ? __cfi_kvm_vm_ioctl+0x10/0x10 [ 2537.541681][ T1719] ? ioctl_has_perm+0x1aa/0x4d0 [ 2537.541701][ T1719] ? __asan_memcpy+0x5a/0x80 [ 2537.541718][ T1719] ? ioctl_has_perm+0x3e0/0x4d0 [ 2537.541740][ T1719] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 2537.541764][ T1719] ? selinux_file_ioctl+0x6e0/0x1360 [ 2537.541785][ T1719] ? vfs_write+0x93e/0xf30 [ 2537.541801][ T1719] ? __cfi_selinux_file_ioctl+0x10/0x10 [ 2537.541822][ T1719] ? __cfi_vfs_write+0x10/0x10 [ 2537.541839][ T1719] ? __kasan_check_write+0x18/0x20 [ 2537.541863][ T1719] ? mutex_unlock+0x8b/0x240 [ 2537.541881][ T1719] ? __cfi_mutex_unlock+0x10/0x10 [ 2537.541897][ T1719] ? __fget_files+0x2c5/0x340 [ 2537.541917][ T1719] ? __fget_files+0x2c5/0x340 [ 2537.541936][ T1719] ? bpf_lsm_file_ioctl+0xd/0x20 [ 2537.541960][ T1719] ? security_file_ioctl+0x34/0xd0 [ 2537.541980][ T1719] ? __cfi_kvm_vm_ioctl+0x10/0x10 [ 2537.542003][ T1719] __se_sys_ioctl+0x135/0x1b0 [ 2537.542022][ T1719] __x64_sys_ioctl+0x7f/0xa0 [ 2537.542041][ T1719] x64_sys_call+0x1878/0x2ee0 [ 2537.542066][ T1719] do_syscall_64+0x58/0xf0 [ 2537.542088][ T1719] ? clear_bhb_loop+0x50/0xa0 [ 2537.542107][ T1719] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2537.542126][ T1719] RIP: 0033:0x7fde4c78f6c9 [ 2537.542142][ T1719] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2537.542158][ T1719] RSP: 002b:00007fde4d6d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2537.542180][ T1719] RAX: ffffffffffffffda RBX: 00007fde4c9e5fa0 RCX: 00007fde4c78f6c9 [ 2537.542195][ T1719] RDX: 0000200000000180 RSI: 000000004020ae46 RDI: 0000000000000008 [ 2537.542209][ T1719] RBP: 00007fde4d6d7090 R08: 0000000000000000 R09: 0000000000000000 [ 2537.542222][ T1719] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2537.542234][ T1719] R13: 00007fde4c9e6038 R14: 00007fde4c9e5fa0 R15: 00007ffff593cf48 [ 2537.542251][ T1719] [ 2538.290679][ T1772] FAULT_INJECTION: forcing a failure. [ 2538.290679][ T1772] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2538.310969][ T1772] CPU: 1 UID: 0 PID: 1772 Comm: syz.0.77043 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2538.311003][ T1772] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2538.311016][ T1772] Call Trace: [ 2538.311023][ T1772] [ 2538.311031][ T1772] __dump_stack+0x21/0x30 [ 2538.311062][ T1772] dump_stack_lvl+0x10c/0x190 [ 2538.311085][ T1772] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2538.311109][ T1772] dump_stack+0x19/0x20 [ 2538.311131][ T1772] should_fail_ex+0x3d9/0x530 [ 2538.311149][ T1772] should_fail+0xf/0x20 [ 2538.311166][ T1772] should_fail_usercopy+0x1e/0x30 [ 2538.311185][ T1772] _copy_from_user+0x22/0xb0 [ 2538.311215][ T1772] do_vfs_ioctl+0x174c/0x1e30 [ 2538.311235][ T1772] ? arch_stack_walk+0x10b/0x170 [ 2538.311254][ T1772] ? __ia32_compat_sys_ioctl+0x850/0x850 [ 2538.311276][ T1772] ? _parse_integer+0x2e/0x40 [ 2538.311305][ T1772] ? ioctl_has_perm+0x384/0x4d0 [ 2538.311324][ T1772] ? has_cap_mac_admin+0xd0/0xd0 [ 2538.311342][ T1772] ? proc_fail_nth_write+0x17e/0x210 [ 2538.311363][ T1772] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 2538.311383][ T1772] ? selinux_file_ioctl+0x6e0/0x1360 [ 2538.311400][ T1772] ? vfs_write+0x93e/0xf30 [ 2538.311415][ T1772] ? __cfi_selinux_file_ioctl+0x10/0x10 [ 2538.311432][ T1772] ? __cfi_vfs_write+0x10/0x10 [ 2538.311444][ T1772] ? __kasan_check_write+0x18/0x20 [ 2538.311465][ T1772] ? mutex_unlock+0x8b/0x240 [ 2538.311479][ T1772] ? __cfi_mutex_unlock+0x10/0x10 [ 2538.311492][ T1772] ? __fget_files+0x2c5/0x340 [ 2538.311509][ T1772] ? __fget_files+0x2c5/0x340 [ 2538.311524][ T1772] ? bpf_lsm_file_ioctl+0xd/0x20 [ 2538.311542][ T1772] ? security_file_ioctl+0x34/0xd0 [ 2538.311559][ T1772] __se_sys_ioctl+0x9f/0x1b0 [ 2538.311574][ T1772] __x64_sys_ioctl+0x7f/0xa0 [ 2538.311588][ T1772] x64_sys_call+0x1878/0x2ee0 [ 2538.311609][ T1772] do_syscall_64+0x58/0xf0 [ 2538.311626][ T1772] ? clear_bhb_loop+0x50/0xa0 [ 2538.311643][ T1772] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2538.311658][ T1772] RIP: 0033:0x7f7ad3d8f6c9 [ 2538.311671][ T1772] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2538.311685][ T1772] RSP: 002b:00007f7ad4bc4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2538.311701][ T1772] RAX: ffffffffffffffda RBX: 00007f7ad3fe5fa0 RCX: 00007f7ad3d8f6c9 [ 2538.311713][ T1772] RDX: 0000200000000080 RSI: 0000000040305828 RDI: 0000000000000006 [ 2538.311723][ T1772] RBP: 00007f7ad4bc4090 R08: 0000000000000000 R09: 0000000000000000 [ 2538.311732][ T1772] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2538.311742][ T1772] R13: 00007f7ad3fe6038 R14: 00007f7ad3fe5fa0 R15: 00007ffed7bf3658 [ 2538.311754][ T1772] [ 2538.610556][ T36] audit: type=1400 audit(2000000200.670:754): avc: denied { listen } for pid=1778 comm="syz.0.77047" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 2538.634944][ T36] audit: type=1400 audit(2000000200.700:755): avc: denied { setopt } for pid=1778 comm="syz.0.77047" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 2538.937057][ T1819] x_tables: duplicate underflow at hook 1 [ 2539.277112][ T1843] FAULT_INJECTION: forcing a failure. [ 2539.277112][ T1843] name failslab, interval 1, probability 0, space 0, times 0 [ 2539.290071][ T1843] CPU: 1 UID: 0 PID: 1843 Comm: syz.4.77077 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2539.290105][ T1843] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2539.290117][ T1843] Call Trace: [ 2539.290125][ T1843] [ 2539.290132][ T1843] __dump_stack+0x21/0x30 [ 2539.290169][ T1843] dump_stack_lvl+0x10c/0x190 [ 2539.290193][ T1843] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2539.290218][ T1843] ? avc_has_extended_perms+0x921/0xdd0 [ 2539.290244][ T1843] dump_stack+0x19/0x20 [ 2539.290266][ T1843] should_fail_ex+0x3d9/0x530 [ 2539.290286][ T1843] should_failslab+0xac/0x100 [ 2539.290307][ T1843] __kmalloc_cache_node_noprof+0x46/0x450 [ 2539.290327][ T1843] ? __get_vm_area_node+0x154/0x3a0 [ 2539.290351][ T1843] __get_vm_area_node+0x154/0x3a0 [ 2539.290374][ T1843] __vmalloc_node_range_noprof+0x33c/0x1420 [ 2539.290400][ T1843] ? kvm_dev_ioctl+0x125/0x14d0 [ 2539.290425][ T1843] ? number+0xd21/0xf80 [ 2539.290447][ T1843] ? pointer+0xdd0/0xdd0 [ 2539.290470][ T1843] ? __cfi___vmalloc_node_range_noprof+0x10/0x10 [ 2539.290496][ T1843] ? vsnprintf+0x19b8/0x1aa0 [ 2539.290518][ T1843] ? kvm_dev_ioctl+0x125/0x14d0 [ 2539.290543][ T1843] __vmalloc_noprof+0xfe/0x1d0 [ 2539.290567][ T1843] ? kvm_dev_ioctl+0x125/0x14d0 [ 2539.290591][ T1843] ? alloc_fd+0x4e7/0x5a0 [ 2539.290610][ T1843] ? __cfi___vmalloc_noprof+0x10/0x10 [ 2539.290635][ T1843] kvm_dev_ioctl+0x125/0x14d0 [ 2539.290660][ T1843] ? __fget_files+0x2c5/0x340 [ 2539.290680][ T1843] ? __cfi_kvm_dev_ioctl+0x10/0x10 [ 2539.290705][ T1843] ? bpf_lsm_file_ioctl+0xd/0x20 [ 2539.290729][ T1843] ? security_file_ioctl+0x34/0xd0 [ 2539.290749][ T1843] ? __cfi_kvm_dev_ioctl+0x10/0x10 [ 2539.290773][ T1843] __se_sys_ioctl+0x135/0x1b0 [ 2539.290793][ T1843] __x64_sys_ioctl+0x7f/0xa0 [ 2539.290812][ T1843] x64_sys_call+0x1878/0x2ee0 [ 2539.290838][ T1843] do_syscall_64+0x58/0xf0 [ 2539.290860][ T1843] ? clear_bhb_loop+0x50/0xa0 [ 2539.290881][ T1843] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2539.290900][ T1843] RIP: 0033:0x7fde4c78f6c9 [ 2539.290917][ T1843] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2539.290933][ T1843] RSP: 002b:00007fde4d6d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2539.290954][ T1843] RAX: ffffffffffffffda RBX: 00007fde4c9e5fa0 RCX: 00007fde4c78f6c9 [ 2539.290969][ T1843] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000007 [ 2539.290982][ T1843] RBP: 00007fde4d6d7090 R08: 0000000000000000 R09: 0000000000000000 [ 2539.290994][ T1843] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2539.291006][ T1843] R13: 00007fde4c9e6038 R14: 00007fde4c9e5fa0 R15: 00007ffff593cf48 [ 2539.291023][ T1843] [ 2539.291032][ T1843] syz.4.77077: vmalloc error: size 39304, vm_struct allocation failed, mode:0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0 [ 2539.580197][ T1843] CPU: 1 UID: 0 PID: 1843 Comm: syz.4.77077 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2539.580226][ T1843] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2539.580238][ T1843] Call Trace: [ 2539.580244][ T1843] [ 2539.580252][ T1843] __dump_stack+0x21/0x30 [ 2539.580280][ T1843] dump_stack_lvl+0x10c/0x190 [ 2539.580304][ T1843] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2539.580329][ T1843] dump_stack+0x19/0x20 [ 2539.580351][ T1843] warn_alloc+0x1bc/0x2a0 [ 2539.580374][ T1843] ? __kasan_kmalloc+0x28/0xb0 [ 2539.580395][ T1843] ? __cfi_warn_alloc+0x10/0x10 [ 2539.580418][ T1843] ? __get_vm_area_node+0x392/0x3a0 [ 2539.580444][ T1843] __vmalloc_node_range_noprof+0x361/0x1420 [ 2539.580469][ T1843] ? number+0xd21/0xf80 [ 2539.580492][ T1843] ? pointer+0xdd0/0xdd0 [ 2539.580514][ T1843] ? __cfi___vmalloc_node_range_noprof+0x10/0x10 [ 2539.580538][ T1843] ? vsnprintf+0x19b8/0x1aa0 [ 2539.580559][ T1843] ? kvm_dev_ioctl+0x125/0x14d0 [ 2539.580583][ T1843] __vmalloc_noprof+0xfe/0x1d0 [ 2539.580606][ T1843] ? kvm_dev_ioctl+0x125/0x14d0 [ 2539.580630][ T1843] ? alloc_fd+0x4e7/0x5a0 [ 2539.580648][ T1843] ? __cfi___vmalloc_noprof+0x10/0x10 [ 2539.580673][ T1843] kvm_dev_ioctl+0x125/0x14d0 [ 2539.580698][ T1843] ? __fget_files+0x2c5/0x340 [ 2539.580717][ T1843] ? __cfi_kvm_dev_ioctl+0x10/0x10 [ 2539.580741][ T1843] ? bpf_lsm_file_ioctl+0xd/0x20 [ 2539.580765][ T1843] ? security_file_ioctl+0x34/0xd0 [ 2539.580787][ T1843] ? __cfi_kvm_dev_ioctl+0x10/0x10 [ 2539.580811][ T1843] __se_sys_ioctl+0x135/0x1b0 [ 2539.580831][ T1843] __x64_sys_ioctl+0x7f/0xa0 [ 2539.580851][ T1843] x64_sys_call+0x1878/0x2ee0 [ 2539.580884][ T1843] do_syscall_64+0x58/0xf0 [ 2539.580905][ T1843] ? clear_bhb_loop+0x50/0xa0 [ 2539.580926][ T1843] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2539.580946][ T1843] RIP: 0033:0x7fde4c78f6c9 [ 2539.580962][ T1843] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2539.580978][ T1843] RSP: 002b:00007fde4d6d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2539.580999][ T1843] RAX: ffffffffffffffda RBX: 00007fde4c9e5fa0 RCX: 00007fde4c78f6c9 [ 2539.581014][ T1843] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000007 [ 2539.581027][ T1843] RBP: 00007fde4d6d7090 R08: 0000000000000000 R09: 0000000000000000 [ 2539.581040][ T1843] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2539.581052][ T1843] R13: 00007fde4c9e6038 R14: 00007fde4c9e5fa0 R15: 00007ffff593cf48 [ 2539.581069][ T1843] [ 2539.581089][ T1843] Mem-Info: [ 2539.833180][ T1843] active_anon:23341 inactive_anon:62 isolated_anon:0 [ 2539.833180][ T1843] active_file:14908 inactive_file:13846 isolated_file:0 [ 2539.833180][ T1843] unevictable:0 dirty:590 writeback:0 [ 2539.833180][ T1843] slab_reclaimable:8988 slab_unreclaimable:69380 [ 2539.833180][ T1843] mapped:34276 shmem:18130 pagetables:737 [ 2539.833180][ T1843] sec_pagetables:0 bounce:0 [ 2539.833180][ T1843] kernel_misc_reclaimable:0 [ 2539.833180][ T1843] free:1473126 free_pcp:19437 free_cma:0 [ 2539.881150][ T1843] Node 0 active_anon:86564kB inactive_anon:248kB active_file:59632kB inactive_file:55384kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:141204kB dirty:2360kB writeback:0kB shmem:66020kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:5276kB pagetables:2848kB sec_pagetables:0kB all_unreclaimable? no [ 2539.913424][ T1843] DMA32 free:2960212kB boost:0kB min:19088kB low:23860kB high:28632kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:2965936kB mlocked:0kB bounce:0kB free_pcp:5724kB local_pcp:5656kB free_cma:0kB [ 2540.030021][ T1843] lowmem_reserve[]: 0 3921 3921 [ 2540.051314][ T1843] Normal free:2929916kB boost:0kB min:25964kB low:32452kB high:38940kB reserved_highatomic:0KB free_highatomic:0KB active_anon:65964kB inactive_anon:248kB active_file:59632kB inactive_file:55384kB unevictable:0kB writepending:2360kB present:5242880kB managed:4016120kB mlocked:0kB bounce:0kB free_pcp:101632kB local_pcp:96744kB free_cma:0kB [ 2540.095690][ T1843] lowmem_reserve[]: 0 0 0 [ 2540.100458][ T1843] DMA32: 5*4kB (M) 2*8kB (M) 3*16kB (M) 4*32kB (M) 4*64kB (M) 3*128kB (M) 4*256kB (M) 4*512kB (M) 5*1024kB (UM) 5*2048kB (M) 718*4096kB (M) = 2960212kB [ 2540.116856][ T1843] Normal: 60*4kB (UE) 526*8kB (UE) 1571*16kB (UME) 380*32kB (UME) 856*64kB (UME) 303*128kB (UME) 203*256kB (UME) 139*512kB (UME) 79*1024kB (UME) 30*2048kB (M) 627*4096kB (UME) = 2968976kB [ 2540.136142][ T1843] 43994 total pagecache pages [ 2540.140886][ T1843] 114 pages in swap cache [ 2540.157370][ T1843] Free swap = 124084kB [ 2540.161962][ T1843] Total swap = 124996kB [ 2540.166122][ T1843] 2097051 pages RAM [ 2540.169967][ T1843] 0 pages HighMem/MovableOnly [ 2540.174971][ T1843] 351537 pages reserved [ 2540.179128][ T1843] 0 pages cma reserved [ 2540.185476][ T1843] Memory allocations: [ 2540.189523][ T1843] 0 B 0 init/main.c:1370 func:do_initcalls [ 2540.196960][ T1843] 0 B 0 init/do_mounts.c:186 func:mount_root_generic [ 2540.216967][ T1843] 0 B 0 init/do_mounts.c:158 func:do_mount_root [ 2540.225771][ T1843] 0 B 0 init/do_mounts.c:352 func:mount_nodev_root [ 2540.250827][ T1843] 0 B 0 init/do_mounts_rd.c:241 func:rd_load_image [ 2540.269029][ T1843] 0 B 0 init/do_mounts_rd.c:72 func:identify_ramdisk_image [ 2540.291329][ T1843] 0 B 0 init/initramfs.c:507 func:unpack_to_rootfs [ 2540.299291][ T1843] 0 B 0 init/initramfs.c:508 func:unpack_to_rootfs [ 2540.321331][ T1843] 0 B 0 init/initramfs.c:509 func:unpack_to_rootfs [ 2540.329270][ T1843] 0 B 0 init/initramfs.c:101 func:find_link [ 2542.550411][ T2002] FAULT_INJECTION: forcing a failure. [ 2542.550411][ T2002] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2542.563674][ T2002] CPU: 1 UID: 0 PID: 2002 Comm: syz.0.77150 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2542.563704][ T2002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2542.563716][ T2002] Call Trace: [ 2542.563723][ T2002] [ 2542.563731][ T2002] __dump_stack+0x21/0x30 [ 2542.563759][ T2002] dump_stack_lvl+0x10c/0x190 [ 2542.563782][ T2002] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2542.563805][ T2002] ? do_vfs_ioctl+0xeda/0x1e30 [ 2542.563827][ T2002] dump_stack+0x19/0x20 [ 2542.563850][ T2002] should_fail_ex+0x3d9/0x530 [ 2542.563870][ T2002] should_fail+0xf/0x20 [ 2542.563887][ T2002] should_fail_usercopy+0x1e/0x30 [ 2542.563913][ T2002] _copy_from_user+0x22/0xb0 [ 2542.563936][ T2002] addrconf_add_ifaddr+0xfa/0x1b0 [ 2542.563960][ T2002] ? __cfi_addrconf_add_ifaddr+0x10/0x10 [ 2542.563983][ T2002] ? ioctl_has_perm+0x384/0x4d0 [ 2542.564005][ T2002] inet6_ioctl+0x139/0x280 [ 2542.564029][ T2002] ? __cfi_inet6_ioctl+0x10/0x10 [ 2542.564053][ T2002] ? proc_fail_nth_write+0x17e/0x210 [ 2542.564077][ T2002] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 2542.564101][ T2002] sock_do_ioctl+0x105/0x330 [ 2542.564121][ T2002] ? sock_show_fdinfo+0xd0/0xd0 [ 2542.564141][ T2002] ? __cfi_vfs_write+0x10/0x10 [ 2542.564159][ T2002] ? __kasan_check_write+0x18/0x20 [ 2542.564184][ T2002] ? mutex_unlock+0x8b/0x240 [ 2542.564202][ T2002] sock_ioctl+0x634/0x7b0 [ 2542.564221][ T2002] ? __cfi_sock_ioctl+0x10/0x10 [ 2542.564240][ T2002] ? __fget_files+0x2c5/0x340 [ 2542.564261][ T2002] ? bpf_lsm_file_ioctl+0xd/0x20 [ 2542.564285][ T2002] ? security_file_ioctl+0x34/0xd0 [ 2542.564306][ T2002] ? __cfi_sock_ioctl+0x10/0x10 [ 2542.564324][ T2002] __se_sys_ioctl+0x135/0x1b0 [ 2542.564344][ T2002] __x64_sys_ioctl+0x7f/0xa0 [ 2542.564364][ T2002] x64_sys_call+0x1878/0x2ee0 [ 2542.564389][ T2002] do_syscall_64+0x58/0xf0 [ 2542.564412][ T2002] ? clear_bhb_loop+0x50/0xa0 [ 2542.564432][ T2002] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2542.564451][ T2002] RIP: 0033:0x7f7ad3d8f6c9 [ 2542.564468][ T2002] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2542.564484][ T2002] RSP: 002b:00007f7ad4bc4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2542.564510][ T2002] RAX: ffffffffffffffda RBX: 00007f7ad3fe5fa0 RCX: 00007f7ad3d8f6c9 [ 2542.564526][ T2002] RDX: 0000000000000000 RSI: 0000000000008916 RDI: 0000000000000007 [ 2542.564539][ T2002] RBP: 00007f7ad4bc4090 R08: 0000000000000000 R09: 0000000000000000 [ 2542.564552][ T2002] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2542.564563][ T2002] R13: 00007f7ad3fe6038 R14: 00007f7ad3fe5fa0 R15: 00007ffed7bf3658 [ 2542.564580][ T2002] [ 2542.881632][ T2025] FAULT_INJECTION: forcing a failure. [ 2542.881632][ T2025] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2542.922560][ T2025] CPU: 0 UID: 0 PID: 2025 Comm: syz.4.77161 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2542.922589][ T2025] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2542.922600][ T2025] Call Trace: [ 2542.922607][ T2025] [ 2542.922614][ T2025] __dump_stack+0x21/0x30 [ 2542.922641][ T2025] dump_stack_lvl+0x10c/0x190 [ 2542.922673][ T2025] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2542.922696][ T2025] ? check_stack_object+0x12c/0x140 [ 2542.922715][ T2025] dump_stack+0x19/0x20 [ 2542.922736][ T2025] should_fail_ex+0x3d9/0x530 [ 2542.922755][ T2025] should_fail+0xf/0x20 [ 2542.922772][ T2025] should_fail_usercopy+0x1e/0x30 [ 2542.922791][ T2025] _copy_to_user+0x24/0xa0 [ 2542.922812][ T2025] simple_read_from_buffer+0xed/0x160 [ 2542.922834][ T2025] proc_fail_nth_read+0x19e/0x210 [ 2542.922857][ T2025] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 2542.922880][ T2025] ? bpf_lsm_file_permission+0xd/0x20 [ 2542.922904][ T2025] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 2542.922926][ T2025] vfs_read+0x27d/0xc70 [ 2542.922943][ T2025] ? __cfi_vfs_read+0x10/0x10 [ 2542.922958][ T2025] ? __kasan_check_write+0x18/0x20 [ 2542.922984][ T2025] ? mutex_lock+0x92/0x1c0 [ 2542.923000][ T2025] ? __cfi_mutex_lock+0x10/0x10 [ 2542.923017][ T2025] ? __fget_files+0x2c5/0x340 [ 2542.923036][ T2025] ksys_read+0x141/0x250 [ 2542.923052][ T2025] ? __cfi_ksys_read+0x10/0x10 [ 2542.923069][ T2025] ? __kasan_check_write+0x18/0x20 [ 2542.923093][ T2025] ? __kasan_check_read+0x15/0x20 [ 2542.923118][ T2025] __x64_sys_read+0x7f/0x90 [ 2542.923139][ T2025] x64_sys_call+0x2638/0x2ee0 [ 2542.923164][ T2025] do_syscall_64+0x58/0xf0 [ 2542.923186][ T2025] ? clear_bhb_loop+0x50/0xa0 [ 2542.923206][ T2025] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2542.923229][ T2025] RIP: 0033:0x7fde4c78e0dc [ 2542.923245][ T2025] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 2542.923261][ T2025] RSP: 002b:00007fde4d6d7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 2542.923282][ T2025] RAX: ffffffffffffffda RBX: 00007fde4c9e5fa0 RCX: 00007fde4c78e0dc [ 2542.923296][ T2025] RDX: 000000000000000f RSI: 00007fde4d6d70a0 RDI: 0000000000000008 [ 2542.923308][ T2025] RBP: 00007fde4d6d7090 R08: 0000000000000000 R09: 0000000000000000 [ 2542.923321][ T2025] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2542.923333][ T2025] R13: 00007fde4c9e6038 R14: 00007fde4c9e5fa0 R15: 00007ffff593cf48 [ 2542.923349][ T2025] [ 2543.418850][ T2089] FAULT_INJECTION: forcing a failure. [ 2543.418850][ T2089] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2543.433553][ T2089] CPU: 1 UID: 0 PID: 2089 Comm: syz.4.77190 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2543.433589][ T2089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2543.433601][ T2089] Call Trace: [ 2543.433607][ T2089] [ 2543.433615][ T2089] __dump_stack+0x21/0x30 [ 2543.433644][ T2089] dump_stack_lvl+0x10c/0x190 [ 2543.433666][ T2089] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2543.433690][ T2089] ? check_stack_object+0x107/0x140 [ 2543.433708][ T2089] dump_stack+0x19/0x20 [ 2543.433730][ T2089] should_fail_ex+0x3d9/0x530 [ 2543.433749][ T2089] should_fail+0xf/0x20 [ 2543.433765][ T2089] should_fail_usercopy+0x1e/0x30 [ 2543.433785][ T2089] _copy_from_user+0x22/0xb0 [ 2543.433807][ T2089] __sys_connect+0x136/0x440 [ 2543.433830][ T2089] ? __cfi___sys_connect+0x10/0x10 [ 2543.433855][ T2089] ? __kasan_check_read+0x15/0x20 [ 2543.433881][ T2089] __x64_sys_connect+0x7e/0x90 [ 2543.433903][ T2089] x64_sys_call+0x1c2f/0x2ee0 [ 2543.433927][ T2089] do_syscall_64+0x58/0xf0 [ 2543.433950][ T2089] ? clear_bhb_loop+0x50/0xa0 [ 2543.433969][ T2089] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2543.433989][ T2089] RIP: 0033:0x7fde4c78f6c9 [ 2543.434005][ T2089] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2543.434021][ T2089] RSP: 002b:00007fde4d6d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2543.434042][ T2089] RAX: ffffffffffffffda RBX: 00007fde4c9e5fa0 RCX: 00007fde4c78f6c9 [ 2543.434057][ T2089] RDX: 0000000000000010 RSI: 0000200000000200 RDI: 0000000000000007 [ 2543.434070][ T2089] RBP: 00007fde4d6d7090 R08: 0000000000000000 R09: 0000000000000000 [ 2543.434083][ T2089] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2543.434095][ T2089] R13: 00007fde4c9e6038 R14: 00007fde4c9e5fa0 R15: 00007ffff593cf48 [ 2543.434112][ T2089] [ 2543.916357][ T2128] rust_binder: BC_REQUEST_DEATH_NOTIFICATION invalid ref 3 [ 2543.991112][ T2141] FAULT_INJECTION: forcing a failure. [ 2543.991112][ T2141] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2544.004292][ T2141] CPU: 1 UID: 0 PID: 2141 Comm: syz.2.77211 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2544.004324][ T2141] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2544.004336][ T2141] Call Trace: [ 2544.004343][ T2141] [ 2544.004351][ T2141] __dump_stack+0x21/0x30 [ 2544.004380][ T2141] dump_stack_lvl+0x10c/0x190 [ 2544.004402][ T2141] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2544.004426][ T2141] dump_stack+0x19/0x20 [ 2544.004447][ T2141] should_fail_ex+0x3d9/0x530 [ 2544.004466][ T2141] should_fail+0xf/0x20 [ 2544.004483][ T2141] should_fail_usercopy+0x1e/0x30 [ 2544.004503][ T2141] _copy_from_user+0x22/0xb0 [ 2544.004526][ T2141] do_tcp_setsockopt+0x541/0x1f60 [ 2544.004563][ T2141] ? __cfi_do_tcp_setsockopt+0x10/0x10 [ 2544.004588][ T2141] ? selinux_socket_setsockopt+0x2ea/0x390 [ 2544.004615][ T2141] ? __cfi_selinux_socket_setsockopt+0x10/0x10 [ 2544.004644][ T2141] tcp_setsockopt+0x58/0x110 [ 2544.004661][ T2141] sock_common_setsockopt+0xb5/0xd0 [ 2544.004681][ T2141] ? __cfi_sock_common_setsockopt+0x10/0x10 [ 2544.004701][ T2141] do_sock_setsockopt+0x26d/0x400 [ 2544.004725][ T2141] ? __cfi_do_sock_setsockopt+0x10/0x10 [ 2544.004752][ T2141] __x64_sys_setsockopt+0x1b8/0x250 [ 2544.004777][ T2141] x64_sys_call+0x2adc/0x2ee0 [ 2544.004801][ T2141] do_syscall_64+0x58/0xf0 [ 2544.004823][ T2141] ? clear_bhb_loop+0x50/0xa0 [ 2544.004843][ T2141] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2544.004861][ T2141] RIP: 0033:0x7f933798f6c9 [ 2544.004878][ T2141] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2544.004894][ T2141] RSP: 002b:00007f9338811038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 2544.004915][ T2141] RAX: ffffffffffffffda RBX: 00007f9337be5fa0 RCX: 00007f933798f6c9 [ 2544.004930][ T2141] RDX: 0000000000000016 RSI: 0000000000000006 RDI: 0000000000000007 [ 2544.004942][ T2141] RBP: 00007f9338811090 R08: 0000000000000004 R09: 0000000000000000 [ 2544.004955][ T2141] R10: 0000200000000340 R11: 0000000000000246 R12: 0000000000000001 [ 2544.004967][ T2141] R13: 00007f9337be6038 R14: 00007f9337be5fa0 R15: 00007ffe357f5d88 [ 2544.004984][ T2141] [ 2544.259062][ T2157] FAULT_INJECTION: forcing a failure. [ 2544.259062][ T2157] name failslab, interval 1, probability 0, space 0, times 0 [ 2544.272183][ T2157] CPU: 1 UID: 0 PID: 2157 Comm: syz.2.77218 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2544.272215][ T2157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2544.272226][ T2157] Call Trace: [ 2544.272233][ T2157] [ 2544.272241][ T2157] __dump_stack+0x21/0x30 [ 2544.272270][ T2157] dump_stack_lvl+0x10c/0x190 [ 2544.272292][ T2157] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2544.272314][ T2157] ? __kasan_check_write+0x18/0x20 [ 2544.272339][ T2157] ? proc_fail_nth_write+0x17e/0x210 [ 2544.272362][ T2157] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 2544.272382][ T2157] dump_stack+0x19/0x20 [ 2544.272400][ T2157] should_fail_ex+0x3d9/0x530 [ 2544.272416][ T2157] should_failslab+0xac/0x100 [ 2544.272435][ T2157] kmem_cache_alloc_noprof+0x42/0x430 [ 2544.272451][ T2157] ? getname_flags+0xc6/0x710 [ 2544.272470][ T2157] getname_flags+0xc6/0x710 [ 2544.272487][ T2157] ? build_open_flags+0x487/0x600 [ 2544.272509][ T2157] getname+0x1b/0x30 [ 2544.272533][ T2157] do_sys_openat2+0xcb/0x1c0 [ 2544.272555][ T2157] ? fput+0x1a5/0x240 [ 2544.272576][ T2157] ? do_sys_open+0x100/0x100 [ 2544.272598][ T2157] ? ksys_write+0x1ef/0x250 [ 2544.272614][ T2157] ? __cfi_ksys_write+0x10/0x10 [ 2544.272631][ T2157] __x64_sys_openat+0x13a/0x170 [ 2544.272653][ T2157] x64_sys_call+0xe69/0x2ee0 [ 2544.272676][ T2157] do_syscall_64+0x58/0xf0 [ 2544.272697][ T2157] ? clear_bhb_loop+0x50/0xa0 [ 2544.272715][ T2157] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2544.272734][ T2157] RIP: 0033:0x7f933798f6c9 [ 2544.272750][ T2157] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2544.272766][ T2157] RSP: 002b:00007f9338811038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 2544.272786][ T2157] RAX: ffffffffffffffda RBX: 00007f9337be5fa0 RCX: 00007f933798f6c9 [ 2544.272801][ T2157] RDX: 0000000000000000 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 2544.272814][ T2157] RBP: 00007f9338811090 R08: 0000000000000000 R09: 0000000000000000 [ 2544.272827][ T2157] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2544.272839][ T2157] R13: 00007f9337be6038 R14: 00007f9337be5fa0 R15: 00007ffe357f5d88 [ 2544.272855][ T2157] [ 2545.129085][ T2202] FAULT_INJECTION: forcing a failure. [ 2545.129085][ T2202] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2545.161358][ T2202] CPU: 0 UID: 0 PID: 2202 Comm: syz.3.77237 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2545.161392][ T2202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2545.161403][ T2202] Call Trace: [ 2545.161410][ T2202] [ 2545.161418][ T2202] __dump_stack+0x21/0x30 [ 2545.161447][ T2202] dump_stack_lvl+0x10c/0x190 [ 2545.161470][ T2202] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2545.161494][ T2202] ? __kasan_check_read+0x15/0x20 [ 2545.161521][ T2202] dump_stack+0x19/0x20 [ 2545.161551][ T2202] should_fail_ex+0x3d9/0x530 [ 2545.161571][ T2202] should_fail+0xf/0x20 [ 2545.161588][ T2202] should_fail_usercopy+0x1e/0x30 [ 2545.161607][ T2202] __kvm_read_guest_page+0x177/0x210 [ 2545.161626][ T2202] kvm_vcpu_read_guest_page+0x31a/0x400 [ 2545.161646][ T2202] kvm_fetch_guest_virt+0x146/0x190 [ 2545.161672][ T2202] ? __cfi_kvm_fetch_guest_virt+0x10/0x10 [ 2545.161696][ T2202] __do_insn_fetch_bytes+0x321/0x730 [ 2545.161716][ T2202] ? x86_decode_insn+0x4fb0/0x4fb0 [ 2545.161736][ T2202] x86_decode_insn+0x33b/0x4fb0 [ 2545.161753][ T2202] ? entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2545.161774][ T2202] ? __cfi_stack_trace_consume_entry+0x10/0x10 [ 2545.161802][ T2202] ? __cfi_x86_decode_insn+0x10/0x10 [ 2545.161819][ T2202] ? __kasan_check_write+0x18/0x20 [ 2545.161844][ T2202] ? vmx_read_guest_seg_ar+0x1c8/0x350 [ 2545.161866][ T2202] ? __asan_memset+0x39/0x50 [ 2545.161886][ T2202] ? init_decode_cache+0x7c/0x90 [ 2545.161904][ T2202] ? init_emulate_ctxt+0x410/0x540 [ 2545.161924][ T2202] ? kvm_inject_realmode_interrupt+0x2e0/0x2e0 [ 2545.161945][ T2202] ? unwind_get_return_address+0x51/0x90 [ 2545.161966][ T2202] ? __cfi_stack_trace_consume_entry+0x10/0x10 [ 2545.161994][ T2202] x86_decode_emulated_instruction+0x66/0x190 [ 2545.162015][ T2202] x86_emulate_instruction+0x2d3/0x1870 [ 2545.162039][ T2202] handle_ud+0x19e/0x320 [ 2545.162057][ T2202] ? __cfi_handle_ud+0x10/0x10 [ 2545.162075][ T2202] ? __cfi_rcu_note_context_switch+0x10/0x10 [ 2545.162098][ T2202] ? clear_bhb_loop+0x50/0xa0 [ 2545.162118][ T2202] ? clear_bhb_loop+0x50/0xa0 [ 2545.162137][ T2202] ? clear_bhb_loop+0x50/0xa0 [ 2545.162156][ T2202] ? clear_bhb_loop+0x50/0xa0 [ 2545.162175][ T2202] ? clear_bhb_loop+0x12/0xa0 [ 2545.162196][ T2202] handle_exception_nmi+0x194/0xeb0 [ 2545.162216][ T2202] ? __cfi_handle_exception_nmi+0x10/0x10 [ 2545.162235][ T2202] vmx_handle_exit+0x12c2/0x1b40 [ 2545.162260][ T2202] ? __cfi_vmx_vcpu_run+0x10/0x10 [ 2545.162284][ T2202] ? kasan_save_track+0x4f/0x80 [ 2545.162304][ T2202] ? vmx_handle_exit_irqoff+0x401/0x7a0 [ 2545.162330][ T2202] vcpu_run+0x4bd0/0x7830 [ 2545.162351][ T2202] ? x64_sys_call+0xe69/0x2ee0 [ 2545.162388][ T2202] ? signal_pending+0xc0/0xc0 [ 2545.162409][ T2202] ? __kasan_check_write+0x18/0x20 [ 2545.162435][ T2202] ? xfd_validate_state+0x68/0x150 [ 2545.162457][ T2202] ? fpu_swap_kvm_fpstate+0x93/0x5f0 [ 2545.162477][ T2202] ? __kasan_check_write+0x18/0x20 [ 2545.162503][ T2202] ? fpregs_mark_activate+0x69/0x160 [ 2545.162522][ T2202] ? fpu_swap_kvm_fpstate+0x44d/0x5f0 [ 2545.162549][ T2202] ? fpu_swap_kvm_fpstate+0x93/0x5f0 [ 2545.162570][ T2202] kvm_arch_vcpu_ioctl_run+0x101a/0x1aa0 [ 2545.162595][ T2202] ? __cfi_kvm_arch_vcpu_ioctl_run+0x10/0x10 [ 2545.162618][ T2202] ? kstrtoull+0x13b/0x1e0 [ 2545.162635][ T2202] ? kstrtouint+0x78/0xf0 [ 2545.162652][ T2202] ? ioctl_has_perm+0x1aa/0x4d0 [ 2545.162673][ T2202] ? __asan_memcpy+0x5a/0x80 [ 2545.162690][ T2202] ? ioctl_has_perm+0x3e0/0x4d0 [ 2545.162711][ T2202] ? has_cap_mac_admin+0xd0/0xd0 [ 2545.162732][ T2202] ? __kasan_check_write+0x18/0x20 [ 2545.162757][ T2202] ? mutex_lock_killable+0x92/0x1c0 [ 2545.162776][ T2202] ? __cfi_mutex_lock_killable+0x10/0x10 [ 2545.162793][ T2202] ? proc_fail_nth_write+0x17e/0x210 [ 2545.162816][ T2202] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 2545.162840][ T2202] kvm_vcpu_ioctl+0x96f/0xee0 [ 2545.162858][ T2202] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 2545.162875][ T2202] ? __cfi_vfs_write+0x10/0x10 [ 2545.162893][ T2202] ? __kasan_check_write+0x18/0x20 [ 2545.162918][ T2202] ? mutex_unlock+0x8b/0x240 [ 2545.162935][ T2202] ? __cfi_mutex_unlock+0x10/0x10 [ 2545.162952][ T2202] ? __fget_files+0x2c5/0x340 [ 2545.162972][ T2202] ? __fget_files+0x2c5/0x340 [ 2545.162992][ T2202] ? bpf_lsm_file_ioctl+0xd/0x20 [ 2545.163017][ T2202] ? security_file_ioctl+0x34/0xd0 [ 2545.163037][ T2202] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 2545.163054][ T2202] __se_sys_ioctl+0x135/0x1b0 [ 2545.163075][ T2202] __x64_sys_ioctl+0x7f/0xa0 [ 2545.163094][ T2202] x64_sys_call+0x1878/0x2ee0 [ 2545.163119][ T2202] do_syscall_64+0x58/0xf0 [ 2545.163142][ T2202] ? clear_bhb_loop+0x50/0xa0 [ 2545.163161][ T2202] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2545.163181][ T2202] RIP: 0033:0x7f678258f6c9 [ 2545.163198][ T2202] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2545.163215][ T2202] RSP: 002b:00007f6780ff7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2545.163236][ T2202] RAX: ffffffffffffffda RBX: 00007f67827e5fa0 RCX: 00007f678258f6c9 [ 2545.163252][ T2202] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000009 [ 2545.163264][ T2202] RBP: 00007f6780ff7090 R08: 0000000000000000 R09: 0000000000000000 [ 2545.163276][ T2202] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2545.163289][ T2202] R13: 00007f67827e6038 R14: 00007f67827e5fa0 R15: 00007ffd09ab6d78 [ 2545.163305][ T2202] [ 2547.265863][ T36] audit: type=1400 audit(2000000209.330:756): avc: denied { setattr } for pid=2353 comm="syz.0.77309" name="" dev="pipefs" ino=1287166 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1 [ 2547.329602][ T36] audit: type=1326 audit(2000000209.390:757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2363 comm="syz.4.77315" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fde4c78f6c9 code=0x0 [ 2547.662687][ T2410] FAULT_INJECTION: forcing a failure. [ 2547.662687][ T2410] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2547.675936][ T2410] CPU: 1 UID: 0 PID: 2410 Comm: syz.2.77336 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2547.675964][ T2410] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2547.675976][ T2410] Call Trace: [ 2547.675983][ T2410] [ 2547.675991][ T2410] __dump_stack+0x21/0x30 [ 2547.676020][ T2410] dump_stack_lvl+0x10c/0x190 [ 2547.676046][ T2410] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2547.676060][ T2410] ? __kasan_check_read+0x15/0x20 [ 2547.676076][ T2410] dump_stack+0x19/0x20 [ 2547.676088][ T2410] should_fail_ex+0x3d9/0x530 [ 2547.676099][ T2410] should_fail+0xf/0x20 [ 2547.676108][ T2410] should_fail_usercopy+0x1e/0x30 [ 2547.676119][ T2410] __kvm_read_guest_page+0x177/0x210 [ 2547.676130][ T2410] kvm_vcpu_read_guest_page+0x31a/0x400 [ 2547.676141][ T2410] kvm_fetch_guest_virt+0x146/0x190 [ 2547.676156][ T2410] ? __cfi_kvm_fetch_guest_virt+0x10/0x10 [ 2547.676170][ T2410] __do_insn_fetch_bytes+0x321/0x730 [ 2547.676182][ T2410] ? x86_decode_insn+0x4fb0/0x4fb0 [ 2547.676192][ T2410] ? tdp_iter_restart+0x1c4/0x360 [ 2547.676203][ T2410] ? kvm_tdp_mmu_fast_pf_get_last_sptep+0x290/0x290 [ 2547.676216][ T2410] ? tdp_iter_next+0x362/0xa30 [ 2547.676227][ T2410] x86_decode_insn+0x33b/0x4fb0 [ 2547.676236][ T2410] ? trace_mark_mmio_spte+0x22/0x130 [ 2547.676250][ T2410] ? __cfi_x86_decode_insn+0x10/0x10 [ 2547.676259][ T2410] ? __kasan_check_write+0x18/0x20 [ 2547.676279][ T2410] ? vmx_read_guest_seg_ar+0x1c8/0x350 [ 2547.676292][ T2410] ? __asan_memset+0x39/0x50 [ 2547.676300][ T2410] ? init_decode_cache+0x7c/0x90 [ 2547.676309][ T2410] ? init_emulate_ctxt+0x410/0x540 [ 2547.676320][ T2410] ? kvm_inject_realmode_interrupt+0x2e0/0x2e0 [ 2547.676332][ T2410] ? kvm_mmu_do_page_fault+0x4b0/0x5f0 [ 2547.676344][ T2410] x86_decode_emulated_instruction+0x66/0x190 [ 2547.676356][ T2410] x86_emulate_instruction+0x2d3/0x1870 [ 2547.676367][ T2410] ? kvm_multiple_exception+0x6d8/0xad0 [ 2547.676380][ T2410] kvm_mmu_page_fault+0x336/0x970 [ 2547.676391][ T2410] handle_ept_violation+0x21c/0x440 [ 2547.676402][ T2410] ? vmx_vcpu_run+0x1100/0x2000 [ 2547.676415][ T2410] ? __cfi_handle_ept_violation+0x10/0x10 [ 2547.676426][ T2410] vmx_handle_exit+0x12c2/0x1b40 [ 2547.676438][ T2410] ? kvm_deliver_exception_payload+0xd7/0x200 [ 2547.676451][ T2410] ? __cfi_vmx_vcpu_run+0x10/0x10 [ 2547.676464][ T2410] ? vmx_handle_exit_irqoff+0xe9/0x7a0 [ 2547.676477][ T2410] vcpu_run+0x4bd0/0x7830 [ 2547.676494][ T2410] ? signal_pending+0xc0/0xc0 [ 2547.676506][ T2410] ? complete_emulated_mmio+0x4fb/0x790 [ 2547.676518][ T2410] kvm_arch_vcpu_ioctl_run+0x101a/0x1aa0 [ 2547.676534][ T2410] ? __cfi_kvm_arch_vcpu_ioctl_run+0x10/0x10 [ 2547.676546][ T2410] ? kstrtoull+0x13b/0x1e0 [ 2547.676556][ T2410] ? kstrtouint+0x78/0xf0 [ 2547.676565][ T2410] ? ioctl_has_perm+0x1aa/0x4d0 [ 2547.676576][ T2410] ? __asan_memcpy+0x5a/0x80 [ 2547.676585][ T2410] ? ioctl_has_perm+0x3e0/0x4d0 [ 2547.676596][ T2410] ? has_cap_mac_admin+0xd0/0xd0 [ 2547.676608][ T2410] ? __kasan_check_write+0x18/0x20 [ 2547.676621][ T2410] ? mutex_lock_killable+0x92/0x1c0 [ 2547.676632][ T2410] ? __cfi_mutex_lock_killable+0x10/0x10 [ 2547.676642][ T2410] ? proc_fail_nth_write+0x17e/0x210 [ 2547.676655][ T2410] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 2547.676668][ T2410] kvm_vcpu_ioctl+0x96f/0xee0 [ 2547.676677][ T2410] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 2547.676687][ T2410] ? __cfi_vfs_write+0x10/0x10 [ 2547.676696][ T2410] ? __kasan_check_write+0x18/0x20 [ 2547.676710][ T2410] ? mutex_unlock+0x8b/0x240 [ 2547.676719][ T2410] ? __cfi_mutex_unlock+0x10/0x10 [ 2547.676728][ T2410] ? __fget_files+0x2c5/0x340 [ 2547.676739][ T2410] ? __fget_files+0x2c5/0x340 [ 2547.676749][ T2410] ? bpf_lsm_file_ioctl+0xd/0x20 [ 2547.676762][ T2410] ? security_file_ioctl+0x34/0xd0 [ 2547.676774][ T2410] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 2547.676783][ T2410] __se_sys_ioctl+0x135/0x1b0 [ 2547.676794][ T2410] __x64_sys_ioctl+0x7f/0xa0 [ 2547.676804][ T2410] x64_sys_call+0x1878/0x2ee0 [ 2547.676818][ T2410] do_syscall_64+0x58/0xf0 [ 2547.676830][ T2410] ? clear_bhb_loop+0x50/0xa0 [ 2547.676841][ T2410] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2547.676852][ T2410] RIP: 0033:0x7f933798f6c9 [ 2547.676862][ T2410] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2547.676871][ T2410] RSP: 002b:00007f9338811038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2547.676883][ T2410] RAX: ffffffffffffffda RBX: 00007f9337be5fa0 RCX: 00007f933798f6c9 [ 2547.676892][ T2410] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008 [ 2547.676898][ T2410] RBP: 00007f9338811090 R08: 0000000000000000 R09: 0000000000000000 [ 2547.676905][ T2410] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2547.676912][ T2410] R13: 00007f9337be6038 R14: 00007f9337be5fa0 R15: 00007ffe357f5d88 [ 2547.676921][ T2410] [ 2548.452162][ T2450] FAULT_INJECTION: forcing a failure. [ 2548.452162][ T2450] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2548.494625][ T2450] CPU: 0 UID: 0 PID: 2450 Comm: syz.2.77353 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2548.494659][ T2450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2548.494671][ T2450] Call Trace: [ 2548.494678][ T2450] [ 2548.494686][ T2450] __dump_stack+0x21/0x30 [ 2548.494714][ T2450] dump_stack_lvl+0x10c/0x190 [ 2548.494737][ T2450] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2548.494761][ T2450] ? __kasan_check_read+0x15/0x20 [ 2548.494787][ T2450] dump_stack+0x19/0x20 [ 2548.494809][ T2450] should_fail_ex+0x3d9/0x530 [ 2548.494829][ T2450] should_fail+0xf/0x20 [ 2548.494846][ T2450] should_fail_usercopy+0x1e/0x30 [ 2548.494865][ T2450] __kvm_read_guest_page+0x177/0x210 [ 2548.494885][ T2450] kvm_vcpu_read_guest_page+0x31a/0x400 [ 2548.494905][ T2450] kvm_fetch_guest_virt+0x146/0x190 [ 2548.494930][ T2450] ? __cfi_kvm_fetch_guest_virt+0x10/0x10 [ 2548.494954][ T2450] __do_insn_fetch_bytes+0x321/0x730 [ 2548.494973][ T2450] ? x86_decode_insn+0x4fb0/0x4fb0 [ 2548.494991][ T2450] ? emulator_read_write+0x410/0x580 [ 2548.495009][ T2450] ? tdp_iter_restart+0x1c4/0x360 [ 2548.495029][ T2450] ? kvm_tdp_mmu_fast_pf_get_last_sptep+0x290/0x290 [ 2548.495052][ T2450] ? tdp_iter_next+0x362/0xa30 [ 2548.495072][ T2450] x86_decode_insn+0x33b/0x4fb0 [ 2548.495089][ T2450] ? trace_mark_mmio_spte+0x22/0x130 [ 2548.495114][ T2450] ? __cfi_x86_decode_insn+0x10/0x10 [ 2548.495131][ T2450] ? __kasan_check_write+0x18/0x20 [ 2548.495155][ T2450] ? vmx_read_guest_seg_ar+0x1c8/0x350 [ 2548.495176][ T2450] ? __asan_memset+0x39/0x50 [ 2548.495192][ T2450] ? init_decode_cache+0x7c/0x90 [ 2548.495210][ T2450] ? init_emulate_ctxt+0x410/0x540 [ 2548.495228][ T2450] ? kvm_inject_realmode_interrupt+0x2e0/0x2e0 [ 2548.495249][ T2450] ? kvm_mmu_do_page_fault+0x4b0/0x5f0 [ 2548.495269][ T2450] x86_decode_emulated_instruction+0x66/0x190 [ 2548.495290][ T2450] x86_emulate_instruction+0x2d3/0x1870 [ 2548.495310][ T2450] ? kvm_multiple_exception+0x6d8/0xad0 [ 2548.495332][ T2450] kvm_mmu_page_fault+0x336/0x970 [ 2548.495353][ T2450] handle_ept_violation+0x21c/0x440 [ 2548.495372][ T2450] ? vmx_vcpu_run+0x1100/0x2000 [ 2548.495396][ T2450] ? __cfi_handle_ept_violation+0x10/0x10 [ 2548.495415][ T2450] vmx_handle_exit+0x12c2/0x1b40 [ 2548.495438][ T2450] ? kvm_deliver_exception_payload+0xd7/0x200 [ 2548.495460][ T2450] ? __cfi_vmx_vcpu_run+0x10/0x10 [ 2548.495492][ T2450] ? vmx_handle_exit_irqoff+0xe9/0x7a0 [ 2548.495517][ T2450] vcpu_run+0x4bd0/0x7830 [ 2548.495549][ T2450] ? signal_pending+0xc0/0xc0 [ 2548.495572][ T2450] ? complete_emulated_mmio+0x4fb/0x790 [ 2548.495594][ T2450] kvm_arch_vcpu_ioctl_run+0x101a/0x1aa0 [ 2548.495618][ T2450] ? __cfi_kvm_arch_vcpu_ioctl_run+0x10/0x10 [ 2548.495640][ T2450] ? kstrtoull+0x13b/0x1e0 [ 2548.495657][ T2450] ? kstrtouint+0x78/0xf0 [ 2548.495673][ T2450] ? ioctl_has_perm+0x1aa/0x4d0 [ 2548.495693][ T2450] ? __asan_memcpy+0x5a/0x80 [ 2548.495710][ T2450] ? ioctl_has_perm+0x3e0/0x4d0 [ 2548.495730][ T2450] ? has_cap_mac_admin+0xd0/0xd0 [ 2548.495751][ T2450] ? __kasan_check_write+0x18/0x20 [ 2548.495776][ T2450] ? mutex_lock_killable+0x92/0x1c0 [ 2548.495795][ T2450] ? __cfi_mutex_lock_killable+0x10/0x10 [ 2548.495813][ T2450] ? proc_fail_nth_write+0x17e/0x210 [ 2548.495836][ T2450] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 2548.495859][ T2450] kvm_vcpu_ioctl+0x96f/0xee0 [ 2548.495877][ T2450] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 2548.495894][ T2450] ? __cfi_vfs_write+0x10/0x10 [ 2548.495910][ T2450] ? __kasan_check_write+0x18/0x20 [ 2548.495936][ T2450] ? mutex_unlock+0x8b/0x240 [ 2548.495952][ T2450] ? __cfi_mutex_unlock+0x10/0x10 [ 2548.495968][ T2450] ? __fget_files+0x2c5/0x340 [ 2548.495988][ T2450] ? __fget_files+0x2c5/0x340 [ 2548.496007][ T2450] ? bpf_lsm_file_ioctl+0xd/0x20 [ 2548.496031][ T2450] ? security_file_ioctl+0x34/0xd0 [ 2548.496052][ T2450] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 2548.496068][ T2450] __se_sys_ioctl+0x135/0x1b0 [ 2548.496089][ T2450] __x64_sys_ioctl+0x7f/0xa0 [ 2548.496108][ T2450] x64_sys_call+0x1878/0x2ee0 [ 2548.496132][ T2450] do_syscall_64+0x58/0xf0 [ 2548.496154][ T2450] ? clear_bhb_loop+0x50/0xa0 [ 2548.496174][ T2450] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2548.496194][ T2450] RIP: 0033:0x7f933798f6c9 [ 2548.496210][ T2450] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2548.496226][ T2450] RSP: 002b:00007f9338811038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2548.496246][ T2450] RAX: ffffffffffffffda RBX: 00007f9337be5fa0 RCX: 00007f933798f6c9 [ 2548.496261][ T2450] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008 [ 2548.496273][ T2450] RBP: 00007f9338811090 R08: 0000000000000000 R09: 0000000000000000 [ 2548.496285][ T2450] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2548.496297][ T2450] R13: 00007f9337be6038 R14: 00007f9337be5fa0 R15: 00007ffe357f5d88 [ 2548.496313][ T2450] [ 2549.000784][ T2480] FAULT_INJECTION: forcing a failure. [ 2549.000784][ T2480] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2549.014331][ T2480] CPU: 0 UID: 0 PID: 2480 Comm: syz.3.77367 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2549.014363][ T2480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2549.014376][ T2480] Call Trace: [ 2549.014382][ T2480] [ 2549.014390][ T2480] __dump_stack+0x21/0x30 [ 2549.014419][ T2480] dump_stack_lvl+0x10c/0x190 [ 2549.014442][ T2480] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2549.014465][ T2480] ? find_vma+0xcd/0x110 [ 2549.014485][ T2480] dump_stack+0x19/0x20 [ 2549.014507][ T2480] should_fail_ex+0x3d9/0x530 [ 2549.014526][ T2480] should_fail+0xf/0x20 [ 2549.014543][ T2480] should_fail_usercopy+0x1e/0x30 [ 2549.014563][ T2480] _copy_from_user+0x22/0xb0 [ 2549.014586][ T2480] io_submit_one+0xca/0x18c0 [ 2549.014611][ T2480] ? lookup_ioctx+0x360/0x360 [ 2549.014631][ T2480] ? asm_exc_page_fault+0x2b/0x30 [ 2549.014653][ T2480] ? __get_user_4+0x1a/0x40 [ 2549.014673][ T2480] ? lookup_ioctx+0x208/0x360 [ 2549.014694][ T2480] __se_sys_io_submit+0x164/0x3c0 [ 2549.014714][ T2480] ? __x64_sys_io_submit+0xa0/0xa0 [ 2549.014731][ T2480] ? ksys_write+0x1ef/0x250 [ 2549.014749][ T2480] ? __kasan_check_read+0x15/0x20 [ 2549.014774][ T2480] __x64_sys_io_submit+0x7f/0xa0 [ 2549.014791][ T2480] x64_sys_call+0x1c95/0x2ee0 [ 2549.014814][ T2480] do_syscall_64+0x58/0xf0 [ 2549.014834][ T2480] ? clear_bhb_loop+0x50/0xa0 [ 2549.014853][ T2480] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2549.014871][ T2480] RIP: 0033:0x7f678258f6c9 [ 2549.014887][ T2480] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2549.014904][ T2480] RSP: 002b:00007f6780ff7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 2549.014923][ T2480] RAX: ffffffffffffffda RBX: 00007f67827e5fa0 RCX: 00007f678258f6c9 [ 2549.014937][ T2480] RDX: 0000200000000200 RSI: 0000000000000001 RDI: 00007f6783328000 [ 2549.014948][ T2480] RBP: 00007f6780ff7090 R08: 0000000000000000 R09: 0000000000000000 [ 2549.014959][ T2480] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2549.014969][ T2480] R13: 00007f67827e6038 R14: 00007f67827e5fa0 R15: 00007ffd09ab6d78 [ 2549.014984][ T2480] [ 2549.342388][ T2511] FAULT_INJECTION: forcing a failure. [ 2549.342388][ T2511] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2549.355647][ T2511] CPU: 0 UID: 0 PID: 2511 Comm: syz.3.77381 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2549.355675][ T2511] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2549.355688][ T2511] Call Trace: [ 2549.355694][ T2511] [ 2549.355701][ T2511] __dump_stack+0x21/0x30 [ 2549.355731][ T2511] dump_stack_lvl+0x10c/0x190 [ 2549.355755][ T2511] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2549.355779][ T2511] ? check_stack_object+0x12c/0x140 [ 2549.355799][ T2511] dump_stack+0x19/0x20 [ 2549.355822][ T2511] should_fail_ex+0x3d9/0x530 [ 2549.355841][ T2511] should_fail+0xf/0x20 [ 2549.355858][ T2511] should_fail_usercopy+0x1e/0x30 [ 2549.355878][ T2511] _copy_to_user+0x24/0xa0 [ 2549.355901][ T2511] simple_read_from_buffer+0xed/0x160 [ 2549.355925][ T2511] proc_fail_nth_read+0x19e/0x210 [ 2549.355949][ T2511] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 2549.355972][ T2511] ? vfs_writev+0xa16/0xcf0 [ 2549.355993][ T2511] ? bpf_lsm_file_permission+0xd/0x20 [ 2549.356018][ T2511] ? __cfi_proc_fail_nth_read+0x10/0x10 [ 2549.356042][ T2511] vfs_read+0x27d/0xc70 [ 2549.356059][ T2511] ? __cfi_vfs_read+0x10/0x10 [ 2549.356075][ T2511] ? __kasan_check_write+0x18/0x20 [ 2549.356101][ T2511] ? mutex_lock+0x92/0x1c0 [ 2549.356118][ T2511] ? __cfi_mutex_lock+0x10/0x10 [ 2549.356135][ T2511] ? __fget_files+0x2c5/0x340 [ 2549.356156][ T2511] ksys_read+0x141/0x250 [ 2549.356172][ T2511] ? __cfi_ksys_read+0x10/0x10 [ 2549.356189][ T2511] ? __kasan_check_read+0x15/0x20 [ 2549.356215][ T2511] __x64_sys_read+0x7f/0x90 [ 2549.356232][ T2511] x64_sys_call+0x2638/0x2ee0 [ 2549.356258][ T2511] do_syscall_64+0x58/0xf0 [ 2549.356280][ T2511] ? clear_bhb_loop+0x50/0xa0 [ 2549.356301][ T2511] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2549.356321][ T2511] RIP: 0033:0x7f678258e0dc [ 2549.356337][ T2511] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 2549.356354][ T2511] RSP: 002b:00007f6780ff7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 2549.356376][ T2511] RAX: ffffffffffffffda RBX: 00007f67827e5fa0 RCX: 00007f678258e0dc [ 2549.356390][ T2511] RDX: 000000000000000f RSI: 00007f6780ff70a0 RDI: 0000000000000008 [ 2549.356403][ T2511] RBP: 00007f6780ff7090 R08: 0000000000000000 R09: 0000000000000004 [ 2549.356424][ T2511] R10: 0000000000000fff R11: 0000000000000246 R12: 0000000000000001 [ 2549.356437][ T2511] R13: 00007f67827e6038 R14: 00007f67827e5fa0 R15: 00007ffd09ab6d78 [ 2549.356453][ T2511] [ 2549.613649][ T2528] FAULT_INJECTION: forcing a failure. [ 2549.613649][ T2528] name failslab, interval 1, probability 0, space 0, times 0 [ 2549.628076][ T2528] CPU: 1 UID: 0 PID: 2528 Comm: syz.4.77388 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2549.628107][ T2528] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2549.628118][ T2528] Call Trace: [ 2549.628125][ T2528] [ 2549.628133][ T2528] __dump_stack+0x21/0x30 [ 2549.628170][ T2528] dump_stack_lvl+0x10c/0x190 [ 2549.628192][ T2528] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2549.628216][ T2528] ? avc_has_extended_perms+0x921/0xdd0 [ 2549.628242][ T2528] dump_stack+0x19/0x20 [ 2549.628264][ T2528] should_fail_ex+0x3d9/0x530 [ 2549.628284][ T2528] should_failslab+0xac/0x100 [ 2549.628304][ T2528] __kmalloc_cache_node_noprof+0x46/0x450 [ 2549.628324][ T2528] ? __get_vm_area_node+0x154/0x3a0 [ 2549.628348][ T2528] __get_vm_area_node+0x154/0x3a0 [ 2549.628372][ T2528] __vmalloc_node_range_noprof+0x33c/0x1420 [ 2549.628397][ T2528] ? kvm_dev_ioctl+0x125/0x14d0 [ 2549.628421][ T2528] ? number+0xd21/0xf80 [ 2549.628442][ T2528] ? pointer+0xdd0/0xdd0 [ 2549.628464][ T2528] ? __cfi___vmalloc_node_range_noprof+0x10/0x10 [ 2549.628489][ T2528] ? vsnprintf+0x19b8/0x1aa0 [ 2549.628511][ T2528] ? kvm_dev_ioctl+0x125/0x14d0 [ 2549.628535][ T2528] __vmalloc_noprof+0xfe/0x1d0 [ 2549.628558][ T2528] ? kvm_dev_ioctl+0x125/0x14d0 [ 2549.628582][ T2528] ? alloc_fd+0x4e7/0x5a0 [ 2549.628600][ T2528] ? __cfi___vmalloc_noprof+0x10/0x10 [ 2549.628625][ T2528] kvm_dev_ioctl+0x125/0x14d0 [ 2549.628650][ T2528] ? __fget_files+0x2c5/0x340 [ 2549.628668][ T2528] ? __cfi_kvm_dev_ioctl+0x10/0x10 [ 2549.628693][ T2528] ? bpf_lsm_file_ioctl+0xd/0x20 [ 2549.628717][ T2528] ? security_file_ioctl+0x34/0xd0 [ 2549.628737][ T2528] ? __cfi_kvm_dev_ioctl+0x10/0x10 [ 2549.628761][ T2528] __se_sys_ioctl+0x135/0x1b0 [ 2549.628781][ T2528] __x64_sys_ioctl+0x7f/0xa0 [ 2549.628800][ T2528] x64_sys_call+0x1878/0x2ee0 [ 2549.628825][ T2528] do_syscall_64+0x58/0xf0 [ 2549.628847][ T2528] ? clear_bhb_loop+0x50/0xa0 [ 2549.628867][ T2528] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2549.628887][ T2528] RIP: 0033:0x7fde4c78f6c9 [ 2549.628902][ T2528] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2549.628918][ T2528] RSP: 002b:00007fde4d6d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2549.628939][ T2528] RAX: ffffffffffffffda RBX: 00007fde4c9e5fa0 RCX: 00007fde4c78f6c9 [ 2549.628954][ T2528] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000007 [ 2549.628967][ T2528] RBP: 00007fde4d6d7090 R08: 0000000000000000 R09: 0000000000000000 [ 2549.628979][ T2528] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2549.628992][ T2528] R13: 00007fde4c9e6038 R14: 00007fde4c9e5fa0 R15: 00007ffff593cf48 [ 2549.629008][ T2528] [ 2549.629530][ T2528] syz.4.77388: vmalloc error: size 39304, vm_struct allocation failed, mode:0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0 [ 2549.992356][ T2528] CPU: 0 UID: 0 PID: 2528 Comm: syz.4.77388 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2549.992393][ T2528] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2549.992405][ T2528] Call Trace: [ 2549.992412][ T2528] [ 2549.992420][ T2528] __dump_stack+0x21/0x30 [ 2549.992449][ T2528] dump_stack_lvl+0x10c/0x190 [ 2549.992472][ T2528] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2549.992496][ T2528] ? _raw_spin_unlock_irqrestore+0x4a/0x70 [ 2549.992522][ T2528] dump_stack+0x19/0x20 [ 2549.992544][ T2528] warn_alloc+0x1bc/0x2a0 [ 2549.992567][ T2528] ? __kasan_kmalloc+0x28/0xb0 [ 2549.992589][ T2528] ? __cfi_warn_alloc+0x10/0x10 [ 2549.992612][ T2528] ? __get_vm_area_node+0x392/0x3a0 [ 2549.992637][ T2528] __vmalloc_node_range_noprof+0x361/0x1420 [ 2549.992662][ T2528] ? number+0xd21/0xf80 [ 2549.992684][ T2528] ? pointer+0xdd0/0xdd0 [ 2549.992706][ T2528] ? __cfi___vmalloc_node_range_noprof+0x10/0x10 [ 2549.992730][ T2528] ? vsnprintf+0x19b8/0x1aa0 [ 2549.992753][ T2528] ? kvm_dev_ioctl+0x125/0x14d0 [ 2549.992778][ T2528] __vmalloc_noprof+0xfe/0x1d0 [ 2549.992801][ T2528] ? kvm_dev_ioctl+0x125/0x14d0 [ 2549.992826][ T2528] ? alloc_fd+0x4e7/0x5a0 [ 2549.992843][ T2528] ? __cfi___vmalloc_noprof+0x10/0x10 [ 2549.992869][ T2528] kvm_dev_ioctl+0x125/0x14d0 [ 2549.992893][ T2528] ? __fget_files+0x2c5/0x340 [ 2549.992911][ T2528] ? __cfi_kvm_dev_ioctl+0x10/0x10 [ 2549.992936][ T2528] ? bpf_lsm_file_ioctl+0xd/0x20 [ 2549.992959][ T2528] ? security_file_ioctl+0x34/0xd0 [ 2549.992979][ T2528] ? __cfi_kvm_dev_ioctl+0x10/0x10 [ 2549.993003][ T2528] __se_sys_ioctl+0x135/0x1b0 [ 2549.993024][ T2528] __x64_sys_ioctl+0x7f/0xa0 [ 2549.993043][ T2528] x64_sys_call+0x1878/0x2ee0 [ 2549.993068][ T2528] do_syscall_64+0x58/0xf0 [ 2549.993090][ T2528] ? clear_bhb_loop+0x50/0xa0 [ 2549.993110][ T2528] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2549.993129][ T2528] RIP: 0033:0x7fde4c78f6c9 [ 2549.993145][ T2528] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2549.993161][ T2528] RSP: 002b:00007fde4d6d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2549.993182][ T2528] RAX: ffffffffffffffda RBX: 00007fde4c9e5fa0 RCX: 00007fde4c78f6c9 [ 2549.993196][ T2528] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000007 [ 2549.993209][ T2528] RBP: 00007fde4d6d7090 R08: 0000000000000000 R09: 0000000000000000 [ 2549.993222][ T2528] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2549.993234][ T2528] R13: 00007fde4c9e6038 R14: 00007fde4c9e5fa0 R15: 00007ffff593cf48 [ 2549.993251][ T2528] [ 2549.993259][ T2528] Mem-Info: [ 2550.251467][ T2528] active_anon:17450 inactive_anon:62 isolated_anon:0 [ 2550.251467][ T2528] active_file:14908 inactive_file:13850 isolated_file:0 [ 2550.251467][ T2528] unevictable:0 dirty:715 writeback:0 [ 2550.251467][ T2528] slab_reclaimable:8511 slab_unreclaimable:70229 [ 2550.251467][ T2528] mapped:30789 shmem:12288 pagetables:708 [ 2550.251467][ T2528] sec_pagetables:0 bounce:0 [ 2550.251467][ T2528] kernel_misc_reclaimable:0 [ 2550.251467][ T2528] free:1479671 free_pcp:18705 free_cma:0 [ 2550.307525][ T2528] Node 0 active_anon:36800kB inactive_anon:248kB active_file:59632kB inactive_file:55400kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:123156kB dirty:2860kB writeback:0kB shmem:16252kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:5224kB pagetables:2832kB sec_pagetables:0kB all_unreclaimable? no [ 2550.340173][ T2528] DMA32 free:2960212kB boost:0kB min:19088kB low:23860kB high:28632kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:2965936kB mlocked:0kB bounce:0kB free_pcp:5724kB local_pcp:5656kB free_cma:0kB [ 2550.370190][ T2528] lowmem_reserve[]: 0 3921 3921 [ 2550.376222][ T2528] Normal free:2966392kB boost:0kB min:25964kB low:32452kB high:38940kB reserved_highatomic:0KB free_highatomic:0KB active_anon:21400kB inactive_anon:248kB active_file:59632kB inactive_file:55400kB unevictable:0kB writepending:2860kB present:5242880kB managed:4016120kB mlocked:0kB bounce:0kB free_pcp:112608kB local_pcp:45668kB free_cma:0kB [ 2550.418613][ T2528] lowmem_reserve[]: 0 0 0 [ 2550.424675][ T2528] DMA32: 5*4kB (M) 2*8kB (M) 3*16kB (M) 4*32kB (M) 4*64kB (M) 3*128kB (M) 4*256kB (M) 4*512kB (M) 5*1024kB (UM) 5*2048kB (M) 718*4096kB (M) = 2960212kB [ 2550.452011][ T2528] Normal: 1413*4kB (UME) 1449*8kB (UME) 678*16kB (UME) 646*32kB (UME) 918*64kB (UME) 532*128kB (UME) 205*256kB (UME) 138*512kB (UME) 79*1024kB (UME) 30*2048kB (M) 626*4096kB (UM) = 3005180kB [ 2550.471433][ T2528] 29056 total pagecache pages [ 2550.476114][ T2528] 114 pages in swap cache [ 2550.480464][ T2528] Free swap = 124084kB [ 2550.485016][ T2528] Total swap = 124996kB [ 2550.489193][ T2528] 2097051 pages RAM [ 2550.497378][ T2528] 0 pages HighMem/MovableOnly [ 2550.502261][ T2528] 351537 pages reserved [ 2550.506410][ T2528] 0 pages cma reserved [ 2550.515489][ T2528] Memory allocations: [ 2550.519481][ T2528] 0 B 0 init/main.c:1370 func:do_initcalls [ 2550.527159][ T2528] 0 B 0 init/do_mounts.c:186 func:mount_root_generic [ 2550.541438][ T2528] 0 B 0 init/do_mounts.c:158 func:do_mount_root [ 2550.552557][ T2528] 0 B 0 init/do_mounts.c:352 func:mount_nodev_root [ 2550.566431][ T2528] 0 B 0 init/do_mounts_rd.c:241 func:rd_load_image [ 2550.574532][ T2528] 0 B 0 init/do_mounts_rd.c:72 func:identify_ramdisk_image [ 2550.583317][ T2528] 0 B 0 init/initramfs.c:507 func:unpack_to_rootfs [ 2550.591214][ T2528] 0 B 0 init/initramfs.c:508 func:unpack_to_rootfs [ 2550.608990][ T2528] 0 B 0 init/initramfs.c:509 func:unpack_to_rootfs [ 2550.620478][ T2528] 0 B 0 init/initramfs.c:101 func:find_link [ 2550.655570][ T2576] FAULT_INJECTION: forcing a failure. [ 2550.655570][ T2576] name failslab, interval 1, probability 0, space 0, times 0 [ 2550.670652][ T2576] CPU: 1 UID: 0 PID: 2576 Comm: syz.0.77410 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2550.670683][ T2576] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2550.670694][ T2576] Call Trace: [ 2550.670700][ T2576] [ 2550.670708][ T2576] __dump_stack+0x21/0x30 [ 2550.670737][ T2576] dump_stack_lvl+0x10c/0x190 [ 2550.670760][ T2576] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2550.670785][ T2576] dump_stack+0x19/0x20 [ 2550.670807][ T2576] should_fail_ex+0x3d9/0x530 [ 2550.670825][ T2576] should_failslab+0xac/0x100 [ 2550.670845][ T2576] kmem_cache_alloc_noprof+0x42/0x430 [ 2550.670862][ T2576] ? do_timer_create+0x199/0x1210 [ 2550.670888][ T2576] ? vfs_write+0x93e/0xf30 [ 2550.670904][ T2576] do_timer_create+0x199/0x1210 [ 2550.670930][ T2576] ? __cfi_vfs_write+0x10/0x10 [ 2550.670946][ T2576] ? __kasan_check_write+0x18/0x20 [ 2550.670972][ T2576] ? mutex_unlock+0x8b/0x240 [ 2550.670989][ T2576] ? __cfi_mutex_unlock+0x10/0x10 [ 2550.671007][ T2576] ? __ia32_sys_clock_nanosleep_time32+0xc0/0xc0 [ 2550.671034][ T2576] ? __kasan_check_write+0x18/0x20 [ 2550.671056][ T2576] ? fput+0x1a5/0x240 [ 2550.671076][ T2576] __x64_sys_timer_create+0x140/0x190 [ 2550.671097][ T2576] ? __cfi___x64_sys_timer_create+0x10/0x10 [ 2550.671120][ T2576] ? __kasan_check_read+0x15/0x20 [ 2550.671144][ T2576] x64_sys_call+0x2704/0x2ee0 [ 2550.671169][ T2576] do_syscall_64+0x58/0xf0 [ 2550.671190][ T2576] ? clear_bhb_loop+0x50/0xa0 [ 2550.671210][ T2576] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2550.671229][ T2576] RIP: 0033:0x7f7ad3d8f6c9 [ 2550.671246][ T2576] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2550.671261][ T2576] RSP: 002b:00007f7ad4bc4038 EFLAGS: 00000246 ORIG_RAX: 00000000000000de [ 2550.671285][ T2576] RAX: ffffffffffffffda RBX: 00007f7ad3fe5fa0 RCX: 00007f7ad3d8f6c9 [ 2550.671299][ T2576] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 2550.671310][ T2576] RBP: 00007f7ad4bc4090 R08: 0000000000000000 R09: 0000000000000000 [ 2550.671322][ T2576] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2550.671334][ T2576] R13: 00007f7ad3fe6038 R14: 00007f7ad3fe5fa0 R15: 00007ffed7bf3658 [ 2550.671351][ T2576] [ 2551.033728][ T2625] FAULT_INJECTION: forcing a failure. [ 2551.033728][ T2625] name failslab, interval 1, probability 0, space 0, times 0 [ 2551.060317][ T2625] CPU: 1 UID: 0 PID: 2625 Comm: syz.2.77433 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2551.060350][ T2625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2551.060372][ T2625] Call Trace: [ 2551.060378][ T2625] [ 2551.060386][ T2625] __dump_stack+0x21/0x30 [ 2551.060415][ T2625] dump_stack_lvl+0x10c/0x190 [ 2551.060437][ T2625] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2551.060462][ T2625] ? avc_has_extended_perms+0x921/0xdd0 [ 2551.060488][ T2625] dump_stack+0x19/0x20 [ 2551.060510][ T2625] should_fail_ex+0x3d9/0x530 [ 2551.060531][ T2625] should_failslab+0xac/0x100 [ 2551.060552][ T2625] __kmalloc_cache_node_noprof+0x46/0x450 [ 2551.060572][ T2625] ? __get_vm_area_node+0x154/0x3a0 [ 2551.060596][ T2625] __get_vm_area_node+0x154/0x3a0 [ 2551.060620][ T2625] __vmalloc_node_range_noprof+0x33c/0x1420 [ 2551.060646][ T2625] ? kvm_dev_ioctl+0x125/0x14d0 [ 2551.060671][ T2625] ? number+0xd21/0xf80 [ 2551.060694][ T2625] ? pointer+0xdd0/0xdd0 [ 2551.060716][ T2625] ? __cfi___vmalloc_node_range_noprof+0x10/0x10 [ 2551.060741][ T2625] ? vsnprintf+0x19b8/0x1aa0 [ 2551.060763][ T2625] ? kvm_dev_ioctl+0x125/0x14d0 [ 2551.060788][ T2625] __vmalloc_noprof+0xfe/0x1d0 [ 2551.060811][ T2625] ? kvm_dev_ioctl+0x125/0x14d0 [ 2551.060836][ T2625] ? alloc_fd+0x4e7/0x5a0 [ 2551.060854][ T2625] ? __cfi___vmalloc_noprof+0x10/0x10 [ 2551.060880][ T2625] kvm_dev_ioctl+0x125/0x14d0 [ 2551.060905][ T2625] ? __fget_files+0x2c5/0x340 [ 2551.060924][ T2625] ? __cfi_kvm_dev_ioctl+0x10/0x10 [ 2551.060948][ T2625] ? bpf_lsm_file_ioctl+0xd/0x20 [ 2551.060971][ T2625] ? security_file_ioctl+0x34/0xd0 [ 2551.060991][ T2625] ? __cfi_kvm_dev_ioctl+0x10/0x10 [ 2551.061014][ T2625] __se_sys_ioctl+0x135/0x1b0 [ 2551.061035][ T2625] __x64_sys_ioctl+0x7f/0xa0 [ 2551.061054][ T2625] x64_sys_call+0x1878/0x2ee0 [ 2551.061079][ T2625] do_syscall_64+0x58/0xf0 [ 2551.061100][ T2625] ? clear_bhb_loop+0x50/0xa0 [ 2551.061120][ T2625] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2551.061139][ T2625] RIP: 0033:0x7f933798f6c9 [ 2551.061155][ T2625] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2551.061172][ T2625] RSP: 002b:00007f9338811038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2551.061192][ T2625] RAX: ffffffffffffffda RBX: 00007f9337be5fa0 RCX: 00007f933798f6c9 [ 2551.061207][ T2625] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000007 [ 2551.061219][ T2625] RBP: 00007f9338811090 R08: 0000000000000000 R09: 0000000000000000 [ 2551.061232][ T2625] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2551.061244][ T2625] R13: 00007f9337be6038 R14: 00007f9337be5fa0 R15: 00007ffe357f5d88 [ 2551.061260][ T2625] [ 2551.198759][ T2649] FAULT_INJECTION: forcing a failure. [ 2551.198759][ T2649] name failslab, interval 1, probability 0, space 0, times 0 [ 2551.383517][ T2649] CPU: 0 UID: 0 PID: 2649 Comm: syz.3.77443 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2551.383548][ T2649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2551.383560][ T2649] Call Trace: [ 2551.383567][ T2649] [ 2551.383575][ T2649] __dump_stack+0x21/0x30 [ 2551.383604][ T2649] dump_stack_lvl+0x10c/0x190 [ 2551.383628][ T2649] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2551.383651][ T2649] ? __kasan_check_write+0x18/0x20 [ 2551.383679][ T2649] ? proc_fail_nth_write+0x17e/0x210 [ 2551.383703][ T2649] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 2551.383727][ T2649] dump_stack+0x19/0x20 [ 2551.383749][ T2649] should_fail_ex+0x3d9/0x530 [ 2551.383768][ T2649] should_failslab+0xac/0x100 [ 2551.383786][ T2649] kmem_cache_alloc_noprof+0x42/0x430 [ 2551.383804][ T2649] ? getname_flags+0xc6/0x710 [ 2551.383822][ T2649] getname_flags+0xc6/0x710 [ 2551.383838][ T2649] ? build_open_flags+0x487/0x600 [ 2551.383861][ T2649] getname+0x1b/0x30 [ 2551.383878][ T2649] do_sys_openat2+0xcb/0x1c0 [ 2551.383899][ T2649] ? fput+0x1a5/0x240 [ 2551.383920][ T2649] ? do_sys_open+0x100/0x100 [ 2551.383941][ T2649] ? ksys_write+0x1ef/0x250 [ 2551.383957][ T2649] ? __cfi_ksys_write+0x10/0x10 [ 2551.383974][ T2649] __x64_sys_open+0x120/0x150 [ 2551.383995][ T2649] x64_sys_call+0x131a/0x2ee0 [ 2551.384019][ T2649] do_syscall_64+0x58/0xf0 [ 2551.384040][ T2649] ? clear_bhb_loop+0x50/0xa0 [ 2551.384059][ T2649] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2551.384078][ T2649] RIP: 0033:0x7f678258f6c9 [ 2551.384094][ T2649] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2551.384110][ T2649] RSP: 002b:00007f6780ff7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 2551.384140][ T2649] RAX: ffffffffffffffda RBX: 00007f67827e5fa0 RCX: 00007f678258f6c9 [ 2551.384154][ T2649] RDX: 0000000000000020 RSI: 000000000014927e RDI: 00002000000001c0 [ 2551.384167][ T2649] RBP: 00007f6780ff7090 R08: 0000000000000000 R09: 0000000000000000 [ 2551.384180][ T2649] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2551.384191][ T2649] R13: 00007f67827e6038 R14: 00007f67827e5fa0 R15: 00007ffd09ab6d78 [ 2551.384205][ T2649] [ 2551.718096][ T36] audit: type=1400 audit(2000000213.780:758): avc: denied { ioctl } for pid=2668 comm="syz.3.77451" path="socket:[1290608]" dev="sockfs" ino=1290608 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 2552.231616][ T2724] FAULT_INJECTION: forcing a failure. [ 2552.231616][ T2724] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2552.251353][ T2724] CPU: 1 UID: 0 PID: 2724 Comm: syz.0.77475 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2552.251383][ T2724] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2552.251394][ T2724] Call Trace: [ 2552.251400][ T2724] [ 2552.251406][ T2724] __dump_stack+0x21/0x30 [ 2552.251435][ T2724] dump_stack_lvl+0x10c/0x190 [ 2552.251458][ T2724] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2552.251481][ T2724] ? __kasan_check_read+0x15/0x20 [ 2552.251504][ T2724] dump_stack+0x19/0x20 [ 2552.251523][ T2724] should_fail_ex+0x3d9/0x530 [ 2552.251539][ T2724] should_fail+0xf/0x20 [ 2552.251553][ T2724] should_fail_usercopy+0x1e/0x30 [ 2552.251570][ T2724] __kvm_read_guest_page+0x177/0x210 [ 2552.251589][ T2724] kvm_vcpu_read_guest_page+0x31a/0x400 [ 2552.251606][ T2724] kvm_fetch_guest_virt+0x146/0x190 [ 2552.251630][ T2724] ? __cfi_kvm_fetch_guest_virt+0x10/0x10 [ 2552.251653][ T2724] __do_insn_fetch_bytes+0x321/0x730 [ 2552.251671][ T2724] ? x86_decode_insn+0x4fb0/0x4fb0 [ 2552.251686][ T2724] ? emulator_read_write+0x410/0x580 [ 2552.251703][ T2724] ? tdp_iter_restart+0x1c4/0x360 [ 2552.251722][ T2724] ? kvm_tdp_mmu_fast_pf_get_last_sptep+0x290/0x290 [ 2552.251744][ T2724] ? tdp_iter_next+0x362/0xa30 [ 2552.251761][ T2724] x86_decode_insn+0x33b/0x4fb0 [ 2552.251777][ T2724] ? trace_mark_mmio_spte+0x22/0x130 [ 2552.251802][ T2724] ? __cfi_x86_decode_insn+0x10/0x10 [ 2552.251817][ T2724] ? __kasan_check_write+0x18/0x20 [ 2552.251840][ T2724] ? vmx_read_guest_seg_ar+0x1c8/0x350 [ 2552.251862][ T2724] ? __asan_memset+0x39/0x50 [ 2552.251878][ T2724] ? init_decode_cache+0x7c/0x90 [ 2552.251893][ T2724] ? init_emulate_ctxt+0x410/0x540 [ 2552.251911][ T2724] ? kvm_inject_realmode_interrupt+0x2e0/0x2e0 [ 2552.251928][ T2724] ? kvm_mmu_do_page_fault+0x4b0/0x5f0 [ 2552.251949][ T2724] x86_decode_emulated_instruction+0x66/0x190 [ 2552.251968][ T2724] x86_emulate_instruction+0x2d3/0x1870 [ 2552.251988][ T2724] ? kvm_multiple_exception+0x6d8/0xad0 [ 2552.252010][ T2724] kvm_mmu_page_fault+0x336/0x970 [ 2552.252032][ T2724] handle_ept_violation+0x21c/0x440 [ 2552.252052][ T2724] ? vmx_vcpu_run+0x1100/0x2000 [ 2552.252076][ T2724] ? __cfi_handle_ept_violation+0x10/0x10 [ 2552.252096][ T2724] vmx_handle_exit+0x12c2/0x1b40 [ 2552.252120][ T2724] ? kvm_deliver_exception_payload+0xd7/0x200 [ 2552.252142][ T2724] ? __cfi_vmx_vcpu_run+0x10/0x10 [ 2552.252167][ T2724] ? vmx_handle_exit_irqoff+0xe9/0x7a0 [ 2552.252192][ T2724] vcpu_run+0x4bd0/0x7830 [ 2552.252230][ T2724] ? signal_pending+0xc0/0xc0 [ 2552.252254][ T2724] ? complete_emulated_mmio+0x4fb/0x790 [ 2552.252276][ T2724] kvm_arch_vcpu_ioctl_run+0x101a/0x1aa0 [ 2552.252301][ T2724] ? __cfi_kvm_arch_vcpu_ioctl_run+0x10/0x10 [ 2552.252324][ T2724] ? kstrtoull+0x13b/0x1e0 [ 2552.252342][ T2724] ? kstrtouint+0x78/0xf0 [ 2552.252359][ T2724] ? ioctl_has_perm+0x1aa/0x4d0 [ 2552.252381][ T2724] ? __asan_memcpy+0x5a/0x80 [ 2552.252398][ T2724] ? ioctl_has_perm+0x3e0/0x4d0 [ 2552.252419][ T2724] ? has_cap_mac_admin+0xd0/0xd0 [ 2552.252439][ T2724] ? __kasan_check_write+0x18/0x20 [ 2552.252464][ T2724] ? mutex_lock_killable+0x92/0x1c0 [ 2552.252483][ T2724] ? __cfi_mutex_lock_killable+0x10/0x10 [ 2552.252500][ T2724] ? proc_fail_nth_write+0x17e/0x210 [ 2552.252524][ T2724] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 2552.252548][ T2724] kvm_vcpu_ioctl+0x96f/0xee0 [ 2552.252566][ T2724] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 2552.252584][ T2724] ? __cfi_vfs_write+0x10/0x10 [ 2552.252602][ T2724] ? __kasan_check_write+0x18/0x20 [ 2552.252627][ T2724] ? mutex_unlock+0x8b/0x240 [ 2552.252644][ T2724] ? __cfi_mutex_unlock+0x10/0x10 [ 2552.252661][ T2724] ? __fget_files+0x2c5/0x340 [ 2552.252681][ T2724] ? __fget_files+0x2c5/0x340 [ 2552.252701][ T2724] ? bpf_lsm_file_ioctl+0xd/0x20 [ 2552.252724][ T2724] ? security_file_ioctl+0x34/0xd0 [ 2552.252744][ T2724] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 2552.252761][ T2724] __se_sys_ioctl+0x135/0x1b0 [ 2552.252780][ T2724] __x64_sys_ioctl+0x7f/0xa0 [ 2552.252797][ T2724] x64_sys_call+0x1878/0x2ee0 [ 2552.252820][ T2724] do_syscall_64+0x58/0xf0 [ 2552.252839][ T2724] ? clear_bhb_loop+0x50/0xa0 [ 2552.252859][ T2724] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2552.252878][ T2724] RIP: 0033:0x7f7ad3d8f6c9 [ 2552.252894][ T2724] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2552.252910][ T2724] RSP: 002b:00007f7ad4bc4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2552.252932][ T2724] RAX: ffffffffffffffda RBX: 00007f7ad3fe5fa0 RCX: 00007f7ad3d8f6c9 [ 2552.252947][ T2724] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008 [ 2552.252961][ T2724] RBP: 00007f7ad4bc4090 R08: 0000000000000000 R09: 0000000000000000 [ 2552.252973][ T2724] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2552.252985][ T2724] R13: 00007f7ad3fe6038 R14: 00007f7ad3fe5fa0 R15: 00007ffed7bf3658 [ 2552.253003][ T2724] [ 2553.821911][ T2782] fuse: Bad value for 'rootmode' [ 2555.900367][ T2867] FAULT_INJECTION: forcing a failure. [ 2555.900367][ T2867] name failslab, interval 1, probability 0, space 0, times 0 [ 2555.914200][ T2867] CPU: 1 UID: 0 PID: 2867 Comm: syz.0.77539 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2555.914231][ T2867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2555.914244][ T2867] Call Trace: [ 2555.914251][ T2867] [ 2555.914259][ T2867] __dump_stack+0x21/0x30 [ 2555.914288][ T2867] dump_stack_lvl+0x10c/0x190 [ 2555.914312][ T2867] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2555.914337][ T2867] dump_stack+0x19/0x20 [ 2555.914359][ T2867] should_fail_ex+0x3d9/0x530 [ 2555.914379][ T2867] should_failslab+0xac/0x100 [ 2555.914400][ T2867] __kmalloc_node_track_caller_noprof+0x68/0x520 [ 2555.914421][ T2867] ? rust_helper_krealloc+0x33/0xd0 [ 2555.914448][ T2867] krealloc_noprof+0x8d/0x130 [ 2555.914468][ T2867] rust_helper_krealloc+0x33/0xd0 [ 2555.914492][ T2867] ? _RNvMNtNtCs43vyB533jt3_6kernel5alloc9allocatorNtB2_11ReallocFunc4call+0x70/0xc0 [ 2555.914517][ T2867] _RNvMNtNtCs43vyB533jt3_6kernel5alloc9allocatorNtB2_11ReallocFunc4call+0x8e/0xc0 [ 2555.914541][ T2867] _RNvMs4_NtCs5gLWsBERDPK_16rust_binder_main7processNtB5_7Process18get_current_thread+0x45a/0x1400 [ 2555.914567][ T2867] ? inode_init_always_gfp+0x756/0x9e0 [ 2555.914587][ T2867] ? alloc_inode+0xc5/0x270 [ 2555.914607][ T2867] ? proc_pident_instantiate+0x6d/0x2c0 [ 2555.914628][ T2867] ? proc_pident_lookup+0x1c7/0x270 [ 2555.914647][ T2867] ? path_openat+0x1301/0x34b0 [ 2555.914668][ T2867] ? do_sys_openat2+0x12c/0x1c0 [ 2555.914691][ T2867] ? __x64_sys_openat+0x13a/0x170 [ 2555.914723][ T2867] ? x64_sys_call+0xe69/0x2ee0 [ 2555.914748][ T2867] ? do_syscall_64+0x58/0xf0 [ 2555.914771][ T2867] ? entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2555.914793][ T2867] ? __cfi__RNvMs4_NtCs5gLWsBERDPK_16rust_binder_main7processNtB5_7Process18get_current_thread+0x10/0x10 [ 2555.914818][ T2867] ? avc_has_perm_noaudit+0x268/0x360 [ 2555.914843][ T2867] ? __asan_memcpy+0x5a/0x80 [ 2555.914860][ T2867] ? avc_has_perm_noaudit+0x286/0x360 [ 2555.914885][ T2867] ? avc_has_perm+0x144/0x220 [ 2555.914909][ T2867] ? __cfi_avc_has_perm+0x10/0x10 [ 2555.914932][ T2867] ? kasan_save_alloc_info+0x40/0x50 [ 2555.914958][ T2867] ? selinux_file_open+0x457/0x610 [ 2555.914980][ T2867] _RNvMs6_NtCs5gLWsBERDPK_16rust_binder_main7processNtB5_7Process5ioctl+0x1a7/0x2cf0 [ 2555.915005][ T2867] ? avc_has_extended_perms+0x7c7/0xdd0 [ 2555.915030][ T2867] ? __asan_memcpy+0x5a/0x80 [ 2555.915046][ T2867] ? avc_has_extended_perms+0x921/0xdd0 [ 2555.915070][ T2867] ? __cfi__RNvMs6_NtCs5gLWsBERDPK_16rust_binder_main7processNtB5_7Process5ioctl+0x10/0x10 [ 2555.915096][ T2867] ? do_vfs_ioctl+0xeda/0x1e30 [ 2555.915115][ T2867] ? arch_stack_walk+0x10b/0x170 [ 2555.915133][ T2867] ? __ia32_compat_sys_ioctl+0x850/0x850 [ 2555.915155][ T2867] ? _parse_integer+0x2e/0x40 [ 2555.915183][ T2867] ? ioctl_has_perm+0x384/0x4d0 [ 2555.915205][ T2867] ? has_cap_mac_admin+0xd0/0xd0 [ 2555.915226][ T2867] ? proc_fail_nth_write+0x17e/0x210 [ 2555.915249][ T2867] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 2555.915274][ T2867] ? selinux_file_ioctl+0x6e0/0x1360 [ 2555.915294][ T2867] ? vfs_write+0x93e/0xf30 [ 2555.915311][ T2867] ? __cfi_selinux_file_ioctl+0x10/0x10 [ 2555.915333][ T2867] ? __cfi_vfs_write+0x10/0x10 [ 2555.915350][ T2867] ? __kasan_check_write+0x18/0x20 [ 2555.915375][ T2867] ? mutex_unlock+0x8b/0x240 [ 2555.915392][ T2867] ? __cfi_mutex_unlock+0x10/0x10 [ 2555.915409][ T2867] ? __fget_files+0x2c5/0x340 [ 2555.915429][ T2867] ? __fget_files+0x2c5/0x340 [ 2555.915449][ T2867] _RNvCs5gLWsBERDPK_16rust_binder_main26rust_binder_unlocked_ioctl+0xa0/0x100 [ 2555.915476][ T2867] ? __se_sys_ioctl+0x114/0x1b0 [ 2555.915496][ T2867] ? __cfi__RNvCs5gLWsBERDPK_16rust_binder_main26rust_binder_unlocked_ioctl+0x10/0x10 [ 2555.915523][ T2867] __se_sys_ioctl+0x135/0x1b0 [ 2555.915542][ T2867] __x64_sys_ioctl+0x7f/0xa0 [ 2555.915562][ T2867] x64_sys_call+0x1878/0x2ee0 [ 2555.915588][ T2867] do_syscall_64+0x58/0xf0 [ 2555.915609][ T2867] ? clear_bhb_loop+0x50/0xa0 [ 2555.915629][ T2867] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2555.915649][ T2867] RIP: 0033:0x7f7ad3d8f6c9 [ 2555.915665][ T2867] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2555.915681][ T2867] RSP: 002b:00007f7ad4bc4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2555.915710][ T2867] RAX: ffffffffffffffda RBX: 00007f7ad3fe5fa0 RCX: 00007f7ad3d8f6c9 [ 2555.915726][ T2867] RDX: 00002000000001c0 RSI: 00000000c0306201 RDI: 0000000000000006 [ 2555.915739][ T2867] RBP: 00007f7ad4bc4090 R08: 0000000000000000 R09: 0000000000000000 [ 2555.915752][ T2867] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2555.915764][ T2867] R13: 00007f7ad3fe6038 R14: 00007f7ad3fe5fa0 R15: 00007ffed7bf3658 [ 2555.915781][ T2867] [ 2557.122390][ T2974] SELinux: security_context_str_to_sid () failed with errno=-22 [ 2557.162608][ T2979] FAULT_INJECTION: forcing a failure. [ 2557.162608][ T2979] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2557.191346][ T2979] CPU: 0 UID: 0 PID: 2979 Comm: syz.3.77588 Not tainted syzkaller #0 0b5ffdee5fcd2f7749818d1ff954e9c21353764e [ 2557.191379][ T2979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 2557.191391][ T2979] Call Trace: [ 2557.191397][ T2979] [ 2557.191403][ T2979] __dump_stack+0x21/0x30 [ 2557.191431][ T2979] dump_stack_lvl+0x10c/0x190 [ 2557.191452][ T2979] ? __cfi_dump_stack_lvl+0x10/0x10 [ 2557.191475][ T2979] ? __kasan_check_read+0x15/0x20 [ 2557.191500][ T2979] dump_stack+0x19/0x20 [ 2557.191521][ T2979] should_fail_ex+0x3d9/0x530 [ 2557.191538][ T2979] should_fail+0xf/0x20 [ 2557.191554][ T2979] should_fail_usercopy+0x1e/0x30 [ 2557.191572][ T2979] __kvm_read_guest_page+0x177/0x210 [ 2557.191589][ T2979] kvm_vcpu_read_guest_page+0x31a/0x400 [ 2557.191609][ T2979] kvm_fetch_guest_virt+0x146/0x190 [ 2557.191643][ T2979] ? __cfi_kvm_fetch_guest_virt+0x10/0x10 [ 2557.191666][ T2979] __do_insn_fetch_bytes+0x321/0x730 [ 2557.191685][ T2979] ? x86_decode_insn+0x4fb0/0x4fb0 [ 2557.191702][ T2979] ? emulator_read_write+0x410/0x580 [ 2557.191721][ T2979] ? tdp_iter_restart+0x1c4/0x360 [ 2557.191742][ T2979] ? kvm_tdp_mmu_fast_pf_get_last_sptep+0x290/0x290 [ 2557.191763][ T2979] ? tdp_iter_next+0x362/0xa30 [ 2557.191783][ T2979] x86_decode_insn+0x33b/0x4fb0 [ 2557.191801][ T2979] ? trace_mark_mmio_spte+0x22/0x130 [ 2557.191827][ T2979] ? __cfi_x86_decode_insn+0x10/0x10 [ 2557.191844][ T2979] ? __kasan_check_write+0x18/0x20 [ 2557.191870][ T2979] ? vmx_read_guest_seg_ar+0x1c8/0x350 [ 2557.191891][ T2979] ? __asan_memset+0x39/0x50 [ 2557.191906][ T2979] ? init_decode_cache+0x7c/0x90 [ 2557.191923][ T2979] ? init_emulate_ctxt+0x410/0x540 [ 2557.191943][ T2979] ? kvm_inject_realmode_interrupt+0x2e0/0x2e0 [ 2557.191964][ T2979] ? kvm_mmu_do_page_fault+0x4b0/0x5f0 [ 2557.191985][ T2979] x86_decode_emulated_instruction+0x66/0x190 [ 2557.192007][ T2979] x86_emulate_instruction+0x2d3/0x1870 [ 2557.192028][ T2979] ? kvm_multiple_exception+0x6d8/0xad0 [ 2557.192050][ T2979] kvm_mmu_page_fault+0x336/0x970 [ 2557.192069][ T2979] handle_ept_violation+0x21c/0x440 [ 2557.192087][ T2979] ? vmx_vcpu_run+0x1100/0x2000 [ 2557.192110][ T2979] ? __cfi_handle_ept_violation+0x10/0x10 [ 2557.192129][ T2979] vmx_handle_exit+0x12c2/0x1b40 [ 2557.192150][ T2979] ? kvm_deliver_exception_payload+0xd7/0x200 [ 2557.192171][ T2979] ? __cfi_vmx_vcpu_run+0x10/0x10 [ 2557.192195][ T2979] ? vmx_handle_exit_irqoff+0xe9/0x7a0 [ 2557.192218][ T2979] vcpu_run+0x4bd0/0x7830 [ 2557.192249][ T2979] ? signal_pending+0xc0/0xc0 [ 2557.192272][ T2979] ? complete_emulated_mmio+0x4fb/0x790 [ 2557.192294][ T2979] kvm_arch_vcpu_ioctl_run+0x101a/0x1aa0 [ 2557.192316][ T2979] ? __cfi_kvm_arch_vcpu_ioctl_run+0x10/0x10 [ 2557.192338][ T2979] ? kstrtoull+0x13b/0x1e0 [ 2557.192353][ T2979] ? kstrtouint+0x78/0xf0 [ 2557.192369][ T2979] ? ioctl_has_perm+0x1aa/0x4d0 [ 2557.192390][ T2979] ? __asan_memcpy+0x5a/0x80 [ 2557.192407][ T2979] ? ioctl_has_perm+0x3e0/0x4d0 [ 2557.192428][ T2979] ? has_cap_mac_admin+0xd0/0xd0 [ 2557.192449][ T2979] ? __kasan_check_write+0x18/0x20 [ 2557.192473][ T2979] ? mutex_lock_killable+0x92/0x1c0 [ 2557.192491][ T2979] ? __cfi_mutex_lock_killable+0x10/0x10 [ 2557.192509][ T2979] ? proc_fail_nth_write+0x17e/0x210 [ 2557.192532][ T2979] ? __cfi_proc_fail_nth_write+0x10/0x10 [ 2557.192556][ T2979] kvm_vcpu_ioctl+0x96f/0xee0 [ 2557.192574][ T2979] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 2557.192591][ T2979] ? __cfi_vfs_write+0x10/0x10 [ 2557.192608][ T2979] ? __kasan_check_write+0x18/0x20 [ 2557.192645][ T2979] ? mutex_unlock+0x8b/0x240 [ 2557.192662][ T2979] ? __cfi_mutex_unlock+0x10/0x10 [ 2557.192678][ T2979] ? __fget_files+0x2c5/0x340 [ 2557.192699][ T2979] ? __fget_files+0x2c5/0x340 [ 2557.192719][ T2979] ? bpf_lsm_file_ioctl+0xd/0x20 [ 2557.192743][ T2979] ? security_file_ioctl+0x34/0xd0 [ 2557.192763][ T2979] ? __cfi_kvm_vcpu_ioctl+0x10/0x10 [ 2557.192778][ T2979] __se_sys_ioctl+0x135/0x1b0 [ 2557.192798][ T2979] __x64_sys_ioctl+0x7f/0xa0 [ 2557.192816][ T2979] x64_sys_call+0x1878/0x2ee0 [ 2557.192841][ T2979] do_syscall_64+0x58/0xf0 [ 2557.192863][ T2979] ? clear_bhb_loop+0x50/0xa0 [ 2557.192883][ T2979] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 2557.192902][ T2979] RIP: 0033:0x7f678258f6c9 [ 2557.192919][ T2979] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2557.192935][ T2979] RSP: 002b:00007f6780ff7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2557.192955][ T2979] RAX: ffffffffffffffda RBX: 00007f67827e5fa0 RCX: 00007f678258f6c9 [ 2557.192969][ T2979] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007 [ 2557.192979][ T2979] RBP: 00007f6780ff7090 R08: 0000000000000000 R09: 0000000000000000 [ 2557.192990][ T2979] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2557.193001][ T2979] R13: 00007f67827e6038 R14: 00007f67827e5fa0 R15: 00007ffd09ab6d78 [ 2557.193017][ T2979] [ 2558.340340][ T3117] SELinux: security_context_str_to_sid () failed with errno=-22 [ 2558.527177][ T3147] SELinux: security_context_str_to_sid () failed with errno=-22 [ 2558.596204][ T3157] SELinux: security_context_str_to_sid () failed with errno=-22 [ 2558.738886][ T3187] SELinux: security_context_str_to_sid () failed with errno=-22 [ 2558.922116][ T3214] SELinux: security_context_str_to_sid () failed with errno=-22 [ 2558.987275][ T3221] SELinux: security_context_str_to_sid () failed with errno=-22 [ 2559.641540][ T3264] SELinux: security_context_str_to_sid () failed with errno=-22 [ 2560.851701][ T3306] SELinux: security_context_str_to_sid () failed with errno=-22 [ 2561.200305][ T3340] SELinux: security_context_str_to_sid () failed with errno=-22 [ 2562.114407][ T3428] SELinux: security_context_str_to_sid () failed with errno=-22 [ 2562.525403][ T3477] SELinux: security_context_str_to_sid () failed with errno=-22 [ 2563.342490][ T3492] SELinux: security_context_str_to_sid () failed with errno=-22 [ 2563.487126][ T3506] SELinux: security_context_str_to_sid () failed with errno=-22 [ 2563.856349][ T3533] SELinux: security_context_str_to_sid () failed with errno=-22 [ 2565.181854][ T3613] SELinux: security_context_str_to_sid () failed with errno=-22 [ 2567.102149][ T3784] bridge0: port 1(bridge_slave_0) entered blocking state [ 2567.109292][ T3784] bridge0: port 1(bridge_slave_0) entered disabled state [ 2567.138675][ T3784] bridge_slave_0: entered allmulticast mode [ 2567.154731][ T3784] bridge_slave_0: entered promiscuous mode [ 2567.175872][ T3784] bridge0: port 2(bridge_slave_1) entered blocking state [ 2567.193504][ T3784] bridge0: port 2(bridge_slave_1) entered disabled state [ 2567.200948][ T3784] bridge_slave_1: entered allmulticast mode [ 2567.217408][ T3784] bridge_slave_1: entered promiscuous mode [ 2567.245814][T11945] bridge_slave_1: left allmulticast mode [ 2567.251508][T11945] bridge_slave_1: left promiscuous mode [ 2567.257356][T11945] bridge0: port 2(bridge_slave_1) entered disabled state [ 2567.281699][T11945] bridge_slave_0: left allmulticast mode [ 2567.291325][T11945] bridge_slave_0: left promiscuous mode [ 2567.296949][T11945] bridge0: port 1(bridge_slave_0) entered disabled state [ 2567.449791][T11945] veth1_macvtap: left promiscuous mode [ 2567.461365][T11945] veth0_vlan: left promiscuous mode [ 2567.595442][ T3784] bridge0: port 2(bridge_slave_1) entered blocking state [ 2567.602522][ T3784] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2567.609809][ T3784] bridge0: port 1(bridge_slave_0) entered blocking state [ 2567.616860][ T3784] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2567.672112][ T3810] SELinux: security_context_str_to_sid () failed with errno=-22 [ 2567.679907][ T403] bridge0: port 1(bridge_slave_0) entered disabled state [ 2567.697630][ T403] bridge0: port 2(bridge_slave_1) entered disabled state [ 2567.723573][T18476] bridge0: port 1(bridge_slave_0) entered blocking state [ 2567.730628][T18476] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2567.764319][T28322] bridge0: port 2(bridge_slave_1) entered blocking state [ 2567.771393][T28322] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2567.823155][ T3784] veth0_vlan: entered promiscuous mode [ 2567.837807][ T3784] veth1_macvtap: entered promiscuous mode [ 2568.043136][ T3840] SELinux: security_context_str_to_sid () failed with errno=-22 [ 2568.348161][ T3872] SELinux: security_context_str_to_sid () failed with errno=-22 [ 2568.519113][ T3881] fuse: Bad value for 'fd' [ 2568.644216][ T3904] fuse: Bad value for 'fd' [ 2568.930017][ T3927] SELinux: security_context_str_to_sid () failed with errno=-22 [ 2573.832345][ T4263] SELinux: security_context_str_to_sid () failed with errno=-22 [ 2575.324077][ T36] audit: type=1400 audit(2000000237.390:759): avc: denied { read } for pid=4323 comm="poweroff" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [ 2575.468672][ T36] audit: type=1400 audit(2000000237.530:760): avc: denied { execute } for pid=4330 comm="syz.2.78147" path="/44/blkio.bfq.group_wait_time" dev="tmpfs" ino=285 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 2576.009721][ T36] audit: type=1400 audit(2000000238.070:761): avc: denied { search } for pid=4373 comm="dhcpcd-run-hook" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2576.159362][ T36] audit: type=1400 audit(2000000238.220:762): avc: denied { read write } for pid=4386 comm="ip" path="/dev/console" dev="rootfs" ino=83 scontext=system_u:system_r:ifconfig_t tcontext=system_u:object_r:root_t tclass=chr_file permissive=1 [ 2576.243147][ T36] audit: type=1400 audit(2000000238.310:763): avc: denied { write } for pid=149 comm="dhcpcd" name="dhcpcd" dev="tmpfs" ino=421 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2576.315924][ T36] audit: type=1400 audit(2000000238.310:764): avc: denied { remove_name } for pid=149 comm="dhcpcd" name="sock" dev="tmpfs" ino=423 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2576.381441][ T36] audit: type=1400 audit(2000000238.310:765): avc: denied { unlink } for pid=149 comm="dhcpcd" name="sock" dev="tmpfs" ino=423 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=sock_file permissive=1 [ 2576.441579][ T36] audit: type=1400 audit(2000000238.330:766): avc: denied { unlink } for pid=149 comm="dhcpcd" name="pid" dev="tmpfs" ino=422 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 2576.504849][ T36] audit: type=1400 audit(2000000238.480:767): avc: denied { read write } for pid=4402 comm="iptables" path="/dev/console" dev="rootfs" ino=83 scontext=system_u:system_r:iptables_t tcontext=system_u:object_r:root_t tclass=chr_file permissive=1 [ 2576.571324][ T36] audit: type=1400 audit(2000000238.490:768): avc: denied { search } for pid=4402 comm="iptables" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:iptables_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2576.862495][ T4431] SELinux: security_context_str_to_sid () failed with errno=-22 [ 2577.081787][ T4469] SELinux: security_context_str_to_sid () failed with errno=-22 [ 2577.382112][ T4511] SELinux: security_context_str_to_sid () failed with errno=-22 [ 2577.570633][ T4540] SELinux: security_context_str_to_sid () failed with errno=-22 Connection to 10.128.1.59 closed by remote host. [ 2578.785998][T11945] bridge_slave_1: left allmulticast mode [ 2578.791680][T11945] bridge_slave_1: left promiscuous mode [ 2578.797336][T11945] bridge0: port 2(bridge_slave_1) entered disabled state [ 2578.804950][T11945] bridge_slave_0: left allmulticast mode [ 2578.810589][T11945] bridge_slave_0: left promiscuous mode [ 2578.816304][T11945] bridge0: port 1(bridge_slave_0) entered disabled state [ 2578.943630][T11945] veth1_macvtap: left promiscuous mode [ 2578.949125][T11945] veth0_vlan: left promiscuous mode [ 2579.214443][T11945] bridge_slave_1: left allmulticast mode [ 2579.220089][T11945] bridge_slave_1: left promiscuous mode [ 2579.225708][T11945] bridge0: port 2(bridge_slave_1) entered disabled state [ 2579.233186][T11945] bridge_slave_0: left allmulticast mode [ 2579.238806][T11945] bridge_slave_0: left promiscuous mode [ 2579.244692][T11945] bridge0: port 1(bridge_slave_0) entered disabled state [ 2579.252258][T11945] bridge_slave_1: left allmulticast mode [ 2579.257890][T11945] bridge_slave_1: left promiscuous mode [ 2579.263470][T11945] bridge0: port 2(bridge_slave_1) entered disabled state [ 2579.270774][T11945] bridge_slave_0: left allmulticast mode [ 2579.276555][T11945] bridge_slave_0: left promiscuous mode [ 2579.282204][T11945] bridge0: port 1(bridge_slave_0) entered disabled state [ 2579.289681][T11945] bridge_slave_1: left allmulticast mode [ 2579.295343][T11945] bridge_slave_1: left promiscuous mode [ 2579.300904][T11945] bridge0: port 2(bridge_slave_1) entered disabled state [ 2579.308231][T11945] bridge_slave_0: left allmulticast mode [ 2579.313903][T11945] bridge_slave_0: left promiscuous mode [ 2579.319462][T11945] bridge0: port 1(bridge_slave_0) entered disabled state [ 2579.525919][T11945] veth1_macvtap: left promiscuous mode [ 2579.531481][T11945] veth0_vlan: left promiscuous mode [ 2579.536946][T11945] veth1_macvtap: left promiscuous mode [ 2579.542538][T11945] veth0_vlan: left promiscuous mode [ 2579.548061][T11945] veth1_macvtap: left promiscuous mode [ 2579.553572][T11945] veth0_vlan: left promiscuous mode [ 2580.638975][ T4630] sd 0:0:1:0: [sda] Synchronizing SCSI cache [ 2580.646174][ T4630] ACPI: PM: Preparing to enter system sleep state S5 [ 2580.653326][ T4630] kvm: exiting hardware virtualization [ 2580.658834][ T4630] reboot: Power down serialport: VM disconnected.